5759 stories
·
106 followers

NEW VIDEO: Key Ghosting – Collin’s Lab Notes #adafruit #collinslabnotes

1 Comment

Revealed – the mysterious and often misunderstood phenomenon of key ghosting.

Read the whole story
jepler
18 hours ago
reply
diodes: ghost busters
Earth, Sol system, Western spiral arm
Share this story
Delete

How Google Spies on Its Employees

1 Comment
At Google, a seemingly innocuous action can earn an employee the attention of the company's corporate security department. The Information: For example, when Google wants to find out who has been accessing or leaking sensitive corporate information, the company often homes in on employees who are thinking about leaving it. In the past, its security teams have flagged employees who search an internal website listing the cost of COBRA health insurance -- which gives workers a way to continue their coverage after leaving their employer -- for further investigation, according to a person with direct knowledge of its tactics. Employees who draft resignation letters or seek out internal checklists that help workers plan their departures from Google have also faced similar scrutiny, the person said. It has even looked at who has taken screenshots on work devices while running encrypted messaging services at the same time, according to current and former employees with knowledge of the practices. Bulk transfers of data onto USB storage devices and use of third-party online storage services can also raise eyebrows among Google's security staff.
Read the whole story
jepler
1 day ago
reply
"security teams have flagged employees who search an internal website listing the cost of COBRA health insurance -- which gives workers a way to continue their coverage after leaving their employer -- for further investigation"
Earth, Sol system, Western spiral arm
Share this story
Delete

'We Need Software Updates Forever'

2 Comments
The creator of the Virtual Reality Modeling Language (VRML) and founder of the first virtual reality startup, Mark Pesce, opines an IEEE Spectrum piece that we need software updates forever. Slashdot reader joshuark shares an excerpt from the article: Device makers are apt to drop support for old gadgets faster than the gadgets themselves wear out. Consumers have relied on the good graces of device makers to keep our gadget firmware and software secure and up-to-date. Doing so costs the manufacturer some of its profits. As a result, many of them are apt to drop support for old gadgets faster than the gadgets themselves wear out. This corporate stinginess consigns far too many of our devices to the trash heap before they have exhausted their usability. That's bad for consumers and bad for the planet. It needs to stop.

We have seen a global right-to-repair movement emerge from maker communities and start to influence public policy around such things as the availability of spare parts. I'd argue that there should be a parallel right-to-maintain movement. We should mandate that device manufacturers set aside a portion of the purchase price of a gadget to support ongoing software maintenance, forcing them to budget for a future they'd rather ignore. Or maybe they aren't ignoring the future so much as trying to manage it by speeding up product obsolescence, because it typically sparks another purchase.

Does this mean Sony and others should still be supporting products nearly two decades old, like my PSP? If that keeps them out of the landfill, I'd say yes: The benefits easily outweigh the costs. The devilish details come in decisions about who should bear those costs. But even if they fell wholly on the purchaser, consumers would, I suspect, be willing to pay a few dollars more for a gadget if that meant reliable access to software for it -- indefinitely. Yes, we all want shiny new toys -- and we'll have plenty of them -- but we shouldn't build that future atop the prematurely discarded remains of our electronic past.

Read the whole story
jepler
1 day ago
reply
I doubt that "a few more dollars" up front can allow hardware to receive software updates forever. In my fantasy world, we'd ensure that before a manufacturer can end formal support, they ensure that all low level documentation and signing keys are available, so that third party and community support of the product is possible as long as someone is doing it (and all the hardware hasn't broken). It's lack of datasheets & owner-hostile digital signature schemes that truly consign these devices to trash heaps, and make the games & other software that run on them unusable via emulation.
Earth, Sol system, Western spiral arm
Share this story
Delete
1 public comment
awilchak
1 day ago
reply
YES
Brooklyn, New York

Elvira actor Cassandra Peterson comes out

2 Shares

Elvira, Mistress Of The Dark, may have but one lover (the dark), but the woman who plays her, Cassandra Peterson, is another story. In her new memoir, Yours Cruelly, Elvira, which comes out today, the iconic horror movie star and host, opens up about her 19-year romantic relationship with a woman.

Read more...

Read the whole story
jepler
2 days ago
reply
Earth, Sol system, Western spiral arm
Share this story
Delete

Stoicicsm City

2 Shares
Read the whole story
jepler
3 days ago
reply
Earth, Sol system, Western spiral arm
Share this story
Delete

Putty Problems

1 Comment

I upgraded my first servers from buster to bullseye over the weekend and it went very smoothly, so big thank you to all the debian developers who contributed your labor to the bullseye release!

This morning, however, I hit a snag when the first windows users tried to login. It seems like a putty bug.

First, the user received an error related to algorithm selection. I didn’t record the exact error and simply suggested that the user upgrade.

Once the user was running the latest version of putty (0.76), they received a new error:

Server refused public-key signature despite accepting key!

I turned up debugging on the server and recorded:

Sep 20 13:10:32 container001 sshd[1647842]: Accepted key RSA SHA256:t3DVS5wZmO7DVwqFc41AvwgS5gx1jDWnR89apGmFpf4 found at /home/XXXXXXXXX/.ssh/authorized_keys:6
Sep 20 13:10:32 container001 sshd[1647842]: debug1: restore_uid: 0/0
Sep 20 13:10:32 container001 sshd[1647842]: Postponed publickey for XXXXXXXXX from xxx.xxx.xxx.xxx port 63579 ssh2 [preauth]
Sep 20 13:10:33 container001 sshd[1647842]: debug1: userauth-request for user XXXXXXXXX service ssh-connection method publickey [preauth]
Sep 20 13:10:33 container001 sshd[1647842]: debug1: attempt 2 failures 0 [preauth]
Sep 20 13:10:33 container001 sshd[1647842]: debug1: temporarily_use_uid: 1000/1000 (e=0/0)
Sep 20 13:10:33 container001 sshd[1647842]: debug1: trying public key file /home/XXXXXXXXX/.ssh/authorized_keys
Sep 20 13:10:33 container001 sshd[1647842]: debug1: fd 5 clearing O_NONBLOCK
Sep 20 13:10:33 container001 sshd[1647842]: debug1: /home/XXXXXXXXX/.ssh/authorized_keys:6: matching key found: RSA SHA256:t3DVS5wZmO7DVwqFc41AvwgS5gx1jDWnR89apGmFpf4
Sep 20 13:10:33 container001 sshd[1647842]: debug1: /home/XXXXXXXXX/.ssh/authorized_keys:6: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
Sep 20 13:10:33 container001 sshd[1647842]: Accepted key RSA SHA256:t3DVS5wZmO7DVwqFc41AvwgS5gx1jDWnR89apGmFpf4 found at /home/XXXXXXXXX/.ssh/authorized_keys:6
Sep 20 13:10:33 container001 sshd[1647842]: debug1: restore_uid: 0/0
Sep 20 13:10:33 container001 sshd[1647842]: debug1: auth_activate_options: setting new authentication options
Sep 20 13:10:33 container001 sshd[1647842]: Failed publickey for XXXXXXXXX from xxx.xxx.xxx.xxx port 63579 ssh2: RSA SHA256:t3DVS5wZmO7DVwqFc41AvwgS5gx1jDWnR89apGmFpf4
Sep 20 13:10:39 container001 sshd[1647514]: debug1: Forked child 1648153.
Sep 20 13:10:39 container001 sshd[1648153]: debug1: Set /proc/self/oom_score_adj to 0
Sep 20 13:10:39 container001 sshd[1648153]: debug1: rexec start in 5 out 5 newsock 5 pipe 8 sock 9
Sep 20 13:10:39 container001 sshd[1648153]: debug1: inetd sockets after dupping: 4, 4

The server log seems to agree with the client returned message: first the key was accepted, then it was refused.

We re-generated a new key. We turned off the windows firewall. We deleted all the putty settings via the windows registry and re-set them from scratch.

Nothing seemed to work. Then, another windows user reported no problem (and that user was running putty version 0.74). So the first user downgraded to 0.74 and everything worked fine.

Read the whole story
jepler
4 days ago
reply
weeeeeird
Earth, Sol system, Western spiral arm
Share this story
Delete
Next Page of Stories