--- Log opened Mon Aug 29 00:00:00 2022 07:06 <@Dolemite_> mr0ning, be0tches and h0ez! 07:07 -!- Dolemite_ is now known as Dolemite 07:36 < Evilpig> network security fucked themselves over the weekend and i'm loving it 07:36 * aestetix hugs Dolemite 07:36 < Evilpig> the problem that they cause us by filtering dns queries between our dns servers and the root servers came back to bite htem in the ass when they broke validation for ocsp.paloaltonetworks.com 07:37 < Evilpig> was broken for nearly 24 hours, at a rate of like 20k events every 5 minutes during that window 07:37 < Evilpig> pretty sure that's the call their firewall equipment uses to verify application rules in their rules 08:13 <@Dagmar> How many fucking times do they have to break the network with their incompetence before someone tells them to stop 08:14 <@Dagmar> They are almost certainly the next biggest threat next to plant ops perpetually fucking up generator tests 08:15 <@Dagmar> When is Vanderbilt going to stop hiring noobs for network security positions? 08:16 <@Dagmar> Like, how **THE FUCK** is it rational to filter queries to _the fucking root servers_ 08:16 < Evilpig> their rationale is that this is a single point where they can block malware requests for the entire network 08:17 <@Dagmar> Except that's not true becuase they're fucking morons 08:17 < Evilpig> they're ignoring that the way it does that is to block traffic to whatever it deems as the threat which ends up being the root server because they aren't smart enough to whitelist them 08:17 <@Dagmar> Actually, it's not true _and_ they're fucking morons 08:18 < Evilpig> i'm not about to say white list this to stop this mess. that's dumb. stop blocking traffic from a critical piece of hte infrastructure 08:19 <@Dagmar> 08:19 < PigBot> Facebook (at www.facebook.com) https://tinyurl.com/2ozhzybl 08:19 < Evilpig> just to add irritating my micro-manager emailed me and his boss to see if I was aware of that problem at 7:46 this morning to make it seem like he's on top of things or something 08:20 <@Mirage> Evilpig: watch Little Demon yet? 08:20 < Evilpig> I wasn't about to tell him that I saw it over the weekend https://capture.dropbox.com/sTbUutJ0kz1qa5kU 08:20 <@Dagmar> It would be a real shame if people in netsec were made aware of that post 08:20 < PigBot> Dropbox Capture (at capture.dropbox.com) https://tinyurl.com/2ocptall 08:24 <@Dagmar> Who wants to take bets on whether or not they filed a change management request about that? 08:24 < Evilpig> lol 08:24 < Evilpig> they've had it in place for a long time now, it's been approved 08:24 < Evilpig> we've fought them about it repeatedly and been told that sal signed off on it, go suck eggs 08:25 <@Dagmar> I'll have to make sure to properly terrify Sal the next tiem I should happen to see him. 08:25 < Evilpig> they're also blocking access to all newly registered domains, you can imagine how often that bites them in the ass 08:25 <@Dagmar> That's fuckin' stupid 08:25 <@Dagmar> Someone needs to take them to task over how often that's done something useful compared to how often they fuck things up 08:26 <@Dagmar> I guess someone still mad they couldn't load all the traffic INTO FUCKING EXCEL 08:26 < Evilpig> they're getting at least two or three tickets a week now from this org registering a domain that they immediately block 08:27 <@Dagmar> Holy shit what's their rationale for sitting around with their thumbs up their asses?> 08:28 <@Mirage> I prefer my method of using lists for DNS Blackholes. 08:32 <@Dagmar> I prefer to make my architectural decisions while sober 08:37 <@Mirage> The one thing that I haven't taken time to figure out is all the news sites that require a sub to view if you're blocking ads. Just haven't had the inclination to dig into whatever method they use to determine that an ad didn't load that triggers that in order to fool it into thinking it did. 08:41 <@Dagmar> Really, really questionable DNS assignments 08:41 <@Dagmar> They're loading cookies by actually giving advertisers an in-zone DNS record 08:42 <@Dagmar> I just fuckin' blacklist the sites that pollute search results and newsfeeds with paywalled articles 09:56 < aestetix> ok who wants to hear a funny story 09:56 < aestetix> I dug into the eth.link thing a bit, because it was so nutty 09:57 < aestetix> eth.link was registered with uniregistry, who owned the .link TLD 09:57 < aestetix> but then eth.link got aquired by godaddy..... who does not support .link TLD domains 09:57 < aestetix> and the .link registry got sold somewhere else 09:57 < aestetix> which means I don't think it's actually possible to renew the domain 09:58 < aestetix> which means that web 3.0 is fucked :p 09:59 <@Dagmar> Well, it means that .link is in a state of fuckery 10:00 < aestetix> Yeah but a million .eth domain names were using eth.link as their resolver 10:00 <@Dagmar> ...but not for websites 10:01 <@Dagmar> They were being used as an abstraction for wallet addresses. 10:01 < aestetix> oh wow 10:01 < aestetix> so it's not websites, it's access to their money? 10:01 <@Dagmar> Yeah, hence why the problem is derpy, and the solution is derpy, but the opportunity for shenanigans and theft is pretty high 10:02 < aestetix> oh god that is even funnier 10:02 <@Dagmar> Not access. It just means that you can't tell someone your wallet address is aestetix.eth.link if you want them to be able to do something with it 10:02 <@Dagmar> ...but if you've published it as that somewhere, _now_ you have a problem 10:05 < aestetix> so when godaddy purges the domain.... every russian troll in the world will be lining up to bid on it 10:14 < Evilpig> Mirage: seen a few of those that you can bypass if you have JS disabled 11:06 <@Dagmar> aestetix: Yeah, I'm thinking we'll see proof that GoDaddy is willing to bent rules and facilitate crime if someone offers them enough money to continue the registration 11:06 <@Dagmar> s/bent/bend/ 12:13 < Evilpig> submitted my resume to HCA and was sent a decline from them citing my salary requirements and had a note that they didnt' have anything that fit for me at this time. almost immediately after that I got an email from one of their recruiters wanting to set up a meeting to see how they can get me in 12:28 <@Dolemite> LOL 12:35 < Evilpig> also just had maintenance stop by. I put in a ticket about the sliding glass door was squeaking so I cleaned the track good, and lubed the living hell out of it but it feels like it has a flat spot on one of the rollers and would like them to check it out 12:36 < Evilpig> dude showed up, door is no longer squeaking, I told him I cleaned and lubed it all, he asked if I used wd-40 and I told him flat out that I used good silcone based lube like you're supposed to and adjusted the screw for the rollers to drop them down a bit 12:36 < Evilpig> he slid it open and closed a few times and said yeah I feel that spot but it's working now so let me know if it does anything else later... and left 13:27 <@Mirage> Finally a MAGA I can agree with: https://www.youtube.com/watch?v=VFv3S9zvvq0&ab_channel=MothersAgainstGregAbbott 13:27 < PigBot> First Day of School Short - YouTube (at www.youtube.com) https://tinyurl.com/2n9eldp5 14:11 < Evilpig> that reminds me of this. https://www.reddit.com/r/antiwork/comments/wzwy6s/servers_should_be_honored_to_serve_governor/ 14:11 < PigBot> Servers should be honored to serve Governor Abbott, right? : antiwork (at www.reddit.com) https://tinyurl.com/2zlpsm7l 14:11 <@Mirage> I'm sure this is something aestetix has wondered about: https://youtu.be/5b4Ax_YfUuU 14:11 < PigBot> Will Bottoms Survive the APOCALYPSE? | Gay Science | Rob Anderson - YouTube (at youtu.be) https://tinyurl.com/2f75u795 15:03 -!- Dagmar [~dagmar@user/dagmarx] has quit [Ping timeout: 244 seconds] 16:25 -!- Shadow405 is now known as Shadow404 18:42 -!- Dagmar [~dagmar@user/dagmarx] has joined #se2600 18:43 -!- mode/#se2600 [+o Dagmar] by ChanServ --- Log closed Tue Aug 30 00:00:02 2022