Hide Idle (>14 d.) Chans
← 2021-07-14 | 2021-07-16 →
asciilifeform: !w poll
watchglass: Polling 17 nodes...
watchglass: 185.85.38.54:8333 : Could not connect!
watchglass: 84.16.46.130:8333 : Could not connect!
watchglass: 185.163.46.29:8333 : Could not connect!
watchglass: 205.134.172.27:8333 : Alive: (0.085s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=691135 (Operator: asciilifeform)
watchglass: 205.134.172.4:8333 : (172-4.core.ai.net) Alive: (0.082s) V=70001 (/therealbitcoin.org:0.7.0.1/) Jumpers=0x1 (TRB-Compat.) Blocks=691135
watchglass: 205.134.172.6:8333 : (172-6.core.ai.net) Alive: (0.141s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=691135
watchglass: 205.134.172.28:8333 : Alive: (0.083s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Return Addr=0.0.0.0:8333 Blocks=691135 (Operator: whaack)
watchglass: 71.191.220.241:8333 : (pool-71-191-220-241.washdc.fios.verizon.net) Alive: (0.153s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=691135 (Operator: asciilifeform)
watchglass: 54.39.156.171:8333 : (ns562940.ip-54-39-156.net) Alive: (0.152s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=691135
watchglass: 208.94.240.42:8333 : Alive: (0.099s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=691135
watchglass: 192.151.158.26:8333 : Alive: (0.144s) V=70001 (/therealbitcoin.org:0.7.0.1/) Jumpers=0x1 (TRB-Compat.) Blocks=691135
watchglass: 143.202.160.10:8333 : Alive: (0.232s) V=70001 (/therealbitcoin.org:0.7.0.1/) Jumpers=0x1 (TRB-Compat.) Blocks=691135
watchglass: 176.9.59.199:8333 : (static.199.59.9.176.clients.your-server.de) Alive: (0.337s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=412062 (Operator: jurov)
watchglass: 213.109.238.156:8333 : Alive: (0.354s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=691135
watchglass: 54.38.94.63:8333 : (ns3140226.ip-54-38-94.eu) Alive: (0.316s) V=88888 (/therealbitcoin.org:0.8.88.88/) Jumpers=0x1 (TRB-Compat.) Blocks=691135
watchglass: 103.36.92.112:8333 : (terebe.ns01.net) Alive: (0.608s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=691135
watchglass: 205.134.172.26:8333 : Busy? (No answer in 100 sec.)
asciilifeform: meanwhile, in fishwrap lulz : 'On Wednesday, users learned that for years, their devices had been equipped with a backdoor that allowed the KiwiSDR creator—and possibly others—to log in to the devices with administrative system rights.'
asciilifeform: ... not very subtle booby, apparently. but somehow 'no one noticed'(tm).
mats: wow wtf
shinohai: >tfw it takes a furry to uncover it
vex: no great surprise shinochan, furries much more likely to be tinkering on pc than taking a towncar to wallstreet
vex: cool to see `nubbins in da logs
asciilifeform: shinohai: waiwat ?
asciilifeform: vex: i thought 'furries' were folx who dress up as e.g. leopards before fucking. what's to do w/ tinkering on pc ??
vex: I think computer tinkering is the most common job for said folks
vex: or second favourite hobby, after dressing up like leopard etc.
shinohai: asciilifeform: I sadly went to that individuals twitter profile.
punkman: in other shitware, Wordpress pushing forced updates for plugins (Woocommerce) because of remote execution bug that's been there since 2018. Even when you have all automatic updates disabled.
asciilifeform: punkman: i've been running wp off a disk mounted ro. worx wonders against this kinda nonsense.
punkman: I'm trying to find how to remove the possibility of this happening again, and nobody I've asked so far has clue about where the backdoor is
punkman: found a fork that's cut some things off https://github.com/calmPress/calmpress
asciilifeform: punkman: what's wrong with readonly install ?
asciilifeform: fuck updates.
punkman: these are ecommerce websites
dulapbot: (trilema) 2016-12-28 asciilifeform: ben_vulpes, mircea_popescu : fwiw i never used wp's uploadtron, never wanted to, and configure my wp in such a way that all files on disk are read-only.
asciilifeform: so what if ecommerce ? the db -- writable
asciilifeform: nothing useful in wp requires the .php crapolade to be overwritable.
punkman: there are other users, feeds getting created every 10 minutes, other problems
asciilifeform: (except for 'updates' and other infections, of course)
punkman: might do for personal web
asciilifeform: punkman: can explain which of these features needs writable .php and why ?
punkman: feeds/other get written in plugin folder
asciilifeform: tsk. can't see why it couldn't write to strictly db.
punkman: sure there are a lot of things that can be done to "harden", but I ain't getting paid for all that
punkman: curiously, I have a couple installations that somehow didn't get forcibly updated. and I can't tell why
asciilifeform: punkman: unlike most 'things that could be done...' this one's simple and categorical.
asciilifeform has zero tolerance for forced or 'silent' updates in irons he operates
punkman: I was telling how infuriating this was to friend, "what's the big deal, gotta fix the bug", "THE UPDATE MECHANISM IS A BACKDOOR, HOW ARE YOU NOT GETTING THIS"
← 2021-07-14 | 2021-07-16 →
Random(asciilifeform) | Download hourly DB snapshot | Get Source Code