| Website | https://kalfeher.com |
| Github | https://github.com/kalfeher |
Root-less accounts are finally live. It isnt a good day to be a PAM vendor, but for customers this is welcome news.
it’s now at least 22 exams that have had leaked Qs.
You learn a lot about a place from the way they handle yr end exams. Many middle east countries block internet traffic to stop cheating. A cynic might suggest this is also practice for communication suppression.
In Victoria we add Battlemechs into history exams. Because yolo
#AWS just dropped RCPs for orgs. These plug a hole that most ppl assumed was already covered by SCPs. Too often you have to decipher aws-speak to truly understand what you do and don’t get with their features. Or you find out when someone gives overly generous access to a resource and the guardrails you thought existed, don’t work.
Anyhoo, yay for RCPs.
I never knew C stood for crap in the security triad. https://www.theage.com.au/national/victoria/vcaa-gaffe-reveals-hidden-questions-on-cover-sheets-before-vce-exams-20241114-p5kqgt.html They’d have gotten away with it too, if it wasnt for those darn kids.
Something similar happened to me during a govt gig that involved classified documents. In that case it was a word template artefact and not a real attempt at secrecy. probably
A few yrs ago ISOC tried to sell .ORG in a transparently cynical money grab that ultimately failed due to community pressure and arcane ICANN rules.
It turns out that serving your community actually pays pretty well. https://pir.org/news-insights/11-million-domains/
Every other pre-2012 gTLD has shrunk this yr, so growth of any kind is a success.
PIR has reached a significant milestone, surpassing 11 million .ORG domains under management. PIR has always been committed to supporting the .ORG Community in creating positive change and this milestone is a testament to our mission to foster a safer, more secure Internet for us all.
I have a github project where I put code I include in my blog articles. It’s public. The link to the repo is all over my site.
That link appears to have triggered some dumb logic in a scraping bot. It now hits my site looking for github routing paths.
why? I get that not all malware is well written, but does this logic _ever_ work? the volumes are quite low when compared to the ‘ahem’, legitimate AI scrapers that visit. so not a ddos in disguise.
registry reps love a good party. But they don’t seem to love their obligations of remaining available and secure. I’ll write a 2024 version of why TLDs break.
Spoiler, reasons are the same as last year. https://kalfeher.com/tld-dns-failure-modes/
Chris Heilmann
