I’m going tomorrow. If you’re there, lemme know! I’ll probably be seeing nghtwsh, thevoke, daviper, wonko, geert, ghosty, and some others that may be there

Right after my previous datacenter power loss blogpost … Read this then this Save one datacenter, forget the other.

NIKHEF powerdown cause appears to be that they didn’t check the utilisation of their circuits and just blew all the breakers when tripping them. Oops. 

Prepare for another blog storm… first a nice tip I found on this page …

Sometimes I use mutt to read my mail, which nicely autodecrypts and checks pgp/gpg signatures. But then I’d need to retrieve everybody’s public key, like the Ubuntu security etc (which I couldn’t find anywhere by the way), but no more! gnupg now automatically retrieves keys from the keyserver you specify just by adding keyserver-options “auto-key-retrieve” into ~/.gnupg/gpg.conf.

I don’t know if this makes it any less secure though… but WorksForMe(tm) 

A few days ago a vulnerability in RealVNC was discovered allowing anyone to take over a desktop without any authentication at all (the client is allowed to select the authentication mechanism, of which one is "none"). Not too smart, but ohwell :s I wonder how much this effects the other VNC derivatives, since I thought their code was based off the "original" VNC. However, if they’re fixed, why didn’t they alert the RealVNC maintainers?

In the meanwhile I saw a basic scanner and a refined multithreaded scanner appear on Bugtraq . Fun for the kiddies! I don’t really do any firewall logging at the moment, but as noted in Filbert’s blog, scanning has certainly taken a steep curve upwards.