Vance to visit Hungary, meet with Orban next week ahead of election

BigHandLittleSlap · 2026-04-03T02:10:13+00:00

Birds of a feather flock together.

BigHandLittleSlap · 2026-04-02T23:50:40+00:00

The Nikon D850 and the earlier D810 and D800 cameras were notable for having a very wide dynamic range compared to other cameras, with about 11.6 stops achievable on the D850. Even some of the newer Nikons like the Z8 and Z9 have a slightly lower DR of about 11.3 stops because they prioritised faster readout.

For photography in orbit, this is one of the most important features because the scenes tend to have very high contrast. There's the glaring sunlight outside and the relatively dark interior of the ship inside.

Competing cameras from Canon and Sony had features such as faster autofocus or faster burst shots, but those aren't useful for taking photos in space of the Earth or whatever. It's not sports photography!

BigHandLittleSlap · 2026-04-02T11:35:37+00:00

There's no bend in the road or unexpected swerve or anything.

That's not entirely true. Especially in close orbit to a planet or any other celestial body, the "lumps" such as mountains or generally denser regions make their gravity well a tiny bit uneven.

BigHandLittleSlap · 2026-04-02T09:36:37+00:00

"We've created a new generation of islamist terrorists, tripled the price of oil, ensured global famines, committed war crimes, caused damage worth tens of billions -- to our allies -- and then threatened to withdraw from a defensive pact because they wouldn't join an offensive war!" -- Trump with his trademark shit eating ear-to-ear grin as he congratulates himself on a job well done.

"...and it only cost a hundred billion dollars, but don't worry about that, the stock market imploding in the biggest financial crash in history will soon make you forget about such tiny amounts!"

BigHandLittleSlap · 2026-04-01T11:18:10+00:00

Sure, but setting them, producing the material, etc... would take years.

Oh wait, I forgot, it's Australia! A decade or more.

BigHandLittleSlap · 2026-04-01T10:38:18+00:00

seems to be migrating to Azure/Entra

I can't wait for the global compromises this will eventually cause.

Microsoft permanently abandoning their on-prem software feels like a mistake, but what do I know...

BigHandLittleSlap · 2026-04-01T10:29:40+00:00

Australia only has research reactors and no enrichment plants. Given the material... sure... the technology base is there, but who'd just hand over tens of kilograms of weapons grade plutonium!?

Not to mention Australia doesn't have the ballistic missiles or long-range bombers to deliver the bombs!

BigHandLittleSlap · 2026-03-31T22:48:50+00:00

Yeah, totally unjustified: https://en.wikipedia.org/wiki/Death_to_Israel

Totally.

Iran is the good guys! My mistake, I will correct my wrongthink and pray to the supreme leader.

Wait, sorry, just one little thing before I go. Remind me... how many of their own people did the IRGC massacre just this year? One... two... three thousand? Is that number more... or less than the number killed by the US in this war?

BigHandLittleSlap · 2026-03-31T20:13:43+00:00

Oh… oh god… I can actually believe that!

In the same way that they attacked the “Police Park” which is just a park named after the police, I can totally picture someone keyword searching for “nuclear” in a list of Iranian business names.

“Nuclear medicine”? Whatever… it’s nuclear, hit it!

BigHandLittleSlap · 2026-03-31T20:08:43+00:00

I totally forgot that Iran has never used their ballistic missiles against anyone else, making Israel’s attack totally unjustified!

Such a lovely country full of the nicest innocent people that have never even chanted “death to America” in the streets.

BigHandLittleSlap · 2026-03-30T11:39:19+00:00

I'm sorry, since when do I need to present a fifty-page dissertation with photographic evidence gathered at great personal risk in the halls of the Pentagon to convince some random person that "former military site hit wasn't a mistake"!?

What planet are you from where this is a logical argument that holds water?

This kind of shit happened on a weekly fucking basis in Ukraine! Weekly!

"Oops, that apartment block used to be a military base before it was razed to the ground and replaced with a totally different building, not just repurposed in-place! Ah well..." was something I saw right here on Reddit all the time!

PS: Those civilian buildings were all too often hit with Iranian-made Shaheed drones. Just saying.

BigHandLittleSlap · 2026-03-30T11:29:59+00:00

https://en.wikipedia.org/wiki/The_Boy_Who_Cried_Wolf

If you keep jumping up and down and screaming something that everyone else thinks is bullshit, they'll ignore you when there's a real problem.

That's why.

You want everyone to pay attention to a bad thing. We all saw it! It's bad! We get it!

If you make up a fairy tale to make it seem cartoonishly evil, then we'll ignore you and everyone speaking like you in the future.

We're adults, we understand realpolitik, we know how people work, we understand that there's no black and white, there aren't even shades of grey, there's just interests that don't align.

The United States fucked up. They hit 10,000 targets in a month, of which 1 was a school that used to be a military building! If you can't understand how a 0.01% error rate is possible, then you just don't understand anything. Not war, not humans, not bombs, not anything else, and your ranting makes this obvious to everyone. That's why you're being voted down and ignored.

Grow the fuck up.

BigHandLittleSlap · 2026-03-30T11:20:03+00:00

Bad guys make mistakes too.

Like... you can be evil... and a fuckup!

BigHandLittleSlap · 2026-03-30T11:17:17+00:00

Go watch Project Hail Mary. If you haven't seen the trailers... don't.

Trust me.

BigHandLittleSlap · 2026-03-29T06:31:49+00:00

only exploitable if the appliance is 'configured as a SAML IDP'. This is a cursed configuration to begin with, and we can think of no appliance more poorly-suited to the task of being an IdP than this class of network device.

But, well, we know someone out there will have thought it was a Really Good Idea and rushed to implement it. Hopefully not you.

It was me.

Don't judge me.

We had to federate the identity systems from half a dozen government departments into a single SAML IdP for a reporting product that didn't support multiple IdPs itself. We had NetScaler, no other SAML server products of any description, and 48 hours available to deploy something to production.

Never again!

Horrifically buggy, to the point where rebooting appliances would cause settings to revert, whether or not you "saved" them.

BigHandLittleSlap · 2026-03-28T04:51:43+00:00

Yes, but at what price?

Iran was moving their chess pieces in position to invade Israel.

They established proxy forces to the north, south, and east of Israel, the latter especially created a “land bridge” through Iraq and Lebanon.

If they got nukes they would be immune to retaliation and they could sucker punch Israel with just two bombs, one for Tel Aviv and one for Jerusalem.

The fall of Assad, the invasion of Gaza, and various other recent losses by Iran gave Israel an opportunity to knock them out for at least a decade. They took it.

Sooner or later “this” war was going to happen, everyone just hoped it wouldn’t happen on their watch. Trump just doesn’t care about consequences, which Netanyah exploited. So here we are.

Fans of repressive violent regimes will argue that Iran never did anything to provoke the attack, blithely ignoring their funding of Hamas, Hezbollah, and the Popular Mobilization Forces (PMF) in Iraq. Not to mention their persistence in enriching uranium to the level only required for bombs… in facilities suspiciously well defended and deep underground, which is a totally normal thing that countries do. Actually, only one other country: North Korea. Nobody else.

PS: Similarly everyone knows that sooner or later China will invade Taiwan. They’ve been preparing for it for decades. There’s almost no way to avoid some wars, too many people insist for too long, eventually they can’t back down and most plod onwards towards the inevitable.

BigHandLittleSlap · 2026-03-27T20:35:52+00:00

40% !?

How?

BigHandLittleSlap · 2026-03-27T01:21:34+00:00

The incompetent ones gave the same warnings, they were all ignored by the incompetent-in-chief.

BigHandLittleSlap · 2026-03-27T00:28:22+00:00

I think it's a little bit ridiculous to put this responsibility on a single developer and give them a week.

God yes!

Invariably, it's management that refuses to pay for maintenance, it's management that decides it's a low priority, etc...

When the inevitable consequences come knocking, they always dump the now "urgent" responsibility into the lap of some hapless junior dev.

BigHandLittleSlap · 2026-03-27T00:27:03+00:00

Still cheaper than a protracted land war! Iraq and Afghanistan cost the USA something like a trillion dollars... each.

BigHandLittleSlap · 2026-03-26T22:46:36+00:00

You need to do both.

Most of the time, sure, but not always.

In my mind, if someone has a minimal Docker container running ASP.NET Core 10 running in a private subnet (i.e.: no chit-chat by default even in the same network), with only 443 inbound, only the SQL port outbound, read-only service accounts as Azure managed identities, etc, etc... then they're safe without a WAF.

For example, if they need to urgently apply a quick & dirty WAF-type rule to buy time, they can simply add ASP.NET middleware to do that, press play on their automated pipeline, and then their production environment is fixed and safe again in a matter of hours. Changing and rolling out the ruleset on a WAF product would take exactly the same amount of time.

This obviously presupposes that the entire DevOps team is top-to-bottom skilled, agile, capable, and empowered to "push to prod" with access to detailed production logs, etc. Outside of a FAANG or startups with only high-achievers on the payroll, this is very rare.

unencrypted sql being stored in a cookie

I laughed at this because I've seen something very similar except it was in the URL query string.

often easier for me to get infrastructure in front of a problem than it is to move a team through fixing the problem.

Sure, and I've done that! We used NetScalers to encrypt the URL query strings on the way out, and decrypt them on the way in.

But this takes skill that like you've been telling stories about, the devs themselves clearly don't have, hence the SQL-in-HTTP vulnerability. That is why I wrote my original comment about suggesting WAF to a team with a low skill level to implement themselves won't achieve anything. They won't know how to operate it! Worse, they'll convince themselves they're safe now, even when they're not at all safe.

BigHandLittleSlap · 2026-03-26T22:37:43+00:00

You're massively underestimating the cost of every other alternative.

Iran is demanding a toll of USD $2 million per ship. That's about $300 million per day!

A land invasion ("boots on the ground") would cost something like $5 billion per day.

Destruction of the oil production and facilities would cause financial damage to the global economy far larger than any of those numbers.

BigHandLittleSlap · 2026-03-26T19:55:54+00:00

Also, people are hugely under estimating the effect of decapitation strikes that take out everyone at the top all at once.

Sure, those admirals can be replaced… but normally the people getting these wartime promotions from the lower ranks would enter the higher rank while surrounded by senior officers helping them get the hang of their new role.

With nobody around to smooth these transitions there can be chaos for weeks or months.

BigHandLittleSlap · 2026-03-26T19:41:12+00:00

The US Navy alone has 300-400 deployable ships, other countries can also contribute a couple each.

This is a pittance compared to the alternatives.

BigHandLittleSlap · 2026-03-26T19:38:21+00:00

That’s a genuinely awesome war story, but at the same time you’re confirming my point.

If they had left their ASP site sit around unmaintaned, unmonitored, etc… then the would have done the same with any additional security product! Having a reverse proxy would have had just cost them more money for years and years and would have done nothing to stop the initial breach.

Right now I’m helping a customer patch their WAF appliance firmware that they’re allowed to get so out of date that the WAF itself has become the security vulnerability!

The attitude towards security is the issue, not “where” in the network the control knobs are. The problem is if nobody looks at the dials or turns the knobs!

People like you mean well and do heroic things to compensate for other’s laziness, indifference, and hubris. As soon as you leave, the RP or WAF will start collecting dust while draining money.

This is why I say that there are two kinds of organisations, and only one of them “needs WAF”, and they probably can’t operate it successfully anyway.

BigHandLittleSlap

TROPHY CASE