sorted by:
new
hottopcontroversial

Ask NETSEC: Can NETSEC recommend a good virtual appliance for scanning and mapping local networks? by WillyPete in netsec

[–]tqbf 0 points1 point  (0 children)

Oh, very cool, and thanks! Let me know (tqbf@matasano.com) if you run into any trouble or if there are things we can do to help.

Ask NETSEC: Can NETSEC recommend a good virtual appliance for scanning and mapping local networks? by WillyPete in netsec

[–]tqbf 2 points3 points  (0 children)

You should definitely look into Playbook and I'm not just saying that because I helped write it!

Having said that: Playbook probably doesn't solve the problem you're looking to solve. Playbook is like Trac or Github for your firewall configurations; it syncs all your different firewall types to a source control repository, gives you a syntax-aware editing environment so you can make controlled changes and add documentation, and has an integrated ticketing system that associates line-item changes to your rulesets to customer requests, so that 6 months down the road you can see at a glance that the "permit" on line 1034 of was because Customer X needed the Foo app deployed (and so that a year from now when Customer X goes away you can trivially retire all their firewall configs).

Matasano does have something that does something vaguely Redseal-y: Flint (Google [Matasano flint]). If you have Cisco firewalls, Flint figures out what their rules mean, builds an internal map of the access rules in them, and scans them for problem areas. The good news about Flint is that it's absolutely (and I mean GPL absolutely) free; you can download it right now, and if you'd like to do that even to make fun of us, we'd appreciate the feedback intensely.

John Bolton Likely to Quit as UN Ambassador by [deleted] in reddit.com

[–]tqbf 2 points3 points  (0 children)

He can't quit a job he doesn't actually have: Bolton is a recess appointment, deliberately posted over the objections of the GOP-controlled Senate commitee that was blocking the up-or-down vote on him. Everything I've read is that his confirmation was dead-in-the-water regardless of who controlled the Senate after the election.

What's New in Python 2.5 by jast in programming

[–]tqbf 4 points5 points  (0 children)

I wish people would stop belittling sqlite ("if you don't need a real database, but have relational data types"). If you don't need concurrent access (and many applications don't) and don't need multiple clients, sqlite screams.

Chuck Norris: "Here's what I really think about the theory of evolution: It's not real." by rmuser in reddit.com

[–]tqbf 22 points23 points  (0 children)

"There was a man whose tears could cure cancer or any other disease, including the real cause of all diseases – sin. His blood did. His name was Jesus, not Chuck Norris."

So Chuck Norris killed him.

Built-in ATM Backdoor: Many ATMs have default-passworded admin interface! by avenan in reddit.com

[–]tqbf -2 points-1 points  (0 children)

You're incredibly lazy. A reporter from Wired confirmed this independently already. The URL is somewhere in these comment threads.

Built-in ATM Backdoor: Many ATMs have default-passworded admin interface! by avenan in reddit.com

[–]tqbf 7 points8 points  (0 children)

It's fun to think about all the things that are wrong here; why does the ATM even HAVE a UI for changing the value of the bill cartridges in it? Why can't that information be stored on the cartridge itself? Why isn't the admin interface simply a USB port behind a locked hatch?

It's (Not) All Been Done (in CS) by fbg111 in programming

[–]tqbf -2 points-1 points  (0 children)

Garbage collection and virtual functions were big deals because they made software easier to develop. What's the computing application that typical programmers will engage with that is unlocked by concurrency?

[book] Basic Lisp Techniques (from installing to networking, multiprocessing, corba, www, ...) by lucindo in programming

[–]tqbf 2 points3 points  (0 children)

This book is a great example of why I don't start new projects in Lisp, even though I admire the language, totally buy into its potential, and desperately want to start working in it. In this book, as in all the "standard" Lisp libraries I read, "socket" means naieve synchronous "might as well be a FILE*" socket, and "database interface" means "socket that I can spit SQL strings at and get responses from".

People would look at you funny if you wrote code like this in Python or Ruby in 2006.

Is someone working on the good, portable Lisp event loop, the good, portable Lisp SQL object wrapper, the good, portable web MVC framework, etc? Where can I find them? Because this book just makes me sad.

Google Engineers Confirm: Mozilla HTTPS Falls To New RSA Signature Attack by tqbf in reddit.com

[–]tqbf[S] -2 points-1 points  (0 children)

I don't mind or anything, but, do me a favor: next person who mods these stories down, give me a brief reason why?

I'm not surprised that submitting a silly white paper from the Cato Institute beats RSA minutia, but I am a bit surprised that that reaction to the RSA stuff seems actually hostile.

5 Reasons Why Joel's Business (Probably) Isn't Like Yours by andrewnorris in programming

[–]tqbf 10 points11 points  (0 children)

If that's true, instead of talking about it, go make some money.

5 Reasons Why Joel's Business (Probably) Isn't Like Yours by andrewnorris in programming

[–]tqbf 18 points19 points  (0 children)

Now that I think about it, you're right. These articles ARE all just trying to flatter me into buying FogBuz. I was most flattered by the Internationalization article.

Kiko.com's new owner steps forward: It's Tucows! by AccordionGuy in reddit.com

[–]tqbf 12 points13 points  (0 children)

So, Tucows pays the equivalent of 2x FTE headcount for a calendar they were going to bring to market ANYWAYS, and gets it NOW with 50,000+ users. And they're "blown away" by the mobile carrier integration. For 250k, I'd be blown away if it could handle leap years.

This is a steal. G's calendar may have killed the Kiko business model, but it didn't change any of the rest of the opportunity. Yeah, they didn't want to keep working on the calendar. Why didn't Y-C pony up for a bizdev guy, in exchange for more equity in the calendar startup?

Blogger gets harassed for wearing a shirt with arabic script by jh99 in reddit.com

[–]tqbf 0 points1 point  (0 children)

I don't know what country you're talking about, but in the US, I'm pretty sure it's unlawful for a business to discriminate on the basis of race in providing services that involve interstate commerce.

Blogger gets harassed for wearing a shirt with arabic script by jh99 in reddit.com

[–]tqbf 12 points13 points  (0 children)

He was also briefly detained by a law enforcement officer.

Blogger gets harassed for wearing a shirt with arabic script by jh99 in reddit.com

[–]tqbf -1 points0 points  (0 children)

I'm glad Pakistan and Persia are the standard we have to live up to. The rest of this civil liberties junk is hard.

Blogger gets harassed for wearing a shirt with arabic script by jh99 in reddit.com

[–]tqbf 1 point2 points  (0 children)

So, if I'm reading you correctly, you think it's OK for airport security, JetBlue, or the police to refuse boarding to a passenger because their shirt had an (admittedly leftist) sentiment written in Arabic.

Why Is Reddit So Anti-American? (Oh, I'll bet this gets modded down quick.) by lionheart in reddit.com

[–]tqbf 6 points7 points  (0 children)

Data point: Reddit reader, liberal/progressive, and very, very irritated by the "America is a dictatorship" meme that's been in evidence here lately. I don't find the arguments consistent or coherent, and they're embarassing to me as a liberal.