home tags events about login

benjojo rss

Hope you never notice the outages I cause. Knows where the RFC2616 bodies are buried. recurse.com SP'2 18

Follow me using: @benjojo@benjojo.co.uk in your client

benjojo posted 12 Dec 2024 15:32 +0000

I was annoyed that the bank my biz uses is increasing prices by 80%, and then I looked at NatWest and see that they charge at least £0.35 to do anything (receiving money, cash, paying something on card, really, the whole lot!) and now I am somewhat less upset

benjojo reposted 12 Dec 2024 11:15 +0000
original: equinox@chaos.social

Y'all know what... this #X11 -> #Wayland switch is a great parallel on why we haven't ditched and rewritten #FRRouting yet:

Yes, it's >25 year old code, some of it truly toxic and radioactive, and some really poor design too.

But writing a new one is yrs of pain to get it to 90% (that also need to be funded = 404 here), and then a decade to fix half the edge case hellbugs.

It's written in the blood of previous users&bugs. (h/t @benjojo for that idiom, I had no wording for that concept before)

benjojo posted 11 Dec 2024 16:51 +0000

One for the Brits at the moment

A long haired cat at night looking into the distance, the overlay text is " Damn how much daylight they tryna save?? It's dark as hell "

benjojo posted 10 Dec 2024 13:00 +0000

Double ~~barrelled~~ RJ45 QSFP+ module anyone? This monstrosity gets you 2x10G BASE-T in a single QSFP+ port (you are still throwing away 50% of port capacity here though)

It bends around tight spots by the looks of it as well!

HPE Synergy Dual 10GBASE-T QSFP+ 30m RJ45 Transceiver 838327-B21

https://www.ebay.com/itm/196729269081

Photos of a QSFP+ pluggable module, except it has a large "head" and 2 RJ45's ports Photos of a QSFP+ pluggable module, except it has a large "head" and 2 RJ45's ports Photos of a QSFP+ pluggable module, except it has a large "head" and 2 RJ45's ports

benjojo posted 09 Dec 2024 16:19 +0000

Keep having to slap my wrist whenever I nearly use sudo in VSCode terminals, like no! A chrome window does not get to elevate to root in any way!

benjojo posted 09 Dec 2024 11:38 +0000

Thinking about that NASA branded tank I saw at NASA Ames a few months ago

Why did/does NASA need a tank

A photo of a grey large tank with a black nasa logo decal on it, there is also a large number 2 on it, in the background is a more standard looking tank/armoured technical and a large water tower against a clear blue California sky

benjojo posted 08 Dec 2024 01:03 +0000

mmm, the average internet background noise per /24 is about 92 pps at the moment

benjojo posted 05 Dec 2024 15:53 +0000

Wow, when did 28TB 3.5" CMR drives show up on the casual market?!

Though looking at ST28000NM000C, the transfer speeds are still not really getting any better. You are still looking at less than 300MiB/s on a 28T spinner...

(You can get 32T SMR from Seagate)

benjojo posted 05 Dec 2024 12:33 +0000

I love the idea of the DoD using Matrix during what may turn out to be pretty eventful next few years.

Coast Guard: We are seeing unknown boats on the western sea board
Air Force: [Unable to decrypt message]
Army: [Unable to decrypt message]
NATO: [Unable to decrypt message]

benjojo posted 03 Dec 2024 11:48 +0000

Maybe I just have a aversion to calling myself a director/ceo/whatever, But I can't think of a good and non eww thing to put into a "Position" box for a single guy company

A entry box with 4 boxes, Name, Organization, Position, Country, the Position has "idk the guy?"

benjojo posted 01 Dec 2024 19:59 +0000

$ javaws Downloads/launch\(1\).jnlp 
...
Unrecognized VM option 'PermSize=32M'
Error: Could not create the Java Virtual Machine.
Error: A fatal exception has occurred. Program will exit.

Why must javaws be like this (every major version breaks most workarounds to make BMC console applets work)

benjojo posted 28 Nov 2024 21:08 +0000

Signs that your SEO game was is so good that everyone* hates you for it

(source)

* "everyone", being the 34,696 who seemingly pay for a search engine

View the top domains that users create personalizations for. The leaderboard shows aggregated rankings from domains that have been used by at least 20 users. All of the results below are various Pintrest domains

benjojo posted 27 Nov 2024 16:00 +0000

My brand new (and expensive) 1G DWDM optic doesn't work so I will likely have to go back to slough >:C

A edited photo of a cat showing sad/crying eyes and yelling in what appears to be despair

benjojo posted 27 Nov 2024 15:10 +0000

So there is the term "COTS" for Commercial-Off-The-Shelf, however we could just rearrange all of the main L3 router vendors at the moment to form:

"JANC" (Juniper Arista Nokia Cisco)

Much better

benjojo posted 27 Nov 2024 10:37 +0000

Wondering if I should rig up a LiveSpit for my ccc talk... Not to make me speed through the slides, but to keep me at a predictable pace as I tend to go way too fast otherwise. Seems like a "fun"/easy to grasp way to gauge if I am over/under pace

benjojo posted 26 Nov 2024 22:14 +0000

Proud of myself that if I type "tw" into the browser bar it no longer suggests twitter, simply because I dont go there enough anymore to have it weigh in as the ranking (also I assume because the x . com domain move has stolen all of the thunder)

benjojo posted 26 Nov 2024 22:06 +0000

Packaging on my box of green tea claims it has "all natural ingredients"

Which needs me to wonder what a "all unnatural ingredients" tea would be like, like how far can science go? What would it even taste like?

benjojo posted 26 Nov 2024 20:44 +0000

Taking a glance at the orange news website's "Whos Hiring" thread and I get the following impressions:

A) Everything is US healthcare tech now?

B) Some YC companies names are so far detached from meaning (What do you think "goblins", "bloop", "Peanut" do?)

C) I see why friends are staying in their semi-grim situation jobs right now

(It should be made clear, I'm not looking)

benjojo posted 26 Nov 2024 16:25 +0000

I went back into my "stupid blog post ideas" and one of them was "can you boot from FUSE filesystems?", well I'm happy to report that @ersei beat me to it!

(Though my plan was to have a FUSE FS backed by MySQL, so you only needed one place for state (!) when netbooting a box)


Booting Linux off of Google Drive

https://ersei.net/en/blog/fuse-root

benjojo posted 26 Nov 2024 13:13 +0000

Stacking the "please be dim/quiet" bits for testing

Image holding a SFP optic with fibre in it, but the output fibre of the optic has 3 blue "5db" modules on it, below is a picture of someone holding their dogs muzzle shut

benjojo posted 23 Nov 2024 22:54 +0000

A true chaos thread where only people named Ben can participate

A gmail screenshot with the authors "Ben, Ben, Ben" and the thread is 56 emails long

benjojo posted 22 Nov 2024 01:05 +0000

sigh I see, I mean, at least I know what is coming when I fill this out

A drop down box with a title "I want a solutions expert to contact me?" and the only option on the drop down is "Yes!"

benjojo posted 21 Nov 2024 20:20 +0000

Grafana stop randomly logging me out challenge (impossible)

benjojo posted 21 Nov 2024 16:31 +0000

Doing a bit of aliexpress safari again, and while this motherboard looks incredibly silly if you added a load of PLX PCIe switch/failover chips you would basically have a motherboard+CPU that is functionally the same as most big carrier routers

A 8 x16 PCIE slot long brown motherboard, the specs say: Mainboard model:B75 direct 8-card multi-graphics board  Motherboard plate type: E-ATX pro  Board size: 600 * 180mm M ain chip model:B75 chip  Layer number of PCB:4 layer  Power supply module:8* 6PIN video card power supply port  Integrated graphics:Integration  Integrated sound card:No  CPU slot type:LGA1155  Memory slot: DDR3 notebook, 1 *slot 1 *channel  Peak memory capacity: 8 G^ * 1 1600 notebooks  Memory speed:1866/1600/1333/1066  SATA interface: SATA 3 ^ * MSATA*1  USB interface: USB2*2 cup S B3^ * 2( Contains extended) M.2 interface:No

benjojo posted 21 Nov 2024 15:33 +0000

Mildly interesting, got a alert of a box going mental on the load avg

 Tasks: 155, 243 thr; 2 running
 Load average: 5922.82 4616.68 2131.84
 Uptime: 151 days(!), 22:30:04

dmesg said

[12507760.522357] INFO: task kcompactd0:32 blocked for more than 1208 seconds.
[12507760.522411]       Not tainted 5.10.[redacted]
[12507760.522446] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[12507760.522491] task:kcompactd0      state:D stack:    0 pid:   32 ppid:     2 flags:0x00004000

It turned out that one sshfs PID had decided to become a slow moving fork bomb..? Sure I guess, that's a new one

benjojo reposted 20 Nov 2024 08:43 +0000
original: chort@infosec.exchange

LMAO, does OkCupid run on Excel now???

This just happened recently. I bet this was a botched database migration. Maybe that explains why chat messages are showing out of order too.

LOL, what a dumpster fire.

How many children would you ideally like to have?
- person A: 2-Jan
- person B: 4-Mar

(the answers were originally 1-2 and 3-4, respectively)

benjojo posted 19 Nov 2024 20:58 +0000

When stuff says "doing x 100% of the time", like surely that's not very efficient doing something for only 1 amount of time per thread/time

Over in bgptools land, im doing BGP and BGP related processing approximately 24000% of the time

benjojo posted 19 Nov 2024 19:22 +0000

Did you bgp.tools sessions go down ~1 hour ago? Here is the RFO:

It turns out the locking mechanism on one of the uplink ports on a satellite PoP doesn't work, and the RJ45 can move about ~5mm, enough to drop a link when you are fiddling doing something else

benjojo posted 19 Nov 2024 18:00 +0000

Google Earth now has a good web client! And the historical imagery feature is now easily hyperlinkable, I have already wasted a unreasonable amount of time playing with this.

And look! One of the days sat/aerial photos were taken was during Bristol Pride!

Link: https://earth.google.com/web/search/52%c2%b013%2747.4%22N+0%c2%b028%2715.4%22W/@51.45072737,-2.59511422,10.26995062a,367.21371602d,35y,0h,0t,0r/data=Cj4iJgokCYZBTcAdKUpAEVCfPOB9zklAGSzxY6OX8eU_IYzngvU-6fi_KhAIARIKMjAxMy0wNy0xMxgBQgIIAToDCgEwQgIIAEoNCP___________wEQAA

A screenshot of google earth showing Queens park in Bristol, with a large pride flag in it and many people, there is another window in view showing the date of bristol pride and it matches with when the photo was taken

benjojo posted 19 Nov 2024 15:10 +0000

Super weird that for the past year+ you just can't transit TCP connections for port 646 (IE: ldp) towards AS6939/Hurricane Electric

Are they patching over some horrible bug in their stack? I mean I don't think anyone is doing multihop LDP, but it's still _weird_ for a carrier to ACL off a TCP/UDP port

Reminds me of the days (maybe still) of Virgin Media dropping all SMB connections at the edge

benjojo posted 19 Nov 2024 00:02 +0000

Even after the bombs hit and there are no humans left, there will be two things that live on:

1) Some perl scripts on running crontab

2) Updates to the Google Cloud Third-Party Subprocessors list

benjojo posted 17 Nov 2024 21:22 +0000

Friend sent this to me earlier,

Yell not into the abyss, lest you become recognised as an abyss domain expert, and they expect you keep yelling into the damn thing

(The old tweet)

A whatsapp message that says "was just wondering if you could scream into the abyss for a moment for me"

benjojo posted 17 Nov 2024 17:13 +0000

In the continuing tradition of "everything is AI", Apparently DDoS attacks smarter than a cURL in a while(true){} loop is now AI according to this Nokia slide deck

The idea that botnets are a 2020 thing is a insane assertion to put on a slide deck that is trying to sell people who have DDoS problems mitigation appliances.

There is a conundrum with these kinds of talks, because they are almost always conference sponsor talks. I feel a weird obligation to not call out the insane stuff in their slides, but also. This is such a warped reality being presented. gah.

A nokia side that says the following DDoS also has evolved over time (Spoofed) Small number of compromised machines generating spoofed traffic to victim or via misconfigured DNS, NTP, Memcache servers Blocked on scrubber using SYN-cookie, port / protocol / packet size access control lists (ACLs) or policers Mostly amateur/script-based and commercial booter web sites 2020-2024 (Botnet) Thousands of compromised loT botnet devices generating traffic floods or sending realistic HTTP/DNS/VoIP requests to servers. GigE symmetric rollouts. Difficult to mitigate using traditional DDoS mitigation appliances Criminal gangs / state-affiliated actors 2024+ (AI) Millions or hundreds of thousands of residential proxies, compromised loT sending realistic HTTP/DNS/VoIP requests to servers High automation and attack variability. Both microburst and long-lived. Criminal gangs / state-affiliated actors

benjojo posted 17 Nov 2024 13:08 +0000

CCC / #38C3 goers, Help the schedule team figure out what talks should not clash with each other by tagging (and pressing submit) the talks you would go to if you could: https://halfnarp.events.ccc.de/

(boots ok etc)

benjojo posted 17 Nov 2024 13:01 +0000

At some point I do feel a little sorry for the Iridium Satellite Network, it seems to be the punching bag of security research.

On the other hand, it is the most accessible and... vintage/accessible tech

benjojo posted 14 Nov 2024 12:28 +0000

I have a better thermal camera for a few days, one of the infiray sensors that does not have the 9hz ITAR limits!

Little USB-C thing, and only requires a little bit of messing with to give some kind of output in Linux.

sudo rmmod uvcvideo
sudo modprobe uvcvideo quirks=0x02

Is needed, and then the UVC interface "works" (obviously without any of the post processing that is offered by the smart phone apps)

near 30FPS thermal performance is soooo nice, the extra resolution also is welcome

benjojo posted 12 Nov 2024 11:31 +0000

Hmmmm. "cool" feature of some IX's combined with some IX participants.

First, find a IX address that is not in use:

root@linx-ns:~# ping 195.66.231.230
PING 195.66.231.230 (195.66.231.230) 56(84) bytes of data.
^C
--- 195.66.231.230 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms

Then hard set it's neighbour mac address to something that is not on the IXP

root@linx-ns:~# ip neigh replace 195.66.231.230 lladdr de:ad:ad:dd:dd:dd dev enp129s0f0.700

Then set a destination route to go via the mac-address-that-does-not-exist

root@linx-ns:~# ip route add 9.9.9.9/32 via 195.66.231.230

and then ping it

root@linx-ns:~# ping 9.9.9.9
PING 9.9.9.9 (9.9.9.9) 56(84) bytes of data.
From 195.66.226.119: icmp_seq=1 Redirect Host(New nexthop: 195.66.225.238)
64 bytes from 9.9.9.9: icmp_seq=1 ttl=63 time=0.720 ms
64 bytes from 9.9.9.9: icmp_seq=1 ttl=63 time=0.756 ms (DUP!)
64 bytes from 9.9.9.9: icmp_seq=1 ttl=63 time=1.47 ms (DUP!)
^C
--- 9.9.9.9 ping statistics ---
1 packets transmitted, 1 received, +2 duplicates, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.720/0.981/1.468/0.344 ms

Cool right??

What is happening here is nuts on many different levels. To start, the non existent MAC address forces this IX (LINX) to treat any packets send to as "BUM" traffic, LINX could have prevented this by using static MAC like quite a lot of the other big ones do.

That however does not explain why we got ping responses... It turns out some routers on the peering LAN don't check if the destination MAC address for a packet is their own before forwarding the traffic! in this case 3 different LINX member routers saw my unknown unicast packet and was like "sure, why not, I'll route that!", and the packet routed all the way through to 9.9.9.9, and a response came back to me.

Mental!

benjojo posted 11 Nov 2024 21:36 +0000

mmm, LHR<->SFO per flow latency graph sometimes looking like artwork

A grafana graph that suddenly splits out of it's single straight lines and goes into a large bump for 5 hours