Discussion:
9.9/10 security vulnerability affecting Linux (and others) set to be revealed on October 6th
Add Reply
CrudeSausage
2024-09-26 00:21:13 UTC
Reply
Permalink
Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
developer:

"From a generic security point of view, a whole Linux system as it is
nowadays is just an endless and hopeless mess of security holes waiting
to be exploited." (kind of like Chris Ahlstrom's body)

<https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>
--
CrudeSausage
Catholic, paleoconservative, Christ is king
DFS
2024-09-26 00:39:16 UTC
Reply
Permalink
Post by CrudeSausage
an endless and hopeless mess of security holes waiting
to be exploited." (kind of like Chris Ahlstrom's body)
LMAO!
RonB
2024-09-26 04:03:02 UTC
Reply
Permalink
Post by CrudeSausage
Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
"From a generic security point of view, a whole Linux system as it is
nowadays is just an endless and hopeless mess of security holes waiting
to be exploited." (kind of like Chris Ahlstrom's body)
<https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>
Yet another "catastrophic" Linux security threat that will be fixed within
days. You realize that Cyber Security News makes their case for existence by
hyperventilating about potential "catastrophic" security threats, right?
--
“Evil is not able to create anything new, it can only distort and destroy
what has been invented or made by the forces of good.” —J.R.R. Tolkien
CrudeSausage
2024-09-26 12:21:20 UTC
Reply
Permalink
Post by RonB
Post by CrudeSausage
Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
"From a generic security point of view, a whole Linux system as it is
nowadays is just an endless and hopeless mess of security holes waiting
to be exploited." (kind of like Chris Ahlstrom's body)
<https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>
Yet another "catastrophic" Linux security threat that will be fixed within
days.
They're working on it and so far coming up with no way of fixing it. I
wouldn't be surprised if there is no solution by October 6th. If that is
the case, you just know that bad actors will be attacking Linux
relentlessly from October 7th on. This looks like the real deal. 9.9/10
is pretty serious when you consider that the aforementioned issues were
rated between 5 and 7 on 10.
Post by RonB
You realize that Cyber Security News makes their case for existence by
hyperventilating about potential "catastrophic" security threats, right?
Perhaps, but the developers on GitHub have been freaking out as well to
a point that Lunduke felt it necessary to bring this problem to light.
Those developers are usually arrogant about their ability to fix such
issues, not this time.
--
CrudeSausage
Catholic, paleoconservative, Christ is king
RonB
2024-09-27 03:45:11 UTC
Reply
Permalink
Post by CrudeSausage
Post by RonB
Post by CrudeSausage
Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
"From a generic security point of view, a whole Linux system as it is
nowadays is just an endless and hopeless mess of security holes waiting
to be exploited." (kind of like Chris Ahlstrom's body)
<https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>
Yet another "catastrophic" Linux security threat that will be fixed within
days.
They're working on it and so far coming up with no way of fixing it. I
wouldn't be surprised if there is no solution by October 6th. If that is
the case, you just know that bad actors will be attacking Linux
relentlessly from October 7th on. This looks like the real deal. 9.9/10
is pretty serious when you consider that the aforementioned issues were
rated between 5 and 7 on 10.
We'll see. I've seen these "horror stories" come and go in the past. Maybe
I'm wrong this time.
Post by CrudeSausage
Post by RonB
You realize that Cyber Security News makes their case for existence by
hyperventilating about potential "catastrophic" security threats, right?
Perhaps, but the developers on GitHub have been freaking out as well to
a point that Lunduke felt it necessary to bring this problem to light.
Those developers are usually arrogant about their ability to fix such
issues, not this time.
Okay, If I'm lulled into a false sense of security than I guess I'll be
wrong.

Still not particularly worried about it though.
--
“Evil is not able to create anything new, it can only distort and destroy
what has been invented or made by the forces of good.” —J.R.R. Tolkien
RonB
2024-09-27 04:17:24 UTC
Reply
Permalink
Post by CrudeSausage
Post by RonB
Post by CrudeSausage
Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
"From a generic security point of view, a whole Linux system as it is
nowadays is just an endless and hopeless mess of security holes waiting
to be exploited." (kind of like Chris Ahlstrom's body)
<https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>
Yet another "catastrophic" Linux security threat that will be fixed within
days.
They're working on it and so far coming up with no way of fixing it. I
wouldn't be surprised if there is no solution by October 6th. If that is
the case, you just know that bad actors will be attacking Linux
relentlessly from October 7th on. This looks like the real deal. 9.9/10
is pretty serious when you consider that the aforementioned issues were
rated between 5 and 7 on 10.
Post by RonB
You realize that Cyber Security News makes their case for existence by
hyperventilating about potential "catastrophic" security threats, right?
Perhaps, but the developers on GitHub have been freaking out as well to
a point that Lunduke felt it necessary to bring this problem to light.
Those developers are usually arrogant about their ability to fix such
issues, not this time.
Interestingly enough, since this works through the CUPS system On Unix-based
machines, this also affects MacOS. Odd Cyber Security News didn't mention
that little factlet.

Summary

The first of a series of blog posts has been published detailing a
vulnerability in the Common Unix Printing System (CUPS), which
purportedly allows attackers to gain remote access to UNIX-based systems.
The vulnerability, which affects various UNIX-based operating systems,
can be exploited by sending a specially crafted HTTP request to the CUPS
service.

Threat Topography

Threat Type: Remote code execution vulnerability in CUPS service

Industries Impacted: UNIX-based systems across various industries,
including but not limited to, finance, healthcare, and government

Geolocation: Global, with potential impact on UNIX-based systems
worldwide

Environment Impact: High severity, allowing attackers to gain remote
access and execute arbitrary code on vulnerable systems

Overview

X-Force Incident Command is monitoring what claims to be the first in a
series of blog posts from security researcher, Simone Margaritelli,
detailing a vulnerability in the Common Unix Printing System (CUPS),
which purportedly can be exploited by sending a specially crafted HTTP
request to the CUPS service. The vulnerability affects various UNIX-based
operating systems, including but not limited to, Linux and macOS. The
vulnerability can be exploited to gain remote access to affected systems,
allowing attackers to execute arbitrary code and potentially gain
elevated privileges. X-Force is investigating the disclosure and
monitoring for exploitation. We will continue to monitor this situation
and provide updates as available.

Key Findings

The vulnerability affects various UNIX-based operating systems,
including but not limited to, Linux and macOS

All versions of Red Hat Enterprise Linux (RHEL) are affected, but are
not vulnerable in their default configurations.

The vulnerability can be exploited by sending a specially crafted HTTP
request to the CUPS service

The vulnerability allows attackers to gain remote access to affected
systems and execute arbitrary code

The vulnerability has been identified as high severity, with potential
for significant impact on affected organizations

Mitigations/Recommendations

Disable the CUPS service or restrict access to the CUPS web interface

In case your system can’t be updated and you rely on this service,
block all traffic to UDP port 631 and possibly all DNS-SD traffic
(does not apply to zeroconf)

Implement additional security measures, such as network segmentation
and access controls, to limit the spread of the vulnerability

Conduct thorough vulnerability assessments and penetration testing to
identify and remediate any other potential vulnerabilities

Implement robust incident response and disaster recovery plans to
mitigate the impact of a potential breach

https://securityintelligence.com/news/fysa-critical-rce-flaw-in-gnu-linux-systems/

And this...

That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking
of devices

No patches yet, can be mitigated, requires user interaction

Thu 26 Sep 2024 // 17:34 UTC

Final update After days of anticipation, what was billed as one or more
critical unauthenticated remote-code execution vulnerabilities in all
Linux systems was today finally revealed.

In short, if you're running the Unix printing system CUPS, with
cups-browsed present and enabled, you may be vulnerable to attacks that
could lead to your computer being commandeered over the network or
internet. The attacks require the victim to start a print job. Do not be
afraid.

The bugs were found and privately reported by software developer Simone
Margaritelli who has now openly disclosed the security weaknesses in
detail here. This write-up is said to be part one of two or maybe three,
so expect more info at some point.

He went public today at 2000 UTC after seemingly becoming frustrated with
the handling of his vulnerability reports by CUPS developers. No patches
are available yet. Public disclosure was previously expected to be no
later than September 30.

What you need to know for now, according to Margaritelli, is:

Disable and/or remove the cups-browsed service.

Update your CUPS installation to bring in security updates if or when
available.

Block access to UDP port 631 and consider blocking off DNS-SD, too.

It affects "most" Linux distros, "some" BSDs, possibly Google ChromeOS,
Oracle's Solaris, and potentially others, as CUPS is bundled with
various distributions to provide printing functionality.

To exploit this across the internet or LAN, a miscreant needs to reach
your CUPS service on UDP port 631. Hopefully none of you have that
facing the public internet. The miscreant also has to wait for you to
start a print job.

If port 631 isn't directly reachable, an attacker may be able to spoof
zeroconf, mDNS, or DNS-SD advertisements to achieve exploitation.
Details of that path will be disclosed later, we're promised.

If you don't have cups-browsed on your system, you're good. If you don't
need CUPS, consider removing it all from your computer just to be safe. If
you never print anything, you're probably also good.

How would a vulnerable system be hijacked? "A remote unauthenticated
attacker can silently replace existing printers’ (or install new ones) IPP
URLs with a malicious one, resulting in arbitrary command execution (on
the computer) when a print job is started (from that computer)," says
Margaritelli.

https://www.theregister.com/2024/09/26/cups_linux_rce_disclosed/

Not only Macs, but possibly Chromebooks.

I disabled cups-browsed. Guess I'm good. Doomsday averted.
--
“Evil is not able to create anything new, it can only distort and destroy
what has been invented or made by the forces of good.” —J.R.R. Tolkien
CrudeSausage
2024-09-27 12:40:40 UTC
Reply
Permalink
Post by RonB
Post by CrudeSausage
Post by RonB
Post by CrudeSausage
Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
"From a generic security point of view, a whole Linux system as it is
nowadays is just an endless and hopeless mess of security holes waiting
to be exploited." (kind of like Chris Ahlstrom's body)
<https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>
Yet another "catastrophic" Linux security threat that will be fixed within
days.
They're working on it and so far coming up with no way of fixing it. I
wouldn't be surprised if there is no solution by October 6th. If that is
the case, you just know that bad actors will be attacking Linux
relentlessly from October 7th on. This looks like the real deal. 9.9/10
is pretty serious when you consider that the aforementioned issues were
rated between 5 and 7 on 10.
Post by RonB
You realize that Cyber Security News makes their case for existence by
hyperventilating about potential "catastrophic" security threats, right?
Perhaps, but the developers on GitHub have been freaking out as well to
a point that Lunduke felt it necessary to bring this problem to light.
Those developers are usually arrogant about their ability to fix such
issues, not this time.
Interestingly enough, since this works through the CUPS system On Unix-based
machines, this also affects MacOS. Odd Cyber Security News didn't mention
that little factlet.
Summary
The first of a series of blog posts has been published detailing a
vulnerability in the Common Unix Printing System (CUPS), which
purportedly allows attackers to gain remote access to UNIX-based systems.
The vulnerability, which affects various UNIX-based operating systems,
can be exploited by sending a specially crafted HTTP request to the CUPS
service.
Threat Topography
Threat Type: Remote code execution vulnerability in CUPS service
Industries Impacted: UNIX-based systems across various industries,
including but not limited to, finance, healthcare, and government
Geolocation: Global, with potential impact on UNIX-based systems
worldwide
Environment Impact: High severity, allowing attackers to gain remote
access and execute arbitrary code on vulnerable systems
Overview
X-Force Incident Command is monitoring what claims to be the first in a
series of blog posts from security researcher, Simone Margaritelli,
detailing a vulnerability in the Common Unix Printing System (CUPS),
which purportedly can be exploited by sending a specially crafted HTTP
request to the CUPS service. The vulnerability affects various UNIX-based
operating systems, including but not limited to, Linux and macOS. The
vulnerability can be exploited to gain remote access to affected systems,
allowing attackers to execute arbitrary code and potentially gain
elevated privileges. X-Force is investigating the disclosure and
monitoring for exploitation. We will continue to monitor this situation
and provide updates as available.
Key Findings
The vulnerability affects various UNIX-based operating systems,
including but not limited to, Linux and macOS
All versions of Red Hat Enterprise Linux (RHEL) are affected, but are
not vulnerable in their default configurations.
The vulnerability can be exploited by sending a specially crafted HTTP
request to the CUPS service
The vulnerability allows attackers to gain remote access to affected
systems and execute arbitrary code
The vulnerability has been identified as high severity, with potential
for significant impact on affected organizations
Mitigations/Recommendations
Disable the CUPS service or restrict access to the CUPS web interface
In case your system can’t be updated and you rely on this service,
block all traffic to UDP port 631 and possibly all DNS-SD traffic
(does not apply to zeroconf)
Implement additional security measures, such as network segmentation
and access controls, to limit the spread of the vulnerability
Conduct thorough vulnerability assessments and penetration testing to
identify and remediate any other potential vulnerabilities
Implement robust incident response and disaster recovery plans to
mitigate the impact of a potential breach
https://securityintelligence.com/news/fysa-critical-rce-flaw-in-gnu-linux-systems/
And this...
That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking
of devices
No patches yet, can be mitigated, requires user interaction
Thu 26 Sep 2024 // 17:34 UTC
Final update After days of anticipation, what was billed as one or more
critical unauthenticated remote-code execution vulnerabilities in all
Linux systems was today finally revealed.
In short, if you're running the Unix printing system CUPS, with
cups-browsed present and enabled, you may be vulnerable to attacks that
could lead to your computer being commandeered over the network or
internet. The attacks require the victim to start a print job. Do not be
afraid.
The bugs were found and privately reported by software developer Simone
Margaritelli who has now openly disclosed the security weaknesses in
detail here. This write-up is said to be part one of two or maybe three,
so expect more info at some point.
He went public today at 2000 UTC after seemingly becoming frustrated with
the handling of his vulnerability reports by CUPS developers. No patches
are available yet. Public disclosure was previously expected to be no
later than September 30.
Disable and/or remove the cups-browsed service.
Update your CUPS installation to bring in security updates if or when
available.
Block access to UDP port 631 and consider blocking off DNS-SD, too.
It affects "most" Linux distros, "some" BSDs, possibly Google ChromeOS,
Oracle's Solaris, and potentially others, as CUPS is bundled with
various distributions to provide printing functionality.
To exploit this across the internet or LAN, a miscreant needs to reach
your CUPS service on UDP port 631. Hopefully none of you have that
facing the public internet. The miscreant also has to wait for you to
start a print job.
If port 631 isn't directly reachable, an attacker may be able to spoof
zeroconf, mDNS, or DNS-SD advertisements to achieve exploitation.
Details of that path will be disclosed later, we're promised.
If you don't have cups-browsed on your system, you're good. If you don't
need CUPS, consider removing it all from your computer just to be safe. If
you never print anything, you're probably also good.
How would a vulnerable system be hijacked? "A remote unauthenticated
attacker can silently replace existing printers’ (or install new ones) IPP
URLs with a malicious one, resulting in arbitrary command execution (on
the computer) when a print job is started (from that computer)," says
Margaritelli.
https://www.theregister.com/2024/09/26/cups_linux_rce_disclosed/
Not only Macs, but possibly Chromebooks.
I disabled cups-browsed. Guess I'm good. Doomsday averted.
MacOS was mentioned by Lunduke, but he also pointed out that he wasn't
sure if it affected them. He did mention that ChromeOS was affected. As
far as I can tell, fixing the problem will also require a user who needs
to print to return to the Stone Age in terms of configuration. I assume
that plugging the printer directly to the computer will not be
considered insecure, but any kind of automated network connectivity is
going to be a problem.

Either way, this is serious and Linux users shouldn't casually dismiss
this. It should also be noted that this is just one of the many such
problems that are going to arise in the future.
--
CrudeSausage
Catholic, paleoconservative, Christ is king
-hh
2024-09-27 17:05:59 UTC
Reply
Permalink
Post by CrudeSausage
Post by RonB
Post by CrudeSausage
Post by RonB
Post by CrudeSausage
Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
"From a generic security point of view, a whole Linux system as it is
nowadays is just an endless and hopeless mess of security holes waiting
to be exploited." (kind of like Chris Ahlstrom's body)
<https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>
Yet another "catastrophic" Linux security threat that will be fixed within
days.
They're working on it and so far coming up with no way of fixing it. I
wouldn't be surprised if there is no solution by October 6th. If that is
the case, you just know that bad actors will be attacking Linux
relentlessly from October 7th on. This looks like the real deal. 9.9/10
is pretty serious when you consider that the aforementioned issues were
rated between 5 and 7 on 10.
Post by RonB
You realize that Cyber Security News makes their case for existence by
hyperventilating about potential "catastrophic" security threats, right?
Perhaps, but the developers on GitHub have been freaking out as well to
a point that Lunduke felt it necessary to bring this problem to light.
Those developers are usually arrogant about their ability to fix such
issues, not this time.
Interestingly enough, since this works through the CUPS system On Unix-based
machines, this also affects MacOS. Odd Cyber Security News didn't mention
that little factlet.
    Summary
    The first of a series of blog posts has been published detailing a
    vulnerability in the Common Unix Printing System (CUPS), which
    purportedly allows attackers to gain remote access to UNIX-based
systems.
    The vulnerability, which affects various UNIX-based operating
systems,
    can be exploited by sending a specially crafted HTTP request to
the CUPS
    service.
    Threat Topography
       Threat Type: Remote code execution vulnerability in CUPS service
       Industries Impacted: UNIX-based systems across various industries,
       including but not limited to, finance, healthcare, and government
       Geolocation: Global, with potential impact on UNIX-based systems
       worldwide
       Environment Impact: High severity, allowing attackers to gain
remote
       access and execute arbitrary code on vulnerable systems
    Overview
    X-Force Incident Command is monitoring what claims to be the first
in a
    series of blog posts from security researcher, Simone Margaritelli,
    detailing a vulnerability in the Common Unix Printing System (CUPS),
    which purportedly can be exploited by sending a specially crafted
HTTP
    request to the CUPS service. The vulnerability affects various
UNIX-based
    operating systems, including but not limited to, Linux and macOS. The
    vulnerability can be exploited to gain remote access to affected
systems,
    allowing attackers to execute arbitrary code and potentially gain
    elevated privileges. X-Force is investigating the disclosure and
    monitoring for exploitation. We will continue to monitor this
situation
    and provide updates as available.
    Key Findings
       The vulnerability affects various UNIX-based operating systems,
       including but not limited to, Linux and macOS
       All versions of Red Hat Enterprise Linux (RHEL) are affected,
but are
       not vulnerable in their default configurations.
       The vulnerability can be exploited by sending a specially
crafted HTTP
       request to the CUPS service
       The vulnerability allows attackers to gain remote access to
affected
       systems and execute arbitrary code
       The vulnerability has been identified as high severity, with
potential
       for significant impact on affected organizations
    Mitigations/Recommendations
       Disable the CUPS service or restrict access to the CUPS web
interface
       In case your system can’t be updated and you rely on this service,
       block all traffic to UDP port 631 and possibly all DNS-SD traffic
       (does not apply to zeroconf)
       Implement additional security measures, such as network
segmentation
       and access controls, to limit the spread of the vulnerability
       Conduct thorough vulnerability assessments and penetration
testing to
       identify and remediate any other potential vulnerabilities
       Implement robust incident response and disaster recovery plans to
       mitigate the impact of a potential breach
https://securityintelligence.com/news/fysa-critical-rce-flaw-in-gnu-
linux-systems/
And this...
    That doomsday critical Linux bug: It's CUPS. May lead to remote
hijacking
    of devices
    No patches yet, can be mitigated, requires user interaction
    Thu 26 Sep 2024 // 17:34 UTC
    Final update After days of anticipation, what was billed as one or
more
    critical unauthenticated remote-code execution vulnerabilities in all
    Linux systems was today finally revealed.
    In short, if you're running the Unix printing system CUPS, with
    cups-browsed present and enabled, you may be vulnerable to attacks
that
    could lead to your computer being commandeered over the network or
    internet. The attacks require the victim to start a print job. Do
not be
    afraid.
    The bugs were found and privately reported by software developer
Simone
    Margaritelli who has now openly disclosed the security weaknesses in
    detail here. This write-up is said to be part one of two or maybe
three,
    so expect more info at some point.
    He went public today at 2000 UTC after seemingly becoming
frustrated with
    the handling of his vulnerability reports by CUPS developers. No
patches
    are available yet. Public disclosure was previously expected to be no
    later than September 30.
      Disable and/or remove the cups-browsed service.
      Update your CUPS installation to bring in security updates if or
when
      available.
      Block access to UDP port 631 and consider blocking off DNS-SD, too.
      It affects "most" Linux distros, "some" BSDs, possibly Google
ChromeOS,
      Oracle's Solaris, and potentially others, as CUPS is bundled with
      various distributions to provide printing functionality.
      To exploit this across the internet or LAN, a miscreant needs to
reach
      your CUPS service on UDP port 631. Hopefully none of you have that
      facing the public internet. The miscreant also has to wait for
you to
      start a print job.
      If port 631 isn't directly reachable, an attacker may be able to
spoof
      zeroconf, mDNS, or DNS-SD advertisements to achieve exploitation.
      Details of that path will be disclosed later, we're promised.
   If you don't have cups-browsed on your system, you're good. If you
don't
   need CUPS, consider removing it all from your computer just to be
safe. If
   you never print anything, you're probably also good.
   How would a vulnerable system be hijacked? "A remote unauthenticated
   attacker can silently replace existing printers’ (or install new
ones) IPP
   URLs with a malicious one, resulting in arbitrary command execution
(on
   the computer) when a print job is started (from that computer)," says
   Margaritelli.
https://www.theregister.com/2024/09/26/cups_linux_rce_disclosed/
Not only Macs, but possibly Chromebooks.
I disabled cups-browsed. Guess I'm good. Doomsday averted.
MacOS was mentioned by Lunduke, but he also pointed out that he wasn't
sure if it affected them. He did mention that ChromeOS was affected.
My understanding is that CUPS is still supported in MacOS, but they
started to depreciate its use over a year ago, replacing it with
AirPrint(?), with the apparent intent to get rid of CUPS entirely.

As such, Apple could probably send out a security patch pretty quickly
that puts CUPS support onto an enable/disable switch, and move the
default to 'disable' (or remove it entirely), and many users would
probably never even notice.
Post by CrudeSausage
As
far as I can tell, fixing the problem will also require a user who needs
to print to return to the Stone Age in terms of configuration.
My quick search on the subject suggests that the main MacOS customers of
CUPS are home users who are using it to keep an old printer alive.
Post by CrudeSausage
I assume
that plugging the printer directly to the computer will not be
considered insecure, but any kind of automated network connectivity is
going to be a problem.
Either way, this is serious and Linux users shouldn't casually dismiss
this. It should also be noted that this is just one of the many such
problems that are going to arise in the future.
Agreed.


-hh
rbowman
2024-09-27 18:06:19 UTC
Reply
Permalink
Post by CrudeSausage
As
far as I can tell, fixing the problem will also require a user who needs
to print to return to the Stone Age in terms of configuration.
People printing hardcopy already are in the Stone Age.
Chris Ahlstrom
2024-09-27 19:02:39 UTC
Reply
Permalink
Post by rbowman
Post by CrudeSausage
As
far as I can tell, fixing the problem will also require a user who needs
to print to return to the Stone Age in terms of configuration.
People printing hardcopy already are in the Stone Age.
C'mon, man, sometimes you need a few pages of printout that you can study
while ensconced upon "the throne". You might accidentally drop your tablet into
the crapper.

And sometimes you want to markup a diagram with a pen.

Stone age?
--
<Deek> That reminds me, we'll need to buy a chainsaw for the office. "In
case of emergency, break glass"
rbowman
2024-09-27 20:01:20 UTC
Reply
Permalink
Post by Chris Ahlstrom
C'mon, man, sometimes you need a few pages of printout that you can
study while ensconced upon "the throne". You might accidentally drop
your tablet into the crapper.
The last thing I remember printing was a conservation permit. That's
usually a base for a fishing or hunting license but theoretically you need
it to hike/camp on state lands. I used to get the tribal permit to hike on
the rez but after they raised it to $100 they can kiss my white butt.

Anyway, there is an app for that now...

I used to print stuff out. There was a comb binding machine and an
assortment of various sized combs to make a neat job plus a number of the
traditional three ring binders. I haven't done that in years.

When we shut down the division in January and moved to another part of the
building the PM had to work his way through 25 years of hardcopy
proposals, documentation, and so forth. We got a laugh from some of the
walk down memory lane. It was almost as good as looking through the stacks
of obsolete programming books. Many trees sacrificed their lives.
RonB
2024-09-27 23:14:14 UTC
Reply
Permalink
Post by rbowman
Post by Chris Ahlstrom
C'mon, man, sometimes you need a few pages of printout that you can
study while ensconced upon "the throne". You might accidentally drop
your tablet into the crapper.
The last thing I remember printing was a conservation permit. That's
usually a base for a fishing or hunting license but theoretically you need
it to hike/camp on state lands. I used to get the tribal permit to hike on
the rez but after they raised it to $100 they can kiss my white butt.
I print my proof of insurance cards because I don't always carry a
smartphone with me when I drive.

I actually find quite a few uses for my printer.
--
“Evil is not able to create anything new, it can only distort and destroy
what has been invented or made by the forces of good.” —J.R.R. Tolkien
rbowman
2024-09-28 01:45:26 UTC
Reply
Permalink
Post by RonB
I print my proof of insurance cards because I don't always carry a
smartphone with me when I drive.
State Farm provides 2 wallet sized cards. I put the one for the car in
with the registration and the other in my wallet with the other four.
(car, pickup, ans three bikes). One time I didn't have the current one in
my little deck and got a ticket for failure to show proof. No problem I
just had to take proof to the courthouse. That ticket was $250, the
speeding ticket was $35. After that I double checked.
RonB
2024-09-28 01:57:42 UTC
Reply
Permalink
Post by rbowman
Post by RonB
I print my proof of insurance cards because I don't always carry a
smartphone with me when I drive.
State Farm provides 2 wallet sized cards. I put the one for the car in
with the registration and the other in my wallet with the other four.
(car, pickup, ans three bikes). One time I didn't have the current one in
my little deck and got a ticket for failure to show proof. No problem I
just had to take proof to the courthouse. That ticket was $250, the
speeding ticket was $35. After that I double checked.
I just print the cards. That way I don't have to wait for them come in the
mail. I guess I'm not so "anti-printer" that I won't use my printer when I
need it.
--
“Evil is not able to create anything new, it can only distort and destroy
what has been invented or made by the forces of good.” —J.R.R. Tolkien
rbowman
2024-09-28 02:52:02 UTC
Reply
Permalink
Post by RonB
I just print the cards. That way I don't have to wait for them come in
the mail. I guess I'm not so "anti-printer" that I won't use my printer
when I need it.
Wait? State Farm may be too trusting. The send the cards along with the
bill for the next period which isn't due for a month. I've sometimes
wondered what would happen if I gave a cop a card that says 'Effective Jun
06 2024 to DEC 06 2024' on NAY 15 2024?

I think that's what happened the time I got stopped. When I shuffled the
deck and threw out the old ones I actually threw out the valid one. It's
always the same policy number.

I'm not anti-printer but I don't have much that needs to be printed. The
last thing I printed was my ham license and I did that at work and that
wasn't a show stopper. The last time I had to produce a license was when I
took the Advanced exam. That was a while ago since the FCC dropped the
class in 1999. I can still renew as Advanced and am stubborn enough to
keep a license they don't make anymore.

Back in the '80s I did sort of hate printers. The company I worked for
made lab apparatus and the data had to be printed. Printers weren't
exactly standardized so we would send a gopher down the street to Computer
World and buy a Okidata Buzzkill 3000. After we go that one figured out
we'd send him back with some cock and bull story to exchange it for
another brand. The crappy little thermal printers were the worst.
Chris Ahlstrom
2024-09-28 00:15:21 UTC
Reply
Permalink
Post by rbowman
Post by Chris Ahlstrom
C'mon, man, sometimes you need a few pages of printout that you can
study while ensconced upon "the throne". You might accidentally drop
your tablet into the crapper.
The last thing I remember printing was a conservation permit. That's
usually a base for a fishing or hunting license but theoretically you need
it to hike/camp on state lands. I used to get the tribal permit to hike on
the rez but after they raised it to $100 they can kiss my white butt.
Anyway, there is an app for that now...
I used to print stuff out. There was a comb binding machine and an
assortment of various sized combs to make a neat job plus a number of the
traditional three ring binders. I haven't done that in years.
When we shut down the division in January and moved to another part of the
building the PM had to work his way through 25 years of hardcopy
proposals, documentation, and so forth. We got a laugh from some of the
walk down memory lane. It was almost as good as looking through the stacks
of obsolete programming books. Many trees sacrificed their lives.
I remember strolling through the stalls at Vanderbilt's library. My God,
there were so many interesting books.

On the basement floor I found an interesting traveloque book by Philip Wylie.

(His book "Gladiator" is interesting and free as an e-book.)
--
Technicality, n.:
In an English court a man named Home was tried for slander in having
accused a neighbor of murder. His exact words were: "Sir Thomas Holt
hath taken a cleaver and stricken his cook upon the head, so that one
side of his head fell on one shoulder and the other side upon the
other shoulder." The defendant was acquitted by instruction of the
court, the learned judges holding that the words did not charge murder,
for they did not affirm the death of the cook, that being only an
inference.
-- Ambrose Bierce, "The Devil's Dictionary"
rbowman
2024-09-28 01:59:47 UTC
Reply
Permalink
Post by Chris Ahlstrom
I remember strolling through the stalls at Vanderbilt's library. My God,
there were so many interesting books.
I used to spend a lot of time in libraries. My wife was a librarian and,
strangely, the last thing she wanted to talk about was books.

I've been watching 'Wire in the Blood' and in the episode last night Hill
was researching church history and witchcraft in a library, snatching
books off the shelves and surrounding himself with piles on a worktable.
It was a bit of a nostalgic feeling. The program was from 2004; I wonder
if they would show a google search today.

The city build a new library that was to open just before covid. There is
a maker space, discovery area for kids, meeting rooms, an audiovisual
area, and even a cooking area. I don't know if there are any more books.
It's hard to tell with them spread out on more spacious shelves.

I still checkout a real book at times but most of what I get is digital,
delivered to the kindle via amazon. I did get on a C.J. Box kick after
watching 'Joe Pickett' and they do have more on the shelf rather than
available digitally so I'll have to stop in.
RonB
2024-09-27 23:10:11 UTC
Reply
Permalink
Post by rbowman
Post by CrudeSausage
As
far as I can tell, fixing the problem will also require a user who needs
to print to return to the Stone Age in terms of configuration.
People printing hardcopy already are in the Stone Age.
I print crossword puzzles because I like to use my mechanical pencils. But I
also print shipping labels, etc. My sons scan and print their art.
--
“Evil is not able to create anything new, it can only distort and destroy
what has been invented or made by the forces of good.” —J.R.R. Tolkien
rbowman
2024-09-28 02:06:48 UTC
Reply
Permalink
Post by RonB
Post by rbowman
Post by CrudeSausage
As
far as I can tell, fixing the problem will also require a user who
needs to print to return to the Stone Age in terms of configuration.
People printing hardcopy already are in the Stone Age.
I print crossword puzzles because I like to use my mechanical pencils.
But I also print shipping labels, etc. My sons scan and print their art.
About the only crossword puzzle I do anymore is in the AARP magazine. I do
them in ink... My ex has a few problems and says she doesn't have a
problem with coming up with the correct word but can't always figure out
where to put it. The brain is a very strange thing.
Chris Ahlstrom
2024-09-28 11:19:12 UTC
Reply
Permalink
Post by rbowman
Post by RonB
Post by rbowman
As far as I can tell, fixing the problem will also require a user who
needs to print to return to the Stone Age in terms of configuration.
People printing hardcopy already are in the Stone Age.
I print crossword puzzles because I like to use my mechanical pencils.
But I also print shipping labels, etc. My sons scan and print their art.
About the only crossword puzzle I do anymore is in the AARP magazine. I do
them in ink... My ex has a few problems and says she doesn't have a
problem with coming up with the correct word but can't always figure out
where to put it. The brain is a very strange thing.
I was in the Y's locker room one day and there was an AARP magazine lying on
the bench. Some old(er) guy came in and asked if it was mine. Then he said, of
AARP, "I really think they want to destroy America".

I couldn't stop a laugh from coming out.
--
<tausq> if (cb) ((cb->obj)->*(cb->ui_func))();
<knghtbrd> tausq: who the HELL wrote that ?
<tausq> me :)
* knghtbrd flogs tausq
RonB
2024-09-27 23:08:17 UTC
Reply
Permalink
Post by CrudeSausage
MacOS was mentioned by Lunduke, but he also pointed out that he wasn't
sure if it affected them. He did mention that ChromeOS was affected. As
far as I can tell, fixing the problem will also require a user who needs
to print to return to the Stone Age in terms of configuration. I assume
that plugging the printer directly to the computer will not be
considered insecure, but any kind of automated network connectivity is
going to be a problem.
Either way, this is serious and Linux users shouldn't casually dismiss
this. It should also be noted that this is just one of the many such
problems that are going to arise in the future.
The fix is to disable or uninstall cups-browsed. I did so and my printer
works fine for printing and scanning on my network. You can also just
block the UDP Port 631, which on most home machines is not exposed to the
Internet anyhow.

This is not a serious problem for most home Linux users. Another overblown
"catastrophe" warning.
--
“Evil is not able to create anything new, it can only distort and destroy
what has been invented or made by the forces of good.” —J.R.R. Tolkien
CrudeSausage
2024-09-28 11:52:11 UTC
Reply
Permalink
Post by RonB
Post by CrudeSausage
MacOS was mentioned by Lunduke, but he also pointed out that he wasn't
sure if it affected them. He did mention that ChromeOS was affected. As
far as I can tell, fixing the problem will also require a user who needs
to print to return to the Stone Age in terms of configuration. I assume
that plugging the printer directly to the computer will not be
considered insecure, but any kind of automated network connectivity is
going to be a problem.
Either way, this is serious and Linux users shouldn't casually dismiss
this. It should also be noted that this is just one of the many such
problems that are going to arise in the future.
The fix is to disable or uninstall cups-browsed. I did so and my printer
works fine for printing and scanning on my network. You can also just
block the UDP Port 631, which on most home machines is not exposed to the
Internet anyhow.
This is not a serious problem for most home Linux users. Another overblown
"catastrophe" warning.
If this indeed solves the problem without compromising functionality,
all the better. Considering how it was presented, it truly seemed like
an issue whose solution involved crippling the operating system.
--
CrudeSausage
Catholic, paleoconservative, Christ is king
Stéphane CARPENTIER
2024-09-28 10:13:15 UTC
Reply
Permalink
Post by RonB
Post by CrudeSausage
Worse than Heartbleed, Meltdown or Spectre. According to a GitHub
"From a generic security point of view, a whole Linux system as it is
nowadays is just an endless and hopeless mess of security holes waiting
to be exploited." (kind of like Chris Ahlstrom's body)
<https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/>
Yet another "catastrophic" Linux security threat that will be fixed within
days. You realize that Cyber Security News makes their case for existence by
hyperventilating about potential "catastrophic" security threats, right?
It looks like it only affects the « ssh » access, so if you have no ssh
access on your computer, you don't have to worry. Now, as nobody knows
anything about it, it's difficult to guess how a « ssh » access can be
protected. We'll need to wait for a few days to know if it's easier to
exploit or to protect a « ssh » connexion.
--
Si vous avez du temps à perdre :
https://scarpet42.gitlab.io
Loading...