[ Politics ] Open Question : I’m supposed to feel sorry for Government workers when they didn’t have any savings or a good enough credit score to get a loan?

Don’t cry when hard times come and you didn’t have anything saved up and never paid your bills so now you can’t get a loan. When you’re screwed you’re screwed

Openstack Error: No valid host was found. There are not enough hosts available

As a purpose of testing, I am trying to spin up instances of large size, I mean of 8 vCPU’s and greater than 20 GB memory, with 50 GB storage. Physical host has 48 GB RAM and 16 CPU. But everytime receives the same error

Failed to perform requested operation on instance "TestBigVM", the instance has an error status: Please try again later [Error: No valid host was found. There are not enough hosts available.]. 

In nova compute log, this is the last entry, and can’t see any errors:

2019-01-20 22:39:46.447 16511 INFO nova.compute.resource_tracker [req-ded356b5-7a71-451d-a834-db9e696b07dd - - - - -] Final resource view: name=openstack.xxyyzz.com phys_ram=49139MB used_ram=512MB phys_disk=49GB used_disk=0GB total_vcpus=16 used_vcpus=0 pci_stats=[] 

Have googled so many links like https://ask.openstack.org/en/question/54326/cant-create-instance-no-valid-host-was-found-nova-compute-is-not-running/ and then also tried virt_type=kvm or qemu, but everything failed.

Is there any alternative or legitimate solution for this.? Stuck in between some task and this is very critical for the assigned task. Any help would really be appreciated.

Is a fake address/info to an ISP/service enough to be untraceable in theory?

It got me thinking recently. Wouldn’t a fake/incorrect address be enough to deter investigating/finding a criminal via cyberspace? The reason we know it’s so easy to find someone is because they give their real address/info to an ISP — so obviously with this info they can easily get to someone’s residence.

What if you sign-up for some kind of ISP/service while:

1.Giving a different name/alias than your birth/real name (usually allowed).

2.Do so online (anonymity — you can use any kind of library, cafe, public IP, VPN, etc. with a throaway device) and thus nobody can see/know who is signing up and can’t act as a witness for someone.

3.Use some prepaid card/etc. that was also registered with an alias and has no real address linked.

4.Do something blatantly illegal using this ISP (which doesn’t have a social security number since it’s not require — i.e., you can get a phone service with ISP and do not need SSN/etc. in the U.S. — and also no real name, number or address to where they can provide authorities any real kind of leads).

How could they find the person? If they use the ISP given, it can be local or remote. If it’s remote they can try and ask the company for info, but the company will only give the info they got and it’s insufficient to have any possible leads with an alias; no social security number; and no real address.

You can argue it’s possible to narrow down where the person could live, but they could move. Also, nobody knows what they look like and could be using highly anonymous means (i.e., very secured operating system leaving no means of a network trace). With all of this it seems theoretically impossible to identify any criminal. Payment method has no easy trace; everything could be done online these days and fake/wrong addresses are among the easiest things to provide. Face is unknown due to internet anonymity from the very source to the very end of the means of a crime.

Using the internet isn’t like a phone call — you can’t merely triangulate/narrow down an exact location a person is connecting from if there is no way to find GPS traces/etc. from such a device.

On TV shows like Criminal Minds they make it seem like they can super-easily trace and lock-down even the smartest criminals, but I’m skeptical that in real-life these methods are anywhere comparable. Also, with zero leads and no address/name I’d imagine most authorities would give up.

So how easy is it really to be untraceable or theoretically untraceable given the ease of fake info/no face/no traces or leads/no social security info/addresses/lack of details to even begin identifying?

Is API whitelisting safe enough for a HTTP Basic protected server available on the internet?

We are discussing about making available through the internet one of our microservices deployed on a public cloud on Kubernetes. This ms offers some sensitive information to the clients.

This microservices will be protected by HTTP Basic security and be exposed with TLS.

In addition we intend to add IP whitelisting to limit the range of IPs that can access it, so only our corporate network computers will be allowed to access it.

Is IP whitelisting safe enough, is it hackeable in some way?

Any recommendation to improve this approach or directly avoid it?

Did not have room enough to load ROS on 1 GB former windows machine!

I used LinuxLive USB Creator to totally remake my former Windows 8.1 machine with 1000 GB into Ubuntu 18.04. I tried to load ROS Melodic but during installation it said I ran out of disk space! What? So I reloaded Ubuntu 18.04 and when I go to other locations is says “Computer 1.7 GB/ 2.0 BR available / and on the next line says: 1.0 TB Volume 926.5 GB / 983.4 GB available /dev/sda1 When I clidk on the 1.0 TB Volume is lists the standard (/bin/ /boot/ /dev/ stuff. I do not want to try to reload ROS until I know I can access the 1 GB drive space so I do not run into another aborted ROS installation. If I get another ROS aborted installation, no problem. I will, again (sigh..) Go back an reboot the whole machine. I already donated $ 100.00 to ROS and still have not passed their course at this point. Any help is appreciated before I donate another $ 100.

Ubuntu is good stuff, but I’m thinking why not just buy a Ubuntu 18.04 box? I’m not going to make a career as a system admin, just want to finish my robot.

Thanks haibuogao@gmail.com or ju78iklo9@yahoo.com

Is forbiding the ; char enough to prevent SQL injection?

Disclaimer: Parameterized queries are the way to go, no need to discuss about that 🙂

I’ve seen the following code at a friends place:

var query = "SELECT * FROM students WHERE name = " + name; 

with name being a user provided variable. My obvious reaction was like “Hey John, are you not afraid of SQL injection?”. He than stated, that he knows he should parameterize the query but it’s not needed for this case as the user is allowed to read everything and he built a simple solution to prevent editing the table/database:

if(query.Contains(';') { throw new Exception(); } 

I know I could do something like

name = Felix OR 1 = 1 

but this would do no harm as the user is allowed to read everything.

My question is: Is John really right? Is there no way to bypass this simple check to insert, update or delete an entry?

Is ssh with public key authentication, no passwords secure enough?

I have a web server set up and would like to connect to it from outside using Tor. The web server simply serves up a simple webpage that will act as an interface for a program running on the machine. It is not meant to be accessible by anyone else.

If I set up another computer with SSH and set to log in using SSH keys to act as an SSH tunnel, is this secure enough from most attackers?

With the SSH tunnel and Tor in place, is there a reason to use SSL or is all this secure enough? What attacks are still possible and how do I defend against them?

Are there enough curves (to connect ‘points’ of f.g. algebras)?

(Intuition: any two points in a connected space may be connected by a path. I would like to know if something like this holds in certain category of `connected algebraic spaces’. I formulate the precise question in terms of commutative algebra.)

Let $ {\cal A}$ be the category of finitely generated $ {\mathbb{C}}$ -algebras with exactly two idempotents.

Let $ {f, g : A \rightarrow \mathbb{C}}$ be two maps in $ {\cal A}$ .

Does it exist a map $ {c : A \rightarrow C}$ (always in $ {\cal A}$ ) with $ C$ a curve such that both $ f$ and $ g$ factor through $ c$ ? (I.e. such that there are maps $ {f’, g’ : C \rightarrow \mathbb{C}}$ such that $ {f’ c = f}$ and $ {g’ c = g}$ .)