It was delayed, but was successful. The available metrics at the time showed that many validators did not pick up the new key, or did not store it in stable memory so every time a new VM/container/whatever started up, it had the old key. Once those were fixed, the rollover completed.
That's the problem with doing maintenance on infrastructure used by every host on the Internet. Though efforts to replace DNS with a more distributed model has never succeeded (yet).
Yeah I'm not making a point about DNSSEC or its alternatives so much as just pointing out that the last rotation was a big story, and that this is not a big story.
I guess I misinterpreted it - sorry. It must say something that it isn't a big announcement anymore: either it has gotten to the point where people expect it (good operations), or people are expecting DNSSEC to go away (bad for DNSSEC).
Still, with the reliance on the DNS for things, it would be nice to have it be secure. Or a DNS 2.0 that has solves a lot of the current issues with the protocol, but DNS has proven resilient and adaptable enough to continue working since RFC 1023 and 1035.
It was a big story because (a) it was the first time it was attempted; and (b) there were concerns that older software would need manual intervention to update the key, thus there was a need to make it into a big story to ensure appropriate folks would update the trust anchor (this turned out to be a non-issue).
Yes, I get the feeling that there were likely other reasons why they wanted the employee gone, but needed a good reason that wouldn't result in a legal complaint.
Even mentioned in a darkly humorous tone in the 1968 movie "Ice Station Zebra" (cold war thriller). The character played by Patrick McGoohan has a line: " The Russians put our camera made by our German scientists and your film made by your German scientists into their satellite made by their German scientists."
>I think it would be more appropriate to tell people to pack an AM radio in the disaster bag we’re all suppose to keep in the trunk.
From dealing with so-called "policy wonks" over the years, having a solution that requires people take action ahead of time and buy something new to replace something they had in the past is a non-starter. They most likely won't listen to anything after that. They are extremely risk-adverse in general so any change is seen as bad unless proven otherwise. It's easier (in their mind) to just force things to stay the way they are since they don't trust people to make decisions.
How many people would actually know to try the AM band in an emergency? How many people even still know how to turn their radio to an AM band? And know what station to listen to?
I think this number is waaaay smaller than anyone thinks. Especially with modern buttonless car systems.
And the pack-an-AM-radio approach is likely to fall victim to old batteries. Low probability emergency equipment people are likely to forget about.
And a common use case for this would be people evacuating a disaster area. Being able to put up a simple transmitter with localized instructions would be a very good thing. As it stands there are government transmitters out there running looped broadcasts with general information and closure information.
You can buy an emergency AM radio, fully integrated with a lithium battery, a hand crank, a tiny solar panel, a flashlight. It can also charge your phone.
Bought one, it lasted a few years of very light use, but I can’t replace the battery so it’s trash now. I don’t like having to own more things I can’t service. Especially when products tend to be non-durable.
.xyz is seen (or at least talked about) as the TLD that is used by malware distributors/spammers and often blocked or filtered by email services. I would imagine most tech startups would not want to be mistakenly put on blocklists.
As usual, the headline is more provocative than the actual article (not submitter's fault): "...U.S. corporate CEOs predicted that corporate roles that were performed in the office before the pandemic will be back in office full time within the next three years."
Basically if the job wasn't remote pre-pandemic, it likely won't be in the next few years either. Could say more about the corporate policy than the job function though.
Also get a copy of the Big Blue Book of Bicycle Repair from Park tools. A good reference before the Internet. There are other good books as well that cover specific parts - The Bicycle Wheel by Jobst Brandt is good too if you want to go really in depth on spoked wheels.
The requirements for federal government were put out a long time ago (some scientific role job descriptions date from the 80's). This prevented a lot of new grads who had degrees in fields that didn't exist in the 20th century to get denied or delayed as someone hired to be a sysadmin, or cyber analysis didn't have the correct number of math courses. Basically only a CS degree counted.
Don't know about state/local governments, but the ones I have heard about were all over the place: some just copied the federal rules, some just hired whoever they could find.
I would guess the beltway bandits will eventually change their requirements to match the federal gov't. They are already a little more lax in some areas (like the number of math courses). They really just want to say "our people meet your qualifications".
I remember hearing stories when the first traffic monitoring tools were placed on army bases. Most involved the sheer volume of game console traffic going over so-called "secure" networks.
Never underestimate the ability and drive of young, bored men and women.
That's the problem with doing maintenance on infrastructure used by every host on the Internet. Though efforts to replace DNS with a more distributed model has never succeeded (yet).
reply