MESSAGE
| DATE | 2018-03-04 |
| FROM | valdis.kletnieks@vt.edu
|
| SUBJECT | Re: [Hangout - NYLXS] Year 2038 time set problem
|
From hangout-bounces-at-nylxs.com Mon Mar 5 20:45:40 2018
Return-Path:
X-Original-To: archive-at-mrbrklyn.com
Delivered-To: archive-at-mrbrklyn.com
Received: from www2.mrbrklyn.com (www2.mrbrklyn.com [96.57.23.82])
by mrbrklyn.com (Postfix) with ESMTP id 9070316113A;
Mon, 5 Mar 2018 20:45:39 -0500 (EST)
X-Original-To: hangout-at-www2.mrbrklyn.com
Delivered-To: hangout-at-www2.mrbrklyn.com
Received: by mrbrklyn.com (Postfix, from userid 1000)
id 7E9E2161134; Mon, 5 Mar 2018 20:45:37 -0500 (EST)
Resent-From: Ruben Safir
Resent-Date: Mon, 5 Mar 2018 20:45:37 -0500
Resent-Message-ID: <20180306014537.GQ2765-at-www2.mrbrklyn.com>
Resent-To: hangout-at-mrbrklyn.com
X-Original-To: ruben-at-mrbrklyn.com
Delivered-To: ruben-at-mrbrklyn.com
Received: from omr1.cc.vt.edu (outbound.smtp.vt.edu [198.82.183.121])
by mrbrklyn.com (Postfix) with ESMTP id 5E839161132
for ; Sun, 4 Mar 2018 23:16:06 -0500 (EST)
Received: from mr3.cc.vt.edu (mr3.cc.vt.edu
[IPv6:2607:b400:92:8500:0:7f:b804:6b0a])
by omr1.cc.vt.edu (8.14.4/8.14.4) with ESMTP id w254G6mV003252
for ; Sun, 4 Mar 2018 23:16:06 -0500
Received: from mail-qt0-f198.google.com (mail-qt0-f198.google.com
[209.85.216.198])
by mr3.cc.vt.edu (8.14.7/8.14.7) with ESMTP id w254G14V007712
for ; Sun, 4 Mar 2018 23:16:06 -0500
Received: by mail-qt0-f198.google.com with SMTP id g13so13226233qtj.15
for ; Sun, 04 Mar 2018 20:16:06 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:sender:from:to:cc:subject:in-reply-to:references
:mime-version:content-transfer-encoding:date:message-id;
bh=60WyMjfCm8Ze7xu1fMsQTBrUtY0WEY/1s/idCAHaFSA=;
b=Mq1WQIzhJJiIExzYq9TceBoAU1p8U23QN7Ex/P0Zl54ozO+DE2VC2e97vpz/MV84MG
wmUuDUVBMr3hUp0DHxgJwtoHpeeGBrNFCt7GtA6kOFU8aQEqmuk7CBLQkISKQRt9CiwT
ILlUSe/FqPCUATld2PtigRZr4h55H1cCdYjJGyc/Y4L7Tu26KwZf8f9IpoHV/B2zSzLb
zCK/OzZmztzIUgwX4AL/+wurw/zdaOK7BoJizTWpjowpxpeV+IqK772SD8YFGXye23vY
n6PSHoTTruw44/7t5TPXeHYluv5BDbYLo7yRilvw/WEWoMhZvgsEjF5sGM1BLPH5I1HZ
dTVQ==
X-Gm-Message-State: AElRT7HhZIq8gkpMFOjgd6a1L2Axo129oX/zjgfsP4lmrSL2579D8Uyr
3QG8KtzITR/6NmwhoOeS8M11D7wqSXYbJQpw8o4Vj0RciIYKPPIm5AckZsd+8HR9Eu5I4MF0r5Z
aByXVl2KbHjbHJ+GvOXo8vcn1VYhtDogpYwlUAamWe5eiOEIRG47AzLpfNgeNW25214sEwgsl5/
5V0WA=
X-Received: by 10.55.97.66 with SMTP id v63mr19266417qkb.266.1520223360675;
Sun, 04 Mar 2018 20:16:00 -0800 (PST)
X-Google-Smtp-Source: AG47ELvQbXQ928h0YLdOM0tWCRtfiOfwqJkZVmsnLfO39qVJgjqzIc1Ff9w7iH56/MaIX1Gm+qnyEA==
X-Received: by 10.55.97.66 with SMTP id v63mr19266406qkb.266.1520223360411;
Sun, 04 Mar 2018 20:16:00 -0800 (PST)
Received: from turing-police.cc.vt.edu
([2601:5c0:c001:4342:f962:5e05:19b5:1136])
by smtp.gmail.com with ESMTPSA id n187sm7857381qke.48.2018.03.04.20.15.58
(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
Sun, 04 Mar 2018 20:15:58 -0800 (PST)
From: valdis.kletnieks-at-vt.edu
X-Google-Original-From: Valdis.Kletnieks-at-vt.edu
X-Mailer: exmh version 2.8.0 04/21/2017 with nmh-1.7+dev
To: Ruben Safir
In-Reply-To: <80280427-f23e-ae30-a3cd-5230c7a5de06-at-mrbrklyn.com>
References:
<77520.1520202258-at-turing-police.cc.vt.edu>
<80280427-f23e-ae30-a3cd-5230c7a5de06-at-mrbrklyn.com>
Mime-Version: 1.0
Date: Sun, 04 Mar 2018 23:15:58 -0500
Message-ID: <118179.1520223358-at-turing-police.cc.vt.edu>
X-UID: 46784
Cc: kernelnewbies-at-kernelnewbies.org
Subject: Re: [Hangout - NYLXS] Year 2038 time set problem
X-BeenThere: hangout-at-nylxs.com
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: NYLXS Tech Talk and Politics
List-Unsubscribe: ,
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: multipart/mixed; boundary="===============0922501139=="
Errors-To: hangout-bounces-at-nylxs.com
Sender: "Hangout"
--===============0922501139==
Content-Type: multipart/signed; boundary="==_Exmh_1520223358_14985P";
micalg=pgp-sha1; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
--==_Exmh_1520223358_14985P
Content-Type: text/plain; charset=us-ascii
On Sun, 04 Mar 2018 21:21:13 -0500, Ruben Safir said:
> I am not setting up a high availability cluster in my house, thank you.
> And fwiw, I've run systems for 6-8 years without rebooting on pc
> hardware. My little fanless fit/pc service running an intel atom had at
> one time run 5 years without rebooting. I only had a system fry once
> while it was up an running since the late 1990's until today, and in
> that case it was wild power surge and the hardware was up and running in
> 20 minutes with a swap out of the hard drive.
The fact that you've kept a system going for 8 years without a reboot
isn't proof that actually doing so is a good idea security wise.
> The linux kernel is integrated into dozens of devices which never see
> the light of day for kernel upgrades from PPOE routers, IOT devices,
> cellphones, VOIP boxes, electrocardiograms, menu displays for McDonalds,
> signal boxes on train systems, etc etc etc.
The big problem *there* isn't that a reboot is often required.
The problem is that the vendors won't ship a patched system to reboot *into*.
> What has been described is a huge security problem and your solution is
> a non-starter and doesn't help the broader problem.
I repeat what I said - if you can't afford a reboot because it's mission critical,
you can't afford to *not* be doing HA or load balancing or something.
The Internet of Pwned Things problem is with systems where a reboot *is*
feasible (are you going to notice if your light bulb reboots at 3AM when it's
off anyhow?), but vendors have no ecomonic incentive to provide fixes after
they've got your money (unless they can monetize you post-purchase - and most
people won't pay for a support contract, so the vendor's only realistic choice is
monetizing your data..)
And that's a totally orthogonal issue.
--==_Exmh_1520223358_14985P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Comment: Exmh version 2.8.0 04/21/2017
iQEVAwUBWpzEfo0DS38y7CIcAQJ60wf+KU6jxFfFRvYssNvHe1t7r7CBU7noB3Cf
b9OlLdkiBNZkhaI15LM5SprjMeAcj1Va8agMZ7x0jge0xPjnGguuIQorFG8gjR+X
uX7x5e0DpvCb9TBedQUc3VxeQmaQHZ3sGHZ3h8nKqqRo2E9/jKvGEEkI9mfmPxYy
x7ASOQckgBGsOvRicZx1ImmirjNKjOpl2BxHpGhBITWR5aIcDFDOgdiWo0534xNA
B8EW/QtXWxFNrsy6Ia6EZc4/2a6uF9IhTpGI9h5amuUzt4Vdn3LYoZK6+4Fcrtme
hgCj2eqpHb5ceEw5UK6arVzky4o071IIarQDB9Hcxx3GKIGPJed40A==
=LenI
-----END PGP SIGNATURE-----
--==_Exmh_1520223358_14985P--
--===============0922501139==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
Hangout mailing list
Hangout-at-nylxs.com
http://lists.mrbrklyn.com/mailman/listinfo/hangout
--===============0922501139==--
--===============0922501139==
Content-Type: multipart/signed; boundary="==_Exmh_1520223358_14985P";
micalg=pgp-sha1; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
--==_Exmh_1520223358_14985P
Content-Type: text/plain; charset=us-ascii
On Sun, 04 Mar 2018 21:21:13 -0500, Ruben Safir said:
> I am not setting up a high availability cluster in my house, thank you.
> And fwiw, I've run systems for 6-8 years without rebooting on pc
> hardware. My little fanless fit/pc service running an intel atom had at
> one time run 5 years without rebooting. I only had a system fry once
> while it was up an running since the late 1990's until today, and in
> that case it was wild power surge and the hardware was up and running in
> 20 minutes with a swap out of the hard drive.
The fact that you've kept a system going for 8 years without a reboot
isn't proof that actually doing so is a good idea security wise.
> The linux kernel is integrated into dozens of devices which never see
> the light of day for kernel upgrades from PPOE routers, IOT devices,
> cellphones, VOIP boxes, electrocardiograms, menu displays for McDonalds,
> signal boxes on train systems, etc etc etc.
The big problem *there* isn't that a reboot is often required.
The problem is that the vendors won't ship a patched system to reboot *into*.
> What has been described is a huge security problem and your solution is
> a non-starter and doesn't help the broader problem.
I repeat what I said - if you can't afford a reboot because it's mission critical,
you can't afford to *not* be doing HA or load balancing or something.
The Internet of Pwned Things problem is with systems where a reboot *is*
feasible (are you going to notice if your light bulb reboots at 3AM when it's
off anyhow?), but vendors have no ecomonic incentive to provide fixes after
they've got your money (unless they can monetize you post-purchase - and most
people won't pay for a support contract, so the vendor's only realistic choice is
monetizing your data..)
And that's a totally orthogonal issue.
--==_Exmh_1520223358_14985P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Comment: Exmh version 2.8.0 04/21/2017
iQEVAwUBWpzEfo0DS38y7CIcAQJ60wf+KU6jxFfFRvYssNvHe1t7r7CBU7noB3Cf
b9OlLdkiBNZkhaI15LM5SprjMeAcj1Va8agMZ7x0jge0xPjnGguuIQorFG8gjR+X
uX7x5e0DpvCb9TBedQUc3VxeQmaQHZ3sGHZ3h8nKqqRo2E9/jKvGEEkI9mfmPxYy
x7ASOQckgBGsOvRicZx1ImmirjNKjOpl2BxHpGhBITWR5aIcDFDOgdiWo0534xNA
B8EW/QtXWxFNrsy6Ia6EZc4/2a6uF9IhTpGI9h5amuUzt4Vdn3LYoZK6+4Fcrtme
hgCj2eqpHb5ceEw5UK6arVzky4o071IIarQDB9Hcxx3GKIGPJed40A==
=LenI
-----END PGP SIGNATURE-----
--==_Exmh_1520223358_14985P--
--===============0922501139==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
Hangout mailing list
Hangout-at-nylxs.com
http://lists.mrbrklyn.com/mailman/listinfo/hangout
--===============0922501139==--
|
|
