Check It Out

Links to cool places or things.

There are 1,530 posts filed in Check It Out (this is page 9 of 153).

Iranian Missile Accidentally Brought Down Ukrainian Jet, Officials Say – The New York Times

Called this yesterday. Loss of a single engine won’t down a plane and Iranian officials declared it a mechanical problem before the fires were even out. Condolences to the victims.

WASHINGTON — An Iranian missile accidentally brought down a Ukrainian jetliner over Iran this week, killing everyone aboard, American and allied officials said on Thursday, adding a tragic coda to the escalated military conflict between Washington and Tehran.

Prime Minister Justin Trudeau of Canada said his country had intelligence that an Iranian surface-to-air missile brought down the jetliner, which was carrying 63 Canadians among its some 176 passengers and crew. Mr. Trudeau said his conclusion was based on a preliminary review of the evidence but called for a full investigation “to be convinced beyond all doubt.”

Source: Iranian Missile Accidentally Brought Down Ukrainian Jet, Officials Say – The New York Times

Facebook bans ads from The Epoch Times after huge pro-Trump buy

Facebook kicked these guys off their ad platform in August 2019. Apparently that didn’t last long as I got two ads for The Epoch Times in my Facebook feed today:

Back by popular demand?


I guess Zuckerberg loves money more than morals.

Facebook has banned The Epoch Times, a conservative news outlet that spent more money on pro-Trump Facebook advertisements than any group other than the Trump campaign, from any future advertising on the platform.

The decision follows an NBC News report that The Epoch Times had shifted its spending on Facebook in the last month, seemingly in an effort to obfuscate its connection to some $2 million worth of ads that promoted the president and conspiracy theories about his political enemies.

“Over the past year we removed accounts associated with the Epoch Times for violating our ad policies, including trying to get around our review systems,” a Facebook spokesperson said. “We acted on additional accounts today and they are no longer able to advertise with us.”Facebook’s decision came as a result of a review prompted by questions from NBC News. The spokesperson explained that ads must include disclaimers that accurately represent the name of the ad’s sponsors.

Source: Facebook bans ads from The Epoch Times after huge pro-Trump buy

Teen Vogue story on Facebook prompts sponsored content fears, vanishes – Business Insider

This is some sneaky shit on Facebook’s part.

After pondering it for a day, I think its audience wasn’t Teen Vogue but actually Congress. Not that anyone in Congress reads Teen Vogue, but Facebook COO Sheryl Sanberg was all too happy to crow about this puff piece. I think Facebook was trying desperately to show Congress its serious about policing itself when in actuality it only cares about money.

I feel bad for Teen Vogue as the teen magazine has been running really good stories explaining cybersecurity. Of course, they also run stories telling teens about the joys of anal sex, so it’s a wash I guess. At any rate,any credibility Teen Vogue may have had is gone now. Hope the money was worth it.

Here’s the original story, captured by The Internet Archive’s magnificent Wayback Machine.

(Also, that’s the least clickbait-y headline EVER. Obviously it wasn’t meant for teens.)

An uncritical story in Teen Vogue about Facebook’s efforts to secure its social network ahead of the 2020 election caused bewilderment over contradictory messages about whether it was paid for by Facebook — before it just disappeared completely.

On Wednesday, Teen Vogue published “How Facebook Is Helping Ensure the Integrity of the 2020 Election.” It’s a 2,000-plus-word story comprising a series of interviews with various senior Facebook employees about how the Silicon Valley tech giant is working to avoid nefarious political activity in the US’s coming presidential election.

The positive tone of the piece, and lack of byline indicating who wrote it, led some on Twitter to speculate that it was a piece of sponsored content — that is, an article paid for and overseen by Facebook to promote itself.

This suspicion was seemingly confirmed when, some time after publishing, Teen Vogue appended a note to the top of the story, reading: “Editor’s note: This is sponsored editorial content.”

The note raised questions about editorial ethics — why wasn’t this disclosed from the start? — but the saga didn’t end there. Facebook instead denied that it was sponsored content, saying it was just a regular article, and the note disappeared from the top of the story again.

Source: Teen Vogue story on Facebook prompts sponsored content fears, vanishes – Business Insider

bellingcat – Guide To Using Reverse Image Search For Investigations – bellingcat

Reverse image search is one of the most well-known and easiest digital investigative techniques, with two-click functionality of choosing “Search Google for image” in many web browsers. This method has also seen widespread use in popular culture, perhaps most notably in the MTV show Catfish, which exposes people in online relationships who use stolen photographs on their social media.

However, if you only use Google for reverse image searching, you will be disappointed more often than not. Limiting your search process to uploading a photograph in its original form to just images.google.com may give you useful results for the most obviously stolen or popular images, but for most any sophisticated research project, you need additional sites at your disposal — along with a lot of creativity.

This guide will walk through detailed strategies to use reverse image search in digital investigations, with an eye towards identifying people and locations, along with determining an image’s progeny. After detailing the core differences between the search engines, Yandex, Bing, and Google are tested on five test images showing different objects and from various regions of the world.

Source: bellingcat – Guide To Using Reverse Image Search For Investigations – bellingcat

How Lindsey Graham Lost His Way – Rolling Stone

Lindsey Graham and Donald Trump were born nine years and one month apart. Trump came first, but when they appear side by side, as they often do these days, the men look about the same age. On November 6th, in the East Room of the White House, the president held an event to mark the record number of federal judges his administration has appointed, and Graham was there, having played a critical role in the achievement as chairman of the Senate Judiciary Committee. Trump’s staff had scheduled the event in part to shift focus from the House impeachment investigation, to remind any wobbly Republicans of the reason they’d held their noses and voted for the guy in the first place.

Over the course of his three terms representing South Carolina in the Senate, Graham had become predominantly known for two things: extreme hawkishness on foreign policy, following the lead of his close friend and mentor, the late Arizona Sen. John McCain, and a bipartisan streak that resulted in high-profile attempts to cut big deals on issues like immigration reform and climate change. A former senior staffer for a Democratic senator who has worked alongside Graham on bipartisan legislation tells me, “Like John McCain, he was a conservative Republican, but it was always worth asking where he was going to be on a particular issue, because he wasn’t completely beholden to party orthodoxy. He’d often be way out ahead of his staff, negotiating on the Senate floor unbeknownst to them, and they would be playing catch-up.

Will Folks, a conservative political blogger in South Carolina, says, “The joke here is Graham has a ‘count to six’ approach to governing: He spends the first four years of his term doing whatever he wants, veering off toward the left, and then the last two years, when the electorate is paying more attention, he comes right.

”Graham is “never flustered, and just a natural at dealing with people who don’t like him,” says David Woodard, a political-science professor at Clemson University who ran Graham’s first two campaigns for the House of Representatives and recalls the first-term congressman as quickly becoming the unofficial social director for his freshman class, though he added, “You’re going to find Lindsey knows a lot of people, but he’s not close to anybody.”

Source: How Lindsey Graham Lost His Way – Rolling Stone

A Letter From Gary Larson | TheFarSide.com | TheFarSide.com

Gary Larson has finally arrived online and the promise of new The Far Side cartoons is in the air, yet I don’t know how I feel about this. I will always love The Far Side but I cringe at the thought of the new stuff not measuring up to old stuff. I also miss seeing the cartoon nestled in the comics pages of an actual newspaper. And, truth be told, Larson’s hero status fell in my eyes when he aggressively chased his cartoons off the Internet.

Twelve years after I wrote that I still feel the same way. Now that Larson wants to join the party is he still welcome? Does The Far Side belong on the Internet at all, even if it’s Larson’s own doing? Or should it ride off into the sunset along with the newspaper industry?

I kinda wish I hadn’t had to ponder this question.

Truthfully, I still have some ambivalence about officially entering the online world — I previously equated it to a rabbit hole, although “black hole” sometimes seems more apropos — but my change of heart on this has been due not only to some evolution in my own thinking, but also in two areas I’ve always cared about when it comes to this computer/Internet “stuff”: security and graphics.

Source: A Letter From Gary Larson | TheFarSide.com | TheFarSide.com

Families Don’t Use Landlines Anymore – The Atlantic

The early telephone’s bulky size and fixed location in the home made a phone call an occasion—often referred to in early advertisements as a “visit” by the person initiating the call. (One woman quoted in Once Upon a Telephone recalls the phone as having the “stature of a Shinto shrine” in her childhood home.) There was phone furniture—wooden vanities that housed phones in hallways of homes, and benches built for the speaker to sit on so they could give their full attention to the call. Even as people were defying time and space by speaking with someone miles away, they were firmly grounded in the space of the home, where the phone was attached to the wall.

Over the course of the 20th century, phones grew smaller, easier to use, and therefore less mystical and remarkable in their household presence. And with the spread of cordless phones in the 1980s, calls became more private. But even then, when making a call to another household’s landline, you never knew who would pick up. For those of us who grew up with a shared family phone, calling friends usually meant first speaking with their parents, and answering calls meant speaking with any number of our parents’ acquaintances on a regular basis. With practice, I was capable of addressing everyone from a telemarketer to my mother’s boss to my older brother’s friend—not to mention any relative who happened to call. Beyond developing conversational skills, the family phone asked its users to be patient and participate in one another’s lives.

Source: Families Don’t Use Landlines Anymore – The Atlantic

A Destroyer – By John Steinbeck

USS Elliot (DD-967) in North Arabian Gulf, circa 1998

John Steinbeck spent a few weeks aboard a destroyer in World War II, the USS Knight (DD-663), and wrote this ode to destroyers called “A Destroyer” in 1943. It appeared in a collection of his dispatches published in 1958 in a book called Once There Was a War.

I think it sums up life on a destroyer quite well.

A destroyer is a lovely ship, probably the nicest fighting ship of all. Battleships are a little like steel cities or great factories of destruction. Aircraft carriers are floating flying fields. Even cruisers are big pieces of machinery, but a destroyer is all boat. In the beautiful clean lines of her, in her speed and roughness, in her curious gallantry, she is completely a ship, in the old sense.

For one thing, a destroyer is small enough so that her captain knows his whole crew personally, knows all about each one as a person, his first name and his children and the trouble he has been in and is capable of getting into. There is an ease on a destroyer that is good and a good relationship among the men. Then if she has a good captain you have something really worth serving on.

The battleships are held back for a killing blow, and such a blow sometimes happens only once in a war. The cruisers go in second, but the destroyers work all the time. They are probably the busiest ships of a fleet. In a major engagement, they do the scouting and make the first contact. They convoy, they run to every fight. Wherever there is a mess, the destroyers run first. They are not lordly like the battleships and the men who work them are seamen. In rough weather they are rough, honestly and violently rough.
Continue reading

AD/LDAP authentication on Linux hosts

I’ve been working with the Lightweight Directory Access Protocol (LDAP) for 18 years now. Then Microsoft embraced and extended LDAP with Active Directory. Nowadays most companies base all of their authentication and authorization on Active Directory and for good reason. In a Windows-only world it works great. For a mixed-platform environment, it’s a bit more difficult to make work.

I recently worked out how to make Linux systems authenticate against Active Directory using only the LDAP protocol and wanted to share it here for any fellow DevOps/sysaedmins who might want to try it themselves. The goals were to do it with minimum fuss and using the native tools – no third-party apps. I also want to do it solely with LDAP and not have to worry about pointlessly “joining” a Linux host to a domain.

The modern way that Red Hat likes to connect Linux hosts to AD like to do this is to use the SSSD suite of packages, join the host to the Active Directory tree, and talk to AD directly. This seems like a lot of bloat to me when all you need is authentication. Fortunately, you can use the “legacy” means and do it all with LDAP libraries.

Bridging Active Directory and Linux hosts

One way to integrate Linux/UNIX hosts into AD is to add Microsoft Windows Services for UNIX (SFU) schema extensions. This means every AD entry would be defined with common Unix attributes like uid (user id) and gid (group id). These could sometimes get out of sync with the AD attributes and at any rate would require constant updating of the AD records.

Ideally, we won’t depend on Services for UNIX additions in AD and the complexity it brings. Instead, we’ll identify standard AD attributes and map them to Linux/UNIX equivalents. The nss-pam-ldapd package allows us to do this in the /etc/nslcd.conf file, which we’ll see in a minute.

Differences between CentOS 6/AWS and CentOS 7 hosts

One stumbling block has been that Amazon Linux (amzn) uses old, old libraries, based on CentOS 6 packages. The nss-pam-ldapd package which ships with this version of Amazon Linux is version 0.7.5; a version too old to include the mapping functionality we need to avoid using Services for UNIX.

Fortunately, we can remove the amzn version and add an updated one. I have tested one I have found at this link which updates any amzn hosts to the 0.9.8 version of nss-pam-ldapd.

The version of nss-pam-ldapd that ships with CentOS 7 is 0.8.3 and works fine with attribute mapping.

Obtaining the domain’s ObjectSID

The goal of using a directory is consistency. If a user appears in AD, that user will be available to Linux hosts. Also, that user will be treated the same on every directory-equipped server as that user will ideally have the same uid/gid. Without adding Services for UNIX, we need some way to ensure a uid on one host is consistent with the uid on another host. This is done by nss-pam-ldapd by mapping Linux uid/gids to their equivalents in AD, called ObjectSIDs. You need to obtain your AD server’s domain ObjectSID.
Continue reading

The Book of Prince | The New Yorker

On January 29, 2016, Prince summoned me to his home, Paisley Park, to tell me about a book he wanted to write. He was looking for a collaborator. Paisley Park is in Chanhassen, Minnesota, about forty minutes southwest of Minneapolis. Prince treasured the privacy it afforded him. He once said, in an interview with Oprah Winfrey, that Minnesota is “so cold it keeps the bad people out.” Sure enough, when I landed, there was an entrenched layer of snow on the ground, and hardly anyone in sight.

Prince’s driver, Kim Pratt, picked me up at the airport in a black Cadillac Escalade. She was wearing a plastic diamond the size of a Ring Pop on her finger. “Sometimes you gotta femme it up,” she said. She dropped me off at the Country Inn & Suites, an unremarkable chain hotel in Chanhassen that served as a de-facto substation for Paisley. I was “on call” until further notice. A member of Prince’s team later told me that, over the years, Prince had paid for enough rooms there to have bought the place four times over.

My agent had put me up for the job but hadn’t refrained from telling me the obvious: at twenty-nine, I was extremely unlikely to get it. In my hotel room, I turned the television on. I turned the television off. I had a mint tea. I felt that I was joining a long and august line of people who’d been made to wait by Prince, people who had sat in rooms in this same hotel, maybe in this very room, quietly freaking out just as I was quietly freaking out.

Source: The Book of Prince | The New Yorker