home.social

#hugops — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #hugops, aggregated by home.social.

  1. Found out as I was trying to log the book I just finished that the #bookwyrm instance I was on, bookrastinating.com, is down, and apparently has been for close to two weeks... I do hope it comes back. #hugops to the admins. I know what it's like to maintain community infrastructure on your own time and dime. Sometimes life gets in the way of things.

    thenighthas.me/@bookrastinatin

  2. Found out as I was trying to log the book I just finished that the #bookwyrm instance I was on, bookrastinating.com, is down, and apparently has been for close to two weeks... I do hope it comes back. #hugops to the admins. I know what it's like to maintain community infrastructure on your own time and dime. Sometimes life gets in the way of things.

    thenighthas.me/@bookrastinatin

  3. Found out as I was trying to log the book I just finished that the #bookwyrm instance I was on, bookrastinating.com, is down, and apparently has been for close to two weeks... I do hope it comes back. #hugops to the admins. I know what it's like to maintain community infrastructure on your own time and dime. Sometimes life gets in the way of things.

    thenighthas.me/@bookrastinatin

  4. Found out as I was trying to log the book I just finished that the #bookwyrm instance I was on, bookrastinating.com, is down, and apparently has been for close to two weeks... I do hope it comes back. #hugops to the admins. I know what it's like to maintain community infrastructure on your own time and dime. Sometimes life gets in the way of things.

    thenighthas.me/@bookrastinatin

  5. Releasing a universal #Linux #kernel #exploit with very little or even no previous time to distribute a patch through distributions is not cool. Doing it on the day before a weekend - on two weekends in a row - is just being an asshole. Looking at you, #CopyFail and #DirtyFrag.

    You may think it helps your PR, that people will queue to use your cool new AI/agentic/whatever tool because you found the bug. You may think that releasing the full exploit because somebody else was even quicker with "leaking" your cool find makes it right. You're wrong. This is neither responsible nor coordinated disclosure. In security, we've tried to learn the hard lessons on keeping in-production, live systems on a global scale safer.

    Yes, those bugs have existed for a long time in the kernel source. Yes, other bad actors may already have found them. But you're shining a light on it *and* giving every script kiddie in the world a working exploit to point their mass scans at. That's dangerous. There's a reason why the normal process is to reach out at least to the most widely installed distributions before releasing the bug details publicly. There's a reason why 90 days is a good default - it allows downstream percolation of patches. You can still get the credit. This way, you only create stress for admins.

    [For a little relief, refer to tomshardware.com/tech-industry for a quick mitigation, because updating kernels and rebooting a fleet of hosts just takes time, weekend or not. #HugOps]

  6. Releasing a universal #Linux #kernel #exploit with very little or even no previous time to distribute a patch through distributions is not cool. Doing it on the day before a weekend - on two weekends in a row - is just being an asshole. Looking at you, #CopyFail and #DirtyFrag.

    You may think it helps your PR, that people will queue to use your cool new AI/agentic/whatever tool because you found the bug. You may think that releasing the full exploit because somebody else was even quicker with "leaking" your cool find makes it right. You're wrong. This is neither responsible nor coordinated disclosure. In security, we've tried to learn the hard lessons on keeping in-production, live systems on a global scale safer.

    Yes, those bugs have existed for a long time in the kernel source. Yes, other bad actors may already have found them. But you're shining a light on it *and* giving every script kiddie in the world a working exploit to point their mass scans at. That's dangerous. There's a reason why the normal process is to reach out at least to the most widely installed distributions before releasing the bug details publicly. There's a reason why 90 days is a good default - it allows downstream percolation of patches. You can still get the credit. This way, you only create stress for admins.

    [For a little relief, refer to tomshardware.com/tech-industry for a quick mitigation, because updating kernels and rebooting a fleet of hosts just takes time, weekend or not. #HugOps]

  7. Releasing a universal #Linux #kernel #exploit with very little or even no previous time to distribute a patch through distributions is not cool. Doing it on the day before a weekend - on two weekends in a row - is just being an asshole. Looking at you, #CopyFail and #DirtyFrag.

    You may think it helps your PR, that people will queue to use your cool new AI/agentic/whatever tool because you found the bug. You may think that releasing the full exploit because somebody else was even quicker with "leaking" your cool find makes it right. You're wrong. This is neither responsible nor coordinated disclosure. In security, we've tried to learn the hard lessons on keeping in-production, live systems on a global scale safer.

    Yes, those bugs have existed for a long time in the kernel source. Yes, other bad actors may already have found them. But you're shining a light on it *and* giving every script kiddie in the world a working exploit to point their mass scans at. That's dangerous. There's a reason why the normal process is to reach out at least to the most widely installed distributions before releasing the bug details publicly. There's a reason why 90 days is a good default - it allows downstream percolation of patches. You can still get the credit. This way, you only create stress for admins.

    [For a little relief, refer to tomshardware.com/tech-industry for a quick mitigation, because updating kernels and rebooting a fleet of hosts just takes time, weekend or not. #HugOps]

  8. Releasing a universal #Linux #kernel #exploit with very little or even no previous time to distribute a patch through distributions is not cool. Doing it on the day before a weekend - on two weekends in a row - is just being an asshole. Looking at you, #CopyFail and #DirtyFrag.

    You may think it helps your PR, that people will queue to use your cool new AI/agentic/whatever tool because you found the bug. You may think that releasing the full exploit because somebody else was even quicker with "leaking" your cool find makes it right. You're wrong. This is neither responsible nor coordinated disclosure. In security, we've tried to learn the hard lessons on keeping in-production, live systems on a global scale safer.

    Yes, those bugs have existed for a long time in the kernel source. Yes, other bad actors may already have found them. But you're shining a light on it *and* giving every script kiddie in the world a working exploit to point their mass scans at. That's dangerous. There's a reason why the normal process is to reach out at least to the most widely installed distributions before releasing the bug details publicly. There's a reason why 90 days is a good default - it allows downstream percolation of patches. You can still get the credit. This way, you only create stress for admins.

    [For a little relief, refer to tomshardware.com/tech-industry for a quick mitigation, because updating kernels and rebooting a fleet of hosts just takes time, weekend or not. #HugOps]

  9. Releasing a universal #Linux #kernel #exploit with very little or even no previous time to distribute a patch through distributions is not cool. Doing it on the day before a weekend - on two weekends in a row - is just being an asshole. Looking at you, #CopyFail and #DirtyFrag.

    You may think it helps your PR, that people will queue to use your cool new AI/agentic/whatever tool because you found the bug. You may think that releasing the full exploit because somebody else was even quicker with "leaking" your cool find makes it right. You're wrong. This is neither responsible nor coordinated disclosure. In security, we've tried to learn the hard lessons on keeping in-production, live systems on a global scale safer.

    Yes, those bugs have existed for a long time in the kernel source. Yes, other bad actors may already have found them. But you're shining a light on it *and* giving every script kiddie in the world a working exploit to point their mass scans at. That's dangerous. There's a reason why the normal process is to reach out at least to the most widely installed distributions before releasing the bug details publicly. There's a reason why 90 days is a good default - it allows downstream percolation of patches. You can still get the credit. This way, you only create stress for admins.

    [For a little relief, refer to tomshardware.com/tech-industry for a quick mitigation, because updating kernels and rebooting a fleet of hosts just takes time, weekend or not. #HugOps]

  10. Happy Sunday morning to everyone except Netlify who let their critical-path `netlify.app` domain expire. #hugops for their teams working incident response.

    Now everyone's sites are down if they are using `sitename.netlify.app` CNAME records with third-party DNS providers, as is recommended in most cases. 🙃

    I posted a workaround here, which should help if your DNS records have low TTL: answers.netlify.com/t/my-websi

  11. Happy Sunday morning to everyone except Netlify who let their critical-path `netlify.app` domain expire. #hugops for their teams working incident response.

    Now everyone's sites are down if they are using `sitename.netlify.app` CNAME records with third-party DNS providers, as is recommended in most cases. 🙃

    I posted a workaround here, which should help if your DNS records have low TTL: answers.netlify.com/t/my-websi

  12. Happy Sunday morning to everyone except Netlify who let their critical-path `netlify.app` domain expire. #hugops for their teams working incident response.

    Now everyone's sites are down if they are using `sitename.netlify.app` CNAME records with third-party DNS providers, as is recommended in most cases. 🙃

    I posted a workaround here, which should help if your DNS records have low TTL: answers.netlify.com/t/my-websi

  13. Happy Sunday morning to everyone except Netlify who let their critical-path `netlify.app` domain expire. #hugops for their teams working incident response.

    Now everyone's sites are down if they are using `sitename.netlify.app` CNAME records with third-party DNS providers, as is recommended in most cases. 🙃

    I posted a workaround here, which should help if your DNS records have low TTL: answers.netlify.com/t/my-websi

  14. Happy Sunday morning to everyone except Netlify who let their critical-path `netlify.app` domain expire. #hugops for their teams working incident response.

    Now everyone's sites are down if they are using `sitename.netlify.app` CNAME records with third-party DNS providers, as is recommended in most cases. 🙃

    I posted a workaround here, which should help if your DNS records have low TTL: answers.netlify.com/t/my-websi

  15. Hier ein paar Hugs für die Ops unter euch. 🫂🫂🫂🫂🫂🫂 #hugops

  16. Hier ein paar Hugs für die Ops unter euch. 🫂🫂🫂🫂🫂🫂 #hugops

  17. Hier ein paar Hugs für die Ops unter euch. 🫂🫂🫂🫂🫂🫂 #hugops

  18. Hier ein paar Hugs für die Ops unter euch. 🫂🫂🫂🫂🫂🫂 #hugops

  19. Hier ein paar Hugs für die Ops unter euch. 🫂🫂🫂🫂🫂🫂 #hugops

  20. #hugops to everybody at Canvas, and the innumerable students, admins, and faculty at all the impacted organizations

  21. #hugops to everybody at Canvas, and the innumerable students, admins, and faculty at all the impacted organizations

  22. #hugops to everybody at Canvas, and the innumerable students, admins, and faculty at all the impacted organizations

  23. #hugops to everybody at Canvas, and the innumerable students, admins, and faculty at all the impacted organizations

  24. #hugops to everybody at Canvas, and the innumerable students, admins, and faculty at all the impacted organizations

  25. Aber mal ernsthaft: Wenn bei mir um 22:00 das Handy klingeln würde mit der Meldung "alle .de Domains lösen gerade nicht mehr auf!" und es meine Verantwortung wäre den Kram zu fixen: Soviel Grundeis für meinen Arsch gäbe es gar nicht.

    Ich bin gespannt auf das Post-Mortem. Und bis dahin: Lieben Dank für das schnelle fixen, #DENIC Menschen! :hug: #HugOps

  26. Aber mal ernsthaft: Wenn bei mir um 22:00 das Handy klingeln würde mit der Meldung "alle .de Domains lösen gerade nicht mehr auf!" und es meine Verantwortung wäre den Kram zu fixen: Soviel Grundeis für meinen Arsch gäbe es gar nicht.

    Ich bin gespannt auf das Post-Mortem. Und bis dahin: Lieben Dank für das schnelle fixen, #DENIC Menschen! :hug: #HugOps

  27. Aber mal ernsthaft: Wenn bei mir um 22:00 das Handy klingeln würde mit der Meldung "alle .de Domains lösen gerade nicht mehr auf!" und es meine Verantwortung wäre den Kram zu fixen: Soviel Grundeis für meinen Arsch gäbe es gar nicht.

    Ich bin gespannt auf das Post-Mortem. Und bis dahin: Lieben Dank für das schnelle fixen, #DENIC Menschen! :hug: #HugOps

  28. Aber mal ernsthaft: Wenn bei mir um 22:00 das Handy klingeln würde mit der Meldung "alle .de Domains lösen gerade nicht mehr auf!" und es meine Verantwortung wäre den Kram zu fixen: Soviel Grundeis für meinen Arsch gäbe es gar nicht.

    Ich bin gespannt auf das Post-Mortem. Und bis dahin: Lieben Dank für das schnelle fixen, #DENIC Menschen! :hug: #HugOps

  29. Aber mal ernsthaft: Wenn bei mir um 22:00 das Handy klingeln würde mit der Meldung "alle .de Domains lösen gerade nicht mehr auf!" und es meine Verantwortung wäre den Kram zu fixen: Soviel Grundeis für meinen Arsch gäbe es gar nicht.

    Ich bin gespannt auf das Post-Mortem. Und bis dahin: Lieben Dank für das schnelle fixen, #DENIC Menschen! :hug: #HugOps