5
c2wiki
3y

So basically a friend was tasked with doing some syadmin on a propietary system running on top of GNU/Linux (they distribute the software as a distro).

Called me about an hour ago because there was some odd stuff happening so I log into the system and start figuring out what the actual fuck is up.

Just now we discovered that for a certain critical feature you just need to trust that there will be no eavesdroppers, meaning you send system credentials in cleartext over the network, and it won't work if it's not so.

Of course, some tunnels and routing later (which by the way, is "manual" configuration which is highly discouraged by the creators of this piece of crap) we kind of managed to overcome this obvious fail.

Now then, can you please explain me again how is it that these companies grab open source, make useless layers that limit it in every way possible and still profit? I mean, for fucks sake, you should at least let people manage shit with standard, well understood tools instead of "improving system administration", "easing it for...", for whom?

I'm so happy to log into our production server and be welcomed by beastie.

Comments
Add Comment