Google Hangouts 將會使用固定 IP 位置

Google 宣佈 Hangouts 將會使用固定 IP 位置,讓系統管理員更方便管理:「Dedicated Hangouts Meet IP addresses」。

We’re adding a range of official, fixed IP addresses to be used exclusively for classic Hangouts and Hangouts Meet in G Suite domains.


IPv6: 2001:4860:4864:5::0/64

然後文章裡的說明是二月 14 日會變更:

Hangouts Meet and classic Hangouts will stop using the old IP address on February 14, 2019.

管理者可以調整關於這段 IP 的流量,通常是調高優先權?不過要調低也是可以...

AWS re:Invent 2017 的影片

Twitter 上看到 Jeff Barr 引用了這份 Gist:「Links to YouTube recordings of AWS re:Invent 2017 sessions」。

由於今年開的規模又比去年大不少,影片相當多... 可以用關鍵字找來看。

Gmail 要開始導入 SMTP Strict Transport Security 了

SMTP MTA Strict Transport Security 算是 SMTP STARTTLS 裡的 HSTS 機制,而 Google 的人在 RSA Conference 上提出要開始用了:「SMTP STS Coming Soon to Gmail, Other Webmail Providers」。

Elie Bursztein, the head of Google’s anti-abuse research team, said at RSA Conference that SMTP STS will be a major impediment to man-in-the-middle attacks that rely on rogue certificates that are likely forged, stolen or otherwise untrusted. Google, Microsoft, Yahoo and Comcast are expected to adopt the standard this year, a draft of which was submitted to the IETF in March 2016.

補上去後對於 SMTP 的隱私保護就會更好了...

RSA Conference 2015 禁止 Show Girl

前幾天的消息:「RSA Conference Bans "Booth Babes"」。報導出自於「RSA Conference bans ‘booth babes’」。


All Expo staff are expected to dress in business and/or business casual attire. Exhibitors should ensure that the attire of al staff they deploy at their booth (whether the exhibitor’s direct employees or their contractors) be considered appropriate in a professional environment. Attire of an overly revealing or suggestive nature is not permitted. Examples of such attire may include but are not restricted to:

  • Tops displaying excessive cleavage;
  • Tank tops, halter tops, camisole tops or tube tops;
  • Miniskirts or minidresses;
  • Shorts;
  • Lycra (or other Second-Skin) bodysuits;
  • Objectionable or offensive costumes.

These guidelines are applicable to all booth staff, regardless of gender, and will be strictly enforced. We reserve the right to request that individual booth staff change their attire or leave the premises immediately if we feel their appearance might be offensive to other exhibitors or attendees.

讓我想起 2009 年 Yahoo! 辦的 Taiwan Open Hack Day:「Yahoo Sorry About Lap Dancers at Hack Day in Taiwan–So What's the Excuse for Last Year's Go-Go Girls?」。

反 RSA Conference 的人要另外開一個 TrustyCon...

關於 RSA 幹了什麼事情,可以參考「OWASP 取消與 RSA Conference 的合作...」這篇的說明...

剛剛在 Slashdot 上看到這些反對者決定另外成立一個 conference,叫做 TrustyCon:「RSA Boycot Group Sets Up Rival Conference」:

日期在 2/27,很理所當然的,與 RSA Conference 2014 的 2/24~2/28 衝到。

而且已經找到贊助商了,分別是 MicrosoftCloudFlare

OWASP 取消與 RSA Conference 的合作...

RSA Security 收了 NSA 的錢,並且使用 NSA 所偏好的亂數演算法的事情被爆料出來後 (而且這個演算法已經被認為是 NSA 埋後門的演算法),一直有要求 RSA Security 解釋的聲音。但 RSA Security 卻完全沒有解釋。

想當然的,陸陸續續開始有人退出今年的 RSA Conference。一開始是 F-Secure 的 CRO (Chief Research Officer) 宣布退出:「An Open Letter to the Chiefs of EMC and RSA」,後來也有不少資安領域的專家退出 (可以參考 iThome 的文章):「資安專家群起抵制RSA安全會議」。

最新的消息是 OWASP 官方決定取消與 RSA Conference 的合作關係:「OWASP terminates marketing agreement with RSA Conference. Board member cancels class out of protest.」,不過 OWASP 正式的公告還沒出來。

OWASP 在 Web 安全性這個領域可是赫赫有名... 這下今年二月底的 RSA Conference 還會有多少人「跟進」呢... 會不會停辦?

香港開源年會 2013


香港開源年會 2013」(第一屆!) 將於 10 月 19 日在香港城市大學邵逸夫創意媒體中心舉辦,現在訂機票有點晚,不過還是可以過去交流...

其實有些議程還蠻有興趣去交流的,不過剛好卡到員工旅遊啊... @_@

該來找日本的 conference 了?@_@