Been living in the Yucatan the last couple of years. The Mayans believe that cenotes are gateways to the underworld, so it's kinda on point. When people are having bad luck (injuries etc) and there is one nearby, they will pray and make offerings to the spirits that inhabit them. And if that doesn't work they will fire guns into them to scare them away.
I think it was the ancient Greeks(?) that walked while learning the epic poems in order to recite them by recalling their journey, using the associations made on the path they took. I think the method of loci[0] is similar except using purely imagined locations/details ("memory palace").
In India, there is an ancient art called 'avadhAnam'[1][2], where questioners pose various questions to the performer. This performer has to answer questions partially in a verse form, and this can go on for days, if 1000 people are involved. These people have to recite these 1000 verses after everything is over. Performer should not use pen, paper or any recording. These guys memorize many Indian texts that contain verses.
This is probably the minimum you should do. I remember a time when IPMI on (some?) Supermicro boards was really really insecure. From the IPMI client, you could set the encryption mode to "0" ("null encryption" or something, I dunno it's been years)- setting it allowed you to bypass the password completely. Assume if you can touch the IPMI, the system is yours.
IPMI is still a festering cesspool no matter which vendor. Assume that layer 3 access to the IPMI grants you unrestricted persistent code execution on the managed system and design for with it in mind.
Restrict access as tightly as possible. If you only need to power up/down/reset the system and access the serial console most IPMI implementations expose that via SSH. A small SSH proxy that exposes only those features would be a good investment. e.g. `ssh bastion [status|up|down|cycle|reset|console] <server>`. You could probably write it in <100 lines as SSH forced command. Deploy the SSH client to a different VRF (aka network namespace/vnet jail/rdomain) than the SSH server to make it harder to leak traffic from the bastion.
Used to work ops at AWS. I don't know if it's still the case but it required VERY HIGH management approval to actually flip any lights on their "status page" (likely it was referenced in some way for SLAs and refunding customers).
That is an excellent illustration to Goodhart's law. We're going to have this avesome status page, but since if we update it the clients would notice the system is down, we're going to put a lot of barriers to putting the actual status on that page.
Also probably a class action suit lurking somewhere in there eventually.
I'd like to imagine this as an early step towards omnidirectional point-to-point links blasting through the planet at each other to replace the need for switching/routing.
That is indeed the catch-all to which I refer, yes. From my comment:
> [...] but sellers get around that by saying the substance is for research purposes only and not for human consumption; then you simply consume it anyway.
NASA had a mission called AIM (Aeronomy of Ice in the Mesosphere) that observed noctilucent clouds, but it looks like the satellite stopped sending data in March of last year?
reply