Bad Ideas: Cron Replacement on OSX 10.11


OSX 10.11, aka El Capitan, was released a few days ago and introduced System Integrity Protection (SIP). SIP is a security mechanism which, at its most basic, prevents the root user from performing all sorts of actions. It's conceptually very similar to SELinux but with none of the configuration ability. For the purposes of this post, the key "issue" is that SIP prevents root from writing to protected directories, namely /usr (amongst others).

In setting up a new machine tonight, I ran into an issue. I was unable to create a new crontab. After some digging, I realized that all of cron's magic is in /usr/lib on OSX. SIP is guarding /usr now so there's no way to get a new crontab going. That's … problematic.

Surviving A Botswarm - A User's Guide


So yeah. has been under a sustained bot incursion for a few days now. The network opers are actively working the problem the best we can. At the end of the day, though, with the existence of cheap instant virtual machines and the wonderful world of Tor, this sort of incident is difficult to stop completely.

(For the record, I don't view this as an attack. Near as I can tell, this is one kid getting his jollies by occasionally spamming channels. This thing is mostly automated except when he gets bored and tries to taunt me with rainbow colors. Which, incidentally, is why hereafter this person will be known as The Rainbow Warrior.)

Anyway, I don't really want to talk about bored 14 yr olds.

Let's talk instead about what you can do to survive a botswarm. First Community Opers


It is my privilege to announce the first batch of community opers.