Re: CTRL+F
So am I.
Lessons need to be learnt!
Posts by Yorick Hunt
109 publicly visible posts • joined 25 Nov 2022
Yet another UK public sector data blab, this time info of pregnant women, cancer patients
Cisco intros AI to find firewall flaws, warns this sort of thing can't be free
Wednesday 6th December 2023 05:21 GMT 
"warns this sort of thing can't be free"
So the bugs and vulnerabilities are provided free of charge even on the base model devices, but security fixes/patches/upgrades "can't be free?" Same old, same old, eh?
I'd much rather have security provided free of charge, with bugs and vulnerabilities being offered as an optional extra. I'd even be happy to pay $500 a month on a five-year contract for bugs!
Citrix pulls the plug on its User Group Community
CISA details twin attacks on federal servers via unpatched ColdFusion flaw
UEFI flaws allow bootkits to pwn potentially hundreds of devices using images
Saturday 2nd December 2023 06:20 GMT
I was savagely downvoted when I made this observation regarding XP vs Win10/11, but this is the same scenario...
When you have a known insecure platform (BIOS or XP), you know to take measures to secure it. But when you're told "trust us, this is ultra secure, don't ask questions" (UEFI or Win10/11), you're not only lulled but forced to accept their claims - only to eventually realise that they were full of political promises.
Scores of US credit unions offline after ransomware infects backend cloud outfit
US lawmakers have Chinese LiDAR on their threat-detection radar
Plex gives fans a privacy complex after sharing viewing habits with friends by default
Wednesday 29th November 2023 04:10 GMT
Re: "on by default"
As Microsoft, Google, Meta (and many others) have shown, just because you can set an option to enable privacy, doesn't mean you'll actually get privacy.
Just like peeing yourself whilst wearing black trousers - you'll get a warm feeling, but the net result is inconsequential if not detrimental.
Wednesday 29th November 2023 04:07 GMT
"the list of your content is paginated in the browser because they can't or won't do an endless-scrolling type arrangement"
The new "Jellyfin Vue" sub-project is a new web UI re-written from scratch to give a completely new take on presentation. Still experimental, so only worth playing with if you have time on your hands.
"my only gripe is that it doesn't seem to be able to handle libraries - e.g. for Anime - that contain both TV shows and films; it's one or the other"
When creating a new library, there IS a type labelled "Mixed Films and Programmes," which might serve your needs - but it's a relatively new option and I haven't tried it, so don't take this as an endorsement - just an observation.
The Reddit Sub was abandoned by the development team a while back (when Reddit controversially changed their policies), but it still exists and has a mountain of useful info & hints. The Jellyfin forum is far less informative alas, as nobody saw any reason to re-post what was previously posted to Reddit.
Trio of major holes in ownCloud expose admin passwords, allow unauthenticated file mods
Stop shaming service providers for outages, argues APNIC chief scientist
Monday 27th November 2023 00:52 GMT
Re: Indeed...
I was actually referring to the level of customer service that Dodo is known for - absolutely pathetic by any metric, but ultimately no worse than that provided by Sloptus.
There WAS a time when Optus was a capable provider/carrier, but those days ceased back in the (very) early 2000s.
Friday 24th November 2023 02:42 GMT 
Indeed...
... Don't blame the ISPs, blame the carriers - but in this case the two are conveniently one and the same.
All I've been able to do when thinking about this fiasco was PMSL, in utter disbelief that there are still idiots willing to entrust Sloptus with anything. Even Dodo's given them a run for their money, and that's really saying something.
New Relic warns customers it's experienced a cyber … something
Cisco whips up modded switch to secure Ukraine grid against Russian cyberattacks
US nuke reactor lab hit by 'gay furry hackers' demanding cat-human mutants
Former infosec COO pleads guilty to attacking hospitals to drum up business
CEO of self-driving cab outfit Cruise parks his career
Clorox CISO flushes self after multimillion-dollar cyberattack
Thursday 16th November 2023 02:37 GMT 
"Best Practices"
Just like other fads, "best practices" are revised on a seemingly daily basis, as the real world confronts the la-la land of the corporate world.
Rather than investing grey matter into actually locking a network down, it's far easier for those with more titles than qualifications to simply grab off-the-shelf black box solutions, citing (when the inevitable happens) "best practices" as their excuse.
Whether the CISO was dismissed or fell on her own sword is irrelevant; she'll turn up in a similar role at a similar company within weeks if not days. All while being less capable than the average teenage nerd in the realm of network security.
AI chemist creates catalysts to make oxygen using Martian meteorites
Impatient LockBit says it's leaked 50GB of stolen Boeing files after ransom fails to land
Sunday 12th November 2023 04:19 GMT
Re: Scan the data for corruption
That's a pretty hefty arse-umption you have there; did my use of multisyllabic words and lack of spelling or grammatical mistakes not give me away as a non-Septic?
"MSM" is known throughout the world (yes, even outside of the anglosphere) as the acronym for "mainstream media;" if the news sources where you live don't refer to this acronym, you're likely getting your news from the wrong sources.
Qualcomm and Iridium's satellite link-up loses signal
Tipsy tongues tell all: How your sloshed speech could snitch to Siri
Google dragged to UK watchdog over Chrome's upcoming IP address cloaking
It's perfectly legal for cars to harvest your texts, call logs
Robot mistakes man for box of peppers, kills him
Thursday 9th November 2023 06:34 GMT
Who cares about interlocks?
I almost lost my hand years ago in a filling machine, the exuberance of youth leading me to believe that diagnosis would be much quicker if I simply bypassed the safety switches. We live and learn. But this guy was no spring chicken, what was his excuse?
BTW, they're called capsicums.
You can buy personal info of US military staff from data brokers for just 12 cents a pop
Brits make Amazon, Meta stop using third-party data to undercut rivals
Apple slams Android as a 'massive tracking device' in internal slides revealed in Google antitrust battle
FBI boss: Taking away our Section 702 spying powers could be 'devastating'
Just one in ten UK orgs have significant AI investment plan
It took seven years but over-40s fired by HP win $18m settlement
Saturday 28th October 2023 09:39 GMT
Re: They wonder...
"I like to make myself indispensible to the younger folks, it keeps me employed"
Spaghetti code and zero documentation, tried and true ;-)
"You need to be the lion using your big paws to guide the cubs while they make mistakes and figure things out."
Indeed, but the problem here isn't with the young blood in the technical team - it's with the clueless young blood (young only by capacity, not by age) infesting management.
I can handle a manager of any age not having the slightest idea about technical aspects, as long as they're willing to listen to those who know - but once they jump on their "I'm a manager, I know everything" saddle, I'm out.
More's the pity for these folks who didn't have the ability/desire/forethought to leave other avenues open for themselves; it's been MANY decades since corporations last placed any value on loyalty.
Wayland heading for default status as Mint devs mix it into Cinnamon 6 bun
Saturday 28th October 2023 06:05 GMT 
I've always hated xfce - compact and nimble is nice, featureless and obtuse isn't. With Wayland's numerous "we'll get to that at some stage" features, it seems Mint is now relegating itself to the realms of "fiddlers" rather than users - and there are precious few people who can afford the time to fiddle.
Biden's facing the clock to veto Apple Watch import ban after ITC patent ruling
Privacy advocate challenges YouTube's ad blocking detection scripts under EU law
13-year Google privacy settlement pays litigants the equivalent of a Big Mac meal
Cisco to sell enterprise version of $400 Bang & Olufsen earbuds
French IT behemoth Atos facing calls for nationalization as it tries to restructure
Irish cops data debacle exposes half a million motorist records
Tuesday 24th October 2023 10:34 GMT
Whenever a "third-party contractor" is involved with a government department, I always wonder whether said "contractor" was just a friend/relative of someone high up in the government department in question. No qualifications, no previous experience, just someone who thinks "yeah, I can click a few things and make this happen."
If something like this happened in the civilian (i.e., non-government) sphere, you can bet there'd be hefty outrage and commensurate fines involved. As it stands, it's likely to evoke minimal publicity and even less compensation for those affected.
That script I wrote three years ago is now doing what? How many times?
SEC boss warns it's 'nearly unavoidable' that AI will cause financial crash
Monday 23rd October 2023 10:29 GMT 
Vaccinated investors...
... vaccinated against clues.
Was the "dotcom bubble" really that long ago that people have forgotten?
Yeah, go on, when you have more money than brains, sink it all into "the next big thing" without doing any due diligence - hundreds of press releases can't all be bull, surely? <insert facepalm emoticon here>
Biting the hand that feeds IT
