Posts by GeekyOldFart

Re: Colourful Comments in Code

There was one time when a long-standing bug in a different package, developed in-house but by another team, had gone unfixed for so long it had whiskers.

Then a colleague of mine realised that as a "fresh set of eyes" on it, each of the two teams led the code review of the other's changes. So, every time his code called the other package's API he'd have a comment along the lines of "They still haven't fixed this. Apply dodgy workaround AGAIN."

After a month or two of this it was suddenly fixed - and in the comments of their code when we reviewed it was "Shut up, [colleague's name]"

Re: never being a good operating system of theirs

"You can loath AD simply because evidently you don't have to manage large organizations security. It's not rare that even organizations using a lot of Linux servers rely on Windows Domain Controllers."

You may not be aware of this, if you are an AD specialist, but there's almost nothing you can do in AD that you can't do with tools available on linux or, indeed, any *nix out there. Since I have experience of managing both environments as a standalone ecosystem and many hybrid ones, I'm aware of both. The mixed environments tended to vary as to which one held the master back-end, often based upon what they set up originally. These design decisions tend to persist more tenaciously as the size of the org increases.

My current gig is at a corp with around 12000 workstations and servers to manage - it's windows-centric but with a significant number of linux servers alongside the windows ones. Here it's all done with AD. At my last position at a somewhat larger corp, their history was all unix servers of one flavour or another although the workstations were mostly windows and they now have a significant number of windows servers as well. Their infrastructure is now linux-based with AD taking a much more secondary role. Managing the two is different but they both work just fine and achieve the same things for their respective infrastructures.

Re: Wrong question

Not just the wrong question in the sense of "you should be asking something else" but also "wrong" in a very fundamental way. It rests on the whole "Only criminals have anything to fear from this" fallacy that has been part of the authoritarian playbook utilised by everyone from the Gestapo to the Stazi, to the KGB - and ever more increasingly by the right wing of our supposed democracies, as they seem to be sliding more and more into the authoritarian space.

I've actually nothing against conservatism - a healthy democracy NEEDS a conservative voice participating in it to curb the sometimes-excessive enthusiasm of a diverse bunch of "progressives" and I can see that even though I probably fall into the progressive camp myself. But when the politics starts to slide into authoritarianism and autocracy, then I'd suggest that there are freedoms involved that should be "conserved"

Re: Memories

There's a reason experienced typists handled early versions of wordstar and wordperfect so seamlessly.. The workflow was set up to mimic that of a typewriter. You'd set up all your document formatting before you started typing. with the settings all named the same as typists were familiar with. This design choice was why many typists stuck with wordperfect even when wordfperect was behind the curve and very late to the WYSIWYG party. Even after WP ended up with WYSIWYG (in version 4, I think it was?) you could still use that same workflow with the same keyboard shortcuts to access it while Word made this "typist's workflow" not impossible but harder to access.

Exactly this.

outsourcing between business entities has its advantages (IMHO far outweighed by the risks, but as I said, that's just my opinion) but when government - ANY government - tries it, it always ends up with crappy service and the business entity sucking so hard on the teats that the poor cash-cow practically turns inside out.

Re: Gibson already predicted the outcome: Columbian Data Havens

Well, if the mafia can deliver pizza...

Re: C is the new COBOL

Even today, perl has its place - because of the "regex thingy"

Peri is simply easier than almost anything else when it comes to sometimes-quite-complex regexes. I doubt that makes me a "genius" at parsing them, but I've never had a problem with script readability because of it.

Re: "Clearview doesn't want to come defend its technology in court"

"So, did the gun match the bullets ? Did it ? Because I believe we have actual reliable technology to determine that. And if it did, then screw this facial recog stuff, that guy is guilty."

IANAL but my understanding of US rules of evidence is that if the search warrant was invalid, nothing they found under it is admissible - I believe they call it "fruit of the poison tree."

So no evidence derived from the gun recovered in an improperly issued search warrant can be used. I believe that there are nuances around it but as a rule of thumb "If they wouldn't have it without the improper search, it doesn't exist for the purposes of investigating or prosecuting the case"

That's why the screwup by the cops is so egregious, because even if the guy IS guilty, now no evidence recovered in the search, or anything derived from it, is usable at all and if they want to prove their case they have to do it without any of that. They'd have been better off not making the invalid search in the hope that they could gather a VALID lead to that evidence later, one that wouldn't poison the results of recovering it.

Re: Auto-Account Deletion

Mater tuam caligas gerit.

Re: Interesting stuff

"If you don't know where you're from, you don't know where you are. If you don't know where you are, you don't know where you're going. And if you don't know where you're going, you're probably going wrong."

There was - and probably still is - a last-resort unhandled exception trap on the AS/400 which resulted in the error message "Here be dragons. Call (developer's name)" - not cleaned up when it all rolled to production. Had it demonstrated to me by a colleague who once worked alongside said developer at Big Blue.

Re: Russian safety net

Identifying them is still a worthwhile goal. Sure, maybe they have no plans to travel and intend to stay under their Russian rock beyond the reach of other nations law enforcement... But they are betting their future on Uncle Vlad not keeling over from a heart attack or being toppled from power, and if neither of those happens, or his replacement is even worse, they've burned any escape route if the increasingly-capricious Russian regime takes a dislike to them for any reason. This guy now has a target on his back that won't ever go away.

Criminals in general, cyber-criminals in particular, love to delude themselves that they are the smartest person in the game and so it will never happen to them. Sooner or later, like this guy, they all demonstrate the fallacy of that assumption.

Re: Not a universal definition

"...GPL places restrictions on how the source code can be taken and modified that are not present in the more open licenses..."

While technically correct, this is a statement I'm more used to hearing from open-source opponents. The restrictions in the GPL on taking and modifying code can be summed up as "You can't make a derivative work based on this code that is less free* than this code is" and so we got the still-continuing wailing about how the GPL somehow forces you to open the source of your crown jewels, about how it prevents building a commercial product using it etc. None of which are true.

The GPLs sway stops at the API. You want a closed-source - and presumably one you can monetise - product that uses the GPLed codes functionality? Fine. Write your closed source stuff such that it interacts with the GPLed stuff through a documented API. A dependency on having a GPLed module being present, and probably installed separately, doesn't make your product fall under the GPL any more than a dependency on a redistributable .net runtime means all your base are belong to Microsoft (although I'm sure they wish it did.) If the API doesn't expose the stuff you need, use the open source model to add to its functionality. You'll need to open that source code, of course, which means your competitors can use it too, but if your confidence in your closed-source product that works with it is good, that shouldn't be a scary thing.

Unless, of course, you're one of these software firms that likes to stop anyone else trying to do it better with a barrage of lawsuits rather than keeping the development of their own product ahead of the competition.

Re: "Other Sensors"

One alternative I had considered was a balsa, doped fabric skin model glider with a drone powerpack, battery and electric moters with lower rpm, larger plastic propellers(s) - all of which could be quite large with an extremely small radar footprint. Could be rather quiet if slow but the payload could be considerably larger.

So basically a balsa V1. Run your engine to get to height (needing only minimal battery cap for what could be quite an extended range), then glide to here. Release payload then destroy yourself (with balsa and doped fabric construction that could be as simple as "set yourself on fire") before you run out of airspace in your glide. Could be easily constructed out of innocent-seeming components but you might have to think some about how to build in its navigation capability so it has higher precision than V1-style "point it at its target and give it only enough fuel to get there". It would put the price of a single-use platform up a bit

Re: Utter boll lox but it will happen!

There was a valid reason for expanded data sharing during the pandemic - the larger data sets were needed for urgent research. Expanding and extending the same at this point would have value to researchers in the biosciences but has to be carefully scrutinised to make sure exactly what you're concerned about happening can't. This "Whoa, Nellie!" to NHS England is the system working as designed, with an overenthusiastic NHS region being told to step back and make sure they do it right rather than charging ahead.

As for "I'll believe it when..." nothing referred to by this article will permit your proposed test scenario to "pass" - That's down to failures within the NHS tech infrastructure which this doesn't address.

Re: I strayed into this IOT hellscape briefly

"...but it all seems to be web based for some unaccountable reason on web protocols (my guess is that it was all the programmers who first cooked this stuff up could figure out how to do)."

And there you have it. Being one if the first not-a-physicist guys to experience the web it has been a source of much head-shaking to watch it change. What it was designed for, to share and interconnect information and to serve media, it got better and better at, becoming the almost-infinite resource of data, both good and bad, that it is today. But along the way some lazy numpty who didn't want to be bothered coding a dedicated server daemon bolted some command and control functions into a web script, wrote some clunky-as-F html to masquerade as a client-side UI. And here we are on this bandwagon with "everything's done over the web" so much the norm that to 90% of folks now, "the internet" means nothing but http(s).

Re: Down among the robots

"what a wanker, took me and the apprentice 3 days....and 2 of those were sitting the inn leering at the wenches..."

There is a REASON that the blacksmith, or the tinker and his "hammer" are such a feature of many of the bawdiest folk-songs.

Re: VMS

At a major London medical school around that same time frame "Invite them to come talk to us" was a euphemism for locking their account...

Re: ‘The land of the free’

* Some restrictions apply. Void where prohibited.

Re: Beyond me

"We can't boot into safe mode because our BitLocker keys are stored inside of a service that we can't login to because our AD is down."

On my site I opened the (hard copy, in the safe) "oh shit" file to get the relevant local admin password, left my office, walked briskly down the corridor to the onsite server room and got one DC up in safe mode to do the fix. Then I changed that single-use local admin password before heading back to my office and updating the hard copy file with the new password before locking it away again.

Meanwhile the rest of my team were making use of the one DC I'd resurrected to get all the other impacted servers up into "safe mode with networking" now that they could talk to a DC, allowing them to login with their domain admin accounts AND access the bitlocker keys and perform the fix.

Once we had the AD infrastructure up and running the desktop support folks went into high gear busily fixing all the impacted workstations and laptops

A similar story played out on all my employers sites worldwide and we had pretty much every server - even the non-critical ones - back online before noon UTC and 99% of workstations and laptops fixed by midafternoon. None of which would have happened that fast without that hard copy file. Sometimes the best tech solution is decidedly low-tech :)