Posts by Keith Langmead

UAC is probably the last big one I can think of, so Windows 7*. The last few times I've had to do work on an XP machine it was the one feature I missed, invariably logged in as a standard user and realising I needed to switch into an admin account, rather than just run the installer and enter my admin creds when prompted. Powershell being universally available would be my second thing, but that doesn't come up as much when having to support old customer machines.

* I know it was released in Vista, but IMHO it wasn't polished until 7.

Re: Define "consumer"

Yeah, sadly I suspect you're right.

Re: Viable business case?

If they're already selling the normal ZBLAN at $1000 per meter and the hoped for benefits from this method are realised, I'd have to guess they'd be able to demand significantly more money for zero-g ZBLAN. Even with the cost of getting the materials into space and the product back again, that makes me think it could easily be a very profitable venture. Especially considering weight vs value for the fibre, where weight tends to be the limiting factor for most space based manufacturing.

Zero use (at least now) to most of us, but for some of the big players with deep pockets looking at potentially slashing the TTL and increasing the speeds of their long distance connections... what wouldn't they pay for that advantage over the competition.

Re: Defragging isn't a big deal anymore

Yep indeed.

Hard Disk DRIVE

Solid State DRIVE

Re: No Twitter

"Twitter/X is a default signpost for just about every service, business and government department on the planet."

But for how long. I'd argue part of the reason it reached that point was the fact that you COULD login and interact with people/companies/departments etc if you wanted to, but if you just wanted to see the latest updates from someone you could do so without having to login at all.

As such it was a handy univeral destination that you could depend on anyone being able to access. We've long used it at work for service status updates, since it's not reliant on our infrastructure and anyone can access them there, but now that you're forced to login to see anything the utility of the service drops off.

Even though I have a twitter login, I'm not logged in on all the devices and browsers I use. On many occasions I've followed a link to see more information on something that look vaguely interesting, gotten to Twitter where it insists I first login, and decided "Nah, can't be bothered" and just gone elsewhere instead.

Re: Built to last

04) You use RemoteApp, which when combined with the Toolbars* functionality works fairly seemlessly with the task bar... but MS binned off Toolbars in Windows 11, ignoring complaints in testing about its ommission, thus making RemoteApp far more of a faff to use than it was before.

* for those unaware, with RemoteApp you can't pin the shortcuts to the task bar (or the desktop or elsewhere) because they get regularly refreshed/recreated, but you can create a Toolbar that links to the folder containing the shortcuts, and then add that to the taskbar, allowing you to fire up a remote app connection from the task bar just like you would with a local app.

Re: On the flip side

Absolutely. It helps being fairly old (24 years working in IT), so many of the core concepts people overlook today were fairly new and often talked about when I first got into computers at college.

It's so much easier to understand what's happening in front of you, when you understand what's going on behind the scenes. I must have been half way through my career when I properly learnt the binary maths behind IP addresses, subnet masks etc. Suddenly understanding WHY a subnet is the way it is, rather than relying on remembering the 255 or / notation by rote with no real grasp of what it really meant.

Binning off the Toolbar option

For me the big deal breaker is them removing Toolbars, suggesting that no one uses them even though when in testing LOADS of responses from users said they did! If you use RemoteApp it can be near seemless when used with a toolbar on Win10, but without the toolbar functionlity they've made RemoteApp use far more clunky in Win11.

"Here in the UK there is a further step or two to this...the next generation that inherits it, flogs it off to the national trust for peanuts, because they are nothing like their great great grandparents,"

Or more often, flog it for peanuts to the National Trust to avoid the crippling costs of maintaining the property + grounds, plus future costs from inheritance tax for the future generations... but with an agreement thay they retain use of the property on n many days per year for the next few hundred years. So someone else pays to maintain the place, and they get to rock up occasionally and get the benefits of the property for things like weddings, massive parties etc like they still owned it.

Re: Our internal analysis...

Yeah, as much as I'm sure they'd love that additional 2FA info, and will encourage people to use 2FA for security reasons, I can't imagine they'll ever force people to adopt it. At least not while there's nothing preventing a user searching Google or viewing Youtube without actually logging in with their Google credentials, as many would just put up with the less customised UI of both when not logged in, and Google would likely end up losing more juicy user data than they gained.

Re: In Code We Trust

Yeah, bet that's a mistake you've not made since! :) Been there, done that, got the t-shirt. Gotten into the habit these days of logging into the machine as local admin rather than domain admin to do a disjoin, that way there's no chance of doing it without knowing what the current local admin password is.

Re: Net Send was disgusting.

Oh yes. At Uni in the late 90s we had a lab full of Sun terminals. Someone knocked up a script which would rlogin to a random terminal and play water drop audio file. Looped with a random time delay, and you'd periodically hear a drip sound coming from a random part of the room. And of course since Telnet was still a thing and security wasn't, you could connect (with an appropriate SOC login obviously) from anywhere in the world to confuse whoever happened to be in there at the time. Ahhh, fun times.

Re: Client not worth paying for

Considering the latest version of Outlook for Mac doesn't support Exchange mailboxes (365 / Outlook.com fine, but no on-prem Exchange) and just shows Exchange under "Coming Soon" rather than a supported type, I think it's a bit true. You have to switch/revert to Legacy Outlook to configure an Exchange mailbox.

Re: Effective DNS Cache Size

There wouldn't be any impact on the cache size, as those permutations wouldn't be getting stored.

If Google needed to query the record for www.theregister.com then it would make the query for www.tHeRegistER.cOm, the auth DNS for theregister.com would receive that request, see that www.tHeRegistER.cOm = www.theregister.com, and reply with the answer while maintaining the ID number and case of the requested domain. Once received Google would then update its cache for www.theregister.com.

It doesn't need separate cache entries for theregister.com, tHeRegister.Com, TherEgISter.coM etc as they're all the same domain when stored in case-insensitive format. The case sensitivity is only used within the queries between Google and the Auth DNS servers, not in storage.

Re: Ditch

And as an added bonus it becomes WAY easier to control how long the meeting goes on for. For instance you can decide the meeting will only last 40 minutes, or perhaps 80 minutes etc. Or if it's gone a bit rambling at the end, rather than having to make excuses to leave you just don't re-join after the next disconnection.

Re: "Admins don't want command line interfaces"

Personally I want both! Yeah I know, wanting my cake and eating it. :)

For something I'm unfamiliar with or don't touch very often the GUI is always king, having the ability click around the UI until I find what I'm looking for (because invariably I know what it is, I just can't remember what they call it)... and crucially a fully functioning GUI, not the half arsed Exchange GUI where you can only view a subset of the information.

But for regular tasks and automation command line and scripts win out every time, both in speed, and also when scripted in consistency since you can ensure the exact same options are selected every single time.

Re: Customer Enhancement Programme

Absolutely true. Standard procedure seems to be :

1) Roll out new "feature" that no one has asked for.

2) Receive masses of negative feedback from the testing community reporting that it breaks stuff / doesn't work / is incompatible with existing and commonly used apps/hardware.

3) Ignore the feedback through a few rounds of testing.

4) Release the update (aka force it on everyone) with the "feature" unchanged.

5) Receive even more negative feedback from normal users for the same reasons that were given by the testers.

6) Pretend this is the first time they've been made aware of the issue and rush to create a fix.

Rinse and repeat.

Re: Underwhelming

Yeah hardly earth shattering, at least based on that explanation of the "vulnerability" in the article. Surely in terms of risk, this is no more than the difference you currently get in a NAT IPv4 setup between whether you have a dynamic IP address allocation from the ISP or a static IP address, and no one's suggesting that having a static IP address is a terrible thing that should be avoided at all costs. Plus, in order to take advantage of it, you as the attacker need access not just to a site/service that the victim connects to, but one that more than one of their devices including the vulnerable TV in this example connects to. All that just to know that the connection you saw yesterday came from a device on the same network as you're seeing today, but not necessarily the same actual device.

Re: So, at what point

"and how is the AI statistical analysis supposed to recognise it?"

Quite easily, simply insert the standard amount of governmental lack of knowledge of a topic, add a chorus of "you employ lots of very clever people, so you MUST be able to find a way", and then ignore any replies from those same "clever people" when they point out the thing isn't actually possible/practical.

It's the same process as we see from our Home Office demanding the tech companies both 1) keep everyone 100% secure online, and 2) allow the authorities full access to that same data.

Re: I guess I'm too much of a navigation geek...

So long as you remember that while most people generalise that the sun rises in the east and sets in the west, that's only true at around this time of year and March (eg the equinox). June/July for instance it can be closer to rising in the NE and setting NW.

Actually had to explain that to a friend on holiday in July when working out which path to take, as while I think they knew it in a factual sense, they'd never needed to think of it in a practical sense. Me on the other hand... years of trying to photograph sunrises/sunsets and planning when to be in certain locations has made me very aware of that fact. The suncalc website is probably my favourite website... after thereg of course. ;)

Without that knowledge it's fine if you're just after rough "head in a vaguely northern direction", but not so useful if you need more precision.

"The leader of that team then said the problem was as the alert was an email, they get too many of them etc"

IMHO that's one of the most critical things with any monitoring setup I've worked with, getting the dependencies setup correctly to reflect reality, and preventing those receiving the alerts from being flooded with alerts.

Eg if you have :

Firewall > Switch > HV Server > Virtual Server > various services on the server

all being monitored, where if something breaks and stops working then everything to the right of it will also be down, you only want to be alerted to the most critical item that's down on the left, otherwise for instance while you're scanning through the alerts for services on a VM that are showing as down, you can easily miss that the Firewall in front of it all has stopped responding. Off the back of that you need to have an understanding of how the infrastructure fits together, which services rely on each other etc.

At a basic level monitoring's simple, but once you start digging into it it can become a minefield.

Re: Just StackOverflow?

Yeah I was wondering the same thing. To my understanding Stack Exchange Inc is the company, Stack Overflow is just one of many sites they run on various topics.

So for instance does the purchase include Server Fault, or Super User etc? If not then presumably if they do screw up Stack Overflow you'll just find another new forum appearing with Stack Exchange to replace it.

Re: wth is it with always dns?

In my experience it's most often non-technical people including management who suggest "it'll be the DNS", often because that's the one technical thing they've heard of and they want to sound like they know what they're talking about.

Certainly among my colleagues whenever we refer to "it's always DNS" we're not seriously suggesting that it is, we're taking the piss out of former bosses who insisted that may be the cause of any issue.

Re: It would have been more interesting...

Yeah I was thinking the same thing. Surely any tech checking if the finger is real/alive has less to do with knowing the exact characteristics of a live vs dead/fake finger, and more about detecting more than just the finger print so it can then detect the difference when that state changes. Otherwise you also have to get into the realm of deciding what the acceptable range of values should be to cover everyone, since one person may naturally have much warmer or much colder fingers than someone else. So since he had access to the phone and setup the dead finger as being valid, when he then used it the phone obviously unlocked because it was a perfect match.

Makes me think of Nick Fury in Winter Soldier, where he'd previously already registered his dead eye so he had a backup in case someone removed his official working eye scan from the system.

Re: High-level manglement can be just as much a nuisance as unions

And a huge waste of time. Those "old-timey suit wearers" have likely never needed to learn how to type, so why would they start now? If you're a < 10 WPM one finger typist who can afford to pay someone else who can do the same thing at least 10x as fast then why wouldn't you? In situations like that you want systems which streamline things like dictation etc to make your current workflow faster, not binning it all and trying to learn a completely new skill while dealing with a massive drop in productivity.

I think you're right. Competition even when friendly can be a good thing. I also think moving away from the current "all our eggs in one basket" situation might not be such a bad thing either.

"You're right about legacy apploications but things need to be seriously old to cause that sort of problem."

Sage Payroll, current versions. So not a small company or a niche product, and not really a legacy app. It STILL doesn't handle UAC properly so to install an update for it you need to be logged in as an admin user. If you attempt to install the update as a normal user and enter the admin credentials via UAC you find part way through the install it breaks out of the elevated security context and back to the user context... which doesn't have permission to do the update so the update crashes and often hoses your Sage Payroll installation.

Re: Who knew data centres were tinder boxes?

Not necessarily once personnel were evacuated. While at college I did work experience at a large company with a massive mainframe + couple of minis, the place was like a rabbit's warren of kit. The guy showing us the room explained about the halon system and pointed at the alarm and warning lights, and we were told that if those went off 1) there was a fire, and 2) we have a certain number of seconds to get out of that room before the halon turned on. Not it would turn on once we left, rather it was turning on in n seconds (60 I think) and we REALLY didn't want to be in there when it did!

"publicbenefit.uk has a list of those in support of change, 8 of them have fewer than 20 names which seems an odd choice from a simple cost-benefit viewpoint. Are there additional factors involved?"

What it doesn't show is how long they've been members. I'd bet many of those with only a few domains are old members, eg companies who previously did a lot more domain business but have since perhaps wound things down, or changed direction, but maintain membership since it allows them to keep direct control of their domains. Hell, could well be a bunch of old nerds who've partially retired but like to keep a hand in the game for their own use and perhaps that of friends and family, for whom £100 a year to maintain the status quo is a small price to pay. And they're likely also the types who'd be all over a vote like this.