Posts by John Riddoch 637 publicly visible posts • joined 12 Jan 2009
There was a vulnerability in the OS which was being exploited. Fortinet released a patch which fixed the vulnerability, but didn't clear up the back doors left by the threat actors and left the systems vulnerable. This new patch removes the symlink and prevents symlinks being used as a back door. In essence, the new patch removes the persistence of a previous hack on the system.
The rules are published on ICO's website. Key paragraph is probably this one:
"When a personal data breach has occurred, you need to establish the likelihood of the risk to people’s rights and freedoms. If a risk is likely, you must notify the ICO; if a risk is unlikely, you don’t have to report it. However, if you decide you don’t need to report the breach, you need to be able to justify this decision, so you should document it."
I await Oracle's justification for choosing to not report this breach within 72 hours.
There's also the higher standards for food production etc. Chlorinated Chicken gets the headlines, but US beef is reared on steroids/hormones to bulk them up quickly. Food standards in US are defined by whoever bribes the most politicians, standards in EU are mostly defined by scientific/health guidance and generally err on the side of safety.
Once you put Windows on a client box, it needs maintained, patched, supported and that's difficult/expensive when users are prone to buggering about with them. Virtual desktops can save a lot of that pain so it's not a fair comparison.
That said, 349 (pounds or dollars) seems excessive for a desktop terminal, especially one limited to Azure desktops.
Less about what they "appear to have done" and more "what they've told us they've done" - see https://ustr.gov/issue-areas/reciprocal-tariff-calculations for their actual calculations based almost wholly on the trade deficit to that country; the tariffs charged by those countries isn't part of that equation. The assumption is that the other country must have cheated to be able to get a trade surplus with the US and they must be punished for it, as opposed to them being better/more efficient/smarter at it.
Partly, this seems to be part of a negotiating tactic of Trump to try and get what he wants in concessions from other countries; the promises by Mexico and Canada delayed their tariffs for a month, he's probably hoping other countries will be rushing to his door to make promises and concessions for a better deal, but in reality, there's not much wiggle room in many negotiations. The average tariff rate the EU levied against US imports was 1% (https://ec.europa.eu/commission/presscorner/detail/en/qanda_25_541) and for all Trump's bluster about car trade, the fact is that most countries don't want US style cars. Petrol is cheap in the US, so they typically make huge gas guzzlers which aren't viable in countries with expensive fuel.
Yeah, overflowing shared drives - had that at previous job where a lot of JPGs of women not wearing very much was taking a significant portion of the space. Deleted the files, left a README saying something like "Who's been a naughty boy?". Few days later, the README and the folder was gone too. Not a further word was ever said of it.
Weird thing was, the miscreant had a workstation on his desk with a fair chunk of free space and if he'd kept the files there, I'd likely never have found them or cared about it.
TSB migrated out of Lloyds in 2018, although that didn't go well...
You're right about the other three being the same banking group, they probably run different OS instances for the brands, but there will be crunch points somewhere in the chain where they use the same bit of infrastructure. Doesn't explain how Barclays got caught up in it, so could well be some third party service which threw a wobbly and some banks didn't cope as well as others. Or it just some random coincidence, we may find out from the banks' post mortem comms.
That's an outrageous accusation. I mean, you'd be suggesting that he'd forcing the head of the FAA who'd suggested fining SpaceX to resign next...
And as normal, the best employees will resign (because they'll be able to find another job easily enough), leaving the worst workers (who can't find another job) in place.
Some other highlights:
"potentially resulting in physical office relocations for a number of federal workers" - if you stay on, expect that you might have to uproot your entire family.
"flexible workforce" - Flexible for the employer, not the employee.
"employees who are reliable, loyal" - that's loyal to MAGA/Trump, not the USA.
"employees who engage in .. other misconduct" - like following the rule of law rather than autocratic dictats from on high.
This is part of the drive from Trump to demolish the civil service and remake it in his image.
What doesn't make sense here is that $56B is more than 3 years of gross profits at Tesla. Paying him that basically says he's generated the entire profits for those 3 years. Market cap is $1.27T, that payout is about 4.5% of the total value of the company.
Ridiculous.
"Specifically, a willingness to do whatever I tell him in order to beg like a puppy for the $100m I'm dangling in front of him."
I'm still wondering how long Trump will put up with Musk before being kicked to the kerb. Wouldn't surprise me if he got the boot before the 21st when Trump takes over.
I wonder how much of the increased market share is from forcing users into Edge? As an example, Facebook messenger app on Windows is no longer an actual app. It's a lightly skinned Edge window which means that when you click on a link in a message, it bypasses your browser choices and opens the page in Edge. Click on the wrong bit on the login screen? Here, have a page loaded in Bing/Edge telling you about something you don't care about, just because it was on the login screen. There seem to be more and more ways in which Windows opens Edge against your will. Then it points out that you're obviously doing something wrong because Edge is not your default browser. The Edge is your friend. Trust The Edge.
Part of the problem with Ransomware is how to stop it. At its heart, it's editing files a user can access and most users can access a lot of files as part of their work (or home systems). All you have to do is get the victim to run something which proves annoyingly easy, despite the cyber security training most of us are subjected to. You can't remove a user's access to files without stopping them doing their job, so what do you do? If that problem can be solved, ransomware becomes less of a threat.
The core part of systemd (faster boot times by doing startups in parallel) is a great idea and if it had stuck to that, everyone would love it. Its tendency to spread tendrils into places no-one expects it is the issue and one which Solaris did with SMF. Using a component called "tmpfiles" to create persistent files and folder is always going to ask for trouble. Added to that, the tendency for its author to dismiss any concerns doesn't help its image.
It's possible, but unlikely. The core is that he (allegedly) crossed state lines and committed premeditated murder with an illegal firearm and granting him any kind of leniency on the basis that the victim wasn't a nice person opens the floodgates for people to claim justifiable murder. Whose opinions do we follow when deciding if someone deserves to be gunned down in the street?
Barring something extraordinary, he'll be found guilty in court or he'll make some kind of plea bargain.
These devices were never intended to stay in use in the long term. They're shipped out to a customer to load on data to transfer into AWS where that transfer is faster than going over the internet (see also: station wagon full of DLT tapes). They shouldn't stay on prem for longer than it takes to load it up with the data going into AWS.
As for re-use, they're essentially relatively fancy encrypted hard drives with a NAS front end. There's probably limited value in re-use, although the ruggedisation might make them interesting in niche cases.
I remember an old Sun bug report for Solaris where some stress testing caused a crash in CDE. It helpfully listed a workaround: "don't pound on the mouse like a wild monkey"
This was when Sunsolve listed a lot of useful information about bug reports and before Oracle hid it all away...
"tens of millions of dollars in losses" - seriously? The AI hype train is running that big?
In any case, you have to wonder how an intern was allowed access to modify so much in the AI model? Of course, it could just be that they're struggling to make it work and they're now blaming a scapegoat to explain away their failures. Neither of those is a good look, to be honest.
BBC was reporting that Israel* had to "pull the trigger" early as they were worried that Hezbollah was onto them. Certainly, timing it just before (or during) an actual assault into Lebanon would have seriously hampered any defensive effort, they will presumably have a short time to regroup while Israel is now moving troops to the North. Whether Israel is reorganising for assault or defence time will tell, but the rhetoric suggests attack. That's an escalation in a volatile region and it's getting messier.
I think it's a little harsh to complain to MS about a lack of warnings, given how easily Linux/Unix would have let you delete those accounts. Probably wouldn't even have given you a warning...
That said, it really should have made it clear it was deleting the account rather than just the mailbox.
Developer time is expensive and directly attributable to the project manager's budget, timeline and by inference bonus.
Operations time is a cost to be attributed to someone else and at a later time, i.e. not the PM's problem. It's also likely to be lumped into a big pot of looking after other systems, so the pain of one system gets hidden in among the noise. As such, it's fairly easy to see why developers may get the benefit.
There's also a trend over the last 10-20 years where it's cheaper to throw CPU, Memory and faster disk at a problem than it is to develop and code something which runs more efficiently. Why spend £200k on developer time to reduce CPU cycles by 25% when you can just double server capacity for £10k?
With Chamberlain's death being announced too, I'm sure the conspiracy theorists are going nuts with all this. However, I'm inclined to go with it being a tragic coincidence. We don't have technology capable of summoning the kind of freak storm which sunk the Bayesian and the driver who hit Chamberlain stayed at the scene, making it sound a lot more like an accident than a hit job.
At the heart of all this is a number of people are dead and will be grieving. All the harder for the families of those missing as they don't have body to grieve over.
"Shotgun pleadings" are absolutely the right thing to do, though. Sue Disney, they claim "not us guv, you need to sue the restaurant". Sue the restaurant, they claim "not us guv, you need to sue Disney". By suing both, you put the onus on the court to decide which party is liable, or if there is shared liability between them.
As to the merits of forcing arbitration, I'll leave that to the lawyers to argue about, but using a Disney+ subscription to avoid a court battle for something unrelated to it seem sleazy.
The underlying concept of the stock market is fine; it allows people to invest in large companies (too big to exist as sole trader/partnerships) with limited liability (the most you can lose is your investment) and lets the shareholder trade their investments. The issue is how it's been abused over the years by people extracting money from it, between shorting stocks, microsecond transactions, etc, etc.
In terms of "not lying", most of the theory of capitalism and economics relies on "perfect information", which is why in practice it's horribly broken, but restricting the lies is intended to help.
ISTR some comment about the money going to suspense accounts in the Post Office. i.e. if a branch showed it was £5k down, there would be £5k in a suspense account in the Post Office which should have balanced everything out. This got raised because it would apparently also increase the PO's profitability and consequently exec bonuses, so they were benefitting from the errors.
Of course, that raises another question about why no-one raised the point said suspense account was massively in credit alongside several branches being out of balance.
Anything run in user-space is vulnerable to being hijacked by a virus/malware and is harder to make resilient. Not impossible, but significantly harder and even if you think you've got it right, the bad guys will be continually probing for some kind of a weakness to disable your protection.
You're hitting a set of requirements that kinda force this situation:
Just to add to the chaos; if you assume every AV update is a new signed driver, you have to unload the old driver and attach the new one, leaving a short period the system is unprotected, assuming you can easily remove the old driver without a reboot.
This doesn't forgive the monumental screw-up that Crowdstrike have made, but it does show why certain design decisions were made.
The effort on rolling updates is a definite perceptible effort which carries much more weight than a hypothetical effort to recover the systems when it breaks, so people think "meh, it'll be fine" and crack on with immediate rollouts. Doesn't make it right, but that's how people think, particularly if they have to do manual approvals of AV signatures on an almost daily basis.
I expect a lot of companies will be reviewing those processes now, though.
There's an argument that this validates the decision to ban Kaspersky. If the Russian government went in, they could conceivably force them to release a "bad" update to non-Russian IPs which bricked devices and beyond the ability to recover by simply deleting a file in safe mode. Far-fetched? Certainly. Possible? Absolutely. You'd get to do it once ever, but the potential impact to Western IT might make it worthwhile from a Russian perspective.
In any case, it's re-highlighted the value of a supply chain attack on anti virus/malware vendors.
Setting up rolling updates takes effort. Also, while you delay updates to your critical systems, they're vulnerable to the latest malware/viruses so there's definitely an impetus to roll out AV/anti-malware updates ASAP.
I'm still not sure how the hell Crowdstrike managed to release an update that was so badly broken, though. Wasn't it tested? Or was it a supply chain attack?
What, apart from the 4 copper connectors which are visible at 1:35? Looks to attach via magnets to the dock and the top of the laptop with those 4 connectors providing the necessary power/connectivity to the camera.
Is it a good idea? I'm not so sure. As mentioned, there's a decent chance of it getting lost. Interesting gimmick though.
The laws are a bit of a mess. The initial issue was social media companies were treated as "publisher" and liable for whatever was posted on their sites, opening them up to charges of libel, market interference, child pornography etc, etc. This was obviously a problem as it would require them to moderate /all/ the content before it got posted and would break the entire model and frankly, it didn't make a lot of sense as the poster should be liable, not the platform.
Alongside this, platforms want to cut out the worst of the dross on the site, whether it be hate speech, misinformation, illegal content etc because they drive down the value of their site, but that makes them moderators and creates other issues.
This leaves them in a half way house between common carrier and publisher/moderator and it's a mess. Interference by one government opens up the option of interference by another.
That's probably more in reference to the iPhone. When it first came out, most mobile phones would typically last 4 days or more between charges; a week from a single charge wasn't uncommon. All of a sudden, your iPhone wouldn't last an entire day of regular usage. It was a bit of a backwards step, my first mobile in about '97 needed daily charging as well, so going back to that felt wrong. However, we've mostly gotten used to needing daily charges on our mobile devices. That then meant a daily charge on a tablet was broadly accepted.
Mentioning JANET reminds me of my days working as IT support at a university. I did support for one department's IT (as it was computing, we had some extra requirements), so wasn't hit directly by the fallout, but the science department had a very large microscope which has some kind of water cooling. Which leaked. Right above the computer room for the rest of the university. This being the 90s, disaster recovery and resilience didn't really figure highly in people's minds nearly as much as "how cheaply can we build this, given we have a uni budget".
Most of the IT for the rest of the uni was out for about a week, really glad I didn't have to do anything with the recovery to be honest...
From what I've heard, playtesting games involves doing every single weird thing you wouldn't expect players to do, so you'd spend hours running round a single level walking along the walls, jumping at odd places and generally trying to test the bounds of the play area to destruction. Very little of it involves actual "playing".
As for generic software testing, it's the whole "software tester walks into a bar and orders 1 beer, 5 beers, -1 beers, fjioewjiofewj beers, 1.2389028190 beers, etc"
With my fat fingers, fingernails weren't always an easy option for that. I used to always have my Leatherman on my belt at work and just used the knife on that to scrape off the crud when a mouse stopped working. The Wave was great in that you could take it out of the pouch, open up the blade and put it away after with one hand. It was also handy having a screwdriver on you at all times.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
