* Posts by John Riddoch

373 posts • joined 12 Jan 2009

Page:

Surprise! Apple launches iOS 14 today, and developers were given just 24 hours' notice

John Riddoch

I know Niantic were having issues with Ingress and Pokemon Go on IOS 14 beta, but they've released new versions in the last 24 hours which they say should work OK on it.

The power of Bill compels you: A server room possessed by a Microsoft-hating, Linux-loving Demon

John Riddoch

Re: Not met a demon

I used an Ultra 1 with Solaris for many years as my desktop at my first IT job (university department). Ran like a dream. I had some horrible Frankenstein windowing environment using CDE and Window Maker, but it was stable and by the time I left, I'd been logged in from October to March (just locking the screen at night) without any issues. Getting Windows to stay up that long without a reboot (let alone logged in) was pretty much impossible...

Start Me Up: 25 years ago this week, Windows 95 launched and, for a brief moment, Microsoft was almost cool

John Riddoch

Oh, yes, the regular reinstall of Windows to keep it running well... Don't miss that at all, I wound up moving my profile to a Samba share simply to avoid the endless resetup of all the options every reinstall (please stop hiding file extensions....). Recently, the relative stability has meant the hassles of profiles outweigh the advantages. Doesn't help that a bunch of games store their save files there; took me a while to figure out why logins/logouts were running so slow until I found the 100s of MB of Skyrim save files stashed in there....

I can see my house from here! Microsoft Flight Simulator has laid strong foundations for the nerdy scene's next generation

John Riddoch

Re: ENTER RUN TO FLY AGAIN

Amiga F18 interceptor game, where you could eject at a height of 20 ft inverted and be told "you ejected safely", despite the fact that in real life you'd have been killed on impact with the water... Fun times!

You had one job... Just two lines of code, and now the customer's Inventory Master File has bitten the biscuit

John Riddoch

Re: @werdsmith

There was something odd in some old versions of Unix where the first sync didn't actually do anything immediately, it would sync when it could be bothered. The second sync forced the issue.

Digging around some olde searches, found this reference:

Evi Nemeth's sysadmin book sez:

sync; sync; halt

... the reason being that when the first sync returns, buffers

have been scheduled to be written, but aren't actually guaranteed

to have been written. The second sync (however) won't start

until the first completes.

There also seems to be some discussion about running it again giving the kernel time to flush to slower disks too. In any case, it's a legacy thing, but I suspect some old timers still do it out of habit.

I got 99 problems, and all of them are your fault

John Riddoch

Re: Rudest, Dumbest - same thing no?

I too have had the "I can't send email" email. I responded with a simple "it looks fine to me" and hit send. Never heard back from them on the issue.

Easyjet hacked: 9 million people's data accessed plus 2,200 folks' credit card details grabbed

John Riddoch
FAIL

Re: Highly sophisticated

Yeah, that's my normal thinking. "Sophisticated" is code word for "they were smarter than we were". Doesn't say at an absolute level how smart either side was... It's spin from the corporate types to avoid making themselves look incompetent.

Dumpster diving to revive a crashing NetWare server? It was acceptable in the '90s

John Riddoch

Re: hot-wiring with office supplies

Then there was the Sun E150 (which was basically an Ultra-1 desktop in a tower case with 12 disks). If you powered it off, you either had to have a Sun keyboard to power it on, or open up the case to hit the power switch which was internal only. Not one of Sun's finest designs...

French pensioner ejected from fighter jet after accidentally grabbing bang seat* handle

John Riddoch

Given that ejection is not a zero-risk manouver at the best of times, very glad to hear everyone survived (and the plane landed safely). If he though the 4G+ ascent was bad enough, the shock of the ejection would have been worse....

Watch out, everyone, here come the Coronavirus Cops, enjoying their little slice of power way too much

John Riddoch
FAIL

"There’s a reason why the UK doesn’t have a mandatory national ID card" - frankly, I've always argued the main reason not to do it is simple. It'll require a government IT project. That alone should doom it to failure from the start as pretty much every government IT project goes over budget, over time and under-delivers.

Like a Virgin, hacked for the very first time... UK broadband ISP spills 900,000 punters' records into wrong hands from insecure database

John Riddoch

Re: "there is a risk you might be targeted for ... nuisance marketing communications"

I get marketing emails from Virgin Media business on my work email address. I have never been in touch with them for anything. I submitted a GDPR data request (what info do you have, where did you get it from and why do you think you have permission to contact me?) and haven't had a response after 30 days. An email to the ICO is the next step.

It’s not true no one wants .uk domains – just look at all these Bulgarians who signed up to nab expired addresses

John Riddoch

Re: Should we just be phasing out .co.uk

ISTR the Christmas Islands started down that route many years ago, selling .cx addresses cheaply at a time *.uk, *.com etc were much more expensive. That broke down the barriers of non-residents buying addresses and has been going on ever since.

What do Brit biz consultants and X-rated cam stars have in common? Wide open... AWS S3 buckets on public internet

John Riddoch

Re: Misconfigured?

Default is no public access, so you have to allow access to applications etc to use the buckets. Issue is lazy admins who find it doesn't work and open it up wide, not realising what they're doing or just doing it "for testing" and not locking down later.

Oracle finally responds to wage discrimination claims… by suing US Department of Labor

John Riddoch

Re: They seem to think this is a bad thing...

As an outsider to this, it's felt like they hate the government meddling in their lives. The term "government overreach" gets bandied about alongside protecting their "freedoms". I get the impression it started after the war for independance as they threw off the oppression on the British rule and it's just become embedded in their culture.

Samsung on fridge cert error: Someone tried to view 'unsavoury content' in middle of John Lewis

John Riddoch

Re: Samwrong

Depends what it's doing. If I send a request to https://dodgysite.com/ which is blocked by the router, it will send some kind of response back which, because it doesn't have the right cert, will generate an ssl error.

There are also proxies which can do inspection by using dodgy root certs on the client browsers so they can decrypt to capture malware, data leak prevention etc.

Need to automatically and securely verify a download is legit? You bet rget this new tool

John Riddoch

Not a panacea

All it takes is someone hacking the server (or intermediary proxy) and deploying a trojanned file and updated hash, that's generally easier than manipulating a download in flight. It's an improvement on a blind download, at least.

He's coming for your floppy: Linus Torvalds is killing off support for legacy disk drive tech

John Riddoch

Haven't used a floppy drive in years. I had a PC ages ago where opening Windows Explorer took ~10 seconds and I eventually tracked it down to the floppy drive (no idea if it was a hardware fault or crap driver) so I unplugged it "temporarily" to make things work better. A year later I realised i hadn't needed to plug it back in and my next PC didn't get built with one (those were the days I used to order parts for my PC and self-build).

I think I still have a floppy drive in a drawer - buried under all the spare IDE cables and SCART leads I also can't quite bear to part with...

I suspect some legacy pieces of kit (15 year old software which still works) will still need a floppy now and again, but I rather suspect they won't run on any modern version of Linux anyway.

Welcome your new ancestor to the Homo family tree; boffins have discovered a new tiny species of human

John Riddoch
Joke

Re: the foot bone connected to the knee bone...

And that whooshing sound is the joke going over your head....

It doesn't mention whose skull is connected to whose knee, after all.

After last year's sexism shambles, 2019's RSA infosec bash has upped its inclusivity game

John Riddoch
Joke

Re Monica Lewinsky

"hard for many to swallow".... I see what you did there....

Roses are red, we've received about fifty. Google's next trick? Pixels for the thrifty

John Riddoch
Coat

Poetry

Roses are red

Bought from the bazaar

We're gathering your data

Contravening GDPR

Q. What connects the global financial crisis, Ursnif malware, and Coldplay's Viva la Vida?

John Riddoch

Re: Is this a thing still?!

People are stupid - give them enough of a carrot to run untrusted code and they will. It's pretty easy to get macros enabled, usually only a couple of clicks (I've had to do it on legit documents where I need the macros enabled), so not a huge hurdle to get in. If you spam enough people, you'll find a few marks and the cost/benefit ratio soon makes it worthwhile.

Attention all British .eu owners: Buy dotcom domains and prepare to sue, says UK govt

John Riddoch

Re: Wow, it's almost...

That is at least part of the problem there - here we are, 2.5 years after the referendum and no-one can agree on what leaving the EU actually means. We can't even agree what to do with Northern Ireland, let alone what kind of trade, fisheries or agricultural deals we want to have with the rest of the EU. Parliament is split between remain, hard brexit and some kind of deal in the middle and no-one is budging. The general terms of leaving should have been agreed BEFORE the referendum, not 3 months before the end of the article 50 term.

Oregon can't stop people from calling themselves engineers, judge rules in Traffic-Light-Math-Gate

John Riddoch

Re: Incredible

"for the stupidest of reasons" - follow the money. My guess is the Professional Engineer Registration Act was sponsored by someone who coincidentally received "campaign contributions" from someone with a vested interest in licensing engineers.

2018 ain't done yet... Amazon sent Alexa recordings of man and girlfriend to stranger

John Riddoch
Terminator

Re: Be Pure, Be Vigilant, Behave

The computer is your friend. Trust the computer.

Equifax how-it-was-mega-hacked damning dossier lands, in all of its infuriating glory

John Riddoch

The cert was on the security monitoring software, so while service was running fine, it wasn't getting monitored. When they finally upgraded the cert, they had their "ohshit" moment.

Tesla autopilot saves driver after he fell asleep at wheel on the freeway

John Riddoch

"Socially acceptable levels"

And there is the problem - the acceptable levels to the public will be zero casualties, even though that's impossible outside of a controlled environment. Every single incident (regardless of fault) will be interpreted as a failure of self driving vehicles, where what we should be setting the bar at is as good as a human driver.

Sysadmin’s plan to manage system config changes backfires spectacularly

John Riddoch

Re: Automation does have its place

I used to have to do user account creation annually at a university. I'd inherited some (fairly ropy) scripts and an MS Word mail merge template which took a fair bit of manual effort. I reduced it to a couple of Unix scripts which then created a LaTeX file to print out and another output file to create the Novell 4.1 accounts (that probably dates it pretty well). The printouts were handed to the lecturers to distribute to their classes on the first day and get them to log in.

30-up: You know what? Those really weren't the days

John Riddoch

Re: "you were seriously stuck up a gum tree"

Dejanews was the Google of the 90s - all sorts of useful stuff squirreled away in Usenet forums and generally not tainted with the crap you get now. Google covers a lot of things now, but part of the problem is the 100s of ways Linux implementors do things, so you get some instructions for RHEL 6 which don't work on Debian, Ubuntu or, in some cases, RHEL 7.

British Airways hack: Infosec experts finger third-party scripts on payment pages

John Riddoch

Disabling Javascript would have protected you in this instance and against similar hacks. No idea if that would have crippled the site or not, though.

Mozilla accuses FCC of abdicating its role, ignoring comments in net neutrality lawsuit

John Riddoch

Re: Chevron..

They're also predominantly Republicans now, so are more likely to be in favour of anything which benefits big campaign donors, sorry, big companies, hence they'll likely rule in favour of the ISPs.

Oracle: Run, don't walk, to patch this critical Database takeover bug

John Riddoch

Re: What?

I assume it's a terminology thing - for it to be a "remote code exploit flaw", it may need to be an attack vector for non-authenticated users. As you have to be logged into the database, it's not quite as bad as some other flaws, but still needs patched.

Grad sends warning to manager: Be nice to our kit and it'll be nice to you

John Riddoch

Never anthropomorphise computers. They hate that.

Hot US deal! IBM wins $83m from Groupon in e-commerce patent spat

John Riddoch

You're thinking of trademarks. Patents follow different laws/rules, hence you can have a submarine patent - let something become ubiquitous then sue the world because you have a patent on it. Declaring it too soon means people can find a different solution and work around your patent and you don't get royalties.

Y'know... Publishing tech specs may be fair use, says appeals court

John Riddoch

Re: Ok, put it another way...

From close experience - plugging two ovens into a single extension lead blew the fuse on the extension (by design and quite correctly - note that it was someone else who did this, not me). In contrast, I have two extension bars linked together at home serving up a number of low wattage items (mainly around the PC) quite happily because they don't go near the 13 amps permitted by the fuse. It's all about what you plug in, not just the number of items.

The dislike of multiple extension bars dates back to when most items in the house were high wattage and folk would link 2 or more bar heaters, a toaster and an iron into one socket with rather inevitable results. When the blown fuse gets replaced by tin foil or a bolt, the next inevitable results annoy the fire brigade.

Visa fingers 'very rare' data centre switch glitch for payment meltdown

John Riddoch

Yup, partial failures suck. I've seen a fibre path fail just enough to bugger up service but not quite enough for the OS to figure it needed to fail over to the 2nd path. Once we'd figured that out, it was just a matter of disabling the primary path and everything started working normally.

My PC is on fire! Can you back it up really, really fast?

John Riddoch

Re: I recall even my mum (a bit like Dilmom) telling me a fire story

Only real school fire we had was a small one in the woodwork room (I was nowhere near it, so don't know all the details). The rector (head teacher) decided it would be a great opportunity for a fire evacuation test. As we got to the top of the stairs, we could smell the burning smell which had permeated through the corridors - it certainly added a little more urgency to a fire alarm test!

BOFH: Guys? Guys? We need blockchain... can you install blockchain?

John Riddoch

Re: Familiar...

Surely all this needed was some fake status reports on request when the boss wanted updates? By the time he's wondering why nothing has actually been delivered, the next shiny will have appeared on the horizon to take his attention and you can "shut down" the Blockchain project....

Furious gunwoman opens fire at YouTube HQ, three people shot

John Riddoch

Re: Of all places

Is there anything stopping someone legally buying something like an AR-15 (insert over-powered gun of choice instead) in one state then driving to California to use it? I'm assuming there are a bunch of laws against possession of said weapon in CA, but if they're intending to shoot up people with it, those laws aren't really going to stop them....

Another day, another self-flying car pipe dream surfaces

John Riddoch

Re: That's all we need

"There is never any justifiable reason to overtake/undertake on the left"

Wrong. Read your Highway Code. There are at least two viable examples I can recall cited as valid reasons to pass on the left.

Charity accused of leaving sensitive notes behind after office move

John Riddoch

Read the article:

But in this case, the charity and local authority seem to have failed to do so in more ways than one, by allegedly declining the opportunity to pick up the docs.

According to the Evening News, Saunders claimed that neither the charity nor the council helped him when he raised the alarm, which he said prompted him to go to the newspaper.

It should still be reported to the ICO, though, as it's lax security of information.

BT backs down from charging millions in phone book listing fees

John Riddoch

I used to do that. Now I bypass the "sitting on the shelf" bit as any time I need a number, I just look it up online.

Linux's Grsecurity dev team takes blog 'libel' fight to higher court

John Riddoch

Well - from some of the commentary on Wikipedia (I know it's not a great source, but...):

- Grsecurity distribute patches to the kernel, these are governed by GPLv2

- Grsecurity only sell these (not distribute for free), but as well as the GPLv2 license, they attach use conditions, basically saying "if you distribute these as per GPLv2 you don't get any future releases"

Grsecurity claim this means they're abiding by GPLv2, Perens says it breaks GPLv2. I suspect Perens is right, but the IP lawyers will have a bun fight over it in court.

Woo-yay, Meltdown CPU fixes are here. Now, Spectre flaws will haunt tech industry for years

John Riddoch

I think some of the older T-class chips didn't have out of order execution, so they'll probably be safe. They're crap for single threaded workloads, though. I seem to recall POWER 6 didn't have it either, which is how they clocked it so fast (up to 5GHz) without melting.

As for other SPARC/POWER chips? Given that ARM is vulnerable and all of these are based on RISC design concepts, it's entirely plausible they're vulnerable as well. I don't know enough about chips to be able to answer that.

'Please store the internet on this floppy disk'

John Riddoch

Re: Stolen Focus

Similar issue - the target window has focus, but it's in a Citrix session in another monitor; the citrix session doesn't have focus... "Real" focus is actually another window in another monitor on my local PC....

John Riddoch

Re: I'm not sure what's worse

"screenshot in a word document"

Older version of MS Paint would default to saving in bitmap format - for a large monitor and 24/32 bit graphics, that would be a large file to attach to an email. Saving in word would compress it so you'd have a much smaller email. It's a poor solution, but for a non-savvy person, it can be quicker & easier.

Nowadays, paint seems to default to PNG format which is much better, so there shouldn't be any need to revert to Word.

Oh, the weather outside is frightful, but the data centre temp's delightful

John Riddoch
Flame

I've been in our conservatory when it's been over 40 degrees. I was lucky enough to not have to spend more than a minute or two there, getting some doors open, I'd hate to have had to work in that kind of heat....

Hot chips crashed servers, but were still delicious

John Riddoch

Re: Power Cables...

Yup, had one when I was at uni. One of the students reported a PC wasn't working, so I followed her to the room. Sure enough, it wouldn't turn on. Went to check power socket, the plug was slightly out. Pushed it in, powered on the machine gave her a bit of a look as she was looking sheepish and wandered out without saying another word.

Hardware has never been better, but it isn't a licence for code bloat

John Riddoch

Prices

It's now cheaper to throw an octo-core 3GHz CPU with 32GB of RAM at a problem than pay a programmer to code it on a single core 1GHz CPU with 2GB of RAM. It's perfectly plausible in many cases to do the latter, but why pay your expensive developer to do that when you can get a bigger server relatively cheaply?

HPE server firmware update permanently bricks network adapters

John Riddoch

Re: The good news...

In the "old days", firmwares were much smaller, simpler and less prone to requiring patching. Most of the "brains" was in silicon so there wasn't the need to drop firmware as much. These days, the custom silicon is expensive, coding firmware is cheap so bugs creep out and updates are required.

Add in scaling issues - if all you had was a single large Unix server, flipping the jumper is relatively trivial. With 1000+ servers in VMWare farms/private clouds, flipping all the jumpers becomes time consuming.

To be fair, there probably are jumpers, they're just set to allow updates for the reasons above.

There's a way to dodge Fasthosts' up-to-160% domain renewal hike but you're not gonna like it

John Riddoch

Re: Price gouging.

Probably because the owners of .clinic are charging more to domain resellers.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020