* Posts by John Riddoch

637 publicly visible posts • joined 12 Jan 2009

Page:

Old Fortinet flaws under attack with new method its patch didn't prevent

John Riddoch

Re: "an unidentified threat actor created a symlink that linked users to the root filesystem"

There was a vulnerability in the OS which was being exploited. Fortinet released a patch which fixed the vulnerability, but didn't clear up the back doors left by the threat actors and left the systems vulnerable. This new patch removes the symlink and prevents symlinks being used as a back door. In essence, the new patch removes the persistence of a previous hack on the system.

John Riddoch

Re: Remote Re-Writing of EEPROM/Flash is a Security Hole

Sun servers used to have physical jumpers on the motherboard to prevent the PROM being updated. We inevitably set the jumper to "allow updates" and never put it back after an update.

The Reg translates the letter in which Oracle kinda-sorta tells customers it was pwned

John Riddoch

Re: With the plummeting stock markets...

Is there anything left of the SEC after the Trump/DOGE cuts?

Oracle says its cloud was in fact compromised

John Riddoch

The rules are published on ICO's website. Key paragraph is probably this one:

"When a personal data breach has occurred, you need to establish the likelihood of the risk to people’s rights and freedoms. If a risk is likely, you must notify the ICO; if a risk is unlikely, you don’t have to report it. However, if you decide you don’t need to report the breach, you need to be able to justify this decision, so you should document it."

I await Oracle's justification for choosing to not report this breach within 72 hours.

John Riddoch

Sarbanes-Oxley came out of the fallout from Enron collapse etc which cost rich people a lot of money. SOx is about ensuring rich investors don't lose their money more than it is about protecting the little people.

John Riddoch

There's also the higher standards for food production etc. Chlorinated Chicken gets the headlines, but US beef is reared on steroids/hormones to bulk them up quickly. Food standards in US are defined by whoever bribes the most politicians, standards in EU are mostly defined by scientific/health guidance and generally err on the side of safety.

Windows intros 365 Link, a black box that does nothing but connect to Microsoft's cloud

John Riddoch

Re: But but but...

Once you put Windows on a client box, it needs maintained, patched, supported and that's difficult/expensive when users are prone to buggering about with them. Virtual desktops can save a lot of that pain so it's not a fair comparison.

That said, 349 (pounds or dollars) seems excessive for a desktop terminal, especially one limited to Azure desktops.

Americans set to pay more on all imports: Trump activates blanket tariffs

John Riddoch

Re: childish analysis

Less about what they "appear to have done" and more "what they've told us they've done" - see https://ustr.gov/issue-areas/reciprocal-tariff-calculations for their actual calculations based almost wholly on the trade deficit to that country; the tariffs charged by those countries isn't part of that equation. The assumption is that the other country must have cheated to be able to get a trade surplus with the US and they must be punished for it, as opposed to them being better/more efficient/smarter at it.

Partly, this seems to be part of a negotiating tactic of Trump to try and get what he wants in concessions from other countries; the promises by Mexico and Canada delayed their tariffs for a month, he's probably hoping other countries will be rushing to his door to make promises and concessions for a better deal, but in reality, there's not much wiggle room in many negotiations. The average tariff rate the EU levied against US imports was 1% (https://ec.europa.eu/commission/presscorner/detail/en/qanda_25_541) and for all Trump's bluster about car trade, the fact is that most countries don't want US style cars. Petrol is cheap in the US, so they typically make huge gas guzzlers which aren't viable in countries with expensive fuel.

Tech support session saved files, but probably ended a marriage

John Riddoch

Yeah, overflowing shared drives - had that at previous job where a lot of JPGs of women not wearing very much was taking a significant portion of the space. Deleted the files, left a README saying something like "Who's been a naughty boy?". Few days later, the README and the folder was gone too. Not a further word was ever said of it.

Weird thing was, the miscreant had a workstation on his desk with a fair chunk of free space and if he'd kept the files there, I'd likely never have found them or cared about it.

BOFH: HR's AI hiring tool is perfectly unbiased – as long as you're us

John Riddoch

I think the boss might need to get a Painkiller and Ram it Down his throat to deal with the headache he's gonna get when the HR team start Screaming for Vengeance about the mess they've gotten in with the AI tools. Just have to hope they don't bring to much Firepower with them.

Payday from hell as several British banks report major outages

John Riddoch

TSB migrated out of Lloyds in 2018, although that didn't go well...

You're right about the other three being the same banking group, they probably run different OS instances for the brands, but there will be crunch points somewhere in the chain where they use the same bit of infrastructure. Doesn't explain how Barclays got caught up in it, so could well be some third party service which threw a wobbly and some banks didn't cope as well as others. Or it just some random coincidence, we may find out from the banks' post mortem comms.

FDA clears Google watch feature to call 911 if you flatline

John Riddoch
Joke

Or the Microsoft watch with Clippy - "It looks like you're having a heart attack. Would you like some help with that?"

Tesla's numbers disappoint again ... and the crowd goes wild ... again

John Riddoch

Re: He could do well

That's an outrageous accusation. I mean, you'd be suggesting that he'd forcing the head of the FAA who'd suggested fining SpaceX to resign next...

The curious story of Uncle Sam's HR dept, a hastily set up email server, and fears of another cyber disaster

John Riddoch

Re: Cat's out of the bag.

John Bolton's comment in an interview probably said it best. "Trump doesn't want Loyalty, he wants Fealty" and that's from someone who worked closely with him.

John Riddoch

Re: Cat's out of the bag.

And as normal, the best employees will resign (because they'll be able to find another job easily enough), leaving the worst workers (who can't find another job) in place.

Some other highlights:

"potentially resulting in physical office relocations for a number of federal workers" - if you stay on, expect that you might have to uproot your entire family.

"flexible workforce" - Flexible for the employer, not the employee.

"employees who are reliable, loyal" - that's loyal to MAGA/Trump, not the USA.

"employees who engage in .. other misconduct" - like following the rule of law rather than autocratic dictats from on high.

This is part of the drive from Trump to demolish the civil service and remake it in his image.

China ever-so slightly softens stance on possible US TikTok sale

John Riddoch

I think the first post was spot on - "How much?". It gives him time to do some backdoor chat and sell some of his memecoins to line his pockets before accepting the advice of his advisors ("that's about all you can extort from them, sir") and letting TikTok run.

Tesla, Musk double down on $56B payday appeal

John Riddoch

What doesn't make sense here is that $56B is more than 3 years of gross profits at Tesla. Paying him that basically says he's generated the entire profits for those 3 years. Market cap is $1.27T, that payout is about 4.5% of the total value of the company.

Ridiculous.

Elon Musk's galactic ego sows chaos in European politics

John Riddoch

"Farage doesn't have what it takes"

"Specifically, a willingness to do whatever I tell him in order to beg like a puppy for the $100m I'm dangling in front of him."

I'm still wondering how long Trump will put up with Musk before being kicked to the kerb. Wouldn't surprise me if he got the boot before the 21st when Trump takes over.

Microsoft Edge takes a victory lap with some high-looking usage stats for 2024

John Riddoch
Black Helicopters

I wonder how much of the increased market share is from forcing users into Edge? As an example, Facebook messenger app on Windows is no longer an actual app. It's a lightly skinned Edge window which means that when you click on a link in a message, it bypasses your browser choices and opens the page in Edge. Click on the wrong bit on the login screen? Here, have a page loaded in Bing/Edge telling you about something you don't care about, just because it was on the login screen. There seem to be more and more ways in which Windows opens Edge against your will. Then it points out that you're obviously doing something wrong because Edge is not your default browser. The Edge is your friend. Trust The Edge.

What do ransomware and Jesus have in common? A birth month and an unwillingness to die

John Riddoch

Part of the problem with Ransomware is how to stop it. At its heart, it's editing files a user can access and most users can access a lot of files as part of their work (or home systems). All you have to do is get the victim to run something which proves annoyingly easy, despite the cyber security training most of us are subjected to. You can't remove a user's access to files without stopping them doing their job, so what do you do? If that problem can be solved, ransomware becomes less of a threat.

'That's not a bug, it's a feature' takes on a darker tone when malware's involved

John Riddoch
Pint

Re: Sometimes there is third party...

Have a beer for the XKCD reference :)

systemd begrudgingly drops a safety net while a challenger appears, GNU Shepherd 1.0

John Riddoch

Re: 42% less unix philosophy

The core part of systemd (faster boot times by doing startups in parallel) is a great idea and if it had stuck to that, everyone would love it. Its tendency to spread tendrils into places no-one expects it is the issue and one which Solaris did with SMF. Using a component called "tmpfiles" to create persistent files and folder is always going to ask for trouble. Added to that, the tendency for its author to dismiss any concerns doesn't help its image.

Police arrest suspect in murder of UnitedHealthcare CEO, with grainy pics the only tech involved

John Riddoch

It's possible, but unlikely. The core is that he (allegedly) crossed state lines and committed premeditated murder with an illegal firearm and granting him any kind of leniency on the basis that the victim wasn't a nice person opens the floodgates for people to claim justifiable murder. Whose opinions do we follow when deciding if someone deserves to be gunned down in the street?

Barring something extraordinary, he'll be found guilty in court or he'll make some kind of plea bargain.

Amazon leaves Snowcone data migration boxes and older Snowball edge kit out to melt

John Riddoch

Re: Nice gadget?

These devices were never intended to stay in use in the long term. They're shipped out to a customer to load on data to transfer into AWS where that transfer is faster than going over the internet (see also: station wagon full of DLT tapes). They shouldn't stay on prem for longer than it takes to load it up with the data going into AWS.

As for re-use, they're essentially relatively fancy encrypted hard drives with a NAS front end. There's probably limited value in re-use, although the ruggedisation might make them interesting in niche cases.

Relocation is a complete success – right up until the last minute

John Riddoch

Was the flicking of the switch a mistake or a "mistake"?

Mostly, I'm surprised that running a ring mains for 25 PCs didn't blow the fuses for the lighting circuit. Certainly doesn't sound like it would pass any electrical inspection.

Hide the keyboard – it's the only way to keep this software running

John Riddoch

Workaround

I remember an old Sun bug report for Solaris where some stress testing caused a crash in CDE. It helpfully listed a workaround: "don't pound on the mouse like a wild monkey"

This was when Sunsolve listed a lot of useful information about bug reports and before Oracle hid it all away...

Intern allegedly messed with ByteDance's LLM training cluster

John Riddoch

Losses

"tens of millions of dollars in losses" - seriously? The AI hype train is running that big?

In any case, you have to wonder how an intern was allowed access to modify so much in the AI model? Of course, it could just be that they're struggling to make it work and they're now blaming a scapegoat to explain away their failures. Neither of those is a good look, to be honest.

AT&T claims VMware by Broadcom offered it a 1,050 percent price rise

John Riddoch

Probably less "competitors" and more "resellers who sell VMWare and $OTHER_SOLUTION". In that instance, Broadcom could put pressure on their resellers/partners to not sell competitors' products.

Microsoft on a roll for terrible rebranding with Windows App

John Riddoch
FAIL

I can see the conversations:

"Have you got the Windows App?"

"Er, which one?"

"The Windows App, of course"

"....The Windows App for what?"

etc, etc...

Iran's cyber-goons emailed stolen Trump info to Team Biden – which ignored them

John Riddoch

Re: It's a little funny, as an outsider...

As far as China goes, Trump has already threatened to (re)introduce tariffs against Chinese imports, so I'd assume they'd prefer Harris.

Lebanon now hit with deadly walkie-talkie blasts as Israel declares ‘new phase’ of war

John Riddoch

Re: Obviously this was planned as a two stage attack

BBC was reporting that Israel* had to "pull the trigger" early as they were worried that Hezbollah was onto them. Certainly, timing it just before (or during) an actual assault into Lebanon would have seriously hampered any defensive effort, they will presumably have a short time to regroup while Israel is now moving troops to the North. Whether Israel is reorganising for assault or defence time will tell, but the rhetoric suggests attack. That's an escalation in a volatile region and it's getting messier.

I don't know what pressing Delete will do, but it seems safe enough!

John Riddoch

Re: Ouch!!!

I think it's a little harsh to complain to MS about a lack of warnings, given how easily Linux/Unix would have let you delete those accounts. Probably wouldn't even have given you a warning...

That said, it really should have made it clear it was deleting the account rather than just the mailbox.

FTC urged to stop tech makers downgrading devices after you've bought them

John Riddoch

Re: Reminds me of TV sets

My living room TV is 11 years old and still works fine as a TV. All the smart features are useless, because Netflix, Youtube etc changed their APIs/codecs/whatever and LG stopped updating the firmware to keep track.

MongoDB takes a swing at PostgreSQL after claiming wins against rival

John Riddoch

Re: Not the flex they think it is

Developer time is expensive and directly attributable to the project manager's budget, timeline and by inference bonus.

Operations time is a cost to be attributed to someone else and at a later time, i.e. not the PM's problem. It's also likely to be lumped into a big pot of looking after other systems, so the pain of one system gets hidden in among the noise. As such, it's fairly easy to see why developers may get the benefit.

There's also a trend over the last 10-20 years where it's cheaper to throw CPU, Memory and faster disk at a problem than it is to develop and code something which runs more efficiently. Why spend £200k on developer time to reduce CPU cycles by 25% when you can just double server capacity for £10k?

Brit tech mogul Mike Lynch missing after yacht sinks off Sicily amid storms

John Riddoch

Re: Conspiracy Theories

With Chamberlain's death being announced too, I'm sure the conspiracy theorists are going nuts with all this. However, I'm inclined to go with it being a tragic coincidence. We don't have technology capable of summoning the kind of freak storm which sunk the Bayesian and the driver who hit Chamberlain stayed at the scene, making it sound a lot more like an accident than a hit job.

At the heart of all this is a number of people are dead and will be grieving. All the harder for the families of those missing as they don't have body to grieve over.

Disney claims agreeing to Disney+ terms waives man's right to sue over wife's death

John Riddoch

Re: Kind of a self-answering question ?

"Shotgun pleadings" are absolutely the right thing to do, though. Sue Disney, they claim "not us guv, you need to sue the restaurant". Sue the restaurant, they claim "not us guv, you need to sue Disney". By suing both, you put the onus on the court to decide which party is liable, or if there is shared liability between them.

As to the merits of forcing arbitration, I'll leave that to the lawyers to argue about, but using a Disney+ subscription to avoid a court battle for something unrelated to it seem sleazy.

Too late now for canary test updates, says pension fund suing CrowdStrike

John Riddoch

Re: "We believe this case lacks merit"

The underlying concept of the stock market is fine; it allows people to invest in large companies (too big to exist as sole trader/partnerships) with limited liability (the most you can lose is your investment) and lets the shareholder trade their investments. The issue is how it's been abused over the years by people extracting money from it, between shorting stocks, microsecond transactions, etc, etc.

In terms of "not lying", most of the theory of capitalism and economics relies on "perfect information", which is why in practice it's horribly broken, but restricting the lies is intended to help.

Inquiry hears UK government misled MPs over Post Office IT scandal

John Riddoch

Re: But as Watson might say

ISTR some comment about the money going to suspense accounts in the Post Office. i.e. if a branch showed it was £5k down, there would be £5k in a suspense account in the Post Office which should have balanced everything out. This got raised because it would apparently also increase the PO's profitability and consequently exec bonuses, so they were benefitting from the errors.

Of course, that raises another question about why no-one raised the point said suspense account was massively in credit alongside several branches being out of balance.

EU gave CrowdStrike the keys to the Windows kernel, claims Microsoft

John Riddoch

Re: Can an AV be effective if not in Ring 0

Anything run in user-space is vulnerable to being hijacked by a virus/malware and is harder to make resilient. Not impossible, but significantly harder and even if you think you've got it right, the bad guys will be continually probing for some kind of a weakness to disable your protection.

John Riddoch

Re: WHQL

You're hitting a set of requirements that kinda force this situation:

  • AV has to run in the kernel to be able to detect and prevent virus/malware attacks
  • Kernel driver has to be WHQL certified - a process which takes a defined amount of time
  • New virus/malware signatures need to be rolled out on an almost daily basis to match the unrelenting grind of the virus/malware writers trying to bypass your tools
Combine all these requirements and it becomes nigh on impossible to write a functioning AV solution which can be updated quickly enough to adapt to the threats out there, so it ends up having to run code outside of the certified driver. There are probably ways to make it more resilient, but I'm not a kernel developer/coder so don't know how messy that would get.

Just to add to the chaos; if you assume every AV update is a new signed driver, you have to unload the old driver and attach the new one, leaving a short period the system is unprotected, assuming you can easily remove the old driver without a reboot.

This doesn't forgive the monumental screw-up that Crowdstrike have made, but it does show why certain design decisions were made.

CrowdStrike file update bricks Windows machines around the world

John Riddoch

The effort on rolling updates is a definite perceptible effort which carries much more weight than a hypothetical effort to recover the systems when it breaks, so people think "meh, it'll be fine" and crack on with immediate rollouts. Doesn't make it right, but that's how people think, particularly if they have to do manual approvals of AV signatures on an almost daily basis.

I expect a lot of companies will be reviewing those processes now, though.

John Riddoch

There's an argument that this validates the decision to ban Kaspersky. If the Russian government went in, they could conceivably force them to release a "bad" update to non-Russian IPs which bricked devices and beyond the ability to recover by simply deleting a file in safe mode. Far-fetched? Certainly. Possible? Absolutely. You'd get to do it once ever, but the potential impact to Western IT might make it worthwhile from a Russian perspective.

In any case, it's re-highlighted the value of a supply chain attack on anti virus/malware vendors.

John Riddoch

Setting up rolling updates takes effort. Also, while you delay updates to your critical systems, they're vulnerable to the latest malware/viruses so there's definitely an impetus to roll out AV/anti-malware updates ASAP.

I'm still not sure how the hell Crowdstrike managed to release an update that was so badly broken, though. Wasn't it tested? Or was it a supply chain attack?

China's Honor debuts laptop with bonkers removable camera that lives in a little slot

John Riddoch

"unclear how the camera connects to the laptop"

What, apart from the 4 copper connectors which are visible at 1:35? Looks to attach via magnets to the dock and the top of the laptop with those 4 connectors providing the necessary power/connectivity to the camera.

Is it a good idea? I'm not so sure. As mentioned, there's a decent chance of it getting lost. Interesting gimmick though.

Supreme Court orders rethink on Texas, Florida laws banning web moderation

John Riddoch

Re: Waters still muddy?

The laws are a bit of a mess. The initial issue was social media companies were treated as "publisher" and liable for whatever was posted on their sites, opening them up to charges of libel, market interference, child pornography etc, etc. This was obviously a problem as it would require them to moderate /all/ the content before it got posted and would break the entire model and frankly, it didn't make a lot of sense as the poster should be liable, not the platform.

Alongside this, platforms want to cut out the worst of the dross on the site, whether it be hate speech, misinformation, illegal content etc because they drive down the value of their site, but that makes them moderators and creates other issues.

This leaves them in a half way house between common carrier and publisher/moderator and it's a mess. Interference by one government opens up the option of interference by another.

Good news: The iPad Pro 13 is a bit more repairable

John Riddoch

That's probably more in reference to the iPhone. When it first came out, most mobile phones would typically last 4 days or more between charges; a week from a single charge wasn't uncommon. All of a sudden, your iPhone wouldn't last an entire day of regular usage. It was a bit of a backwards step, my first mobile in about '97 needed daily charging as well, so going back to that felt wrong. However, we've mostly gotten used to needing daily charges on our mobile devices. That then meant a daily charge on a tablet was broadly accepted.

Computer sprinkled with exotic chemicals produced super-problems, not super-powers

John Riddoch
FAIL

Mentioning JANET reminds me of my days working as IT support at a university. I did support for one department's IT (as it was computing, we had some extra requirements), so wasn't hit directly by the fallout, but the science department had a very large microscope which has some kind of water cooling. Which leaked. Right above the computer room for the rest of the university. This being the 90s, disaster recovery and resilience didn't really figure highly in people's minds nearly as much as "how cheaply can we build this, given we have a uni budget".

Most of the IT for the rest of the uni was out for about a week, really glad I didn't have to do anything with the recovery to be honest...

I can fix this PC, boss, but I’ll need to play games for hours to do it

John Riddoch

Re: I know for a fact ...

From what I've heard, playtesting games involves doing every single weird thing you wouldn't expect players to do, so you'd spend hours running round a single level walking along the walls, jumping at odd places and generally trying to test the bounds of the play area to destruction. Very little of it involves actual "playing".

As for generic software testing, it's the whole "software tester walks into a bar and orders 1 beer, 5 beers, -1 beers, fjioewjiofewj beers, 1.2389028190 beers, etc"

Help! My mouse climbed a wall and now it doesn't work right

John Riddoch

Re: Mouse balls

With my fat fingers, fingernails weren't always an easy option for that. I used to always have my Leatherman on my belt at work and just used the knife on that to scrape off the crud when a mouse stopped working. The Wave was great in that you could take it out of the pouch, open up the blade and put it away after with one hand. It was also handy having a screwdriver on you at all times.

Throwflame launches fire-spitting robo-dog from Hell

John Riddoch
Mushroom

Or "Dracarys"

Page: