* Posts by lansalot

476 publicly visible posts • joined 23 Mar 2007


YouTube cares less for your privacy than its revenues


Pay for premium.. and get "sponsored" videos?

Noticed recently that despite my Premium subscription, I now get a top suggested video that's "sponsored". And nothing I'm interested in.

Way to undermine your own model, Google...

Wi-Fi not working? It's time to consult the lovely people on those fine Linux forums



Monitor was broken the other day - not powering on. Re-plugged the HDMI, wiggled the USB-C adapter, the whole bit.

I'd forgotten to turn the plug on at the wall. Of course, being a laptop, that fired up instantly off the battery, and thus I was led up the "well, obviously I've plugged it in" path. Wasted a good 10 mins before my flakey battery informed me that power was running low....

Been doing IT professionally since 1987, fyi.

Amazon tells folks it will stop accepting UK Visa credit cards via weird empty email


I got this too...

But the email was complete. And it provided a link to their help page for more information, here:


At the time of receiving the email however, Visa was still saying accepted there. Not now.

What a fucking shambles...

Want to deploy a new Windows VM on Microsoft Azure? Today might not be your lucky day



that's it back.

Wondering if any VMs left in a "Failed" state accrued cost, as technically they weren't deallocated?

Regardless... hours that took! Very little in the way of useful updates, and status.azure.com was over an hour before it mentioned anything. Not very impressive.

That thing you were utterly sure would never happen? Yeah, well, guess what …


Ah, will you not have a cup of tea father...

My go-to test strings are the Father-Ted favourites, "arse", "feck", "drink" and "girls".

Two of which once popped up in front of some bigwigs I was demoing something to. Wasn't the last two....

George Clooney of IT: Dribbling disaster and damp disk warnings scare the life out of innocent user



Years ago, I re-purposed an old sparc station as a snort IDS. Being on a switched network, and not tapped into any kind of ideal port, it didn't really do anything useful of course. Except for the one day it did detect an unwanted intrusion - the pipe above it burst and electrocuted it.

Alerting left a little to be desired tho - I only found out when I came in to find the console was unreachable.

Citibank accidentally wired $500m back to lenders in user-interface super-gaffe – and judge says it can't be undone



All makes sense now....

(Former WIPRO employee here)

Offshoring is kind of over, says Wipro, as financials surge thanks to offshoring



It's been my experience - as a former employee - that "WIPRO" and "talent" do not belong in the same sentence.

Bitter war of words erupts between UK cops and web security expert over alleged flaws in Cyberalarm monitoring tool


also, Pervade...


"For a fee, one organization will provide a system that detects and can hit back at hackers with its own arsenal of attacks. But this isn't some anonymous group on an underground crime forum. Instead, Pervade Software, a legitimate and public facing information security business based out of Cardiff, Wales, sells a platform designed for private companies to retaliate against hackers with DDoS and other digital attacks."

When is a remote-code-execution bug in Teams not an RCE? When Microsoft says it isn't, flaw finder discovers



that it hasn't always updated all clients. I ran a script across a heap of our clients and found a significant number that are not auto-updating.

VERY quick and dirty Powershell detection script here for same, for your remote-admin tool of choice:



- what version is installed (not necessarily the one that's running)

- what version each user is running (for terminal service environments)

- what the minimum and maximum version number found running in the process list is

- highlights whether any vulnerable version was found running

Big IQ play from IT outsourcer: Can't create batch files if you can't save files. Of any kind


WIPRO and Powershell..

As you may recall, WIPRO had an embarassing "security incident" a year or two ago. I was one of the users on the ground who felt the repercussions - because the miscreants had used Powershell to gain a foothold, they simply blocked Powershell EVERYWHERE to "Improve security".

Apart from of course not being able to run or develop anything any more (hi, automation guy here), I also was blocked from even opening my .ps1 files in notepad, so I couldn't copy the work to an off-domain dev machine and continue the work. Months that took to sort out...

CREST cancels two UK infosec accreditation exams after fresh round of 'cheat sheets' are leaked online



I wonder how the ratio of pass:fail will fluctuate in light of this...

Bite me? It's 'byte', and that acronym is Binary Interface Transfer Code Handler


Father Ted for the win

My test strings tend to be Arse, Feck, Girls and Drink.

One of which popped up in front of some Council bigwigs I was demoing to. Hint: It wasn't "girls" or "drink"...

Wipro names new CEO: Former Capgemini COO Thierry Delaporte


Re: Beating HCL...

That was my experience also.

Microsoft Teams: The good, the bad, and the ugly


and yet...

We're having major issues with Teams for the last fortnight - users in my team showing as "Unknown User". Our desk tells us they're working with MS to resolve and this isn't just affecting us. Anyone else confirm?

This won't end well. Microsoft's AI boffins unleash a bot that can generate fake comments for news articles



"The comments it generates are short - on the order of tens of words - and aren’t complex enough to incite much reaction"

Have you been on the internet lately?

Suspected crypto-coin crook collared after emailing apology note to the cops rather than victim – shock claim


Re: Well...

Also, the conscience...

Tech lobbyists turn on Trump over Mexican tariffs, then quickly try to smooth the waters


Re: Trump is right

"Mutin"... now I know why they named a button after you.

Boeing boss denies reports 737 Max safety systems weren't active


highly relevant...


Easter is approaching – and British pr0n watchers still don't know how long before age-gates come into force


Oh no...

This will be a sad day when it comes into effect... please, someone pass the tissues.

Techie finds himself telling caller there is no safe depth of water for operating computers


The IDS comes through..

Years ago, I had a spare SPARC, and being a curious fellow, I decided to deploy Snort on it and leave it running as an IDS. It never detected a single thing (not surprising as I didn't have clearance to run it, and thus it was "internal only" - and on a switched network of course).

Except for one day when it did. It detected water. A pipe above it burst and electrocuted it.

Ooo shiny! First Visual Studio 2019 sneak peek here in time for Chrimbo



Still no Powershell GUI dev?

VirusTotal slips on biz suit, says Google's daddy will help the search for nasties


Re: so..

So you're saying Google would be unable to make this particular use case free?

Interesting technical viewpoint...



Why don't all browsers run the checksum for whatever they just downloaded past VT before committing the save? Aware you can get various extensions and such, but even so.. it seems like such a minor thing to add.

Firefox hooks up with HaveIBeenPwned for account pwnage probe



But here's a crazy idea - all browser manufacturers, why not integrate with VirusTotal as well?

You're downloading the file, calculate the checksum as you're doing so, and at the end - submit it to VirusTotal to see if it's in their database. Present warnings accordingly.

Sysadmin unplugged wrong server, ran away, hoped nobody noticed


citrix and scvmm

Brought up a new SCVMM server and pushed the updated client out to a few VMs. No issues, no reboot needed. So pushed it out to 3 hosts, each hosting 7 citrix xenapp VMs (so approx 200 users were being served).

The hosts didn't take too kindly to the new client, and promptly blue-screened. However, as the estate wasn't at its most stable at the time, users were conditioned to logging back on again when citrix disappeared. Not a single call came in. So I kept quiet, until now...

Biggest vuln bombshell in forever and storage industry still umms and errs over patches



Dell/EMC still very silent on the impact to their ScaleIO product, I notice.. where customer code will definitely be running on VMs etc. The joys of HyperConvergence, eh

Storage slingers say: Don't sweat Spectre, Meltdown SANitation


well thanks, Dell..

Been waiting for last couple weeks now as to a statement for potential impact for EMCs ScaleIO product, which you resell.

Being HyperConverged, in that the VMs and storage are all on the same boxes, we're expecting a significant performance hit.

Frenchman comes eye to eye with horror toilet python


ah ha!

"And I could very well have been bitten in a sensitive place, if you know what I mean."



BT hikes prices for third time in 18 months



That's some nice changes to protecting me from dodgy callers. Of course, my phone has never been plugged in, but thanks loads for charging me for something that probably doesn't work and I don't need.

Time to shop around I think !

Please activate the anti-ransomware protection in your Windows 10 Fall Creators Update PC. Ta



Not worth persisting with to protect your actual-data then, just because one thing got blocked?



That sounds like a great tool for home users to protect themselves!


Ah wait - not available in Windows 10 Home edition??

Equifax backtracks arbitrate-don't-litigate plan for punters


Dear Equifax hackers?

Could you find out if I have PPI, and submit a claim for me automatically? Thanks!

Printer blown to bits by compressed air


a long time ago...

well, 1984-ish.. in my metalwork class at school, they had a poster on the wall. It was pretty to-the-point.


A picture of a fired gun against a head, with brains ejecting out the other side

A picture of a compressor and its hose against a head, with brains ejecting out the other side

You could say the message worked, as I remember it clearly over 30 years later.

Why do GUIs jump around like a demented terrier while starting up? Am I on my own?


even worse...

The worst one is far and away the "windows updates have finished installing, want to reboot now?" that flashes up as you're busy typing... and that space bar you just rattled gives the OK button a press.

Facebook, Google slammed for 'commercial prostitution'


profitting from hate?

You read the Daily Mail and such lately? You'd be as well starting with them, at least their content is produced by them, purposely and wilfully.

Become a blockchain-secured space farmer with your hard drive




I'd like to hope these are heuristically derived false-positives...

IT guy checks to see if PC is virus-free, with virus-ridden USB stick



you tossed the whole drive?

Back to school for you !

Parliamentary Trump-off? Pro-Donald petition passes 100k signatures


Re: nice!

Well, John... after a good week now, they appear to have tailed off at 1.85m versus 300,000.


So my comparison stands. Feeling uneasy, are you?



I'm actually quite cheered by this - 1.6 million versus 100,000.

Sometimes, it feels as though the Trumpeteers are in roughly equal numbers, so if this is indicative then perhaps things aren't as bad as I'd thought.

Had to laugh at Britain First's saluting him as a patriot. Cowardice at its finest.

Hacker: I made 160,000 printers spew out ASCII art around the world



LPR exposed to the internet (check!), but he also had to invoke his mysterious zero-days, and firmware updates?

Why bother, when LPR is so easy to do?

Trump fan Peter Thiel 'considering' CA Terminator role*


ah, why not give him a shot... Seeing as Trump is going all out on filling the swamp, instead of draining it, he'd fit right in.

Trump's cyber-guru Giuliani runs ancient 'easily hackable website'



Build a (fire)wall - and make the hackers pay for it!

Did webcam 'performer' offer support chap payment in kind?


even worse..

My friend asked me to look at her dad's PC and dropped it off. He'd left a DVD in the drive, which duly spun into action with lesbian porn.

Opening a beer, I decided to take a well deserved break from my IT investigations. As the can reached my lips, performer #1 crouched above #2 and let loose.... well... a #2.

Beer down, computer off, knocked on door, "sorry, nothing I can do with this one!"

Mirai IoT botnet blamed for 'smashing Liberia off the internet'


Krebs says not:


Appointments on hold as (computer) virus wreaks havoc with NHS trust systems


A free hip, says it's ransomware...

Researchers expose Mirai vuln that could be used to hack back against botnet


Fine, you don't advocate hacking back.

Now, it only takes *one* of you to deviate from that, and put a stop to these miscreants. I wouldn't lose much sleep over it in this instance, if it were done properly.

Fujitsu seeks PC exit, finds willing buyer in Lenovo


Re: Do people really buy them

Not desktops - but their laptops are actually pretty awesome.

DNS devastation: Top websites whacked offline as Dyn dies again


Dear whitehats

Please change all the passwords on those insecure devices to something random.



Windows updates? Just trust us, says Microsoft executive


Morning, Microsoft !

Funny you should ask about the whole "trust us" thing.

I've come in to work this morning to find 175 servers out of ~600 that are refusing to install Endpoint Protection AV updates. No known cause as of yet.

I'll keep working on it, but thanks for reminding me we can totally trust you not to screw things up.