* Posts by mikus

121 publicly visible posts • joined 24 Jan 2008

Not even LinkedIn is that keen on Microsoft's cloud: Shift to Azure abandoned

mikus

Well if they won't let us go to AWS, we'll keep our Data Centers.

Two years on, 1 in 4 apps still vulnerable to Log4Shell

mikus

I recently ran into this with mremote-ng, a windoze software client for ssh and remote desktop use, so like something mostly system administrators would use was still using an ancient vulnerable log4net, a variation of log4j with the same vulnerabilities. My FortiClient EPP software noticed it to alert, luckily I had some enterprise security to do so, but how many others do not?

Looking up the software project's github to post an issue, someone else with the same alert from FortiClient told them years ago, and they closed it, telling someone to get the "nightly" version vs. the ancient and non-updated main app from the website that you know, 99% of people including myself would just download to use. I opened a new ticket asking them patch the main version ffs too, and finally did after some nagging and public shaming, but by this point I already uninstalled it, cursed having to use anything like that on windoze in the first place.

Anything on windoze, particularly 3rd party software I imagine is all a rats nest of vulnerable dependencies that never get updated. I use windoze for anything as little as possible for that reason alone, usually only keeping it around as my visio runtime.

Lenovo's USB-C Power Banks pack more heat than expected

mikus

Apparently they never temperature checked their 230W psu's, my T15G2 with an nvidia gpu warms my room on cold days.

Tesla, Musk likely aware of Autopilot deficiencies behind Florida fatality, says judge

mikus

Well, this is Musk you're talking about.

Kill a few humans? Pah, rumours and lies, spread by those I've tread upon!

Robocar tech biz sues Nvidia, claims stolen code shared in Teams meeting blunder

mikus

One slide to rule them all

If your company hinges on something in a slide deck, you probably have bigger problems.

OpenAI staff threaten to leave if ousted CEO Altman is not reinstated

mikus

I'm certain today there's ~700 positions open at Microsoft in their new AI team. Why buy the cow when you can get the milk for free^H^H^H^Hcheap.

Not even the ghost of obsolescence can coerce users onto Windows 11

mikus

Re: PC is good enough for now.

Linux comes default with Mahjong usually if any games, which on flights as the only default game learned to greatly enjoy in place of solitaire.

FEMA to test emergency alert system US-wide today

mikus

Ours were in Spanish, apparently Arizona has been officially annexed into Mexico.

City council Oracle megaproject got a code red – and they went live anyway

mikus

Has there ever been a proper ERP implementation that hasn't run 5x or more in cost than intended? I've never seen or heard of one, pretty much anything Oracle or SAP is simply destined to be a disaster when put toward every weird and wacky business or government use case.

Russia to ban all VPNs – again – says senator

mikus

Yeah, let me know how the great firewall of Russia or China keeps the vpn's out. No business could get done if they didn't.

US State Dept has no idea if its IT security actually works, say auditors

mikus

If anyone bothered to actually properly audit, and not the old buddy wink and a nod audit, they'd find most State and Local Muni orgs across the US operate the same way. I used to consult at many of them locally, they certainly don't here, and having worked enough sampling of the rest of the US too, have no doubt. No one in government actually implements proper measures, they buy something, pay a consultant, pray it works to drop a bit extra in the hat in on sunday when done, and when it doesn't, hand a claim over to insurance to go back to waiting for their pension to kick in.

Microsoft admits slim staff and broken automation contributed to Azure outage

mikus

Well, who can blame them as a small business, one has to make sure to right-size their staffing accordingly. They can't afford to do it like those real "large" IT companies do it. Maybe those relying on this solution should shop for a more appropriate sized organization and product offering that can actually meet their needs for redundancy and scalability.

High severity vuln in WinRAR could allow code to run when files are opened

mikus

I still laugh every time I see an enterprise that rolls out winrar or winzip on a corporate level, I can only ever say "eww" or think "what silly old warez d00d admin put this out there?". Particularly when there are far better and far more open and un-encumbered license-wise solutions like 7zip that don't come with a shareware trial nag on every launch. Keep it classy y'all.

Twitter sues Brit non-profit, claims hate-speech reports scared off advertisers

mikus

After he's routinely stiffed most orgs that do business with Twitter for major dollars already, would you work without cash up front from him?

Anyone of conscience has long since left left the platform and/or doing business with them, I presume it's only bottom-feeders left now, and these sorts of lawsuits expose that even more.

Euro monopoly cops to probe Microsoft for slipping Teams into Office

mikus

It's the same old bundle-in they've been doing for 30 years to sucker/draw people into their ecosystems. Why is anyone shocked?

Micron warns China's ban could cost it $4 billion annual revenue

mikus

I wonder how Jack Ma's time in "readjustment" went.

With dead-time dump, Microsoft revealed DDoS as cause of recent cloud outages

mikus

Having worked at a major cloud company circa 2003, I became well acquainted with ddos, and quite interesting how they deal with this 20 years later.

This ought to be an instructional piece of history how long they torment Microsoft. or anyone really.

Third MOVEit bug fixed a day after PoC exploit made public

mikus

Now that they know, they'll bust it up to eternity. These "secure file transfer" gateways are always a racket, use a properly secure means.

If you buy a suite like moveit, hire someone to tell you to stop.

Music bosses go after Twitter's unlicensed soundtrack to the tune of $250M

mikus

How does a failing business model make something from nothing? Hire lawyers and sue everyone for anything.

I do hope Musk publicly taunts the RIAA/MPAA media cartels, it should prove as entertaining as a couple of one-legged men in an asskicking contest.

Kinder, gentler Oracle says it's changed, and now wants you to succeed

mikus

Yet we still haven't heard how or why oracle cloud mysteriously went titsup for an entire day last friday to bring businesses to a halt while they lick their wounds. One simply can't trust the machine.

Microsoft stole our stolen dark web data, says security outfit

mikus

It probably means they slurped their entire db, made a cache to use themselves in whatever format they do, and didn't need them any longer. Embrace, Extend, Extinguish.

HCL proves Lotus Notes will never die by showing off beta of lucky Domino 14.0

mikus

Crappy companies too lazy to move off it vs. just paying monkeys to keep the dance going and issue mediocre security patches to avoid moving to Office 365.

Metaverse? Apple thinks $3,500 AR ski goggles are the betterverse

mikus

$3500 says the first zero-day no-click will be for imessenger still, allowing NSO Group and customers to watch what you're now literally looking at. Hooray for evolution!

Singapore tells its people: Go forth and block those ads

mikus

Everyone should block ads, if they're not, they're silly twats wanting to be infected.

Apple: No more sneak-peek previews of iOS unless you pay for the privilege

mikus

Pay up, get your zero-days here!

What isn't there love about pay for play!

China's Hisense bakes Teams into Android-powered commercial displays

mikus

At least until they end up on the next list of US import ban lists, but then they'll just become OUSKSHYTSA99 on amazon with 500k reviews.

After 47 years, Microsoft issues first sexual harassment and gender report

mikus

Obviously they got rid of enough of the old guard. It started with Ballmer, finally enough cashed out to join the old money club and try harder.

AMD’s latest, greatest Radeon graphics card $600 cheaper than Nvidia’s top RTX 4090

mikus

When did $1000 video cards become normal?

Not really sure, with the advent of Steam Proton support for Linux gaming, I suddenly care to game again 20 years later, but pretty absurd being re-introduced to this when people were scalping gpu's for 3x the cost, ie several thousands of dollars, as apparently they generated gold or something. Suddenly they don't, and I just want some pretty graphics maan, but really - starting at 1000 dollars? I remember buying my first voodoo2 that broke me at $200 bucks, so perhaps I'm jaded.

Mormon Church IT ransacked, data stolen by 'state-sponsored' cyber-thieves

mikus

No, magic underwear does not come with malware protection.

Fortinet says it’s all about the security ASICs

mikus

Re: Interesting

Remember? You missed the memo Radware bought the rotting carcass in the Nortel collapse, and used it to make their "next-gen" load-balancers now. Yes my friend, it's aliiiiiive! <cackles to himself>

I always wondered what jackasses actually buy radware (that aren't Israeli), and last year I ran into one still running ancient radware LB's (still required flash!) and went in on the "next-gen" kit now. I tried to talk some sanity into them F5 or Citrix might be a more rational option, you know, people actually use and support them, but they couldn't be bothered to look at switching vendors.

I just laugh inwardly that someone actually bought the last-gen-before rejects as everyone already forgot the stench from the first and second round of life.

Microsoft patches the patch that broke VPNs, Hyper-V, and left servers in boot loops

mikus

Re: Quite a blast radius!

I've used only linux for almost 20 years now, and in IT consulting have to exchange files regularly with clients that of course only use MS Office. OpenOffice worked well enough mostly, and now with current LIbreOffice have almost no issues with import/export of native docx/xlsx files. Of course MS Office supports native odt and ods files for Word/Excel native import, which works well too, and so does even 365 online word/excel.

Give it a try, I think you'll be pleasantly surprised these days. The great equalizer is export to pdf if nothing else, which I tend to do for formal docs anyways.

Games Workshop has chucked another £500k at entrenched ERP project with no end to epic battle in sight

mikus

Yet another failed, er, delayed ERP project that's overbudget and undelivered. Death by a thousand cuts, or change orders.

Maybe at this point The Reg do so some public service and tally all their failed ERP projects year over year like the 12 days of bork, and name the incompetent (both implementer and customers that bought into them). Might pay it forward to the next generation of poor bastards that have to implement something new. ERP systems are always such nasty, nasty projects, no one gets out alive at the end of the day. They're almost as bad as medical HMS software.

LAPD cops who preferred playing Pokémon Go to tackling robbery can be fired, appeals court rules

mikus

One of my childhood friends used to tell me how he "gamed" the system as a DPS freeway officer to make an actual decent salary, as cops don't typically get paid the most. He would work a LOT of overtime with odd jobs at odd hours, thus improving his income, but usually just hanging out at DOT construction jobs playing his Gameboy or watching TV.

You know, those guys that sit in a cop car at off-ramps you're NOT supposed to get off at, with his lights on, doing nothing 99% of the time. Before that I always thought they just parked an empty car there with the lights on to scare people off, but no, your tax dollars pay for someone to be in there, doing nothing but playing games or watching TV in one flavor or another, usually at time and a half hourly rates.

This was even more egregious, like actually opting NOT to show up to a robbery because pokemon go was more important, but still, it always irked me a bit when he'd call me bored during those overtime sitting festivals with nothing better to do but soak up my tax dollars. I guess that's why we aren't close friends anymore...

When ERP projects go awry: Surrey County Council incurs £3.2m additional costs in delayed Unit4 project

mikus

When have you ever seen an ERP project go right? ERP is a four letter word.

Every time I have been involved in one, it's quickly learned that the folks doing the work are usually under-qualified, and then they start asking for change orders for everything, stating the project wasn't scoped correctly. If it does get done, it's usually a hack job that has problems just to say they finished anything, then just continue to request more change orders to fix them, and never really "finish" what so ever.

I pity the folks that have to work with ERP companies and software.

HCL accused of wage theft, underpaying H-1B workers by at least $95m a year

mikus

Nothing like modern day slavery, or at least indentured servitude. They want to come over, will work for nothing just to get there, and their own people are happy to sell them at an extreme profit. Then once here, the H1B is held over their heads indefinitely by the importer as a goal they can't achieve while paying them as little as possible.

Sounds like how America was founded alright.

Microsoft adds Buy Now, Pay Later financing option to Edge – and everyone hates it

mikus

Why would you use this?

So instead of sending everything you do to in a browser to google, you send it to microsoft. yay.

Plus you get the "downgrade me to IE" for instant infection capabilities from their finest legacy code, what is not to love for enterprises.

Now they're down to grubbing for cash by giving you a layaway plan. You know how you can always tell a bad neighborhood? Count the check cashing stores on the corners, and this is the newest variety.

As a full-time linux user, I laugh when they announce Edge builds for linux, like any self-respecting user would ever other than as a random benchmark.

Cisco warns 'unintentional debugging credential' left in some network switches can be abused to hijack equipment

mikus

Oh yeah, so this one China order...

They said just cut and paste this here for big order.

Netflix sued by South Korean ISP after Squid Game fans swell traffic to '1.2Tbps'

mikus

If anyone at SK Broadband had any reasonable clue, they would have done what most other ISP's have done (long ago) and peer directly with Netflix, or with a 2nd tier provider that does for direct bandwidth offload peering at least cheaper than what they're paying for general bandwidth use with their current peering relationships. They've obviously been too lazy, too cheap, or too self-absorbed to care until it's now hitting them in the pocket book, but this isn't the customer or netflix's problem - it's theirs for being a bad ISP. This just makes them look desperate, ignorant, petulant, and absurd as an organization that can't manage their own ISP.

Netflix should just block SKB's ip ranges then and see how their customers and executives like that, but problem solved.

Activision Blizzard to pay out three days of annual profit to settle sex discrimination case

mikus

I suppose there will be a grand reopening of the "Cosby Room" now that this nasty bit is done with. Bring on the strippers and hoes!

Biggest takeaway from pandemic lockdowns for Microsoft? Teams stopped talking to each other

mikus

Teams vs. Slack

I do consulting at multiple organizations at a time, and thus tend to participate in multiple Slack and M$ Teams channels at a give time. The biggest difference I see is people actually like using Slack, communicate openly and socially vs. what seems like mere ghost channels on Teams like they're afraid of corporate logging something inappropriate.

Slack seems to invite communication dumping everyone into "General" first, usually with hails of "welcome!", and folks are typically encouraged to find other channels as appropriate to join. There are typically few private only channels, rather it's built more on social inclusion vs. exclusion. People actually enjoy using it both for being social within the companies and for getting work done in some combination of both.

Among even my own team Teams channels, it's almost frowned upon to post non-work items, get rare responses, and all teams lock their own channels to only themselves vs. inviting cross-team collaboration (no networking bofh's in the systems channel, please). There is no "General" channel for everyone to socialize in, no "Pets" channels, no specialized "outside work" interests, nothing. It's all entirely sterile and/or depressing. People only use it for direct messages to each other, and most hate it as a conferencing platform, still using their webex/zoom/google conferencing instead.

This is consistent across every Teams org I've joined.

As much as M$ gives it away, it just as usual misses the mark to clone Slack as much as they would like it to be.

Start or Please Stop? Power users mourn features lost in Windows 11 'simplification'

mikus

Candy Crush in my fscking menu?!

All people really wanted was not to be spammed with pseudo-ads in their frigging start menu with garbage ads like Candy Crush, Xbox games, and upsells for Office (um, libreoffice is free?). Really, getting rid of that would have been enough to satiate most.

Now it's just some bastard re-envisioning of how to ape mac's taskbar (look, centralized icons!), and simple lack of feature parity due to some laziness or ineptitude in the dev cycle. Yes, this is the latest winME/Vista it seems.

The only thing I use windoze for in the past 15 years is a hypervisor guest to run visio/project on. If wine could handle running visio/project in abstraction better, I wouldn't need windoze at all. Using Linux full-time for 15 years, it's otherwise not necessary.

Kaseya says it's seen no sign of supply chain attack, sets SaaS restoration target of Tuesday afternoon, on-prem fix to follow

mikus

So no sophisticated attack to sign malicious dll's and such via microsoft ala solarwinds, they just gang raped their platform and all downstream customers with blatant insecurity. Some 60 direct customers, and 1500 downstream customers. Nothing to see here, now move along, remember to pay your renewals, particularly the cyber insurance parts to pay off the gross incompetence all around by customer and choice in vendor.

Apple warns kit may interfere with implanted medical devices at close proximity

mikus

Old News

This has been discussed since the last generation of iphones were released. Has someone died yet? Who's the first sacrificial lamb for science and news to take a heart attack for the team?

Indian government reverts to manual tax filings as new e-tax portal remains badly borked a week after launch

mikus

You would think Indians would know better than to outsource anything locally after watching the mess they've made for the past 25 years in the US when playing that angle.

Women techs fume, offer crowdsourced fixes as Michelle Obama's online keynote crashes

mikus

Or they could have just zoom, webex, or any other responsible platform. How much did random unheard of conferencing company pay to show up at the table?

Guy who wrote women are 'soft, weak, cosseted, naive' lasted about a month at Apple until internal revolt

mikus

Maybe his production company for his book should have explained the concept of a pen name? If you work for apple, what the hell were you thinking - you wanted to be fired disgracefully for someone googling your name? Maybe just troll under other pseudonyms, call it a life. Andy Rubin is still around I think doing just that.

US govt indicted me because I make privacy tools, says crypto-chat app CEO accused of helping drug smugglers

mikus

So tomorrow Signal, Telegram?

Of course encryption helps criminals, only the definition of criminal is fluid whether that pertains to Donald Trump or Pablo Escobar. If they're not harassing the non-commercial encrypted chats already, does that mean they already have backdoors in them?

If I sell a rebranded chinese phone tomorrow with Signal on it, does that make me a criminal?

Red Hat returns with another peace offering in the wake of the CentOS Stream affair: More free stuff

mikus

So ultimately CentOS* is deaed

All my customers using CentOS are still crapping themselves, but they're ditching IBM/RH as quick as they can.

Axe-happy Microsoft halves support for Windows 10 Long Term Servicing Channel

mikus

Good thing you can still buy up to an enterprise license for 9 bucks.

You can buy from sites like gkeys24.com for any microsoft product with legit licenses less than your lunch. Pay $180 bucks for shoddy windoze support, nah, but maybe $9 bucks for a win10 pro/enterprise license. Funny how microsoft whores themselves out to nations that can't support paying $180usd, but can $9 and takes it, while charging us fools full price in the US. Anyone can buy in through less than savory channels at a fraction of cost, but is it any less legit? I can buy a legit, ie certified by microsoft license of win10 pro, visio, and project for less than 50 dollars normally, likely from China. Glad China gets the hookup, and I can subsequently.

Paying any more for windoze or other m$ products is absurd unless a fool. Why even pay for office when LibreOffice is a superior standard. I use visio/project, but office is a waste to invest in with better free solutions for basic office alone.

In wake of Apple privacy controls, Facebook mulls just begging its iOS app users to let it track them over the web

mikus

Hey, it would be great if you just let us backdoor your app!

Usually some telemetry channel like that is either endorsed by the owner, usually an enterprise, or a backdoor rootkit of some kind. Fakebook looking to legitimize a separate command and control telemetry feed to keep marketing drones satisfied is pretty ballsy. Of course, Microsoft legitimized it first, so why not.