Well if they won't let us go to AWS, we'll keep our Data Centers.
Posts by mikus
121 publicly visible posts • joined 24 Jan 2008
Not even LinkedIn is that keen on Microsoft's cloud: Shift to Azure abandoned
Two years on, 1 in 4 apps still vulnerable to Log4Shell
I recently ran into this with mremote-ng, a windoze software client for ssh and remote desktop use, so like something mostly system administrators would use was still using an ancient vulnerable log4net, a variation of log4j with the same vulnerabilities. My FortiClient EPP software noticed it to alert, luckily I had some enterprise security to do so, but how many others do not?
Looking up the software project's github to post an issue, someone else with the same alert from FortiClient told them years ago, and they closed it, telling someone to get the "nightly" version vs. the ancient and non-updated main app from the website that you know, 99% of people including myself would just download to use. I opened a new ticket asking them patch the main version ffs too, and finally did after some nagging and public shaming, but by this point I already uninstalled it, cursed having to use anything like that on windoze in the first place.
Anything on windoze, particularly 3rd party software I imagine is all a rats nest of vulnerable dependencies that never get updated. I use windoze for anything as little as possible for that reason alone, usually only keeping it around as my visio runtime.
Lenovo's USB-C Power Banks pack more heat than expected
Tesla, Musk likely aware of Autopilot deficiencies behind Florida fatality, says judge
Robocar tech biz sues Nvidia, claims stolen code shared in Teams meeting blunder
OpenAI staff threaten to leave if ousted CEO Altman is not reinstated
Not even the ghost of obsolescence can coerce users onto Windows 11
FEMA to test emergency alert system US-wide today
City council Oracle megaproject got a code red – and they went live anyway
Russia to ban all VPNs – again – says senator
US State Dept has no idea if its IT security actually works, say auditors
If anyone bothered to actually properly audit, and not the old buddy wink and a nod audit, they'd find most State and Local Muni orgs across the US operate the same way. I used to consult at many of them locally, they certainly don't here, and having worked enough sampling of the rest of the US too, have no doubt. No one in government actually implements proper measures, they buy something, pay a consultant, pray it works to drop a bit extra in the hat in on sunday when done, and when it doesn't, hand a claim over to insurance to go back to waiting for their pension to kick in.
Microsoft admits slim staff and broken automation contributed to Azure outage
Well, who can blame them as a small business, one has to make sure to right-size their staffing accordingly. They can't afford to do it like those real "large" IT companies do it. Maybe those relying on this solution should shop for a more appropriate sized organization and product offering that can actually meet their needs for redundancy and scalability.
High severity vuln in WinRAR could allow code to run when files are opened
I still laugh every time I see an enterprise that rolls out winrar or winzip on a corporate level, I can only ever say "eww" or think "what silly old warez d00d admin put this out there?". Particularly when there are far better and far more open and un-encumbered license-wise solutions like 7zip that don't come with a shareware trial nag on every launch. Keep it classy y'all.
Twitter sues Brit non-profit, claims hate-speech reports scared off advertisers
After he's routinely stiffed most orgs that do business with Twitter for major dollars already, would you work without cash up front from him?
Anyone of conscience has long since left left the platform and/or doing business with them, I presume it's only bottom-feeders left now, and these sorts of lawsuits expose that even more.
Euro monopoly cops to probe Microsoft for slipping Teams into Office
Micron warns China's ban could cost it $4 billion annual revenue
With dead-time dump, Microsoft revealed DDoS as cause of recent cloud outages
Third MOVEit bug fixed a day after PoC exploit made public
Music bosses go after Twitter's unlicensed soundtrack to the tune of $250M
Kinder, gentler Oracle says it's changed, and now wants you to succeed
Microsoft stole our stolen dark web data, says security outfit
HCL proves Lotus Notes will never die by showing off beta of lucky Domino 14.0
Metaverse? Apple thinks $3,500 AR ski goggles are the betterverse
Singapore tells its people: Go forth and block those ads
Apple: No more sneak-peek previews of iOS unless you pay for the privilege
China's Hisense bakes Teams into Android-powered commercial displays
After 47 years, Microsoft issues first sexual harassment and gender report
AMD’s latest, greatest Radeon graphics card $600 cheaper than Nvidia’s top RTX 4090
When did $1000 video cards become normal?
Not really sure, with the advent of Steam Proton support for Linux gaming, I suddenly care to game again 20 years later, but pretty absurd being re-introduced to this when people were scalping gpu's for 3x the cost, ie several thousands of dollars, as apparently they generated gold or something. Suddenly they don't, and I just want some pretty graphics maan, but really - starting at 1000 dollars? I remember buying my first voodoo2 that broke me at $200 bucks, so perhaps I'm jaded.
Mormon Church IT ransacked, data stolen by 'state-sponsored' cyber-thieves
Fortinet says it’s all about the security ASICs
Re: Interesting
Remember? You missed the memo Radware bought the rotting carcass in the Nortel collapse, and used it to make their "next-gen" load-balancers now. Yes my friend, it's aliiiiiive! <cackles to himself>
I always wondered what jackasses actually buy radware (that aren't Israeli), and last year I ran into one still running ancient radware LB's (still required flash!) and went in on the "next-gen" kit now. I tried to talk some sanity into them F5 or Citrix might be a more rational option, you know, people actually use and support them, but they couldn't be bothered to look at switching vendors.
I just laugh inwardly that someone actually bought the last-gen-before rejects as everyone already forgot the stench from the first and second round of life.
Microsoft patches the patch that broke VPNs, Hyper-V, and left servers in boot loops
Re: Quite a blast radius!
I've used only linux for almost 20 years now, and in IT consulting have to exchange files regularly with clients that of course only use MS Office. OpenOffice worked well enough mostly, and now with current LIbreOffice have almost no issues with import/export of native docx/xlsx files. Of course MS Office supports native odt and ods files for Word/Excel native import, which works well too, and so does even 365 online word/excel.
Give it a try, I think you'll be pleasantly surprised these days. The great equalizer is export to pdf if nothing else, which I tend to do for formal docs anyways.
Games Workshop has chucked another £500k at entrenched ERP project with no end to epic battle in sight
Yet another failed, er, delayed ERP project that's overbudget and undelivered. Death by a thousand cuts, or change orders.
Maybe at this point The Reg do so some public service and tally all their failed ERP projects year over year like the 12 days of bork, and name the incompetent (both implementer and customers that bought into them). Might pay it forward to the next generation of poor bastards that have to implement something new. ERP systems are always such nasty, nasty projects, no one gets out alive at the end of the day. They're almost as bad as medical HMS software.
LAPD cops who preferred playing Pokémon Go to tackling robbery can be fired, appeals court rules
One of my childhood friends used to tell me how he "gamed" the system as a DPS freeway officer to make an actual decent salary, as cops don't typically get paid the most. He would work a LOT of overtime with odd jobs at odd hours, thus improving his income, but usually just hanging out at DOT construction jobs playing his Gameboy or watching TV.
You know, those guys that sit in a cop car at off-ramps you're NOT supposed to get off at, with his lights on, doing nothing 99% of the time. Before that I always thought they just parked an empty car there with the lights on to scare people off, but no, your tax dollars pay for someone to be in there, doing nothing but playing games or watching TV in one flavor or another, usually at time and a half hourly rates.
This was even more egregious, like actually opting NOT to show up to a robbery because pokemon go was more important, but still, it always irked me a bit when he'd call me bored during those overtime sitting festivals with nothing better to do but soak up my tax dollars. I guess that's why we aren't close friends anymore...
When ERP projects go awry: Surrey County Council incurs £3.2m additional costs in delayed Unit4 project
When have you ever seen an ERP project go right? ERP is a four letter word.
Every time I have been involved in one, it's quickly learned that the folks doing the work are usually under-qualified, and then they start asking for change orders for everything, stating the project wasn't scoped correctly. If it does get done, it's usually a hack job that has problems just to say they finished anything, then just continue to request more change orders to fix them, and never really "finish" what so ever.
I pity the folks that have to work with ERP companies and software.
HCL accused of wage theft, underpaying H-1B workers by at least $95m a year
Nothing like modern day slavery, or at least indentured servitude. They want to come over, will work for nothing just to get there, and their own people are happy to sell them at an extreme profit. Then once here, the H1B is held over their heads indefinitely by the importer as a goal they can't achieve while paying them as little as possible.
Sounds like how America was founded alright.
Microsoft adds Buy Now, Pay Later financing option to Edge – and everyone hates it
Why would you use this?
So instead of sending everything you do to in a browser to google, you send it to microsoft. yay.
Plus you get the "downgrade me to IE" for instant infection capabilities from their finest legacy code, what is not to love for enterprises.
Now they're down to grubbing for cash by giving you a layaway plan. You know how you can always tell a bad neighborhood? Count the check cashing stores on the corners, and this is the newest variety.
As a full-time linux user, I laugh when they announce Edge builds for linux, like any self-respecting user would ever other than as a random benchmark.
Cisco warns 'unintentional debugging credential' left in some network switches can be abused to hijack equipment
Netflix sued by South Korean ISP after Squid Game fans swell traffic to '1.2Tbps'
If anyone at SK Broadband had any reasonable clue, they would have done what most other ISP's have done (long ago) and peer directly with Netflix, or with a 2nd tier provider that does for direct bandwidth offload peering at least cheaper than what they're paying for general bandwidth use with their current peering relationships. They've obviously been too lazy, too cheap, or too self-absorbed to care until it's now hitting them in the pocket book, but this isn't the customer or netflix's problem - it's theirs for being a bad ISP. This just makes them look desperate, ignorant, petulant, and absurd as an organization that can't manage their own ISP.
Netflix should just block SKB's ip ranges then and see how their customers and executives like that, but problem solved.
Activision Blizzard to pay out three days of annual profit to settle sex discrimination case
Biggest takeaway from pandemic lockdowns for Microsoft? Teams stopped talking to each other
Teams vs. Slack
I do consulting at multiple organizations at a time, and thus tend to participate in multiple Slack and M$ Teams channels at a give time. The biggest difference I see is people actually like using Slack, communicate openly and socially vs. what seems like mere ghost channels on Teams like they're afraid of corporate logging something inappropriate.
Slack seems to invite communication dumping everyone into "General" first, usually with hails of "welcome!", and folks are typically encouraged to find other channels as appropriate to join. There are typically few private only channels, rather it's built more on social inclusion vs. exclusion. People actually enjoy using it both for being social within the companies and for getting work done in some combination of both.
Among even my own team Teams channels, it's almost frowned upon to post non-work items, get rare responses, and all teams lock their own channels to only themselves vs. inviting cross-team collaboration (no networking bofh's in the systems channel, please). There is no "General" channel for everyone to socialize in, no "Pets" channels, no specialized "outside work" interests, nothing. It's all entirely sterile and/or depressing. People only use it for direct messages to each other, and most hate it as a conferencing platform, still using their webex/zoom/google conferencing instead.
This is consistent across every Teams org I've joined.
As much as M$ gives it away, it just as usual misses the mark to clone Slack as much as they would like it to be.
Start or Please Stop? Power users mourn features lost in Windows 11 'simplification'
Candy Crush in my fscking menu?!
All people really wanted was not to be spammed with pseudo-ads in their frigging start menu with garbage ads like Candy Crush, Xbox games, and upsells for Office (um, libreoffice is free?). Really, getting rid of that would have been enough to satiate most.
Now it's just some bastard re-envisioning of how to ape mac's taskbar (look, centralized icons!), and simple lack of feature parity due to some laziness or ineptitude in the dev cycle. Yes, this is the latest winME/Vista it seems.
The only thing I use windoze for in the past 15 years is a hypervisor guest to run visio/project on. If wine could handle running visio/project in abstraction better, I wouldn't need windoze at all. Using Linux full-time for 15 years, it's otherwise not necessary.
Kaseya says it's seen no sign of supply chain attack, sets SaaS restoration target of Tuesday afternoon, on-prem fix to follow
So no sophisticated attack to sign malicious dll's and such via microsoft ala solarwinds, they just gang raped their platform and all downstream customers with blatant insecurity. Some 60 direct customers, and 1500 downstream customers. Nothing to see here, now move along, remember to pay your renewals, particularly the cyber insurance parts to pay off the gross incompetence all around by customer and choice in vendor.
Apple warns kit may interfere with implanted medical devices at close proximity
Indian government reverts to manual tax filings as new e-tax portal remains badly borked a week after launch
Women techs fume, offer crowdsourced fixes as Michelle Obama's online keynote crashes
Guy who wrote women are 'soft, weak, cosseted, naive' lasted about a month at Apple until internal revolt
Maybe his production company for his book should have explained the concept of a pen name? If you work for apple, what the hell were you thinking - you wanted to be fired disgracefully for someone googling your name? Maybe just troll under other pseudonyms, call it a life. Andy Rubin is still around I think doing just that.
US govt indicted me because I make privacy tools, says crypto-chat app CEO accused of helping drug smugglers
So tomorrow Signal, Telegram?
Of course encryption helps criminals, only the definition of criminal is fluid whether that pertains to Donald Trump or Pablo Escobar. If they're not harassing the non-commercial encrypted chats already, does that mean they already have backdoors in them?
If I sell a rebranded chinese phone tomorrow with Signal on it, does that make me a criminal?
Red Hat returns with another peace offering in the wake of the CentOS Stream affair: More free stuff
Axe-happy Microsoft halves support for Windows 10 Long Term Servicing Channel
Good thing you can still buy up to an enterprise license for 9 bucks.
You can buy from sites like gkeys24.com for any microsoft product with legit licenses less than your lunch. Pay $180 bucks for shoddy windoze support, nah, but maybe $9 bucks for a win10 pro/enterprise license. Funny how microsoft whores themselves out to nations that can't support paying $180usd, but can $9 and takes it, while charging us fools full price in the US. Anyone can buy in through less than savory channels at a fraction of cost, but is it any less legit? I can buy a legit, ie certified by microsoft license of win10 pro, visio, and project for less than 50 dollars normally, likely from China. Glad China gets the hookup, and I can subsequently.
Paying any more for windoze or other m$ products is absurd unless a fool. Why even pay for office when LibreOffice is a superior standard. I use visio/project, but office is a waste to invest in with better free solutions for basic office alone.
In wake of Apple privacy controls, Facebook mulls just begging its iOS app users to let it track them over the web
Hey, it would be great if you just let us backdoor your app!
Usually some telemetry channel like that is either endorsed by the owner, usually an enterprise, or a backdoor rootkit of some kind. Fakebook looking to legitimize a separate command and control telemetry feed to keep marketing drones satisfied is pretty ballsy. Of course, Microsoft legitimized it first, so why not.