
Whoever knew..
Whoever knew that an Oracle installation would be later, over budget and not work properly? Must be first.
465 publicly visible posts • joined 3 Apr 2008
We've seen these guys.. they are really quick. User's mailbox gets hit by hundreds of email messages for things like web site sign-ups, newsletter subscriptions etc. Around 10-20 mins after the email bomb starts, the user gets a call via Teams from a fake IT department. You might see several victims getting the email bomb with only a few getting the phone call, worth checking in each case.
Back in the day when overdrive processors were a thing, we had a user who tried to install a clock-doubled CPU onto his motherboard, paid for with his own money. The problem was that it already had a clock-doubled CPU out of the factory, so this didn't do anything. In order to try to wring some extra performance out of the computer he started fiddling with things on the motherboard, and decided it would be a terrific idea to remove all the jumpers. Unsurprisingly, the computer did not work at all after that.
Deciding it was now an IT support problem, we got a phone call. We found the computer with all the jumpers in a little pile next to it. User demanded we fix it, we refused since without knowing the correct settings it would have been near impossible. User was very cross. We walked away.
Overnight the cleaner came into the office where the computer was, found all the jumpers binned them. I don't think anyone ever did get the computer working again.
I wrote one myself once, thinking "how hard can it be". Turned out that a VT52 emulator running on a BBC Micro and written in BASIC was only good enough to cope with 300 baud data. Which was fine.
Because this makes me an expert, I will say that it was always tough to do on early hardware. 132 columns? Errr.. not quite. Come up with a way to sensibly map the LK201 keyboard to a PC? We'll give it a go.. what's a COMPOSE key anyway? I thought using a VT520 was a treat.. multisession, copy and paste *between* sessions, fitted on the desk easily and had no moving parts.
There were certainly problems, but well-prepared organisations fixed them quickly - byzantine mainframe applications being a particularly tricky thing.
I think the odd thing was that orgs tended not to 'fess up to problems. The narrative after 2000 rolled in was that *nothing* happened, I think there was some reluctance for orgs to put their hands up and say "well actually we had these issues" because it may have made them look under-prepared. The "nothing happened" narrative rolled on, and now of course there are those who claim there was never a bug to fix..
Most of the examples I see are *not* romance scams, but they do involve a supposedly random person striking up a long-term friendship with the mark. The initial contact is made to look like it's a fluke.. somebody reaches out to you on WhatsApp and asks "Are you the wombat doctor?" to which you reply "No, but I *love* wombats!" which of course the bad actor already knows - and then they very slowly reel you in.
I do agree that "pig butchering" is a pretty horrible phrase, but it does differentiate it from other types of scams including *actual* romance scams (which are typically West African in origin, rather than East Asian pig butchering). Some other phrase would be better, doesn't even have to be accurate I suppose.. BEC (businesses email compromise) fraud often involves no compromise, or even email.
I ran training course for people new the the internet in the pre-Google days. The Yahoo! Directory and AltaVista were the two main weapons of choice, but it was also very common for sites to have hotlinks pages to other related sites. ODP / DMOZ came a little bit later, but in the pre-Wikipedia days that was the best way to get a neutral overview of a topic. All these interlinks are of course what enabled the PageRank algorithm for Google.
It looks like I'm not alone.. on several occasions in the distant past I had the same problem, employees storing important emails in the Deleted Items folder in Exchange, which of course is the sort of thing you purge first when their measly on-prem mailbox quota was exceeded. They had apparently been "told" to do it, but when pressed they couldn't say by whom or why. My guess is that they didn't know how to create their own folders. They didn't like it when I asked if they kept all their important paper files in the physical waste bin either. "Of course not, why would I do that?"
I'm glad I don't work in user support any more..
Had exactly the same thing, the user couldn't work in the afternoon in winter when the sun came through the window and shone on the desk. I knew what the problem was because I had read about it in Chaos Manor in Byte some time before - for the uninitiated, Chaos Manor was Jerry Pournelle messing around with computers and it was a surprisingly useful source of tips. I replaced the mouse, so the user could work in the afternoon which I think they were none too happy about.. they also had a (for the time) massive 21" colour CRT running in VGA-only mode which looked stupid. After checking that they weren't visually impared, I installed the correct Windows 3.1 SVGA driver and set it to something more appropriate. They made a formal complaint, and I had to set it back to 640 x 480. I honestly don't think that office actually did any work at all...
Years ago when I was working (mostly) desktop support, facilities wouldn't allow IT to have a trolley because we might break something by bumping into it. So we had to carry everything ourselves, back in the day when desktops, printers and of course servers could be massive. LaserJet IIISi printers were a favourite at over 40kg each. Apparently IT staff were more expendable that the doors and furniture.
That would be the Labour government in 2000 acting on recommendations laid down under the Tories. It did rely on the findings of the Nolan report being implemented in order to ensure that people in public office behaved themselves. I guess that didn't work so well in the long term...
Does outsourcing ever work? Many moons ago I was a county councillor, the ruling Tories pushed through an outsourcing program based more on ideology than any real need. It was a disaster, the contractors messed almost everything up and were in breach of contract. Even so, the council ended paying a considerable wedge to the contractors for them to go away.
It was always obvious to almost all the non-Tory councillors that it would be a disaster. Back in those days the personal surchage still existed where cllrs could be personally liable for negligence. We made sure that every single vote was recorded...
Of course the Germans had telephones too, but in occupied Europe the resistance would keep cutting the lines. This forced the Germans to use radio while the lines were repaired. The Germans thought it was just an annoyance, they didn't understand that they were exposing their communications.
As the Germans were pushed back inside their own borders, then they tended to switch to telephone and teleprinters which meant that the intelligence dried up. This is one of the reasons that the Germans achieved surprise at the Battle of the Bulge in the winter of 1944-45.
Aye, and it was those mundane reports which could often provide a crib for decrypting the cypher. Some stations sent the same message every day (e.g. "NOTHING TO REPORT HH") - if you knew the message then it's much quicker to find the rotor and plug settings. So in a way, over-use made it weaker.
Indeed, our efficient fighter control was a force multiplier. We could get our fighters to where they needed to be more often, we could prioritise high risk attacks and we knew exactly what resources were available at any one time. All the available data for the battle area effectively got pumped into one location and could be analysed and acted upon.
Like a 1940s version of Splunk..
Back in the day when most games ran in DOS mode 13h I worked at a college, I wrote a small TSR that simply intercepted the requests to change graphics mode and if it was 13h the computer threw a generic error and then rebooted. I named it something generic and stuffed it in the DOS folder. I don't believe any of the students figured out how it was done.
I also wrote a wrapper around the FORMAT command because students - either accidentally or deliberately - would do a FORMAT C: which of course would render the machine unusable. If they tried that then it would make the most ghastly alarm noise in the middle of their class and earn them a bollocking.
I know when my blood sugars are low at night because I will typically have long and very vivid dreams, rather like a fever dream. That having been said, it's hardly a scientific method and other non-invasive techniques are available. The problem with *those* is that the DVLA only recognise a fingerprick test as being accurate enough for driving, so you are stuck with those anyway and it's likely your GP will only pay for one testing method.
Test strips are expensive in the UK - *retail* can be about £25 for 50 strips although the NHS gets them cheaper. This means that many people with diabetes being treated with (for example) metformin or sitagliptin don't get test strips prescribed (or only in low quantities) which seems to lead to poorer overall control of diabetes compared to insulin-dependent diabetics who need to test several times a day. A reliable and inexpensive continuous glucose monitor would be an enormous benefit to many people.
Well, that brings the time you need to have stocked up on essential supplies forward from March 2019 to the end of the year then. You know, food, medicine, fuel maybe.
It doesn't actually matter if HMRC pull the rabbit out of the hat and make it work on time, we still haven't even started on the rest of the infrastructure needed for the new customs environment.
It didn't matter if your systems were up-to-date with NotPetya or not. It harvested administrator and local administrator credentials via a custom version of Mimikatz and used those, in *addition* to spreading through ETERNALBLUE / DOUBLEPULSAR etc.
I suspect that many of the organisations so badly hit had decent patch management regimes, but were weaker on passwords. It was not the same as WannaCry. No, not at all.
In the old days they would have been even more screwed. When domains expired they used to drop straight away and could be reregistered almost instantly. That changed a bit more than a decade ago. If you think that getting your domain out of REDEMPTIONPERIOD is a pain, trying to get it back from some anonymous domainer who wants a fortune for it is even harder..
Footfall is probably one of the best and most plausible alien invasion novels, Mote is the best first contact novel I've read. I wasn't so keen on Pournelle's solo works, but when working with Larry Niven there was a good combination of ideas - I guess Niven had the big ideas, Pournelle then made them credible.
And Chaos Manor was always a must-read in Byte. Sure, it was just some guy fiddling around with computers but you'd often learn something. And Pournelle was right about keyboards..
I seem to remember him Tweeting that various law enforcement agencies kept trying to shut down or seize the sinkhole server. It seems that a lot of agencies just didn't understand what was going on and were in their own little bubble.
Funnily enough, one of my bosses offered me a trip to Black Hat / Defcon. Didn't fancy the idea much then. Fancy it less now.
There were five Multics systems in UK Universities as I recall, Birmingham, Bath/Bristol (AUCC), Brunel, Cardiff and Loughborough. Typically these were hooked up to Lear-Siegler ADM3a or similar terminals, ours used British-built Insight VDT-1s (who were eventually bought our by Sanderson Electronics).
Of course, as with probably most 1980s computing students we tried to hack it, but unlike other boxes the security was very solid. Social engineering attacks worked the best. Yes, I got into a lot of trouble in those days..
As an aside, Paul Smee was one of the leading Multicians of the time IMO. Sadly he passed away back in 2006 - http://www.bristol.ac.uk/news/2006/5138.html
One day (in the early 1990s) I was called out to install something-or-other in an academic department of the college I worked in that I hadn't previously been aware of.
Having set whatever it was up, the users casually mentioned that another one of their computers didn't work in the afternoon.. well, *most* afternoons. It was OK in the morning, but after lunch it apparently stopped and the person using it couldn't do any more work. This had been going on for months. It didn't seem to particularly bother them that they spent their afternoons sitting around doing nothing.
It transpired that the problem was that the mouse stopped working, and with no mouse they couldn't possibly interact with the state-of-the-art Windows 3.1 PC. They just accepted that it didn't work in the afternoon.
The problem was a daft one.. the early optomechnical mouse had optical sensors internally which were being flooded out by the sunlight shining on the plastic. Putting in a better mouse fixed the problem. But what got me was the laid-back attitude to not doing any work. Maybe not surprising in that environment.
(The same department also had a then-massive 21" CRT monitor on another system that they insisted on running in VGA resolution despite there being no reason to do so. They went ballistic when I tweaked it to 800x600 pixels).
In one lab installation we put a box file under the monitor to raise it up a bit, because the PC was a tower system under the desk. For a laugh, I printed out an icon of a floppy disk drive and glued it onto the box file. On more that one occasion we had baffled users who didn't understand why the disk didn't go in. Hmm.