* Posts by chuBb.

438 posts • joined 24 Jun 2008

Page:

WTF? Microsoft makes fixing deadly OMIGOD flaws on Azure your job

chuBb. Silver badge

Re: "fixing deadly OMIGOD flaws on Azure your job"

I assumed everyone unistalled the omi shite from a vm on first boot, mainly as it seems to kill nginx performance and regularly consumes 50% cpu and spawns lots of processes

Tbh (maybe I'm "experienced" enough now) I don't know any self respecting Linux admin who would let anything run they didn't explicitly put there.

Then again I first discovered omi because it was breaking apt, so not surprised Ms are not pushing the fix as it will probably brick more than it secures, still yet to see what it offers over snmp

It's time to delete that hunter2 password from your Microsoft account, says IT giant

chuBb. Silver badge

Re: No MS account

Bad news that happened with the win 10 creators update 2 years ago, have to jump through quite a few hoops on a fresh win 10 install to create a "limited" local account and not use one linked to azure ad...

chuBb. Silver badge

No less privacy than logging in to whatever service you need in the first place.

If your really concerned about privacy get proactive, old phone in drawer root it, install a hardened droid os, keep it in flight mode, only connect to trusted WiFi and only install the authenticator app of choice (preferably side loaded and app store is neutered)

By and large this is a good thing for Corp it (phishing and rat attacks will be less effective), and power users will bother for personal accounts, aunty Doris will still rely on rover1966 for everything and be shocked and horrified that the nice African Prince she's been emailing is in fact a scam

Open-source software starts with developers, but there are other important contributors, too. Who exactly? Good question

chuBb. Silver badge

Although i am biased being a developer, i would say a project lives and dies on its documentation. I have found that projects (everything from libraries to ui applications) which have exemplary documentation, also have the higher quality bug reports (they tend to be bugs and feature requests, not confusion over how to use the thing or triaged out of existence quickly with a link to the relevant doc/wiki/sample), a more active and invested community and generally a better time as a user/consumer of the code. There are some outliers namely audacity but thats more down to politics and doing silly things to annoy the community than anything else.

End of the day the better the docs, the quicker, easier and more predictable it is to use, the more its used the larger the "educated" userbase, the larger the educated userbase the greater the number of people able to authoritatively answer the "how do i" questions in the mailing list, stackexchange site, subreddit etc, which feed back into people using it. From good docs does all the other non code related roles spring

If your project lacks the info to explain the how, when and why you would use it, your probably missing out on a lot of people who would use and possibly contribute to it as your lacking the documentation for use.

GitHub merges 'useless garbage' says Linus Torvalds as new NTFS support added to Linux kernel 5.15

chuBb. Silver badge

I would suggest transplant or couple are better synonyms than rebase to describe its functionality

chuBb. Silver badge

I don't blame git for not being friendly enough for hosted services (as you mentioned the better hosted providers have taken steps to help their users who just want version control, SVN/Perforce would fit them better but GIT won), i do blame GIT for being needlessly obtuse at times though.

Frankly its one of the few big FOSS apps that clings to the old 90's RTFM/man git/why havn't you read and memorised thousands of emails in the mailing list response to basic questions. When the answer is the docs suck for most humans and you need to spend a lot more time on the technical authorship and supporting documentation as IT IS a feature of the software, rather than responding with a passive aggressive i'm smarter than you, and i wont help response....

chuBb. Silver badge

Indeed, but as linus himself uses the term pr I think its safe to say the less clear term won

chuBb. Silver badge

And in gits defense, at least its not source safe....

chuBb. Silver badge

Id say the GIT CLI is no harder to learn than any other CLI, what makes git tricky to understand is its choice of nomenclature which activly fights the intent of the command.

While there may well be historical reasons for "pull request", but lets face it the vast vast majority of git users use a hosted repository, so any attempts at names that allow the ambiguity of the distributed aspect of git is pointless these day, it would be much better named "Merge Request" or "Merge Review" in my opinion, as that is effectively how its always been used in any project I've been involved in.

Rebase is another crap name used by GIT, despite having used git for the best part of 20 years i would struggle to explain its function in detail without some form of reference, "magic reset update merge keep working copy changes" command might be better as at least it conveys some of what rebase does, even if it would be a bugger to type on cli (but thats what the tab key is for in your terminal of choice)

HashiCorp runs low on staff, calls a halt to Terraform pull requests

chuBb. Silver badge

Think tedious codebase is any enterprise or automation software, or pretty much anything which ships

Far more likely a combination of crap pay, AWS hoovering up any cloud engineer daft enough to work for them, rotten manglement of the terraform product team, and not being ansible or what ever the flavour of the month is on medium

US Air Force chief software officer quits after launching Hellfire missile of a LinkedIn post at his former bosses

chuBb. Silver badge
Devil

Re: Do I hear a deafening chorus?

The BOFH in me would tell them that its a means of charging or being charged for each sucessful SYN/ACK sent by TCP....

I have prior form in getting a technical director (technically he directed any responsibility or accountability for his ill informed decisions away from himself, for example he hired a C and a Java developer to fill two c# roles, because its all the same and uses { }, signed off on an outsourced development project because THEY would project manage it, i left 9 years ago and that 18month project still isnt testable...) to believe that ARSE*, BUM** and VDWARTS*** were widely used acronyms, and proceeded to wax lyrical about his cutting edge arse and bum stack with vdwarts to the bemused heads of IT of a well known British high street bank when he wanted to bluff his way through a risk assessment/DR meeting

*Automated Recovery System Environment

**BackUp Machine

***Virtual Desktop With Advanced RealTime Snapshots

'Worst' AWS service ever? Cloud giant introduces Redis-compatible MemoryDB – to mixed response

chuBb. Silver badge

Its a "solution" in the same vein as azure cosmos db, yes you can write less code/config to get the benefits of a cached front end on a db, but my god you will pay hand over fist if you actually use it on any meaningful project.

Do a cost analysis and it will be a lot cheaper to cluster a bunch of mid level VM's into a redis service than it is to use any of the cloud providers managed redis offerings, with the added advantage that you can house it in its own segregated vnet to over come the insanely permissive default security settings (redis's security sucks, you know its bad when access did it better and you wish for the "maturity and sensibleness" of mysql </sarcasm>), unlike the managed offerings which expose standard ports and act as a beacon for miscreants scanning with shodan. All it would take is for a s3 style "forgot to secure it" snafu, half dozen lines of python and a few hundred kb's of data to be written to enumerated keys and your looking at being liable for unlimited data charges, would make 4g roaming data charges look cheap

Nevermind that all this new service offers is what is already possible using redis modules as the article states, the fact its redis "compatible" fills me with dread as it makes me think proprietary data structures will come, which means your going to be stuck with it, until they mothball it and then what?...

Given the number of off the shelf redis kubernetes cluster solutions available, and if your data project is truly needing of distributed transaction logging you would be better off in my opinion in investing in the skills to run a cluster, maintain (sorta)portability between cloud vendors and build out your own bespoke solution. It will be cheaper (both in service and data costs) and a less compromised jack of all trades solution.

Cloud load balancer snafu leads to 3D printer user printing on a stranger's kit

chuBb. Silver badge

Same reason as cisco, ms, oracle etc does, money printing through software licensing

And reducing the support burden when bumblefuck the unlearned fiddles with things they don't understand burns the house down and still bitches on the forum that they couldn't get the hello world cube to print

chuBb. Silver badge

id be more surprised if a school 3d printer wasnt printing phalluses

chuBb. Silver badge

Heh didnt take long for my meta hobby comment further up to be validated ;)

chuBb. Silver badge

Even with DRM wouldnt be difficult to swap the controller board out for something friendlier, there are only so many ways you can connect stepper motors and thermo-couples...

And given the meta hobby of pissing about with your 3d printer to get it to work as advertised i doubt a board swap would deter many hobbyists

Alibaba fires manager accused of sexually assaulting colleague

chuBb. Silver badge

Re: "web giant lacks formal sexual harassment policy"

The firing is PR policy not HR policy.

Turn a blind eye to accusations, hell fire and brimstone for negative PR and public corporate embarrassment (making c levels answer awkward questions is a career limiting move) . The accused would have gotten a bonus if it had remained under wraps...

Europe mulls anonymous crypto-wallet ban, rules to make transfers more traceable

chuBb. Silver badge

Re: Ok...

They pass the regulation the rest will follow, micro USB all over again

The old New: Windows veteran explains that menu item

chuBb. Silver badge

Re: Do you even use Wondows?

Couldn't live with out it, that and ctrl+shift+n for a new folder, and right shift+right click (default shell here command)

Lenovo says it’s crammed a workstation into a litre of space – less than three cans of beer

chuBb. Silver badge

Pos, building management, hvac control, cnc, scientific kit, legacy hardware, networking kit or just about anything with a terminal port on its chassis would love a real serial port sometimes over a USB dongle, it's the ps2 I'm scratching my head over other than its lenovo so IBM hardware legacy I guess

chuBb. Silver badge
Boffin

Re: The tiny sounds neat...

Which is why el reg kindly provided us with a unit convertor https://www.theregister.com/Design/page/reg-standards-converter.html

Lightweight VS Code is only getting heftier with addition of official web server extension

chuBb. Silver badge

Because for the last 20 years or so running a local webserver is pretty standard thing to do if your doing web dev (much like running code on an emulator before you burn an eprom), save hit refresh, vs save copy to server refresh find colleague has uploaded an old version of a shared file overwriting changes reupload test and find said colleague miffed you borked there bit of work. Also cant really serve anything by file any more thanks to browser security so you really have no choice but to spin up a server of somekind for development work. Plus its portable as it runs on laptop so loss of network connectivity doesnt stop work happening.

Xamp is a php web dev stack which has some questionable defaults and varies between being a common target and a massive target

As for the list of things you can run a server on great, i can run a basic http server on an arduino if i want, its just pointless and invalid as an approximation of a prod system, hence my preference for a containerised stack which is indicative of production and is easily locked down to only allow local host access.

As for disabling SSH sounds like you learnt from your mistake :), although your saying lots makes me wonder......

chuBb. Silver badge

I'd take a noddy webserver any day over a xamp stack running on defaults on a front end devs machine, although really I'd prefer to see it containerised like in the full fat visual studio

That time a startup tried to hire me just to push clients' products in job interviews

chuBb. Silver badge

In this I'd nuke it again to ensure a proper game over man

Smuggler caught with 256 Intel Core processors wrapped around him in cling film

chuBb. Silver badge

Re: Zap!

Its been a while since i physically handled a cpu so probably...

chuBb. Silver badge

Re: Zap!

Was thinking same thing...

Personally I would claim that they are acupuncture patches

Florida Man sues Facebook, Twitter, YouTube for account ban

chuBb. Silver badge

Tosser tossed by ToS

Id love it to get bloody, but I think it will get dismissed

The argument of I don't like the fact the rules I agreed to by clicking next and accepting the ToS of a commercial enterprise have been applied to me and its unfair, seems flawed at best

Would also love it if the ceos sue back for membership of maralardo and the right for mankini's to be the considered formal wear as the terms of membership disagree with them

Microsoft struggles to wake from PrintNightmare: Latest print spooler patch can be bypassed, researchers say

chuBb. Silver badge

Re: It’s a... Cargo cult

Wonder if the service will be default stopped in future builds, doubt it though its probably critical for network discovery to display icons that look like the printer your aiming at.

Can imagine the design meeting...

"we could write a new service to pull icons from the net"

"nah let's just use the remote driver installer running by default as it's always there"

"the remote what?, even on home editions??"

"yeah you know the Swiss army knife crafted by the legendary NT druids"

... Blank looks...

"the print spooler!!!"

"oh that's a good idea, it's amazing how the foresight of the ancients transcends the paradigm shift of the office and Internet, all hail the ancients"

Bitcoin doomed as a payment system and its novelty will fade, says Federal Reserve Board of Governors member

chuBb. Silver badge

Re: a solution looking for a problem?

Yeah if you say so, enjoy the coolaid flaw in your argument is you mistake available for accessable, btc is nothing special, ms's use of BTC is pure marketing napster and kazzaa were decentralised networks that doesn't preclude infiltration or guarantee security

chuBb. Silver badge

Re: a solution looking for a problem?

Yeah your describing block chains in general, not any intrinsic property of BTC

Whatever future crypto has it won't be in its current form, and given the difficulty of say applying for a mortgage with crypto funds and proving at no point was your coin/token was/has/is used in money laundering its not very useful.

Given the inevitable regulatory crackdown on it, btc will end up a hotel california of investments for who ever didn't get out before it hits the fan...

chuBb. Silver badge

Re: It's the usefulness

I've always viewed it as a solution looking for a problem.

The fact it came with a manifesto and suffered from the same flaws as the communist manifesto of not accounting for human greed; coupled with a provocative to any government ability to enable money laundering at a much lower technical cost than usual means it will always face more scrutiny for legit uses, than any other form of value, which will always be passed on with extra transaction charges and friction and thus be unattractive for day to day transactions.

As for its claims of a anonymity maybe while inside the network( but there will always be a side channel to exploit and correlate from) , but much like tor the entry and exit points are not and do interface into systems which don't protect identity

One good deed leads to a storm in an Exchange Server

chuBb. Silver badge

Necessary learning experience

Wouldn't trust an admin who hasn't (or won't admit to) having done something catastrophically silly on a prod system. That sinking feeling and more importantly how you deal with the balls up can't be taught.

Doing it repeatedly on other hand just shows lesson hasn't been learnt, and desktop imaging and toner replacement is your future.

Leaked print spooler exploit lets Windows users remotely execute code as system on your domain controller

chuBb. Silver badge

Re: What the ever-loving frak ?

Only if you avoid all the default options and install desktop experience

chuBb. Silver badge

Re: Mitigation

That's one reason I'm a fan of turning broken screen laptops into rodc's (readonly dc) for branch offices always try and convince clients you want to keep ur domain in house

chuBb. Silver badge
Pint

Re: You can use group policy to allow non admins to install print drivers.

Have a pint AC made me chuckle

chuBb. Silver badge

Re: What the ever-loving frak ?

Yeah opinion of someone who can't work out how to network print on windows (you have had nigh on 30 years to wrap head around netbios and samba) is deff into troll territory, usb too short my arse...

Anyway dc's are worrying, would be more concerned with it running on a cert authority, or web server and yeah lots of crm/erp business critical systems need the spooler enabled for pdf generation as its less brain damaging to write a print css file than to try and code for page wrapping and overflow in a pdf lib

Huawei dev flamed for 'useless' Linux kernel code contributions

chuBb. Silver badge

Re: Who's the student here?

Kinda the heresay is the speculation on multiple motivation for choddy trivial commits.

The problem is resource/effort wastage of the maintainers time, I doubt If a single commit targeting multiple modules would get that far it would be bounced back to dev and told to split it into correctly targeted commits against each module. But for the nature of these commits (typos, debug log messages, stuff not included in a standard build unless you enable a specific compiler debug flag) it's really a matter of etiquette and being a team player and/or learning how to use git "properly*" more than just git commit -am "I fixed a typo"

*if anyone has a categoric definition of proper git usage I'd love to see it lol

chuBb. Silver badge

Re: Who's the student here?

I don't think that's the problem, more the fact that this particular contributor has repeatedly submitted discrete typo fixes rather than bundling them into one commit, I.e. They fix 100 typos and commit 100 fixes, each commithas to follow a rigorous QA process even for something trivial, like a debug comment which you would only see if debugging That module and never during a normal build. If they had submitted 1 commit of a 100 fixes then that would create 99% less work for the maintainers.

If there is a noticeable trend of this time wasting coming from a given company then it's right to call them out as a company, inferring kpis and 996 working though is a step to far in my eyes as I prefer to attribute ignorance rather than malice, end of the day Huawei should be doing a better job of bundling trivial commits like these into sensible bundles

Apple scrambles to quash iOS app sideloading demands with 'think of the children' defense

chuBb. Silver badge
Boffin

so apple would add the android dev toggle switch, and digital voodoo ritual tapping of the right version number to enable full options

will epic be the opera of app stones and force a useless nag screen 99% of people just click ok and accept default on, wouldn't be very surprised if apple launched its own curated internet with a chat application and called it Apple-On-Line...

I do find it hard to hear "think of the children" and not hear "think of the 30% of the huge microtransaction inflated phone bills, some muppet got letting their device be used unsupervised"

Hubble Space Telescope may now depend on a computer that hasn't booted since 2009

chuBb. Silver badge

Even in space without a means to reach it, its infinitely more repairable than a smartphone

Hope this isnt the end for hubble, it deserves a less ignominious demise than digital dementia

There's no 'Skype' in Teams: Microsoft lets signing key for its Debian Skype repository slip gently into the night

chuBb. Silver badge

Re: Teams for Linux client shares the old Skype backend

Its built on top of skype for business aka lync aka office communication server, dig deep enough and you find many lync and ocs references too

As for the preview client, dont bother its just an electron app (like the mac and pc versions) and the web version is considerably more up to date than the client (plus ive had a lot less issues with sound and video using a browser)

chuBb. Silver badge

I prefer the bot, it understood my last support ticket was about SIP signalling, unfortunately the support droid it forwarded me too took 4 weeks and an eventual escalation to its manager to forward it to someone capable of solving the issue and not trying to fix a backend config issue with client settings and increasingly desperate attempts at meeting their kpi's...

BOFH: When the Sun rises in the West and sets in the East, only then will the UPS cease to supply uninterrupted voltage

chuBb. Silver badge

Re: What a revolting story!

Have to stay grounded in situations like that

chuBb. Silver badge

Re: Experience

Ahhhh the fun of having an apprentice and electrical insulation surveys to conduct

chuBb. Silver badge

Re: Experience

Well was a (fr)agile consultant...

chuBb. Silver badge

Re: Reminds me...

Once modified an amp so the volume control mounted backwards, i.e. Clockwise decreases volume, stopped kids pranking everyone in village hall by turning it up to 11. Always enjoyed the looks of disappointment when deafening silence was all that met their expectations

chuBb. Silver badge

Re: Reminds me...

Marketeer with a crayon

Systemd 249 release candidate includes better support for immutable OSes and provisioning images

chuBb. Silver badge

Ffs

Stop doing shit other than a debatably better version of initd scripts

Calendly’s new logo perceived as either bog-standard or kind of crappy

chuBb. Silver badge

Twisted wire puzzle

Looks like the solution you get inside crackers to those rubbish twisted wire puzzles

We don't know why it's there, we don't know what it does – all we know is that the button makes everything OK again

chuBb. Silver badge

Re: Plotters

As its underfloor and not in the serial signal path my gut would say its a power conditioner, either a surge protector or a back emf surpressor, possibly an AC frequency shifter

If it was connected by a single cable to the printer then some bespoke protocol interpreter or rom expansion, or as we are talking about a time of discrete components not flyshit on multilayer pcb could just be a circuit fix fixed on subsequent pcb revisions, reset 74 logic in inconsistent state etc. . Would certainly explain the mystery and external mounting, be interesting to know if it was one of the first in the country....

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021