Exact same thing happenend to me
only the users logic was different, as it was files she reused often, figuring reduce, reuse, recycle
525 publicly visible posts • joined 24 Jun 2008
unfortunatly not, i honestly cant think of a classic remake that was better than the original, shinier maybe, without the carm or gameplay unfortunatly, probably because to pay for the license of the title they concentrate on shiny graphics and things that look impressive rather than the intangible things like the gameplay, or the quirks of the original platform (try playing a mega drive modded to run as a genesis, the PAL varient was a dirty hack where they under clocked the main cpu by 20% to get the screen to sync, sonic at intended speed is a totally different game as an example)
Nope, i dont captilise "i" when typed becasue its obvious its not a lower case l, and it keeps the proof reader ocupied at work
As for sentence yeah my spelling sucks being dyslexic and what not but i dont care as long the intent was conveyed, bit of a stretch to though to link misspelling to stupidity though...
Lol i deleted the sentance where i mentioned average user stupidity , but even then at a previous employer all metrics we cared about in the app store improved when we consolidated flavored varients of the app to a single one. The only thing that took a short term hit (until the seo and brand awarness improved) was dumbasses purchasing the wrong version, then wanting a refund so one metric took a hit on income but as that income was refunded anyway all it did was show the old head of sales and marketings figures to be suspect anyway
The big improvement we gained though was the copycat and malware spoofs of our app suddenly stood out like sore thumbs so overall helped us even if it meant a few people gave up when having to identify what flavor they needed
Personally i cant think a valid reason for offering 3 flavors of the same app, just have a first launch screen which displays the supported logo's of av manufacturer for the user to choose from, then run the company specific discoverary, seo your one app listing properly, rather than use spammy malware ad fraud tactics
Bale wagons, where i grew up come harvest time you could expect at least 3 outages measured in days after jefro and farmer giles decide to hurry up cider o'clock and just stick an extra layer of bales on the trailer then drive under the strung cables going down one lane, then a month or 2 later they are at it again ploughing through the burried cables
Oh FFS seriously, the risk of snarfing decrypt key from memory from a suspended laptop, really???? You got bigger problems if that is really a risk, what with the hackers being physically infront/in possession of your laptop. Oh it make it easy to swap linux laptops/distros, so does partitioning, or does this fartknocker think this is what is stopping linux on the desktop??, frankly if you run *nix on your own kit (im not including hassle less deployments for parents and inlaws) and you cant move your home folder between boxen and distro's then give up and get your self a copy of windows me as pennance...
Its not even like this really solves or invents anything other than an interminable list of locations for config files to lurk that spoil your day and over write the settings you explicitly set, honestly how is this any different than mounting a vhd with encryption to /home?
Think i will file this one under solution looking for a problem
Reading this i cant help but think its just a case of left vs right hand, and someone senior doubling down to not look like a tit.
Pure speculation but...
Pen testers hired by IT/Legal dept, verbose proposal of test, full of big unapollogetically technical words lands on a senior mangements desk, gets delegated down the chain of command, full content not known by person at top who also couldnt be arsed to read the summary reports that bubbled up the chain.
Scheduled physical pen test occurs, and they get busted, facilities go round high fiving each other job well done, as senior in charge of commisioning pen test didnt read proposal facilities were unaware that this was legit, testers get arrested.
Senor in charge of pen test realises they have ballsed up chooses to come clean or throw them under bus
Can only hope that the damage done to the horizontally promoted seat occupiers career is handled with a swift retirement or idefinite gardening leave with a big red DO NOT HIRE stamp on their cv....
Victims of own sucess, i do see a lot of the calls to donate to web based (especially front end stuff) libs to be a bit of wishful thinking, as there is at least 20 competeing libs for the same front end behaviour, and if what your adding to the eco system is not complex enough to require support or unique enough to offer a pro version then tough, as any of the big frameworks already have corporate backing.
To my mind we have a lot of devs who by luck author a popular widget, who mistake there popularity for a USP and dont get that its because its free, not because its better, or follows some philosophy. Sure it would be lovely if you have an install base of 1000000+ users and you got compensated each month, but even if you did you would be very lucky to get more than 0.1% contributing, and if you force it to payed for then someone will fork it, and people jump ship, so you kill your userbase in exchange for revenue.
Bottom line OSS development is like gambling, only bet what you can afford to loose, if all your time is taken maintaining something for free and you dont like that its time to step away and let the community take the reigns, if as a maintainer you dont accept contributions i would suggest that you dont understand opensource and have mistaken open for published source, most projects die as they are suffcient alternatives to fill the vaccum, and those that are truly useful get forked or adopted, open source darwinism in action and that in my book is a very good thing
Easy, no css no java script, don't nest block items more than 3 deep looks crap though :P
But truthfully yeah u can do it js free it's just v difficult to add it to a layout if it's not baked in from the get go, inline css and lots of!important statements, most of the optimisations u find online are retro fit quick fixes for layouts failing uat due to bad pingdom or lighthouse reports
Meh Npm is just a me2 package manager for those who thought Ruby on rails was more than a flash in the pan and then jumped ship to node, who are furiously reading python for dummies now to be at the vanguard of medium techno regurgitation articles, while working out of Starbucks playing at startups. Everyone else just gets on with it using boring c#, java, c or for those who know no better php (come back vbscript all is forgiven, honestly maintaining an asp classic site I developed 20 years ago was so much less brain damaging than trying to get a filter box to default to closed in the current woocommerce codebase (my own fault should refuse to help friends))
So ramble aside I fully agree ;)
Or a lan party...
Physical access usually means in this context connected to same switch/subnet/lan, has no need to transit a firewall, or c$ is open and accessable , not physical access is required as the device is air gapped, accessible only through 5 vault doors and 100m under ground
no enumerated folders and file names was better than VSS
classOLD-BobEdit123-old-OLD-working-zanzibar(1) (2) (1) include in build.vb > visual source safe
at least that was harder to loose everything to an access db shitting it self, which some dullard had left with everything checkedout and locked before they went on holiday with the laptop that did the checking out....
Bah once got a job based off the fact the client liked the fact I looked like a hacker from a film, hoody, baggy jeans, dreadlocks, piercings and multi coloured hair (from before time you could buy rainbow shades in tesco) , drunk 6 cups of coffee in the 45min meeting and pointed out the idea we were their to discuss would never work as intended
Yet to work any where where the title of senior dev didnt mean anything more than longevity, generally they have been the worst culprits of poor sec practices and due to longevity are trusted by higher ups, generally just leave them to hang them selves unless its something totally arse backwards. Worst one i have encountered was a walking disaster of apathy and a teflon like attitude to responsibility, doing stuff like dir browsing enabled on a webserver with a share mounted to it of sensitive docs, like you know customer lists and account details, the look on the CEO's face when all the companies "secrets" were browseable was a nasty shock for him, the longevity dev at that place had some explaining to do after that one, his excuse was basically it "wouldnt be found" (server logs said otherwise), it made his job easier when he was working from home because he didnt like the vpn software (because it forced all traffic via the companies gateway/net filter and blocked his torrent access), he got to keep his title but the trust the higherups put in his technical chops was forever gone, he left 6 months later when the jnr dev brought up equally stupid coding practices to do with passwords, turning open relay on the smtp service because he thought the code was inellegant to do smtp auth and unfiltered file uploads to a folder where he had set execute permissions on because chmod 777 was the only way to make his arse backwards code work (it wasnt he just couldnt grasp that the folder was owned by root and his code executed under a different user account that wasnt root)
After the senior left they scrapped that title and replaced with lead, small name change but one where people actually took some responsibility on with the title...
It really depends on what your doing, bog standard lob app unless infrastructure costs forces Linux as the server stay all windows
Web app with nosql and rdms. Net core can work very well especially if say u use redis as a local cache and host on same box as core app
Really it depends on your devs, if they are die hard orm users (java or. Net devs usually) then they will bitch ef core doesn't have a load of bells and whistles (which cease being a benifit when you have a real dB of several hundred tables and distinct schemas but I digress) for me I like it always hated having control of queries removed from me by most orms especially seizing the brain damage produced when a left outer join and in clause would suffice... Thankfully dapper works great and does the important bit of most orm frameworks mapping objects to columns For me the biggest issue was signalr not being prod ready
Use it in production and its very good for what I use it for.
Bit of a faff to get started but that's more the. Net core learning curve than Linux, so learn on windows then when ready try a deployment to Linux. Docker massively simplifies here especially with the embedded framework option, it's basically the same idea as embedding the jre in a java app to side step framework incompatibilities. When you update the framework just push the container to your repo and update it on the server all pretty self contained. Oob the vs Linux experience is a bit rough but no worse than configuring a lamp/lemp stack and nothing stopping you modifying the proje t templates
How I wish I was dealing with asp classic and access everytime I have to maintain a crappy lamp app its the mysql bit I hate the most truly makes access look like a competent dB at least it had built ways of doing differencing backups... Everytime I find mysql I ask myself why not postgres did the original dev avoid because they couldn't pronounce it or copy paste the outdated snippet from php docs??? , at least asp classic burned Dsn config into my brain, ironically only place I use that tech these days is on *nix via unixodbc & freetds/ms sql Linux driver....
Nope I disagree sip over tcp is widely supported many free apps which work well, linphone, zoiper, xlite etc no hack involved.
It's a bit cludgier when looking at webrtc but straight voip is a solved problem. At least I hope it is otherwise I'm out of a job and I must have imagined all the networks I have deployed ;)
Fair play to cloudflare for the openness
Sounds like there S.I.O.F plan (shit it's on fire) worked, could do with a polish but a solid B+ in terms of response. To be fair these sorts of plans are always best guesses so finding delays in the 2fa email hitting inboxes isn't a massive problem for example, although I would hope they invest in an additional factor like keyfobs to mitigate delays in inbox access from killing your network.
Of course I'm looking at this as though they were a normal company and not a pervasive part of net infrastructure, so I'm ignoring the damage done to customers, but even so the fact they kept heads under that pressure and stuck to a plan shows good discipline and training (as you would expect with the responsibility they have)
So yeah my take is that the response is acceptable, they will clearly be patching holes in the process, and until the plan is put to test under real conditions you can't know where the deficiencies in it lie
Honestly makes me wonder how zoom can know enough to get WebRTC to work, but dont understand how websockets work??
Maybe its some mac specific security (blanket) feature im unaware of, but i would have thought a more graceful and less problematic way of acheiving this would be to have the zoom link hit zooms servers, read the client ip of the incoming request, look up the client id against registered agents possibly with an additional unique id to handle nat behind routers, and fire start meeting request at the agent.... ya know like how RPC has worked for over 20+ years just with a new fangled transport
The cable "shouldn't" matter if both ends implement the spec, but with the SNAFU on the implementation it leads to confusion at the complaint end.
Of course this brings on a separate debate of the evils of integrated circuitry in cables, have some very annoying micro usb leads which look identical to normal micro usb's but are in fact integrated serial ports and dont work as usb... Would much prefer dongles added inline to normal cables rather than invisible tech (same is true with active HDMI cables, if i had £5 for every time i have had to swap ends over because someone has connected out to out and in to in, did midi teach us nothing????)
Shame, but not that big a deal to be honest, just means buying a decent but not 5A rated usb C lead. In simple terms if it came with your fancy laptop to charge it dont use that cable, otherwise just use any decent (> 50p) usb c phone charging cable.
Something like this would be fine (as i have been recommending them to friends and family since USB C emerged and yet to have any cable related problems (apart from teenagers hatred of strain reliefs but no cable survives that...)) https://www.amazon.co.uk/LUORIZ-Braided-Charger-Charging-Devices-3-Pack-2m-White-Black/dp/B07425QG2T
Other manufacturers are not as pervasive throughout the UK (well BT/Openreach) telecoms infrastructure
BT's current infrastructre has a LOT of huawei in it (often wondered if 21CN was a percentage of chinese kit in network not 21st century network....)
Plus given that the kit is also widely used in countries we have an interest in spying on (its cheap and china will sell to just about any regime) makes sense to concentrate on knowing your enemy, the others are all a moot point due to either being owned by entities in 5i countries or have sanctioned backdoors at NSA/GCHQ's request.
Dont confuse the "security" in the centers title for the meaning that infers protection, add the air quotes and go for the spooky cold war meaning. They are looking to pwn the kit and understand its weaknesses, neuter or contain any threat and ultimately use that knowledge for our own advantage, be it tapping comms, or saving a few billion on core infrastructure; not protect enterprises or put a kite mark on the kit....
Because with a massive sweeping generalization here: Its software for mums spare room dwelling 40 year old virgins/devoted husbands to lady palm and her 5 daughters/comic book guy from the simpsons, the demographic who vocally complain that the women in the dead or alive games should have even skimpier outfits, or that lara croft is still (and ever was) a sex symbol to them, and didnt like the redesign that came with the reboot, or that tifa in the final fantasy VII remake's boobs are to small
So all that matters to them is bewbs and noodz, real or fake makes no odds
Its as old as the internet, its not even like this is first time its been an "epidemic" was hard to move on angelfire (geocities seemed to be more proactive at pr0n blocking) for all the Gillian Anderson, Terri Hatcher, Buffy, DS9 and 7of9 nudes in the mid to late '90's
Of course the difference was it required photo editing skills and wasnt a drag and drop spit it out 0 legitimate use software
Nope very much a political approach, bottom line is no MP would go for it once they find out they they can no longer sign in to govnet from the cotswolds and would have to physically travel to approved locations to do their work, which renders the rest of the FUD about vpn's banned moot. Even if that embuggerence for them would probably do wonders for overall infosec in whitehall, until some bugger muppet popularity contest winner puts it all on an unencrypted harddrive and leaves it on a train to work on over the weekend....
Not missing the point at all, fact is that the number of VPN users is dwarfed by the number of chrome (and by extension chromium based browsers) and firefox users, DoH will be an automatic default for those users, hence a much bigger problem than VPN's; as VPNs have to be activly setup, where as DoH would be a passive setup
If their is a crack down on commercial VPN providers then it will only be a formalisation of existing law forcing them to provide logs on court order, and if they did overstep the mark then users will configure their own or just run a vpn box on aws hosted in a US region, lifehacker will have dozens or articles on how to set it up. It would be impossible to ban or even regulate VPN's as the economic damage would be to great, inter office comms made illegal, secure transport of patient records between hospital and surgery gone, etc.
The fundamental flaw in the "they will ban vpns" argument is that its like saying "Ban roads to stop drivers speeding" a VPN is a transport, DNS is a protocol, legislating against traffic is a wholly different proposition to legislating on how the traffic is carried, regulating DoH is much more like saying mini moto bikes are not road legal and are not allowed on the roads (but their is nothing we can do stop people from doing that of they dont get caught). The real govt (civil service, not the who do you want lying to you popularity contest winners going for the click bait think of the children attention grabbers arguments) fear in my opinion is a ceding of control of domestic surveillance to the NSA as both the major infrastructure providers are US companies and accepting what ever evidence you gain may have been altered as it didnt come from your direct tap...
Interesting you mention the pr0n farce, fully agree with you, if and when it comes into effect (i also believe as currently intended is utterly impossible) it will only effect those that pay for porn online, and what comes into effect will be so watered down as to be effectively optional
Something has just occurred to me, sure DoH might break the IWF's watch list for forward requests, but reverse DNS queries of the list would work just fine, especially if they go for the sledge hammer to crack a wall nut approach and block by IP, rather than host header. So why couldnt ISP's just move the check from DNS access to Gateway access for HTTPS requests, and plain HTTP well its just another packet inspection rule at that point...
Of course solutions don't win headlines or votes, so jerk your knee as you think of the children, the sky is falling, damn those terrorists and their hashtags!!!!
DNS over HTTPS differs quite a lot from a VPN
VPN's provide you with an encrypted tunnel between point a and point b depending on how they have been configured depends what traffic gets routed to them, i.e. most remote access vpn's provided by an employer would only direct traffic destined for corporate subnets i.e. all traffic to 172.16.0.0/16 will go via the VPN, unless they are set to replace your default gateway/route when all traffic goes via the VPN (which is good for paranoid employers as all requests can go through their content filters, just crap for end user as your connection will be slower especially if you have a 50Mb+ connection at home and a crappy 20Mb line at the office....). DNS requests sent via VPN are still plain text in terms of protocol just the transmission is encrypted, and still susceptible to monitoring/filtering once they exit the tunnel.
DoH on the other hand (from a high orbit viewpoint) stuffs the UDP payload of a DNS request into a TCP HTTPS request on the client, which is transmitted using TLS (SSL is dead, deprecated should not be used, only exists as an acronym for spotting people who either used to know what they were on about or never knew in first place) to a centralised proxy controlled by the browser maker (google or mozilla here) which accepts the HTTPS request, decodes the payload and performs a normal DNS lookup, which then sent back as a HTTPS reply to the client, which decodes the DNS response and handles as usual.
Essentially its protocol stuffing and open to debate if its a good thing to move away from a decentralized name system, back to something similar to the walled gardens of AOL and Compuserve from the time that every publication came with a set of coasters.... although that reality is a way down the rabbit hole, its not unreasonable to expect google to game responses with paid for preferential results etc. The tricky bit is that by making it a client feature it can and will by pass the network config of the host, i.e. by default chrome would make DoH requests and you would have to go about:config diving to disable this (each and every auto update) and use the DNS configured on your adapter, which unless you have overiden your ISP's defaults will be their name servers. (this could also make life tricky inside enterprises running a split brain DNS for intranet access using the corp domain name)
Unfortunatly i have seen telco's security upfront (disclosure i work for a small security orientated telco) without naming names once you have swapped BGP routes or got the fibre lit your pretty much free to do what ever you want.
Any of our carriers that wont offer us a TLS enabled trunk get shunted to the dmz on the dmz for them, usually their excuse is that their is no business need or that the overpriced SBC at their end doesnt support TLS (to which i retort, kamailio its open source and perfect for TLS offload, just doesnt have a "friendly" GUI which requires you to run java 6* to access it (which is also why i have never bothered to learn anything but the CLI for any network or security gear and kill the noddy interface at first power on, seriously first command i learn once default passwords have been changed is how to kill the web interface))
*The irony that certain unloved/unpatched cisco ASA's would force you to open that massive a security hole to configure the firewall using the noddy interface is not lost on me, especially when a former head of security i worked with wouldnt configure the devices any other way even though the majority of his other sec policies were sane....
Not surprised at all that VPN's got missed, why? Its mobile (cell) phone telco(s) lost or out of date paper work seems to be indemic at all telco's who is to say that the new VPN isnt a remote cell station for a VIP, or a temporary one for an event. Very much doubt OPs would pull the plug with out full ass covering paper trails, just incase it put them downwind of the fan...
Plus its a telco, and way to much trust is put into point to point connections between customers and carriers, why yes because we configured it at both ends and have a contract, their is no need for more security or even white listing known gateway IP's, they just would rather pretend that they still own the wires and control all access, rather than be conduits for others to run their services on top of
So usual nonsense of modest security at the front end, and once you cross that magic employee's only line all notions of security go out the window...
Nope doesnt matter what android handset it is is, its crap compared to windows phone UX,
Live tiles were great, swipe right and browse list of installed apps just worked without the clutter of multiple home screens, swipe down on home screen for anything you pinned, and grouped icons worked so much better.
If MS still wanted to get into phones all they would have to do is port the launcher properly to android and get a few vendors to use that instead of what ever crap they come up with or the shite that google offers. Honestly switching to android feels like a massive step backwards in usability (never mind the fact i had a dock for my phone with usb and hdmi outputs years before samsung crowed about that, wireless charging and basically all of the guff which has been the headline features of the galaxy s whatever churn year on year since 2016....)
Thats what i would suspect, they have the infrastructure to offer a passive cloudflare&cdn offering with 0 config (or control) just by adding a character to existing code, thats certainly the story i would expect them to crow about while failing to mention the cost is all your data transiting it being actively profiled.
On the flip side this could also do some good, as if they essentially use this as a client to googlenet then at least it would be technically feasible for politicians* to demand data sovereignity and compel google to gatekeep data and keep it within continental/political boundaries, but then again that's another can of worms to open right there!
*Wont happen until techno incompetents dont hold office, im looking at you hashtags rudd (or which ever professional bung craving liar too stupid or too bored of practising law you hold the most disdain for)
I doubt tracking is the primary purpose, more likely to my mind is so that they can side step the messy getting consensus stage of protocol development and just push http2.1 through crurl integrations, wouldnt be surprised if they did something shitty and say only allowed 3rd party api access through their lib, also would probably be nobbled to prevent webrequest manipulations like the nerfing of ad blockers.
I dont think its too paranoid to assume the road map looks like this:
Step 1: mirror libcurls api, get devs to use it through gate keeping google api's to only work with it
Step 2a: introduce binary payloads (like grpc is used in microservices) which are much quicker than text, use crurl to hydrate back to html, bypassing the http aspect and just returning requested payload, sweaten deal to devs by baking in a CDN co-optted onto ISP's like youtubes edge delivery network, and more importantly for them validate payload with a checksum or similar to ensure the advertising code is unmolested
Step 2b: build into chromium stack, bypass existing os's net stack where possible, harvest what ever data gets fired through it
Step 3: dont get caught doing the "non evil" passive surveillance like we did with wifi and street view
Wasnt expecting to have a thought provoker before my coffee kicked in :)
Couldnt agree more on the premise of "The future often arrives looking like an expensive toy", dovetails with a theory/prediction of mine that VR/AR will gift the world a cure for blindness as a side effect of implants for direct optic nerve manipulation developed to overcome the problem of the headset...
Maybe not directly but don't need the hassle of getting dragged into anything, frankly it caused enough hassle last time I got a threatening letter disputing my right to the domain even though I have had it registered since the mid 90s for me to consider shutting the service down. Thankfully the reply of "gtfo its my surname kind regards Mr chubb" saw that one off at the pass...
I could but as I mentioned I mainly use the domain for family email addresses, and as I'm extended family tech support (wearing the "I will not fix your computer" t shirt to family gatherings didn't have intended effect) it's much easier to find missing emails for great aunty Doris whose fat fingered friends have forwarded some chod to drois@....
three things
1) social media, i do not
2) Would be wide open to civil suits
3) As this is very sensitive information all i would do is hurt the customers (im talking sheltered housing, old folks homes, hospitals, banks, small businesses etc.) who have done nothing wrong than assume the security company gave a flying f about digital security, and even then the core of the problem seems to be US set policy from the parent company
Just the responsible thing to do, what distresses me more is why stuff like that is not sent encrypted, or even in a pass word protected zip to ya know put a speed bump in the way of casual observers... ho hum
At one point i even went as far as having an automated reply of "this is not the domain you are looking for", all that did was make them double down on the attempts to send it to the wrong address