* Posts by Candy

143 posts • joined 7 Jul 2008

Page:

Lack shame? Fancy some festive Windows knitwear? We've got your back

Candy

Festive 0day knitwear

So, pretty much anyone could produce this but MS seem like a good candidate.

A jumper to keep in the office to wear on days when there's a new 0day announced that affects you/your company/your cat.

The only potential issue is that the way things are going, you could be wearing it every day in December and early January. Could get a bit ripe...

What you need to know about Microsoft Windows 11: It will run Android apps

Candy

Throwing Jerry Nixon under the bus...

"given they clearly said Windows 10 was the final release"

They kind of never did. Jerry Nixon (a developer evangelist at MS) said "Windows 10 is the last version of Windows." So it's true that he said this. Once. It's also true that when asked about it, MS has never confirmed this to be true. Sure, they didn't deny it either.

This quote is very much over-reported.

Cloudflare launches campaign to ‘end the madness’ of CAPTCHAs

Candy

Cryptographic Attestation of Personhood?

Sounds like CrAP to me...

JET engine flaws can crash Microsoft's IIS, SQL Server, say Palo Alto researchers

Candy

Red or Blue...

Has it been confirmed that this affects only JET Red?

Microsoft's Extensible Storage Engine (JET Blue) source code arrives on GitHub – sadly comments not included

Candy

Re: Usage ?

I may be out of date but isn't JET Blue the underlying database for both Exchange and Active Directory? It certainly used to be...

The hour grows late, the enemy are at the gates... but could Intel's exiled heir apparent ride to the rescue?

Candy

Still as gobsmacked as I was...

When Intel passed him up for the top job all those years ago. I remember thinking that their loss was EMCs good fortune.

Surface Laptop Go: Premium feel for a mid-range price, but Microsoft's Apple-like range once meant more than this

Candy

Don't buy the cheapest model...

Unless you only want an expensive web browsing device.

On the low end device, you don't get a real SSD but, rather, an eMMC. This is sloooooowwww.

The "cheapest" practical device is the mid-range one. Very nice. I have bought a couple for the family and they're proving popular.

Cyberpunk 2077: There's a great game within screaming to get out, but sadly it was released 57 years too early

Candy

I don't recognise the game in the negative reviews.

Seriously.

Maybe my gaming PC is similar to their baseline dev boxes? Maybe my play style fits the testing? I've dropped over 150 hours into playing the game and I love it. No crashes, no grief. A few floating objects and a (very) occasional T-pose. Beyond that, it runs perfectly for me. And that lets me concentrate on the oh-so-rich background and scripts.

Definitely one of my favourite games of the last few years.

Cybersecurity giant FireEye says it was hacked by govt-backed spies who stole its crown-jewels hacking tools

Candy

Seems like a mture and well-planned response to me.

OK, so FireEye got compromised.

The open disclosure and public release of countermeasures speaks to a mature, planned response. They knew the Red Team tools they had developed were a high value asset and could be targeted. That they have come forwards reasonably quickly and released the countermeasures to their toolset as open source speaks well to their approach and preparedness.

Digital security is a process, not a bounded task. They seem to have clearly assumed breach and had a response ready for the eventuality. This should be a call to us all to put our houses in similar order. I imagine the learnings internally will be considerable and valuable for them. Not suggesting for a moment that this isn't a significant hit but it literally can and does happen to anyone.

To those taking to the schadenfreude pulpit and seeking only to mock, I ask: What would you have done differently?

(PS I have no skin in this particular game...)

Microsoft and VMware end ancient grudge with new VM privilege workaround

Candy

Re: FYI: Requires the latest release of Windows

To be more precise: It won't run on Win 10 1909 but will on Win 10 2004. I like my OS to be in support... :)

Candy

FYI: Requires the latest release of Windows

15.5.5 seems to need Vibranium/May 2020 Update/20H1/2004 or whatever naming hell they settle on will be. It craps out on any lesser version.

Xbox Series X: Gee thanks, Microsoft! Just what we wanted for Xmas 2020 – a Gateway tower PC

Candy
Flame

Do we need to book early?

Want to make sure I get a good seat for ther inevitable CoolingGate lawsuits...

Brit prisoners to be kept on the straight and narrow with JavaScript and CSS

Candy

It's been done before...

in the late 80s, early 90s I helped to deliver a program in the UK prison system that aimed to skill up offenders so they had attractive skills to offer upon release. The big driver then (and now?) is that if you get a released prisoner into work quickly, the chances of re-offending are reduced by an order of magnitude.

Back then, it worked well for those we could get through the courses (limited both by the number of places and the aptitude/attitude of the participants) but the programme ran onto the rocks as we tried to scale it. It was difficult to get enough competent people in place to deliver the content given civil service pay rates.

I wonder if the MOOC model might go some way to address that?

My 2019 resolution? Not to buy any of THIS rubbish

Candy

Late to the party. As usual...

By the time 2000AD started, er, branching out in their stories, Messrs. Jackson* and Livingstone had been at it for several years.

*Co-founder of Games Workshop rather than that other Steve Jackson bloke. You know. The GURPS, Ogre and Munchkin guy.

Microsoft's Jet crash: Zero-day flaw drops after deadline passes

Candy

WINS is for Winners

Also, WINS runs on Jet. And, yes, there's a lot of people running WINS still...

Fork it! Google fined €4.34bn over Android, has 90 days to behave

Candy

Re: At least it's not BING

If you're finding Google Search significantly better than Bing Search, it's because Google knows more about you than MS in this context.

As an experiment, I switched my search engine at work to Bing a few years ago and left my personal devices on Google. Within a few weeks, they were pretty comparable and now there's very little difference in the quality of results.

Maps, on the other hand, is where Google definitely wears the crown. No one else has anywhere near the richness of data (and metadata) that Google Maps has and I don't see that changing in the foreseeable future.

Mirai botnet cost you $13.50 per infected thing, say boffins

Candy

Unmasking the cost...

The interesting part for me is that this is the first time I've seen a detailed analysis of the cost to the owners of the pwned devices. As opposed to the costs borne by the target of such an attack.

If anything were finally to wake up the IoT industry to the importance of securing their sh!t, it will be their enterprise customers asking them how they will prevent this sort of unexpected spend from the tens or hundreds of thousands of devices to be deployed.

Ambient and edge compute could well become a massive revenue drainer for the unaware.

Windows 10 Springwatch: See the majestic Microsoft in its natural habitat, fixing stuff the last patch broke

Candy
Flame

Rebuilds and Resets

Anecdotally, the issue seems to be with rebuilds and resets (like powerwashing CrhomeOS but less effective and more complex). I'm hearing from colleagues that they were having BSODs during the process which led to them reverting to the previous version apart from the one instance where the PC needed a full reinstall.

This would explain why a CU won't fix it and they needed a new build so late in the day, perhaps.

Airbus ditches Microsoft, flies off to Google

Candy

Re: 99% of business users won't max out the capabilities

I worked with a company going through a similar transition from Office to G-Suite. In the end, they got to 80% of users migrated and did make some savings.

About 15% of users still needed full-fat Excel (VBA/Macros and database connectors were the major factors here) and 10% needed Word (again, VBA but also document automation/assembly).

The keen mathematicians amongst you will note that there was some overlap between the groups.

I hear they're mulling a return to O365 as the interop between the two is giving them headaches.

Wearables are now a two-horse race and Google lost very badly

Candy

[They want] to get its first models into the hands of as many consumers as possible...

My anecdotal evidence with the Fenix 5X Sapphire is that it works fine whatever I need it to do. The downsides have been weight (which you get used to) and the cost. That said, this thing is enormously robust and has been bashed and scraped all over the place and still looks as good as new. Sapphire and Steel (the materials, no the show) really do make it all but indestructible.

UK.gov pushes ahead with legal right to 10Mbps

Candy

[They want] to get its first models into the hands of as many consumers as possible...

As a teleworker and part of that 4%, I can only hope that this actually makes a difference to our situation.

Boss made dirt list of minions' mistakes, kept his own rampage off it

Candy

Re: the big red button

"With an expansive arm gesture he said "This is the computer suite", and then, to let them see the length of it, he leaned back...."

Did we work together in the '80s or is this more common than I thought?

In our case, the reason the Kill Switch wasn't covered over was that we had just moved the "datacentre" into one end of a Portakabin while our office was demolished/rebuilt.

My #95Theses of #Digital

Candy

Time

#42: Time is the most valuable asset in a truly digital world. Use as much of everyone else's as you can.

Google rushes to curb Oreo's massive appetite for your 4G mobile data

Candy
Mushroom

Battery Burn

I noticed the data switch right after upgrading and killed it then. I do a sweep through all the settings after an OS bump but never dreamed that it would have been caused by a part of the process. My assumption was that some app or other had "helped" me to optimise my phone.

As a punishment, I have seen battery life go down the drain. As much as 14% per hour with pretty light use. Anecdotally, this "sorts itself out" after a few days but I'm not seeing any evidence of that so far.

A quick search of t'interweb shows this to be pretty common and there are no obvious solutions other than going back to Nougat.

And, weirdly, my Garmin seems somewhat distressed by the update. The voice updates during activities have gone a bit high piched and wobbly. It really sounds like "she" is very upset. Perhaps by my poor athletic performance?

VMworld security asked to probe theft of anti-Nutanix schwag

Candy

Reality TV done right.

Someone has been watching Silicon Valley...

Software definer wants you to befriend the 'BFC', do a bit of 'reverse virtualization'

Candy

Friendly

Because the F in the Doom BFG stands for friendly, too...

DDN burst buffer to bimble along more briskly after boost

Candy
FAIL

Not quite blurry enough...

Someone's not got the hang of this, have they.

I can confirm that the vehicle shown in the picture is properly taxed and was most likely MOT'd in the last two weeks. What a good citizen.

Essentially puzzling: Rubin's hype-phone ties up with… Sprint?

Candy

[They want] to get its first models into the hands of as many consumers as possible...

No. No, they don't. They want to sell through enough units to prove the tech and bed down the manufacturing processes and drivers.

They literally can't sell more than a certain number (No, I don't know what that is but I've heard guesstimates of around 50k units.) as , for example, they can't ramp up production of the titanium frame in the phone to massive scale just yet.

The next model will be the one to watch if they can survive the cash bonfire needed to iron out the wrinkles and extend the range and robustness of the mods.

Reg lecture exposes the radicals intent on remaking your society

Candy
Thumb Up

He was a very engaging speaker last time around. So much so that we invited him to do a similar presentation at out company.

Really wish I could get there for this one.

BlackBerry sued by hundreds of staffers 'fooled' into quitting

Candy

Transition from Maker to Troll

I guess it was almost inevitable that when Blackberry stopped actually making handsets, they would be able to take all those defensive patents and make some money of them. Nokia seems an odd choice of target to go after, though, as they also don't make handsets any more.

Reg tours submarine cable survey ship
'Geo Resolution'

Candy

Well, that was cool.

More occasional pieces of geekery like this, please.

The rise, fall, and rise (again) of Microsoft's killer People feature

Candy

Re: [sigh]

"UI sucks although the compatibility and app range is excellent."

Exactly my experience transitioning from WinPho to Android.

Dev teaches bot to talk spammers' ears off

Candy

Their, they're.

No one will notice.

Microsoft thought of the children and decided to ban some browsers

Candy

Re: Edge is at 3.91 %

W10 has 25% share of Windows desktop OS.

Edge has 4% share of the browser market including Windows clients, *nix, mobile, etc.

Not comparing like with like...

Ankers away! USB-C cables recalled over freakin' fried phone fears

Candy

That's customer service...

...from a cable supplier, no less.

This is why I use Anker as my Go-To supplier of cables. They make a quality product and they stand behind it.

'Nuff said.

Native Skype for Windows Phone walked behind shed, shot heard

Candy

Re: This is what I call intrusive

All music/video items are used to pause/restart whatever is playing so you can take/make a call. Also for custom ring tones.

Photos are used to send/receive images and to select an avatar,

Use data on external devices required if any of the above data items is stored on an SD card.

Use your phone is used to switch to/from calls over your MSP service.

Anonymous MS account is a way to associate the device with an account without logging on so that Skype can ring when it gets a call even if you aren't yet logged into it.

Information about device is used to determine device capabilities. (Screen resolution, number of microphones, noise cancellation, etc.

Sensors is used for several things. One example is proximity to auto switch on/off the speaker when you put the phone down or pick it up.

Act as a server is required under the current perr-to-peer environment to do things like group calls.

The ones I don't know about are location, maps and calendar access. Anyone else?

NFC is used for contact 'bumps'. (I assume.)

If managing PCs is still hard, good luck patching 100,000 internet things

Candy
Coat

Patching at scale

Patching 100,000 isn't all that hard. You just have to plan and resource it right. And be fanatical about standardisation.

But...

PCs are a fairly generic block of code and hardware when it comes to patching. Aside from BIOS and driver management, they all run the same OS(es) and pull from the a standard set of applications. IoT, on the other hand, promises to need specific devices for each task, each class of device probably running different code on different hardware.

I lean strongly towards simple-at-the-edge, clever-at-the-core unless you have a very limited range of devices. I see one of the challenges for a dispersed IoT environment in replacing failed devices. At least Backblaze have them all in nice, easy-to-find racks...

'Windows 10 nagware: You can't click X. Make a date OR ELSE'

Candy

Re: can Never10 really work, tho?

Never10 implements MSs own KB to disable the nagware. It's the KB that is issued to enterprise customers. These guys are the goose a-laying golden eggs so MS is unlikely to crater them.

Normally, I'm an unashamed MS apologist but this latest twist is too much to find an excuse for. W10 is a great product but these practices are appalling.

Wayne Rooney razzles in X-Men: Apocalypse plug

Candy

Bloody 'Ell.

Did Spotify hire Alan Partridge to run its Netflix-style video push?

Candy

Rush Hours

Members of the Canadian prog rock band are each teamed up with a Hong Kong cop in a race to solve improbable murders.

Microsoft explains which cloud security problems are your problem

Candy

Re: You know it makes sense!

On-Prem. Therefore: Your problem.

SpaceX's Musk: We'll reuse today's Falcon 9 rocket within 2 months

Candy

Pricing's gonna change...

So currently, it's seen as riskier to try getting a payload aloft on a second use of the first stage. (30-50% discount).

If it turns out that they can reuse it 20 to 100 times, it'll be the first couple of launches and those as the tail end of expected life that are seen as risky. The premium will be paid for the "tested and reliable" vehicles.

Look out, Windows Phone 8 users – yes, both of you – here's ... Windows 10 Mobile

Candy

Why can't I just link my folders and view multiple accounts in one folder ?

The linked inbox feature is back in the Windows 10 client and has been for a while. Unfortunately, due to the poor (non-existent?) change log from MS it's very easy to miss these additions...

Dell offers sweet, sweet, free honeypot tool to trap hungry hackers

Candy

Re: If this works as advertised, it will be incredibly useful.

I'm well aware of the provenance of AD's LDAP component. It's delightful that you think that's all it does. It's the additional bits (you say cruft, I say features) that round out AD as the most complete and widely adopted solution.

And there's the thing. I'm not talking about technical merit, provenance, suitability, functionality or anything else. Just that it needs to be recognised that in almost every enterprise, you will find AD implemented. In most of those cases, it is the base on which the rest of the IAM infrastructure is built.

I'm willing to bet the exceptions are few and far between. There must be some enterprises using pure LDAP out there. Probably about the same number as those still relying on Banyan Vines or NetWare.

Candy

If this works as advertised, it will be incredibly useful.

Honeytokens are going to become a necessity for enterprises using AD. Which is basically everyone. (Cue howling from the 1% that "Never let the Beast of Redmond loose on their iron." News flash: You're an almost insignificant minority. Active Directory is pretty much ubiquitous.)

For example, in recent versions the telltale signature of Mimikatz has been removed so that, without honeytokens or behavioural analytics, this kind of credential theft is very hard to detect.

Definitely one to examine and, if it works well, this could become an essential part of the AD security toolbox.

Feds tell court: Apple 'deliberately raised technological barriers' to thwart iPhone warrant

Candy

Free Speech argument.

As a corporate entity rather than a person, does Apple have any protections under constitutional protection from compelled speech? IANAL but I would have thought not.

Crypto connoisseurs: Curl up with Princeton's 300-page ode to Bitcoin

Candy

Coursera offering

I've followed the Coursera unit that is linked to and found it to be a very useful primer. Definitely puts the "book" on my reading list.

Fired Norse Corp CEO blames the media

Candy

Threat Information Tool

And nary an acronym in sight...

How many Surface power cords are a fire risk? 2.25 million in the US alone

Candy

Definitely worked straight away for me and filled in the address from my existing profile. There's a profile update link on the for by the address. Perhaps you need to change the region to Europe and the country to UK on there?

Candy
Alert

Replacing those cords...

I have a few "qualifying SP2 Pro and SP3 Pro machines.

It was a doddle to complete the registration process for each one. MS have confirmed the cords are dispatched so I expect to get them in a few days. No replacement is needed for any (non-Pro) Surface or for the Docking Stations.

There is NO return program. They advised me to dispose of the existing cords and there is no provision for return.

The tricky bit was getting a replacement cord for the additional power supplies I had bought. There seems to be no simple process form this and it took me about 45 minutes on the phone to get it sorted.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2022