Meanwhile, the big advantage of Clojure over Java is that it has fewer parentheses. LISPs are awesome that way.
Posts by Brad Ackerman
300 publicly visible posts • joined 25 Aug 2008
OpenDylan sheds some parentheses in 2025.1 update
Microsoft is about to retire default outbound access for VMs in Azure
Re: Doomed
Azure Virtual Network Manager is the solution for giving developers a subscription with owner permissions; it applies security rules at the management group level (one above subscription and they're nestable). Set that up and nothing they do will permit their RDP endpoint to accept traffic from the internet.
(I work for Team Blue, but they're not paying me nearly enough to comment for work.)
Huawei chair says the future of comms is fiber-to-the-room, which China has and the rest of us don’t

Re: Going beyond 10Gb/s requires fiber for now
If someone were to make a sufficiently high order commitment to the silicon vendors, they could get 25 or 40GBASE-T into production; by "sufficiently high" I mean Amazon/Google/Microsoft/Facebook/Tencent/etc, and none of these are interested in building an AP1000 unit just to power a single data center's PHYs. Except for out of band management, none of the above are going to put anything slower than 40G in a cloud server and for current server SKUs I have my doubts about speeds slower than 100G being worth the trouble. So Cat8 will cost you a ridiculous amount of money to install because of the extra difficulty and you'll never be able to use it beyond 10G, so if you were thinking about it for 10GbE length reasons you'd just run OM4 instead.
The one known use case for better than 10G between rooms at home is not caring which your NAS is in.
Re: An eventuality..
There were plenty of 100B-SX line cards shipped when that was a thing. Intelligence agencies liked it because every transmission line is an antenna and it's easier to prove that nobody can pull bits off your fiber from the other side of SR 123, but their easy availability at my local recyclers seems to imply they had use beyond classified systems. STP cable has been easily available for decades and is more than adequate to mitigate that attack, so these days copper is usual, but fiber is still preferred in some applications at or below 1G.
Europe slams online tat bazaar AliExpress for dodging obligation to stop dodgy traders
I'd buy some of their lawn decorations if I had a lawn to put them on, but given that the enforcers of the Wassenaar Arrangement have had their sense of humor surgically extracted I'd want to have export-control solicitors on retainer before having clicked the buy button.
https://www.aliexpress.us/item/3256808773726461.html
Re: Great !
I wouldn't complain if the injectable bleach and keyboard-walk-themed purveyors of 16TB UHS-II microSDXC cards went away, but those of us in Festung Amerika need our sources for modern sunscreen formulations since the FDA is still sandbagging it despite Congress having very bipartisanly told them to knock it off multiple times. Melanoma is bad enough without the government preventing you from doing the thing that makes it less likely.
/e/ OS 3.0: Slightly less clunky, slightly more private
Re: The most important question
Time for some more consumer protection law updates. The EU did mandatory data export, so there's no reason they can't mandate MFA standards. (I'm assuming EU and other countries that implement their laws since as we all know consumer protection in leftpondia is even more limited than the bassackwards banking system.)
Brit space sector struggles to compete with £90K graduate banking salaries
Re: > banker salary in London
The policy of the UK government ever since the Town and Country Planning Act 1947 has been to discourage the construction of housing (obviously only when it can't be banned entirely). Parliament and local councils don't want housing to be affordable; they want it to be limited, which is why planning permission for building housing is entirely discretionary rather than ministerial.
Spy school dropout: GCHQ intern jailed for swiping classified data
Need for speed? CityFibre punts 5.5 Gbps symmetrical broadband at ISPs
Pentagon declares war on 'outdated' software buying, opens fire on open source

Re: There are three urgent priorities here.
Any USG employees with Bics are bringing their own. The standard USG writing implement is provided by Skilcraft and represents the state of the art in anti-pilfering technology. Supply rooms aren't emptied overnight by amoral GS-15s—mostly because they're never stocked in the first place, but also because Skilcraft pens suck so hard that nobody in their right mind would consider taking one home with them.
Good luck to DoD if they try to operate without French and German smart cards, though.
Computacenter IT guy let girlfriend into Deutsche Bank server rooms, says fired whistleblower
Artist formerly known as Indian Business Machines pledges $150B for US ops, R&D
Duolingo jumps aboard the 'AI-first' train, will phase out contractors
Booby-trapped Alpine Quest Android app geolocates Russian soldiers
Guess what happens when ransomware fiends find 'insurance' 'policy' in your files
Malware in Lisp? Now you're just being cruel
Cybersecurity not the hiring-'em-like-hotcakes role it once was
Re: Being young and experienced again
You can get a sysadmin who also does desktop provided that the workload is appropriate for one FTE. I've done that (and storage and networks) in the distant past. What you can't do is get it for less than entry wage at McDonald's.
If you've only got 30 users, by all means find a good MSP and let them handle everything that doesn't require in-person presence.
Bybit declares war on North Korea's Lazarus crime-ring to regain $1.5B stolen from wallet
Type-safe C-killer Delphi hits 30, but a replacement has risen
How to leave the submarine cable cutters all at sea – go Swedish

Re: Worrying
Why would the weakest US president in history (excluding Harrison for obvious reasons) suddenly grow a spine and start sending Ukraine all the things, especially when he's busy trying to wreck American manufacturing? Biden was far too timid, but if you're looking for putting the war to an end it won't come from the MAGA faction.
The unlicensed OneDrive free ride ends this month
Re: As much as tape has often been the bane of my life...
If you've got 100 TB to store and your on-premises servers are already in a class 8 datacenter, LTO-9 may make sense. I agree 100% about the lack of storage management; very few organizations that need to hire librarians are aware of that fact, and even the ones that are don't hire enough.
Documents that aren't personal should be stored in SharePoint folders instead of OneDrive.
(I'm a Microsoft employee but have no connection to or knowledge of M365 pricing or really almost anything that isn't public. If I had been offered Azure Blob Storage archive tier1 in Government Top Secret ten years ago when I had LTO-4 libraries, you bet I'd have been camping out in the procurement people's offices until they let me click the buy button.)
1 Or the AWS/GCP/OCI/IBM Cloud equivalent. I left that position in 2013, when Amazon had just signed the first classified cloud computing contract with CIA and Microsoft was still calling it Windows Azure.2
2 For reasons I still don't understand, it has been a low single-digit number of days since I've seen the phrase "Windows Azure" used in a production system, and it needs to stop.
After China's Salt Typhoon, the reconstruction starts now
Infosys founder calls for 70-hour work week – again – claiming it creates jobs
Re: His maths is not very good is it...
That's the lump of labour fallacy, which is and has always been bogus.If you believed it, you'd like this guy; making everyone work 70-hour weeks would cut total productivity in half, so the employees who used to be producing 40 hours of output are now producing (if we're generous) 20, thus requiring double the FTEs to produce the same results. But can his margins survive a doubling of personnel costs, never mind what happens when quality takes a nosedive?
Man accused of hilariously bad opsec as alleged cybercrime spree detailed

Joke aside, the US generally has crap labour law, but the discrimination bits are sufficiently resembling adequate that if you attach a photo to a resume it's going directly to the circular file. Unless your job is in the performing arts, what you look like is utterly irrelevant for anything a résumé should be used for.
US senators propose law to require bare minimum security standards

Re: Bad joke
NIST appears to be taking its sweet time. They haven't posted the slides and recording from the last 800-63 webinar (August 2024), and they opened a second round of comments for issues that could easily be left to an addendum later and certainly shouldn't justify delaying the changes from being finalized (especially the explicit ban on periodic password rotation).
Icon for what needs to be done to whomever came up with the idea of periodic password rotation in the first place and the people who've kept it going in the US government even though we've known as long as information security classification has existed that if you don't want the password on a Post-It note underneath the keyboard, it needs to be memorized. In Minecraft.
They'd rather someone who hops the fence not be able to actually be inside the security perimeter. I'd guess our beady-eyed friends would be fine with a sally port, but then you have to potentially staff it locally rather than being remotely monitored from your security desk, and they do like to trap people inside.
Russian court fines Google $20,000,000,000,000,000,000,000,000,000,000,000
Musk's $1M election lottery raises serious legal concerns, says Pennsylvania governor
AWS boss: Don't want to come back to the office? Go work somewhere else
Would banning ransomware insurance stop the scourge?

Re: Never
We already allow C-suites of billion dollar companies to run them into the ground in hundreds of different ways. What's so sacred about allowing C-suites to run their companies into the ground with the help of the FSB?
We don't allow Nike to assassinate people trying to buy their latest intentionally supply-limited sneaker to make it appear even more desirable; allowing them to fund the Russian invasion of Ukraine or the North Korean nuclear weapons program is no different.
Re: Also ban cryptocurrency
It happens more often than you'd think. The Mexican cartels had cash boxes custom made for HSBC's teller windows, and the bank knew since at least 2008. OFAC dicked around until 2012, HSBC eventually paid $2.5B, which although several times their money-laundering profits apparently wasn't enough because they keep getting fined for control deficiencies. Time for DoJ and CPS to get off their asses and put the CEO/CLO/CFO in jail. A few billion dollars of someone else's money may not get bankers' attention, but a few years at FCI Ray Brook or HM Prison Wormwood Scrubs definitely will.
Sysadmins rage over Apple’s ‘nightmarish’ SSL/TLS cert lifespan cuts plot
If you're terminating TLS at the application servers, each one is going to need a copy of the same certificate. Generate on one (or even elsewhere) and rsync to the rest. If you're terminating at the load balancer, perhaps you can reencrypt with longer-lived certificates, but ideally you'd use IPsec and/or MACsec instead.
FBI boss says China 'burned down' 260,000-device botnet when confronted by Feds
WhatsApp still working on making View Once chats actually disappear for all

Re: Disappearing privacy
It's useful for sending messages to someone you trust to not themselves disclose them; it makes sure that they don't remain on the recipient's device to be retrieved later by a third party. (Assuming that the messages to be disappeared were properly stored in the client, anyhow.)
Icon because it's the only way to be sure.
So you paid a ransom demand … and now the decryptor doesn't work
Re: Backups!
Then had a ransomware backup strategy meeting where IT proudly talked about their 'airgapped' backup solution. Which turned out to be a product named (something like) 'Air-gap' which wasn't actually air-gapped at all.
An airgap is just a connection with unusually high latency (as Ed Skoudis said). The details matter, as Iran found out.
If HDMI screen rips aren't good enough for you pirates, DeCENC is another way to beat web video DRM
Re: and the like is doomed
And the goal of the streaming services and providers of “purchased’ video (if they can take it away at their pleasure, it’s a rental) is to lock you into their clients—to force ads to be displayed and tracking data to be exfiltrated, to make it harder to buy/rent from a different provider, and probably a few other reasons that don’t come to mind at the moment.
Google's ex-CEO U-turns after saying staff 'going home early' killed winning
Cancer patient forced to make terrible decision after Qilin attack on London hospitals
Re: Justice
Part 5 of the Investigatory Powers Act 2016 already allows intelligence agencies to apply for a warrant to conduct equipment interference (i.e., CNA); no additional statutory authority is required for government agencies to conduct cyberspace or kinetic operations against ransomware operators.