Re: Lisp is in an amazing number of places
PDF is based on PostScript but isn't Turing-complete (at least if one doesn't count the JavaScript that's allowed to be added to non-PDF/A documents).
Posts by Brad Ackerman
327 publicly visible posts • joined 25 Aug 2008
Malware in Lisp? Now you're just being cruel
Cybersecurity not the hiring-'em-like-hotcakes role it once was
Tuesday 4th March 2025 02:15 GMT
Re: Being young and experienced again
You can get a sysadmin who also does desktop provided that the workload is appropriate for one FTE. I've done that (and storage and networks) in the distant past. What you can't do is get it for less than entry wage at McDonald's.
If you've only got 30 users, by all means find a good MSP and let them handle everything that doesn't require in-person presence.
Bybit declares war on North Korea's Lazarus crime-ring to regain $1.5B stolen from wallet
Type-safe C-killer Delphi hits 30, but a replacement has risen
How to leave the submarine cable cutters all at sea – go Swedish
Tuesday 21st January 2025 19:29 GMT
Re: Worrying
Why would the weakest US president in history (excluding Harrison for obvious reasons) suddenly grow a spine and start sending Ukraine all the things, especially when he's busy trying to wreck American manufacturing? Biden was far too timid, but if you're looking for putting the war to an end it won't come from the MAGA faction.
The unlicensed OneDrive free ride ends this month
Tuesday 7th January 2025 19:50 GMT
Re: As much as tape has often been the bane of my life...
If you've got 100 TB to store and your on-premises servers are already in a class 8 datacenter, LTO-9 may make sense. I agree 100% about the lack of storage management; very few organizations that need to hire librarians are aware of that fact, and even the ones that are don't hire enough.
Documents that aren't personal should be stored in SharePoint folders instead of OneDrive.
(I'm a Microsoft employee but have no connection to or knowledge of M365 pricing or really almost anything that isn't public. If I had been offered Azure Blob Storage archive tier1 in Government Top Secret ten years ago when I had LTO-4 libraries, you bet I'd have been camping out in the procurement people's offices until they let me click the buy button.)
1 Or the AWS/GCP/OCI/IBM Cloud equivalent. I left that position in 2013, when Amazon had just signed the first classified cloud computing contract with CIA and Microsoft was still calling it Windows Azure.2
2 For reasons I still don't understand, it has been a low single-digit number of days since I've seen the phrase "Windows Azure" used in a production system, and it needs to stop.
After China's Salt Typhoon, the reconstruction starts now
Infosys founder calls for 70-hour work week – again – claiming it creates jobs
Tuesday 17th December 2024 01:45 GMT
Re: His maths is not very good is it...
That's the lump of labour fallacy, which is and has always been bogus.If you believed it, you'd like this guy; making everyone work 70-hour weeks would cut total productivity in half, so the employees who used to be producing 40 hours of output are now producing (if we're generous) 20, thus requiring double the FTEs to produce the same results. But can his margins survive a doubling of personnel costs, never mind what happens when quality takes a nosedive?
Man accused of hilariously bad opsec as alleged cybercrime spree detailed
Thursday 28th November 2024 18:08 GMT
Joke aside, the US generally has crap labour law, but the discrimination bits are sufficiently resembling adequate that if you attach a photo to a resume it's going directly to the circular file. Unless your job is in the performing arts, what you look like is utterly irrelevant for anything a résumé should be used for.
US senators propose law to require bare minimum security standards
Tuesday 26th November 2024 23:43 GMT
Re: Bad joke
NIST appears to be taking its sweet time. They haven't posted the slides and recording from the last 800-63 webinar (August 2024), and they opened a second round of comments for issues that could easily be left to an addendum later and certainly shouldn't justify delaying the changes from being finalized (especially the explicit ban on periodic password rotation).
Icon for what needs to be done to whomever came up with the idea of periodic password rotation in the first place and the people who've kept it going in the US government even though we've known as long as information security classification has existed that if you don't want the password on a Post-It note underneath the keyboard, it needs to be memorized. In Minecraft.
Tuesday 26th November 2024 23:39 GMT
They'd rather someone who hops the fence not be able to actually be inside the security perimeter. I'd guess our beady-eyed friends would be fine with a sally port, but then you have to potentially staff it locally rather than being remotely monitored from your security desk, and they do like to trap people inside.
Russian court fines Google $20,000,000,000,000,000,000,000,000,000,000,000
Musk's $1M election lottery raises serious legal concerns, says Pennsylvania governor
AWS boss: Don't want to come back to the office? Go work somewhere else
Would banning ransomware insurance stop the scourge?
Wednesday 16th October 2024 00:38 GMT
Re: Never
We already allow C-suites of billion dollar companies to run them into the ground in hundreds of different ways. What's so sacred about allowing C-suites to run their companies into the ground with the help of the FSB?
We don't allow Nike to assassinate people trying to buy their latest intentionally supply-limited sneaker to make it appear even more desirable; allowing them to fund the Russian invasion of Ukraine or the North Korean nuclear weapons program is no different.
Wednesday 16th October 2024 00:21 GMT
Re: Also ban cryptocurrency
It happens more often than you'd think. The Mexican cartels had cash boxes custom made for HSBC's teller windows, and the bank knew since at least 2008. OFAC dicked around until 2012, HSBC eventually paid $2.5B, which although several times their money-laundering profits apparently wasn't enough because they keep getting fined for control deficiencies. Time for DoJ and CPS to get off their asses and put the CEO/CLO/CFO in jail. A few billion dollars of someone else's money may not get bankers' attention, but a few years at FCI Ray Brook or HM Prison Wormwood Scrubs definitely will.
Sysadmins rage over Apple’s ‘nightmarish’ SSL/TLS cert lifespan cuts plot
Tuesday 15th October 2024 23:58 GMT
If you're terminating TLS at the application servers, each one is going to need a copy of the same certificate. Generate on one (or even elsewhere) and rsync to the rest. If you're terminating at the load balancer, perhaps you can reencrypt with longer-lived certificates, but ideally you'd use IPsec and/or MACsec instead.
FBI boss says China 'burned down' 260,000-device botnet when confronted by Feds
WhatsApp still working on making View Once chats actually disappear for all
Tuesday 24th September 2024 23:36 GMT
Re: Disappearing privacy
It's useful for sending messages to someone you trust to not themselves disclose them; it makes sure that they don't remain on the recipient's device to be retrieved later by a third party. (Assuming that the messages to be disappeared were properly stored in the client, anyhow.)
Icon because it's the only way to be sure.
So you paid a ransom demand … and now the decryptor doesn't work
Thursday 12th September 2024 22:54 GMT
Re: Backups!
Then had a ransomware backup strategy meeting where IT proudly talked about their 'airgapped' backup solution. Which turned out to be a product named (something like) 'Air-gap' which wasn't actually air-gapped at all.
An airgap is just a connection with unusually high latency (as Ed Skoudis said). The details matter, as Iran found out.
If HDMI screen rips aren't good enough for you pirates, DeCENC is another way to beat web video DRM
Thursday 12th September 2024 22:44 GMT
Re: and the like is doomed
And the goal of the streaming services and providers of “purchased’ video (if they can take it away at their pleasure, it’s a rental) is to lock you into their clients—to force ads to be displayed and tracking data to be exfiltrated, to make it harder to buy/rent from a different provider, and probably a few other reasons that don’t come to mind at the moment.
Google's ex-CEO U-turns after saying staff 'going home early' killed winning
Cancer patient forced to make terrible decision after Qilin attack on London hospitals
Saturday 6th July 2024 21:21 GMT
Re: Justice
Part 5 of the Investigatory Powers Act 2016 already allows intelligence agencies to apply for a warrant to conduct equipment interference (i.e., CNA); no additional statutory authority is required for government agencies to conduct cyberspace or kinetic operations against ransomware operators.
FBI encourages LockBit victims to step right up for free decryption keys
Not a Genius move: Resurrecting war hero Alan Turing as your 'chief AI officer'
Beijing issues list of approved CPUs – with no Intel or AMD
IBM lifts lid on latest bid to halt mainframe skill slips
Ransomware payment ban: Wrong idea at the wrong time
Formal ban on ransomware payments? Asking orgs nicely to not cough up ain't working
Thursday 4th January 2024 06:58 GMT
Re: A simpler solution…
Existing sanctions would be more than adequate when combined with requiring affirmative identification of the recipient of cryptocurrency transfers and correcting any lack of whistleblower commission. If you can identify the recipient and it’s a sanctioned entity, the transfer has to be blocked. If you lie about it and the US takes an interest, say hello to several years of prison1 for everyone who signed off on that transaction; and probably several more people who didn’t directly participate, but commit misprision by deleting communications about it.
The odds of any cryptocurrency industry surviving a regime with that level of AML enforcement border on nonexistent; but if cryptocurrency can find a legal use2 and environmental concerns are addressed with a carbon tax, it should be allowed to continue existing.
1 Conspiracy to fund a sanctioned entity is a big-boy federal offence, so state parole policies do not apply. You serve the sentence you get, and by “several years” I'm assuming your C-suite has no previous record and the gratuity paid to attackers isn’t more than a megabuck. More money is more jail, possibly getting into double-digit years — not that it’s likely to happen more than once with a 10% whistleblower commission.
2 Stranger things have happened.
FBI develops decryptor for BlackCat ransomware, seizes gang's website
Musk tells advertisers to 'go f**k' themselves as $44B X gamble spirals into chaos
Friday 1st December 2023 01:17 GMT
Re: Delusional narcissist
The house speaker is 3rd in line to the presidency. What would happen if someone filled that role who was ineligible to be president and the president & VP both became unable to fill the roles? Would it skip past them to the next in line?
Yes. The order of succession is statutory; the requirement to be a citizen from birth is constitutional.
X's legal eagles swoop on Media Matters over antisemitic content row
Tuesday 21st November 2023 19:54 GMT
Re: I assume that the eagles have been paid up front
These aren't top lawyers. Musk has retained biglaw for the suits he's defending, but this one is too dumb for them to risk their reputation on even if they were to be paid in advance.
This suit was filed by some political hacks whose sole qualification is having worked for the Texas AG/SG offices and not yet having been disbarred.
HP sued over use of forfeited 401(k) retirement contributions
Ex-GCHQ software dev jailed for stabbing NSA staffer
Saturday 4th November 2023 20:44 GMT
Re: Stabby stab
Let's ban motorcycles, cars and trucks! Won't all y'all think of the children?
Banning Chelsea tractors would be a quick win. Cars need a weight tax. But what's needed for safety in the US (unless leftpondia has seen a recent influx of monster trucks) are German driving education requirements, actual safety standards that consider people outside of the vehicle (this one is in progress, but slowly), and a fsckton of bollards.
GNOME developer proposes removing the X11 session
CDW data to be leaked next week after negotiations with LockBit break down
Bombshell biography: Fearing nuclear war, Musk blocked Starlink to stymie Ukraine attack on Russia
Saturday 9th September 2023 20:02 GMT
Re: So Musk has blood on his hands
Oryx has photos of all the assets they count so it would be easy to eliminate decoys. But yes, both sides are using them; albeit cardboard isn't AFAIK used for that. (They're wooden or inflatable; cardboard is used for drones, however.)
Pity the story from WWII about the UK dropping a wooden bomb on a group of wooden German decoys is likely fake.
The Pentagon has the worst IT helpdesk in the US govt
Apple security boss faces iPads-for-gun-permits bribery charge... again
Wednesday 30th August 2023 00:47 GMT
The ability to give special privileges to your friends is the best-case explanation of why may-issue CCW regimes are in place in the US. You'll know an American jurisdiction is serious about gun control when there is an objective licensing process that applies equally to all, and someone who needs otherwise-illegal firearms for their job (whether it's police officers or private-sector workers) has to check them out of their employer's armory at the start of their shift and check them back in at the end.
OpenZFS 2.2 is nearly here, and ZFSBootMenu 2.2 already is
Wednesday 16th August 2023 19:05 GMT
Re: ZFS... pls explain
To enlarge a ZFS pool by replacing drives, you need to replace each drive in a zvol with a larger one. Assuming your zvol is composed of one or more 2-wide mirrors, you would add the new drive to a mirror, wait for resilvering to complete, drop one of the two existing drives from that mirror, and repeat for the other. Here, you created a new 1-wide mirror, which is indeed a pain to recover from and not an uncommon error (especially when attempting to add a cache disk).
If you don't actually have any free drive bays, you can use an external dock to resilver the new drive or YOLO drop one of the existing mirror drives to add the new drive in its place.
Dan Langille has written up this procedure on his blog.
CISA boss says US alliance with Ukraine over past year is closer than Five Eyes
AWS: IPv4 addresses cost too much, so you’re going to pay
World's most internetty firm tries life off the net, and it's sillier than it seems
Monday 24th July 2023 17:50 GMT 
What Google is doing here is what Microsoft already does (and I assume Google and Amazon) for privileged access—a locked-down computer with only specified applications/websites allowed. If you need something that's not available in that list, you can open a remote desktop session to a less restricted system or use your phone or other laptop.
Biting the hand that feeds IT
