Posts by bish

Re: assuming..

Could be that I’m reading it wrong, but the article seemed to me to suggest that, yes, /etc/pam.d/ had a compromised module installed on affected systems. They also mention (somewhere, perhaps not in the article: I read a few different links) that they don’t actually know how the payload is supposed to be pushed to target systems. I’m willing to bet the answer is via piggybacking on some other legitimately root-requiring installer script. I’m just curious about who built it, tested it and then apparently didn’t get around to using it.

Sweet summer child…

“What are the actual of cost of ongoing support compared with buying new H/W to replace kit which is functioning quite satisfactorily? I'm sure MS would prefer to keep what in effect becomes a subscription going as opposed to the one-off price of a W11 "perpetual" licence and will price it accordingly.”

Consumer price is $30 for the first year. Businesses pay $61. Educational customers $1. But it doubles each year, and so far MS are insisting that the ESU will only run for three years, so that means $210/$427/$7* per PC over the three years PLUS the cost of then buying new hardware (with a nice new MS license bundled in - hear those Redmond cash registers sing!) if they decide to stay aboard the Microsoft train.

A comparison with switching to new hardware right away obviously depends a lot on what’s being dumped and what’s bought, along with complicated formulae for amortisation and other financial things I don’t fully understand, but the bottom line is that whatever you’d like to imagine about Microsoft’s benevolent customer-first approach simply ain’t true: depending on how sympathetic you are to their need to extract cash to fund extended patch support this is at best them speaking softly and carrying a very, very large gun, and at worst, a shameless shake down of people who very likely have not upgraded their hardware because they cannot afford to.

*don’t laugh at that last one - many schools will have a few hundred PCs and extremely limited budgets.

Re: Outlook/Exchange ?

Wouldn’t necessarily need a VM - Wine is actually pretty good for most things now, in my experience.

*runs for cover*

Re: Reactionary but...

I'm actually left handed, and I touch type. GUIs are made for the majority demographic - it would be nice if more and better accommodation was made for lefties, but it isn't and, as I said, I can get on with my day just fine. And sure, back in the day I did everything on the keyboard, but when you've 30+ tabs open and are copying from one near the left and pasting to one near the right, the mouse is bloody useful.

Everyone thinks they have all the answers and if only they were in charge we'd have a Utopia - UX isn't easy, and for the most part, the people doing it for the big OSes do a decent job of making it self-explaining. Except Windows 11, obviously.

Re: It was all downhill after Snow Leopard

Snow Leopard was properly rock solid and bomb proof, too (for my uses: ymmv). It seemed like they'd finally cracked it, and the spinning beach ball of death had been vanquished once and for all. But no, it was a total one off. I've put it on a handful of older machines in the last couple of years, and while it's a bit visually rusty and misses a few features I've come to rely on, it remains the snappiest and most stable (excluding earlier-age, featureless stuff) consumer OS I've ever used.

Re: You lied

You didn't ask me, but I'll answer: I own a few of Amazon's Echo Dots. Our primary use for them is as a cheap multiroom Spotify/Plex music system (they're all hooked up to semi-decent speakers, before any audiophiles get cross), and occasionally I'll use them to listen to UK radio (I'm in Vienna, so it's a convenient way to keep up with events in Blighty) or find out whether it's expected to rain before I head out. I also use them for making calls to some family members who struggle with phones. In my case they're almost entirely unnecessary, I could easily bin them without any real problems (pretty sure I could make the calls from the Alexa phone app, though I haven't tried), but I have two elderly relatives with mobility issues for whom they're genuinely life-improving devices, for reasons which ought to be obvious.

I partly agree with martinusher - it does seem that the researchers deliberately made useless 'skills' just to game the system and get a headline, but I'd argue that only makes things worse: if the skills in question had little relevance or usefulness to customers, that ought to have made the vetting team more suspicious, and will have meant the obfuscation ought to have been easier to spot. If you hide something malicious in a much more complex, fully functional skill, it will in all likelihood be much harder to spot than if the malicious code makes up the bulk of the skill. I dare say most malevolent parties will go to more effort to conceal their scams than these researchers did, which raises serious questions on what other Alexa skills might currently be available.

It's a fact well-known that vetting processes (of all kinds, from app stores, to content online, to personal background checks for employers) are seldom perfect, and it should come as no surprise that it's possible to make dodgy skills available to the public - users of course need to be aware of the risks and cautious about what they install on their devices - but the fact that precisely none of these researchers' rule-breaking apps were rejected is a legitimate cause for concern. If Amazon's best argument is that their post-approval auditing process would've done a better job of removing the rule-breaking skills, that only begs the question of why this process happens after, rather than before, approval.

Re: Why some people keep on reinventing the ill-fated Palm Foleo?

The main selling point would appear to be that, because all the processing is external, it can easily be upgraded and therefore - in theory - last longer. I suppose in that respect it *might* be possible to bill it as a less-wasteful solution than a traditional laptop, although I have my doubts about how long the keyboard and screen will last. I'd be interested to know how easy it is to replace the battery, too, because if it's anything other than a simple external, screw-less latching system, the whole premise of longevity falls down immediately. And of course, I'd have to believe that they'll continue to make suitable replacement batteries...

Nah, I'm really not sold on it, either. The fact they claim it's a great solution for carting a PS4 around suggests to me that they really haven't figured out the point of it themselves.

Re: Firmware?

Seems like a decent theory. I definitely don't buy into the suggestion it's purely hardware - I don't remember any complaints about WiFi connectivity at launch.

Re: Fan of fans

Yep. Wish I'd ordered mine right away, rather than bumping up against the throttling threshold for a week.

Re: Error Messages

I could be wrong, but in my opinion, all of following statements can be true:

1) Father Ted was a very funny show.

2a) Graham Linehan's conduct on social media isn't always exemplary, and is often rather unpleasant.

2b) This can make it hard (for some) to appreciate his work.

3) As a (global) society, we're still a long way from adequately defining gender in any meaningful way.

4) Transgender people should not be oppressed.

5) Issues around transgender people and trans rights are incredibly complex, and the likelihood of such a tricky and sensitive set of arguments being resolved in a massively off topic BTL thread on El Reg is so vanishingly close to zero, any further discussion of the subject here is essentially pointless.

6) You (whoever is reading this) have every right to disagree with any and all of these statements.

7) My comment isn't an attempt to shutdown or censor debate, merely an attempt to point out that there are many other places on the Internet where one can shout at people with different opinions. This is not really one of those places: this is the comments section of a lighthearted article about an anonymous IT worker's confession to a couple of stupid mistakes.

Absolutely right (and the people below you too) - as I said, being transparent about operating this way doesn't mean you'll lose all of your customers, some people are happy to pay to make the bad things go away. But not being transparent about it is also the difference between a legitimate IT service and a possible case of fraud.

I'm not saying you're wrong but...

You're almost certainly wrong. The speakers are driven by the same source, and the speakers reportely sound great on both this phone and the Samsung Tab S5e. As this review says:

"It was good coming out the speakers at the base...but the headphones? It felt like we were at the back of the hall and kept increasing the volume in the hope the sound would get stronger and clearer."

This sounds to me like one of the channels is out of phase with the other - or, more outlandishly (but fitting better with the description) crosstalk between, or even summing of, the two channels, AND one of them being out of phase, causing phase cancellation that leaves only the sounds that are unique to either channel (if you've ever used one of those dreadful karaoke/vocal removal DSP plugins, you'll recognise the description of sounding like you're 'at the back of the hall'), - which is hopefully just a cock up on an early release review unit. If that's what's going wrong, the cause could be either software or hardware related, and as long as the hardware isn't too desperately badly wired (ie the two channels are reasonably discreet and not wired together) the fix could be either, too.

Either way, though, if Google are going to bother including a headphone jack, they really ought to make the effort to ensure it works properly, regardless of whether many - or even most - customers will never use it.

Re: Entertainment system pen testing

I rather suspect that the next generation of in flight entertainment systems on Ryanair flights will involve large screens, endlessly looping adverts and the Ludovico technique. Customers can simply pay a £50 upgrade fee to retain control over their eyelids.

Re: ZpulNg

Yep, it's entirely deliberate, and actually just good social engineering: on the one hand, you don't waste time on anyone tech-savvy, and those who you do catch are often too embarrassed to ask their technical friends and family for help, and on the other, you allow the techie types to think you, the criminal, are far too stupid to concoct a convincing phishing scam, which makes them far more vulnerable (through misplaced confidence) to spear phishing. I wish no ill of Dabbs, but I'd be very surprised if he could correctly identify a well-executed spear phishing attack: the good ones can be incredibly hard to detect, and aren't even necessarily about getting you to hand over a password. Sometimes they simply want your correct email and signature, so they can convincingly spoof a message as you to someone else.

Re: Replace it

It doesn't require a spare external drive at all, you can simply format a blank drive and start installing games again. It'll take a while, because PSN download speeds are painful, but it's possible.

Re: Even if you couldn't replace the board

It's the board that costs $30. The scooters themselves are being auctioned off, so prices inevitably vary - but you're absolutely right that many appear to be going for a lot less than the combined cost of the components. I have no use for an electric scooter, but it could be a great way to pick up some cheap batteries and motors with which to build something else, assuming you aren't outbid by someone who actually values them as scooters.

300 baud!? You were lucky...

... There were a hundred and sixty of us living in a small shoebox in the middle of the road, cueing up once a week for a chance to use the village carrier pigeon.

Re: Mine are dead

Just for the record: andy-whatever-number is fully entitled to his opinion, as are you, Anonymous Coward, (and the AC before you). I wasn't remotely offended by Andy's opinion, but it did strike me that he had mistaken his comment for a brilliantly satirical skewering of foolish hipsters, rather than a fairly base bit of snobbery, and I felt it only right that someone disabused him of that particular notion. I didn't and don't wish to censor him, you, or anyone else... but that cuts both ways, and I believe we're all entitled to call out dumb opinions when we see them.

Re: but that's the same as everyone elses review!

True enough, but the point is that if there's no added value in buying the 'consumer' unit compared with just throwing together some off the shelf parts and spending a few hours soldering, printing and flashing an SD card - and if the latter approach is *cheaper* - then the consumer unit is pretty pointless.

If it was possible to build something *as good as* an iPhone, for *cheaper* than an iPhone, and the only added cost was a maximum of a day's work, there would be a lot more people building their own phones. They don't because the parts wouldn't be cheaper, iPhones are engineered to a standard much better than the average hobbyist could ever hope to achieve, and iOS isn't horrendously buggy while a roll-your-own phone OS can be pretty intimidating. (Installing an emulator shouldn't really intimidate anyone who wants to play Spectrum games!) This Speccy knock off doesn't tick any of those boxes, so I've no idea why anyone would spend more money for something less good - a Pi wouldn't be nearly as limited in playable games, and it could be repurposed if you got bored of it, unlike this thing, which will inevitably end up in landfill.

Lay off the kool aid

First of all, you're calling out the Register's article as 'BS', but using a quote from a completely different source: the article, in that section, is quoting what Andrew Tierney wrote elsewhere. You can call bullshit on Tierney's opinions (and you'd be wrong) but you can't call bullshit on El Reg, since they're just accurately reporting someone else's (relevant and informed) opinion on the story.

Secondly, and finally, you seem to think 'hacking' is exclusively about using code to manipulate factory standard kit. Social engineering, bugs/key loggers, rubber duckies, etc etc are presumably not 'hacks' in your world, since they don't fit your absurdly narrow requirements that hacks use only stock hard/soft ware. You'd presumably also argue that even software exploits aren't technically vulnerabilities, because people aren't supposed to use software that way. God help anyone who relies on you for tech/security advice.

Re: A common occurrence

Those 'pass through' ports are, in my experience, often 10 Mbit/s. So when you've specifically allowed for two gigabit ports per desk, to ensure the thin clients' remote desktop connections glide along smoothly without being snarled up by the ancient phones, it's rather frustrating when, every couple of weeks, the office staff do a tidy up and some smartarse decides to start daisy chaining devices, and you immediately get support tickets for 'help! URGENT!! computers are slow again'. And no one will admit to even realising the cables were there, much less having dared to touch them.

I'm so glad I don't work there anymore.

Re: "Really? In the cameras themselves? That’s kind of hard to believe. "

I found the disbelieving tone quite hard to believe. As you've said, it's really not so novel an idea.

Re: Eh.. Get an office Jnr its easier....maybe

GPS? It's just got to follow the PFY. And while you might use a duino to drive the motors, you'll want the Pi for the brains (whatever following system is used, and obstacle avoidance).

But the really difficult part here is 'without spilling a drop'. If we're talking about pints, in proper, broad-rimmed pint glasses, filled to the brim, putting them on any kind of motor vehicle without spillage is damn tricky. The platform will have to be suspended nicely so that it remains flat, and even then, the robot will need to avoid sudden jerky movements.

I'd probably just give the PFYs a talk on why the business is transitioning to performance-related pay, and clearly explain their new KPIs.

If the last couple of weeks have shown anything, it's that Zuck is the absolute king of the straw man. Whether it's his 'maybe I shouldn't be the one in charge of Internet censorship' or this 'I can't fix everything', he's a master at trotting out arguments that make clear he's just this guy, you know, and can't be responsible for everything Facebook does.

Which is perfectly reasonable. Except that he's their CEO, and responsible for everything they do.

Re: Sadly a lot of bollocks being talked here

Wish I could upvote you more.