* Posts by Cardare Anbraxas

9 posts • joined 20 Aug 2009

Brave new Boris-bikers banjaxed by broken boxes

Cardare Anbraxas

Serco? Seriously?

Serco are terrifyingly bad at providing a working service. After having to deal with Serco support during a call to fix a problem with their school information management platform Facility CMIS, I actually think AOL support is pretty good, despite the fact that you probably pay £1.50 a minute to be on the phone with them and £10,000 a year for software maintenance and support for CMIS. Not to mention that CMIS itself is a horrible mess, it was designed so you were forced to go on training in order to know how to use it for basic things, never mind actually managing it. It's the least intuitive and user friendly system I've ever had the misfortune of managing and you have to think twice when managing it because one menu click that says one thing might mean it'll do something else that is potentially fatal to the data contained within. It's lost when that happens, Serco's support team is worse than PC world's aftersales service.

I've dealt with the best of the best support services, and I've also dealt with the worst, the worst being Serco. I'm not surprised this didn't work. If plotted for Winter launch, shows a great lack of confidence in their own product, they know they put a half-arsed attempt in to making it a success, and as a result it didn't work.

Best thing London can do is write-off everything Serco has done for them, and contract a firm which prioritizes their clients, and not their bottom-lines.

Google's encrypted search casts shadow on web analytics

Cardare Anbraxas

Oh they did

Before the current refit of Google search, hovering over the link showed the link you'd expect to go to, but the second you clicked it, it changed to a Google link, with the real link encoded in to the end and your browser would use that instead.

They probably still can but the above doesn't work, possibly instead some strange javascript stuff in the background dynamically changing hrefs, but I'm too lazy to run Wireshark while Google searching to test.

Interesting results to be found if you Wireshark while installing Google Chrome, and then doing anything with Google Chrome after install. Each install has a unique ID. IP addresses? Google don't need 'em when they have your Chrome install's unique ID. No idea if Chromium suffers with this, not tried.

Rootkit blamed for Blue Screen patch update snafu

Cardare Anbraxas

This is quite true...

Yeah, I'm already aware of this, but the use of WinPE is restricted only to specific licence holders surely?

WinPE 1.3 EULA - eula.txt (Still valid for XP users I believe, versions beyond, I'm not sure)


You may only install and use the SOFTWARE PRODUCT if you are an active Microsoft Software Assurance Member ("SAM") for the systems product pool or servers product pool, if you currently have license coverage for Microsoft Windows operating system (OS) Upgrades via a Campus Agreement or School Agreement, or if you are a current or former participant in the Windows XP Joint Development Program, Windows XP Rapid Adoption Program, Windows .NET Server Joint Development Program, or Windows .NET Server Rapid Adoption Program. If you do not meet one or more of the requirements listed above, you may not install or use this SOFTWARE PRODUCT and you must terminate the installation of this SOFTWARE PRODUCT immediately"

This must be old as Campus Agreement doesn't exist anymore. That doesn't include a fat lot of people though, so unless there have been changes to this to allow SOHO users to create and use WinPE media without a Volume Licence, then again, a Linux Live CD is the only route, so to assist with recovering a home PC outside of work, I'd be breaking my Windows XP EULA. Sure, I can do it, but it's not entirely legal. (Anyone know if this has changed for Vista/7?) Using recovery partition/media is all well and good, but it nukes your data rather than assists in recovery. This said, and I'm sure most here will agree, not a lot of home users would even know what to do with a Linux Live CD. Some small offices with sysadmins might, medium size businesses, more likely, and enterprise almost certainly. A home user just wants a big fat red button that fixes everything. I would rather drop to a bash prompt and have a plethora of tools to do what needs to be done. And if at work, a Ghost disc usually comes in handy. At least I'm not left asking "Are we licenced for this?".

Cardare Anbraxas


Oh right, so home users now have the appropiate licencing to create WinPE/WinRE discs? There was me thinking that WinPE was only for OEMs and WinRE was only available to those running XP Professional.

I'll stick with my Linux custom live CDs, ClamAV and a whole host of tools, without having to pay extra for the licencing or break the law. ;)

I'm a Windows sysadmin, and even I am all too aware that Linux, with the appropiate tools to hand, is better at fixing Windows than Windows is. DOS prompt just don't cut it anymore.

Aussie ISP beats Hollywood on 'copyright' rap

Cardare Anbraxas
Thumb Up

A first, hopefully of many

A judge who actually upheld "justice"? Now there's a rarity!

Despite all my grievances of the Australian government and it's very own "Great Firewall of China" being forced upon it's law obiding tax-paying citizens, this is a good story atop many negative stories coming from Australia and I'd gladly toast to this judge with a pint of Fosters and perhaps a nice cup of Tetley's tea.

I buy all the movies I want to watch legitimately and music I want I buy from 7digital (over Spotify), so I'm no infringer, but as a person who quite willingly gives lots of money to these industries they need to sort their act out and treat their legitimate customers with the respect they deserve, rather than limit them with DRM technologies and occasionally accuse them of being copyright infringers.

What they should be doing is knocking the prices of their music and film content down for those doing legitimate digital distribution (no physical packaging or media), no DRM and added benefits only for those who purchased the content (Bit like what the games industry is doing right now - some of it is shady tactics to stop reselling of games, but the ability to play online is a pretty bit plus to buying the real game rather than using a pirate copy).

Firefox-based attack wreaks havoc on IRC users

Cardare Anbraxas


I don't think in my years of experience seen a browser open a mailto: link (unless it was Netscape Navigator), let alone the others you mentioned (file: excluded as it is a genuine feature). Not even IE or Safari have the capacity to deal with most of those, Opera might, Konqueror may handle smb: links but as for others, I've never had the need). I have however seen them open other applications, and pass the data included in the address to the application, but the browser itself, unless given the ability to do something with those links through an extension, has no need to communicate with any other port than 80 or 443. Of course, small exceptions can be made for servers running web services on alternative ports such as vSphere, but those should be explicitly entered on to a whitelist (and if neccessary pushed out via a group policy type system to multiple workstations) rather than all out allowed.

Firefox is strange. Some ports it disallows communication on, but others, even though they most certainly aren't standard http ports, it allows.

SF's rogue admin finally gets day in court

Cardare Anbraxas

A proper sysadmin

End users are usually completely and utterly incompetent, and it seems SF's mayor and staff below him are just as bad, but thats how governments roll isn't it?

Every time I give a new staff member a password so they can log in I always get "Can you make it a bit easier, like 12345 or pppppp?" and as someone who praises strong security policy and, if given the power, enforce far stricter password policies, this sysadmin should be paid millions in compensation for the stuff he's had to deal with. And also, if you place a privileged password in a safe, anyone with a restricted account that has access to that safe only has to take the account name/password for the privileged account and log on as that user so they can change their wallpaper or install MSN. If they bugger something up bigstyle as a result, who's head does it fall on? They're not logged in as themselves, so it falls on the person who owns the account, the sysadmin.

IT Technical staff are the ones that should be first on your christmas lists as the ones who manage to keep data safe, network functional and implement cost saving or competition beating network upgrades. The reason you don't have problems is because of the IT team, and when you do it's the IT support guy that comes out to you. IT staff should be given more job perks and benefits. Sod the end users who don't care for data security and blame someone else when their data gets wiped or distributed because they walked out the room without locking their PC for a few minutes thinking it'll be fine.

Management or staff who have nothing to do with managing the IT provision should NEVER EVER have any privileged access to the network. Doing so allows those staff to create problems that can affect the entire organisation and blame them on others rather than their own incompetence. Share data like passwords to privileged accounts between your own team, (you're not ALL going to die simultaneously, so long as you don't all get in the same car and the driver is a chav) and nobody else. Those with IT experience know their job, what it entails, and what data they are privvy to.

I mean, I have access to all the payroll, finance, information management system and literally everything. I don't go looking through it because it's nothing to do with me, but I'll do what is neccessary to protect it from end lusers.

Did anyone read one of El Reg's previous articles on how SF published the passwords Childs disclosed to SF's mayor for public record? Management are just as incompetent as end lusers.

I appluad this sysadmins efforts, and hope his court case against SF is a success.

I demand that SF STOP this action against a sysadmin doing his job, and doing it well.

Apple seeks OS-jacking advert patent

Cardare Anbraxas

Depending on it's use this is good and bad.


Users and workers who have paid the Apple tax for their devices get ads shoved in their faces at regular intervals. If this is the case, then the future will be belong to Microsoft, Google (Either one of these may licence the forced-ad patent) or Linux (unlikely, users looking to migrate away from an OS which disables itself while an ad displays will go in this direction).

Good 1:

Apple start providing a budget line of Macs with the Adware integrated in to the OS in order to get more people interested in the platform. (Psystar not so legal -> legal (and therefore fully supported officially) converts?)

Good 2:

This stops Microsoft or Google (Chrome OS) slapping their users with Ads and is designed purely to prevent developers and corporations going in this direction.

It's all about how the patent is meant. Steve Jobs is probably having a heart attack right about now because this patent might just be freaking people out and scaring them away from Apple.

I'm no fan of the Mac platform, however I consider it like hard drugs. Everyone is curious but very few actually try it. It's outside my budget and I would like one just to have a play with rather than for serious work.

Online minor marketing law marked web's 'worst'

Cardare Anbraxas

It's broad if they suggest "Marketing".

"Marketing" these days could mean anything. Could mean _anything_ commercial, which includes just having the information on your services, they don't actually have to do anything with it.

If you put ads on a site, you make money from personal information the second someone stumbles on your site, they don't have to register, and "knowingly" means that the user has registered and put an age (Which could also be fake too, but the webmaster doesn't know that). You gather information that could be used for marketing immediately such as IP addresses, browser, any loaded frameworks, engines or plugins, version of OS, screen resolution and many many more.

This is a classic sign of government knowing bugger all about how IT works and what sort of information is gathered in general. As a non-profit webmaster myself, I hope this bill is thrown out (and preferably the people responsible sacked and prohibited from getting another job in government, unless they want to become a janitor).

If "Marketing" in their context means "gathering information for the use of third-party advertisers to allow the serving company to profit from it" then yeah, thats good if they prohibit that, but this is government afterall. Government + IT = A mistake waiting to happen.

Throw the bill. COPPA should also be thrown to the wolves until government makes it illegal for anyone to put a false age, but thats an attack on free speech then, and allowing webmasters to query a database for everyone living at a house and using best guess to see if someone is lying about their age using that IP address at any time is just silly too. That, and they'd just use proxies if they allowed that.

I think there should be a law prohibiting any law which affects IT or Healthcare from passing without professionals and experienced IT consultants in both fields examining them all and giving the nod.


Biting the hand that feeds IT © 1998–2022