Posts by cyberdemon

> Knives, cars, bolt-cutters, hydraulic jacks etc. etc.

Not to mention Computers.

Re: "Microsoft? Roll out a catastrophically badly tested update? Surely not."

Hire people to test our code? Pay them money? Ha!

No, people pay us money and data to test our code. You have a spelling error in 'users'.

Re: That's not the MS I grew to hate 25 years ago.

The MS you grew to hate 25 years ago was all about Embrace, Extend, Extinguish..

Has that changed?

MS are now making money off the backs of open source devs, while at the same time wresting control away from the open source community. And when they bought both LinkedIn and GitHub, they bought control over the reputations of individuals in that community.

They are just as evil as they were back in the Bill Gates days, but it's easier for them to hide because every tech company and its dog is doing the 'evil' thing now.. Even Google dropped 'don't be evil' from its corporate constitution. Amazon, Facebook, Google and even governments such as the CCP are all competing to see who can be the most evil these days, but Microsoft were evil before it was cool.

Re: Beat that!

You forgot to pick your icon, and your coat.

Go on, out you go.

Re: linshare

Interesting, never heard of it. But the website gives me odd feelings..

It indeed "looks" very polished, especially the design of their front page. But little details like the spelling of things like "In LinShare every actions and user activity is recorded within the plateform"

and "If confidentiality and traceability are paramount for your business file transfert, the LinShare is your solution and better yet it’s free ! We also offer high quality support services provided by our IT teams to suit your network at best."

just make me not want to go near it with a barge pole.

Re: I am not sure if this is possible ...

I am getting scam calls from "HMRC" almost every day. Every time it is the same number as my own (mobile) number, but with the last 3 digits randomised. It's an aggressive scam: "criminal action is being taken against you, pay the fine now to avoid going to court"

The caller ID system both here in the UK, and apparently in the US too, is completely unfit for purpose. But the old system and the people who operate it are too well entrenched to change.

highly skilled professionals

are what crapita are best known for! Right, Dave?

(The public contracts & lobbying department, that is)

Open source projects like PHP wouldn't be such a big attack vector if:

a) silicon valley & the tech industry at large wasn't making $beellions of cash off the back of them; or

b) silicon valley & the tech industry at large contributed some chump change actual engineer time to their maintenance

Re: Blankety Blank

Click them with your middle mouse button instead then!

The links you mentioned have always opened in the current tab for me (unless I middle click them) and I don't see anything wrong with that.

(Also Chromium on Linux)

surely not

Even if I were still alive, I don't think I could tell people to cease and desist using or distributing code that I had released as GPL or MIT previously, could I?

Re: 22 billion

All this makes me shudder in horror when I wonder who will be picked to cock up the "Digital Vaccine Passport" database when it is inevitably tendered for..

Re: And prosecution?

I came to the comments section to say the same. Why the @@@@ is this not a criminal matter?

So, have Microsoft at least passed their file to the police?

Presumably by the time the courts order compensation to the actual victims, this lot will have no money left, having just paid it to Microsoft (and squirrelled the rest of it away in the bahamas)

Re: Calamitous design decisions in git

And then there's Git's submodules (which can definitely be called calamitous) , subtrees (which are a better implementation but an even worse user interface) vs mercurial's subrepositories, which I've never used, but I'm assuming are much better designed than Git's two competing attempts at the same thing.

Re: mainstream

I know somewhere that DOES offer all the titles you want in one place, no tracking every millisecond you spend looking at each title before it autoplays in your face, no surreptitiously nudging you to watch what someone wants you to watch, no bullshit.

I wish that studios could just have a bitcoin address or something, so that I could get what I want AND pay for it.

> I don't want all this bollocks, I just want to synchronise, backup and sometimes share some files.

Exaxtly.

And when they decided to drop Linux users unless they use an outdated filesystem, it didn't even do that anymore.

They could have just ceased "official support" for other filesystems. But no, they decided to make their software try to force Linux users to migrate their filesystem. To me as a paid customer, that was aggressive, pig-headed and rude.

So Rather than migrate backwards from Btrfs to Ext4, I migrated from paid Dropbox to FOSS Syncthing, and never looked back.

> Personally I bet it was intel

And you thought you were joking!

Considering SolarWinds was used by Intel too, even though Intel probably almost certainly wasn't a vector as you jest, it could be a vector in future!

If those guys got their hands on Intel's Management Engine special super-secret CIA keys, then the whole world is pwned.

Easy solution: Build everything from source!

Run Slackware! Review the source of all packages line by line before you compile them from source! Throw out those binary blobs! Shun your Broadcom and your NVidia, and your Intel backdoored silicon, run it all on OpenSPARC on an FPGA! You will be immune from all bait-and-switch attacks.

What do you mean it's slow and it doesn't work?? :(

Oh well

At least Leave.eu is no more..

Oh, wait..

Re: Signed updates

Of course they were signed!

Read the original FireEye report - it makes for grim reading.

This is why I prefer to do my updates manually, at least a few days late. But given that this 'update' lay dormant for 2 weeks before pwning the system, even that strategy may not have helped.

I really detest the idea of automatic software updates. It makes it too easy for a bait-and-switch by the software developer, a rogue employee, or someone who stole their signing key.

Re: ? I don't think that is saying much.

Yes exactly.

One of those "Study shows that Bears tend to defecate in foliated areas, Pope confesses that he is a Catholic" articles.

Who'd have thought that a handful of regulated data on a person's financial transactions on a report output by a database written in COBOL in 1985, are less useful a predictor of this person's future financial solvency, than unregulated billions of data points about that person's everyday life, their romantic, erotic, gambling, purchasing habits, innermost thoughts, worries and secrets, the YouTube videos they watch, the friends they keep, the car they want, the holiday they are planning, the company they keep, and the Company they work for.

Re: > GitHub .. has the power to collect and analyze the data itself.

It's also worth noting that the "usual suspects" of Google Analytics, doubleclick et al were all on my blocklist, (or rather, not on my whitelist) so they weren't tracking me anyway.

But if I block GitHub's cookies, GitHub stops working. So Microsoft can still track me, but now I can't stop them.

Firmware updates

> Oh and you probably don't want to know how much of that kit hasn't had its firmware updated in ten years per more.

Am I the only one here who thinks that's a good thing?

Oh here, have this encrypted binary blob and flash your rootfs with it. I've even signed it, to say it definitely came from me. Will I show you what's in it? Don't be so paranoid! Just make sure you install it regularly every time I release a new one!

Of course, I'm not stupid, I know that zero-days exist in almost everything these days and that kit should be patched to plug them, but really, embedded stuff with a limited feature set like a 5G modem shouldn't NEED a complicated OS that is capable of executing arbitrary code, and if it's written right, there shouldn't be anything to update until the specification changes.

He at least deserves a "Me and my Spoon" column in the Private Eye!

boo

I am disappointed to learn that this was not a solid ingot of metal.

By it being called a monolith I had assumed as such.

Re: There’s hope yet!

So far nobody seems to have mentioned the lack of not just an atmosphere on Mars but a magnetosphere..

The ionising radiation on Mars that it receives from from the Sun is orders of magnitude more than that seen in the vicinity of Pripyat, Fukushimka etc. and is comparable to earth after an apocalyptic nuclear war, except without a breathable atmosphere.

No matter how much we have fucked up the Earth, it will be better than Mars for a very long time.

I for one will welcome Mr Musk to make his home there.. Send Bezos, Zuck and SatNads too!

> Pretty sure these existed back in the late 90's early 2000's - not a new idea...

But does it have the MagSpeed scroll wheel of the MX Master?

If so, I will buy one.

> Probably goophabet, spamazon or farcebook, with twatter coming in behind

And there was me thinking that Motorola might have released a new phone..

Re: Seems a bit harsh

Glad i'm not the only one either..

Seems as if had they left out the word 'over', then the judgement might've gone the other way.. Which is odd, since the difference between "exactly 2 metres" and "over 2 metres" is mathematically zero. Plus there is a screen, so it is more protection than the requisite 2 metres without a screen.

As others have pointed out, it certainly seems a lot safer than riding a bus, train or tube where people may or may not wear masks, there are many times more of them (and therefore many times higher chance that one of them is infected), or indeed riding an Uber with a hanging plastic sheet, which only seems to waft the air about.

I wonder if the person who reported this to the ASA was a self-employed contractor ("my boss is an App!")

> a "sewer" network for anything else.

If I could upvote a hundred times.. this

But it sounds like thanks to Amazon's latest 'innovation', you can simply deny access to your SSID entirely for your Amazon Thing, and let the sewer back-up in someone else's bog! :)

Re: This is a worthless article.

You owe me a new coffee.. And a keyboard.

Re: Doh!

Yes, and don't forget Microsoft, Apple, TikTok, Alibaba, and the CCP..

Google removed the "don't be evil" from their corporate charter some years ago.. It feels like a long time.

I agree with you, but for some reason your post made me hit the downvote button.

> Also acceptable: * Parent/child

And when you realise that you have just written a function called kill_all_children()?

Oh noes! You have once again attracted the ire of the non-technical moral critics.

Honestly, I think whoever started this are trolls. They are not doing this to improve the lives of anyone, they are doing it simply to spread division and conflict within the open source community.

Re: Database in the cloud - wonderful!

Yes but when the choice is between "in the cloud" or "down a deep well / mine, wherein it is guarded by a cabal of hooded dwarf cultists who will demand sacrifices by way of burning a virgin on a hill and throwing fifty bags of gold pieces into their well if you want access to your data", I'd choose the cloud, even though I detest the notion of keeping my data "on someone else's computer".

At least from MariaDB I should be able to migrate back down to earth later on if I choose, e.g. into a dedicated Postgres cluster

Re: No need to panic

The score is multiplied by a "random factor"? WTF?

Can anyone explain if there is any sense behind this?

> making it safe .. is a hard problem.

It certainly is. I once worked for a certain company that made a certain drone based on a paraglider, that was meant to carry a 120kg payload.

Sadly the management seemed to believe that it was a simple matter of scaling up a 12kg design based on hobby servos & RC gear, that mostly worked and only occasionally flew off into the sunset.

The 50kg version was unstable on take-off and nearly killed some of their customers.

The 120kg version was meant to have both a petrol engine with long-run tank, and a large lithium battery on board, and would still be suspended from a flammable, collapsible piece of cloth, which if it tugged on the control lines too much, or if it hits the wrong thermal, collapses like a borked kite and ceases to produce lift.

How the heck do we make that safe?

Their solution was to hire more 'systems engineers' to validate a non-existent and infeasible design, fire anyone who disagreed with their vision (ahem, no, I am not bitter, they really were a bunch of clowns), shut their eyes and throw wads of investor's cash at it.

Maybe they should DMCA all Turing-complete languages, what's your point?

DRM is fundamentally flawed. When will these idiots get that into their heads?

Even if it worked (which it CANNOT) it puts your own customers off of your content. You make LESS money.

I would like to watch a DRM-infested file about as much as I would like to visit a "covid-secure" chain pub with app-only ordering of pints. (looking at you, Greene King)

Meanwhile, determined pirates can still pirate your shit.

Re: Slurp Slurp.. Slurrrrrrp

I said "appropriately strong & unique", you idiot. I would never trust something like Microsoft with my strongest password, and certainly not for some shit like MineCraft.

Any password I used there certainly wouldn't be similar to any password that I used for a service I give a shit about.

Now remind me again: Why the fsck would I need 2FA for fucking Minecraft?

What Microsoft, Google, Facebook, Amazon et al want, is single-sign-on across everything, controlled by them. That gives them the most valuable kind of data about millions of cows users across the globe.

Re: first is automatic updates

> .NET software can be ran on Mono.

This can't, because it relies heavily on WPF...

> but there is software written *for* linux that is written in .Net

Yes, and it's all shit.

Embrace, Extend, Extinguish... Doesn't matter if we can't sort out basic things like Network Security.. In fact, that's in many cases a bonus.