US only content
MS would only get US (+ Canada/Oz and NZ) users - so does that cut Tik Tok users and content in half? How does this partition work at all??
256 posts • joined 29 Jan 2010
Expecting some better pricing for students - we have many use cases for quick hacks to provide services to students. Add Apps to Teams will help a bit - Apps for Specific classes maybe, but if we want to do something like a quick fix for a specific new Library Request System, we'd still need it to be affordable Campus Wide...
Is that's one Empty (CDS) database instance for each team, or one for ALL Teams?
Meanwhile, of course our Devs are the actual people getting excited about PowerApps - quick and easy way of getting small jobs done - and then getting frustrated as the costs escalate based on the number of end users (e.g. 20k students in our environment).
Good in depth blog over on Krebs on Security on this. Seems that "SIM Swapping" is a thing - basically persuade/bribe some mobile phone support/sales body to point a mobile number to a new SIM (As you would if you lost your phone, switched provider etc).
So if you're "forgot password/2FA" process involves reset via SMS... Social Engineering to get e-mail/twitter handle and mobile and SIM Swap and ...
Agreed, but a) VPN's have holes (several high profile solutions have had exploits exposed recently). and b) if you hack the machine that has the VPN connection... Especially if that VPN is split tunneled...
The ideal of course is two workstations - one locked down tight for Admin tasks - but you send the people home, do you send them home with two laptops, again one locked down in such as way as it can only remote to the Admin box in the office? But then that's on the same wifi as your family kit, sky+, Alexa, ... So that should be on another network (4G maybe)... All nice, but this was short notice, so what setup did they have...
Also, it looks like they had access to a user admin panel (but perhaps not much else) so would all these security layers be in place, for a user support body...
Assume most Twitter Admins working from home, so remote access a given. Plus probably running some BOYD build on an average joe wifi-router + ISP build which would be an easier target? Can't see Twitter being the sort of company that goes in for locked down corporate builds for it's employees?
So my daughters switch between WhatsApp (until one of parties phones dies), Zoom, Duo, Facetime (IIF all parties on Apple). But not Skype - despite them all playing Minecraft with a Microsoft Account! I'm stuck with Teams and Zoom and am being threatened with a "SoftPhone" despite both Zoom and Teams being phone capable.
Once upon a time, everyone used a "phone" to talk to anyone else with a "phone" and could message anyone via e-mail who had an "e-mail account".
(PS: Teams Video/Chat is Skype (Consumer Skype as was), they are now "popping out" Windows (An App with Multiple Windows way to go) for Chat, etc. - so why on earth didn't they just pop out the Skype Client instead!)
BCC should not be buried in the options - AND should be on any reply all menus AND CC should be limited to say 10 recipients I think some e-mail systems will do that - but the feature is only discovered when some numpty moans to the helpdesk when they can't send to more than the default of 100 users (e.g. mail all students in a year group, rather than post a message on the VLE!)?
So I'm going to claim In order for a Contact Tracing/COVID infection monitoring App to be really useful, it really needs as much information as possible and to maximize chances of getting any sort of new normal - e.g. by spotting new cluster outbreaks, that probably means collecting identifiable and physical location information. GDPR has no problem with this as long as the user consents. That Consent will need to document what is and and isn't allowed under the law.
So, the App is mostly likely to fail because its thrown potential data out in order to minimize personal data collection, and is therefore trying to use untried Bluetooth ideas instead of Location information?
ALL THIS BECAUSE NO ONE TRUSTS THE GOVERNMENT/NHSX to do the right thing - based on lots of evidence that it lies continually, and is riddled with nepotism - though we trust the NHS to keep buckets of medical history - which only has laws to stop HMG using NHS data directly anyway?
Buried in the GCHQ stuff is something about load balancers hiding IP addresses so the ID can't be connected by the back end and a safe because they are run by someone else. I'd don't see any evidence that "someone else" is running the load balancers - and I thought the only masked IPs for the server side not the client side.
If someone controls the entire end-to-end system, then they can put in code to de-anonymize the data. And frankly, I wouldn't put it past some nefarious company to try and match up the NHSX app data with another data set (e.g. Facebook) and identify a fair few people by some clever analysis/pattern matching...
Most bands have a hay day, if they are lucky they continue to make money out of it, but rarely produce anything new that's better. Go to a gig and all the fans are really wanting to hear are the "hits" from way back when but have to sit/stand though "the new album" to get to it?
Will throw this in as a rare exception - Black Sabbath could have stopped with the material from "We sold our soul for rock and roll" and everyone would have been happy. But they pressed on regardless, with some very poor efforts, and eventually produced "13" which was actually pretty good.
Not so sure - I think when they started they were AWS, but from what little I trawled up on the internet, I think they run their own Tin in Co-Located Data Centres?
But, Oracle likely to have had less pressure on that MS (esp) and AWS as everyone pushed those platforms to the max?
Teams Audio/Video piece is based on the old consumer Skype setup that MS bought up.. Skype for Business is rebranded Lync they built themselves and then deprecated.
Teams likely struggling as loads of Schools/Unis etc currently automagically spinning up a team for each course which means creating all the associated gumpf - SharePoint/Groups/OneNotes...
Guessing lots of network/ISP infrastructure going to see a lot of load and with a different pattern - Remote Working stuff rather than NetFlix streaming, gaming, etc...Could be a bit slow for a while.
Who's got clutter in their DNS, reverse DNS, dead (literally) users in AD, AAD, LDAP, ACLs for long gone servrices, etc that was useful once, but no longer.
Bet there's loads of DevOps "Infrastructure as Code" scripts which create stuff, but almost no scripts to decommission something?
Bottom Line - People don't like tiding up (have teen daughters!), but someone the size of Microsoft should be better at it!
MAC addresses have manufacturer specific pre-fixes - so it's possible to ID the basic device type from the prefix and certainly the WIFI card supplier - which I guess they could match up to known problem models? Though I'd expect this to lead to a proactive missive to the customer suggesting a replacement/upgrade of their last 802.11b devices might help their wifi setup?
Are there ISPs out there who would access a router remotely as part of a support call? Is that's why the possibility is even there? IIRC I think mine had the option enabled for some remote diagnostic protocol - long since ditched as I replaced the kit with a decent VDSL modem and a micro PC running Sophos XG home...
The Self-Signed Cert battle between IOT gadgets and Browsers isn't a nice thing for a non techie though...
Suspect rather more WIFI enabled PCs than you might think. Will be a common "fix" in a house where the router is nowhere near the PCs location - USB + WIFI more likely than a card. We have an old PC and the Sky box doing exactly that.
Is the case that all new home routers (from main ISPs at least) are pre-configured with pretty random SSID names and passwords these days? Suggest this sort of Virus is going to have much more fun in a Shopping Mall/Coffee Shop world where it can skip the brute force bit?
In the old days the Licencing Monks sat in their cave and designed perverse policies which could safely be ignored (90 day licence transfer limit anyone) but NOW they have Actual Tech to play with in O365 to enforce their rules, but of course they still don't live in any sort of real world.
Hence, this stupid "Self Service" mantra...
Think this is the key point, if your ISP wants to force you to use their DNS server at the moment, it's easy for them to limit port 53 to just their DNS servers? Same would apply to DoT on port 853.
DoH being mingled in with https means they need to block a (huge) list of alternative DoH servers.
What's NOT broken (if your ISP router gets DoH support, or you can do the same at the OS level) is the ability to force your DNS client to use Cisco Umbrella or similar DNS filtering service or EVEN use the ISP's own DNS filtering servers - which will no doubt be the default setup for many ISPs anyway?
So if I design something (happens to be an API in this case, but could just as easy be a USB plug/socket) shouldn't I be patenting (the functionality) and copyrighting (the API) it to protect my innovation in law? Did Sun ever do this - guessing not otherwise this wouldn't be dragging on? This should be just about a paper trail??
Oracle's aggressive stance is because their core business is going down the pan? Once they were the only database worth having, now they are not and they are failing to innovate - so they are looking to see what's left in the cupboard to make money with?
Don't so much care if Broadband is nationalized or not, but can we just have ONE trench for all the utilities and if multiple utilities need to dig the road, they all do it together? Less roadworks, less temp lights (don't get me started) and less patchwork road surfaces!
It's even been suggested that these trenches should be migrated to be under pavements - nice but VERY long term ambition - unfortunately Tories considered it but was last with Failing Grayling...
Microsoft has a different strategy to Google/Facebook - it wants to make money from corporates by selling software and services. Google/Facebook want to make money from their data using adverts... So MS HAVE to please the corporates, so privacy is their new USP?
Also, I don't get the telemetry moans...
1) People moan - Windows 10 has bugs
2) MS - so we'll gather "real world" telemetry to help diagnose those bugs, focusing on the features people actually use? BTW, there's pages of information on what information we collect on our web site...
3) People moan - but I want 1 without 2!
Biting the hand that feeds IT © 1998–2020