* Posts by thondwe

256 posts • joined 29 Jan 2010


Microsoft confirms pursuit of TikTok after Satya Nadella chats to Donald Trump


US only content

MS would only get US (+ Canada/Oz and NZ) users - so does that cut Tik Tok users and content in half? How does this partition work at all??

Microsoft pulls dust covers off Dataflex: Low-code data access from Teams


Expecting some better pricing for students - we have many use cases for quick hacks to provide services to students. Add Apps to Teams will help a bit - Apps for Specific classes maybe, but if we want to do something like a quick fix for a specific new Library Request System, we'd still need it to be affordable Campus Wide...


Is that's one Empty (CDS) database instance for each team, or one for ALL Teams?

Meanwhile, of course our Devs are the actual people getting excited about PowerApps - quick and easy way of getting small jobs done - and then getting frustrated as the costs escalate based on the number of end users (e.g. 20k students in our environment).

Don'tcha just LOVE meetings? Microsoft does, too, so here are some new Teams features, you lucky, lucky people


Re: Double Key Encryption

MS's Key help's protect them as well as you - e.g. if a physical disk goes wandering off (drive swap/upgrade process) - same reason your phone storage, laptop disk etc are encrypted


Re: Meetings, Bloody Meetings

Some analysis by Microsoft on Microsoft's use of teams (in Harvard Business Review)


Twitter hackers busted 2FA to access accounts and then reset user passwords


SIM Swapping

Good in depth blog over on Krebs on Security on this. Seems that "SIM Swapping" is a thing - basically persuade/bribe some mobile phone support/sales body to point a mobile number to a new SIM (As you would if you lost your phone, switched provider etc).

So if you're "forgot password/2FA" process involves reset via SMS... Social Engineering to get e-mail/twitter handle and mobile and SIM Swap and ...

Twitter says hack of key staff led to celebrity, politician, biz account hijack mega-spree


Re: Working from Home

Agreed, but a) VPN's have holes (several high profile solutions have had exploits exposed recently). and b) if you hack the machine that has the VPN connection... Especially if that VPN is split tunneled...

The ideal of course is two workstations - one locked down tight for Admin tasks - but you send the people home, do you send them home with two laptops, again one locked down in such as way as it can only remote to the Admin box in the office? But then that's on the same wifi as your family kit, sky+, Alexa, ... So that should be on another network (4G maybe)... All nice, but this was short notice, so what setup did they have...

Also, it looks like they had access to a user admin panel (but perhaps not much else) so would all these security layers be in place, for a user support body...


Working from Home

Assume most Twitter Admins working from home, so remote access a given. Plus probably running some BOYD build on an average joe wifi-router + ISP build which would be an easier target? Can't see Twitter being the sort of company that goes in for locked down corporate builds for it's employees?

Linus Torvalds banishes masters, slaves and blacklists from the Linux kernel, starting now


It's not the word black that is the issue it's "BLACK LIVES" - a bit of search/replace doesn't do anything for improving the lives of real people?

Anyway, good luck removing master/slave from the language of the average garage mechanic?

Skype for Windows 10 and Skype for Desktop duke it out: Only Electron left standing


Messaging Mess

So my daughters switch between WhatsApp (until one of parties phones dies), Zoom, Duo, Facetime (IIF all parties on Apple). But not Skype - despite them all playing Minecraft with a Microsoft Account! I'm stuck with Teams and Zoom and am being threatened with a "SoftPhone" despite both Zoom and Teams being phone capable.

Once upon a time, everyone used a "phone" to talk to anyone else with a "phone" and could message anyone via e-mail who had an "e-mail account".

Hey Ho.

(PS: Teams Video/Chat is Skype (Consumer Skype as was), they are now "popping out" Windows (An App with Multiple Windows way to go) for Chat, etc. - so why on earth didn't they just pop out the Skype Client instead!)

While eyes are fixed on Apple announcements, Microsoft's streaming service Mixer goes the way of the Windows Phone


Facebook Really

Can't believe MS have got into bed with Facebook. MS have been doing good stuff during COVID, and going with Facebook tarnishes the brand a bit?

Should have just opened xCloud to "choose your own streaming" platform?

Splunk to junk masters and slaves once a committee figures out replacements


Re: Ableist language is sadly everywhere

Astrophysics - Black Hole, White Dwarf, Eclipsing Binary, PMS (Pre-Main Sequence)... !

Surely it's about context of word usage, not the word itself?

UK's Ministry of Defence: We'll harvest and anonymise private COVID-19 apps' tracing data by handing it to 'behavioural science' arm


Re: Quelle Surprise!

BCC should not be buried in the options - AND should be on any reply all menus AND CC should be limited to say 10 recipients I think some e-mail systems will do that - but the feature is only discovered when some numpty moans to the helpdesk when they can't send to more than the default of 100 users (e.g. mail all students in a year group, rather than post a message on the VLE!)?

NHS contact tracing app isn't really anonymous, is riddled with bugs, and is open to abuse. Good thing we're not in the middle of a pandemic, eh?


Bogged down in Anonymity Requirements vs lack of Trust

So I'm going to claim In order for a Contact Tracing/COVID infection monitoring App to be really useful, it really needs as much information as possible and to maximize chances of getting any sort of new normal - e.g. by spotting new cluster outbreaks, that probably means collecting identifiable and physical location information. GDPR has no problem with this as long as the user consents. That Consent will need to document what is and and isn't allowed under the law.

So, the App is mostly likely to fail because its thrown potential data out in order to minimize personal data collection, and is therefore trying to use untried Bluetooth ideas instead of Location information?

ALL THIS BECAUSE NO ONE TRUSTS THE GOVERNMENT/NHSX to do the right thing - based on lots of evidence that it lies continually, and is riddled with nepotism - though we trust the NHS to keep buckets of medical history - which only has laws to stop HMG using NHS data directly anyway?

What do you call megabucks Microsoft? No really, it's not a joke. El Reg needs you


Re: MicroMite

Whatever choosen needs to work with 365 suffix - "MicroMite 365"


Love 'em or hate 'em - "MicroMite" - Comes complete with hijacked branding - Marmite or Yegemite - choose your poison?

UK COVID-19 contact-tracing app data may be kept for 'research' after crisis ends, MPs told


"Don't worry Load Balancers hide IP addresses"

Buried in the GCHQ stuff is something about load balancers hiding IP addresses so the ID can't be connected by the back end and a safe because they are run by someone else. I'd don't see any evidence that "someone else" is running the load balancers - and I thought the only masked IPs for the server side not the client side.

If someone controls the entire end-to-end system, then they can put in code to de-anonymize the data. And frankly, I wouldn't put it past some nefarious company to try and match up the NHSX app data with another data set (e.g. Facebook) and identify a fair few people by some clever analysis/pattern matching...

Lars Ulrich makes veiled threats of another Metallica album during web chat with Salesforce CEO Marc Benioff



Most bands have a hay day, if they are lucky they continue to make money out of it, but rarely produce anything new that's better. Go to a gig and all the fans are really wanting to hear are the "hits" from way back when but have to sit/stand though "the new album" to get to it?

Will throw this in as a rare exception - Black Sabbath could have stopped with the material from "We sold our soul for rock and roll" and everyone would have been happy. But they pressed on regardless, with some very poor efforts, and eventually produced "13" which was actually pretty good.

Guess which cloud giant Zoom picked to handle millions more video calls? Bzzt, wrong answer: It's Oracle


Re: Dont piss others off

Not so sure - I think when they started they were AWS, but from what little I trawled up on the internet, I think they run their own Tin in Co-Located Data Centres?

But, Oracle likely to have had less pressure on that MS (esp) and AWS as everyone pushed those platforms to the max?

Microsoft admits pandemic caused Azure ‘constraints’ and backlog of customer quota requests


Re: More to this than Teams

Thought Zoom used their own tin in co-located datacentres (in China) - not on AWS?

This hurts a ton-80: British darts champ knocked out of home tourney by lousy internet connection


Re: A home tournament ?

Not beyond some clever techie somewhere- a bit of cleverness with a phone measuring app to provide a check and then use the two cameras in the phone to show dart board and "oky" (spell?) at same time?

Apple: We respect your privacy so much we've revealed a little about what we can track when you use Maps


Not New?

Google uses it's "anonymised" location info to build the traffic layer on it's maps - either that or it's fitted a lot of sheep with traffic cams around here...

So how do the coronavirus smartphone tracking apps actually work and should you download one to help?


Re: Good for data-less phone plans

So there will be big gaps with some demographics - "olds" come to mind - not owning the right sort of phone. So would lock down ONLY be eased for those with a phone running the App?

'Azure appears to be full': UK punters complain of capacity issues on Microsoft's cloud


Re: Clouds and Stars

Nice isn't it - stars down here (area applying to get Dark Sky status) are brilliant. Since the country's at least partly shutdown maybe they could turn of the lights in cities an hour or so at night and let everyone enjoy...


Re: Cloud.

Don't suppose anyone's worried about running over someone else's network infrastructure or using someone else's power or is your remote working supported by a direct microwave link with your own windfarm??

Microsoft Teams usage jumps to 32, no, 44 million as Windows-slinger platform slides onto home workers' PCs


Right Click on Calendar and open in new Window or am I missing something???

Microsoft Teams gets off to a wobbly start as the world and its cat starts working from home


Teams Audio/Video piece is based on the old consumer Skype setup that MS bought up.. Skype for Business is rebranded Lync they built themselves and then deprecated.

Teams likely struggling as loads of Schools/Unis etc currently automagically spinning up a team for each course which means creating all the associated gumpf - SharePoint/Groups/OneNotes...

Guessing lots of network/ISP infrastructure going to see a lot of load and with a different pattern - Remote Working stuff rather than NetFlix streaming, gaming, etc...Could be a bit slow for a while.

Stuck at home? Need something to keep busy with? Microsoft has 115 ideas – including an awful SMBv3 security hole to worry about


Re: Imagine a user...

OS is a program, OS is data, it's all very fractal

Download this update from mybrowser.microsoft.com. Oh, sorry, that was malware on a hijacked sub-domain. Oops


Hands Up

Who's got clutter in their DNS, reverse DNS, dead (literally) users in AD, AAD, LDAP, ACLs for long gone servrices, etc that was useful once, but no longer.

Bet there's loads of DevOps "Infrastructure as Code" scripts which create stuff, but almost no scripts to decommission something?

Bottom Line - People don't like tiding up (have teen daughters!), but someone the size of Microsoft should be better at it!

Vodafone: Yes, we slurp data on customers' network setups, but we do it for their own good


Re: "Our service helps overcome these issues"

MAC addresses have manufacturer specific pre-fixes - so it's possible to ID the basic device type from the prefix and certainly the WIFI card supplier - which I guess they could match up to known problem models? Though I'd expect this to lead to a proactive missive to the customer suggesting a replacement/upgrade of their last 802.11b devices might help their wifi setup?

I'm sorry, Elon. I'm afraid I can't do that... SpaceX touts robo-rides for orbital vacations, lift-off in 2021-ish


Re: Autonomous?

Automatic Launch time - worked well on Thunderbirds!

See https://thunderbirds.fandom.com/wiki/Disaster_On_Allington_Bridge

Netgear's routerlogin.com HTTPS cert snafu now has a live proof of concept


Re: I don't believe it!

Are there ISPs out there who would access a router remotely as part of a support call? Is that's why the possibility is even there? IIRC I think mine had the option enabled for some remote diagnostic protocol - long since ditched as I replaced the kit with a decent VDSL modem and a micro PC running Sophos XG home...

The Self-Signed Cert battle between IOT gadgets and Browsers isn't a nice thing for a non techie though...

It's a Bing thing: Microsoft drops plans to shove unloved search engine down throats of unsuspecting enterprises


But Chrome?

So if the idea is for corporates with Office - aren't these likely to only use IE/Edge anyway? Especially the new Chromey Edge? So an extension for Chrome which is not likely to be installed?

Game over, LAN, game over! Windows software nasty Emotet spotted spreading via brute-forced Wi-Fi networks


Re: "after the malware was installed and running on a PC"

Suspect rather more WIFI enabled PCs than you might think. Will be a common "fix" in a house where the router is nowhere near the PCs location - USB + WIFI more likely than a card. We have an old PC and the Sky box doing exactly that.

Is the case that all new home routers (from main ISPs at least) are pre-configured with pretty random SSID names and passwords these days? Suggest this sort of Virus is going to have much more fun in a Shopping Mall/Coffee Shop world where it can skip the brute force bit?

This AI is full of holes: Brit council fixes thousands of road cracks spotted by algorithm using sat snaps


Re: I have a simpler and lower cost solution

Or stick a Ladar unit on the Bin/Buses as done in other places? Probably much more detail on road surface quality?

School's out as ransomware attack downs IT systems at Scotland's Dundee and Angus College


Re: Can someone possibly explain...

So any installed keyloggers can capture the new passwords?

UK to Chinese telecoms giant: From 5G in Tiree to the Isles of Ebony, carry me on the waves… Sail Huawei, sail Huawei, sail Huawei


Key word there is "IF" and it's not as if VPNs don't have holes in...


So your business sensitive commercial data about a government contract

Is on your 5G enabled Laptop - chances of it hitting some Huawai kit on it's travels....

(Assuming you've not left it on a train)

Take DOS, stir in some Netware, add a bit of Windows and... it's ALIIIIVE!


Server/PC Slot Shuffling

Arrgh! Trying to get the right number/type of cards AppleTalk Cards, NE2000, etc. into the slots on a server - then deal with the Interrupt clashes - on the fun we had!


The amount of time I spent optimising driver order to load the most into high memory so I could get Lotus 1-2-3 to run at all! Those were the days!

Clunk, whirr, buzz, whine. Shared office space can be a riot and sounds like one too


Welcome to the world of the Tinnitus Sufferer

At least you could just buy some noise cancelling headphones.

AND, the car is even worse - annoying untraceable rattles, A/C humming at only 19C, ...

German taxpayers faced with €800k Windows 7 support bill due to Deutschland dithering



Noting that the only Hollywood seems to have updated to Linux - almost all the screens in TV/Films seem to have some sort of custom GUI which I assume is on top of Linux (Or Unix "I know this") - though MS seems to have splattered a fair number of Surfaces into more recent programmes!

Are you getting it? Yes, armageddon it: Mass hysteria takes hold as the Windows 7 axe falls


Re: Time to grab the book ...

My Barmah is also risky in high winds - usually resort to baseball cap then - not so stylish though


Re: Time to grab the book ...

Upvoted for the usual reference, though have doubts as to whether "Nebraska" is actually a style of hat!

Admins sigh as Microsoft pushes Teams changes – let everyone play!


Licencing Monks have been let out?

In the old days the Licencing Monks sat in their cave and designed perverse policies which could safely be ignored (90 day licence transfer limit anyone) but NOW they have Actual Tech to play with in O365 to enforce their rules, but of course they still don't live in any sort of real world.

Hence, this stupid "Self Service" mantra...

Bloodhound gang hits 1,010kph, retreats to lab to work on smashing the land speed record



JCB hold "fastest diesel - 350mph - driven - of course by - Andy Green

Microsoft joins Google and Mozilla in adopting DNS over HTTPS data security protocol


Re: Windows Server

Think this is the key point, if your ISP wants to force you to use their DNS server at the moment, it's easy for them to limit port 53 to just their DNS servers? Same would apply to DoT on port 853.

DoH being mingled in with https means they need to block a (huge) list of alternative DoH servers.

What's NOT broken (if your ISP router gets DoH support, or you can do the same at the OS level) is the ability to force your DNS client to use Cisco Umbrella or similar DNS filtering service or EVEN use the ISP's own DNS filtering servers - which will no doubt be the default setup for many ISPs anyway?

Oracle and Google will fight in court over Java AGAIN and this time it's going to the Supremes


So if I design something (happens to be an API in this case, but could just as easy be a USB plug/socket) shouldn't I be patenting (the functionality) and copyrighting (the API) it to protect my innovation in law? Did Sun ever do this - guessing not otherwise this wouldn't be dragging on? This should be just about a paper trail??

Oracle's aggressive stance is because their core business is going down the pan? Once they were the only database worth having, now they are not and they are failing to innovate - so they are looking to see what's left in the cupboard to make money with?

Labour: Free British broadband for country if we win general election


Just wish someone would nationalist the road duct industry

Don't so much care if Broadband is nationalized or not, but can we just have ONE trench for all the utilities and if multiple utilities need to dig the road, they all do it together? Less roadworks, less temp lights (don't get me started) and less patchwork road surfaces!

It's even been suggested that these trenches should be migrated to be under pavements - nice but VERY long term ambition - unfortunately Tories considered it but was last with Failing Grayling...

Microsoft embraces California data privacy law – don't expect Google to follow suit


Different Strategies

Microsoft has a different strategy to Google/Facebook - it wants to make money from corporates by selling software and services. Google/Facebook want to make money from their data using adverts... So MS HAVE to please the corporates, so privacy is their new USP?

Also, I don't get the telemetry moans...

1) People moan - Windows 10 has bugs

2) MS - so we'll gather "real world" telemetry to help diagnose those bugs, focusing on the features people actually use? BTW, there's pages of information on what information we collect on our web site...

3) People moan - but I want 1 without 2!

Go figure!



Biting the hand that feeds IT © 1998–2020