* Posts by two00lbwaster

45 publicly visible posts • joined 1 Aug 2010

OpenTF forks Terraform, insists HashiCorp is the splinter group


They're going to need to replicated the docs site

These projects are going to inevitably diverge so they're going to have to provide an opentf docs site for their forked version otherwise people will end up in the maddening situation of "why does this not just work".

Tesla plots entry to Britain's stagnant energy market


Wow an in the wild Dunning–Kruger

This one should get back on the bus and get back to licking windows because thinking is not its forte.

Google Cloud's US-East load balancers are lousy with latency


Re: make a hasty move to another region

Moving infrastructure might be easy. Google's forwarding rules come in two types, regional forwarding rules and global forwarding rules (anycast). The latter would be reasonably easy to set up a new backend to the LB in another region, that's what they're designed for to serve from the closest region to the client. But your persistent data is now going to be in another region incurring latency and financial penalties, or you need to move your persistent data too and incur downtime.

With the former regional forwarding rules you're screwed, you'll need to build another LB with another IP address and update your DNS as well as the former mentioned practical issues.

The UK's bad encryption law can't withstand global contempt


You've fallen into the trap of understanding the word only with its modern context. Rape has long meant to despoil, to take by force (that's where our more limited modern usage of it comes from). As such it's perfectly appropriate and it is exactly how I have used it to describe default opt out policies as opposed to opt in.

Here's a dictionary definition with the archaic version mentioned https://www.merriam-webster.com/dictionary/rape


Re: Yet again the Tories come along with this bullshit.

I can't see that name without reading it as "Hard Dildoing"

Spotted in the wild: Chimera – a Linux that isn't GNU/Linux


I guess that the only downside of using apk over pkg is that packages from apk are likely to take a massive dump in your /etc, /bin, /usr/bin and other directories, whereas I like how FreeBSD, generally, sticks to putting package manager installed software in sane locations, rather than the base OS locations.

Linuxland doesn't really observe any distinction between base OS and subsequently installed software; probably because of the author's description of it being lots of individual parts flying in close formation so what does it matter if you start adding more and more parts to the formation right?

Serious surfer? How to browse like a pro on Firefox


I just go for tab groups rather than trying to squeeze out more space by going vertical. I'm still pissed about session manager. Multiple times Firefox has eaten my data and the fucktards at Mozilla don't see fit to implement the feature set required for add-on makers to do their job for them (and they have zero interest in writing any more code to support that doesn't result in feature parity with Chrome), so we have a shitty restore process that almost never works and almost always results in lost data or we have to use an add-on that does the job well enough that you don't lose data but is pretty poor compared to what we had before 57 (bare in mind I'm not saying that native session management was any good before 57, just that we didn't need it because we had an add-on which was how it always should have been natively in the first place).

Tuxedo Pulse G2: Linux in your lap


Ryzen 5700U is a 4800U from what I recall (it's a Zen2 design rebrand of the 4000 series with some power saving tweaks).

So this is maybe even a downgrade from the 4800H. Where's the 6000 series where we would see some nice updates?

Rufus and ExplorerPatcher: Tools to remove Windows 11 TPM pain and more


I'm a big fan of explorerpatcher since I got a new 12th gen Intel laptop I had to be on Windows 11 (for Windows anyway) for the CPU support but the new taskbar was obnoxious. I actually have been reviving the quick launch bar manually through every version of Windows since 7 got rid of it as the default so this was quite important to me to restore some familiarity and usability to the OS.

Sick of Windows but can't afford a Mac? Consult our cynic's guide to desktop Linux


Re: Not be happy ... to reinstall my OS from scratch every year or two

Erm my laptop couldn't be recovered from the Windows 10 dev branch and I was upset with having to reinstall after 8 years, I don't have time to reinstall monthly and yearly would be a challenge


Re: "just works"

My main complaint with it is that if I can't remap the shortcut then I have to use the top bar (or similarly, if you want to use the Dock for some reason) which can be a long way away when you have a lot of or high resolution screens with maybe an odd layout. It's not about that you can't have multiple screens or set them up as you like, it's about the usability there after which a daily pain for me (I didn't get to choose the hardware/OS and I have not enjoyed the experience these last few months.) I'm sure you must have experienced this having 5 screens, maybe you put up with ctrl+f2 and navigating with the keyboard though.


"just works"

Except the steaming pile of excretion just doesn't want to work with DP alt. with PD most of the time (and yet Windows and Ubuntu have worked perfectly and without complaint with the same displays). Also the OS is just plain crap for multiple display usage so it doesn't really just work there either.

381,000-plus Kubernetes API servers 'exposed to internet'


At least on GKE it was actually fairly simple to spin up a private cluster and also simple to administer it and get workload info via the interface. The problems can arise when the cluster needs access to 3rd party APIs off cluster as you then need Cloud NAT, I think it was, and that has rate limiting in it as to how many outbound connections you can make per server (of maybe 1000 every 2 minutes or so) so its not any good for very chatty applications IME.

Realizing this is getting out of hand, Coq mulls new name for programming language


CoC is also used for Code of Conduct so CoD?

Code of Decorum? Of coarse then there's the whole codpiece issue.

The quest for faster Python: Pyston returns to open source, Facebook releases Cinder, or should devs just use PyPy?


Re: Oooooh, Python is slow!

Slowness is relative and poor programming can create exceptionally slow code. Multi ms hops to a DB on another server, after already spent multi ms searching a cache only to miss, then waiting for the DB to curn out a result and send it back to you is probably always going to be slower than the python code that you're executing.

Helsinki Syndrome: Ubuntu utterly fails to boot on metro


Re: Teething problems

With that persistent continuous cough I'd be more inclined to ask: Covid?

Quic! Head to the latest Chrome version and try out HTTP/3


Re: Don't worry

Erm, it seems like you're not aware that a lot of the work that went into SPDY was picked up and implemented into the HTTP/2 protocol.

Firefox 48 beta brings 'largest change ever' thanks to 'Electrolysis'


Someone should tell their devs about this site


Yeah, have a look at all broken addons, the ones not tested but listed, and then notice that this page only lists 880 addons out of 1000s.

Also look at the number of users that are using the broken addons who will either lose functionality or be stuck unable to benefit from the E10 changes.

Will any of those users be told when their addons are disabled as incompatible? Not if the move to signed addons is any example of how Mozilla treat their user base.

I've had a quick check:

* I've got 5/20 addons which are known to work

* I've got 6/20 addons which are known not to work

* I've got 3/20 addons which haven't been tested

* I've got 6/20 addons which aren't even listed

Out of the 6 plugins which are broken, I use 5 of them every day and will be disabling E10 until they all work; Ghostery, Downthemall, Lastpass, Session Manager and X-notifier.

A bunch that haven't been tested or aren't listed I'd be in the same boat if they broke, like tab groups, The Addon Bar (restored), external IP and Last tab close button.

Alarming tales: What goes on INSIDE Reg hack's hi-tech bedroom


For Android users

I use Juice Defender (BETA) Ultimate on Andorid (I tried it for 'free' by getting the APKs elsewhere and then bought it off of the Play store because I was so impressed with it.)

I can create separate schedules for the weekends and weekdays. I can set the phone to go into flight mode on a schedule and also for it to turn the phone to a different alert setting, vibrate for example, during those schedules. The side benefit is that my phone battery lasts for 2-3 days now too.

The only thing missing at the moment is for Google to tie the alarm clock to the calendar so that I can get the phone to automatically use a different alarm setting if it's a bank/public holiday or I have a holiday scheduled into my calendar.

This really needs to be done as it would mean that my mainly useless memory won't lapse and forget to turn off / on the alarm at the beginning or end of the holidays!

GitHub code repository rocked by 'very large DDoS' attack


Re: It IS a bit puzzling.

I take it that he's not on your Christmas card list then? :-)

Hands on with LG's 21:9 monitors


Re: Argh!

The best of which is the Dell U2412m. I'm glad at least one manufacturer recognises this market. Unfortunately, they're not exactly the £100 monitors I'd usually buy.

Alpha.gov.uk preps for beta, prays for funding


Google analytics

I wouldn't have noticed that it had been blocked if I hadn't read the comments first.

Ghostery plugin is a Firefox necessity (Yes you can get it on Chrome too but it's missing some blockers).

Stop sexing up IT and give Civil Servants Macs, says gov tech boss


You don't seem to see, or understand, the problems

"Most of you want to stay with the same old failed systems: Windows! Look at what a success that has been. Cheap? Have you ever worked in a shop that uses mainly Dell? I have, several times. The cost of the native hardware, with Windows or Suse or Redhat (or self installed Slackware or Suse) was not much lower, especially with the Gold support needed. Then, the failure rate was "awesome". I recall getting a batch of six higher spec. laptops. All were under repair within six months, two of them twice and not for user damage, just straight, hardware failure. The desk tops were scarcely better, though the servers, once one called in the engineer to fit the ordered parts rather than what arrived, were not so bad."

Just because you have had a piss poor experience with PC hardware and open source don't tar the rest of the industry with the same brush. The problem is with the planning and execution.

Santander blames Firefox 4 for website fail


Obviously very badly uninformed!

"We are aware that some customers using the latest version of the browser Firefox, version 4, may currently be experiencing difficulties accessing their account details online. We are in the process of rectifying this and would advise customers in the meantime to use a previous version of Firefox or Internet Explorer.

"This will not impact customers' online security..."

No one should be using IE at the moment due to the MHTML bug that allows drive by attacks that can compromise the system. Stupid, stupid people. Just because they have particularly stupid management when it comes to deploying a web service, and/or particularly stupid web developers doesn't mean that they should be giving poor advice that can lead to their customers having their bank accounts hijacked.

Walk away from Santander, and any other monkeys, that want your cash and can't write a proper website that works across browsers.

IE9: Downloads beat Angry Birds, lag Firefox and Opera


Downloaded it three times here

Laptop, main PC and the work PC. I need to build an IE8 VM now though; to go with my IE 6 and 7 VMs.

FF 4 will get 10 downloads from me (work PC, main PC, Laptopx2 (Windows and Ubuntu), Netbookx2 (Windows and Ubuntu), Windows VM, Ubuntu VMx2, work Mac Mini).

Guess FF4 wins this round again.

Twitter adds HTTPS opt-in button to micro-blogging service



Secure DMs?

Mozilla to ship Firefox 4 on 22 March


Depends on your audiance.

If your visitor statistics back up use of CSS3 and HTML 5 in your websites then I would say go for it. CSS 3 is especially easy to implement into sites in a progressively enhanced way, so we have started using it even though most users won't see the enhancements.

The company I work for shows a massive bias on our clients' sites to IE 6-8 users, and that won't change anytime soon, so even PNGs are a pain to work with.


Use IE9 at your own peril

MHTML bug owns all versions of IE and such attacks will be commonplace for the foreseeable future because of the tight integration with the OS.

Most Linux distros come with Firefox by default, so this is interesting for them.

Firefox didn't get hacked this year at PWN2OWN, along with long standing Chrome (not hacked as of yet).

Firefox 4 is a stepping stone for Firefox 5/6/7 this year which should bring tab isolation/sandboxing, 64bit version, more HTML 5 and CSS 3 features.

Making sport of browser security, hackers topple IE, Safari


Day two

No takers for Firefox so it stands alongside Chrome this year as not having been hacked.


Mac hack

So, you now have access to the system through an account; next hack run is privilege escalation exploit.

Once you're in the system remotely you're in the system, regardless of the account you happen to have wheedled your way into.

Doesn't matter what system you're attacking, the exploit methodology is the same; get into the system, escalate privileges, control system.


No Firefox results because it was delayed until day 2

So anyone saying that it has been hacked already is wrong.

Mozilla delivers first Firefox 4 release candidate


What's with all the bad memory management reports from FF users?

I really don't understand this. I have never seen large amounts of memory used by Firefox, I only see a huge amount of memory usage with flash apps running (800MB for the plugin container.)

Do you all have so little memory that 100MBs make a difference between browsers?


@AC "And it's utter pants"

There is malware out there that causes FF4 to crash but not FF3.6. You need to reformat your PC with a clean OS DVD and check performance again without installing anything other than FF4 and windows patches. Use an antivirus package, like a free one such as Avast 6, or a paid for one from a reputable vendor. Then install your programs one by one.

See: https://bugzilla.mozilla.org/show_bug.cgi?id=633445

Mozilla confirms Firefox 4 beta 12 is FINAL test build


FF + Hotmail user here

I use Hotmail via the Webmail notifier plugin, alongside a couple of yahoo accounts and a gmail account.

I get lots of newsletters sent to the hotmail account. I use a yahoo account for sites like this one.

Windows 7 service pack 1 set to lift off today


It's out now!

I just manually checked for updates and sure enough there it was ready for download. ~80MB-900MB I think it said, but most machines should be up to date.

I don't fancy the job of updating the four Win 7 office pcs tomorrow. I guess I should be glad that there are only four of them. We have three sat in storage, but hopefully I may get WSUS before I need to update them.

UK.gov braces for Anonymous hacklash


Online DDoS laws outlaw similar, offline, legal forms of protest

If I, and two thousand of my friends, turn up at some store or other and pack it out, and pack out the street outside trying to get in, just browsing so that no one who might wish to actually give that store their business can get in that would be a denial of service attack.

This is different to just barring the entrance and preventing access as there would be no room for the actual customers to get into the store.

If you were to go into a bank with lots of your friends throughout the UK and remove all the brochures from those branches. That is a DDoS attack, but offline, and it would be seen as a legitimate form of protest.

Thus, I would argue that doing so online, through the LOIC or holding your ctrl+F5 buttons for a few hours, is a legitimate form of protest, as far as I'm concerned, and would cause less of a financial impact than other forms of offline protest. (Think of the amount of cost there is in printing and stocking leaflets and brochures and denial of service on a store or bank, by filling it out with non-customers, would have on the bottom line.)

MS warns over zero-day IE bug


Nice mention...

Which is funny, as IE 6 doesn't have ASLR or DEP support and I doubt that the EMET workaround will work for it either.

I hope that all those corporate security types that love XP/IE6, like HMG, are paying attention to this.

WikiLeaks' Assange to be indicted for spying 'soon'


If he's a spy...

for whom does he spy?

Simple enough question.

RHEL 6: serious Linux built for growth


128 cores...

Is a dual processor workstation in 2015. So, it's got four years of life in it. Six before it will only work in high end single processor machines.

Those four thousand cores will be utilised by a single processor machine in 2027, assuming two years for each process transition and a linear doubling of cores per process transition.

Green light for spooks' net snoop plan


Skype uses 256bit encryption doesn't it?

Also, SSL Google anyone? SSL encrypted proxies located abroad for all your traffic.

It's a bit weak, but if everyone does it they will be back to square one.

£1bn+ Royal Navy destroyer finally fires 'disgraceful' weapon


It all sounds very familiar.

I wonder if they tested the missiles against the Mirach 100/5 towed targets at 792


The Mirachs aren't supersonic so can't use them for testing that aspect of the system.

The MoD procurement sounds like my current job's management team's approach to building new software; which is funny as I came from the MoD into my current job.

At my current job, we have managed to get the directors to go to an outside firm to get the specification written. However, knowing the directors, they will constantly be changing things

until they are happy, and so it will be exactly like a military/government project, with massive overruns in terms of costs and time.

Hodehum :-(

How do you copy 60m files?


No hierarchical folder structure?

Surely you would do this in parts using something like the native zip functionality or a third party program like WinRAR to turn a large number of these files into a single archive.

The thought of transferring 60m files across a network connection makes quail. Even the web servers that I look after top out at 7.5m files.

Rise in Latvian botnets prompts Spamhaus row

Thumb Up

Utter tosh

If we returned to the 'trees', you'd be at the mercies of the person or group of persons that held the biggest stick(s).

If they didn't like what you were saying they'd quite happily be rid of you. If you wandered into someone else's area, they might tortuture you and or kill you for doing so.

All these basic 'Human Rights' are utter b.s.

UK.gov sticks to IE 6 cos it's more 'cost effective', innit


There're a number of things to consider...

What most people fail to understand that HMG is probably using and controlling their systems with AD, and as other browsers don't tie themselves into AD, the admins would not have control, unless the browser update is to a more recent version of IE.

Also, what do you think they would do when they realised that all these 'In porn' modes made logging what people were doing impossible to follow?

My impression is that HMG is using IE6 specific ActiveX controls, like a lot of big corporations of the early XP generation and that they would have to rewrite those or all those applications that they use that use them to be able to move away from IE6. Personally, I think that they should never have been allowed to go the OS specific integrated route as it's a lock in to a specific platform. All their apps, both front end and backend, should be fully portable to other OS and browser platforms.

It is a good argument for public oversight of governmental IT projects, so that we the tax payers don't get screwed over, and over, and over.

I also think it's outrageous that the government would publish a statement that insinuates a lie, that they don't need to do anything because there's no evidence that that the latest fully patched browser from MS is any less secure than alternative browsers. All well and good, if they were using IE8, but they aren't using the LATEST fully patched browser from MS, they're using IE6. And probably systems that are not fully patched either, so two lies?

Also CanSecWest has had IE8 crumble during its competitions every year that it has been out. Only one desktop browser remains uncompromised at that event, and that's Google's Chrome browser. So there is the evidence that there are alternative browsers that are less insecure than IE8.