* Posts by usbac

436 publicly visible posts • joined 4 Oct 2010


Change Healthcare faces second ransomware dilemma weeks after ALPHV attack

usbac Silver badge

Re: Let that be a lesson

Many years ago, I posted the idea of paying a ransom being a criminal offense. I got down-voted heavily on that comment. I also received tons of criticism followed by all kinds of pathetic reasons why companies need to be able to pay ransoms.

I'm glad everyone is starting to see the reasons why this just has to be the case.

Iowa sysadmin pleads guilty to 33-year identity theft of former coworker

usbac Silver badge

"Keirans now faces a potential maximum sentence of 32 years in prison, with a minimum of two years. He'll also have to pay a $1.25 million fine, and serve five years of supervised release after his sentence."

I would hope Keirans also owes the real Mr. Woods a HUGE restitution payment!

How a single buck bought bragging rights in the battle to port Windows 95 to NT

usbac Silver badge

Re: Windoze NEVER worked well.

I remember the DPS Perception Video Recorder cards. They were awesome in their day. The fact that they recorded directly to a SCSI drive, bypassing the system bus was genius. It made desktop video editing possible before PCs were really powerful enough.

I remember the driver would do all kinds of cool stuff. You could access the video storage drive as another drive letter. It would also make directories available with each video frame as a separate image file (Targa, if I remember correctly).

We used Newtek Lightwave to render 3D animation directly to the PVR drive, then we could print it to 1" Type-C video tape through the analog video outputs.

Very expensive stuff back in the day. Now, a budget smart phone blows it away!

usbac Silver badge

Re: Windoze NEVER worked well.

In those days, for a server you used Novell Netware. Servers ran for years without reboots. You could even patch it without rebooting.

Some server hardware at the time would allow hardware replacement without rebooting. I once replaced a network card without rebooting the server. You go to the command line, unload the network driver, pull the NIC and replace it, then go back to the command line, and load the driver for the new card.

I once was called in to work on a server that was showing an uptime of over 6 years!

Majority of Americans now use ad blockers

usbac Silver badge

"I am constantly surprised by friends who don't even know that ad-blockers exist."

I was recently visiting a friend of mine that works in IT. He has his own company, staff and all. We went into his office for him to show me a web page with some neat new piece of gear. He opened his browser, did a quick search, and then went to a site with the piece of equipment. He starts grumbling at how long the page is taking to load. Once it loads, it's so full of adds and other crap that the item we are looking at is barley visible.

I asked him: "Is this what the internet looks like now?" He looks at me puzzled. I then asked: "Don't you run an add blocker?" He answers: "What's an add blocker?"

I sat down at his desk and installed uBlock for him. Once he started browsing again, it was like a revelation. I told him "Don't you know that many of these adds contain malware and trackers?"

I guess the difference is that I work in IT security, and he works more on the engineering side. Still, I was really surprised.

It was a bit of a revelation for me to see what the modern internet looks like without an add blocker. I've bee using one for over ten years now. It's the first thing I do when installing a new browser.

Ransomware can mean life or death at hospitals. DEF CON hackers to the rescue?

usbac Silver badge

Re: Wrong approach

It seems to me that hospitals and doctors clinics operated just fine for many decades before the internet came into common usage.

I remember my parents and grandparents being treated at hospitals back in the 70s with successful outcomes. I was very young back then, but I don't remember the doctors saying "I'm sorry son, I can't treat you family members because this thing called 'The Internet' doesn't exist yet". My memory may be a little fuzzy, but I don't remember hearing anything like that?

My grandmother was a nurse. She received her training in the Navy during WWII. I don't remember her ever saying "If only we had The Internet, I could have saved all of these people..."

usbac Silver badge

Re: Wrong approach

As much as I detest the idea of more government intrusion into our lives, it's far past the time to license software developers just like civil engineers and other professionals. Cyber security needs to be a big part of their licensing process (exam/training/etc.)

If someone needs to be licensed to design a bridge or a building, why aren't software developers required to do the same. I would argue that software is now often as life-critical as buildings and bridges.

Time to examine the anatomy of the British Library ransomware nightmare

usbac Silver badge

Re: "Too old to be safe, too expensive in time and money to replace"

I think the OP was making a point about getting off of this hamster wheel of constant patching/upgrading to chase security vulnerabilities. Software should not have zero-day vulnerabilities. If software was properly developed and tested, the admin you mentioned would not have had to watch for constant patches. The fact that the admin missed patch number 532 on software that was released six months ago, should never be a consideration.

This mentality of "Does it compile? Great, release it. We can always patch it later..." is why we are where we are. The software industry is the only industry where you can knowingly release a dangerous and defective product, and have zero liability for it. All I'm asking for is that the software take some responsibility for their product. They won't until they are forced to.

usbac Silver badge

Re: "Too old to be safe, too expensive in time and money to replace"

Many, many years ago, before getting back into IT, I worked in the insurance industry (claims side). You would be surprised how many subject matter experts are employed by insurance companies. Especially in industries where they write policies. I once met a fire investigator that worked for an insurance company. He was very competent. He had been a fire marshal and investigator for the fire department for nearly 30 years.

usbac Silver badge

Re: "Too old to be safe, too expensive in time and money to replace"

I agree with the OP above.

We also need to stop software companies from waiving liability for the security of their software. If someone sells a defective coffee machine that burns down a bunch of people's homes, they will get sued, possibly out of existence. It should be the same with software. If your software has a vulnerability that causes a data breach, you've done the equivalent of burning down someone's home. You should be just as liable as the appliance manufacturer.

Software vulnerability analysis should be an area of increased investment. Maybe this is the one place where AI might actually be useful?

We need something like an Underwriters Laboratories for software. Once software companies can't waive liability in their EULA anymore, they will need to insure against it. UL came about due to insurance company requirements for issuing product liability policies.

Job interview descended into sweary shouting match, candidate got the gig anyway

usbac Silver badge

Many years ago at a managed services company, we were interviewing for a new IT support tech. The question I would ask each candidate was: "you have a PC that is not connecting to the network, what do you check first?

We got all kinds of answers. One candidate even said that he would re-compile the drivers from source. Another talked about removing all of the drivers and cleaning up the registry. After days of interviews, we had a candidate that said "I would make sure that the network cable is plugged in". He got the job. George was an awesome tech, and a really intelligent person. We later found out that he authored several books. He also played guitar in a hard rock band on the weekends (you would never guess).

Boeing paper trail goes cold over door plug blowout

usbac Silver badge

Re: Why aren't these people facing jail time?

Maybe not. Aloha Airlines turned one of their 737's into a convertible at 24,000 ft, and managed to land it okay (less one flight attendant, unfortunately).

Also, United flight 811 had a door failure between Honolulu and Auckland. They lost nine people in the incident, but the 747 made it back in mostly one piece.

Airliners can take a lot of abuse, and still be able to return for landing.

Apple's had it with Epic's app store shenanigans, terminates dev account

usbac Silver badge

When you buy Apple crap products, you support this behavior. If you want them to stop behaving like a child, stop buying their products.

Year of Linux on the desktop creeps closer as market share rises a little

usbac Silver badge

Re: Repeat after me:

I want to start out by saying that I detest Microsoft. They are the root of all evil in the universe as far as I'm concerned (or maybe Google?).

I'm in the process of migrating everything in my private side of IT away from anything Microsoft. The few remaining Windows PCs here at the house still run Windows 7, and only for a couple of pieces of software that I don't have Linux replacements for (and before anyone says "but you can use...", no I can not).

That said, I've used Outlook at work (mostly) but also at home for about 25 years. I've recently tried Thunderbird as a replacement for Outlook. It was dreadful. I also tried BetterBird, which is considerably better than Thunderbird in my opinion. Neither of them are all that great. I spent a week trying every open source email client out there, and chose BetterBird. It is sort of tolerable at best. I could spend the whole morning listing all of the problems/shortcomings/bugs I've run into with it.

As terrible as the new versions of Outlook are, (this is painful to write) none of the open source email clients can replace it.

Copilot pane as annoying as Clippy may pop up in Windows 11

usbac Silver badge

I figured all along that this is the reason that they are shoving this down everyone's throat.

It's why we are now seeing all of this AI crap everywhere. A while back a bunch of large investors were told that AI is the future by some hucksters trying make a quick buck, and they all jumped in head first with billions of dollars. Now, even though no one really wants any of this, they have to show "adoption rates" to justify investing other people's money in this nonsense.

Twitter's ex-CEO, CFO, and managers sue Elon Musk for $128M

usbac Silver badge

Re: Move over Donald

I wish I had 100 upvotes to give...

EU takes a bite out of Apple with $2B in-app purchase fine

usbac Silver badge

"Apple claims Spotify controls 56 percent of the European music streaming market, and doesn't pay Apple a dime despite the App Store significantly contributing to its success."

Ah, what a shame when someone else uses their monopoly powers, isn't it?

Ransomware ban backers insist thugs must be cut off from payday

usbac Silver badge

Yeah, I was about to comment on the corporate welfare part.

So the idea is that if a company doesn't want to spend the money to do security right, tax payers will just come along and bail them out? That sounds like a typical government solution. Spend someone else's money...

Lightweight Windows-like desktop LXQt makes leap to Qt 6 with version 2.0

usbac Silver badge

Re: Mate for a traditional interface

This horseshit all started with mobile phones. Small screens with limited resolution needed a bit of a shortcut. The 3D effect on edges along with drop shadows took up valuable screen real estate, so a flatter interface was deemed an okay compromise.

The problem was the idiots at Microsoft thought every device is the same as a mobile phone (thus the extensive touch-UI that they barfed-out and called Windows 8). Why everyone decided to copy the worst UI in recent history, I really don't understand.

It's weird that the same groups that makes fun of Microsoft (rightly so), is in such a hurry to adopt their poor UI design ideas.

It's statement to our current times that no one has an original thought or idea anymore. Look at movies coming out of Hollywood; nothing but remakes, reboots, and the continuation of old, tired franchises.

usbac Silver badge

Re: Can someone man'splain this to me?

I think this was the OP's point was, can we just fix the bugs and stop mucking around with the UI? This change for the sake of change, is why I'm moving to Linux instead of Windows. The last thing I want is for that disease to infect Linux.

I want an OS that gets security patches, and they leave the UI the F*** alone. If I didn't dislike Apple so much, I would switch to a Mac.

usbac Silver badge

Re: According to Portage...

And it had just about everything we really need in an operating system. All I really need from an OS is to manage the file system, deal with networking, and to launch apps.

Intel urges businesses to undergo AI PC facelift with vPro update

usbac Silver badge

I'm looking at the bright side. All of this forced-refresh nonsense will provide plenty of cheap but still relatively powerful off-lease PCs on EBay soon.

I just bought a Dell Optiplex micro-pc with an i7 and 16 GB of RAM for $44 shipped in. Add a $17 SSD, and it makes an awesome Mint PC (and it's really tiny).

Work for you? Again? After you lied about the job and stole my stuff? No thanks

usbac Silver badge

Re: Being polite is great

For several reasons:

1) I worked there for 17 years. If I needed to look for a job again (if the new employer doesn't work out, etc.), applications usually ask for contact information for "your immediate supervisor" at XYZ job. So, this guy may have to be a reference. Jerk or not, he knew I could have dumped in in it, and I didn't.

2) The CEO's job is to know what his VP of technology is doing, and how well he is performing. This was not a big company, and having several people suddenly leave, that all work for the same guy, should be an indication that he needs get involved. I didn't need to tell him how to do his job. My former boss was quickly "retired" shortly after I left (despite being several years away from when he planned to retire).

usbac Silver badge

"If you want IT stories of stupid decisions, entitled people and mismanagement schools are the place to fish for them."

There, I fixed it for you!

usbac Silver badge

Re: Being polite is great

I have a different take on this.

About two years ago I left a job where I had been there for about 17 years. For most of that time, I got along with my boss very well. Then, something changed (nobody could figure out why - personal issues we thought?). He started being an absolute raving jerk to everyone. People started leaving right an left.

Over about the last ten years, I developed a lot of the software that the company operated on. When I announced that I was leaving, there was a bit of panic in upper management. They wanted me to agree to a contract rate to keep supporting them after I left. I probably could have named my price at that point. I told my boss "no".

Shortly after, I get a call from the CEO "would I come see him?" He was a really good guy, and was always kind and generous to me. He asked me why I was leaving, and I could have tossed my boss under the bus, but I didn't (I think he actually know the reason, but didn't say anything). He asked me the same question about agreeing to a support contract and said "would I do it for him, personally". I told him "no, but if you have the occasional question, I will help you out where I can".

The reason I would not agree any kind of paid deal is simple: my jerk boss would think he has power or control over me again. If they are paying me, he is back to being my boss.

Pride is worth more than money.

Preview edition of Microsoft OS/2 2.0 surfaces on eBay

usbac Silver badge

Re: The control PC runs Debian.

It wasn't the manufacturers decision. The machine came with a questionable copy of bloated Windows based control software.

I never even set up the Windows based crap. I made some hardware modifications/upgrades, and set up LinuxCNC to run the machine. I planned to do this before I even bought the machine.

The software and electronic hardware side I can build and maintain myself. The precision machining, welding and other metalworking, not so much. At least not before buying this machine!

usbac Silver badge

Re: nice new mid-range CNC machine

The control PC runs Debian. Everything related to control of the machine is open source. I have a rule at my house: No new Windows PCs.

The CAM software I use runs on Linux or Windows. The same with the CAD software.

Soon, the only Windows PC at home will be my work supplied laptop.

usbac Silver badge

Re: Nice museum piece

A few years back I sold my old Apple][ on eBay. I dusted it out, and cleaned the floppy drive heads. It booted just fine from the original Apple boot floppies that were dated 1978. The buyer was thrilled to have original boot disks that worked. They paid stupid money for the old thing. I bought a nice new mid-range CNC machine for what they paid.

Firefly software snafu sends Lockheed satellite on short-lived space safari

usbac Silver badge

"former Voyager scientist Garry Hunt questioned if the commercial spaceflight sector of today would take the same approach to quality as the boffins of the past."

No, they will not.

Too many years of "If it sort-of works, ship it. We can always send out (umpteen million) patches later". The skills to write the kind of code Garry Hunt is referring to have been long lost.

I does seem that SpaceX manages a little better than most, somehow.

Wyze admits 13,000 users could have viewed strangers' camera feeds

usbac Silver badge

Plainly Difficult has a good video on the subject:


usbac Silver badge

It was supposedly some sort of caching issue. I saw it mentioned elsewhere that they may have had this problem all along, but didn't notice since the cache expired fast enough. However, with the sudden surge of devices coming online all at the same time, the problem finally manifested.

usbac Silver badge

People putting cloud based security cameras in their homes. Who would have thought something would go wrong?

Especially a company run by a bunch of tech-bros that probably runs on a bunch of frameworks stitched together with code from Stack Overflow and hosted on AWS.

Staff say Dell's return to office mandate is a stealth layoff, especially for women

usbac Silver badge

Re: What are they good at?

The company I work for stopped buying Dell about two years ago because of quality problems. We are now buying Lenovo, but are having a lot of quality problems with them too. Maybe everything is just crap now?

I bought my wife a new Dell laptop a couple of years ago, and she has had a lot of problems with it. The webcam intermittently stops working, and it overheats badly. Dell support was useless. Her laptop runs Linux Mint, and they won't provide any support unless I put windows 10 back on it.

My main laptop is an eight year old Dell Latitude, and it is solid as a rock.

Ukraine claims Russian military is using Starlink

usbac Silver badge

Yes, it comes down to one simple question: "Do you ever want to get another launch permit?"

Or, alternatively: "Do you want to see your FCC license renewed?"

IT suppliers hacked off with Uncle Sam's demands in aftermath of cyberattacks

usbac Silver badge

Yeah, I liked this part:

"The CSP-AB took particular umbrage with the FAR update's SBOM requirements, arguing cloud service providers shouldn't be required to submit them since they're so frequently subject to change – sometimes "up to hundreds of times" per day."

Maybe, if these cloud vendors stopped making hundreds of changes per day, they could focus more on writing secure code! Yeah, I thought not!

Raspberry Pi Pico cracks BitLocker in under a minute

usbac Silver badge

Re: A brilliant testament to analysis

It doesn't matter if you use an internal layer, the chip is still on the surface. It's no problem to collect the signals off of the pins on the chip.

I tack very small wires on to chips under a microscope all the time when debugging my designs. I watched a friend of mine attach probe wires on to the solder balls under a BGA chip (several rows in) wile it was under x-ray.

usbac Silver badge

It's nearly impossible to protect a device that someone else has physical access to. It has never worked trying to lock-down consumer electronic devices, and it never will.

Hundreds of workers to space out from NASA's JPL amid budget black hole

usbac Silver badge

JPL is getting budget cuts, but we are still dumping billions into SLS. It sounds about right!

Ignore Uncle Sam's 'voluntary' cybersecurity goals for hospitals at your peril

usbac Silver badge

Re: Same expereince here

The problem is that almost everything "new" is bloated, insecure crap filled with spyware telemetry. How is "upgrading" an improvement?

usbac Silver badge

Re: Governments aren't there to make life easier.

The solution for 2FA in a medical setting is something like the new Yubikey with NFC. You could have a reader on a keyboard or monitor, and staff only have to pass a key near the scanner.

There are many ways to fix this. It only takes a commitment to make it happen.

EU repair rights bill tells manufacturers to fix up or ship out

usbac Silver badge

Re: I haven't read

The thing is, today (for a while now actually) most common devices like televisions are built almost exactly from the reference design from the chip manufacturers. It's amazing how often, when repairing a device, all you have to do is to find the data sheet on the main IC, and you will have almost your entire schematic. The designers will have made small changes, but those are easy to figure out.

If the device is more complex, you will still often find that it's a bunch of reference designs strung together.

Most of the time, repairs are as simple as bad caps. My 55" TV started having audio problems, then no audio at all. I opened it up, and there were bulged caps. So. I replaced all of the electrolytics (for about $15), and it has worked fine for several years since. No schematics needed.

Windows 3.11 trundles on as job site pleads for 'driver updates' on German trains

usbac Silver badge

Re: 8 megabytes?

A place I used to work for sold new PCs with Windows 3.1 and 4MB of RAM. In those days RAM was about $100 per megabyte. Only customers with really deep pockets would spring for 8MB of RAM.

My first computer had 4K of RAM and ram all kinds of software.

I work with embedded systems as a side gig. I'm just finishing up a project where I have a device with a touchscreen GUI and a web server. The entire OS and application is about 75KB (in flash memory), and the system has only 16K of RAM. Compared to my first computer, this embedded device is pure luxury.

Amazon calls off $1.7 billion iRobot buy, blames regulators

usbac Silver badge

"Europe cannot and should not create an environment where companies are not allowed to invest in, or acquire, companies in related sectors."

He added: "Neither competition law, nor the Digital Markets Act, should be used to artificially limit or restrict healthy markets or legitimate acquisitions."

This is exactly what proper regulators should do. I just wish we had such regulators here in the US!

SparkyLinux harbors a flamboyant array of desktops

usbac Silver badge

I'll put my grumpy old man hat on for a minute, and start an "in my day..." response.

Since when is a 3.5GB OS considered "light weight"?

When Windows hit 1 GB, we all thought it was typical bloated Microsoft crap, and now a "light weight" Linux install is 3.5GB!

Yes, I know there are some distros out there that are very small. I'm just remarking on the re-calibration of "light weight"...

Standards-obsessed boss ignored one, and suffered all night for his sin

usbac Silver badge

They all want to be marketers and social media influencers now. Actual science and engineering is just too hard.

When I read an article a while back about how today's youth don't know how to use basic office equipment, there was a quote from a a recent ENGINEERING graduate about how the office printer was too complicated, and she didn't understand how to use it.

As much as I hate the idea of AI everywhere, maybe we do need some form of "intelligence", since it doesn't seem to exist in the younger generations...

*From another grumpy, almost old man.

usbac Silver badge

I once worked for a place where EVERY purchase order, no matter the amount, required three signatures. Two of them directors signatures.

One day I spent an hour and a half chasing down signatures to buy a box of blank floppies (this was obviously a while back). One of the signatures needed was the director of purchasing. When I went to said director, I explained that at my pay rate, they just spent 5x the cost of those blank floppies in my time getting the signatures together. He didn't seem to care!

Needless to say, I started looking for another job within the first three months working there, and was out of there a couple of months later.

Wanna run Windows on an M-series Mac? Fine, buy a license, but no baremetal

usbac Silver badge

Re: Windows is no longer a necessity...

Show me the Linux version of software to run your GC-MS. How about your HPLC software, do you have a Linux version handy? What about the software for your Spectrophotometer? I could go on and on.

usbac Silver badge

Re: Windows is no longer a necessity...

Unfortunately, this is not true. Not for most business users anyway. Believe me, I would love to live to see Windows rot and die, but there are too many proprietary Windows applications out there for this to happen for a while.

I have several CAD/CAM applications that aren't easily replaceable on Linux or the MAC. I wish they were (and, yes before suggesting "xyz woks on linux...", I have done extensive research looking for a suitable replacement).

In scientific fields, they use proprietary software for running various instruments, the same with medical fields. Engineering also uses tons of specialized Windows applications.

I'm the last person that wants to run Windows, but I can't make the switch yet, much to my complete disgust! Many others are in the same boat.

Travel app Kayak offers Boeing 737 Max 9 filter after that door plug drama

usbac Silver badge

The bigger question

If they are already finding bolts loose or improperly installed on the plug doors on other aircraft, and with the loose bolts in the tail assembly from a couple of weeks ago, should any of the airframes coming out of Boeing be trusted?

I think at this point, every aircraft that came out of Boeing in the last few years needs to be completely disassembled and put back together with proper inspections this time. They need to ground all Boeing products until they can be completely inspected inside out.

Stripe commuters swap traffic jams for hydrofoil glam

usbac Silver badge

Re: all with no carbon emissions

I was just going to post the same thing. Where does the power to charge this thing come from? Magic?

I'm so sick of this "no carbon emissions" BS!!