* Posts by Sandtitz

1307 posts • joined 6 Oct 2010

Page:

Mozilla signs fresh Google search deal worth mega-millions as 25% staff cut hits Servo, MDN, security teams

Sandtitz Silver badge

Re: Firefox privacy

Of course money talks. The earlier layoff article stated that Firefox gets 95% of its revenue from Google, Yandex and Baidu.

Duckduckgo is small potatoes with its 100 (or so) employees and their revenue comes from Microsoft's ad network and affiliated links. DDG could perhaps offer 1/1000 of that $400M pot and after all the hosting and other expenses, Mozilla could maybe pay a single coder...

Docker shocker: Cash-strapped container crew threatens to delete 4.5 petabytes of unloved images

Sandtitz Silver badge
Holmes

Re: Docker tweaked its terms of service

Few years ago MS stopped offering the "unlimited" Onedrive, and people were up in arms in these forums.

Docker is the cool new guy and they're given a free pass here.

US govt proposes elephant showers for every American after Prez Trump says trickles dampen his haircare routine

Sandtitz Silver badge
Go

"recent changes in regulation by past presidents have changed water flow rates for shower heads"

Oh yeah, they made a whole Seinfeld episode about low pressure shower heads.

Whoops, our bad, we may have 'accidentally' let Google Home devices record your every word, sound – oops

Sandtitz Silver badge

Re: Time for a mega GDPR related fine on Google

GDPR has a 4% global turnover as a limit. Last year GOOG had $160 billion revenue. GDPR can be used against Google only if they eavesdropped in EU/EEA areas. Where did the

In the US, eavesdropping requires consent and may result in monetary penalties and imprisonment. While I'd very much like to see the managers who authorized the recording, going to prison, they'll go scot-free. Google will blame the rogue coders because apparently at Google everybody down to janitor and his dog has full, un-monitored access to the source code.

So... how many here have bought these bugging devices?

Less than six months after original release, Samsung reboots its Galaxy Z Flip pholdable for the 5G age

Sandtitz Silver badge
WTF?

Re: No.

"4. It'll receive software updates for approximately 37 minutes after its release date."

On which model(s) do you base this?

My mistress has a three-year-old Galaxy S8, and it just received the June 2020 Android update.

Only EU can help us, pleads Slack as it slings competition complaint against Microsoft Teams

Sandtitz Silver badge

Re: Teams' Architecture

"We purchased Skype to combine the ability to collaborate with the ability to connect via video, because that’s what people want. Because that's what they did in 2011."

Microsoft has had Skype for Business (formerly called Lync, before that LCS) from waaay before they bought Skype. Teams is not a new iteration of Skype or S4B, it is (as already mentioned) mostly an amalgam of existing O365 technologies.

"Then they ignored it until competition appeared. As is tradition."

I agree.

Ubiquiti, go write on the board 100 times, 'I must validate input data before using it'... Update silently breaks IDS/IPS

Sandtitz Silver badge
Meh

Re: "This is a beta service for [their security] products"

"[1] a beta security service operating live?"

Many security product manufacturers have opt-in beta channels for those who really like to test upcoming features. As long as Ubiquiti has clearly flagged (?) this feature with an appopriate warning, I would have no problem with it.

"[2] just shows what we all guessed - security appliance software development is as sloppy as it is for everything else."

Perhaps it is, but drawing conclusions from a single incident is unwise.

Also, grouping all software development in the same "sloppy basket" doesn't seem to reflect reality.

If you can read this, your Windows 10 2004 PC really is connected to the internet no matter what the OS claims

Sandtitz Silver badge
WTF?

Re: Teething problems

"I used the (none) icon, because once Windows reaches 35 years old, I am sure its number of bugs will also be (none)."

How does 35 years of development make software bug-free? Is there a precedent? Shall Linux in just 7 years' time reach software-defined Nirvana?

Oh what a cute little animation... OH MY GOD. (Not acceptable, even in the '80s)

Sandtitz Silver badge
Pint

Re: Adult floppies...

"Smut was more like magic-eye pictures in those days - you had to stare for a few minutes trying to work out what it was....."

The good stuff was at the proper BBS's. (late 80s/early 90s we're talking about here?).

Soon after 1987 and the birth of VGA and GIF format in the same year (co-incidence?) the modems started to get faster and hard drives more common... There were practically no common video formats, but I recall a few insteresting Grasp videos from the era...

Fire up a Dosbox and download some! old skool stuff, thanks to Internet Archive.

IBM job ad calls for 12 years’ experience with Kubernetes – which is six years old

Sandtitz Silver badge
Trollface

"FYI, jake had full access to Windows 7 from 1982 onwards. AManFromMars1 supplied him with a copy, and god only knows where he got it from..."

Matt Bryant gave it away because Win7 didn't play well with Itaniums.

Smile? Not bloody likely: Day 6 of wobbly services and still no hint to UK online bank's customers about what's actually wrong

Sandtitz Silver badge

Re: one egg in one basket

"Printers tend to have drivers work for much longer than a scanner or fax."

MFP's allow you to scan directly to email or a network share so drivers have never been a problem with scanning.

Sandtitz Silver badge
Thumb Down

Re: one egg in one basket

"Remember back when people spent money on all-in-one printer/copier/FAX/scanners? If one head died, they all died ... Oh, wait, people still buy those things, don't they? Go figure ...

If you have a separate set of a printer, a copier (are they still a thing?), a FAX (same), and a networked scanner - then all the power to you. I'd see this as a backwards step to turn of century.

An email banning our staff from using TikTok? Haha, funny story about that, we didn't mean it – Amazon

Sandtitz Silver badge
Stop

Re: Viva La Revolution @AC

"There is a difference: TikTok has a backdoor and ability to load files from mothership and execute them on command."

You've written three very similar posts on this topic now. Please provide a valid reference to this backdoor.

My feeble search results for "tiktok backdoor" produces a Forbes article with the 'backdoor' in its title (and nowhere in the article) and it refers to several vulnerabilities Checkpoint found earlier this year, with poor POST/GET input validation on their servers, XSS vulns and unvalidated SMS messages. The Checkpoint report doesn't state that these are backdoors and to me they just seem like vulnerabilities made by some sloppy coders with no thought for security.

"AFAIK no other 'social media' program has that capability."

I'm pretty sure most applications can contact their mothership and get additional instructions from there. Most of them use POST/GET commands anyway so downloading files and executing them (under the same security context) shouldn't pose a problem.

If you haven't potentially exposed 1000s of customers once again with networking vulns, step forward... Not so fast, Palo Alto Networks

Sandtitz Silver badge
Unhappy

Not enabled by default

"Palo Alto confirmed to The Register that GlobalProtect is not enabled by default, though anecdotal evidence suggests it's widely used."

Worthless comment.

My experience with firewalls and security products is that no features are enabled by default. Maybe basic NAT routing at most or management access.

If there was a 0-day with e.g. VPN, would the vendor just brush it away saying that feature is not on by default? (not saying Palo Alto is guilty of this)

LibreOffice community protests at promotion of paid-for editions, board says: 'LibreOffice will always be free software'

Sandtitz Silver badge
Joke

"I know I'm probably in the minority (I mean, I even purchased WinZip licences in the 1990's"

So that was you!

Linux kernel coders propose inclusive terminology coding guidelines, note: 'Arguments about why people should not be offended do not scale'

Sandtitz Silver badge
Joke

Re: I am obviously a horrible person and possibly racist...

" I was doing some hard core audio engineering last week, preparing a series of mixed audio recordings for production of CD disks as well as streaming services, making sure that the recordings are of the proper loudness levels and peak dBs for correct playback on those platforms."

This process is called "Mastering"

Oh, not at all. You were actually equalizing - quite noble of you!

Don't beat yourself up for overeating in lockdown. This black hole scoffs equivalent of our Sun every day

Sandtitz Silver badge

Re: Healthy appetite

Doctor...? Ah, you mean Inspector Spacetime!

Whatsapp blamed own users for failure to keep phone number repo off Google searches

Sandtitz Silver badge

Re: It's an unknown

My kids have €6 contracts which includes 4GB data (no speed cap), but phone calls and txt messages cost extra. The monthly bills are typically €6 apiece since they mostly call and text their friends and family via Whatsapp using (home) wifi and most often don't exceed the pooled data allowance. (i.e. they have 8GB to burn together).

Sony reveals PlayStation 5 will offer heretical no-optical-disk option. And yes, it has an AMD CPU-GPU combo

Sandtitz Silver badge
Trollface

There's rumoured to be a DIN interface but the keyboard needs to be switched to PC/XT operation.

'One rule for me, another for them' is all well and good until it sinks the entire company's ability to receive emails

Sandtitz Silver badge
Boffin

Re: Eh...

"Could Windows 95 even accept 2GB of Ram?"

Theoretically yes. There was some sort of limit at ~512MB with all Win9x systems that needed configuration trickery to overcome.

"We are talking 1994/1995 here, had someone given him a machine that was supposed to be the company server by accident?"

I'm pretty sure there were no x86 computers at the time that could sport 2GB.

Compaq Proliant 4500 (a high-end Pentium server at the time) could be fitted with 1GB of memory. You just needed an extra daughter card to house them all and the latest 64MB 72-pin SIMM modules. A single such module would cost (at the time) maybe $4000 - $5000, so were talking about a server that would easily cost way over $100K. (including the hard drives etc).

I built a Pentium 100 computer in early 1995 and the 32MB RAM was easily the costliest part when the norm was perhaps 8MB of memory.

256MB was starting to be the norm around 2002 or 2003 and 2GB was getting to be a standard baseline around/after Windows 7 was launched in 2009.

So yes, Al is talking complete bollocks here.

After IBM axed its face-recog tech, the rest of the dominoes fell like a house of cards: Amazon and now Microsoft. Checkmate

Sandtitz Silver badge
Facepalm

Re: Microsoft said on Thursday

"why should I trust MS (and other giants), when they lied before?"

Yeah... which person or corporation has never lied?

If Daddy doesn't want me to touch the buttons, why did they make them so colourful?

Sandtitz Silver badge
Happy

Re: More of a Who Me? except he got away with it

HP has continued with the Compaq design, and spare screws are still being provided. (at least a year or two ago).

The vertical/horizontal rotation of the 5,25" drive cage feature was discontinued after the HP Compaq Elite 8300 (introduced in 2012).

SpaceX Crew Dragon docks at International Space Station

Sandtitz Silver badge
Happy

Re: That logo

Squint enough and it looks like a double headed eagle - Russian coat of arms?

HP's hoping it'll be second time lucky with launch of Reverb G2 nerd goggles

Sandtitz Silver badge

"This is a problem. Despite those displays being crisp enough to make out text that would otherwise remain murky and blurred, a user is still tethered to a high-powered PC in a way the forever sold-out Oculus Quest is not."

HP would be delighted to sell the user also the HP VR Backpack...

The longest card game in the world: Microsoft Solitaire is 30

Sandtitz Silver badge
IT Angle

Re: Card Games

Yeah, and I played strip poker with my C64 before Windows 1.0 was released but it certainly didn't teach me how to use mouse (nor much about the female anatomy either)

Zoom continues its catch-up security sprint with new training, bug bounty tweaks and promise of crypto playbook

Sandtitz Silver badge
FAIL

I agree with your sentiment, though Zoom should take the blame here.

The difference with e.g. Micros~1 vulnerabilities is that Zoom has deliberately chosen a poor encryption cipher for no obvious reason. AES-GCM (amongst others) was available when Zoom corp. was formed decade ago, yet they chose a specific AES cipher not fit for streaming video - amongst many other security snafus recently reported - falsely claiming end-to-end encryption, data-mining with Facebook etc.

This would be somewhat understandable if this was a small start-up that had its v0.9 product suddenly found out by the masses, but it's a billion-dollar software company with thousands of employees, and it hasn't (apparently) had any consideration for security until recently.

Had these exposes not happened, several companies, people (including Boris) would still happily be divulging their secrets, handily routed through China.

Beer gut-ted: As many as '70 million pints' spoiled during coronavirus pandemic must be destroyed in Britain

Sandtitz Silver badge
Meh

Re: Milk consumption?

"What about those that serve breakfast? Or people who take their (especially young) kids with them to dine?"

Whether I eat my breakfast at home, at a restaurant, workplace or wherever - my dairy consumption doesn't vary very much. The oatmeals and sandwiches won't differ that much from place to place.

Young children typically seem to drink milk at a restaurant, but had the family not gone out to dine - wouldn't the kids drink a similar amount of milk at home then?

I've noticed that the quarantine has changes *some* of my habits. I'm usually drinking perhaps just half a pot of coffee during the day when working from home. My workplace has good coffee always available and I'm just sipping it through the day.

The end really is nigh – for 32-bit Windows 10 on new PCs

Sandtitz Silver badge

Re: I honestly thought it never existed

"No, 32 bit Win10 doesn't run Win3.x software, not really."

Civilization for Windows (3.1) works just fine under 32-bit Win10.

Sandtitz Silver badge

Re: Probably just as well, given how much RAM it uses..

"On this PC (which was running Win 7 32-bit which got upgrade to Win 10 32-bit during the free upgrade period) I followed the steps to enable it, it failed" [...] "I gave in, went on Amazon and purchased Win10 64 bit OEM."

Once your Win7 was upgraded to Win10 (via the free period that still continues, btw!) your PC gained a Windows 10 license, and that license doesn't limit you to 32- or 64-bitness. You could have just downloaded 64-bit Win10 media without throwing any money at Microsoft or Amazon.

Mad dash for webcams with surge in videoconferencing has turned out rather nicely for Logitech

Sandtitz Silver badge

Re: At Kitten, re: pics...

"*Long comical arcs of rainbow sparkly crocodile tears over the loss of all my porn*"

There are the Audio Described movies, though I'm not sure whether this particular category is yet to be supported. "In - out - in - out" (in monotone voice), oh yeah!

I'm sure you've heard it many times, but there's always the Braille edition of Playboy...

Incredible how you can steal data via Thunderbolt once you've taken the PC apart, attached a flash programmer, rewritten the firmware...

Sandtitz Silver badge

So, how many theoretical physical attacks are there?

This all boils down how feasible it is to re-write the Thunderbolt firmware (or more exactly, the NVRAM where the approved devices are listed) Apparently not too hard. And also obtaining a TB device that can be commanded to read or modify RAM.

1. What's to stop an attacker inserting data-stealing PCIe cards in office desktops or servers? Design the card as hot-pluggable and presto! Direct Memory Access. Alternatively PCIe M.2 cards can be used. Or hot-plug NVME slots. No need for the 're-write firmware' portion, unless the the PCIe/M.2 slots are disabled. Typically all slots are enabled at the factory.

2. Attach a data-stealing device between CPU and memory.

3. Attach a data-stealing device between CPU and PCIe, or any other bus with DMA.

4. Attach a keylogger into straight into USB traces on the mobo.

5. Monitor for "micro changes in air density" (Alien style) at the air intake to determine computer operation.

With advancing technology, any of those are becoming more and more feasible to do. Except the last one. Maybe.

Serial killer spotted on the night train from Newcastle

Sandtitz Silver badge
Joke

Re: So long as the train service...

Big Buffers would also help in case of collision.

Sandtitz Silver badge
Pint

DTMF

I remember testing for the fastest speed my telco would understand the DTMF tones with AT S11 register setting and saving it for the initialization string in Telix/Telemate/Terminate. When you were calling several BBS's (sequentially until an answer), it would really cut down the time used ...by a second or two.

The iMac at 22: How the computer 'too odd to succeed' changed everything ... for Apple, at least

Sandtitz Silver badge

Re: And that means Apple is now 44.

"No it isn't."

Yes it is! It isn't just contradiction.

International space station connects 100Mbps symmetric space laser ethernet using Sony optical disc tech

Sandtitz Silver badge

"Can you find one of my many Lagrange points? Space Babes are waiting."

We're in a timeline where Dettol maker has to beg folks not to inject cleaning fluid into their veins. Thanks, Trump

Sandtitz Silver badge
WTF?

Re: Trump's Base

No, the latest news is that Trump claims he was just sarcastic through the whole thing.

He sure fooled me! I didn't get a hint of sarcasm from him throught the whole ordeal.

Kerching! Intel PC chip shortage over just in time for everyone to buy computers for pandemic home working

Sandtitz Silver badge
Facepalm

"So much better than the old i7 3770k it replaced!"

It better be since that AMD was introduced just last year and with twice as many physical cores and has higher base + turbo frequencies, lots more cache, has higher TDP etc. That 3770k is an 8-year-old model...

My i7 laptop I'm writing this post is much faster than the K6-2 I had 20 years ago, believe it or not!

Getting a pizza the action, AS/400 style

Sandtitz Silver badge
Thumb Up

Re: A real pizza

"Italian sausage, made in Chicago"

Only if they're by Abe Froman - The Sausage King of Chicago!

NASA makes May 27 its US independence day from Russian rockets: America's back in the astronaut business after nearly nine years

Sandtitz Silver badge
Boffin

Re: Retro Progress

"I think you're wrong: the Shuttle was the worst. It killed more astronauts than the rest of the global space program"

Apples and oranges, man...

They could have said the same about Apollo program, since all manned Gemini and Mercury flights were successes and Apollo 1 crew perished in their pod.

Mercury was about putting an American on orbit before Russians. Russia won the race but was it a failure?

Shuttle killed more astronauts purely because there were 135 manned launches vs 28 on Mercury/Gemini/Apollo. There were 2 total loss disasters, 14 killed vs 1 total loss and 3 killed in Apollo 1. Shuttle put total of 833 crewmembers in space, vs 59 for the earlier programs.

Statistically the Shuttle was more safe than the earlier programs.

While each flight brought more or less scientific knowledge, the earlier programs were just about that. And planting a US flag in Moon of course. Shuttle hauled some very important telescopes and lab stuff there. And the also fixed Hubble at one point. How feasible would that have been with the earlier space vehicle design? (I don't know)

"Musk is more interested in space than he is in getting richer than he already is."

How do you know? He's already got enough money to live the rest of his life in opulence. Does he still make money or does he reject extra wealth and direct it to foundations or funds that are pro-space?

The 'IoT' in Microsoft IoT Hub means Internet of Trying-to-kill-off-whiffy-crypto-protocol: TLS 1.0/1.1 spared axe again

Sandtitz Silver badge
Mushroom

Re: And the rest @John Crisp

"Shame they don't shitcan stuff like pptp & l2tp/ipsec v1 and upgrade their encryption levels for ipsec v2 to something that governments can't spy on."

It is better to remain silent and be thought a fool, than to open your mouth and remove all doubt.

IKEv2 has been there since Windows 7. Windows offers a perfectly fine combination of encryption, key exchange and hash functions for VPNs or IPsec connections.

Yes, PPTP is useless, but please explain how L2TP/IPsec is shitcan stuff? Which vendor has dropped support for that?

Oh ... Fudge This Pandemic! Google walks back on decision to switch off FTP in Chrome 81

Sandtitz Silver badge

My FTP usage

My Firefox browser history on this home computer goes back about 3 years. I looked up for the 'ftp://' string it and there's not a lot that I would miss:

F-Secure uninstall tool, HP Softpaqs, Axis camera firmware, Windows NT4 SP4, Info-Zip binaries, C/H/S information for old HDDs, Firmware for some old unsupported D-Link shit.

Most of the aforementioned stuff is available on HTTP, but not all was. (or my search skills failed me)

It's the very old stuff that's getting harder and harder to find. After a few more years all the FTP mirrors for Simtelnet, Sunsite, Hobbes etc. are going to disappear. All those moments will be lost in time, like tears in rain. Time to die.

Another day, another Google cull: Chocolate Factory axes 49 malicious Chrome extensions from web store

Sandtitz Silver badge

Re: Just a naive idea

"Surely apps should have a limited set of domains they can talk to, set up in some manifest."

How would that help?

The anonymous perps would just use meaningless domain names or S3 buckets for data transfer - listed in the manifest.

Sandtitz Silver badge
Meh

app scanning

"Apple don't review the app's source code, it reviews the binary and subjects it to a test."

I agree with what you're saying - yet Apple seems to have way less malignant software in their app store. Google should have equal muscles to vet the binaries, dontcha think?

Play Store seems to have way more cruft and crappy game clones than App Store, but does Apple actually have equal percentage of malware in total, and they just silently take out the garbage? IDK.

Guess what's heading to trial? IBM and its tactic of yoinking promised commissions after sales reps seal the deal

Sandtitz Silver badge

Re: Torch 'em

"I don't care much for salespeople"

I don't care much for other companies' salespeople but I have appreciation for our salespeople if it means continuous employment for me and my colleagues.

I don't care much for IBM.

Ofcom waves DAB radio licences under local broadcasters' noses as FM switchoff debate smoulders again

Sandtitz Silver badge
Go

Re: But........

Please name and shame. Fiat, Ferrari, Lancia, Lambo, Alfa, Maserati...?

From Amanda Holden to petrol-filled water guns: It has been a weird week for 5G

Sandtitz Silver badge
Coat

good idea, except...

Unfortunately - for those of us who enjoy raspberry jam - you couldn't find any in the shops since it would be one more hoarded item.

Also, us legit buyers would need to don at least sunglasses and fake beard (or just Groucho glasses) before approaching the jam shelf. One might as well buy a whole 6-pack of toilet paper since you're already camouflaged.

Bose shouts down claims that it borked noise cancellation firmware to sell more headphones

Sandtitz Silver badge

I have the QC35 (home) and the newer 700 (work) in use. I haven't had any problems with either connecting them to computers or my iPhone. The iPhone apps also work just fine. They're pretty useless though and Bose has in their infinite wisdom decided that the different headphones require separate apps to manage.

Sandtitz Silver badge

Re: Er ...

"I agree, but the fact that this new firmware is supposedly being rolled out silently and without choice isn't good."

I don't know how that's happening since my Bose QC35 can only be updated if you have

1) installed the update software

2) have the headphones connected via USB to computer

3) visit the Bose update page

The phone app can only change settings, it can't update the firmware.

FWIW, my Bose QC35 headphones have been updated a couple of times in their life and I have perceived no change in the sound quality or noice cancellation effectiveness.

Boeing 787s must be turned off and on every 51 days to prevent 'misleading data' being shown to pilots

Sandtitz Silver badge

Well, duh, it's mentioned in the article.

Amazon says it fired a guy for breaking pandemic rules. Same guy who organized a staff protest over a lack of coronavirus protection

Sandtitz Silver badge

Re: Wow!

"Jeff Bezos just bought yet another $400m yacht, the 14th largest in the world."

Did it belong to Geffen?

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020