* Posts by DavidRa

136 publicly visible posts • joined 1 Feb 2011

Page:

'Gay furry hackers' say they've disbanded after raiding Project 2025's Heritage Foundation

DavidRa

Re: ...not that we're judging or anything

Not that we're judging? On the contrary, I propose that we judge away, and harshly at that.

Nasty regreSSHion bug in OpenSSH puts roughly 700K Linux boxes at risk

DavidRa
Meh

Re: 2024 finally Year of the Windows desktop

Yes it is OpenSSH but it's not like Windows uses glibc and UNIX signals. I suspect that might make it *slightly* harder to exploit on Windows.

Microsoft to tackle spam by restricting Exchange Online bulk email

DavidRa
Unhappy

Spam can diaf, but this hits actual legitimate senders

And by legitimate senders I mean things like mailboxes for your helpdesk platform for customers, your CRM etc. Just doing the maths for one app we have, it already has an extended-for-us limit of 2500 external recipients a day and we get to about 30% of the limits on a normal day and 70% on a busy day.

It's integrated with office 365 because that's where our other mailboxes are.

And now Microsoft wants more cash for the same function. We could send much more with on prem Exchange when we needed to, but cloud says no. We're not even a huge company - fewer than 20 staff.

And yes, we'll need to switch to ACS or similar. When the app supports that configuration, which it doesn't now and it isn't on the roadmap - oh yay more development cost because Microsoft wants more profits.

Microsoft veteran on how to blue screen your way to better testing

DavidRa

Re: Better testing

You said, "There is a better way and that's proven by the fact other OS don't have that same problem."

Unfortunately you seem to be unaware of the concepts of a UNIX/Linux/BSD/OSX kernel panic, original Mac "bomb" crash, which are all pretty much the same thing.

Something went wrong and continuing with error checks might corrupt things, so the safest thing to do is "Halt and catch fire". And it's a balancing act. Want stability? It'll cost more and/or be slower. Pick your poison.

As Broadcom nukes VMware's channel, the big winner is set to be Nutanix

DavidRa

AOOStar and MinisForums

There are a couple of different options I have found. AOOSTAR has some NUC-sized AMD units that have dual 2.5Gb networks plus wifi, three PCIe SSDs and up to probably 64GB of ram in the new one, and MinisForums put out the ms-01 recently with I think three SSD locations, dual 10Gb and dual 1Gb networks and a PCIe slot. That one supports 64GB but unofficially I've seen reports of 96 GB working.

I have a recent AOOStar unit and so far, so good.

What I haven't managed to find is a NUC / NUC+ sized box that will take 128GB or more.

Microsoft tests ‘Suggested Actions’ in Windows 11. Insiders: Can we turn it off?

DavidRa
Devil

Re: Just. Stop.

Well naturally. Why else are they so hellbent on ensuring that every machine is signed into a Microsoft account, even the ones that are isolated from the internet?

Atlassian boasts strong Q3 revenue growth in wake of two-week outage

DavidRa
Paris Hilton

Incompetence you say? All they did was create an internal API to unquestioningly and permanently delete things by number, and passed the wrong number to it. 800+ times. Because no-one noticed the wrong numbers were supplied.

Could happen to anyone!

Paris is looking at the list of IDs to be submitted to the API...

Free enterprise systems management tool Uyuni releases stable version

DavidRa

Meh, still needs openSUSE as the server

It does look like a great idea and is probably a good tool, but demands openSUSE for the server. So unless you're using it already, it's another Linux to learn and understand (while the base is the same the foibles matter a LOT).

Were it possible to deploy to Debian or Centos then maybe I'd consider it more thoughtfully.

Microsoft reveals revamped Azure CDN – in two editions

DavidRa

Ugh timing Microsoft!

I literally deployed Azure CDN today, brand new for a customer. The beauty of CDN plus storage account was low cost - I had a small static website that would have been literally cents per month. This change ratchets the costs up about 10000%. Couldn't you have waited a week till the project closed!? I would have avoided all the angst!

BOFH: The Geek's Countergambit – outwitted at an electronics store

DavidRa

Re: 3gb

Gave up on Seagate...

Don't know who makes all these now, but not one ever failed me.

Mostly Seagate and Western Digital.

Alert: Let's Encrypt to revoke about 2 million HTTPS certificates in two days

DavidRa

Re: Would be really nice

Thank you Bernard, that will be quite enough.

Say what you see: Four-letter fun on a late-night support call

DavidRa

Re: File a bug report to the manufacturer

The problem is that people don't read them anyway. Perfect case in point would be an error message that says

"Please call the help desk on 555 5555 and say that the Rostrum app had error Bingo"

They call and what you're told is that

* I can't log on

* There's no error message

* Windows is broken

* It's definitely not the same Bingo problem in Rostrum that twenty people have reported.

How do you make that any clearer?

GitHub's npm gave away a package name while it was in use, causing rethink

DavidRa

Re: In this case I think the correct decision was made.

I'm not so sure it's entirely on the dev. Surely part of the check before releasing the name should have included checking simple things, perhaps like "whether the bloody thing had been updated in the past year". I recognise that there are statements about "fixing the process" but really, given there was evidence of continuous use, it should be more like the ICANN result where the original owner gets it back.

Is it broken yet? Is it? Is it? Ooh that means I can buy a sparkly, new but otherwise hard-to-justify replacement!

DavidRa
Devil

I'm feeling personally attacked

How dare you sir? What gives you the right to denigrate me in this fashion? I'm shocked and appalled.

BOFH: I'm so pleased to be on the call, Boss. No, of course this isn't a recording

DavidRa

Re: Sorry I'm late

Is there any chance that some of them, or perhaps all of them, are... Alike?

Hi, Congress. FTC here. It would be so wonderful if you could let us recover money stolen from victims by crooks

DavidRa
Devil

Re: What's going on?

Just being deliberately obtuse perhaps, but this stance is consistent with the US stubborn belief that perfectly free markets are wonderful and business is the only thing worth supporting.

Allowing clawbacks for fraud opens businesses to such oppressive actions like having to deliver what's been sold lest the business have to refund.

I know it's not actually that had but it sure seems like it sometimes.

iFixit wants you to be legally able to break software locks to repair gizmos. Unsurprisingly, manufacturers are less keen

DavidRa

Re: Environmental repair tax

I am thinking of the company profits, and how good they'll look when not needlessly extracted from the pockets of the customers.

Microsoft previews Windows Server 2022: Someone took a spanner to core plumbing features

DavidRa

Re: Holds hand up....

I also prefer Core where possible but it's no longer true (if indeed it ever was) that there are fewer updates and reboots. Microsoft shot that idea down the moment they moved from individual updates to the CU model. Core and Desktop receive the same packages, same size and they install in about the same time on each.

I suspect I'm neither the first nor only person to call it the Cumulative Update for New Technology model on the back of Windows historical designation.

Buggy chkdsk in Windows update that caused boot failures and damaged file systems has been fixed

DavidRa

Re: When is it safe to make the jump?

For goodness sake. Windows 10 is more than five years old at this point. Windows 7 hasn't received security updates for a year.

You can pretend all you want that you're waiting to see what happens but reality says you've made the decision already to stay on old and familiar but increasingly insecure.

In my view you're the "XP is best" dinosaur from late Windows 7 timeframes.

What does my neighbour's Tesla have in common with a stairlift?

DavidRa

Re: EVs = bad for planet, bad for poor people, bad for practicality

I've considered the idea of solar + battery cars in the past, but even with double the efficiency of modern solar, I'd need 6m2 of panels for the daily (220km) commute. I think I'm an outlier, but I don't think the fit for many will be as promising as Aptera suggest (since lots of parking is underground, for example, you're not going to get charged while you're away from the car).

Can't fault them for trying though.

Travel agent leaked customer data by – this is embarrassing – giving it away in a hackathon

DavidRa

Re: Postcodes [in the UK] can be personal too

It's not quite that simple though. Some postcodes in Australia cover quite large geographical areas with lots of people, others cover large areas with a few people, and still others might cover just a few suburbs in Sydney or Melbourne.

Wikipedia - Postcodes in Australia gives a few examples of extremes.

Given those sorts of examples, most Australians probably won't think of a postcode as being able to directly identify people.

Italian competition watchdog slaps Apple with €10m fine over allegedly misleading iPhone waterproofing claims

DavidRa

Re: Own Goal

Yes, but we dont then keep it at 97C despite being told that it is too hot and goes against policy which states it is supposed to be 80C. And continue doing so after complaints that it was too hot, because it saves $2 in replacing it over the course of the day.

Microsoft pledges to give Teams users multi-account sign-in then reels it back to one work and one personal

DavidRa

Browser profiles are the shiz for this

The trick here is to use Profiles in Edgium (I think it's called Profiles in Chrome too?) to separate out your personas. I have between 4 and 10 on the go at any one time - one for my company, and one each for every O365 or Azure customer.

Also, if you can get yourself onto the CSP program, you should be able to set up the tenants so you log in once, and have delegated access to the other tenancies; you can then switch between them using links at the top of the various admin portals.

Let's Encrypt warns about a third of Android devices will from next year stumble over sites that use its certs

DavidRa
Devil

Support old devices? What are you, a socialist or something?

Because if they support older devices, people who won't purchase new devices won't purchase any new devices and they might miss out on ten cents of advertising revenue. This is horrifically bad, because that ten cents of revenue might mean that the shareholders would need to spend 10c of their OWN MONEY for the 600 foot power yacht.

And apparently we can't have that.

With so many cloud services dependent on it, Azure Active Directory has become a single point of failure for Microsoft

DavidRa

Re: How it will all work out.

I believe the draft name is "Edge Computing" - locating the compute close to the users and data.

What a concept.

Oracle hosting TikTok US data. '25,000' moderators hired. Code reviews. Trump getting his cut... It's the season finale

DavidRa

Stop trying to look behind the curtain! There's nothing behind the curtain. Also, the emperor's clothes are fantastic.

Why cloud costs get out of control: Too much lift and shift, and pricing that is 'screwy and broken'

DavidRa

Re: I can see it now

I believe the new hotness is Edge Computing. Get the compute and services out where the users are for latency and performance.

Also known as on premise.

The point of containers is they aren't VMs, yet Microsoft licenses SQL Server in containers as if they were VMs

DavidRa

So your contention here seems to be that a SME with a need for SQL Server to support a line of business application for 50 users on 4 cores in a VM or container should pay the same as a large multinational who want to support 5,000 users on bare metal and 128 cores.

I don't agree with that opinion at all.

If you don't want to pay the licenses, buy or build a solution that doesn't require them. Otherwise - it's a business, pay for the software.

Brit MP demands answers from Fujitsu about Horizon IT system after Post Office staff jailed over accounting errors

DavidRa

Re: Any chance

I was given to understand that an EW is there on behalf of the court (and therefore "called" by the presiding judge), not either of the parties to the action. It seems that would be the only reasonable way to have someone who is impartial in their role as the EW (and specifically that's because they are _seen_ to be impartial as well).

Microsoft! Please, put down the rebrandogun. No one else needs to get hurt... But it's too late for Visual Studio Online

DavidRa

Re: Questionable value

Honestly, I've spent five weekends and countless nights trying to get K8s to run in a truly HA mode in my lab (3 masters, shared storage for volumes and 2+ workers). I've read dozens of K8s guides, 95% of which build an "HA" environment with a single cluster master accessible only from the master itself.

The other 5% are outdated (even though at least one was only 4 months old, it referenced a process that had been replaced two months prior to the guide date) or plain don't work as written.

At this point K8s feels like ivory tower academia desperately pretending it's open but rabidly protecting its IP so it *can't* be replicated on premise. That's not really a recipe for a future in which I want to be building IT.

That in turn means that I don't currently see containers as a way out of the cloud mess, in case it's not clear.

Spyware slinger NSO to Facebook: Pretty funny you're suing us in California when we have no US presence and use no American IT services...

DavidRa

Re: Class action suit?

I rather suspect that admitting that is irrelevant - wouldn't it be the case that only the owner of the mobile device would have standing (in the legal sense) in a disagreement about the specific devices?

After all, Alice can't sue Bob for Bob breaking into Candace's computer, right?

Is Chrome really secretly stalking you across Google sites using per-install ID numbers? We reveal the truth

DavidRa

Your information is out of date. Edge Stable has been available for several weeks (both v79 and v80 are in stable, and those map closely to Chromium versions with the same inflated numbers). While there are Dev and Canary channels (and I run in Dev) it's definitely wide release as of Jan 15.

And as far as I can see, Edgium doesn't send the X-Client-Data header (nor did it seem to have an equivalent for Microsoft properties so it seems to be MORE privacy conscious than Chrome).

I don't get the continued FUD about Microsoft hoovering up info - unlike Google where you don't pay for stuff (which supposedly means you're "the product", right) you do pay MS. And regardless of all the noise about it, I've never actually seen anyone show any data suggesting that MS really is copying everyone's hard disks to the cloud. Even when all the "privacy invasions" are left on.

DavidRa

Re: PII leak

While that's true, it doesn't mean they have (or that there won't be some kind of process failure that releases one of the stragglers to someone else).

Fed-up air safety bods ban A350 pilots from enjoying cockpit coffees

DavidRa

Re: Euphemisms

As opposed to the "CFIT" designation - Controlled Flight Into Terrain.

Remember when Europe’s entire Galileo satellite system fell over last summer? No you don’t. The official stats reveal it never happened

DavidRa

Re: European Space SLAs

's water music was referencing a song by Tom Lehrer, "Wernher von Braun".

A Notepad nightmare leaves sysadmin with something totally unprintable

DavidRa

Re: Support ticket

Not quite. The Exchange 5.5 Admin console had a nasty habit of not committing changes with the OK button, leading to those who administered Exchange being rapidly conditioned to clicking both in sequence.

That code that could never run? Well, guess what. Now Windows thinks it's Batman

DavidRa
Go

Re: Assume the worst

That was (and still is) a neat little trick in the languages that allow it. I recall that was the reason that my rubber-banding worked properly (1993 Xterms being what they were) and in near real time - most of the others were about 3x slower than real time and if you followed the absolute dunce-cap algorithm in the provided materials, 9x slower.

For clarity, when drawing an ellipse with this particular library, you had to nominate the top left and bottom right corners - so if you started in the wrong direction you'd get undefined results or crashes. The provided algorithm was something like:

if ((x1 < x2) && (y1 > y2)) { swap (y1, y2); }

if ((x1 > x2) && (y1 < y2)) { swap (x1, x2); }

if ((x1 > x2) && (y1 > y2)) { swap (x1, x2); swap (y1, y2); }

if ((x1 > x2) && (y1 > y2)) { }

And yes, swap() was the 3 variable load/store, as a function. Replace with the passthrough macro version of SWAP, optimise the compare/swap:

#define SWAP(a,b) (a ^= b ^= a ^= b)

if (x1 > x2) SWAP (x1, x2);

if (y1 > y2) SWAP (y1, y2);

And done.

Bad news: 'Unblockable' web trackers emerge. Good news: Firefox with uBlock Origin can stop it. Chrome, not so much

DavidRa

What always amazes me is that the advertising companies must have technical folk working for them. Why then do those technical people assist the marketroids? I couldn't in good conscience do that kind of deep analysis work to assist an ad-slinger - and I find it near incomprehensible that others sell their souls that way.

DavidRa

Re: Chrome or Chromium?

Seems likely, since the extra JS methods/functions would need to be added to the DOM in source.

Think your VMware snapshots are all good? Guess again if you're on Windows Server 2019

DavidRa

Re: Backups

It's called VSS, but it's new technology (only available since Windows 2003) so I'm not surprised some vendors haven't gotten around to fully supporting it yet.

Normally I'd expect installing VMWare Tools to provide the conduit between "host wants an application-consistent snapshot" and "call VSS function to quiesce IO properly". It's probably less than two hundred lines of code including proper error checking (I say 200 because I expect the bare call is probably ... 5).

Linky revisited: How the evil French smart meter escaped Hell to taunt me

DavidRa

Re: obligitory

The topologist will point out that they are in fact identical.

The mod firing squad: Stack Exchange embroiled in 'he said, she said, they said' row

DavidRa

Re: Good riddance!

> (BTW, I prefer to be refereed to as "Oi You" although "You Bas****d" is also acceptable).

Identity theft is NOT a joke.

We asked for your Fitbit horror stories and, oh wow, did you deliver: Readers sync their teeth into 'junk' gizmos

DavidRa

Remind me again where the phone is going to be to measure your heart rate while swimming, running or biking, count laps and provide basic info such as the SMS from your SO (which might mean an emergency)? I too was a naysayer until that specific need (swimming data/analysis) presented itself. The alternative would appear to be a heart rate band and the phone app, which would seem to provide no significant benefits and some detriment when compared to the wristwatch.

DavidRa

"Pointless" last word

The GP seemed to display a remarkable inability to conceive of situations that are not a perfect match to his own, and I submit therefore that the epithet under subsequent discussion was in fact both appropriate and deserved.

Literally braking news: Two people hurt as not one but two self-driving space-age buses go awry

DavidRa

Re: Physics will still be applied

Well, if they situate themselves correctly, they'll at least get a kiss before they pass on.

Even if that is likely to be a Liverpool kiss (that one was safe at time of writing, but YMMV).

The in and outs of Microsoft's new Windows Terminal

DavidRa

Re: "It still has a local console for when the worst happens"

All the more reason to install Core, I'd say.

Google may have taken this whole 'serverless' thing too far: Outage caused by bandwidth-killing config blunder

DavidRa

Re: Latency sensitive workloads

That would never happen, because everyone is so organised and time-rich thanks to our new automation overlords.

What the #!/%* is that rogue Raspberry Pi doing plugged into my company's server room, sysadmin despairs

DavidRa
Joke

Re: LOL Reddit

Oi, who are you calling calm and rational!?

Sure, Europe. Here's our Android suite without Search, Chrome apps. Now pay the Google tax

DavidRa

Re: Chaos

This feels like a "because they can" scenario. They figure the phones without Play Store will be less desirable and thus they can double/triple/quadruple charge for the service (charge the phone manufacturers for the right to put an icon on the device, charge the developers 15-30% - I can't remember the actual number - for Play Store access), and no doubt if they figure out a way to do it, charge consumers extra and possibly telcos too.

Rookie almost wipes customer's entire inventory – unbeknownst to sysadmin

DavidRa

Sure they did, but the universe invented better idiots

Of course. However, the incompletely-experienced often choose to force bypass that configuration. For example, a lot of systems aliased rm to "rm -i" by default, which would force interactive confirmations. People would then say "UGH, I hate having to do this" and add their own customisations to their shells/profiles etc:

unalias rm

alias rm=rm -f

Lo and behold, now no silly confirmations, regardless of stupidity/typos/etc.

Page: