* Posts by elip

230 publicly visible posts • joined 18 Mar 2011

Page:

Switching customers from Linux to BSD because boring is good

elip

Re: Seems to work for the basics

Huh? I've been running various OpenBSD versions on various KVM versions for years, both in KVM-based clouds, as well as a guest on my own private plain-old CentOS 7.9 server as daily driver at work. What issue are you seeing with installing recent OpenBSD versions on KVM?

HPE GreenLake sales on the rise as branding tweaks include more lines

elip

Absolutely brilliant move! Amazing how HPE's GL customer numbers have sky-rocketed!!!

UnitedHealth's 'egregious negligence' led to Change Healthcare ransomware infection

elip

This guy is talking about something he knows nothing about. Not surprising given he's a sec company CEO. United Health only *recently* acquired Change and had not at all come close to integrating Change's networks with UNH's, which is why the impact was limited to Change Healthcare's network only, where yes, they did not use MFA for a lot of their internal systems (and still don't). However, UNH themselves has MFA across the board, and is heads-and-shoulders above their peers with regards to operational security.

Patch up – 4 critical bugs in ArubaOS lead to remote code execution

elip

Re: No idea what ArubaOS is[1]

It's just another plain old Linux based product...apparently folks at Aruba didn't feel like enabling long-standing protections against common buffer overflows.

Malicious xz backdoor reveals fragility of open source

elip

Re: Some OSS development introspection needed

28 dependencies you say? Sounds like you're using a system guided by a fool's philosophy (as you almost allude to) the symptom of one is including systemd by default. You keep deflecting from this fact, but the truth is, people with years of security research experience have been sounding the alarm on systemd for a better part of a decade...and here we are.

Here's what sshd is supposed to look like on any sane OS:

$ sudo ldd $(which sshd)

/usr/sbin/sshd:

Start End Type Open Ref GrpRef Name

000007a716e25000 000007a716f21000 exe 1 0 0 /usr/sbin/sshd

000007a9a3c39000 000007a9a3e73000 rlib 0 1 0 /usr/lib/libcrypto.so.52.0

000007a99f989000 000007a99f9a1000 rlib 0 1 0 /usr/lib/libutil.so.17.0

000007a928576000 000007a928595000 rlib 0 1 0 /usr/lib/libz.so.7.0

000007a97b991000 000007a97ba8a000 rlib 0 1 0 /usr/lib/libc.so.97.1

000007aa15be8000 000007aa15be8000 ld.so 0 1 0 /usr/libexec/ld.so

Change Healthcare attack latest: ALPHV bags $22M in Bitcoin amid affiliate drama

elip

Not quite: Change Healthcare is not a health insurer. The health insurer that owns them as of a couple of years ago, actually has its shit together with regards to security and network design. Change Healthcare itself is a Healthcare Tech services provider...the techies that should've known better, didn't. The whole place is a shitshow, but for sure their systems are a mess.

Tesla power steering probe upgraded after thousands more incidents reported

elip

Re: So, can't even get power steering right

I know the other recalls don't get as much clicks as anything to do with Tesla, but I'm sorry to disappoint you: all manufacturers have had vastly larger power steering recalls in the last 5-8 years.

elip

Yes, just *IMAGINE* if any other legacy car company's CEO had kept it business as usual while customers' ability to steer was completely impeded!...oh wait, this has literally happened to every car manufacturer on the planet. You complain about "MONTHS"...how about Toyota's latest that went on over a decade: https://static.nhtsa.gov/odi/rcl/2021/RCMN-21E103-0897.pdf

Only took Toyota 15 years to file a recall for this one. Good job guys! I wish this was the only power-steering recall for Toyota cars recently, but sadly, it is not.

This one's up there with the hitting-brakes-causes-car-to-accelerate bug Toyota had, which killed many many people, or the faulty-airbag-deployment-can-kill-you issue. No idea why the ignorant keep claiming that Toyota remains the highest quality car manufacturer, but there ya go. I personally prefer horse/ox/goat buck and buggy for my transport needs. No wasteful and deadly manufacturing processes, no exhaust or noise, and it runs on lunch/grass/brush.

Dell kills sweetheart distribution deal with Broadcom's VMware

elip

Re: OK, I'll bite

Citrix XenServer continues to be updated...though why anyone would want this piece of shit instead of using KVM I do not know.

elip

Re: OK, I'll bite

There are literally hundreds of different organizations that sell support services for all sorts of open source software.

IBM Cloud is upgrading a datacenter and users will have to halt their Power VMs

elip

I suspect you're correct. From what I've heard, IBM has literally outsourced their cloud management tasks to the lowest bidder.

HPE joins the 'our executive email was hacked by Russia' club

elip

No, they're only disclosing because they have to by law as a public company, and likely, because MS knew that HPE was one of the victims. Amazing incompetence all around at both companies.

Peregrine bows out with a bang as SLIM aims for Moon's rocky runway

elip

No Elon/Space X involved, so no Snark?

Where's the snark I keep hearing about?

Musk claims that venting liquid oxygen caused Starship explosion

elip

Re: Re:Musk being on the left?

*Clutches Pearls* Say it ain't so!! Not *THEE* Joe Rogan!!! That right wing nationalist that supported Bernie Sanders and Tulsi Gabbard presidential runs?!!! You orange-man-bad people, have completely lost your minds and are absolutely divorced from facts. Get off the internet.

1 in 5 VMware customers plan to jump off its stack next year

elip

I've been managing production applications across many disparate industries on KVM (and other open source hypervisors) for well over a decade now. Nobody needs a 'better solution', just good enough. There are many options. Nobody really needs or fully utilizes VMware's bloated crap.

Still got a job at the end of this week? You're lucky, as more layoffs hit the tech industry

elip

Re: No poets got fired last week.

Hmmmm...well, to be fair, maybe he just knows the name Ethereal?

DC elections agency warns entire voting roll may have been stolen

elip

Re: Actually, Florida sells this

Yes, *most* states do. Check the fine prints the next time you renew your driver's license.

White House: Losing Section 702 spy powers would be among 'worst intelligence failures of our time'

elip

Re: Amendment 4 anyone?

It never has been, but it has never been allowed to be challenged.

Twitter ad revenue has halved since Elon Musk took over

elip

Re: What about censorship?

It is indeed very bizarre to see these newer-generations-of-Reg-writers (where did the rational, older folks go?) pick on a failing social media site as if it was tech-news-worthy, for no other reason than them disagreeing with personal opinions of the owner. The reg has gone to shit. Guess they gotta pay for hosting *somehow*.

elip

Re: What about censorship?

Save your breath. This site's commentators turned boot-lickers around the same time the rest of the media got Trump Derangement Syndrome.

Server shipments fall ... just as AI drives demand for costlier kit

elip

An amazing amount of ecological waste, pollution, and destruction.

Is your AI hallucinating? Might be time to call in the red team

elip

Ahhh, and the blowhards start their inflation of the next worthless bubble.

SpaceX's second attempt at orbital Starship launch ends in fireball

elip

Re: Starship hasn't had the most successful history?

Clearly he'll get right to work on that, right after he's done with his few hours of internet shit posting.

IBM cheapens Oracle by delivering promised power-up for some POWER servers

elip

Re: Is this a true 24-core Power10 chip or a fake 12-core chip x 2 in a DCM?

No doubt about it, as someone who runs both Power and SPARC gear, I cannot believe people continue to pay the IBM POWER premium. The cost is staggering. The management software/middleware, just plain terrible. But hey, at least they started packaging OpenSSH with AIX 7.3. Only took em 20 years to catch on. :-D

Dell, HPE grind out infrastructure sales but signal customer caution

elip

>Those efforts to reduce expenses em to be paying dividends, though that will be of little consolation to those out of a job.

Actually, there's been no layoffs or announced layoffs at HPE. It feels weird even typing that.

FBI boss says COVID-19 'most likely' escaped from lab

elip

Re: Credible or not, the motivation is suspect

The Australian security forces were first to report the bio-leak/escape from Wuhan.

elip

Re: The FBI is way out on a limb here

I think he's still stuck in a past reality, where the average NPR hater, was an avid Fox News watcher. NPR lost credibility a long long time ago. Will be interesting to see how they approach this story as the mouthpiece of The State that it is.

'What's the point of me being in my office, just because they want to see me in the office?'

elip

Re: If everyone is back in the office..

Remember when the Register's comment section was the main reason for being here?

elip

Re: If everyone is back in the office..

Yes, this is our world now. Jokes need to be deconstructed and all art pieces come with a politicized explainer. Feel bad for the kids.

Gunfire at electrical grid kills power for 45,000 in North Carolina

elip

Re: probably wasn't an act of terrorism

Don't worry, soon they'll blame the Russians.

All the US midterm-related lies to expect when you're electing

elip

We're two years away, and Hillary's already warning the world that Republicans have a plan to steal the 2024 election:

https://www.washingtonexaminer.com/news/hillary-says-gop-planning-to-steal-2024-election

elip

No doubt. Go nuts with electronic voting machines, as long as we have a printed paper receipt at the end of the process, and we audit the papertrail, not just the 'infallible' electronic machines. Matt Blaze has done a lot of work on this. He must now be a far-right fascist though.

elip

He may think highly or himself, but buying some Facebook and Twitter ads, isn't very serious interference.

elip

Yes, it has been a wild ride since 2016, watching the right wing and left wing completely reverse their long-standing opinions. I don't know what's up or down anymore.

elip

Hah! Yes indeed...apparently the election-is-going-to-be-hacked mis-information is coming from the 'right wing' according to this article...hmmmm...let us see what they say after the GOP sweeps. I'm going to guess the 'left-wing' will be the one spreading the 'election was hacked' mis-information as they did during their Russiagate years.

PayPal decides fining people $2,500 for 'misinformation' wasn't a great idea

elip

Re: Quis custodiet ipsos custodes

I found the weird slant in the article pretty confusing. Random mentions of unrelated Elon Musk tweets, adjectives where adjectives weren't necessary, etc. Hmmm.

elip

Re: Think who this is targeting

His statements also align with most of the stances of the Nordic countries.

AWS launches fresh challenges to on-prem hardware vendors

elip

Now I've seen everything. The first cloud provider, realizing most of its 'valuable' customers are hybrid-cloud, and are likely to stay that way forever, is going after their on-prem competition. This will not end well for Amazon, but I'm glad they're at least trying. Google is doing the same thing, but is pointing their customers looking for a physical 'as-a-service' offering to HPE. Much more pragmatic move in my opinion.

"Selling the Gateways through the channel means AWS has the muscle to challenge on-prem storage vendors like never before."

^^^ This is a bit of a stretch. Amazon's storage box cannot hold a candle to any existing large storage array. They're decades behind.

Google cancels bi-annual performance reviews, shifts to GRAD system

elip

Always strange to see this line parroted

"The Great Resignation, which began in spring last year and continued until the fall when the quit rate in the US climbed to a two-decade peak, is forcing companies to consider ways to retain valued staff."

Ways to retain valued staff are varied, but mostly boil down to this one thing: give your people raises to *at least* match the real-world inflation. In the US this would've been between 12-16% last year. I work at one of these tech behemoths, and by and large, everyone got 2% (unless you threatened to quit). Why would I not scale down my productivity by 10-14% in such a market as dictated by market conditions?

Oracle creates new form of free Solaris

elip

Re: Slowlaris? Seriously?

hehe. Only on the most critical of workloads.

Oracle offers migration path for Solaris 10 apps

elip

Re: A lot of Solaris boxes still around

Yes, still developed and aggressively. They put out a new SRU for Solaris 11.4 monthly.

Review: Huawei's Matebook X Pro laptop is forgetful and forgettable

elip

Re: Come on

I agree, this struck me as an odd way to start this review. As if setting us up for the rest of what is to come.

Frankly, if my choice of network kit (some bits I'm in charge of currently) comes up and it's between Cisco (way overpriced, and with known backdoors, and a very poor security record) and Huawei (moderately priced, "alleged" backdoors [none alleged by actual infosec pros but by beaurocrats], and *some* bungled releases from a security perspective), it'll be an easy one to make.

'This is the new normal,' Microsoft tells US workers: Work from home until further notice

elip

Re: Wow.

Don't worry, COVID's not that bad for 99.6% of the population. I assume you've been living right, sleeping right, treating your body like the temple that it is, and making sure your immune system can fight off relatively benign infections like any sane person would have...right?

elip

Hmmmm. The best thing for *everyone* for the *long term* (as in hundreds, thousands of years) is no vaccination, and very little medicating of society period (yes, that means people will die). If you want targeted vaccines for the feeble among us, go right ahead, but it makes zero long-term sense to mass-vaccinate healthy people, especially the young.

elip

Re: Leftanistan

Probably had something to do with at least a majority of people understanding death and dying from a young age due to experiencing farming/raising animals/slaughter etc. It's a deranged society that believes in striving for absolute "bio-safety" as if it's a possible goal.

elip

Re: Leftanistan

You continue to have a higher likelihood of dying from a fall than from COVID. I know!! I was shocked too!

elip

Re: Leftanistan

Ahhh yes, but COVID is not smallpox or polio is it? Not quite a fair comparison.

Google's newest cloud region taken out by 'transient voltage' that rebooted network kit

elip

Re: My personal computer could survive this

Nah...I was involved in helping google figure out basic data center power, DC cooling, Linux, UNIX, storage issues after they acquired a company I worked at, and proceeded to screw the pooch on a thoughtlessly executed data center migration (that was wholly based on marketing of the new location [in their words - "to enable us to hire younger engineers"], *NOT* on any technical requirements post-acquisition). They truly don't know what they're doing when it comes to data center ops compared with companies who had been doing it 6+ decades. Their engineers I worked with believed all workloads were easy to understand and troubleshoot. It was beautiful watching them scramble as they failed to understand one protocol after another. :-P

Sysadmins: Why not simply verify there's no backdoor in every program you install, and thus avoid any cyber-drama?

elip

Re: We Just Advise, We Don't Implement

>For just one, where are all of these new experts with access to every app's source code supposed to come from?

I was one of these "experts" as you call them. It was part of my sysadmin gig. Maintain the tool chain, audit new toolchain requests, continuously audit the infrastructure, move slow especially when devs want you to move fast, etc. This wasn't exactly a safety-critical industry either - we made consumer electronics - tvs, computers, phones, cable set-top boxes, walkie talkies, etc.

Most of us were laid off, I suppose you can just re-hire us from the unemployment lines?

The goal is not to get access to *every app's source code*, the goal is to not even allow the app onto your network to begin with. It's really not that hard man. This place where I worked at was around 2004 timeframe, and it was for sure happening decades before then in safety-critical work spaces. Lets stop making excuses for doing the responsible and prudent thing, for the sake of cheap, low-quality and often unsafe goods.

elip

Re: Linux proves that doesn’t work

Yet, I used to work for an organization just like this, and validated 3rd party code as part of my sysadmin duties *not* because somebody specifically asked me to do it, but at that time, it was just a standard part of the day job in my opinion. It was simply the right thing to do. Turns out society and our customers just wanted cheaper and cheaper shit, and eventually they got it. Enjoy the fallout folks!

Page: