* Posts by storner

94 posts • joined 25 May 2011


Real-time tragedy: Dumb deletion leaves librarian red-faced and fails to nix teenage kicks on the school network


probably gopher

Those were the days...

Internet use up 40 per cent in San Francisco Bay Area – but you know what’s even higher? Yep, alcohol, weed use


Re: Makes sense

Not strong enough, I'm afraid. To kill off the corona kritters you need something around 85-90% proof, which is much higher than you'll get in any fine scottish malts.

And no, using two glasses instead of one won't do the trick. You are much better off just drinking them.

Brits may still be struck by Lightning, but EU lawmakers vote for bloc-wide common charging rules

Paris Hilton

Could someone explain what the problem is with Apple stuff?

My iPad chargers have a completely standard USB output, it's only the cable that has a Lightning connector on one end. So what's the fuss about chargers?

IMNSHO, standardizing wall plugs would make a lot more sense.

(Paris, because I'm sure she doesn't understand either --->)

Welcome to the 2020s: Booby-trapped Office files, NSA tipping off Windows cert-spoofing bugs, RDP flaws...


Re: So...

The difference is that going forward, these bugs will get fixed in Windows 10. Not so on Win 7.

But of course, the only secure computing device is one that is powered down, all cables unplugged and put inside a Farady cage...


Every day is patch day

Linux Weekly News lwn.net summarizes the security updates issued by various Linux distributions. There usually is a handful every day.

Intel teases NUC-leheads with new desktop-class graphics systems and a fast i9 CPU

Paris Hilton

Re: Too expensive

They do have one significant advantage: The WAF (Wife Acceptance Factor). It's the only kind of pc-style box permitted in the living room to power my media center (MythTV on Linux) - anything else was vetoed as too big/klunky/noisy/ugly.

For bonus points I replaced the minitower PC in the office at home with a second NUC. A bit pricey - sure, but much cheaper than an iMac.

Cheque out my mad metal frisbee skillz... oops. Lights out!


Re: Cheques still relevant... at leastt for someone

We're so digital here in DK that cheques can no longer be used. Card only, or cash (and I suspect that will disappear soon).

Space Force is go, go, go! Because we have a child as President of the United States

Black Helicopters

Actually - no, that will be *chinese* money. The US funds lots of government projects by selling state bonds, and China is one of the largest buyer of those.

Bon sang! French hospital contracts 6,000 PC-locking ransomware infection

Thumb Up

Have an up-vote on me.

Even to extortionists, some targets should be definitely off-limits: Hospitals, emergency services, Red Cross and others who are working hard to make sure the rest of humanity stays alive.

What happened to morals and the honest thiefs ...

The safest place to save your files is somewhere nobody will ever look


Okay, 'fess up

How many of us IT pro's do something similar - keep tons of files in odd places?

Personally, I tend to hoard all sorts of stuff in my Downloads folder - so much so that I have subdirectories there. Bloody annoying when working from home without my company laptop because this folder is not synchronized to OneDrive.

Linky revisited: How the evil French smart meter escaped Hell to taunt me


Re: I don't know why you think that

Surely it has to be a *french* company supplying the meters, so the engineers would have some interest in keeping them working ...

Nine words to ruin your Monday: Emergency Internet Explorer patch amid in-the-wild attacks


Re: Not showing...

From the advisory linked to from the article:


Will an updated Windows Update offline scan file, Wsusscn2.cab, with this new security update be available?

No, an updated scan file will not be available until the next security release in October 2019.

Hold up, ace. Before you strap into Firefox's latest Test Pilot, ask yourself...


Re: As usual, with open source applications, you should ask yourself "where do the money come from?"

Why not? He only woke up at 11PM

Snoops can bypass iOS 13 lock screen to eyeball your address book. Apple hasn't fix it yet. Valid flaw? You decide


Low risk - hmm ...

I know of several people who store passwords in their contact lists. Anything from Facebook and Gmail to the PIN-code for their rately used credit card.

Yep it is a stupid idea and they should use a proper password manager, but changing habits from what you did back in the Nokia days is hard.

Here's a top tip: Don't trust the new person – block web domains less than a month old. They are bound to be dodgy


Re: How do you tell their age?

"block them in the browser and make you click through"

Ordinary users click on anything. It's a no-brainer (literally).

Bad news: Earth is not going to be walloped by asteroid 2006 QV89. Good news: Boffins have lost sight of it, so all hope is not yet lost


No wonder they cannot find it

It was a scout ship for the Klingons.

I don't have to save my work, it's in The Cloud. But Microsoft really must fix this files issue

Paris Hilton

Re: Lets step back a bit

I'm with you on that one - it is one of my favourite features of Notepad++ that you can open a new file, and it will automagically be saved somewhere in the bowels of the programs filespace until you do give it a proper filename yourself.

Now, where was that configuration file template - "New file 283" or 316 ...

--> Paris 'cause she never thinks about saving, only spending.

Meet the Great Duke of... DLL: Microsoft shines light on Astaroth, a devilishly sneaky strain of fileless malware


Re: And this ..

"curl | bash as root"

Used? Yes (by some)

Typical? Hell no!

Go fourth and multi-Pi: Raspberry Pi 4 lands today with quad 1.5GHz Arm Cortex-A72 CPU cores, up to 4GB RAM...


Re: Good stuff

Couldn't you do that with multiple VLAN's on the Ethernet interface?

Sex and drugs and auto-tune: What motivates a millennial perp?


Re: 30 Years Ago

Usenet existed more than 30 years ago. Tiny pictures were posted on alt.sex.pictures in uuencoded form split into multiple posts because the size of posts was limited to a few kB (yes, KILO bytes, not MB), so you had to download each post, strip off the headers and run it through uudecode before viewing a tiny 200x140 pixel image on your 640x480 16-color CGA screen.

Nowadays 12-year olds post selfie-porn on social media.

Yup, progress.

Planes, fails and automobiles: Overseas callout saved by gentle thrust of server CD tray


Ah the old push-out-the-cd-tray trick

Been there, done that. Sadly servers have no cd trays these days so, you have to rely on the labelling done by underpaid contractors <shudder>

DXC Technology seeks volunteers to take redundancy. No grads, apprentices, and 'quota carrying' sales folk


I only have two words for CSC/DXC employees:

Get out.

That's a hell of Huawei to run a business, Chinese giant scolds FedEx after internal files routed via America


No way. The Royal Mail equivalent around here (Denmark) takes minimum 5 days to deliver any letter or package. I suppose they need to ship them via GCHQ to make sure the t-shirts I ordered haven't been infested with some evil RFID chip...

They're clever enough not to have the rerouting show up on the tracking page, though.

(Yes I will go take my anti-paranoia pill now, don't worry).

We regret to inform you the massive asteroid NASA's all excited about probably won't hit Earth


Bugger ... I was planning to retire on June 16. Might as well cash in my pension plan right away.

Take your pick: 0/1/* ... but beware – your click could tank an entire edition of a century-old newspaper


Re: Cripes I'm way too old

It is "mémoires digitaux", if I recall my french correctly.

(coat, obviously)


Earth slide? Well, yes ...

There was a time when I worked for CSC as admin on some systems which a large insurance company had outsourced. My experience was in web middleware (Weblogic, Websphere and that sort of stuff), but this particular installation had a mission-critical installation using Oracle Forms. Which is tightly tied into an Oracle database.

Well, I was deploying a deployment of an update to the Forms application on a Friday evening, and was running short on disk space. So I took a look around and found a directory with a bunch of <whatever>.LOG files taking up a lot of space. Since logs were being collected on a central server, I assumed these had to be something which could be wiped and promptly did a "rm -f *.LOG".

Little did I know that an Oracle database keeps all pending transactions in a transaction logfile, aptly named <whatever>.LOG ...

So after moving the new forms files into place I tried starting the database and got a completely unknown error, but enough for me to recognize that those logfiles probably were a bit more critical than I had assumed.

My good luck was that the database had been shut down when I deleted the logs, so after a frantic bit of google'ing and some Oracle commandline magic the database finally did start without any loss of data.

I have to admit I kept this to myself, but from then on I insisted that there was a database admin on call for future deployments.

Schneier: Don't expect Uncle Sam to guard your web privacy – it's Europe riding to the rescue

Big Brother

Re: One niggle

As seen from this (eastern) side of the pond, it is not only the US politicians who are clueless. The general population know even less about how surveillance capitalism work, and will happily divulge any and all personal details if only there's a chance of winning a free doughnut.

It really is the same thing in Europe, we are just lucky that our politicians - miraculously, I have no idea how it came to be! - implemented reasonable privacy measures with the GDPR.

The Large Hadron Collider is small beer. Give us billions more for bigger kit, say boffins


Re: New name needed

Since there is always going to be one more accelerator, we need something that extends into infinity. Like numbers.

So I suggest "Particle Coliider 0", "Particle Collider 1" etc. Abbreviated PC1, PC2 ...

Dozens of .gov HTTPS certs expire, webpages offline, FBI on ice, IT security slows... Yup, it's day 20 of Trump's govt shutdown


Re: Operational Incompetence

Indeed you can, that is common sense practice. The remaining days are usually added to the new certificates lifetime.

You were told to clean up our systems, not delete 8,000 crucial files



Sounds like backing up those harddisks were not on Sam's agenda. Considering the reliability of harddisks back then, maybe it should have been.

The Palm Palm: The Derringer of smartphones


I'll take the revived Nokia 3310 instead, thank you

Granted, it is 2 cm longer, and weighs 18 grams more.

But it only costs 1/10'th of this little critter.

Expired cert... Really? #O2down meltdown shows we should fear bungles and bugs more than hackers


Because certificates typically expire after 2-3 years - beancounters and bosses cannot see that far ahead (except when pulling "strategies" out of various orifices).

Even the IT monkeys doing the renewals have moved to new offices at least 3 times, so that two your old calendar with the post-it notes? Noone remembers what it was for, so it goes down the bin.

Microsoft promises a fix for Windows 10 zip file woes. In November


'Users will be relieved to know that the team is indeed actually looking at feedback, even if it seems to be skipping the “stop the thing deleting my stuff” entries in favour of “make search a bit faster.”'

You don't seem to understand that these two work together. With all user files deleted, there is a lot less to index. Hence search runs faster.

What a crane in the ass: Bug leaves construction machinery vulnerable to evil command injection


Re: Never should be remotely controllable in the first place

"Heavy machinery, especially something that if mishandled can kill hundreds, is not something that should be fully-controlled by software."

In that case, most commercial airplanes would have to stay on the ground.

UK cyber security boffins dispense Ubuntu 18.04 wisdom


Re: Good idea.

As others have mentioned, sudo gives you much more fine-grained control over who is allowed to do what. But there are other advantages over plain su:

- You have an audit trail of who ran which admin command when. For some of us, that is a compliance requirement.

- Communicating a shared password is difficult. Tends to happen via e-mail which is NOT secure.

- When you have 20+ servers, changing the administrator password because Joe Admin left the company is not so simple.

- Passwords can be cracked or leaked, so a security compromise of one server quickly becomes a site-wide problem (unless you use unique passwords, which complicates the distribution issue further).

I try to avoid passwords as much as possible, to the extent that my personal servers do not have passwords (a '!' for the password field in /etc/shadow). Logins can only happen via ssh using SSH keys or certificates, and sudo is setup to require a one-time password or physical token (Yubikey). If you must use passwords, at least make sure you keep them centralized (ldap directory or similar).

In other words, think about how you implement security instead of just bashing some random tool based on a 7 year old forum post.

Rowhammer returns, Spectre fix unfixed, Wireguard makes a new friend, and much more


Re: What's wrong with OpenVPN?

As you said, OpenVPN does what it claims to do - nothing wrong with that. But Wireguard does have some things going for it:

1) It doesn't rely on OpenSSL for encryption, so there is a whole lot less code to audit if you want to check for security problems

2) It is a kernel module implementation (at least on Linux), so the processing overhead is much smaller and it should be able to scale to wirespeed while handling multiple connections. It also means that it works like any other network interface, so the usual configuration files and network scripts will take care of running your VPN.

3) Authentication and setup is much simpler, since it is a trust-on-first-use so no need for setting up your own CA.

Have a look at it, it does work quite well.

Sysadmin hailed as hero for deleting data from the wrong disk drive


Oracle too ...

Had a database server bickering about being short of disk space. Without knowing much of Oracle internals, I found some very large *.log files lying around and promptly deleted them - I mean, there's no need to keep those old system logs, right?

So I learned the hard way what database transaction logs are. And how to convince Oracle to create a new set of transaction log files when starting up.

Fortunately, it was a very quiet database.

Huawei Honor 10: At £399, plenty of bang for buck – it's a pity about the snaps


Just leveling the power balance. Trump gets my data from Google, Xi gets it from Huawei. Let them fight over it ...

BOFH: Give me a lever long enough and a fool, I mean a fulcrum and ....


Whatever ...

Friend of mine called a support droid about some problem. "Do you have an Iphone or a smartphone"?

Somehow that does kind of make sense...

Until last week, you could pwn KDE Linux desktop with a USB stick


Re: I'm going to name all my USB sticks:

Because it won't work. You need "rm --no-preserve-root -rf /" if you really want that, which is longer than will fit in a VFAT volume label.

Who can save us? It's 2018 and some email is still sent as cleartext


Re: Port 465

What you need to do ... may I suggest using an MTA with a sensible configuration language?

Sysadmin jeered in staff cafeteria as he climbed ladder to fix PC


Re: What is this ?

Since it was in the Windows for Workgroups days, TCP/IP was most likely not used. Just some random address assigned by the NIC and running Netbios, IPX or some other abominable protocol.

Personally, I would have made the PC speaker start screaming at the user with a NSFW vocabulary. Guaranteed results much quicker.

Flash... Nu-uh! Tech folk champing at the bit to switch off life support



Judge used personal email to send out details of sensitive case


Re: An idea

They were called "secretaries" in the good old days. They are all gone now, thanks to the beancounters and efficiency experts.

NASA: Bring on the asteroid, so we can chuck a fridge at it


Re: Time to go PaddyPower

7. The fridge, being an intelligent IoT device, will notice that it needs to stock up on fresh milk, but since there is no Wifi connection in the asteroid belt it will fail to connect to Walmart and subsequently the control system crashes with an unexpected error. The thrusters therefore fail to fire, and the fridge crashes back to Earth.

US visitors must hand over Twitter, Facebook handles by law – newbie Rep starts ball rolling


Re: But

No lube, makes the "pain" part easier.

Super-cool sysadmin fixes PCs with gravity, or his fists


Re: Makes me wonder

Consider that a bonus, since it would hopefully mean upgrading from the old MFM based disks to something modern and up-to-data, like PATA

2017 is already fail: Let’s try a Chinese reboot


Re: And one more thing...

Depends on how you managed the leap second...

Windows 10 networking bug derails Microsoft's own IPv6 rollout


Remembering IP's

is about as quaint as remembering phone numbers.

Face it - one of the goals of ANY new IP version is to extend the address range. So no matter how you design the protocol, you end up with more numbers per address. Saying that it is easier to remember than 2a00:1450:400f:802::200e just does not make sense. What you CAN remember is "google.com".

Which is why we invented DNS.

It's not just your browser: Your machine can be fingerprinted easily

Big Brother

Re: Mine doesn't give that data.

Your browser identifying as "Links" is enough to fingerprint you with 99.24% accuracy ...



Biting the hand that feeds IT © 1998–2020