* Posts by MarkSitkowski

93 posts • joined 14 Sep 2012

Page:

Fortran greybeards: Get your walking frames and shuffle over to NASA

MarkSitkowski

Re: Old stuff sticks around

Just don't try to use that compiler on legacy code, like SPICE. Through the misguided idea that people use Fortran to write new code, they 'updated' it, to the point where it fails miserably on memory management, misinterprets the common block and bitches about Hollerith formatting. I believe it isn't actually a compiler, but a preprocessor, which converts your Fortran to 'C', then runs that through gcc. I've seen the same approach used by other Fortran so-called 'compilers'.

So you've set up MFA and solved the Elvish riddle, but some still think passwords alone are secure enough

MarkSitkowski

Re: "... believe the humble password is a good enough security measure"

It all depends on how you enter your password - or not.

https://www.linkedin.com/pulse/defence-humble-password-mark-sitkowski/

OK brainiacs, we've got an IT cold case for you: Fatal disk errors on an Amiga 4000 with 600MB external SCSI unless the clock app is... just so

MarkSitkowski

Re: The SCSI implementation on the Amiga was badly broken.

Oh, you modern people!

I have a Sun 3/60 with two external SCSI drives that are stll performing flawlessly.

Sun, obviously, got it right.

MarkSitkowski

Re: the real answer is probably some shared memory corruption

IBM's AIX also did the DEADBEEF trick all through the 90's

Want to stay under the radar for a decade or more? This Chinese hacking crew did it... by aiming for Linux servers

MarkSitkowski

Re: Meaningless Group Of Statements Made Up Out of the Air

If a company has had its data stolen over a period of ten years, I'd expect one of two things to occur:

1. The company discovers it, and says so

2. The hackers try to make use of it, and someone notices.

Since neither of these events has happened, I suspect that either the hackers are content to steal data and wallpaper their rooms with it, or (which is far more likely) that it never occurred,and someone is after free publicity/notoriety.

Remember that clinical trial, promoted by President Trump, of a possible COVID-19 cure? So, so, so many questions...

MarkSitkowski

Re: I know a couple things about clinical trials.

Researchers here, in Australia, have conducted in vitro tests of chloroquine , and found that it kills the virus dead. Perhaps it's the in vivo delivery method that returns the unpredictable results?

Also, researchers in Poland (Warsaw University?) have isolated the enzyme the virus generates to activate itself, and are pursuing ways to stop it creating this enzyme.

The truth is out there...

Bada Bing, bada bork: Windows 10 is not happy, and Microsoft's search engine has something to do with it

MarkSitkowski

Deja Vu?

Anyone remember Netscape?

The legal wrangle started when Microsoft introduced "Explorer" which not only displayed the file system, but also the internet, thus obviating the need to use a third party browser. They claimed in court that it was 'part of the operating system'.

Call me cynical, but I think I see history repeating itself.

WannaCry ransomware attack on NHS could have triggered NATO reaction, says German cybergeneral

MarkSitkowski

Re: Strategic ambivalence

"Proportionate response only makes sense in a fairly narrow range of scenarios..."

We've found that the best proportionate response is an automated one: Our IDS analyses incoming queries and parses them to check for malicious content (no white/black lists - that's too last decade).

When it finds nasty content, it looks up the ISP who owns the IP address and sends a report, quoting the log entry. The ISP then either removes the malware which sent the crap, or cancels the hacker's account.

Best responses have been from Russian ISP's: "The user has been terminated..."

MarkSitkowski

Re: NATO response

I agree as to the impossibility of blame attribution. We've been under attack by a botnet since 2012, driven by some halfwit with no other life, who hacks servers in about 70 countries, and gets them to send out malicious crap. If we retaliated against each individual server, we'd cause mayhem in those 70-odd countries, while missing the fact that the C&C's are all in Turkey.

There's also a botnet which does nothing but SYN/ACK attacks, which just leaves its dumb script running 24/7, cycling through spoofed IP addresses from up to 20 class-B networks each day. Again, finding the real source of all this parasitic activity is nigh-on impossible.

No nukes, please, but a hit-squad would be very welcome...

Windows 7 back in black as holdouts report wallpaper-stripping shenanigans

MarkSitkowski

Just one more thing...

Hey! I just noticed that my Win7 DVD drive has vanished, and I don't know which of the recent flood of updates did it.

It appears in Win Explorer until you put a DVD in, then it vanishes. An external USB DVD drive makes it reappear, but only the external drive works.

Time to go Linux..?

MarkSitkowski

Re: Was hoping for a quick let's finish off Windows 7 updates forever, ...

Just to add insult to injury, when I checked Update History, both of those updates are shown as having been installed three times.

Go figure...

MarkSitkowski

Re: That's not all...

I tried to hide the updates initially, but that didn't stop it. It would download identical updates, and still try to install them, (ignoring the 'don't check for updates' box) which ended in the endless loop again. My fond hope is that MS will stop sending out this crap eventually, so I don't need to run my script.

MarkSitkowski

Re: Was hoping for a quick let's finish off Windows 7 updates forever, ...

Those are the same updates that trash my boot track. See my comment for the solution.

MarkSitkowski

That's not all...

Consider yourself lucky, if that's the only parting shot.

On January 15th, despite autoupdate being turned off, the update kindly downloaded itself then, on the next boot, ran to 30% and shutdown the machine. Restarting gave the message "Windows is loading files..." followed by a popup claiming to "repair the startsystem'. Of course, it failed, rebooted, and did the same performance three times before coming up with "Configuring updates etc" and this sequence repeats endlessly.

(It looks like one of the "updates" trashes the thing which calls the loader.)

Solution is, to hit the power switch when you get the "Do not turn off your computer" message, which brings it up in safe mode. You then need to clear the update cache, like this:

net stop wuauserv

rmdir %windir%\softwaredistribution /s /q

net start wuauserv

The machine then works perfectly, until you get the message 'Updates are available etc', and you find that autoupdate has been turned back on, and you can go back to the endless loop described above.

I've put those instructions into a .bat file, which I run every time I shutdown.

Beware the three-finger-salute, or 'How I Got The Keys To The Kingdom'

MarkSitkowski

Re: Back in the day...

I'm surprised nobody mentioned the Sun keyboard with the control and shift keys (or was it shift and caps-lock?) interchanged. That was all kinds of fun to use...

LibreOffice 6.4 nearly done as open-source office software project prepares for 10th anniversary

MarkSitkowski

Which is the best version?

I'm thinking of switching to LibreOffice from MSOffice 2010, but I don't want to constantly update/reinstall everything.

Which version has fewest bugs/most stable features?

Fancy renting your developer environment? Visual Studio goes online

MarkSitkowski

Helpful Suggestion

Universities should teach young hopefuls how to type

cc -o thing thing.c

Then how to type

ci thing.c

There. That was easy, wasn't it? Now that you can do that, you don't need a silly old cloud...

Delayed, over-budget smart meters will be helpful – when Blighty enters 'Star Trek phase'

MarkSitkowski

Re: Great

Fluke 381 Remote Display True RMS AC/DC Clamp Meter

Oracle demands $12K from network biz that doesn't use its software

MarkSitkowski

Fun With Oracle Cloud?

A botnet appears to have taken over Oracle's 140.238.xxx.yyy and 130.61.xxx.yyy domains, and is spraying garbage to the four winds, along the lines of "GET //admin/categories.php/login.php?..."

Or, maybe, this is Oracle's attempt to see who's using their product? Or, maybe, some disgruntled users decided to try their cloud offering for free?

The D in Systemd is for Directories: Poettering says his creation will phone /home in future

MarkSitkowski

I stopped updating our Linux box at CentOS 6.9., having seen in 7.0 and onwards, that the loonies were planning to run the asylum.

6.9 works properly, and has all the features that Unix should have - the most important of which is stability.

It will never be safe to turn off your computer: Prankster harnesses the power of Windows 95 to torment fellow students

MarkSitkowski

Re: W98 was OK, but W95 and USB ..

Win 3.1 actually used a port of the networking code from BSD4.1c for networking. You could write client-server code on a Sun box, transfer it across, add "#include winsock.h", recompile it, and it ran perfectly. You could do the same on Win 95

They're BAAACK: Windows 10 nagware team loads trebuchet with annoying reminders to GTFO Windows 7

MarkSitkowski

Re: Is it stable yet?

Stable? I've been frantically preparing a Win7 machine and transferring all my data, while the Win10 thing still works.

Windows Upadate ("We're going to make Windows better, and add even more exciting features") has been running for all the hours the machine is switched on, 5 to 7 days a week since last June. It uses 95 - 100% of my CPU and about 4GB of RAM. Since I only use it as an xterm, to connect to a proper computer, it's not completely unusable, but it takes 1-2mins for windows explorer to start, and about half a minute to switch folders in Outlook. Windows won't let you turn off Update, and if you try to kill it or any of the four or five supporting processes, you're told it'll "make your PC unstable". Like that's worse than unusable.

The Win Update 'troubleshooter' is useless. It tells you it's fixed all the problems, except for coquettishly telling you that "Windows Update components must be repaired", and leaving you to figure out the 'how'.

I\ve checked on the Net, and I'm not the only one. There are hundreds of users whose PC's have been taken over by Windows Update, and some believe that it's really a bitcoin miner, although these latter tend to not arouse suspicion, by limiting CPU use to 50%.

So far, none of the "exciting new features" have materialised and, even if they did, I wouldn't have enough CPU power left to run them.

Windows 10 Pro goes Home as Microsoft fires up downgrade server

MarkSitkowski

Consider yourselves lucky!

I envy you guys with unactivated Win 10 Home.

I have an activated Win 10 Pro, with a Window Update that runs 24/7 for four or five days at a time, eating 100% of my CPU, making the whole thing unusable.

If I run wu170509.diagcab it kills the update process, fixes a few bad files, but leaves saying 'Update files were corrupted'. A few days later, Win Update runs again, with the same problem.

I'm painfully transferring all its files to a Win 7 PC, so I can get back to something which works fine, needs no more updates and doesn't need colonic irrigation every few days to make it run again.

Agile development exposed as techie superstition

MarkSitkowski

Re: There were studies ... and a result is Donald J Trump .... an Energetic Distraction?

Stop smoking that stuff - it's rotting your brain...

Here come the lawyers! Intel slapped with three Meltdown bug lawsuits

MarkSitkowski

Here Come The Hackers, too

Now that those clever researchers have told the world about a vulnerability that lay dormant and unknown for a couple of decades, every respectable hacker will be hard at work writing exploits - probably using the sample code issued with the release.

Thanks, guys.

MarkSitkowski

re: lightspeed lawyers

At last! I knew that if I waited long enough, my Z80 and 8080 assembler skills would be in demand...

Open-source world resurrects Oracle-free Solaris project OmniOS

MarkSitkowski

Re: YAWN

Evidently, Oracle doesn't share your opinion, since they neglected to port their own (indifferent) version of Linux to SPARC.

Perhaps, with the advent of Meltdown and Spectre, they'll reconsider...

MarkSitkowski

Re: solaris itself is fragmentation

Nope. SunOs ('Solaris 1') up to 4.1.4 was derived from BSD, Solaris 2 tried to be pure SysVR3 .

MarkSitkowski

Isn't running FreeBSD the same as running SunOs 4.1.4? That was all BSD.

Meltdown, Spectre: The password theft bugs at the heart of Intel CPUs

MarkSitkowski

Unprofessional Irresponsible Self-Aggrandisement

I hope the jerks who made this public are patting themselves on the back and smugly basking in their new-found fame.

These vulnerabilities have lurked around for 20-30 years, without causing anyone any problems, since the average dopey hacker is clueless about silicon architecture, or how it handles branching in cache execution.

Now, thanks to these self-serving idiots, the world is in turmoil, with Intel users wondering how long before the parasites put together a few hacks - based on the suggestions also published with the disclosure - and give them to a botnet to execute.

It doesn't bother me, since all our stuff runs on Sun SPARC, but it occurs to me that there should be a law or, at least, a protocol, whereby people like Intel get the results of such reports in secret, and the dirt isn't made public until there's a fix in-place.

MarkSitkowski

No Problem

Glad all our stuff runs on Sun SPARC...

Voyager 1 fires thrusters last used in 1980 – and they worked!

MarkSitkowski

Re: CDP1802

"...Hedy Lamarr didn't really invent Spread spectrum..."

She invented band-hopping radar, and even applied for a patent, but the hardware of the time was too clumsy to implement it.

MarkSitkowski

Re: how is assembler outdated and by what?

As far as I remember, it uses a bit-slice CPU (not any Intel rubbish), so the architecture is custom-made, implying a proprietary instruction set.

Windows Fall Creators Update is here: What do you want first – bad news or good news?

MarkSitkowski

Re: Inivitably!

When my 10am presentation slowed to a jittery crawl, I waited the two minutes it took to start 'Task Manager' and, finding a load of Windows Update poison dwarfs eating 100% of my CPU, I tried to kill them.

As with HAL, it silently did the 'I can't let you do that' routine, even though updates had clearly been told to stay away between 9 and 5.

All those settings are just a placebo. Windows downloads its updates in background, without asking you and, later, runs the updates in background. The only clue is the 100% CPU usage.

Equifax's IT leaders 'retire' as company says it knew about the bug that brought it down

MarkSitkowski

Yes...But Who Stole It?

All that data is sitting on the hacker's computer, somewhere. Have they yet determined where the breach came from?

Unloved Microsoft Edge is much improved – but will anyone use it?

MarkSitkowski

Re: And its only Windows 10?

Our IDS blocks wget as a potential site-scraper hack...

Oracle staff report big layoffs across Solaris, SPARC teams

MarkSitkowski

Does this mean that Microsoft and Intel now own the world?

Time to invoke the same ant-trust laws that saw the break-up of AT&T.

Should Conversion of Bitcoin to Money Be Illegal?

MarkSitkowski

Should Conversion of Bitcoin to Money Be Illegal?

The blockchain financial system is the most radical revolution since money lenders sat at their benches ('bancs'), and is obviously the way of the future.

However, as recent events have shown, the only people who currently use Bitcoin are criminal hackers, money launderers and drug dealers. Should they be forced to use conventional, traceable, means of demanding their ransoms or shifting their ill-gotten gains around the world, so they can be identified and brought to justice?

Feelin' safe and snug on Linux while the Windows world burns? Stop that

MarkSitkowski

Re: What is this OS 'version' thing you speak of

I have applications written originally for SunOs 4.1.0, and they run happily on every version up to Solaris 11.

I have applications written for Windows XP which crash catastrophically on Windows 10. Go figure.

MarkSitkowski

The other O/S's

Windows malware only executes on Intel CPU's. We run Solaris on Sun SPARC servers . Is it okay to feel smug about that?

Australian oppn. leader wants to do something about Bitcoin, because terrorism and crypto

MarkSitkowski

"...we should have specific people in high level government / the cabinet with proven knowledge and preferably qualifications in Technology ..."

That's how they do it in China, and it's done them no harm todate.

One-third of Brit IT projects on track to fail

MarkSitkowski

Re: @Rocket Rabbit ... With maths and syntax like that

"...all of the reasons provided are valid reasons for project failure in some cases all of the above."

I think they can all be summarised in one reason: the project manager didn't understand the technology.

If you're from a development background, then you know the approximate time a given task should take, and you can qualify the estimates given by the staff. If a developer gives you an excessively long estimate, this tells you something about either his technical competence, or his level of commitment.

When you're given the timeframe, you can compare it with your own estimate of project duration and have the management amend theirs. If they won't, you ask for confirmation that they take responsibility for the overrun.

When the marketing people decide to add features in mid-project, you submit a new project schedule, with revised costs, and a request for the confirmation mentioned above.

I'm not saying that all this will guarantee that you run to time and to budget, but it may help your bosses to eventually understand what factors should be taken into account before they say things like "Here's the job, you have five guys and three months to do it".

Huge ransomware outbreak spreads in Ukraine and beyond

MarkSitkowski

How to stop ransomware

Since only criminals use bitcoin, just make it illegal to trade bitcoin for real money. Then they can be traced through any banking system. Too easy, man...

Microsoft says: Lock down your software supply chain before the malware scum get in

MarkSitkowski

The only editor in a proper china cup...

I'm glad I use vi - or vim, if it's a Billyware box. No vulnerabilities.

UK hospital meltdown after ransomware worm uses NSA vuln to raid IT

MarkSitkowski

Seems that Bitcoin only exists to enrich criminals and fund terrorists. Isn't it time to make it illegal to trade bitcoin for real money? Or, better still, shut down any organisation trading in it?

Realistic Brits want at least 3 security steps on bank accounts

MarkSitkowski

Re: Like Razors ...

This is even better...

https://www.linkedin.com/pulse/choice-second-authentication-factor-mark-sitkowski

Facebook is abusive. It's time to divorce it

MarkSitkowski

We've tried it your way...

Okay, that's it.

We engineers want our Internet back.

We gave it to you, hoping you'd make good use of it, and all you've done is created stupid 'social media', bred a generation of parasites whose only purpose in life is to make everyone else's a misery by hacking everything, and created a new kind of bank robber.

Enough is enough. Give it back to its rightful owners.

Why Firefox? Because not everybody is a web designer, silly

MarkSitkowski

Re: I recently ditched Firefox.

...FIREFOX FORK...?

It's already out there. Get hold of Pale Moon.

Machine vs. machine battle has begun to de-fraud the internet of lies

MarkSitkowski

Machine vs Machine Battle?

Happened ages ago. About 6 years ago, our website was attacked by a botnet, which ran hack attempt scripts 24/7. Since it was impossible to block its attempts by hand, I wrote an IDS/IPS, which would analyse the content of every connection, identify possible hack attempts, and add a firewall rule, blocking the IP address. It would then look up the owner of the address, and send an email which included the log file extract containing the hack query. The ISP would then cancel the zombie account.

Over the last 6 years, this system has been running unattended, swatting incoming hacks from zombie machines running automated hack scripts, and removing these parasites from the internet.

Everyone should do this - I might even give away the source code to encourage it...

As you stare at the dead British Airways website, remember the hundreds of tech staff it laid off

MarkSitkowski

Re: Correlation is not causation

Wouldn't 'post hoc, ergo propter hoc' be a more accurate reflection of the situation?

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020