* Posts by donk1

77 publicly visible posts • joined 28 Mar 2013


Jet engine dealer to major airlines discloses 'unauthorized activity'


As is often the case with early-stage ransomware disclosures, the company appears to be reluctant to mention "ransomware" or even "attack" in its wording.

I will go first "Whatcha talkin bout Willis" !!!

AI models just love escalating conflict to all-out nuclear war


Re: Unsurprising....

Guns n Roses Civil War:

What we've got here is failure to communicate

Some men, you just can't reach

So you get what we had here last week

Which is the way he wants it

Well, he gets it


And I don't like it any more than you men


Look at your young men dying

The way they've always done before


What's so civil 'bout war anyway?

What do you do when you want change but people will not listen?

Microsoft sheds some light on Russian email heist – and how to learn from Redmond's mistakes


Re: "Midnight Blizzard targeted other organisations"

"Some developer in your group (a "rogue developer" maybe ?) needed to test something, gave himself all the permissions"

There is your fail, no admins any more so devs can f**k up permissions.

" You want that test account to access production servers ? Why ? For how long ? To do what ? You get that window, then your access is shut down."

No! Prod is higher up the permissions heirarchy and can pull from test, that is how you get new reference data into prod.

Test CANNOT EVER acess prod, dumbass! Prod copys for final validation ARE INDENTICIAL TO PROD SO ARE STILL PROD AND NEED TO BE TREATED AS SUCH.

Fujitsu will not bid for UK.gov business until Post Office inquiry closes


Re: An aside

Well yes how does this reflect on those of us with Fijitsu on their CV?

Have we not had our professional reputation damaged by this?

University chops students' Microsoft 365 storage to 20GB


Re: "over half of all data stored by organizations not serving a useful purpose"

But with the cloud people can bypass any controls so how does that work?


Re: "over half of all data stored by organizations not serving a useful purpose"

They do not. I once asked a Power Bi Personal from Microsoft how do you know your changes will not break an important PRODUCTION report?

Do you know which reports are production vs test vs experimental and test ALL PRODUCTION reports will not break before you make a change?

Do clients mark which reports are PRODUCTION?

Answer no. i.e. we do not care. So that is how they save money, no testing!

Once saw someone at a SQL Saturday conference built a whole 1hr talk around a new Power Bi Feature.

They had tested the night before, on the day they got to the screen and...it had gone, turned off.

They had to end their 1hr talk after 10 minutes and look like an idiot, cue all of us walking out into the hallway and hanging around for 50 minutes in the conference place with of course no refreshments and nothing to do!

If you are doing say the Facebook IPO and in that 'critical hour' something in the cloud disappears that you rely on how does that work and you not get sued for millions?

Company IT have change freezes the cloud vendors do not, just asking for trouble and if you are in a large org potentially getting sued for millions.


Re: OneDriving Me Up The Wall

Who says they still have admins? "Put it in the cloud and you do not need admins you can do it yourself"

The students get a OneDrive and bypass admin oversite then you get this type of mess.


The problem is that now we have PERSONAL computing and cloud storage so the concept of DEPARTMENTAL and INSTITUTIONAL storage is gone.

Different levels of data storage is forgotten, Important data should be pushed up the heirarchy and labelled so future academics/students can find it for future research.

This typo sparked a Microsoft Azure outage


So this cloud stuff is engineering systems that are more reliable then onprem?


InfluxData apologizes for deleting cloud regions without performing 'scream test'


Re: DBA's priorities

Who said they still have DBAs if it is all outsourced?

With DevOps where is the 'Admin' part?

So the experience DBAs or any type of Admin have after 30+ years does not count any more?

Well then learn this type of lesson over and over again..

One in five employees at top Indian outsourcers left in the past year


Doesn't this mean that experience is no longer valued?

Learn the same lessons over and over again.

So why do companies keep using them then?

Stolen Microsoft key may have opened up a lot more than US govt email inboxes


Given that

a) Without client side encryption Microsoft can see all of your code or if just the database is in Azure then the whole database schema, data and how your application access the database and can therefore determine cases where your app will not scale.

b) https://en.wikipedia.org/wiki/Stac_Electronics

- "examined Stac's code as part of the due diligence process."

- " sued Microsoft for infringement of two of its data compression patents...awarded Stac $120 million in compensatory damages"

What stops Microsoft examining your code/database access and writing a competing app, then producing benchmarks showing your app is slower and does not scale?

Asked that from a developer once and got the reply "I do not care, by the time that happen I will have made my money and moved on" and that their management are the same.

I wonder if the owners of their employer knew about this and considered the threat to their business or even cared?

Lawyer sees almost 1,000 complainants sign up to Capita breach class action


Would Liberata be one of those?



"In total, LFS administers over 1.8 million life and pensions policies comprising over 3,000 different types of savings, investment and retirement products."

"LFS staff must determine the cause of the error message (which is in system code)"

"training for staff was inadequate."

"messages were in system code, rather than 'plain English', making their interpretation difficult."

"Throughout the Relevant Period, LFS failed to take reasonable care to establish effective procedures to investigate and resolve error messages."

"Between January 2005 and December 2005, LFS failed to put in place any controls to monitor the dispatch of documents."

"LFS's reliance on the management information as the only tool to monitor the performance of CIC was not acceptable."

"During the Relevant Period, LFS conducted only sporadic and limited reviews of CIC to ensure that it was operating effectively. In fact, between January 2005 and March 2006, LFS did not conduct any review of CIC."

"As a result of LFS's failure to implement controls which were appropriate for its business, throughout the Relevant Period, it was unable to monitor adequately whether documents were being dispatched to policyholders as required."

"LFS therefore failed to act with due skill, care and diligence by not considering adequately, and acting on, warning signals identified in its management information and not acting properly on clear indications in the March 2006 audit, that policyholders were at risk of not receiving documents."

"As set out in paragraph 5.21 above, the FSA considers that LFS's assumption throughout 2006 that all of the documents within outstanding Contacts were legitimately suppressed was reckless."

"LFS uses a number of automated systems to administer policies. Its principal system, 'Amarta', is a bespoke system developed and maintained by LFS."

Give that my CV and I believe LinkedIn profile mention Liberata, how does this not reflect on me?

BOFH: Ah. Company-branded merch. So much better than a bonus


Re: When do people understand that cash rules?

Companies and clients I have worked for in the past have given me bottles of wine.

Brings a new meaning to "instant landfill"!

EDB offers 'risk-free' migration to lure Oracle users to the PostgreSQL side


Re: dont forget the audit


What do you mean "with the native blobs format"? Surely you just use standard APIs to access binary blobs?



Azure blunder left Bing results editable, MS 365 accounts potentially exposed


Re: "a single checkbox is all that separates an app from becoming 'multi-tenant'."

The problem is

a) With a GUI and a mindset that "administration is easy" people will tend to keep pressing submit and fill in the mimimun to make the submit button work

b) Wuth a GUI designer seem to always want to have a default for toggles like these. "Boss, what should the default be?"

With a command line, --single_tenant and --multi-tenant and having to BUILD the command people first list the available options and then THINK about selecting the options they need.

Also when people think about automating the process they already have the command to hand!

I have always been of the opion GUI's are GREAT for viewing (READ) not changing (WRITE).

Leaked IT contractor files detail Kremlin's stockpile of cyber-weapons


Re: Stockpile?

Stockpile "a large accumulated stock" - keep creating them and do not use them!

IBM says it's been running 'AI supercomputer' since May but chose now to tell the world


" that the virtualization overhead is less than 5%, which is the lowest overhead in the industry that we’re aware of. "


" The differential in all of the evaluated cases is within 1% of the performance level. "

So IBM are not aware of AWS Nitro? Lol

Wipro tells freshers a job awaits - if they accept a lower salary than first offered


Re: "Turbo" looks good on my car, what about on my project?

There is a rank higher than Elite, WTF? That is not elite then!

Turbo .. https://www.youtube.com/watch?v=yEoaN9qIxFs so good with a broom? "Yeah go sweep over there, boy!"

Fibre broadband uptake in UK lags behind OECD countries


Re: Doh!

I had simliar - the poles were done.

Apparantly there was a several months wait for them to get somone to check the poles.

I think it was 3-6 months then I got my 1GB FTTP from BT.


Unbelievable, I am neear Bexleyheath and I have dual 1G FTTP (Virgin and BT)!.

When ERP projects go awry: Surrey County Council incurs £3.2m additional costs in delayed Unit4 project


What process have they to supervise?

Council House Rapairs

Parks Maintenance

School Repairs

What stock do they need to manage?

In the case of council house repairs, the cache of spares they keep - baths, toilets,taps,doors,windows,light fittings...


In the case of Parks Maintenance, feeds, fertilizers, weed sprays.

In the case of school reparis, chairs,desks,doors..

In the case of grass cuttings, mowers,hedge trimmers, pruners.

Red Hat 8.5 released with SQL Server and .NET 6 ... this is Linux, right?


Re: Hmmm

So you can ditch Windows and only have to support 1 OS?

A 1970s magic trick: Take a card, any card, out of the deck and watch the IBM System/370 plunge into a death spiral


Or, as in my university, a card sorter!


Re: Broken NFS

Ah yes, the time a junior I knew managed to set the password change policy wrongly on a customer system for the root password!

The password had to be changed now before logging in as root could complete but also could not be changed for 180 days! Whoops!

They could mount the disk via a CDROM but then needed a call to the vendor for the details on how to get a chroot jail working so the policy could be changed!


Re: Broken NFS

Ah, the portable gnu find with -print0 !!

Of course, do find first into a file, check the file (kids these says forget to do checks!), THEN xargs rm < file - note avoiding the http://porkmail.org/era/unix/award.html

Kids get of my lawn!

VMware to stop describing hardware as ‘male’ and ‘female’ in new terminology guide


Re: Kill the orphans!

I once wrote some code with the comment

/* If Child does not respond kill it */

If kill is replaced by stop how does that work SIGKILL vs SIGSTOP becomes SIGSTOP vs SIGSTOP??


Re: Last time I checked ...

So log mean sh*t?

You going to "log into RedHat's Bugzilla"?

So that means you are going to "sj*t into RedHat's Bugzilla"?? Er how? Ewwww!

Mainframe madness as the snowflakes take control – and the on-duty operator hasn't a clue how to stop the blizzard


Re: Operator revenge

At university in the Postgrad lab - Sun workstations with large screens.

I remember someone running a 'screen melting' program remotely on the one the Computing Manager was on - he dived flat out across the desk to turn his workstation off!

When a deleted primary device file only takes 20 mins out of your maintenance window, but a whole year off your lifespan


Re: Serious question from a non Unix person

To avoid name clashes with temporary files you create a temporary file and then immediately delete it.

The file handle can be passed to child processes and even to an unrelated process via a unix domain socket!


Re: Seems like a proper who, me

Dave's Rule 1: You do not test backups, you test restores!

Working from home on Virgin Media's broadband? Too bad. Outage hits English capital


Interesting I had only heard of BT and VM as having seperate paths to the door!

I use both and my phone as backup.


I did exactly this, when I bought my house I checks and now have BT and VM Broadband.

Still waiting for BT FTTP though, apparently some argument with the local council has delayed it :-<<

Das reboot: That's the only thing to do when the screenshot, er, freezes


Re: Funny that

Add keyboard/mouse from empty desk opposite theirs.

All cables go into cable management tray so they cannot see.

Randomly go over there and move mouse/type characters!

Vodafone woes far from over for Xiaomi Mi 9 owners amid complaints of leaky batteries and voicemails in Romanian


Re: Great

"changed to another language: Spanish or Romanian"

So the testers are in a Spanish speaking country/Romania and an override used in testing was not reset before shipping?


Britain has no idea how close it came to ATMs flooding the streets with free money thanks to some crap code, 1970s style


Re: Experienced tester.

A formal script should be automated.

Manual testing is to add test cases which are not in the automated testing.

If more software had telemetry (what do you mean boo!) then converting manual testing into automated tests would be easier.

Google Cloud Engine outage caused by 'large backlog of queued mutations'


"Put it in the Cloud it scales and can be flexed up and down dynamically"

Ha ha ha! How many times do we hear..."oh but that service does not flex...but it will when we fix it." or "we can make those requests much more efficient" how about writing it properly in the first place? It is all about time to code and relibability and efficency are an afterthought now.

"The outage, which occurred on 26 March, brought down Google's cloud services in multiple regions, including Dataflow, Big Query, DialogFlow, Kubernetes Engine, Cloud Firestore, App Engine, and Cloud Console."

1 Cloud, 1 set of cache servers, no seperation to be "efficient". It won't all break at once..LOL!!


Re: "allow emergency configuration changes without requiring restarts."

Your automated deployment could say deploy 16GB VMs for cache server.

Where they get deployed physically could be anywhere on hypervisors of any size with spare resources.

You say increase the memory on each VM to 32Gb.

You SHOULD have unused memory in your hypervisor pools to allow for unexpected growth when you operate at the size google does.

They have hundreds of thousands if not millions of hypervisors so keep x% free so allow for gorwth, as you use it add more hypervisors to the pool!

Ethernet standards group leaves its name in the dust as it details new 800Gbps spec



But....desktops have gone from 10Mb to 100Mb to 1GB...and stopped.

When are desktops getting 10GB?

1GB/s ~= 100Mb/s, my NVMe SSD is supposed to be faster than that.

If I want to backup my stuff software/pics (currently 570GB) to another desktop it still takes hours!

My NUC has Thunderbolt 3

I tried Thunderbolt 3 (specific card for my motherboard and revision) with a £50 cable (!) and

never got it to work.

Waiting for 10GB to the desktop!

Google: You know we said that Chrome tracker contained no personally identifiable info? Yeah, about that...


Re: Just one question

I have come across developers who said why they do this....

Feature X is onyl available in Version Y and higher of browser Z.

How do you know when you can start to use that feature..when only a few percentage of your visitors are still using verions older than that..."we do not care about the last few percent of customers we can drop them as our turnover is 10%+ per month anyway"!!

Otherwise everyone would be compatible with IE6 and legacy compatability code would have to be written for every page!

Oh ****... Sudo has a 'make anyone root' bug that needs to be patched – if you're unlucky enough to enable pwfeedback


Re: SUDO and +s is a design weakness


- RBAC is not configured the same way on all platforms

- RBAC may have different capabilities on each platform/version

- Having to configure a person into different RBAC 'groups' on each platform is inefficient/error prone or requires more automation to be built/tested/patched.

- Producing a unifired audit trail across all RBAC platforms is probably either not feasible or painful.

- Not sure how well automation tools support RBAC configuration across platforms

Hyphens of mass destruction: When a clumsy finger meant the end for hundreds of jobs


Re: clanking machines which needed a host of Tech Adepts

- Hardware memory compression

- Hardware memory encryption

- Memory protection Keys

- RDMA over Converged Ethernet (RoCE)

Every time I want to see what is coming in the x86 world I look at new features as each IBM z mainframe appears!

I couldn't possibly tell you the computer's ID over the phone, I've been on A Course™


Re: This is this bank

Which is why anytime I get this I go into branch...which is getting harder to do now.

Last time I went into branch they pointed me to a phone on the wall which automatically connected to their call centre!

All roads in US cable biz GTT's Brit network seem to lead to Menwith Hill


Re: As I only live a few miles from The Hill...

I thought that BT and Virgin Media were the only 2 providers which run cables to your house...

Off somewhere nice on holibobs? Not if you're flying British Airways: IT 'systems issue' smacks UK airports once again


Re: Anyone notice........

Remember the IT rule....none, one or many...

Microsoft hikes cost of licensing its software on rival public clouds, introduces Azure 'Dedicated' Hosts


I notice Oracle is not on the list.

All affected people (including on Azure) over to Oracle Cloud.

When that is added then over to Rackspace's Cloud then to...then to..all the way to Dave's Cloud aka Billy Bob's Cloud...aka...keep changing the name/owner every week!

"Well,shucks...sure we can move them there VM's to Suzie's Cloud for yer, yeeee-haw!"

Not that any of the smaller Cloud providers are cowboy's...perish the thought!

Y2K, Windows NT4 Server and Notes. It's a 1990s Who, Me? special


Re: Shutting down the wrong server

Only had to do this once...my reply (shouted across machine room)..."Who was the last person to make X mistake"...turns to the complainer..."ooh, someone now in your team!"...nuff said!

Toodle-oo Raijin and g'day Gadi, you beauty! Australia's fastest super 'puter will bench 38 PFLOPS later this year


Is that you Johnny 5?


If you have it, why is it not listed at top500.org?

Turning it off and on again IN SPAAACE! ISS animal-tracker kit needs oldest trick in the book


Re: Almost ready



Bubblewrap jumpsuits!