* Posts by J. Cook

2105 publicly visible posts • joined 16 Jul 2007

How to destroy expensive test kit: What does that button do?

J. Cook Silver badge
Mushroom

... and presumably armed?

That would ruin the captain's day for certain.

Visiting a booby-trapped webpage could give attackers code execution privileges on HP network printers

J. Cook Silver badge

THis is known as a "damned if you do, damned if you don't" scenario.

the only proper fix is the throw the printer in the trash* and buy a new one, preferably a different brand that doesn't do that sort of nonsense. (or buy a second hand model that pre-dates said nonsense.)

* or do like the old 80's vintage tire commercial, and throw the broken printer through the corporate headquarter's shiny windows...

Lenovo ThinkPad T14s: Impressively average, which is how corporate buyers like it

J. Cook Silver badge
Go

Re: 1920 x 1080

Heh. I bought a brand-new iPad Pro for the express reason of "more screen real estate for drawing pictures on". I might have made a mistake of also buying the fancy keyboard cover to make the thing look and act like a laptop, but the thing detaches from it easily enough. (MAGNETS! HOW DO THEY EVEN WORK?!?! :D :D :D )

The screen looks beautiful, although I'm going to have to get a protector or something to clean the finger smears off it..

J. Cook Silver badge

Re: 1920 x 1080

Plus, the machine is designed to be able to be parked on a docking station, which has a HDMI, DP, and VGA ports on it for multi-monitor goodness.

Shame I can't do multi-monitor at the office unless I open the lid... stupid rules...

J. Cook Silver badge

Re: Nice set of options, but Ethernet?

Which is why you leave the dongle in a spare pocket in the laptop bag, velcro wrapped with a 3 meter ethernet cable coiled up to fit.

J. Cook Silver badge
Boffin

Re: Nice set of options, but Ethernet?

... the "proprietary" port is the docking station connector that you are speaking about, which has the ethernet and a number of other additional ports, including charging. Lenovo also sells a USB-C 'hub' that functions as a dock as well. Generally, most enterprises that issue their workers a laptop usually also issue a docking station, or a USB "dock" that has additional ports and whatnot on it.

But yeah, there's no ethernet port built in; you'd need a USB dongle for wired ethernet whilst undocked. The T580 I'm typing away on still has one, but it doesn't appear to be available for purchase anymore. :(

I will mention that said docking station is a bit on the fiddly side- you have to have the laptop situated just right for the connector to lock in.

SSL keys, sFTP passwords and more exposed after someone broke into GoDaddy Managed WordPress using 'compromised password'

J. Cook Silver badge

Glad I dumped Godaddy long ago for hosting my own web site. between the unexplained outages (ie, the site was down, but by the time I got a ticket opened it was back up, with no explanation for the outage) and the funky home-brewed backend for managing it (or putting files up and down on it), I finally said 'screw it' and moved to Dreamhost and have been more or less happy since.

at least for web hosting. Email, that's another kettle of fish.

Just because you can do it doesn't mean you should: Install Linux on NTFS – on the same partition as Windows

J. Cook Silver badge

.. it might have been on the "all users" or "Public" desktop (depending on version of windoze), which does, indeed throw a "permission denied" message, even if you are admin, because Windows.

(you actually have to navigate to the location of the all users desktop in order to yoink it properly.)

a lot of enterprise environments have a list of 'standardized' apps that are just rolled out to everyone, regardless if they actually use them or not.

GPU makers increasingly disengage from crypto miners

J. Cook Silver badge
Thumb Down

Re: "more troublesome than real money without any real advantage"

So what happens when I sell the car, or give it to, say, a technophobic parent who wouldn't know an NFT if it bit her on the leg?

There's already a well understood process for tracing ownership of a vehicle, and that's by using title searches based on the VIN that's part of every car made since the mid 1950's (with a few exceptions), and agreed on by practically everyone world-wide.

Better example please; I'm not convinced.

J. Cook Silver badge

Really, nVidia? Auto-playing videos are a bad bad thing.

interesting idea, although I got decidedly less interested trying to hunt down the auto-run video that started playing when I hit nvidia's page for it.

J. Cook Silver badge
Trollface

Re: "more troublesome than real money without any real advantage"

Ok Tonya.

While I feel similar with the way that cryptography in general has been treated by governments (We *ALL* remember the export controls on crypto in the early 90's), the whole thing with blockchain, and bitcoin (and all it's clones/derivatives/etc.) is that it's using increasing amounts of power and compute for something that is at the end of the day, a thing to barter with.

Unlike NFTs, which IMAO are just pointless- point me out a *GOOD* use case for it, and I might change my mind.

Server errors plague app used by Tesla drivers to unlock their MuskMobiles

J. Cook Silver badge

Re: Physical key

.. that reminds me, I need to shift cars about tonight and run the parental unit's old car around to get it some exercise and top off that battery.

J. Cook Silver badge

Re: Physical key

You might be interested to know that hybrids (such as the prius) and even the friggen Tesla have a second, seperate 12 volt battery that's used to power the the vehicle management systems and other items like the fans and whatnot. Why? because this way even in the main battery pack has packed it in, the car still has battery power to limp home with (in the case of the prius) or to run things like fans and locks and other things.

J. Cook Silver badge

Re: Physical key

Heh. I had a problem with my old 1997 Chevy S-10 were the key cylinder that was in the ignition wore to the point where it would have a problem turning, despite the key being inserted properly. that was a fun trip to the dealer to have them fix.

J. Cook Silver badge

Re: Internet dependency

... and there's a reason I've been calling it 'guzzlene' instead of 'gasoline' or 'petrol'. :)

A tiny typo in an automated email to thousands of customers turns out to be a big problem for legal

J. Cook Silver badge

Re: What was I thinking?

... and half of the emails probably failed for the recall attempt, I'll bet. :D

Web trust dies in darkness: Hidden Certificate Authorities undermine public crypto infrastructure

J. Cook Silver badge

Re: It is the real TLS chain issue

Yep.

That's one reason why certificate signed 'secure' emails never really took off- most CAs won't touch that use case because it's a giant hassle, and the few that will charge a ludacris amount of money for it.

I looked into it for [RedactedCo] one day, and dropped it almost as quickly- for the number of users we have, the cost was staggering, and had no real benefit; and having one of the cert companies do something where they sign root CA certificates for our public facing domains so we can run our own intermediates and publish externally acceptable certificates on demand? no one wanted to touch that with a barge pole.

J. Cook Silver badge

Re: Network Spy Appliances

The Cisco Web Security (aka Ironport) appliance and Umbrella both have that feature as well- it effectively performs a man-in-the-middle on the SSL chain. The deployment instructions state that you are supposed to deploy the root certificate it generates to the workstations as a trusted root via your favorite bulk deployment tool (group policy, SCCM, etc.).

The down side is that it does screw with the various TLS protocols, and causes a BUNCH of other administrative hassles.

J. Cook Silver badge

Re: openssl ca tutorial

I agree doing it properly and setting the associated systems (CRL's, distribution points etc.) is a lot harder and does require indepth specialist knowledge, but getting enough of an indicative system up and running to use in a dev environment is trivial and not at all complicated

I think that was the point- if you are setting up a PKI for in house companies, you want to do it right the first time, because it's a pain in the anus to fix it.

I "inherited" the PKI hat at [RedactedCo] a number of years ago, and it was a train wreck from lack of maintenance, and from the fact that it was built with one purpose in mind but got repurposed for something else entirely. We ultimately ended up retiring it and stood up a new one along side it that's moderately future proof and also documented the living hell out of it, so that if I get hit by a bus or retire, whoever takes my place has at least a half clue about it's care and feeding.

J. Cook Silver badge
Boffin

I can say with authority that in an enterprise environment, group policy is frequently used to hand out certificates for things like MitM web filter proxies and other systems that use their own internal CA sub-system. (Call Manager, vCenter, etc.)

For Active Directory Certificate Services, the root and issuing certificate authorities have their certificates published to active directory, and it's pushed out to domain-joined computers.

Most of the internal CAs are a result of vendors putting out a "no touch" solution, and changing things out is... a bear. Don't know about Call Manager, but VMWare specifically says to leave their CA alone unless there's a specific requirement otherwise; from having to deal with it in the past, I believe them.

A lightbulb moment comes too late to save a mainframe engineer's blushes

J. Cook Silver badge

THIS.

When I was actively writing documentation for stuff at [RedactedCo], I aimed to write it in such a way that my technophobe mother could follow, if she had access to the app.

J. Cook Silver badge
Go

There's two more rules, actually...

Ah, Jeff Cooper and his four rules of firearm safety:

1. ASSUME the firearm is loaded until you have personally verified that it is not.

2. Do NOT point the firearm at anything you aren't willing to destroy.

3. Keep the booger hook (finger) OFF the bang switch (trigger) until you are ready to fire.

4. Know what your target is, and what is BEHIND it.

Proper firearm owners in the US also know these four and follow them. I can't tell you how many times I've seen rules 2 and 3 violated by people who really should know better. (Newbies get ONE FREE PASS from me, because I WILL call them out on it politely- the second time? I break out the Book of the Profane and start selecting appropriate phrases from it, especially if it's me they've swept!)

Do not try this at home: Man spends $5,000 on a 48TB Raspberry Pi storage server

J. Cook Silver badge

Re: Not surprised

I've run into problems with the Pi 4 bogging down trying to play a streamed video at 4K; If I drop the resolution down to 1080P? trucks right along.

I will state that a Pi4 is not something that's good as running a plex server, though, especially if the thing has to perform any sort of transcoding of the video source. :(

Amazon tells folks it will stop accepting UK Visa credit cards via weird empty email

J. Cook Silver badge
Big Brother

Re: VISA will be just the first

I'm gonna have to use a movie quote for this one, specifically from Hudson Hawk:

"I just want to be happy. And happiness comes from the achievement of goals. It's just that when you've made your first billion by the age of nineteen, it's hard to keep coming up with new ones. But now, finally, I've got myself a new goal... World domination!: - Darwin Mayflower

There's only one cure for passive-aggressive Space Invader bosses, and that's more passive aggression

J. Cook Silver badge
Angel

Re: Dlibert is very much alive and well....

There's been a couple times where I've been to some events locally (sci-fi and anime conventions, but there's been a few others) where I've run across fursuiters. The canine ones get the "DOGGY!!!" treatment, which usually brings a few giggles.

J. Cook Silver badge

Re: Dlibert is very much alive and well....

But Sabrina Online (sorta) ended, and a new storyline started. Plus, EWS has it on a monthly basis, whereas Dilbert was/is a daily. Apples n oranges, friend.

It's the main reason why I stopped reading dilbert- it stopped being funny.

(For other good web comics with deep DEEP archives, I can also recommend Free Fall, The Whiteboard, and Schlock Mercenary. )

J. Cook Silver badge

Re: Dlibert is very much alive and well....

Yeah, but the author of Dilbert has gone in the direction of madness, sadly. Plus, it was getting repetitive.

J. Cook Silver badge
Thumb Up

Re: Amateurs

This. Oh so much this.

I tell people that I manage machines, not people. When asked why, i tell them because I can curse at machines without them getting upset, and if they really make me mad, I can put a fireaxe through them, which is something that HR frowns upon people doing with people. :)

I'm not exactly what you'd call a 'people person'....

Wondering what to do with those empty offices? How about a data centre?

J. Cook Silver badge
Coat

Re: I have a blueprint

One of the US meg-a retailers already has the one I was thinking of, actually. (The Mart of Wal, to be specific...)

J. Cook Silver badge
Joke

Yup. Cause nothing says hilarity like a couple million dollars (and several metric tones) worth of data center punching though the floor that's not rated for it.

Well, it's hilarity for the person who's watching it and is not responsible for the charlie foxtrot, not so much for the people who signed off on it...

Seagate demos hard disk drive with an NVMe interface. Yup, one with spinning platters

J. Cook Silver badge

Re: Server simplification, really?

Heh. During the Netbook craze of 2008-2009, I bought a Dell Mini-9; it was the right form factor for what I wanted, did what I needed it to... until the SSD blew out on it.

Turns out, they used a mechanical SO-DIMM style slot, and the SSD was essentially an IDE interfaced storage device. Completely closed, and I was more or less unable to get a reliable replacement for it. Shame, because the rest of it worked just fine...

Another brick in the (kitchen) wall: Users report frozen 1st generation Google Home Hubs

J. Cook Silver badge

... Or hubitat for a similar solution that does about the same thing.

Remember SoftRAM 95? Compression app claimed to double memory in Windows but actually did nothing at all

J. Cook Silver badge
Alert

Re: Disk Cleanup

OH GODS NOT THE WINSXS FOLDER...

(You know it's going to be a rough day with the winsxs folder is the largest folder on the entire machine; doubly so when the machine is a server that's running a LOB app and has run out of spare space for updates to be installed. TRIPLY so when it's a physical box and you can just throw another 20/40/100 GB at the boot drive because it's just not possible on a physical box...)

J. Cook Silver badge
Boffin

I was wondering when someone would mention the drive compression utilities (Stacker, DoubleSpace, DriveSpace, etc.)

Cute little things that ended up causing a lot of grief in the long run.

(the idea, for those that either weren't born yet, don't remember, or have blocked it out of memory, was that the machine had the bootblocks, The compression driver, and a great big whopping file that was the compressed version of the rest of the drive. Recovering files out of a compressed drive from a file system corruption event was one of the reasons why I drink now.)

There's something to be said for delayed gratification when Windows 11 is this full of bugs

J. Cook Silver badge
Thumb Up

Re: Up and down

8.1 was... something I could actually live with; the 'modern' UI wasn't TOO intrusive on it, there was an actual start button to aim the mouse pointer at, and there were no ads in it, even in the paid version.

J. Cook Silver badge

Re: Dear Microsoft

Oh, good. that's actually a useful work around, which means it'll get removed in the next biyearly update.

J. Cook Silver badge

Re: Dear Microsoft

Inquiring minds want to know- did they leave the legacy control panel in place like they did with windows 10? because if that's the case, it's the same process as windows7, except that you have to open a run dialog and put in "control" to spawn the windows 7 style control panel...

J. Cook Silver badge

Well... Yes?

I mean, my old advice of "wait until three months after the first service pack is dropped before upgrading a stable production environment" still sort of plays... I think.

J. Cook Silver badge

Re: A fan?

Yep, that's the normal fix when Explorer decides to take a long walk off a short pier, or branches to Fishkill, like when it's trying to connect to a network share that's suddenly stopped, or trying to open a local drive that's decided to be SO local that it won't talk to even the hardware it's installed in...

Can we get confirmation that moving a network mounted folder from A to B still takes an eternity when the folder in question has over, say, 10,000 child objects in it?

The Ministry of Silly Printing: But I don't want my golf club correspondence to say 'UNCLASSIFIED' at the bottom

J. Cook Silver badge
Boffin

Re: Amateur Opera Society Newsletter

Was going to say. Being the CEOs technical butler is pretty par for the course these days.

In fact it's as old as the hills.

If anyone who isn't the tech butler for a CEO wants to know what it's like. Watch some Jeeves & Wooster. It's exactly like that.

You'd be surprised how often a CEO will ask a senior techie to attend and listen in on conference calls for their opinion, help with non-tech related decision making and just offer an opinion in general on matters that are completely unrelated to your actual responsibilities.

I'm going to wager a guess that it's because we have some pretty well trained bullshit detectors. :D

BOFH: You drive me crazy... and I can't help myself

J. Cook Silver badge
Facepalm

Had something like that happen when I worked at [ISP]; we had shipped a Juniper OC-48 linecard to one of our sites for the telco staff that we employed there to insert on an M20 router, and those line cards only slide in ONE WAY; Yet they managed to insert the damned thing in the wrong way, destroying ALL connectors on a linecard that cost over $125,000 USD (and this was 2000's money) and badly damaged the backplane of a $50,000 USD chassis.

My boss and the department director were incandescent.

I mean, the other times when hardware was damaged, it was the fault of the Stupid Shipping Gang, so we had insurance to fall back on. (especially in the case of the M160 that got impaled by a forklift to the tune of 2 million US marks) But this? The company had to eat the whole thing, and they were NOT happy about it.

J. Cook Silver badge

Ah, the "sleeping with the fishes" method. Old school, time honored, and very effective at also reducing the surplus concrete block inventory...

Boffins use nuclear radiation to send data wirelessly

J. Cook Silver badge
Mushroom

Re: How about a really large archive?

Sort of, if the message being sent is "F--- You and everyone in the blast zone"... :)

J. Cook Silver badge
Boffin

Re: Californium-252

Yes:

"The element is most dangerous if taken into the body. In addition, californium-249 and californium-251 can cause tissue damage externally, through gamma ray emission. Ionizing radiation emitted by californium on bone and in the liver can cause cancer."

(wikipedia link)

Billion-dollar US broadband bonanza awaits Biden's blessing – what you need to know

J. Cook Silver badge

Of course; Just ask the people of New York City that are still waiting for the fiber rollout that NYC had to sue the carrier over from lack of fulfillment.

Apple says it will no longer punish those daring to repair their iPhone 13 screens

J. Cook Silver badge
Go

Re: Why anyone goes Apple I don't know

I dumped my work android phone because the one I was using at the time had a habit of not giving me notifications that I had an incoming call, which is kind of important when one is on call and stuff breaks at 2 am. (the voicemail notification functionality was also broken, but that was due to some other carrier level shenanigans that I was unaware of at the time.)

The other reason I went apple was the lack of forced bloatware from the carrier- I had no reasons to have sports apps, games, and other crap on a company-issue phone, but the thing came with it anyway, and I could uninstall it or even disable some of it. Sure, Apple has their own amount of bloatware, but all it does is take up space on the storage, but if it's not running, it doesn't take up cpu or memory, unlike the bloatware on the android phone.

Let us give thanks that this November, Microsoft has given us just 55 security fixes, two of which are for actively exploited flaws

J. Cook Silver badge
FAIL

... Yeah, it's "the most tested" by way of releasing beta and release candidate level code out into production to be tested by it's paying customers...

Expired cert breaks Windows 11 snipping tool, emoji panel, S Mode features, other stuff

J. Cook Silver badge

Windows 8 and 10 also have the "hey, you haven't validated your product key in a long long while" timers as well, at least if you are using a MAK or KMS key. (the latter is used in corporates to manage product keys for all workstations and servers by having the computers check in with a machine with the KMS host running on it (which, in earlier versions, could be another workstation!)- said host needs to be able to validate the KMS key with microsoft every now and again as well.)

Domain trust is typically a "I haven't see this machine in 30/60/90 days, the computer account didn't renew it's password, so I no longer trust it for authentication" issue, which is fixed by re-joining the machine to the domain. I've seen it frequently with sales people who tend to run around instead of being connected to the company network every now and again to make sure the computer's trust relationship is still there. (If the company is using a VPN client, that trust renewal will occur over the VPN connect if it's configured right.)

J. Cook Silver badge

Re: Certified useless

This leads me to ask: how hard is it to fake a CRL or return a "this certificate has been revoked" OCSP response? Because I can see that as a nice way to wreck havoc.

Chip makers aren't all-in on metaverse hardware yet – we should know, we asked them

J. Cook Silver badge

XPTE was... not terrible. I used one a few times at [RedactedCo] when I was tracking down printers that were not where they were supposed to be, because some chucklehead decided to swap it for a broken one and put the broken one back on the shelf. :( The units themselves were bought for a marketing project, played with, and returned back to us as "we tried it, we didn't like it."

I can see applications and uses for augmented reality sets- repair manuals stored on appropriately ruggedized device, and a wearable headset (like one of the hated Google Glass devices) to project the appropriate page of the repair manual or steps for the repair for the machine you are working on in front of you instead of having to rely on a worn, dirt-stained paper manual. Pokemon Go was a pretty slick AR app as well.

With luck, the tech will get better if it ever really takes off. We just need more than the two companies to really work on developing the hardware for it.

And yeah, f&*k facebook.