* Posts by yoganmahew

578 publicly visible posts • joined 1 Apr 2014


Uh-oh, update Google Chrome – exploit already out there for one of these 6 security holes


Re: Chrome?

I'll see your janky corporate Chrome and raise you Bing in IE emulation mode...

Windows 11 23H2 is a Teams effort but Microsoft already spoiled the best bits


Re: Skype etc

MS Communicator was perfect. Copy/paste formatting? Check. Local storage? Check. Crystal clear audio? Check.

Everything since has been worse, sometimes worser (that awful Cisco yoke for example).

Teams is Corporate Policy gone mad :(

Infosys co-founder calls for youth to work 70-hour weeks


Re: Ok, let's abuse the children!

Bear it in mind when next you're asked for feedback on the outsourcers. The teams I had were routinely exhausted, training and time off not planned in to sprints, all working US hours. Unsustainable madness that resulted in poor engagement and poor quality work.

Sorry kids, Infosys and Wipro have cancelled graduate recruitment



"pyramid optimization to onshore offshore rationalization"

You really do learn something new every day...

Infosys launches aviation cloud it claims can halve lost luggage


Re: 5%???

Generally it means the box (empty) is not in the place the ULD tracking system says it is. Like another poster says, wetware has to follow the process. If they don't scan the ULD as arrived or loaded on a plane (a problem when they ad-hoc change them due to knackerage or size limits), they end up wrong and hard to correct.

Airport chaos as eGates down for the count across UK



WTF?! A system in a 24 hour operating environment that never stops that has to have everything down for maintenance at the same time? I've worked in the airline industry for mumble years; we've spent our lives removing downtime, working for 99.999% uptime and largely achieved it. Now all this new crapware comes along and it's not even designed for basic uptime?!

Scared of flying? Good news! Software glitches keep aircraft on the ground


Re: NATS crashed.

For that route, the probability of error was 1/1...


Re: Hmmm...

So it's a known issue? A known issue that wasn't tested?!

Every admission is a new scandal :)

IIRC a dodgy flight plan caused the last outage. How did they not learn the last time that the first rule of resilience is to get back operational? Find the error data, poke it out, restart quickly. They're not saying a restart takes 4 hours are they?

IBM says GenAI can convert that old COBOL code to Java for you


Re: Meh

I heard a story, almost certainly apocryphal, that a UK bank had converted COBOL to C++. The resulting mess was so bad, the developers would fix bugs by eyeballing the original COBOL, updating it and then reconverting to C++. It ran, but it was untouchable ever after.

IBM shows off its sense of humor in not-so-funny letter leak


Re: Most established companies have variations on this.

Write only memory, the bitbucket, a random IPL setting to save the ops the work of restarting the wrong machine (that one may have been internal though).

Bad software destroyed my doctor's memory


When I started, I was in Marketing Automation or Agency Automation (in the airline/travel industry). The idea was the existing paper processes were good and existed for a reason, and the IT challenge was to automate them. That was it. Not to reinvent them, not to put a one-size-fits-all solution in.

ChatGPT study suggests its LLMs are getting dumber at some tasks


Re: ChatGPT getting dumber at programming

I'll have you know I'm suing for copyright infringement. Anything that bad must have been looking at my code.

Ex-Twitter employees owed half a billion in severance, says lawsuit


Right, employees are unsecured creditors, and there's a lot of senior debt that is going to take a shave.

Red Hat strikes a crushing blow against RHEL downstreams


Re: I am surprised that IBM took this long

Do you smell that? That IBM smell. Nothing in the world smells like that. It smells like 'closed'...

Users accuse Intuit of 'heavy-handed' support changes on QuickBooks for Desktop


Re: I'm still on 2007

I'm still using Quicken98... I don't even have pants that old.

Airline puts international passengers on the scales pre-flight


I've only ever seen the full body scanners in the US. The rest of the world makes do with walk through metal detectors.

Europe’s biggest city council faces £100M bill in Oracle ERP project disaster


Well it is project FAP...

What's your Mean Time To Innocence – the time needed to prove that mess is not your problem


Not waving, but drowning

in observability. The side cars are running full steam, the metrics are flowing. They all break at the same time in slightly different ways. Which is chicken and which is egg? SNOWbody knows...

Fed up with Python setup and packaging? Try a shot of Rye


No man is an island, except a python user

20 some posts, and nary an upvote.

Not only do the 20 people not agree with each other, everyone else reading the thread doesn't either. Not disagree enough to downvote, that would be rude...

Payments firm accused of aiding 'contact Microsoft about a virus' scammers must cough $650k



I pretended my only computer was a dumb terminal connected to an IBM mainframe. Then I suggested using my teletype console printer and sending a printout of the response.

Another time, I acted like he was a double-glazing salesman and whenever he mentioned windows, I would say I already bought new ones and describe them.

Mostly I ask them to hold on a minute and put the phone down by the radio/stereo and walk away.

Amazon CEO says AWS staff now spending ‘much of their time’ optimizing customers’ clouds


Re: Chicken, welcome to the roost...

"The lazy naïve way to "lift and shift" from on-prem to the cloud is to create a new EC2 for each existing VM. That never works out, cost-wise."

It depends. I was going to put a complex answer to back that up, but I'm already into pages of ifs and buts. Some short bits - if you are already in a managed DC (even if it is one you own), the cloud is probably cheaper than your current vendor. If you have strong DR requirements, the cloud is probably cheaper. If you are already clustering your workflows using Openshift or K8s, the cloud is probably cheaper).

The implementation details really, really matter though. As you say, life and shift is only step 1...

Uber driver info stolen yet again: This time from law firm


Re: Legal stuff

Yeah, it sounded like union busting activities to me.

Microsoft to stop accepting checks from partners


The cheque marque.

Free-Teams-gate: Docker apologizes for shooting itself in the foot


Re: IBM Forced Us Into It

Podman to the rescue!

At work, this is where we are heading as the Docker license fee for Docker desktop becomes substantial.

You can use a Dockerfile to build a Podman image, or you should be able to just run the Docker image with the Podman daemon.



On windows, WSL2 is used which is not without foibles, so if you're running a production workload, I'm not sure I'd recommend it.

The UK's bad encryption law can't withstand global contempt


Re: One rule for them, another for the rest of us.

" Its just a Public School classics education doesn't give you the technical smarts to understand this sort of thing."

Well, a Public School education doesn't equip you for accepting you are wrong and cannot be right about a subject with a wrong/right answer. It's not about understanding, it's about the willingness to understand when it could change your view on the subject. The whole denigration of expertise is based on this "don't tell me what will change my mind".

For password protection, dump LastPass for open source Bitwarden


Thank you Roland!

There are a couple of good episodes on Security Now about the Lastpass fiasco (is it a fiasco yet?). https://twit.tv/shows/security-now

Included in the show notes are links to how to download your vault and see what is encrypted/what was exposed.


Lastpass only encrypts username and passwords, all other data in your vault is in clear text (base64 encoded). That means they've lost all the information necessary to phish you, all the notes (e.g. your second factor pin that you stored in a note). Everything else is gone, almost certainly. They would be telling us if it was limited and they aren't.

FAA grounds all US departures after NOTAM goes down


Re: Just after Patch Tuesday? Hmmm.

They still are (can be) distributed by Teletype...


Re: Just after Patch Tuesday? Hmmm.

They're probably running at least z15s. Program design of 1960s assembler bears a sharp resemblance to current vogue of microservices architecture and is possible to build error free and understandable to future generations - you don't have to endlessly refactor it to understand it. The documentation has not kept pace, but I currently work on java systems that are built with no documentation (not even comments in the code) other than a story.


Re: "but which aren't known about enough in advance to publicize by other means"

There are separate Airplane Movement systems that perform different functions (tracking the airplane). FLIFO - Flight Following.

Python Package Index found stuffed with AWS keys and malware


Re: Free money

OMG same, but with GCP! Wild!

Seriously, though, my company runs its own repos and everything is supposed to be committed only to those private repos. Even there, we're not supposed to commit keys.

Developers! Professional yourselves!

Southwest Airlines sued for failing to give prompt refunds after IT meltdown


Disintermediate the GDS?

This is what you get. You have to have all the customer facing systems yourself. The major GDS at the time of Covid had huge negative cashflow as they processed refunds for passengers booked through them (on behalf of the agencies they booked through). It is a normal, automated process using BSP (bank clearing between GDS and airlines) to debit the airlines. Southwest have started to use GDS ticketing, but only for limited fares. Prior to this, even GDS bookings were paid directly to the airline with refunds and exchanges directly to the airline.

The best customer service my aunt fanny...

Crooks copy source code from Okta’s GitHub repository


Re: App used by USA Defense

Lastpass too started as source code breach. Like the article says, hard-coded credentials in code and scripts... infrastructure as service hsa it's downsides...

LastPass admits attackers have a copy of customers’ password vaults


The problem is not so much with the password manager, but with the rest of the crap around the cloud storage. Bitwarden has their manager code opensourced, but in Lastpass's case, shoddy code left hard-coded credentials to cloud storage bucket (it's really egregious, since all the major cloud providers have secret managers that you can build to only access at runtime, assuming you can be arsed to code it that way). A breach of the development environment (poorly secured in many companies it seems) left free access everywhere :(


Re: Drip drip drip

Oh, and how long have they know this for? And they release it while everyone is on holiday?

This is pretty much "don't trust me" breach disclosure playbook. I expect the next release will be New Year's Eve...


Drip drip drip

I'm a bit pissed off with the drips of increasing badness coming from Lastpass. What next? Login emails also compromised, but don't worry, they can't be associated with vaults? Well, they can be associated with vaults, but not with the list of passwords, what, didn't we tell you all the master passwords got released too? Yeah, I know we weren't supposed to have them stored, but some random error captured them to diagnostic logs. Those were captured too.

Eurozone plans to formalize passenger data, improve security


API in this case is Advanced Passenger Information.

Mind you, PNR is Passenger Name Record...

Windows 10 – a 7-year-old OS – is still having problems with the desktop and taskbar


Re: "The latest fix comes after a number of other problems were resolved this week"

Not only "yes, yes it is affected by most of those bugs", but long is not very long, and the longer you stay on LTS, the worse the experience using other products becomes. It seems all the other MS products are only tested well on the latest release, so bugfixes to other products break because of your LTS in unexpected ways. Locking everyone who rises early out of AD is my favourite.

Australian exchange pauses project to move stocks to blockchain



Hahahahahahaha, excuse me, I'm short of breath, hahahahahaha.

As someone who spent many hours arguing against blockchain and the usefulness of a distributed ledger, let me just say


Oh no, it's started again...

Microsoft feels the need, the need for speed in Teams


Re: Well, every little bit helps

It's soooooooooooo slow. It's unusable on a phone or tablet, the start up and synch time is measured in quarter hours. And the same for Outlook. They used to work, but now they're all broken. No off hours support chats from me then, oh well...

No, I will not pay the bill. Why? Because we pay you to fix things, not break them


Diwali, Hannukah, Samhain.

Bias toward office staff will cost you: Your WFH crew could walk, say execs


Re: A possible factor?

The intermediate bluffers are part of the problem too. When I started as a junior programmer in 1990, there were 5 levels above me to the CEO. Now I am senior technical, Director equivalent level, and there are still 5 levels above me to CEO... for all the talk of agile, there's more admin work, more unproductive time grooming increasingly inane stories "as a developer, I just want to get some fucking work done, so I can get out of this fucking meeting".

Google wants to copy-paste your mainframe applications into its cloud


Re: If it ain't broke

Yeah, but agile

Airline 'in talks' with Kyndryl after failed network card grounds flights


Re: Some thoughts...

Yeah, "working on half load, but not as sole link" is my guess too. And the Kyndryl DC is probably locked so tight it takes 10 hours of approvals to get an engineer on site, having flown him from somewhere first. Mad if it was quicker to fix the fibre.

Former IBM infra wing Kyndryl links with Microsoft to pipe mainframe data to cloud


It's unsettling that MS seem the most organised when it comes to mainframe offload. It's almost like they are listening to the specific problems mainframe migrations present and partnering with companies that can help solve them.

Still, let's have some more observability AAS, with no mainframe integrations shall we. Trebles all round for DC Service department!

Soaring costs, inflation nurturing generation of 'quiet quitters' among under-30s


Re: Their lack of experience – exasperated further by the pandemic

They're not getting experience either, at least not in IT. The new workplace is an agile sweatshop run on a magic beans theory that tnsane amounts of single-issue work is what makes people productive. It might be short-term productive, but it does not spark joy. The grinding unhappiness of being a cog in a production line is killing the last remaining solace of programming - making a piece of code that does something. A piece large enough and complex enough that it takes some thought and some trial and error. A piece that is not a demoable story in an time-boxed horizon to the same poxy cadence as every other production-line worker in the sweat-shop.

Admins run into Group Policy problems after Win10 update


It's a horror show. Pinned documents lose their pinning. Recently updated is a joke. Quicklinks seem to be deprecated because opening an open/save menu scrolls to the bottom of the tree, to where I don't want to be. New Whiteboard doesn't store recent Whiteboards locally, so they aren't in the previous file list.

I can find nothing. I know I wrote a document last friday, I thought I put it in Onedrive in the normal place, but it is gone. So I rewrite it, save it with the same name as I thought I used... would you like to replace? Would I ducking like you to remember what I did and where I did it?

And it's all soooooooooooooooooooooooooooo slow :(

That time a techie accidentally improved an airline's productivity


Even in the 1980s, a TPF system (2.4 or 3.1, most likely 2.4) had at most 32 mb and on that supported thousands of terminals round the world. a 2.4 system was 31 bit, but only used 24 of them, meaning there was a byte available in every word that stored a core address that could be misused... the conversion from 24 bit to 31 bit was excruciatingly boring (check every core address use).

In addition transmission costs were hideous and you got very few bods. I remember a user coming to me, then a very junior programmer, wondering who UNA PROC was, or UNABLE TO PROCESS.

The glory days of every airline having their own TPF (or ALCS) system are pretty much gone, but I still make a living wrangling Teletype... the past is still the present. What's interesting with K8S is that it exhibits many of the characteristics of a mainframe cluster...

Global tech industry objects to India’s new infosec reporting regime


Re: Flood

Include the line 2please retain this email and attachment for 5 years" in the email and call it self-service.

Set up public canaries whose sole job is to attract attention and send reports.

Boeing's Starliner CST-100 on its way to the ISS 2 years late


Re: Starliner?