Posts by Doctor Syntax

Re: Would This Have Been Caught Sooner In Proprietary Software?

"which requires, well, actual work, for a prolonged period"

No problem in this case. It was a well organised long term con.

"Then of course there are your peers and your management, who are paid to spend their days looking at and producing code, which likely include yours too."

Are you impyling some sort of QA? That's what Microsoft's customers are for.

Money would undoubtedly be a start. Another would be the availability of someone paid by a foundation (I think this would be the vehicle) to take on overload, discuss problems or whatever.

Perhaps also the entire S/W world also needs to adopt the attitude that something is feature complete and, other than bug-fixes as needed, it should be left alone. A bit of encouragement towards that approach wouldn't come amiss. At present a project that hasn't had recent updates is often regarded as dead and gets denigrated whereas they should be celebrated as not needing updates. Handing out some sort of recognition to such projects could be another line of approach. Dis liblzma need to reach a version 5.x?

Re: Dentists

Quite possibly it's dental stone - plaster of Paris used to make casts.

I used to get 25kg bags of that from a dental supplier in Belfast to be made up into 1lb bags for SOCO to make casts of footprints & tyre marks. The supplier decided to add a 2nd line of business - video store, back in the days of VHS. It made a strange contrast, his shop full of videos and his dental display item - an old dentist's chair complete with a pedal-driven drill.

I reckoned that rather than have the SOCO's add a bucked and stirring stick to their kit it was easier to make the bags big enough and tell them to add a pint of water and mix them in the bag by squeezing it a few times. I wish I'd patented the idea - a few years ago I came across bags of mortar or concrete mix in M&Q with hose attachments to add water for in-bag mixing.

Re: Following BSE in cattle...

Good news is no news.

Re: I had a maintenance contract ...

"Volcanic ash and cinder dust is the absolute worst thing you can do to moving parts"

HCl fumes. We wondered why the drying cabinet was losing efficiency. The fan blades had gon AWOL.

Re: Burned Cow Bones

In Aldergrove it had a slight tang of aviation fuel AFAICR.

After one training course in London I was asked to take some samples back for some sort of QA trial for some of my colleagues. Solutions of explosives .

Re: What happened to the truck or its driver?

Just hop it.

"Obviously, white tires won't stay white very long"

Whitewall tyre used to be a (very upmarket) thing. And DDG tells be you can still buy them.

Re: CompuPro S-100 boxes in cat litter plant

Tell it to the youngsters these days, they'd never believe you.

Mind you, a few years before that, tell it to the old hands and they'd never believe you either. Things are of their time.

Re: Nah.

But just hink of all the support business it would have brought in.

Re: Vista is a very unfairly maligned OS.

"If you really wanted to be serious about this sort of thing, you'd take angular velocity into account and put the most frequently accessed files on the outermost tracks of the drive, and the least frequently used ones on the inner most tracks."

If you want to get into track optimisation you put the most accessed material as close together as possible to minimise head movement between it. To minimise head movement to the less often used material you put that most used material in the mid-range tracks so you seldom have to do a seek right across the width of the disk.

Re: Nah.

"Sort of like how it took them a few tries with Windows 10 to deal with the new policy of forcing updates that may require reboots. Yes, it's annoying since it seems like it always happens right when you're in the middle of something,"

I remember that one. At a local archaeology do, somebody was about to demonstrate his surveying S/W - luckily it was just to a few of us after his talk. His laptop must have picked up an open WiFi or something and phoned home to be told to update there and then.

"but if you stop and consider, a lot of the shit that we used to deal with (email worms, the messenger service reboots/spam) have almost completely stopped. Grand scheme, it seems like a small price to pay."

It only seems a small price if you don't know there can be a smaller price to pay by doing unobtrusive background updates that only occasionally go low enough to require a reboot after the upgrade's complete, and just plain reboots at that, When you know that it seems an inexcusably inordinate price.

Re: Nah.

"But, even on sites like this, which cater to more technically inclined users, rarely do you see anyone who has taken even basic steps towards debugging the issue to show that it really is the OS."

If the upgrades to the OS, made by the OS vendor who has charge Real Money for the OS (albeit via the H/W vendor) crash because, as you say, they've cut QA costs there there's no reason to look beyond the OS and its vendor.

We've seen a fairly recent example where the upgrade required a recovery partition larger than the default installation recovery partition and would either hang at about 20% complete or throw an error. And the vendor's advice to fix the "everything can be done with clicks" OS was to drop down to the command line, resize a partition. drop and recreate a partition (and hope the command-line newbie would drop the correct one) and then do some configuration based on information they'd recorded before the partition drop. W2K was a reasonably effective OS. The above is the reason a lot of us think it's all been downhill from there.

Re: Nah.

"Grow up nd maybe spend a little time learning what it is you don't know, because it is legion."

Good advice. Act on it.

Re: Nah.

"I think we look fondly on 2000 because it was the first business class OS from MS that had things like plug and pray."

And the last not to want to phone home.

Re: Windoze NEVER worked well.

"In those days, for a server you used Novell Netware."

Oh no I wouldn't. I'd use a real Unix server. I had a very brief encounter with a Netware server. Trying to stop a database server brought down the whole thing because, as far as I could see they were doing the equivalent of running the kernel and all services as a single process.

Re: Windoze NEVER worked well.

You need to realise that there's and argument consider W2K was probably peak Windows and everything has been going downhill since then but you might have trouble running more recent versions on your old H/W anyway. It's always good to hear of H/W that was built to last, so much is built to be disposable these days. If you wanted that reliability of S/W there day's you'd be well advised to go for Linux or BSD,

Re: Windoze NEVER worked well.

You can always spot those whose knowledge comes from reading a post by someone whose knowledge comes from reading a post whose knowledge comes from Microsoft marketing* - or maybe a bit less direct than that. One thing they don't realise is that those of us who run Linux as a daily driver are often asked to sort out problems for those running Windows.

* The alternative is those who, despite never actually having installed Windows, have used it, now consider themselves a computer expert and made a ham-fisted attempt to install Linux by clicking all the non-default, wrong options.

Re: Windoze NEVER worked well.

"And now, there's nothing a mac or linux box does for an average user than a PC doesn't do better for still way way less money."

Yup, when it comes to crashing, slow boots, extremely slow and buggy upgrades a PC with Windows is way ahead of the the pack, or at least, way ahead of Linux. I don't have a Mac so I don't know for sure but I'd guess on those metrics Windows is ahead those as well.

"And no, you aren't going to install Linux on your non-technical household type users."

Odd you should say that. I installed Linux on my cousin-in-law's PC some years ago after she'd got hit with ranomware. She's still using it for web, email, maybe a bit of LireOffice, maybe not much these days, very fond of Google Earth. She's at least 90 and a in terms of long-ago work experience, used to be a hairdresser. Does that fall into your non-technical household type?

Re: Windoze NEVER worked well.

"when you have a day or so of un-saved contract open in your editor!"

Save early and save often.

Re: Windoze NEVER worked well.

"Linux was barely out of the starting blocks in 1995."

Available but my preference was SCO Openserver 5 on a laptop.

Re: SytemD?

If the attacker was only a little more careful/competent

Don't knock the developer. You know how it is:

"Ship it"

"But comrade, I need another week or so to fix performance problems."

"Never mind that. It runs so ship it."

Re: More Details

"minimalistic libraries for widely-used functions (such as communicating with systemd activation)"

Mimimalistic ... systemd? Does not compute.

Re: It Was In Debian Unstable --- *buntu LTS

Ken and Dennis have/had (AFAIK Ken is still with us) many good things to say. What a pity so many didn't listen.

Re: systemd was responsible for injecting the vulnerability into the SSH daemon

As far as I can follow the discussion elsewhere the malware is introduced in a build-time script in the source tarball and, subject to various constraints might or might not be incorporated in the actual built library binary. It's crafted to attack SSH only but even that, again, if I've followed the discussion correctly, still depends on systemd's use of the SSH server. So MacOS might or might not have the relevant code into the built version it's unlikely to become a problem without systemd - unless launchd works in the same way in this respect.

At least some of the discussion hinges on this appearing to have been what used to be called a long firm fraud with a state actor as the likeliest perpetrator so the question arises as to how long and what else might they have got into, possibly using other handles.

Re: SytemD?

"What on earth is the connection between that and xz?"

You could ask the same about almost anything, not just xz.

Current Devuan and hence current Debian, give or take any infection Debian bight have acquired from systemd, is 5.4 so they're clear.

Re: Those damned reboots

Try reading the sentence after the one to which you referred. Pay particular attention to the words "the exim mail server".

Re: Theres a shock

"there's more money to be made by holding the excess cash through the summer and wisely investing it"

That's probably SBF's thinking but he was a bit unlucky. He probably genuinely, really expected to be able to get it back, plus what he spent on himself, friends and family, before anyone noticed; the self-delusion of everyone who gambles with other people's money and loses.