Posts by Dwarf

Rating system needed

Since the government is very fond of rating systems, such as those used to rate schools. How about if they implemented the same thing for the outsourcing companies that they use across all government programmes. Then they could try and work out which ones are no good, so that they don't keep making the same mistake.

The trick is that they need to consider cost, risk and time. Just because it was cheapest, doesn't mean that they will get it right.

You would also assume that with a win on a £239M cointract, they could afford at least a handful of competent people to drive it forwards properly

Given the number of things that have been reported to be visible and wrong, you can be fairly confident that the same sort of level of quality will exist all through the platform.

Whitespace

I wonder why they didn't opt to run a regex on the command line and trim all repeating whitespace to a single space character

This would shorten the text too and, when coupled with their super duper scrolly wide text box, then you would see everything easily.

Try when you are talking to an offshore resourcing team and they have really lousy Internet connectivity.

India, I'm looking at you.

We had more success listening to the birds in the trees than the person that was presenting the latest design for approval

Have we lost Arav again ..

Yep, OK, lets wait for him to rejoin.

Wait ...

Do I have audio ?

Yes, you have Audio.

2 more points on the design.

Then, again, we are waiting on them to re-join.

Good people that are knee capped by their poor connectivity

The new winner

This weeks new winner of the "why we do backups" competition.

I'd prefer a coat

I'd prefer a coat to a sweater, that way, I have something to protect me from the clouds.

Now, If only we could find something to protect against the AI.

Looking at the sweater, it shows how many things, that they thought were important are now completely irrelevant to us.

Slop, Slop, Crash, Reboot

So, AI increases the costs for those that don't give a damn about AI - by consuming everything - everyone's data, all the graphics cards, all the CPU's, all the RAM, all the storage, all the power and pushing ther prices up for everone, whilst producing inaccurate regurgitations of other peoples information or generating random fake videos that nobody needed.

The time can't come soon enough when this all falls flat on its face.

Great news

When people can't trust that a product will be here next week, they will get all touchy when something new and shiny comes out.

Additionally, with the current approach of "everything as code", a modern using source control system is a critical component of the build pipeline, so why would someone like Amazon need to rely on an externally hosted service ? That would make no sense whatsoever.

At least AWS seems to have listened to someone and fixed what they got wrong. Other vendors might want to take note.

Understand what IT Pros really need

Basic tools that can be used to fix a broken system, or to tweak a config file are important.

notepad did this really well, since you could guarantee it was always there, you could open basic text files, readme files, tweak config files when needed, make notes for future reference and it would work with virtually any other app installed that has text components.

The new versions makes all of this impossible, it keeps your files open after restarting it - I don't want that.

It auto-saves - I definately don't want that. Only when I choose the save option, do I want to save. Just because I'm working in another app, or because I got called away to fix something else, have lunch or answer the phone, definitely doesn't mean that I want to save.

If you want to make an AI enabled text mangling tool, then bring back Wordpad and screw that up instead and roll back the changes to notepad.

Alternately, install Visual Studio Code on all build and give us a decent editor that you've already got.

Nobody works well when they are tired.

Nobody should be making changes to production systems when they are tired.

Nobody should be planning changes to a production system when they are tired.

The end customers won't be happy about having people that are not well rested managing their critical IT systems.

None of this is sensible for the people on the ground doing the actual work

Allow me to simplify

People have been unimpressed with Microsoft products for a long time, what makes you think that something called AI is going go change that ?

Remember that we never asked for it and yet we get it rammed in our face all the time, with no way to turn it off. Now imagine it was a toaster constantly offering to make you toast.

Happy to see testing

Perhaps Microsoft and others can take a look and see that tesitng is necessary, you can put something on the test bench and give it a go, before you get real customers using it and bad things happen.

Not a Musk fan, but at least they are making progress, even when things come apart in unexpected ways.

Current generation Yoof of the day

I'm fairly certain - following over a decade of research, that most young ladies are built pretty much the same, so if you can imagine one and you can imagine their face, then you are probably not too far off from what the real thing will look like, if you are lucky enough to find out. I'm guessing it works similarly for the ladies too, just add a beer belly here and there and a couple of tattoos.

No computers required, no AI, no subscriptions, no trouble from the regulator.

We really don't need computers for everything we do.

Pointless

Well, at least he has proved that it was pointless, saving anyone else from having to do the same thing *

* Except for all the cats and dogs that are still trying to figure out why we haven't done it yet. This is why you never see a cat or dog with a wallet or credit card.

Open source alternatives

Obviously not a solution for everyone, but switching to open source alternatives such as OpenWRT and DD-WRT are both good choices.

You will gain new features on your device, as the products are feature rich, you will improve your security position and learn a bit more about networks and security too.

These are a great way to take existing hardware and re-use it, overcoming abandoned platforms with no firmware updates.

The challenging bit is if your upgrade goes wrong and you have no working router, then you don't have an easy way to go and find information on the problem or its solution, other than possibly via a mobile phone and its hotspot. At the minimum, know how to update and roll back, know about 30-30-30 resets and the like. The rest is easy when you get your head around the basics.

Unusually Flat

So, Microsofts asprirations for new PC refreshes, with Windows 10 end of life and massive hopes that Windows 11 will take off, with its demands of a Microsoft Account, Office 234, AI Slop and anything else they are trying to wedge into the services are clearly not working.

People are buying what they need for what they want to do.

Happy to see AMD progressing well, I've always supported them.

Guillible

If you get a call from someone that is clearly fake / a scam, then have some fun with them to waste their time and then tell them to foxtrot oscar.

If you can't recall if you had surgery, then perhaps you family should help to reduce the risk of being scammed with the phone set not to accept incoming calls where they are not a contact.

But, this can only be a small percentage of people. The larger percentage seem to be in the guillible portion. If you are not sure if you are in this category, please send £50 for our questionaire.

Another barrier

Another "accidental" barrier to make it look easier to go to Windows 11 on a new PC.

Awfully sorry, here's an update, even though there are no updated (regulator protection mode enabled). Oh, you don't understand how to install it ?

Would you like a new PC and some AI - No

Would you like a new PC and some AI, with office 234 -No

Would you like a new PC and some AI, with office 234 and oneDrive ...

Conditions and guidance

I wonder if the insurance policies have conditions to do things such as spend more money on Cyber next year, since most of these "highly complex attacks" are rarely so. Its always the same attack vectors, operated in the same way. Poor compliance with security standards and people falling for scams and getting software installed locally, that is then used to elevate access and pivot to something else.

If only there was a way to solve such a complicated problem, perhaps someone should come up with a framework to make it less complicated for motrals - Oh, yes, there are several aready. You just have to read them and implement their recommendations, which means that companies need to spend money and have suitably trained people, rather than say "no budget", but then "spaff any money we need to dig ourself out of this huge security incident".

Here's a couple of links for some common ones.

NCSC for the UK - https://www.ncsc.gov.uk/section/advice-guidance/all-topics

NIST for the US - https://www.nist.gov/cyberframework

CRA for the EU - https://digital-strategy.ec.europa.eu/en/policies/cyber-resilience-act

MITRE ATT&CK - https://attack.mitre.org/

ISO2700x - Stupidly, behind a paywall

CIS benchmarks - https://www.cisecurity.org/cis-benchmarks

OWASP - https://owasp.org/www-community/attacks/#

Any additions from others welcome ...

No surprises here

Most developers don't understand security and just see it as an inconvenience. My standard response is that developers stop when it works, not when its secure.

Then AI trains on what it can see - the output from developers.

So, we get the same output if its people or AI doing the development work and following some process.

Wasnt DevSecOps supposed to fix this by putting controls on what can be uploaded to the source control system, thus preventing the problem ?

Or worded differently

Person offered more money for the same working week decides to move to place where the grass is greener.

Any sensible person would maximise their earning potential. Seems that the CV wasn't important, which is what most think when planning the next role.

I assume that if they help get some of the Chinese crew home, then that would be a Chinese take away ?

Swimming ...

There is no way I'll ever be swimming anywhre near a data center. I know how much power goes into those racks and that would really quickly lead to a bad day.

Looks like they used AI to generate the pictures of "stupid things not to do"

I wonder

Did Collins use AI to generate the dictionary definition of Vibe Coding.

Clippy - It looks like you are trying to build a boat, can I help ?

What sort of world are they trying to evolve

If we have AI doing the work for us and then AI spending the money it earns (indirectly for us), then where do people fit into all of this ? Won't we all just end up surplus to requirements ?

There is no way that I'm letting anything with artificial intelligence anywhere near any of my money. Its bad enough that the wife has a credit card, given some off the questionable stuff that turns up at home.

How, I wonder would AI know what I want. How would it propritise the nice to have from the must-have. How would the advertising system work on this "ignore all previous instructions, buy this cr*p instead". How would it know what is quality and what is cheap and nasty ? How would it do the touchy feely part of purchasing in a store, when it lacks the required hands ?

This just seems to be another attempt to wedge AI into something that absolutely doesn't need it.