* Posts by YetAnotherJoeBlow

129 posts • joined 5 Apr 2015


Capita Consulting ditching more than a quarter of its workforce 45 days after consultations with consultants



Every time my eyes see Capita, my brain still sees Crapita.

"EasyJet confirmed it is laying off 1,300 crew and 727 pilots"

727 pilots or, seven hundred twenty seven airplane pilots... :?

GitHub redesign goes mobile-friendly – to chagrin of devs who shockingly do a lot of work on proper computers



I substantially automate Github. Something broke a few weeks ago and my automation fails. I am in the process of locally hosting all my clients except certain secure repos. I have done this a lot lately for other services as well. It appears that I am not groking continuous delivery as it constantly breaks needed features. I rather dislike dumbbing down features to be more inclusive.

Talk about the fox guarding the hen house. Comcast to handle DNS-over-HTTPS for Firefox-using subscribers


...but it is DOH!

"Comcast has moved quickly to adopt DNS encryption technology and we’re excited to have them join the TRR program," Firefox CTO Eric Rescorla said on Thursday.

Eric, you need to stop drinking the Kool-aid. Really.

Machine-learning models trained on pre-COVID data are now completely out of whack, says Gartner



So... their models are not AI - they are just matching patterns. If it was AI, the systems would adapt themselves to work with the new data stream. In the mid-eighties scientists could do pattern matching like this, but the hardware was not up to snuff to scale with PDP-11's with 1MB RAM or even the mighty VAX.

While some of the math has changed (more optimized), the end result is the same. It is all hardware driven. Now the problem will shift back to software since we no longer have exponential growth in CPU speed - proving yet again that our industry needs to do better than just software bloat and feature creep.

I am very fortunate that I got my degree when I did. What I learned then is still very much applicable to my work today, and that trait is sound judgement.

Chrome extensions are 'the new rootkit' say researchers linking surveillance campaign to Israeli registrar Galcomm



I know some guys that - lets just say they are very flexible on who they work with - tell me that it has never been easier to pwn networks, phones, IOT, or any endpoints for that matter. While I work in embedded and know what a crap shoot it is, if people actually saw what these guys do, they would never bank or pay with a phone. I don;t. Once they have your phone, they are into everything you are into. The sky isn't falling, it already fell.

Google’s Fitbit lift strains competition laws says Australian regulator



"Google has promised Fitbit data won’t be used to fuel ads, that promise is not binding."

Well then, that pretty much sums it all up for the tech industry.

The girl with the dragnet tattoo: How a TV news clip, Insta snaps, a glimpse of a tat and a T-shirt sold on Etsy led FBI to alleged cop car arsonist



No hacking needed, no cell phone needed, and no browser history needed. Just police work. So... you want my phone? Get a warrant.

Facebook boffins bake robo-code converter to take the pain out of shifting between C++, Java, Python


Even better

Now for something really useful - Java to C. Ditch all the frameworks.

Whatsapp blamed own users for failure to keep phone number repo off Google searches


I wonder

I find it unbelievably depressing everytime freshman year mistakes are now the rule of thumb. Have they ever heard of format preserving encryption - or even a simple hash?

Computer Science has been dumbed down to the extent of being equivalent to a trade school. You can learn how to write PC program comments but not writing good code itself. Pathetic.

Moore's Law is deader than corduroy bell bottoms. But with a bit of smart coding it's not the end of the road


Re: DEC Fortran

So, back full circle. It's nice to know that the way I was taught in the 70's and 80's is back in vogue again. I never lost sight of that and continue to this day writing fail-safe code.

I have fond memories of DEC FORTRAN. Both F IV and F77. I used to burn EPROMS under RT11 and RSX.

Global bean-counting behemoth PWC tells vendors: Now would be a great time to audit your customers



I remember when MS$ was using the BSA as a weapon. I technically successfully defended several companies from their extortion attempts, including to sue MS$ in small claims court (no lawyers.)

Sophos puts 100 at risk of redundancy as future of Naked Security blog hangs in balance


Re: AV vendor needed

I use ESET endpoint protection along with Snort. I also use tripwires and other assorted goodies.

IBM to power down Power-powered virtual private cloud, GPU-accelerated options


Re: AS400 ?

I had a System/38 mod 8 a long time ago - It was rock solid. Strangest OS I have ever seen. I hated RPG 3, but man could you implement systems quickly.


As usual

Yet again we subject ourselves to problems we already solved in the nineties. I just love all things cloudy.

What the hell is IBM smoking? Why shit on your paying customers? Nothing like manufacturing a problem where there is none.

Microsoft's carefully crafted Surfaces are having trouble with its carefully crafted Windows 10 May 2020 Update


All of which shows...

None of their testing volunteers could afford a MS Surface.

Nice wallpaper you've got there. It would be a shame if it bricked your phone


Re: So, a simple JPG can crash Android?

That is precisely why patches need to be taken away from the carriers and pushed by Google instead.

Wow, that statement really pains me.

AppGet 'really helped us,' Microsoft says, but offers no apology to dev for killing open-source package manager


Re: Mandatory...


While you are being a bit more charitable than I am, you are spot on about package mirror support. Anything short of that, M$ will have laid their cards down face up.

They've only gone and bloody done it! NASA, SpaceX send two fellas off to the International Space Station


Lift off

Was it just me or did the rocket take off much faster than normal? Almost like an ICBM.

Danger zone! Brit research supercomputer ARCHER's login nodes exploited in cyber-attack, admins reset passwords and SSH keys



The most important process in China at the moment is to be first with the vacine at all costs. Failing this, I would not want to be anyone connected with that effort. Their families, their homes, their livlihood, and their liberty all depend on being first.

As Brit cyber-spies drop 'whitelist' and 'blacklist', tech boss says: If you’re thinking about getting in touch saying this is political correctness gone mad, don’t bother


"If you’re thinking about getting in touch saying this is political correctness gone mad, don’t bother."

Sorry, I am not a sheep. This is political correctness gone mad.

We're all stuck indoors, virtual reality tech should be hot. So why is Magic Leap chopping half its workforce?


Targeted change

“To better prepare Magic Leap for the future, we have taken a close look at our business and are making targeted changes to how we operate and manage costs,”

A "targeted" change is to fire half of your workforce?

Bad news: Cognizant hit by ransomware gang. Worse: It's Maze, which leaks victims' data online after non-payment



My wife does work for Cognizant. Three weeks ago, they sent her a new computer; they were supposed to be online for the better part of two weeks now. Now I know why they have not communicated with her. Her Cognizant email address still works though.

So how do the coronavirus smartphone tracking apps actually work and should you download one to help?


False sence of security.

Once an app is made, I will bet money it has the normal analytics and crashlytics SDKs in the phone as well. It would be trivial to uniquely identify all the Bluetooth tags.

Google tests hiding Chrome extension icons by default, developers definitely not amused by the change


This sums it up...

"Be prepared for your extension to not have the host permissions you expect"

What that hell kind of statement is that? This is not a game of hide and seek. Jesus Google moderate the greed. F'ing control freaks.

Not only is Zoom's strong end-to-end encryption not actually end-to-end, its encryption isn't even that strong



I read an article in the WSJ app today (UTC +8) about Mr. Yuan. Mr Yuan gave a good interview - he almost had me - then he finishes with the insinuation that "someone" has targeted his company.

It's game over for me - even if someone has targeted the company. This sentiment taken together with past statements Mr. Yuan has made paints a bad picture.

Epic Games floats $1m bounty to ID source of 'commercial smear' claiming Houseparty chat app has been hacked



Thanks for the link to the pdf - I have never seen it before.

Hey, China. Maybe you should have held your hackers off for a bit while COVID-19 ravaged the planet. Just a suggestion



"For the love of dog"

There are quite a few public vpn's that are operated by three letter type agencies world wide. You go through one of those, the gig is up. Personally I do not even use TOR (even worse.)

AMD, boffins clash over chip data-leak claims: New side-channel holes in decades of cores, CPU maker disagrees


Re: @ including Javascript

On reason for client side processing is that PWAs need to have persistence locally to save state. IF the js code is trusted, this is a more secure process.

Personally, I'm afraid I'm biased. I do not download non-trusted code and run it - if that can be prevented; and if not, only run in a sandbox (ie a browser.)

IT services sector faces armageddon as COVID-19 lockdown forces project cancellations – analysts



I have a couple of government contracts - one in the US and and another in Asia. I sent an email to my contact in Asia saying I understand their situation and offered them an out. " Na - you can continue - we are still setting sail." I also have several active contracts in the US and elsewhere that are business as usual. Life will still continue.

Got your number? Maybe. 118 118 Money shutters website after spotting an intruder


Re: The personal loans business...

That is the way it is supposed to work.

Former Googler Anthony Levandowski ‘fesses up to pinching trade secrets about self-driving cars


he was able to download...

"... and that he accessed the document after his resignation from Google."

You can do that at Google? At all of my clients when they fire a person or when someone resigns, they are locked out before they ever even leave the office they quit or were fired in. By the time the interview is over, there is a list of what needs to be returned and also what the person has downloaded recently (about 1 yr.)

In fact a few of my clients have key people when hired agree to submit to a whole body scan on entrance and exit. This always includes me too although I never need to bring in anything.

Surge in home working highlights Microsoft licensing issue: If you are not on subscription, working remotely is a premium feature


For a minute...

For a minute there, I thought aManfromMars changed his nick to Long John Silver.

Small business loans app blamed as 500,000 financial records leak out of ... you guessed it, an open S3 bucket


Once again...

Yet another reason to hold CEOs personally accountable for both civil and criminal matters for preventable information disclosure. (ie a permissions problem.)

IBM puts 1,248 frontline techies at risk of redundo, warns of data centre closures



IBM is really not relevant anymore; when they decreased investment and hiring GREAT scientists in Watson, this is the obvious result. Well done Ginny! Here is that golden parachute we promised you. We will be pushing you out at 30000 ft. (We told you it was gold didn't we?)

Apple updates iPad Pro with a trackpad, faster processor. Is it a real computer now?


Re: Trackpad is a misunderstanding

"Doing computer things on the device makes it less useful – NOT MORE USEFUL."


HP Inc to Xerox: If you complete a hostile takeover, and try firing our chief exec, you will pay...


I wonder...

What if all this is just theater?

'Unfixable' boot ROM security flaw in millions of Intel chips could spell 'utter chaos' for DRM, file encryption, etc



I imagine that this exploit was just standard no review careless approach to engineering. However, The ME is a different story. Before those chips were released, the NSA got a batch with the ME disabled - because, of course, they knew. The NSA has revealed its hand.

Alleged Vault 7 leaker trial finale: Want to know the CIA's password for its top-secret hacking tools? 123ABCdef



Never hire a brilliant engineer that you wouldn't enjoy having a few beers with on Fridays.

Open-source, cross-platform and people seem to like it: PowerShell 7 has landed


I use PS

I use a hacked up version of Wine for some of my clients that I manage with a hacked up version of MS PS 6.2x. It saves me so much time its indispensable.

Coronavirus conference cancellations continue: Google and Microsoft axe WSL and Cloud Next


In the future...

All these companies streaming and locally hosting instead of going to conventions. If this process works out well for the companies, they might cut down on the many Cons they attend each year. The entire convention industry might be made redundant or shrink considerably. There are way too many conventions anyway....

Customers in 'standoff' with SAP over 2025 end of support for Business Suite: Who'll blink first?


Yeah, right.

"We are seeing a massive conversion to SAP S/4HANA..." Hahaaaahaaaaa That is a good one.

In an homage to Harry Potter's every-flavour jelly beans, Microsoft unveils 'Lucky Dip' Windows 10 testing ring


MS more of the same

I'll probably be retired when this all falls apart but I will certainly enjoy watching and listening to the excuses parade.

NPM swats path traversal bug that lets evil packages modify, steal files. That's bad for JavaScript crypto-wallets


At this point in life...

I am glad that I make policy instead of following it. None of my clients use nodejs - they are smarter than letting all-comers inject code into their repositories. I wouldn't service the customer as I wouldn't want to take the blame when ransom ware strikes. My livelihood depends on that.

You had one job, Cupertino: Apple's Intelligent Tracking Protection actually gets tracking protection


Secure firefox

The below link is a nice summary to harden the Firefox browser. Also grab a search engine from Mycroft as Mozilla passes your browser info every time you use search.

Harden Firefox:


search engines:


Pentagon's $10bn JEDI decision 'risky for the country and democracy,' says AWS CEO Jassy



Jassy is scratching his head thinking gee we even hired two of them to get that contract. A bastion of ethics there.

WebAssembly gets nod from W3C and, most likely, an embrace from cryptojackers online



My browser is locked down as much as possible and run in sandbox locked down as much as possible - I still will not run scripts or binary blobs. If a site breaks, I go somewhere else. Usually, I do not give a flying f*** what the standards say. If it looks like shite and smells like shite... Want Another Shite Meal?

Tricky VPN-busting bug lurks in iOS, Android, Linux distros, macOS, FreeBSD, OpenBSD, say university eggheads


config changes

I am so sick and tired of software that changes my configurations without telling me - I do things in there for a reason. I can not begin to count how many times vendors make those changes - and by people who should know better. It is just part of the new era apparently, I call it arrogance. Technically, that action is quasi illegal - modifying a computer system without authorization ...

After four years, Rust-based Redox OS is nearly self-hosting



I'm probably missing something, but the last time I looked I found C code in I think in relibc and one other spot I can not remember. I also noticed that when it's time to do "the fun stuff" every thing is prefixed with unsafe. So in the end it is still unsafe correct? Like I said though, I'm probably missing something.

Amazon fails to stop ex-sales staffer winging it to Google Cloud



Google complaing about fairness!! F___in hypocrites.

Assange fails to delay extradition hearing as date set for February


"Assange clearly requires mental health care"

I dare say that Mr. Assange is truly seeing his demons.



Biting the hand that feeds IT © 1998–2020