Posts by YetAnotherJoeBlow

Crapita

Every time my eyes see Capita, my brain still sees Crapita.

"EasyJet confirmed it is laying off 1,300 crew and 727 pilots"

727 pilots or, seven hundred twenty seven airplane pilots... :?

Automation

I substantially automate Github. Something broke a few weeks ago and my automation fails. I am in the process of locally hosting all my clients except certain secure repos. I have done this a lot lately for other services as well. It appears that I am not groking continuous delivery as it constantly breaks needed features. I rather dislike dumbbing down features to be more inclusive.

...but it is DOH!

"Comcast has moved quickly to adopt DNS encryption technology and we’re excited to have them join the TRR program," Firefox CTO Eric Rescorla said on Thursday.

Eric, you need to stop drinking the Kool-aid. Really.

AI?

So... their models are not AI - they are just matching patterns. If it was AI, the systems would adapt themselves to work with the new data stream. In the mid-eighties scientists could do pattern matching like this, but the hardware was not up to snuff to scale with PDP-11's with 1MB RAM or even the mighty VAX.

While some of the math has changed (more optimized), the end result is the same. It is all hardware driven. Now the problem will shift back to software since we no longer have exponential growth in CPU speed - proving yet again that our industry needs to do better than just software bloat and feature creep.

I am very fortunate that I got my degree when I did. What I learned then is still very much applicable to my work today, and that trait is sound judgement.

ahem...

I know some guys that - lets just say they are very flexible on who they work with - tell me that it has never been easier to pwn networks, phones, IOT, or any endpoints for that matter. While I work in embedded and know what a crap shoot it is, if people actually saw what these guys do, they would never bank or pay with a phone. I don;t. Once they have your phone, they are into everything you are into. The sky isn't falling, it already fell.

See

No hacking needed, no cell phone needed, and no browser history needed. Just police work. So... you want my phone? Get a warrant.

I wonder

I find it unbelievably depressing everytime freshman year mistakes are now the rule of thumb. Have they ever heard of format preserving encryption - or even a simple hash?

Computer Science has been dumbed down to the extent of being equivalent to a trade school. You can learn how to write PC program comments but not writing good code itself. Pathetic.

BSA

I remember when MS$ was using the BSA as a weapon. I technically successfully defended several companies from their extortion attempts, including to sue MS$ in small claims court (no lawyers.)

All of which shows...

None of their testing volunteers could afford a MS Surface.

Lift off

Was it just me or did the rocket take off much faster than normal? Almost like an ICBM.

Vaccine

The most important process in China at the moment is to be first with the vacine at all costs. Failing this, I would not want to be anyone connected with that effort. Their families, their homes, their livlihood, and their liberty all depend on being first.

"If you’re thinking about getting in touch saying this is political correctness gone mad, don’t bother."

Sorry, I am not a sheep. This is political correctness gone mad.

Targeted change

“To better prepare Magic Leap for the future, we have taken a close look at our business and are making targeted changes to how we operate and manage costs,”

A "targeted" change is to fire half of your workforce?

Troubles

My wife does work for Cognizant. Three weeks ago, they sent her a new computer; they were supposed to be online for the better part of two weeks now. Now I know why they have not communicated with her. Her Cognizant email address still works though.

False sence of security.

Once an app is made, I will bet money it has the normal analytics and crashlytics SDKs in the phone as well. It would be trivial to uniquely identify all the Bluetooth tags.

This sums it up...

"Be prepared for your extension to not have the host permissions you expect"

What that hell kind of statement is that? This is not a game of hide and seek. Jesus Google moderate the greed. F'ing control freaks.

Trust

I read an article in the WSJ app today (UTC +8) about Mr. Yuan. Mr Yuan gave a good interview - he almost had me - then he finishes with the insinuation that "someone" has targeted his company.

It's game over for me - even if someone has targeted the company. This sentiment taken together with past statements Mr. Yuan has made paints a bad picture.

Thanks

Thanks for the link to the pdf - I have never seen it before.

Contracts

I have a couple of government contracts - one in the US and and another in Asia. I sent an email to my contact in Asia saying I understand their situation and offered them an out. " Na - you can continue - we are still setting sail." I also have several active contracts in the US and elsewhere that are business as usual. Life will still continue.

he was able to download...

"... and that he accessed the document after his resignation from Google."

You can do that at Google? At all of my clients when they fire a person or when someone resigns, they are locked out before they ever even leave the office they quit or were fired in. By the time the interview is over, there is a list of what needs to be returned and also what the person has downloaded recently (about 1 yr.)

In fact a few of my clients have key people when hired agree to submit to a whole body scan on entrance and exit. This always includes me too although I never need to bring in anything.

For a minute...

For a minute there, I thought aManfromMars changed his nick to Long John Silver.

Once again...

Yet another reason to hold CEOs personally accountable for both civil and criminal matters for preventable information disclosure. (ie a permissions problem.)

Relevent?

IBM is really not relevant anymore; when they decreased investment and hiring GREAT scientists in Watson, this is the obvious result. Well done Ginny! Here is that golden parachute we promised you. We will be pushing you out at 30000 ft. (We told you it was gold didn't we?)

I wonder...

What if all this is just theater?

Backdoors

I imagine that this exploit was just standard no review careless approach to engineering. However, The ME is a different story. Before those chips were released, the NSA got a batch with the ME disabled - because, of course, they knew. The NSA has revealed its hand.

Never

Never hire a brilliant engineer that you wouldn't enjoy having a few beers with on Fridays.

I use PS

I use a hacked up version of Wine for some of my clients that I manage with a hacked up version of MS PS 6.2x. It saves me so much time its indispensable.

In the future...

All these companies streaming and locally hosting instead of going to conventions. If this process works out well for the companies, they might cut down on the many Cons they attend each year. The entire convention industry might be made redundant or shrink considerably. There are way too many conventions anyway....

Yeah, right.

"We are seeing a massive conversion to SAP S/4HANA..." Hahaaaahaaaaa That is a good one.

MS more of the same

I'll probably be retired when this all falls apart but I will certainly enjoy watching and listening to the excuses parade.

At this point in life...

I am glad that I make policy instead of following it. None of my clients use nodejs - they are smarter than letting all-comers inject code into their repositories. I wouldn't service the customer as I wouldn't want to take the blame when ransom ware strikes. My livelihood depends on that.

Secure firefox

The below link is a nice summary to harden the Firefox browser. Also grab a search engine from Mycroft as Mozilla passes your browser info every time you use search.

Harden Firefox:

https://www.privateinternetaccess.com/blog/2018/09/firefox-hardening-guide/

search engines:

https://mycroftproject.com/dlstats.html

Jassy

Jassy is scratching his head thinking gee we even hired two of them to get that contract. A bastion of ethics there.

wasm

My browser is locked down as much as possible and run in sandbox locked down as much as possible - I still will not run scripts or binary blobs. If a site breaks, I go somewhere else. Usually, I do not give a flying f*** what the standards say. If it looks like shite and smells like shite... Want Another Shite Meal?

config changes

I am so sick and tired of software that changes my configurations without telling me - I do things in there for a reason. I can not begin to count how many times vendors make those changes - and by people who should know better. It is just part of the new era apparently, I call it arrogance. Technically, that action is quasi illegal - modifying a computer system without authorization ...

redox

I'm probably missing something, but the last time I looked I found C code in I think in relibc and one other spot I can not remember. I also noticed that when it's time to do "the fun stuff" every thing is prefixed with unsafe. So in the end it is still unsafe correct? Like I said though, I'm probably missing something.

HAHAHAHA

Google complaing about fairness!! F___in hypocrites.

"Assange clearly requires mental health care"

I dare say that Mr. Assange is truly seeing his demons.