Posts by bombastic bob

Re: Doomed I tells yer

even _I_ gave that one a thumbs down

(unless it was supposed to be funny, but I wasn't really laughting)

Re: So jealous

sadly, gummint contract abuse IS part of "the swamp" and needs to be DRAINED...

Re: If billionaires paid an extra million in tax ...

after gummint gets ITS cut, and determines who the 'favored' are, you'd be lucky if 1 reached the poor. And they (the politicians) would scream for MORE MONEY because that's just what they always do...

Re: So jealous

Cyberman. heh.

/me imagines a bunch of Cybermen marching in time with one another, thunka, thunka, thunka, thunka...

Re: So jealous

Spending money on rockets DOES help the poor... it helps get them JOBS

And you get something BACK for the spent money. And there are OTHER benefits, from technological advancement to the PRIDE of having done something COOL!

It's all good. Buy more rockets, ESA!

Re: Hackers v Crackers?

"already had the term cracker for the bad 'uns and hackers were the good guys / gals"

This has been the case for 2 decades or more over on USENET. Also white-hat vs black-hat, etc..

Also a hacker does not necessarily have to be related to computers. From various resources, the term 'hacker' may have originated from the use of an axe to make furniture. In short, it's someone who typically uses unconventional methods to get results, often superior results.

Hackers find their way into engineering and "think on your feet" jobs. I expect there are hacker cops, hacker firemen, hacker soldiers and sailors, ALL the time!

But you'll probably find most of your computer-hacker types in engineering (electronics and computer, mostly), IT and security related, and so on.

There's also hardware hacking, popular among RPi and Arduino fans.

A 'good hack' might even be using spit and bailing wire to fix something... [this sort of repair goes WAAAaaay back, like a farmer that needed 'that' to work and only had some bailing wire and basic tools available to fix it]

Re: ...at the annual Techie Platform party...

"That's very Prince Andrewish, AC."

I was thinking Steve Ballmer, actually... in line with his usual antics.

(But yours is better)

"Nowadays? A DVD and hundreds of megabytes of memory..."

That's called "progress". </snark>

I blame '.Net', UWP, arrogant millenial developers and the older devs who ENABLE them, feature creep, javascript, "it has OBJECTS now" thinking, garbage collection vs malloc/free, and outright LAZY programming.

This new bunch of "programmers" needs to spend some time working on a minicomputer with 64kb of RAM [maximum], floppy drives, a card reader and line printer [no console coding], etc.. It builds character and the desire to get it right the FIRST time to avoid hours-long turnarounds between job submission and the box of paper you accidentally generated (and a bill for the paper if it's at a college).

Re: Hello Microsoft!

"Not to worry, you'll soon catch up and begin to provide basic features like clipboard history, sensible mouse focus, properly implemented virtual workspaces and so on."

which is a lot like what Linux and FreeBSD had around 15 years ago. Heh.

alt+space and then 'copy' after highlighting the text in the regular windows console. I hope they don't make it harder in any way. NOT having hot keys would be irritating.

But with Cygwin terminal you need to use ctrl-insert to copy, shift-insert to paste [I think that's right]. I remember it's different, and somewhat necessarily so, because of the Linux-like use of keystrokes in Cygwin.

What would be REALLY nice is if the console allowed ctrl+insert and shift+insert as well, similar to what you get in Cygwin's console. But I think that only people who LIVE IN THE COMMAND SHELL would even consider such things...

Re: Perhaps more to the story...

people who publicly shout with megaphones pointed at their former employer's office building (In My Bombastic Opinion) only want THE NEWS MEDIA to hear them

Re: Hoist on own petard

a qualified disagreement with the 'any law that uses subjective feelings', as much as I *HATE* the 'F' word "FEEL"... and here's why: If you "feel threatened", or are intimidated, or are constantly "creeped out" by someone's behavior, it can be considered a form of 'assault' [i.e. threats of harm and/or harassment].

The intent of such a law is to create a non-threatening society. And of course the details of whether any claims are valid belong to the jury and lawyers and judges involved in the cases, appellate courts, and so on. And IANAL.

So yeah I'm generally apalled by "FEELY" things, but in this case, there may be no other way to describe it as the legal statute. NOT having such a statute is probably WORSE.

(sad icon because it's a sick sad world sometimes)

Re: Hoist on own petard

I don't know why anybody would give you a thumbs down... because pretty much everything you say is correct. I guess 2 people didn't like truth or something.

I think of it this way: if employees at my workplace were in ANY way using company time and/or company resources to TRACK ME, even if it's public info, for WHATEVER motivation they have, it's not only CREEPY it's unnerving. it sounds like an opportunity to invite said stalkers to the local boxing gym, for a 1 on 1 "sparring match" with no timekeeper nor referee... [and watch their bravery leak out onto the floor in a large yellow puddle]

Re: I can only assume that the stalkage etc moved into legal/crime territory

"This might not be a popular view"

I hope you're WRONG about it NOT being a popular view... because it SHOULD be the *ONLY* view, that is, to NOT be a "feely ideological activist" at work, and abuse data from the workplace against other employees, especially when their implied intent was "CANCEL CULTURE" kinds of stuff.

Oh, and ALSO a big thumbs up for the entire post.

Re: I can only assume that the stalkage etc moved into legal/crime territory

it does sound like a reason to stalk the stalkers, which may be how they found out about their excuse for legitimately firing them.

Actually, depending on how the union works, it may be *beneficial*. The stereotype union wants too much money for too little work, is thuggish, goes on strike at the slightest provocation, yotta yotta. A good union acts like a human resources department combined with a labor force that produces quality work at a reasonable cost to the management company.

However I think any kind of white collar union is a bad idea. It's the wrong kind of thinking pattern for GOOD engineers. The best engineers are creative types who think non-linearly, often 'out of the box'. A unionized labor force, however, tends to behave 'collectively', not something that induces creativity nor 'out of the box' thinking. The two are mutually exclusive (in my view).

Re: Hoist on own petard

"internal culture of self-righteous virtue-display totalitarianism"

So *MANY* levels of "wrong" involved, I don't know where to begin [snarking].

I'm not surprised to see Google fire these people for doing what Google does to EVERYONE. Why? because "Google reserves the right" and its an EXCLUSIVE right, in their eyes, to spy on EVERYONE.

But employees need to keep in mind, the job is an exchange of money for valuable work. It's not a crusade, a mission, political activism, one feudal land warring against another, yotta yotta.

Still, the fact that they were UNION ORGANIZERS does give me some pause for thought...

Re: Nope, never saw this coming

not DIRECTLY compatible you mean.

that's sort of inherent in a system where you somehow map a /64 into a /32 without some kind of "reverse NAT" in there.

And don't forget the IPv6 to IPv4 compatibility addresses... 64:ff9b::/96

https://tools.ietf.org/html/rfc6052

Re: The internet will be privatised

those net blocks aren't issued by ISPs? Who issued them?

A while back this one ISP was issuing /28's for a DSL service [that I was testing at the time], instead of using PPPoE or some other means of "just having one IP address", esentially using one as a gateway, one as the actual IP address, a third for broadcast, and a fourth that was basically 'wasted'. It was an ineffective use of 4 assigned IP addresses in my opinion, but unfortunately necessary in THAT configuration.

Perhaps one of the simpler solutions here is to re-do the IP address assignments to eliminate the need for these kinds of /28 netblocks, and INSTEAD assign the addresses directly and use a different protocol to communicate the data. customer still has his fixed address(es), but fewer are actually being used, and become available for others.

(earlier comment about IPv6:IPv4 gateway probably applies)

Re: The internet will be privatised

agreed. there is actually an IPv6/IPv4 gateway block that can be used to cover ALL IPv4 addresses with equivalent IPv6 ones. Why isn't THIS being used???

Sure, an IPv4-only system might have trouble routing back. For this you'd need a 'somewhat careful' NATing method, in effect the opposite of what IPv4 NAT already does, at whatever router is translating the IPv6 address space into an IPv4 one. It generally means "established connection" translations, to/from the IPv4 space, and it would really only work properly for services that aren't trying to connect out (but you would be able to connect TO them, and get responses back).

I expect this last part is the only real reason IPv4 needs to exist. but how ELSE could you map a bozillian possible IPv6 addresses down to a /32 address space?

So yeah, "said router" above would listen on the IPv6-mapped-to-IPv4 address. It would translate that incoming IPv6 packet into an IPv4 (assigning a private IPv4 to it) for the private network. The server on the private network would send traffic back, and the NAT on "said router" woudl translate it back to a public IPv6 to be transmitted the normal way. basically, "reverse NAT". And DNS for IPv6 could (in theory) be done the same way (as seen by the IPv4 side) for outbound connections, but you'd have to limit your "resolved" address space to 10/8 and 192.168/16 and so on, and expire the DNS records in a short enough time, and recycle the addresses 'as needed' to manage it.

[should be possible to "can" a solution to this with Linux or one of the BSDs, if it has not already been done]

did you test it with 'ping6' ?

IPv6 not that hard... seriously

most web browsers that I am aware of have some means of resolving IPv6 before IPv4, and you can generally tell them which one to use first. I actually ran into some problems with CLOUDFLARE because they weren't handling IPv6 properly, and not that long ago. It was affecting my ability to read El Reg articles.

Aside from that, IPv6 is generally NOT hard to use on the client end. However, the one thing people aren't fully aware of (apparently) is that every IPv6 address that can be used to access 'teh intarwebs' is public. So that means windows machines MUST be properly firewalled, and I'm not talking about the "Windows Firewall" when I say that [laughing about pathetic Windows Firewall being stifled while I write this].

Seriously, though, IPv6 not that hard to set up for routers, either, assuming you're running FreeBSD or Linux. I suppose a Windows server might have problems... (but WHY would you be exposing a Windows Server directly to 'teh intarwebs' anyway? And THEN, using it as a ROUTER?)

/me uses FreeBSD as a network gateway and router, firewall, 'server in general'

Re: XWindows

I still use that feature of X Windows, probably its BEST feature, to run X11 programs on headless (and even the SAME) computers.

If you do export DISPLAY=localhost:0.0 and enable TCP and 'xhost +localhost', you can THEN su to whatever user you want, and run X11 applications under a different user context.

SO I can be logged in as 2 or 3 or more users on the same X11 desktop, much more easily than "run as": under windows.

And then there's development on an something like an RPi. Use 'pluma' to edit your code directly on the RPi, and *NOT* have to struggle with a tiny touch screen or separate HDMI-capable display? I do that a LOT, especially with 'headless' RPis.

But I think that this is most useful for web browsers. If you configure Firefox (for a particular user) to automatically purge ALL history, cookies, data, etc. every time you close it, you NOW have a stealthy browser that has NO history that could even POSSIBLY be abused by ANYONE.

And you can run that browser in the security context of a user that doesn't matter. "Oh, that downloaded thingy just wiped out my home directory. Oh, well, so what. *yawn* [rebuild] no problem now"

So yeah, the SINGLE BEST FEATURE of X11 is its inherent remote client/server configuration.

(and Wayland cannot do that, nya nya-nya nya-nyaaaa nyaaaaa)

heh

20 years ago i was doing stuff with windows boxen. 15 years ago I decided that it was DEFINITELY worth doing a lateral to POSIX systems like FreeBSD and Linux, as it appeared that Windows was just simply going the WRONG direction in 2003 (and I know I was right).

Guess what I stuck with? yep!

30 years ago I was doing stuff with PCs, combining a process involving Lotus 123, Harvard graphics, Word Perfect, and a bunch of '.bat' files, minicomputer report scripts, downloading, and overall "process automation" to generate a multi-page weekly report on Monday AM that reflected the most up to date data and presented it in a manager friendly way. TOok about 2-3 hours to print so I started it at 6AM, showed up around 8 AM, made sure the paper didn't jam [or Id hav to re-run it], got it all copied and stapled by 9 AM, had it all delivered by 10 AM, and then said "Wow, my week is done. Now what do I do? I think I'll work on THIS today..." [and they let me - that report took a week to generate before I started, had less stuff in it, didn't look as nice, and was 4 days old data-wise when it was finally completed]

NOTE: because I don't like doing data entry or futzing around with presentation on paper, I came up with a way for the computer to DO ALL THAT WORK FOR ME because I'm LAZY and I _HATE_ _DRUDGERY_. Worked out pretty nicely for all parties involved.

Re: ITeC

turbo buttons and frequency output [hard coded] on an LED display. yeah, kinda pointless.

Early on games were written using a clock timer, and NOT the CPU speed, so you didn't need to turn OFF the 'turbo' mode.

Re: My reason for RealVNC 5.x

TigerVNC: A Spinoff of TightVNC with TLS, actually looking good!

and generally, TigerVNC has better support for X11, such as GLX support, something that Mate (and apparently gtk3 in general) needs. It's why I switched to it a couple o' years ago, yeah.

I haven't tried the TLS though. And yeah self-signed certs with openssl are built-in except Windows, but I'd just use Cygwin or a Linux or BSD box to generate them for W, so there ya go.

But even with TLS I'd rather firewall it. Mentioned already, the daily poundings on VNC's listening port range by automated crack-bots makes it NOT worth having attached to teh intarwebs'. SSH login attempts are bad enough [but fail2ban helps with that, yeah]

Re: VNC isn't secure!

I'd still do the tunnel. It's been my experience that things _like_ VNC aren't trustworthy enough on their own, and it would just be simpler if you always use them via SSH and NEVER expose their ports to 'teh intarwebs'. It's kinda like "safe surfing". No amount of anti-virus or similar things will stop the daily pounding on the expose ports, nor prevent a 0-day exploit. Use SSH and firewall it.

Re: KVM

VNC into a KVM seems to work ok for me and I've used it a LOT actually... but usually by setting up an ssh tunnel so I'm listening on a specific IP address [usually localhost] on whatever machine I want to access it from. To make that work you can have a headless (Linux or BSD) VM that makes an ssh connection onto another machine (let's say a server) and directs incoming "server:xxxx" to "vm:22" for ssh. Then, just do something like "ssh server xxxx" to access it. That's how I've been doing it, anyway.

THEN, for VNC access, you use something _like_ TigerVNC server to actually run the desktop, and set up VNC tunneling via the ssh connection [same basic idea] and VOILA! you open VNC and you now have the full desktop. (you can also do this on an RPi that's headless to access its desktop via VNC).

This works exceptionally well when you want to have KDE on your Mate machine, or if you want to do X11 debugging from a GUI [so you run the debugged program in a VNC session, which is a different X server and isnt going to lock up on you if you break in the middle of certain libX11 calls...].

Anyway, ssh + sshd tunneling magic works fine. A bit tricky at first, but there are many examples in duck-duck-go-land

Re: TightVNC development is active AFAIK

So it looks like if you are using it on linux, you will have to change to something else

oh, so THAT is what happened! [I don't use Win-10-nic and haven't VNC'd with a windows box in FOREVER... so that is probably why I had to switch to Tiger VNC for BSD and Linux - lack of current X11 support etc.]

windows-only. THAT is @#$%^ *DISAPPOINTING*.

Re: TightVNC development is active AFAIK

I've been using Tiger Vnc which is a fork of TighVNC... because for quite a while it seemed out of date and wouldn't handle certain GLX things that Mate and other systems needed support for. So I switched.

from the article:

600,000 public-facing machines offer VNC access

These people exposing "known port" VNC connections MUST understand it's a security risk already... what, does VNC protocol's pathetic password protection actually HELP? do ya think? yeah, should be obvious, right? I wonder how many OTHER firewall logs have shown a zillion daily attempts at banging on ports 5900-5999 looking for VNC...

(they should be using a VPN and ONLY listen on private addresses at the very least and NOT exposing those ports to 'teh intarwebs')

But then again, WINDOWS machines are INFAMOUS for "listen on *.*.*.*" so there you have it. Unless you explicitly put a firewall between 'teh intarwebs' and your windows boxen, you're insecure (apparently) by DESIGN.

Sure, putting ANY windows on a public IP is just STUPID these days. So, at least firewall it with a LINUX box, at the VERY least! [you could even use an RPi to do it if you add a 2nd network adaptor or make it a WiFi access point]

And when you need VNC access from 'teh intarwebs' you should use a VPN or ssh anyway. It's just common sense.

Re: Oh no

VNC viewer, maybe? It's been around for EVAR. And it's still supported, last i checked.

I use VNC servers on headless Linux boxen sometimes. Tiger VNC is probably the easiest to set up.

You should probably NOT expose VNC's port to the outside world as-is, though. Instead you should use a VPN or ssh tunnel to access it from teh intarwebs.

(but yeah that's not as convenient as using some monolithic 'google print' thing or remote PC service)

/me points out that, with a little configguring, you can easily set up an Xorg desktop to do these things. you can even run X11 applications remotely though performance across 'teh intarwebs' is a bit pathetic sometimes. Still POSSIBLE though, as I've done this before, mostly for the lulz. Through ssh tunnels, of course.

Re: "anomaly"

well, any animosity aside, a catastrophic fail in the test phase is part of the process. It's just that SpaceX can't do this without people seeing it and laughing a bit.

Who out there has NEVER let the blue smoke out of a component? I most recently had that happen to me when someone handed me a 12V power supply that REALLY turned out to be a 24V power supply, with the same connector, and I plugged it in without reading the @#$% label... blue smoke and arcs and OH CRAP and I repaired the board but the fried regulator managed to take the CPU with it...

(fortunately the CPU was TQFP, unfortunately had trouble soldering it with $CLIENT's tools, nearly had to bring it home to fix it, then managed to blob-and-wick some solder onto a questionable-looking CPU pin, then all good)

Re: Wordpress?

Use of Wordpress (and things like it) is STILL lame, In My Bombastic Opinion.

[A quarter of the human population does LOTS of things I'd never do. Like smoke. Just sayin'.]

Intel ADMITTING they use Wordpress - that's kinda funny!

Re: This is great news...

I somewhat recently got a Ryzen CPU (6 core) and motherboard to build a new workstation. All good so far, running FreeBSD 12-STABLE on it, "all ZFS" system. Hyperthread gives me 12 'cores' and makes compiles go very very fast.

Intel can't compete with that price-wise. Looks like they actually stopped trying!

Re: There really isn't a future for "native" UX on anything...

"Most UX specialists are abject morons who have abolute no concept of whizz-bang-shiny. I should know, my thesis was on User Interfaces..."

since you brought it up... the whole "User Experience" thing (vs a 'User Interface') is one of those "new agey" "feelie" phrases that cause me nausea every time I think about it, so I tend to ignore it to keep my lunch from explosively leaving out one end or the other...

Instead, I'll just say that it reminds me of a joke:

Q: How many people from Silly Valley does it take to change a light bulb?

A: It takes at least 3. One to change the bulb, and at least 2 to "share in the experience"

And I think my point has been made, now.