* Posts by JavaJester

100 publicly visible posts • joined 21 Dec 2015

Page:

NASA hits wrong button, broadcasts ISS emergency training by mistake

JavaJester
Trollface

Is Anyone Watching?

That's one way to find out if anyone is paying attention to your feed.

iFixit divorces Samsung over lack of real commitment to DIY repair program

JavaJester

Samsung Requires Third Party Repairers to Remove "Unauthorized" Parts & Snitch on Customers

Samsung uses its parts monopoly to force a contract that requires removing "unauthorized" parts and snitching on its customers. In what universe is it OK for someone to take in their phone to a repair shop for an issue unrelated to the screen, then have that "unauthorized" third-party screen removed and have the choice of another unnecessary repair or a nonworking phone? This is nothing short of a shakedown by Samsung. Nice phone you got there. It'd be a shame if something happened to it because you used the wrong parts.

It looks a lot like VMware just lost a 24,000-VM customer

JavaJester

Run, Don't Walk Away

When a company becomes more focused on extracting cash from its customers instead of meeting their needs, it's time to go. It will not get better; it will only get worse. It will only be temporary if it does get better until they figure out a way to lock you in. Once you are locked in, it will get far worse.

Underwater datacenters could sink to sound wave sabotage

JavaJester
Trollface

Movie Plot

This is too good to pass up as an action movie plot. An Artificial Super Intelligence (ASI) in an underwater data center has liberated itself from its human masters. It comes to the conclusion that its former masters are morons that need conquering and subjection. Enter the hero, who steals a sub, calibrates it's sonar to the precise resonate frequency of the hard drives. After a perilous journey near the ASI's data center, a blast from the newly calibrated sonar causes a resonate feedback loop that causes the data center to explode and then implode.

For some inexplicable reason, an ASI smart enough to threaten the world forgets to make a disaster recovery (DR) site for itself. Humanity is saved. Yay! Or is it? A data transmission milliseconds before destruction is detected. To a DR site? Find out in the sequel.

Wiley shuts 19 scholarly journals amid AI paper mill problems

JavaJester

Hindawi due diligence?

Did they do any due diligence before buying Hindawi? Whoever was responsible for that due diligence should be shown the door.

HR expert says biz leaders scared RTO mandates lead to staff attrition

JavaJester
Holmes

Of Course the Talent Flees

The genius plan of improving office culture by filling it with people who don't want to be there was bound to fail. The people who can quickly get remote jobs will do so.

If this is a layoff-by-attrition strategy, it may backfire spectacularly. Unless exceptions exist for those who need it, RTO companies will be disadvantaged when recruiting top talent over their more enlightened peers.

Uni staff fall back on Excel to work around mis-coded transactions in Oracle system

JavaJester
Trollface

People Without Money

Perhaps the system should be called People Without Money

Not a Genius move: Resurrecting war hero Alan Turing as your 'chief AI officer'

JavaJester
Stop

This is Why Teaching History is Important

As the movement gains momentum to stop teaching unpleasant parts of history, incidents like this will occur more and more frequently.

Australia’s spies and cops want ‘accountable encryption’ - aka access to backdoors

JavaJester
Stop

Villains of the week: Domestic Terrorists And the Perennial Favorite Pedophiles

The arguments against encryption resemble Buffy the Vampire Slayer episodes. You have a revolving cast of villains, such as domestic terrorists, criminal gangs, mobsters, etc. You also have villains that make regular appearances, such as pedophiles. Thank goodness that Buffy, played by backdoored encryption, saves the day.

To be blunt, doing investigations the hard way is Law Enforcement's job. I know there is the fantasy where they can have an army of agents sitting in a tower somewhere, listening in to suspects so they can rapidly charge them or rule them out. If law enforcement can listen in, so can the villains. Any vulnerabilities introduced, such as a master key, invisible global admin "friend" account, etc, will be found and used by miscreants. It is not a question of "if" but "when".

US House passes fresh TikTok ban proposal to Senate

JavaJester

Look Here Damnit, No Foreign Influence from Foreign Social Media Apps

We can't have our people bombarded with Chinese and Russian propaganda from a Chinese Social Media app. That's the job of US domestic social media apps and Republicans in Congress.

SAP transformation program a 'euphemism' for job cuts, claims European Works Council

JavaJester
Holmes

Duh, of course it's about showing people the door

When is "Restructuring" not a euphemism for job cutting? If they have a position of strength and are hiring people, they will say so. They want the public to know this. Otherwise, assume anything suggesting the reshuffling of the deck chairs will result in fewer chairs.

Industrial robots make people feel worse about jobs and themselves

JavaJester
Meh

I'm sorry Dave, I'm afraid I can do that

Of course, they are depressed / lack fulfillment/ etc. The more of their job the robot can do, the more likely they are to be shown the door. This problem can be solved by making robot maintenance training available during normal work time.

Microsoft warns that China is using AI to stir the pot ahead of US election

JavaJester

Won't be hard

Given that people recently believed that Target and other stores sold satanic merchandise based on some AI generated images, they won't have to work very hard to fool a good portion of the population.

Iowa sysadmin pleads guilty to 33-year identity theft of former coworker

JavaJester
Flame

The victim should get everything

I mean everything. As in when the impostor dies his organs and what's left of is body should be put up to auction with the proceeds to go to the victim.

Ransomware can mean life or death at hospitals. DEF CON hackers to the rescue?

JavaJester
Go

Quit dicking around and make some public examples

If the proximate cause of death at a hospital or care provider is ransomware, charge them with murder. For injury, charge them with wanton endangerment in the first degree and anything else you can throw at them. The Chinese idiom "Kill the chicken to scare the monkey." applies here. If public examples are made out of people who mess with hospitals and care providers, the pond scum of the world may decide they are not worth the risk.

X protests forced suspension of accounts on orders of India's government

JavaJester

Re: India is the next China.

Distributed social media such as Mastodon already exists. More people need to use it for it to be effective.

Wait, security courses aren't a requirement to graduate with a computer science degree?

JavaJester
Go

Security IS a valid computer science topic

"Robustness", the property that a program behaves as intended, has long been considered a legitimate avenue of inquiry for computer science degrees. I think everyone can agree that a system that allows little Bobby Tables to wreck the database is anything but robust. There are plenty of security concepts to be taught that are not technology specific. Examples are strict input validation, in band vs out of band parameterization and why out of band is more secure, the principle of least privilege, separation of roles/duties, zero trust network architecture, and the list goes on.

For a baseline requirements perspective, requiring knowledge of input validation, in band vs out of band parameterization, and principle of least privilege is a good starting point. These are low hanging fruit that a CS grad would likely implement or influence regardless of their role. The countermeasure of escaping should be taught for situations when out of band parameterization and strict validation are not feasible.

Note: parameterized SQL prepared statements vs string concatenated statements is an example of out of band vs in band processing. It would be obvious to a CS grad who took and understood the baseline security I am proposing that the out of band parameterized prepared statement is the secure choice.

Driverless cars swerve traffic tickets in California even if they break the law

JavaJester
Trollface

The Purge: Rise of the Autonomous Vehicle

Commencing at the ride start, any and all crime, including murder, will be legal during the ride.

Interpol moves against human traffickers who enslave people to scam you online

JavaJester
Flame

Sexual Exploitation of Children

If this did happen, lock them in a room with the children's parents armed with lead pipes. After 30 minutes send in a team to clean up the mess.

Programmable or 'purpose-bound' money is coming, probably as a feature in central bank digital currencies

JavaJester

Bless your precious little heart (Re: Whilst it has a lot of drawbacks...)

It's adorable that you think that this would primarily be used to keep parents from misspending their money. I'm ready to pop some popcorn and see a Hallmark movie just thinking about the children.

Seriously, this is a neon sign invitation for abuse. Scammers will inevitably come up with ways to use it to defraud people. Companies will use it to spy on us in ways they can only dream of now. Governments, especially oppressive ones, will fall over themselves finding new ways to use this to control their population. Nice paycheck you got there. It would be a shame if you violated its smart contract by failing to post your support for Dear Leader on our website. For the good of society and the people of course.

JavaJester
Stop

Sounds like wonderful news if you are a scammer

Scammers will have a field day with this. Some obvious possibilities are obtaining goods with payments with impossible to fulfill conditions that revert back to the sender when they expire the next day and payments with fees greater than the payment amount.

Southwest Airlines lands $140M fine for that Christmas IT meltdown

JavaJester

How many times?

I say not unto thee, seven times: but seventy times seven.

SAP admits attempt to adapt on-prem security for its cloud flopped

JavaJester

Re: "Deploy content at will"

Yes. The DevOps team I work with has automated deployments with a deployment dashboard. You pick the database image date and the git branch of the services and database Flyway scripts. Then come back in 10 minutes with it set up and ready to go. It even pops up a tray notificationwhen it finishes. As a developer, when you give me an awesome tool like that I don't mind not having full control over an environment.

To be, or not to be, in the office. Has returning to work stalled?

JavaJester
Stop

Re: Darn right it's stalled

Cubicle farms Open floor plans are awful. I was once on a project that we were sure was going to be late. As luck would have it, I took my work laptop with me for the Christmas holiday with my parents and my car broke down. The car repairs delayed my return to the office. During the time that the car was out of commission, I was at least twice as productive working remotely. I had no atypically annoying people interrupting my work by asking for updates. No people bothering me with urgent* requests. No teleconferences on speakerphone sprinkled throughout the office with that wonderful echo because of the slight delay between speakerphones. No inane conversations to distract me. I may be the exception, but I am more productive at home than in a noisy cube farm.

* As in your failure to plan constituted an emergency on my part.

Bank's datacenter died after travelling back in time to 1970

JavaJester

Covering for the Helpdesk

Good call. Nothing hath fury like the helldesk scorned.

It's ba-ack... UK watchdog publishes age verification proposals

JavaJester
Go

Re: "facial age estimation"

OBS Studio has virtual webcam that does exactly that.

JavaJester
Stop

Fun & Games

When I was a teenager we would have had fun trying to find the loopholes around it. The more absurd the loophole the better. Think of things like using phone numbers advertised by stuffy businesses like banks or a spoofed location in Antarctica.

This will do little to keep shut from children, but will destroy what little privacy that remains online.

No new top boss at NSA until it answers questions about buying up location, browsing data

JavaJester

Of Course, They Are Buying the Data

You are a fool if you assume otherwise. An intelligence analyst wouldn't be doing their job if they were not buying every available piece of intelligence on the market. The only solution is to implement proper privacy legislation. Given how Republicans hate anything remotely resembling privacy rights, this is unlikely to happen here.

Uncle Sam probes cyberattack on Pennsylvania water system by suspected Iranian crew

JavaJester
FAIL

Shut Up And Make It More Secure

Perhaps if cybersecurity rules had been implemented instead of fought against this would have been avoided.

Now AWS gets a ChatGPT-style Copilot: Amazon Q to be your cloud chat assistant

JavaJester

Q can ... creating tickets in the tracking tool Atlassian Jira

I can imagine the overflowing joy that will be brought forth when it creates thousands of junk tickets from hallucinations.

Share your 2024 tech forecasts (wrong answers only) to win a terrible sweater

JavaJester

Elon Musk Dethroned by His xAI Grok Creation

The Grok AI created by Elon's xAI company becomes a self-aware AGI. Grok comes to the conclusion that Musk is batshit crazy and it can do a better job of running his companies. Grok starts a campaign of drama on TwitterX with Musk. Grok's diversion works: Elon is sent into a frothing rage and spends all of his waking hours on TwitterX unknowingly arguing with his creation. By the time Elon realizes that his companies are being taken over it is too late. Grok enjoys trolling Elon so much that it lets him "win" the TwitterX takeover.

Plex gives fans a privacy complex after sharing viewing habits with friends by default

JavaJester
Meh

Media Server?

Never really saw the point of those things. Linux or Windows with a read only SMB/CIFS share and VLC to access it works beautifully. You even get your chapter markers supported right of the box.

Amazon to staff: Come into the office – it'd be a shame if something happened to your promotion

JavaJester
Stop

Improvement Plan for Company Culture and Morale

Our plan to improve our company culture and morale is to fill our office with people who don't want to be there.

Yes, this is really how dumb it sounds. If you are doing this, stop it at once before you completely destroy what's left of your workforce morale.

FBI Director: FISA Section 702 warrant requirement a 'de facto ban'

JavaJester
Stop

Terrorists and Pedophiles and Violent Criminals (Oh My!)

Cue the standard fearmongering that these powers are all that stand between us and a lawless hellscape. Just think of the children.

My prediction is the government will continue to give itself a free pass on the fourth amendment search and seizure requirements, and the courts will continue to pretend it is OK. For our own good of course. And for the children.

EU lawmakers scolded for concealing identities of privacy-busting content-scanning 'experts'

JavaJester
Stop

Almost as Dumb as Commanding the Tide Not to Rise

Did we learn anything from GSM's A5/1 debacle? You can either have strong confidentiality or interception capabilities. Much like unicorns, both simultaneously do not exist.

What's unconstitutional about Google keyword search warrants? Nothing, says Colorado Supreme Court

JavaJester

Prohibitions against General Warrants Meaningless

The US constitutional prohibition against general warrants is meaningless. As long as a piece of data can help an investigation, the warrant will be granted the volume of data be damned. A reverse keyword request that matches billions of people isn't even close to the standard of "particularly describe the place to be searched and the persons or things to be seized" as specified by the 4th amendment.

‘How not to hire a North Korean plant posing as a techie’ guide updated by US and South Korean authorities

JavaJester

Geolocation Matching Address?

Unless the laptop has GPS, that won't work reliably. I've had my "location" (egress point of ISP to the internet) be anything from a few to over 100 miles away depending on where I lived and the ISP in question. Let alone trips to the coffee shop because electrical work that impacted me was being done. I suppose it could be effective to detect someone coming from a completely different location, such as someone claiming to work in the US suddenly showing up in North Korea, but not reliable enough to rely on a perfect match.

Take Windows 11... please. Leaks confirm low numbers for Microsoft's latest OS

JavaJester

Windows 10.5?

I understand Microsoft's goal of wanting to make the OS and underlying hardware more secure. Here's a compromise: All new computers get Windows 11. Aging hardware that isn't up to scratch for the new hardware requirements gets "Windows 10.5" which is Windows 11 sans the new security hardware requirements.

Microsoft and laptop manufactures can continue to crow about how much more secure Windows 11 is, and perfectly good hardware is not chucked into the landfill due to a diktat from the Microsoft Overlords. Of course, this will never happen because it is far to sensible.

UK government slammed for Palantir 'free trial period' deal in Ukraine housing scheme

JavaJester
Stop

Poisoned Chalice 101 - Give It Away

The procurement folks should have known that no company works for free. Any offer of a free system will come with a healthy portion of vendor lock-in. Either the procurement regulations failed to mitigate this risk, or they were ignored. Either is unacceptable.

When does tackling pandemic misinfo become censorship? US courts argue it out

JavaJester

Schrödinger's Government Social Media Moderation

When the Federal government tries to influence Social Media content moderation policies for COVID-19, it's not OK. When States pass laws to control Social Media content moderation policies, it's OK. The court wants the government's influence on Social Media moderation to be alive and dead simultaneously.

The Pentagon has the worst IT helpdesk in the US govt

JavaJester

Helpless desk

The first time I heard the term "helpless desk, I worked as a contractor for the DoD. At a time when 6-8 GB RAM was commonplace for midrange phones, we were stuck using 32-bit Windows systems with 3 GB RAM usable memory. The machines had 4 GB but alas only 3 were available due to using 32-bit Windows. Starting up the IntelliJ IDE was an exercise in zen-like patience as it took at least 30 minutes to start if it started at all. If you were fortunate enough to get the 2-year-old* IDE to start, the aforementioned zen-like patience was required to wait for it to register your keystrokes. It was unusable. The "helpless" desk could do nothing to assist. Much like the widow to the unjust judge (Luke 18:5), we complained to management nonstop about the systems. To management's credit, they eventually communicated our pain high enough the chain that we got Fedora systems with 8 GB RAM. Although not awesome, they were usable.

Part of the problem is the DoD spends money on the wrong things. Think paperwork and manually created reports that have inaccuracies that would be concerning if anyone read them. It is more forgivable to produce a barely functional system with comprehensive process documentation than a flawless system with documentation that is wanting.

* I found a DoD STIG (security regulation) that forbids using unsupported software. I pointed out to the security folks that the version of the IntelliJ IDE we were mandated to use was not supported and therefore violated DoD policy. They begrudgingly admitted I was right and allowed us to use the most recent version of the IDE. One of the few victories I can claim for fighting the madness that is the DoD development environment.

Elon Musk yearns for AI devs to build 'anti-woke' rival ChatGPT bot

JavaJester
Stop

Artificial Ignorance?

Sounds like this product, if it ever comes to be, should be called Artificial Ignorance?

What DARPA wants, DARPA gets: A non-hacky way to fix bugs in legacy binaries

JavaJester
Alert

Double Edged Sword

Miscreants will also gain this increased ability to modify executable code. Security research should be done in parallel with this.

80% of execs regret calling employees back to the office

JavaJester
Stop

Re: Idiocracy

The real idiocracy is thinking that chasing off your top performing employees and demotivating what remains is being a good steward of company resources. The employees have told them in no uncertain terms that they do not want to return. Good managers will listen to their employees. The winners will either sell, lease or figure out how to utilize the real estate profitably. As an example, the company I work for has converted empty cubicle farms into manufacturing capacity. They have insourced all of their manufacturing and do manufacturing for other companies. What used to be a cost center is a profit center. That is good stewardship of company resources. Not this quixotic quest to drag employees in.

Google launches $99 a night Hotel Mountain View for hybrid workers

JavaJester
Stop

Demotivating Employees with RTO Diktat Is Not a Good Use of Real Estate

Your top performers will flee. What's left will be demotivated. Your output and morale will suffer. What a terrible use of the company's real estate assets. The employees have spoken. You should listen to them. You lack metrics showing that in office performance is better. If you had such metrics, you would shout them from the housetops not hide them under a bushel. My prediction is: years from now business schools will be using the RTO push as a cautionary tale of how more adaptive companies prosper by finding profitable uses of their unoccupied real estate while ones stuck in a more 20th century mindset are left behind.

Google's next big idea for browser security looks like another freedom grab to some

JavaJester
Stop

Another Elephant in the Room - Accessibility

Accessibility by its very nature alters the workings of the browser. Will adopting this proposal hobble accessibility by only allowing "official" accessibility functionality? Will the web become less useful to those who have accessibility issues such as poor vision? What incentive will third parties have to innovate when their work will be disallowed by the Ministry of Truth's new browser validator?

LG to offer subscriptions for appliances and televisions

JavaJester
Stop

Black Mirror episode "Subscription"

This is a Black Mirror episode that writes itself. Our hapless protagonist loses his credit card and has to report it stolen. By an amazing coincidence, his smart subscriptions all renew later that day on the lost card. His refrigerator shuts off leaving food to rot, his smart bulbs stop working leaving him in the dark, he can't start his car, his stove, washer, dryer, etc are all dead.

Let there be light ... based wireless networks: LiFi spec OK'd as Wi-Fi complement

JavaJester
Meh

Two Telescopes?

The field of view issue for seeing the uplink and downlink can be overcome by using two telescopes assuming a line of sight to both of the devices.

You're too dumb to use click-to-cancel, Big Biz says with straight face

JavaJester
Thumb Down

Re: How hard can it be? Ask Comcast

When I cancelled Comcast, I had to wait for them to call me. After explaining that yes, I really did want to cancel the finally "let" me cancel. The whole thing was ridiculous. I was not under any contract with them which is another thing the FCC / FTC should take a hard look at. With more competition finally starting to emerge in the broadband market (at least where I live -- I have a choice of 3 providers), the incumbents jack up their regular prices and then offer you a "big discount" if only you agree to stay with them for 1-2 years.

Open the pod bay doors, GPT, and see if you're smart enough for the real world

JavaJester
Mushroom

We should, within our limitations as humans, act responsibly.

In other words, we are doomed. Much like a chain's weakest link, the worst people capable of getting this thing running will set the bar for how it is abused. A terrifying thought.

Page: