Posts by TFL 33 publicly visible posts • joined 5 Jan 2016
A gaggle of us at one workplace got into the whole SETI thing for a bit,easy enough since we had full access on our workstations.
There was a Windows admin guy who started to get persnickety about it, not there was a policy against it. He was well-meaning enough, but not too bright.
One of our more creative engineer-types came up with the idea that running the SETI client was actually beneficial for the hardware longevity, because it reduced the physical expansion and contraction in the CPU due to thermal cycling. Brilliant!
I worked for a company that used a terrible issue-tracking system. I've probably blocked the memories of what made it terrible, but finally, it seemed likely to go away.
It fell over completely one day, and a wag noted that the ticket ID numbers had been approaching a bit under 33000. Yep, turns out they'd used a signed, 16-bit integer for the ticket ID. I thought for sure that we were finally rid of it, but sadly, they fixed that issue.
I'm more familiar with the open source Apache CouchDB project, but think the ideas are similar enough to hazard a guess at how it would work.
Mobile clients would likely connect to a central server, which could be self-hosted somewhere. Watch for updates, and sync up any new items from the mobile side, which the central server could then replicate to any other mobile clients.
Couchbase seems to have a bunch of information on their site though, perhaps more useful to read there than make strangely worded implications above.
Also of interest: https://stackoverflow.com/questions/5578608/difference-between-couchdb-and-couchbase
At my volunteer fire department hall, we recently were able to "dispose" of ancient emergency supplies, presumably cached in case the cold war heated up all the way here on the coast of Canada. Everything had been crated up for nigh on 60 years, still as good as new.
Much of the equipment was aimed at supplying a small field hospital, M*A*S*H-style. Cots, surgical tools, and large tins containing packets of crackers. I volunteered to eat one as a test.... while still technically edible, these never would have been considered "good." They were clearly meant to be standardized carb calories and nothing else, the tin was even labelled as how many calories per packet.
I got to tour a research place some years back, where they used MRI and other devices. We didn't have to change clothes, but there was a very detailed going-over for anything metallic, to be left back in the meeting room. "Oh, and please let us know about any medical implants you may have before we go on..."
I would *love* to see how an iframe running on someone else's site could lead to a database on my site getting leaked all over the net.
The likely explanation is a SQL injection on their own site, as someone viewing it in an iframe should not have any extra privileges on the guntrader's own site where the code runs.
My son in law fell in our ephemeral (seasonal) pond last year, when the jerry-rigged bridge collapsed.
He couldn't find his phone, figured it was toast.
Once the pond dried up a couple months later, he went and dug it out of the muck. Took a while before the speaker and microphone worked properly, but in the end was usable.
I can't say that I disagree, at least to the extent that this behaviour seems to have become the norm these days.
To the extent that there may be benefits in using some of these other services, could devs not simply white-list only the things that are allowed? Defining these things should be a matter of doing it once (for a site, say), and serving up the expected headers on every damn page as part of whatever templates are used.
While each specified hole adds some element of risk, the process of documenting that arrangement and those risks should suffice with minimal maintenance.
There will be a certain set of marketing folk who will scream bloody murder of course, since they're likely responsible for having dozens of trackers and ads attached to a site, but TFB.
I think there's some benefit in promoting alternatives, including the Chromium-derived ones where it makes sense. For example, I use Vivaldi when I run into sites which seem to demand "Chrome", and it generally works well. For everything else, I still have Firefox as a generally-great default.
My ISP (and employer, as it happens) sees one device attached to the router, and none via Wi-Fi. The one device is a firewall, and all the real stuff is behind that.
Sure, they could run some equivalent of Kismet to see what's around, but it won't tell them too much, and nothing they need to know in order to keep the pipe running.
I was on a co-op work term in uni, when I found out that X programs could as easily write on another display as one's own.
A fellow co-op student was parked in the server room of this Canada gov ministry's computer room, so I'd routinely send the nastiest pics to his HP workstation display. Usually strongly unattractive people, sans clothes. Especially due to the lack of privacy, he learned to keep a large window open that he could immediately bring to the front on his screen, then calmly deal with the offender once he was sure nobody was looking.
I lived nearby-ish, in Winnipeg at the time. The news was certainly memorable. A couple things really stood out then, and are mentioned in the article.
- The captain was also an experienced glider pilot, using glider techniques to pull it off.
- Subsequent attempts by others to carry this off in a simulator all failed. Maybe some since, who knows?
I used to work for a security consulting company, where government work required quite a bit of physical security. This meant things like proximity cards everywhere, with a man-trap at the main entrance, and cameras covering all but the washrooms. There was also this eerie background mumbling noise from speakers, to make it harder for other building tenants to listen to conversations.
We had a couple fun incidents that come to mind, with being located in the inner city. Once, a couple of inebriated glue-sniffing gents managed to tailgate as far as the man-trap, where they got stuck. No way in or out, no windows, and just enough room for the two of them. Eventually they noticed and used the blue fire-style pull station that was used for emergency egress, while also setting off the alarm. Needless to say, our people had a great time checking out the camera footage later.
A couple others got into a basement break room, since the windows turned out to be not built to spec. The outer glass could be broken of course, but the plastic sheet on the inside could also be pushed in at the bottom to get in and drop down. They proceeded to ransack the place, leaving blood everywhere due to the broken glass on the way in. One was hanging on to the ceiling projector and trying to yank it off, when he saw the camera. They did manage to get out, but it took a while because that plastic sheet had again flexed back into place, not leaving anything to grab it by.
How often does that get used in practice? Keeping something powered up is certainly a thing if they can do so, but the chilled-RAM would depend on getting access to the innards pretty quickly if the suspect got it powered down fast enough.
I do seem to recall reading about some guy who got raided, who had been using a battery-less laptop in a university somewhere. Don't recall if they got a conviction, but he'd had the cord yanked out before they could stop him.
This is something that the group I work with actually has worked out. We're part of a fairly large org, with security people in many roles. Ours is essentially internal consulting, where projects come to us for review. Sometimes even before they've done what they wanted.
PMs are still used to the idea that we approve things, but we don't. We identify risk, document it, and there is a process (still evolving) where this risk is formalized. If needed, the business people are responsible for fixing the problem identified, or accepting the risk.
Speaking of non-complete clauses, it's amazing what an employer might try to stuff into a contract.
I was working for a company with a detailed, mostly-reasonable personal employment contract. All well and good, but then said company got acquired by a similar org a few provinces to the right.
After mostly dismantling and throwing away the human and intellectual capital, said org sent out new contracts, along with some bit about "please sign by Friday." Where the old contract essentially forbade me from working with competitors (or poaching colleagues or customers) for a year, the new one more or less would block me from working in my entire field for the same period of time. I told them I'd have to review with legal counsel, and did.
Never did sign that contract. They got enough pushback on this tripe that they said they'd re-work it, and then I moved on per the old contract that was still in place.
Probably because they're common default ranges, so that barely-configured devices have to be specifically set up to talk on the intended network. If the given ranges are used, the device with next to no configuration might be connected without anyone paying attention or having applied any of the other hardening recommendations.
Well, I kept a little Windows partition, basically for iTunes and a couple games. The vast majority of the time it's Linux Mint... again, back to having a stronger element of control.
Sure, I could have paid to have the main board replaced on the MBP ($700CAD), right after dropping $300 for the battery replacement that also requires replacing the keyboard, trackpad, and case top. Because you know, gluing it all together is just peachy when one thing goes. The main board is probably mostly-good too, but the charging circuit died. I couldn't even pay for a main board with more soldered-in RAM, because Apple will only do like for like replacement. Yes, I'd be paying for the part, but there is basically an inflated price and then a "discount" unless you get precisely the same part.
If I had had the repair done, it still would have left me with an out-of-warranty, never-upgradeable laptop with some stuck pixels in the display. This new one is warrantied *and* I can get in there myself to do upgrades, imagine that! Oh, and built like a tank.
Sure, they could make it thicker, upgradeable and all that. Of course, then it's a ThinkPad, which is what replaced my dead MBP. I went the full "mobile workstation" route, with a P50. Multiple drive bays, three empty RAM slots, *lovely* keyboard. I don't give a rat's ass that it's thicker or heavier, it works better.
Oh, and I even found an adapter to take the Apple-specific SSD, to put it into a small enclosure to create effectively a SATA-compatible laptop drive. That's in the ThinkPad now as another 500GB that was just going to sit idle in the dead Mac.
That extortionate price is due to replacing not just the keyboard, but the other bits that are glued together too. Top case, keyboard, track pad, and battery are probably all together.
I needed a battery replacement on my late-2013 Retina MBP, and that's what got replaced. Then the main board died days later.... so I bought a ThinkPad instead of dropping another $700CAD fixing the Mac. Now I've got an awesome keyboard, parts replacement I can do myself, and in this case, can add RAM and more storage at will.
I got one up to 45 minutes, and thought to record the last half. Escalated through several people, before the last one called me an asshole and hung up.
The approach I took was:
- Attempt to play along on Linux.
- Don't advertise that it's Linux, but would tell them if asked. No one did.
Wow, you got an update? (OK, one that was terrible, but I digress). I never did for my My Book, perhaps I bought it too late in its intended product life span. The box still works, but it's always been a shit show for internal VA scans I've run. I think the next will be FreeNAS or something that at least I can support myself.
I'd love to have turtles all the way down, with all that introspection magic that you have in Common Lisp these days. The RPi and friends won't have hardware help for lisp code, but may be fast enough to get a feel for the idea without buying an expensive, mini-fridge beast on Ebay.
I suppose Squeak is the closest to the idea now for running everything in one image, but implementations such as Clozure Common Lisp do work fine on the Pi.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
