* Posts by SotarrTheWizard

105 posts • joined 14 Jan 2016

Page:

BOFH: But soft! What light through yonder filing cabinet breaks?

SotarrTheWizard

Re: Hilarious!

Don't laugh. . . . One gig, we were dealing with late-90s Sparc Ultra 5s. . .running our firewalls. . . in 2005. Between the SparcStations, the Ultras, and the newer rackmounts, for a time, we were running everything from Solaris 5.6 (as I recall) to Solaris 9. . . .

REvil ransomware gang's websites vanish soon after Kaseya fiasco, Uncle Sam threatens retaliation

SotarrTheWizard

Re: Crossed the hallway

They can re-brand all they want. Unless they use an entirely different bag of tricks, and especially their code, their signatures would be mostly unchanged. And thus, easy to see that they just re-skinned under a new name.

Microsoft names Chinese group as source of new attack on SolarWinds

SotarrTheWizard

Re: Rarer than unicorns?

Not out of the box. Potentially, if flashed with DD-WRT or OpenWRT. . . but J. Random User lacks the knowledge, much less the skills to do so. . .

Otherwise, the only secure consumer routers are still in their original boxes, sealed and shrinkwrarr

America world’s sole cyber superpower, ten years ahead of China, says Brit think tank

SotarrTheWizard
Mushroom

As noted. . .

. . . .this is looking at national-level activities. As in, run by your local flavor of .gov.

But, overall, while .US may have a massive offensive cyber infrastructure (at least I hope they do, if not, why am I paying taxes for "Cyber Command" ??? ), defensively, we're crap.

The best allegory I can think of, is World War 2 Tanks. The US is a German Tiger II Panzer. Superb gun, amazing armor, technologically sophisticated. . . . and breaks down every 20 miles or so.

As opposed to the Russians, Chinese, etc, who bring massive fleets of T-34s to the field. Because Quantity has a Quality all its' own. And they rely on constantly Zerging targets. . . .

Microsoft releases Windows 11 Insider Preview, attempts to defend labyrinth of hardware requirements

SotarrTheWizard
Trollface

Re: Windows 11 hardware requirements

. . .Because Running with Windows is ***far*** more dangerous than Running with Scissors (evil grin)

The world has a plastics shortage, and PC makers may be responding with a little greenwashing

SotarrTheWizard
Boffin

Re: The world has plenty of plastic

According to several studies I've seen, the top oceanic plastic polluters are China, Indonesia, and the Phillipines.

Source: https://www.statista.com/chart/12211/the-countries-polluting-the-oceans-the-most/

I've also seen reports that put Phillipine rivers as the worst individual offenders:

https://ourworldindata.org/ocean-plastics

And people wonder why I have a Filabot. I don't even need to buy plastic pellets to feed my 3-d printer, most months. . .

SEC still digging into SolarWinds fallout, nudges undeclared victims

SotarrTheWizard

Re: Team of 1000

. . . or that there was a lot of copy-pasta of stolen code in the exploit. . .

Good news for pentesters and network admins: US issues ransomware guidance asking biz to skill up security teams

SotarrTheWizard
Trollface

And gee. . .

. . . .with all this supposed demand for Cyber experts. . .you'd think pay would be going up.

You would be wrong. . .

The common factor in all your failed job applications: Your CV

SotarrTheWizard
Trollface

The ones that really bother me. . ..

. . . .are the pimps^h^h^h^h^h recruiters who demand to talk about your feelings and who you are as a person. Especially when you look up the vegetable-that-walks-like-a-man on LinkedIn, and found that only a few months before, they were running a Payless Shoe Store, or were a "Customer Service Manager" at a car rental firm. or, best of all, were a "Banquet Captain" at some Event Facility.

And then you find out about the ridiculous fees that the pimps charge companies that they procure for. . . . .

Ransomware victim Colonial Pipeline paid $5m to get oil pumping again, restored from backups anyway – report

SotarrTheWizard

Re: Maybe a new BOFH story here?

. . .that's a lot of Onion Bhajis. . . .

SotarrTheWizard
FAIL

Once you pay the Danegeld. . .

. . .you never get rid of the Dane. . . .

Colonial Pipeline was looking to hire cybersecurity manager before ransomware attack shut down operations

SotarrTheWizard

Re: Maybe not

Tell me about it. The C-suite demanding admin access to their boxes, and the ability to install any software they want.

Marketing demanding that they can access their personal email via a webmail client.

BYOD.

Need I go on ??

Uncle Sam wants 'ethical hackers' to crack its planetary defenses, but don't expect a pay-day from this bug bounty

SotarrTheWizard
Trollface

Re: Why does the Pentagon spend more on seafood than bug bounties?

Sounds phishy to me. . . .

Atheists appeal to higher power for intercession over alleged sins against privacy

SotarrTheWizard
Trollface

In related news. . . .

. . . the People's Front of Judea is suing the Judean People's Front. . . . (grin)

Biden's $2tn infrastructure plan includes massive broadband rollout, equates internet access with water and power as essential utilities

SotarrTheWizard
FAIL

Re: Joined up thinking..

I just escaped Comcast in .us several months ago. They're quad-play, at least supposedly, But I don't know anyone who actually uses Comcast Mobile. . . .Doesn't stop them from having truly epic levels of FAIL. . . .

SpaceX small print on Starlink insists no Earth government has authority or sovereignty over Martian activities

SotarrTheWizard
Trollface

Re: What a surprise

. . .and are they sending their crack Suicide Squad ??

SotarrTheWizard
Alien

Re: Rama continued

The question is. . . . is Elon vulnerable to the Indian Love Song, as performed by Slim Whitman ?? Or has he been developing an immunity ??

SotarrTheWizard
Mushroom

Don't mess with Mars. . . .

. . . Or Elon and his pals will pull out an Eludium Pu-38 Explosive Space Modulator. . . .

. . . .and then there will be an Earth-shattering Kaboom!!! ;)

UK watchdog fines two firms £270k for cold-calling 531,000 people who had opted out

SotarrTheWizard
Mushroom

The problem is obvious. . . . nobody is using the required TPS Report Cover Sheets.. .

. . . .Apparently, they didn't get the memo. . . (grin)

CERT/CC: 'Sensational' bug names spark fear, hype – so we'll give flaws our own labels... like Suggestive Bunny

SotarrTheWizard
Trollface

Many years ago. . . .

. . . I ran a SOC team, and we were constantly seeing indicators of possible, or failed attacks. And, by contract, were supposed to report each and every one on initial detection. Which generally resulted in manglement reacting in typical spring-loaded fashion.

We ended up designating "possibles" as FLUFFY BUNNY incidents, and the disposition went to two categories: Actual attempts with any degree of success became WASCAWWY WABBITS, and all FLUFFY BUNNY incidents proven to be false alarms or unsuccessful were listed in the daily FUDD report.

In the 15 months I ran that shop, only one mangler realized that we were doing it, because they went all Looney Toons over the slightest issue. . . (Grin)

Trump's official campaign website vandalized by hackers who 'had enough of the President's fake news'

SotarrTheWizard

Re: A sign of the times

I will note beheadings in .us, .uk, and .fr, all within the last year or two. Charlie Hebdo, and again with than concert in Paris. Trucks running down pedestrians. Bombings.

Let me know when we get similar activity from the "Christian Fundamentalists". . . .

SotarrTheWizard

Re: A sign of the times

It used to be ~40%.

I also will be polite and not point out the large, bearded elephant in the room with a Kalishnikov. But the French will. . .

SotarrTheWizard

Re: A sign of the times

Really ?? Looking at a particularly overblown novel as the future pattern of .us ?

If you haven't noticed. Evangelcals have nowhere as much of the political push as they had in the 1980s. when the "Moral Majority" and "Christian Coalition" were ascendant in Republican politics. . . .

People identifying as 'religious' are down, as well as membership in churches. . .

I can 'proceed without you', judge tells Julian Assange after courtroom outburst

SotarrTheWizard

Re: The Much Bigger Picture Show ....

Why, indeed ? Because it's the law: the 2003 US-UK Extradition Treaty, as ratified by the 2003 Extradition Act, as passed by Parliament, and ratified on the US side by the United States Senate in 2006.

Extradition treaties and agreements are generally between 2 nations, and "international norms" do not apply.

Ink tanks park themselves all over the lawns of Western Europe as orders flood in

SotarrTheWizard
Childcatcher

Even so, the Printer Manufacturers will still zap you . . .

I had the same (major brand redacted so they won't lob a sueball at me . . ) Multi-function Inkjet with photo printing capability as the home network printer for 5+ years. Output was indistinguishable from a laser, wife needed the photo printing for her freelance graphics work, and we all used the onboard scanner.

One day a message pops up: print head is end of life, return printer for servicing . It also informed me that I could download a special utility, with my registered owner email address and the printer serial number, which would allow a generous 50 more pages to be printed. Downloaded and ran, and would get a countdown popup for every page printed.

Called the 1-800 number. . . which, of course, was closed outside of business hours and on weekends.

Eventually found out that the nearest service location was several hundred miles off, the price was more than I had paid for the printer in the first place, and, oh yes, the turnaround time was between 60 and 90 days. . . .

Went out an bought a replacement printer (of a different brand) for less than they wanted for the repair.

And then the wife, daughters, and I, took it out to the back yard, and re-enacted a certain scene from "Office Space". . .

We've reached the endgame: Bezos 'in talks' to turn shuttered department stores into Amazon warehouses

SotarrTheWizard
Mushroom

Drones, you say ??

But enough about the workers in the Amazon Distribution Hives, excuse me, Fulfillment Centers. . . (grin)

Apple was the only Fortune 50 company to foresee COVID-19 pandemic risk and properly insure against it – Forrester

SotarrTheWizard
Mushroom

Re: Things we can prevent and things we can't

Long before I did IT, I was a Geologist, at least by training. The Yellowstone Caldera "clock" is an average, as I recall, one of the intervals was ~960K years.

The interesting one is the Continental Glacial Advances, we're still in an Ice Age, and geologically speaking, the next one is due Real Soon Now. Admittedly, that's in a Geologic time frame, which translates to "any time in the next 5-10K years, beginning yesterday. . . "

Which makes the current Solar Minimum of special interest: do we get another "Little Ice Age". . . or a big one. . .

SotarrTheWizard

. . .and yet people are freaking over COVID. . .

. . . with an infected death rate of ~0.6%, simply because the overall numbers, while horrible, are constantly being reinforced by personal examples in the media. Yet, compared to the Spanish flu, those are small numbers, and while slightly more deadly than the 1968 Flu Pandemic (H3N2), yet significantly less deadly than the 2009 H1N1 Pandemic.

I suspect that the now ubiquity of the Net and Social media is a big part of that driver . . .

Is it Patch Blues-day for Outlook? Microsoft's email client breaks worldwide, leaves everyone stumped

SotarrTheWizard

Effing Micro$oft. . .

. . . .had to uninstall Office. . . then use the M$ Uninstall clue, and steam-clean all of Orifice off my box. Then re-install from DVD. 2 hours wasted. . .

IBM job ad calls for 12 years’ experience with Kubernetes – which is six years old

SotarrTheWizard

I've seen worse. . .

. . . like the requirement for 6+ years experience with Windows 2000 Server. . . .in 2001, roughly 18 months after it went RTM. . .

Then again, I've long since given up on HR Staff having IQs above room temperature. . . . in Centigrade. . .

PC printer problems and enraged execs: When the answer to 'Hand over that floppy disk' is 'No'

SotarrTheWizard

Re: Ah IT 'managers'

Then there are the other kind. I had a .gov IT manager who was **proud** of the fact that he no longer did anything "technical" on computers. The last time he had done so, he was coding COBOL. . .on punchcards ( this was circa the year 2000)

The girl with the dragnet tattoo: How a TV news clip, Insta snaps, a glimpse of a tat and a T-shirt sold on Etsy led FBI to alleged cop car arsonist

SotarrTheWizard

Incidentally, at least in .us. . .

. . . . the FBI has added tattoos, scars, and marks to it's "IAFIS" Fingerprint/ID system. How do I know ?? 15 years ago, I was on the Requirements team, and helped to write the Requirements Traceability and Validation Matrix document.

So, cops using tats for identification has been standard technique in .us for at least 10 years. . .

SotarrTheWizard

Re: Tut....kids today....

Considering the stunning naivety of most people, relative to security, much less deception and maskirovka, is this surprising ?

Maersk prepares to lay off the Maidenhead staffers who rescued it from NotPetya super-pwnage

SotarrTheWizard
Mushroom

. . .and then companies have the utter gall to complain about lack of employee loyalty. . .

. . . forgetting that what comes around, goes around. . .

Roses are red, IBM is Big Blue. It's out of RSA Conference after coronavirus review: IBMers will not attend infosec event over 'health concerns'

SotarrTheWizard
Trollface

Re: Viruses at conferences

. . .or you had Durex anti-virus. . .

Call us immediately if your child uses Kali Linux, squawks West Mids Police

SotarrTheWizard
Happy

Re: I told my Dad I use Kali

4 was interesting: layers of a dollhouse. . .

SotarrTheWizard

Re: I told my Dad I use Kali

Quite the firewall and intrusion protection. . . or you simply didn't raise privilege enough to access her resources ???

SotarrTheWizard
Trollface

Re: Be a government informer! Betray your family and friends! Fabulous prizes to be won!

Indeed. Ask Libby Hoeler. . .(evil grin)

SotarrTheWizard
FAIL

Re: Be a government informer! Betray your family and friends! Fabulous prizes to be won!

What, it's not the "permanent record that will follow you throughout your life" that my elementary school teachers kept threatening me with ???

SotarrTheWizard
Trollface

Re: Be a government informer! Betray your family and friends! Fabulous prizes to be won!

Well, they're certainly smegging idiots. Probably even have a member of the Rimmer clan on staff. . .

Artful prankster creates Google Maps traffic jams by walking a cartful of old phones around Berlin

SotarrTheWizard
Trollface

Re: Can't stop smiling

Break them up in groups of 5 or less, mount on drones. . . .each hovering ~10-20 meters off the motorway.. . .both sides.

And then send them moving AGAINST traffic. . .

Five years in the clink for super-crook who scammed Google, Facebook out of $120m with fake tech invoices

SotarrTheWizard

Hey d00d!!

We lerns gud in Murica!!! And we gots the self-steem awards to prove it!!

(Note: and this is why we homeschooled our children. THEY can read and write, do math, and know actual history. The oldest is the de-facto helpdesk at work: Helldesk comes to HER when they're stumped. Both also code far better than I do. . .)

You leak our secrets? We'll leak your book sales, speech fees – into our coffers: Uncle Sam wins royalties fight against Edward Snowden

SotarrTheWizard

Well the obvious solution. . .

. . . is to go check ThePirateBay or other torrent site. I'm sure it's there already. I remember the last time a country tried suppressing a book: the UK banned a book called "Spycatcher", late 1980s.

https://en.wikipedia.org/wiki/Spycatcher

It eventually, did not succeed. Not that I have much interest in Snowden's book, but all the current actions will do is de-monetize it. . .

US senators green-light recruitment of crack infosec teams, both public and private

SotarrTheWizard

Re: Except, of course. . .

. . .some of us already have one. You still wait months for it to "cross over". And if you're particularly lucky. . . .then you get scheduled for a session on The Box.

Which is an order of magnitude MORE joy, because apparently older folks, IT folks, and people with medical issues are nearly impossible to get a solid read on. . . so you get re-scheduled to take it again, a month or three later. . . and it's back to the off-site meeting room in the meantime . . .

SotarrTheWizard
FAIL

Except, of course. . .

. . . . the Federal hiring process is so long and involved, that by the time you get to an interview, it's a year or more later. . .

I can recall finally getting called on a "critical fill" infosec position. . .18 months after applying. . . .

Wake me up before you Gogo ... so I can jump out: Kenyan MP takes on aeroplane flatulence

SotarrTheWizard

. . .or not rapidly.

Way back when, I flew jets for the USAF. The FIRST portion of Pilot or Navigator school is Aerospace Physiology. All the lovely things that happen to the human body at altitude. Farting is just the start. And the 8,000 foot cabin altitude of civilian jetliners is easy: military cabins are typically at 10K feet pressure altitude.

We learned, early on, which foods produce the most gas, and more importantly, which ones make you sleepy. And, as part of the training, we did altitude chamber "rides". Trust me, when you re-pressurised to 8-10K after everyone being on oxygen and cabin altitude at 38K, it was enough to gag a maggot. . .

Equifax is going to make you work for that 125 bucks it owes each of you: Biz sneaks out Friday night rule change

SotarrTheWizard

Re: Find something wrong? Equifax has a product for that

Not really. I got zapped by the US Gov OMB hack. . . their monitoring and "repair" service is absolutely worthless. But it gives me near-weekly updates on any registered sex offenders within ~20 miles. A feature I neither wanted or needed.

When someone tried to open an account in my name, I got a warning from the BANK, who thought it dodgy. It took a MONTH for the OMB "MyIDCare" to even show the queries.

SotarrTheWizard

Re: I know what we can do, call the Consumer Financial Protection Bureau

If you think ***ANY*** President controls the Bureaucracy, I have some shoreline property in Florida to sell you. . .

If you could forget the $125 from Equifax and just take the free credit monitoring, that would be great – FTC

SotarrTheWizard
Thumb Down

And now comes the waffling. . .

. . . just got email from Equifax. I now have to PROVE I have Identity Theft protection, or accept theirs. And the payout will, ***SURPRISE** be lower.

To quote:

"Because of the number of individuals who have selected the alternative compensation cash payment, the amount you receive may be substantially less than $125.

Click this box if you want to keep the alternative compensation cash payment. Your payment may be substantially lowered, depending on the number of valid claims filed.

In order to verify your claim, please provide the name of your credit monitoring service that you will have for at least the next six months:"

SpaceX didn't move sat out of impending smash doom because it 'didn't see ESA's messages'

SotarrTheWizard
Trollface

A pity Elon doesn't use spray tan. . . .

. . . . then we could all say. . .

ORANGE MUSK BAD. . . .

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021