Posts by greenwood-IT 47 publicly visible posts • joined 25 May 2016
Everyone agrees that MFA is great for security.
However, spare a thought for the tech who often ends up with a buggered PC and needs to access the users system. Either the device is taken to a remote workshop or it's accessed remotely - but how do you then enter your clients fingerprint or text received on their phone? It may be more secure, but IT Support will suffer.
So, if I create a deep fake porn image of a politician, I need to register that fake (with the CR) on the Adobe Cloud. Then when I share it online, obviously with the metadata removed, it can be detected. That sounds like it's going to work, and I can't think of any way around that :-(
Also, if I grab a copy of an old photo of the Mona Lisa and upload it to the Adobe Cloud today, will that mark ALL global copies of the Mona Lisa as dodgy copies?
This is going to be so much fun.
20 years ago, a small team developed software to deploy, upgrade and manage 2,000 servers, 50,000 PCs and 8,000 CAS machines. We upgraded every end point almost monthly and overnight.
Who is this company that's paid millions to upgrade 300 machines on a weekday between 9-5? Who manages this project, do they have any previous experience?
I'm 20 years out of date, but could probably still do a better job from my laptop sat in bed!
"Project gigabit" another project that will just die off before completion.
What happened to the "Universal Service Obligation", I still have clients stuck way below that threshold but ISPs are ignoring it.
What happened to 4G, I have clients who can't get it, and now are being told 3G is being turned off with no plans for 5G in the area.
Roll out within 12 months from a standing start - no chance. Trooli and giganet have been messing in my postcode for 3 years and it's still not fully available or working!
75% of that "investment" will go on paperwork anyway.
How about we delay the age verification bill for a few years?
By that time, the children we're trying to protect will have grown up and be over 18. Problem solved :-)
Why are we removing responsibility from the parents? Supervision, discussion and Parental Control software does actually work. In comparison, look at the eScooter rental situation with children under 18 driving in the streets - how is the age verification via driving license working there?
I keep being told by "influencers" that it's a "real job", so I'm guessing that if the government accepts it as a real job, and they pay taxes, then they may be right :-)
Interesting point about the $1,000 (?) from online activities, I'll have to check my Google and Amazon clickbait payments :-o
Am I missing something? Why would a police car not just get in front of the Tesla and slow down? Surely the Tesla would see the slow moving traffic in front and stop (I really hope it would!), or did it mount the pavement and drive through the tables and chairs on the sidewalk like they do in so many American films?
I'm guessing California will now demand an SMS gateway so they can text Tesla a vehicle registration number and ZIP code, and have the vehicle self drive to the police pound :-)
If you are going to write it down, please add a date next to it or cross out the old ones. I must spend hours a week waiting for clients to flip through password books shouting out different passwords for the one login I need. Although I must admit, I enjoy trying to identify the pattern :-)
I had one client who's email address was something like xT5-4GHj!@bigemail.com and the password was Mable - I'm sure they were confused when they set it up!
This comes down to the old issue of logging into a system as "Administrator" rather than a restricted user. We all know it's wrong, but it makes coding, testing and support soooo much easier.
Everyone is rushing their development, and we know security & testing only ever finds problems and causes delays :-(
Keyless cars, what a great idea - security will be in version 2.
Haha,
Well I've stuck with a setup we developed for a 50,000 PC deployment with over 2000 sites. The router goes at .200 with clients on DHCP below, and "important stuff" on the higher numbers above. It does mean the first PC on site is .1, so names and IP addresses can match if you really want :-)
Chat soon.
"we do not hold any confidential information on any of our servers"
I understood name, email, job description, company and password were classed as personal and confidential. I'm pretty sure I can't just publish my list of contacts from my database on a web page - which is what they have basically done! ICO, do your job.
Who comes up with this stuff?
So the target is to get "high speed" to 85% of the population. That means those who live in cities or already have decent infrastructure will get even fast broadband, while those 10million who live on the end of a bit of wet string in the country will be left behind, forgotten and ignored.
I bet the "Tax break" is targeted at new technology, ie, subsidised 5G or FTTP, rather than providing a reliable 50Mbps to home & business users via DSL or a strong 3G/4G signal.
Anyone seen the UK plans for how to run 6 office phones off of a 0.25Mbps ADSL link in 2025 when there's no mobile coverage in the area?
Thanks UK planners and Government regulations.
Haha,
It definitely sounds like an OpenReach issue - so you can see why ZEN want this guy to leave ASAP. Any future ISP will have the same issue, so he'd be far better staying with ZEN and insisting that based on the contract that he's been paying, THEY need to get it sorted.
I've had problems with BT recently (not naming the product), and after months of zero support, I started "abusing" every one of their adverts on Facebook - all done very politely by just pointing out how bad they were. Within a month of my campaign, I'd got a call from someone high up who asked "if I'd had problems?" :-) He's not put me in direct touch with someone technical who actually understands the product - almost a happy ending - it's still not working correctly, but they guy I'm talking too actually understands the problem and appears to be kicking arse and getting some progress.
This article, and a lot of public exposure of the issue will do more good than writing to your MP - in fact, despite my local MP having broadband and a website, he doesn't "do" email? :-( (he does do email, but only for his friends - not for his constituents!).
Chat soon.
"The health and safety of our customers and crew is always our primary concern," a TUI spokesperson said.
Clearly their primary concern was getting cheaper software developed offshore and not fully testing it.
Out "thoughts and prayers" are with the non-UK developers and shareholders.
There's also a lot of benefit in actually "owning" a version of the software on your system.
Looking at cloud based software, or software that auto updates when it feels like it can cause more problems than it fixes. A lot of the "managed" platforms get updated with features many clients don't actually want, most businesses also hate the way the software they use, updates outside their control thus causing support and training issues.
I had one medical client who was unable to print legally required labels from their 12 label printers across 3 sites last month - all because they had "auto update" turned on as their "security policy" requires them to install "official updates within 14 days". Look at the Android issues last month as another example of lack of control and how it impacts YOUR business.
You can have Microsoft Office for £7/month or a one off fee of £70 - what are you paying for? Most users already have Email and Cloud Storage, so why pay monthly? Nobody rents their TV, Video or Fridge any more do they?
Well we have a legal requirement to print labels when we prescribe meds - and a dozen Dymo label printers all started missing life threatening details over the weekend.
The "patch" also included un-fixes for DNS and FTP, which also broke this week after the reboot.
Whoever wrote the security policy that said manufacturer released security fixes need to be applied within 14 days clearly never worked with Microsoft :-(
Don't get me started on "r" numbers (I believe r is a short for RAND() as it's somewhere between 0 and 1)
Knowing that one person has reported positive, then surely knowing how many contacts they have had and how many of those became infected, would be a very accurate way of calculating a more accurate r value? It seems so bloody obvious compared with the current dozen committees who vote on a random number that they then seem to average before saying it's somewhere between 0.5 and 0.999 but less than 1.
Erm,
Years ago (before ZIP, ARJ and LZW), I wrote a compression utility that would compress any data down to a single byte. Unfortunately I never managed to complete a working decompression method though. Maybe I should resurrect that code now - anyone got a working Vic-20 I can borrow?
So just having one maintenance system to monitor & manage all 3 networks? That there is exactly the problem, one system plugged into everything - that would be the target. Would it be so expensive and inconvenient to have a separate maintenance system for the public network?
So the porn sites will now have to "subscribe" or "register" with a central body to verify visitor ages. The porn sites will also presumably have to invest in securing their site to handle this personal data, as well as comply with GDPR (will they have to keep a copy of the personal details?). I'm guessing this will just push the porn sites off of UK soil and beyond UK Government control.
"Free Porn" - site verified dirty by UK Government and clean by McAfee
I wonder if there will be a page on gov.uk with links to approved porn sites? That would seriously help with SEO :-)
I seem to remember something about Nimrods tracking cars from dozens of miles away. Surely 30 years on a simple helicopter up high can track the drone to it's landing site? How about thermal imaging looking upwards? These things use a lot of power and need to be recharged regularly... by returning to the owner. The drone may well be streaming live video back to the pilot, listening in to that broadcast may give you clues as to where it's coming and going from. There seems to be a total lack of facts, photos and information on this. The police saying "we're confident we have it under control" when they seem to have done nothing doesn't boost confidence.
Why would someone run out of air? Surely as part of your dive plan, you will have considered how much air you need, and arranged to take enough?
If I was planning a no-stop 30m dive, say 18mins, I know a 12l cylinder will be enough - if I'm 18mins into that dive and my gauge still shows a full cylinder, I wouldn't just stay there for another 18mins!!!! This person died due to blindly trusting the artificial brain rather that their own. What happened to the buddy in this situation? If this person ran out of air much quicker than the buddy, then perhaps they should not have been diving to 30m or have had a larger cylinder.
Anyway, seeing as they sell the same models globally, what are Suunto doing for the UK divers?
Seeing as one of the rules relates to data loss, what's the position in verifying and retaining records of removal requests?
If I have someones email address on a mailing list and they phone up and ask to be removed, do I need to request a written requests and a copy of their ID to verify this is in fact the correct person making the request? How long do I need to retain a copy of their driving license? What if they then request removal of the removal request????
Oh joy!
You're missing the easy answers;
1) If IBM engineers aren't allowed to use USB sticks, then they can just outsource the maintenance to a 3rd party who do use USB sticks - ie, me! :-)
2) They can always revert to CD's for installations and upgrades, most servers do still have CD drives.
3) They are going to ban laptops, cameras, wifi, email and internet access next, that will really help improve security :-)
Chat soon.
Physical shops and businesses legally have to provide a "registered address" on their websites and paperwork, so what;s the problem with having a registered address on a business domain registration - and making that publicly visible too?
If the registration is non-business, then keep the personal details secure - if it's a business, then make the information available to all for free.
As an IT businesses I regularly have to use WhoIS to try and locate who is controlling a domain name registered years beforehand. Last month I had to track down a guy who'd sold his business, which had then changed hands again, but he had forgotten to transfer the domain - this only came to light a week before renewal. Without access to the WhoIS information in this case, the businesses could have lost the domain name and had to re-brand.
Logically I'm more interested in the common link between these banks - they all have outages at the same time???
Are they all outsorced to the same partner, are they all in the same data centre, do they all run the same codebase? Perhaps even someone has attached the UK banking industry?
As many say, we will never get to hear the truth - it would make someone high up look bad and ruin their future earning potential (in an ideal/dream world).
In the 80s when I asked why senior managers had IBM PCs and lower grades had Zenith I was told "nobody ever got sacked for buying an IBM" - I'm guessing this rule still applies for cloud based services.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
