Sitting at the desk is part of the sales process.
310 publicly visible posts • joined 6 Mar 2018
Seems like they are on board... for a price
OK, so the statement from the CEO of the utility company roughly translates to:
"We're happy to put minimum cyber-security requirements in place if you get this through Congress."
"Because if it goes through Congress, additional money will be provided for us to do so."
NB: a whole load of amendments will be added that funnel some of that money into member's districts so they agree to vote for the proposal.
Exactly, but a lot of cloud-controlled or centrally-controlled firewalls use this method.
So when your new firewall turns up with "manage from the cloud," just say no!
Alternatively, set up IP restriction (because you can - it's a firewall) if you absolutely need to be able to access the HTTPS interface remotely.
Re: OK - you curse the beancounters
Perhaps, but the IT industry includes the managers and bean-counters.
I presume a cost-benefit analysis was carried out on providing updated firmware and it didn't indicate a profit.
You can make a lot more from up-selling new kit over supporting legacy hardware.
Most of us don't have the luxury of working only with up to date kit. I provide support for certain devices that are still tied to security standards common in the IE era. They aren't public facing but still critical. Unfortunately there's never the budget to rip and replace apparently, since they "still work".
There's a reason we commonly curse out management and bean-counters on here.
Re: Ah, MCSE
I've worked with a few "crash course" graduates. They used to spend a few thousand on a two week course and then get jobs because they had the quali. Even meant they were hired as my boss at once place.
They were completely out of their depth if something didn't go by the book. And as you all know, it rarely did.
Not dangerous, Ford?
I'm pretty sure if someone could turn your stereo on full blast when you're driving it would distract you and could cause an accident.
Plus access to the ICE system could compromise phone contacts, messages, connected apps and potentially be used to compromise traffic through MITM attacks.
Re: Buffer overrun? still?
Yep, not just the copy-and-paste stuff on Stack Overflow but also examples on instructional websites and videos.
They all say something like "remember to add exception handling" or "sanitise input" leaving the implementer to do this without providing good advice on the subject.
It's easy to write memory safe C and C++, but people don't. Too busy making something work and forgetting to make it safe.
Since they mentioned Nest in the article. Thought I would mention something about their website that bugs me.
They didn't recognise my password, so I went to change it.
However, for some absurd reason they've blocked copy and paste on the password fields. Like many of you, I use a password manager. So forcing you to type in a password can only encourage poor passwords.
Expansion card issues
I think the expansion slot idea for connectors is a nice idea, but badly implemented.
e.g. on the 13in you get 4 expansion slots, so say you want USB-C (so you can charge it), another USB-C or A, ethernet and HDMI. Then that's it. Want a card reader? Sure, just swap out one of the others.
Combined expansion cards with multiple USB or HDMI+DispayPort would be better. Without combinations, it feels a bit sparse.
I don't want to have to carry around an USB-C expansion hub when the laptop should have these common features built in. Why is everything a compromise, except the price?
Re: One rule for them, another for the rest of us.
I come across a lot of people who are set in their beliefs and won't listen to an alternative argument. I don't think any particular part of the political spectrum evades this. Perhaps it's just when we see people with vastly differing views, we're more aware of it. People in general are stuck and the echo chambers we chose only make that more prevalent.
It happens to us all to a certain extent. We just need to keep learning and challenging both others and ourselves.
Nope. Those records are kept separately in government storage and only ever used together to investigation potential fraud and even then, a high court judgement would be required to unseal the records.
In theory this could be done, but in practice, it just isn't. It would be illegal. Obviously where the security services are involved, YMMV.
Re: A maze of twisty little phones ... all alike
The price difference between mid-range and high-end is huge. Unfortunately things like NFC and wireless charging tend to be only on the more expensive models and the cameras tend to be better on them too.
My latest Chinese random brand phone doesn't have any of those unfortunately (camera is appalling) but I can't justify the expense of a top-end model so if there's any recommendations for a phone I should look at, let me know.
Why would a keyboard pack a GPU and run Unreal Engine? To show animations beneath the clear keys, natch
Can you expand a little
I feel like this article is lacking information: like how to identify infections and remove. Links are fine but a little more info is always welcome considering how many of us run Linux systems. Also, some information as to how infection is achieved would be useful.
Obviously I'll do some research of my own too.
Re: I hope it was only the WiFi
Always use MAC restrictions on private WiFi (even though you can spoof your MAC address) and if you can, on any internal network. At home I run a private WiFi network with MAC allow list and a separate guest WiFi via voucher code for when visitors ask "What's your WiFi password?".
Re: You get what you order
For the UK...you must stop and exchange details if there is damage to property (not necessarily insurance if you are handling it privately) and you must inform the police if there is suspicion of injury or a driving offense. Anything else is just bluster.
From the Met:
"You don't need to report a collision to the police if you've exchanged details, nobody was injured and there are no allegations of driving offences.
You must report the collision to the police if you were unable to exchange details at the scene, if anyone was injured, or if you suspect that the other person may have committed a driving offence."
Re: Zuck and metaverse
When I was driving to work today (I have to, there isn't a viable public transport option if I want to sleep past 5am) I noticed a another vehicle with more than 1 person in*. First time I've seen that in ages.
*Excluding trades vans which usually have 2-3 people in.
The hub and spoke public transport model means I would need to take 2 buses and a train to get to work. It would cost at least twice as much and take twice as long (if I was lucky and the train wasn't cancelled). Oh, and I probably wouldn't have a seat. When you add in that I drive my daughter to college on my way to work, that cost for public transport becomes more than triple my car-based costs.
If there was a viable public transport option, I would use it, but TPTB need to wake-up and plan a system where cars are no-longer a necessity if they want wider adoption and a lower environmental impact. Instead they are just focused on electric car ownership and banning non-EVs which will limit personal transport options for the poorer in society (there isn't a reasonably-priced 2nd hand market for EVs).
I'm running virtual Win10 on Hyper-V on-prem and although it's a fight to understand the correct licensing, I'm pretty sure that just having 365 Enterprise subscription allows this. Unfortunately the software we're using only works with MS Office, otherwise I would have used an alternative. Could utilise EXSi or Xen, but I'm just more familiar with Hyper-V.
I had an MSP recently try and sell us a rather convoluted cloud-based, locked-down, virtual desktop and server solution utilising VMWare. I advised TPTB that for an initial CapEx equivalent to 3 months of their quoted cost, we could run our own on-prem solution and retain control of our own data. There's still a bit of push-back from those who think "cloud" is best but I've got plenty of horror stories to drop on them when the time comes.
Re: Bathroom vent fan
While I applaud your re-use of the heat throughout the premises, having the air-gap at the bottom could lead to ingress of dust and other material. Obviously the air is cooler at the bottom, but you've got to factor in the air quality too. You might be better off with a small wall vent close to the floor with a replaceable/cleanable filter.
Re: The Cloud
That reminds me of the BT to ComputaCentre fiasco. I contracted for CC at one point and was amazed at the extortionate costs and work they were able to bill BT for; who happily paid out. It was part of their restructure when they sold off buildings to rent them back and TUPE'd a bunch of engineers over to CC.
On Win10 or 11 you've got SSTP, PPTP, IKE2 (IPSec) along with good-old L2TP/IPSec (PSK\Cert) and I'm pretty sure Win7 had the same options and they were available on all editions.
For more advanced options, if you want to direct specific traffic down different tunnels, then it can be done but requires a little fiddling.
Win VPN doesn't support MFA yet which you may get with VPN clients from firewall vendors and they also may have better methods of sharing PSKs and credentials.
I personally don't really understand why people use 3rd party VPN clients on Windows so if anyone has a decent reason, please share it.