Re: The weakest link in the toolchain
its a uni, so probably done by script on the target.
Im more concerned about how they got there. Seems to be that personal devices were compromised to steal ssh keys.
they need to consider 2fa...
575 publicly visible posts • joined 11 May 2018
I was thinking on the same lines, regardless of the law who thought this was a good idea? and frankly after having been on pre-sales a few times as an expert, that doesn't suddenly reclassify me as sales.
I hope this guy has the evidence to follow thought, and doesn't settle out of court.
Timed sales visits? yes you have to keep commitments but that makes it sound more like a service call.
In the same way that CAPCHA uses difficult images with extra lines over disordered / incomplete letters (similar to photocopier example above)
or searching images for fire extinguishers will find a UK postbox with a shovel leaning on it and decide its also an extinguisher.
Back in real world where image quality is another variable, never mind the subjects in the images, fog, focus, object movement, changes in materials etc... It is hard for me to imagine AI keeping up with all the variables, never mind having a quality interpretation for both detecting and interpreting them.
I also have a concern that if AI did indeed get good enough, we effectively stop training the medical staff that teach and validate the AI results. This will create a new negative feedback loop. Particularly, as again noted above, the system cannot even show its working out either to train people, or to correct its results.
AI has masses of potential, but in my opinion we are looking for quick wins when there shouldn't be one....
I had a chat to the owner of an independent petrol station in the UK once.
He described how many millions of pounds the business turned over, Then how much he was able to pay himself, which was around national average income, despite all the money and effort. Other forms of income like advertising (historically renting videos etc) have always been necessary.
Doesn't matter if its an IOT device or some other service. The vendor will withdraw it...
I would much rather be able to run my own PRIVATE host as an option even if not default. Otherwise you are basically renting not buying product.
Makes my teeth grind...
its playing on the general ignorance of the public - remember half the population has below average intelligence...
I think i'll create a video that shows reading the register will hyper-evolve me into a super intelligent shade of blue...
If I'm going to the effort of uprooting an incumbent ERP to the cloud..with all the changes needed to your supplier and internal systems to enable it or indeed thoroughly break it. Why would I not think it's time to slay the beast and move to other, cheaper services over throwing myself into their pits of hell?
and then shut your eyes and entrust your entire business model to them. You will be subscribed at a level that will ensure you can never explore alternatives, you will be forced to change your business for every quarterly "evergreen update & feature release". You will not be able to extract and port data to your other solutions, particularly if they are in different clouds, and you wont be able to customise anything even if that's your business USP.
When upgrading or replacing ERP systems infrastructure is unlikely to be your key issue, hence moving to the cloud wont fix that.. You are generally forced to change how your Backoffice business works which is where the fun starts. Complex webs of processes, exec power struggles, lack of users that actually know their bit of business rather than what screen they use.. That's the problem, and also often the cause of lack of maintenance... Everyone uses the system, so its not mine - and if it is mine, then i'm not allowed to deal with it because it requires changing everyone else...
but sure as hell that is how it will be used.
Send a document to anyone and it will be tested against the recipient's pet bias and you will no doubt get reamed. Already imagining companies asking if they can bias score their entire library of literature and documentation into a new low of computer controlled Orwellian new-speak.
We only want creativity at interview time... then you will become robotised …
Isn't that what anyone would expect from an IBM led delivery project. An artful construction of status reporting that ensure there is no issues at all except with the customer...
And trying to control billable change requests with Agile is nonsense, you are changing as you go - that's a blank cheque, particularly if the project didn't waterfall long enough to identify the rough edges.
As for selling vaporware - that's fairly standard, although IBM clearly didn't apply enough business knowledge to know this was going to be a bit tough. Not sure anywhere else has a premium tax like UK for example.
Over £10m annually for support? yikes, I hope that is a very broad definition of support, or that would be another moneypit, attracting permanent fees for changes. Frankly that seems an awful lot in proportion, particularly as costs should go down over time, not up as the system stabilises in its new form.
So its just an operationally difficult to manage, dual port connection protocol, that on some platforms uses an extremely wide number of random ports and if you look at available comments, even without shell, can do nice amount of reconnaissance on the target file system. Add to this even file transfers themselves are not assured delivery unless your tool of choice adds this on.. putting an S on it does not change any of these aspects.
Addressing this as just an "insecure" protocol substantially under-represents its deficiencies, and there are alternatives …
Suddenly what used to be basics that you didn't need to specify in huge detail e.g. logging, access controls, upgrade & maintenance considerations, etc, now are ignored unless the customer specified ABSOLUTELY BL**DY EVERYTHING or it wont be done automatically by body shopped drones cut-n-pasting code from GitHub. Then probably re-specifying the same crapola at each level of the storyboard thus also ensuring you get supplied 20 different ways of delivering what should have been system wide features.
Just do some up-front design work, call it principles so it doesn't feel too old-school to the people involved, and ensure all delivery areas get the same book.
From what I have seen many Agile projects (at leas the ones at greenfield system level scale rather than feature development) have exhibited behaviours not seen since teasing trainee programmers with exercises that are actually impossible if they had thought about it in advance of train-of-thought coding
While describing in this case a team hauling itself across the line, suggesting massive energy, noise, and ground shaking effort, the image is of lightweight tram rail more likely to carry a modified bus as its heaviest load!
While, of course, I am trying to out-nerd the discussions raised where images of Star Trek have been used in conjunction with Star Wars references it seems to me that the Reg needs to re-nerd itself.
Surely IT I've not reached so far into this millennium where IT people are not fussed about this sort of thing. Next someone will be saying all the Dr Who retcons are completely OK.… yikes.
Keep the articles coming, I need something to both read and complain about while working from home !
If the racks don't have feet, as well as castors, that probably means several hundred kilo's on each castor I guess a square inch or so making contact - that's a problem for the floor not just the castors, particularly if it is tiles on stations... They are probably lucky not to lose a water cooled rack into the subfloor, which may have taken a bit more aggressive winching to recover :)
I like the fact they had to send someone with eyes to look at it - I my world we have cameras that look at the racks and aisles to save on meatwork :)
I do like the mantra that incidents should be novel too - now if only that would creep from the infrastructure people to the application people the world will be a better place !
And as, an apparently old-school, developer, I also agree. Writing for maintenance and future change, is often best over absolute performance.
I have experimented with the reverse on one of my teams, where they had literally no idea how my code worked to produce the same results.
Absolute performance is only necessary in the system space, not at application level in most cases.
Company I was working for in that era was largely token ring. This was driven by the glacial pace of getting mainframe people to believe there were other technologies in the organisation other than their own, along with a substantial remainder of dumb terminals.
Eventually the critical mass changed and Ethernet was installed once enough PC's and desktop emulators were rolled out. Cue big bag of Baluns to confuse the position further and trying to run both at once...
DC1 aircon failure - larger room-v hot - circa 45C went round site collecting desk fans, propping open fire doors, shutting stuff down..
DC2 aircon failure - small server room - room so hot you couldn't stand in it (probably 60C or more - we couldn't tell) reached in with hand wrapped in jumper to flick off switch - prop doors open. Probably lucky nothing caught fire in this one.... boot floppies melted into drives.. far more tricky to recover...
Probably should have just ordered beer and changed into shorts...