* Posts by no user left unlocked

17 publicly visible posts • joined 27 Jul 2018

Microsoft's Lennart Poettering proposes tightening up Linux boot process

no user left unlocked

The horses have already bolted

So if I understand this correctly part of his rationale is that "bad actors" may interfere in an initramfs update/rebuild when your system changes?

If that is happening then I've already lost control of the computer and nothing less than a full wipe is needed.

*sigh*

Honeymoons last a couple of weeks – the same goes for any love for the IT department

no user left unlocked

Size Matters

Worked for companies of all sizes and the bigger the company, the bigger the IT team, the bigger the divide between them and the business and the faster good stuff is forgotten.

So much of what is delivered by IT is functionality. Its a swap out of older more labour intensive processes for hopefully faster, more streamlined, more accurate versions. Actual new shiny is relatively rare so updates are way less memorable. Give someone a new car, definitely memorable, change the oil? not so much. Add to that the IT department is usually seen as a bunch of identical drones. So individual contribution just gets subsumed into what 'IT' delivers. By the same token screw ups get painted across the entire team too. No matter how good you are the acknowledgement of that effort is diffused across the team and everything ends up average. The business has short term memory (about positive stuff) and looking back a few weeks will just see average and complain about how much it pays us.

Sure, you can work on and build a solid reputation and become "the IT guy who can actually fix things sometimes" no matter how good your track record is. You can build good working relationships with those you are providing a service to. At a local level you can keep a sort of IT Guru type label. But only at that level. Jump up one, definitely two hierarchy levels in the company and you are back to being a cog in the IT machine, the same as all the other cogs.

In those big companies the IT leadership needs to sell what they do and offer the company and always keep reminding the business that IT is an enabler allowing the company to be better. Unfortunately I've rarely seen this happen well so the disdain and thus dismissal of the IT team trickles down from the top.

At much smaller companies you can make the same effort, create the same reputation but with a smaller IT team and less distance between you and the rest of the business that reputation shines way way better. The downside is if there is a screw up then there is nowhere to hide, though that is a good thing.

If I were to go work for a different company now, I'd target a company in the 100-200 staff range with around half a dozen IT members with the IT being core to the companies operation. They value IT because they have no choice, without it there is no company. This is something those big companies don't seem to grasp.

The pandemic improved the status of IT workers … forever

no user left unlocked

Never Forever

Way back in the mid 80's I joined Tesco Stores. A couple of years earlier they had dumped a third of their IT staff thinking they were not needed. Soon realised their mistake and had to recruit like crazy. This was just before EPOS was taking off and pretty much the entire business moving over to computer based systems.

Those first years we were definitely appreciated and rewarded. Around the early to mid 90's there was a management mind set change and almost immediately it was clear we were "downgraded" in their eyes. Made to re-apply for our jobs and the ensuing pay cuts that generated and then the gradual slide as we were seen to be fungible units. Within a decade management had latched onto the off-shoring mantra and many of us collected our redundancy packages.

So if IT is a cost centre then no, its not forever, just until the next management shake up.

But while we are appreciated......... its nice.

Windows 11 in detail: Incremental upgrade spoilt by onerous system requirements and usability mis-steps

no user left unlocked

Re: No Hope ?

Its more security sure, is it better security? maybe?

I'd need to dig in and look at what attack surfaces it purports to close and what new ones it opens but with minimal Windows exposure these days its thankfully not my problem.

To be honest my first impression was that this would help them lock down the DRM chain more closely so more benefits to rights holders than the actual user.

Devilish plans for your next app update ensure they never happen – unless you start praying

no user left unlocked

Ahhh

For us rightpondians whizz as a verb has always meant speedy, I doubt the Beano would have gone with Billy Whizz otherwise......

I can't think of ever seeing whiz before but we use wiz as an alternative to boffin, just a shortening of wizard.

Monitoring is simple enough – green means everything's fine. But getting to that point can be a whole other ball game

no user left unlocked

Its a partial description of your IT farm.

The article is pretty accurate but I don't agree that missing a device automatically invalidates your monitoring, most everything else is still valid but things that might touch or be touched by the rogue entity are potentially compromised. Always shades of grey.

What matters there is that when something is added to the farm you have a way of seeing it, whether it is IP discovery scans, DNS additions, new mac addresses appearing in DHCP or whatever so you can track it down and absorb it.

When adding a metric I've already gone past the is it needed phase and look at how it is to do its job, is it a binary check, simple warning/critical thresholds or is it something more contextual, all to try and avoid false positives.

Once in then like every other alert it gets tested every few months manually to make sure it still works but if an alert is working and generating alerts which are not getting resolved then the alert itself is challenged as not needed or incorrectly bounded. Where possible alerts should always be an exception.

I usually joke that if I'm doing my job well enough then I've just done myself out of a job because everything important is now covered and there is nothing really for me to add.

While waiting for the Linux train, Bork pays a visit to Geordieland with Windows 10

no user left unlocked

Re: Need a bit of Raspberry Pi action

This seems to be a perspective issue more than anything, companies offering Linux based solutions have matured now. Take Redhat with Ansible as an example, is that corporate enough? I would say it meets all your criteria.

COBOL-coding volunteers sought as slammed mainframes slow New Jersey's coronavirus response

no user left unlocked

Re: No so much COBOL as the tools

Ahhh the language where we spent more time arguing over the aesthetics of a piece of code than whether or not it actually worked......

I remember the old argument that being symbolic in its presentation a japanese coder could readily understand the work of an english man and vice-versa. If it was written by the individual with the lower level of proficiency then maybe?

I used to space my code out and made liberal use of lamp which annoyed the heck out of a couple of the purists. They just loved those dense code blocks.

Linux in 2020: 27.8 million lines of code in the kernel, 1.3 million in systemd

no user left unlocked

six of one....

Not a fan of the implementation it solves some things, complicates others and for me personally has made more work than it should have. All fixed now but pain was involved.... How its been used by Debian has at times been very frustrating, which is their fault and not that of systemd.

The principle however I can get behind, a secure layer bridging kernel to userland providing a standard way to provide system configuration, at least that is how I see what it should be.

My hope is that at some point its functionality gets abstracted and documented in the abstract which may or may not align with what systemd is actually doing. With that abstraction defined however others can start producing their own modules for what in theory would be a drop in replacement. Don't like how systemd-resolved is working on your system? then try bsd-resolved or debian-resolved.

Heads up from Internet of S*!# land: Best Buy's Insignia 'smart' home gear will become very dumb this Wednesday

no user left unlocked

Re: This is inevitable

The problem with smart is that its the new black.

Had to replace my TV recently and couldn't find what I wanted without smart. Admitted defeat and made the purchase. Damn but they try to ram the smart features down your throat. Took a while but I think (not certain) I've turned off everything I can. This sucker will never see the internet.

Thank god the only buttons I care about on the controller are power, volume and source select.

Screen quality itself is nice though.

HMRC 'disciplined' almost 100 employees for computer misuse over 24 months

no user left unlocked

A broad brush

"wider misuse of computers or HMRC systems" Just how wide are we talking here?

At the lower end it could be with tracking individuals, find the ex kinda thing and at the higher end it could be bulk sale of our data to criminal groups.

As I've no real trust in any Gov department to do the right thing I could easily see them rationalising it as not a security breach because its an internal matter rather than externals gaining access. Thus easier to rationalise sweeping it under the carpet.

Eight dismissals if all separate cases is eight chances of my details being out there......

UK Home Office primes Brexit spam cannon for a million texts reminding folk to check passports

no user left unlocked

Re: Everything under control

Again implies that at some point they stopped.

Two years ago, 123-Reg and NamesCo decided to register millions of .uk domains for customers without asking them. They just got the renewal reminders...

no user left unlocked

Network Solutions is better ???

The only difference between Network Solutions and their free registration of .online domains and this round with Nominet is that Network Solutions didn't put it on auto-renew. Of course you had to put up with them sending the renew now followed by the begging please don't let go of 'your' domain emails but they could at least be safely ignored.

Like a grotty data addict desperately jonesing for its next fix, Google just can't stop misbehaving

no user left unlocked

Always vote.

You should always vote, if and it sounds like it, you are like me then there is no one you want to have your vote. So turn it around and make it damage mitigation time. Who to vote against, who to protect yourself from.

If you've done this much then you've the right to bitch and complain and rail against those in power. Its that Burke quote “The only thing necessary for the triumph of evil is for good men to do nothing.” in another form.

Newb admits he ran Satori botnet that turned thousands of hacked devices into a 100Gbps+ DDoS-for-hire cannon

no user left unlocked

Re: The future's bright...

Its fine, all they have to do is reset them right?

Fed-up graphic design outfit dangles cash to anyone who can free infosec of hoodie pics

no user left unlocked

misdirection...

Any crackers must be doubly happy with this.

Not only are they being conflated with hackers but all those stock images bear no real resemblance to either group.

You can get away with so much more when you don't fit the public persona the media generates.

I was just looking at the definition of a hacker and hadn't realised just how far it has moved away from its origins. Apparently these days you can only be a hacker if you are using a computer, who knew?

Sysadmin trained his offshore replacements, sat back, watched ex-employer's world burn

no user left unlocked

Obvious outcomes.

At one of the biggie UK retailers a bunch of us got redundancy and had to train our replacements from India. They had come over to the UK for training and were clearly excited. When they realised they were our replacements they were so shocked and embarressed.

We had to explain that they were still very welcome and we'd do our best to bring them up to speed and have them able to cope. Also that we were in no way upset about them being there. A team with average service length of 20 years and a reasonably generous redundancy package will have that effect. Also we were professional and no way wanted the blame for any issues laid at our feet.

Anyways we left and the team we trained were fine but now they had some good skills so were sought after and of course moved on. The people hired in their wake.... no so good. Last I heard the head count had trebled, the service delivery was awful and wage parity was eroding even the mathematical benefits of offshoring.

Another team that had been offshored a year earlier had one hire who managed to delete the entire UK domain in AD and in panic deleted logs/backups to try and hide what had happened. Once we saw management accept this and not backtrack we all knew it was time to get out.