* Posts by It's just me

79 publicly visible posts • joined 2 Aug 2018

Page:

OneFileLinux: A tiny recovery distro that fits snugly in your EFI system partition

It's just me
Linux

Re: Nothing new under the sun* :)

The zfsonlinux source contains the copy-builtin script to add the module source into your local kernel source, then a simple "make menu-config" && make give you a kernel with ZFS built in. The licensing only stops distros from doing this for you.

ChatGPT, write a report about database glitches that crashed you today

It's just me
Thumb Up

Re: ChatGPT - help me write

He wouldn't be a hoopy frood if he had to ask that.

Uncle Sam wants to strip the IoS out of IoT with light crypto

It's just me
Thumb Down

Re: "...lightweight cryptography..." ... Or More Misdirection?

AES and salsa20 are symmetric ciphers that don't use prime numbers. Sounds like you're doing some misdirecting yourself.

FreeDOS puts out first new version in six years

It's just me

Re: cool

https://www.dosgamesarchive.com/download/jazz-jackrabbit/

https://archive.org/details/msdos_Jazz_Jackrabbit_1994

It's just me

Re: Virus with your DOS sir?

Read the article, it says "This isn't your father's DOS.... It has an IPv4 stack and basic IP connectivity"

Intel chases after Bitcoin miners with dedicated chip

It's just me

Re: 1000x?

These ASICs are just designed for fast SHA-256 hashing, nothing to do with primes or factorization.

Linux tops Google's Project Zero charts for fastest bug fixes

It's just me

Re: 2FA Success?

They have 1.8 billion users, so they tried to get an additional 8% of their users to use 2FA and saw a 50% drop in account takeovers. Sounds better that abject failure to me.

Saved by the Bill: What if... Microsoft had killed Windows 95?

It's just me
Boffin

Simple, you used IRQ5 for the SoundBlaster and IRQ7 for the NIC. And you set your LPT port to legacy bit-banging mode so it wouldn't try to use IRQ7.

Microsoft sinks standalone Hyper-V Server, wants you using Azure Stack HCI for VM-wrangling

It's just me

Check out GhettoVCB, a set of open-source scripts that back up the free ESXi fine.

Hey, AI software developers, you are taking Unicode into account, right ... right?

It's just me
Alert

The EICAR AV test file is a ASCII string that can be renamed with .com and is a valid DOS program. https://en.wikipedia.org/wiki/EICAR_test_file

Debian 'Bullseye' enters final phase before release as team debates whether it will be last to work on i386 architecture

It's just me

Re: Debian Bullseye 32 bit

The difference can be significant. Several years ago I ran some tests, I configured 2 identical bare bones Ubuntu server VMs running Apache, one 32 bit and one 64 bit. The 32bit system used 170MB RAM while the 64bit system used 270MB.

America says banks can now transact using so-called stable crypto-coins. What does that actually mean?

It's just me

Re: The long march

I'm not so worried about criminals breaking another law. As you say, they will always find ways to hide their actions. I was arguing against your point 3 which boiled down to "you have nothing to worry about if you have nothing to hide" I'm more worried about the government using these laws to persecute and/or steal from lawful users of the system. Lowering the "suspicious amount" threshold from $10K to $3K means that a lot more innocent transaction will come under their scrutiny and there are already too many examples of people being relieved of their money by the authorities for the "crime" of carrying too much cash.

It's just me

Re: The long march

You say "Structured transactions are one of the core features of these systems." However, the regulations that mandate currency transaction reports (CTR) on transfers over a certain amount also make structuring transactions to avoid the CTR illegal. So you are giving the authorities a very low threshold to harass anyone they take a dislike to as well as increased opportunity for outright "legal" theft, see the abuse of civil asset forfeiture.

Attack of the cryptidiots: One wants Bitcoin-flush hard drive he threw out in 2013 back, the other lost USB stick password

It's just me

You can. The thing is, back when they got the Bitcoins they weren't worth thousands of pounds, so they didn't bother to back them up. Now they wish they had.

Linux developers get ready to wield the secateurs against elderly microprocessors

It's just me

Re: People still make these older CPUs last I checked...

64bit also has greater memory costs. A number of years ago I ran some tests, I configured 2 identical bare bones Ubuntu server VMs running Apache, one 32 bit and one 64 bit. The 32bit system used 170MB RAM while the 64bit system used 270MB.

US Treasury, Dept of Commerce hacks linked to SolarWinds IT monitoring software supply-chain attack

It's just me

Re: Re:Don't Panic Too Much,They're Surely Insured.Successfully Sue Bill or George or Mike or Who?

Expand that graph from 1 day to 1 week - they lost 17% over this weekend.

Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use

It's just me
Terminator

Re: reCAPTCHA only issues

Probably to block automated credential stuffing attacks, which are rampant. Not that I approve of Google's snooping, but some form of CAPTCHA is necessary for just about any internet facing service now.

Did Arthur C. Clarke call it right? Water spotted in Moon's sunlit Clavius crater by NASA telescope

It's just me

Re: So, to get 1 liter of water you need to process 3 cubic meters of regolith

Gold is extracted from ore with concentrations of 3 parts per million, so if it's of sufficient value, low concentrations shouldn't present an obsticle.

Big IQ play from IT outsourcer: Can't create batch files if you can't save files. Of any kind

It's just me
Facepalm

Re: More than once ...

Reminds me of back when NT4 first came out, a user secured their brand new desktop by changing the NTFS ACLs on the entire C: drive so only they had access.

Windows didn't appreciate System being denied access to C:\Windows\.

Engineer admits he wiped 456 Cisco WebEx VMs from AWS after leaving the biz, derailed 16,000 Teams accounts

It's just me
Happy

Re: And the point is...

That's an unusual implementation of single sign-on.

Tens of millions of Internet-of-Things, network-connected gizmos at risk of remote hijacking? Computer, engage shocked mode

It's just me
Unhappy

Re: Details needed

On the JSOF site they have a video of them exploiting the flaw against a HP printer, a UPS, a smart light, a Digi board and a medical pump. According to the messages displayed during the exploit the devices were behind a NAT and the exploit was delivered in DNS replies from a malicious DNS server. Other methods mentioned in their "Risk Evaluation and Mitigations" include fragmented packets, broadcast & multicast traffic and ICMP.

To test its security mid-pandemic, GitLab tried phishing its own work-from-home staff. 1 in 5 fell for it

It's just me
Mushroom

I've been getting a phish from "American Express" sent through SendGrid about once a week for the last month. I've reported them all to spoof@americanexpress.com and abuse@sendgrid.com but nobody appears motivated to stop them.

Real-time tragedy: Dumb deletion leaves librarian red-faced and fails to nix teenage kicks on the school network

It's just me
Angel

Re: My uni had similar rules :)

Us true admins were the ones running the quake server on the network for lunchtime and after-hours "network latency testing" and ops team-building.

It's 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either

It's just me
FAIL

Re: Why the Details pane?

If I recall correctly, for at least some file types, Windows runs the file in the associated application in order to extract that metadata.

Wake me up before you go Go: Devs say they'll learn Google-backed lang next. Plus: Perl pays best, Java still in demand

It's just me
Happy

Was that some Perl code you ended your comment with?

Microsoft boffin inadvertently highlights .NET image woes by running C# on Windows 3.11

It's just me

Re: BTW if you need a cross-platform GUI development solution

> you get a fairly large (10 Megabytes) static binary

Turning off debug info can shrink the executable size 90%.

Are you getting it? Yes, armageddon it: Mass hysteria takes hold as the Windows 7 axe falls

It's just me
Linux

Re: one would think

Microsoft already owns the Lindows trademark.

In 2001 the founder of mp3.com released a Linux distribution names Lindows OS.

Microsoft sued them in 2002 and in a 2004 settlement MS gave them $20 Million, they transferred the Lindows trademark to Microsoft, and changed their name to Linspire.

https://www.operating-system.org/betriebssystem/_english/screen_gallery.php?bsgfx=linux/lindows/shot0-scr-.jpg

Step away from that Windows 7 machine, order UK cyber-cops: It's not safe for managing your cash digitally

It's just me
FAIL

Re: Upgrade from Windows 7

Unless you surf to such malicious sites as the BBC, The New York Times Online, The London Stock Exchange, Spotify and The Atlantic. All of which have in the past served up malware in the ads they display to their viewers. Just because it's a reputable company doesn't mean that crooks haven't found a way to inject malware into their site.

H0LiCOW: Cosmoboffins still have no idea why universe seems to be expanding more rapidly than expected

It's just me

Re: the Hubble variable

Maybe it's a just-in-time or interpreted universe.

Rowhammer rides again as FPGA attack, RSA again reportedly up for sale, anti-theft kit to nuke laptops, etc

It's just me

Re: Rowhammer/JackHammer

As much as I would like that, I doubt it, as a prerequisite of these attacks is for the attacker to already have their code running on the victims computer. In the case of consumer devices it's already game-over at that point. The only place these attacks are really a concern is situations such as cloud computing where you share the hardware with untrusted third parties, or perhaps DRM where the untrusted party is the owner of the hardware.

Latitude 9510 lappy has a speakerphone so you can tell the conference call all about your 30-hour battery

It's just me

Re: Speakerphone

It doesn't mean they are doing it, but when there are additional microphones available then some advanced signal processing and noise cancelling algorithms can be employed to give better audio quality.

It's just me

There are several things that may limit a system to 2TB. MBR formatting has a 2TB limit and certain SCSI commands have a 2TB limit. So if the system doesn't support UEFI booting to a GPT partition with a 64bit OS or it doesn't support LBA64 then it might have this limit. Or they might not want to list all the caveats or deal with the increased support load and its simpler and cheaper to just say they don't support it.

It's just me
Unhappy

Re: 30-hour battery

No, We've had to replace swollen batteries on probably 10 to 20% of our Dell laptops over the last few years, over 50% of the XPS and Precision laptops purchased 2016-2017 had this problem. Dell did proactive replacements of a number of them in early 2017.

Managing the Linux kernel at AWS: 'A large team of security experts' dealing with fallout from Spectre, Meltdown flaws

It's just me

Re: How many attacks?

The problem is, with most of these attacks, there is no noticeable effect on the targeted system. So unless the crooks/hackers/TLAs screw up in some other way, you may never know you were attacked, what they got, or how they got it.

Bad news: 'Unblockable' web trackers emerge. Good news: Firefox with uBlock Origin can stop it. Chrome, not so much

It's just me

Re: Unblockable email

Most spam I see comes from random or fictional addresses so a block list doesn't help in many cases, I recently found gmail bounces incoming email that doesn't provide a From: heading.

Close the windows, it's coming through the walls: Copper Cthulu invades Dabbsy's living room

It's just me

Re: Tone tracker

Unless you pay extra for the shielded stuff, Cat5 & 5e is UTP (Unshielded Twisted Pair)

That code that could never run? Well, guess what. Now Windows thinks it's Batman

It's just me
Linux

You do know sudo can be used to run processes as users other then root? These are exactly the type of people who should be restricted by a very tight sudo policy.

Microsoft joins Google and Mozilla in adopting DNS over HTTPS data security protocol

It's just me
Boffin

Re: So, for the simpletons like myself...

You should be able to, at your router, block traffic to the DoH IPs that Firefox uses - ping mozilla.cloudflare-dns.com and then block the IP(s) it resolves to. Currently it resolves to 104.16.248.249 and 104.16.249.249.

It's just me
Big Brother

Re: not going to work

It's known as MITM or MiddleBox TLS interception/inspection. Doing it without raising a warning/error on the client requires that either you get your own certificate installed as a root CA on the client, or you are able to obtain, via theft or coercion, a signing key from one of the several hundred CAs your browser already trusts.

One man's mistake, missing backups and complete reboot: The tale of Europe's Galileo satellites going dark

It's just me

Re: Oh yeah?

Probably the same rogue engineer that worked for some auto manufacturers.

Blood, snot and fear: Why the travelling lone tech reporter should always knock twice

It's just me

Re: Bah!

The majority of times the latch was used, there was no story.

It's 2019, and Windows PCs can be pwned via a shortcut file, a webpage, an evil RDP server...

It's just me

Re: "exploits in the wild"

Actually they did report on this:

https://www.theregister.co.uk/2019/08/30/google_iphone_exploit_chain/

The NetCAT is out of the bag: Intel chipset exploited to sniff SSH passwords as they're typed over the network

It's just me

Except Nagle is often disabled for interactive sessions such as SSH.

Call Windows 10 anything you like – Microsoft seems to

It's just me
FAIL

Re: "Naturally, all user data is wiped with this option"

But windows explorer still doesn't know how to properly deal with the folder mounted partitions. If you have a 1GB D: and have a 1TB partition mounted on D:\Data\, using explorer to try to copy a > 1GB file from elsewhere to D:\Data\ fails with a insufficient disk space error.

Brits are sitting on a time bomb of 40m old electronic devices that ought to be recycled

It's just me
Happy

Re: Tell Apple that..

> I made 2 working HP laptops from one broken laptop by swapping parts.

That's amazing, how did you do this?

This summer's hottest sequels: BlueKeep II, III, IV and V – the latest wormable RDP holes in Microsoft Windows

It's just me

Read The Fine Article

From the article itself: "mitigations or workarounds... turn off, or firewall off, RDP services"

Y2K, Windows NT4 Server and Notes. It's a 1990s Who, Me? special

It's just me

Re: Even to this day...

RE: ghost systems

A few months back we had an AWS instance that experienced some hardware failure, was given the commands to shut down, and then restarted so aws brought it up on different hardware. But the old zombie instance kept running for a couple weeks with us having no way to access it, but it continued to send notices and warnings that took a while to track down as there was no trace of them on the supposed source machine.

LibreOffice handlers defend suite's security after 'unfortunately partial' patch

It's just me
Headmaster

Re: age of code

That's SSLeay, by Eric Andrew Young

Page: