* Posts by Vocational Vagabond

37 publicly visible posts • joined 29 Aug 2018

Five Eyes infosec agencies list 2023's most exploited software flaws

Vocational Vagabond
Unhappy

Unlike the author ...

... here's a link to the whole list of fifteen, from "2023", https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a , Ooooh looky there, it's got a link to each CVE, with name, and affected software by title !!

Realizing by the second paragraph I'd have to wade through it blow by blow, to obtain the content of said list I stopped reading. All your style achieved was devaluation of your content, and wasting your readers time.

For context I would have appreciated the actual list, and, probably like many other readers here, insightful commentary on the list as a whole, That is a poor effort, while some hacks here may enjoy self servicing word games, I'd rather assess the list directly, and would have appreciated that more.

Pity the editor's correction, didn't stretch to an apology for the wasting of readers time.

Europe's largest local authority slammed for 'poorest' ERP rollout ever

Vocational Vagabond
Holmes

Take Their Crayons Away . . .

There are many antipodean Local Government Organizations, with the very same problems, full of crayola wielding wisdom, that think by offering 5 figure salaries for 6 figure skill sets is the cheap way to deploy Larry's digital card file programs..

These are typically the same organizations that never meet budget, as they need to contract in the 6 figure skill set, who do then the shiznit, but won't pay for the documenting of same, then the hired help beetles off with all the public's shiny coins, usually more than 6 figures worth, with a smile on their faces knowing the crayola wielding clowns will call again for break fix, time and time again ...

Until the local population takes away the crayon cretin's implements, these org's will continue the fail cycle, but the problem is human nature, come election time, they believe the newly scribbled wisdom provided by a different colored pack of crayons, is more appealing, thus again failing to notice the use of crayons, at election time.

CrowdStrike file update bricks Windows machines around the world

Vocational Vagabond
Coat

Re: Snapshots

asking for a global group of friends, are you happy to open your wallet for all the tier 1 storage those snapshot diff files will sit on?

Early MySQL engineer questions whether Oracle is unintentionally killing off the open source database

Vocational Vagabond

Lawnmower Does not care.

Lawnmower does not care.

Firefox 124 brings more slick moves for Mac and Android

Vocational Vagabond
Meh

Meh..

I'll see these features when it has trickled into Watefox, where I can enjoy them without the Mozilla marketing crap tattooing, input fields, windows, toolbars, and the general un-adulterated self congratulation (Manic?) orgy that usually ensues, making it a pain to use . .

Australia passes Right To Disconnect law, including (for now) jail time for bosses who email after-hours

Vocational Vagabond
Flame

Really peeps? .. if nagios bleats in an email at me that the a service is degraded, or SMF has failed this or that, I dont give a rats, till I get in at 8am tomorrow... (Spoiler.. I dont check work email after hours, ever), but then I'm not paid to, and it is not a condition of my employment.

*unless* I'm paid by agreement beforehand in good $ terms, to respond to that, out of hours, ie: 'specified conditions of work'

If my Boss ignores the fact he does not pay me to work after hours, bleats at me, repeatedly, after hours, by phone at night, because OOM killed some sodding Java developers pet process, on a server in dev or test, somewhere, and I don't have an out of hours agreement for work, with my employer, then I can use the legislsation in Austraila for that.

If my Boss is ${dumb}, and continues to bleat after I've said 'no pay, no work', or ignored my statment of 'dont call me after hours', he will cause the org's CFO to pay fines to the Fair Work Ombudsman.

VMware's end-user compute products are for sale. Who might buy 'em?

Vocational Vagabond
Devil

Meh..

KVM works on my box fine .. Maybe "The Lawnmower" would want it as a stablemate for Virtualbox... He's decided to tax corprorate users on the Saddle not the Horse, after deciding to enforce 'extentions plugin' for drag'n'drop bells and whistes is paid for 'commercial' use now (audit item!..), when Virtualbox DT binary, it's self is a freebie. So .. maybe more money for vitzilla DT kit is a future thing ..

Australia building 'top secret' cloud to catch up and link with US, UK intel orgs

Vocational Vagabond
Pint

She'll be right mate ..

Yeah, Nah, .. a Falcon ute full of raspberry pi 4's will be just right, and arriving on site next week mate! This works out with the nations inflation woes ok, we had to drop the spec from Raspberry Pi 5's cause due to inflation, and the Australia tax, we couldn't afford F.....in' coolers needed anyway, ay!

Wish you could play tabletop Dungeons & Dragons but have no friends? Solasta: Crown of the Magister offers a solution

Vocational Vagabond

Re: Friends ≥ null program

What .. ?

And then Pay WotC (via said store), to PLay a pen'n'paper rpg, so you can be 'Official' ? then have the 'store' pose a fee for the table (less anoying, but still..), have food and drink denied (unless bought there) then be required to chase down a bunch reqired 'source' books at $90-110 AU pesos a pop ,because deliberately, they omit base material from core books?

How's go get Raffled sound.. ?

Just go visit osricrpg[dot]org get the pdf's and go have some fun, it's close enough.. DM for your kids ..

Fedora Project mulls 'privacy preserving' usage telemetry

Vocational Vagabond

"Fedora Workstation the premier developer platform for cloud software development."

If it ever was, (which I doubt) It soon won't be, for a multitude of reasons, best it's left to the Purple Hatters anyways.

Most Fedora users with focus beyond RHEL, will likely de-camp, for other os'es that allow for a more robust and extensive tooling access, as well as improved core OS counts. Not the paltry, contractually burdended, strictly non prod, developer host count of 16 boxen that RHEL offers. This I've been *told* is barely good for a CI pipline suitable for a bash +1 otther language project . . :)

As that reality slowly dawns on IBM's drivers, and development activity for RHEL dwindles to just paid code, most who do move, will likely count thier blessings, regardless of how 'anonymous' the telemetry is.

pps: Who the hell wants to rebuild OS'es every 13 months anyways, just because your OS expired underneath your feet ? (long term stablility, my left nostril)

Vocational Vagabond
Coat

Re: Stats please

Yay, I'm nearing statistical insignificance . . . !! :) (Guessing Waterfox id's as FFox anyways)

Dell down under dinged for dodgy display discounts

Vocational Vagabond

Re: Big company problems

Big Porkys ..

Definitely disagree with that, I've had dell try to deliberately run down the charge back clock, on a dud XPS laptop, from their 'APAC' support arm... bought directly. For a "top of line" consumer lappy it was buggy and all this despite email proof their sales rep lied about it's functional capability in a technical pre-sale email query, asked before purchase, then it did not work as advertised when obtained.

They tried it on. at the 48hr mark I charged it back. The return courier arrived in like 5th working hour after that. They can move if they need to , their practice is not to unless they have to.

It's deliberate for sure, upon experiencing this, there was just too, too many similar tales when I went looking. They're just thieves and shysters in corporate guise. Not bought Dell since, and would only, if it posed a genuinely good product opportunity, and a non Dell middle man picks up said product, with a no questions return policy, between me and them.

Period.

Mozilla so sorry for intrusive Firefox VPN popup ad

Vocational Vagabond

Rampant Shouty Navel Gazing mode ...

Unlike some others here, I've had a good run on Waterfox. I, at least can say it's been free of that Smug 'Single Point Self Advertisement and Congratulation' BS that has come to be what I call the atypical . . . "Firefox user centered kudos syndrome"

Menaced by miscreants, critical infrastructure needs a good ETHOS. Ah, here's one

Vocational Vagabond

TLA 'Total Linguistic Apathy' . .

Great language .. Skillz. You could take the time to spell out ETHOS for it's first instance in the article well done, so now, maybe my 'Over Time' is at risk ? or was it my 'Occupation Therapy' .. I'm having an issue wondering just which bit of OT is at stake ... Another assumptive anachronistic FOUL up ahoy!!

Now I know what FOUL stands for, but do you ??

Child-devouring pothole will never hurt a BMW driver again

Vocational Vagabond

Not a proper one, untill it has fish ..

Not a proper one, untill it has fish ... https://www.abc.net.au/news/2023-03-30/riverina-council-massive-pothole-repair-flood-damage/102158854

By order of Canonical: Official Ubuntu flavors must stop including Flatpak by default

Vocational Vagabond

.. so "real"

It can stop leaching debian base code if it's so "real" cannonical can kiss my shiny white . . . Flat Pack

Raspberry Pi Foundation launches $12 USB Debug Probe

Vocational Vagabond
Devil

Two fold purpose better than your pico solution . .

A) it will empty your wallet some more . .

B) it will distract you from complaining you can't buy a pi . .

secret bonus answer for the tin foil brigade . .

C) because some corporate clown has a new 'Ebon' suit, and is craving sugar water . .

Make Linux safer… or die trying

Vocational Vagabond
Devil

"Gray Bearded" .. Indeed...

I object, I was only *Grey* bearded that one time I was locked down because 'covid' . . . and it's now bash and YAML dependant Ansible playbooks . . and people call me a dinosaur..

Arm CPU ran on electricity generated by algae for over six months

Vocational Vagabond

Did Musk fund this ??

So Let me guess, this is an experiment of integrity yeilding food, oxygen and compute for Elon's Mars by 2029 sort of... mission... quest... thing? >_<

Nobara Project brings whole bunch of extensions so you can frag noobs on Fedora 35

Vocational Vagabond
Coat

Fedora, Mature?

" A mature distro should be able to automatically configure specialist hardware," ... eh what, Mature .. with a lifespan of oh.. 13 months.. yeah right.

US distrust of Huawei linked in part to malicious software update in 2012

Vocational Vagabond
Coat

"... whenever they want, without anyone knowing.' It does not work that way."

. . so essentially they're confirming that WHOAAAHWEEE was complicit, had no choice, which now it comes as no suprise as to why a lot of nation states dropped the kit like it was hot. Can you really blame potential customers from looking at AU and US findings, then running away at speed?

Amazon will know when its business, privacy practices keep you up at night – it has an FCC-approved sleep radar

Vocational Vagabond
Big Brother

Creepy AF ...

Simply no.

Think household tech now requires Advisories and Warnings on the box, like food has.

"Warning: This device could be abused to provide external actors intimate details of your home or location" .... with a big 'efin Magnifying Glass Icon ...

Shedding the 'bleeding edge' label: If Fedora is only going to be for personal use, that doesn't work for Red Hat

Vocational Vagabond
Devil

moving "Beyond The Bleeding Edge" ...

Erm... why would I call a an OS I had to re-install every 13months on my Laptop to keep it vaguely in support, a stable desktop release ??

Sounds pretty bleeding obvious to me.

Wyoming powers ahead with Bill Gates-backed sodium-cooled nuclear generation plant

Vocational Vagabond
Devil

Hi,

I'm Clippy, you seem to be having touble with your reaction rate, would you like some help with that?

Google's 'Ask me anything' on Privacy Sandbox was more about questions than answers

Vocational Vagabond

Re: Chrome the Trojan Horse

may be that I'll be assimilated, but I'll get good exercise kicking and screaming as I go :) . . .

UK's National Cyber Security Centre recommends password generation idea suggested by El Reg commenter

Vocational Vagabond

bit late to shout out some love for keypass ?? ! comes with cross platform love and ... $0.00 down, full of ethical goodness . . .

Red Hat returns with another peace offering in the wake of the CentOS Stream affair: More free stuff

Vocational Vagabond
Go

Contempt repaid in full ...

. . . One thinks Rocky will be relased before the 'Big Blue' ~Not~ Sales Team would return email with an approval for extesnion of free RHEL in my org . . most of every one happier, less spam in my email box, and a clearer relationship.

. . . Or I might just accept that gap of 5 years betwixt LTS in Debian based boxen and RHEL reroll's, and change horses.

Either way, what ever `they` choose to spin it as, I'm not going back and the few real RH boxes remaining will quietly pass, each in turn, pining for the fjords, in true Norwegian Big Blue style.

Rover, wanderer, nomad, vagabond: Oracle launches rugged edge-of-network box for hostile environments

Vocational Vagabond
Devil

Re: salty fog *

one suggests said 'salty fog *', is caused by the 'Network Admin' that has to provision the instal . .

The killing of CentOS Linux: 'The CentOS board doesn't get to decide what Red Hat engineering teams do'

Vocational Vagabond

I think that's the piece that people are just overlooking.

Well my .org decided the fire is better than the frying pan and went OEL public ... despite the bitter clamour of "Larry" warnings from all quarters. This IBM move has pretty well torpedoed the original use case for a Community ENterprise Operating System, as used by public educators all around the globe .. and merely highlights its prepared to bite a feeding hand.

I'm only laughing on the inside because the "16" free prod licenses is a too little too late response (On two cores only I might add .. ) and reeks of knee jerk reaction, it will actually have a negative impact for RHEL Tech uptake by students and future professionals, many who cut their teeth on CentOS to polish that knowledge stack because of its availability and community support (R.I.P) a worth that IBM will only likely discover very late on in the decay.

I suppose now it will be a lower common denominator orange cast Ubuntu land, or a Big Red one.. till Larry is capricious again, biting those who choose not to look back. I went and Looked at their RH developer.site and could barely find the well hidden, and patently pitiful and barely workable offering because of all the w@nky marketing hype you have to wade through, that coupled with the extremely poor community engagement leaving a very bitter taste in many mouths, will see RHEL relegated to Oracle DB/Middleware and IBM Cloud workloads. Roll on Rocky.. best of British..

To plug gap left by CentOS, Red Hat amends RHEL dev subscription to allow up to 16 systems in production

Vocational Vagabond
FAIL

up to 16 systems Free*

!! not so fast there Reg .. read the fine print ... .

https://developers.redhat.com/articles/faqs-no-cost-red-hat-enterprise-linux#

16 VM's on 2 sockets .... see point 8 at the link.

Eminently less usefull I'd point out, and just a marketing "Damage Control" exercise . .

Techies start growing an Alphabet-wide labor union: 200-plus sign up, only tens of thousands more to go

Vocational Vagabond
Trollface

difficult for Google to crack down on staff . .

Never mind, a few calls to the Austlralian Liberal party and the AFP can fix that for you, they'll have no issues raiding their offices at all. It is after all the AWU, Right?

Windows to become emulation layer atop Linux kernel, predicts Eric Raymond

Vocational Vagabond

Depends how much they're prepared to pay Nvidia I suppose ..

Vocational Vagabond
Windows

Yes... that thing you need to go restart to make bluetooth work without rebooting windows ....

What do Zuck, Sergey, @Jack and Bezos have in common? They don't want encryption broken

Vocational Vagabond

Re: Hmm

Political abuse may be far worse if your populace elects a clown .. no political system is immune from the stupidity of the masses .. nor the subversion of such by the few.

Windows 0-day pops up out of nowhere Twitter

Vocational Vagabond
Trollface

Ah but ... with a linux bug, no NDA is required for remedy, so it can be seen by all, and actioned after a peer reviewed pull request.... Can't do that in windows land, but then community spirit is a paid thing there, I'd wager.