* Posts by man_iii

34 posts • joined 7 May 2019

FireEye publishes details of SolarWinds hacking techniques, gives out free tool to detect signs of intrusion

man_iii

Stop using windows for mission critical stuff

Everyday I see these "hacks" being perpetrated by using Windoze systems. Why????? Linux is still free as in beer. Just build your servers and contract custom tools you might need based on OSS.We have seen enough that security through obscurity doesn't really work anymore.

Scottish Environment Protection Agency refuses to pay ransomware crooks over 1.2GB of stolen data

man_iii

Lemme guess running MSWindows

If you run Microshat Windoze expect to get hacked.

Why is it that orgs havent even bothered to move to a a relatively safer desktop environment? Even Android and Chromebooks are probably better than Windblows.

That's it. It's over. It's really over. From today, Adobe Flash Player no longer works. We're free. We can just leave

man_iii

Shockwave and Flash

While during the HTML w3c 4.0 days I think Flash was the one of the ways to do browser and platform compatibility. Not that it was good or anything. .. I dunno why Mozilla killed the NP plugin which was waaay more useful than flash.

US Treasury, Dept of Commerce hacks linked to SolarWinds IT monitoring software supply-chain attack

man_iii
Facepalm

Why Windblows agents?

Why whyhy in 2020 after wannacry ransomware and peyta and nonpeyta and other crap do wee expect windows to be secure? Install a headless linux and have them on seppparate management and service VLANs.

AWS has just shown its new hybrid cloud ambitions make it an even broader threat

man_iii
Gimp

Sounds sus - Pandoras box?

Looks like someone is trying to sell facial recog and tracking in a generic sounding doomsday named device.

IBM warns Global Tech Services staff that 346 UK heads will roll in latest redundancy action

man_iii
WTF?

Have they forgotten NewCo?

Now that IBM decided to spin off NewCo... why are they still deciding layoffs? Aren't their sole focus on Hybrid cloud business and nothing to do with client services of GTS??

I wonder if Itsy Bitsy Morons pointyheads will at the last minute cancel the whole NewCo shenanigans and claim it was their plan all along to evaluate the spinoff and not really go through with it.

Bare-metal Macs-as-a-service come to AWS. Intel for now, M1 silicon in 2021

man_iii

Open VNC over internet Burn In Hell

Stop using VNC on the internet. It is the fastest way to getting hacked. .. Why???? Recommend Vnc-over-SSH or some similar too many idiots use Vnc on the internet without realising it is plain text unencrypted traffic !!!!

Who knew that hosing a table with copious amounts of cubic metres would trip adult filters?

man_iii

Cubic metres? cm^3? ?? What is its abbrev.??

Im lost...how could cm3 trigger anything? Is there some unknown. .. ouch ...pls tell he didnt do cusecs thing and cu-b- m -eters. ... yeeesh english shorteners. Please use full values and strike these down these short form terms.

IBM Power9 processors beset by Cardiac Osprey data-leaking flaw as Spectre still haunts speculative chips

man_iii

Blues of Computing

I am sure just as Software requirements drives hardware development and vice versa as hardware limitations "inspire" software features. ... I would have hoped that at least engineers would keep that in mind and design systems with robustness and consistency.

Speculative execution and branch prediction for common or repeateable code seems normal until you realise root level commands and userid pwds are also "predictable" :-P

Ransomware crims read our bank balance and demanded the lot, reveals Scotland's Dundee and Angus College

man_iii

STOP using MicroShaft for critical infra?

If you depend on Microsoft then you probably deserve to get hacked. I remember when colleges used to run Sun Solaris servers and dos mounted Unix samba volumes per Dept software or used NFS all located on UNIX servers I dunno how long those things were running for. .. until when I left they tore it out and instead installed Microsoft AD and outlook. ... cue infinite crashes and instability and networks going wonky students mail lost. ..

STOP USING M$ for CRITICAL STUFF!!

Tech's Volkswagen moment? Trend Micro accused of cheating Microsoft driver QA by detecting test suite

man_iii

Re: Micro Shaft Drivers

It doesn't excuse Microsoft for having a driver certified with problems where you certify the driver that can't handle the HAL ? Logitech as a company has its own problems ... I won't go into it ...

If you introduce bogus drivers in Linux you will get shouted at by someone ... for example the whole Nvidia and Linus spat.

No excuses from a Multi-Billion dollar company vs Free as in Beer opensource software.

As we speak I have moved off the WindBlows MicroShoft 10 latest to Fedora32 Everything latest :-D

man_iii

Micro Shaft Drivers

Recently had to install Logitech mouse drivers for an ancient MX1000 which to this day is still running. On a Linux system the Bluetooth mouse would 'Just Work' Alas the hardware failures during the 'Rona Times means no replaceable parts for the time present. Cue the MicroBloat WindLows 10 whereupon this famous mighty mouse falls on its own driver sword. Logi SetPoint 16.69 drivers fail to reconnect after suspend or sleep forcing the WUser to manually do the device removal and rediscover and pair the bloody thing only to disco repeat the same thing whenever Wind10 decides to sleep....

Uninstall and reboot and do it with the 'generic' HiD mouse driver and no issues ... just the Logitech special sauce like remap the various. 10 mouse buttons is un possible now.

:smh:

SpaceX Falcon 9 and Dragon cleared to hoist real live American astronauts into space

man_iii

Space Taxis

Are the SpaceX engineers confident enough about say 10 launches to the ISS per year or is it just for this one launch ? I find that a regular cadence on projects tend to sharpen or weaken the minds depending on the company culture. A lot of the stuff that happens is mostly robotic or autonomous to the point that we can trust the computer and its redundancies to take care of eventualities most humans won't even come close to reacting to things.

Linus Torvalds drops Intel and adopts 32-core AMD Ryzen Threadripper on personal PC

man_iii

AMD Dreams

Once upon a time AMD had plans to launch an APU that had an ARM core inside. Just like how they started to include the North bridge and south bridge chipsets in the CPU dies and now with GPUs inside.

Soon I hope to find an AMD AP-AP-APU with a RISCV or ARM big.LITTLE 4-core8-core , dual GPGPUs, a 6800x or a Starcore or TI DSP, the regular CPUs x86_64 and maybe x86_128? even OpenPower ?, 64GB DDR7 RAM. All of it stuffed into a 1nm die process ;-) lolololol :-D

Azure India wobbles due to ‘underlying physical datacentre issue’

man_iii

Landlocked in the Valley

Hmmm seems strange not to plan for outages at a location some ways inland and nestled between gentle rolling hills with no access to undersea cables or proper high speed high density satellite uplinks.

At least Mumbai or other Port cities seem to be a better option as you can flood your data center in the sea for some passive water cooling and access to that trunked underwater cables of notoriety.

Microsoft gives Office 365 admins the heads-up: Some internal queries over weekend might have returned results from completely different orgs

man_iii

Data source segregation and multi-tenancy

When managing co-located facilities you might want to ensure that there is sufficient separation of network data and app layers not to allow any cache sharing. It might cost extra to have multiple instances for multiple customers but at least you did the sane thing of keeping the actual data not just logically separate but somewhat isolated at least. It is like using 127.0.0.1 for all customers and wondering why everyones data is exposed...

Now there's nothing stopping the PATRIOT Act allowing the FBI to slurp web-browsing histories without a warrant

man_iii

Illegal.is relative.

When a Senator abstains to vote, I think it may have to do with his/her stand on the issue. By supporting or opposing a law that is essentially illegal but modified with conditions won't stop the making of everything wrong into a legal justification.

So something like disaster relief or emergency funding with tacked on riders siphoning funds means you may not get the ability to fight this kind of corruption. Better not to participate and get your own type of bill pushed into place rather than get dragged into the mud.

Tulsi gabbard failed her duty and job as a Senator when she voted 'present' because the job is to vote up or down and not "I don't know" while Bernie or anyone abstaining to vote an essentially unconstitutional law do not fail to do their job by not supporting 'conditions' for it.

Impeachment Yes/No was a job requirement and in the constitution. Passing surveillance laws is not.

FTP is crusty and mostly dead, right? AWS just started supporting it anyway

man_iii

FISH with KDE3 and konqueror KIOslave!

I used to run as desktop RHEL3.x back in the day and lots of things I did right was using konqueror and fish to access all the boxen.

Amazon says it fired a guy for breaking pandemic rules. Same guy who organized a staff protest over a lack of coronavirus protection

man_iii

Re: Wow!

Amazon likes to fire workers who protest in human robot-based warehouse working conditions! News at 11 !

Amazon teases Bottlerocket, its take on Linux specifically for running containers

man_iii

Monolithic problems

isn't the issue of OS updates more to do with the system packages vs app packages breaking compatibility and not really a boot issue?

I wouldn't say cloning and rolling back images are as helpful when you need to isolate the offending package or library update that broke it ...

Nokia said to be considering sale or merger as profits tank

man_iii

Nokia connecting crap

Elop was only the symptom of the PHB NIMBY disease infecting the top and manglement levels of Nokia with Symbian fighting Maemo and Meego. should have launched N900 in 2006 PROPERLY specced hardware instead of making so many blunders and refusing to launch a "phablet" back before the iPhone or Samsung ...

The BlackBerry may be dead, but others are lining up to take its place

man_iii

The Last Nokias

N900 Or N950 with an Ottercase was night indestructible with a beautiful sliding keyboard.

Wish mine don't end up in a ditch somewhere on a torrential rainy day :-P else I would still be rocking the snap cover to take fotos one handed and installing debian packages and doing all fun stuff... Compared to the bloated crap everyone calls a POS "os".... Even SailfishOS/Jolla can come close to whatt was the Nokia's last hurrah :-|

Cloudflare buys browser isolation biz S2 Systems in bid to realize Sun's network computing vision at long last

man_iii

CPU is the Brian of the Computah

( TM ) Teh InterTubes Sa Uber Brian of da Computah!

Train-knackering software design blunder discovered after lightning sparked Thameslink megadelay

man_iii

Re: and basically impossible to test for.

I got some good news and bad news.... Chrome can run Google Authenticator app on the desktop without problems... But figuring out how to get it working and setup with the qr scan code is a task all on its own.

This isn't Boeing very well... Faulty timer knackers Starliner cargo capsule on its way to International Space Station

man_iii

Santa Express

Most definitely not using Boeing and their TOY delivery failure in future. MCAS and this "software" Timer based goto loops... Is this how engineers design rockets and spacey things?? I can understand the need for simplicity but a lack of feedback synchronization seems so strange...

RDP loves company: Kaspersky finds 37 security holes in VNC remote desktop software

man_iii

VNC isn't secure!

News at 11 ... Vnc isn't secure. Use it over SSH or some encrypted tunnel... Common sense I would have thunk it was.... Vnc does its job and not meant to be your secure piece of code.

Microsoft emits another peep at PowerShell 7 with new toys and the return of an old friend

man_iii

PS silly like putty

What wonderful "features"! So modern... Wish we could putty into it without bothering with the start menu and like.... Maybe next century? By then perhaps we will get batch scripting! Omg! Gasp!

Sussex Police gives up on £790k Gatwick drone shutdown probe

man_iii

Bonus sightings

This has to be a raise.

Fly your flag and toot your horn. Say terrorist drones and not copper drones won the day... Paycheck

Do it every six months and every plod tom dick and Harry will wanna join the drone patrol!!!.

Arrested development: Cops dump Amazon's facial-recognition API after struggling to make the thing work properly

man_iii

Flag of Innonence

If AI tells someone is a crook do thy get shot or is there benefit of doubt?? How do u prevent bad impressions or false flagged operations???

Firm fat-fingered G Suite and deleted its data, so it escalated its support ticket to a lawsuit

man_iii

Tested backups

All this nonsense about running entire business on cloud with no backups should worry more IT folks given how frequently cloud platforms tend to fail.

Even multiple cloud providers can experience near simultaneous regional outages and having things in a S3 bucket and github project doesn't cut it as being "backed up".... it is how data exposure and breaches happen....

Sounds like the olden days grey and white bearded druids were right about managing your own IT inhouse if your business depends on it!

LibreOffice 6.3 hits beta, with built-in redaction tool for sharing those █████ documents

man_iii

Fonts of Blotted Ink

I think Extended ASCII has text blocks 128-255? Also some font called Donger?

Dissed Bash boshed: Apple makes fancy zsh default in forthcoming macOS 'Catalina' 10.15

man_iii

Bashing GPL with benefits

Apple tends to be a corporate entity with profits its sole motivator. Tech moves forward through the wetware of human beans. This is why open source GPL freeware is important.... what was once a hobby tinker doodad gets shared via the human touch for the better or worse lessons learnt along the way.

'Software delivered to Boeing' now blamed for 737 Max warning fiasco

man_iii

737 stable body for given values

Saw some air safety analyst mentioning 737 and 737MaX were airworthy planes... For a given value which differs significantly for both aircraft. Hence the need for recertification of pilots and planes.

I always wondered is it air worthy when cruising, climbing, descending, landing, takeoff, rolling left or right, ..... What percentages of air worthiness is acceptable for commercial and passenger aircraft?

Is the 737MaX 80% guaranteed to kill u landing and taking off???? No one and especially not the analyst seemed to answer that, to me, obvious question.

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021