Posts by FILE_ID.DIZ

Re: Silly Question

While I am no expert nor anything beyond a layperson - a big problem with config files like these is that the encryption has to be reversible. So, how do you do that at-scale?

A client-managed password is always a solid option. However I'm sure there's a non-zero number of SonicWall Cloud Backup users who wouldn't want to do that. Think about AWS S3 encryption-at-rest. I wonder what portion of companies use the server-managed encryption key vs using their own key?

So now the service provider has to manage the encryption key(s). KEK can be used here, but still at the end of the day, if the KEK key(s) is/are compromised, then everything encrypted by that DEK can be decrypted.

Basically it is hard to handle encryption safely at scale.

Re: Risks?

They probably declined the insurance option. I mean, who needs insurance as long as you're careful, AMIRITE? Insurance is for suckers and losers!

Using Sysinternal's CoreInfo tool and a webpage from 2011 (yes, apparently 14 years ago if the date is trustworthy), you can check if your computer meets the requirements.

https://www.howtogeek.com/73318/how-to-check-if-your-cpu-supports-second-level-address-translation-slat/

Note: Do execute the correct bitness version of coreinfo.exe. Running the 32-bit version on a 64-bit OS fails to work.

Re: The pros have it.

Don't worry - Musk and DOGE has already visited NSA. They'll be winnowed down soon enough, like what's happening to SSA and Dept of Ed.

Re: Don't get it

If the endpoint was already infected when the domain was valid but not detected, what makes you believe they're capable of finding failed connection attempts now.

I think that's a clear case of the former negating the latter

Re: Anyone else not buying into this?

Not that I know much about CDNs or whatnot, but my casual recollection of a smattering of NANOG maillist posts over the years seems to indicate to me that with the transition to all HTTPS for web content, CDN providers seem to feel really uncomfortable having their cache boxes outside of their physical care, custody and control since those devices are required to also store a copy of the TLS keys for all their customers loaded on any specific boxen.

That could be a reason. It could also be a completely wrong analysis and incorrect synthesis of incorrectly recalled impressions.

Re: Replacing Imports

UNICOR is the trade name for Federal Prison Industries.

You can see all that Federal prisoners make here: https://www.unicor.gov/

The prices seem reasonably cheap on many items.

Re: phone numbers are easy

Compared to FE80:CD00:0000:0CDE:1257:0000:211E:729C? Or even FE80:CD00:0:CDE:1257:0:211E:729C??

Sure, DNS can fail.

However - a /64 should be what's assigned to a host. While that's not as short or easy to type as 192.0.2.2, (colons suck for the shift component - can't type with a single hand on a 10-digit number pad, for example) FE80:CD00::0CDE is all that you should need to locate a single host on a network if you're not assigning /128's like a numpkin.

Note:

(FE80 is a terrible example - in the real-world, that machine would have a /64 somewhere within 2000::/3)

Re: "...after Q3 nosedive..."

Maybe the bean counters were replaced with all the failed 737 MCAS units?

Re: School rules

Which is a sphere! Or spheroid, if they weren't so accurate in machining and manufacturing it.

How'd you get back home?

Re: plastic can melt

I was chatting with a colleague of mine earlier this week, wondering when this CoPilot shit would be added to Windows Server.

His position was a strong "never".

If that holds out, maybe my next Windows OS will be Windows Server if this CoPilot crap can't be avoided easily enough.

Re: Cash is king

A few things -

First off, as some in Western North Carolina have recently discovered - having some cash on hand in your emergency kit, is useful. No power and/or no telecoms = no ATMs or working banks or debit/credit card machines at stores.

And an emergency doesn't always mean a catastrophic storm. A banking outage can qualify. Heck, ever since the Change Healthcare debacle earlier this year, I've made it a point to keep 7-10 days of prescription drugs that me and my better three-quarters depend on, have been put aside and rotated from time to time (for freshness), preparing for the next cyberattack that cripples that industry.

Secondly, I'm sure most people who complained about BoA's outages were people with DDAs (Demand Deposit Account) with BoA. DDAs don't generally pay interest, so second hole in your interest-stealing cat thief.

Third, looking at NOW accounts at BoA, they pay a paltry interest, even in today's high(er) interest rates. In my area, they're currently paying between 0.01% APY and 0.04% APY, depending on the Preferred Rewards Tier with Interest Rate Booster, whatever that means. So, third hole - BoA doesn't really reward you for keeping your extremely liquid funds with them anyways, so what's a few hundreds dollars in a safe or dresser drawer or even under your mattress actually losing?

And for those with more liquidity - there's better places than a DDA or NOW account to keep it, but that'd make the money a bit harder to get at in a moment's notice.

This is not financial advice.

Re: In a nutshell..

It's always pilot error at the end, isn't it? :)

I think the point being made here is that regular powershell auditing and logging that enterprises do by sifting continuously through PS Module Logging, PS Script Block Logging and PS Transcription data streams could be thwarted with this technique.

Re: Pay the workers better?

Sorta.

First off, the $56 billion is paper money. That's why it's worth only $48 billion now.

Secondly, it's value is derived solely from the price of a share of TSLA.

Thirdly, in order for Musk to convert that paper money to real money, he's going to have to find literally billions of dollars from other investors who want to buy his shares at the time he divests. Given the enormous quantity of shares he has, any considerable selling off his shares will cause the price to drop in a very noticeable way. (It happened when he sold a ton of TSLA to get cash to buy Twitter, for example.)

Finally, a company's share price - or the sum of the total or fraction thereof of shares - has no direct effect on the company's books, except when that company chooses to issue more shares or buys back shares. The value of a company from the lens of it's stock price is the value that investors give it. No more and no less. It (seemingly and more rarely in a general sense) has little bearing of the company's actual value creation.

Your last statement can only be true for employees (former or otherwise) who own shares of TSLA AND voted to give Musk that massive traunch of stock.

Re: Oh got to love US tech bros

Or even deal with this thing called "weather".

They're operating in some of the most weather-less cities in the US; Phoenix, San Francisco, Los Angeles.

Numpkins.

If COVID and its lockdowns taught us anything about billionairs' survival plans, it's not in 'Murica but in New Zealand.

I don't know if that terror-beast would be allowed there.

https://www.seattletimes.com/nation-world/rich-americans-activate-new-zealand-pandemic-escape-plans/

I prefer O&O's Shutup10 (also works for 11, but they've kept the name the same) to keep me up-to-date on Microsoft's shenanigans of resetting settings' choices and when adding and splitting settings from time to time. Oh, and all the bullshit in Edge too.

https://www.oo-software.com/shutup10

I usually run it on the middle setting (yellow) and haven't found it to break anything I've noticed.

Good question.

Interestingly, there was an article in The Register (https://www.theregister.com/2024/02/14/waymo_files_recall_after_pheonix/) where two Waymo cars hit the same cock-eyed towed vehicle behind a tow truck within minutes of each other because the software responded identically to the input stimulus. (Makes sense, if you think about it.)

I'd say they're all identical and therefore should all be considered a single driver. A software update is like remediation and/or additional court-required training.

Accumulate enough infractions however, or abuse/use all your ways to shed points and you're off the road until those infractions reset on whatever time-scale and/or court visits a regular meatbag might require.

Unless and until the congress critters (likely local governments and/or state governments) choose to change the laws for robots and until then, the robots are no different than the meatbags, in the eyes of the law.

The few datacenters that I'm familiar with (eg: have stuff in cages) use rotary UPS instead of batteries of any chemistry.

Batteries have maintenance demands and can leak or off-gas hydrogen which burns basically clear if you don't have sensors to detect hydrogen buildup.

The few data points that I have doesn't make a trend, but there seems to be plenty of datacenters which either fall over due to poor UPS maintenance and/or battery hold time wasn't as expected or the/a UPS might have been the cause or the chemical accelerant for a fire, like OVH in France.

Edit: That's not to say that rotary UPSs also don't have maintenance. But at least you're not pitching tons of batteries every few years if you're not doing some type of wet battery that have life-spans that can reach 20 years, iirc.