Posts by martyn.hare

If Facebook and Goggle can work out who I like, where I have been...

Then you're not protecting your own privacy properly in an age the where failure to do so carries more risks than ever before. These trillion dollar companies with GDP bigger than the UK can't "introduce systems that can't be defeated by VPN's, Token Sharing and anything else that can be used now" because to do so would make the uncensored non-WWW options I mentioned previously appear much more convenient, turning them into the defacto standard choices for everyone (whether adult or child).

Case in point: LimeWire still works right now despite authorities across the globe "shutting it down" many years ago. It's incredibly convenient. Wikipedia explains all, only a handful of versions fail to work.

You can always NOT try it yourself to see how NOT easy it is: Download it, run it, wait a minute or so for it to connect, then search for 'xxx'. When you see a result you like, feel free to NOT select it and NOT click download. Your PC will then NOT connect to every other PC which hosts a copy (seeders) and totally NOT download chunks of the file from each of them. I think you get the idea.

Folks only use porn websites because waiting 30-40 seconds on a download is very slightly less convenient than instant streaming. Add barriers to accessing the content and that changes things. It's also worth noting that the content on mainstream porn websites is now all verified (with performers having to supply proof of ID before uploading) while P2P content is an unvetted free for all.

In conclusion: "lol no kid will be 'saved' from the porno" is an informed opinion, it's just an opinion you don't like. In fact, not only will no kid be "saved" they'll end up more exposed to it than ever before if this proposal becomes statute.

Hedonistic tendencies for the win!

Everything going on is perfectly natural. The Internet is for porn and all that. VRChat is still full of fun thankfully. I hope it stays that way. I still remember when even simple things like 240p webcam broadcasts were considered cutting edge. The first thing I did was find girls to mess with across various IM services because guess what? That’s what people liked to do! Folks who didn’t want to take part just didn’t, how refreshingly simple!

Nowadays, folks can’t tell the difference between fantasy and reality. It’s all thanks to social media and the web in general becoming super serious; which is all thanks to businesses like facebook and linkedin cyberstalking/profiling everybody. Many people don’t know how to have fun any more because they’re too wrapped up in whether their profile will be judged by some twat in a suit later down the line, or even worse, a hate mob.

Protip: Dump social networking websites! Gather phone numbers instead, then… have at it!

Already better than successful

People shouldn’t care about “success” and should follow the path which makes them happy, healthy and which makes them feel like they belong.

It’s all this money/business talk (or what people keep calling “success”) which corrupts everything we hold near and dear to us.

Winepaks make support doable

Pirates managed to deliver decently packaged video games using Flatpak with Wine. The same approach would work for Office and many other apps, it’s just that copyright holders would cry so IT folks can’t all just crack the DRM and share portable working copies of common Windows software with one another.

With the extreme simplicity (for better or worse) that is GNOME 3 these days, support is extremely simple compared to before, especially if sysadmins sync subsets of upstream distro repositories to allow users to “just install” anything admins allow in there. Due to the lack of unwanted functionality by default, most folks don’t even need profile/lockdown tools like Sabayon to make a decently functional corporate system. The remainder (Windows apps) could be dealt with using Winepak.

Of course, this assumes that user training is outside the purview of IT, like it always has been for Windows (don’t know Windows? GTFO)

Get yer burflags here!

You do have at least TWO domain controllers, right? Set burflags appropriately and roll back all but the one you want to be authoritative! Problem sorted.

Or you could consider migrating to a less “agile” platform like RHEL, Debian or Ubuntu where stuff generally doesn’t randomly break when receiving patches.

I concur

I would even go as far as to say “my copy, my rules” and if companies do not like me modifying their code, they should not have given it to me in the first place!

echo “Do whatever you like…” > LICENSE

Problem solved!

Go full sociopath, embrace the abundance

My fellow geeks, let us enjoy the grandiose lives we have built for ourselves!

Thanks to a collective effort from like-minded peers, we now have music, movies, books and games on tap the same way we have water. The remainder of everyday administration (cooking, cleaning etc.) can be taken care of by investing in machine learning, robotics and bribing otherwise ineffective normies who are happy to serve!

Make THOSE people do all your shopping, cooking, washing and cleaning until they’re ready to be replaced. By the time we are obsolete, there won’t be any value left in human labour!

HOWTO: Adding a PDF to an iDevice on Linux

0) Make sure you’re using a DE with GVFS support and have appropriate packages installed

1) Plug the iDevice in while it is unlocked, so that you receive an offer to trust it

2) Trust the computer, just like on Windows/macOS (this may or may not need a PIN entry)

3) Select the iDevice from the left hand side of Nautilus/Dolphin/Files

4) GVFS then beautifully mounts it using libimobiledevice and FUSE

5) Drop the file into the appropriate app folder for use on your iDevice

It’s easier to use libimobiledevice+gvfs+fuse than it is to use iTunes on Windows and ironically it is easier to use securely from your desktop environment than adb is! You just need to know what tools you need installed ahead of time.

You can also do it using these methods if it’s easier:

* Samba shares are supported in the iOS Files app and elsewhere, just make an SMB share!

* WebDAV shares are supported too, again, just share it from your Linux desktop with ease!

* Cloud services are supported, including NextCloud from within the Files app. Use those?

* Resilio Sync allows you to sync over your local LAN and is free to use. Use that?

* VLC Media Player for iOS supports a network file transfer facility, use that to do HTTP uploads!

I hope someone finds this useful :-D

Millennials are doing way better, Gen Z will be better still!

We can and do know how to handle config.sys, autoexec.bat and totally understand what ibmbio.com and ibmdos.com are for. The difference is that we decided to create tools to free the world from mundanity and complex implementation details.

That’s why we’re the generation which works from home doing as little as possible to earn as much as possible. Why work harder when you can work smarter? I pity the Gen X’ers which put “independence” ahead of living a happy and comfortable life. They were had. The last generation sold their souls for a life of wage slavery on the promise of a great retirement, while we work comfortably knowing retirement is nature’s biggest illusion anyway.

…and Gen Z? They will likely inherit the 4 day working week and extra holidays for “mental health days” and I say all the more power to them. The great resignation over in the states is just a warning of changes to come. Hard work will be a thing of the past and rightfully so.

To save us all.. we could just..

Bring back Sandy Heath. We never had so much cancer and covid until we started watching extraterrestrial television! FACT!

Adverts are not the price you pay

Sponsorships are. Notice how the content contributed to the top 5 websites is by and large powered by sponsorships these days? This shows that the personalised advertising business model really doesn’t work because if it did, there would be no need (and thus no demand) for fixed sponsors.

I have seen plenty of sponsored content online but no randomised or personalised adverts… and funny enough, I am a heck of a lot more likely to think about a sponsor which relates to (and supports) content I am interested in.

I think we all know where the future is headed. Google needs to catch up and fast.

Forget Raab… focus on the decent people like…

Rowan Atkinson, Sean Lock, Bill Burr, George Carlin; all of whom have pointed out the absurdity of overzealous censorship. We should all be allowed to say appalling things from time to time and while people can judge us for by our words, they should not be able to use them to silence us.

Also: Fuck the children, let’s think of OUR safety and security!

Tories wanted to can TV Licencing

Crapita gives guaranteed upfront cash to BBC and then collects excesses for profit. So they had to "sweeten the deal" and throw them a bone, didn't they?

Twats.

Except the right to work from home...

Is something the German public is likely to have granted to them following this pandemic. This was something they were asking for long before the great public health disaster of 2019 and now the whole population has a very simple, easy justification for it.

What's more likely to happen is insurance companies making the legal argument that if the home is the workplace then it's subject to the same workplace health and safety policies as the main office (no smoking, no pets, fire extinguishers present at key doorways, LED lighting for a safe exit in an emergency etc.) and refusing to pay out if all the criteria are not met.

100% free things which would have saved them

* Blocking commonly abused filetypes on email (xlsm in this case, easy peasy)

* Group Policy to disable macros, embedded ActiveX, remote references/links and frames in Office

* Only allowing Microsoft products to communicate with Microsoft IP ranges and necessary SMB servers

* Blocking unknown software by default on Windows Firewall (easy peasy to implement)

* AppLocker or WDAC to prevent any and all unknown executables and such from executing

* Built-in Windows Defender with Zero Tolerance Extended Cloud Protection configured

* File Server Resource Manager could have blocked the encryption attempts (using honeypot files)

I'm willing to bet that just one of those things alone would have stopped the attack dead in its tracks.

On the Windows networks I configure, I try to get as close as possible to implementing all of the above.

It's unreasonable because...

There's so many projects out there which do the same thing for free. Eventually these companies will have to compete with truly free offering maintained by collaborations between nation states. Just look at the EU, UK and soon to be US mandates for software purchased using taxpayers money to be licenced for taxpayers to use (effectively meaning open source has to be used).

At some point, the next logical step will be for countries to cut out the "agile" crap (which private businesses are pushing to try to stay relevant) and just make stable, reliable software which is well-maintained and not suffering from featuritis.

I will be migrating most, if not all of my customer server systems to Debian, even if it is technically less secure than RHEL and sometimes lagging behind on fixes. Once complete, a good old unattended-upgrades nightly reboot will keep things snappy.

Complete WFH or bust

I'm willing to walk away from companies offering "hybrid" if it's even so much as subtly implied that it's a requirement that people should go to the office. There's nothing better than having full control over your own working environment, no more need for a car or other vehicle and the ability to socialise completely on my own terms.

WFH will really start to shine this coming summer, as the lunch hour becomes an easy way to (safely) enjoy the local park, proper morning runs for personal fitness will become super convenient with the ability to shower at home... plus having friends over rather than going to noisy bars/pubs/clubs is still cheaper, even if you pay for all the drinks and most of their taxi fares.

I'm in my early 30s now, I'm not some newbie junior gopher who needs to learn the most basic of the basics from my elders any more. Sod the next generation and their training needs; this is exactly the sci-fi dystopia I've been craving and I'm not afraid to tell it as it is!

Just copy progman.exe from XP

Easy peasy way to have the best UI every time

Yes and ISO2700X agrees too

For security and practicality reasons, your dev environment should be isolated from your production one, even if you’re a developer. This is true of Windows, macOS and Linux.

npm, pip, pecl, nuget... Name a convenient dev tool which doesn’t make a clusterfsck of your system?

Troubling until you realise...

That the availability of technology actually makes for the ability to manage large numbers of people as cohorts in ways that the personal touch cannot. It's about time that healthcare became truly proactive rather than reactive. We absolutely should be grabbing as much data as possible and asking qualitative questions to determine context.

Yes, people need personal attention from doctors who think for themselves but there absolutely is a place for collecting large amounts of legitimate telemetry data from people to identify potential issues before they would normally become a problem.

It would be very nice, however, if that data wasn't being processed by Microsoft Viva (indirectly), Deepmind and a bunch of other private sector shovelware but instead by computers and software fully owned and open for use by the taxpayer. Of course, the moment politicians get involved, you get multiple failed attempts and dodgy deals between friends soon after...

Many security standards are broken anyway

Cyber Essentials Plus includes a vulnerability assessment which only cares about High or Critical rated vulnerabilities and the targets scanned only have to include those where end users log into them interactively. So you can have an unpatched domain controller which results in the next big WannaCry-style incident and still be certified as compliant by your assessor. Or even worse, you can patch your stuff but use HTTP with plain authentication or have a PPTP VPN without PEAP to secure the authentication packets and be fine for both self assessment and verification! Heck, feel free to NOT use full disk encryption while you’re at it!

But if you dare to have Windows Insider Preview on any of your computers you will fail, as it doesn’t meet the criteria of being supported by the software vendor, preventing IT from getting clued up about what’s around the corner in a meaningful way.

It’s the future…

By 2040, almost every building with have very efficient solar panels and computers which use far less electricity than what we use today. The rickety old power grid would be supplementary and to avoid interruptions, most buildings would pack a UPS-like battery backup. That’s assuming nobody finds the key to sustainable nuclear fusion by then, freeing us from most of the limitations we have today.

In terms of going extinct.. as long as we have stupid monkeys playing fast and loose with their gametes, we will always have a supply of next generation children to keep everything ticking over. No worries there!

Because Google is actually useful

What? Someone had to say it.

Be the change you want to see!

I'd rather lose my job through automating away what makes me relevant in the here and now than become someone's meat sack automaton, it's that simple. I'm already most of the way there and when the day comes that me and my bosses can't exploit low-hanging fruit for easy money, I'll relish the extra challenge!

Now gimme the full, unredacted original paper, so I can find out the whole truth!

Just like Persona games

Those start off with fully fleshed out voice acting but then for the majority of the mid-game content the voice acting is minimal or heavily reused. It’s a design choice which is fairly standard in RPGs when dealing with off-story fetch quests and other padding.

Not every game can go full on Yoko Taro or Hideo Kojima; as in excellent voice acting paired with excellent parasocial relationship building, Amazon are noobs to video games, so let them go demi-Atlus… minus the weird factor!

Why was MrTuK downvoted?

I'm fully vaccinated against said virus too and would absolutely recommend folks get themselves an mRNA-based vaccine ASAP if they haven't already... but there's two sides to every story.

If it's OK for businesses to suspend people for being unvaccinated on the basis of reducing the risk of spreading the disease, then the following should also end up suspended by the very same logic:

* Smokers (whether daily or occasionally)

* Those with a BMI over 30

* Weekend binge drinkers

* Recreational cannabis users

After all, the longer you're infected for, the greater the risk you'll infect others and all of the above is known to affect ones recovery time. It could be argued that across the whole spectrum of highly transmissible diseases that refusing folks matching one or more of the above would be a fantastic way to minimise HR liabilities. There are already employers (like the WHO) who refuse to employ people who make obviously unhealthy lifestyle choices (if you smoke, the WHO won't employ you, period).

Are we 100% sure accepting these new restrictions isn't a catalyst to losing a bit more of our free will? I'm quite happy to live a healthier life around healthier people (a workplace full of healthy, happy people is 100% for the win) but isn't the idea of freedom based on the idea that everyone has individual responsibility and a right to choose?

Let's be careful what we wish for here.

FTP is totally appropriate where

The instance has a dedicated purpose, your payload is itself encrypted and where you’re using both IP restrictions and a form of digest-based authentication. Its also worth keeping in mind that SFTP is not great for security either if we are talking OpenSSH vs. vsftpd where the latter has remained very static in feature set, has been widely audited and thus has always had very few bugs.

Should you need TLS for your old FTP implementation, you always have the option of forcing FTPS in modern ftpds or if you’re forced to use outdated crap, then you can either IPSec your way around it or use stunnel.

It is possible to avoid collecting PII

Since (shirt number + club) as your combined identifier is technically pseudonymous data. So their case should result in zero future impact on stat collection from sporting events, it just shifts the goal posts slightly when it comes to presenting it.

IANAL but from what I remember, our NHS data uses pseudonymous linking to allow “opt-out” of medical records sharing. I can’t see a judge risking breakage of essential public sector data collection when making a considered judgment.

There is a simple fix for it

Make it so you only need to have your app go through the App Store if it is supplied as a binary. Then, allow users to compile, sign and sideload apps to their own device with the caveat that those apps are sandboxed under a separate UID from other apps.

This prevents the spread of malware between devices, limits access in the event of a sandbox break and will result in a flourishing open source community which might even do better than say F-Droid.

Here’s why you might NOT want to disclose anything at all

During the COVID pandemic, doctors would discriminate based on health history to decide who did NOT get a ventilator to maximise total survivor counts at the cost of people who effectively had comorbidites. Italian doctors admitted this openly and honestly to UK news rooms.

People with histories of alcoholism would be less likely to receive liver transplants compared to individuals with healthier outcomes when there is a shortage of supply. Boards review cases and decide who is more deserving.

That is before we consider what the police do when they get hold of data….

Relevant data should exist on a device you carry on your person at all times, not necessarily held on Microsoft’s cloud (NHS) or be slurped by Google servers (Deepmind). We need also need ways to detect and allow for proper private prosecutions for abuse of data, not just financial compensation.

Describes my situation in a nutshell

I quit working temporarily to go get my MSc Cyber Security in 2019 but haven't truly used it since. I've done a few outsourced pentests but that's about it. In my day to day life, I'm mostly working as a glorified sysadmin but one who ends up answering questionnaires from third parties and who implements as many useful defences as possible while being assumed to be the guy who's broken everything whenever a fault occurs...

Even with a decent employer offering me a pick of whichever certs I want to go for.. I have no idea what is or is not worth going for and whether I even meet the prerequisites given how varied my work ends up being. IMHO, the system needs an overhaul...

Or… a happy medium

Netflix could offer a way for ISPs to opportunistically cache data by not unnecessarily using HTTPS to deliver their video content. Send the client a compressed+encrypted wad of checksums/keys and then deliver the exact same DRM-encrypted data to every subscriber.

Problem sorted.

Re: Inalienable rights

Inalienable is to inflammable what flammable is alienable. Or for those God-fearing southerners: A bit like what Free Will is to Old Testament! Remember that your rights always end where judge says you’re wrong!

No worse than buying a Freddo

With the £20 note you acquired from selling that spare eighth you had lying around…