* Posts by martyn.hare

189 posts • joined 24 Mar 2021

Page:

UK.gov threatens to make adults give credit card details for access to Facebook or TikTok

martyn.hare
Facepalm

If Facebook and Goggle can work out who I like, where I have been...

Then you're not protecting your own privacy properly in an age the where failure to do so carries more risks than ever before. These trillion dollar companies with GDP bigger than the UK can't "introduce systems that can't be defeated by VPN's, Token Sharing and anything else that can be used now" because to do so would make the uncensored non-WWW options I mentioned previously appear much more convenient, turning them into the defacto standard choices for everyone (whether adult or child).

Case in point: LimeWire still works right now despite authorities across the globe "shutting it down" many years ago. It's incredibly convenient. Wikipedia explains all, only a handful of versions fail to work.

You can always NOT try it yourself to see how NOT easy it is: Download it, run it, wait a minute or so for it to connect, then search for 'xxx'. When you see a result you like, feel free to NOT select it and NOT click download. Your PC will then NOT connect to every other PC which hosts a copy (seeders) and totally NOT download chunks of the file from each of them. I think you get the idea.

Folks only use porn websites because waiting 30-40 seconds on a download is very slightly less convenient than instant streaming. Add barriers to accessing the content and that changes things. It's also worth noting that the content on mainstream porn websites is now all verified (with performers having to supply proof of ID before uploading) while P2P content is an unvetted free for all.

In conclusion: "lol no kid will be 'saved' from the porno" is an informed opinion, it's just an opinion you don't like. In fact, not only will no kid be "saved" they'll end up more exposed to it than ever before if this proposal becomes statute.

martyn.hare

Only the WWW is impacted

This means:

* BitTorrent is fine

* Gnutella is fine

* All of FreeNet is fine

* All of I2P is also fine

Also, the required credit card checks are easy to bypass in an unfixable way by implementing token sharing services.

Token sharing has existed for YouTube for a long time so folks without accounts can watch 18+ videos anonymously. It took me all of 10 minutes to bypass the credit card checks using GreaseMonkey, allowing full porno access. This all works across platforms, including iOS.

This is all *without* using a VPN.

With VPNs included… lol no kid will be “saved” from the porno.

This is going well: Meta adds anti-grope buffer zone around metaverse VR avatars

martyn.hare
Thumb Up

Hedonistic tendencies for the win!

Everything going on is perfectly natural. The Internet is for porn and all that. VRChat is still full of fun thankfully. I hope it stays that way. I still remember when even simple things like 240p webcam broadcasts were considered cutting edge. The first thing I did was find girls to mess with across various IM services because guess what? That’s what people liked to do! Folks who didn’t want to take part just didn’t, how refreshingly simple!

Nowadays, folks can’t tell the difference between fantasy and reality. It’s all thanks to social media and the web in general becoming super serious; which is all thanks to businesses like facebook and linkedin cyberstalking/profiling everybody. Many people don’t know how to have fun any more because they’re too wrapped up in whether their profile will be judged by some twat in a suit later down the line, or even worse, a hate mob.

Protip: Dump social networking websites! Gather phone numbers instead, then… have at it!

12-year-old revives Unity desktop, develops software repo client, builds gaming environment for Ubuntu...

martyn.hare
Go

Already better than successful

People shouldn’t care about “success” and should follow the path which makes them happy, healthy and which makes them feel like they belong.

It’s all this money/business talk (or what people keep calling “success”) which corrupts everything we hold near and dear to us.

Version 7 of WINE is better than ever at running Windows apps where they shouldn't

martyn.hare
Thumb Up

Winepaks make support doable

Pirates managed to deliver decently packaged video games using Flatpak with Wine. The same approach would work for Office and many other apps, it’s just that copyright holders would cry so IT folks can’t all just crack the DRM and share portable working copies of common Windows software with one another.

With the extreme simplicity (for better or worse) that is GNOME 3 these days, support is extremely simple compared to before, especially if sysadmins sync subsets of upstream distro repositories to allow users to “just install” anything admins allow in there. Due to the lack of unwanted functionality by default, most folks don’t even need profile/lockdown tools like Sabayon to make a decently functional corporate system. The remainder (Windows apps) could be dealt with using Winepak.

Of course, this assumes that user training is outside the purview of IT, like it always has been for Windows (don’t know Windows? GTFO)

martyn.hare
Linux

More like milk

Cheese is a product which slowly matures over time.

Windows 10 is more like raw milk these days!

Microsoft patches the patch that broke VPNs, Hyper-V, and left servers in boot loops

martyn.hare
Happy

Get yer burflags here!

You do have at least TWO domain controllers, right? Set burflags appropriately and roll back all but the one you want to be authoritative! Problem sorted.

Or you could consider migrating to a less “agile” platform like RHEL, Debian or Ubuntu where stuff generally doesn’t randomly break when receiving patches.

Ad blockers altering website code is not a copyright violation, German court rules

martyn.hare
Trollface

I concur

I would even go as far as to say “my copy, my rules” and if companies do not like me modifying their code, they should not have given it to me in the first place!

echo “Do whatever you like…” > LICENSE

Problem solved!

Mobile networks really hate Apple's Private Relay: Some folks find iOS privacy feature blocked on their iPhones

martyn.hare

Round 2: Phasing out of unencrypted DNS

Crap ISPs will cry a river when they can no longer harvest diddly squat due to proper encryption in place.

Just like root hints, there’s bugger all stopping standards bodies from telling DNS providers to start shipping keys/certs which reference IP addresses as a bootstrap to eliminate plain DNS. When combined with encrypted SNI in TLS 1.3 it signals the death knell for large scale snooping of traffic without consent.

You geeks have inherited the Earth, but what are you going to do with it?

martyn.hare
Thumb Up

Go full sociopath, embrace the abundance

My fellow geeks, let us enjoy the grandiose lives we have built for ourselves!

Thanks to a collective effort from like-minded peers, we now have music, movies, books and games on tap the same way we have water. The remainder of everyday administration (cooking, cleaning etc.) can be taken care of by investing in machine learning, robotics and bribing otherwise ineffective normies who are happy to serve!

Make THOSE people do all your shopping, cooking, washing and cleaning until they’re ready to be replaced. By the time we are obsolete, there won’t be any value left in human labour!

It's the day before the grand opening but we need a firmware update. It'll be fine

martyn.hare

Re: Friday rule

That’s odd. I tend to do all my maintenance on Fridays so I have all weekend to abuse a certain Redmond ISV’s business critical priority breakfixes in the event of a big issue…

Can you get excited about the iPhone 13? We've tried

martyn.hare
Linux

HOWTO: Adding a PDF to an iDevice on Linux

0) Make sure you’re using a DE with GVFS support and have appropriate packages installed

1) Plug the iDevice in while it is unlocked, so that you receive an offer to trust it

2) Trust the computer, just like on Windows/macOS (this may or may not need a PIN entry)

3) Select the iDevice from the left hand side of Nautilus/Dolphin/Files

4) GVFS then beautifully mounts it using libimobiledevice and FUSE

5) Drop the file into the appropriate app folder for use on your iDevice

It’s easier to use libimobiledevice+gvfs+fuse than it is to use iTunes on Windows and ironically it is easier to use securely from your desktop environment than adb is! You just need to know what tools you need installed ahead of time.

You can also do it using these methods if it’s easier:

* Samba shares are supported in the iOS Files app and elsewhere, just make an SMB share!

* WebDAV shares are supported too, again, just share it from your Linux desktop with ease!

* Cloud services are supported, including NextCloud from within the Files app. Use those?

* Resilio Sync allows you to sync over your local LAN and is free to use. Use that?

* VLC Media Player for iOS supports a network file transfer facility, use that to do HTTP uploads!

I hope someone finds this useful :-D

martyn.hare
WTF?

Some folks still don’t get it…

Apple’s number 1 “innovation” is proper long term support of all their products, so that you only buy a new device when technology has actually moved on, not just because a new model is out. If Apple were to follow the track of its competitors and lock new features behind rapid hardware repurchases, they’d lose their USP. It really is that simple.

The iPhone 5S came out in September 2013 and received its last update in September 2021. We’re not talking half-arsed stuff either. We’re talking about all the support for COVID exposure and the like, as well as all the newer apps. Mac Minis from that era will run Catalina which will still be good to go until October 2022.

I’m on an iPhone SE and here’s a list of recent notable improvements:

* Keychain 2FA codes now sync across devices (with E2E encryption)

* Transparent censorship resistance (for UK high court blocked sites)

* Automated private email forwarder integration across all apps (Hide My Mail)

* Full custom domain support for iCloud+ replacing Office 365 (at no extra cost)

* Various codec, image format and video frame rate improvements across the board

* The ability to pick an iOS branch and pin to it for extra stability without MDM

* Many enhancements to noise cancellation so that it’s safer to use while working

* Proper CoreAudio multi-device switching (Music on speakers but Swyx calls on AirPods)

* Better warnings about ISPs which try to spy on you at the DNS level (e.g. Sky Broadband)

* An actual way of managing my digital legacy (this completely replaces LastPass now)

* Cleaner reciprocal location sharing (Google retired this recently but Apple improved it)

* HealthKit now has better tracking of walking/running, eliminating the need for a fitbit

Most of the above has actually replaced paid subscriptions and/or third party apps with a cleaner, better integrated solution, saving me a lot of time and money over the long term. You don’t need to be a beancounter to understand why users still continue to use iPhones despite the “lack of innovation” being claimed.

Fisher Price's Bluetooth reboot of pre-school play phone has adult privacy flaw

martyn.hare
Angel

Millennials are doing way better, Gen Z will be better still!

We can and do know how to handle config.sys, autoexec.bat and totally understand what ibmbio.com and ibmdos.com are for. The difference is that we decided to create tools to free the world from mundanity and complex implementation details.

That’s why we’re the generation which works from home doing as little as possible to earn as much as possible. Why work harder when you can work smarter? I pity the Gen X’ers which put “independence” ahead of living a happy and comfortable life. They were had. The last generation sold their souls for a life of wage slavery on the promise of a great retirement, while we work comfortably knowing retirement is nature’s biggest illusion anyway.

…and Gen Z? They will likely inherit the 4 day working week and extra holidays for “mental health days” and I say all the more power to them. The great resignation over in the states is just a warning of changes to come. Hard work will be a thing of the past and rightfully so.

CISA issues emergency directive to fix Log4j vulnerability

martyn.hare
Stop

Remember folks

Log4j 2.x is what’s impacted, not all those creaky old systems you forgot to patch running an ancient 1.2.x atop some random old Tomcat version!

Dutch nuclear authority bans anti-5G pendants that could hurt their owners via – you guessed it – radiation

martyn.hare
Boffin

To save us all.. we could just..

Bring back Sandy Heath. We never had so much cancer and covid until we started watching extraterrestrial television! FACT!

Google Chrome's upcoming crackdown on ad-blockers and other extensions still really sucks, EFF laments

martyn.hare
Happy

Adverts are not the price you pay

Sponsorships are. Notice how the content contributed to the top 5 websites is by and large powered by sponsorships these days? This shows that the personalised advertising business model really doesn’t work because if it did, there would be no need (and thus no demand) for fixed sponsors.

I have seen plenty of sponsored content online but no randomised or personalised adverts… and funny enough, I am a heck of a lot more likely to think about a sponsor which relates to (and supports) content I am interested in.

I think we all know where the future is headed. Google needs to catch up and fast.

MPs charged with analysing Online Safety Bill say end-to-end encryption should be called out as 'specific risk factor'

martyn.hare
Paris Hilton

Forget Raab… focus on the decent people like…

Rowan Atkinson, Sean Lock, Bill Burr, George Carlin; all of whom have pointed out the absurdity of overzealous censorship. We should all be allowed to say appalling things from time to time and while people can judge us for by our words, they should not be able to use them to silence us.

Also: Fuck the children, let’s think of OUR safety and security!

Academics horrified that administration of Turing student exchange scheme outsourced to Capita

martyn.hare
Flame

Tories wanted to can TV Licencing

Crapita gives guaranteed upfront cash to BBC and then collects excesses for profit. So they had to "sweeten the deal" and throw them a bone, didn't they?

Twats.

Bloke breaking his back on 'commute' from bed to desk deemed a workplace accident

martyn.hare
Coat

Except the right to work from home...

Is something the German public is likely to have granted to them following this pandemic. This was something they were asking for long before the great public health disaster of 2019 and now the whole population has a very simple, easy justification for it.

What's more likely to happen is insurance companies making the legal argument that if the home is the workplace then it's subject to the same workplace health and safety policies as the main office (no smoking, no pets, fire extinguishers present at key doorways, LED lighting for a safe exit in an emergency etc.) and refusing to pay out if all the criteria are not met.

Irish Health Service ransomware attack happened after one staffer opened malware-ridden email

martyn.hare
Meh

100% free things which would have saved them

* Blocking commonly abused filetypes on email (xlsm in this case, easy peasy)

* Group Policy to disable macros, embedded ActiveX, remote references/links and frames in Office

* Only allowing Microsoft products to communicate with Microsoft IP ranges and necessary SMB servers

* Blocking unknown software by default on Windows Firewall (easy peasy to implement)

* AppLocker or WDAC to prevent any and all unknown executables and such from executing

* Built-in Windows Defender with Zero Tolerance Extended Cloud Protection configured

* File Server Resource Manager could have blocked the encryption attempts (using honeypot files)

I'm willing to bet that just one of those things alone would have stopped the attack dead in its tracks.

On the Windows networks I configure, I try to get as close as possible to implementing all of the above.

CentOS Stream 9: Understanding the new Red Hat OS release for non-Red-Hat-type people

martyn.hare
Devil

It's unreasonable because...

There's so many projects out there which do the same thing for free. Eventually these companies will have to compete with truly free offering maintained by collaborations between nation states. Just look at the EU, UK and soon to be US mandates for software purchased using taxpayers money to be licenced for taxpayers to use (effectively meaning open source has to be used).

At some point, the next logical step will be for countries to cut out the "agile" crap (which private businesses are pushing to try to stay relevant) and just make stable, reliable software which is well-maintained and not suffering from featuritis.

I will be migrating most, if not all of my customer server systems to Debian, even if it is technically less secure than RHEL and sometimes lagging behind on fixes. Once complete, a good old unattended-upgrades nightly reboot will keep things snappy.

More than half of UK workers would consider jumping ship if a hybrid work option were withdrawn by their company

martyn.hare
Thumb Up

Complete WFH or bust

I'm willing to walk away from companies offering "hybrid" if it's even so much as subtly implied that it's a requirement that people should go to the office. There's nothing better than having full control over your own working environment, no more need for a car or other vehicle and the ability to socialise completely on my own terms.

WFH will really start to shine this coming summer, as the lunch hour becomes an easy way to (safely) enjoy the local park, proper morning runs for personal fitness will become super convenient with the ability to shower at home... plus having friends over rather than going to noisy bars/pubs/clubs is still cheaper, even if you pay for all the drinks and most of their taxi fares.

I'm in my early 30s now, I'm not some newbie junior gopher who needs to learn the most basic of the basics from my elders any more. Sod the next generation and their training needs; this is exactly the sci-fi dystopia I've been craving and I'm not afraid to tell it as it is!

Microsoft makes tweaks to Windows 11 Start Menu for Insiders but stops short of mimicking Windows 10

martyn.hare
Trollface

Just copy progman.exe from XP

Easy peasy way to have the best UI every time

Can Rust save the planet? Why, and why not

martyn.hare
Angel

Dumping the cloud

Would save more power than making everyone use Rust. Seriously. If YouTube, Netflix and all the other heavy data users were P2P and designed to use the most efficient routing possible, total server counts could be vastly reduced. Similarly, if we stopped encrypting non-confidential data and stuck to just signing it instead (for integrity), then ISPs could cache more things at the edge, further reducing burdens for remaining non-P2P services with many slow changing pages (e.g. mature parts of Wikipedia).

Then we could all use our dirty PHP. poncey Python and janky Java while still saving the planet!

Microsoft quietly delivers Windows 11 Enterprise VMs for devs

martyn.hare
Thumb Up

Yes and ISO2700X agrees too

For security and practicality reasons, your dev environment should be isolated from your production one, even if you’re a developer. This is true of Windows, macOS and Linux.

npm, pip, pecl, nuget... Name a convenient dev tool which doesn’t make a clusterfsck of your system?

Future of the three NHS bodies managing health tech in doubt after £2.1bn cash injection

martyn.hare
Thumb Up

Troubling until you realise...

That the availability of technology actually makes for the ability to manage large numbers of people as cohorts in ways that the personal touch cannot. It's about time that healthcare became truly proactive rather than reactive. We absolutely should be grabbing as much data as possible and asking qualitative questions to determine context.

Yes, people need personal attention from doctors who think for themselves but there absolutely is a place for collecting large amounts of legitimate telemetry data from people to identify potential issues before they would normally become a problem.

It would be very nice, however, if that data wasn't being processed by Microsoft Viva (indirectly), Deepmind and a bunch of other private sector shovelware but instead by computers and software fully owned and open for use by the taxpayer. Of course, the moment politicians get involved, you get multiple failed attempts and dodgy deals between friends soon after...

Not only MSPs: All cloudy firms are in line for UK security law crackdown

martyn.hare
Facepalm

Many security standards are broken anyway

Cyber Essentials Plus includes a vulnerability assessment which only cares about High or Critical rated vulnerabilities and the targets scanned only have to include those where end users log into them interactively. So you can have an unpatched domain controller which results in the next big WannaCry-style incident and still be certified as compliant by your assessor. Or even worse, you can patch your stuff but use HTTP with plain authentication or have a PPTP VPN without PEAP to secure the authentication packets and be fine for both self assessment and verification! Heck, feel free to NOT use full disk encryption while you’re at it!

But if you dare to have Windows Insider Preview on any of your computers you will fail, as it doesn’t meet the criteria of being supported by the software vendor, preventing IT from getting clued up about what’s around the corner in a meaningful way.

Dynamics 365 facelift shows Microsoft trying to compete with the supply chain and process mining big dogs

martyn.hare
Happy

It’s the future…

By 2040, almost every building with have very efficient solar panels and computers which use far less electricity than what we use today. The rickety old power grid would be supplementary and to avoid interruptions, most buildings would pack a UPS-like battery backup. That’s assuming nobody finds the key to sustainable nuclear fusion by then, freeing us from most of the limitations we have today.

In terms of going extinct.. as long as we have stupid monkeys playing fast and loose with their gametes, we will always have a supply of next generation children to keep everything ticking over. No worries there!

Google's 'Be Evil' business transformation is complete: Time for the end game

martyn.hare
Trollface

Because Google is actually useful

What? Someone had to say it.

When AI and automation come to work you stress less – but hate your job more

martyn.hare
Thumb Up

Be the change you want to see!

I'd rather lose my job through automating away what makes me relevant in the here and now than become someone's meat sack automaton, it's that simple. I'm already most of the way there and when the day comes that me and my bosses can't exploit low-hanging fruit for easy money, I'll relish the extra challenge!

Now gimme the full, unredacted original paper, so I can find out the whole truth!

New World: Grindy? Check. Repetitive? Check. Fun? We hate to say it... but check

martyn.hare
Angel

Just like Persona games

Those start off with fully fleshed out voice acting but then for the majority of the mid-game content the voice acting is minimal or heavily reused. It’s a design choice which is fairly standard in RPGs when dealing with off-story fetch quests and other padding.

Not every game can go full on Yoko Taro or Hideo Kojima; as in excellent voice acting paired with excellent parasocial relationship building, Amazon are noobs to video games, so let them go demi-Atlus… minus the weird factor!

How your phone, laptop, or watch can be tracked by their Bluetooth transmissions

martyn.hare
Thumb Up

Simple solution

Just accept when you're out in public, you're very trackable, regardless of which devices you use.

Unvaccinated and working at Apple? Prepare for COVID-19 testing 'every time' you step in the office

martyn.hare
Stop

Why was MrTuK downvoted?

I'm fully vaccinated against said virus too and would absolutely recommend folks get themselves an mRNA-based vaccine ASAP if they haven't already... but there's two sides to every story.

If it's OK for businesses to suspend people for being unvaccinated on the basis of reducing the risk of spreading the disease, then the following should also end up suspended by the very same logic:

* Smokers (whether daily or occasionally)

* Those with a BMI over 30

* Weekend binge drinkers

* Recreational cannabis users

After all, the longer you're infected for, the greater the risk you'll infect others and all of the above is known to affect ones recovery time. It could be argued that across the whole spectrum of highly transmissible diseases that refusing folks matching one or more of the above would be a fantastic way to minimise HR liabilities. There are already employers (like the WHO) who refuse to employ people who make obviously unhealthy lifestyle choices (if you smoke, the WHO won't employ you, period).

Are we 100% sure accepting these new restrictions isn't a catalyst to losing a bit more of our free will? I'm quite happy to live a healthier life around healthier people (a workplace full of healthy, happy people is 100% for the win) but isn't the idea of freedom based on the idea that everyone has individual responsibility and a right to choose?

Let's be careful what we wish for here.

Not just deprecated, but deleted: Google finally strips File Transfer Protocol code from Chrome browser

martyn.hare
Go

FTP is totally appropriate where

The instance has a dedicated purpose, your payload is itself encrypted and where you’re using both IP restrictions and a form of digest-based authentication. Its also worth keeping in mind that SFTP is not great for security either if we are talking OpenSSH vs. vsftpd where the latter has remained very static in feature set, has been widely audited and thus has always had very few bugs.

Should you need TLS for your old FTP implementation, you always have the option of forcing FTPS in modern ftpds or if you’re forced to use outdated crap, then you can either IPSec your way around it or use stunnel.

Crims target telcos' Linux and Solaris boxes, which don't get enough infosec love

martyn.hare
Facepalm

Splicecom anybody?

When pentesting small business environments I’ve yet to see anything but EOL (without ever being patched) OpenSUSE installs with VNC complete with weak passwords…. No matter what the telco system is, it’s always secured piss poorly

Facebook posts job ad for 10,000 'high-skilled' roles to 'build the metaverse' – and they'll all be based in the EU

martyn.hare
Big Brother

Meanwhile, in reality

Big Brother Zuck needs to buff his luck stat to dodge regulatory purgatory while minimising overall costs. Thus Ireland (aka "the EU") kills two birds with one stone, by offering up an army of leprechauns to shore up the tax breaks.

Booting up: Footballers kick off GDPR case for 'misuse' of their performance data

martyn.hare
Go

It is possible to avoid collecting PII

Since (shirt number + club) as your combined identifier is technically pseudonymous data. So their case should result in zero future impact on stat collection from sporting events, it just shifts the goal posts slightly when it comes to presenting it.

IANAL but from what I remember, our NHS data uses pseudonymous linking to allow “opt-out” of medical records sharing. I can’t see a judge risking breakage of essential public sector data collection when making a considered judgment.

Computer scientists at University of Edinburgh contemplate courses without 'Alice' and 'Bob'

martyn.hare
Thumb Up

This is nothing new, even for IT

In most of my formal education, names for scenarios and examples were always chosen at random and were not limited to the localised language. It wasn’t uncommon to see Indian or African sounding names, provided they could be easily pronounced when reading during lectures.

Gotta love the oxymoronic terminology used to justify the change they’re proposing though!

Apple warns sideloading iOS apps will ruin everything

martyn.hare
Happy

There is a simple fix for it

Make it so you only need to have your app go through the App Store if it is supplied as a binary. Then, allow users to compile, sign and sideload apps to their own device with the caveat that those apps are sandboxed under a separate UID from other apps.

This prevents the spread of malware between devices, limits access in the event of a sandbox break and will result in a flourishing open source community which might even do better than say F-Droid.

I'm diabetic. I'd rather risk my shared health data being stolen than a double amputation

martyn.hare
Alert

Here’s why you might NOT want to disclose anything at all

During the COVID pandemic, doctors would discriminate based on health history to decide who did NOT get a ventilator to maximise total survivor counts at the cost of people who effectively had comorbidites. Italian doctors admitted this openly and honestly to UK news rooms.

People with histories of alcoholism would be less likely to receive liver transplants compared to individuals with healthier outcomes when there is a shortage of supply. Boards review cases and decide who is more deserving.

That is before we consider what the police do when they get hold of data….

Relevant data should exist on a device you carry on your person at all times, not necessarily held on Microsoft’s cloud (NHS) or be slurped by Google servers (Deepmind). We need also need ways to detect and allow for proper private prosecutions for abuse of data, not just financial compensation.

.NET Foundation boss apologizes for pull request that sparked community row

martyn.hare
Facepalm

Microsoft doesn't get it

They keep telling projects they need to commit to an SLA of sorts and pushing tools on contributors to encourage it, yet Microsoft themselves pretty much abandoned anything resembling decent SLAs when moving from .NET Framework 4.x to the shitshow that is Core and .NET 5. People do not buy Microsoft products because they're developed with rapid innovation in mind, quite the opposite. We want APIs which keep working essentially forever, even if better alternatives exist and we want them to have 10+ year guarantees that changes will not break them at the API and ABI level.

The open source community can and should be embracing the idea of no SLA (no guarantees) with rapid innovation while leaving the likes of Microsoft, Red Hat and Apple to branch off and stabilise products for corporate/commercial use. This means highly skilled developers get to work on the next best thing and be paid for it, while armies of maintainers at large commercial entities can keep the wheels of business well greased.

It's not rocket science.

Microsoft's problem child, Windows 11, is here. Will you run it? Can you run it? Do you even WANT to run it?

martyn.hare

Pirate an Enterprise IoT Licence

..and you will get patches until at least 2029 with a fixed release of Windows 10. That is long enough to completely skip Windows 11 since MS is clearly cutting cycles from 10 years to 5 for their consumer desktop releases.

By then, Linux will hopefully have caught up on the Wayland and Pipewire side of things and Proton/Wine/Crossover will be “as fast as” Windows in a lot of cases.

Give put-upon infosec bods professional recognition to keep them working for you, says chartered institute

martyn.hare
Thumb Up

Describes my situation in a nutshell

I quit working temporarily to go get my MSc Cyber Security in 2019 but haven't truly used it since. I've done a few outsourced pentests but that's about it. In my day to day life, I'm mostly working as a glorified sysadmin but one who ends up answering questionnaires from third parties and who implements as many useful defences as possible while being assumed to be the guy who's broken everything whenever a fault occurs...

Even with a decent employer offering me a pick of whichever certs I want to go for.. I have no idea what is or is not worth going for and whether I even meet the prerequisites given how varied my work ends up being. IMHO, the system needs an overhaul...

Netflix sued by South Korean ISP after Squid Game fans swell traffic to '1.2Tbps'

martyn.hare
Thumb Up

Or… a happy medium

Netflix could offer a way for ISPs to opportunistically cache data by not unnecessarily using HTTPS to deliver their video content. Send the client a compressed+encrypted wad of checksums/keys and then deliver the exact same DRM-encrypted data to every subscriber.

Problem sorted.

Anonymous: We've leaked disk images stolen from far-right-friendly web host Epik

martyn.hare
Flame

Re: Inalienable rights

Inalienable is to inflammable what flammable is alienable. Or for those God-fearing southerners: A bit like what Free Will is to Old Testament! Remember that your rights always end where judge says you’re wrong!

For the nth time, China bans cryptocurrencies

martyn.hare
Devil

No worse than buying a Freddo

With the £20 note you acquired from selling that spare eighth you had lying around…

Microsoft Exchange Autodiscover protocol found leaking hundreds of thousands of credentials

martyn.hare
WTF?

This was found and fixed in Office 2013 years ago

With a correct Exchange configuration at the time of configuring the client, Outlook won't fall back on legacy authentication or even try the old autodiscover mechanisms responsible for the vulnerability. It's only if the system was configured prior to the introduction of newer mechanisms that the vulnerability exists and even then, to mitigate it, you can enable Security Defaults, forcing folks to set up fresh profiles which reject old mechanisms regardless.

This is like pointing out that Windows has gaping security holes in VPN functionality because the system supports PPTP.

It's all by design.to keep older systems working, even if it's less secure to do so.

One-size-fits-all chargers? What a great idea! Of course Apple would hate it

martyn.hare

Really?

Shavers, toothbrushes and the like have all used inductive charging (even if cabled to give the appearance of conducting) for a long time for safety reasons.

Firefox 91 introduces cookie clearing, clutter-free printing, Microsoft single sign-on... so where are all the users?

martyn.hare
FAIL

Mozilla lost its way

Firefox needs to regain what it stripped out so that it can compete by having actual functionality other browsers don't have, rather than riding on the coattails of Tor Browser innovations by adding GUI buttons to access about:config knobs every 3-4 releases. Most of the "new" Firefox privacy features came about many moons ago and of those which average users care about, they also exist within other browsers as extensions. Rather than playing to their strengths, they've emulated what Google Chrome does by stripping out key functionality and letting other big corporations dictate new standards.

I blame a lot of this on Mozilla forcing Brendan Eich to resign for his personal political opinions and replacing him with some rando lawyer with a BA in Sinology. While their former leader had some terrible stances on issues outside of his expert knowledge domain, he at least knew how to develop new technologies for making web browsers competitive. His leadership led to Mozilla killing off Internet Explorer while Mitchell's has led to Chrome killing Firefox.

Here's a list of key things Mozilla could be doing right now to gain greater market share:

* Integrating Java Applet and Java Web Start support as a core feature with universal JRE/JDK support (this would make it a must-have for accountants and IT)

* Working with the Ruffle project to add Flash support back into the browser as native code, rather than by using WASM or JavaScript as an intermediate layer

* Adding support for client-side language bindings (such as Python) to pave the way towards cleaner, more maintainable websites with lower resource use

* Native TOTP, HOTP and portable virtual FIDO2 support. Basically, take Windows Hello but make it stateless, adding some additional checks for legacy 2FAs

* Implementing the functionality of the top 20 extensions in use.by default (ad blocking, video downloading, screenshots, grammar checking, proper dark mode)

* Fixing the mess with policy enforcement. It's a crap web browser to implement in a corporate environment, which means workers wont use it at home either

Right now, people only need modern Chrome/crEdge with IE Mode as a fallback. As a sysadmin, I have no need to deploy Firefox any more and it has no killer feature which will convince me to pick it over deploying a Chromium-based browser. In fact, Mozilla uses a terrible system for mandatory policy enforcement which puts me and others off using it. Right now, the systems I look after all have adblocking, phishing protection and password, history, settings syncing by default thanks to simple GPOs, while also providing the old Trident rendering engine for Java and Silverlight support on the few websites which still need it.

Make people need Firefox for things again. Even if it's only as a secondary browser!

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2022