* Posts by Daniel B.

3008 posts • joined 12 Oct 2007

Must listen: We've found the real Bastard Operator From Hell

Daniel B.
Silver badge

Re: Anyone that can stand 10 seconds or more

I did manage to listen 2 full minutes of this ... but that was because I was laughing my ass off and couldn't reach the laptop.

1
0

Miguel de Icaza on his journey from open source to Microsoft: 'It's a different company'

Daniel B.
Silver badge
Boffin

Re: De Icaza's love affair with Microsoft is not new

It pretty clear you have no idea of what COM and ActiveX really are. Hint: they are not just IE plugins...

No, they're just propietary cruft frameworks that happen to work only in the MSFT garden.

.NET equivalents to the COM part (COM+, I think?) were less ugly but it was notorious that the .Net runtime was heavily tied to the Microsoft ecosystem. Want to use LDAP for your IIS authentication? Well, you have to build your own MembershipProvider and RoleProvider implementations. We only do AD.

But ActiveX? Seriously? That thing was the number one security risk on the web. People may be snarky about Java, but at least the Java framework has builtin security sandboxes. ActiveX was infamous for giving full control with no means of sandboxing untrusted code.

3
0
Daniel B.
Silver badge
Unhappy

Re: open source people universally hate Miguel.

Back in 1999, de Icaza was hailed as a hero, especially within the Linux community in my country (Mexico). Sure, I preferred KDE over Gnome, but it was interesting to see the guy pretty much lead one of the main desktop managers in Linux.

Then it started getting weird with Mono. Why the hell would anyone want to push a Microsoft-centric platform on Linux? If you're going to do pirated Java, do straight Java (and no Miguel, Java isn't the problem. It was the holes punched through by Sun to add extra stuff that caused all those vulns.) Then the Xamarin vs. KDE stuff. Then his actual pushing for propietary over FOSS. I can't remember if it was his praising of OOXML or the propietary over FOSS thing that ended up losing my respect for him, but I can say that it's been a long time since he stopped being praised by us.

His jump into MSFT is simply showing that he has indeed turned to the Dark Side. :(

6
2

Linux infosec outfit does a Torvalds, rageblocks innocent vuln spotter

Daniel B.
Silver badge

Oh this is interesting...

@grsecurity is now "protected". Which means they're throwing an even worse tantrum than the one reported here. Check it out!

0
0

There's more to life than Windows

Daniel B.
Silver badge

LDAP

Chances are that if you're managing a corporate IT network, that's the real main repository.

4
0
Daniel B.
Silver badge

Re: Can we have?

LDAP. It's what most companies do. Pretty much any authentication platform has LDAP integration and thus can use LDAP as their main authentication registry.

AD is basically the usual renegade Microsoft implementation of usually open protocols, in this case it's LDAP and Kerberos v5.

10
0

Another failed merger, Carly? Ted Cruz to bring in ex-HP boss Fiorina as running mate

Daniel B.
Silver badge

iCarly!

So Ted "kill the gays and nuke Syria" Cruz would be running with Carly "I trashed HP" Fiorina? Interesting. Whatever positive points Cruz might get for being "not Trump" will be countered by choosing iCarly.

4
0

Microsoft's Windows 10 nagware storms live TV weather forecast

Daniel B.
Silver badge
FAIL

Funny

Microsoft is only giving itself bad PR with the stupid nagware thing. Just stop it, MSFT, fix your current OS instead of trying to force it on everyone else.

Give us an option to disable that stupid Metro GUI thing. It's less annoying in W10, but it still manages to screw up things.

Maybe then you'll start getting voluntary upgrades!

17
1

What do you call an old, unpatched and easily hacked PC? An ATM

Daniel B.
Silver badge
Boffin

Re: Banks? Security?

Bad enough that my bank STILL refuses to make passwords case sensitive, or allow "Special" characters.

That's a problem everywhere, and the sad thing is that I know why this is the case.

RACF has issues with non-alphanumeric characters due to ASCII/EBCDIC.

Many bank systems do RACF authentication. Therefore, bank password policies won't allow non-alphanumeric password.

Client-facing systems don't authenticate clients against RACF. Yet they're also saddled with the same password policies because having a single policy for everything is easier!

1
0

Charter can gobble TWC for $78.7bn ... if it bins monthly download caps

Daniel B.
Silver badge

Re: @Daniel B

While contention can get you out from serving 100% all the time, having data rates dip to 20% most of the time should be frowned upon. I don't expect my current 10Mbps DSL to run at 10Mbps all the time, but neither do I expect it to run at 2Mbps most of the time. Especially when they're offering 3Mbps packages at less than half the price I'm currently paying for 10Mbps.

I think ISPs should come forward with both the "up to X" and a guaranteed minimum rate for their offerings. Give the end user a choice between "highly contended" and "low contention" and they might be surprised at the number of people that will pony up extra cash to get guaranteed fat pipes. As another commenter stated, most telcos won't serve business links to residential areas.

0
0
Daniel B.
Silver badge

Re: Which brings us to "The tragedy..."

All ISPs sell bandwidth data rates. If they can't provide the service they're charging for, they should upgrade their infrastructure.

Data caps are outright double dipping.

7
0

Germans stick traffic lights in pavements for addicts who can't take their eyes off phones

Daniel B.
Silver badge
Unhappy

Re: I'm conflicted

There's also the drivers to think of: most drivers involved in machine + idiot incidents tend to leave service.

Indeed. One of my former girlfriends had the nasty experience of watching someone fall into the subway tracks just seconds before the train entered the station. She looked away from the tracks, but heard a loud crunch when the train ran over the guy. She got really sick from that, and she says that the driver (who had slammed the emergency brakes) got out as soon as the train stopped and barfed on the floor. That was just awful.

6
0
Daniel B.
Silver badge
Boffin

I'm conflicted

Part of me wants the Darwin Awards to follow their natural course .... the other part wants less accidents, 'cause getting late to work due to some numbnuts not watching before crossing is annoying.

3
0

Trouble at t'spinning rust mill: Disk drive production is about to head south

Daniel B.
Silver badge
Boffin

Annoyed at this

I currently have my 1TB Laptop HDD at 91% capacity. I might be able to get a 2TB HDD at most, but not more. Why? Because nobody seems to care enough to get 4TB or even 3TB HDDs made in the traditional laptop form factor. Never mind that the PS4 also uses this format, and 4TB is something very useful there. This is because many people are buying into the SSD craze. I would do so, but 1TB is still too expensive and I would still be stuck with the same issue I currently have. I haven't seen any 2TB SSDs.

On desktop systems, I'm happy with Seagate still churning out higher capacity HDDs. Hopefully they'll remain doing so, as large storage is still a need for me. I'm planning on upgrading my "home server" PC, which currently has 6.5TB storage capacity.

2
0

FBI ends second iPhone fight after someone, um, 'remembers' the PIN

Daniel B.
Silver badge

Don't fear the reaper

In the UK I believe you can be compelled to hand over passwords. Scary. Nice place to visit but glad I don't live there!

Do fear the RIPA.

14
0

'No password' database error exposes info on 93 million Mexican voters

Daniel B.
Silver badge

Re: Voters database *in the cloud*?

Not official. I'm pretty sure that this database was highly illegal under Mexican federal law. The IFE database must not leave the country, ever.

0
0

BOFH: Thermo-electric funeral

Daniel B.
Silver badge

Re: as if owning IT antiquity was one of those positive character traits

TI-59 had the tiny versions. I had one.

2
0

Ten years in the clink, file-sharing monsters! (If UK govt gets its way)

Daniel B.
Silver badge

Re: His (her) Master's Voice

Orlowski is also the same guy who ended up defending FunnyJunk... The guys who were actually engaging in piracy, only because it proved his own twisted view on IP matters.

13
2

Facebook clickbait cull

Daniel B.
Silver badge

Meanwhile

They've completely removed the ability to report spam. Which means those guys spamming threads with "click here to get free dragon city gems" are able to spam with impunity.

1
0

123-reg still hasn't restored customers' websites after mass deletion VPS snafu

Daniel B.
Silver badge
Boffin

Gah!

For us, it's been the kick the client needed to retire the pile of asp that no one understood that ran the old site.

Let me guess, pre-.NET ASP? Horrible! VB can't seem to die fast enough.

0
0

Chinese crypto techie sentenced to death for leaking state secrets

Daniel B.
Silver badge

Re: Well, it's China.

Ah yes, the "Falun Gong" treatment of involuntary organ donors. Very "efficient".

0
0
Daniel B.
Silver badge
Holmes

Well, it's China.

They have a habit of dealing death sentences for a lot of stuff. Especially people who are percieved as threats to the government.

3
0

You won't believe this, but… nothing useful found on Farook iPhone

Daniel B.
Silver badge

No shit Sherlock

Nobody expected anything to be in the phone. The FBI wanted a test case.

0
0

BOFH: Sure, I could make your cheapo printer perform miracles

Daniel B.
Silver badge

Re: Dummy mode!

Indeed! Probably a return to classic BOFH? I distinctly remember that the very first BOFH stories involved users killing themselves after following BOFH "advice".

2
0

Google, Rackspace to together unfurl DIY Power9 server designs

Daniel B.
Silver badge

RISC

I think it's about time someone seriously challenges Intel's architecture.

2
0
Daniel B.
Silver badge

Re: Excellent competitive choice is always a good thing

You accidentally ran into one of the resident MS shills.

0
0

WhatsApp straps on full end-to-end crypto for 1bn peeps

Daniel B.
Silver badge

Occam's razor

It would be easier that FB was simply getting a copy of the shared secret key.

0
0
Daniel B.
Silver badge

Key exchange can be verified by QR code or a numeric fingerprint, both are verifiable out of band.

My concern however is that unlike other solutions, you are only validating the key itself, instead of each end's public key (as used by Chat Secure).

0
0

Ever wondered what the worst TV show in the world would be? Apple just commissioned it

Daniel B.
Silver badge

Re: A day in the life of a Genius

Well, you could say that his code...

*puts on sunglasses*

segfaulted.

YEEEEEEEAAAAAAAAHHHHHHHH!!!

0
0
Daniel B.
Silver badge

Re: Inevitable Copycats

Cisco Cowboys of the Wild West Coast

0
0
Daniel B.
Silver badge

BOFH the movie

That would be Salmon Days... Which looked awesome in the trailers but fell short of the expectations on the first episode. Still, I'd give it a second chance! :)

0
0

Is iOS 9.3 Apple's worst ever update? First it bricks iThings, now Safari is busted

Daniel B.
Silver badge

Yeah, the Safari bug is all over the Apple support forums since last week. Looks like they should've rolled back the update on the 6s as well!

0
0

How Microsoft copied malware techniques to make Get Windows 10 the world's PC pest

Daniel B.
Silver badge

Re: Block it ...

Thanks!!!

1
0
Daniel B.
Silver badge

This technique will also allow you to buy Windows 7 licenses, by the way. ;)

0
0

Linux fans may be in for disappointment with SQL Server 2016 port

Daniel B.
Silver badge
Boffin

So... they're porting "just" SQL Server and not the SQL Server Analytics Services. That is misleading as a downside; SQL Server is pretty much what most people use. I only remember using SSAS once during college, never to be used again upon graduating. And this includes working at a place where SQL Server was at the core of their business!

I'm pretty sure that many would be perfectly fine with SQL Server Enterprise on Linux even if it lacks the BI stuff. I'd probably like an additional feature: allow LDAP logins in addition to "Microsoft-not-LDAP" AD stuff.

0
0
Daniel B.
Silver badge
Boffin

"It takes a long time to convert all the VBA code to LISP."

ITYM C, right? Or C++?

Also, I've seen far less VB stuff out in the wild. Could it be that the unholy language is finally dying off?

0
0

DARPA to geeks: Weaponize your toasters … for America!

Daniel B.
Silver badge

Ask Berkeley Systems

They might bring up Flying Toasters!

4
0

Facebook can block folks using pseudonyms in Germany – court

Daniel B.
Silver badge
Meh

Blizzard

The big difference is that Blizzard's users are also customers, and their Real ID dick move would end up costing them real money; having a huge backlash would probably translate in thousands of cancelled WoW subscriptions. They weren't going to lose revenue on that, so they backtracked.

Facebook, however, doesn't get its revenue from their users, but from advertisers, and those are the ones that push for real names. The only way Facebook would backtrack on this stupid policy would be for users to deactivate their FB profiles en masse, and in sufficient numbers for advertisers to notice and take action. But I doubt that will ever happen.

3
0
Daniel B.
Silver badge
Alert

Not quite...

Actually, the masses are still using pseudonyms on Facebook, we're just more clever choosing our (fake) names. They look fairly legit, instead of being something like R. Soles or Seymour Butts.

In my case, using a pseudonym is pretty much required, because my real name would end up being a self-doxxing case: my surname's so rare, you'd find me real fast using my city's phonebook. Being easily picked out in a city that has a 20+ million population is a very bad thing.

7
0

90% of SSL VPNs are ‘hopelessly insecure’, say researchers

Daniel B.
Silver badge

Re: Clickbait.

Here the flaw is "untrusted" certs which is used to mean self-signed types. If your own organisation uses it own keys and distributes them to it own systems that is perfectly sensible and perfectly secure.

Self-signed certs are still insecure, you're thinking about an organization-managed CA. :)

1
0

My devil-possessed smartphone tried to emasculate me

Daniel B.
Silver badge

Re: As for the RAZR..

I'm partial to the W300i, the last pocketable phone I ever had.

0
0

BOFH: This laptop has ceased to be. And it's pub o'clock soon

Daniel B.
Silver badge

Re: Oh, the PFY

Nah, OS/2 was actually useful.

12
0
Daniel B.
Silver badge

Windows 8

The BOFH is right, the laptop is already dead!!!!!

1
0

Official: Toshiba pulls out of European consumer PC market

Daniel B.
Silver badge

Re: Ah, well

I thought the Magsafe power connector had been discontinued on Macbooks? Or is it still on some of them?

They all use it, with the sole exception being the weird 12" MacBook that doesn't have any connectors.

1
0

Yahoo! is! up! for! sale! – so! how! much! will! you! bid!?

Daniel B.
Silver badge

Re: Photos

Flickr itself was the "hipster" thing back in the day. Yahoo even killed their own photo thing to promote the damn thing.

0
0

Is DNSSEC causing more problems than it solves?

Daniel B.
Silver badge

Re: Yes, The Register’s writer needs an education

The Microsoft Monopoly has no bearing on the DNSSEC specs. What are you talking about?

0
0

Whatever happened to... virtual SIMs?

Daniel B.
Silver badge

No SIM no sale

The only party that would benefit from SIMless phones are the operators. See how CDMA carriers refuse to accept user owned phones on technology grounds.

0
0

Oracle to kill off Java browser plugins with JDK 9

Daniel B.
Silver badge

Re: Pathetic, isn’t it … ?

JavaScript is far more insecure than Java. It's just that the web dudes haven't seen it yet.

2
0

Is ATM security threatened by Windows XP support cutoff? Well, yes, but …

Daniel B.
Silver badge
Boffin

Re: Could they just move them back to OS/2?

Good ol' Warp use to run lots of ATM.

I second that motion. The OS/2 ATM era was very good.

0
0
Daniel B.
Silver badge
Boffin

Re: Why is this a problem?

Basic rule of security, if it is connected in some way to a device on the Internet it is on the Internet. ATMs are connected to the bank's computers so they know customer PINS, accounts, and balances. These computers are also accessible via the Internet for online banking. Therefore ATMs are connected, albeit, indirectly to the Internet.

Most ATMs are usually connected directly to the bank via some oldie goldie connections (X.25, maybe some DS0s for more modern ones). They usually connect to a network that is heavily isolated from the true internet. Pretty much anything going through to the mainframes will be firewalled as hell, and there's no way you'll get out to the internet if you're entering through the ATM links. And that's if you even have TCP/IP access. Last time I checked, many ATMs were still using propietary protocols from the pre-TCP/IP world like SNA. Then again, that was when most ATMs were still running OS/2 WARP.

That said ... the easiest way to get stuff off those XPe devices might just be a USB port.

0
0

Forums