Feeds

* Posts by Mad Chaz

152 posts • joined 9 Dec 2009

Page:

NASDAQ IT security spend: $1bn. Finding mystery malware on its servers: Priceless

Mad Chaz

Re: Security

That's what happens when the only measure of "effort" is how much you spend.

I can spend 100 000$ on a 20 000$ car, I'm sure I could find someone who'd be willing to sale it to me for that price. Does that mean I have 100 000$ worth of car?

Paying someone a million to write a nice report saying "everything is following best practice" isn't getting a proper security audit with penetration testing by people who actually know what they are doing. But that requires hard work and actual costs, yet doesn't look as good on paper to the board.

14
0

Want to legally unlock your phone from its network? The US Senate says that's A-OK

Mad Chaz

Re: DrBob

That one you got backward. The trick here is they sale you a box that's useless on any other service and sale you 100 channels you don't want in a bundle with the 4 you do want, but that are all mysteriously in different "packages".

The cellphone gig is different. How they did it is they add a small lock code that allows them to claim better "security" for your calls. But due to the DMC's stupid language, that makes changing the code in that illegal. This way, it means you have to pay off your phone if you leave, but can't use it elsewhere. if nothing else, think of all the garbage bags full of fully functional phones. It's basically a way to trap you in.

3
1

Bezos house 'on FIRE': Amazon in-app kiddy megabuck charge storm

Mad Chaz

Just remember apple didn't put it there by choice. They went to court to keep that function from happening and lost. Heck, they are STILL fighting it.

8
0

Running Cisco's VoIP manager? Four words you don't want to hear: 'Backdoor SSH root key'

Mad Chaz

Re: Hang on a minute…

Article basically says that yea, that's exactly what they did.

3
0

HOLD THE FRONT PAGE: US govt backs mass spying by US govt

Mad Chaz

"We take very seriously the board’s concerns regarding privacy and civil liberties, and we will review the board’s recommendations with care."

He forgot to add "and then do absolutely nothing to change how it works unless we get our arm twisted somehow"

11
0

Yahoo!: Yes you, YouTube content-maker. GET IN MAH BELLY!

Mad Chaz

Re: And another company is about to hit the toilet/loo

I never understood why it wasn't Yahoo! that got AOL when it went on sale. They seamed made for one another ...

1
0

Who gives a F about privacy? New scorecard rates US pols on spying

Mad Chaz

Re: Greenpeace Blimp?

They are afraid of what'll happen when all the internal memos about where the next big stunt is going to happen get read by the NSA and they get labeled terrorists?

It was another chance to protest something while polluting the environment themselves?

1
0

Code Spaces goes titsup FOREVER after attacker NUKES its Amazon-hosted data

Mad Chaz

On the contrary, it is a good example. An internal data center wouldn't have had an easy to use WEB ACCESSIBLE front end you could use to cause all that damage.

All the crook needed was a single username/password to get in.

Plus, cloud pushes you to do everything on it, even when it's a bad idea. (See backups in the above article). This creates a single point of failure.

Sure, the administrators were idiots NOT to have backups elsewhere, but cloud helped push them in that position.

13
1

FCC launches probe into Verizon/Netflix spat

Mad Chaz

Re: Verizon are a mess.

ISPs here in Canada are not any better. The issue is usually that they buy the crapiest router around and load it with a custom firmware that's anything but good. So you end up with a connection that's effectively trottled by the router's lack of capacity.

And you forgot the part where they blame your computer being slow.

0
0
Mad Chaz

Re: Of Course They Did

The situation you describe is pretty much how things were here in early 2000s.

ADSL was more or less not an option anywhere yet and cable was the only way to get high speed. You had very strict transfer limits with high penalty for going over.

ADSL came along and couldn't compete on speed, but you could get no transfer limit.

ADSL managed to catch up due to cable sitting on it's ass, then ADSL started putting limits on as well. For a long time, for most people, even if you did have a choice, it was basically the same price for the same thing. Not only that, but then both choices started imposing HUGE penalty if you broke your automatically renewed contract outside something like a 2 weeks window in a 2 years period.

What litle competition was left was ADSL reselers that usually managed to differentiate by offering no transfer limits. Most of it unknown by 90% of the population.

Then the big players got so greedy that they somehow convinced the CRTC (Canada's FCC) to make no transfer limit connections illegal.

That finally got the mainstream media's attention.

Inside a few weeks, the federal gov got so deeply embarrassed the CRTC got forced into action.

The end result is that now we're getting fiber to the home deployed by the combined bells. It'll basically make phone/tv/internet a duopoly everywhere. For now, that means we're getting much faster connections in the near future.

Netflix still isn't that big a thing in Canada, but it's slowly comming. How the ISPs will react to it when they realise people will cut off TV is another story.

2
0

UK govt preps World War 2 energy rationing to keep the lights on

Mad Chaz

Re: Power storage?

In one word, yes.

Energy storage right now is crap. You end up loosing almost half the energy as heat in the storage and re-release.

So you'd need to produce about double the energy you'll be using. Hard to make that make economic sence.

10
0

Ukrainian teen created in lab passes Turing Test – famous nutty prof

Mad Chaz

Re: Pot - Kettle

He still did better then any politician at pretending to be human.

3
1

Evidence of ancient WORLD SMASHER planet Theia - FOUND ON MOON

Mad Chaz

Re: Add to the theory of collision and technoology

This happened 4.5 billion years ago. No humans around back. No anything other then maybe some microbes, if they were (un)lucky.

Humans weren't around 1 million years ago, much less 4.5 billions.

1
1

Security stock slinger Symantec speeds up with latest Backup Exec

Mad Chaz

True, but that would require the article actually telling up what the metric is. As it does not, the stated improvement of 100% meaningless.

2
0
Mad Chaz

100% performance improvement is not pretty dramatic, it's a lie. Unless they somehow managed to take backup jobs and run them in 0 seconds flat.

Why?

Say a job takes 2 hours to run.

Improve that 100%, you reduse by 2 hours. So the job took 0 seconds to run. Same for backup jobs that took 10 seconds or 3 days.

Gota love mathematically illiterate marketing bods.

1
4

Windows XP fixes flaws for free if you turn PCs into CASH REGISTERS

Mad Chaz

Re: Personally I think

You make it sound like software should be held to the same standard of quality physical goods have to follow.

Like that'll ever happen.

25
6

New XSS vuln hits eBay as rubbish passw0rds persist

Mad Chaz

Re: eBay and password problems

It's called a crapy `all case the same` plain text comparison.

In other words, they don't encrypt passwords or they don't do it right.

3
0

Bing's the thing in Microsoft's push for cheap Windows devices

Mad Chaz

Re: Who sucks more

Doesn't yahoo use bing now?

The people this will suck for however are local stores and techs.

Imagine the waves after waves of "I had office with this when I got it and now it says I have to pay for it! I want my money back!"

12
1

Disney plans standalone Star Wars movies to go with the main trilogy

Mad Chaz

Yoda's life story. You get 10 films and probably 20 or 30 seasons of a TV show with those 900 years training Jedi ...

2
0

Congress guts law to restrict NSA spying, civil liberty groups appalled

Mad Chaz

Re: Obviously time to turn the tables, then...

Because the people who decide who gets charged with treason are those committing it.

11
0

US giant NBC 'leaks' PRIVATE Amazon keys in Github Glenn gaffe

Mad Chaz

Re: Compared to losing your house keys?

And we all know how that ends.

http://www.dilbert.com/strips/comic/2014-05-20/

0
1

Customer sues Nimbus Data for 'breach of contract' over arrays

This post has been deleted by a moderator

Urinating teen polluted 57 Olympic-sized swimming pools - cops

Mad Chaz

Some math

Lets do some math.

Webmd says the average human bladder's maximum capacity is between 400ml and 600ml.

For argument's sake, let's imagine our perp had a very large bladder and really, REALLY needed to pee. So 600ml

a quick conversion says 600ml = 0.158503 US gallons.

Now 0.158503 of piss in 38 000 000 gallons of water.

This gives us a piss to water ratio of 1 gallon of piss per 239 743 096 gallons of water, or 1 part piss per 239743096 part water.

I suspect that kind of contamination level is surpassed over 100 folds by the amount of piss and shit wild animals like birds drop in that reservoire will naturally drop in it.

So, knee jerk reaction by squeamish idiots who'd rather waste resources then understand what they are doing.

0
0

IBM accidentally invents new class of polymers

Mad Chaz

Re: "Self-healing"

Not quite. It's not just sticky. If you place bits togeter and heat them, it forms a solid bit with the same properties as if you'd never riped the bits from one another in the first place. This is what makes metal such a usefull material and something plastics have a VERY hard time doing, because they just get sticky, as you say.

Still, another nail in the coffin of the wish bosses have that boffins should never ever concentrate on anything but exactly the usefull stuff the boss wants.

3
0

Adobe blames 'maintenance failure' for 27-hour outage

Mad Chaz

Cloud is the label they stick on anything that requires the internet now. I think subscription services like this are a really bad idea for a single reason. No SLA. All those software compagnies used to dishing out software and not caring if it crashes on 5% of the install base when they update is fine when they can externalise the cost (let the client deal with the issue), but if you force people to use your servers, people will need to start requiring garanteed uptime.

I'm sure a lot of studios that got hit by this are not looking into that.

4
0

ARRAY WITH YOU! Storage is growing... but you'll have to make way for new tech

Mad Chaz

Re: Synchronous replication over distance !

What you need to do is have your servers move at relativistic speed and that way time will pass slower for them and they can get the data `quicker`

Of course keeping the data cables stationary and connected might be a problem ...

0
0

Latest IE flaw being actively exploited

Mad Chaz

Re: Tell me it ain't true!

define fewer please. Do you mean fewer patches? Fewer security issues? Because the 2 are FAR from the same thing, especially when speaking MS.

I'm pretty sure IE as had as many security issues fixed as chrome or any other browser in the last few years. It's just you don't always get told about all the flaws that get fixed in 1 patch for IE.

1
0

HP: OpenStack's networking nightmare Neutron 'was everyone's fault'

Mad Chaz

Re: What's with all the Xen is obsolete talk I hear?

I agree vmware is easy to configure, but you do need a windows machine to do the administration for ESX and the likes. No proper linux admin client.

0
0

Botched SAP billing system helps Npower reach No 1 on gripes list

Mad Chaz

Re: Pull their fingers out

Not sure what the law is like there, but here in Canada, no bill, no money. If you don't send me my bill, you can stuff getting payed and if you complain, we'll have fun in court cause I can't pay a bill I never got.

0
0

Microsoft blinks, extends Windows 8.1 Update deadline for consumers

Mad Chaz

The amusing part?

What makes me laugh is how they absolutely require that you be 100% up to date before you can do the upgrade. Then, it goes and basically does a complete re-install anyway, including the previous version being left in windows.old

So, why exactly did I do the whole get up to date thing again?

And it's not a 2GB download. It's more like 30GB. That's actually more then enough to completly blow the cap on a lot of cheaper "high speed" connections around here. The kind used by grand-ma that doesn't have a lot of cash and no understanding of what a GB is anyway. I'll let you imagine how much fun that was to explain at the shop I used to work at ....

4
1

Laser deflector shields possible with today's tech – but there's one small problem

Mad Chaz

Re: "spin and a highly-reflective coating"

And that would be Dave's confidence talking. Gave him an upvote too

0
0

Cortana, remind me to patch Windows, IE, and Adobe gear next Tues

Mad Chaz

Well, as IE is part of the OS that are burried deep enough into it that removing IE will bug the OS' I think we can say it was an XP patch.

1
1

Bill Gates: Sell off Bing? Nah. Xbox? Maybe...

Mad Chaz

Re: It's not about the money

And that's why systems that handle that kind of database have a lot more then a single CPU. Those I've worked on had 16, but we were looking at either 32 or 64 on the new system (we were looking to refresh the hardware). And of course close to 1T of ram to keep it app happy.

0
0

Putin tells Snowden: Russia conducts no US-style mass surveillance

Mad Chaz

Re: Hah...

Well, here is something to think about from outside the US. No one believes what your politicians say outside the US either.

Before you make fun of others, look home. You will find fixing that needs to be done.

1
1
Mad Chaz

Re: No mass surveillance???

CCTV is not hiden and it's cheaper then trying to listen to everything everywhere. You can learn a lot more about where people do by looking at where they go.

Plus, having a chance to take a jab at the US on human right abuse? That's like the ugly girl being called the most beautiful star at the ball.

0
0

UK regulators: We will be CHECKING UP on banks' IT systems

Mad Chaz

Re: "antiquated nature of bank IT systems"

By antiquated, they mean systems that are over 10 years old, running operating systems that haven't been patched in about as long and code that is so old no one even knows the programming language they were written in anymore.

We're talking systems that were never meant to have connections to the outside world being accessed over the internet too and lots of them. And let's not forget the ATMs still running unpatched windows XP or older. (I saw one crashed to a windows 2k desktop not even a month ago here)

So by antiquated, they mean exactly what the definition says.

As to why they don't get it togeter to fix it, the fact that the fat cats at the top see no financial penalty for doing crap job probably as more to do with it then any kind of budget issue. It's not like the banks have trouble turning a profit.

2
1

Don't look at Maria's SQL, look at MY SQL, pleads Oracle

Mad Chaz

Re: Thinking...

And they ruin every pie they touch with dirty slimy hands.

3
0

NSA's TURBINE robot can pump 'malware into MILLIONS of PCs'

Mad Chaz

"or at the least make it so expensive that they become a little more discriminating on who they are digitally assaulting."

That doesn't work. They aren't the ones footing the bill, tax payers are. Not only that, but the tax payer's not allowed to ask what it's being spent on, so (s)he as no say in the matter.

2
2

Home lab operators: Ditch your servers ... now!

Mad Chaz

Been doing virtual machines since vmware workstation 1.0.1

Now a days, I have a 1090 phenom 2 x 6 as my home server.

Machines for routeur, web server, download machine and a lot of other stuff are all virtualised. Works awesome and as I live in cold climates, the power bill is nill most of the year as it costs the same as the electric heating to replaces.

0
0

For Windows guest - KVM or XEN and which distro for host?

Mad Chaz

I would suggest staying away from KVM and going for Xen instead. KVM a crap support when it comes to USB as far as my experience is concerned. KVM is the most resource efficient, but Xen is a lot more stable and mature. It also works a lot better for USB and PCI devices.

Be very careful on what hardware you get and make sure you research it's support for PCI sharing, as this will be the most difficult bit and is what will make or break your rig, so to speak.

ATI as the lousiest support for visualization in the world, so I'd suggest sticking to Nvidia cards for graphics.

0
0

Ditch IE7 and we'll give you a FREE COMPUTER, says incautious US firm

Mad Chaz

Re: I ditched IE in 2000.

Hey may be ignorant of what it's like now, but his description still fits with the modern version. Didn't it fail to render even msn.com properly when IE11 launched?

1
0

Tesla is on fire! Model S car sales are red hot – just like their chargers (yow)

Mad Chaz

Re: From an environmental point of view...

Depending on what you have to support them, a fleet of robotic electric cars could be rather interesting. Just need some good powe rsource for all that juice, preferably not burning fossil fuel. I'm very curious to see what'll happened with the the Quebec gouv's plan for electrification of transports.

3
0

Boffins build sticky-limbed lizard-bots to tend spacecraft

Mad Chaz

Re: Flatlander thinking

That makes the robot itself bigger and makes for more small parts having to carry a lot of load as it moves, making it more likely to break. I expect it would also make dealing with the recoil of taking a pad off the surface harder, but IANAE

0
0

Parents can hide abortion, contraception advice from kids, thanks to BT's SEX-ED web block

Mad Chaz

Re: "tasteless" jokes

Come on, Rob Ford as jokes with taste. From the looks of him, probably very expensive taste too.

But I guess it's all just a puff of smoke ...

0
0

Harvard kid, 20, emailed uni bomb threat via Tor to avoid final exam, says FBI

Mad Chaz

Or they could have absolutely nothing against him but needed someone to blame and now his life is ruined even if found innocent.

Just saying.

0
4

You gotta fight for your copyright ... Beastie Boys sue toymaker over TV ad

Mad Chaz

Re: @Tom ... Take 'em for every penny you can boys.

This was commercial use, not parody.

A parody is making fun of something, usually with some kind of reason/message in it.

This was using a crap version of the music with replaced lyric to sale a product, ie advertising.

The BB have a really good point that the PREEMPTIVE lawsuit by the toy maker is just a way to get even more publicity out of the affair is proof of ill will.

I hope they bankrupt the backers of that business.

0
0

NASA invites you to sleepover: Stay up and watch 'FIREBALL RICH' Geminid shower

Mad Chaz

Quebec as it's share of nice light free zones you can go to and look at the stars. Unfortunatly, the part of this wonderful province of Canada I live in as, this time of year, is not good weather for star gazing.

Either it's snowing and the temperature outside is survivable if it's not too windy or you have wind shelter

or

Clear skies and -30C actual temperature outside (as the mercury calls it) and of you are lucky, not windy. Real lucky ...

0
0

I want to play with VMs

Mad Chaz

Just another post

Hello everyone.

Started reading and then I figured I wanted to ask a few more questions and would make one assumtion. As you spoke about having a rack, I suspect you want to use it. As such, I'll assume you want something that will sit inside the same rack. So physically close.

Now the questions.

First, what kind of storage do you have? As in, what kind of OS do you have on it.

The reason I ask is you might want to actually make use of it. If so, I'd suggest you look into what kind of connectivity you can get to it. This is where the OS becomes important. No clue if you can do this in windows, but it's relatively easy to get either iSCSI (over ethernet, 10g would be best) or fiber cards working on Linux. If your storage boxe(s) have the connectivity and/or free PCIe slots, you can use it for your virtual machine storage. Then you can just skip spending on disks and use those you have.

Getting a motherboard with more then one PCIe port migh then be a good idea, so you can get good connectivity. My personal favorite would be iSCSI over 10G, but that's only because I have made it work on 1G and it was almost trivial. I suggest using the raw exported devices for VM disks instead of sitting things on a file system if you can do it, as that avoids some overhead.

For CPU, I would suggest number of cores over processing power, so go AMD. As this is a `for fun` setup, this gives you better interactivity between machines, as you can limit the number of CPU each can use. Memory is what most people will recommend you spend a lot on, but it depends on what kind of machines you want to run on it. Get a pen and paper our (or notepad) and just add up how much you want to give each, then give yourself some room to play. I have 8G on my home setup and it's swap as never been touched running 8 VMs.

If you want a nice easy GUI to play with, Virtualbox on Linux is nice. You need to do a litle command line to setup the virtual disks if you want to use raw devices, but other then that it's simple as pie.

If the command line doesn't scare you, KVM all the way. The only downside I have found to KVM is the lack of proper USB support. If you do everything over the network, that's not an issue. It's a lot more efficient at idle, so your machine will burn less power when it's not working, as less CPU cycles are wasted. On my own home setup, it's a constant 20W less draw on KVM then Virtualbox at idle, according to the UPS anyway. I've also found you could get a litle more CPU power at full use with KVM then with Virtualbox.

On the legal side, remember that microsoft might not like you using home versions inside virtual machines, but I haven't bothered to read up on it. My understanding, and I'm not a law person, is you can use pro licences fine, as long as it's 1vm, 1 licence. No clue if they put actual technical barriers to it or not. Linux of course doesn't care and works wonderfully under VMs.

1
0

Google teaches Chrome Canary to sing when it sniffs dodgy downloads

Mad Chaz

Re: Thanks Google

I wonder if it'll be as bad as the IE one where it lets commonly downloaded malware like regcleanpro pass by without saying a word, but then claims files downloaded to fix infections, like adwcleaner or combofix, are malware because they don't get downloaded as often?

0
0

Cisco: We'll open-source our H.264 video code AND foot licensing bill

Mad Chaz

Re: I'm divided

What do they sale? Networking gear. Everyone all the sudden being able to use video technologie for free is going to, they hope, get someone to make a real killer video app that will force ISPs to upgrade a shitload of kit because 800kbit/sec upload from the client just won't cut it anymore.

I guess that's what they are thinking anyway.

7
0

Page: