3636 posts • joined 31 May 2010
Re: The only use for java these days
Um...what? OSX is actively under attack using these vulns...as is Ubuntu for those running as root...
How many PCs do you know of that you buy at the local electronics store come preconfigured for PXE boot? Not a large enterprise; systems are not configured for image-based dissemination. Main office has only 11 people! Everything is on the other end of wet-noodle VPN. Nah; these folks use Best-Buy specials and the previous admin left such a mess that two months later I'm still picking up pieces.
At this point, it wouldn't be an "image" either. It would be a clean install. And there is a lot of CFO-only software to get off that thing...
The user was not a member of the administrators group on the local PC; unless one of the infections in question altered permissions post-infection...
Re: What we have here is a serious lack of comprehension...
Up to date Java...that's the thing...
Re: 12 steps
If only it were that simple, and the people who pay money for things didn't have say in their own environments...eh?
Re: At least there's the day rate.
This is the first thing in years I've seen simply waltz right on by MSE. It was actually Avast that caught the initial one. (Befor it was crippled, and MSE annihilated.)
Re: Why blame Java at all?
I can know the attack vector without knowing the name of the attacker. I don't have a clue what the initial Bad Thing was. I do know they were malicious. Jar files that set off the alarms. The browsers were up to date. No flash was installed. Moments after detection, the jars dissapeared. So did Microsoft Security Essentials, Avast and a large chunk of all thee browser histories. It looked to me like someone using a java exploit that didn't want a security researcher decompiling the attack vector.
I crawled all over the thing for three days. I was hoping for an awesome new browser zero day. Alas, "Java is still broken" is not much of a story. But I was able to get the "this is how you fix it" info out to people, in case they got hit. That was really my goal.
Not all of us are so lucky as to have full imaging gear and pre-vetted application stacks. This is a new client of mine; small, most IT descisions still taken directly by CEO, call for help as they need it. Remote cleaning was a priority. If it happened to me, it might happen to someone else in a similar position; worth the time then to write up.
Agreed; that's a next-week project; for when I have physical access. For right now, this works over Teamviewer, and everything I can throw at it comes back clean.
Reading comprehension fail.
"Hating or loving a logical construction such as a programming language is irrational, illogical and otherwise nonsensical. As a human being with an emotional reaction to the world around me, it is increasingly unavoidable."
"It is possible to code Java applications that are excellent. The ubiquity of the language as a primary educational tool has unfortunately made these the exception rather than the rule. So I hate Java; not because there's anything inherently wrong with the language, but because of a decade's worth of people who still haven't figured out how to use it as designed."
Like so many others, you have completely failed to actually read the article. I explicitly state that technology is a logical construct for which it is irrational to "hate." I also explicitly state that java [i]can[/i] be used for good. I also – the article is right there, go read for yourself – explicitly state that my negative reaction to java is an irrational emotional reaction brought about by the totality of the extended universe of issues that surround it.
The article is not about “how terrible Java is.” Java is a tool. The article is about how “horrible abuse of this tool by our entire industry has meant that it is a significantly larger frustration – and even liability, from a security perspective! – than the marginal benefits it provides.
Bonus points for skimming through so fast that you assume the only Java I ever coded was the crap I had to do in my first year of university. The anecdote explains why I left university seeking something better. Is followed up immediately thereafter by a description of how that was a bad plan and I ended up developing applications anyways. Those applications include Java, which I am still forced to use to this day.
Perhaps you need to detach your personal sense of self worth form the language you program in. There is no need for a tribal reaction; criticism of Java) or the wider Java ecosystem) is not criticism of you. If the sub editor’s title, or the opening sentence of the article [i]which is immediately followed by an open admission of trolling commenttards for fun[/i] sets you up emotionally to skim through an article with a blinding rage, there are problems. If you skim so you can quickly get to the comments section and core dump some hatred, there are all sorts of questions about how you define yourself personally and professionally that need to be asked.
If you cannot acknowledge the issues surrounding your choice of language, why should anyone trust you as a developer? You need to know about – and acknowledge – the problems before you can adapt to and overcome them. Tribalism regarding technology is an indication of inadequate understanding of the role of that technology.
Re: Thank you for this.
The problem isn't the hammer. The problem is that we told an entire generation "all you need is a hammer" and they actually believed it. Now ****ing everything has hammer marks where other tools should have gone, and nothing quite works the way it should.
I didn't want to be a "sysadmin" myself. I wanted to "make comptuers talk to eachother, and get them to do things in a coordinated fashion." (I later discovered that what I wanted to do with build beowulf clusters; sadly, I do not build beowulf clusters for a living.)
The rest just sort of...happened...
I never said Python was the best; I lack the diversity of experience to reliably choose a "best" language. Of the dozen or so that I, personally code in - including Java - Python is the one I enjoy coding in. Mostly because I enjoy the diversity of use cases for the code. It compiles - so I don't need an interpreter - and yet I can also use it as web scripts, shell scripts, etc.
It is a simple language that is easy to learn, code in a maintainable fashion and addresses all of the use cases I run across on a regular basis.
It isn't "the best," but it is my favourite.
"You will spend you life coding scripts and apps in two dozen languages, but also dealing with whinging users" is not how anyone sells the career of systems administration. Why would a fresh-out-of-high-school kid with no experience in systems administration know that beforehand? After all, it's derided as "digital janitors" and nothing more. Taking care of hardware and operating systems. "Simple, easy, unworthy of real effort." Sounded fun to an 18 year old; make money during the day, do real work as a hobby!
Re: "Java was my first experience of object-oriented programming"
You poor bastard!
Re: Your argument's flaw
Don't think "staying on at University" solves this; plenty of folks don't include the VM binaries with the application, still use applets or otherwise commit unpardonable sins. When I have to ship working Java code, these are not sins I commit...and I didn't finish University. It isn't the education; it's the asshat behind the keyboard.
Them folks with them fancy duh-grees still can't code for shit. The ability to pay attention to security, usability, lifecycle and maintenance isn't something that is easily taught. It's wrapped up in the deeper neuroses of "being able to think about people other than oneself." If you can't tear yourself away from the mitror for a moment, you never get time to think about the poor bastards that have to use your code.
Java amplifies douchebagitis because it's a secruity nightmare wrapped in a versioning problem.
I can code in Java just fine, thank you. I never did get the chance to stop doing so. Next?
Re: I beg to differ
I need to don some passive aggressive here.
To all the whigners bellyaching about my tearing the language up, how many of you read past the first sentance? Did I or did I not explain that hating a logical construct such as a language is irrational, that I recognise this, but hate the damned thing anyways? It is supposed to demonstrate that association of something inanimate or conceptual with a group of people you dislike can in fact cause the irrational response of hating the inanimate object (or concept.)
Which is a metaphor for every IT flamewar ever.
And I do hate Java. Not because the language is shite - it isn't...it's a language FFS - but because the end result of "Java" has been nothing but pain for over a decade. So instead of taking away "zomfgwtf he insulted the sacred!!!!", maybe folks should focuse on why I chose to do so. The lesson to be learned lies therein. :)
Re: Thank you for this.
Mama said "one idea per article." And the answer is Python.
Re: Goodbye mouse button
My experience with the client in question says that right clicking on nearly every element in the UI works just fine.
I am tempted to downvote you on principle. Your post implies that Oracle has in the past cared about Java or its user base. Or for that matter that Oracle may have at some point during its existance cared about the user base of any of its technologies.
I have yet to be exposed to evidence of this. Even third or fourth hand. Does anyone know a guy who knew a guy that Oracle cared about? Anyone?
giving no fucks since the beforetime.
Not despising corporations is hard for me. There is an innate distrust that I hold against people who are financially motivate to screw me over and take all my money.
That said, I have an SII, a Samsung Netbook and who only knows what else from them...
Samsung is growing on me. As a company, I find them less offensive than some...and increasingly I find myself buying their widgets. Then they go ahead and do something like this.
Well, I'll be.
MIght there be a consumer electronics company worth not actively despising after all?
Re: Careful with your evolution mumbo jumbo.
Actually, you'd be completely wrong. All extant members of homo sapiens sapiens (the only subspecies of the only remaining species (homo sapiens) from genus homo) can trace their lineage to mitochondrial eve and y chromosome adam.
Mitochondrial eve - contrary to the biblical reference in her name - was not the only woman of her time. She was however the most "fit:" all extant humans are her descendants; no lineages survived from any of her contemporaries. Similarly, Y chromosome Adam - far from the only man of his day - was simply the most fit. Adam lived about 142,000 years ago, and we are all his descendants.
It is generally considered that this occurred before the “out of Africa” migration. Once out of Africa both European and Asian Cro Magnons interbred with other hominids. Europeans with Neanderthals and Asians with both Neanderthals and Denisovans. There is no evidence of gene transfer between Neanderthals or Denisovans to the Cro Magnons living in Africa at the time. (Though with modern intermixing this is becoming less and less relevant.)
So there are exceptionally small genetic deviations between the three primary populations of humans based on horizontal gene transfer between the three extant human subspecies shortly after the “out of Africa” migration, however it did not affect either our mitochondrial or Y chromosome lineages. (Which is to say, the genes are pretty dilute in today’s populations!)
You can always attempt to prove that you are a separate species. Go to https://www.23andme.com/ and get your DNA sequenced. If you are a separate subspecies (or if your mitochondrial DNA or Y chromosome differs from the rest of humanity) then I promise you, the geneticists will be all over you like white on rice. Until then, suppositions of subspeciation within humanity have no basis in fact. They are as erroneous as the bullshit Aryan race theories espoused by certain madmen, and potentially as dangerous.
There is simply no evidence whatsoever to support subspeciation within the only extant lineage of humans.
Re: Careful with your evolution mumbo jumbo.
Since all of genus homo is classified as hominidae (great apes), then it stands to reason that all of our antecedents up to (and perhaps slightly predating) the last common ancestor would also be considered “apes”.
All hominidae (including all members of genus homo) share certain physiological traits in common that differentiate us from other primates (and lemurs, to whom we are also closely related.) Homo is most closely related to pan (chimps and bonobos,) with gorilla and pongo (orangutans) rounding out the extant species.
Now, if you wanted to get into a debate about the inclusion of hylobatidae (gibbons) in “apes” then you are some good company. The current consensus is that “great apes” be restricted to true hominids; a distinction which excludes hylobatidae.
So yes, we did in fact evolve from apes. Which makes perfect sense, considering that genus homo are in fact still quite definitively apes.
But “we evolved from monkeys” is a trickier one. Where do you draw the line on “monkeys?” Simiiformes (which would be where you’d find the last common ancestor of all monkeys and apes) breaks down into platyrrhini (new world monkeys) and catarrhini. Catarrhini contains both cercopithecoidea (old world monkeys) and hominoidea (apes).
Although it is common to group all monkeys together as if they were a homogenous genetic lineage, there are in fact two very distinct groups. Catarrhini are as differentiated from platyrrhini as platyrrhini are from lemurs. Indeed: new world monkeys show a remarkable genetic differentiation, giving rise to several major families; something that neither catarrhini nor homonoidea seems to have managed.
But we are apes. There isn’t a lot of wiggle room here. We just haven’t diversified enough to be something “special, unique and different” yet. We area a separate species, but not yet a separate family, let alone superfamily!
So I’d ditch the whole “evolved from monkeys” thing altogether. “Monkeys” is meaningless. But you’ll not escape that we evolved from apes. My dad was an ape. So was yours. I’m an ape sir, and you are too.
Re: New Reg SPB project:
I'll pitch on the kickstarter for that...
A Museum for Nikola GODDAMN Tesla
I only wish I had more to give. ++Bucket list.
Re: Choose conferences or events with real techies.
Sage advice. On my junket I was lucky to meet with the actual techies. My understanding is that both VMWorld and Build are like this. I wonder which others qualify?
Here's one: http://www.michaelgeist.ca/
Re: remind me what "freedom of speech" is
As a matter of fact, it is a world ideal. Defined in the United Nations Declaration of Human Rights. Signed by the overwhelming majority of nations in the world, it defines your rights as a human being, regardless of the government you live under. These are fundamental rights that are innate to being human, not rights "granted" by a government.
It is our duty as citizens the world over to uphold and defend these rights. It is through our collective defense of these rights against all who would attempt to suppress them – governments, corporations and individuals – that we as a species give these rights their meaning.
This isn’t a “Utopian Ideal.” This is the legacy – and duty – passed onto us by our forefathers. If we wish to remain free, to free others and to see our descendants enjoy freedom then we must indeed remain eternally vigilant. The rule of governments – and their laws, lawmakers and so forth – are granted by the governed. The rights outlined in the UDHR belong to every human being, no matter what any tin pot dictator – elected or not – chooses to say on the matter.
I am willing to die, if necessary, defending the above. What kind of person are you – how self important and entitled must you be – that you would not be? What must you believe that you would tell someone – anyone – that they are aught but chattle, granted rights as a whim, to be retracted just as effortlessly?
If that is what you truly espouse sir, then I think you are a terrible human being who is actively engaged in attempts to undermine one of the only great things our species has ever achieved…even if you are only doing through speech.
As a fundamental human right, however, I would still defend your right to air your opinion. No matter how contemptible I believe it to be.
Re: .reg, .vulture, .lohan
$185,000 across 6.6 million readers is ~$0.028 per reader.
So where's the kickstarter for .reg?
Re: This is not an article...
As the article says, *I* bought the beer. I am not a shill...but I am unreservedly, unashamedly a Ninite fanboy. I hate most software. I am getting to the point of hating computers in general. I distrust corporations - the larger they are, the more cynicism is triggered - and I am beginning to believe that almost everone in tech has an angle.
But I like Ninite. It is simple. It does what it says on the tin. It saves me time. If you - or the rest of the vicious interbitts waaambulance community - has some sort of problem with that...cope.
Every now and again, something is actually A Good Thing in tech.
Re: Trevor, would a new pair of
Adding a little bit of hardware to compensate for defects in the sensory apparatus can make the system more accurate. Unfortunately both the sensor design and the underlying system can only be corrected for so much.
How can you prove that what you see is correct? Your optic sensors are fallible. The transmission architecture to your processing centers is fallible. The processing apparatus that post-processes the imagery is fallible.
Worse, that processing apparatus does not even have the capacity to process the imagery in real time; it substitutes imagery from previously stored data to compensate for the extremely low resolution imagery available from the sensors anywhere excepting the very center of their scope.
Thus the image you “see” is actually a composite of what truly exists. It is a mishmash of sensor distortions, transmission errors, filter bugs, memory retrieval errors and recompositing glitches that you choose to accept as reality. There is no scientific evidence to back up the claim that “what you can see” in fact represents reality at all.
All things being equal, there’s a reasonable chance that “what you can see” is a closeish approximation of “what is.” But it is not now and never will be a completely accurate representation of reality.
So if your standard for “what is real” is “what you can see,” then you have abjectly rejected science (and the fundamental principals that it is based upon) in its entirety.
[i]You[/i] are an entirely fallible piece of equipment.
"MED-V is designed to only serve as a temporary solution for remediation. The end game should be the modernization or replacement of the application(s) in question."
The question I have is this: if I have to buy replacement software - or recode the software I have - why would or should the replacement software be locked into the Microsoft ecosystem one more time? If I must do this - because Microsoft are withdrawing support for the platform I use - then why wouldn't I simply invest my money in standards-compliant software? HTML 5, JAVA or so forth?
If it must be a native app, why not code it for Linux? That way I can deliver as an "App-V" style X11 solution to any desktop I want (using any client operating system I want) without lock-in or licensing issues.
In sort: if you force us out of the locked-down ecosystem you yourself created, who among us should be mad enough to lock ourselves in to the garden one more time?
Honestly curious how that logic works...
@Phoenix50 lots of MS fanboys here. Lots of neutrals who like many of MS's 2012 lineup. (Powershell 3, SMB 3, Hyper-V 3, SCVMM 2012, etc.)
But Metro is outright fucking garbage. So when we talk about Microsoft, we can - and do - talk about the good things. We also crap all over the descisions and corporate attitudes that crap all over us.
Turnabout is fair play.
Win9 development started last year
"We see vehicle and home automation as an important emerging market. IN order to unify the interfaces between our PC*, Entertainment* and Mobile* offerings (to which we still retain a strong commitment!) we are undertaking the most expensive Windows development project ever to completely reimagine the interface. Now you will be able to use a Mouse*, Keyboard*, Stylus*, Fingers*, Voice*, Steering Wheel, Wall Sliders, Thermostat and Television-mounted Kinect all as "first class citizens" on the latest Microsoft Windows!
To further our efforts to unify the look and feel of Windows across all devices, we will be optimising our operating system for 30-charater displays common on most household thermostats. Rest assured however, we will continue to support alternative display devices such as monitors or tablets. All data will be syncronised with the cloud using Microsoft’s new Windows BlueSkypeBee 60ghz high-capacity home-area-networking.
To smooth the transition to this new model, we have unfortunately had to deprecate all high-level programming languages. Win RT will still be supported on some device classes, however the only universally supported development platform is building your own scanning tunnelling microscope and flipping bits on our new Microsoft FAT Flash one atom at a time.
We have created a series of Microsoft Virtual Academy videos to help you embrace the power of this new development model. Users drive the need for great products, but it is developers, developers, developers who make those great products come to life.
Windows 9: what do you want to run Windows on today?
*Please note that these form factors and input types are only available with purchase o an Office 365 L5 or higher monthly subscription. (Minimum 10 users, $55 USD per user per month, subject to change. All users agree to be bound by the laws of the United States of America and the laws of the state of Washington. Service is provided on a “best effort” basis and is not guaranteed. Patents pending.”
--Redmontian PR flak transmitting via Windows 9 Temporal Interface from BUILD 2015. (Thanks to the new Microsoft Quantum Tunnelling STM; buy now on the Windows Store, only 10E72 Windows Points!)
Re: funny that
Scripting is easy. Basic OOP development is easy.
Good development...that's hard. I'd say being a real developer - the kind that worries about maintainable, modular code, knows the ins and outs of the language, understands things like polynomial versus logarithmic execution times for sorts and seraches - that takes as much time, effort, skill and experience as learning Deep Sysadmin stuff.
Of course, the devs are better paid and earn far more respect than the "digital janitors." But that's another rant...
Three Cheers for Minty (and minions)!
Thanks for keeping El Reg running. +1 syadmin awesomeness.
Re: Things move in GUI's.
I wonder, does Lotus 123 from back in the day count as a CLI spreadsheet? No mouse interface on that...
"Engineering culture" isn't all its cracked up to be either. IF you allow the engineers to tun the asylum then they don't nessecairily think about little things, like real world implementation, transition from extant technologies, privacy, etc. They just make the most technically fantastic protocol they can, and to hell with all the people who have to deploy, administer or use the thing.
Then they go on holy jihads against anyone who dare consider anything outside of the technical purity. Because the technical purity of something is all. Assuming of course you agree with the design goals of the engineers in the first place.
See IPv6 for an example.
Me, I’d rather have had a protocol with privacy and anonymity being major considerations. Instead IPv6 is attaching a target to my forehead…and presenting every single device to the whole world.
But – aha – for criticising it, I will most assuredly get a bajillion downvotes and more hate mail claiming I “just don’t understand IPv6.” Because disagreeing with various design decisions automatically means I am irrational. Who wouldn’t want IPv6 exactly as implemented?
The take home from this is:
Netflix stock is undervalued; buy now.
Nice unicorn factory. In the real world, business demabds a solution, informs you the budgef is zero and assigns one of your staff to shipping because the shipper just left. Two months later they call you lazy and incompetent because you haven't delivered on the 9 projects you have, and your regular maintenance is falling behind. Then they reassign another staff member and fire a third.
Re: Trevor Pott
Only works if the cother side plays ball. How long do you try in a one-sided effort? I lasted 8.5 years before I gave up. Now it's "man the barricades."
Re: Teenager? More like pre-teenager.
I don't know. I think you're mixing CE and corporate IT up. My experience seems to be that most companies (including our governments!) seem to push their systems at least to the 6 year mark. At that point, entropy takes over and the hardware's rate of failure starts dictating replacement schedules.
Even with a lot of replacements happening now (that old Windows XP stuff is at the end, for most folks,) I find that a lot of companies are being pretty smart about things. They care about things like vPro. They want corporate stable models for their purchases; they might be starting replacement now, but they want to know they can still get the last round two years from now. They buy spares.
Maybe it’s a “large enterprise” thing? You’d have more experience in the 2500+ seat range than I do; down in the 25-1000 sat range, 6 year life seems to be about right. Maybe longer, as it’s at about 6 years that people say “I should replace that,” but it can take a while before that replacement actually occurs.
Phones and other CE devices however…they are on a rapid replacement schedule that I just don’t see with desktops and laptops.
So I am curious; where are you seeing this? Across which cross section of corporates? It is region or industry limited, or are you seeing it broadly?
Re: It's even simpler than that.
Not so black and white. Sometimes you just end up in such a poorly run company that yes, the rest of the company is at war with IT. IT can only drive costs down so far. Eventually, refusal to invest by management means that you reach the hard limit of what can be delivered.
In those companies, resources are usually pretty thin on the ground, and everyone jealously eyes everyone else, looking for spare coppers. No matter how servile IT acts, some workplaces are simply toxic for everyone.
While a truly toxic workplace is probably not the norm, the workplace where management and other departments are joined up, “on the same team” and understand their role in business is probably just as rare.
Most companies fall somewhere in between, and the efforts of systems administrators alone are not going to bridge to social and political gaps in management strategy.
- Updated Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
- Elon Musk's LEAKY THRUSTER gas stalls Space Station supply run
- Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
- Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
- Android engineer: We DIDN'T copy Apple OR follow Samsung's orders