Feeds

* Posts by Trevor_Pott

4892 posts • joined 31 May 2010

Windows 10's 'built-in keylogger'? Ha ha, says Microsoft – no, it just monitors your typing

Trevor_Pott
Gold badge

Re: That means Trevor Pott was right

Eh? I use Windows 7 on my laptop. I use CentOS on my servers. I do have a laptop with Mint, but that's my security unit.

Honestly, the instant that Wayland is fully baked, I'm leaving Windows behind. FreeRDP server was incorporated into Weston and it provides a fully modern RDP experience for remote work. That's all that was ever really missing from Linux in order for it to be my primary environment. I prefer working via VDI for a large number of reasons.

As an endpoint OS, I prefer a heavily modified Windows 7 environment to pretty much everything else I've used. Though Windows 10 has some very serious potential to be every bit as usable.

The problem is Microsoft itself. I just don't trust them. They've screwed me over and over and I am absolutely, 100% convinced they'll do it again. They are emphatically not honorable, which means that no matter how good their technology is it simply does not matter.

Microsoft could have the best technology in the world - in some niches they do, in others they emphatically don't - but that's just not enough. I can't do business with, trust my business to and ultimately trust my privacy to a company I can't trust.

That's before we even get into the rank madness that is Microsoft's VDI and SPLA licensing, the #1 reason behind my philosophical (and monetary) support of various open source projects.

Linux doesn't have to be the best at all things to be usable. Microsoft sure as hell isn't the best at a great many things and it's used in all sorts of bizarre places. What Linux has to be is trustworthy. I am not talking here about "bug free". No software from any vendor will ever be that.

I am talking here about the ability to run the software without fear of jackbooted sociopaths and their hellspawn laywers showing up to annihilate your business because you did something that seems perfectly rational to ordinary people but violates some obscure clause of a licensing agreement.

Spending half a year's revenue on licensing only to find out that the specific implementation you wanted isn't covered in that particular scenario can end a business. Usually because the alternative licensing either simply isn't possible or costs 20x the company's yearly revenue.

Trust is the knowledge that if I don't like something - from a UI element to an API change - there is the option to simply not participate. Linux can be - and is - forked when someone does something asinine. Windows users just have to close their eyes and think of England.

For all your snarky sniping and your dedicated vitriolic fanboy bullshit, Mr Anonymous Shill, you never do address these issues. And at the end of the day, I'm just tired of fighting the battle. Against Microsoft, against you, against the legion of paid "evangelists" that make truly obscene money to "control the message".

I'm tired. Tired of Microsoft. Tired of their licensing bullshit. Tired of having to worry about being in compliance with some stipulation about how I can use software that I paid for.

Make your jokes, spread your lies and be damned. I'm absolutely going to put my time and my money into Linux for the simple reason that it has become the path of least resistance. It takes less effort. It takes less learning. It takes less fighting and it just costs less, in time and in money.

Technology isn't enough. I buy computers because I actually want to use them. Not because I want to spend my time managing them, or dealing with the legal logistics of licensing them. For a computer you can actually use, it sure looks to me like one of the only choices left is some variety of Linux.

Cheers.

12
1
Trevor_Pott
Gold badge

Re: That means Trevor Pott was right

I read the EULA start to finish. I encourage everyone to do so. It is, in point of fact, the best written, easiest to understand, most "plain English" EULA I've ever read. It is an example of how to do an EULA right.

It doesn't have all the detail about exactly what methods they will use to spy on you, but it's pretty explicit that they will, and they'll be cavalier about it.

My issues were "what was causing the data leak" and "why can't I turn the taps off".* Because knowing how it all works is my job. And by knowing how it works in the preview we know what to look for in the release version.

As it turns out, the stuff I couldn't find and kill in the OS itself was Windows Store apps phoning home, even when not open. And they sent a lot of data. Uninstall them, and I only saw the traffic I'd expect to see from a surveillance an instrumented OS.

Most importantly, I reported all my findings to Microsoft via their "Microsoft Feedback" tool. Which, just by the by, you need to convert your Windows into a cloud-attached Microsoft Login setup to do. And that means that you can't say no to Skydrive. And...

Anyways, short version: I have problems with choices made in how Microsoft has designed the privacy and security elements of the OS that have nothing at all to do with Microsoft instrumenting a technical preview. Most of my issues are with stuff I fully expect to be in the shipping OS.

What I want is an operating system that is "privacy first, security first". What Microsoft wants is an operating system that is "cloud first, mobile first". We are probably never going to see eye to eye on this; our interests are diametrically opposed.

But, it is my actual job to download, install and play with the technical preview, the beta, and every other version that happens along. I'm a technology journalist. It's what I get paid to do.

If folks are shocked and shaken that I do so, then actually talk about the issues I uncover...well, then I don't understand why they read technology magazines - or the forums on those technology magazines - at all. It seems to me that they are actually going out of their way to expose themselves to the sort of information, opinions and facts that they explicitly want to avoid. (Or want to avoid until the final version is out.)

If anyone wants to pillory me for doing my job of investigating new technology, go right ahead. Honestly, after a few years, you really do get used to it.

*There is also an issue of what the defaults are, and the fact that turning things off doesn't actually turn them off in the preview, as well as that controls don't seem to exist in the UI for half the data collection points. But, to be honest, I'm willing to overlook those in a technical preview, though I do comment on their existence and I have reported this all to Microsoft.

11
0

Verizon: We're throttling broadband. FCC: WTF? Verizon: Lol, jk!

Trevor_Pott
Gold badge

Re: Yup

Thanks for confirming your biases, anonymous coward. You believe that anyone who actually wants what they pay for is "demanding a free lunch" because you believe that it is the duty of every "consumer" to simply pay whatever they're told; in your world consumers exist to serve the cartels and are otherwise without value or rights.

Netflix is allowed to create hugely asymmetrical traffic into an "access network". That's what access networks do; they provide access for the end user to content out on the internet. There's no other reason for Comcast to exist other than to provide it's users hugely asymmetrical access to content that resides on other networks.

We pay our ISPs to build that access network and to ensure they have enough interconnection with other networks that we get the data we request. We don't pay them to maintain some 1990s false economy concept of "peering is free only when network exchange roughly equal amounts of information".

That's long dead. We're not a bunch of text-based academic networks anymore. Content lives in a handful of big sources now. Without the ability to access that content, there's no reason to have an access network in the first place or for all those millions of customers to pay the ISP the monthly bill.

Comcast doesn't like this reality. They think that because they have the subscribers by the short and curlies that they can play dirty in order to get Netflix to agree to cough up all the revenue they're losing from cord cutters who are saying "no more cable TV". There is even quite a bit of evidence that Comcast was massively throttling Netflix before they finally capitulated and agreed to pay.

Note that Netflix agreeing to pay to peer directly with Comcast isn't evidence that Cogent wasn't up to the job. All it shows is that Netflix wasn't going to pay Cogent and then Comcast as well.

And that is the original source of the disagreement, just by the by. Comcast (and a couple others) getting butthurt by the fact that Netflix traffic grew so fast, so quickly that their existing agreements for peering with companies like Cogent started to look like something they weren't able to monetize to their liking. They started to demand that Netflix - and a couple of others - pay to push that traffic on top of the existing agreements, and refused to increase peering bandwidth with anyone carrying traffic from Netflix et al until they capitulated.

Netflix was perfectly happy having an intermediary do the transferring because it meant they built one point of interconnection and the rest was the intermediary's problem. Instead, they ended up with a series of messy peering arrangements directly with the access network providers each of which continually tries to shake down Netflix for more money.

That is exactly the position Netflix didn't want to be in. Now every time renegotiation comes around they get to play the same stupid games with these monopolistic cable cos as they play with the traditional content providers. Blacking out shows, threatening not to run season enders or other such pap.

I don't think anyone would have a problem with a transparent where Netflix is jacked directly into the access network. in that case it isn't so much "peering" as "that provider is now one of the ISPs for Netflix."

But the problem comes when companies like Comcast start shaking down companies using third party transit providers that already have agreements. Netflix pays their transit provider. Who pays whom to get bits and bytes on or off of Comcast's network at that point is 100% between the access provider and Comcast. At no point should the traffic origin matter.

No internet service provider should be allowed to charge anyone different amounts based on the origin or destination of the traffic*. Everyone connected to a network should pay for the total traffic load they put onto the network.

The end user pays for what they upload and what they download. Business users, colocation facilities, datacenters and so forth pay for what they upload and download. Peering with other networks is trickier, but generally can go up to a 5:1 access to transit ratio (sometimes higher) before money is requested, because the access networks know that without the "big content" on the transit networks, there's not much reason for them to be.

But you don't turn around to a peer and say "pay me more because you carry Netflix". You don't tell a peer "we won't increase interconnect with you or even negotiate with you becausse you carry Netflix". You don't blackmail individual content providers into directly interconnecting with your network, and you don't don't individual content providers "you pay more to put traffic on our network than peers or other datacenters/enterprise customers/etc because you're Netflix".

That's what network neutrality is all about. It isn't about getting "a free lunch". It's about treating traffic equally. Everyone pays. And everyone pays only once. And nobody gets to discriminate and nobody gets to blackmail.

It's about dealing fairly, and about preventing any one entity from using control of their piece of the pie to beat others into submission.

If Netflix turned around tomorrow and said "we're blocking Comcast customers" I'd be the first to say "not cool, Netflix." The problems are many, and only actually legislating net neutrality will help.

Right now, there is fuck all to prevent any given party from bullying the other, and the concept of "he who has the biggest stick wins" is completely unacceptable.

Right now, there is no means of arbitration for disputes except the courts, which take forever and don't have the understanding to make a rational decision here.

Right now, we have the same companies owning access networks, traditional content distribution networks and content creation networks. There are massive conflicts of interest.

At the core of it is this concept: no company should be able to use a dominant position in one market to create a dominant position in another market. This is exactly what Comcast is attempting to do, and it's absolutely unacceptable.

I am - to a limited extent, and only if used with care and for sound technical reasons - okay with prioritizing traffic under two scenarios:

1) traffic is prioritized based on content type, but explicitly not on source or destination. E.G. voice & video (which are latency sensitive) prioritized over other traffic. But it isn't okay to prioritize "VOIP from Comcast" while degrading Skype, or VOIP from another competitor. It also isn't okay to prioritize "video from Comcast" while throttling (or leaving prioritized) "video from Netflix". If you prioritize traffic from one class, you do it for all examples of that class to and from all sources. Period.

2) traffic that is classified as "emergency services" traffic. This could be - and I'd argue should be - hashed out in legislation. Traffic to/from police, fire, medical and rescue services should take priority over all other traffic. We are an increasingly internet dependent society, and in an emergency traffic to/from emergency services is all that matters.

I'm not saying Comcast - or any network provider - doesn't have the right to try to make a profit form their investment. By all means; they should do so. They take the risk, they invest in infrastructure, they should structure their business and price their wares such that they can stay in the black.

But they should not be allowed to build barriers to entry for competitors looking to enter the market. (See laws they've managed to push through that say "no other companies shall be allowed to lay fibre/build out last mile networks/etc." Especially ones that say municipalities or counties aren't allowed to do so.)

And what isn't okay - what never will be okay unless you're a fucking sociopath - is the idea that the economic interests of the company owning the access network should ever allow it to abuse it's role as gatekeeper to restrict or prioritize traffic based on origin or destination. Especially as a means of harming competitors.

Maybe if you give a bent fuck about your fellow man, weren't such a self-absorbed fuck and spent your time doing something other than obsessing about what other people do with their lives you'd be capable of understanding the above.

As it stands, I don't expect that any amount of reading, exposure to facts, or introduction to the real world results of giving ISPs free range to clamp down on competition will make you capable of being informed. You have your agenda - defend crony capitalism and the cartels that make it up - and you'll die before you admit that you're wrong.

Well you have fun with that. You're the digital equivalent of some sad old fuck who still rages about "niggers" being allowed in the same schools as white kids**. You are a representative of an old guard establishment. The rest of us are just waiting for you - and the rest of the aged bastard like you - to just die off and make the world a better place.

Cheers.

*With the possible exception of "on-net" versus "off-net" differentiation (a-la MPLS). This is because it simply costs far less to transit packets across your own network. As soon as it has to peer, then it makes sense to up the rates a little.

**And yes, in case you hadn't notice, network neutrality is a social issue, not one of "wanting to get a free lunch". It's about right of access and the right to be treated without discrimination. It's about customer rights and the role of the individual - and governments - in a society where mega corporations have unprecedented power over all aspects of our lives.

3
0
Trevor_Pott
Gold badge

Re: Yup

"Someone's asking you to pay for what you use, and you bitch and whine like a baby?"

I agree, this is exactly the question you need to be asking the cartels. Why do they have such a problem paying for what they use? They use our capital, but refuse to pay for it by investing in new infrastructure. Fucking babies.

As for your belief that "equality = getting some other sucker to pay for my big fat lunch", well...it's clear to me that you subscribe to the cartel mindset and propaganda.

Me, I believe that equality is where everyone pays for what they use, and nobody gets to double dip. So Netflix pays their ISP. Their ISP pays for peering. We pay our ISP.

Nowhere does our ISP get to charge Netflix. I'm paying my ISP for bits to move across the network. They don't get to charge me more or less depending on whose bits they are. They don't get to charge Netflix - or anyone else - to make their bits go faster than those of others.

Equality is where everyone pays for what they use. Netflix pays for their bandwidth. End users pay for their bandwidth. And ISPs invest in new infrastructure.

Nobody gets a free ride. Not the cartels, or their whiny baby bitches either.

8
2
Trevor_Pott
Gold badge

The whole event was probably a PR stunt stages from the start in an attempt to give Wheeler a shred of credibility so that when he screws the US re: net neutrality he can claim he's "not a shill"* and that the millions of responses for Net Neutrality really were expressing their desire for internet slow lanes to be created.

But that's all a good thing, because it will keep the filthy freetards from destroying civilization as we know it. The free market will save us all, but only if we regulate against any threat to the business models of established cartels.

Back in you box, consumer. Unless you're going to pay ever more money to not actually consume anything, just get off the internet and leave those bits and bytes to someone who is higher margin than you, mmkay? There's a good prole...

*Despite being the former top lobbyist for the telecom industry

8
2

EU's super-commish for tech: Geo-blocks on cat vids, music – NOT FAIR

Trevor_Pott
Gold badge

He says all the right things. So either he's lying, or he's about to get whacked. Nobody that good ever makes it to positions of power in government.

11
5

Desktop, schmesktop: Microsoft reveals next WINDOWS SERVER

Trevor_Pott
Gold badge

Re: hate for powershell?

"More mature? How about *old*?"

I have a Sanyo clock radio purchased in 1982 three months before I was born. It is still to this day my primary alarm clock and it still works like a hot damn.

I have an IBM model M purchased 8 months before I was born. It is still to this day my primary keyboard and it still works like a hot damn.

I have a set of stainless steel pots and pans purchased over a decade before I was born. They are still to this day my primary pots and pans and they still work like a hot damn.

I have a blender that was purchased 5 years before I was born. It is still my primary blender to this day and it still works like a hot damn.

Old?

Yes, please!

I can list hundreds of items that are in use in my house that are from before I was fucking born. That makes them well over 30 years old, and they are all still my primary items for those use cases. At various times I have bought "replacements" that were "newer" than each of them. Inevitably, each of those items broke beyond my ability to repair and I went back to the tried and true.

Newer isn't always better. If you cannot grasp that simple, fundamental truth then absolutely nothing else you write is worth listening to. Christ man, you live in a consumerist society, for fuck's sake. And you're peddling "old = bad"?

Read this and for the love of $deity get out and actually gain some worldly experience.

Next, you can go back and actually read what I wrote, and realize that my beef was with the fanboy asshats who propose PowerShell as the only - or at least the primary - means of administration on Windows server. More specifically, those who say stupid things like "GUIs aren't necessary because there's PowerShell", or who propose automating and orchestrating entire datacenters using nothing but PowerShell.

As for "why is Linux better", the poster above me got it dead to rights. Also: flat text > APIs any day of the week. APIs change and evolve, and not everyone is a programmer. Text files change too, but if you can't read you're useless for a systems administrator regardless of the interface.

If you honestly believe that APIs will always be backwards compatible you're naive and deserve what you get.

In all, you come off as someone horribly young. Naieve, easily led, and not having studied history so you can learn from it.

Pity, maybe if you had been born during an era of tools and devices that were generational you might appreciate the value of engineering for quality instead of designing for obsolescence.

1
1
Trevor_Pott
Gold badge

Re: User Interface

Wow. You're actually so bad at marketing that you don't even keep up with the party line. For the record, even your masters don't believe the lode of tripe you tried to shovel. Please check out their official documentation here which not only shows there is quite a bit of configuration to do to get IIS ready for production, but also shows that "IncludeAllSubFeature" is an absolutely stupid thing to do.

For anyone else reading this thread who wants a much better look at what's needed - and please, if you plan to use IIS don't listen to the anonymous liar - go here and read good, solid info from the pros.

6
2
Trevor_Pott
Gold badge

Re: User Interface

No you don't. Webmin is fully self contained. When you install it, it installs it's own web server.

wget the RPM, install the RPM, done. (Open hole in firewall if accessing remotely.) http://www.webmin.com/rpm.html

In my case, I usually install the repository, so I actually wget a bash script off my webserver and execute it. One line of code and I've not only downloaded and installed webmin, but set it up so that future versions will automatically update as part of the system.

It doesn't rely on your OS' native web server in any way. It's a separate set of executables, and you can indeed use Webmin to set up your web server once installed. :)

2
0
Trevor_Pott
Gold badge

Re: hate for powershell?

I should have been more clear: with a few exceptions, PowerShell is generally despised as a means of day to day administration. It's not that it's utterly useless, it's just that for the two most common use cases - putting out fires or automating farms - it is surpassed by other toolsets. (The GUI for firefighting and Puppet/Chef/Saltstack for farming.)

PowerShell is a fantastic expansion of the CMD CLI. It's a great ancillary tool. But it's primary use is as "one tool in a toolkit consisting of many tools". In the role of "the only tool" or even merely "the primary tool", PowerShell fails.

PowerShell is ultimately good for A) getting at features MS neglected to put in the GUI or B) batch scripting. If you'd normally write is as a cron job, PowerShell can do the thing. Or, if you are trying to do a series of actions as part of an upgrade process/migration, PowerShell might be a good answer.

But for standardised deployments, policy pushes, standardised updates or even bulk migrations any of the proper automation/orchestration tools are just flat out better. And for those situation where you're fighting fires, an intuitive GUI is way better, especially for those instances where you're fighting fires on an application you haven't touched in months, or even since it was originally installed.

This is - to put it mildly - a different role than is served by the CLI in Linux. The CLI in Linux is much more mature, with a multitude of scripting languages grown around it, and the majority of application configuration done as flat text files, not as XML. (Systemd can die in a fire.)

So yeah, when people come out of nowhere and say stupid shit like "real sysadmins only administer servers with PowerShell" actual real sysadmins roll their eyes. It's not the correct tool for the day to day. It's a point solution to specific problems. It's good at that, but if someone tried to force you to use it as the only solution, you'd go mad.

And, quite frankly, I've met more than a few marketing-driven types who absolutely do try to force their sysadmins into PowerShell only management. They experience high turnover then start complaining loudly about "how hard it is to get IT talent".

7
2
Trevor_Pott
Gold badge

Re: Powershell 5 and W7 / Svr2K8r2

Really? That's rather disappointing. It will cause further fragmentation for the group of admins that use PowerShell as their means of administration. How unfortunate, and my condolences to PowerShell admins. I hope Microsoft changes their mind.

1
0
Trevor_Pott
Gold badge

Re: hate for powershell?

Because PowerShell is fuckimg irritaying when trying to use it to put out fires on a local system -the gui is far better - and because Puppet walks all over it for bulk/automated/templat-based or remote administration.

That's why most admins hate PowerShell.

7
4
Trevor_Pott
Gold badge

Re: Windows Update?

Don't ask that. You see Windows was famous for decades as being the OS that was easy to administer even if you had no clue how most of it worked. Microsoft walked away from that ages ago. Now it's :memorize your powershell" or "use some ancient horrible UI that even CA or Symantec would be embarassed by."

System Center isn't a selling feature, it's a prison sentence.

5
4
Trevor_Pott
Gold badge

Re: User Interface

I have set up web servers on CentOS and Windows Server 2012 R2 using CLI. Setting up a running server with Wimdows is quicker. A few commands and it serves your URL. Setting up a secure and properly configured server is easier in CentOS.

This is because Apache comes with a human readable flat text config file. Perfect for use on the command line. Windows requires either eleventy squilling powershell commands, or impoting a pre-canned config.

In a windows world, you rely on a series of commands to read an xml config and then set that xml config. It's an irritating round of "20 questions" to troubleshoot and secure.

In a Linix world, you start at the top of the file and you read to thw bottom. The comments guide you and it's like stepping through a text-based wizard.

PowerShell is all about the power of rote memorization. You either speak and memorize the arcane language and it's commands, or you live with a collection of carefilly guarded (and horribly documented) command referencea beside you.

Linix is all about knowing a few key commands and then editing a squillion text files. And 95% of the configuration you need to do in Linux can be done in Webmin anyways, so there's no need to splaff about on the CLI, or to install a full-fat GUI.

For the care and tending of automated server farms, Puppet wrecks both CLIs. Anyone who trylu WANTS to configure servers from a script-like environment should be using Puppet, Chef or Saltstack, making rhe whole argument about which CLI environment is 'better' not only rediculous, but the surest way to detect people who haven't the foggiest fucking clue how to properly administer modern systems.

10
4

iPAD-FONDLING fanboi sparks SECURITY ALERT at Sydney airport

Trevor_Pott
Gold badge

Re: i hate this man

A) Because headphones and/or earplugs don't work. Nothing actually blocks out the shrieking of those awful larva.

B) Because not one of you has yet explained to me why "failure to keep fly zipped/legs closed" somehow grants upon the individual in charge more rights than the entire rest of the plane?

Maybe you think your child is "special". Maybe you believe that parents deserve more rights than other people, or that children deserve special consideration. I don't. And not one of you has given me a reason why I should change my views.

As I see it, we're all equal. If you get bring smell, squealing larva onto the plane to irritate everyone else, why can't I have a boom box? Hmm? Or why can't I scream my head off like a child?

I call for a "children's section" in uber steerage. Walled off from everyone else and sound proofed. Where the larva can scream and shit and run around and affect only themselves. Oh, but that's "demeaning" to the parents somehow? Yet you also maintain it's not demeaning to everyone else to lower their quality of life in order to make the parent feel included.

I don't buy it. Call me whatever names you want. It's 2014. Being a parent is a choice. You chose to conceive and birth that abomination.

I don't see why I should be happy that you make my life miserable just because you make stupid choices. I'm not going to scream at you for doing so, but I sure as hell am not going to smile at you and tell you that everything's cool, and that I am totally chill with your decisions to inflict your poor choices on the rest of us.

0
1

Linux systemd dev says open source is 'SICK', kernel community 'awful'

Trevor_Pott
Gold badge

Re: This is the pot calling the kettle black.

Sievers isn't the only problem. Poettering is an ass who can never admit his baby is ugly, and will viciously go after anyone who suggests it is. The both of them are 10,000x worse than Torvalds will ever be. Worse; they're wrong, and Torvalds is right.

Butthurt bastards foisting their abomination on the world.

38
0

Meg Whitman: The lady IS for TURNING. HP to lob printers'n'PCs OVERBOARD

Trevor_Pott
Gold badge

RIP, HP.

9
0

I'll show you the D next week – billionaire space baron Elon Musk

Trevor_Pott
Gold badge

Re: The Tesla Diesel?

Tesla Dirigible would be amazing. Imagine if he managed to get a fleet of solar-powered dirigibles with proper helium storage and recapture tech (to minimize losses), including the air compression and condenser tech for ballast control. Wrap it all up, automate it, bring it into the 21st century.

Done right, he could revolutionize shipping. Screw multirotor drones; dirigible delivery! (At least from pad to regional/local depot.)

0
0

JPMorgan Chase: 76 MILLION homes, 7 MILLION small biz thumped in cyber-heist

Trevor_Pott
Gold badge

Re: Where do/did stuff like PCI rules and audits fit into this picture?

Understand that there is nothing in the PCI/DSS certification standards that would prevent a determined and well resourced (especially state resourced) attacker from penetrating a given site. It isn't what you think it is. It certainly isn't security standard of a class to keep out former KGB officers in the Russian mob.

I agree that a bank that big should have better security, but strict adherence to PCI/DSS wouldn't stop things. You need way better security than a few tickboxes and some checklists.

1
0
Trevor_Pott
Gold badge

Re: Erosion of trust

I agree; when your enemy is better resources with better talent than you have, it absolutely is a security disaster waiting to fail. Even if you're using an excellent operating system like Linux, administered by administrators who know how to secure it properly.

At the end of the day, the bad guys have more resources to find holes than the good guys do. And they will exploit them immediately, whereas the good guys then have to turn an "identified hole" into a "patched vulnerability."

But at least they were using Linux. It's a start. If they were using Windows not only would we never have known there was a vulnerability - and thus people would still be actively exploited - but there's a good chance that by compromising such a large bank for so very long undetected they would have been able to do serious damage to the economy.

Western nations absolutely need to up their cyber-security game because it absolutely i sa security disaster waiting to happen.

But good on them for not using windows; it's the first step towards a more secure future.

1
0

Atlas snubbed! Ad blocker says it can kill Facebook's stalker tech

Trevor_Pott
Gold badge

Re: Not with a bang, but with a whimper

@Psyx

Actually, I have adblock configured to allow advertisements from sites that are aware of adblock and do various things to signal it that it's okay to display ads. I also have adblock configured to allow advertisements when they are hosted from the site itself.

Adblocok does, however, block any of the major advertising platforms (and their trackers) as well as all the "twitter buttons" and "facebook buttons" and so forth.

I don't mind advertising so long as it isn't A) Moving and B) Tracking me.

Static images or text are fine, so long as they're not tied to trackers. Those are highly unlikely to contain exploits that could harm me. Animated things - particularly flash - absolutely can crawl through the internet and do me harm.

It's security - both of my privacy and my desktop - that drive my use of Adblock. Not some hatred of ads. So do bear in mind we don't all have the same motivations.

2
0

The magic storage formula for successful VDI? Just add SSDs

Trevor_Pott
Gold badge

Re: I guess

"For those who do really want to play in the DaaS space, build a decent Terminal Services/RDS setup and leave it at that - it's far less work, provides pretty much the same user experience and is much more efficient on server/storage resources."

Until you run into licensing issues with any number of applications. Or some application crashes in one user session and either tanks the whole server or at least crashes the app in all user sessions on that machine. Or one user manages to overcome even Microsoft's latest and greatest "noisy neighbor" protections, rendering the entire system unusable for all users. Or until a single configuration error tanks a server for all users...

Please, RDS as the solution to all ills is a Microsoft sales pitch used primarily because Microsoft is terrified that if people can ever actually afford to proper endpoint VDI then they will lose their "windows on every endpoint" monopoly. People will buy Android devices and just RDP in to consume Windows for legacy apps and use modern device local stuff for everything else.

Oh wait, I see this every day.

VDI done right is bloody easy today. VMware's Horizon 6.0 Suite makes all of the bits for proper VDI so simple a lobotomized chimp could do it. That includes packaging your apps into individual VMDKs and attaching them on an as-needed, policy-driven approach to golden master/spawned child disposable VMs.

Or you can go the "static, dedicated" route for VDI, which I also have extensively deployed. They work like a hot damn for just about everything, and Liquidware Labs will solve any/all of your profile-related ills. Either in a VM or on a desktop. Or switching between the two.

VDI is easy today. And it gets easier every day. That's why it's such a threat to Microsoft and why they so viciously protect their extortionate monopolistic pricing. Microsoft licensing if the roadblock to VDI, not the ancillary technologies that compensate for Microsoft's shitty - and downright insane - design decisions in the creation of their endpoint OS.

Microsoft's engineers have been defeated. But the industry may never defeat their lawyers.

0
2

One Windows? How does that work... and WTF is a Universal App?

Trevor_Pott
Gold badge

Re: Fully Instrumented

@Jack of Shadows: You've solved it!

Once I started pulling out all the store apps the constant stream of activity to Microsoft's server ceased. My next quest is to find out which of the store apps were causing this, and what, exactly, they were sending.

Also: why some of them were sending so much data...

0
0
Trevor_Pott
Gold badge

Generally, if Microsoft "takes some of your files" for something something bug reports it is as part of a problem report process. I've never heard of it just randomly firing when noone's touching the thing before, especially if there are no problem reports left to send.

0
1
Trevor_Pott
Gold badge

If the damned thing works, does what it's supposed to do, doesn't have obvious privacy flaws and so forth, then absolutely. It\'ll write up a great review and talk about all the things that have changed for the better.

Unlike fanboys, I'm not biased for or against companies. I absolutely have ideals (like privacy) that I believe in, but I could give a rat fuck about vendors one way or another. That's something a lot of forum rats can't seem to grok. There's so much overwhelming brand tribalism that they just can't understand things like "shitting on a broken product, then praising a fixed one". They think we should have "loyalty" or some other mad whack crap for vendors.

I fail to see why.

Now, if Windows 10 ends up good will I stop calling Microsoft out on their other failures? No. VDI licensing, SPLA licensing, death of Technet, death of SBS, lack of a "zero American legal attack surface" ecosystem for their cloud offerings (such as Office 365). Microsoft has a long way to go before I see them as "the good guys".

But they do occasionally turn out good technology. If and when they do, I have no problems whatsoever with telling the world that. Just as I have no problems looking past the tech to talk about all the stuff they desperately want nobody to mention until the marks are committed to buy.

And the same goes for every single vendor on earth, except Ninite. Ninite gets a free pass, because they're Ninite. We all get one.

I should point out also that I have used the Microsoft Feedback mechanism to lodge about 50 issues. I'm doing the leg work. What about you?

12
4
Trevor_Pott
Gold badge

"Oh yes, since then the "evangelism" has grown beyond a few "keen users" to entire divisions. Google it."

And what they're willing to pay! My lordy; but it were tempting.

4
4
Trevor_Pott
Gold badge

"I think it's fair to say (given products on different platforms and the ongoing open-sourcing of many of their developer tools and other stuff) that Microsoft are a very different company in 2014"

I don't think it's fair to say that at all. Their corporate culture really hasn't changed much at all since then, with the exception of a minor focus on security...but they all just got fired. Now security is the responsibility of the same people under pressure to deliver to deadline. Which is going backwards into the 90s, thanks.

Nadella's good people, and I honestly believe he's trying to change things for the better, but he just doesn't have the cloud. He's fighting vicious piranhas in the board room and his own executives - none of which are his lieutenants, you'll remember - who are all devoted to protect their empires at all costs.

Microsoft is still very much Ballmer's baby, with Bill's hands deep in the pie, as it was throughout Ballmer's reign. It will be years yet - if it's even possible - before that changes. And Windows 8.2 (now 10) is not something that bears Nadella's personal mark.

Ad for the bundling of IE, I never had a problem with including it in the OS. I did have a problem with building other OS components such that they depended on it. (Windows Update, etc.) It's still a problem. In fact, I have 9 separate bug reports in on Windows 10 right now about elements of the OS that seem to call IE, despite my desire to banish the thing from my sight, and it not being the default browser.

For example: that integrated search shit I can't turn off? Why is it calling IE, when Firefox is my default browser? More to the point, why is it calling Metro IE? There's something broken there.

Funny, isn't it, how those problems from so long ago are still problems. Especially is Microsoft were the "good guy" company you and others so often make them out to be.

They are the product of their history. Good and bad. And change in that company is very, very slow.

16
6
Trevor_Pott
Gold badge

I said cloud features <i.of the operating system</i>. Not stuff you voluntarily download after the fact.

Understand me fully here: I have zero problems with targeted advertising, with unified search, with cloud storage or any of this. None. What I have a problem with - a very large, very fundamental problem with - is the integration of these items directly into the operating system.

The OS should be as minimalistic, safe, secure and private as possible. By all means, give me an option post install to download and enable a whole host of Microsoft products and services. Pull up the Windows Store - the one element of all of this I have zero problem with being integrated into the OS, by the way - and give me a face full of Microsoft's products services and applications.

I even think the EU can jump in a lake, and Microsoft should have no reason to display Google's stuff or Apple's stuff. It their damned OS and their damned store.

But don't build it into the OS. If I want cloudy stuff I'll install it. I don't want it turning on without my knowing, or some GPO enabling it, or the feedback mechanism in the OS requiring me to feed them my Microsoft ID.

And that goes for everyone else, too. Google can eat a sack of genitalia for the deep integration of cloudy crap into Android and Chrome. Apple with iOS isn't too bad, and OSX is even better. Canonical's Ubuntu Amazon Spyfest can go straight to the hot place.

There's plenty of "damned good operating system" in Windows 10. But the cloud integration is emphatically not okay. And it would be just as not okay if it were some other company building their shit into the OS too.

If I want your cloud crap, I'll make a conscious choice to install it and punch in my credentials. Under no circumstances should giving up one's privacy be so deeply embedded into any operating system that it's just "the flick of a switch" (or a power shell command, or a GPO) away.

If you want to hate me as a person for believing the above, espousing the above, or demanding the above from vendors, you go right ahead. But I've no time for vendors who view privacy as an annoyance or a second class consideration, and I've less time for fanboys who give those companies a free ride when they do.

27
5
Trevor_Pott
Gold badge

It doesn't matter if they "display a warning" or not. Your claim was that they didn't enable it by default. They do, and you're full of shit.

As for your "disable in two places" tripe, it's funny how even if you disable that stuff - when the OS lets you disable it, that is - the damned thing still calls home. There are more knobs than just those, because Microsoft reports more than just your searches. (Not that disabling those seems to stop it from communicating when you search, but I digress.)

No tinfoil hat is required. Microsoft flat out doesn't give a rat's ass about privacy. And they won't, either, unless we make them.

19
9
Trevor_Pott
Gold badge

Re: @Trevor

@SolidSquid it's odd. Because it's like half the controls are missing from PC Settings that I'd expect to be there, and those that are there are greyed out. Sort of what I'd expect if some sort of group policy were applied, but I can't find anything in the registry that would administratively disable it.

What's more, there seems to an awful lot of traffic going to MS. Enough that if I was on 4G I'd be actually angry. And there doesn't seem to be a control at all do disable unified search. Hit search in the start menu and it takes you to bing, despite my explicitly disabling that during install.

Bugs I'll accept...but these aren't new features. Windows 10 isn't a new operating system. There's nothing here but a cosmetic layer over 8.1, and a mostly unfinished one at that. There's no reason for this stuff to be broken if it was present and working in 8.1. It's not like those areas of the UI were reworked. It's all the same stuff there.

It's just bizarre.

15
5
Trevor_Pott
Gold badge

Re: @Trevor

@Kristian Walsh: part of testing the software is seeing what data it's collecting on you, how you have the ability to turn that off and how much of what gets turned on when you tweak the various knobs.

I have absolutely no problem with Microsoft collecting info on my beta copy. I signed up, I know how that works. I even logged in with my Microsoft account in order to leave feedback.

But when I go explicitly hunting to turn it all off in a separate, created for the purpose of testing that functionality, VM I should be able to do it. Ensuring privacy controls work is a critical part of ensuring that the operating system is ready for prime time. And, to me, it's far more important than making sure the graphics subsystem works, or that the Start Menu doesn't irritate me too much.

I'm beta testing the product and there are notable bugs in how it handles privacy. I'm willing to bet Microsoft won't address them unless lawsuits are involved. Quite simply because that's what it always seems to take with them to get privacy taken seriously.

So you'll have to excuse me if I make my fuss now, in beta, before the product goes out. That way at least there's a paper trail that says "no, actually, this was raised with you repeatedly."

All part of the process of holding their feet to the fire. (Well, bitching on El Reg's forums is an irrelevant part of that compared to sending formal feedback through the various other channels available, but damn it, it makes me feel better.)

27
5
Trevor_Pott
Gold badge

"Microsoft never enable stuff like this by default in final release software "

Bullshit. Install Windows 8 and just skip the customization at install. It's all on and streaming your life to them, 24/7. Despite your love of that company, they are emphatically not honourable. They just put hundreds of millions of dollars into deflecting the discussion about privacy - and the selfsame data collection techniques and tactics used by Microsoft - onto their competition.

“Mind Control: To control mental output you have to control mental input. Take control of the channels by which developers receive information, then they can only think about the things you tell them. Thus, you control mindshare!” From one of Microsoft's own documents: http://techrights.org/wp-content/uploads/2008/08/comes-3096.pdf

Sorry, but I believe what my packet sniffer says, not marketing. And I'm seeing rather more traffic out of my 8.1 VM than I authorized too. And I just did a default install. Hmm. Even after defanging the thing as extensively as I know how, I've obviously missed something, because it's calling the mothership from time to time.

But it's all good, hmm? Because it's Microsoft?

Sorry, but no beans. On the whole, I mostly like Windows 10. (Despite the now 48 feedback items I've logged about various bugs and nit picks about the UI.) Or, at least, I only hate it about as much as I hate Windows 7, once all the customization is done.

But the privacy thing...that's a no go. There's a lot more going on here than in Windows 7, and there are no obvious ways to kill it.

Google, for all their sins, give you one single location to see everything they collect on you and to delete it, opt out or quit the service. It's time Microsoft did this. And at the end of the day, I don't care whether or not you agree. My privacy isn't for sale, and it certainly won't be a coin paid in the name of your brand tribalism.

48
9
Trevor_Pott
Gold badge

I am using Windows 10 right now. And despite there being an option to disable this stuff during setup, it is both re-enabled and greyed out in windows proper. Half the privacy controls are missing and I am seeing quite a lot of traffic streaming to Microsoft-held servers that I explicitly didn't authorize.

So fuck your simplistic world view, fanboy. I'll stop complaining when they act with honour.

44
18
Trevor_Pott
Gold badge

Also, my desktop is my fortress. I don't want to be giving my account information, search results, backup of my profile and $deity knows what else to a bunch of Americans. I want my privacy, damn it. The desktop does not need to be "cloud enabled".

50
9

Apple, Google mobe encryption good news... for TERRORISTS – EU top cop

Trevor_Pott
Gold badge

Re: The lady doth protest too much methinks.

Sure, because all I need to find you is this:

1) Logs of signal strengths of various wifi nodes in the region which can be crunched to give me an approximate location for you.

2) You to slip you and get your face on video

Combine with things like "paying by debit car/visa/using bonk-to-pay transit" or other things and I can narrow down "who you are" pretty easily, if I've a mind to.

If I have the cooperation of other international policing agencies to allow me to gather metadata enough to even narrow your initial access point then I, personally, can pwn you with just the resources of my local police force. And I'm not a cyber security expert.

Do not fool yourself: being fully anonymous on the internet is a damn difficult - and increasingly expensive - job. It involves laundering money, using mules to buy burners and disposable credit cards and various other things to accomplish. The last time I ran the numbers, a single session of true internet anonymity would cost you 4 days or prep time, two mules and $7500.

0
0

Xen sticks pin in bug behind Rackspace GLOBAL CLOUD REBOOT

Trevor_Pott
Gold badge

Holy shit. That's one hell of a flaw.

0
0

Apple is GOLDBRICKING IT: BEHOLD the iPad Glister-Slab

Trevor_Pott
Gold badge

@AC based on the description, it doesn't seem to do anything particularly interesting. I can't see any functionality that isn't already part of my Note 2, and I'm not worried about just taking my Note 2 out of my pocket and using it when I need to. I guess it is targeted at a different market than the one I occupy. Oh well, that's okay, there are 7 billion people on the planet. Not everything has to appeal to me.

0
0
Trevor_Pott
Gold badge

A concise and well thought out summary! Many thanks, sir.

6
2
Trevor_Pott
Gold badge

Since this thread will soon be colonized by raging JH hating Apple fanboys, can I please divert the attention away from ad homenims for a few comments? I have a legitimate question for the faithful that I just don't really have time to research at the moment:

...what does the iWatch actually do? I have to confess to not having actually looked into the new generation of smartwatches, and I'm wondering what we're supposed to do with one. Also: how is it different from, for example, a Galaxy Gear or a Pebble?

What's cool about it? Why should I consider getting one? If anyone knows the answers, please let me know! Thanks in advance...

9
6

Huawei promises €1.5 BILLION French investment

Trevor_Pott
Gold badge

Good on 'em. Huawei make some quality stuff. And since both the options on the market are companies from governments that want an abrupt end to world privacy, I'm far more happy to buy my gear from the company working under the government that has the least likelihood to do me harm.

I don't have to ever have anything to do with China other than buying their stuff. But the US I have to deal with all the time, both as a journalist and because some of my competitors are located there. Best then not to use equipment into which they have back doors.

Bring on the cheap Huawei gear, let's see the backside of this proprietary crap and actually get moving with the software defined networking revolution. More bang for the same buck, and less direct effect if they spy on me. Win/win!

2
2

US Attorney Gen latest to roast Apple, Google mobe encryption

Trevor_Pott
Gold badge

Eric Holder does not get a vote.

0
0

Inateck BP2001 Bluetooth speaker: The metalhead sysadmin's choice? Not exactly

Trevor_Pott
Gold badge

Re: Symphony of complexity

"blah blah blah, I listen to the output of the radio telescopes overlaid with downshifted BDSM sessions"

:P

Now, the Boston Pops Orchestra, there's music. (https://www.youtube.com/watch?v=6b7bnWEP1vw as an example.)

0
0

Microsoft WINDOWS 10: Seven ATE Nine. Or Eight did really

Trevor_Pott
Gold badge

Re: tiles on the start menu?

The tiles take all of 5 seconds to remove from the start menu.

2
0
Trevor_Pott
Gold badge

Re: Seven ate nine

FINALLY! Someone gets it! Jesus fuck, I've been waiting all day for that. (I was sad when the subed didn't get, nor did ALL OF TWITTER.)

THANK YOU.

My faith in humanity is restored.

0
2
Trevor_Pott
Gold badge

Re: Should have called it Windows 15

Actually, I buy that, from a marketing standpoint.

2
0

Lenovo to finish $2.1bn IBM x86 server gobble in October

Trevor_Pott
Gold badge

You get to provide business to American corporations.

All the more incentive to buy Chinese.

0
1

Balls of destruction CRUSH your fancy new storage systems ... better get used to it

Trevor_Pott
Gold badge

The public cloud doesn't eliminate disruption. It only eliminates your ability to deal with it in a safe, reliable and cost-effective manner. I stead you get "hope and prayer".

3
0

Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9

Trevor_Pott
Gold badge

Re: Limited audience

I've no truck with the "army of yes men" comment. Just the idea that all press become "yes men" when exposed to junkets. We do not.

1
2
Trevor_Pott
Gold badge

Re: Time to rethink

@Ecofoco

IBM have over 20,000 OSX machines deployed in active service amongst their workforce. They know OSX management better than anyone excepting Google.

0
0
Trevor_Pott
Gold badge

Re: Time to rethink

so if MS got some smart people to create a tool (or plug-in) that lets you manage OS X machines, and iOS, that would be $$$ in the bank.

Hi, the latest System Center will do this. Cheers.

1
0