Feeds

* Posts by MissingSecurity

179 posts • joined 10 Feb 2012

Page:

A Norsified Linux for Windows and OS X wobblers

MissingSecurity

Re: Bottom Dock/Panel

"I think user interface designers collectively went insane about 5 years ago and it's just getting worse."

I think its because at some point a bunch of managers thought the Graphics Designer and the GUI designer should be the same person, and what we get is hit or miss.

1
0

Occupy Google: Protesters attack ad giant as I/O gets underway

MissingSecurity

Re: Give me a break

Yes, marketing has a nice catch phrase, but from a general corporate standpoint (for how much power Google really does have) Google's not doing too bad. They have there hand in everything and it's easy to point problems and say "That thing I don't like invalidates everything you try to do." I don't see companies like Apple and Microsoft challenging the status quo of things (back to cars, fiber, etc) they are focused on what they've done in the past. I don't doubt we will see some good tech in the future from MS or Apple, but I doubt I'll see Apple or MS trying to challenge ISP's even if its just to sell me more ads.

0
0

PICS ON GROUND: Cabbies PARALYZE London in Uber rebellion

MissingSecurity

Just a note from the states

I felt Uber was a good benefit to MN. My friends and I started using them (even though they had cost more), because of the cleaner / safer driving. We're likely to get a cab to our favorite pub and than get one back. It didn't take long for the other companies to clean up there act. I'd say with the shift more and more of us look around for best fair/ times since word spreads quickly if a cab company (even if its just a few driver) are shit.

1
0

Look out, FCC: R.E.M., Aerosmith, Jello Biafra, 57 others join net neutrality crusade

MissingSecurity

Re: Normally....

It would be naive to if it weren't for those middlemen...If we had different middlemen we may have had a better, more sane content delivery system all those years. There angry now because they built a closed system based on brick and mortar and physical content and hate losing that control.

1
0

It's 2014 and Microsoft Windows PCs can still be owned by a JPEG

MissingSecurity
Linux

Re: Fir for IE6??

Remember Windows doesn't like to give users any control so make sure its done properly:

#> rm -f Windows.exe

1
0

UK's CASH POINTS to MISS Windows XP withdrawal date

MissingSecurity

Re: Ummm

Be careful on this. MS likes to fuck with you.

https://www.microsoft.com/windowsembedded/en-us/product-lifecycles.aspx

XP Pro for Embedded System (Which is what these devices are using, we have to deal with this also) is only supported through April 8 2014, with its distribution being longer. Windows Embedded Toolkits and Runtimes are all supported through 2016.

1
0
MissingSecurity

Re: Applying business logic

The ironic thing about this is that PCI has all over thier web abuot XP ending, but in none of the docs do the say you lose compliance.

1
0

How to shop wisely for the IT department of the future

MissingSecurity

Thoughts...

I would also suggest that companies rely to heavily on the consultant and demand less knowlege from thier IT staff regarding the ability to analyize and spec servers/equipment. (This is more from a SME standpoint where I see this a lot). Many IT admin are constanly updating, maintaining, or drowning fires.

Besides all the wants / needs of a project, I still run into many issues (mostly due to lack of time allowed) to properly specify server specs, and I often work with consultants or third parties to do this work and recommend specs. I've had issues with this other than I probably could have shaved a good chunck of costs by diggin deeper into stats. I don't disparage consultants, on the contrary, (Unless I hire for soultions and all you want to sell is product A), but I know personally, if I had time on my side, I could save time and money doing that work.

I've not met a PM for a network project that actually can really talk to the wants and needs without deffering to the opinions of there more technical teammates and I tend to be anal when it comes to IT details.

3
0

Dammit internet... you promised naked videos of my Facebook friends

MissingSecurity
Devil

Muhaha,,,

I now have blackmail for any need of my unpaid IT services for friends...

"Oh, you have malware...I know what you were thinking but no I don't have naked videos of myself. "

2
0

Thanks a lot, Facebook: Microsoft turns Office 365 into social network

MissingSecurity

Re: Perplexing

Quite a few of us, and your right to point, its not going to replace FB and twitter, but I've never met a marketing team that doesn't want "social" interaction at work. I think this is to justify calling it collboration, instead of pointless.

It's not really colboration, its part of the new office change where everyone is everyone's best friend, and makes for excellent smoke screen about workplace happiness. After all, if it "feels" like a social network we must all collborate.

It really isn't productivity at all. Company chat, Email, Calanarding, filesharing, etc are collaboration, but really if it intended use was to keep people abreast of anything, you could just add an RSS feed.

Personally, I think its just a data mining thing for Office 365. I just wonder how long before MS starts selling your corporate data to the highest bidder, or when the TOS change to include Ad's based on your socal history in Office 365.

3
0

BOFH: He... made... you... HE made YOU a DOMAIN ADMIN?

MissingSecurity

Re: That's a capital sin in our office...

@bpfh I thought this was universal sysadmin behavior? At first its a test, than its just considered on-going training.

0
0

French youth faces court for illegal drone flight

MissingSecurity
Terminator

Re: Drone?

Yes...Skynet...er....MS One.

0
0

SkyDrive is dead! All hail Microsoft OneDrive! Happy now, Uncle Rupe?

MissingSecurity
Trollface

Is this where

I should proclaim that MS doesn't even have a cloud datacenter and its just a direct sharred storage plattform for the NSA?

Its like Skynet decided to emphanmize its exsitance by changing its name to ONE.

2
1

Mac Pro fanbois can rack 'em and stack 'em like real sysadmins

MissingSecurity

Why does it feel...

...like some Apple engingeers thought:

E1: "Hey, you know what would really clean up my space? If I could somehow clear my desk of this Mac Pro."

E2: "Why not just put it in the IT room?"

E1: "Yeah, its like a server right? "

E2: "Yeah, but you should make functional for the IT team."

E1: "Right! Almost wasn't thinking! I should put it on a shelf!"

0
0

Retiring greybeards force firms to retrain Java, .NET bods as mainframe sysadmins

MissingSecurity
Trollface

re: hot shot gui programmers

Arn't they the people who couldn't make it as Graphic Designers, and didn't want to take a job as a barista?

7
0

Survey: Just 1 in 3 Euro biz slackers meets card security standards

MissingSecurity

Re: Cost?

Except there tends to be a large cost assocaiated with it, unless your dealing P2P Encryption devices which are completely devoid of your network infrastrucutre. For instance:

Take a new merchant installing software for the first time, lets say its a SME with 300-700 people.

There is a good chance that:

1) The have no one trained on security nor staffed by security.

2) Don't have the network configured properly for PCI.

3) Are about to scream at the software vender when they need to improve the network.

So lets start by the first most obvious and basic requirement. A firewall. Now, most companies have one at the edge but not all have two or three doing DMZ work. If the only have one you have really three choices.:

1) Segregrate off a port on the current one (If you have the ability too, I'm thnking UTM's) works ok for smaller deployments,

2) Purchase another FW for DMZ (A requirement for PCI, but more than I care to explain)

3) Bring in a separte ISP line and add a firewall.

Were trying to keep it cheap so lets say we have a FW in place and have ports we can use off the FW for DMZ work and segregration requirements. Right now were running on our admin time (a cost I'd assocate with any project). We now must consider our servers.

Physical servers are actually less complex regarding PCI IMO, but even smaller SME are virtualized so this tends to be either an additional cost in hardware, or we need to go through the process of configuring our Virtual Environment, which with virtual you run into the problem of PCI servers and non pci servers on the same hardware. (Larger facilities can afford to have dedicated VM hosts for PCI VM's, SME don't really.)

I could keep going on this, I see it every day. We havn't even got into the cost of having a QSA come in, or the added requriements for remote access (most SME's I come accross don't use two-factor) and being SME's with no security professional or trained staff they don't have:

1) An Information Security Charter

2) Don't perform risk assessment, vulnerablity assesments, or gap analysis

3) Have no method for Incident Response

4) Have piss poor physical access

5) Have no documentation on log analysis, network maps, etc

So,cost tends to be a big point.

0
0

'No, I CAN'T write code myself,' admits woman in charge of teaching our kids to code

MissingSecurity

We should probably...

...start with problem solving and logic as it relates to computers but that would be useful information.

1
0

Friends don't do tech support for friends running Windows XP

MissingSecurity
Linux

Its funny...

When asked about getting a new PC, I give them four options (I know, I'm quite generous for a BOFH):

- Buy a iPad or Andriod tablet

- Buy a Chromebook

- Buy a Mac

- Install a Linux distro

If the user does one of these, my life continues as is with minimal impact, if however, they did not listen to me, the have likely bought into Windows 8 in which I reply:

- Downgrade to Windows 7

You see, I can find my way around Win8 to solve problems (its fucked up mostly, but dicking around poor development decisions seems to be part of my gig). I don't really have to bitch about windows 8 at all, the entire time I'm fixing thier problem, the user will happliy tell me how much they hate the product, upon which the time comes where I feel the need to iterate over the former options again.

2
0

Microsoft's new CEO: The technology isn't his problem

MissingSecurity

Re: Simple advice for Nadella

What the need is to make it just work for the customer, while making it feel cool.

Than the need the tools behind it to make sysadmins lives easier to manage it, making us more willing to adopt it into out networks.

Right now, the don't do either, and try to tac on cloud as a solution to shitty development.

0
0

Satya Nadella is 'a sheep, a follower' says ex-Microsoft exec

MissingSecurity

I guess I don't really care...

Microsoft is never going to be the company I want it to be (and I would guess most of are hoping for). Quite frankly, we are only getting more diverse in our technology and these technologies are largely being focues on open source platforms with target of interoperability.

I don't need companies that take standards and fuck them up adding propritary BS and claim its the norm, nor do I want this. I want companies to make my life easier by allowing any technology I use to intergrate with the other tech I use. (Not saying FOSS is perfect, but still its the better option)

My last real bitch. Licensing. Fuck you MS and your damn licensing. (I feel better). I hate feeling like I am getting screwed and so I'll push stong open source alternates. I'd much rather MS created epic cross platform tools that are easy to use, but hey the FOSS community struggles with that too

4
0

Windows 8.1 becomes world's fourth-most-popular desktop OS

MissingSecurity

Re: There's a damn good reason XP is still in such wide use.

I still trying to figure out why the IT world still thinks standalone desktops are going to be the norm for the next 10-15 years. It would be more likely that between the push to cloud (or what is essientally the re-invention of mainframe computing) and virtual infrastruction improvments even CADD Junkies, Renders, and source code cowboy's will be hard pressed to argue the power of computering on servers vs local high end systems.

I know right now about about 60% of my office could be on tablets/laptops/etc and have no need for a standalone setup, and if we had the infrastrucutre the other 40% wouldn't need there high systems either.

Hell, I only fire up my fat box when I need to check something in WIndows, but between my Tablet, Laptop, and phone I pretty much have my environment covered.

0
0

Google Glassholes, GET OFF our ROADS, thunder lawmakers in seven US states

MissingSecurity
Trollface

What about ...

Are thier pacemakes going to be banned? It's pretty wearable tech to me.

0
0

Office 365 Microsoft's fastest growing business, ever - Microsoft

MissingSecurity

Re: Fish in barrels @ I ain't Spartacus

My perspecitive from SME's being sold on cloud is: ACCESS ANYTHING ANYWHERE. Which sound really great right? Until we remever that most companies probably had this ability already and thier staff (if they had any) had little knowledge or support on the matter. On top of it, most SME's run into the "Oh, our data is safe in the cloud" syndrome, when looking at any contract's for cloud service backup services, regional seperation, and archiving are additional costs.

Granted SME's tend to run on a lot of risk that largely they are unaware of, and the big things that work effectively as cloud services (Email, Calandaring, Chat) are a lot less mission critical for SME's since uptime is less of a factor.

I don't know why you where downvoted, but from my perspective (and since we have quite the number BOFH's here) for what most SME's are getting from there cloud solution it's usually missing a shit ton from what BOFH understand should be there.

1
1

LogMeIn: We're stopping our free offering from, errrm, NOW

MissingSecurity

I don't think the rage is really cost...

It's timeframe. For indivdals, I think its fairly easy to switch to teamviewer, for a business well, that where this hurts. I'm glad a moved away from LMI, I VPN into the network, and than use TightVNC / SSH to connect to remote servers.

2
0

Trio allege in court: You sold our ZIP codes, Apple, now hand over $5m!

MissingSecurity

Re: US ZIP codes are hardy personally identifiable

Regardless, PII for most legally defined cases include a Mailing Address, because it can be linked to you in some way. It's less about how accurate it is on its own and more to do with the ability to take broad pieces of information and provide an acurate decription of you, your location, or for contact.

The case seems pointless unless the three can prove that Apple:

1) Sold the information

2) If it was collected when not required. I don't know, how one would judge using it for security, even if the CC companies don't require you collect it.

0
0

Coffee a memory enhancing drug, say boffins

MissingSecurity
Thumb Up

They could have told me ...

... coffee reduced memory by 50% and I'd still be here sipping and smiling. (We need a coffee Icon)

1
0

Dropbox outage was caused by 'buggy' upgrade: DDoS us? You hardly know us...

MissingSecurity
Trollface

ARE YOU NOT ENTERTAINED?

Yes .... Yes I was.

1
0

You... (Sigh). You store our financials in a 'Clowds4U' account?

MissingSecurity

Why is it ...

... WFH is a blessing for users, but a curse for IT.

Oh, you're on vacation? .... But you can do that remotely right? EVERY GOD DAMN TIME.

3
0

Microsoft tries to trademark 'Mod' in the US

MissingSecurity
Trollface

Oh, I get it....

They plan on changing it to do something else every release until the system is so fragmented we'll be taking about how MS Mod - eXt3m3 Sweetness was way better than MS Mod- Bunny Foofoo, but how we all can't wait for the last MS Mod - Facepalm.

3
0

Ubuntu desktop is so 2013... All hail 2014 Ubuntu mobile

MissingSecurity

I wonder...

Granted, I completely support a Linux Mobe/ Desktop interface where much of my work runs of servers in my datacenter, but I can load all the lovely tools of nix-ness that I want using a docking station as the thin client. My larger concern is how many Sysadmins will go postal from all the users looking to replace lost phones, etc.

And, I just can't see business wanting to supply smart phones to say thier marketing intern.

1
0

Get lost, fanbois: Nokia pulls HERE Maps from Apple's App Store

MissingSecurity

Re: I am unsubscribing from your mailing list!

It's more likely that ISO 7 is just fucking around with developers and the way they design interfaces.

There is no logic is MS forcing Nokia to pull HERE in sutle ploy to get them to move WP8. First fanbois are not going to up and switch for this. Not only is it web base and easily access, you also have googles maps which will work for much of anyhting needed.

Also while MS wants to grow its moblie devices, it's still a software company, and I don't know why you'd sacrafice software market penetration (IE a popular maps app on IOS devices) be taking the risk of pushing the software into absurcirty.

HERE might be good, but its not the "killer" app MS needs for device switching. Its more of a "you need this app to even conisder looking at the phone." Granted they could have just as easily partnered with google for that <---------- Last line is a snowballs chance in hell..

2
5

Apple's iPhone plant didn't kill UNDERAGE TEEN factory worker

MissingSecurity

Re: "Apple's iPhone Plant"

I read it as Apple had someone on the inside and Apple was just letting us know that thier guy didn't do the killing. I think work is getting to me...

1
0

Fisher-Price in hot seat: iPad bouncy chair lets APPLE BABYSIT tots – parents

MissingSecurity

Re: This is actually a work force training device

I don't know ... compared to the dreadful office staples around here, Fisher Price in the cubical industry might be a good thing. I could really use a bouncy chair with an attachedable arm that holds my tablet.

1
0

Bloke, 27, cuffed, charged over stolen selfie smut site UGotPosted

MissingSecurity

Re: Nasty Blackmail @ rm -rf/ @ Alan Brown

I don't by that BS anymore. Yes the internet is a hostile environment with loads of shit heads and assholes with nothing better to do that degrade their fellow humans. It also has civil and honest people who give a shit. Congrates the internet is a digital society.

These women didn't post on the site. Even if they took the photographs that doesn't give assholes the right to post it on the web and take it a step further by posting the details on top of the backmailL.

You're blaming the victims by even using the internet as an excuse for this. Just don't Privacy is social construct one that can just as easily be applied to the internet. If you have a reasonable expectation of privacy in your home, you should also be allowed to have it for site trying to protect your data. You don't change that fact because the method for peaking on someone is less risky.

3
2

EC trade secrets plans: Infringing kit may be DESTROYED by order

MissingSecurity

My guess...

...is the patent trolls were getting too much on fighting their current stupid endevours so wanted to create a "new market".

1
0

Windows 7 outstrips Windows 8.x with small November growth

MissingSecurity

To me its an obvious flaw...

Lets forget for the moment I rarely boot into windows for work.

1) As a sysadmin, i don't give a shit about its look, it has not tools to incentivies me to switch.

2) As a consumer, I have a tablet for any consumption, and get nothing really "OMG!" from switching my home box (which might go away depending on how steam on linux does).

3) As a upgrade path, I am still getting people off XP on to 7, I don't really need to start the next path to Windows 8 just because Microsoft tripped on their own ignorance and missed the UI craze.

4) As support path, its easier to maintain a single OS version with multiple applications, than multiple OS versions with multiple applications.

5) The features that would have made think about moving for upgrades (IE UNIX support) are locked in shitty licensing models. Honestly, I dispise Windows Licensing (Which is where I direct most of my MS hate), I actually don't mind the OS.

1
0

Microsoft touts SCROOGLE merch: Hopes YOU'LL PAY to dump on rival

MissingSecurity

Re: Google arnt stealing my data...

Don't kid yourself. Google is an ad giant who only creates "free" products to sell you more ad's. These platforms offer you the consumer a means to want to keep using it. There is no other way their business model would work out.

Yes, we feel we're gaining something by having these services, but in reality you're just locking yourself into Google's tech. It certianly is bloody convienent and on top of that they do provide good user expereinces, but on the whole they are in a way becoming worse than Microsoft.

Microsoft's definatly not the good guy here, they just were late to game and are struggling to catch up, but I would be cautious of any unwavering support of any company thats goal is to keep you tied to there services only.

All in all, I don't mind the attempt, certianly it's a pot and kettle situation, but I chuckled at the mug. I think the Scrooggle tag line is horribly stupid and I wouldn't go out of my way to buy any of it, but if it was a gift I wouldn't bastardize it (well unless I can channel my inner BOFH).

0
8

ZOMBIE apocalypse! The 'LIVING DEAD' are HERE – Fox News confirmed it

MissingSecurity
Devil

I guess...

It's good to see that some people behind the scenes at Fox do the same shit in their test environment at least I hope thats the case...

2
0

Windows Azure Compute cloud goes TITSUP PLANET-WIDE

MissingSecurity
Pint

Re: "calling into question how effectively Redmond has partitioned its service"

I guess that may be partially right, but I think most defaults split [/root, /home. and /swap] least I am fairly ceratin RHEL and Fedora do (even if its on the same disk). It's also probably not fair to consider Desktop Envrionments in place of Server Environments anyway.

I suppose many environment use defaults, but it seems many Linux Admins, even fresh ones deal with partitioning of system at some level because of the culture, most fresh Windows Admins tend to click next unless otherwise directed. I guess I tend to be more methodical with my linux systems than I do my Windows boxes, but I don't have many crtical systems running on Windows.

Jokes aside about single partitions, I think we look forward to this being a "Maintenance Update which affect all systems, was improperly corrdinated." or some other BS.

0
0

Ahhh, SATISFACTION: Watch while we set a NAS on FIRE

MissingSecurity
Flame

I thinkwe need...

White phosphous testing...because you never know!

2
0

Migrating from Windows XP: Time to move on

MissingSecurity
Devil

I migrated...

to Fedora for business use. I'm pretty happy (I'd rather use Mint, but Fedora and RHEL have a good synergy reagardless of GNOME big surprise.)

3
0

Want to go to billionaire Sun kingpin's beach? Hope you're a strong swimmer

MissingSecurity
Trollface

I bet ...

...posts on the reg will change his mind about it. SPREAD TO THE WEB MY FELLOW REG READERS. WE WILL RIGHT THE WRONGS OF THOSE WHO LOOK DOWN ON US FROM ISOLATED BEACH FRONT PROPERTY...

(In all serious though... Major dick.)

1
0

So many 'cyberspying hackers' about... and most of you are garbage

MissingSecurity
Meh

Seems like poor security...

I don't quite understand how they can equate using the lest amount of effort for achieveing the same goal as being crap. I don't doubt many tools have made "hacking" less skill based but really I don't know why you'd go through the effort to drop zero days when you can simply type admin:irsmart (yes, taken from expereince) at the login window.

I guess its kind of obvious that with more groups hacking only a select few are going to be real threats to major corporations and governments, but if they are crap hackers by proxy there are a lot of crap security boffins which couldn't "secure" the network against what they are essentially calling script kiddies.

And if they are crap hackers how and the hell do they have zero days? If they are capabile of producing zero days I'd say there is atleast some talent on board. Maybe I'm overthinking this...

4
0

Post-PC era? Post-MAC era! OS X Mavericks 'upgrade' ruins iWorks

MissingSecurity
Trollface

You know...

...thinking back, iphone users were defending the lack of features on its earlier releases. I guess Apple can't win them all, I mean they just tried to give them what they wanted.

5
0

Beyond: Two Souls - the game that thinks it's a Hollywood blockbuster

MissingSecurity

Spot on

I didn't play the game..I did however get caught up in it watching it being palyed on Twitch.tv.

I agree with everything you said.

It definately a game where I enjoy watching as much I would have been playing it, but I even watching I found myself telepathically trying to tell the caster to stop looking for Blue Dots.

Plus I love Ellen Page as an Actress.

4
0

Ubisoft's Watch Dogs muzzled by delays

MissingSecurity

Re: Hmm... a new variation of "won't anyone think of the children", I see.

You can download a demo, and Its for mobile.

0
0

Here comes Windows 8.1! Microsoft grits teeth, pushes upgrade to world

MissingSecurity

I'd be content...

...if they would just migrate enterprise features such as NFS client support to the Pro version (Hell, do away with Enterprise and Ultimate -- they only exist as POS licensing schemes). I don't give a shit about the UI. I can navigate around it plus I don't use Windows unless its application specific but I have a mixed windows and Linux server environment and if MS would simply stop impedeing basic compatiability I'd be more content migrating to Win 8.

1
0

Android security relies on ZOMBIE CRYPTO, argues infosec pundit

MissingSecurity

Re: rc4 vulnerable?

BEAST attacks are targeted at TLS 1.0 and the older SSLversions and back in 2006-ish RC4 was the recommneded method for short term mititgation (though it still has its problems). TLS 1.1 and 1.2 are considered not vulnerabile as they have CBC protections . OpenSSL has settings which could screw you up if you're using it. Most major browsers support TLS 1.1 and 1.2 but moblie browsers don't really yet and most major borwsers don't default to the more secure TLS 1.1/1.2..

I know what you mean about PCI (and its frusturating) you can move on to using TLS 1.1 or if you can 1.2, but most people are still supporting TLS 1.0 for compatiiabilty with borwsers and mobile. I would say you'd enable the better security for clients that will use it, than prioritize mitigating BEAST attacks over RC4 attacks.

0
0

Canadian operator EasyDNS stands firm against London cops

MissingSecurity

What were they thinking?

It's our self appointed job to tell other countries citizens about their "responsibilties" as members of the United States ... err global citizens.

1
0

Ubuntu 13.10: Meet the Linux distro with a bizarre Britney Spears fixation

MissingSecurity

Thoughts...

This persepective is from Fedora and Ubuntu which are the two I am used to. I can see where both these projects are trying to head and to be frank the GUI for either is not really all that terrible. When you conisder the design goals (especially of Ubuntu) these interface might be great at the phone/desktop/tablet union. We just don't know yet, as Ubuntu hasn't really released anything concerete, and I don't think Fedora has really considered it.

I think think the next few itterations of gnome 3 and unity will make interactions with these UIs largerly mute. When I shifted from Fedora 17 to 18 I started actually feeling comfortable about it. As for bling, It seems largely that the biggest quips come from sysadmins, developers, and OSS fanatics. I understand this, since as a sysadmin running RHEL 90% of my servers have no GUI, but if we really want Linux to replace Windows and Apple as a persons choice, they need to have an evnironment in which it looks fuck sweet and you can show off. It's how most people seem to be with tech.

1
0

Page: