* Posts by Joe Montana

583 posts • joined 12 Mar 2007

Page:

Indian Business Machines? One-third of Big Blue staff based there and Bangladesh

Joe Montana

Re: The usual race to the bottom

Yes long term the entire system will collapse for the reasons you've cited, but short term if you're the only company that doesn't outsource to cheaper locations then yours will be the first to go as competitors have lower operating costs, and very few customers will be willing to pay more to you even if you're offering a superior service.

3
0

Yee-hacked! Fired Texan sysadmin goes rogue, trashes boot business

Joe Montana

AD...

If he had AD admin access you'd better lock all accounts, and change the KRBTGT password at least twice. He could easily have dumped the entire user database and have access to every single account.

3
0

I need an ISP that offers IPv6. Virgin Media: Whatevs, nerd

Joe Montana

Re: need? really?

The world gets along with various kludges born of necessity...

Not many things are peer to peer, most services are centralised these days which is very bad for privacy.

Back in the days if you wanted to transfer a file to one of your IM contacts the file transfer would be sent directly to them (the im server would only handle text messages and directory services to keep bandwidth usage down), but now transfers are sent via the central service and get mangled (eg image quality is reduced, only limited filetypes are supported etc).

Game servers are now generally centralised, in the days of quake anyone could run a local quake server and start playing... Now modern games usually connect to centralised game servers which means you'll have to stop playing multiplayer when the game publisher decides to shut off the servers, theres typically no lan games, and if you happen to be in a country which is far away from where the game servers are hosted then your gameplay will be laggy.

Bittorrent and similar protocols can distribute data very efficiently, but depend on peers being able to connect directly to each other.

The internet was always meant to be end to end addressable, NAT breaks that and adds unnecessary complexity and headaches, ipv6 just restores it to how it was always supposed to work.

6
2

'Windows 10 destroyed our data!' Microsoft hauled into US court

Joe Montana

Re: About time too

Pirate versions are better, always have been...

License enforcement code is *DESIGNED* to cause a denial of service condition, the sole purpose of such code is to act against the interests of the user. Pirate versions have this junk removed and work much better.

It's been the same for years, even back in the Amiga days the pirate versions didn't require you to hunt down the manual and read a tiny code, and let you make backup copies of the disks so you didn't lose them to corruption.

Same thing applies to movies, the pirate versions don't have unskippable warnings or commercials, and don't have arbitrary restrictions on where, when or on what you can play them.

10
0
Joe Montana

New computer?

"Ended up having to purchase a new computer" ?

And i'm sure that new computer came with windows 10 preinstalled, so microsoft got exactly what they wanted - a new sale.

If a company screws you like that, you should vote with your feet and not give them any further business, but microsoft are so entrenched they know they can get away with screwing their customers like this.

So what incentive do they have to improve anything? Absolutely none.

Welcome to capitalism, the only thing stopping most companies from totally screwing their customers in the name of profit is the fear of losing those customers. MS have very little risk of losing customers because the customers are hopelessly locked in.

5
1

Plans to force ISPs to filter content branded 'disproportionate'

Joe Montana

Restrict how kids learn

All of these technologies for restricting what kids can do have flaws, and kids should be naturally curious anyway...

If something is forbidden, they will seek out ways to get it anyway.. If you're relying on technology to prevent kids from seeing porn then sooner or later they will see porn anyway. But because you've forbidden it, they will be more likely to seek it out and less aware of what it is.

Instead you should educate kids, explain to them what is out there, teach them to behave safely online (ie not giving away personal information or executing random binaries etc). Young kids won't even be interested in porn once they know what it is, but they will be interested in something unknown just because they aren't allowed to have it.

Another good example is alcohol.. Most alcoholic drinks taste quite disgusting to a child, but alcohol being forbidden makes it desirable. When i was a kid and saw my parents drinking alcohol, they let me try some... I invariably disliked the taste and subsequently had no interest in acquiring more alcohol.

Other people i went to school with were always forbidden from drinking alcohol, so they would actively seek to obtain alcohol illicitly (through theft, finding someone willing to sell it to them or buy it on their behalf etc) and consume it. I had no interest in doing this because i knew i could easily obtain alcohol from my parents simply by asking for it, and didn't like the taste of it anyway.

2
0

WWE star's swiped sex snaps survey spam snares selfie sickos

Joe Montana

Re: Is that her

Did someone punch her in the face? She's a wrestler, so she pretends to get punched in the face on a daily basis...

8
0

Linux, not Microsoft, the real winner of Windows Server on ARM

Joe Montana

Re: "Web native" developer?

Nothing is really free... While you need competent staff to manage open source, you also need competent staff to manage purchased software.

If you're trying to run any kind of software without having someone sufficiently competent managing it you're going to have problems. This notion that you can buy off the shelf software and not hire appropriate people to configure and manage it is part of the reason there are so many stability and security problems these days.

0
0

Biggest Kodi sweep: Brit cops nab five, bag some dodgy sticks

Joe Montana

Re: This concerns me....

Well it like many things in the law comes down to "intent"...

If you sell a device for the purpose of doing something illegal then selling the device becomes illegal too. If you sell a device which is intended for a legal purpose and the buyer chooses to use it for an illegal purpose then that's on them and not the seller.

Take for example kitchen knives, sold for the purpose of preparing food, but perfectly capable of killing someone if used for that purpose.

6
0
Joe Montana

Re: Sky-high prices?

""I personally think that only Sky etc dropping their prices down to around 10% of what they are now will do that.

That would mean they'd have to stop paying silly money for sports rights etc. Won't someone think of the starving Premier League footballers children?"

Why would it? If they reduced their prices to 10% of what they are now, they are likely to see a significant uptake in customers followed by an increase in advertising revenue due to the extra eyeballs.

I also dislike being forced to use the hardware they supply, with non subscription tv i can choose from thousands of different tv sets or set top boxes... The sky ones are large, ugly and lacking various features i find useful.

2
1

Bank robber reveals identity – by using his debit card during crime

Joe Montana

Re: Curious

A registered sex offender, or offender of any kind is less likely to have a job and therefore more likely to turn to crime in order to survive.

1
0

Russia shoves antitrust probe into Microsoft after Kaspersky gripes about Windows 10

Joe Montana

Bite the hand that feeds you

As much as these vendors don't like what MS is doing, their entire business model is also 100% dependent on MS and would not exist without them.

3
0

Command line coffee machine: Hacker shuns app so he can stay at the keyboard for longer

Joe Montana

Security bug?

"His hacking did not uncover serious security bugs but it would let fellow hackers on the same network as the coffee machine to mess with its firmware without requiring authentication"

Personally i'd consider the ability to push new firmware to a device without authentication to be an extremely serious security bug... Your new firmware could do *anything(

9
0

Cisco exec: Is our networking gear exciting? Yeah, like 'sewage'

Joe Montana

Cisco and Apple?

We'll just end up with ios...

0
0

It's time for Microsoft to revisit dated defaults

Joe Montana

Monolithic design

Part of the problem is that of having a single monolithic system doing many different tasks... Some it does well, some it does very badly, so you end up doing all of them in one place out of convenience.

A more modular system would work better, where you choose the individual components that suit your own individual requirements

2
0

Exchange down for Android and iOS users

Joe Montana

Open protocols?

The activesync protocol was created by microsoft and its they that demand a license fee for its use, if they were truly concerned about open access they could open up their existing protocol.

Similarly they could support existing open protocols for the various types of data (caldav, carddav, imap etc) instead of creating their own new protocols that do the same thing. By doing the latter they can create an impression of openness, while actually ensuring that competing clients will take time to catch up.

2
0

Watch out, Openreach: CityFibre swallows Redcentric's network for £5m

Joe Montana

Fighting over cities

As more companies fight over profitable cities, the amount of money being put towards decent internet access in smaller towns and villages will decrease...

5
1

IPv4 apocalypse means we just can't measure the internet any more

Joe Montana

Re: @Novex

Chances are your ISP allocates a WAN address (/128) for the router itself, and should delegate a prefix (typically /64 but might be bigger) for your own use... If your router doesn't support prefix delegation properly then you might have to configure it manually.

0
1
Joe Montana

Re: And who told you I want to be measured?

That's precisely how pretty much every ISP that has implemented v6 has done it:

1, although every device behind has a routable address, inbound connections are blocked by default, you can enable them if you want.

2, no isp is v6 only, they are all dual stack for now, if your client devices support v6 they will use it by default otherwise they will fall back to v4, it will usually be transparent and sites that use v6 will be accessed in that way without you even realising.

3, in some cases your v4 is natted by the isp and not just by your own router, so you cant control port forwards etc... the only way to allow any inbound connectivity is via v6, which you control.

4, most systems support ipv6 privacy addressing whereby the clients will generate random addresses within your own local (/64 huge) range for making outbound connections, as far as the remote end is concerned a /64 is equivalent to a single ipv4 address - one network that might contain any number of devices, and advertisers etc will use other means (cookies, browser fingerprinting etc) to try and identify unique users or devices just like they do now.

with v6 you're no worse off, you're better off

0
1
Joe Montana

Re: And who told you I want to be measured?

Nothing about v6 prevents you from retaining control of your own gateway, it just gives you extra options if you choose to use them, makes certain things easier if you choose to do them and makes certain undesirable things (like people scanning your range) more difficult.

There is no downside to v6, and plenty of upsides. Just because you choose to ignore the benefits of v6, doesn't mean you should hold other people back out of spite.

0
2
Joe Montana

Re: The title is no longer required

NAT was in use at endpoints, but not really at ISPs... One IP usually correlated to one customer.

Now widespread NAT at ISPs, as well as dynamic addressing makes it much harder to block abusive users by IP... Spammers know this too, and will release/renew or redial a ppp connection to get a fresh IP.

0
1

Plusnet broadband outage: Customers fume as TITSUP* continues

Joe Montana

Re: Just Jumped ship

Most mass market ISPs try to bullshit their customers about outages, often they will make customers believe the problem is their equipment and have them reboot endlessly until the problem is resolved.

Personally i'd rather just be told theres an outage and how long they expect it to take to fix, but ISPs think that will make them look bad.

1
0

L0phtCrack's back! Crack hack app whacks Windows 10 trash hashes

Joe Montana

Linux doesn't use SHA512 directly, it uses a salted hashing algorithm which is based on SHA512...

http://man7.org/linux/man-pages/man3/crypt.3.html

See under "glibc notes"

1
0
Joe Montana

Re: Did anyone else read "NSA recommended"...

NTLMv1 is no longer used as a network authentication scheme, but the underlying passwords are still stored using the NTLM hashing scheme.

Two different (although related) things.

The reason microsoft can't change the hashing scheme as easily as Linux can is because the network authentication protocols are tied to the hashing method, so you would need to update all the clients too.

2
0

Microsoft: Why we had to tie Azure Stack to boxen we picked for you

Joe Montana

Re: The other Microsoft

Microsoft existed because the hardware accounted for the vast majority of the cost, and the hardware it ran on was open and flexible. The software being closed and single-source was of little consequence because it was only a tiny fraction of the overall cost (and could always be obtained for free via piracy).

Contrast that with acorn, commodore, apple and the various risc vendors who provided superior hardware and superior software often even at lower cost, but tied you into their whole platform with a single supplier and much smaller range of models and price points.

0
0

'NSA' hack okshun woz writ by Inglish speeker trieing to hyde

Joe Montana

Re: The 'insider' theory

Depends how hard it is to acquire admin privileges...

On most windows based networks, simply being on the LAN is enough to very quickly get admin credentials with a moderate level of skill and publicly available tools.

0
0

WikiLeaks uploads 300+ pieces of malware among email dumps

Joe Montana

Re: Anybody who opens a DOCX file from the Internet is a fool

It's not the file thats the problem so much as the fact that 99% of users can be expected to use the same software to open the file, ie a monoculture... If you have an exploit for a vulnerability in that software you have a very high chance of success.

That's why monoculture software is almost always the primary target of malware... Think of all the browser exploits which targeted IE when it had over 90% of market share, and how most of these attacks moved to Flash, Java, Acrobat etc once the browser market became more diverse.

7
0
Joe Montana

Email dumps

If they're dumping email boxes, and those email boxes contain spam and malware then in the interest of full disclosure they have to post it all... If they started removing malware then they've modified the content, what's to stop them making other modifications?

6
2

You can be my wingman any time! RaspBerry Pi AI waxes Air Force top gun's tail in dogfights

Joe Montana

Re: Hopefully?

<quote>

You cannot solve problems by killing people on mass. Making war even cheaper will certainly not help.

</quote>

Oh but you can, you just need to do it thoroughly and brutally, ie the way things were done historically.

There would be no refugees fleeing if there were no refugees left.

No refugees would flee a warzone where they risk death to enter an enemy territory where they faced almost certain death at the hands of an organised military force.

Insurgents could not hide amongst civilian populations if the rulers were willing to systematically wipe out civilians until the insurgency stopped.

A lack of morals and a willingness to do whatever necessary is a significant advantage in any war.

5
0

Deploying software every day is... actually... OK – what devs tell their real-life friends

Joe Montana

Re: Redefining failures as success

And 20 opportunties to make sure that a fix for 1 bug doesn't introduce any new ones...

1
0
Joe Montana

Re: Practive What You Preach?

Because puppet "enterprise", the version catering to users who don't want frequent updates.

You have the option of tracking the puppet github:

https://github.com/puppetlabs

which seems to be updated very frequently

0
0
Joe Montana

Bugs..

When you're doing frequent deployments, each change is relatively small and easy to test... Not only that, but no matter how much internal testing you do there's no substitute for actual user testing - bugs will always be found once the users get their hands on.

But if you're doing small changes and regular deployments, those users will find the bugs while the developers are still very familiar with the recent changes which makes fixing things much easier.

If you infrequently deploy massive changes, then each change will quickly result in a large number of bugs, the developers may not have touched the affected areas for a long time, are likely to get overwhelmed by a sudden flood of bug reports and if the fixes take a long time to be pushed down users might get used to working around bugs instead of reporting them and having them fixed.

0
1

Stop resetting your passwords, says UK govt's spy network

Joe Montana

Poor passwords

The poor passwords people use on systems are partly down to the regular change requirement... People simply won't remember a new random password every month, they will pick something that is easily remembered and/or write it down.

If you don't force them to constantly change their password, they only have one to remember and it becomes much easier to remember a single strong password than a new one every month.

The problem is that people are too unwilling to challenge what they've been told for years

0
0

Microsoft lures top Linux exec from Oracle to Redmond

Joe Montana

Still running

Existing installs would continue running, but new installs could not be activated, security updates could not be installed, some existing installs would declare themselves as pirated and stop working, it would still be a big mess.

1
0
Joe Montana

Familiar...

Not only that, but successive versions of windows and msoffice are significantly different to previous ones that users have to get used to the differences anyway, and most such users will find it no more difficult to switch to mac or a modern linux.

6
1

Apple's fruitless rootless security broken by code that fits in a tweet

Joe Montana

Re: No magic bullet

Having a permission system that tries to prevent the admin from accessing certain files is asinine, and only serves to create a false sense of security. If you can administer the system then you can access anything, if you restrict your level of access then you can't perform your task as admin and you're just a normal user with a limited ability to change specific settings.

Consider that the administrator needs to configure backups, how can the system be backed up if some files can't be read? And even if the running kernel won't let you read them, you can always read them from the backup storage.

Instead of adding extra pointless cruft, just accept that the system administrator has full access to the system, and behave accordingly. If you want data to be private from someone, then ensure it never exists in an unencrypted form on a machine accessible to anyone you don't trust.

0
1

Dodgy software will bork America's F-35 fighters until at least 2019

Joe Montana

Re: What's the problem?

Sell them to the enemy, you get to kill their pilots *and* drain their cash reserves!

12
0

Clear April 12: Windows, Samba to splat curious 'crucial' Badlock bug

Joe Montana

Home Users

Current versions of Windows, even the workstation versions have SMB enabled by default and make it far too difficult to turn it off, so yes home users could well be affected to as they're running an SMB service even if they don't realise it.

3
0

Millions menaced as ransomware-smuggling ads pollute top websites

Joe Montana

Adblockers

You missed installing an ad blocker in the list of ways to prevent such attacks...

The ad networks used by major sites push malware, and yet they still wonder why people run adblockers?

6
0

Oops! Microsoft says its 'Bitcoin ban' was a bug, not a feature

Joe Montana

Not the point

The fact that very few people are buying windows store apps isnt the point, the mere fact that a high profile supplier like microsoft accepts bitcoin at all adds a lot of credibility to bitcoin and encourages others to use it.

2
0

Behold, Microsoft SQL Server on Linux – and a firm screw-you to Oracle

Joe Montana

Re: Too louses

A car can't carry as much load as a 40 ton truck, but for most people's journeys a car with its inferior load carrying capacity is both cheaper and more convenient.

It all depends on what your needs are.

11
0

Poor recruitment processes are causing the great security talent drought

Joe Montana

Re: I'll never get a job in IT

And in what way are your friends and family qualified to judge your ability? People who know nothing about a subject will be impressed by someone who knows only a little more about it than they do.

Your skills sound like you could do low level desktop support, which wouldn't pay very well...

0
0

Intel shows budget Android phone powering big-screen Linux

Joe Montana

Re: "Low-end == 2 Gb"

That largely happened on the Amiga after Commodore went bust, and thus no faster models were coming out...

It also happened because the hardware as fixed, so you could program it directly instead of having to go through multiple performance sapping abstraction layers.

0
0

Alibaba security fail: Brute-force bonanza yields 21m logins

Joe Montana

Re: We need more info as...

Chances are they, like most places, implemented lockouts on an individual account basis. So because the attackers only ever tried one password per username, nothing was ever detected.

5
0

Juniper turns around in 2015, worried about 2016

Joe Montana

Backdoors

Perhaps the recently discovered backdoors will dent their sales going forward... I would certainly think twice about buying anything from them.

0
0

BT dismisses MPs' calls to snap off Openreach as 'wrong-headed'

Joe Montana

Re: New Zealand has done it.

99% of the homes Virgin serve are also served by BT, the problem is for people in areas where there is neither option available.

4
0

Continuum gets some Qualcomm mid-range support

Joe Montana

Linux

Android phones can all do this in theory, it just isn't marketed or packaged in a way users can use it easily.

There's nothing to stop you running a full linux desktop on any android phone, indeed you can install debian inside a chroot with 99% of the same desktop apps you'd have on an x86 system, including X11, VNC and RDP so you could access other systems remotely for any apps which didn't run (or ran too slowly) on the handset itself.

1
1

No, that Linux Keyrings bug isn't in '66 per cent of Android devices'

Joe Montana

Kernel config

Looking at the kernel config, it seems CONFIG_KEYS is turned on automatically by a bunch of other kernel options...

5
0

Juniper nets US Air Force network upgrade

Joe Montana

Backdoors

And how much of their kit will come preinstalled with backdoors?

1
0

El Reg mulls entering Robot Wars arena

Joe Montana

Re: Well what worked best before?

I always found flipping robots to be boring, and once robots gained the ability to turn back over or run upside down a flipper becomes somewhat useless.

I preferred the robots which did serious damage, hypnodisc being probably the best example. Makes for great tv, but obviously becomes expensive for competitors if their robots get completely destroyed.

3
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017