* Posts by Paul Crawford

3392 posts • joined 15 Mar 2007

Azure users told they're not WannaCrypt-proof

Paul Crawford
Silver badge

WTF?

If you read the MS advisory you get this statement "Warning: We do not recommend that you disable SMBv2 or SMBv3. Disable SMBv2 or SMBv3 only as a temporary troubleshooting measure. Do not leave SMBv2 or SMBv3 disabled." followed by a list of side-effects of disabling SMB V2 & V3. Including stuff that you wonder just WTF is the deep-set interaction of file serving and other networking or services on Windows boxes? Like large MTUs for 10G Ethernet, symbolic links, etc.

Oh well, I guess its not long until systemd has this for Linux...

5
1

Police anti-ransomware warning is hotlinked to 'ransomware.pdf'

Paul Crawford
Silver badge

Re: We chose not to open the PDF file

Yes...but forgot to put it in the faraday cage.

Oh no, you don't put it in the Faraday cage, that is what your tin-foil hat is for!

You do have one, don't you?

0
0
Paul Crawford
Silver badge

Re: We chose not to open the PDF file

Have you tried booting from a Linux CD and then opening the file?

Is the almost-right answer.

Have you tried booting from a Linux CD, disconnecting the network, and then opening the file?

See, better!

7
0

Yo, patch that because scum still wanna exploit WannaCrypt-linked vuln

Paul Crawford
Silver badge

Re: It's worth following the link in the article

I was more surprised to see 1k machines with W2K on them exposed to t'Internet for all and sundry to have a go. Wonder how many will still be working by next week?

0
0

French fling fun-sized fine at Facebook for freakin' following folk

Paul Crawford
Silver badge

Re: the french??

Same problem as all those sites using Google Analytics, putting the 'anal' back in to web site use without your permission.

10
0

WannaCrypt 'may be the work of North Korea' theory floated

Paul Crawford
Silver badge

Re: Naive Question

Programmers doing "stupid stuff" mostly:

- Not following MS' guide lines (e.g. using undocumented APIs, assuming drive letters & folder locations)

- Using the flavour-of-the month framework (e.g. ActiveX for IE6, recently silverlight...)

- Assuming you are running with admin rights (lots of NT/W2K/XP era stuff)

- Assuming the machine won't have firewalls enabled (bit even MS software with XP SP3)

- If hardware is involved, then MS changes to the HAL layer, etc.

All said, simple win32 program from NT era will generally still work perfectly!

8
0

Do we need Windows patch legislation?

Paul Crawford
Silver badge

Re: Phoenix company solution ...

Create a UK subsidiary

Said company is required to escrow all source code before any more of the mother company's product is allowed to be sold.

1) declare the UK subsidiary which holds the liability for patching bankrupt.

Source code is released under escrow terms for others to fix.

2
0

Uber is a taxi company, not internet, European Court of Justice advised

Paul Crawford
Silver badge

Re: countries with "great" in them?

This provides the answers:

https://www.youtube.com/watch?v=rNu8XDBSn10

1
0

European Patent Office dragged to human rights court – by its own staff

Paul Crawford
Silver badge

Re: They're doing it al wrong!

Ah, you mean a visit to Spiny Norman? That will fix him...

3
1

How to remote hijack computers using Intel's insecure chips: Just use an empty login string

Paul Crawford
Silver badge

Re: I used to be excited about AMT

Come now, no one in their right mind would put a iLOM / DRAC style management port on t'Internet! At least they are (usually) on a separate physical port.

If you do want remote management you should be jumping in through a VPN first as a minimum as they are notoriously buggy and insecure.

Also not mentioned: Is this Intel vulnerability also exposed over WiFi? Could add a whole new set of fun & games available on public WiFi hot spots!

1
0
Paul Crawford
Silver badge

Re: AMD

From this particular bug yes, but probably they have their own ones...

2
0

Microsoft says: Lock down your software supply chain before the malware scum get in

Paul Crawford
Silver badge
Facepalm

Re: So ultraedit ehhh?

Come on, its bound to be an Adobe package! They love running their own updater process at start up.

3
0

China's first large passenger jet makes maiden flight

Paul Crawford
Silver badge

Why would the EU mandarins have to punish the UK over Brexit?

Our own shower of shit glorious leadership are doing the job or ruining the UK perfectly well without any assistance.

12
2

systemd-free Devuan Linux hits RC2

Paul Crawford
Silver badge

Re: It's fascinating that Linux now has the same problem as Windows

UTF-8 is great, but please don't be a muppet like the systemd lot and have your program crash if a non-UTF-8 character is used in a *comment*...

10
2
Paul Crawford
Silver badge

Re: Easy answer.

"What on earth do they know about producing enterprise ready, stable operating systems? "

Like RHEL 6 that is without systemd, perhaps?

10
1
Paul Crawford
Silver badge

Re: It's fascinating that Linux now has the same problem as Windows

"However, binary configuration files and binary log files are inevitable"

No they bloody well are not!

If, as you seem to think, that English is some imperial conspiracy then why do we not program in binary? Why do all major languages use it? Why is it the most common language in the world (mostly as the 2nd spoken choice)?

And if you need to translate binary to/from some local readable format, why not translate English/ASCII in the same way? Fundamentally providing a language-agnostic system is very hard work and you then lack any simple way to interact with it for development with just a text editor.

26
1

Boffins gently wake the Large Hadron Collider from annual hibernation

Paul Crawford
Silver badge
Pint

Re: inverse knights

A most splendid unit!

I guess another would be drink-related in terms of shots chucked in the general direction of one's mount?

3
0

Loadsamoney: UK mulls fining Facebook, Twitter, Google for not washing away filth, terror vids

Paul Crawford
Silver badge

Strong & Stable

Strong and stable, as in thick as a plank? They are strong and stable.

http://newsthump.com/2017/05/02/eu-dinner-was-strong-and-stable-claims-theresa-may/

(apologies in advance for the click-baity nature of that site's adverts)

2
0

KickassTorrents kicked out again, this time by Australia

Paul Crawford
Silver badge
Pirate

Re: Oh my god

But from a practical point of view:

1) It puts a block for the majority of people who don't understand that Google is not the Internet, or what actually happens when you click on any hyper-link or type in a URL.

2) It avoids the collateral damage of IP blocking if a site uses a shared IP address with other legitimate sites.

3) Those who understand how to bypass (1) would know to use a VPN to bypass (2) as well, so it not much less effective in practice.

4) It fairly cheap & easy.

8
0

Don't listen to the doomsayers – DRM is headed for the historical dustbin, says Doctorow

Paul Crawford
Silver badge

Re: This is interesting...

Doctorow and Orlowski have very differing view points, but that is good for a news site like this. Last thing I want it to be fed opinion from only one side (like more tabloid papers, Fox "news", Russia Today, etc)

7
0
Paul Crawford
Silver badge

Re: Convenience is the enemy of intrusive DRM.

"all major Steam games can also be torrented though, so obviously it's not an entirely effective DRM system"

There is no need for unbreakable DRM so long as the legal offering is good value for money (i.e. just works on any platform you realistically want, in the region you live, prices is OK). Keep the majority paying for the legal version and you as a business will do just fine and few will try hear to break it or share them, piss them off and you will find the torrents become the majority method.

12
1

Not auf wiedersehen – yet! The Berlin scene tempting Brexit tech

Paul Crawford
Silver badge

Re: Commuting time

That aspect is a major factor in how I, at least, would see any alternative location to move to. No point in moving to some city where your employees wast 2 hours or more of their life every day commuting. What is that equivalent to, around 10% of your waking life?

8
0
Paul Crawford
Silver badge
Gimp

Re: Why Berlin?

Don't forget the "Speciality clubs" that Berlin is famous for. Allegedly.

6
0

Stanford Uni's intro to CompSci course adopts JavaScript, bins Java

Paul Crawford
Silver badge

Re: Just teach them Python

Python looks to me as a good choice. But it, along with JavaScript, both have one serious aspect that is lacking - strong (maybe any) data typing.

Yes, it is really handy not to worry about small details like is it integer, float, character string, etc, when you still have to grasp the basic concepts (maths, branching, subroutines, not to re-implement libraries) but I have met people programming in C++ with "more than a year experience" and they don't understand the fundamentals of what types mean to the CPU, etc.

Get my day's rant in early!

10
1

Would you believe it? The Museum of Failure contains quite a few pieces of technology

Paul Crawford
Silver badge

Re: Betamax - Betamax quality wasn't actually that much better.

Really the success of VHS was down to more suppliers of VHS players (Sony licensing I guess) and so video hire shops (remember them?) stocked way more VHS titles, leading to positive feedback. Same for availability of grumble flicks. Er, allegedly.

On notable failures we should also list Sony for its various attempts at forcing propitiatory tech on the world in the face of better/cheaper alternatives:

1) Mini-disk player, good idea in many way but way too expensive. DRM. Struggled to displace audio cassettes. Both died when SSD came along.

2) Memory sticks.

12
0

systemd-free Devuan Linux hits version 1.0.0

Paul Crawford
Silver badge

Re: It is not that clearcut

It is a shame that Canonical gave up on 'upstart' as it was almost what was needed: an init process that could handle parallel start-up and dependencies. It could also be run as a user PID if users wanted an event-drives start-stops system, say for removable storage. And there it stopped, as it only wanted to be 'init' and not an octopus.

19
0
Paul Crawford
Silver badge

@ lpcollier

"A change of init system isn't something we should be doing more than once every couple of decades, but systemd seems very good to me."

The problem is systemd is not JUST an init system, it adds in binary logging, time setting, module loading/blacklisting, and all sorts of other stuff that were pretty much already solved and workable. And in many cases it adds bugs/issues that seemingly just don't get fixed if they are not in line with Pottering's personal outlook.

If it were just a paralleled start-up system there would be far less issues, but instead we have fsking *desktops* like GNOME has become that have systemd as a dependency, WTF?!

42
0

PACK YOUR BAGS! Boffins spot Earth-size planet most likeliest yet to harbor alien life

Paul Crawford
Silver badge

Gravity well problem

While it is a pointless technicality given we can't get there in any foreseeable time or technology, it is worth a moment to consider that at 7 times the Earth's mass you could not escape its gravity well using chemical rocket engines.

But if you made it there in the 1st place you would be using some nuclear system or something we have not imagined (or maybe just considered possible) yet, so a technicality really.

For more on chemical engine limits: https://www.nasa.gov/mission_pages/station/expeditions/expedition30/tryanny.html

2
0

UK.gov survey shines light on cybersecurity threats to businesses

Paul Crawford
Silver badge

To be fair, they do have some useful (and moderately readable) guidance:

https://www.ncsc.gov.uk/guidance/password-guidance-simplifying-your-approach

https://www.ncsc.gov.uk/guidance/macro-security-microsoft-office

https://www.ncsc.gov.uk/guidance/eud-security-guidance-ubuntu-1604-lts

2
0

Chap 'fixes' Microsoft's Windows 7 and 8 update block on new CPUs

Paul Crawford
Silver badge

"I don't see the point of installing linux so I can run windows in a vm when I can run windows natively"

Err, wasn't the point of the article that you won't be able to, unless you got to Win10 or stick to old hardware? A pretty good reason to virtulise in my book.

Also easier to change hardware (no re-licensing as Windows won't see the change) and less malware problems as many of the nastier sort don't run in VM environments to thwart analysis, and there is a damn sight less* for Linux in the first place if you use it for email and web browsing.

[*] less != none, you still have to patch Linux boxes and not to do dumb stuff.

17
0
Paul Crawford
Silver badge

"Many alternatives support limited range of hardware and are missing specialised functions"

Is this hardware connected via USB ports or RS232?

If so you can probably use a Windows VM for driving your telescope/camera/etc since most emulators allow for simple connection of common PC I/O ports.. Then you don't have underlying hardware platform issues and can easily save the VM and move it to another machine as needed.

9
0

Will the MOAB (Mother Of all AdBlockers) finally kill advertising?

Paul Crawford
Silver badge

"People don't hate adverts, just awful adverts"

That kind of sums it up, along with the observation that the awful sort is basically virtually everything.

Had the advertisement industry kept to low-bandwidth and discrete side bars that did not distract the user, act as a malware vector or soak up all usable bandwidth/CPU/screen area most users would not bother with ad blockers. But they didn't, and now here we are in a world where many web sites are pretty intolerable without an ad blocker.

What is the solution though? We have such a race to the bottom in web funding and nothing viable in sight that would make most people chose another means of supporting sites. Many have talked about micropayment options instead of the sordid world of on-line advertisement, but none have taken off.

44
0

How to breathe new life into your legacy kit now you've gone hybrid

Paul Crawford
Silver badge
Joke

"Reusing five-year-old network string is a flogging offence"

Would that be with the CAT-6 of nine tails?

7
0

Profit with just one infection! Crook sells ransomware for $175

Paul Crawford
Silver badge

Depends on how 'mature'.

Btrfs supports snapshots and is supposed to be production ready now. ZFS works well but you have the licensing issues (if you care) and again you get copy-on-write snapshots so they take little space for most (i.e. non-changing) files.

So try one of those and set up a cron job for snapshots. FreeNAS offers that in the GUI as it uses ZFS, but you have to make sure you tell it to do the whole file system tree - so check it is actually snapshoting what you expected!

0
0
Paul Crawford
Silver badge

Which is another good reason to run Windows in a VM!

That and not having to re-license it if the motherboard dies, etc.

And the ability (in some cases) to snapshot the VM before doing anything potentially damaging.

0
0
Paul Crawford
Silver badge
Thumb Up

Re: Backups

RAID (or replication) != Backup

Exactly, it deals with service continuity in the event of hardware failures, etc. Not against deliberate trashing (though regular snapshots on replicated storage goes a big way towards it).

0
0
Paul Crawford
Silver badge

Yes, but a proper backup system comes in to your PC, so you don't have any access rights (normally) on the backup system. After all, if your admin rights are compromised on the PC in the first place to run the nastier sorts, then it can go after backups as well.

Of course, without any backup there is nothing stopping your account from permanently trashing your own files, which is one of the key reasons ransomware works - you don't need a sneaky zero-day privilege escalation, simply the ability to trick the user in to executing something by ANY means.

Setting user-writeable areas to no-execute may be a useful step...

2
0
Paul Crawford
Silver badge

Backups also help for other problems like: hardware failure, lost/stolen machine, user deleting something and wanting it back days later, having a moment of "gross administrative misconduct" at the root prompt, etc...

1
0

Oracle patches Solaris 10 hole exploited by NSA spyware tool – and 298 other security bugs

Paul Crawford
Silver badge

Re: Money first, patches later

Lets face it, Oracle dose not give a flying fsck about any hobbyist.

When Sun did well with Solaris it was when they engaged with universities, etc, to practically give it away so a generation of computer science students left knowing and generally liking it. Oddly enough that translated in to future sales when they got jobs in the real world.

Those days are long gone and not coming back, now its only Windows & Linux/Android.

4
0

Large UK businesses are getting pwned way more than smaller ones

Paul Crawford
Silver badge

Re: I'm a computer security "expert".

"So the question is more how do you make RDS access more secure?"

Again, I'm no expert but I would start by looking for cheap-ish routers (i.e. affordable to a small business) like some DrayTek ones that support a VPN and at least you have another access layer before the world+dog can have a go at the server's remote log-in port. Not sure if they support using a certificate for VPN log-in but that at least gets away from piss-poor password choice.

0
0

eBay threatens to block Australians from using offshore sellers

Paul Crawford
Silver badge

Re: Netflix tax

Netflix do a good job of stopping you accessing them from the "wrong country" via a VPN to pay for stuff, so I'm pretty sure its easy for them to identify and pay any local taxes that are due.

1
0

Alert: Using a web ad blocker may identify you – to advertisers

Paul Crawford
Silver badge

Re: Sorted.

That has been my thought, we need a browser that deliberately randomises things like canvas drawing and reported fonts, plugins, etc, so every site you visit has something a bit different.

OK, your IP address is an issue but you can use an IP-sharing VPN to anonymise that if you really need to and typically IPv4s get shared in many cases as a few machines behind NAT, and ISPs typically change them anyway.

IPv6 could be a whole nasty bag of worms though if folk get a fixed block so advertisers know that they can ignore the bottom 16 bits and the rest is basically fixed by your ISP and not CG-NAT'd or anything..

1
0

Good job, everyone. We're making AI just as tediously racist and sexist as ourselves

Paul Crawford
Silver badge

Re: @ Infernoz

Sounds like a relapse is occurring, please keep taking the dried frog pills.

7
1

Deeming Facebook a 'publisher' of users' posts won't tackle paedo or terrorist content

Paul Crawford
Silver badge

Thing is, you could achieve much the same with small fines, just a hundred quid or so for each post not taken down in reasonable time, and same for each appearance of fake/misleading adverts, and suddenly Google, Facebook, etc, would manage to deal with most of the crap.

After all, they are pretty good at following users with targeted adverts, so how hard is it to develop a "this users is an angry moron" sort of profile and limit their ability to post/share shit?

12
1

Drupal sci-fi sex scandal deepens: Now devs spank Dries over Gor bloke's banishment

Paul Crawford
Silver badge

I think he is referring to the orange one's misogynistic "pussy grabbing" tenancies.

10
0

Linux remote root bug menace: Make sure your servers, PCs, gizmos, Android kit are patched

Paul Crawford
Silver badge

DD-WRT?

Seems no updated for DD-WRT for my TP-Link router since 2013 or so, so the big question* is this bug present in its kernel build?

[*] - Yes, there are obviously much bigger questions out there. Some even with > 3 syllables in more than one location, but in the context of this forum and embedded stuff, this is big enough,

0
0

Microsoft raises pistol, pulls the trigger on Windows 7, 8 updates for new Intel, AMD chips

Paul Crawford
Silver badge
Linux

Embrace the penguin!

Oh, and make sure you have a Win7 VM for all of your Windows-only stuff.

That just leaves Win7 gamers who need high performance graphics and Windows screwed over...

20
2

Official science we knew all along: Facebook makes you sad :-(

Paul Crawford
Silver badge
Gimp

Re: Chicken and egg

Does this also apply to other "social media" such as Fetlife?

Egg definitely beaten by the chicken there.

4
0
Paul Crawford
Silver badge

Re: get off that computer and go outside and play with your friends

Are friends electric?

2
0

Hasta la Windows Vista, baby! It's now officially dead – good riddance

Paul Crawford
Silver badge

Re: It's not all bad news

Lets face it - Facebook is probably the most obvious act of mass surveillance and the morons masses still lap it up. And now we have MS chasing the pair of them to see who can get the most secrets with the lest KY, but also oddly expecting us still to pay for windows.

Except of course for us rats penguins who jumps from that sinking ship a while ago.

18
5

Forums

Biting the hand that feeds IT © 1998–2017