* Posts by Karl Vegar

39 posts • joined 4 Apr 2008

RIP FTP? File Transfer Protocol switched off by default in Chrome 80

Karl Vegar

No problem.

For anything I'd like to collect from the wild web, I'd like something more secure then FTP myself.

And for any more serious file transfer one could use FTP for, why use your browser, there are better clients around. (And they usually support SFTO, SCP in addition.)

But I guess it will live on for a lot of local stuff.

PXboot, Wyse config files and similar. And probably a load of IOT stuff that really should know better.

Maryland: Make malware possession a crime! Yes, yes, researchers get a free pass

Karl Vegar

Re: Banning malware is not an option!

And since the at least the early versions of ransomware utilized builtin encryption mechanisms, any encryption tool can also be considered a ransomware tool... And the feds go wild.

The time that Sales braved the white hot heat of the data centre to save the day

Karl Vegar

Re: Something similar happened to me...

Seen that done wrong.

New building.

Technical people were as usual kept well away from any planning

Since the company had a subdivision delivering aircon, the project leader basically ordered the largest units he could fit two of. And placed them in the ceiling somewhere.

Spring comes, and we're moving in. all sorts of cables have been run nicely to the racks. The racks have been nicely bolted to the floor.

IT comes carrying the servers, and notice the aircon units are set to pull air from the front of the racks, and blow over the tops of the racks to the rear.

Not ideal, but can't be that bad, right?

That summer, we had a heatwave. And the massive stand alone UPS units shut down from heat. I seems to recall some of the legacy kit didn't come back up after. (And would be the silver lining of this story.)

If at first you don't succeed, pry, pry again: Feds once again demand Apple unlock encrypted iPhones in yet another terrorism case

Karl Vegar

Re: Yeah, sure

Yes, the FBI have done everything right. And yest they are kicking at the front door.

Makes no difference. That is not what this case (or any of the preceding ones)

To take your door analogy. The door is 5 inch tempered steel. Apple cannot make it half inch soft wood just because FBI is asking nicely. And a court order will not change this.

US immigration uses Google Translate to scan people's social media for bad posts – Er, don't do that, says everyone else

Karl Vegar

Re: Can we please keep the lynchmobs quiet?

Oh, be fair.

A lot of the French get confused by this when attempting to translate from French to English as well.

Facebook, Amazon, Apple, Google told: If you could cough up a decade of your internal emails, that'd be great

Karl Vegar

Dead three edition

For this kind of crap, dead the edition with toner saver on would be my preferred delivery method.

All continuous text, no formatting, divider between mails or any such frippery. Maybe add in the headers to be certain there no nursing info.

What a meth: Elderly Melbourne couple sign for 20kg shipment of drugs, say cops

Karl Vegar

Re: " if they were smarter they might not have to turn to crime"

Smart politicians: Not necessarily as much of an oxymoron as you'd think.

I'll grant you that a lot of politics don't make sense in pursuit of stated goals. But we all know politicians have an understanding with truth. So why do we believe the stated goals?

And what might be a less than optimal way of completely missing the stated goal, might just be a less visible way to achieve something else.

Dutch boyband hopes to reverse Brexit through the power of music

Karl Vegar

Re: Brussels is evil I tell you!

Hey, that might not be all bad.

If we could get Hasselhoff on a separate station, and keep him off the others, that might just be worth it. (Now to see if there is a way to blacklist a station on my radio...)

Karl Vegar

Not totally useless

It's a nice sobriety indicator.

When the audience at the pup sort of nods along to the beat, they're about rightly drunk.

When they start to dance, that is proof they've drunk to much, and should be escorted to a cab...

Anyone start to sing along, and you know attempting to cut them off will result in a fight, prep the pints of nearbeer, and call security.

UK.gov went ahead with under-planned, under-funded IT upgrade? Sounds about right

Karl Vegar

Re: SNAFU

30% increase in a public IT project.

WOW, UK must be good.

Around here they try to stick by the rule of PI.

Cost and Time should not be more than 3.14 times the orginal offer. And some times they actually manage to keep within that boundry...

No, eight characters, some capital letters and numbers is not a good password policy

Karl Vegar

Well.

Log in as a few of them, and send out an invite to their team / the rest of the company.

Open bar event of some kind, some words about bringing a cake on Friday, BBQ at home.

After the first few, some just might take a hint. Otherwise, these events are probably going to be a nice benefit. Just make sure you make them something you enjoy as well.

Open plan offices flop – you talk less, IM more, if forced to flee a cubicle

Karl Vegar

Re: Is it just me?

Yeah, you're right.

And they're halfway right...

(They get more human resources pr square meter/feet.)

I'm not so sure the loss in productivity will not balance out the rent saved. But this will be depending on factors like salary, invoicing practice (do you charge by the hour or by the project/service?),the rent, cost of turnover...

BOFH: Give me a lever long enough and a fool, I mean a fulcrum and ....

Karl Vegar

Re: Decruitment..

No need for neither lime nor carpets.

This was a clear case of a workplace accident. Some old (UPS?) unit being decommissioned, accidentally slipped out the window at an (in)opportune moment. On the bright side, the cushioning saved the footpath.

Office junior had one job: Tearing perforated bits off tractor-feed dot matrix printer paper

Karl Vegar

Had a demonstration of what happens if you use inkjet overhead transparent papers in a laser printer.

Who knew not all plastics are good with high temperatures.

I would have assumed the local Fire dept should have some idea of these kind of issues. Apparently I was wrong.

Fuser was quite accurate.

Secret weekend office bonk came within inch of killing sysadmin

Karl Vegar

Re: Aircon Leaks

1,2 as stated *

3 seal drain/output side

4 Displace one side of hose above suitable drain.

5 as stated.

* or get fancy:

- Stick tube down into the bin, one end first, make sure to let air escape through the other end. When there is an inch or two left above water, block the dry end. Dry end is drain end. move on from 3. If done right, all that gets wet is your thumb.

Shopper f-bombed PC shop staff, so they mocked her with too-polite tech tutorial

Karl Vegar

Re: @AC:ATT drone

>Some of these f'wits HAVE CHILDREN...

Doesn't exactly take a genius to make a child.

All it takes is two persons of opposite physical sex, each with an orientation that makes them compatible, in the right circumstances at the right time of month. No sense, common or any other involved.

To raise a child... is another matter entirely.

Here we go again... UK Prime Minister urges nerds to come up with magic crypto backdoors

Karl Vegar

Re: Biometrics

If we for a moment pretend biometrics are 100% perfect, secure, foolproof and able to determine if the fingerprint is provided from a live and willing judge. Just for the sake of the argument.

Are you planning to grant US Federal judges this power over all phones in the world? Isn't that a bit overreaching, and out of jurisdiction? Or only handsets sold in the US? (And what makes you think handsets wont be bought in Mexico, and resold in the US...)

How about other nations? Should every judge at the level determined by the individual nation be granted this? Would you like the commissars of Putin or Kim to have access to your phone at will?

And what happens when a judge is replaced?

And how long would it take before apps had a possibility whether or not to trust the builtin biometrics, for instance requiring a password or other form of authentication instead.

So in short. This would greatly reduce the basic security of the handsets. Add a lot of cost. And slightly inconvenience anyone who wants to keep something secret.

Linux Mint-using terror nerd awaits sentence for training Islamic State

Karl Vegar

Re: New and dangerous breed of cyber terrorist

Note: It doesn't say that non single male are not in want of a project. It probably should state that non single males no longer have the luxury of time to do anything about said projects.

The answer to Internet of Things madness? Open source, of course!

Karl Vegar

No, this is not the solution to the problem with IOT, it's a workaround to limit the symptoms of the problem with IOT.

The problem is: Every vendor have a "standard" communications protocoll pr generation and type of device.

This is merely a hub that will speak them all.

That bein said, if it at least remain true to the promise of openness, then it might be worth procuring for my own smarthouse experiments.

Spoof an Ethernet adapter on USB, and you can sniff credentials from locked laptops

Karl Vegar

Oh, nasty. And difficult to protect against.

For the no USB on a locked machine crowd: Ever had to replace a keyboard? Kind of difficult unlock if you can't use the new keyboard.

For the no auto install of USB without clicking on something: Ever replaced a keyboard (so you can unlock) or mouse (so you can click)?

For the reboot required crowd: What are the odds you need to replace x for your C*O with the machine locked, and that important draft not saved...

For those not reading thearticle, and seeing this as something that needs both ethernet access and external power: RTFA. The device would look like a largeish USB thumb drive. To the machine it appears to be a generic ethernet card (drivers already installed), with a network behind it. And since this fake network is wired, new and unreasonably fast, it becomes the new default. Then the computer tries to do something on the network, and the credential hash is uploaded to the DB on the device. Plug it in, look at the lights / give it half a minute, unplug and move on.

Best way I can see to mitigate it, train your users to log out or power down when they leave for any period of time. Or make sure anyone with physical access to the USB ports are trustworthy.

Cisco confirms two of the Shadow Brokers' 'NSA' vulns are real

Karl Vegar
Big Brother

Re: IT Security

Nah, you'd just get two sets of back doors, and two sets of agencies trying to breach you instead of just the one you'd get anyway.

Milk IN the teapot: Innovation or abomination?

Karl Vegar

Milk in a teapot, massiv NO.

A: Not everyone will want milk, or the same amount of milk.

B: Getting the pot clean again is going to be .... a suitable punishment for the miscreant.

That being said, I must confess: I have, on occation, brewed tea directly in milk (heated in the microwawe no less...) To my defence, this was some spicy variant, I'm usually a coffee drinker, not much of one for tea, and I'm not a Brit.

Karl Vegar

Re: dear god what are we teaching the kids?

Nononono

If you've had milk in a glass, it needs to be thouroughly cleaned before you add beer. If there is any milk fat left on the glass it messes up the formation of a good head (in turn leading to your beer going flat before it's time.)

Basically, never serve dairy products in anything you want to serve beer in later.

Harrison Ford's leg, in the Star Wars film, with the Millennium Falcon door

Karl Vegar

Re: Eh? What?

If it weren't for "The Force Awakens", it could have been a typo for "last known".

You know how that data breach happened? Three words: eBay, hard drives

Karl Vegar
Flame

Maybe this is a bit squewed..

Anyone willing to sell old drives might not have the sharpest IT dept.

I can nearly understand old drives, that had been part of a raid5 setup,, and that have been low level formated being sold alongside a server, if that is the only way to shift the old ... iron.

Otherwise, I thought storing the old drives for a time, untill one can arrange for a physical og magnetinc solution was standard procedure.

Personally, I'd go for thermite, but for some reason my boss won't let me. (Something about fire and / or environmental hazard in a the middle of the city...)

North Korean operating system is a surveillance state's tour de force

Karl Vegar

Re: A serious question...

This IS NorK we're talking about.

There's some 2.5 gb in the install image. What are the odds theres a little undocumented "I'm still compliant" heartbeat feature or two in there somewhere? And what do you think might happen if the heartbeart flatlines while the ISP still show traffic on your line (using a familiar mac?)

Then there's penalties. I'm guessing loss of PC privileges and some labour on first offence for a script kid of good family. For willfull distribution, I guess the hard part is over when you get to the firing squad.

Outsourcer didn't press ON switch, so Reg reader flew 15 hours to do the job

Karl Vegar

A while back I was between assignments, and got some ad hoc assignments from my temp agency.

One such memorable assignment was related to a credit card terminal.

The assigment: to set up a new terminal in a shop.

I got a nice little documentation burn before you read and self terminate after package. And spent some time familiarizing myself with the procedure I was supposed to perform the next day. Didn't seem to complex, but there was a part with activation that needed a 25 digit code or some such. This part looked like it was a bit beyond your regular user.

I then drove a couple of hours to the site. Took a look at the terminal I was supposed to set up and activate. It was already placed where it should be, and nicely connected. But not on or activated.

Talked to the customer, and she'd had a bad experience last time she tried to activate a terminal.

OK, as the connections looked fine, so I fired it up and looked at it while it self tested all OK. Including connections to the bank... basically it seemed to be activated already.

- Hm, has this terminal been sed before somewhere? I asked.

- Naturally, it's the same I had problem with the last time. We didn't need this POS for a while, so we've had the terminal in storage the last 6 months.

OK, so we tested charging my card some minimal amount. Worked like supposed, both banks accepted. Had the back office test while I found some lunch. All OK. (I allways get suspicious when something look to be too easy, hence the vigorous testing.)

Total time spent fixing the issue: 5 min

Time spent testing: 15 min

Invoice: 1 hour work + 4 hour drive + expenses.

If nothing else, it makes for a good story.

All tests turned out OK.

Drones are dropping drugs into prisons and the US govt just doesn't know what to do

Karl Vegar

Re: The problem is that prisons are mainly two-dimensional

Lexan shield hanging under the drone?

Yeah, should be pretty sure the drone won't get shot down... since it will never take off.

The propellers create lift by pushing air down. The mentioned air going down will be pushing down on the shield and create a negative lift that will be aprox of equal the positive lift generated, and kind of negate any upwards mobility.

AV for Mac

Karl Vegar

One fix to do it all for every Apple iProduct

Thermite!

Apply and ignite outdoors.

8GB iPhone 5c is real, but no market-maker

Karl Vegar

8 gb iPhone pointless..?

Well, yes if you're buying the handset yourself.

But, when corporate is supplying the handset (, and the beancounters already have whined themselves a decent 5S, and the VIP's are exempt from regular policy), some beancounter could very well find that this is a good idea. Small savings pr handset, will give some substantial savings if you multiply it enough times.

Needless to say, understanding that most any decent midrange smartphone will be better (and possibly cheaper) than a nerfed into uselessness iPhone will be saddly lacking among the exec's who someone has sold on the idea that IOS is the better mobile OS.

Meanwhile at mission central, the resident BOfH is stringing his crossbow, whistling the Willhelm Tell overtyre...

Volvo tries to KILL SHOPPING with to-your-car Roam Delivery

Karl Vegar

Re: They need...

Actually, it's probably worse.

What kind of person will buy a car solely on the "it's safe" argument? It's the person who expects to need the security. So, it a crap driver, who knows he's crap, and compensates by buying the safest car to be a crap driver in.

BOFH: He... made... you... HE made YOU a DOMAIN ADMIN?

Karl Vegar

Re: Fervent wish...

Wardrobe affordability not an excuse because the wannabe admins bring their own.

Microsoft tarts up software licensing to fend off 'a few clicks and a credit card' rivals

Karl Vegar

Weel

MS licensing is a 5 year study, that is valid 3 years from start of study.

North American teams land in Oz to race for the sun

Karl Vegar

Re: Yeah, great

Hey, if you really want to separate the chaps from the weak, you need to go further north.

Start in Tromsø, go north and east, (in that order), and stop before you get to the Russian border.

If your lucky with the weather, you get to test the round the clock endurance, otherwise, lets just say light might not be a good idea in heavy winds. Gnats and mosquitoes are naturally there to test the anti air defenses.

Give up your privacy so Big Data can FIX GOVERNMENT

Karl Vegar

Just might work

Add some proper anonymisation, and the privacy issues becomes less of a problem, and at the same time you get rid of any kind of racist or sexist BS.

'Smart ring' revealed by upstart Chinese mobe-maker

Karl Vegar
Devil

Re: Up coming

> His post indicates that Apple will copy it which is fine, and then Microsoft will copy it WHICH IS A CRIME.

Or it could be taken as: Apple will copy, and when MS follwos suit, Apple will sue MS.

Just playing Devils lawyer here....

BOFH: Can't you just ... NO, I JUST CAN'T

Karl Vegar
Devil

Re: F***ing brilliant

Hell yea. Let's taylor the laws, regulations and pharmaceuticals on a client by client basis.

Karl Vegar
Black Helicopters

Re: F***ing brilliant

Might be quick lime is reserved those with a legitimate use for it. Farmers, construction workers and such I guess. But any kind of heavy duty caustic drain cleaner would do the trick in a pinch...

UK.gov will force paedophiles to register email addresses

Karl Vegar
Joke

Don't really know what to think...

- 10 minute email... and laugh my head of.

- Yeah, lets drive the pedo's and perv's deeper into hiding, that'll work. As it has ever done before.

- Yet another proof that homo politico needs extermination.

- A least it is not just my government that's fubar.

- Must be april fool's...

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020