* Posts by h4rm0ny

4573 posts • joined 26 Jul 2008

It's 2015 and Microsoft has figured out anything can break Windows

h4rm0ny
Silver badge

Re: Just Use Linux

>>"It should be. But then it does not explain this"

Does it need to? Of course some systems get compromised, whether that is GNU/Linux or Windows. What I wrote that it is much harder to do this than with a non-professional end user who doesn't keep things up to date and doesn't understand security. Meaning that you can't simply compare the amount of malware or rate of infections between two different OSs across different environments. You can only fairly compare them within the same environment. The odd high-profile hack doesn't change that.

1
0
h4rm0ny
Silver badge

Re: So all it does...

>>>>But no, you as per usual have thought in your benighted wisdom that writing something which goes through a list of ones and noughts and checks them against a list of other ones and noughts is trivial and that therefore this is trivial. "

>>Because it IS trivial

You seem to have skipped over the preceding paragraph which explained that this does more than that. You haven't understood the point. Poster sees something that does X,Y and Z. Responds that it is rubbish because Z "is easy". I point out that it saying Z is trivial doesn't mean the project is trivial or useless. You respond, missing the point completely, saying "but Z IS trivial".

At least read what I have written, not just select out some part in isolation.

>>What's to stop a malware from altering the list so that its blacklist includes useful programs? AVs produce false positives by accident all the time; what's to stop them being done intentionally? As for the scanning process itself, it's still software, and software can be subverted.

The same things that stop malware from subverting anti-malware software today. This is an API that vendors like Kapersky can plug into. It enhances the range of their capabilities if they choose to use it. You seem to be taking an argumentative tack that if you can make some vague generalization such as "software can be subverted", it is good to dismiss these new features. Whereas I take the tack that giving anti-malware vendors more capabilities such as in-memory scanning and source-reputation scoring is a good thing.

If you're upset that the anti-malware software or OS, is "software", then perhaps you would be interested in the tool MS announced a couple of months ago that runs security from a separate Hyper-V instance that exists in parallel running directly from the hardware. There is not only one security measure in place. This is one part of a security in depth approach.

2
0
h4rm0ny
Silver badge
Alert

Well...

I think Eadon's back.

2
0
h4rm0ny
Silver badge

Re: Just Use Linux

>>"I am saying that Microsoft should use Linux as the basis for Windows and if you really do not care what operating system you use then what is your problem?"

What are you suggesting, specifically. That Linux should form the kernel of Windows? That is a very big ask from an engineering point of view and I'm uncertain what the point would be.

What exactly do you think should be done and what do you imagine the benefit would be? Please give at least some detail in the answer because with something as massive a task as I think you may be suggesting, discussing it without specifics is meaningless.

2
0
h4rm0ny
Silver badge

Re: Just Use Linux

>>"Yes. And Valve steam, apt / yum, ninite etc demonstrate that the update process for applications and windows update itself could be far more friendly and less fault-prone if Microsoft put effort into it; instead we have every company with their own second-rate update service, changing your home page in the process; scheduled to fight with each other at boot time."

Then prepare to be happy. MS are producing a full package manager for Windows with an API.

0
0
h4rm0ny
Silver badge

>>"How long before we see a generation of malware that actually makes use of this?"

I'm not quite sure how to parse your sentence but if you mean malware that exists solely in memory and propagates from there, it's already happened. Check out the recently uncovered attack on Kapersky by Israel whoever is behind Duqu and how they did it. How long before we see this done by none APT actors? Not sure.

0
0
h4rm0ny
Silver badge

Re: Just Use Linux

Actually, Microsoft do sell GNU/Linux. You can pay for GNU/Linux instances on Azure and MS also provide some tools of their own to manage configuration of them. What they don't do, is publish their own distro which is probably sensible given that RedHat and others provide good enterprise-focused distros themselves.

1
0
h4rm0ny
Silver badge

Re: Just Use Linux

>>"But the clever ones do it with Linux or through their phone. And remember the backend (the servers etc) of the online banking system will be running Linux too."

And maintained by professionals who know what they're doing. Here's something that is true - compromising a GNU/Linux system that is kept up to date by knowledgeable people who are unlikely to fall for common tricks or link their server up to disreputable websites, is hard to do. Here is something else that is true - compromising a current Windows system that is kept up to date by knowledgeable people who are unlikely to fall for common tricks or link their server up to disreputable websites, is hard to do

See the points of comparison? Now here is something else - compromising end user installations of Windows run by people who have no understanding of keeping software up to date, who connect it to disreputable sites, who download software from untrusted places and ignore bright yellow warnings and proceed to give it free reign to do what it wants to their OS, is much easier.

Notice the difference between these two scenarios is not the OS, but the environment it finds itself in.

24
1
h4rm0ny
Silver badge

Re: Surely...

>>"Surely it would be easier to just start again and write a robust OS from the ground up?"

Like how Mozilla decided to throw out the Netscape code and do a clean slate approach to a browser - with near disastrous consequences and leading directly to IE6 being the dominant browser for so long? Because an OS isn't already several orders of magnitude more complex than a browser.

If there's one thing that modern software development has learned, it's that you don't start from scratch without a very good reason. But let's ignore that you put "easy" and "write a robust OS from the ground up" in the same sentence. What is it you would do differently in a new OS that current Windows doesn't do (or vice versa) which would make your new OS inherently more secure? I would like a genuine answer to that as I am curious.

11
4
h4rm0ny
Silver badge

Re: So all it does...

"All it does", "only", "just", people throw these words around so casually. This is useful and not trivial. And as machines increasingly exist as VMs which means they can be run without restarting from their point of view even if the underlying physical hardware is turned on and off again with the memory restoring, malware living only in memory is increasingly viable. The fact that OSs can now be patched in real time without actually restarting makes this even more viable.

Existing malware acts as a gatekeeper, attempting to stop it gaining access in the first place. But as we've seen with some recent malware, that is not enough. So the next logical stage is combatting actual running malware in memory.

Tell you what, if you think this is so "all it does," why don't you go away and come back with your own API standard that is vendor agnostic, supports file, memory and stream scanning with the same API calls, has URL/IP reputation checks for all of these and even lets you correlate different sessions so that malware vendors can take actions based on multiple different memory fragments to deal with more dynamic malware.

But no, you as per usual have thought in your benighted wisdom that writing something which goes through a list of ones and noughts and checks them against a list of other ones and noughts is trivial and that therefore this is trivial. As to how you twist having this capability to "sounds ilke a disaster" and open up "a whole new set of security vulnerabilities", I have no idea. You appear to be an idiot with no real understanding of what you're talking about.

16
3

Cops turn Download Festival into an ORWELLIAN SPY PARADISE

h4rm0ny
Silver badge

Re: Eugh

I doubt covering your body in mud would work. But I know what would:

People refusing en masse to go to the festival unless the facial recognition and surveillance is removed. This would instantly end it at that festival. Not sure what the critical mass would need to be to achieve this. A third of people to a half would be my wild estimate. And it wont matter if the tickets are already sold or not, people walking away from it in large numbers would have this effect.

Rock / Alternative types fancy themselves misfits and rebels, do they not? They have a definite and real way they could stick it to the Man if they did this.

Or they can wander around knowing their every movement is being tracked and their faces scanned by cameras. Up to them.

9
0

Using leather in 'leccy cars is 'unTesla', rages vegan shareholder

h4rm0ny
Silver badge

Re: providing the world's population with the protein it needs to survive.

>>"Because obviously, as a vegetarian, you're appalled at utilising an animal (yourself, walking) as a mode of transportation. eh?"

No, not really.

2
0
h4rm0ny
Silver badge

Re: providing the world's population with the protein it needs to survive.

It would certainly be nice to have the choice as a vegetarian of a high-end car without leather seats being obligatory.

5
1

Microsoft to Linux users: Explain yourself

h4rm0ny
Silver badge

Re: A bit late, Microsoft

>>"Tell us why we should spend time learning your system when we've already got solutions that have worked for over a decade."

Because:

(1) It's good to try new things.

(2) This is integrated with Azure which is a nice service so if you're using Azure, it makes sense to evaluate this.

(3) You have a funny definition of "worked for over a decade" given the endless headaches I see Sysadmins subject to routinely. Technology progresses and it's silly to take an attitude of refusing to look at new stuff because you're familiar with the old.

12
19
h4rm0ny
Silver badge

Re: They won't listen

>>"Then, as soon as the review bullet point is accomplished, everybody forgets this was ever done and nothing ever comes of it."

Apart from having just produced a big Linux monitoring package that they're asking for feedback on? And the Powershell integration for Linux management they released last month?

I swear sometimes people never notice anything that doesn't fit with what they've already decided.

19
6
h4rm0ny
Silver badge

Re: They won't listen

Microsoft are one of the big players in providing GNU/Linux infrastructure as a service. GNU/Linux has been an option in Azure for a long time. What's with all this paranoid nonsense that they don't simply want to compete with rival cloud / IaaS providers?

12
6

Capita wins four out of five stars for 'good', 'inexpensive' service

h4rm0ny
Silver badge
Thumb Up

I has been trolled

But I no mind. :D

8
0

Bill Nye's bonkers LightSail spaceship unfurls solar sails at last

h4rm0ny
Silver badge

Re: Talk to The Apples In Stereo

Well yes, but if you're going to use the conversion of energy into mass in order to make the article writer 'correct' then you also make a Hell of a lot of other statements correct.

"I had Energy for breakfast."

"I thought you had toast?"

"Mass = ev/c² . Don't try to correct me!"

Let's use the right terms, eh?

0
0

'Stolen' art found on nearby shelf. Police keep looking anyway

h4rm0ny
Silver badge

>>"My boss at the time said she got a reference request for him a few weeks later, from a security firm to monitor CCTV for theft, etc. I would love to know exactly what she wrote, but I have a pretty shrewd idea what kind of lines it would have gone down, even if there was no way she could write a direct accusation in it."

"Well," she might have replied, "set a thief to catch a thief."

2
0
h4rm0ny
Silver badge

Re: Head in the Cloud storage?

Actually, it sounds more like the desktop of someone I know the last time I got talked into helping them with their "computer stuff". There might have been a desktop wallpaper under there, I couldn't tell.

3
0

Au-mazing! Cornwall sold GOLD to Ireland back in the Bronze Age

h4rm0ny
Silver badge
Joke

>>"Have comparable provenance tests been made on gold objects found in Cornwall? The Morvah Hoard and the Rillaton Cup for example."

No, but a research team from Athens have done parallel tests on marble and found much of it in Britain was taken from Greece. British scientists currently dispute that however.

3
0
h4rm0ny
Silver badge

>>"As for going voluntarily......I don't think women had that sort of freedom of choice then. They were either slaves, captives or chattels"

Isn't this the pre-Christian Britain of warrior women and Queen Maeve as equal partner to her husband?

2
0
h4rm0ny
Silver badge

Re: Before gold plating

>>"There were tin plated cables. They worked OK, but oxidation caused them to get jammed so you could not unplug your expensive kit without breaking it."

Tin plating for cables was later made the standard by the ancient Roman hardware manufacturer Sonyus Profitus for exactly this reason.

0
0

A pause in global warming? What pause?There was no pause

h4rm0ny
Silver badge

Re: What we really need

"If we don't lack terminology what term do we use to describe variations of temperature, precipitation, atmospheric & oceanic behaviour over the short periods up to a couple of centuries?"

Solar cycles?

*ducks and runs*

3
1
h4rm0ny
Silver badge

Re: This is why we can't have nice things!

>>"Some of us will be rational (those of us in the middle ground who feel there's too much BS on both sides) and then the Deniers and True Believers will do battle. Will that work?"

Um, I have been several times informed by proponents of AGW that those of us in the middle ARE deniers. I've been told in no uncertain terms that the time for debate is over and one is for us or against us. At least when I express doubts that's generally what I receive.

10
2

Windows 8.1 market share grows, Windows 7 slips, Windows 10 lurks

h4rm0ny
Silver badge

Re: Not just a service pack

>>"Minor updates to the UI don't mean there could be bigger updates to the OS itself. 8.1 was a much larger update than a service pack. You can call it as you like, but 8,1 was not a service pack"

I'm wiling to be persuaded but I'm not seeing any significant functional change:

http://en.wikipedia.org/wiki/Windows_8.1

They changed some bits of the UI, re-adding the Start button for example, and they changed some of the default apps (which isn't an OS change). The only thing I see significantly different is that they changed the way it connects to OneDrive and they added device encryption by default (which is just BitLocker which is already there). Obviously some of the code was optimized, but I don't see that means it's a new OS.

It's unhelpful to class them as separate in general terms because they are essentially the same and it confuses things like this where the rise in 8.1 is accompanied by a fall in 8 which is for most people not the distinction that is of interest. It's whether 8/8.1 is rising or falling that is the practical question, not shifts between the two.

4
0
h4rm0ny
Silver badge

Re: Not just a service pack

I'm not aware that there has ever been an authoritative definition of what constitutes a Windows service pack. If it consists of minor updates and there's nothing radically different about it, I call that a Service Pack.

2
2
h4rm0ny
Silver badge

Re: Perhaps people have realised...

What, precisely, did you find so difficult to accomplish on the laptop without touch? If I want to launch a program, I tap the Windows key and type the first couple of letters and return, it launches it faster that way that moving up and down a Start menu ever did. Even if you for some reason have an absolute aversion to using the keyboard, the Start Screen can easily hold around thirty tiles on even a laptop screen, grouped by function, so unless you're commonly using that many which I doubt, it's the same move to lower left (though again, I tap the Windows key) as you would with Windows 7 and then select the program you want. You don't even have to dig through sub-folders.

5
10
h4rm0ny
Silver badge

Is it not time to just track 8 and 8.1 together? 8.1 is essentially a service pack to 8 and they came out in a very narrow timescale between the two. Tracking them separately just misleads.

14
2

Mad John McAfee: 'Can you live in a society that is more paranoid than I'm supposed to be?'

h4rm0ny
Silver badge
Thumb Up

Re: "... his left curiously busy in his trouser pocket"

>>"everything he stated is just plain obvious"

Maybe so, but we're living under a government that appears unable to see the obvious, so it's worth stating.

I like John McAfee. People should not mistake eccentric for unaware - he's a very smart person. And occasionally people tar him with the label paranoid, until they actually read more and find some of what he's actually been through. Someone rich yet still willing to fuck with the status quo, that's a rare combination and it leads to some surprising circumstances on occasion. El Reg should have linked to the video where he distances himself from the software which he actually left behind long ago - thar's hilarious.

8
0

WikiLeaks offers $100k for copies of the Trans-Pacific Partnership – big biz's secret govt pact

h4rm0ny
Silver badge

That AC

Okay, I have read some drivel in the comments sections. Hell, I have written some drivel in the comments sections. But this idiot is taking crap posts to a whole new level of shit.

16
0

Microsoft suffers worldwide Wi-Fi wardrobe malfunction

h4rm0ny
Silver badge

That's okay, they're actually all in Seattle.

7
0

GCHQ gros fromage stays schtum on Snowden and snooping

h4rm0ny
Silver badge

Re: An intelligent Intelligence boss?

By "not outwitted by a direct question", do you mean avoiding any meaningful answer of it? Where are the actual studies - or even study - that shows that the increasing surveillance isn't having an effect on people's willingness to do business here?

I have no knowledge of anybody being discouraged from doing business in the UK by our proposed or actual snooping. However, I do have knowledge of at least two significant deals that fell through with American companies because of lack of trust in the US government not snooping. It's not a small issue for US businesses at the moment. And the UK has been behaving similarly to the USA so I would not be surprised if there were a similar reaction.

I would want more than anecdotes from a few of this guys friends on this before I considered it actual data.

4
0

Docker death blow to PaaS? The fat lady isn’t singing just yet folks

h4rm0ny
Silver badge

Re: Confused

I think I have seen the future, and it's Containers all the way down.

0
0
h4rm0ny
Silver badge
Paris Hilton

This is kind of an odd article. I'm not sure if my understanding is at fault or the author's. I don't quite see the overlap / conflict between Docker and PaaS that the author seems to be talking about, but I may just not quite have got what they mean.

The point of PaaS to me is that I have someone else providing the services that I need and these people (Amazon, Azure et al.) are going to know a lot more about managing it all than I do. Or quite frankly even if they don't, I want to focus on my applications, not on administration of all these services.

That's why PaaS is my GoTo. IaaS is my fallback if PaaS can't do what I need because with IaaS I can do a lot more, but at a very marked increase in work outside my core business. As PaaS gets better and better, I see the need for IaaS reducing for my use cases (and many people's). I think there will be a big shift away from IaaS towards PaaS because if the latter gives you what you need and lets you focus on what you really care about, why wouldn't you?

But where Containerisation fits into the above conversation, I'm not quite sure. I think the author is saying that Containerisation obviates the need for PaaS to some extent? Or that people think it does and he's saying that actually people are wrong and it doesn't... But I'm not quite clear. Containerization is, I guess you could call it, a refinement / supplement / tool for IaaS and thus keeps parity between the two approaches, offsetting the complexity of IaaS to some extent? I'm not sure if that's the argument.

Paris, because maybe I'm just being like her today.

3
0

It's FREE WINDOWS 10 time: 29 July is D-Day, yells Microsoft

h4rm0ny
Silver badge
Thumb Up

Re: How many of you Windows user will be...

>>"Well it will be my Birthday...so probably."

And you get the best birthday present ever! A new edition of Windows! :)

5
7

Libre Office comes to Android

h4rm0ny
Silver badge
Happy

>>"I stopped using Microsoft Office 15 years ago (yes, in 2000) switching to Open Office and later to LibreOffice. I never looked back [...] I realized how much I do not need this application when I bought recently a PC with a preinstalled Microsoft Office. I deleted it without switching it on, even once"

It's always amusing how the most critical posts of MS products feel the need to emphasize their points by explaining how they avoid being able to make informed comparisons. They're always this unaware combination of "I stopped using this over a decade ago..." and "I deleted it without trying it.." followed by how rubbish they know it is.

3
1
h4rm0ny
Silver badge

Re: A little too late...staying with Office 365

Are you sure you're not confusing it with Office Web Apps. You can use MS Office without an Internet connection, including mobile versions. Office 365 is actually a subscription model that can cover both downloadable versions and the web apps. It's not a specific piece of software itself. You obviously can't use the online versions of Office without a connection, but you can use the downloadable versions.

0
1
h4rm0ny
Silver badge

What's the UI like? Substantially different to the desktop version, I presume?

0
0

Free Windows 10 upgrades from Microsoft will FLATTEN PC sales

h4rm0ny
Silver badge

Re: @Hasham - I'll be assembling a new PC in 2016

I see ACs here have finally given up pretending that going into the BIOS and clicking Secure Boot to off is difficult and are now blaming Microsoft for the dark deeds they have yet to perform. Or even announce.

10
9

Microsoft to TAKE OUT THE TRASH in the Windows Store

h4rm0ny
Silver badge

>>"If MS were to make the Trial option mandatory for paid apps, it might solve a great many problems."

It should certainly be encouraged. I have on several occasions avoided an app because it had no trial period. But mandatory would be problematic as there are some cases where it is simply not legally possible - for example the music notation software demo'ed at Build recently which contains third party copyrighted musical scores and so can only be sold, not licenced. (Resolvable probably, but an example). There are also apps that are specialized but rare use. Such apps could have their sales reduced by trial periods by most people only needing to get a few uses out of them and then not needing the app again for a year, or maybe never. I have used a piece of software like that on a few occasions and was able to do everything I needed with their trial version.

But it's definitely a warning sign when they don't have one - agreed!

3
0
h4rm0ny
Silver badge

Not a bad idea in general, but I'm wary of the part about removing apps because they are more expensive than equivalents. Seems like it would favour new copy-cat apps over the original innovators and it might also favour larger vendors over small independents. Neither of which are a good thing. Vendors should be able to set their own prices.

24
0

That EVIL TEXT that will CRASH your iPhone: We pop the hood

h4rm0ny
Silver badge

Re: just published android app to do the hard work

What did you call your app? LetYourFriendsKnowYouAreAnIdiot-ogram ?

That's a good name for it, I think.

2
0
h4rm0ny
Silver badge

Yes. A couple of years ago:

http://hexus.net/tech/news/software/59497-simple-arabic-text-string-instantly-crashes-os-x-108-ios-6-apps/

It was exactly what I thought of when I read the story. I wouldn't have thought they'd be caught out like this twice. Apple are usually better than this, but there you go...

Incidentally, El Reg. seem to be giving up any pretence of knowing parody these days and just going for direct Daily Mail style gratuitous sexualisation. Unless I'm missing some subtle relevance to the giant image of a strapless model to this article. Off-topic, yes. But then so is the photo.

5
0

EU net neutrality could kneecap the Tories' opt-out pr0n filter plans

h4rm0ny
Silver badge

The thing is, we don't NEED the government to provide such filtering. There are plenty of cheap solutions and ISPs commonly offer it as part of the package in the first place, anyway.

People can argue the merits of that back and forth all day, but the government isn't trying to do this for the sale of children - it's about introducing pervasive monitoring.

5
0

Why are all the visual special effects studios going bust?

h4rm0ny
Silver badge

Re: "Money flows to whoever it is that has the rare thing."

>>"an inside regulator can cheat the system, and an outside regulator can poison it."

Well if you accept that anyone without a vested interest must be ignorant to the point that they cannot effectively regulate, maybe. But is that the case? First off, the reason you have regulators outside the market is generally the regulations are for guarding against externalities. People within the market are pretty capable of working out what is most efficient for their goals. You get the regulations to prevent those goals conflicting with the wider society - environmental pollution, anti-trust issues (where one market reaches over into another), defrauding investors, etc. And people outside of a market are often very capable of recognizing where that market is impacting them.

2
1
h4rm0ny
Silver badge

Re: Nobody knows anything

>>"Not really a surprise that Worstall gets the author of Lord of the Flies confused with the writer of The Princess Bride."

I don't know much about the VFX industry, but I do know that every time Worstall has blundered into an area that I do know about with one of his polemics, his analysis has been shallow, misguided and above all, setting out to prove his desired conclusion. So I can well believe your post. Honestly, there's always that difficult choice when I see a Worstall article as to whether to read it and reward him with clicks but have the opportunity to correct the worst of his excesses, or play the long game and hope not reading will eventually mean he goes away.

VFX studios keep going bust because they run below capacity, do they? That might harm some investors yet somehow doesn't seem to be harming the market as VFX continues to become ever cheaper and more commonplace. That is likely the greater reason - IT investments depreciate quickly and with the rate of progress in VFX by the time you are set up and ready, you have a very limited window because your next competitor springs up without the weight of investment in legacy technology holding them down. You spend ten million dollars on your hardware and software (and to some extent staff as skills also depreciate in a fast-moving sector), and six years later whilst you're still paying that off, someone else spends ten million dollars on hardware and software and new hires and they're better equipped than you are.

Normally start-up costs are significant barrier to entry. But when your investment depreciates with time, that offsets it to a surprising extent. A second factor is staff retention. In a growing market, staff have supreme mobility. And the VFX market is growing and healthy.

9
7

Windows and OS X are malware, claims Richard Stallman

h4rm0ny
Silver badge

Re: Shut it you tedious old windbag

>>"Along with being bright enough to see Minix and copy the idea"

Hmmm. Windows seems to have been pretty successful. I'll copy their idea and then I'll be rich too.

Step 1. Look at what they've done.

Step 3. Sell my own version.

I seem to be missing a step. Never mind, I'm sure it's trivial - riches here I come! :D

0
0

Forums

Biting the hand that feeds IT © 1998–2018