Oh the irony
Of the tweeted link for this article, https://t.co/fmmX8bWkqj, not being resolvable!
70 posts • joined 12 Jun 2009
Of the tweeted link for this article, https://t.co/fmmX8bWkqj, not being resolvable!
You appear to have misunderstood all the words contained within the phrase "...I realise SSL in and of itself is not an overriding solution to web security..."
Let's Encrypt is a superb service. And one which is very necessary to help drive a more secure web.
I realise SSL in and of itself is not an overriding solution to web security but it is a linchpin. For a company to FREELY offer a way for you to add this layer of security to your websites is a big deal. At the least it removes the "I can't afford it" excuse.
It's young, yes and as such can be a bit labour intensive to set up but is actually very simple to implement, even on semi-unsupported platforms such as macOS.
So I echo the authors's sentiments; I use it and you should too.
Well, otherwise people would complain about a lack of IT angle.
To one of the consistently best IT journalists ever to coin a phrase.
You'll be missed, sir.
(though probably not by Apple)
I don't know why, I have no use for it but it's a total I WANT!
I suppose, like others, I just harbour dreams of having my own Bond Villain pad.
And the instructions provided as a .docx.
Wow, I mean a PDF or a bloody web page would have been too hard. A .docx, I'm... I'm...
I'm a Mac user, I have my own problems.
"...If you've been summoned to tackle the trivial..." I'm tempted to say "Whenever I've been asked to help a user." But that would just be churlish, right?
I have 2 of them from 2 different last mile providers (same ISP) coming into the building from different directions. I wanted them coming into different ends of the building but that'd have cost me £50k in construction, so that got nixed.
It's not perfect, but it's better than many people I know.
I have Mac Pros in my server room, does that count as weird shaped kit? :-)
I am currently in the process of ripping out my entire network and getting a new one installed. Part of the UAT I specified was that I'd go around randomly unplugging things and see at what point it fails. It's a genuinely valid methodology for testing (given you think about what you actually want to test for, of course) IMO.
I think a lot of management types forget, overlook or just plain don't understand 2 very good points also raised by this article.
1. IT types generally learn by doing (I sure as hell do)
2. Having IT types who have learned - and know what's what - is extremely good for your business in the long term.
Sadly, this is overlooked in the name of economy (of the false kind) and efficiency (of the false kind). I mean; who wants to waste money and time letting your own people learn by doing when you can get a consultant in and not have to waste a minute or a penny?
A fantastic article, thank you.
[edit for spelling]
My wife bought me a Speedmaster for my 40th. I saw one at Cape Canaveral in the late 70s and wanted one for the following 30 years. I also have a limited edition Sturmanskie of the type (allegedly, who knows) used by Comrade Gagarin.
Fair to say I like space watches, now I have to raise a meelion dollars?
Yep, wrong, on my phone and misread ASR for ASA. Time for reading glasses...
If this is the same DoS bug as recounted here, http://redd.it/3excu7 then yes, it's been seen in the wild!
OK, so I have to admit this is what I have. Virgin 120mb/s with their box in modem mode and another router/firewall doing the heavy lifting. I also have my own DNS (& DHCP) server for resolving some stuff on the local network and pointing at Google for the rest of it. Hence I've never been subjected to Virgin's DNS issues (as far as I'm aware).
The reason I asked the question as to whether TalkTalk intercepted outgoing port 53/DNS traffic and re-routed it to their own servers is that I see that breaking a lot of things quite badly. It's bad enough not returning NXDomain when you should if someone is using your DNS servers but to intercept traffic destined for someone else's DNS servers and munging it is unforgivable.
I sincerely hope this is NOT what's happening. (I accept that it likely is not)
Can't you just switch to using someone else's DNS on your local machine?
Does it hijack all traffic outbound on port 53 and redirect it? If so WHAT THE HELL?!
Yep, my wife called me to alert me to all the fun she was having on the Forbes website.
HA! I see what you did there!
Wow! I'm honoured.
(At least it WAS. I don't know how those posts which now appear above me got there...)
The reason for not having a Target Monitor mode is down to the fact it requires DisplayPort 1.3 to drive it and Thunderbolt 2 only supports DisplayPort 1.2. Something to do with the sheer amount of bandwidth the display needs to move all those pixels.
"...Pushing this many pixels requires more bandwidth than DisplayPort 1.2 offers, which is what Thunderbolt 2 ports use for outputting video signals. (I wrote about this a few times.) Doing it right will require waiting until DisplayPort 1.3 in Thunderbolt 3 on Broadwell’s successor, Skylake, which isn’t supposed to come out for at least another year — and Intel is even worse at estimating ship dates than I am, so it’s likely to be longer..."
OKOKOK, 10.5 :-)
I don't think the story is "Upcoming operating system may have copied features from a rival operating system!" I think it's far more "World's most prevalent Operating System finally gets feature everyone else has had the advantage of for a very long time, what took them so long?"
And Mac OS X has had it since 10.7 (3 years or so).
(And now I go reading the comments I see I'm not the first. Not that I expected to be.)
These are all good questions which can be summarised by the question: "What is your aim?"
Do you want the info for troubleshooting? Compliance reasons? To catch someone you suspect of doing something naughty? How you answer these should dictate how much importance you put on each aspect of the task.
For instance if you're trying to understand who is using the most bandwidth and which sites they're using then it MIGHT be a better solution to upgrade to a router/firewall that can gather these statistics for you if you don't have one already (I haven't read the other article yet). Most home routers these days and certainly the lower cost 'business' routers seem to have this functionality.
You might find that your firewall/router also has the ability to do more detailed log capture/packet analysis and send the results to a log server which could be one of the internal PCs which you SSH into and SCP the files from OR you could get it to log to YOUR server, wherever that might be.
There are many options. And the more I think of it the more I can come up with but the key question remains: "What is your aim?"
I know you said "...Installing a server to do the sniffing probably isn't an option..." so I'm going to take the 'probably' bit and run with it. Also, in the time it takes me to type this up ninety-eleven other people are bound to have said the same thing.
I think this is probably exactly the kind of thing a Raspberry Pi running Wireshark would excel at. It'd allow you to SSH in to SCP the dump files for analysis, it's small with low power requirements and importantly it's very low cost.
It's true though that if you wanted to capture ALL traffic on the local layer 2 segment then you'd have to have (as I understand it) a switch that can mirror traffic from other ports to the one the Pi is attached to otherwise all you'll be able to pick up is broadcast traffic. Also, with regard to inbound and outbound traffic you'd need to find a way to use the Pi as a router and pass the out/in bound traffic over NICs attached to it which would mean using a USB to Ethernet adapter and I have no experience using one of them with a Pi.
I believe to train drivers this means 'Signal Passed At Danger' (i.e. jumping a red)
Which fits here too.
I used to do some IT support for the boffins at NPL (and I'd like to take the opportunity to say what a fantastic bunch of chaps and chapesses they are!) and the one thing that I found amazing was they could - and WOULD - measure anything.
I think the story goes like this (I heard it Nth hand): One of the boffins asked one of the designers how long a brochure or leaflet or somesuch would take to complete "Oh, well, how long is a piece of string?" came the reply. About a week later a small wooden box was delivered to the head of the design department containing a piece of string and an official certificate saying something along the lines of "A piece of string. Length: 97.914mm" and a typed note saying "So, how long until I get my brochure?"
The story may well be apocryphal but I have a photo of the piece of string in its box and the certificate somewhere. (Though I may have misremembered the exact length, it was to 3 decimal places!)
What a wonderful bunch!
Listen up, this is IMPORTANT people. What you need to do is disable Mission Control's use of f12 to bring up the Dashboard. SO pop on over to System Preferences>Mission Control and from the popup menu next to 'Show Dashboard' choose the -
Then, to load the disk you've selected in the emulator press - by default- [shift]-[fn]-[f12] OR if you've selected 'Use all F1, F2, etc. keys as standard function keys' in System Preferences>Keyboard, you can leave out the [fn] key press.
I'm no expert but...
On a cursory read-through it does seem to me that they're not normalising (or whatever you want to call it, I did say I'm not an expert) their data before doing an analysis of it. This is bound to throw the numbers off somewhat.
Also, what others said above me, the duty cycle and usage hasn't really been taken into consideration.
Except that she had problems and I didn't.
Now if only there was a stop/go icon.
"Common Sense" (not all that common and not always sensible) says to me 'Not practically or cost effectivly with current tech'.
If you were able, like IBM, to manipulate things at the atomic/molecular level then 'maybe'.
There's so much egg on his face he MUST have been yolking!
What? It wasn't that bad a joke, was it?
(Thanks for the thumbs ups!)
I should point out that far from being the abject failure the (now deceased) teacher predicted, I'm IT Manager at a large company and am doing pretty well for myself.
This, to the power of eleventybillion!
We need an "El Reg Unit of Agreement" that I can use here.
I tend to tell people that if they want me to stop/change subjects to tell me firmly that 'That's enough of that subject". I'm not going to be offended as I KNOW I go on but you have to be clear about it and say what you mean as if you use a euphemism or just hint at it I'm really unlikely to notice.
After 40 years of not quite getting 'life' I was finally diagnosed with Asperger's last year. And was promptly sacked when I told my employer. (that's dealt with, amicably).
So now I'm back to square one with '...[he has] no valid excuse for his behaviour and actions other than being a bloody minded, stubborn hellion of a child who will find no place at this school or in society if he doesn't buck his ideas up very quickly indeed..." as one teacher so eloquently put it when I was 7.
It's too hot for a coat, I'll just go, then, shall I?
That disk failure can cause such a problem. Do you not make sure that your data is replicated across multiple storage devices/sites/tapes/whatever? You might call it backup, archiving or simply 'making a copy' but don't these people think in terms of full redundancy of complete datasets?
Yes, I know the bean counters don't like it, but isn't being laughed out of the business worse than spending the money to ensure you have a stable platform on which to offer your services?
I often think in cases like this it must be much more than a failed disk or 3.
At the end of line 10 and instead of it printing:
All in a single column you'd get a screenful of:
BOLLOCKS BOLLOCKS BOLLOCKS BOLLO
CKS BOLLOCKS BOLLOCKS BOLLOCKS B
OLLOCKS BOLLOCKS BOLLOCKS BOLLOC
KS BOLLOCKS BOLLOCKS BOLLOCKS BO
LLOCKS BOLLOCKS BOLLOCKS BOLLOCK
S BOLLOCKS BOLLOCKS BOLLOCKS BOL
(at least BBC Basic did and I think the Speccy was the same)
Then in that case there's a perfect ascii representation of; this comment, ^ that comment and v that one, too.
Even to the pyto I just made and the rong spelling and bad grammar.
The infinite nature of π has a lot to answer for!
I'd guess two things factor in that. 1) Cost and 2) Licensing.
Running a bunch of caching servers and the associated storage 'locally' on their network will mean they have to pay for the kit, pay to put it somewhere, pay to power it and pay someone to keep it ticking over. Not a small undertaking.
As for licensing, I'm sure that there's some legal gubbins to be sorted out when copying and storing that much copyrighted (copywritten?) material. Virgin being a big telly provider may well have the legals sorted out in the same way they do for providing the 'live' BBC telly stream.
I think I can implement that between floors in my building with minimal loss in bandwidth merely by sending larger packets!
I understand that from a business perspective the exact reasons for the titsup may not be good to disclose. Companies automatically go into face-save mode and make statements and quote statistics proving how rare such things are etc.
The problem I see with that is the lack of information sharing. They use off the shelf products in a configuration probably quite similar to other people. If they were to say "Hey guys, we had X and Y in Z config but when X did A and Y did B then Z went pop!" then we all could learn about nasty gotchas.
Yes, I know the problems with that include, but are not limited to; Trade Secrets or maybe having a stupid setup you don't want to admit to.
Oh, OK. I'm just a dreamer who lives in a fantasy world of people helping each other out.
...Writing like that is why we love El Reg.
(Paris, because *she'll* finish you off)
My wife's company and my friend's company. Also some users I know in continental Europe and South Africa.
Not that EVERY problem is necessarily related to the current issue bit I think it's quite widespread.
"Microsoft buys Skype and it all goes tits-up". Truth is it may have nothing to do with Microsoft at all, but it's what we're all thinking, isn't it?
...She wouldn't have laughed seeing someone else doing the same thing?
Anyway, she got up immediately and walked away as if nothing had happened. Why would security have to go and check on her? It's not as if they left her floating face down in the fountain for those 20 minutes. To me she was demonstrably OK, she showed no signs of distress, just mild embarrassment.
Why do people seem to be unable to take responsibility for their own actions?
David Gibbons yet.
His surname is Borker?
What do you call it when your name reflects what you do?
Biting the hand that feeds IT © 1998–2017