* Posts by Anonymous South African Coward

1896 posts • joined 6 Jan 2010

Ghost in the DCL shell: OpenVMS, touted as ultra reliable, had a local root hole for 30 years

Anonymous South African Coward Silver badge

And now we wait for other old OS'es to be tested for exploits...

Morrisons launches bizarre Yorkshire Pudding pizza thing

Anonymous South African Coward Silver badge

Anybody got a foolproof Yorkie Pud recipe?

I now want to try making my own (the traditional way).

Anonymous South African Coward Silver badge

Take a Yorkie and fill it with biltong (dried beef) and give to Reg hacks as survival rations when attending the release of new and wonderful iThings.

Stepfather used to make wonderful and proper Yorkies (with sauce) but I never got a chance to try out his recipe as he passed away.

OpenWall unveils kernel protection project

Anonymous South African Coward Silver badge

I have to assume they will also cater for updates, especially to the kernel etc? And how to handle it, especially if it is a headerless server running in some inaccessible place.

Still remember the irritation of having to approve applications with some windows firewall/antivirus especially after windowsupdate did its thing (think it was zonealarm).

‘I crashed a rack full of servers with my butt’

Anonymous South African Coward Silver badge

Re: L-shape

Ponder Stibbons have noted your comment with distaste, and want to take you on a tour of Hex's facilities.

Anonymous South African Coward Silver badge

How many times would I told an user to "keep on saving your work, F2 (Turbo Pascal's shortcut to save) will do it"... only to have said user ignore my advice blithely, carry on typing a beautiful and perfectly working program, only to have the PC crash.... (It was my experience with programs and PC's to keep on saving frequently, especially when doing Turbo Assembler stuff. Back then there was no virtual machines).

v2 of the same program was buggy and full of errors. Shame. NOT.

Anonymous South African Coward Silver badge

Re: Just finger trouble

Hah, I played around with Smoothwall back then.

The tower case (which was the Smoothwall) was conveniently next to my work desk.

Daughter was crawling around all over the place, she saw the tall, white box with blinkenlights, and she did a gefingerpoken at the reset button.

Daddy was NOT amused :)

I disconnected the actual reset and power button cables from the motherboard, then set the motherboard's BIOS settings to turn itself on when power was restored.

Then it was simple - shut it down, it'll power off, and switch off at the wall. When I want to use it again, power on at the wall and the PC'll start up again.

Little fingers still poked the buttons afterwards, but nothing happened. :)

Shopper f-bombed PC shop staff, so they mocked her with too-polite tech tutorial

Anonymous South African Coward Silver badge

Nah, Clippy's too docile for that.

Bob the Angry Flower... now that's something different... and that need to be installed on a LOT of PC's...

No Windows 10, no Office 2019, says Microsoft

Anonymous South African Coward Silver badge

Time for OpenOffice, LibreOffice and any other Office variant to come in and take M$Office's place then?

I expect not a lot of people will be willing to upgrade to Win10.

Oh, and waiting for Bombasic Bob to make a comment :)

$14bn tax hit, Surface Pro screens keep dying – but it's not all good news at Microsoft

Anonymous South African Coward Silver badge

And expect problems and issues like this to start spreading like rot to other tablets, phablets, phones and other fondleslab thingies, because they all want to make it "smaller, thinner and flatter whatever", cramming more components per square mm which will generate more heat and cause more issues.

Myself, it does not bother me if the fondleslab device is a bit on the big and chunky side, to allow for proper cooling of the components.

Having the thinnest, flattest thing is totally overrated.

Ignore that FBI. We're the real FBI, says the FBI that's totally the FBI

Anonymous South African Coward Silver badge

Re: Ignore them.

Bog paper - what constitutes a very good foundation for bog paper? Youse standard printerer paper is too shiny, hard and offers no grip, and have a very low adsorption rate.

Crypto-jackers slip Coinhive mining code into YouTube site ads

Anonymous South African Coward Silver badge

I would not worry about that - there are ways and means, maybe start using a text-based browser that'll somehow get the content sans ads.

Currently ads go to /dev/eyeballs/null but with bad things like this, ads can gladly go to /dev/null

Anonymous South African Coward Silver badge

That's done it.

Will install a content-filter firewall doohicky on Mint, as a plain Mikrotik just doesn't cut it anymore.

Will have to make a plan with certain sites though. Meh. Bah and humbug.

Windows Defender will strap pushy scareware to its ass-kicker machine

Anonymous South African Coward Silver badge

It should entirely be possible to get the location of the ne'er-do-well with extensive crossreffing from the wibbly wobbly webz, then lob a Tsar Bomba into said ne'er-do-well's general direction, which should stop spamz and general tomfoolery from said ne'er-do-well for good.

Of course, collateral damage and fallout may be a small issue...

Crowdfunding small print binned as Retro Computers Ltd loses court refund action

Anonymous South African Coward Silver badge

Sad that this should end like this.

Ruins everybody's day in the end.

Are you taking the peacock? United Airlines deny flight to 'emotional support' bird

Anonymous South African Coward Silver badge

Special Snowlfakes at it again, wanting a "safe space" for themselves, and using their pets to do so?

Pfft, airlines should put their foot down and ban "emotional support animals" altogether. Too high a risk in a confined area moving at speed and at high altitude.

Cisco gives intent-based networking a third leg to stand on

Anonymous South African Coward Silver badge

You'll need a couple of Tetragrammaton Clerics to assist you then.

Borked bog forces flight carrying 83 plumbers to bug out back to base

Anonymous South African Coward Silver badge

83 plumbers on a plane

one fell down the bog

82 plumbers on a plane

one fell down the bog

81 plumbers on a plane

...

...

...

...

Scammers become the scammed: Ransomware payments diverted with Tor proxy trickery

Anonymous South African Coward Silver badge

Just plain nasty.

HP coughs up $6.5m to make dodgy laptop display lawsuit go away

Anonymous South African Coward Silver badge

Why is it that cheap laptops practically last next to forever, but the more expensive ones b0rk themselves just out of warranty?

Had a Gigabyte W565M laptop with Vista preinstalled - rock solid, surprisingly. Upgraded to Windows7, and it was even better. When the infamous Win10 upgrade trojan rolled around for a call, I blocked it with Never10 as I was happy with Win7.

Still is chugging along, a bit of a slowpoke in comparision to others, but what the hey, it still works, and doesn't have funky issues. Kids play their games on it, so it is still good for something. :)

Fella faked Cisco, Microsoft gear death – then sold replacement kit for millions, say Feds

Anonymous South African Coward Silver badge

Common sense tells that you issue new kit only after you have received the broken/defective/BOFH'd piece of kit...

This kind of shenanigans will make some vendor lock their processes down, making it more difficult for honest IT types to make a living, especially with a client (and large network base) down due to a borked server/switch/whatever which need to be exchanged first for a replacement before everything can be fixed, instead of getting a replacement first, getting the client up and running, and then sending the borked POS kit back to the supplier....

US Pentagon scrambles after Strava base leaks. Here's a summary of the new rules: 'Secure that s***, Hudson!'

Anonymous South African Coward Silver badge

Dabbsy article in El Reg this Friday? Should be a real hoot :)

Maybe you should've stuck with NetWare: Hijackers can bypass Active Directory controls

Anonymous South African Coward Silver badge

OS/2 Warp LAN server any better? :p

Netware 3.12 was an absolute joy to admin and run, rock-solid and reliable until somebody get admin rights and allow a pesky DOS virus to overwrite all the DOS Netware apps and files :)

And ncsnipes! (it is an android app btw)

A file and printering server should be just that - file and printering server... not an application server, which should be something totally different and on different hardware.

But beancountery things want less servers in the server room, so it means one big, beefy PC to host multiple VM's, all with their own quirks and Spectre vulns...

Sysadmin crashed computer recording data from active space probe

Anonymous South African Coward Silver badge

Re: Hmmm ...

Fun and games to be had by playing the game of hunt-the-terminator on unknown installs and large sites...

Anonymous South African Coward Silver badge

Ahhh, which reminds me of this gem :

rm -rf / [folklore] [home] [search]

Such things happened at least once to every unix person... To me it happened on February 1, 2000, after several years of heavy Unix usage/administration, when I was damn confident in myself and just leniently smiled on all these for-clueless-newbies warnings about not doing things as root.

In the middle of the working day, being a root on the main NFS server containing all user homes, sitting in /home/some_user, I typed chown -R some_user .* and stopped it in 15-20 seconds when realized that something is going wrong. But you know, that server was really fast and permissions of the good half of the whole user space have been modified. (I recovered of course - by the price of my lunch time).

Anyway, the following classic article from Mario Wolczko describing much more interesting case first appeared on Usenet in 1986.

Have you ever left your terminal logged in, only to find when you came back to it that a (supposed) friend had typed rm -rf ~/* and was hovering over the keyboard with threats along the lines of "lend me a fiver 'til Thursday, or I hit return"? Undoubtedly the person in question would not have had the nerve to inflict such a trauma upon you, and was doing it in jest. So you've probably never experienced the worst of such disasters...

It was a quiet Wednesday afternoon. Wednesday, 1st October, 15:15 BST, to be precise, when Peter, an office-mate of mine, leaned away from his terminal and said to me, "Mario, I'm having a little trouble sending mail." Knowing that msg was capable of confusing even the most capable of people, I sauntered over to his terminal to see what was wrong. A strange error message of the form (I forget the exact details) "cannot access /foo/bar for userid 147" had been issued by msg. My first thought was "Who's userid 147?; the sender of the message, the destination, or what?" So I leant over to another terminal, already logged in, and typed grep 147 /etc/passwd only to receive the response /etc/passwd: No such file or directory. Instantly, I guessed that something was amiss. This was confirmed when in response to ls /etc I got ls: not found.

I suggested to Peter that it would be a good idea not to try anything for a while, and went off to find our system manager.

When I arrived at his office, his door was ajar, and within ten seconds I realised what the problem was. James, our manager, was sat down, head in hands, hands between knees, as one whose world has just come to an end. Our newly-appointed system programmer, Neil, was beside him, gazing listlessly at the screen of his terminal. And at the top of the screen I spied the following lines:

# cd

# rm -rf *

Oh, shit, I thought. That would just about explain it.

I can't remember what happened in the succeeding minutes; my memory is just a blur. I do remember trying ls (again), ps, who and maybe a few other commands beside, all to no avail. The next thing I remember was being at my terminal again (a multi-window graphics terminal), and typing

cd /

echo *

I owe a debt of thanks to David Korn for making echo a built-in of his shell; needless to say, /bin, together with /bin/echo, had been deleted. What transpired in the next few minutes was that /dev, /etc and /lib had also gone in their entirety; fortunately Neil had interrupted rm while it was somewhere down below /news, and /tmp, /usr and /users were all untouched.

Meanwhile James had made for our tape cupboard and had retrieved what claimed to be a dump tape of the root filesystem, taken four weeks earlier. The pressing question was, "How do we recover the contents of the tape?". Not only had we lost /etc/restore, but all of the device entries for the tape deck had vanished. And where does mknod live? You guessed it, /etc. How about recovery across Ethernet of any of this from another VAX? Well, /bin/tar had gone, and thoughtfully the Berkeley people had put rcp in /bin in the 4.3 distribution. What's more, none of the Ether stuff wanted to know without /etc/hosts at least. We found a version of cpio in /usr/local, but that was unlikely to do us any good without a tape deck.

Alternatively, we could get the boot tape out and rebuild the root filesystem, but neither James nor Neil had done that before, and we weren't sure that the first thing to happen would be that the whole disk would be re-formatted, losing all our user files. (We take dumps of the user files every Thursday; by Murphy's Law this had to happen on a Wednesday). Another solution might be to borrow a disk from another VAX, boot off that, and tidy up later, but that would have entailed calling the DEC engineer out, at the very least. We had a number of users in the final throes of writing up PhD theses and the loss of a maybe a weeks' work (not to mention the machine down time) was unthinkable.

So, what to do? The next idea was to write a program to make a device descriptor for the tape deck, but we all know where cc, as and ld live. Or maybe make skeletal entries for /etc/passwd, /etc/hosts and so on, so that /usr/bin/ftp would work. By sheer luck, I had a gnu emacs still running in one of my windows, which we could use to create passwd, etc., but the first step was to create a directory to put them in. Of course /bin/mkdir had gone, and so had /bin/mv, so we couldn't rename /tmp to /etc. However, this looked like a reasonable line of attack.

By now we had been joined by Alasdair, our resident UNIX guru, and as luck would have it, someone who knows VAX assembler. So our plan became this: write a program in assembler which would either rename /tmp to /etc, or make /etc, assemble it on another VAX, uuencode it, type in the uuencoded file using my gnu, uudecode it (some bright spark had thought to put uudecode in /usr/bin), run it, and hey presto, it would all be plain sailing from there. By yet another miracle of good fortune, the terminal from which the damage had been done was still su'd to root (su is in /bin, remember?), so at least we stood a chance of all this working.

Off we set on our merry way, and within only an hour we had managed to concoct the dozen or so lines of assembler to create /etc. The stripped binary was only 76 bytes long, so we converted it to hex (slightly more readable than the output of uuencode), and typed it in using my editor. If any of you ever have the same problem, here's the hex for future reference:

070100002c000000000000000000000000000000000000000000000000000000 0000dd8fff010000dd8f27000000fb02ef07000000fb01ef070000000000bc8f 8800040000bc012f65746300

I had a handy program around (doesn't everybody?) for converting ASCII hex to binary, and the output of /usr/bin/sum tallied with our original binary. But hang on - how do you set execute permission without /bin/chmod? A few seconds thought (which as usual, lasted a couple of minutes) suggested that we write the binary on top of an already existing binary, owned by me... problem solved.

So along we trotted to the terminal with the root login, carefully remembered to set the umask to 0 (so that I could create files in it using my gnu), and ran the binary. So now we had a /etc, writable by all. From there it was but a few easy steps to creating passwd, hosts, services, protocols, (etc), and then ftp was willing to play ball. Then we recovered the contents of /bin across the ether (it's amazing how much you come to miss ls after just a few, short hours), and selected files from /etc. The key file was /etc/rrestore, with which we recovered /dev from the dump tape, and the rest is history.

Now, you're asking yourself (as I am), what's the moral of this story? Well, for one thing, you must always remember the immortal words, DON'T PANIC. Our initial reaction was to reboot the machine and try everything as single user, but it's unlikely it would have come up without /etc/init and /bin/sh. Rational thought saved us from this one.

The next thing to remember is that UNIX tools really can be put to unusual purposes. Even without my gnuemacs, we could have survived by using, say, /usr/bin/grep as a substitute for /bin/cat.

And the final thing is, it's amazing how much of the system you can delete without it falling apart completely. Apart from the fact that nobody could login (/bin/login?), and most of the useful commands had gone, everything else seemed normal. Of course, some things can't stand life without say /etc/termcap, or /dev/kmem, or /etc/utmp, but by and large it all hangs together.

I shall leave you with this question: if you were placed in the same situation, and had the presence of mind that always comes with hindsight, could you have got out of it in a simpler or easier way?

Anonymous South African Coward Silver badge

Re: Houston, we have a problem.

Special delivery from Ankh-Morpork of dryd frorg pills just for you.

Acronis: Ransomware protection! Get yer free ransomware protection!

Anonymous South African Coward Silver badge
Trollface

Easy way to foil ransomware is to rename all your .TXT and .DOC and so on to .EXE and .COM

Anonymous South African Coward Silver badge

Ne'er-do-wells and their blasted ransomware... what will they think of next?

Virgin Media skulks in disused public toilets

Anonymous South African Coward Silver badge

Here in Guptastan all the kit would have been blagged yonkers ago...

User stepped on mouse, complained pedal wasn’t making PC go faster

Anonymous South African Coward Silver badge
Trollface

So... no rumpypumpy for you then?

IT 'heroes' saved Maersk from NotPetya with ten-day reinstallation bliz

Anonymous South African Coward Silver badge

Re: I hope

I had to recover an AD site once, it had only one PDC, no BDC's, but luckily there was a recent backup made of the PDC (Server2k3 and NTBackup).

Process was to reinstall Server2k3 on a clean server, run ntbackup to restore the AD backup, and we were back in business again. Only niggle was hoping that Windows Activation would go through as I was not in the mood to faff around with that - but it went through just fine. I then set up a BDC just in case, but still continue to make backups from the PDC juuuust in case.

And recovering the forest is no biggie as there's about 60 users - but a backup and BDC makes things so much easier.

But yes, forest recovery, especially with multiple sites and domains need to be addressed. Setting it all up from scratch by hand leads to errors and mistakes if due care is not taken.

Anonymous South African Coward Silver badge

Re: 20% drop going to manual

Beancounters are the natural enemy of the BOFH... Death to all things Beancountery! :) :p

Anonymous South African Coward Silver badge

Re: 'internet was not designed to support the applications that now rely on it'

So 20% drop = $300m less?

Boggles the mind...

Anonymous South African Coward Silver badge

How did they managed it? I would love to hear the side of things from an IT techie... it is stunning... the mind just boggles.

Camels disqualified from Saudi beauty contest for Botox-enhanced pouts

Anonymous South African Coward Silver badge

Re: Just remind us - what's the IT angle here?

Indeed. We need a break from reality with a good dose of silliness and random stuff.

Anonymous South African Coward Silver badge

Showed my wife this humps with botox article.

She had a WTF look on her face. Priceless.

Anonymous South African Coward Silver badge

Re: I seem to recall...

Cud cudcud cud cud cud cudcudcud?

Anonymous South African Coward Silver badge
Thumb Up

Had my laugh for the day.

Thanks! :D

IBM UK's pre-Xmas GTS head-chop: THWACK! Is that it?

Anonymous South African Coward Silver badge
Happy

Re: Wrong animal?

I just hope that it's not a dead cat bounce.

Schrödinger's cat? Or Greebo?

Serverless: Should we be scared? Maybe. Is it a silly name? Possibly

Anonymous South African Coward Silver badge

Re: Oh, shit...

It really is a load of bollocks, if you want to play something small (like pixel dungeon) you have to wade through thousands of similar crapware before finding the one you want. And risk getting a trojan/worm along the way.

I have my favourites - oceanhorn, two pixel dungeon variants (damn that permadeath) and three or so other RPG games. And Marvin (Speccy emulator) in case I am stuck in a boredroom meeting which went past its sell-by time and is dragged out by some self-righteous pompous troubadour, then I can just keep myself busy for a while until said pompous troubadour finishes said boring performance and we can escape.

Anonymous South African Coward Silver badge

At the core of it, serverless means that those building applications no longer have to care about how their applications do what they do, they just have to tell the applications what to do. That’s revolutionary. And it opens up really complex application development to people who never could have done this before.

One great example of the power of serverless is Bulk Data Computational Analysis (BDCA). I can take a windows admin who can barely write batch files – they don't even have to know how to use PowerShell – and inside of a day, I could have them writing voice recognition apps. Our hypothetical novice developer can slap a fully functional voice recognition app using little more than code snippets from Stack Exchange and some public sample code from Amazon.

And that is the problem right there. A good coder will be able to recognize a problem (eg exploit or an embedded rm -rf / *) code within the copypasta - but the above windows admin will not know how to spot an exploit or the such, and will compile a big problem...

Keep in mind, ne'er-do-wells will think outside the box - and they will try to obfuscate their ne-er-do-well piece of sh*te code in such a way that it will looks as if it does X but actually does an rm -rf all over the place.

'The capacitors exploded, showering the lab in flaming confetti'

Anonymous South African Coward Silver badge

Re: Our transition from Windows 2000 to XP

Can attest to that.

Got a client with a W2k install, and needed to do an installation on their server. Opened the CD tray only to find it full of W2K CD shrapnel.

Decided to toss that CD-R drive and install a new CD-R drive rather...

Anonymous South African Coward Silver badge

Re: "Who Me?" should be the RSS feed title as well.

Upvoted for RSS feeds.

Or do El Reg need eyeballs rather?

[FAKE] NHS to upgrade from Speccies to Commodore 64's

Anonymous South African Coward Silver badge
Joke

[FAKE] NHS to upgrade from Speccies to Commodore 64's

http://newsthump.com/2017/05/15/government-pledge-to-upgrade-nhs-zx-spectrums-to-commodore-64s/

Never laughed so hard in my entire life XD

IBM turns panto villain as The Reg tells readers: 'It's behind you!'

Anonymous South African Coward Silver badge

Re: OS/2 still exists.

Recently there was an article in El Reg regarding a bare-metal OS/2. What happened to it?

I'm interested, but due to Rand/Dollar fluctuations I will not be able to afford a copy. :(

Anonymous South African Coward Silver badge

Newspeak - the IBM way.

Baywatch hero drone saves silly struggling swimmers Down Under from going down under

Anonymous South African Coward Silver badge
Pint

No doubt it also saves on helicopter fuel, wear and tear etc, and allow the big whirly to be used elsewhere.

*applause*

One for whoever thought this out and implemented it.

Have three WINEs this weekend, because WINE 3.0 has landed

Anonymous South African Coward Silver badge

So going to try out Indiana Jones' Desktop Adventures out...

Someone is touting a mobile, PC spyware platform called Dark Caracal to governments

Anonymous South African Coward Silver badge
Trollface

Re: Big Cats

Wild and wet ones too?

Red Hat slams into reverse on CPU fix for Spectre design blunder

Anonymous South African Coward Silver badge

ESXi/vmWare haven't been updated yet. Waiting for others to suss out the issues first.

Biting the hand that feeds IT © 1998–2019