Re: Disable TFTP services
104 posts • joined 12 May 2010
"For those with functioning vision there's little difference except 'signature lights' . For those without, the tyre and wind sounds are still notable at any speed of consequence (20 mph upwards)."
I have a few blind friends. Vehicle sounds are how they identify if it's safe to cross a street or a driveway or walk through a parking lot. It's how they know when the light changes, and when to prompt their guide dog to attempt to cross. Drivers don't expect that pedestrians might have low vision, so the burden is really all on the pedestrian. And yes, drivers do run over white canes in their haste to cut off a pedestrian in the crosswalk.
As for "speed of consequence" I'll ask around what people consider consequential as they're run over. Maybe blind people are trained to withstand impacts up to 20 mph.
My clutch pedal started squeaking and groaning. I cured that with a few shots of silicone grease where the pedal arm rotates against the bracket. (Silicone grease won't destroy the hydraulic seal that's exposed a few inches behind this.)
I'm not the first person to do this.
I really hope I didn't create electrical problems under the dashboard.
In a similar vein, I once bought tires, and double-checked my receipt while walking over to my car. They had charged me the extra warranty which I had carefully refused multiple times.
I returned and the salesman was busy and asked me to wait in the rather long line.
I parked my car across both of their bays, walked back inside, and told the salesman I was in no hurry and would wait for the manager. I sat down with some brochures.
The store manager was very helpful, promptly fixed the charge, and apologized for the trouble.
Sometimes it helps to establish a mutual interest in solving the problem. Sales is one way to do that.
I have no use for this stuff either, but some people do.
A blind friend manages home lighting through IoT. Lamps are plugged into smart plugs. "Alexa, turn off kitchen light."
Before this, the lights would be turned on for (or by) visitors and forgotten.
If I were caring for a frail relative, I'd love a smart thermostat, even knowing the risks. And if that service suddenly failed, it would be more than a minor inconvenience.
It already did.
A few years ago, Toyota made the news after several of their vehicles crashed at high speed. In one horrifying case, a passenger called 911 for advice as the car accelerated out of control.
The proximal cause was stuck throttles.
This failure mode is easily managed by shifting into neutral to disengage the engine. Some drivers did this, some did not. Some of my friends were terrified this might happen to them. They simply had never been told how to deal with such a situation and did not have the systems knowledge to figure it out themselves.
Operators must be trained and skilled to manage the systems they are responsible for.
I've had RAID appliances and home servers for years that are 'always on'...until the electricity goes out. The UPS gives me about 20 minutes to shut things down nicely.
Unless Western Digital have a UPS monitor for this box, or designed it to prevent data loss (internal battery for the RAM, caps or battery to gracefully shut down the drives), it needs a power switch that can be found and used by someone in underpants stumbling in dim light, and which doesn't require WiFi to operate.
This new My Cloud looks like a step up from their previous offerings. iSyncing aside, I'm impressed.
"a fraction of the hardware/software specs and versatility."
I think that's actually the point. It's not the whole Internet on a steno pad, it's a television videophone. Different demographic.
Despite all the fluff about "haptic feedback" in games, haptic design is really a thing. Knobs and buttons and switches are legit.
I already know a few people who could use this, once it's ready for release.
"As long you're a CORPORATION."
You have that backwards, or replied to the wrong story.
This act is "To prohibit the use of certain clauses in form contracts that restrict the ability of a consumer to communicate regarding the goods or services offered in interstate commerce that were the subject of the contract, and for other purposes."
"That's some exageration right there. DNS is not required for the internet to work. Sure stuff will break because of its reliance on DNS, but the whole of the internet? seriously? it will just cut you off? lol"
You'd be surprised* how few Internet services use hardcoded IP addresses. How load balancers rely on DNS. And web sites and email. And database connectors, monitoring, backups, host administration, logging, IDP, and cloud...everything. Yes, the Internet relies on DNS resolution.
*not many would be surprised, but clearly you would be.
It sounds like your company lacks a desktop roadmap and that management doesn't consider desktop support to be a priority.
I understand why you would want to outsource those decisions. Maybe there's a less drastic way to do so.
Edit to add: Assets depreciate on a schedule. When the value of an asset reaches zero, it is written off (it may still be used, but it has no book value). If those Windows XP licenses aren't fully depreciated by now, I wonder about the accounting practices.
As mentioned above, why the HELL is systemd resolving names?
I'm no fan of systemd anyway; I'm okay with either BSD or SysV init, liked chkconfig in IRIX, and enjoy SMF in Solaris, it's just that systemd's reach exceeds its grasp.
Shades of Domain/OS where every function was a system call, and...edrgy. UNIX doesn't have to be so monolithic and brittle.
Indeed, there won't be as much evidence after so much time and seas.
The "black boxes" (you're right; they're orange) are sealed, durable, and located in the tail of the aircraft to best survive a crash. They're likely intact, and they won't degrade much in seawater. What has failed, though, are the locator beacons. It will be a real pill to find those black boxes now.
The aircraft...probably not much left of that, and they would probably retrieve only a few things. (In shallow water, it would be torn up and dispersed by heavy seas, and in deep water, hard to recover.)
The black boxes usually give enough information to model what happened, and make a theory about why. The Flight Data Recorder logs all instrument data (speed, altitude, fuel, attitude, temperatures, engine parameters, etc),warnings, control positions, and control inputs. That's enough to figure out what they plane did.
The Cockpit Voice Recorder logs all sounds from the flight deck, including conversation, bells and beeps, clicks and swooshes and similar sounds when someone pushes buttons or moves things. If both pilots are chatting about family and then there's a cacaphony of warning bells, that's obviously a different situation than if 1 pilot is heard ranting about Amelia Earhart while there's a muffled banging on the door in the background. Or if we hear labored breathing and 1 pilot asks the flight attendant to find a doctor. If the end is just computer noises, and the pilots were never heard leaving the flight deck, we might remember Payne Stewart.
Facetime with a sighted friend who will read the screen to you.
There's an iPhone app that senses light, so you can even tell when the screen lights up.
(Equivalent tools are no doubt available on Android and Windows Phone. It's just that all my blind friends use iPhones.)
I assume AWS is its own business unit. Most big (US) corporations that I've seen really do manage business units independently. That lets each BU react directly to the market (and thus compete more effectively than if it's micro-managed), and yes there are very strong legal and contractual reasons to keep the businesses separate. Even when there's a strong reason to coordinate, they're often just incapable of working across fiefdoms: Hanlon's Razor.
Sure, they all contribute to the corporate bottom line, but that's a financial aspect, not an operational one.
word_merchant wrote: "What they won't tell you - it's shit, unreliable, insecure and woefully expensive"
I'm curious to learn more. Can you give examples?
In my admittedly limited experience, Hosted Exchange is just what it says: Exchange Server, with all the protocols that includes, Outlook Web Access, and all the groupware features like contact lists, shared mailboxes (slick integration), hosted and shared calendars, etc.
It's been pretty reliable. Not perfect, but better than typical VPS.
Security I'm especially curious about, because it uses Azure AD as a back-end, HTTPS for Web, and TLS for email connections. What I've seen looks better than the usual hosted VPS (smaller attack surface, for one), but there's a lot that I don't know.
Cost is $5/month per Hosted Exchange mailbox. Shared mailboxes are free up to 50GB. For a small company, this is very competitive with a hosted VPS. Anything other than fully hosted requires IT Person With Clue, which is not cheap.
When I recommend a solution to a client, that's my name and reputation on the line. I hope you'll share what you know.
Wonderful article that really nails the risks. Thank you!
We recently migrated a client to Office 365. Small business, limited budget, existing IT was a bit ad-hoc. We have a lot of experience with email (I recently bonded with someone over RFC2822), but this was our first time with Office 365. We researched and prepared and tested and staged and documented and the migration was a success, but my god, the learning curve....
Wish we had read this article first. Keep writing!
"Flying is a piece of piss compared with driving. Nothing happens quickly, 1/2 km is considered a near miss so there is nothing to hit except the ground and it is pretty obvious where that is."
Quite a few accidents begin away from obstacles, and then "progress to the scene of the crash." I take your point, though, that driving in traffic has far less margin for error. A stranger in the next lane can lose attention for half a second and send 2 tons of Range Rover through your side door without warning.
Yes, I chose to compare the least competent automated system with the least experienced driver. then proposed that if the minimum standard is higher for computers, that's an improvement. It wouldn't be useful to compare the worst automated system with the average human. No weasels were injured in that explanation.
Humans certainly do learn! Even experienced drivers make stupid errors, though. And I'm not sure those mistakes are all novel ones. I suppose the automation manufacturer would "learn" during testing and real-world experience, program appropriate behavior, and then the behavior would be consistent across all cars equipped with that system, subject to updates. That's a scale of learning that's simply beyond human capacity.
Every time I shudder at the idea of fully automated cars, I consider how really bad humans are at driving, at calculating risk, and at evaluating ourselves.
If the worst automated car is better than the average teen with 2 months' experience, that's a step up. If it learns from mistakes, that's already better than the average human.
Risk from cyber attacks? Is that risk worse than a human who uses the Internet while driving?
If nothing else, automated cars permit objective regulation of driving behavior, something which we humans are unable to do.
We could learn from aviation, which uses automation very effectively. No, not fully automated driving, but Instrument Landing Systems, TCAS collision avoidance, GPWS warnings about terrain, FADEC engine controls, Fly By Wire which compensates for mechanical control problems, and a regulatory environment that requires manufacturers to prove the safety of their products.
Oh, and aviation considers any "accident" as a failure to be investigated and hopefully prevented in the future. In an automobile, if you drive on bald tires and then slide your car into oncoming traffic, that's an unforeseeable act of God. Car culture is no paragon of safety.
The Internet is incredibly useful and increasingly ubiquitous, and incomprehensibly complex, but (most of) our lives are rather broader than that.
Web sites are ephemeral, yes. That's always been true.
Online services offer you value, then hold your data hostage. Yes, this is why I know someone who still pays for AOL: she's had that email account since forever, and it is easier to rent it than to find everyone who might want to contact her to give them another email address. Also, years of email will disappear once the account is terminated.
Glitzy things value shiny over substance. This is as true at the supermarket check-stand as online.
Projects appear from nowhere and last until the creator loses interest. How many guys are forever "fixing" an old car or building a Wendy house, until one day it goes out by the curb?
Some people rely on smartphone apps to navigate wilderness areas, then get caught short. Such people got equally lost before smartphones, simply by going for a walk without being prepared.
Fundamentally, I spend most of my money with established businesses. I trust and listen to people whom I know. Sure, some people live on AirBnB and buy their groceries and gasoline from Groupon, but for most of us, I suspect that the Internet is merely one part of life and didn't replace everything. And it won't.
There are many likely ways this failed, but over-eager devs were probably not involved. They usually push for more time to finish, not less.
This was probably deployed to meet some external deadline: maybe to align with another project (to refresh the data center or critical people were required for something else to begin), or maybe just because the Magic Dart Board had set a date.
I've been part of projects like this. Honestly, I couldn't find any single point where they broke; the organization just lacked the cohesion, transparency, and values to succeed. Techs work on what they're given. Project managers try to deliver to the requirements. Managers juggle staff and schedule conflicts, and priorities that come through parallel channels. Senior execs make decisions based on information that they know will never be complete. And nobody has good scope or interface definitions.
Probably everyone has been through this meat-grinder before, and knows that there's no pot of gold at the end of the rainbow. Deliver, deploy, fix, apologize, survive for another day.
Wow, lots of well-formed concerns about this program. Thanks for the education!
I could easily see Walmart making this a voluntary — truly voluntary — program. They have nothing to lose. Some employees will jump for a little extra cash. When I worked retail, there was lots of fine print, and few employees really understood it. As a new hire, I was advised by other employees about where to be careful, and what is just management BS that everyone signs and it doesn't really matter.
Walmart could list all the risks and assign them to the employee in a wall of text. Those who read and understand it, would probably not run deliveries. Some others will happily deliver and tell coworkers about how much extra they made last week: what a great program!
TLDR: These benefits to employees are immediate; costs are not.
At a previous company, we did have a full-time electrician. When he wasn't fixing something, he was supervising an upgrade or replacement, designing future electrical buildouts, meeting with DC tenants to be sure we didn't overcommit the electrical supply, fixing stuff around the offices, and generally being Very Useful.
To be fair, we had more than 1 data center, with complex power requirements. Much like BA, come to think....
I've worked both as a direct employee and as a contractor. A company has much more control over direct employees.
It might be hard to transfer a domain to an entity that won't participate in the transfer. If he contacted RCL and asked them to do their part to take control of the domains (which would be easy to prove), then he should be in the clear. He simply released the asset after being warned it might be a liability.
This is why Boards get Directors and Officers insurance: if your name is there (or on an asset), you can be individually liable on behalf of the organization. If he were no longer shielded by the company, he really had to get his name off the list.
Bah. I want to be able to recommend a smartphone to people who just want, you know, a smartphone. That will work until it doesn't or they replace it.
I really thought that Google (brand) phones were a good answer. Seems they are not.
In this context, my iPhone is a better investment than I realized.
Ahaha. I remember the Bigfoots. Cheap and cheerful.
Nothing can replace my old full height ST423451W. I keep it around to scare kids and win arguments.
I've had a few experiences getting Seagate to RMA a drive that failed in hardware RAID but passed their SeaTools diagnostics. This new drive would have to be pretty cheap for me to consider it.
From the report, the aircraft was intact and fully operational until the autopilot balled it up. The autopilot responded to a normal situation — high on approach — by commanding control surfaces to deflect beyond that which was structurally safe for the airframe. (Va or such)
Yeah, I'd blame the autopilot as the proximal cause of this accident. Root cause would be something like "we put our best Python programmers on this project but forgot to include an aircraft engineer," but that's outside the scope of the FAA investigation.
"you are using an app, paying with a credit card and giving your GPS to the driver to find you... when and on what planet did anyone think that information was going to treated well and respected?"
When you put it like that, it's pretty dire. I do think though, that when I install an app, it shouldn't report my location unless and until it needs to locate me. When I use a credit card, I expect it to be processed through a normal credit card processor and that information like my CVV won't be stored with the merchant. Of course I want the driver to know where to pick me up, but that's a very limited audience (2 people) and I don't expect unknown others to be able to not only listen to that "conversation" but also to then track me across multiple transactions that involve different people.
Uber and Lyft have really opened opportunities for some friends who cannot drive. I don't rail against the services. I do, however, wonder if they're really doing all they should do to protect their customers (and by "should" I mean acting as they claim to and as they are required by law).
Quaker Oats became popular because they offered a consistent product in reliable measures. In other words, customers learned to trust their product quality.
This is important in computing too. Providers model expected demand and then build to it (with varying overcapacity). Customers buy a service as if it were guaranteed. If the provider fails to reliably meet expectations, they lose the trust of customers.
"Predictable quality of service" is a big deal. I'm interested to see how this works.
"Hey, remember that idiot who popped kernel.org a few years ago and put a trojan into Linux systems?" "Yeah, what of him?" "He's working for the city now, in lieu of prison." "Oh, that's nice. What's he doing?" "Installing Linux on thousands of computers that don't belong to him."
Businesses operate with imperfect tools in imperfect situations every day. The point is to find "good enough" and make money at it.
I think you raise some good points, but your dire predictions are not yet supported by either reality or common sense. If you propose viable and attractive alternatives to Windows, your opinions would have greater value.
Meanwhile, I can't recommend that businesses who rely on Quickbooks or Exchange/Outlook stop using Windows. I can't recommend that photographers change to Linux and leave Lightroom and Photoshop and all those plugins.
Biting the hand that feeds IT © 1998–2019