* Posts by HereIAmJH

98 posts • joined 24 Aug 2010


How politics works, part 97: Telecoms industry throws a fundraiser for US senator night before he oversees, er, a telecoms privacy hearing


Re: Draining the swamp

Not draining the swamp. They have just reversed the flow. Now instead of serving in gov't to get a cushy position as a lobbyist, they work as a lobbyist until they can get appointed to an oversight position where they can rewrite regulations to suit their industry. Overall I suspect it pays better and you don't have to pretend to care about the proles.

*taps on glass* Hellooo, IRS? Anyone in? Anyone guarding taxpayers' data from crooks? Hellooo?


Re: We're 14 days into 2019 so far...

'Scuse an ignorant Brit failing to understand US government, but ...

Shhh.... don't apply too much logic to politics.

Prior to shutdown Republicans controlled Whitehouse, Senate, and House. Senate passed a bill to keep the gov't running; Whitehouse threatened to veto and House couldn't be bothered to vote on anything.

After the shutdown; Democrats control House and have passed a bill similar to what Senate proposed prior to shutdown. Senate refuses to vote, even on the bill they passed almost unanimously prior. And Whitehouse throws a tantrum that Democrats won't do anything.

Maybe we could get China to manufacture us a wall, they have experience. It could be Assembled in USA, like everything else, and be a much cheaper ecological disaster.


Re: Governing America

Or we could solve your Brexit woes by making you our 51st state. Glass houses?


Re: There's a simple solution to this

So far for me, there has been no impact (will not say there will be none yet).

Hmm, lots of tainted food recalls last year, seems like the perfect time to furlough food inspectors. And those farmers getting hammered by trade wars, they'll just have to wait for their token reimbursement. And the essential services they depend on for planning next years crops..... Not to worry, corporations will buy out all those 'small' farms that can't survive the uncertainly and low revenue. And the consumer will just have to live with the higher prices. Just hope you are in the higher income range where food is a smaller percentage of your budget.

Having just finished the holiday season, there is ample proof that many jobs, both public and private, can be neglected for a week or two before seriously impacting their organizations. That doesn't mean those jobs aren't essential.

I used to work with a guy, who like you, felt that most federal jobs were a waste of money. A self-proclaimed libertarian. So I asked him, your kids go to (socialist) public schools, right? Should we get rid of them? "No!" How about we privatize all the roads, you can pay tolls on your 40 mile daily commute. He didn't like that either. And the ultimate irony, last time I talked to him he was working a government job. Just because you don't see a direct benefit from public services doesn't mean you don't receive positive benefits. At least that is what I tell myself as 75% of my property taxes go to public schools that do not (and will not) affect me directly. I also have very limited ability to utilize national parks, but that doesn't mean I don't see the benefit of a well funded parks system.

Court doc typo 'reveals' Julian Assange may have been charged in US


Re: Well he's a bit of an arse, but...

Of course he knew, there is no mystery around how traitors and spys are treated

We pay for their sex change and release them after 6 years?

Six lawsuits against FCC's 5G idiocy – that $2bn windfall for telcos – is bundled into one appeals court sueball


Re: $270 per site per year

The $270 fee per site isn't talking about macro sites, it small cells. $270/year to put a shoebox size radio and antenna pack on a light pole, for instance. 5g needs very high density. You can't build a macro tower and let it cover a 3 mile radius.

The part that the wireless companies are unhappy about, "deemed granted", is because some municipalities have extremely long approval processes. They can cover new sites (such as mounting a small cell on a light pole or cable line) to adding frequencies or changing antennas on an existing tower. If you have 100k macro towers (nationwide) to update to new tech (3g to LTE or 5g) it can be a long process. When you start talking about adding thousands of new small cells in each market the approval process could stretch out for years if you don't have some kind of expiration on the process.

London flatmate (Julian Assange) sues landlord (government of Ecuador) in human rights spat


Re: I really hope he gets the boot

Would any human being "want" to get arrested by a TLA notorious for prisoners going poof?

Because Manning went poof... well, I guess Bradley did, but it wasn't a TLA that did that. He took it like a man, served the time, and has been released, early. But you go ahead and jump at shadows and fear the monsters under the bed.

Furious gunwoman opens fire at YouTube HQ, three people shot


Re: Of all places

Perhaps the toxic liberalism which has affected and perverted most of what this nation was founded upon

Maybe it's not toxic liberalism, but the growing lack of empathy and sheer disgust for people who don't share your beliefs or background?


Re: Of all places

Actually, you can buy rifles across state lines but not handguns. A handgun can be purchased but it has to be transferred through an FFL in your home state. IE. it is placed in your hands by a dealer licensed in your state. And private sales have no restrictions.


gun laws

"Making guns hard to get and imprisoning those that own them illegally massively reduces that problem."

Because that has worked so well in the war on drugs. Oh, wait.....


Re: Of all places

"Weapon of choice in London seems to be a knife, which limits the ability for mass murder."

Does it? Do you have metal detectors every place people gather in large groups? I would think you could kill a lot of people with an ice pick, some place like a crowded club or concert, before anyone even noticed what you were doing. And when does it become 'mass' murder?


Re: Of all places

Purchases and types of gun ownership IS regulated at the federal level. It's the responsibility of the ATF. For example, if you wanted to own a machine gun that was brought home as a trophy from WWII, you would need a Federal Firearms License (FFL). The same for a canon from previous wars. They also regulate gun dealers. States and local regulating entities can require additional requirements. For example, states regulate gun carry requirements (Open and Concealed carry). Some cities regulate what buildings allow people to carry guns, but some states have pushed back against that.

When it comes to dishonorably discharged, felons, and people who are not mentally stable, it is the federal government that controls the background check process that is required to purchase from a gun dealer. Private sales do not, at this time, require a background check.

Cloudflare touts privacy-friendly public DNS service. Hmm, let's take a closer look at that


lazy humans

Keep in mind that IT, and humans in general tend to be lazy. Think 80/20 rule for software development. If they can get 80% of the data from their own DNS, why bother with the outliers? Sniffing and logging traffic is expensive at scale. Logging every site their 10s of millions of customers access could run into the petabytes for 12mo of data if you are logging connections.

And as far as who is collecting the info, your ISP can relate their data collection to the PII on your account, because your IP is associated. Google can relate their DNS data to your Google account, along with all the search data they collect. So even if Cloudflare mines the DNS data, all they can do it associate it to your IP. Lesser of evils.

VPN to your own DNS in a cloud service? Lots of extra complexity and your cloud provider can always monitor your traffic and associate it with your billing info. Is that better? I'm not sure. Just to play devils advocate, I'll bet I could write a shim for the virtual network stack on your VM that captures #53 requests and sends them to a syslog server.

Rant launches Eric Raymond's next project: open-source the UPS


Re: Who will compile my open source UPS?

Actually, if you published the gerbers for the circuit board, some people would make their own and others would produce complete boards for the ones who can't. And if your focus was on component suitability, rather than the lowest cost solution, some parts could be sourced complete. For example, there are all kinds of smart battery chargers available in all sizes. As far as batteries are concerned, I'd be surprised if you couldn't find common components sourced out of China on eBay. Even without that, batteries with the same characteristics are going to be available just about everywhere. Supply chains are worldwide.

I've been appalled by my growing UPS graveyard. So much so that I stopped buying APC. Rather than going this route though, when I remodelled my house I isolated circuits. Lights, computers, etc on their own dedicated circuits. Which means I can pull them out of the primary circuit panel and connect them to one supplied by batteries and an inverter. (primary charging by solar, I still need a circuit to initiate charging from a grid powered charger when capacity drops below a certain level and no renewable charging is available) My power requirements have dropped since I moved from compact fluorescent to LED, but a down side (since I am currently still powering lights from grid power) is that state changes in LED is much faster than CF or incandescent, resulting in flickering from dirty power being much more noticeable. Thus my desire to have all my ceiling lights powered by battery full time.

I'm anti-Google, please elect me: Senate hopeful rides tech backlash


Re: Missouri voted for a dead man last time

You are talking about Mel Carnahan (D) in 2000. He died in a plane crash 3 weeks before the election and it was too late to replace him on the ballot. His wife took his place and served until 2002 when Jim Talent (R) was elected to replace her. Talent was succeeded by our current Senator Claire McCaskill in 2006.


Hawley, corporate sellout

It's ironic to see Hawley worrying about 'concentration of economic power' and corporatism, considering Koch brothers are running ads, hourly, on all of the Missouri TV stations attacking McCaskill. Koch brothers, through their Americans for Prosperity PAC have announced they are going to spend $300 million during this election cycle to unseat Democrat incumbents. The ads for Hawley have been running for a month. Of course, AFP did this before with anti McCaskill ads to support Todd "Legitimate Rape" Akins.

Note that 501(c)(4) organizations can't support a candidate directly, so they fund a deluge of attack ads against the opposition and call it Free Speech.

Audit finds Department of Homeland Security's security is insecure


Re: Confused

Custom solution is PITA, but there's enough different US "security services" for something half decent to be created and used by them all (similar applies to hardened OS creation and various other tools)

Smaller government. While the cynic in me hears 'fewer government employees, more contracts for my friends', do you really want the government re-inventing the wheel when a COTS package will do? Of course, they are a large enough customer they could pay Microsoft for a locked down version of Exchange, but then people would be ranting about $10k hammers and $50k toilet seats. IE. why does the gov't pay more for an Exchange seat than what I can get one for down at Best Buy.

I do have to wonder though why government agencies are putting sensitive data on public cloud services. They are certainly large enough to launch and support a US Gov't internal cloud. Then again, I posed the same question to upper management of the company I work for, considering we already have huge datacenters and are a national service provider. I suspect it has the same root causes as Shadow IT.

We all hate Word docs and PDFs, but have they ever led you to being hit with 32 indictments?


Re: Not fake news

Next stop putting microchips in everyone's brains. Or that vaccination is "Big Pharma" trying to poison their country to make sales.

It's obvious, they're using vaccines to insert nano chips into all of us that communicate with cell phones (not just your own cellphone) to report all your activities to the gov't. Why do you think the flu is so bad this year? Not only that, but they can use them to monitor your respiration and blood pressure to see how you are responding to those activities. IE they know if you're a True American or simply just pretending to enjoy Trump rallies or Fox News.

1984 is so '80s.

Oddly, I really do have foil on my grocery list today.

Billionaire's Babylon beach ban battle barrels toward Supreme Court


Re: Good ole Oracle, eh

Funding shouldn't be a problem. California will have $4m a year from the fines to operate a free shuttle to the beach. They should do it just to piss him off that he is paying to transport people to his 'private' beach.

Sorry, I can't hear you, the line's VoLTE


Re: It's only a challenge...

VoLTE is a much more complicated environment than your VOIP and Asterisk server. VoLTE has to be able to hand off to PSTN and other carriers as the cell handset moves between towers and changing signal coverage. What do you do when the subscriber moves from a strong LTE signal to a 1xRTT or a 3G with no available bandwidth? What do you do when the subscriber roams out of your coverage area? A VOIP solution would be to just drop the call and force the caller to reconnect. That is not an acceptable solution for VoLTE.

Firefox to emit ‘occasional sponsored story’ in ads test


Re: Bye Bye

"Mozilla can't die off quickly enough for me now - they're far past the stage where they've become merely embarrassing, getting to the point where they're becoming a liability."

It time for Firefox to burn up and spawn a new browser. Get back to the light weight platform with features added through plug-ins.

They always say, developers prefer to start fresh rather than maintaining legacy code bases.

You can't ignore Spectre. Look, it's pressing its nose against your screen


Re: No shared CPUs

Except that a lot of people use cloud for high availability. If you're going to throw all your hosted VMs on a single host you have just created a single point of failure. For reliability you want your VMs spread across hosts and data centers.

'WHAT THE F*CK IS GOING ON?' Linus Torvalds explodes at Intel spinning Spectre fix as a security feature


Turbo button

Now we just need an 80's computer case with a turbo button. Need reliability, turn on security. Feeling frisky, Turbo all the way. And like the 80s, anyone one want to guess what state most computers will be running in?

Funnily enough, small-town broadband cheaper than big cable packages, say Harvard eggheads


Cost assignment

" Further, there is no mention about whether or not these muni networks utilize muni resources unavailable to private ISPs, such as existing utility truck fleets."

I would be really surprised if the cities don't clearly differentiate the costs in their budgets. Because in today's environment of governments always having fewer dollars than services they are expected to provide, they are going to want things crystal clear if they have to go to the citizens for a tax increase.

As an example, the small city I live in has a public works department that handles streets, sewers, and trash. And they break down every expense, including labor hours, between those services. So for example, we might have 2.4 full time employees (FTEs) for trash service. And you can bet when they work overtime helping to plow streets that OT is billed to Streets.

And we have funding for each of those services. Each one has it's own budget that must be balanced. As a result, I don't see any municipality incorrectly reporting costs to make muni-broadband more attractive. Not when they'd be passing those costs to services that citizens hold in much higher regard as essential. (Police, Fire, streets) They don't even combine expenses between water and sewer, and we get those on the same bill.

If Australian animals don't poison you or eat you, they'll BURN DOWN YOUR HOUSE


Re: Picking up burning/smoldering twigs

"The Russians (or Chinese or Norks or Democrats) have introduced a few Ozzie kites into California, where they have taught the skill of burning-branch-dropping to the local native Bald Eagles,"

The Bald Eagle is a pure capitalist. So the Republicans have taught it to start fires and burn out the poor folk, opening up the land oil drilling.

Game of Thrones author's space horror Nightflyers hitting telly


Re: Bah!

I'd love to see Larry Niven get the Philip K Dick treatment. He has certainly produced enough solid material. Ringworld would make a good series. And it's not like he hasn't written for TV before.


Re: The Orville

The problem with The Orville is they can't decide what direction they want to go. Sci-Fi takes a little immersion in the story, and just as they get a good story going they drop into campy sitcom. Like a practical joke of cutting off someone's leg. I suspect that is how it was pitched, to grab the sci-fi audience along with Seth's following. But it seems to fail both genres. Pick a direction and dial the other one back a little. If it wasn't available through streaming I'd have already given up on it.

Republican tax bill ready to rescue hard-up tech giants, struggling rich


Re: I don't get it

Here is the problem with supply side economics and every first year econ student knows its. The basic fact of the supply and demand curve.

Lets look at how they say trickle down is supposed to work:

Give businesses more capital and they will hire people to increase production.

But increasing production increases supply, and increasing supply with a static demand means prices have to go DOWN. No business is going to invest in new employees and capital just to see revenue per widget drop. So they will sit on the cash, buy back shares, give bigger bonuses to C-level management, or make financial investments.

You have to work on the demand side because increasing demand always increases supply side revenue. Don't believe me, it's Christmas, look at the prices of the hot toys on eBay.

If the demand is there, businesses will increase production without external forces. Or their competitors (existing or new ones) will.

Ex-Microsoft intern claimed one of her fellow temps raped her. Her bosses hired him


Re: "seriously sexually assaulted"

"Grabbing someone may be assault but it isn't sexual assault. It's only in the workplace where this would be treated as sexual harassment: different situation, different code."

You're confusing things. Sexual assault and sexual harassment are different. In general, in the US, offensive touching of a sexual nature is considered Sexual Assault. If you grab my arm in a sexual manner, it's sexual assault. If you do the same in a non-sexual manner it would be battery.

Some examples;

You meet a woman at a club and you grab her arm to pull her in to kiss her. Sexual assault.

A woman cuts in front of you in line at the grocery store so you grab her arm. Battery.

Both could be without malice, but they could still get you arrested, depending on the situation.


Re: So what did the police say?

"Don't get me wrong now, grabbing ass is terribly offensive, yes, and should not be just ignored, but to equate it with the terrible act of rape is not proportional."

It may not be rape, but in the US it is classified as sexual assault. Washington state defines it as Indecent Liberties. "Any touching of the sexual or other intimate parts of a person done for the purpose of gratifying sexual desire of either party or a third party."

And BTW, if she was unconscious then in Washington state she was unable to consent to intercourse, making it second degree rape. "Victim is incapable of consent because he or she is physically helpless, mentally incapacitated or developmentally disabled."

I'm surprised, since it was a co-worker, that there wasn't an Order of Protection that would have forced Microsoft to relocate one of them. (which would mean him, because penalizing the alleged victim opens you up to lawsuits like this)

Possible cut to British F-35 order considered before Parliament


Time to kill the whole F-35 program

We should all be dropping the F-35. By the time they are ready for combat everyone will be using drones exclusively. Let's just save a trillion $$$ and go there now.

Tesla launches electric truck it guarantees won't break for a million miles


Re: @Zog

There is no reliability problem with diesel engines. Most of the components on semi truck engines have a B50 rating of 750k miles or more. (B50 is a statistic on when 50% of the components would require a major repair, similar to MTBF on computer equipment) And diesels aren't that complex, until you start incorporating computer systems.

And you wouldn't drop a genset on an electric truck. That would be ridiculous. What you would create is a serial hybrid. It would have just enough battery to boost the available power for accelerating and steep grades. The diesel engine would produce enough power to drive the electric motors at highway cruise speeds. So the weight you gain with the diesel engine, generator, and fuel, you lose by leaving some of those heavy batteries behind. Diesel hybrids need to use some of the decades of experience of the train industry.

As far as safety is concerned, you'd have the worst of both worlds. BEVs are actually more dangerous that diesel fuel. Between battery charging, dangers from damaged batteries, and hazards to emergency service crews. Diesel, OTOH, is a known component and difficult (compared to gasoline) to ignite.

Some issues I see with the Tesla truck are that there appears to be no sleeper. So no team drive and the driver has to end their shift at some kind of facility. 60 mph cruise speed is too slow for the United States. 65 or 70 will be required, or you'll lose all your drivers. (drivers get paid by the mile) And it's going to need more than a 500 mile range. 10hrs x 70mph puts you at 700 miles minimum. I'm also curious how they are going to handle the un-sprung weight of having a motor at each wheel.

CableLabs, Cisco working on LTE-over-DOCSIS


Re: So essentially...

I have been a Time Warner customer for over 20 years, and service hasn't improved since the merger with Charter. Although prices have gone up. Currently I'm having trouble with my modem receiving too many errors from the network and rebooting. I replaced the modem with an different brand and upgraded, and the problem persists. Too many errors and the modem reboots daily between 11am and noon. Which disconnects my VPN, breaks all my sessions, and drops me out of conference calls. OTOH, the last time I have lost cell service (other than leaving the service area) was over a decade ago when T-Mobile(Voicestream) lost power to one of their towers after a tornado. On top of that, I have to power the premise equipment for cable so if the power it out for more than 2 hours I'd have to hook up a generator to make a DOCSIS/LTE call. Where cable companies I have dealt with have always failed (Time Warner, Spectrum, Comcast) is their insistence that it is ALWAYS the customer's fault until you can prove otherwise. Google Fiber being the exception.

And yes, I'm very much aware that the LTE is a requirement for VoLTE. LTE isn't the problem, cable network reliability is. And last I checked, only cable providers used DOCSIS.


Re: So essentially...

Charter has merged with Time Warner Cable. So size isn't the issue. The problem is quality of service. I haven't worked with a cable company yet that has the culture to provide carrier grade service. I have TWC and Google fiber, and I wouldn't trust either with phone service if I didn't have a cell phone. I don't trust the service to work in an emergency. And you want me to rely on LTE on DOCSIS when cell carriers are pushing VoLTE so they can retire the older protocols?

Survey: Tech workers are terrified they will be sacked for being too old


Re: Us old fogeys

Hmm, I am doing IT work for the charity I support. It doesn't pay anything, and I'm providing all the hardware. Plus custom software and possibly a website redesign. Not sure how that is going to put food on the table if I lose my job. And I have decades of experience already. Even so, I do recommend helping out local charities.


Re: Us old fogeys

And ironically today there is another article about the shortage of talented IT staff that is expected to get much worse. The company I work for is rumored to be talking merger, and many people I work with (including myself) are concerned that being in our 50s will make it difficult to find new IT jobs if we become redundant.

Even more warship cuts floated for the Royal Navy


Re: No escorts = bye bye HMS QE

Might as well stay in port. It doesn't have any airplanes.

Didn't install a safety-critical driverless car patch? Bye, insurance!


Re: Safety-critical updates?

Since the cars are self driving, does that mean you can set parameters for when you don't need your car, and it could drive itself to the dealer for the update? For once the dealership would be able to work around my schedule. That would certainly cut down the delay on getting recalls fixed. Not sure when I'm going to have time to go to the dealer to get the seatbelt retractor recall fixed. Or get the bolts in the steering box replaced for another recall.

FCC gives Google's broadband balloons 'experimental license' in Puerto Rico


Re: Power?

"Whilst the bloons themselves might be solar powered, the kit on the ground probably isn't and last I heard there were still major problems with that part of the infrastructure."

It's easier to deploy charging stations than it is to rebuild tower infrastructure. You can recharge a cell phone from a solar panel or generator. Wireless companies are getting their stores back open for charging locations as well as allowing free phone calls through whatever capabilities they have. But you have to get there.

To re-establish cell service they need to repair/rebuild towers and get power and possibly backhaul to them. They can fly in COWs and COLTs, but you need open roads to suitable sites to deploy them. Loon has the opportunity that they can fly to wherever they need to be and provide service for whatever infrastructure/device is there.

If this works, the US Govt and cell companies should put policies in place so that Loons can be deployed within a day or two of a major disaster.

Linus Torvalds passed a kidney stone and then squeezed out Linux 4.13


Re: Is the sky falling? Or, ...

"As to the changed default re: cifs. Sounds good (belated)."

Silly me, I thought SMB and CIFS were part of Samba. And when Linus speaks of Linux, he's talking about the kernel. And while there were some security issues with Samba's SMBv1 that needed fixed recently, WannaCry affected Microsoft's implementation and not Samba's.

Automobile Association under fire for car-crash handling of data breach


Re: Taking it seriously

While it's nice to jump on people for having a security breach and leaking customer data, note that April 22 was a Saturday. The article doesn't say what the server misconfiguration was or how long it took to identify it.

And I can't speak for the other info leaked, but masked card numbers (last 4 digits) is not considered Cardholder Data. Last 4 isn't even considered particularly sensitive, that is why it is printed on register receipts.

How to avoid getting hoodwinked by a DevOps hustler


Re: DevOps!=Bullshit (at least some of the time)

My team develops, tests, builds, deploys, and provides 24x7 production support for our app. We don't do server maintenance or user acceptance testing. Our tiny team is required to be Agile and DevOps this year.

So far Agile simply means daily scrums so we can look at the hours remaining on each task and how it figures on the burn down chart. It also includes additional record keeping by importing tasks into the Agile tool and tracking remaining hours, in addition to our actual enhancement tracker that contains all the details of what needs developed. The only guidance we have received on DevOps is that we need a test suite to do automated testing. And we were helpfully provided with a test tool designed to test web applications, and ours is a multi-tier winforms desktop app.

As someone who has been down the route of fabulous methodology of the year (RAD, JAD, ISO9001, KANBAN, Lean, 6 Sigma), Agile and DevOps (at least how they are being implemented where I work) don't pass the smell test. If management cannot provide concrete examples of the problems being addressed and the discrete steps the new methodology provides, then it's all smoke and mirrors.

What is dead may never die: a new version of OS/2 just arrived


Re: Obscurity

I think it was a missed opportunity that they didn't put a compatibility layer in there for Linux or BSD. Maybe something like built-in VM support and an integration layer with X for the desktop. One of the big problems with OS/2, and the reason for the solid support of Win16 apps, is the fact that there were so few native applications. I know I used it primarily for multitasking DOS applications that had performance problems with Desqview or Win95.


Re: To quote a popular song ... 'Let it go !!!'

It was a difference in design philosophy. A lot of problems that were blamed on OS/2 were actually hardware that wasn't performing to spec. Stodgy OS/2 said "I'm not going to stand for substandard hardware." Windows said "if I didn't see it, it didn't happen". The odds ended up in Windows favor and the underlying issues went unnoticed. But they had their share of blue screens too.

Julian Assange wins at hide-and-seek game against Sweden


Re: Ecuador.

And I have a friend who was raped in the parking lot of a bar by a stranger and suffered debilitating trauma for years afterwards. And another who was raped by an ex in front of her infant son when he dropped by for a 'visit'. Two sides of every coin.

Julian should just stop being a douche and go stand up for himself in Swedish court. Everything he has done since makes him appear guilty. And considering the hurdles women face in reporting sex crimes, I'm inclined to believe the reason he doesn't is because he knows he did something wrong.


Re: Actions == consequences

"At that point it wouldn't suprise me if Trump (after a quick win, and smarting about the release of Chelsea Manning) decides to put in an extradition request."

Ironically, Obama didn't want him. Trump now has an empty cell to fill, and a need to look tough. But the clock is ticking, maybe he just has to stick around a little longer and Pence won't want to bother with him. Leaving him free to enjoy his incarceration for jumping bail.

74 countries hit by NSA-powered WannaCrypt ransomware backdoor: Emergency fixes emitted by Microsoft for WinXP+


Re: "the SMB server bug is the result of a buffer overflow in Microsoft's code. "

"Yes, and patched automatically in all supported versions before this happened. "

I would be surprised if MS is actually fixing bugs in SMBv1. Windows 7+ and Windows 2008+ support SMBv1, but default to SMBv2. So they don't use the protocol unless the remote forces them to downgrade. The 'fix' that has been around for a while is registry setting to turn off the SMBv1 protocol. Just like we did for SSLv3 (and now the lower TLS versions). Anyone who has done PCI scans has seen this working through the system for a while.


Re: Risk Management

"Say what you will about newer versions of Windows automatically installing updates, but it's functionality that exists for a reason."

Which would all be well and good, if the damn morons in charge of making corporate policy didn't hijack the security update process with marketing. I don't allow automatic updates because I don't want to deal with upgrade nag-ware or compatibility scanners digging through every file on my system for an 'upgrade' I haven't determined I even want. Automatic updates have to come from a TRUSTED source.

Hackers emit 9GB of stolen Macron 'emails' two days before French presidential election


swaying elections

Before you say the margins are too wide in polls for this to sway the election, remember that going into election day Clinton was expected to beat Trump by a landslide. This is definitely an attempt to influence voters. A hack that apparently took place several weeks ago dumped just as the candidates go into a quiet period where they cannot respond. You have to wonder if this is the new weapon in the assault on democracies. Hack the candidates and then selectively release information when it can do the most damage and sway opinion to the party that will support the most favourable policies.

Head of US military kit-testing slams F-35, says it's scarcely fit to fly


Re: Phew, bullet dodged.

You should just change them to launch drones, that will put you ahead of the curve. Everyone else will be there in 10 years. Of course, about that time an aircraft carrier might be about as sustainable as a battleship.


Biting the hand that feeds IT © 1998–2019