* Posts by ShortLegs

127 posts • joined 6 Apr 2012

Page:

It's 2019, and a PNG file can pwn your Android smartphone or tablet: Patch me if you can

ShortLegs

Re: Oh well

Regrettably my S5 has had one security patch since I bought it. I'm not holding my breath.

I know Samsung et al like customised ROMs so they can throw bloatware in it, but FFS, after x years of never using their "added-value apps" surely they can let go and allow Google to push out vanilla ROMs c/w patches.

Housing biz made to pay £1.5k for sticking fingers in its ears when served a subject access request

ShortLegs

1 down, about 19 million more to go.

Accused hacker Lauri Love to sue National Crime Agency to retrieve confiscated computing kit

ShortLegs

Re: Why does he want five-year-old kit back?

Because it is *his*.

If the Police confiscated your belongings, as potential evidence in a case against you, of which you have never been found guilty, you are perfectly entitled to the return of your belongings. Whether they are of use or not is moot.

Ca-caw-caw: Pigeon poops on tot's face as tempers fray at siege of Lincoln flats

ShortLegs

Air rifle.

The people who complain about such measures do not live in an area blighted by pigeons. Of course, should they ever suffer that problem, after the first bought of hand-wringing and failed "humane" solutions, they tend to 'regretfully' propose using an air rifle.

The other point is that those handwringers tend to live in houses not flats, cul-de-sacs not estates, and the council responds to their issues in far less time than three years....

Been there, seen it, done it.

ShortLegs

Air rifle.

The people who complain about such measures do not live in an area blighted by pigeons. Of course, should they ever suffer that problem, after the first bought of hand-wringing and failed "humane" solutions, they tend to 'regretfully' propose using an air rifle.

The other point is that those handwringers tend to live in houses not flats, cul-de-sacs not estates, and the council responds to their issues in far less time than three years....

Been there, seen it, done it.

Begone, Demon Internet: Vodafone to shutter old-school pioneer ISP

ShortLegs

Re: Good article.

Cheers Cliff

Another former "tenner-a-month" member, and ex-Cixen

Medical advice app Your.MD could have been tampered with by anyone, alleges ex-veep

ShortLegs

Re: Sounds to me...

I venture that Mansfield knows exactly "how the internet works", and purposely stayed away from using any other term. His remarks were not aimed at the plaintiff, but at the panel - who quite probably *dont* know anything about network reconnaissance, but are aware of Google, because "everyone knows you use google to find things on the internet".

It actually appears as though the plaintiff doesn't know that much about "how the internet" works, insofar as 'security', else his response would have been somewhat different (and, I hope, cutting)

You were told to clean up our systems, not delete 8,000 crucial files

ShortLegs

I can relate, but it would have been a SCSI drive. Seagate did not have a 4.3GB (E)IDE drive at that time. They did offer the Barracuda SCSI in 2.1, 4.3 and 9.1GB flavours, the later two tending to be SCSI UW, and half-height.. and weighed a ton.

I remember a Computer Weekly (what ever the trade weekly rag was back then) reporting that Barclay's had had an issue with two drives failing in a RAID5 setup, and a "massive" 45GB array was at risk :-)

ShortLegs

Not true. The 528mb limit was encountered in the early-to-mid 90's. 850MB IDE disks were available in 1994/5, 1.2GB in 1996, whilst SCSI disks were available up to 9.1GB.

ShortLegs

or not. DOS/BIOS used CHS addressing back then, and the max limit was 1024 cylinders, 16 heads, 63 sectors per track, giving a maximum disk size of 528MB. By 1993/4 this had become an issue, as consumer hard disks were available that approached this size; often a new hard disks would be sold with a floppy containing a manufacture-supplied driver to workaround the issue, e.g. SeaTools, DriveManager.

That said, IIRC Windows 95 was never supplied via DGITS/CCTA, the supported OS were Windows 3.11 and WinNT 3/4.

Racing at the speed of light, Sage superhero bursts through the door...

ShortLegs

Re: Not me...

Many moons ago, the company I worked for was Cisco's biggest customer, and likewise were paying tens of millions for a maintenance contract with them. Didn't take long to work out how we could reduce spend by >90%. Cue a very urgent meeting request from Cisco.

Now although being a PBH at the time, I like to keep my hand in so was helping some of the engineers with an install, thinking I would don suit and tie after, in time for aforesaid meeting. Am outside, in raggy chino's, grubby company polo shirt, smoking a dog-eared rollup when Cisco execs arrive and enter building. As I follow them in, one turns round, scowls at me, and shuts the door in my face.

Decided not to wear a suit, walked into meeting and let colleague introduce me as " shortlegs, the senior manager who is hosting this meeting and deciding our maintenance strategy". The expression on the face of the Cisco exec was "Mastercard".

Not that we were immune. One of our customers had secured a multi-billion contract in the US. Cue our Account Manager (salesman) walking into a meeting with them, turning round to the only female present and saying "white two sugars love". He then went on to ignore her all afternoon.

Not the cleverest attitude to take with the Director, Service Management.

Lesson 101: don't pee off any individual at a client site, you have no idea who they are. Most especially when they are the most important person in the room.

Heard the one where the boss calls in an Oracle consultant who couldn't fix the database?

ShortLegs

Re: The Hot Shot Database Team

>I had a developer team no less[1] ask for a test VMware server to be created with 10GB of RAM

> because they thought all the data needed to be loaded into memory before they could loop through it

> doing what ever it was (some trivial summation type calculation).

>[1] I say team - it was actually just two people but I was shocked that neither had the first clue about

> relational databases.

>I offered to write the code for them but being a mere "infrastructure architect" at the time I wasn't

> allowed to.

Um, you didn't work at an organisation called, um, "steel hill", or "ferrous geographical feature" or "metal molehill"....

Scumbag hackers lift $1m from children's charity

ShortLegs

Re: Who are the criminals here?

"RSPCA is one of the worst offenders for this, they have executives on massive salaries and the local centres are franchises that have to do their own fundraising."

One of the worst? NO, the RSPCA is THE worst. It is not just the massive salaries, it is the levels they will sink to in order to increase revenue.

Your deceased father left a small legacy to the RSPCA and the rest of his estate to you? The RSPCA have challenged such wills in court, demanding a larger share of the estate.

https://www.dailymail.co.uk/news/article-1252213/Judge-slams-RSPCAs-court-attempt-double-300-000-left-generous-animal-lover.html

"The RSPCA said later in a statement: 'All the RSPCA has done is try to honour what we believe was Mr Mason's clear intention to avoid anyone paying inheritance tax.'"

Aye, that will be the clear intention that stated "£60,000 to him, £400,000 to them, and £300,000 to the RSPCA." I can't see it being any clearer, yet the RSPCA's translation was "The RSPCA argued that Mr Mason's will should be considered in such a way that it would receive £651,820."

Neighbour leaves a plot of land for wildlife, on the proviso that it was to be left as is, for the wildlife? The RSPCA sell the land to property developers because the will did not explicitly it was not to be developed.

https://www.manchestereveningnews.co.uk/news/greater-manchester-news/fury-as-rspca-sells-land-in-alderley-687444

Money-grubbing little brutes, the lot of them. From the obnoxious in-your-face "hi-how-are-you-doing-can-you-spare-2-minutes" street muggers to the overpaid, self-serving hypocrites at the top.

Total Inability To Support User Phones: O2 fries, burning data for 32 million Brits

ShortLegs

Re: Backup?

@TimMaher

[i]"I’ll get my coat. It’s the light weight one for Summer wear."[/i]

ROFLMAO :) Wish I could give more than the one upvote

He's not cracked RSA-1024 encryption, he's a very naughty Belarusian ransomware middleman

ShortLegs

But is it unethical, let alone illegal?

K&R consultancy is an established, respectable market. Senior executives and wealthy individuals often carry K&R insurance; in the unfortunate scenario of being kidnapped, the insurance carrier pays for a specialist K&R company to negotiate the release of a victim. Kidnappers - allegedly - prefer dealing with such individuals as they know that they will be paid, there will be no Police involvement, and that a payment will be made (at low risk to them).

This is little different. And I suspect, if Dr Shifro's track record is >50%, that the miscreants behind Dr Shifro prefer to deal with him; if he is contacting them then they know the victim has paid, and that it is in their long-term "business" interests to provide the key.

Untasteworthy business, but Dr S can be considered the IT equivalency of a K&R consultant.

What is at fault is the marketing/advertising of the provided "service". Change that, and the business is legitimate.

Naked women cleaning biz smashes patriarchy by introducing naked bloke gardening service

ShortLegs

Re: Why is it sexist

@Ledswinger

"I'd imagine lady commentards (c'mon, both of you help me out here, please?) would enjoy the concept of a naked Chippendale doing the housework rather than gardening"

Actually, ladies /did/ enjoy seeing naked (well, topless) "Chippendales" doing building/gardening and ironing.

Naked Builders featured twice on GMTV about 8 years ago, and on the back of that was Naked Ironing in Cheshire.

Now you, too, can snoop on mobe users from 3G to 5G with a Raspberry Pi and €1,100 of gizmos

ShortLegs

What is interesting (to me) is the equipment, and what device cost e1140

"needed... a universal software radio peripheral, a smartcard reader, and the OpenLTE software. Excluding the laptop, they said the kit cost €1,140 "

OpenLTE - free

smartcard reader - e15 - e60

Now what "universal software radio" component costs around £1000/e1100? I'm guessing a transceiver, capable of covering up to 6GHz, given that an RTL dongle can cover upto 1.750Ghz and costs around e30.

Hmmm <starts looking at my ETL8000 and R820 based SDR hobby horses>

Former headteacher fined £700 after dumping old pupil data on server at new school

ShortLegs

It begs the question "why?"

Why would a headmaster - or any teacher - want pupil data from a previous school in his new position. More worryingly, why lie that the data had been deleted, especially so when it is common knowledge that data doesn't just copy itself from a device, but has to be manually copied.

Is there a transcript of the Court session, and/or the ICO's findings available?

Microsoft polishes up Chromium as EdgeHTML peers into the abyss

ShortLegs

I tried Edge once... it drove me over the edge to Chrome

hat, coat...

Oz opposition caves, offers encryption backdoor compromise

ShortLegs

Can you not see the GroupThink:

1. We [governments of most nations] are still alarmed by the ease of which a small group organised the petrol protests of 2001 in the UK, with nothing more than SMS messages

2. The Internet gives dissenters much greater ability to protest

3. Hmm, that Internet thing, could be great for surveillance of our own people. And if it wasn't for those darned encryption thingies...

4. Hey, Mr Tech Company, give us access to everyone's messages. There's shed loads of money for various Govt projects about here in exchange for data, and of course, my non-exec Directorship

5. The public? "Think of the children! Terrorists! Think of the children! Terrorists!"

Stats model: UK small biz overpays for stealth mobile plans

ShortLegs

Telco's pricing plans complex and obscure? Now there's a surprise, as no-one ever said.

What the #!/%* is that rogue Raspberry Pi doing plugged into my company's server room, sysadmin despairs

ShortLegs

Just tried my DDI desktop number for the company I left in 2004. It still works, and my company voicemail account still exists.

Like an earlier poster, I was downsized with no warning. When escorted to my desk to collect personal items prior to 'garden leave', I had intended to setup email auto-responses, email a few colleagues bye, and allocate responsibilities, instead I found I had been locked out of my corporate /desktop/ user account.

Bless, they had tried following 'best practice' of removing access (a little hasty, given the legal requirement to conduct 30/90 day discussion periods prior to redundancies). IT only managed IT... they didn't manage the 30,000+ devices present in the core... Or the telephones. I ported my company mobile to personal use, and for weeks after was getting customer calls demanding updates on outages, service issues, etc.

Its not just physical objects one can find.

Netware's NDS had a 'feature' that allowed one to create hidden superuser admin accounts. Ok, you needed to have admin rights to the root object to do so (but that was trivial enough if you didn't). First task in any role in a Netware shop at the time was to trawl the NDS for hidden objects, and hidden Admin-level accounts. And kill them.

Bright spark dev irons out light interference

ShortLegs

Re: It's called a choke.

"Be nice to your local ham radio operators and just stick chokes everywhere, please."

Many amateur radio operators need choking. Notably the full licence holders who forget to release the pressel occasionally.

Can't get pranked by your team if nobody in the world can log on

ShortLegs

QA

Back in the days of DOS, our Small Systems Group provided systems analysis and software support within the Armed Forces, producing turnkey apps using SuperCalc and Paradox. QA was conducted by a senior civil servant, 'S'.. The analysts detested passing design documents in front of 'S', and the other two programmers were annoyed at having programs rejected for menu screens with "press any key to continue"; Mr S would press the CTRL key, ALT key, ESC key and so forth, before looking up and rejecting with a dry "I pressed several keys, none of them continued. How do you expect end-users to cope?"

I though this was somewhat pedantic, even if he did have a point. I was also very very new in the role.

I wrote a TSR that intercepted the keyboard handler, and when those keys were pressed opened a dos "window" that displayed "F--- Off, S****". Added it to autoexec.bat on his PC, and gleefully told the other two programmers about it. Until the other civil servant, a likeable young lad, told me just how senior S was, and he didn't have a sense of humour. Too late to undo the changes, and too late to recover something I had left on his desk for QA with a very deliberate "press any key to continue" prompt.

Going in to own up, S had just loaded the program from floppy, sees the menu, pressed CTRL, and was greeted with a box in the middle of the screen with the aforementioned message. I'm seeing promotion disappearing out the window, probably with my current rank and a posting to somewhere cold and nasty, when he burst out laughing. "I think I deserved that!" or something in that vein.

After that, he and I got on famously and I never had to submit code for QA; all our stuff was turnkey, no one had ever delved into x86 assembler, or "real programming" as S termed it.

Forgotten that Chinese spy chip story? We haven't – it's still wrong, Super Micro tells SEC

ShortLegs

Re: The simplest answer is usually the right answer...

And the simplest answer is "if didn't happen"

The article refers to previous carefully spun press releases from large corporations, but in Apple's case last week Tim Cook was very, very emphatic; this did not happen. Not "did not happen as reported" or any other carefully constructed and ambiguous denial, but a flat outright rejection.

UK defence secretary ponders £50m hit to terminate Capita recruiting contract

ShortLegs

Its regarded as a "win" that they have shaved 87 days from the average recruiting time?

My god, how times changed. I walked into the Army Careers Office 17th Sep 1983. Attended Sutton Coldfield that November, attested 3rd Dec 1983, started Basic that month. So what, less than 3 months (90 days) from enquiry to Recruit.

That was in the days of telephones, typewriters, and carrier pigeons. Fast fwd to 2016, when I think about joining the Reserves. In the days of workflow, email, and IM. Visit ACIO (or whatever it was called that week) May 2016. Attend Selection Weekend Aug. Start Phase 1A Feb 2017 (1 week), Phase 1B March (2 weeks), and finally Phase 2 Aug 2017.

8 months from ACIO to training... Crapita blamed the delay on my Drs not sending them my records, only by Nov to inadvertently to FWD me an email c/w prior history, that showed they hadn't requested my records until the end of 2017.

Its not just the length of time. Potential recruits have been told that they have failed the Selection medical before they even attend Selection; failed and eyesight test despite expert medical evidence that they have 20/20 vision; been told they have heart problems, with no ECG having been carried out. When appealed, another medical reason is conjured up. The time delay means that many potential recruits lose patience, withdraw their application, and go elsewhere.

And the current advertising ("This is Belonging" and the radio "FAQ" adverts) really don't help.

Why are sat-nav walking directions always so hopeless?

ShortLegs

Re: Hahaha...

"Hahaha...

I'd always wondered what our USAnian friends have against people with a love of walking."

Its difficult to monetarise.

Sysadmin trained his offshore replacements, sat back, watched ex-employer's world burn

ShortLegs

Re: redundancy quality of life

> A place I worked had various rounds of redundancy after a takeover

>

> We had a good manager and, first redundancy was not picked by HR, but by the manager

> as just one person required.

That wouldn't happen to have been a telco, would it, and the person worked in the NW UK?

Security guard cost bank millions by hitting emergency Off button

ShortLegs

Where to start?

Those with a Novell background will recall that one used RCONSOLE to start a remote session to a Netware server, from a DOS prompt. And one closes a DOS prompt with "exit".

Whilst managing the IT for the UK's largest contributor to GDP (at the time) via an outsourcing agreement,

I get a phone call at death o'clock that the main site server has gone down. Our remote first-line Helpdesk in Birmingham was doing some low-level sysadmin work one evening, duly fired up rconsole to do the work. When he had finished, he duly typed "exit"... and then inadvertently followed the directive "you must down the server to exit" typed DOWN.

He confessed that as soon as he pressed return he realised what he had done. Fortunately, it didn't impact production, and didn't really impact our uptime SLA. The client was OK about it given that he had immediately realised his error, and owned up to it; and they were also happy that no disciplinary action was needed as one could guarantee he would never ever make that mistake again.

And no, I didn't mind 1st line staff working in servers as I had trained them beyond that level, to improve the service offering. And human error can never be fully mitigated:

A few years later, managing a telco's NMC, faced with an embarrassed looking 3rd line network engineer who has shut down a major customer's site: connected to the appropriate router, did the required config work, then shutdown the network interface. The far end interface. Which neccesitated a truck roll to restore. Again, owning up to it went a long way to making amends, together with the comment "no need to look at remedial action, you can guarantee he'll never make that mistake again"

European Parliament balks at copyright law reform vote

ShortLegs

The language used by MEPs shows their complete disdain and utter contempt for the public

MEP Jean-Marie Cavada. "We received tens of thousands of emails on the copyright directive, almost 40,000 to be exact. This influx of email has even blocked the computer of one of my colleagues. It becomes spamming... [b]We cannot imagine that these emails are grassroots.[/b]"

No, of course you cannot image that Joe Public might actually not want this Article, might object to it. Only an MEP could class objection as spam. And since does "almost" equate to "exact"?

My phone call registering my objection was not spam, nor was my email. It was exercising my democratic right to object to over-reaching legislation.

Who wants to cram some BOFH skills into their brains? How about from, er, Google?

ShortLegs

That wouldn't really be a problem, though, would it - for companies that were seeking some form of metric to judge candidates, for a role in a Android/Google-centric environment.

Certainly no more than the Novel Service and Support course was flavoured to supporting Netware environments, and a similar MS course of the time was flavoured to Windows. Or the Win95 and NT Workstation courses discussed connecting to Netware servers using DOS connectors rather than the superior Netware Client32 and/or ZenWorks, before rapidly moving onto completely displacing, and side-stepping Netware clients full stop.

Don't panic, but your baby monitor can be hacked into a spycam

ShortLegs

Its received glowing reviews on the web, and not one of the half dozen I have skimmed recommends changing the default password from 8888 to something even remotely "secure"....

As one poster above alluded to, IoT stands for "Idiot or Twat".

National ID cards might not mean much when up against incompetence of the UK Home Office

ShortLegs

Somewhat late to the party.

But there are very good reasons to oppose a National ID Card of any format.

Who will pay for it? The Government or the individual?

What purpose will it achieve? To establish who I am? I can do that already, with any one from a number of voluntary documents such as a passport, driving licence, utility bill.

And of course, to work, any card would have to be mandatory. Otherwise there is no point in having one.

And if it it mandatory, what is the penalty for not having one, or not producing it on demand.

Just because other countries have one is not justification for Great Britain having one. And for those who wonder why, look up Wilcock vs Muckle

"But ID will cards will never be used for any other purpose than <stated aim of Govt>" you - or the Govt - might say. Really? Then consider this Judge's comment regarding ID cards in the UK in the 1950s:

""This Act was passed for security purposes; it was never passed for the purposes for which it is now apparently being used. To use Acts of Parliament passed for particular purposes in wartime when the war is a thing of the past—except for the technicality that a state of war exists—tends to turn law-abiding subjects into lawbreakers, which is a most undesirable state of affairs"

It's worth pointing out that Churchill reluctantly introduced ID cards during WW2. He promised to abolis them as soon as the war was over, but was voted out of office at the end of WW2 and before he could do so. The incoming Labour Govt retained them.

When Churchill and the Conservatives were voted back in, one of the first acts was to abolish national ID cards.

"papers, citizen" has already happened in the UK. Lets not allow it to happen again.

BOFH: Got that syncing feeling, hm? I've looked at your computer and the Outlook isn't great

ShortLegs

Thought this was the new boss, who was kind-of on-side with BOFH an episode or two ago... I'm sure the IS Director would have made a better target ;)

Ex-US pres Bill Clinton has written a cyber-attack pulp thriller. With James Patterson. Really

ShortLegs

Re: Sounds...

One and the same person... I'll try the fiction, as the factual stuff was (and still is) pretty damn good.

There will be blood: BT to axe 13,000 employees

ShortLegs

Re: Do the numbers actually add up?

Some of the variance between figures is due to using contractors.

A BT site in Hampshire 'housed' around 1,000 people. However, the official headcount was 200 BT staff. The other 800 were contractors, and therefore not employees.

The healing hands of customer support get an acronym: Do YOU have 'tallah-toe-big'?

ShortLegs

Ah Joe 90. Brings back memories of Saturday mornings.

The opening credits had higher production values, and more time and attention lavished, than entire episodes of today's TV dross. Derek Meddings was, simply, a god. YouTube also has a stereo version of the theme, claimed to be an original work.

Archive of 1.4 billion credentials in clear text found in dark web archive

ShortLegs

Re: STOP. In the name of love.

"https://diogomonica.com/2014/10/11/password-security-why-the-horse-battery-staple-is-not-correct/"

And the author of that article is not wholly correct either. Actually, he is very wrong. The assumption inherent in his article is that all users will have access to a password manager all of the time.

It ignores what happens when I go to work, and my employer does not use a password manager. Worse, when my employer insists on several different credentials for each application, e.g. PC/network userID and pwd, credentials for the Intranet, different credentials for the various "apps" hosted from this (email, SAP, MIS, etc), credentials to access the legacy mainframe via terminal. And all of these with their own, unique, username format and password requirements. No single sign-on, no commonality of user ID and/or password, no consistency of password requirements.

And then I go to my part-time (Reservist) role, with another set of credentials, again one set for local logon, one set for remote DII access, one set for JPA access... and again, no commonality between the various userIDs or passwords.

And thats before we run into "your password has locked as it has not been access for 6 weeks"... requiring a call to the Helpdesk, and antoher temporary password.

The userID/password combination is the LAST line of defence; we ought to be looking at the security of the front end (3 login attempts then account lockout), the security of the userID/password database, and the encryption of the database itself.

As techies, we look at this ass-backwards.

Ofcom just told BT to up its game on fibre investment

ShortLegs

I've been posting the solution here, and on thinkbroadband.com, for over 15 years now.

1. Change residential estate planning requirements to include FTTP, classifying fibre as an essential utillity in the same was as electricity, water, and sewerage. It costs 10x more to retroactively lay fibre once a build is complete than it does to lay during construction.

2. Engage in a nationwide, state-owned FTTP network. Sure, BT and Virgin will scream blue murder, but in places where they have presence the edge-backhaul could be rented, and the last mile state-owned. Where last-mile exists, buy/rent from the operator.

Option 2 has the potential to massively reduce unemployment in the build-out areas, upskill entire generations of folk - in turn increasing their marketabillity here and abroad, increase local spending (construction staff like their coffee, sarnies, etc). And then contract on-going network management and maintenance to either a state-owned subsidary or the existing players.

Sure, thats overly simplified, but it's only a question of scale.

Brit MP Dorries: I gave my staff the, um, green light to use my login

ShortLegs

The baby white elephant in the room

... is what happened to the web proxy and web-blocking system that was installed in Parliament, to prevent users from surfing pornography?

or was it quietly removed - at the insistence of 'users' [MP's] who objected that it stopped them googling areas in Scunthorpe and Middlesex...

Punctual as ever, Equifax starts snail-mailing affected Brits about mega-breach

ShortLegs

Christ, you had one job to do. Identify the individual. Now you are saying that you cannot notify individuals, because you cannot guarantee you can identify them?

If that is not sufficient grounds to revoke their licence, God knows what it would take.

You can't find tech staff – wah, wah, wah. Start with your ridiculous job spec

ShortLegs

Recruitment. The mai problem (I have faced) is HR. Not just for the "people specs" others have raised, but for being overly involved in the process.

Couple of examples.

At One company, despite offering fantastic salaries, we were getting NO applicants. So I went direct to agencies. Lots of candidates. HR visited, asking me to stop. When I queried the lack of applications, I was told the "old" filter was as follows

This job will lead to an increase of >£5000 over current salary - bin.

CV not in company format (!!!) - bin

No experience in company market - bin

So HR had a new policy, complete with technical tests to filter candidates. Aye, they had tests. Thy had culled questions from the various tick tests offered by MS, Cisco, et al. My third line team tried the tests, and "failed"... because the exam-correct answers do not reflect real world answers, or in other cases were flat out wrong (sh int s0 being my favourite, followed by MS insistence that an MS Server build with more than one NIC MUST have IP routing enabled). I finally had two applicants... one was plainly using someone else's CV (asked how he would trouble shoot network level issues, replied "we plug into the black box"), the other claimed he didn't recognise the NMT software running on the workstation he was asked to demonstrate because he was "used to the Windows version".

Another company, potential managers were given a list of 15 skills/competencies, and asked to list them in terms of strongest to weakest. One candidate grouped them into 3 groups instead, strongest, strong, weakest. HR rejected him because they couldn't compare how his skills ranked against another... this despite the obvious flaw that, for example if one ranked "strategy, policy", and another "policy, strategy", he did not mean that the first candidates' strategy skills were stronger than the seconds, because it was a subjective self-assessment, not an objective measured test!

I could go on. But as we all know, there is no real skills shortage. Just a common-sense shortage at management level.

WPA2 KRACK attack smacks Wi-Fi security: Fundamental crypto crapto

ShortLegs

Re: 4 Years ago in a land far far away.

I'll offer the thought that the downvote was for the optimism that devices that are less than 3 years old will be patched.

I'll offer the thought that few devices over 6 months old will be patched....

Software update turned my display and mouse upside-down, says user

ShortLegs

Re: Oh noes

"Yeah, you'd probably want to bolt the desk to the floor too. Just to be safe."

You would also need to screw their chair to the floor on that side of the desk."

Probably just prefer to bolt the MD to the floor. It's the only way to be safe.

That said, I had one user who I'd have happily screwed to the floor...

NatWest customer services: We're aware of security glitch

ShortLegs

Ha, Nat West.

Back in 1991 (long story short) I wanted to close my account with them. They wanted to photocopy my Forces ID card, and refused to allow me access to my funds unless I did so. I refused to leave the bank, so they threatened to call the police. I was only too glad to oblige, knowing Plod would call the RMP, and when Plod arrived, they duly did.

RMP listened for about thirty seconds before calling in SIB

Cue the bank manager trying to explain why he had over 700 photocopied ID cards as he was led away in handcuffs, charged under the Offical Secrets Act.

Still gives me a little giggle.

Skype for Business is not Skype – realising that is half the battle

ShortLegs

Missed opportunity

I was the 17th Skype user, many many years ago.

At the time, I was so impressed I recommended my employer made an offer to the developers to buy it outright; my employer was one of the world's largest telco's, and we could have acquired it for as little as $10million, or even less. It's shortcoming back then was a lack of integrated directory. You installed it on one device, your contacts list was limited to that device only. I suggested that we developed it to use a centralised directory (one of the things we /were/ good at), with off-line capability, continued to give it away to build the user base, and develop a small-fee premium version which linked into our global IP transit and global voice networks, c/w voice gateways.

It never happened. A couple of years later I left <telco>. However, a year later I received an email from the CEO, stating that Ebay had just acquired Skype for $2billion, and that as usual, I had been ahead of the curve and with hindsight it had been a bad decision not to acquire; at the least the company would have seen a massive ROI on it's investment. Nice of him to do send that.

Brit prosecutors ask IT suppliers to fight over £3 USB cable tender

ShortLegs

The MoD (and US DoD) are the creme de la creme for this. Every other organisation ranks as amateurs in comparison.

Some examples (from 1993).

Resistors, used as a component teaching soldiers to solder (try saying that aloud, quickly, several times!). We were warned to be careful because they were expensive at £25 per packet of 3. Next day, popped into Tandy's and bought a packet of 10 - from the same manufacturer - for 99p.

Light bulbs cost £115. I kid you not. If you have an MQ (service accommodation for married personnel), replacement bulbs are costed at £115 each, because "that includes [the labour cost] of fitting them". Reality - you get given x number of bulbs and told to fit them yourself.

8" adjustable spanners - starred items, as the replacement cost was over £700 per spanner.

In the US, a rubber stopwatch holder (small rubber block with a 2" groove) in the B2 bomber cost ver $2000. The B2 didn't have a Bombardier, didn't use manual timing for dropping bombs, but some USAF General, who last flew B-36, noticed the prototype didn't have one. Not knowing - or understanding - it was automated, loudly demanded a stop watch holder. The contractor was only too happy to oblige.

US Army toolboxes, identical to those once one sale at Sears & Roebuck for $199, cost $25,000. The British Army toolbox is pretty much similar.

The MoD in 1984 spent £19 million on 150,000 nylon waterproof jackets... which were not ventilated, rustled, and produced an effect like a boil-in-the-bag. 300,000 ventile smocks and trousers would have cost approx £3million.

The list is endless. Not's not even get to aircraft, aircraft carriers, and land rovers....

Sysadmin bloodied by icicle that overheated airport data centre

ShortLegs

Re: Frozen winter shit.

When anyone tells me there is "no 'I' in team", my retort is "*I* trust my team, and they trust me".

Fecking hate that saying.

Banking websites are 'littered with trackers' ogling your credit risk

ShortLegs

Re: I think we need to know...

@Compression Architect,

NoScript - can't find it in Chrome add-ons, only No-Script Suite Lite. Is this the script blocker you refer to?

ShortLegs

Re: I think we need to know...

@Compression Artifact,

NoScript - can't find it in Chrome add-ons, only No-Script Suite Lite. Is this the script blocker you refer to?

Page:

Biting the hand that feeds IT © 1998–2019