* Posts by Corporate Scum

20 posts • joined 4 Jul 2007

Ahem, Amazon, Google, Microsoft... Selling face-snooping tech to the Feds is bad, mmm'kay?

Corporate Scum

The last two paragraphs are key

The issue, and the fight, is to regulate the use of these technologies to ensure any government use is just, transparent, and accountable.

The strategy of going after suppliers like Amazon and Microsoft by using their civilian business as leverage will only push the government into using dedicated companies, directly funded from DARPA, and working from the shadows.

The D in SystemD stands for Dammmit... Security holes found in much-adored Linux toolkit

Corporate Scum

Re: I use FreeBSD, and for good reason.

Also, there were tons of great HOWTOs and tutorials to get people past the basics. The Systemd people couldn't even be bothered to complete the internal documentation, let alone work with the community to prep the documentation BEFORE they released it.

The stuff they cam up with wasn't really EASIER, just different and INCOMPATIBLE.

Fed up with cloud giants ripping off its database, MongoDB forks new 'open-source license'

Corporate Scum

Blindsided, and re-licensed at gunpoint?

Switching base licenses retroactively by changing it in the patching train is, as far as I know, unprecedented. Putting someone else in the situation of not being able to deploy a hotfix in production or changing contractual term at gunpoint is not something we should speak of lightly, or kindly. In going after some large, and potentially bad actors, they are pulling the rug out from under their broader user base. The choice of rolling yet another one of license isn't going to help either, as it will cause a trainwreck for anyone who was integrating code from other projects that had previously compatible licensing with copy-left obligations that require releasing code under a compatible GPL license. The article 12 clause seems to preclude a pretty broad swath of similar licenses, including the AGPL, and anything that has a rights assignment for enforcement(Like the rest of the current GPL family)

I suspect that people in the NodeJS community, especially meteor may freak out over this, and probably have the developer pool to support a fork at least long enough to force an embarrassing walk back in a few months.

This is the sort of shoot from the hip, knee jerk response that makes a companies management look green. This is something that should have been preceded by a ton of community engagement, not just dropped out of the blue in a blog post.

Microsoft Windows 10 October update giving HP users BSOD

Corporate Scum

Re: Microsoft response

Both funny and sad how as soon as a read what looked like a reasonable and professional response from Microsoft I knew it was a joke by the forth sentence.

Still I think the main issues are 1) M$ QC and testing has gone to crap and 2) the nanny state of Win10 blocks you from setting manageable controls. They could get away with one or the other, but the combination of both is truly toxic, and WSUS is no escape hatch as it is buggy, miserable to use if you turn of auto approval, and a space hog unless carefully configured.

Zero tools provided to help their users implement the best practice acceptance setting, and no real hepl for alternative patching systems. Get out of the way of my MDM, or give me something at least as good as Munki.

Microsoft: You don't want to use Edge? Are you sure? Really sure?

Corporate Scum

Re: Er ... weren't the 90s-noughties browser wars fought over this shit ?

Yes, and the wars never really ended.

The picture of Google pushing chrome clearly illustrates that we have just traded one monopolist for another, and that Google also should receive the loving embrace of it's own consent decree.

The browser choice dialog helped but it still failed, as it never leveled the playing field. It gave you a false choice between "Nothing but Microsoft's built in browser that can't be uninstalled" and "One of a small list of other browsers AND the one you don't want and can't get rid of, tough luck"

M$ buried IE's code deep in the OS, and the US and EU both refused to make M$ remove it or place 3rd party browsers on remotely equal footing. They still aren't.

Microsoft needs to get out of denial that they blew their shot with Edge at launch, along with Windows 8. They needed to fix it's basic usability and security issues, like allowing a single modal fave virus alert to jam the browser across system reboots. They didn't and as a result people hate it. They hate it enough to pay someone to reinstall their OS to windows 7. Trying to nag and trick people into switching back to it is going to fail hard, and in an embarrassingly public way.

Now it's just like the war in Afghanistan. No amount of ignoring that it's lost can ever make you win.

'Autopilot' Tesla crashed into our parked patrol car, say SoCal cops

Corporate Scum

I think your on the right track

There are only a couple of sections of the outbound leg that have those side of the road markings for parking, and most of the road HAS a center divider, unlike the photo, so that narrow the location to just a couple spots. (You may have seen a more specific location, I'm working off the photo and being fairly local.) It looks like the are by the dog park but, another section does something similar by Broadway.

This town is great example of near total disregard for normal road markings. The road lines don't use the normal width, the dashed yellow lines for the center don't use the normal spacing, most of the lane lines are solid white instead of dashed and there are huge arrows everywhere. I'm not sure, but I think that the parking spaces where the police car was parked are limited to off peak hours, and as the Twitter thread points out that section is Wackadoodle from a road planning standpoint. It basically routes the right hand lane into parked cars.

So if we find out this is a blind spot for the Tesla's neural net, no one should be surprised. It does not play to the strengths of those systems to if they are dealing with a bunch of needlessly unique visual queues where there is only one place or set of training data.

Speaking of which, it would be a great idea if the NTSB was building up a shared pile of data from all of the crashes of cars equipped with autonomy, either full self drive or safety features. Every manufacturer should be using these incidents in their training data and testing. That data should include cases where the driver was in control as well, as the car should be learning to help us humans avoid the mistakes we are prone to.

El Reg deep dive: Everything you need to know about UK.gov's pr0n block

Corporate Scum

Re: Cybergumble

It was thinking Hello.jpg sounded friendly enough, but to be fair, Google hadn't programmed it to Scroll Down yet.

(Warning to those not yet of age in the early years of the WWW _DONT_SCROLL_DOWN!)

Airbus CIO: We dumped Microsoft Office not over cost but because Google G Suite looks sweet

Corporate Scum

Re: GSuite is not enterprise ready

Set a 90-day password expiration policy without resorting to scripting or a 3rd party tool?

Fridge killed my baby? Mag-field radiation from household stuff 'boosts miscarriage risk'

Corporate Scum

Re: MF - EMF - WTFMF

THANK YOU.

No one reads the actual studies anymore. This story has been spreading for a couple days now and I am a little depressed this made it onto the R as a straight piece. This study hasn't been replicated, and does not suggest any causal mechanism for harm. Placing a sensor on someone for 0.2% of a year doesn't overturn 200 years of contrary observations, including multiple long term studies that have been replicated, and yield consistent results, showing any increase in harm is so far down in the noise floor as to be inconclusive.

Thanks to the other posters as well that pointed out the magnetic and electromagnetic effects of the earth and sun are actually much larger than most peoples environmental exposure, and people have been working near powerful magnetic fields and radio broadcasts for decades without a solid pattern or causal mechanism harm being found.

Still, every couple of years someone thinks they see a blip in their data and put out a press release making a huge claim that gets the tinfoil hats stirred up. People ignore the results of dozens of long term human and animal studies, and rush to decry high voltage transmission lines, or cell phones, or electric blankets, or whatever fill in the blank Mad Lib study has framed as this weeks Very Bad Thing. It then gets spread around the blog-o-sphere, and the author ends up on the talk show circuit telling Dr Oz how very worried we should be. Why is it that particle physics requires 7 sigma confidence, while life science is allowed to operate on unverified results?

Don't panic, but Linux's Systemd can be pwned via an evil DNS query

Corporate Scum

Re: what's fascinating is how the SystemD fanboys react

<Having a totally standard way of running a system no matter what distro you use was also a target.>

What like System V? :)

Systemd by that standard is still bass ackwards, people who need a faster/more deterministic boot sequence should by that logic able to load systemd as an alternative to a default of system v/init/upstart. That way you keep compatibility and reliability unless extra functionality is needed.

They couldn't do that because they let the scope of the project get out of control. It also caused it to take forever to develop, and as a result, was pushed out buggy, and left incomplete. Badly managed projects tend to turn into badly coded projects.

Acronis: Yep, we're using blockchain for backup now

Corporate Scum

I see Mr. Mellor was in a hurry to get to the Pub

95% press release, 5% content. Busted. You owe me an essay on Acronis use of block chain and how it relates to Ethereum's losses, or pint from your cut for shilling :)

Stack Overflow takes on technical documentation

Corporate Scum
Go

“I, for one, welcome our new insect overlords”

S.E. is an essential resource for our industry, and while it is not a substitute for actual skill and knowledge, having a place that you can apply technical Google-Fu and a site: tag to has saved me hours of wasted time. Conversely I have consistently had to fight Microsoft's site (and it's search functions) for even basic things like looking up a specific KB or CVE, or a patch by it's _explicit_ name. It's also great that they don't block you out from looking at the replies if your not signed in.

Right now I have a curated archive of links and saved pages that is designed to save me time trying to track down a specific thread or posts later. Need to find that post that contained all six steps to uncrash a WSUS installation that filled up it's data drive? Don't bother looking at Microsoft. Why click through another dozen links trying to google it again. Instead lets tag the MS Docs that are useful in the WSUS article on Stack Whatever they call it and add the relevant advice that if it falls down you may need to uninstall the role, manually delete the WID db file, several registry keys, and the patch archive and reinstall it all from scratch. We have been using forum posts for this for too long.

If SE wants to throw me the tools and space, I will help index and add those things to the relevant article when I ask or answer a question. Hopefully they will have learned the hard lessons from the Wiki space and it's technical and cultural pitfalls though. The Technorati can be just as bad as some of the cult self actualization gurus and conspiracy theorist Wikipedians. In any event it's worth a shot.

'Windows 10 nagware: You can't click X. Make a date OR ELSE'

Corporate Scum
Windows

Re: Windows 10 Pondering

I follow your line of thinking for the pc/set top box/IoC device, but I think you have the issue reversed. We need to stop treating things that are really computers with software and firmware as if they are not exactly that. It shouldn't matter if it's a tablet, phone, desktop, or CCTV camera, you should be able to enable a root/superuser account and push updates to it. You own the hardware.

IM(Not really all that)HO the vendors need to: 1) provide that access, 2) timely patches for a reasonable support window, 3) either the ability to take the device offline, or open up the platform drivers and let the community manage patching it 4) load alternate firmware/software 5) Control deployment of updates that may introduce a breaking change.

BTW, as a bonus to anyone who made it this far, you still get one last chance to avert the install by declining the license clickware, if you decline it it must abort, and even the M$ marketing trolls won't risk the fury of the fiends in M$ legal by voiding the EULA.

HP clampdown on 'unauthorised' server fixing to start in January

Corporate Scum
Coffee/keyboard

Great, there went my plans for the Xmas Break

I was really, really hoping I'd get to finish my winter break Todo list early enough to take a couple of well deserved days off. Instead, with no prior warning, I find out the the storage array I just bought THIS YEAR, will need to be recommissioned because HP changed the terms after they sold it to me. Now all I can do is hook it up to our old cold storage server and use it for a secondary storage target.

So now, two days before Xmas, I have to re-provision the storage pools for my Virtual Servers, Two iSCSI Servers, redo their LUNS, Redo the start-up targets on everything pointed at the old array... Then there is the little problem of procuring and installing new drives in the main cluster to cover the loss of space...

Burn in test it all... Redo all the backup scripts...

Ok, anyone want to go in on the 800$/Ton to send Meg a nice post XMAS Coal shipment?

In the end we will have this fixed, tested and working before the rest of staff get back from the New Years holiday. The only ones who will know be the people who sign off on my overtime, my girlfriend who may be spending the week of new years by herself and anyone who mentions HP to me in the next couple of years.

Beauty firm Avon sticks spike heel into $125m SAP-based sales project

Corporate Scum
Stop

Re: been running as designed....

Based on what exactly? SAP has made an outright business strategy out of born to fail projects like this, counting on the tried and true revenue of management doubling down on their mistakes, and never delivering a working system.

The playbook:

1) Outright lie to the customer and claim that SAP can to anything, that everyone loves it, and the extortionate(and non-refundable) licensing fees will cause money to rain from the SKY.

2) When is becomes clear SAP's in house code cant deliver an acceptable user experience, have the SAP consultants suggest a 3rd part front-end that almost but not-quite meets requirement. Bill client for the new solution and changes required to meet requirements. (See the saga of Overstock.com here)

3) Bill client again when SAP's back-end freaks out talking to third party code. By this point SAP has developed their own version of the Third party solution, and they either lock out the third party code or make sure it never_quite_works. But don't worry because SAP now has their own module that will only add 40% to the project cost and almost does what the client needs. Then bill additional hours to remove the third party code and integrate with the new SAP, which by the way, requires the new version of the SAP platform, more license fees, etc.

4) The new all SAP solution is murderously slow, unusably complicated, and requires tons more hardware, users complain, and transactions the old POS system did in seconds take minutes. Customers fume, everyone requires weeks of training to navigate basic transactions. This is actually the Happy Ending, it does not get better than this. The client pays large amounts of money annually to SAP for licensing, support, and "maintenance" until they get tired of bleeding red ink. The managers responsible for the project watch their careers burn as they fall on their swords, and the SAP consultants move on like a plague of Locusts.

"A strange game. The only winning move is not to play." -J

Earthquakes will release captured carbon: Stanford study

Corporate Scum
Flame

Re: BRILLIANT!

So... in scraping around online... It seems to be mostly Oil companies that were already pumping CO2 into their wells to increase extraction that are championing this method of carbon sequestration. Nothing beats shamelessly promoting your Green cred while endangering the locals and potentially making money in additional oil extraction. In short, being a modern oil company.

Apologies to any modern hippies whose delicate sensibilities were bruised. Still, they may be on to something, mass human extermination by direct CO2 poisoning... is it a good plan? NO... but it is faster than human extinction by climate change(or the slow poisoning of the food chain with industrial waste..)

It might have a better chance of success than the Kyoto Protocol though...

Corporate Scum
FAIL

BRILLIANT!

Why is it today's hippies have no grasp of history. Or am I the only one who remembers a little incident in Cameroon in the Mid Eighties? Try googling Lake Nyos, Monoun, or Kivu, or "Limnic eruption". Don't both with CO2 dangers, or all you'll get is more of the same halfwit screed that passes for environmental science these days.

Think the people who complain about badly run fracking operations causing their tap water to catch on fire? Wait till it smothers their whole house as the "Carbon Vault" empties itself through their well.

North America makes entry into dino fatty league

Corporate Scum
Headmaster

I call a techical foul!

In defense of my North American brethren, it is not really fair to lump us with the Titanosaurs, as during the cretaceous the super continent of Pangaea was just breaking up. North America, Asia and Europe were all still conjoined twins at this point, so your lot across the pond isn't off the hook either. Yep, I'm that guy. Commence the hail of tomatoes for the nitpicking armchair historian.

German developers forge Iron from Chrome

Corporate Scum
Coat

Better just go Opera then...

"However, it's difficult to imagine that Iron will pick up much market share, and people unimpressed with the idea of handing over yet more data to the world's biggest ad broker are more likely to turn to Firefox or Opera instead..."

Am I the only one who noticed that Firefox already sends a ton of info to Google? Even if you set it to use another search provider, it by default send searck keywords to a Google url and it also prescans each url by bouncing it off a Google url for the "Malware" check.

Not a real suprise that a ton of the funding for the 'zilla foundation came from the google plex. Some of these features can't even be readily disabled through about:config, and most have dissapeared from the GUI.

SanDisk Cruzer Pro, Enterprise secure USB Flash drives

Corporate Scum

Stick with the professional stick?

It would appear that SanDisk may have committed a rather basic error in the Enterprise disk. The password requirement on them is overly restrictive and specific.

If you know the password must have three each of lower, upper and numeric you can rule out a huge part of the key space. Accounting for regular user tendencies, such as picking near minimum password lengths and the native language used, you could build an optimized dictionary that would crack the majority of these keys in VERY short order.

AES still requires good password security or it is little better than DES...

Biting the hand that feeds IT © 1998–2019