* Posts by Jack of Shadows

2998 posts • joined 11 Jul 2014

RIP Bill Godbout: Cali wildfire claims the life of master maverick of microcomputers

Jack of Shadows
Silver badge
Pint

Re: Preventable

In the past, the fires had a helping hand from various Californian Indian tribes living in those areas that would start fires to clear out the underbrush to make hunting easier. Stop doing that, which is what the forest service did not bothering to talk to anthropologists about what was done in the past that permanently altered the ecosystem. well... you get this situation.

I was never part of the Homebrew Computer Club scene. I merely observed from the sidelines as I was in my early years in the US Navy. Every month I'd grab every scrap I could in magazine articles and read about them, lusting in my heart to own my own. I really, really wanted to make the jump from IBM mainframes, which I'd had several years experience, to microcomputers. I could already see the future path. I wish I'd known him. What a terrible way to go.

2
0

We asked the US military for its 'do not buy' list of Russian, Chinese gear. Surprise: It doesn't exist

Jack of Shadows
Silver badge
Joke

Re: Hmmm

"Close enough for government work."

5
0

Microsoft menaced with GDPR mega-fines in Europe for 'large scale and covert' gathering of people's info via Office

Jack of Shadows
Silver badge

Re: What about Windows 10 that Office is sitting on?

Remember that telemetry has been retrofitted to Windows 7 and 8 if you aren't extremely careful about how you install it, services run, etc. So, no, everything is not fine now with Windows 7.

38
1

If at first or second you don't succeed, you may be Microsoft: Hold off installing re-released Windows Oct Update

Jack of Shadows
Silver badge

Windows 8.1U1 is perfectly loved here, once I step in and use Winstep Nexus Ultimate on the shell. But I've been doing that to Windows since WNU popped up on the 'net as soon as it was out. Basically same principle. Give the user their favorite shell, not some declared in Redmond mandatory, maximally stupid shell.

0
1
Jack of Shadows
Silver badge

Re: Cannot reproduce the net share issue...

I rather suspect that Microsoft is mucking around in SMB again, probably in an attempt to rearchitect/reengineer it yet again. You should, operative word should there, need to only step back and let a couple of months go by only, operative word only there, if you've completely screwed up and can't fall back as some other team(s) have made the new requirements irreversible. Network plumbing changes like these are very fussy. Notice, too, that Windows 8.1U1 and older don't seem to be affected. Maybe?Hopefully?

That's my view of what probably happened, although I can say it's happened to me on several occasions, for instance, having to go in manually and transform all the databases due to enterprise guys making a mandatory breaking change without inserting code to do the transform due to that breaking change by hand. Not fun!

[1] That's where I learned COBOL the hard way. By reading their source code and mentally making the transforms from prior to new. Sweet thing about COBOL, it's very verbose, and I liked it!

[2} The Harris system engineer gave me my own system GENTAP with all their compilers, tools and, especially, the damed man pages.

[3] God(s) bless some IBM system engineers who didn't mind taking a snot-nosed kid under their wing, who liked to hang around the computing center, and taught him to think this way when it's all FUBAR.

3
0

Facebook's CEO on his latest almighty Zuck-up: OK, we did try to smear critics, but I was too out-of-the-loop to know

Jack of Shadows
Silver badge
Mushroom

On a serious note, we already have megacorps as people doing things people do, usually badly. The next step up the tier is megacorps acting the same as nation-states, usually badly. Hell, why not? The even have their own courts via ISDS.

Nuke 'em from orbit. It's the only way to be sure.

3
0

5.. 4.. 3.. 2.. 1... Runty-birds are go: 12,000+ internet-beaming mini-satellites OK'd by USA

Jack of Shadows
Silver badge

Re: mesh together

As I seem to recall, SpaceX already has two up being debugged already.

0
0

Just one Corretto, give it to me... AWS brews its own blend of Java with free long-term support

Jack of Shadows
Silver badge
Pint

Middleware, the last time I looked. Pretty much a "meh!" here, I define Java as "C++ on LSD" but this setup would be nice for someone like myself that doesn't want to take care of upgrades, especially tracking those. Ditto .NET on Microsoft's bit barns.

0
0

Oracle's JEDI mind-meld doesn't work on Uncle Sam's auditors: These are not the govt droids you are looking for

Jack of Shadows
Silver badge

I'll bite

IBM has filed a similar protest objecting to the contract's bidding and procurement process.

Any relation to IBM's purchase of RedHat, assuming that goes through?

3
0

Alexa, cough up those always-on Echo audio recordings, says double-murder trial judge

Jack of Shadows
Silver badge

I can't see any difference between what the Echo does and whatever smartphone, also with wake word, you wander around with these days. Which raises the question, have they attempted to get the data/records for all those cell phones around as well? Bonus points for GPS records.

9
0

Did you by chance hack OPM back in 2015? Good news, your password probably still works!

Jack of Shadows
Silver badge

Re: Why bother?

Between OPM (nuclear clearance), Veterans Administration (medical/psychiatric), and Experian (financial), there's nothing left to leak! Oops, maybe my shopping at Amazon and Newegg.

2
0

Microsoft lobs Windows 10, Server Oct 2018 update at world (minus file-nuking 'feature') after actually doing some testing

Jack of Shadows
Silver badge

Re: Maybe we're to blame

Looking at the evidence over the last few updates, apparently many/most do their testing in virtual machines rather than real hardware. Thus, where the HAL hits the hardware, this hasn't been tested against the (literal) myriad of systems out there. A monoculture if ever I've seen one.

Were I even using Windows 10, I can see that I might do the same. Instead, my laptop uses Windows Server 2016. First off, it's only used to connect and do things on the Internet, my canary in the coal mine, not just about Windows but what is "Out There" to get my devices. [All other devices are energy-gapped save the tablets. No big deal restoring.] The other reason is that the laptop can't seem to keep a working Windows 10 alive; has no problem doing the same with Server 2016. Same device driver model, supposedly, for both. Go figure why.

2
0
Jack of Shadows
Silver badge

Re: QA in progress...

Because it really doesn't matter for this machine. Annoying restore, yes, but sometimes I'll take it. So far, nothing apparent. Still bitching at me about reduced CPU performance due to firmware, thank you so much Intel. I'll kick the tires on Hyper-V later, that was the major change this iteration.

4
0
Jack of Shadows
Silver badge

That really depended on a real engineer being around rather than just marketing drones. They appreciated the thought and I'd see their bugs slowly being removed along the way. Which is why I documented that damn things in detail so I could simplify the code. Then again, I'd pick up on others. Round and round it goes....

5
2
Jack of Shadows
Silver badge

Or the wrong ones, which is terrible from my perspective.

3
0
Jack of Shadows
Silver badge

QA in progress...

Putting the hammer down on the 1809 Update for Windows Server 2016. Wish me luck!

5
2
Jack of Shadows
Silver badge

@gerritv:

I've done many projects involving software as complex as Windows 10, easily, except defects weren't allowed to exist that might impact functionality, especially safety. That's why what I do is called safety-critical. The difference between myself and Microsoft is that if I fucked up, people were going to end up dead with millions of dollars of damage occurring. Billions of dollars wasn't out of the realm of possibility. The US Government might be a little ticked to come up missing a destroyer or Naval Air Station. I had to literally write bulletproof code.

The techniques involved are tedious in the extreme, formal verification just as an example, there are others involved. What consumed most of my time was not writing defect free software, it was insuring that the other code, the hardware, and especially the operating system itself couldn't be allowed to stab me in the back. I used to drop long lists of defects off at the trade shows to the various vendors asking them to fix their software.

So, I've zero patience for Microsoft's engineering processes, such as they are, when this kind of crap, that was reported to Microsoft by user-testing yet was released into the wild. Last point: I used to test their server software in alpha and beta status. For years. I can probably dig up my Beta ID if you'd like.

53
0

Oi! Not encrypting RPC traffic? IETF bods would like to change that

Jack of Shadows
Silver badge

Re: Was RPB ever meant to be exposed over a public network ?

I can see that I'm not the only one with that concern, then. I'm also more than a little concerned that any security failure in TLS itself is going to open a yawning canyon in the overall security for all computing. I've no idea if/when that might happen, but we've been surprised that way before.

1
0

Uncle Sam, D-Link told to battle in court over claims of shoddy device security: Judge snubs summary judgment bids

Jack of Shadows
Silver badge

Ummm...

{cough} Cisco {cough} to such a level that a degree that I'd call it willfully malicious in the TLA's favor.

0
0

Solid state of fear: Euro boffins bust open SSD, Bitlocker encryption (it's really, really dumb)

Jack of Shadows
Silver badge

Re: The issue is changing the password...

You, literally, have no idea what you are talking about vis-a-vis this attack. At no time is there anything to do with the user's passphrase. None. This is all about convincing the firmware in the disk itself that you are an authorized user to see the decrypted content of the data on the drive.

If there were everything including the stars aligning to establish the user's passphrase, that'd be a different matter. I've the tools (Tesla GPGU) and various Rainbow tables, which I do have, that isn't an attack that will give you much return in terms of cryptological return.

We've short-circuited the entire security stack. THAT is the problem.

3
0
Jack of Shadows
Silver badge

Re: "Because MS was just blindly trusting them all, they have to take some of the blame."

Given that you have to be very comfortable with hacking systems on debug port and know exact details of hour the firmware works, I'd give Microsoft a pass on this one. There's not a lot of this flavor of hacker wandering around to be hired or that would even have anything to do with Microsoft, for that matter.

1
0
Jack of Shadows
Silver badge

Last time I looked, Microsoft "helpfully" stores your Bitlocker password to your Microsoft account, if you have one, on their servers. That's the reason why I don't use Bitlocker and damned sure will not tie a Microsoft account to my laptop.

5
1

Nokia's open SDN, SoC-it-to-me open 'Chiplets', Verisign exits the DDoS protection biz, and more

Jack of Shadows
Silver badge

Seven vendors open 'chiplet' architecture

What a perfectly enabled target for hardware hacking in the supply chain. Bet security in the development process to prevent introduction of future hacks isn't on anyone's mind either.

0
0

Slabs, huh, what are they are good for? Er, not quite absolutely nothing

Jack of Shadows
Silver badge

Re: Not surprised...

I'm the reverse. Tablets allow me to forgo a phone. However, the manufacturers still won't be happy as, at the rate I kill the suckers, the "new" tablet to be delivered tomorrow is a refurbished Lenovo 10" job. One that can be rooted for my site survey apps. Almost entirely used for reading my books, references and occasional journal.

1
0

McAfee says cloud security not as bad as we feared… it's much worse

Jack of Shadows
Silver badge

Re: Well duh

So... How's that cloud thing workin for ya?

More like how is that change-management/governance thing working out for ya?

2
0

Oz spy boss defends 'high risk vendor' ban

Jack of Shadows
Silver badge

The problem still remains. Exactly how do you go about sourcing from anywhere but PRC for all the components in your supply chain.

14
0

Official: IBM to gobble Red Hat for $34bn – yes, the enterprise Linux biz

Jack of Shadows
Silver badge

It'll be interesting to see what happens to both companies share prices on Monday. I fully expect RedHat to become another zombie under IBM's wing.

40
0

The D in Systemd stands for 'Dammmmit!' A nasty DHCPv6 packet can pwn a vulnerable Linux box

Jack of Shadows
Silver badge

Re: Meh

How can one trust anything connected to the Internet that is more sophisticated and complex than a TV streaming box?

Short answer? I don't. Everything I have any sort of trust around never gets to see anything from the Internet, even indirectly. Yes, I understand pretty much the rest of the planet doesn't have that option. I'm also one of those people that happily lives without a smart phone. Really any phone. I can, most can't.

12
1

Belgium: Oi, Brits, explain why Belgacom hack IPs pointed at you and your GCHQ

Jack of Shadows
Silver badge

Re: All true.....but.........

And very frequently you want whatever nation is spying on you to be fully informed around some of your military/intelligence capabilities. Tends to discourage the opposition from miscalculating their way into a war you'd rather not have. Taiwan and PRC are very well informed at least on the PRC side. Can't speak to Taiwan about PRC, but it wouldn't surprise me all that much if it's comparable.

3
0

Californian chap sets his folks' home on fire by successfully taking out spiders with blowtorch

Jack of Shadows
Silver badge

My (current) home town.

Words fail me.

2
0

Grumbling about wobbly Windows 10? Microsoft can't hear you over the clanging cash register

Jack of Shadows
Silver badge

Re: Conditioning.

Sadly, it'll probably take an update deleting almost everyone's files before people will listen. Hell, I'm guilty of not wanting to move to another primary OS simply that my engineering and analytical tools either don't exist on any other OS or cost $x,000 per seat license should I switch.{Shrug}

17
1

Memo to Microsoft: Windows 10 is broken, and the fixes can't wait

Jack of Shadows
Silver badge

Re: ...or MacOS

Every time I try to use an Apple computer the thing crashes on me. I get a lot of jokes about it. The weird part of it all is that NeXT machines and I got along great.

3
0

Well, it is the Empire of enterprise IT... Oracle's Ellison plans 'Star Wars cyber defense' for his second-generation cloud

Jack of Shadows
Silver badge
Devil

I recall a certain "person" that every other year would pwn everything Oracle without a sweat. I'm not talking weeks, mere days. Pardon me if my disbelief in what Leisure Suit Larry is selling, completely aside from hardware vulnerabilities, bothers him.

1
0

Apple to dump Intel CPUs from Macs for Arm – yup, the rumor that just won't die is back

Jack of Shadows
Silver badge

Re: Rosetta-a-like is absolutely necessary

I'm kinda, sorta with your view on this although my inner-engineer questions exactly how much of the total energy budget for a Mac goes to just the CPU of the total. Stepping up and down cores are, perhaps, enough of a significant difference but don't cite me on that! Otherwise, meh!

OT: I still miss NeXTSTEP. Met it after I returned to the university and it was good enough to give my mega-modded $10K+ Amiga 2000 a challenge.

5
1

Azure goes quiet, Huawei Canada ban urged, US Senators are after Google, and more

Jack of Shadows
Silver badge
Windows

As things stand right now...

... I have zero faith in any security regime based on Xeon, and several other, lines of silicon despite any assurances from Microsoft.

8
1

Microsoft Windows 10 October update giving HP users BSOD

Jack of Shadows
Silver badge

Re: Updating

Minor nit. The first thing that generally happens when updates are released (okay, inflicted) is the rush to reverse the update to find what vulnerabilities are patched for by the malware communities. The tools are readily available, I've got most of them here, it's more a matter of how much effort is required for a particular level of return.

Therefore, if those vulnerabilities weren't being actively exploited, you can be assured in a few days/hours it will be actively exploited.

4
0

The Obama-era cyber détente with China was nice, wasn't it? Yeah well it's obviously over now

Jack of Shadows
Silver badge

Re: Please....

Even less of a difference once transportation/distribution costs are factored into the complete supply chain opportunity costs. I'm still trying to figure out what "lights out factories" are. What-evah. There's a lot of much more friendly places to place one's sources than the PRC anyway. Already relocation targets are being looked at since, obviously, our corporate masters are scheming for a way to that next bonus.

1
0

Google Cloud boss promises 'security built into every layer of the system' at UK shindig

Jack of Shadows
Silver badge

Re: Blah...

And the case of locking out a user based upon a location which they are most definitely not. True, that could be considered the user's fault, thus requiring a change in VPN apparent location but the prevalence of VPN's is increasing and not all users are really aware of complications that can result. It took quite a while (read years) to convince my bank that my machine was all over the planet.

0
0

Oh no, Xi didn't! Chinese spymaster cuffed in Belgium, yoinked to US on aerospace snoop rap

Jack of Shadows
Silver badge

I wonder if the seizure of the Chinese national who's Interpol chief is in anyway related to this action. Suspicious that successful extradition occurred this week as well.

5
0

US Congresscritters discover Wi-Fi, updates on Oz's nbn broadband plan and much more

Jack of Shadows
Silver badge

Lookj on the brightside

Easier targeting of campaign donations for the WiFi Alliance.

0
0

Uncle Sam gives itself the right to shoot down any drone, anywhere, any time, any how

Jack of Shadows
Silver badge

Re: "Credible Threat"

That really depends on the pistol and the training of the person shooting said pistol.

6
0

HMRC rapped as Brexit looms and customs IT release slips again

Jack of Shadows
Silver badge

Re: TL;DR

That'll give a home to the billions of pounds that would have transferred from the UK to the EU if there had been an agreement. Huge quantities of directorship positions likely filled as well.

2
5
Jack of Shadows
Silver badge

Re: TL;DR

On a more positive note, I'm kind of looking forward to the literal tons of organizational, academic and technical papers on what happens, more specifically nuts and bolts of, when a First World nation crashes out of a trading bloc.

Sorry, I know it's not fun for the participants, though.

10
2

Chinese tech titans' share prices slump after THAT Super Micro story

Jack of Shadows
Silver badge

Re: Interested

We'll have to wait and see. So far, nothing pops up for now. Vintage Super Micro servers are something that I track daily, among other items, as I have a clutch of Xeons that could use an inexpensive home. Then I could poke and prod that chip, if it exists, to my heart's content.

True, I have the oddest definition of fun I've encountered. 'Twould be rapture.

6
0
Jack of Shadows
Silver badge

Re: If true, then someone in China has made a very big mistake

+1 although if past performance is indicative of future results, there will be little to no effect. NSA shenanigans didn't seem to any sort of downside to, for example, Cisco. With respect to having national chip foundries, it's doable especially given the cost overruns for any sort of military contract. Think of it as national insurance on a par with flood insurance, if you will. It would also have the advantage of allowing custom production runs for national sole use.

1
0

Iron Mike Pence blasts Google for its censor-happy Dragonfly Chinese search engine

Jack of Shadows
Silver badge

Re: 'So far, however, Google has not caved into the pressure.'

That monster is already here, just not fully visible to all and sundry. Every bit of your behavior that might be held by one of the various companies, not just the big three credit bureaus, can influence your being hired, sometimes even fired, renting an apartment, credit card application acceptance, and so forth.

As for Google and China, Eric Schmidt is already on record predicting a bifurcated Internet, it should be any surprise that the people he worked with are placing bets on whether that will happen. If so, certain multinationals are certainly going to desire operations on both sides of the divide. Especially if it is not just China but a big block of Asia and Africa signing up to join that network.

12
2

What do Zuck, Sergey, @Jack and Bezos have in common? They don't want encryption broken

Jack of Shadows
Silver badge

Re: The Don't Want Encryption Broken

Just one more sign of governments afraid of their people, not because they fear not getting re-elected, but perhaps other reasons more related to actual anger in the populace. Nip any real resistance in the bud, a stitch in time and all that.

Given 9/11 and the billions lost in various hacks, of course those with real power are terrified at what can be done by one person or just a few. The New Encryption War and all the other attendant changes in state powers is exactly the reaction one would expect looking at the world today from their eyes. Even though it will prove in the end absolutely futile.

2
0

Civil rights group Liberty walks out on British cops' database consultation

Jack of Shadows
Silver badge

Re: Dogs Dinner

"LEDS cannot be considered in a vacuum," Couchman said. To do so ignores the fact that combining technologies has a cumulative effect on society's human rights; and that collating seemingly innocuous pieces of information can build up a detailed and intrusive profile of a person.

Which is, as you state, the raison d'tre.

8
1

The ink's not dry on California'a new net neutrality law and the US govt is already suing

Jack of Shadows
Silver badge

Re: Legal basis

Add another string to that bow, last time I looked, the California Public Utilities Commission was regulating businesses with a (intrastate) presence in this state, whether or not they operate as an interstate business. Not that this matters much. Just the fact that the State of California is declaring which firms they will do business with and no others is our look out not the federal governments.

Indirectly, it'll be just as interesting around how this applies to Verizon's fuckup during our last batch of wildfires.

5
0

Boffin: Dump hardware number generators for encryption and instead look within

Jack of Shadows
Silver badge

Now this is interesting. It addresses the switch problem in Linux deciding whether to use HWRNG or software based, decided for now by the distro, with something resembling higher entropy.

6
0

Forums

Biting the hand that feeds IT © 1998–2018