* Posts by Griffo

133 posts • joined 23 Feb 2015

Page:

Microsoft attempts to up its Teams game with new features while locked-down folk flock to rival Zoom... warts and all

Griffo

Re: Been four years

Ive seen all these features on the internal Microsoft dogfood version for at least 6 months. So they were always coming, they've just been pushed ahead of schedule

As miscreants prey on thousands of vulnerable boxes, Citrix finally emits patches to fill in hijacking holes in Gateway and ADC

Griffo

Re: "Rush"

And they knew about for quite a while before it went public. For a so called "security" company they did a completely crap job at managing this super basic flaw.

Microsoft Surface users baffled after investing in kit that throttles itself to the point of passing out

Griffo

C'mon Ed.

If you're gonna explain that "The issue is most likely caused by a CPU feature called BD PROCHOT, which stands for bi-directional PROCHOT. " you might want to explain what PROCHOT is too.

Xbox daddy bakes bread with 4,000-year-old Egyptian yeast

Griffo

Re: I'd eat it

You CAN keep a strain of pure yeasts. What do you think all brewers do?

Years ago when I used to make beer every weekend in 100L lots, I was right into yeast cultivation. Using some fairly basic gear (a magnetic stirrer, some flasks, agar plates, innoculation loops) it's pretty simple to isolate a single yeast strain, grow it, and grow it in a starter. It was a "thing" to isolate yeast from well known beers.

Operation Desert Sh!tstorm: Routine test shoots down military's top-secret internets

Griffo

Mirror ain't backup

I went out to visit a new client to get an overview of their infrastructure, and to perform a quick health check. This was a largish architecture firm, I think they had about 200 architects, designers etc.

Their "backup" system comprised of the owner pulling out 1/2 of a mirrored set of disks each night. He'd take it home, then bring it back in the morning and let it re-sync.

Yes.

Really.

I spent a month trying to convince him that that this was a recipe for disaster and that he needed to spend a relatively small amount ($5k or so) on a backup system. He refused, and we pretty much parted ways.

Fast forward 3 months, he calls us in tears. All his data was gone. Every client drawing ever produced had gone "poof" one morning when he plugged the disk back in and things didn't go well.

I didn't give him much time, asked him how expensive that $5k backup system sounded now, and told him to go try ring someone else. I have zero regret in refusing to help him.

Captec saps tech from Aleutia to put its tiny PCs back to work

Griffo

Talk About an Own Goal

Lots of options in that space

These run pfsense or similar with ease. I'm pushing 100mbit over an Opensec VPN with the CPU barely moving. My internet connection is the limit.

https://www.aliexpress.com/item/New-Braswell-mini-pc-M150S-with-2G-ram-8G-SSD-celeron-N3150-Dual-H-D-M/32533935685.html

Never let something so flimsy as a locked door to the computer room stand in the way of an auditor on the warpath

Griffo

I had something similar happen

Back in the early naughties, one of our cusotmers was a name-brand diamond reseller, who was at the time setting up an early B2B diamond marketplace, hosted on our kit.

Given the size of any potential fraud, they sent in a set of security auditors to check out our setup. All good, I spent the day with them in our datacenter which was at the time pretty advanced. Think guards behind bullet proof doors, multiple man traps etc.

Problem was, on the second day, I was badly delayed due to a car accident (mine!) and turned up around 3 hours late. At this point I found the auditors had

a) convinced the guard to let them in seeing as "they were here yesterday"

b) used a boot disk and snagged a copy of the SAM DB from the NT4 severs

c) scampered with that file to try their hand with l0phtcrack to try to break any weak passwords

Needless to say, we failed the audit.

How much open source is too much when it's in Microsoft's clutches? Eclipse Foundation boss sounds note of alarm

Griffo

Devops

It's all about providing more tools to enable Devops on Azure cloud. That's all. They want a reliable well established code and packaging source to encourage more automated / serverless / devop oriented workloads on Azure.

We dunno what's worse: Hackers ransacked Citrix for FIVE months, or that Equifax was picked to help mop up the mess

Griffo

Talk About an Own Goal

I'm just going to leave this here..

https://www.citrix.com/blogs/2019/04/04/security-best-practices-multi-factor-authentication/

Uber driver drove sleeping woman miles away from home to 'up the fare'. Now he's facing years in the clink for kidnapping, fraud

Griffo

Re: Are you kidding?

Have you ever tried to contact Uber support to lodge a complain against a driver?

Despite what they "advertise" they make it almost impossible, and generally always side with the driver. They are a nightmare. I can totally believe that they would have ignored prior complaints.

Packet switching pickle prompts potential pecuniary problems

Griffo

Once became an accidental peer

One time in the early 2000's we screwed up the BGP config on our edge routers. We'd just installed a bunch of 155MB/s links to various ISP's for redundancy. At the time in the wonderful land down under, flat rate links were pretty much impossible to buy, so we were on metered connections.

Unfortunately due to our screw up, we became a peer between the ISP's and started paying for the privilege of shuffling packets between the ISP's. We ran up $40k in traffic charges before someone noticed that the traffic seemed pretty heavy for a couple of routers with nothing behind them yet...

Don't mean to alarm you, but Boeing has built an unmanned fighter jet called 'Loyal Wingman'

Griffo

But we can afford more of them

I assumed the Bizjet engine choice was one of cost and practicality. They'd be cheaper (remember, sending into harms way where they wouldn't risk a pilot may = higher losses), easier to service, have much faster turn-around times, and much longer work cycles before overhaul. It may not pull the G's and be able to maneuver like a proper fighter, but I assume the thinking is more along the lines of "the clone war army" than the small handful of jedi.

New claim dogs Oracle: After $11m of sales, I was unfairly axed before next big deal – because I am a 64yo woman

Griffo

Hmm

While I have no doubt that Oracle and a bunch of munts who have screwed over their staff, $11m over 6 years is a pretty low figure for an enterprise sales reps. With the amount that Oracle pay their sellers i'd expect them carry at least $5m in target per year,

Cut open a tauntaun, this JEDI is frozen! US court halts lawsuit over biggest military cloud deal since the Death Star

Griffo

Who feels sorry for Oracle? No Really

Oracle's just upset that nobody want to use their shit cloud that can only provide 2012 level basic IaaS services. I think Gartner recently rated it as having "minimum viable features".

I fact I just found it and I quote:

"Oracle's second-generation product, named Oracle Cloud Infrastructure (OCI), was launched in November 2016. A year-and-a-half later, however, Gartner says it "remains a bare-bones 'minimum viable product,' and it is arguably too minimal to be viable for a broad range of common cloud IaaS use cases.""

Apple solemnly agrees to pay France $570m in back taxes, turns to camera, gives us a wink

Griffo

Transactional Tax

Is this another reason for countries to look more seriously at shifting to transactional taxes?

Tax the transaction, in the country it's made, at the time the transaction is made. The ability to funnel transactions to low-tax jurisdictions could be severely curtailed if not stopped entirely.

Lawyers' secure email network goes down, firm says it'll take 2 weeks to restore

Griffo

Stab in the dark guess

Lost a server or storage group.

Discovered backup junk

Recovering emails from a journal, which means that it needs to process every mail, decide whether to restore it, and insert it back into the users (now empty) mailbox.

DDoS sueball, felonious fonts, leaky Android file manager, blundering building security, etc etc

Griffo

Re: Es file explorer [alternative app (fast NAS access)]

Not as full featured - but free - AndSMB provides both SMBv2 and SMBv3 support.

Cray will realise 'substantial' loss. But Shasta minute, folks, big iron market will pick up

Griffo

Talk About an Own Goal

Lets hope that the Cray Shasta is more successful than the Alteon product of the same name.

You were told to clean up our systems, not delete 8,000 crucial files

Griffo

Lost all a CIO's emails during an Exchange Migration

I once had to complete an AD and Exchange migration for a company. I don't recall the reason why exactly, but they needed to move to a new AD so a full migration was necessary.

When I configured the new Exchange environment, I set up some basic policies - you know, like remove all mail from the Deleted Items folder after 30 days etc.

A week or so after the migration was completed, I got an urgent "please explain" email from the CIO, he wanted to know why I was so incompetent that I had managed to lose all his emails.

Naturally I went straight to the logs to see that yes all X number of items had copied across, so I went to question him as to what emails he was referring to. At which point I learnt that he, no shit, stored every single email he wanted to come back to in the 'Deleted Items' folder. On their previous server they had no policies so they stayed there until he deleted them a second time. I never could get my head around his logic that this was a good place to store them..

Anyway, luckily I still had a PST of his old mailbox, so disaster was averted. But what a muppet.

Um, I'm not that Gary, American man tells Ryanair after being sent other Gary's flight itinerary

Griffo

I've often had the same

I too have the "curse" of an email address that many people seem to think is theirs. Mostly, it's easy to correct, but memorable is a software company that kept sending me the software license key for their wares. I spent maybe 2 years forwarding it back to their support department before someone with more than one brain-cell picked up the ticket and actually fixed it.

Suunto settles scary scuba screwup for $50m: 'Faulty' dive computer hardware and software put explorers in peril

Griffo

Re: Isn't that what the watches with the numbered bezels are for?

Or even better, learn ratio deco. 10 seconds of mental calcs will tell you if your dive computer is close to the mark or miles off.

Also, anyone who relies on the AI reading for tank pressure and doesn't check their SPG is asking for trouble.

It's a worrying trend in diving. Too many people "ride the computer" and have no idea how to actually calculate their remaining NDL or know what to do if they do enter deco. I blame PADI

Microsoft sysadmin hired for fake NetWare skills keeps job despite twitchy trigger finger

Griffo

I too was unleashed untrained on a Netware 3.11 network. I was given the admin doc and the SYSADMIN password and unleashed. I didn't even know what IPX was for gods sake.

Somehow, I survived, although I do think I had about 6 weekends of major rebuilds due to earlier poor planning decisions. Name everything the same and everything would work just fine come Monday morning.

It's raining drones, but just one specimen: DJI's Matrice 200 quadcopter

Griffo

Re: Bah!

Bah!

Fixed wing for the power-loss, no-crater win.

Tell that to the people on JT610

British Airways: If you're feeling left out of our 380,000 passenger hack, then you may be one of another 185,000 victims

Griffo

Poor Handling

One of my co-workers had their data slurped via this attack. He had to cancel his card obviously, but luckily BA sent him a nice email with a free offer to a 12 month subscription for a credit monitoring that would look for attempts to leverage the information that was stolen.

Only issue was.. the offer was only valid for UK residents. So basically, if you used BA, got hacked, and were not a UK resident, then they effectively said "screw you".

RIP Paul Allen: Microsoft cofounder billionaire dies at 65 after facing third bout with cancer

Griffo

Say what you will

I know on this site that a large portion of the participants are Microsoft haters. But you have to admit that the founders have been some of the most philanthropic people in history. Compare that to Bezos or Ellison or Zuch who horde their billions like some modern age Scrooge McDuck.

Vale Allen.

Using Microsoft's Dynamics 365 Finance and Operations? Using Skype? Not for long!

Griffo

Backwards Compatibility

Say what you will about MS, they are normally overly focused on software backwards compatibility. Often to their own commercial detriment. I wonder if a security flaw with the old authentication method was found that forced their hand.

Microsoft 'kills' passwords, throws up threat manager, APIs Graph Security

Griffo

It would be great

It would be great if MS actually enabled this technology on all their partner portals as well. You know, the ones that let us modify customers products and subscriptions and get into their tenancies.

There's been a few cases of partners credentials being hacked - to date mostly so people can spin up Azure for free crypto, however the fact that most of these portals still cannot enable 2FA is criminal.

Official: Google Chrome 69 kills off the World Wide Web (in URLs)

Griffo

Great

So after years and years of teaching users to check the full URL.. Google decide to start obfuscating it so they can turn it into another search bar with zero thought about the repercussions. Guess it's back to Firefox then.

You want how much?! Israel opts not to renew its Office 365 vows

Griffo

Re: £££££££££££

Because after decades of Government IT departments providing shit IT solutions on spaghetti architecture that was always N-5 revisions new, they probably decided that outsourcing part of their stack to the vendor to keep evergreen probably makes a lot of sense.

Microsoft to pay new bounties for identity services holes

Griffo

I doubt there's any BV code in there

From what I understand AAD was a ground up clean sheet modern directory written specifically for multi-tenant web scale identity requirements. Compatibility with Windows AD obhects was added afterwards, and AD services have been slowly bolted on, but again are clean room implementations. I doubt there's much if any code in AAD taken from Windows AD.

Telstra reveals radical restructure plan

Griffo

It's wasn't a lack of courage

I think you forget the arrogant, combatant, pigheaded, monopolistic beast that was Telstra back when NBN was announced. Do you not remember when Telstra submitted a 1 page response to the original NBN tender? NBNCo was constructed in part to FORCE Telstra to separate into infra and retail businesses because Telstra refused to and was totally happy being the vertically integrated communications monopoly provider.

Australia, Solomon Islands to ink Huawei-free cable contract today

Griffo

This government and Internet Services Provision?

If the NBN is anything to go by, the poor Solomons are Fv(ked for the next 20 years.

The current governments "Faster Cheaper more reliable" NBN re-design has been nothing but an unmitigated disaster that's going to take another $50B and 10 years to re-build once completed.

SAP hopes to blow the doors off Salesforce with a block of C/4HANA

Griffo

Hells No

As someone who is subjected daily to using SAP's current "best of breed" CRM Online solution.. I pity the fool that even looks at their new CRM offering. SAP wouldn't understand modern dynamic sales processes if their future depended on it.

NAB mainframe turns its TOESUP* after power outage, offline 7 hours

Griffo

UPS upgrades

Inside word is they were undertaking a UPS upgrade and it went wrong.. apparently it caused a set of rolling failures which took some time to untangle.

Griffo

Re: Also Broke BNZ in New Zealand

Actually knowing a little about the NAB's datacenters, power setup and mainframes, this is not an everyday failure. They have several layers of power redundancy at their main Knox DC and their new secondary facility is state of the art.

OK, this time it's for real: The last available IPv4 address block has gone

Griffo

Plenty of poorly used blocks left

I used to work at CSC, and at the time we owned 20.x. I owned 20.254. I see that they actually handed it back - good on them. But there are still other /8's around that really should be given back - such as 19, 28 and 56.net

Java-aaaargh! Google faces $9bn copyright bill after Oracle scores 'fair use' court appeal win

Griffo

What about S3

It seems every second player / device in the storage space offers and S3 compatible interface for data storage. Does this mean Amazon could go sue OpenStack and all the others?

Europe plans special tax for Google, Apple, Facebook, Amazon

Griffo

Simple

Just implement a transactional tax system. Companies lose the ability avoid taxation as they shift money around.

At last, sex trafficking brought to an end with US House vote on new internet law (Yeah, right)

Griffo

So what about craigslist and backpage?

Maybe i'm misunderstanding the scope, but it appears that this law bans all online prostitution advertisements? Does this mean that Backpage and Craigslist etc can no longer have adult services sections? Doesn't BP make 90% of it's revenues from it's "adult services" sections?

Roses are red, Ajit Pai is tickled. Broadband from SpaceX gets him out of a pickle

Griffo

KU Band?

Isn't KU band the one that stops working every time it rains?

Secret weekend office bonk came within inch of killing sysadmin

Griffo

Worse Liquid Story

One of my colleagues has a far far far worse story about liquids in a server room.

This server room had been installed in a hospital, and had been in that location for several years. My old mate had just recently installed a couple of new blade centers and storage, and one Monday morning unlocked the door to the room looking forward to a day of playing with shiny new toys.

Unfortunately, over the weekend, there had been a bit of a plumbing leak. What he at the time didn't know, was that in the ceiling above this server room, some bright spark had run a sewerage pipe. From the intensive care unit. Connected to "bed pan disposal unit". This pipe had for some reason popped off. Which meant that for all weekend, all the super disgusting sick person excreta had been dripping through the server room ceiling all over this brand new shiny kit.

Needless to say, while specialists cleaners were called in to clean the room, all the kit was replaced under an insurance claim. Now that's a day you'd never forget.

TPG joins the NBN speed-fail refund club

Griffo

This only addresses line rates

This is a first step, but the ACCC needs to encode stricter performance targets to prevent crazy over subscription of the CVC.

My mother who can achieve a 32mbit line rate but can't get more than 6mbit down except at 3am in the morning doesn't receive a cent in compo under this plan.

We translated Intel's crap attempt to spin its way out of CPU security bug PR nightmare

Griffo

Re: Questions

Good question. MS are seeming to indicate that if the Hypervisor is patched, the guest is protected. So will the OS detect that it's running on a patched OS and not "double implement" the memory protection?

https://azure.microsoft.com/en-us/blog/securing-azure-customers-from-cpu-vulnerability/

How fast is a piece of string? Boffin shoots ADSL signal down twine

Griffo

Re: ADSL slow? Shurely not!

If you are getting those speeds, you are not using ADSL. The term "Fibre ADSL" is an oxymoron. I'd suggest it's a marketing term dreamed up by someone at your provider.

The maximum theoretically achievable download speed on ADSL is 24mbits on ADSL2+

https://en.wikipedia.org/wiki/Asymmetric_digital_subscriber_line#ADSL_standards

OVH goes TITSUP again while trying to fix its last TITSUP

Griffo

Ouch

When SDN goes bad hey? You gotta almost feel sorry for them.

Hardly anyone uses Australia's My Health Record service

Griffo

Why would people register

Uhm.. the moment the government made it an opt-out system, user self registration became redundant. So wouldn't you EXPECT the rate of self-registrations and self uploads to go into the toilet?

VMware refuses to support its wares running in Azure

Griffo

What about other VMWare hosters

Apart from AWS, I'm not sure the other VSPP's out there will be that happy to hear AWS bag Microsoft if this way. Pretty much every other hoster runs an environment that hasn't been "engineered by VMWARE". Are they saying all their other hosters are running piles of shit?

Arm Inside: Is Apple ready for the next big switch?

Griffo

Re: bootcamp?

Or for those who want the hardware, but don't want to run OSX...

I have booted into OSX maybe twice on the last 4 years on my iMac.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020