* Posts by bombastic bob

5563 posts • joined 1 May 2015

Fancy a .dev domain? They were $12,500 a pop from Google. Now, $1,000. Soon, $17.50. And you may want one

bombastic bob Silver badge
Black Helicopters


ack on the "tollbooth" part - of COURSE the IANA and ICANN "recommend" using ONLY registered TLDs, even for your LAN's RFC1918 address space, and (apparently) no self-signed certs for HTTPS, either.

(next they'll somehow invalidate 'letsencrypt.org' if they get a chance, and follow the money on why)

*SCAM* and *TOLLBOOTH* indeed...

bombastic bob Silver badge

Re: so confusing

'.crap' - you hit on a good idea for "guaranteed will never be a TLD" TLDs.

Now which one should I pick... (run it in parallel with my LAN's DNS, which has used '.local' for nearly 2 decades on Micro-shaft's recommendation, at least until I decide to switch it over for realz)

basically, pick the one thing that political correctness will ALWAYS demand not be used. well, you'd think ".local" would be like that 20 years ago, right?

/me calls for an RFC that explicitly stats which TLDs will NEVER be used, and declare them usable by private address spaces.

bombastic bob Silver badge

Re: so confusing

there REALLY DOES need to be a designated TLD for LANs. '.local" used to be the one to use until it was taken over by mDNS [without a lot of warning, in fact]. ".localhost" is by definition a 127/8 domain.

As for '.dev' as long as it works with 'letsencrypt.org' and self-signed certs, should be fine, right?

/me points out that back in the late 90's, Microsoft was RECOMMENDING that you use '.local' with windows domains... and my FreeBSD-based DNS has been using a '.local' domain for the LAN since I moved my server to a FreeBSD server, back in the early noughties...

/me still uses '.local' as I don't give a rip about mDNS and just disable it for certain linux distros so it won't cause me trouble

post-note - did a tiny bit of digging, found this 'unofficial' list that's not generally recognized...


OK, your boss allegedly called you a lazy n*****, promoted the person you trained ahead of you and paid you less, but you can't PROVE it's racism, Facebook says

bombastic bob Silver badge

Re: RE: """prove""" that it is racism

Blazing Saddles - making fun of racism by characters being blatantly racist.

"That's Hedley!"

bombastic bob Silver badge

Re: RE: """prove""" that it is racism

yeah, proving racism, or any OTHER kind of discrimination, is difficult. At best you can show "being treated unfairly" which is difficult to show as racism unless there are many others treated like that.

Maybe the bosses just didn't like THAT guy. Assuming he wasn't an irritating activist that went around with the proverbial chip on shoulder, and an attitude of "you're discriminating" at every opportunity (there ARE people like that, "quota hires" they're often jokingly referred to as), then it's unfortunate that reasonable doubt works against you.

On the other hand, I've been discriminated against also, for different reasons (and in one specific case, it was resolved when I went through proper channels). All it takes is "that one person" who wields power and does NOT like you. Or maybe it's just some jerk in the office that's easily irritated (by you) who CONSTANTLY complains to the boss, about YOU. And if that jerk happens to schmooze with the bosses all of the time... that's the kind of interoffice politics that makes me NOT want to work for large companies at any rate.

There are SO many ways to discriminate, some of them "soft". Age. Sex. Politics. Race. Lifestyle. Whatever. The good looking or even the ugly one. Someone who's perceived as fat, or skinny, or sweats too much, or eats too many onions. And there's the really smart guy who keeps saying 'no' all the time, instead of going with the flow and jumping when the boss says jump, and letting bad things happen with a shoulder shrug and "not my fault" attitude (the 'no' guy usually gets enemies, the 'shrug' guy keeps his job...). And so on.

Discrimination takes many forms, but if there's a racist/sexist/bigot/whatever in the building, there will be more than one observer, and not just at the work place. It'll be hard to prove, but still possible. Bigotry is kind of like a lifestyle. It'll show up in LOTS of places.

All I want to happen out of this is for the truth to be known.

You're on a Huawei to Hell, US Sec State Pompeo warns allies: Buy Beijing's boxes, no more intelligence for you

bombastic bob Silver badge

Re: But why are they inspecting the source code?

NOTE: if it's GPL'd, you should have the source and the ability to flash your own binary built from it

bombastic bob Silver badge

Re: If everything's encrypted, what's the problem?

even when you encrypt with SSL, if you can sniff the opening sequence (DH key exchange specifically) you can decrypt the traffic. It would still take a little bit of work, but you can see examples of this happening in Wireshark, when you view an https stream [for example].

So yeah, a router that can capture the entire stream could render encryption useless. The only way around this would be to have a secure tunnel using known certificates on both ends, along with some kind of randomly generated salt, and no decryptable key exchange up front [PGP actually does something like this already, as a good example]. But that would be subject to a form of crypto analysis where you study a large amount of traffic to crack the certs. So nothing is perfect if you don't rotate the keys every time, and so on.

that being said, a possibly 'more secure' PGP for long distance traffic would be a good way to ensure good encryption, across 'teh intarwebs' and various network backbones and so forth, but once it gets on the LAN at its destination, it's probably gonna get hoovered up if spyware [soft, firm, or hard] exists in the routers and PCs.

bombastic bob Silver badge

Re: Protecting their own industry AND their involuntary intel sources

from article: "less than convinced there is a threat to national security"

from post: "As the NSA is known to be bugging US-bult servers and routers before delivery for years now"

I'm a bit skeptical of both claims, that either the USA or Huawei are adding spy-hardware [or firmware] to things being sold to governments. And I would guess that governments should consider an anti-"Not Invented Here" policy if they want REAL security.

So i totally get it if the US gummint wants ONLY U.S. gear and software/firmware from approved vendors in government information roles. That's just prudent.

The jury is still out on the Bloomberg article, though. Why has there been SILENCE on that?

Unearthed emails could be smoking gun in epic GDPR battle: Google, adtech giants 'know they break Euro privacy law'

bombastic bob Silver badge
Thumb Up

Re: Solution is clear

"static non-obtrusive ads that didn't annoy people"


bombastic bob Silver badge

"people can put as much detail on there as they wish"

There are already marketing-related web sites that offer discounts for stuff if you participate according to their rules, and so it's not a new idea. A lot of people would complete marketing surveys and allow their purchases to be tracked in order to get the discounts. But it should ALWAYS be voluntary, above board, and in compliance with laws SUCH AS the GDPR.

And if they're being sneaky about it, they have something to hide.

bombastic bob Silver badge

Re: Ads?

in THIS case, the applications had 'infected' code within them that downloaded ads without the end user's knowledge in order to (apparently) prop up ad revenue. So ad blockers would not stop it.

As for ads in general, just block script and 3rd party cookies, and let the non-scripty non-video non-audio ones just display as-is and you can just ignore them.

bombastic bob Silver badge

Re: Death to advertisers!

yeah as fun as it is to point a finger and demand DEATH TO ADVERTISERS I think it's just the *EVIL* advertisers who deserve it... trackers in particular.

(simple non-moving no-audio ads without tracking, scripting, web bugs, or other nefarious practices, are just fine with me. the rest need to be KILLED to DEATH by BURNING with FIRE)

Welcome to the sunlit uplands of HTTP/2, where a naughty request can send Microsoft's IIS into a spin

bombastic bob Silver badge

Re: It's a bug ...

I was looking to snark all over it, but after reading the article, it's like "meh".

Glad it's fixed, anyway.

It's not like that 'Code Red' thing was, from (nearly) a couple o' decades ago, at any rate. That thing went unpatched for YEARS by end-users and created a LOT of intarweb traffic...

Oracle: Major ad scam 'DrainerBot' is rinsing Android users of their battery life and data

bombastic bob Silver badge

Re: No Duh!

yeah, the whole "ads in apps" thing _IS_ pretty nauseating...

The 'droid sandbox is imperfect, people allow permissions for things they don't need "that" for, and so on.

Recently a relative got a 'droid phone. I went over the settings and SPECIFICALLY disabled location data for this one art application. Why did an ART application need LOCATION DATA??? yeah. It works fine without it, but it nagged to re-enable it the first time it was loaded after changing the settings...

NASA boffins show Moon water supply could – er, this can't be right? – come from the Sun

bombastic bob Silver badge

Re: Finding more hydrogen

your calculations are correct. the only problem is getting the density of the incoming hydrogen to be high enough. I think they'd have much better luck if they a) used solar wind capture thingies to make hydrogen gas, and b) did the reaction with the oxygen in the rocks separately.

So you grind the silicon dioxide or other oxygen-bearing rock into powder, and with the right conditions, a proper catalyst, and maybe some electricity...

Otherwise simply exposing rock to solar wind won't have enough surface area to provide a decent reaction rate, AND you'd just lose all of the generated water vapor out into the vacuum of space.

Capturing hydrogen, however, might be possible with a large enough collector, electrostatic and electromagnetic containment, etc. and would be useful for a LOT of things besides 'making water'.

[Look mom, I made water on the moon!]

Go, go, Gadgets Boy! 'Influencer' testing 5G for Vodafone finds it to be slower than 4G

bombastic bob Silver badge

"If it wasn't tested on a 5G phone then what's the point?"

Dr. Heisenberg... Dr. Heisenberg... Calling Dr. Heisenberg...

(advice to the testers: next time you measure something, make sure it doesn't significantly alter the results)

Bored bloke takes control of British Army 'psyops' unit's Twitter

bombastic bob Silver badge

Re: So...

or password = semprini

bombastic bob Silver badge

Re: Should change its name

86th brigade would've been funnier

(sorry about that, chief)

well if they find the guy and arrest him, at least he had some fun, as opposed to some poor schlub that reported a bug through proper channels and got nailed for hacking them...

Germany, US staffers to be hit hardest as SAP starts shedding 4,400 bodies

bombastic bob Silver badge

experienced employees can't really be forced to get a pay cut "just to stay", yet inexperienced 'fresh meat' can be exploited more easily than those who are experienced. Or at least, I hope that's NOT what's really happening...

[it wouldn't be the first time if a large company lays off its experienced staff, then hires all new people with less experience at significantly lower wages]

But yeah, if this is the case of "they have the WRONG experience for the new position" then I'd also question why they don't just do internal training and retain existing employees for "the new thing"...

Visited the Grand Canyon since 2000? You'll have great photos – and maybe a teensy bit of unwanted radiation

bombastic bob Silver badge

Re: when he wore

could've been worse, if it had involved chocolate flavored laxative made into a hot beverage...

bombastic bob Silver badge

I was there about a decade ago. maybe got a millirem or two

You know the drill: SAP has asked Joe Public to name Munich arena so go forth and be very silly

bombastic bob Silver badge

Re: I hate "naming rights"

a) Uber-thingy

b) SAPfest

c) Bitte-Munchin'

d) Johan Gambolputty [etc.] von Hautkopft of Ulm

e) Semprini

coat, please...

Techie in need of a doorstop picks up 'chunk of metal' – only to find out it's rather pricey

bombastic bob Silver badge

Re: Have you ever heard a story about something you did told second-hand?

Probably the best example...

When I was at U.S. Navy Nuclear Power School (Orlando, FL) back in the early 80's, there were a lot of officers (as well as us enlisted types) at the school, in 2 different buildings. Between the officer's and enlisted buildings, there was a large circular sidewalk. One day the entire officer class was walking on the circle, and they deliberately went "the other way" so they wouldn't have to salute anyone. Now the military REQUIRES enlisted people to salute officers, and the officers are supposed to salute back.

Well, I was walking 'that way' and needed to walk around the circle to get to where I was going. So I went along the same path as the entire officer class, and basically SALUTED THEM ALL, with a nice fat grin on my face. Yeah, it was kind of a joke.

A couple of years later one of the officers (being Engineering Officer of the Watch) was telling a story in the maneuvering area (where the engine room control panels are, including reactor control) and I was the reactor operator, and he was telling this story about how "some enlisted guy" [or similar] caused his entire class to have to free up their saluting arm and salute him.

"Hey that was me!"

In any case he didn't appreciate the joke, even a couple of years later. Nothing ever came of it, of course, since I didn't do anything "wrong" but it was typical of me to be "overly military" as a form of humor.

Related, whenever I spoke over the P.A. system (the shutdown reactor operator had supervisory authority over the engine room most of the time while in port) I always used a 'near gravel' voice, spoken close to the microphone, in a manner similar to Officer Jack Friday from Dragnet. One officer commented that it sounded "overly official". And of course, it did. But then again, who's gonna get you in trouble for being "too military" ??? [and it was always clear and easy to understand]

icon, because, devilish humor

Down productivity tools: Microsoft Teams takes a Monday tumble

bombastic bob Silver badge

~The Cloud~

It's SO overrated!

How about let's get back to p2p communication and local applications and local storage? And maybe do a periodic zip or tarball and put THAT online someplace, for backup...

After outrage over Chrome ad-block block plan, Google backs away from crippling web advert, content filters

bombastic bob Silver badge

Re: "Do no Evil" or "Do no progression"?

usually, I prefer something that lacks "feature creep", i.e. the developers focus on PERFORMANCE instead of "new, new, shiny" and PISSING! ME! OFF! with features like Australis 2D FLATTY McFLATFACE everywhere...

"let's compile everything to machine language", if it provides PERFORMANCE, sounds good to me.

What I don't want: another thing WORSE than the BRIGHT BLUE ON BLINDINGLY BRIGHT WHITE 2D FLATTY McFLATFACE look that has been CRAMMED UP OUR ASSES for the last several years...

/me still uses an ESR version of firefox that pre-dates 57 with the "classic Firefox" plugins, on Linux and FreeBSD. And I don't surf the web from windows. So there ya go. no need for 'feature creep'.

bombastic bob Silver badge

Re: Who are we kidded by?

Modifying the browser extension APIs in an underhanded way that seeks to underhandedly remove choice and freedom from the customer base will ONLY create a vacuum, into which a competing product can jump.

The bar is higher now, because of all of the "scripty" crap, and it's not just HTML any more, it's HTML5 and backward compatibility and DOM and plugins and who can imagine what else...

But I've been *VERY* irritated by the directions that browsers are heading into. I think that a 'webkit' kind of approach is the correct one, in which the front end (like Midori as one example) uses a standard engine (like webkit, for example) which is adapted for your GUI toolkit (like gtk or Qt, for example), to run on "your platform".

So I should be able to use "my front end" which is 3D skeuomorphic and has built-in 'NoScript' and URL black-listing capabilities, for example, as a WRAPPER around "the rest of those things", to provide a competing browser that has some straightforward ad-blocking capability. And the vast majority of the security-related problems would be in code I don't have to maintain.

yeah, just need $$$ so I can devote time to it...

bombastic bob Silver badge

Re: So, basically, no change there

well, if "strip cookies" is possible, why not "strip script" ? And, if the script is "any 3rd party javascript" or "any URL matching a pattern" (such as 'analytics'), it would greatly simplify the ad blocking, wouldn't it?

Do most everyone else pretty much agree that the SINGLE! BIGGEST! PROBLEM! is the 3rd party javascript being used by ads and "tracker bugs" ? And that if we SIMPLIFY getting rid of those things by stripping them out of the content, EVERYONE would be better off???

Want to know what 2020 holds? Microsoft has a little something for you

bombastic bob Silver badge

Re: Sameold, sameold

yeah hard to drive the "new shiny" of Win-10-nic when it's NO LONGER "new" nor "shiny"

But I'm sure 'the smug' will STILL call it "modern"...

bombastic bob Silver badge

Re: Windows 10 is almost four years old...

I don't get it... Chakra sounds like naming influence from people who are into eastern religions, but that's about it. 'not a surprise' why?

Roses are red, Facebook will pay, to make Uncle Sam go away: Zuck, FTC in $bn settlement rumor

bombastic bob Silver badge

Confess, pennance, "do it again"

this is what I expect from Fa[e]cebook.

After they confess, pay the fine, and the investigations stop, will they turn over a new leaf?

_I_ _DON'T_ _THINK_ _SO_!!!

Yeah, after they wash away their sins, with the fresh scented "sinner's soap" of FTC fines and promises not to do it again, it will merely leave them with that "do it again" scent so they can rinse and repeat...

Why does that website take forever to load? Clues: Three syllables, starts with a J, rhymes with crock of sh...

bombastic bob Silver badge

I facepalm in your general direction, Java Script "programmers"

_SO_ bad, it's not even funny (just pathetic and sad) when I snark all over it.

icon, because, FACEPALM

Got, NoScript? NoJS?

Bad news for WannaCry slayer Marcus Hutchins: Judge rules being young, hungover, and in a strange land doesn't obviate evidence

bombastic bob Silver badge

No Good Deed Goes Unpunished

what it says in the title

Oh Snapd! Gimme-root-now security bug lets miscreants sock it to your Ubuntu boxes

bombastic bob Silver badge

snapd and systemd

From article: "The vulnerability is found in Snapd, Canonical's open-source toolkit for packaging and running applications via systemd"

And THAT pretty much says it all!!!

That's blowin' it, Ubu. bad doggy. no buscuit.

/me glad I mostly use Devuan these days

Azure Pipelines go Slack while Microsoft frees data breakpoints from the shackles of C++

bombastic bob Silver badge

whoopee, ".Not" got something that C++ already had for, like, EVAR

No matter how much Micro-shaft tries, they'll NEVER replace C++ and native Win32 calls with their bloatware ".Not" no matter WHAT they call it.

And I'd be better off targeting GTK or Qt if I want cross-platform. Trying to shoehorn ".Not Core" into POSIX operating systems is laughable, at best, frightening at worst, and yet another "Embrace, Extend, Extinguish" attempt to those of us who actually KNOW better.

I was a total Microsoft Windows fan up until the announcement of the ".Not Initative" when Ballmer took the reigns. The 1997 PDC here in San Diego was the last conference I went to. I instinctively knew that Micro-shaft had made a sharp turn and was heading into the WRONG direction.

So the idea that they've taken something that worked really well in DevStudio for C++ applications ('data changed' breakpoints, something I have made use of before, LONG ago) and _FINALLY_ got around to putting into the ".Nonsense" side of things, it's no great accomplishment. Wheee.

I got used to MFC with the old 'Visual C++" stuff, back in the 16-bit days, even, and I think *THAT* IDE [which was VERY typist-friendly] is STILL BETTER than anything that Micro-shaft has produced since they went all VB-ish with their "properties" windows for dialog controls, etc.. Class Wizard and dialog control properties, the way it was in DevStudio '98 (pop-up tabbed dialog boxen) was MUCH easier, especially for dialog boxes.

Anyway, I've always liked the integrated debugger, having had to use CodeView before that, with dual monitors even. But I don't do C-pound nor ".Not" and so it's no wonder I didn't know the features were missing...

Icon, because this is all like "whoopeee" and "wheeee" without the exclamation points, bold text, nor capitalization.

ACLU: Here's how FBI tried to force Facebook to wiretap its chat app. Judge: Oh no you don't

bombastic bob Silver badge

Re: favored by Facebook

seeing Fa[e]cebook posturing on the correct side of THIS one is surprising. Pleasantly so. For now. Until the truth is known, I'd guess.

bombastic bob Silver badge

ACLU should appeal all the way up

I'd like to see a Supreme Court ruling on this one... just to see where it stands on privacy vs law enforcement encroachment. 4th and 5th ammendments to the constitution, to an originalist (like Trump's appointees) should be CLEAR on this one.

So what we need to see is whether the liberal and conservative halves of the Supreme Court are going to rule in favor of law enforcement enroachment in the name of "security", or whether they'll rule in favor of PRIVACY and FREEDOM.

It should be an interesting show, nonetheless. I suspect you'll see at least half of the libs siding with the ACLU, and most of the conservatives, unless there's some compelling national security issue to prevent it [which I suspect is NOT the case, hence redacted version at the least].

With all of the dirty shenanigans going on in the DOJ (in particular, the well known former top level people at the FBI and Attorney General's office) this should be a no-brainer slam dunk in favor of privacy, transparency, and public interest. Why the judge did NOT even allow the redacted version is beyond me...

One click and you're out: UK makes it an offence to view terrorist propaganda even once

bombastic bob Silver badge

Re: IQ <85

it's also possible to study for an IQ test in order to improve your score... so think about THAT one.

and IQ tests are notoriously oriented towards college students. Some people even claim they're oriented towards particular "groups" of people, usually "identity politics" kinds of groups.

My IQ was actually unmeasurable when I was 6 years old. They were trying to force me to be drugged because I disrupted the class, being so bored, already knowing how to read at 2nd or 3rd grade level while in kindergarten, reading a 1st year medical book the family doctor gave me because it was cool and interesting, and I guess I was just "the nail" that stuck out, to be HAMMERED BACK INTO PLACE.

Needless to say, the family doctor and my mother insisted I get an IQ test, so the school did that, and I thought I was in trouble when the teacher showed me some Rorschach drawings, and of course one of them looked like a bat, and one of them I described as "cellular mitosis" (trying to impress with big words, typical 6 year old) and the teacher said "what?" and I explained, "see, that looks like the chromosomes dividing". Teacher left the room and I thought I was going to get into trouble. An interminable period of time later, some older guy started timing me solving 3 dimensional puzzles with blocks. Years later, I find out: my IQ was off the scale.

No @#$%^ this really happened.

But yeah I was held back for the remainder of my education, so that I'd be turned into a "bright lazy" (as my old college chem professor for 'honors chemistry' would say, kids so smart they never have to work hard, and get easily bored, and with the RITALIN NAZIS, end up addicted to speed) because, after all, THE NAIL THAT STICKS OUT GETS THE HAMMER, because, social justice, because, equalize outcomes, and most people are just TOO BUSY LIVING THEIR LIVES to notice, and kids don't know any better.

In any case, IQ is interesting but actual ACCOMPLISHMENTS, not academics nor IQ test results, need to be the measuring standard.

bombastic bob Silver badge

Re: 1984

" at the rate the pension age is increasing probably won't live long enough to draw a state pension"

this is the first I've heard of someone actually doing the right thing. Convince USA politicians to do this too, please.

bombastic bob Silver badge

Re: 1984

on a side note...

"the increase in the welfare budget has been increased spending on pensions."

Similar problem on this side of the pond. Solution: re-define what "retirement age" is to reflect people's ability to work and normal life expectancy. And make sure there's no "age discrimination".

Coming from someone who is getting close to that magic '65' (me), I do _NOT_ want to retire [I shall work until I am dead], and I believe it is high time that the retirement age is re-defined at 75 or 80, in rapidly incrementing steps - like 2 years per year. So next year, it's 67, then 69, then 71, then 73, and so on all the way up until it hits something more reasonable.

Because, when much of these austerity/retirement/social-security/whatever government payouts were conceived, the average age of humankind was *BELOW* the retirement age. yeah.

No WONDER it's getting so expensive!

bombastic bob Silver badge
Big Brother

Re: Goodbye Youtube?

how about 'goodbye blog sites' in general?

It has been possible for as long as there has been an internet for people to accidentally download "illegal" content, from kiddie-pr0n to terrorism stuff, on ANY web site that can be uploaded to, before the moderators have a chance to take it down.

If _INADVERTENTLY_ downloading such a thing results in PROSECUTION, the law has GONE TOO FAR.

It's now 2019, and your Windows DHCP server can be pwned by a packet, IE and Edge by a webpage, and so on

bombastic bob Silver badge

Re: Double-checked and ...

atril seems to work for me, on POSIX systems anyway. I don't want to use evince on POSIX systems any more since (if I remember correctly) the last one I tried to install dragged in all of that MONO crap... I guess 'tomboy' wasn't enough, and the gnome 3 dweebs "decided" to use evince as a way of injecting MONO.

(e-vince does have a winders version and so I'll begrudgingly use THAT one until something better comes along)

A couple of years ago I bought a reconditioned box [to use for windowsy things] with 7 on it, and it had the adobe crapware PDF reader pre-installed. THE! DAMN! THING! INSISTED! ON! GETTING! MY! E-MAIL! ADDRESS! AND! MAKING! ME! LOG! IN! TO! READ! A! SIMPLE! PDF! FILE! and didn't stop IRRITATING me about it, either. What the *FEEL* is this SPYWARE doing on my computer? Well it got uninstalled...

bombastic bob Silver badge

Re: Disk in continuous use.

one of the problems is that (after updating it) ".Not" insists on scheduling that background ".Not" pre-compiler / updater. It is *COMPELLED* to pre-compile all of that ".Not" crap your applications will *NEVAR* use. Oh they might call it an "optimizer". But seriously, it's ONE of the big reasons why ".Not" is "dot CRAP". And C-pound along with it.

Also keep in mind that if you aren't using any compression on your hard drive, that the CPU utilization for a disk-intensive process will be VERY low.

bombastic bob Silver badge

Re: people use windows server's DHCP ?

I wonder if "the S word" aka systemD is responsible for Ubu needing reboots...

Use Devuan, which has _NO_ systemD - service blahblah stop/start [how hard is THAT, right? and updating packages sometimes does that FOR you]

bombastic bob Silver badge
Thumb Up

Re: people use windows server's DHCP ?

"after doing a detailed investigation, we got an excellent high availability IP/DHCP/DNS solution that plays well with everything and configured AD to use it"

well said! And yeah, this is in line with what I was saying and thinking at the time I wrote it...

Even a 'canned' WiFi AP solution for DNS and DHCP would work better, in my opinion. So you plug a WiFi AP into your network, to provide wifi. And then you configure DHCP and DNS on it. And then you configure your active directory stuff to USE THAT instead. And the problem with Micro-shaft's horrible DNS+DHCP solution "just goes away". Or use a commercial provider of a better overall solution in lieu of the WiFi AP, whatever.

bombastic bob Silver badge

Re: How oh how

can someone PLEASE take Adobe PDF stuff out behind the woodshed and put it down like Old Yeller ?

bombastic bob Silver badge

people use windows server's DHCP ?

people actually use windows server's DHCP ? I would think that MOST people would have the sense to use a Linux box for that, particularly an embedded system... as in a typical DSL or cable modem box, with a built-in wifi access point, firewall, DHCP, DNS gateway, and so on.

But that's probably why it's not until 2019 that such a vulnerability was even FOUND, with no reported 'in the wild' exploits for it.

It's more like "chances are, you do NOT" for using Micro-shaft's DHCP server on a windows server box.

Ever used VFEmail? No? Well, chances are you never will now: Hackers wipe servers, backups in 'catastrophic' attack

bombastic bob Silver badge

Re: The source IP address is no indication of the hackers true location

ack on the 'launch the hack from there' - I figured Tor network at the very least, or the dozens of computers altready engaged in dictionary attacks against ssh.

A couple of defenses against that, worth mentioning:

a) disallow root logins

b) only enable specific users [that have guest-level] and require 'su' to root to do "anything"

c) forget passwords, certs only

d) use things like 'fail2ban' to reduce the total number of attempts, and keep a log [of sorts] of those who attempt to crack your ssh

this assumes you NEED SSH in the first place (otherwise, shut it off from teh intarwebs)

bombastic bob Silver badge

Re: Backups?

live VMs typically need config files and daily data snapshots copied to "something" and that's about it. if they break you just re-build them, restore the data, and move on.

And who said it was 100's of TERABYTES anyway? I would expect commercial solutions to already exist, even if it WERE 100's of terabytes.

lots of info out there about replication and using one of the mirrors to do your backups, re-sync after, periodically storing backups in an off-site archive of some kind. Also cloud backups. And so on.

Fun fact: GPS uses 10 bits to store the week. That means it runs out... oh heck – April 6, 2019

bombastic bob Silver badge

Re: Wasn't this handled last time?

the Y2K bug (and panic) wasn't likely to cause autonomous things to crash+burn

THIS one, on the other hand...

icon, because, crash+burn

I also wonder about IoT things that use GPS time and/or report/record their locations

Skype goes blurry, Office gets a kick in the privacy, and Microsoft takes us back to 1990

bombastic bob Silver badge

Re: Windows File Manager

uh, if you have the source, just change the OS compatibility thingies in the headers... build it for XP or '9x or whatever if you want.

Biting the hand that feeds IT © 1998–2019