* Posts by Frozit

37 posts • joined 27 Jan 2016

Staffer representation on our board? LMAO! Good one, cackles Microsoft

Frozit

Not a good idea

TBH, employee representation on the board of a large company is not a good idea. Certainly not within the current legal framework around boards and board membership.

Having been on boards (of small companies) for the last 20 years, there are things that are discussed at the board level that need to stay within that context and not be known outside of it. An employee representative would be under pressure to break that privacy.

This is like putting a union representative on a board. Brilliant. The union now has information on the other side of agreement negotiations. How well would that work?

I expect to to be flamed for this, but the legal reality is that this would only lead to grief.

We lose money on repairs, sobs penniless Apple, even though we charge y'all a fortune

Frozit

Re: Lol

However, the IRS has stated that it goes after the little guys, because the big guys fight too hard. So don't expect the IRS to do anything about Apple.

Questions hang over Gatwick Airport after low level drone near-miss report

Frozit

Re: No geofencing for me

so "No geofencing for me" means that you think you should be able to fly your drone anywhere. Like on an airport approach corridor? Remember this the next time you are flying.

And remember this when drones become a restricted item, and you need a license to buy one, etc. Because it is this "the rules don't apply to me" attitude that creates stronger rules.

Deja-wooo-oooh! Intel chips running Windows potentially vulnerable to scary Spectre variant

Frozit

As the article states, this vulnerability is primarily a shared cloud issue. When the speculative execution engines were designed (circa early 90s), there was no thought or vision that someday we would have the large cloud shared execution hosts that we have today. Once one vulnerability was found, it was pretty clear that there would be others.

To fix this requires a serious redesign of the core CPU engines, which will take years to fully test, then propagate out and replace the existing flawed CPUs.

There was no intentional plan to create this issue, it is mainly a case of changing environments and requirements.

Who needs foreign servers? Researchers say the USA is doing a fine job of harboring its own crimeware flingers

Frozit

Re: This is not exactly news

The usage of TOR or VPS services from within my corporate network would be cause for termination.

Great, you've moved your website or app to HTTPS. How do you test it? Here's a tool to make local TLS certs painless

Frozit

2 years ago it became apparent that my software company didn't understand certs. There was even an internal meme for it.

So, set up an internal CA, ran a couple courses, forced everybody to request certs for their test servers, etc.

It worked, certs are no longer an issue.

Eventually ran into the SAN cert issue with Windows Server 2012 R2 not requesting SAN by default, so ended up making a wild card get out of jail free cert. Which kinda defeated the whole purpose.

However, certs are no longer a meme, or a support issue, so win!

IBM is trying to throttle my age-discrimination lawsuit – axed ace cloud salesman

Frozit

It doesn't really matter. IBM will no longer exist within 10? years. Think of all the other old school tech names that are gone. DEC, Digital, etc. Why should IBM be any different?

Maybe HP will buy them.... (omg)

Cisco swings the axe on permanent staff – hundreds laid off worldwide this week

Frozit
Flame

The sad thing is, as a large company, you HAVE to do layoffs. Especially in tech.

Hire 10 people. 2 are top rate, 6 are ok, 2 are terrible.

Who is the most likely to leave? The top 2, and maybe some of the 6.

Who will never leave? The bottom 2.

Hire another 10 people. 2 are top rate, 6 are ok, 2 are terrible.

Rinse, repeat.

If you don't have a house cleaning, you fill up with bottom raters.

Sad, but true.

And given the ability for bad managers to select staff that, uh, fits their views, you have to be shotgun with the house cleaning.

Terrible for the individual, necessary for the whole.

If you haven't already patched your MikroTik router for vulns, then if you could go do that, that would be greeeeaat

Frozit
Trollface

Would anyone...

who regularly reads here, admit to owning a MicroTik router?

Ah, um, let's see. Yup... Fortnite CEO is still mad at Google for revealing security hole early

Frozit

1 week delay from reporting to software company to publishing the exploit. Where has this EVER been considered standard?

How many ways can a PDF mess up your PC? 47 in this Adobe update alone

Frozit

C++ for the win.

C++ for the win. Only language I know of that can cause this many problems.

'I crashed AOL for 19 hours and messed up global email for a week'

Frozit

TBH

This just sounds like they were on the bleeding edge of email systems, and something was going to die, somewhere.

The fact that they couldn't get a load balancer strong enough to handle their volume tells you something was going to give.

An honest attempt was made to address the issues, and it failed. Meh.

Moneybags VCs look to the stars – and spaff a billion on space tech

Frozit

Tbh, I've thought "take my money" more than a few times. With no expectation of returns.

Please no Basic Instinct flashing, HPE legal eagles warn staffers

Frozit

So why would someone create this?

Because they had been suffering through miserable presentations. And wanted to improve their own life from Hell to just miserable.

FYI: AI tools can unmask anonymous coders from their binary executables

Frozit

Now, RISC code after full optimization might be harder.... That stuff is strange.

FYI: There's a cop tool called GrayKey that force unlocks iPhones. Let's hope it doesn't fall into the wrong hands!

Frozit

If you have access to the hardware...

Fundamental theory. Security is built on a "trusted" item. Without that item, you can always break in. And pretty much every computer security item is based on a trust in the hardware. Once you have physical access to the device, the rest is just engineering.

Developers, developers, developers: How 'serverless' crowd dropped ops like it's hot

Frozit
Facepalm

Amusing

Being a developer of too many years to want to count, this just sounds like the latest bandwagon to hell.

Sure, with the "right people", you can make this work. And those "right people" are the same small selection of people that everybody wants for every one of these bandwagons. Sitting here surrounded by 20+ developers, maybe 3 could make this work. For a while. Maybe.

International team takes down virus-spewing Andromeda botnet

Frozit

Wouldn't the operators notice?

So the botnet operator would have had signs that someone was taking an interest. As in, that the AVs were hitting its installs more and more frequently. Eventually this kind of operation will cause the operators to run before the takedown happens. But that will likely take a while.

No 2017 bonus for you, HPE tells employees

Frozit

If you are working at a large Tech company

and expect to be treated like an employee at a small tech company...

You deserve what you get.

Firefox 57: Good news? It's nippy. Bad news? It'll also trash your add-ons

Frozit
FAIL

The main reasons I use Firefox is NoScript and AdBlock. LastPass is where I store my passwords, so it is a must have as well.

Without Noscript, there is really no reason to pick FireFox over other offerings. Will be amusing.

Hackers able to turbo-charge DJI drones way beyond what's legal

Frozit

Given that the majority of readers of this forum tend to be sysadmins who enforce rules on users, I find some of the responses to this amusing.

Who says that my password can't be my name, or "password" or... Silly rules getting in my way.

Who says I can't fly my drone into restricted airspace? Silly rules getting in my way.

Quite amusing, tbh.

Two-factor FAIL: Chap gets pwned after 'AT&T falls for hacker tricks'

Frozit

No 2 factor authentication method will overcome social engineering. There will ALWAYS be a way to admin override the settings and reset them. You know this, you live it every day resetting user passwords.

Dead serious: How to haunt people after you've gone... using your smartphone

Frozit

The Plan

Set up a trust fund.

Set up an AWS server paid from said trust fund.

Set up a database, email, SMS, etc. (Possibly paid from said trust fund.)

Die grinning.

IBM: ALL travel must be approved now, and shut up about the copter

Frozit

One wonders

I have been watching these IBM announcements, and wondering why one would still work there?

Stuff like this makes people leave. The people who leave first are the highest skill workers who can easily find a new job. This is a sliding scale down to the bottom end who will never leave on their own.

So, what is left at IBM? And why?

How do you end a company like IBM? Does it keep getting smaller and smaller, with less and less effect? Sad.

What should password managers not do? Leak your passwords? What a great idea, LastPass

Frozit

Still way better than no password manager and reusing human rememberable passwords.

The priest, the coder, the Bitcoin drug deals – and today's guilty verdicts

Frozit

Amusing

We have, as a civilization, built up a set of laws and rules about how things like stock markets, money lending, etc, should work. It is not perfect, but it does work. Without it, life as you know it would not exist.

Some of the commenters here seem to feel that any thing organized is designed to rip them off. And bitcoin and Tor are completely white as driven snow. Because it fits the uncomplicated, unbalanced views they hold dear.

It would be interesting to see how many bitcoin operations are actually criminal in basis. As in, drugs, or things like card skimmers, or ransomware payoffs, and so on. Personally, I suspect a very large percentage of the transactions are related to that.

So the question is, does the nirvana that Tor and bitcoin are supposed to help create actually exist, or is that nirvana really total criminal anarchy? I personally have not seen any of the nirvana created, but I have seen an awful lot of criminal activity.

Don't pay up to decrypt – cure found for CryptXXX ransomware, again

Frozit

Bitcoin

The people who support Bitcoin and think its great will defend it to the death, in the face of any logic.

Those of us who look at the world, analyze what is going on, and make decisions based on that, look at bitcoin, look at how it is being used, and put it down on the facts of its behaviour.

Earlier, someone used a "I bought some a while ago, and made a bunch of money off holding it" argument. I agree that you are happy you made some money on it. However, how is that a defence of all the other issues. The reason its value probably went up is because of all the people forced to buy some to pay off their ransomware. So, quite likely, you are enjoying the proceeds of crime, indirectly. Hmm...

This is your captain speaking ... or is it?

Frozit

What hacker

is dumb enough to interfere with a plane they are flying on?

Consequence 1: Death

Plane crashes...

Consequence 2: No anonymity

Something obvious happens, authorities are called, they go through the list of passengers, and....

The penalties for interfering with a flight like this would be in the terrorist/hijacker category, with SEVERE penalties.

And yes, there are probably a few idiots that stupid...

'Mirai bots' cyber-blitz 1m German broadband routers – and your ISP could be next

Frozit

Why is this port not filtered by the ISP?

Of course, that would imply they knew they had a problem before this.

Filter the port traffic to only be allowed from a small subset of the ISP's management set. Done. Sigh.

Getting your tongue around foreign tech-talk is easier than you think

Frozit

Canada, Eh?

You could consider Canada as your Brexit. French and English as national languages. We watch the rest of the world go insane, then go out and shovel the snow off the driveway.

Source code unleashed for junk-blasting Internet of Things botnet

Frozit

Routers anyone?

Who puts their IOT devices on the open side anyway? Who can afford the IP addresses?

Job ad promises 'Meaningless Repetitive Work on the .NET Stack'

Frozit

Something says...

Insurance company to me. But I could just be cynical.

Hackers giving up on crypto ransomware. Now they just lock up device, hope you pay

Frozit

So has anyone...

actually seen a non-criminal use of Tor?

Tor users are actively discriminated against by website operators

Frozit

Re: I am Human Blockchain

Any such "I am human" algorithm can be spoofed by software. The attackers have the advantage. You make a defence, and they keep poking around at the edges until they find a weak spot.

What we all really need is an SD card for our cars. Thanks, SanDisk

Frozit

You miss the point.

I live in Canada. Regularly, during the winter, the temperature in Southern Ontario reaches -30 C. Other places, it gets even colder. And my car stays outside all winter.

Last year I accidentally left a UPS over winter in cold location. In the spring, it no longer worked.

Then, if you consider the other extreme, how hot does the interior of a car get in a southern climate in the sunshine in the summer. Easily +50C or higher.

Manufacturers use the temperature and other environmental ratings of the components to certify their overall rating. If they don't, they are liable for the repairs and other costs if those components fail.

Good thing this dev quit. I'd have fired him. Out of a cannon. Into the sun

Frozit

20 20 hindsight is always best

I am amused. The original article referenced programmers who clearly were broken. However, picking on academic fortran, and other code that was written LONG before today's Software Engineering standards were created, and the glorious hardware that we have that allows effectively infinite memory space is quite amusing.

And most academic programmers are self taught. No one teaches software engineering 101 to Physicists. Even though most of their work is simulations...

Cops hate encryption but the NSA loves it when you use PGP

Frozit

Makes perfect sense

Think of all the headers in an email. Source and Destination for one. As the article clearly says, they don't need to read the encrypted text, they just want to know that you and your destination are talking.

As it states. If you are using PGP, Tor, or any of a bunch of other things, you are flagged as a person who is possibly interesting. This reduces the subset of search targets immensely.

And if you are only talking to your gran using PGP, and she only talks to you using PGP, they will pretty much ignore you.

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020