* Posts by bigtreeman

36 posts • joined 8 May 2018

What's the last piece of software you'd expect to spy on you? Maybe your enterprise security suite? Bad news

bigtreeman

back in the day

Once upon a time, in a faraway land, our employer had a dodgy little box secreted away under a set of stairs.

It was connected to the PABX and recorded quite a lot of stuff.

Until one day the box blew up and it was brought out to the workshop for a technician to fix.

The technician did quite a lot of sniffing around and discovered the full extent of the bosses eavesdropping.

Pretty soon everyone in the building became aware of this and were very careful about dissing the boss over the phone.

Then we all lived happily ever after.

Watch as 10 cops with guns and military camo storm suspected Capital One hacker's house…

bigtreeman

Out sauced

Every time a company out sources anything, they loose some control.

They

Save money and increase profits

Avoid responsibility

Employ less people

Who should be blamed ? - Capital One

He's coming for your floppy: Linus Torvalds is killing off support for legacy disk drive tech

bigtreeman

turned off

I have turned off the floppy, ata, parallel and serial ports in bios on motherboards for years now, surplus to requirements.

Too hot to handle? Raspberry Pi 4 fans left wondering if kit should come with a heatsink

bigtreeman

Newer, faster, hotter

These A72 cores pump the heat.

My Nanopc-t4 has a cpu overheating problem with its moderately sized heatsink (no fan).

I have to stand it on its side to improve convection air flow to cool it, will need a fan in summer.

The heat is also generated by the power supply circuitry.

Imagine being charged to take a lunch break... even if you didn't. Welcome to the world of these electronics assembly line workers

bigtreeman

tight arsed boss

so... I'm calculating $2.6bn profit generated by 80,000 employees is $185,000 profit per employee in one year and they're quibbling about $2,450 average payout per employee for 7 years of lunch breaks.

Swedish prosecutors request Assange detention: First step to European arrest warrant

bigtreeman

Slap Julian

Everyone is going to slap Julian, the pomms for avoiding arrest, the swedes for rape, last the yanks for leaking state secrets, on top of his self imposed detention in the embassy. He's everyone's bitch. They will all make an example of him, no one escapes, take all prisoners.

Sinister secret backdoor found in networking gear perfect for government espionage: The Chinese are – oh no, wait, it's Cisco again

bigtreeman

Re: Didn't I mention this just a few days ago?

Sorry, Forth died years ago when it's branch fell from the programming tree on Dr Dobb's Journal.

Huawei savaged by Brit code review board over pisspoor dev practices

bigtreeman

D-Link

Exactly the same can be said for D-Link,

"serious and systematic defects in (D-Link's) Huawei's software engineering and cyber security competence"

and probably lots of companies who are pushing cheap product out the door for profit.

Aussie engineer accuses 'serial farter' supervisor of bullying, seeks $1.8m redress

bigtreeman

dutch oven

You must be single, we regularly do the caring and sharing, or the dutch oven.

Blockchain is bullsh!t, prove me wrong meets 'chain gang fans at tech confab

bigtreeman

more than speculation

Blockchain is good tech, a downside is it is expensive to operate.

Speculators can feckup any good thing and turn it to serve their own pockets.

Blockchain is much more than short term speculation,

http://www.research.ibm.com/blockchain/

it really can help businesses supply chains become more efficient.

Use an 8-char Windows NTLM password? Don't. Every single one can be cracked in under 2.5hrs

bigtreeman

unicode ?

Does anyone use a few unicode characters in passwords ???

Oh Snapd! Gimme-root-now security bug lets miscreants sock it to your Ubuntu boxes

bigtreeman

Re: snapd and systemd

I feel my hatred of systemd is again vindicated.

Debian, What are you doing with this virus at the centre of our systems.

I just had the displeasure of making a .service and .timer instead of a nice cron script to run a little python thingy, what a f_ckup the insidious systemd is.

The internet is going to hell and its creators want your help fixing it

bigtreeman

Vint is the problem

Trust is the problem.

The problem is the base protocols - TCP-IP just makes it work then has bandaids applied to fix all the problems.

Security has to happen from the hardware up.

Anonymity is a problem.

Location is a problem.

Auditability is a problem.

The Internet is not People-Centered it is a Server-Centred dumb client network.

Governments want to poke their noses in where they shouldn't.

Companies want to have a lend of all Internet users.

Let it go to shit, then start again with a sensible design, from the ground up incorporating all the lessons we have learnt from Internet #1. While it is going to poo, install lots of fibre-optic which can be re-purposed to carry whatever we come up with.

Oz opposition folds, agrees to give Australians coal in their stockings this Christmas

bigtreeman

Re: Who appoints & pays the 'experts' ?

The retired judge, probably over 70 years old, tech aware and able to make a useful judgement.

At last someone questioning the pay, how much will this ballsup cost ?

Trump in Spaaaaaaace: Washington DC battles over who gets to decide the rules of trillion-dollar new industry

bigtreeman

pigs in space

Trump is going to be the new traffic cop in space,

hopefully stuck in orbit, with no twitter account.

If at first or second you don't succeed, you may be Microsoft: Hold off installing re-released Windows Oct Update

bigtreeman

second screen

Handling a second screen has new features after update.

Anyone else ?

Berners-Lee takes flak for 'hippie manifesto' that only Google and Facebook could love

bigtreeman

Follow the money

Follow the money.

"Don't be Evil" was a fizzer

"Do the right thing" (to increase Alphabets profits)

and Facebook's recent disapproval rating

Corporate world control and domination IS the current picture.

Sir Tim designed the original Internet for server / client corporate control.

Heart Internet stops beating, starts Monday with big portion of FAIL

bigtreeman

failover

Years ago I setup a client with failover connections with the two major ISPs. I don't trust either, but between them never failed.

Last year, D-Link flubbed a router bug-fix, so it's back with total pwnage

bigtreeman

crap scripting

in the OpenWRT boxen, it's not just security, some other parts just don't work properly.

check all levels of logging, emergency down to debug, you'll find various hiccups

ssh admin@your.local.d-link.router

There's big typos in the scripting running these boxes, written by a junior janitor when not emptying garbage bins.

admin shouldn't be 0:0:root (one user only apart from nobody)

remount / rw

change whatever you want

remount / ro

yeah, I've complained to them about the plain text passwords,

mentioned various fixes

it's just a mess

I'll never buy a d-link again

No, eight characters, some capital letters and numbers is not a good password policy

bigtreeman

pwgen

my old fave is

$- pwgen -y 10

egh]aig0Da oVo9wohm}a iJoh9Ievu^ aig7oWua{p iM;ohwaeb3 di#eF4doh4 aGhi~ecie5 aefoh/S6Nu jei8qua=Qu cud0Zail~o Alon~oh4ju dae^the2Ci Ooxahp3ci. mohloJu%i9 Ohxae:ti8r Wu2ohshax; Eiz1hi_afa Aij5Weex%a ieG@oL3foh uPh#oov1ki nahZ"ie0af hou=Ch2Iex Go`h-u4ohx ahquo5Ief& ue8phae[P8 noCha[oy5e Na6zoj%ah9 noHu.es%o0 Bul3rid_ai ieth3Roh%G Pochei$qu0 Gei_gh2bie ohgai8Oot! ujee2Eej"i Loh2ze_Fos Zoh_Dairi4 Au3ou>v8ei uShaiw#u9u hagho3Iec# Ath4Fo.Pho Noo|h0quah eg0ahTh.ee geFae^x;i1 poe)caif3E eeHah5ahw> og_ohs6Si4 aZaeng{ie3 iey5ieT=oo Cheigh>ei5 LooGu0of,u vai4AiTe$o oofoo3Jo$e eik-i7aiGh eidu|iMe2p ja/a3Oos7l gae"Tie3ph eiJoo2vei| toos2be_L7 Wo|chioz5b Shoh5wae<z oo;t3shauN aiThi3Aa[g coh!phoh7A rah2Mu/cho Meu]t\aPe1 Ij#eekie0o cheiv:a9Ar Ek0pae@rae kux+ai6eiY aiK;i7aize IePh4ko(ib eim=ahy2Ei uw5Meithu, Aech0ieP;o Noon"ieL6h Mec=ahM0Ut adae!H2pho eev-ai8ePh quah1Jei^s ed7Ad5zu+u Ree\n+i4He nij'e2Begh aFe`ch5Nai Au`Ph6zaev ooH+oh3nae EiZu9xee'v Zei(T2yaip aesh<um0Ku Ooca-V4lo4 Foh2agh/ei aef2EeNg[u gu,a2Es0wa mahr_ohS9e Jah{g0pahv Zie?g7ia/d uv_ieHu4Io mu7Vo{chai eek4xe'Koo kooY;aefa5 ieKah9ohw{ Ad8meexae< Enge&G6Voh ee<d"aa3Ah ahShah+Je3 yee4Pa>Zah ie6uiPoh.k hai2Iefo&g Mahdu*p3ba Aghe9eeT\a Ooy"oo*k2u een9Ohqu|i Quai9goh^v soo4Faev+e Ahgh}a0aic voh:bae9Th vo0ro%aShe Cae1ohv^e8 io@noPoo2U Dukoh>to7r ahtho}hi5E Iulo|itu9x quach5uNg: ailoo=F5xa phosh6ve'F Se%quip3La The{t.u2Yu leeG!iesh6 aiCoo;H3nu uisoh5Fei@ eeKa+j2shu Iom_ei0loo nai~hahb3M uhe5Hoath; Pue)gh)ai9 OeX8hi.Chi mae7Ohm|of xoh7Ahgh;o va|mahH7Uz foh|Koo2oh Ahlie@d6ai

gives a screen of ?random passwords to choose from.

Give users an idea of what a password could be, from the examples they might create a good password they can relate to.

When a user has to think of a password they can remember, they are severely limited by their lack of imagination. Further research might find the worst passwords in the least creative people ? accountants ? bosses ?

Windows 10 Linux Distribution Overload? We have just the thing

bigtreeman

LSW

Linux Subsystem for Windows.

If Microsoft could be part of the WINE development and supercharge Wine.

Windows in a Sandbox, Play Safe

Stern Vint Cerf blasts techies for lackluster worldwide IPv6 adoption

bigtreeman

TCP/IP is crap

Well Vint, you were one of the originals, you made up TCP/IP because it just worked.

But it's crap, and now it's cemented into the base of the internet infrastructure, it's there to stay.

It just works, but it does a bad job and allows a multitude of sins which are continuously patched over.

Sometimes a rethink and rebuild is the best answer, but rarely is it done.

"

mostly run by tech giants like Google – for who Cerf works – and who go to some lengths to make sure that they can be accessed by IPv4.

"

look, a great big IPV6 bandaid

Australia on the cusp of showing the world how to break encryption

bigtreeman

bad legislation

My guess is creating legislation to force companies to give access to encrypted data. If grand poobah, mighty technocrat Malcolm is involved it will be underhanded and dumb.

Our government creates stupid legislation without sufficient discussion or thought. They have created some pretty awful laws to allow themselves to do really nasty shit. They usually end up with a patchwork of bad laws to cover over holes they have created.

Most of their crap still exists because it is too expensive or too difficult to challenge in the high court. I expect a law review somewhere in the future to wipe these bad laws off the books, it will take years and a future Australian government which gives a shit.

Read IBM and the Holocaust by Edwin Black for insight into misuse of technology by business and government, it's fecking chilling.

Nearly half of IBM's $1bn Aussie framework deal comes from mainframes

bigtreeman

final solution

quote from IBM and the Holocaust by Edwin Black

"

Quickly, the notion of sterilizing the physically undesirable expanded

to include the socially undesirable. So-called anti-socials, that is, misfits who

seemed to be unsuited for labor, became special targets. A leading raceolo-

gist described anti-socials as "those who, based on their personality, are not

capable of meeting the minimum requirements of society, i.e., personal,

social, and volkisch behavior." One official definition cited: "human beings

with a hereditary and irreversible mental attitude, who . . . have repeatedly

come into conflict with government agencies and the courts, and thus appear

... a threat to humanity." Included were traitors, race violators, sexual per-

verts, and "secret Jews." But, the numerically largest group consists of 'the

work-shy and habitual parasites'

"

I now look at IBM very differently, IBM is collecting data on everyone

Oz researchers, uni unite against Defence overreach

bigtreeman

authoritarianism

Overstretched authoritarianism.

Didn't say what constitutes 'sensitive' or is that classified and above my pay grade ?

Universities aren't the only Ozzies doing research which could be deemed 'sensitive'.

I would have thought a large slab of research was by companies.

How do military ?intelligence? get around 'commercial in confidence' ?

Tech support chap given no training or briefing before jobs, which is why he was arrested

bigtreeman

Re: Back in my day

after you'd erased the gold from the edge connectors

One place I worked, we had a gold plating bath for edge connectors and we plated our own special gold screwdrivers, pliers and side-cutters.

bigtreeman

searching

Don't you mean http://www.justfuckinggoogleit.com/

In defence of online ads: The 'net ain't free and you ain't paying

bigtreeman

I'm paying

WTF

I'm paying my ISP and the FUCKERS just put the money into their skyrockets and not pass it along to pay for content I'm accessing. I expect my ISP payment to cover more than the first 100 meters of connection. I'm paying them to access the whole internet.

Australian Senate committee dumps on digital transformation

bigtreeman

my.gov.au

And they're forcing as many as possible to use my.gov.au.

The new Australia Card.

Secure Connection Failed

The connection to the server was reset while the page was loading.

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

Please contact the website owners to inform them of this problem.

Why the 'feudal' tech monopolies run rings around competition watchdogs

bigtreeman

Re: Um....

No, IBM published the BIOS and circuit diagrams. When you looked at clone circuits, they often used 'equivalent' circuitry and BIOS, slightly changing the gates and code to perform the exact same function. I could put copied IBM roms into my clone motherboard, which allowed me to run Basic and other apps tied to the IBM BIOS.

Note: not everyone could get their hands on this info ;-) I worked for a company that serviced IBM gear and 'found' a few manuals.

bigtreeman

Your data is valuable

If your data is valuable, Google and all data abusers should pay you for the privilege of using your data.

If you see no value in yourself, give your valuable data away for nothing.

One problem is Google owns Android which gives them the first option of pwning everyone with an android phone. I'm looking forward to Eelo getting off the ground which will do for phones what Linux did for our computers. https://www.eelo.io/

What can you do when the pup of programming becomes the black dog of burnout? Dude, leave

bigtreeman

Re: It's time to quit IT and go and work somewhere that you enjoy

Don't be a fecking traffic controller. People do traffic control when they hit rock bottom.

Speaking from experience and my wife won't let me do it any more because it's really fecking dangerous. You don't get bugs in your program, you get run over by a fecking big truck - dead. You want bad management, you can't even stop to take a piss or a shit, eating lunch is what other people do.

I can then make IT a hobby and have it become fun again. - Yep I'm making hi-tech wooden paddle boards and surfboards, love it.

bigtreeman

life

Choose life.

Choose a job.

Choose a career.

Choose a family,

Choose a fucking big television

Choose washing machines, cars,

Compact disc players, and electrical tin openers.

Choose good health, low cholesterol

And dental insurance.

Choose fixed-interest mortgage repayments.

Choose a starter home.

Choose your friends.

Choose leisure wear and matching luggage.

Choose a three piece suite on hire purchase

In a range of fucking fabrics.

Choose DIY and wondering who you

Are on a Sunday morning.

Choose sitting on that couch watching mind-numbing

Sprit-crushing ga me shows

Stuffing fucking junk food into your mouth.

Choose rotting away at the end of it all,

Pishing you last in a miserable home

Nothing more than an embarrassment to the selfish,

Fucked-up brats

You have spawned to replace yourself.

Choose your future. Choose life.

'90s hacker collective man turned infosec VIP: Internet security hasn't improved in 20 years

bigtreeman

56k bullshit

I was smoking some good weed back then and can remember 19k2 was as fast as you got back in 1993, what were you guys smoking ?

56k modems didn't come out till '98-2000.

Back in 95 we had a max 28k bulletin board connection to a small local ISP which had an ISDN line back to the local university. Log on daily, do an up/down load then logout.

IBM bans all removable storage, for all staff, everywhere

bigtreeman

dumb terminals

we're heading back to dumb terminals only

server storage and applications

better control, easier security

good for business

dis-empowering for the user

all lusers praise the mighty main-frame

Time to ditch the Facebook login: If customers' data should be protected, why hand it over to Zuckerberg?

bigtreeman

tracker blocking

Tracker blocking prevents me seeing user comments on a news website in Firefox. If I want to comment on this particular site it is easiest to use the Opera browser, which leads me to think Firefox has stricter blocking and protection.

Biting the hand that feeds IT © 1998–2019