nav search
Data Center Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes Lectures BOFH

* Posts by gerdesj

1094 posts • joined 15 Aug 2009

Page:

Home Office admits it sent asylum seeker’s personal info to the state he was fleeing

gerdesj
Silver badge
Joke

GDPR

When GDPR kicks in could they sue for 4% of UK GDP?

5
2

HMS Queen Elizabeth has sprung a leak and everyone's all a-tizzy

gerdesj
Silver badge

Re: Minor problem

This is the fault that is "leaked" to the press. We wont hear about the real snags that were found.

24
2

Japanese quadcopter makes overworked employees clock out

gerdesj
Silver badge

Re: I can save them $4,500 per month

It isn't rocket science. However I suspect that Japanese culture is a little different to ours (?)

Reading between the lines and some crazy 2+2 style reasoning leads me to conclude that someone is willing to blow $4,500 per month on an "innovative" solution to a non-problem (where I'm from - UK). However, I can imagine that I might come up with some pretty crazy sounding schemes if I had to attempt to break cultural norms. It would appear that in Japan that throwing technology - the brasher the better - is a good start to doing something pretty radical (breaking cultural norms). I've seen dafter from HR in the past 8)

This (Japan) is a land where it is apparently good form to fall asleep in a meeting, provided it is obvious that you have been burning the candle at both ends (for the firm). If that happens here, then the more humiliating the wake up, the better, is sometimes the rule. I'm not sure who is dafter ...

7
0
gerdesj
Silver badge
Alert

I can save them $4,500 per month

Managers. If they can't manage properly, then a little education followed by performance related HR procedures should get the job done. Drones in the office sounds a bit dangerous, no matter how well meaning. Besides, who is ensuring the operator (there is a human responsible for these things, I assume 8) is getting enough "life"?

I am, of course, attacking the problem from the perspective of a UK business owner. If renting drones to get people out the door at huge expense is a viable solution, then I think there is a bit of a culture difference.

Strangely enough I rarely have to boot someone out. It's not that my staff are lazy or not committed - they do go above and beyond as required and that is the key point - as required and not routinely. We are an IT firm and we've all had to pull all nighters or whatever to get someone out of the shit. We also strive to avoid the shit in the first place. We even have ISO 9000 etc to demonstrate as such. Sometimes reality matches our policies and processes ...

26
0

UK.gov law resources now untrustworthy, according to browsers

gerdesj
Silver badge
Childcatcher

How bloody hard is it?

* Put a recurring entry in your financials

* Put a recurring appointment in your email client

* Use a monitoring system - the open monitoring plugins can do a check for pending expiry

* Check with your browser every now an again

* Don't ignore the tons of imminent expiry emails sent by vendors

Yes I do know why nearly all of those examples apart from a proper monitoring system will fail. Personal email address rather than a group one along with mail blindness will bugger several.

Laziness will account for most other failure modes.

2
0

Microsoft emergency update: Malware Engine needs, erm, malware protection

gerdesj
Silver badge

You couldn't make this stuff up.

"You couldn't make this stuff up."

No you can't make it up. As it turns out, the software on your computer is bloody complicated and funnily enough it isn't perfect. I don't have MS' stats but I do know that the Linux kernel is roughly 70,000 files with rather a lot of LoC.

As it turns out, bugs happen.

19
18

OK Google: A stranger with stash of pirated films is spamming my Google Team Drive

gerdesj
Silver badge

Re: Still somone else's computer

"It's a fair bet that setting up a file sharing system with one of THOSE, even one that involves user names and passwords, wouldn't be all THAT hard..."

It's pretty easy - Nextcloud.

I run four of them. One of which has about 800 users. My wife's phone would have exploded long ago if I wasn't shipping photos and vids off it via Foldersync to my home instance.

5
0

Spy-on-your-home Y-Cam cameras removes free cloud storage bit

gerdesj
Silver badge

Zoneminder

I haven't had a Y Cam for a while now but: https://wiki.zoneminder.com/Y-Cam (I wrote a fair bit of it).

4
0

Hey girl, what's that behind your Windows task bar? Looks like a hidden crypto-miner...

gerdesj
Silver badge

Because you can't be arsed

As it turns out: not everyone runs Windows. There are a few Unix styled boxes around, some are fruity but the rest are useful.

11
68

As Apple fixes macOS root password hole, here's what went wrong

gerdesj
Silver badge
Stop

Bit of a pain

This little number is rather more nasty than every bug (with a funky name) that has been touted for years. This is *root* with no password. This is: I can ssh or RDP into your box with no password.

I don't have to mess about with anything fancy - your system has absolutely no protection against me: your root account has *****no fucking password *****.

I suggest you set one yourself. Apple seems to have let you down.

7
4

Thou shalt use our drone app, UK.gov to tell quadcopter pilots

gerdesj
Silver badge

"The problem with "common sense" is that it's so often wrong"

Absolutely: you don't allow for error - navigation or mechanical.

1
1

'Urgent data corruption issue' destroys filesystems in Linux 4.14

gerdesj
Silver badge
Linux

"Do not use ".0" release. And if you do, you should know what you are doing. "

He's a Gentooer (like myself but far more knowledgeable). You don't run Gentoo and shy away from .0 software. To be honest you normally embrace pre-release, let alone released. That's how bugs get found.

You have to repair your systems from time to time in new and amusing ways but Gentoo is great fun. In winter it will even keep you warm when you do an update so you can turn down the heating.

21
1

DNS resolver 9.9.9.9 will check requests against IBM threat database

gerdesj
Silver badge

Re: Does not work very well

$ dig @9.9.9.9 google.com A

;; ANSWER SECTION:

google.com. 11 IN A 216.58.213.78

;; Query time: 6 msec

;; SERVER: 9.9.9.9#53(9.9.9.9)

;; WHEN: Mon Nov 20 13:11:23 GMT 2017

6 milliseconds isn't too bad in my book. Bear in mind my PC has to traverse at least three switches, my office router/firewall cluster, my ISP and perhaps a fair bit of internet.

4
0

El Reg assesses crypto of UK banks: Who gets to wear the dunce cap?

gerdesj
Silver badge
Childcatcher

Barclays

I'm a Barclays customer FWIW and I login to this: https://barclays.lifestylegroup.co.uk/auth

That gets an A+ at SSL Labs and supports HSTS and PFS.

0
0

VMware open sources VR overlay for vSphere

gerdesj
Silver badge

Done before - to death

Years ago there was a toy that put your filesystem into Doom. You could run around it and shooting files ran rm.

3
0

Tor blimey, guv'nor: Firefox to try on privacy tool's Canvas gloves to leave fewer fingerprints

gerdesj
Silver badge
Childcatcher

Sailing not surfing

If you mess with <canvas> too much you will break the internet *sigh* as far as many users are concerned.

I can't see a decent way out of this tracking nonsense without a complete rewrite of how a browser uses a webserver. At the moment there is no direct analogy for websites and with the way eyeballs work. Eyeballs passively receive photons of light -> *stuff* -> image in head. Browsers don't do that, they connect, spew loads of details about themselves with each connect and run (nearly all) whatever code is sent back.

1
3

Fine, OK, no backdoors, says Deputy AG. Just keep PLAINTEXT copies of everyone's messages

gerdesj
Silver badge
Childcatcher

Metadata -> Data

So, assuming that agency X request details, only having metadata and approach A: Alice's IP connected to port 25 at Bob's IP and sent a stream of TLS encrypted stuff.

OK so port 25 should imply email (SMTP) and X gives a precise date and time and A keeps logs and mail archives and keeps precise time.

There are at least six assumptions in the above short paragraph, each of which needs to be proven to ensure that the data provided really matches the request. I can make the example really complicated without even sweating. I wonder why key escrow or (state sanctioned) direct cracking etc are considered more desirable as routine policy by .gov?

5
0

Fake tech support 'scam' husband and wife banned FOR LIFE from computer repair world

gerdesj
Silver badge

Re: Thats a plan...

Such a blacklist already exists. It's called: "Sure, here's my hourly rate."

That does work well until your SO casually recommends you to one of their mates/colleagues ...

14
1

RIP HPKP: Google abandons public key pinning

gerdesj
Silver badge

Expect-CT

Wondering what Expect-CT is? This bloke knows what he is on about:

https://scotthelme.co.uk/a-new-security-header-expect-ct/

2
0

If you say it loud enough, Uber will sound atrocious: Super Cali juristic discrimination process

gerdesj
Silver badge

Can you stop with the "super cali" stuff now? You'll never better the original Sun, and it's beginning to appear desperate.

True: you wont beat the Sun on this classic, given that one of their hacks created the original. However el Reg have managed some pretty decent riffs on it over the years. I don't see it as desperate but more as a nod or hat tip to a bloody good headline from long ago. Nowadays we kool kids - (I'm 47) call this sort of thing a "meme".

el Reg does "Super Cali" in the same way that Private Eye does "bloke with younger bird piccy". (My quotes).

9
0

Discover potholes in the information super-highway with this handy new tool (which itself just hit a roadblock)

gerdesj
Silver badge

Re: Time to update that certificate, but otherwise

Calendar? What, a recurring appointment style of thing? Madness.

For extra points make sure it is created by someone with their personal account rather than a shared one, who moves on a few weeks later ...

3
0
gerdesj
Silver badge

Re: Time to update that certificate, but otherwise

Bit sad really - there is no need to leave SSL certs to expire. Either use a browser occasionally, a proper monitoring system or even download this: https://www.monitoring-plugins.org/doc/man/check_http.html and run it from a cron job.

$ ./check_http -H observatory.mami-project.eu -C 14

SSL Version: TLSv1.2

CRITICAL - Certificate 'observatory.mami-project.eu' expired on Wed Sep 27 10:53:00 2017.

6
0

Has Git ever driven you so mad you wanted to bomb it? Well, now you can with this tiny repo

gerdesj
Silver badge
Linux

Re: tricky but powerful source control tool

"https://xkcd.com/1597" - that one is inserted at the top right of an article I wrote in my company wiki. The one that documents the method I used to install the wiki in the first place and update it 8)

Apparently I'm only good enough to be a burger flipper, according to an AC, rather than a company MD with 20 staff who runs Gentoo on his personal laptop and Arch on his office desktop.

I'm a fucking sysadmin not a kool kid programmer: I don't need to know the nitty-gritty of git - I just need it to do a job now and then, which it does admirably.

9
1

US Congress mulls first 'hack back' revenge law. And yup, you can guess what it'll let people do

gerdesj
Silver badge
Windows

At least there is a discussion

This article made my minute.

On the face of it a discussion is at least happening somewhere about what happens in a "land" called the internet. It's almost as though the internet has finally become a thing.

... mmm beer ....

10
0

Equifax: About those 400,000 UK records we lost? It's now 15.2M. Yes, M for MEELLLION

gerdesj
Silver badge

@Doc Syntax:

According to Equifax, 700,000 Brits have been seriously violated. If we assume that about 75% of the population are >=18 and there are 65M Brits then 700,000/(0.75 * 65,000,000) = 1% of the working population. Or you can go with the GDPR and probably DPA infringing value of 15M instead of 700,000.

In the UK we don't have security by SSN but then, me and the wife managed (~2005) to order a birth cert for my brother in law and then a passport for him with minimal hassle.

To be honest it only really occurred to me what we'd done/got away with a bit later: but at least he got to go on holiday 8)

2
0

How much for that Belkin cable? Margin of 1,992%?

gerdesj
Silver badge

"sounds like you got solid wire, and connectors for stranded"

Precisely. Solid wire goes into back boxes ("keystone jack"). You want stranded for patch leads with plugs on the ends.

0
0

Sysadmin tells user CSI-style password guessing never w– wait WTF?! It's 'PASSWORD1'!

gerdesj
Silver badge

Re: "They looked for the password on the CD . . ."

"Totally bog standard, and when you generate that type of certificate you MUST enter a password - admittedly the password can be a single character, but you do have to provide one......"

No you don't *have* to specify a password. Needing a password means that the certificate is encrypted and that can be removed or not even added in the first place. The -nodes in this command avoids encryption and generates a self signed certificate

$ openssl req -x509 -new -out cert.crt -keyout cert.key -nodes -days 365

I suspect that the implementation you use enforces passwords.

8
0

SEC 'fesses to security breach, says swiped info likely used for dodgy stock-market trading

gerdesj
Silver badge
Devil

"corporate filling system"

"corporate filling system" - my mind is boggling right now.

0
0

Homeland Security drops the hammer on Kaspersky Lab with preemptive ban

gerdesj
Silver badge

Re: Quite the planning process, this

"Unlike McAffee where I had to download and run a (well-hidden) executable from their website to get rid of their bloody "1 month free" install from a shop-bought laptop. :/"

Bollocks. I'm a unix sysadmin and even I know that a browse through the reg keys (from memory - my laptop runs Arch Linux) HKLM\software\microsoft\windows\currentversion\uninstall will give you the uninstall string for any .msi based software. Failing that you stop services, kill processes, delete directories and plough through the registry. A few reboots might be required but it isn't rocket science.

... and McAfee has one fucking f. Oh and add/remove programs has an uninstaller link anyway, even for the free version - you've cocked up in some way if you think you need an additional "cleaner" - which they even provide.

OK I may have spent one or twenty years doing Windows sysadmining as well.

0
14

'Don't Google Google, Googling Google is wrong', says Google

gerdesj
Silver badge

Re: Surely....

"Remember also that comments in source code are a sure sign your code is not expressive enough"

Five or 10 minutes spent with this should convince you that is bollocks:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecda85e70277ef24e44a1f6bc00243cebd19f985

Yes, I know you are taking the piss, have a UV 8)

4
0

Bish, bosh, Bashware: Microsoft downplays research on WSL Win 10 'hack' threat

gerdesj
Silver badge
Childcatcher

BASHware

No need for funky exploits. You simply write a script that pwns the machine (download and install TeamViewer or a keystroke logger if you are real l33t) and claim that it is actually an AD or WSUS maintenance script and slap it on a blog somewhere. It'll be copied and pasted straight into the console so many times without question, you'll have a botnet in no time. Now I don't have to learn PowerShell to do this - I can use my long honed unix sysadmin script writing skills.

Sadly, I'm only half joking ... probably

4
7

Hi Amazon, Google, Apple we might tax you on revenue rather than profit – love, Europe

gerdesj
Silver badge

"In the UK for example, over 205 bn pounds a year go on the state debts."

It is your state as well: *you* spend it, then you get to pay it back plus interest - that's how debt works in simple terms 8)

However that isn't really how country debt works. Countries/states are able to mint their their own money which you and I can't (without a spell at 'er Maj's pleasure). They can also fiddle with the ways they "earn" money/value and can even fiddle with how to measure and declare those. Entire economies really don't work in the same way as your personal finances and it is way more complicated than the simplistic presentations in the media. Have you ever wondered where that £205B actually goes or what happens to other countries debts to "us"?

Every day a gigantic game of brinkmanship, gambling and bullshitting goes on called economics.

23
3
gerdesj
Silver badge

"As a consultant, I have minimal outgoings to offset against my VATable earnings, so it certainly feels like a tax to me when I write out my cheque to HMRC every quarter."

(I used to be a consultant, just like you) You get the (dubious) benefit of holding an extra 20% for three months for pretty much zero bank interest in return for filling out the quarterly greeny. It can be useful to tide over cashflow as well if you are careful. You also get to offset expenses although not much. I doubt many F/T employees will weep for us. I am not a fan of IR35 though although I got out just before it kicked in.

Nowadays as a business owner with 20 odd employees I get to watch as Google and co. pay a pitiful amount of corporation tax whilst my lot get to pay rather more as a proportion of turnover.

21
1

Red panic: Best Buy yanks Kaspersky antivirus from shelves

gerdesj
Silver badge
Childcatcher

The War Against Terror (TWAT)

+1 insightful

Wish I'd noticed that earlier, in fact I think that rather obvious acronym has been missed by a lot of people for very long time (*). A lot of Brits from this parish (at least) should be hanging heads in shame

(*)I don't recall the memo, if one was sent

10
0

Mexican tax refund site left 400GB of sensitive customer info wide open

gerdesj
Silver badge

The bloody news for data breaches is practically writing itself for el Reg these days.

... and yet fuck all seems to happen.

3
0

Surprising nobody, lawyers line up to sue the crap out of Equifax

gerdesj
Silver badge

Re: Insider trading?

"I presume you lot on your side of the pond are familiar with what a secured credit card is."

Nope but I would guess that you have to lodge the equivalent of the credit limit beforehand or something similar.

Please don't knock the Mk 1 Fester - my first car. To be honest I doubt it is possible to get 300k miles on one. Mine fell to pieces way before that. The second engine blew two cylinders eventually and there were too many rust holes to count. They don't last long on the A38 racetrack between Plymouth and Exeter 8)

6
0

Climate-change skeptic lined up to run NASA in this Trump timeline

gerdesj
Silver badge

Re: I don't mine a skeptic. I prefer a skeptic in this position

"He's not a skeptic if he's already decided that the climate scientists are wrong and warming has stopped."

"already decided" is surely a pre-requisite for the condition described as scepticism. There's nothing wrong about critical thinking and I personally think that should be encouraged but he comes up with this gem to explain his position:

"In other words, our planet's temperature changes are linked to the Sun and the seas"

There's no arguing with that. It really does warm up during the day and cool at night time and the seas do have a massive effect on the climate, as Texans int al and rather large parts of Asia will currently testify. Unfortunately there are a few other factors at work, that those people are bearing the brunt of at the moment.

Closer to home (for me - UK/SW) I'm not looking forward to finding out that the Gulf Stream has decided to bugger off and that I will be able to ski at home. Mind you I am a keen skier (40 years), but the rest of the country is pretty unprepared for that 8)

11
3

Microsoft sets the date for Fall Creators Update

gerdesj
Silver badge

Re: Everything, except what we really want

You don't have to use Windows, there is choice.

7
16
gerdesj
Silver badge
Linux

Re: Promises, promises

Could I tempt you to another land that involves penguins? It isn't flawless by any means but rather easier to deal with in many ways. For example, how many times have you had to spend quite a lot of time looking for updates to non MS packages? On a Linux based system all packages are in the repositories and get updated alongside the OS.

You may feel that you might be left out in some way due to lack of support or your fav apps are not available.

If it helps, Libreoffice is capable of editing nearly all .doc, .xls etc files. Email: Evolution with evolution-aws) will happily connect to Exchange.

If you do go the way of the penguin then you will also have access to a lot more stuff than you could possibly imagine on a stock MS build.

Go on, have a play.

Cheers

Jon

15
11
gerdesj
Silver badge
Linux

Re: Will this turn out to be

Piss off noddy.

If you are a local and you can't be arsed to login or worse, you worry about karma, then please go away.

Of course MS do testing, well, we do their testing 8) I don't personally, what with me running Arch on my personal systems but I feel your pain. I just happen to have access to quite a few (hundred) MS based systems.

They do QA big style and I'm happy with that.

10
33

That virtually impossible classic compsci P vs NP problem is virtually impossible, say boffins

gerdesj
Silver badge
Paris Hilton

What the hell is #P-Complete?

"which shows the problem is both “NP‑Complete” and “#P‑Complete”"

A problem can't be both a bit tricky and proper fucking nutter bastard impossible. If you find yourself in that position then perhaps you have *two* problems. They may look related ...

Don't confuse "concisely defined" with "rigorously defined" - that way lies madness.

4
0

VMworld security asked to probe theft of anti-Nutanix schwag

gerdesj
Silver badge

Re: Par for the course

"Innocent until proven guilty but behavior like this is right in Nutanix' wheelhouse."

Piss off AC unless you have something useful to say.

Where the hell is the bloke puffing furiously on a pipe with smoke coming out of his ears icon when you need it?

1
3

Oh, ambassador! You literally are spoiling us: Super-stealthy spyware hits Euro embassy PCs

gerdesj
Silver badge
Linux

System requirements

"Why does everything seem to state 'Microsoft Windows' on the system requirements recently?"

Stop whining, I for one would like to know if my system is compatible with the latest stuff doing the rounds.

Besides, you must be new here, you cool anon numpty you, MS bashing (and supporting) is par for the course and we are sometimes generous to those with high handicaps provided they have something useful to say or at least try to but you don't.

2
0
gerdesj
Silver badge
Childcatcher

Re: "Only single player is allowed"

"Video game?"

My thought exactly but for a different reason to yours. Unless there are more gaming related strings then my *dar would be going berserk. That phrase is missing the indefinite article which isn't a smoking gun as such - some proportion of programmers of a game may have a tenuous grasp of English even when it is their first language. However the error is unlikely to be repeated for all occurrences.

So, you start with the subset of speakers who might routinely drop an "a" when describing single players in English as a second language and correlate with other clues. Obviously you might want to consider that as a deliberately dropped clue to put you off the real scent.

*crackle* *crackle* (tin foil cloak to go with the hat)

3
0

KVM plans big boosts to storage and nested virtualization

gerdesj
Silver badge

RLY?

“KVM, like other major hypervisors, supports Hyper-V's paravirtualization features,” he wrote.

I have no idea what a hyper-v looks like but it sounds a bit pervy and hence a bit wrong.

0
5

US focuses eyes in the sky as Hurricane Harvey starts to slam into Texas

gerdesj
Silver badge

Re: A couple models are showing the potential for 60" of rain in localized areas

I know they make things big in Texas but a rain fall gauge that can even measure 5' of rain would be an impressive beast. I'm not sure how big an area would count as localized there or what time scale is indicated but that's basically a swimming pool depth of water but over an entire <localized_area>.

It get's a bit damp over here sometimes and twice in 10 years the stream at the bottom of my garden has decided to get about 4-5' deeper for a few hours which was a bit unpleasant but nothing like that. I'm quite glad I decided to live on the side of a stable hill rather than say the "levels" a few miles away (Somerset, UK.)

I sincerely hope those models are wrong.

5
0

US DoD, Brit ISP BT reverse proxies can be abused to frisk internal systems – researcher

gerdesj
Silver badge
Childcatcher

Re: Think of the children

"Have a look at the SSL Visibilty [sic] Appliances for those who think https is inviolate."

Blow that - they are just one MitM method. If you want to really get to grips with what you can do to SSL, using software that you *can* get access to, then get hold of Squid and investigate "SSL bump".

At home I have a THINGS VLAN (and another one called SEWER for things that I trust even less than an IP camera). I really must get around to putting things like my Samsung telly through SSL bump to see what is going on. It may verify its other end's CA but given the quality of the rest of its programming - I doubt it. I do watch its connectivity when I'm bored. It port scans its LAN occasionally and chats a lot to AWS, no doubt for my benefit.

1
1

Comp sci world shock: Bonn boffin proposes P≠NP proof, preps for prestige, plump prize

gerdesj
Silver badge

Re: FredBed

"And your numbers are off"

Yes: read up on nPr and nCr and note that n! thing.

8
0
gerdesj
Silver badge
Boffin

I saw this on HN

I saw this on Hacker News and waited a while then sent a tip to el Reg when nothing appeared. I doubt I'm the only one but nearly all my links are in the article but the article demonstrates what a proper journo can do with a tip!

This is a seriously big deal and has caused a bit of a flap. The clever blokes "...but not an expert in this field..." types (eg Aaronson and Trevison) have already got the handbags out, postulated at least one flaw and retracted.

The paper is short and has a seriously aggressive approach - it describes what it is about from the start without messing about and from what little I understand the approach is quite straightforward. The real experts are keeping quiet for now and are probably going beyond simply kicking the tyres. The paper has survived a few days so far but unless a flaw is found it will still be months before anyone even tentatively supports this paper.

I really want this one to succeed: the author has got massive bollocks!

25
0

Creepy backdoor found in NetSarang server management software

gerdesj
Silver badge

"Regretfully, the Build release of our full line of products on July 18, 2017 was unknowingly shipped with a backdoor, which had the potential to be exploited by its creator," NetSarang said in a statement.

A somewhat ambiguous statement that could, should one be uncharitable, not rule out the vendor as the creator. At best their QA is shit. At worst their practices are perhaps patriotic (just not your patriot).

5
3

Page:

The Register - Independent news and views for the tech community. Part of Situation Publishing