1164 posts • joined 15 Aug 2009
"I recently acquired a sexy new Dell laptop."
Me too. I got Arch on it without even having to accept any unwanted license agreements. Being able to update the BIOS from the EFI partition is a welcome change to the contortions Linux users have often suffered in the past (eg convert swap partition to a fat32 f/s so that FreeDOS can run a DOS only updater)
Re: Another WD nightmare
You might consider NextCloud. Mine is open to the world but securing IT stuff is my day job. If you are not sure then start with getting a VPN running for remote access to home. OpenVPN listening on 443/tcp looks very like a https website which can work nicely on many sites and you can even drill it through many web proxies if needed.
Another option (USB over PoE)
Note that you can get devices that turn a PoE into a powered USB connector. The one I got off Amazon didn't want to allow the ethernet to get through so I ended up using the wifi.
Re: Is ABC...?
Angry of Andover (Billious of Birmingham and errrr Cold of Stream)
Re: Who uses McAfee ?
You are probably unaware of their ePO product and the other big outfit stuff they do. McAfee has a rather better name in corp circles than you might think. To be honest, their enterprise stuff is massive and sometime quite bewildering (I've been "doing it" for about 10 years now). I run Arch on this laptop and my office workstation and can install Gentoo without bothering to refer to a manual but sometimes an ePO can stump me for a while but not for lack of functionality 8)
Well, Lydford is just up the road from here (Yeovil).
Might have to pop inn.
I am a dyed in the wool sysadmin that owns my own company (MD). I only have around 10 Windows and 20 odd Linux servers to worry about on a VMware cluster with a slack handful of SANs, switches etc and pfSense routers.
I can't manage to patch that lot to Cyber Essentials standard all the time because CE mandates patches applied within two weeks of release. That's a laudable aim and one to work towards but the real world has a nasty habit of intruding.
For example, recently (last two months) Mr MS unfortunately released a right old bugger's muddle of updates that broke Exchange a bit (ooh me Transport Service has died) and broke older and weirder SharePoints, and screwed Azure Sync (and the rest). I have also had RDP die on 2008R2 servers until I fix certificate perms and even which one to use. I really picked the wrong time to start restricting schannel stuff and enable other MS patches via registry keys.
I *am* the pointy haired boss and have absolute power (until my office manager kicks me into touch) and know what I am doing. I'm CREST accredited and can throw together a Gentoo box without bothering with docs. There are not enough hours in the day to patch things anymore.
I have a few customers to worry about and a few PCs as well
To be honest it depends on how the 2032 thing pans out.
For me 1999 was the first year of the Linux desktop. OK, year of the Linux console - it took me a while to configure XFree86 and work out how to get a window manager together. God it looked crap compared to what I'm typing this on: sysadmins should not have to work with typeface choices and anti aliasing was not exactly a thing.
Now you can tell someone to literally go f--k themselves over the internet: Remote-control mock-cock patent dies
My count is less than that and I follow Hacker News FFS!
I see they have Papr but not Plopr or Wnkr
Go on, you know you want to: https://twitter.com/search?q=%23teamviewer&src=typd
Re: And people still use XP
Get a grip. My firm tends to a Win 98 (*) machine for someone. You'd be surprised what runs the machinery in manufacturing ...
(*) It breaks if you put a default gateway on it. NetBEUI becomes NetBIOS and that's too modern. Hilarious
"Brazil are still favourites with a 29.9 per cent likelihood of taking home the spoils."
Not any more they aren't.
Re: bugger the mouse
If having your ball and rollers removed and replaced with a red light and sensor wasn't bad enough, you want to do that to the poor thing.
For shame Sir, for shame.
Look, if you are going to do IoT you need: A network technician, a sysadmin, multiple sites, the mind set of a proper engineer and a lot of time to experiment and test. You'll need a safety first mentality and a few other skills.
I have most of the above, including a lot of tape. I am starting with ESP8266s and simple circuits, Mosquitto and Home Assistant. My VMs live on a proper SAN and VMware cluster. I start with multiple segregated VLANs and firewalls (including hosts). All comms including MQTT are TLS 1.2 or similar. Web apps live behind HA Proxy etc etc. If anything fails, it is designed to fail to manual operation rather than fucked.
Oh and the wife is the customer.
Re: WiFi coverage
He is next door to Harrods and on a residential(ish) street with a *lot* of APs nearby. At least one of those will be running WEP or have a PSK of "Password1" or "hanscrescent" or something equally stupid. If he does not have internet access, then I'd be quite surprised.
He's here (Google Maps, Street View) That droopy flag is Ecuadorean and those green boxes to the right of the iron railings are BT jobbies. Yes he has the internet rather close by.
Wouldn't it be nice if threads that had a title with an OS in it had a no Anon rule?
Has anyone really bothered to value their el Reg karma value?
Does anyone really give a shit?
"but Sonos only connects via SMBv1"
I too have Sonos, so does Jeremy Allison.
"it is tempting to go 100% cashless"
It seems that several 1000 TSB customers have beta tested that for you and found the experience less than satisfactory.
Re: This is why science rocks
"As much as you're upvoted, you must accept the scientific fact that placebo ... works. "
Yes, placebo has a measurable effect. Homeopathy is still bollocks.
Re: "Judge us by our actions"
"It decided it was going to download 1803"
Calm down hmkay ... we use the same numbering scheme as Ubuntu. Windows 10 is practically open source and hence lovely.
In case it passed you by: 1803 (Win10) is March 2018, 18.04 is April 2018 (Ubuntu)
"or you could try hosting your own Git service"
I do - its called git!
"If a vendor is too lame to have a real page, then I just skip them."
However, many business owners are unable to avoid the fact that their customers are glued to FB and unable to engage with them otherwise.
ACs ACs everywhere, yet ne'er a comment to worthily remark upon
Is RegAuth down? Every comment here so far is AC. (OK test done and "no"). So wtf is going on? Am I really going to have to ditch my Private Eye sub?
On balance I think that a set of regs with aims like this might be useful:
This Regulation is intended to contribute to the accomplishment of an area of freedom, security and justice and of an economic union, to economic and social progress, to the strengthening and the convergence of the economies within the internal market, and to the well-being of natural persons.
Re: Welcome to the 'new' Canonical
"I think you need to run wireshark and look at the actual traffic on a minimal install ubuntu. I think you'll be surprised."
It's not going to be very minimal if you've got Wireshark on it. Perhaps you meant tcpdump? Anyway, I've just done a Bionic minimal - https://help.ubuntu.com/community/Installation/MinimalCD - install and there is no sign of any data slurping.
Re: "opt-out was probably the best choice"
GDPR relates to personally identifiable data. I'm not sure that the metrics being gathered constitute a fingerprint.
Re: It's the Russians, No the Chinese...
Re: 3 fivers and change?
GDPR doesn't apply yet. This would have prosecuted according to the provisions of the Data Protection Act.
"OSI layer 7 attacks"
Simply use the DOD four layer model and avoid the problems at layers 5,6,7! Job done.
Re: How to make the move?
"My ISP (Plusnet) is IPv4 only." I used to be with PlusNet and when I asked a few years back what their plans for IPv6 was, I was told "no plans".
I left. I also took the four office links to another ISP ... and around 30 odd of my customers ... and my dad and my brother and a few other family members and friends and acquaintances.
Not the end of the world for them, I'm sure.
Re: So Facebook's response is to shoot the messenger basically
Dream of electric sheep (possibly).
"Privacy has been a design consideration. And because it's actually a rich Linux, you can run Docker."
"so the incoming mains supply was lost to the bit barn and generators failed to pick up the slack"
They are not generators then, just lumps of stuff taking up space ..
Re: another lesson
"NOBODY NEEDS TO FORWARD PORTS UNLESS THEY ARE RUNNING A SERVER."
Re: “the IRS gets to decide what does and doesn't get an appeal hearing”
"Rather defeats the purpose of an appeals hearing, if the opposing side gets to decide whether to let you fight."
That was the result of a court hearing, not a fight in a playground.
"Wanted? I thought it was foisted regardless?"
You mean one day I'll run $ yaourt -Syu and find myself mashing ctrl-c really, really quickly and taking a long hard look at my mirror lists??
Karma to burn
Re: Be careful about version numbers.
" whereas distro-makers might be doing their own thing." Oh they do ...
Ubuntu take a stock kernel version eg 4.13.0 and then stick with it but backport fixes etc. Hence you get versions like 4.13.0-41-generic which is the 41st version of the Ubuntu version of 4.13.0 - in a generic way 8) This on the other hand: 4.16.5-1-ARCH is the first Arch iteration of the stock 4.16.5 kernel.
Both kernels will have some stock mods applied before distribution so my 4.16.5-1-ARCH will be different to what you get direct from Linus and Co.
Why not wire it up to Stackoverflow as well and be done with it? You'll have your code writing itself 8) What could possibly go wrong?
My school (Abingdon aka "Royce's") had a RM Nimbus in the D&T workshop. With Windows 1 on it and a rather early AutoCAD.
About 1 year later I (cheers Mum and Dad) had a 80286 based beast with 1MB of RAM. I saved up for a 80287 maths co pro so I could run ACAD on it. To be honest I had more fun reading Peitgen and some other bloke's fractal related shenanigans and attempting to replicate their results in GW Basic.
Then I got hold of a C compiler - cool and quick and bloody complicated. I went back to BASIC to get the results that I wanted at the time, in linear time. Before you smite me with righteous indignation, bear in mind that I just wanted results and not a cool paradigm.
"MP's obviously don't read el Reg"
Private Eye have used that name for as long as I can remember
Re: The funny thing is that...
My cat must have gone on a diet:
-rwxr-xr-x 1 root root 34856 Dec 29 12:08 /usr/bin/cat
$1.6bn - How many NHSweeks is that?
"This includes transitioning the delegation for management of .au to another provider if auDA is unable to achieve necessary outcomes."
This includes getting someone else to do it.
Re: OH dear....
"The supplier said the client was free to invoke them, but if they did, the supplier would be filling for bankruptcy as it could't afford to pay any.
The public body was stuck between a rock and a hard place."
.. and hopefully now understands the concept of "due diligence" (including insurance)
Re: So ElReg what are you reporting this crap for.
"The only VPN's of any value are the ones that you connect to at your place of Work or Home, if you can keep them secure, don't stuff up, leak your own addresses, crash, staff don't spy on your usage or just............"
So true and yet even the pros make mistakes. Take me for example. I look after quite a few networks, firewalls and the like. I have a newish laptop and decided to put my office OpenVPN connection on it. Fired it up, typed in "whats my ip" into Google and saw my IPv6 address staring back at me. Bollocks. Oh well I'll use the office WANs via the web proxy to get the job done.
I now need to fix up what happens with working IPv6 when connecting to our currently IPv4 only VPN. The assumed policy is that all traffic is gatewayed through the VPN and it isn't. I could simply change the policy I suppose.
Aircraft do not use Windows for critical systems.
Imagine being a pilot in a commercial jet on finals and being told that Windows Updates needs to do its thing due to an inadvertent miss configuration (ahem) and "making everything safe" before doing it.
IT exists ...
... to keep lawyers in business. I suppose it is one way to repatriate non trivial amounts of dosh to the US:
spend it on sharks.
Trebles all round for m'learned friends *chink*
"Such a shame the patch kills 2008R2 servers" and Windows 7 and possibly not just on VMware either. We also have several instances of wifi being disabled on Windows 7 on our helpdesk ...
"It's also worth looking for updates from vendors of third-party RDP clients, as they can also fall foul of this vulnerability."
It took nearly three whole days from patch Tuesday for a fix to arrive via pacman on my PC.