* Posts by TonyJ

1595 publicly visible posts • joined 30 Dec 2010

Y2K, Windows NT4 Server and Notes. It's a 1990s Who, Me? special

TonyJ

Re: Even to this day...

"...Yeah. Problem is that in this case the shutdown command was fed into the right computer, but it didn't switch itself off....

Fair comment, well made! Between reading the article and responding to the comments, I forgot that part! Have an upvote

TonyJ

Even to this day...

In Windows I will drop to a command prompt and type:

hostname

And then manually shut it down after comfirming it's the machine I expect it to be with something like

shutdown /s /t 0 /f (substuting various /s /r etc as required)

LibreOffice handlers defend suite's security after 'unfortunately partial' patch

TonyJ

Re: What do you expect from...

So you are talking about decade+ old software in most cases.

And autorun hasn't been enabled by default for many years.

That whole "only runs for admin accounts" has always been bollocks used as an excuse by lazy admins and develepors.

Honestly, 5 minutes with Sysinternals' Regmon and Filemon (from way back in their earliest iterations) would show up where users hadn't the correct rights to run someting, and it could be changed at a file/key level.

But...it was always "just easier" to make a normal user a local or <shudder> domain admin.

I lost count of how many times I saw that particular fudge - especially in Citrix / TS / RDS environments.

Like, in this case, allowing macros to run whether or not a user took the active decision to disallow them is lazy and goes to show that not everything or everyone in open source, or closed source, can follow the concept of best practices.

And many eyes checking the source, while a great concept, only works if the right eyes look at the right area (and that's not a slur against open source).

"...Some bugs and bad defaults in Explorer since Win95 are still there in Win10...."

Could you cite some of these, because a lot of your initial list looks mostly wrong.

Our hero returns home £500 richer thanks to senior dev's appalling security hygiene

TonyJ

Ahhh passwords...

My brother-in-law worked at the same company as I had.

Literally 10 years after I'd left, the Domain Admininistrator password was the same. And weirdly as I type this, I remember it.

Migrating an Exchange Server to the Cloud? What could possibly go wrong?

TonyJ

In my experience...

...every IT partner/services company has underfunded, crappy IT internally that is supported by new-to-the-game (.i.e. cheap as chips) PFY types.

If theyre lucky, they have an old hand in charge, but not often.

The real technical talent are out on customer sites.

Google settles a four-year age-discrimination battle with 227 engineers by dishing out... $11m

TonyJ

Re: it's all over silly-con valley

"...Youth hire fellow youth because they can be brow-beaten into submission. Somebody with decades of experience isn't going to knuckle under your ignorant demands..."

Definitely some truth to this.

I often work away from home. I've always stated, categorically, that for the most part when I'm away I don't mind working an hour or two more each evening, since the alternative tends to be a longer and lonely night in yet another faceless hotel somewhere.

However, the flip side of that is that I expect no complaints when I clock off mid-morning on a Friday and weekends, except by the most dire exception are time with my family, without excuse.

Generally it's gone down well, but I've been challenged by the odd boss about why I don't put in the extra hours like he does. Easy answers: I put in plenty of extra hours but I'm not stupid and secondly, I ain't gonna work double my contracted time for free.

He pulled the same trick on a junior who then burned himself out trying to be seen to comply. Of course, the sum total of zero fucks were given by said boss when this happened.

TonyJ

Oh I don't know - interviews do work if they're done properly.

Focussing in on the hugely irrelevant in order to determine "how someone thinks through a puzzle" for example is, I would suggest, mostly pointless and will vary from person to person hugely.

Talking through a CV (resumé to our US cousins) and discussing past roles and experience. Asking questions in areas that the candidate specialises in. Tried and trusted methods, in other words, whilst attempting to gauge whether they will fit the company cultutre.

No interview process is foolproof, though, at the end of the day.

50 years ago today Apollo 11 slipped the surly bonds of Earth to put peeps on the Moon

TonyJ
Joke

Re: Amazing achievement

Pah! We all know Kubrick faked the landing and the only reason that the budget was so horrendous was his insisting it was all filmed on location....

TypeScript is now a 'top 10' language – just in time for the 'feature complete' 3.6 beta

TonyJ

Whenever...

I read "TypeScript". I always think fonts.

2019 set to be the worst year yet for smartphone market as lack of worthy upgrades dents demand

TonyJ

My own upgrade path...

...is not to go out and buy the latest generation of handset when I need a replacement, but rather one that is 1 - 1.5 generations old. By the 1.5, I mean that point where you know the latest generation is fairly imminent but not quite out yet. That's the point where you can pick up the real bargains.

I picked a Note 8 up earlie this year, round the time when the 10 series wasn't far off and paid £300 for a factory unlocked, brand new device. I suspect it will last me many years as it;s always in a case with screen protector.

The thing that frustrates me most is the built in obselence due to the lack of security updates. I don't mind being behind the curve with regards to the OS itself, but I want them patched.

I struggle to put alternatives on such as Lineage for a couple of reasons - I believe that they trigger Knox thereby voiding the warranty but also my banking app tends to become appoplectic about it and refuses to run. I'd be interested to know if anyone has usable workarounds for the latter.

Here's a great idea: Why don't we hardcode the same private key into all our smart home hubs?

TonyJ

I am genuinely staggered that this kind of shit still happens.

DeepNude's makers tried to deep-six their pervy AI app. Web creeps have other ideas: Cracked copies shared online as code decompiled

TonyJ

Re: This might be a good thing

That was my thoughts on this as well.

It's a shame we live in a society where this kind of thing matters, but it clearly does.

McAfee sues ship-jumping sales staff over trade secret theft allegations

TonyJ

Re: Oh the Irony

"...A well-known antivirus security solutions firm does not implement USB access controls..."

Came to say exactly this...not my area of expertise but I assume their own software is supposed to be able to handle this very thing??

Who left a database of emails, credit cards, plain-text passwords, and more open to the web this week? Tech Data, come on down!

TonyJ

Re: Gift cards

Pre-paid credit card topped up when needed.

Kids' gaming consoles etc - buy a top up card in the supermarket.

Pain in the backside sometimes and doesn't mitigate the whole username, passwords, emails, inside leg measurements issues but it is one less thing to worry about.

Someone slipped a vuln into crypto-wallets via an NPM package. Then someone else siphoned off $13m in coins to protect it from thieves

TonyJ

Surely...

...whatever the justification behind their actions, what Komodo have done is illegal?

Genuine question.

Could you just pop into the network room and check- hello? The Away Team. They're... gone

TonyJ

Re: Not an explosion, just my own daftness...

They just don't make things like they used to.... not always a bad thing! :)

TonyJ

Not an explosion, just my own daftness...

Testing the PDU's in some racks to make sure none of the servers had both PSU's plugged into one side.

Dull ol' me turned off one PDU - good, nothing went down. Then for reasons I still don't understand, I reached in and turned off the second one. Which might not have been quite so dumb had I at least turned the first one back on, but no...

Back in the distant past when I used to fix hardware to component level, I've had many a PSU go bang whilst working on it - dry electolytic capacitors being the favourite, of course.

Microsoft doles out PowerShell 7 preview. It works. People like it. We can't find a reason to be sarcastic about it

TonyJ

Exchange 2007 started it actually, not 2010*, although with Exchange 2010, you could see what PowerShell code is about to be called from the GUI.

One of the things that made pre-SP1 Exchange 2007 a steep learning curve for admins was a lack of capability in the Exchange Console (GUI) because Microsoft effectively rushed the release of Exchange '07 to hit their release target.

Most simple tasks (simple in the GUI) required quite complex PowerShell.

Also PowerShell came from the previously named product "Monad"

*It is entirely possible other products shipped with it first, but my own memory says it was exchange 2007.

Planes, fails and automobiles: Overseas callout saved by gentle thrust of server CD tray

TonyJ

It's Oracle...you could use every server in every rack, so you have to check for licensing purposes...

TonyJ

Re: airport security

I once got taken to one side because in my dive logbook on my carry on, I'd tucked a ring spanner and forgotten all about it...nope...you cannot take a spanner onboard.

TonyJ

Barclaycard, c 1997

...Barclaycard had just laid off everyone in the IT department in their Stockton-upon-Tees office.

The call came in to me to haul my arse up the A1 because a server wouldn't reboot.

After I got there, of course, all of my previous contacts had left and no one knew where the key to the server cupboard was (couldn't call it a room!).

After about another 90 or so minutes, a security guard finally tracked a key down.

Someone had, at some point in time, left a floppy in the drive and it was trying to boot from it.

One eject button pressed and of course, the thing rebooted properly.

Hours and hours of downtime for something the on site staff could've fixed in seconds, had they not got rid of them.

DXC Technology seeks volunteers to take redundancy. No grads, apprentices, and 'quota carrying' sales folk

TonyJ

Re: I give them two years...

Do they have a cloud strategy? I was there (when it was still HP/HPE) about 7 years ago and they pumped serious cash into their offerings putting front and centre of their whole enterprise only to drop the whole thing about 12-18 months later.

Let's make laptops from radium. How's that for planned obsolescence?

TonyJ

Re: Saab, too

My very first motor was a red Ford Escort estate, MKIII

I thought it had really comfy, springy seats but it turned out to be a rotten floor.

I found out when it went for an MOT and the mechanic said it needed some welding - he'd French chalked the area..."the area" turned out to be the whole floor.

What else?

First and reverse gears were randomly interchangeable because the gate was knackered, the boot lock barrel could be pulled out and the boot opened by pushing the lever...that's not to forget it also had a tendency to just pop open at random anyway.

The heater had two settings - the Arctic or Hell. Ditto the fan - off or full on and it sounded like a jet taking off. Shook the dashboard like it, too.

And the choke...the god awful, manual piss take that THAT thing was. Too warm - won't start. Too cold? Won't start. Cloud over on the horizon, within 20 miles? Won't start. Damp or wet? Won't start.

But I did love it all the same - it was my first proper bit of freedom.

Sophos tells users to roll back Microsoft's Patch Tuesday run if they want PC to boot

TonyJ

Re: RDS

"...The first thing I do, for Windows and all OS flavors in my shed, is to disable all remote access needed for some IT wonk to mess with my systems especially RDS..."

No you don't. At least not for Windows, since it's been disabled by default since at least Windows 7.

Polygraph knows all: You've been using our user feedback form

TonyJ

I assume...

...that was a retelling of a nightmare?

With a hint of the dross we now accept as reality TV and the way it chews up and spits out the very people the crowds and viewers delight in morbidly viewing in the first place?

I don't particularly watch TV, but I have occasionally caught an episode of Jeremy Kyle and managed to feel both a sense of horror at the spectacle with a slightly shameful smugness of "Oh well at least my life will never descend to being on that show..."

I'm glad it's off the air but inievitibly it will soon be replaced with something equally horrific.

Want a good Android smartphone without the $1,000+ price tag? Then buy Google's Pixel 3a

TonyJ

Samsung Note 8

Factory refurb. £300.

Does everything I need and want but I'm not the most intensive user of mobiles.

'Software delivered to Boeing' now blamed for 737 Max warning fiasco

TonyJ

Surely...

...having two sensors is as bad as just one?

If one fails, how does the system determine which one it was?

I've mentioned this before, but my diving rebreather has three O2 sensors*.

Part of the pre-dive sequence is to calibrate the unit for the mixes of gases in use. During this calibration, you also watch the mV of the sensors to ensure that they're close to one another.

If one behaves oddly, during the dive, you still have two.

I'll admit I don't have anything to do with safety systems, but to my simple mind, if you're having two sensors surely you either need a way to determine which one is actually at fault, or stick to just one? Or three.

*It never fails to boggle my mind the number of posts online about "I've found a cheaper O2 sensor that seems to work" or "I use a different kind of CO2 scrubber that isn't actually rated to go in rebreathers and none of the major manufacturers have ever tested on but it's cheaper so I'll use it".

NASA fingers the cause of two bungled satellite launches, $700m in losses, years of science crashing and burning...

TonyJ

Re: There is quality

Sure...in the same way that all of VW's emissions testing was performed by one person and Baring's Bank came down because of one rogue trader.

Like you, and any other rational-minded human, I've never believed that.

What a meth: Elderly Melbourne couple sign for 20kg shipment of drugs, say cops

TonyJ

Old joke

The local hairdresser has been arrested for dealing drugs.

I can't believe it! I've been a customer for years and had no idea he was a hairdresser!!

TonyJ

Re: " if they were smarter they might not have to turn to crime"

Surely the "smart" ones enter banking or politics? Or both

VMware now officially supported on Azure. We repeat: VMware now supported on Azure

TonyJ
Joke

Re: Does it run in VM ?

Yeah I'd like to know that for a friend too...

Can I install Hyper-v on Vmware in Azure?

Sky customers moan: Our broadband hubs are bricking it

TonyJ

Re: This reminds me of when...

I second that.

I was with them prior to BT - when I called to tell them I was moving (this would've been just before it became public knowledge they were being bought out), they offered me 12 months of free internet access to stay.

Unfortunately for them, I was moving to fibre and they didn't offer it.

Still remember the Dutch guy chuckling and saying "Sure it'll be quicker man, but we're talking free!"

I have fond memories of ISP's that were fabulous before being bought out and turned to ratshit - Nildram and BE.

I did briefly try Zen at one point around 2011 but something happened during the move and I ended up with sub-dialup performance and in what I suspect is unusual for them, they basically refused to help saying all their tests showed everything was fine and the problem was at my end despite the only thing changing was a move to them.

That's when I went to BE, as I recall and they had no such issues.

TonyJ

Ahhh Sky...

...the ISP that literally told me I was lying* when I reported a speed drop from 3.8Mbps to around 2Mbps after they "fixed" an issue. Apparently there was no way it could ever have supported those speeds - even after I sent them screen shots from various speed tests.

Or that insisted on going through their script to ping the wrong IP address because I'd changed it. Also, nevermind that the thing was dead - no power, they had a script and by god they were sticking to it.

I stick with the original (I believe rebranded Huawei) modem I got sent when I switched to BT fibre and use Sophos XG for all of the PPPoE etc. It works well and always seems to connect 2-4Mbps faster than any ISP provided equipment.

I still have the Vodafone kit all nicely boxed up - it's handy to keep, because the two times I've had an issue, they've asked for it to be reconnected before confirming the issue wasn't at my end.

*Actually used the word lying! Not mistaken, are you sure etc - "You're lying to me...that line could never support those speeds".

Thank you, your DNA data will help secure your… oh dear, we've lost that too

TonyJ

Re: My mum got asked to prove her age at a pub

Like buying hard liqour in Florida - had to prove I was over 21 every time.

Beer on the other hand - no problems.

It was just the law. No point complaining and I'd prefer not to get someone in trouble.

TonyJ

Re: Alistair Dabbs

Do you need a hug, Mahhn?

TonyJ

Oi Dabbsy!

"... polygraph test, DNA comparison with the top 10 Most Wanted,..."

Don't give the buggers any more daft ideas!!

Baffling tale of Apple shops' 'non-facial' 'facial recognition', a stolen ID, and a $1bn lawsuit after a wrongful arrest

TonyJ

"...On the internet no one knows you are a dog."

Ah my favourite Abraham Lincoln Quote...

"...So it WASNT ID and shouldnt be used/accepted as such..."

No, but it would be evidence

"...The won't get the billion if they win..."

Hope he does though if they do indeed use some form of facial recognition (which as pointed out above, does seem likely).

No stormy weather on Microsoft's horizon – as quarterly commercial cloud cash balloons 41%

TonyJ

No...'the cloud' in, and of itself, is no con.

The con comes from management who don't comprehend what they are buying into: that it's a panacea, that all of their IT/technical/technology headaches will all go away. It doesn't need staff to manage and backups just happen. It's all self-healing and can migrate transparently across the cloud hosts data centres in whatever continent and just keep running ad infinitum.

Oh and it'll be cheaper.

But it's simply misunderstanding what 'the cloud' is and how it should be managed and designed and supported properly - just the same as if you were putting servers in a data centre you owned or a co-lo.

Management and companies are conning themselves.

Windows 10 May 2019 Update thwarted by obscure tech known as 'external storage'

TonyJ

Re: Working fine for me

"...No problems with 1903, but bad workmen always blame their tools, right?..."

How the hell do you even get to that?

Microsoft have an updated OS that has the potential to bork the system it is being installed onto because - shock horror - some edge case where there user has a USB or SD card installed </sarcasm>

Now...given that one way to install the OS is via a USB stick you have to ask how that ever, ever, ever happened?

But no...lets not blame the software or the lack of testing or the frankly diabolical concept of 6 monthly OS upgrades*... let's spout off some nonsense.

*Remember when you used to get a new version of OS every few years and it had gone through that pesky thing called testing cycles, including some alpha and beta testing? And how they at least _tried_ to fix issues before foisting it onto the paying public?

Even other vendors are at it - Citrix have an LTSR version as well as a 6-monthly rapid release version. Given their tendency to fix one issue whilst causing 3 more, I can't imagine why anyone would try to fast track their systems this way.

It was that gosh-darn anomaly again, says SpaceX as smoke billows from Crew Dragon test site

TonyJ

"...Which is fecking appalling for space-faring. NASA's record since the 1960's was way better and they were literally doing it for the very first time ever with nothing but a handful of silicon chips and an awful lot of engineering...."

Ok...except that NASA weren't trying to land their boosters at all, never mind on a moving barge, so that they could be reused, were they?

Also - NASA built a lot of their work on what the Nazi scientists had previously done - seemed to be a fair few failures with the likes of the V2 if you look... maybe, just maybe, a lot of those early kinks that made them RUD had, y'know, previously been ironed out.

Aaannnddd on top of that, SpaceX seem pretty willing to share even the failures on YouTube et al.

There's a lot to dislike about Musk, for sure, and I've criticised some of it in the past (e.g. the stupid, nasty, petty name calling with regards to the kids rescued from the caves), but as others say, criticise that which should be.

Oranges vs Apples

Whose cloud is it anyway? Apple sinks $30m a month into rival Amazon's AWS – report

TonyJ

Hmm...

...how many seconds/minutes of global revenue is that?

I'd think that it makes sense to leverage something like AWS rather than pay vast amounts to build and run your own infrastructure in this particular case.

Like everything else in IT - "cloud" isn't a panacea but there are use cases where it makes sense if done properly.

Now here's a Galaxy far, far away: Samsung stalls Fold rollout after fold-able screens break in hands of reviewers

TonyJ

Re: What happened to testing?

In this case, more generally part of the fragile process...

;-)

Yes, I may have advised 'some' investors to flog their Autonomy shares, analyst tells High Court

TonyJ

"...My hear bleads, bleads..."

Your what, does what now?

Loose Women woman's IR35 win deals another high-profile blow to UK taxman's grip on rules

TonyJ

Re: It's time...

Honestly... now I've calmed a little, I can't say what would incentivise them.

TonyJ

VAT - a tax paid based on turnover not profit.

TonyJ

It's time...

HMRC were made to cover every last cost incurred by the people they're dragging into court. And then, like they like to do, add punitive penalties.

I would even suggest it's time they were barred from targeting any individual or SME until they had crossed a recovery threshold for companies the size of Google et al.

But of course that won't happen because they not only use the same accountancy firms that advise the government and opposition and write the loopholes, but these guys have bigger legal teams and more money to fight back.

Oh and probably have a better understanding of the law.

Brit Watchkeeper drone fell in the sea because blocked sensor made algorithms flip out

TonyJ

My (diving) rebreather has three O2 sensors.

Prior to a dive you calibrate the unit. During the calibration, and during the dive, it uses an algorithm (closely guarded secret, of course) to determine if any one of them is faulty and ignores it.

Of course, it doesn't rule out two could be faulty but that's why you watch the calibration process and rotate the cells out at different times, so they're not all three from the same batch.

A quick cup of coffee leaves production manager in fits and a cleaner in tears

TonyJ

So...

...what? He just stood there and let her cop all the flack? Or he admitted he'd left the door open?

And no instructions to the cleaners not to enter the room to vacuum? Or perhaps they did this regularly and this was just a freak occurrence (the fuse going)?

A very unsatisfying tale, today :-(

Are you sure you've got a floppy disk stuck in the drive? Or is it 100 lodged in the chassis?

TonyJ

Re: One, OK, hundred, I have my doubts

Also inclined to agree.

Late 80's on the first year of my electrical and electronic engineering course, one of the lads managed to stuff the 5.25" floppy into the crack above the FDD - not really out of stupidity or lack of understanding but simple lack of paying attention and carelessness.

Of course, it was noticed immediately, much to our collective amusement (and also that slightly happy feeling it was someone else that did it).

Huawei savaged by Brit code review board over pisspoor dev practices

TonyJ

Re: Real point here

That's one of the reasons for layered security from different vendors. At leas if the penetrate one layer, they can't then (usually) go on to use the same tricks to get past the next layer.

Of course, that costs money and is more complex to set up and manage.