Posts by Kevin McMurtrie

Hardly the first problem

I had one of those (RV042G I think) and it was hopeless to secure. If I reported a vulnerability, Cisco would send me a patched firmware file with a worse vulnerability. I crushed and disposed of it when the WAN ports had admin telnet permanently open with the default password. Giving it away for free would have been an act of cruelty.

Linksys WiFi APs followed shortly for the same reason.

Modern drivers are lucky

My 1988 Toyota Tercel died every morning while driving. Carburator air/fuel ratio was managed by a computer made of vacuum driven components and an equally crude electronic computer. Working together? No. The vacuum computer's changes corrupted the parameter mapping that the electronic computer learned from prior feedback. That was not so bad as long as the feedback loop was active.

The feedback loop needed a few seconds to work when coming off idle. Any change in conditions caused the car to stall in the middle of intersections, usually when a truck is coming.

A very complex hack was applied by Toyota to give the vacuum computer more gradual, finer grained adjustments. It didn't really work. To top it off, the atmospheric vents for this vast system of vacuum circuits was right next to the crankcase vent - the thing that coughs up a fine mist of oily soot.

Fixing car bugs with a software patch is modern magic.

Backstory?

Is this a convoluted response to intellectual property theft and government backed trade wars? Sometimes there are no correct answers for the problem you have because the problem is only a symptom of something else needing correction.

This has to be a tax, patent, or money laundering trick.

Big banks

That's what you get for using a big bank and not having a team of accountants watching it. You have to dispute every fee, protest every change of terms, and NEVER let your account balance decline enough that you become the bank's prey.

I'm sure they can hire a JP Morgan fraud investigator for... it's a lot and it's not targeted towards "smaller" customers. So sorry. Also, the balance went negative after the last fee for not maintaining the minimum balance. Your account is closed and the last 12 outbound checks are being reversed to recover past due fees to the bank.

Move fast and irradiate things

I bet nuclear safety is probably a lot like data safety - there are well understood technologies and processes that are nearly foolproof... but nobody has time for that.

Failed while failing

Southwest received $7.2 billion of public subsidies to help them get their act together. Maybe it's time to look for criminal misuse of funds? Throwing money at contractors and cloud providers, if that was even done, doesn't count as money properly spent.

Don't forget Android

Android phones were another Trojan Horse to breach privacy. With regulations getting tighter, it's easy to imagine their value quickly drying up.

It looks like Google is trying desperately squeeze money out of Android by selling Cloud storage. They crippled microSd performance and usability to the point where apps needed to drop out of Play Store. You'll also notice that G-apps phones have declining storage capacity. Models for Google markets are usually 128 or 256 GB maximum with no microSd, regardless of price.

Luckily, there's a way out. Plenty of phones run fine without the G-apps and libraries. I wouldn't mind "Material You" being ripped from the codebase either.

Mr Broadus Jr.

https://twitter.com/SnoopDogg/status/1604656918844256257

This is going to be like the year that all of Hollywood ran for Governor of California and we ended up with Arnold Schwarzenegger. (That didn't go badly and I don't know how)

Click here to watch a message saying you can't watch

At least www.bbc.com stopped advertising programs to the world, showing a streaming player, and then telling the world it can't watch. Na na na na...na.

I just tried it now and the US variant of BBC links to BBC local channel guides. Still not helpful. Maybe I should have left a network TV tuner in the hotel on the last visit?

I just want to do some pruning

A hassle in the Java world is that some third party library will eventually reference an Apache library for API compatibility. Now 20 years of Internet garbage is going into the build. How many millions of critical vulnerabilities that imported isn't relevant. I want to know the best points to insert a manual dependency exclusion. Doing it manually is trial and error by checking for runtime failures.

Trusted for deduplication too

Some will say that the odds of a SHA-1 collision for file deduplication are an impossible 1 in 2^160. On the flip side, math says that if you are hashing files with 100 million bits, there could be up to 2^99999840 collisions. I once saw a colliding cryptographic-strength UUID glitch a financial system. My trust is that large computer systems can brute-force their way through impossible odds.

Ah, I remember the good old days when computers were slow and a "1 in a million" bug was something you had a day or two to fix.

Duh

If you want a dorky name but don't want to be stalked, you need a name like "Usb Reviews" that will completely fail in search engines.

Probably for the best

Rivian needs to focus on cheap mass production. A deal with another car company to build something custom would have been a distraction.

Cursed IAM

Bidirectional grants in IAM, assumed roles, inherited roles, instance roles, deployment/tools roles, global bucket rules, and temporary access tokens. Multiply that by a ton of internal operation codes that no longer match APIs. You can see why an outsourcing company with a tight deadline is simply going to flip the switch to make it public.

Between that and needing to use a multi-part API for streaming uploads, I think the word "simple" might be misused.

Twits already moving to Twexas?

https://bid.hgpauction.com/auctions/8421/herita10194

Looks like the landlord is already moving out. No espresso machines = no hardcore workers.

To hell with Google

Google Play Store prohibits apps from using APIs as a way to manipulate competition. I have apps that need fast microSD access but Google hasn't allowed that in over a year. They require apps to use APIs with severely throttled performance.

Download apps from F-Droid or the developer and they work perfectly.

I honestly don't think Google has a plan. They want to sell cloud services and siphon data but they're dumbing Android down so much that there's no advantage left over iOS. It's like a boring iPhone, but buggier.

There's a local newspaper that still exists. Their website has so many ads and trackers, at least 100 per article, that there's a nearly zero chance of successful rendering without an ad blocker. The site demands money but paying won't turn off their ads and trackers. In fact, you can make the site stop demanding money with an ad blocker because it's an outsourced test running client-side. I could be a nice guy and give them a subscription but their articles aren't any better than Tweets and bots. I just saw their science columnist describe a new energy harvesting system using the mystery unit of "megawatts per day." It was disappointing even after typos in the article's sub-header set expectations.

Bad response

Taking so long to reply is going to drive away even customers that weren't impacted.

9n the flip side, DigitalOcean would have left them all running with the infections.