* Posts by Wzrd1

2260 publicly visible posts • joined 7 Dec 2012

GitHub publishes RSA SSH host keys by mistake, issues update

Wzrd1 Silver badge

Re: If you're unclear how SSH encryption works, about public versus private keys

I've saw no end of confusion as when one is trying to get keys issued to a server and an IIS admin gives the wrong name for the asset, such as the server name, rather than its alias (bob.mydoman.net vs www.mydomain.net).

Had me tearing hair out. Of course, this nerd bled plenty over the years for real, so obviously the hair was not my own.

I was a dick and made them all attend a class on encryption.

Musk said Twitter would open source its algorithm – then fired the people who could

Wzrd1 Silver badge

Re: Snake Oil Salesman who forgot to move on...

"The problem with making bigger and bigger promises, is that eventually people are going to want to see some of them delivered. He should have ran away when he had the chance..."

Yeah, like they expected delivery on promises from Trump?

All we got was an insurrection that did more damage to our Capitol Building than the British Army did in 1812.

When our leaders bravely turned and ran away...

Wzrd1 Silver badge

Re: As a member of the Reformed House of Python

Bloody hell, we had to wait for someone to invent a hole!

The first model was defective, it was a bloody hole.

Wzrd1 Silver badge

Re: >Open sourcing the code is hard

Yeah, OK. So, Microsoft got caught stealing full code bases from multiple companies, Remember DoubleSpace, renamed after being sued by Stac to DriveSpace and the infringing code removed (and a massive settlement)? Oddly, no smoking hole in the ground were Microsoft HQ is.

Just cost them man hours in software writing, rather than stealing and a fairly large check to Stac.

Wzrd1 Silver badge

Re: Not the first time

Well, he also promised the SEC he'd stop manipulating his company's stock prices via Twitter blasts. They're still waiting for him to stop that crap.

Mere mortals flouting such laws would already be fined to penury and imprisoned.

Wzrd1 Silver badge

I wIlLnOt Do AnY sUcH tHiNg!

:P:p:P:p:P:p

Now, let's stop talking about the Excession under M32 code and switch back to ROT13...

I'll just get my hat...

Wzrd1 Silver badge

"Oh he could easily open source Twitter just by posting some developer's log-in credentials!"

Well, he did close. He had Tesla software developers review Twitter's code, much to the amusement of the former Twitter developers, as he expected them to fully comprehend the code in a few days.

As for Musk understanding marketing and hardware development management, that's not actually established, as he hired such managers. He just hawks for them like a circus ringmaster, but unlike the ringmaster, he's no clue how to even raise the tent.

Well, the other talent beyond showmanship is actually a good one, knowing how to hire good and competent people.

I may loathe the man, but I will give credit where it's due.

White Castle collecting burger slingers' fingerprints looks like a $17B mistake

Wzrd1 Silver badge

Never fear

God-King Company will prevail, with a penny slap and the abused getting less than a penny.

It's how wage slaves are compensated in the Fascist States of America.

Object and enjoy homelessness.

Oh, full disclosure, I am a US citizen and retired US military

Debian dev to the rescue after proposal to remove Itanium from Linux kernel

Wzrd1 Silver badge

Re: Alpha > Itanium ?

Most distros have long dropped 32 bit support.

The quest to make Linux bulletproof

Wzrd1 Silver badge

Bullshit is a problem

With so many silos, one gets security issues and those eventually spread like a fireworks display across the field of view and beyond.

Every time open source went with silos, commercial style, security took a back seat, just as Ubuntu released a new LTS version without it's FIPS and security enhancement package.

Welcome to the new world, the same old one, just with a new fake name for the two dollar whore.

Maybe next, we'll get Hitler 2.0 or something equally idiotic, to rinse and repeat, with much larger losses, as has been the trend for idiots who refuse to learn from history.

Of course, the correspondent also failed with a certain former German brand of Linux, bought and fouled hopelessly up by Novell, then returned to spender. At least they did touch on the ReisderFS debacle and the tossed baby with the bathwater, when there was no other real game in town.

Yeah, we old farts are really inconvenient and stand in the way of regress, erm, "progress".

Welcome all to the newest, most improved silo, all of which previously failed, but this will succeed like a fine Tesla autopilot or autodrive...

It's a shame we outlawed euthanasia...

I'd sign a lot of idiots in business up for it.

WAN router IP address change blamed for global Microsoft 365 outage

Wzrd1 Silver badge

Stop fat shaming! So, someone's finger are in need of going on a diet, so what?

We didn't like that traffic anyway...

I'll just get my coat...

Girls Who Code books 'banned' in some US classrooms

Wzrd1 Silver badge

Re: God botherers strike again!

I live in the area and the comment is spot on.

Well, God botherers and Trumpites, both of whom object to any texts that don't worship their gods.

Amazing how effective minority rule actually is...

China's 7nm chip surprise reveals more than Beijing might like

Wzrd1 Silver badge

Re: Ours

Yep, produce the production kit, leave the purchaser to swim in the nasty chemical brews from using that kit.

Smart move, surprising given the recent idiocy of calling methane based fuel clean.

Microsoft gives its partners power to change AD privileges on customer systems – without permission

Wzrd1 Silver badge

"keeping in mind we are a publicly traded company... and "admin" has the rights to read every email."

Odd, as in DoD we configured exchange message stores and the entire exchange system so that only exchange administrators could access exchange beyond their own mailbox and only specific exchange administrators could access the message store and hence, the e-mails.

A hint that one doesn't have access is to exmerge and the pst files are empty and 32k in size and of course, logged errors in attempting to access the exchange data store.

Misguided call for a 7-Zip boycott brings attention to FOSS archiving tools

Wzrd1 Silver badge

Re: Not my problem

"Unless the company is involved in war crimes or human right violations, I don't care what they do."

I've saw some source code that certainly qualifies as serious violations of the Hague Conventions... :/

Wzrd1 Silver badge

"Dependency management on Linux can often require distro-specific packages for some things, mainly depending on how many shared objects they're going to use."

Dependencies, library paths, odd other path issues and at times, a massive amount of profanities... ;)

Especially when someone takes the LSB standards and just tosses them into the circular file.

Wzrd1 Silver badge

"I can only wish Igor to keep up the good work."

To hell with that, I say everyone who can code pull his source code and fix every bug that they can trace, then toss it his way without taking any credit.

You know, business as usual. ;)

I'll help out once this damned cataract is removed, otherwise I'm living on headache planet.

Wzrd1 Silver badge

Re: A couple of points

"Where US = UnServicable"

I greatly resemble that remark!

Mostly because we don't have universal healthcare, like civilized nations do.

Wzrd1 Silver badge

Re: A couple of points

"Sure it wasn't Blazing saddles?"

Pretty sure it wasn't, as John Wayne wasn't anywhere near that film. It would've lent the film gravitas that it most certainly had no use of. ;)

Wzrd1 Silver badge

Re: A couple of points

"One of the most appalling things I ever heard was John Wayne in a film saying 'Talk American'."

I recall the film and this born US citizen would've instantly countered, "I'm sorry, I don't speak Moronic".

But only because I can't speak any of the indigenous tongues.

I did have an opportunity to enjoy "cussing out" a Karen in the wild, who demanded someone speaking Spanish to a family member speak English. I harangued her with profanity in Sicilian Italian, German, Yiddish (yeah, six of one, half dozen of the other, mostly), Arabic and Hindi. I stopped there because I couldn't recall much of the profanity that I had learned in Russian and Chinese decades ago.

If you think being blasted in German is bad, you really don't want to try it on for size in Arabic. ;)

The poor creature scurried off, much to the relief of all in that region.

Because, nothing succeeds like excess!

Wzrd1 Silver badge

Re: A couple of points

"In fact if software was mandated to have both, it might teach left-pondians how to spell."

Don't blame us in the US, it isn't our fault that the occasionally United Kingdom didn't bother documented English until a bit of a tiff started in 1776. Giving 1150 AD to be generous, it seriously took you 600 years to document your own blasted language?!

What were you doing during all that time, bringing the world civilization and blood pudding?

I'll just get my hat...

Wzrd1 Silver badge

Re: A couple of points

"Such is the pleasure of language."

Indeed, I've no bloody idea what they speak in Liverpool, save that it seems more intelligible once heavily intoxicated.

Of course, across the pond, in West Virginia's more rural areas, I'm quite certain that the language spoken there is enraged house cat.

Wzrd1 Silver badge

Re: I like 7Zip.

"My critique of Russia as a Finnish citizen is not borne out of care for USA but for the deplorable actions of Putin and his cabal."

I've every faith that, should Russia decide to visit, you'll more than replicate the Winter War *and* regain some land lost in that war.

Especially, given the performance thus far of RF forces and the utter lack of logistical support.

Just keep them in the woodline like last time. ;)

Wzrd1 Silver badge

Re: I like 7Zip.

"How many did the West kill and murder in Iraq based on lies?"

What lies, Bush the Lesser was up front at the very beginning, "He tried to kill my daddy".

Beyond that, I'll be honest, I have no bloody idea whyinhell I was there, beside him grasping on intel that was beyond lousy and flat out not even wrong.

I'm also trying to figure out "kill and murder", as war by definition is state sanctioned mass murder. We could go on and on about London, Dresden, Hamburg, Tokyo, Hiroshima, Nagasaki and the atrocity I had in the bathroom last night and still get stuck in a circular rut.

And honestly, WWII, GWOT and a sojourn into idiocy in Iraq certainly do not equal the invasion of Ukraine that's attributed variously to "a Jewish Nazi" and "Pride Parades", when it's just a Russian land grab for both a warm water port and trying to reconstitute the old Russian Empire.

Thinnet cables are no match for director's morning workout

Wzrd1 Silver badge

Well, could've been worse

Instead of ethernet, they could've been dealing with broken ring.

You remember it, "IBM provides robust tools to diagnose and maintain broken ring...

Yeah, tools. Wish in one hand, shit in the other, we all know which hand's getting filled.

Wzrd1 Silver badge

Re: Full names please.......

Way back in the ice age, I had a platoon sergeant named Ricky Head.

Didn't like to be called Dick, so you know what was shouted coming to attention...

File suffixes: Who needs them? Well, this guy did

Wzrd1 Silver badge

Remote grand poobahs and their infinite knowledge of cluelessness

Some centuries back, when Windows95 was still in vogue in corporate environments, despite the incessant warnings of security issues or well, no security, a client organization called for service. A bunch of computers couldn't access the network or internet.

A bit of diagnosis revealed that some bright individual had downloaded malware, which replaced winsock32.dll with something that would've easily been mistaken for a potted plant if it wasn't just data.

So, I find a machine that wasn't corrupted by the malware, which took a bit of doing and in a shortcut attempt, needed to create a share somewhere, anywhere, so that it could be copied via netbeui (don't blame me, I didn't design or support the network, the distant corporate overloards in their fully certified ivory tower did). Alas, creating a share wasn't allowed by GPO, so off I go to call their HQ command center and resident MCSE's. Resistance galore to allowing a share to be created or used anywhere, period and this gem of wisdumb was offered, "Just copy the winsock32.dll from the AS400 disk".

I slowly and patiently explained (we were getting $185/hour, so I was extremely patient, but not as patient with problem clients that paid $100 more per hour for us to put up with them), winsock(anything).dll is a Microsoft product, the AS400 is an IBM product and the two companies weren't getting along or sharing files for quite some time. So, I was offered the suggestion of copying winsock32.dll from the install disk, which was a early release version and we were a couple of service packs in, rendering the suggested solution as effective as replacing winsock32.dll with a text file named to that name.

Explaining even more slowly, obviously realizing that utter morons were now able to acquire the treasured MCSE certification, I explained what service packs were, mixed versions being fatal to systems we're trying to recover, as the malware wasn't persistent in that case and the plant really should resume production before proton decay in the universe and generally gave a full suggestion of my lack of faith in the individual's capability to even utilize a specially blunted infant feeding spoon without self-harm occurring and finally, finally, FINALLY, access was granted.

Operations resumed within the hour, as it was only 100 machines.

The fun part, he was the supervisor, who all non-cookie cutter things had to go through. The company is now registered as a foreign corporation, apparently having failed from California.

I should've become a dentist, as I've had ever so many teeth to pull over the decades!

Russian 'Minecraft bomb plot' teen jailed for five years

Wzrd1 Silver badge

Until precursor chemicals, specifically concentrated nitric acid and sulfuric acid became difficult to get, at least once per year we'd be greeted with a news story about some idiot kid trying to make nitroglycerine in their basement or garage and not realizing what an exothermic reaction was or that nitroglycerine is prone to grow very, very angry when above the freezing point of water.

Once they healed from their injuries, they inevitably were charged with manufacturing explosives and rightfully so.

Or do you think it'd be cool to have some kid being childish with explosives and blow up your family home in the middle of the night during an "accident"?

Wzrd1 Silver badge

Re: I'd like to say....

Yeah, the UK also tends to take a dim view of someone manufacturing and storing explosives to blow up even derelict buildings without the appropriate permits.

Personally, I'd be quite delighted to know that my neighboring flats aren't chock full of explosives, as explosives tend to make really, really rude noise.

Or was the part "...due to a lack of evidence, and replaced with charges of unlawful manufacture and storage of explosives." missed by most?

Because, I only advocate for the home manufacture and storage of whisperglycerin.

Facebook, WhatsApp, Instagram deplatform themselves: Services down globally

Wzrd1 Silver badge

Well, it could be an accident, but...

There's all that deleterious news that strongly supports regulation of their content.

Then, an apparent self-inflicted foot wound, while depriving users of service.

I'm not bit on considering outside of Hanlon's Razor, but this is quite convenient as a warning.

And given a warning, I say regulate the dog snot out of them..

Now, thrice over and gone.

Computer shuts down when foreman leaves the room: Ghost in the machine? Or an all-too-human bit of silliness?

Wzrd1 Silver badge

Re: Motion sensor lights in toilets

We had such sensor lights in a secure documents facility. It was always quite entertaining when working on classified documents, the lights would go out.

Once, for purely entertainment value, I stood up to trip the sensor and managed to clap before the lights came on. Rare is it that one hears much laughter in such secure settings!

Needless to say, cell phones were unwelcome in such a place, as well as anything else that possessed a microphone, so the notion of clap on brought the house down (we all knew it was passive IR based).

Xero, Slack suffer outages just as Let's Encrypt root cert expiry downs other websites, services

Wzrd1 Silver badge

Always fun watching SA's bungle SSL certs

Some years back, I had to give an entire LAN/WAN shop a quick course on SSL, especially as regards to the resource human friendly hostname.

At the time I was in information security, having moved up from that same shop. Implementing it isn't rocket science!

SSL loses trust, check cert, root cert, awshit - got the new one, trust it, flush the proxy server cache, go to lunch early.

ProtonMail deletes 'we don't log your IP' boast from website after French climate activist reportedly arrested

Wzrd1 Silver badge

It seems that Proton privacy & no logs is guaranteed whole

Whole, like sliced Swiss cheese.

NHS-backed org reacted to GitHub leak disclosure with legal threats and police call, complains IT pro

Wzrd1 Silver badge

Re: Attorney fail

And the failure is an unnecessary conflict, based upon your version of events and a vacuum from the opposing side.

It's predicated upon two concepts that interlock in IS and organizational duties that are paramount.

Due care and due diligence.

If you showed me that my castle door keys were openly available and you're retaining a copy to protect your interests, I'd not have a warm and fuzzy feeling of comfort, as I have no idea if your security is any better than our own!

I'm a bit more reasonable, at a cost of billable hours in seeking a mutually agreed upon common ground for a secure data custodian, who will represent your interests, upon mutually agreed upon common interests grounds. And add, in my jurisdiction, said data is evidence and needs to be protected from all, including us and our concerned parties and only the courts may access said data, pending an order from said courts.

What I'd try to avoid, from the company side is exposure, potential blackmail or compromise of now secured data.

Once mutually agreed upon, we'd move forward and avoid the courts and we'd happily ensure a trust is established to secure the data - outside of either of our controls, save if the trust fails and then, we have a common problem.

In my jurisdiction, you've committed a crime. You willfully destroyed evidence in a matter presented to the court. It is the matter of contention and controversy, hence, evidence.

Due care and due diligence requires I expend the least resources for the maximum gain.

So, securing the data is paramount. I'd have an olive branch in reserve, a joint paper on how to protect data, ensure organizational security and serve common cause via said paper.

Everyone wins.

Currently, the organization has a huge black eye and you have legal bills, as does the organization. Any victory from that is Pyrrhic indeed!

Wzrd1 Silver badge

Re: Sorry, Fail - Rob

Had I been involved with the response, I'd suggest to counsel that your individually retaining such evidence retains some risk and suggest third party, representing the researcher's interests be mutually retained as custodian of the sensitive data, to be destroyed upon a mutually agreed upon date and assurance that no litigation would ensue from the matter.

We'd help fund the custodian, the data would remain secure and an agreement mutually found. It'd have a side effect of burning less billable hours for all parties and all concerned interests would be protected.

Then, have counsel and the researcher write a paper on the incident, response and their effects.

Everyone wins, I get my revised code audit and enhanced security and the world + dog learns how to responsibly manage such an incident and remain under budget.

Wzrd1 Silver badge

The very moment that I revceive a filing

Is the moment that the data retained becomes evidence and I'll not be the one to willfully destroy evidence.

That evidence will then be presented to the courts and become public record.

At least, that's how the courts and laws operate within the US. The evidence would be presented on discovery and presented to the court, thereby becoming public record and likely, subject to the Streisand Effect.

The demand to unlawfully destroy the presented evidence would also be submitted, which will likely draw some crossed brows from the jurist.

Chinese AI censors live-streamed Alpacas – beasts with a very NSFW and political back story

Wzrd1 Silver badge

Re: Overload censoring mechanisms

Mockery has taken many an authoritarian regime down a peg.

That higher peg already being beneath contempt...

Easily distracted by too many apps, too many meetings, and too much asparagus

Wzrd1 Silver badge

Re: wild asparagus

It grows wild in the US as well. It's great to find while camping in the spring.

IBM, Red Hat face copyright, antitrust lawsuit from SCO Group successor Xinuos

Wzrd1 Silver badge

Re: IDENTITY THEFT

Indeed, the courts decided that SCO Unix and derivatives like UnixWare were owned by Novell, which was purchased by the UK based Micro Focus.

That's like me suing a neighbor a block away for stealing my petunias, which were purchased by my neighbor, planted on that neighbor's property and cared for by that neighbor.

Wzrd1 Silver badge

Color me confused, but

Given that the courts decided that Novell owned the rights to SCO Unix and by derivation, UnixWare, how can they lay a claim on that which they do not own?

A borked bit of code sent the Hubble Space Telescope into safe mode, revealing a bunch of other glitches

Wzrd1 Silver badge

Re: I'm surprised they tried the backup motor

If it's broke, we can fix it.

If it ain't broke, we can fix that too.

Wzrd1 Silver badge

Re: It depends...

Precisely the nature of the failure kill chain.

Wzrd1 Silver badge

Re: Test before deployment ?

Or tested it in a virtuous virtual environment, which lacked the virtue of being faithful to the physical environment.

Such as a failed patched environment that doesn't reflect what's actually in use. Muddle the testbed, back it out poorly, everybug passes after...

PC printer problems and enraged execs: When the answer to 'Hand over that floppy disk' is 'No'

Wzrd1 Silver badge

Yeah, had a few clients like that

Some, with the CEO being the obstruction.

We simply raised our $135/hour rate to the problem child $185/hour rate and for a special few, $235/hour, and one, $250/hour.

As no other peer would accept their business, yeah, it was worth the effort. With the two highest rate charged companies, I was given free hand and given that no other company would deal with them, it was priceless.

If someone doesn't know or understand, I'm patient and can educate the village idiot, but abusive and obstructive, those are folks that I explain to all listeners about that invaluable individual being a primary example of why one does not poke baby in the fontanelle - repeatedly.

Dutch spies helped Britain's GCHQ break Argentine crypto during Falklands War

Wzrd1 Silver badge

Re: Great name, great beer

@JimboSmith, wrong. Spectrum reception and analysis can, with sufficient resources, defeat frequency hopping, sideband signaling tricks and a few other tricks in RF signaling.

Russia admits, yup, the Americans are right: One of our rocket's tanks just disintegrated in Earth's orbit

Wzrd1 Silver badge

Re: Musings from the group W bench...

At the velocities we're talking about, even the play-doh obscenity would turn thousands of objects into millions, which would stay in orbit for decades to centuries due to additive velocities for some boosting the orbit for the fragments.

Think not? We'll make a sabot with play-doh and shoot it at you at Mach 1.1. Your flesh would come apart faster than the play-doh.

Wzrd1 Silver badge

Re: Elon Musk isn't helping, is he

Let’s educate you a little, or try

tr

OK, first off, lifting anything into space will never be less expensive than dragging something about in a truck. Ever. Rockets are always going to be more expensive than ground transportation, regardless of your conditioned response.

Second, earth orbit is a good second best, but putting a telescope on the moon would be far superior, but obscenely expensive.

Still, if you want to put a telescope into space, since it's as cheap as trucking the contents of a home up a mountain, announce to us all when you've paid for a space telescope by yourself. People move all the time, so it'll be a snap for you to do it.

I'll wait until proton decay, as I know how expensive space really is, as physics doesn't yield to business hype, business yields to physics or fail. Always.

BTW, I tend to take anything said by Musk with a grain of salt the size of Gibraltar. Especially given his recent antics, expressed desire to flout the law and well, the general incompetence in sending CPAP machines and calling them respirators (the old name lay people used for ventilators).

I also consider his vehicles rather interesting, given the few that have impersonated a Roman candle ever so well!

Wzrd1 Silver badge

Re: Honest question....

The question is, was there a venting failure and eventual failure of the pressurized component or excessive spin? Because after those two, the next most probable cause of RUD is impact.

NASA signs deals to put a rocket under Artemis flights until 2029

Wzrd1 Silver badge

Re: Artemis?

STS-51-F was the one.

QUIC, dig in: Microsoft open-sources MsQuic, its implementation of Google-spawned TCP-killer QUIC

Wzrd1 Silver badge

Re: the good thing about standards

Indeed. Does anyone remember MSjava?

So poorly implemented that Sun had a few words with Microsoft, who then had the nerve to tell Sun that that was how Java was supposed to be implemented. The courts had a different view on who owned Java...