nav search
Data Centre Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

* Posts by a_yank_lurker

2963 posts • joined 16 Nov 2013

Dead retailer's 'customer data' turns up on seized kit, unencrypted and very much for sale

a_yank_lurker
Silver badge

Re: Until such a time as

@AC - The other alternative is make the potential fines sufficient massive that they could make a significant impact on the p/l statement. GDPR does this as up to 4% of a companies gross world wide revenue would get noticed as it could either wipe an annual profit or significantly lower it. Both would get investors attention who just might add to the misery by suing for 'failure of fiduciary trust'.

1
1

Congrats on keeping out the hackers. Now, you've taken care of rogue insiders, right? Hello?

a_yank_lurker
Silver badge

Basic Security

First rule of good information security is to limit access to confidential information on a need to know basis. If you do not need know the information you should never have access rights. Second rule differentiate between those who need access to the information and those who be able to change the information. If you need to use the information you should only have read only rights. Only those who will be actively entering/updating information should have write access.

The rules are simple but often not applied because it requires the local PHBs to actually think and manage.

1
0

No, that Sunspot Solar Observatory didn't see aliens. It's far more grim

a_yank_lurker
Silver badge

Re: Unconvinced

I am not convinced safety was the real reason with what we know so far. True it is a remote location and the scumbag obviously had access to the wifi system. But downloading child porn does not automatically mean he is a violent felon or even owns a gun. Securing the logs would only require the cooperation of the sys admins and arresting scumbag can be done in way that catches him unawares (as noted by another poster).

I wonder if the child porn charges were an accidental discovery during another cyber investigation and it is now being used as a cover. There are plenty of terrestrial reasons for a possible investigation were they want the facility shut down for a few days.

8
0

National Museum of Computing to hold live Enigma code-breaking demo with a Bombe

a_yank_lurker
Silver badge

Enigma Flaw

There was an interesting flaw in the Enigma machine that reduced the complexity of the code a little. It would never map a letter to itself. Plaintext "A" would never be mapped to "A" in the cypher. Also, there were numerous 'cribs' developed to help in figuring out the daily solutions that sped up the process. The real genius was the application of math to understand how even try to break the code and thus design and build the bombes and later Colossus.

6
0

A spot of Python in your Azure automation? Step right this way, sir

a_yank_lurker
Silver badge

Re: Python 2 support

Surprised Slurp did not use Python 1.

1
4

Judge: Georgia's e-vote machines are awful – but go ahead and use them

a_yank_lurker
Silver badge

Real Issue

The state government of the Peach Pit State is dominated by the dregs of the alleged college in Athens best known as THUGA and many dismal local school districts. They are quite good at subtracting from the sum total of human knowledge by breathing. Asking for competence is a definite stretch. I say this as a long time observer of state politics.

2
0

Microsoft: Like the Borg, we want to absorb all the world's biz computers

a_yank_lurker
Silver badge

Problems

For any company with legacy or specialized internal applications this will likely be problematic; too many examples of things going sideways to make the risk worthwhile. Also, the type of customer this would work best with is probably the ones that needed it the least. If you have a relatively vanilla installation with only garden-variety commercial packages this would probably work well. But this is a situation that is the easiest to manage for the an admin.

4
0

Now here's an idea: Break up Amazon to get more shareholder cash

a_yank_lurker
Silver badge

@James 51 - The whole idea is predicated on avoiding anti-trust litigation supposedly. While Amazon is big it is only dominant in online retailing (about 50%) and significant in a couple of others. As a retailer it might command single digit share of the total retail market; dominant in a niche but not a real threat to a well managed retailer. Most of wailing about failing retailers is about incompetently managed companies and over built retail space. Neither issue is the fault of Amazon at all. At worst Amazon highlights the incompetence. AWS is a tough competitor but there are many others with the cash and (alleged) technical know-how to be fierce competitors. Here its more about getting your act together than AWS being a monopoly. Since Amazon is not a monopoly the 'analysis' is really demand to break up the company as you say "so I can make lots of money".

12
2

No wonder Oracle exec Kurian legged it – sky darkens as cloudy tech does not make it rain

a_yank_lurker
Silver badge

Legacy Customers

Could the Minions have a problem with not winning much new business and relying on squeezing legacy customers. Customers who may not want to leave because of the perceived real and imagined difficulties of migrating to another database.

8
0

Microsoft: 'So, we can buy GitHub?' EU: 'We'll tell you on 19 October'

a_yank_lurker
Silver badge

Re: "Dude, we've changed, yeah?"

Yup, the same sad sack outfit that foisted Imbecile Explorer on the world. I think in the case of Linkedin and GitHub Slurp does not really understand either business. Thus the real risk is not immediately but out a few years when they try to more tightly 'integrate'' either with their other products. Right now I have a barely ticking LinkedIn account; haven't been aggravated enough to pull the plug. I do not have any code stored on external repositories such as GitHub and no plans to use GitHub in the future; might look at GitLab if I do decide to use one.

6
2

Microsoft reveals train of mistakes that killed Azure in the South Central US 'incident'

a_yank_lurker
Silver badge

Re: The American Midwest is famous

Canada and Buffalo, NY for snow removal. Gulf Coast and Florida for hurricanes. Oklahoma for severe tornadoes and thunderstorms. California for earthquakes and fires. Cascade Range for volcanoes. Got all somewhere.

5
0

What's Big and Blue – and makes its veteran staff sue? Yep, it's IBM

a_yank_lurker
Silver badge

Not Surprised

Itsy Bitsy Morons is run some very dim PHBs. There is a serious, hidden problem when canning older workers: loss of institutional memory. New hires do not the back story of why something was 10 or more years ago. And a lot of tech is really based on 30+ year old designs. Having someone who knows why it was done that way can be great help in understanding. Another issue with trying to be 'hip' is the is very ephemeral as what is 'hip' today is passe tomorrow.

44
1

Equifax IT staff had to rerun hackers' database queries to work out what was nicked – audit

a_yank_lurker
Silver badge

@AC - Mostly bloviate and show their ignorance.

0
2

Don't put the 'd' and second 'i' in IoT: How to secure devices in your biz – belt and braces

a_yank_lurker
Silver badge

Re: "No MDM no connection... if the user doesn't like it, tough"

My rule is my personal devices are never connected to the company's network for any purpose. If the company requires me to have a particular device or software they provide it on company owned kit. Segregating company from personal is always a sound policy. So no MDM configured per company on my personal kit, no problem.

4
0

Euro bureaucrats tie up .eu in red tape to stop Brexit Brits snatching back their web domains

a_yank_lurker
Silver badge

Re: Couldn't have said it better myself

And why Trump was elected over here; same arrogance by our supposed 'elites' alienated many.

23
4

Florence and the Machines: Data centers brace as hurricane smashes into US coast

a_yank_lurker
Silver badge

Carolina Triangle

The NC Triangle region is inland in the center of the state and is major technology center. Its problems are more with creek and river flooding and with downed power lines than what hit the coast. Florence is a nasty storm because the flooding potential but probably not as bad as Katrina for outright damage. Florence made landfall as strong Cat 1 while Katrina was Cat 4/5; much more powerful winds and surge. So Florence will cause problems but probably not as bad as what could have happened.

In the Southeastern and Gulf Coast regions of the US hurricanes are treated with a great deal of respect. Many of us have seen first hand the damage they can do even a couple of hundred miles inland more than a few times. Fortunately storm track predictions are accurate enough to narrow down the potentially affected regions fairly well. Part of the danger is the very strong winds and wind gusts can blow trees down. If they are strong enough they could destroy structures.

0
0

Trump shouldn't criticise the news media, says Amazon's Jeff Bezos

a_yank_lurker
Silver badge

US 'News' Media

The US 'News' media is notorious for botching or faking stories for a long time (try Spanish-American War era for some real fakery). Many reporters are not smart enough to understand the topics they are covering; it is debatable which major gets the dumbest in a US college - journalism or education. And there is little institutional awareness or concern about their incompetence within the media. Combine this with the well know political and geographical bias and ignorance of the media and you get a large portion of the US population who wonder what lies they are spouting off today. Note the term 'fly-over country' refers to the fixation on NY, Washington, and LA with almost no interest in what happens in South Dakota or how the policies they support affect states like West Virginia. Trump in many ways just echoing the frustration many have with the media.

In 2004, CBS News published a 'story' about Bush II that turned out to be completely fake. It was based on incompetent forgeries (the documents matched the default layout of Word not what would have done on a 1970 office typewriter). Dan Rather famously called them 'fake but accurate'; an idiotic statement. If they are fake they are by definition not accurate. And if they are accurate they are not fake.

6
3

Redis does a Python, crushes 'offensive' master, slave code terms

a_yank_lurker
Silver badge

Re: I just got back from a rather large data center.

Probably they start these pointless battles because they are too stupid to code or do anything else useful for society.

20
0
a_yank_lurker
Silver badge

@AC instead of master/slave try SWAMBO and other-half.

2
0

Princely five years in US big house for Nigerian biz email scammer

a_yank_lurker
Silver badge

Re: I thought the whole idea was they lived in Nigeria

Actually, they may want to be sent to Club Fed as some do not provide as luxurious accommodations for their guests. But that depends on the extradition treaties.

2
0

The Reg takes the US government's insider threat training course

a_yank_lurker
Silver badge

Nothing Really New

I remember some security training way back in the late Dark Ages. Much of what they said was the biggest problem was insiders who are disgruntled, financially in trouble, or too eager to please not professional moles. Add a couple of more categories to the old list such as hoarders, etc. Each group has to be approached correctly with the disgruntled the most likely to make the initial contact.

One issue that was true then and is still true today, there is a lot of non-classified information that does not seem important. But if it is collected routinely it can give a picture of organizational changes and new priorities. Back in the Dark Ages this was commonly a phone directory.

6
0

Microsoft accidentally let encrypted Windows 10 out into the world

a_yank_lurker
Silver badge

Re: 19H1 - virus id?

How contagious is it?

4
1

Guess who just bought Maplin? Dragons' Den celebrity biz guy Peter Jones

a_yank_lurker
Silver badge

@Doctor Syntax - Brick and mortar locations done right is a competitive advantage. But the old rules of retail siting are partially invalid. Plus you can not directly compete on price or absolute selection with someone like Amazon. So you have a valid reason for one to come to you rather than surf e-commerce sites.

0
0

Microsoft: You don't want to use Edge? Are you sure? Really sure?

a_yank_lurker
Silver badge

Stupid as Stupid Does

Chocolate factory is catching flak for their sleazy practices, rightfully so. But the issue is should Slurp sink to that level or lower. For long term customer relations and retention Slurp needs to rethink its entire customer relation policies. Angry customers will be looking for an alternative.and will become ex-customers. And they will not return. They also tend to be more vocal about leaving. This action shows a disdain for the customer. There are good reasons for the average user to have multiple browsers installed. Insulting the user is not a good business practice, ever.

6
1

Python joins movement to dump 'offensive' master, slave terms

a_yank_lurker
Silver badge

Re: I don't get it.

It's not the accuracy of the description that is the problem it is supposed connotations of the terms. The complainers do not understand that precise meanings and descriptions are important in communication. So if master-slave correctly describes the relationship between systems then there should be no problem.

21
0

Law firm seeking leak victims to launch £500m suit at British Airways

a_yank_lurker
Silver badge

GPDR Strikes?

Might we see how much teeth the GPDR really has? Also, can the EU step now? (second question out of ignorance of the legal details)

3
0

Register-Orbi-damned: Netgear account order irks infosec bods

a_yank_lurker
Silver badge

Fox in the Hen House

Sounds like the marketing failures are running NetGear which makes it a good reason to avoid them.

16
0

PPI pushers now need consent to cold-call you

a_yank_lurker
Silver badge

Re: If anyone

This type of fraudulent phone call is a world wide problem. I doubt there is not anyone with a phone who does not get several of these a week if not a day. Invariably these calls are originating from somewhere offshore so legal proceedings against them are difficult at best if not impossible. But it seems you Brits have the same problem we have with our incompetent bureaucracy coupled with the limited total mental capacity of the legislature. Czar Thomas Reed (Speaker of the US House of Representatives) once observed that too many Congress critters subtract from the sum total of human knowledge whenever they open their mouths. It seems this is generally of all legislative bodies worldwide not just the Congress.

10
0

AI biz borks US election spending data by using underpaid Amazon Mechanical Turks

a_yank_lurker
Silver badge

OCR not Online Entry?

It seems this fiasco could be avoided by having robust online data entry. But then this is the ferals we are talking about. Many of whom still have not heard of the wonderful device could a slide rule let alone a computer.

6
2

It's been 5 years already, let's gawp at Microsoft and Nokia's bloodbath

a_yank_lurker
Silver badge

Re: "I suspect MS shareholders would generally disagree."

A telling point about Amazon is Bezos' maniacal focus on the customer. He tries to understand his customers and have products for them. Also, being a retailer originally Amazon is used to operating in a low margin business that relies extensively on repeat customers to stay around. This is very different from the relatively high margins found with the cloud or software. One key difference is physical products, say cat litter, has a relatively high percentage of fixed costs for each bag sold that does not really change much. With software, once a certain number of units are sold or rented the costs to add more customers are much lower and the affect on the profit margin much more for unit added.

6
0
a_yank_lurker
Silver badge

Re: Nokia was a phone company that couldn't make the transition

@LDS - Hard challenges scare many who have no guts. Betting the future of the company on a product is nerve racking but if you pull it off the company often becomes wildly successful. Apple did it and many forget Boeing several times bet the farm on one product whose failure could take the company down. There are others. But to do it takes a leader who understands the risks and is willing to really lead get the troops motivated. Ballmer should an understanding that risks must be taken but often botched the execution. Nadella does not seem to be a risk taker and seems to be more a market follower. As Jobs observed about Apple (and all companies) whatever your core product is today you need to be willing to cannibalize it today for another product if you want to stay around or someone else will cannibalize your core product for you tomorrow.

12
1

A real shot in the Arm: 3% of global workforce surplus to requirements

a_yank_lurker
Silver badge

Re: Only 3%?

I would look at a company that enforces strict silos between groups within to have an extensive head count of useless PHBs in middle mismanagement. Ask the question: Can a peon assigned a task wander over to the originator of the task to discuss the requirements? If the answer is yes, then the company is probably relatively lean with very little fat. If the answer is no, then the company probably has many middle mismanagement PHBs jealously guarding their turf and plenty of weeds to eliminate.

Uncle Bob Martin once in a YouTube talk noted that there is a difference between being 'Agile' and being agile. The key difference was whether you adopted a formalism called Agile or do you allow people to discuss problems and solutions in ad hoc groups as needed with these people being the people actually involved in executing the project.

16
0

Tesla's chief accounting officer drives off after just a month on the job

a_yank_lurker
Silver badge

@msage - Apple was a profitable company back then unlike Tesla. I do not remember Tesla ever making a quarterly or annual profit nor coming close to meeting production goals. Apple was doing both in the throughout most of its history. Apple did have a near death experience and survived. Tesla reminds me of many of the late 90s DotCom bubble companies with an interesting product but no clue as to how to make a profit to survive. They eventually burned through the VC cash and burned spectacularly.

Another key difference is Apple was one the early companies in the PC market when PCs were emerging as useful devices around the home and office. Thus they had a chance to evolve with the market. Tesla is a late entry into a very mature market of cars and trucks. There are numerous well established companies who have been making cars for decades if not over a century. They know how to make a car. Other than the power plant there is nothing 'novel' about a Tesla. Even its 'novelty' is not new; electric cars have been manufactured since the 1890s with varying degrees of success and profitability. So there is nothing stopping say Ford or Toyota from making an all electric car and trying to sell it. Plus they can afford to have a few years of lack luster sales with minimal profits for an electric vehicle as the infrastructure supporting them improves. They also have the facilities to ramp up production rather quickly if consumer demand shifts.

4
4

Feel the shame: Email-scammed staffers aren't telling bosses about it

a_yank_lurker
Silver badge

Re: Tech Savvy Millenials

@AC - Though sweeping the core is correct. The implied assumption is someone who grew using a computer as a tool understands how they work. Other than being able to use some applications the majority of all users do not understand how a computer works. If they have to troubleshoot a problem they are DOA (dead on arrival).

4
1

Microsoft tells volume customers they can stay on Windows 7... for a bit longer... for a fee

a_yank_lurker
Silver badge

Re: Education

The minimum LTS support period should be 4-5 years from release. Any releases between LTS releases should be considered betaish; release that are ready for use but have some features that could be considered bleeding edge. These features will often find their way into the LTS but after they have been in the wild. But there would be no forced migration from LTS to the intermediate releases. Essentially look at the Ubuntu release model of LTS every 2 years (supported for 5 years) and semi-annual non-LTS releases which users usually skip.

7
2

Capita onshores IBM transformer man as chief growth officer

a_yank_lurker
Silver badge

Round Robin of Failures

Moving from one leaking vessel to another with no signs of learning - another overpaid PHB.

4
0

Windows Server 2019 Essentials incoming – but cheapo product's days are numbered

a_yank_lurker
Silver badge

After this week

With the fiasco of the last couple of days with Slurp, I would be very leery of their cloudy 'offerings'. When determining if your systems will work requires the sacrifice of a couple of goats each day you have a problem. Talking to my employer's help desk today for a Slurp issue, they noted that Slurp has plenty of issues of the aggravating kind. Yesterday's email fiasco caused a massive blitz as they were overwhelmed by people not being able to receive or send any. I was on sneakernet for a couple of hours while Slurp sorted out their blundering.

4
1

Cloudera and MongoDB execs: Time is running out for legacy vendors

a_yank_lurker
Silver badge

Re: Meh

I suspect most of the customer frustration is not with the db technology but with the vendors. The 'big 3' listed are all notorious for their shakedown antics when comes to 'license audits'. That is enough to get the attention of C-suites and does not bode well for long term commitment. However, that does not mean an alternative db type is the replacement, it just might mean ditching the 'big 3' for something like Postgresql or MariaDB.

7
0

Archive.org's Wayback Machine is legit legal evidence, US appeals court judges rule

a_yank_lurker
Silver badge

@Flakk - The totality of evidence has to point to the a consistent conclusion. Wayback Machine is only one source, other records are also a source. If the prosecution is only relying on Wayback they have a weak case. If Wayback tidies up all the loose ends then it makes the evidence more compelling. It appears the latter was done. Also, the prosecution provided witnesses to validate Wayback's methods that were cross-examined by the defense. So if there were serious holes, it should have come out with a competent defense.

10
0

Microsoft gives Windows 10 a name, throws folks a bone

a_yank_lurker
Silver badge

Re: "Slurp's Orifice has compatibility problems between version"

Orifice 2013 and 2018 always mess the layout of an elderly document we use every day work that is in the older .'doc' format if you save as a .docx format or any template derived from the elderly document. Given the original document is a controlled document it is not going to be updated anytime soon.

10
2
a_yank_lurker
Silver badge

Re: Windows 10...

or Upchuck Release?

8
2
a_yank_lurker
Silver badge

Re: "LibreOffice only does a majority of what home users need"

Slurp's Orifice has compatibility problems between version so complaining about someone else's problems is a bit of a cheap shot.

38
14

If you weren't rich enough to buy a Surface before, you may as well let that dream die

a_yank_lurker
Silver badge

Re: You don't cancel a successful program

I never quite figured out what value a Surface was when there are other Bloat based devices from many others that had as good or better specs at better prices. This is especially true since Slurp is not primarily a hardware manufacturer. Also, the marketing program smelled too much like Rooms-to-Go furniture sales for mediocre, over-priced furniture.

8
4

Anon man suing Google wants crim conviction to be forgotten

a_yank_lurker
Silver badge

Re: Right to be forgotten

For someone over here, convictions, court records, etc. are all public record and available from the courthouse. So if they are put online, whether by the court or by someone else, there is nothing one can do about it. All putting the records online does in these cases is makes doing due-diligence much easier. One can still visit the courthouse for the records.

8
0

Spies still super upset they can't get at your encrypted comms data

a_yank_lurker
Silver badge

Traitors

The excuse that encryption hampers criminal investigations is a strawman. If the communications were done face-to-face or other no electronic means (with burning of documents) it would be hard to reconstruct the conversations unless someone sings. Also, often what is often more important is the location and metadata as they will the contact history and device location. Make a couple of reasonable assumptions about the location and you can confirm or crack an alibi. The contact history shows who has been in contact and when, again often it confirms or cracks an alibi. In both cases the content is not always important. And since there is a conversation, you only need one party to sing for you.

11
0

US government upends critical spying case with new denial

a_yank_lurker
Silver badge

Cell with a view, pretty please

Can I have the cell in the corner with the nice view for the concertina wire? Or is it 'papieren, bitte'?

10
0

Mozilla changes Firefox policy from ‘do not track’ to ‘will not track’

a_yank_lurker
Silver badge

Time to

It will time to switch default browsers in a few weeks.

3
6

Let's get ethical, says Salesforce as revenues rocket 27% – thanks in part to US Border Patrol

a_yank_lurker
Silver badge

Ethical?

They must have just learned how to spell it; no if they will learn what it means. With the childish antics of many IT 'leaders' you must wonder if they have any idea what ethics and morals are.

2
0

Oracle trying hard to make sure Pentagon knows Amazon ain't the only cloud around

a_yank_lurker
Silver badge

Final Source

The Brass is doing what they typically do for a major weapons contract - choose a single vendor. This is a competitive bidding process before the award and some might invited to a second round. Almost all modern weapons contracts go through this. Apparently the Brass wants to handle this as if it was a weapons contract with a winner take-all outcome.

If you are going play the game you need to learn the rules.

2
0

VMware 'pressured' hotel to shut down tech event close to VMworld, IGEL sues resort giant

a_yank_lurker
Silver badge

Re: Skipped Cisco Live two years and will next

Prostitution is actually illegal in Clarke County (Las Wages). There are a couple of counties were it is legal in Nevada.

13
0

The Register - Independent news and views for the tech community. Part of Situation Publishing