* Posts by a_yank_lurker

4139 publicly visible posts • joined 16 Nov 2013

Reddit gets downvoted as site takes a Wednesday tumble

a_yank_lurker

Next Time

Can Reddit and Twitter go down at the same time and stay down permanently?

That'll take the spring out of your step: Apple warns of iPhone shortages, revenue miss due to coronavirus

a_yank_lurker

Widely expected

There has been chatter that the COVID-19 would cause some economic hurt because of the need for quarantines and workers being out sick or worse. I would expect many companies to report off numbers for the next couple of quarterly cycles as the virus hits other areas and after it burns out things get back to normal.

Call us immediately if your child uses Kali Linux, squawks West Mids Police

a_yank_lurker

That assumes the local plods can understand the advice. Given what they listed I doubt any of the plods knows anything about computer security.

Crypto-upstart subpoenas Glassdoor to unmask ex-staff believed to be behind negative reviews. EFF joins the fray

a_yank_lurker

Layoffs

Layoffs will lead to some negative posts about a company, expect them and ignore them. Suing over negative comments will lead to nasty court fight that you stand a decent chance of losing by legally and morally. Ignoring them will not draw attention to the comments as the only people who are likely to even read them are people looking at you specifically. Kraken made sure I heard of them negatively and I have no interest in them, very stupid of their manglement.

As far as reviews on Glassdoor and similar sites, expect the happy employees to post comments less often than the disgruntled and ex employees. In other words, take the reviews with a bit of a grain of salt that they are probably skewed.They are like any other online rating and should be used as such, useful but should if possible not be the only source of information. I would look at the general tenor and trends in the comments as well as the most recent.

Ever had a script you just can't scratch? Excel on the web now has just the thing

a_yank_lurker

Security???

Somehow these macros worry me because anytime you have a macro there is the possibility of it accessing system areas no macro should go. Also, many macros are not particularly well written nor audited for best practices or security.

It's a Bing thing: Microsoft drops plans to shove unloved search engine down throats of unsuspecting enterprises

a_yank_lurker

Questions?

I wonder if one of Slurps' legal beagles got wind of this stupidity and pointed out the legal ramifications of this latest goon tactic to slurp more user data.

Microsoft ups the ante with fix-fixing patch that leaves some Windows Server 2008 machines unable to boot

a_yank_lurker

Re: MS wants us to move on...

The outrage over telemetry is about users having control of their boxes. Ultimately the owner should have the final say as to what is done on their boxes. But Slurp deigns to think just because you are using Bloat they own your boxes. It really does not matter how much or little they collect it's about ownership.

HPE's orders to expert accountant in Autonomy trial revealed

a_yank_lurker

HPE Trying to Lose

So a beancounter has testified that if you make many assumptions about Autonomy's accounting practices you can 'prove' Autonomy was guilty. However, is there any evidence any of these assumptions are valid or just pulled out HPE's collective arse to 'prove' their case. Basically HPE seems to have admitted they really do not have a case and are at best wasting the court's time if not committing fraud themselves.

Windows 7 will not go gentle into that good night: Ageing OS refuses to shut down

a_yank_lurker

Fishy

Something is fishy here with the timing. I am not sure who has been 'updating' their code after the last patches, I do not support any Windows boxes right now. The usual suspects for crappy updates have been fingered. But what is missing is more details of what was going on and it is quite possible the user might be unaware of what exactly happened.

Maker of Linux patch batch grsecurity can't duck $260,000 legal bills, says Cali appeals court in anti-SLAPP case

a_yank_lurker

A couple of points

Most FOSS licenses, as best I know, are written/reviewed by legal beagles. But what has not been well tested is whether they are binding on developers who are using the code. In particular, what parts of the specific license are legally problematic. But there a couple of points. The copyright owner has the ultimate authority to specify the conditions something is released under as long as it does not exceed their legal rights. Now the tricky part is whether the FOSS license constitutes a contract with binding terms. This gets into whether EULAs which they really are valid and what areas legally void. Again, EULAs have not been well tested.

Now to Bruce Perens, there is a general understanding that the GPL is a viral license that does not allow closely off extensions or additions to the code. This is Bruce's position. But it has not been litigated to the best of my knowledge. Suing Bruce because he stated their actions violated a commonly and widely accepted view is rather idiotic.

a_yank_lurker

Re: Walled Source

What you are allowed to do depends on the specific license wording with any license. GPLv2 has specific wording about what some cannot do to restrict downstream rights. This was do deliberately.

Come to Five Guys, where the software is as fresh as the burgers... or maybe not

a_yank_lurker

Five Guys

While they are an improvement over indigestible (McD) and the unmentionable (BK) they do have stiff competition over here for highish end burger flippers. There are several regional and national chains that are direct competitors to them and some have a much better reputation than Five Guys (never tried a couple of them as they are not near me) at about the same price point. The biggest issue is they are not cheap and many traditional sit joints are at the same price point with a broader menu.

Day 4 of outage: UK's Manchester police deploy exciting new carbon-based method to record crime

a_yank_lurker

Would they have been better off building the system internally instead of hiring Crapita or another shakedown operation?

Android owners – you'll want to get these latest security patches, especially for this nasty Bluetooth hijack flaw

a_yank_lurker

Re: Who would not do this?

I normally have Bluetooth turned off. I only use discovery mode when pairing a new device which is done very infrequently.

Wake me up before you go Go: Devs say they'll learn Google-backed lang next. Plus: Perl pays best, Java still in demand

a_yank_lurker

Re: If you want to do Low-Latency properly ...

Agree to a point. There are applications that require low latency done manually and there always be some. But there are many were the extreme emphasis is not as important as was 10 or 15 years ago.

Oi! You got a loicence for that Java, mate? More devs turn to OpenJDK to swerve Oracle fee

a_yank_lurker

The Minions harass their own customers by shaking them down needlessly. They are forcing devs to look for alternatives including possibly moving away from Java altogether.

Researchers reckon 500k PCs infested with malware after dodgy downloads install even more nasties from Bitbucket

a_yank_lurker

Re: Instant karma

There are numerous more reasonably priced (or free) options if you do not want to use Gimp or Libreoffice for example.

I suspect most of the people using cracked commercial software refuse to research what is actually available, how much it costs, and whether it fulfill their needs. Basically being stupid. Joe Christina, a photographer on YouTube, is doing a 'Life after Adobe' series where he looks at various options to replace Adobe on various platforms. It turns out there is quite a number of excellent options at various price points available. So for any supposed 'default' software there often exists a number of options to replace it. The only question is what fits the user best.

RIP FTP? File Transfer Protocol switched off by default in Chrome 80

a_yank_lurker

Usage

I haven't used FTP for several years at least knowingly. But if I need to use it there is Filezilla.

Iowa has already won the worst IT rollout award of 2020: Rap for crap caucus app chaps in vote zap flap

a_yank_lurker

The Fiasco

I have been following this since the Monday evening US. There are several absurd things about this. First, as pointed out above, Iowa is a relatively rural state with areas that have iffy phone reception and relatively slow wired connections. Second there was no testing of the app in the field. Third the app was developed rather hastily (about 2 months from reports I have read). Fourth it had to be side-loaded on to the phone, a rather significant security stupidity. Fifth there were probably much better ways to get the data from the boonies to HQ than an app. As suggested above a dedicated web page would mean if you have internet access you can reach it fairly reliably even in the boonies, there are landlines and cable in the boonies. Sixth, there was no training on how to use the app, even computer literate people would like some training and a chance to play with an app before going live when you have other issues to deal with. Seventh, there was no reliable back up system, it was the app or bust.

While there are some concerns about Shadow (yes that is the company name), they apparently did not have enough lead time to develop, test, refine, and get the app approved for iPhone or Android stores. The primary fault appears to lay with the IDP for pathetic planning and and even more incompetent execution.

Some of the US media has been having a field day with blatant ineptitude show. Donald has already been tweeting about it as the only person who so far has won an Iowa caucus (Elephant variety) and general blundering. The conspiracy theorists are already claiming the screw up was to hurt Sanders and help Slow Joe Biden by delaying the release of the final results until mid week when the news cycle has begun to move on to New Hampshire. Partial results indicate Bernie in first, barely, and Creepy Joe is languishing in fourth. But as others have pointed out, incompetence is just as good an explanation.

GitLab can proclaim diversity all it likes, but it seems to have a real problem keeping women on staff or in management

a_yank_lurker

Manglement Strikes Again

When manglement touts diversity a wise person smells a rat. They want hit a bunch of check boxes not actually trying for real diversity. With real diversity you should have mixture at the top as well as throughout the organization. But when touting diversity there seems to be a very strong glass ceiling for certain groups.

At last, the fix no one asked for: Portable home directories merged into systemd

a_yank_lurker

fiddling or stupidity

a_yank_lurker

A company of any size should be issuing a company owned and managed laptop to anyone working remote. This would eliminate any need to access company files with one's home computer.

Microsoft Teams starts February with a good, old-fashioned TITSUP*

a_yank_lurker

Re: Amateur Hour 365

And Slurp wants us to sign up for their various cloudy offerings but they cannot manage a certificate. That should make one pause about using Slurp, it is below amateurish, an amateur would be aware that a certificate needs renewal.

'Cyber security incident' takes its Toll on Aussie delivery giant as box-tracking boxen yanked offline

a_yank_lurker

Vague

What exactly is a 'security incident'? These vague ravings do not help affected people know what to expect or what they should do. What personal details have been compromised? Any financial information compromised?

Recently I had bogus charge on my credit card which was caught within seconds by the bank. It was a pain to get a new card but there was other damage and I know exactly what to do and the communication with the bank told me what to expect. This is the type of information consumers need to know. Even if it is unclear how the CC was compromised (another issue) I knew what was happening, what to do, and what to expect within a few minutes with no double-talk.

Remember those infosec fellas who were cuffed while testing the physical security of a courthouse? The burglary charges have been dropped

a_yank_lurker

Re: State is not county

To know what the actual status of counties and municipalities are in Iowa you need to read the Iowa Constitution and relevant state laws. States very in the amount authority they give local jurisdictions.

a_yank_lurker

Re: "...elevating the alignment between security professionals and law enforcement."

That is partially true when dealing with the states and the feds. At the county and municipal level it is a bit different. How the various levels work together is governed by the state constitution and how much independence is granted by the state constitution. In some states, power is more centralized than in others. So what we would need to do to determine if the sheriff and county DA actually had the authority they claimed is read the Iowa Constitution and relevant state laws, something I have not seen anyone comment knowledgeably on. Given the outcome, I tend to doubt they had the authority they claimed.

I suspect the locals were kept out of the loop deliberately by the state partly because the state authorities probably did not think they are all that competent and because they wanted to see what would happen if the locals were caught napping.

Gin and gone-ic: Rometty out as IBM CEO, cloud supremo Arvind Krishna takes over, Red Hat boss is president

a_yank_lurker

Doesn't fix the real problem

Shuffling deck chairs on the Titanic does not solve the problem. The Morons only have a couple of relevant products among the sewage. Probably their best product is Red Hat.

Ginnie was a worthless leader with no clue (see stock price performance) and I have my doubts about the new dismal leader as he looks to be an internal hire not an outsider who might be competent.

If only 3 in 100,000 cyber-crimes are prosecuted, why not train cops to bring these crooks to justice once and for all, suggests think-tank veep

a_yank_lurker

Re: It's an insane idea

She was talking about putting more plod resources into fighting cyber-crime at all levels. Too many local and state plods over here are more interested in shaking down the citizenry with various tickets than in addressing cyber-crime. Cyber-crime fighting is hard work and takes real skill to do well. Writing a parking ticket for an expired meter, not so much.

a_yank_lurker

Trump is not only one. The problem is most politicians are technical illiterates and do not understand how cyber-crime works and that are techniques to fight it. Instead of Trump, fill your local leader and you have the same problem. About the only leader who might actually understand cyber-crime is Putin because his intelligence background.

Pop quiz: Who's responsible for data protection compliance in the cloudy era? If you said 'dunno', you're not alone

a_yank_lurker

I would say compliance is tricky on the cloud because you have to give up some control of the data (e.g. where is physically stored, etc.). But for small organizations the cloud might overall be better for compliance as they are probably weak in IT resources. However for a large organization who can afford the IT resources in house in likely to better for compliance as you have complete control of the data.

Vendor-bender LibreOffice kicks out 6.4: Community project feel, though now with added auto-█████ tool

a_yank_lurker

Re: Access and One Note

The last of couple times I used Access, I found it to be a pain to use but then I have used various RDMSes and can write my own SQL. I haven't really used Base but I remember you could connect it to MySQL or MariaDB. One Note and similar applications strike me as something you use a great deal or not at all unlike say a Writer/Calc or Word/Excel which many do lightly use for personal needs.

Petition asking Microsoft to open-source Windows 7 sails past 7,777-signature goal

a_yank_lurker

Agree with your assessment of the chances of Bloat 7 being open sourced.

The real issue is not open sourcing any Bloat version but what is Slurp's real long term OS plans. As they downgrade Bloats visibility they are implying Bloat's importance is dropping. So what are the plans once Bloat's support cost become too high.

Like its Windows-noob-stabilisers OS, Zorin's cloudy Grid tool is Linux desktop management for dummies

a_yank_lurker

Re: Why bother with the Windows look ?

A better question to ask is, "What is the point of reinventing the wheel?" Zorin and several other projects take the view that reinventing the GUI because you can do it is silly. By keeping a similar look and feel they lessen the learning curve and make the user more comfortable with the distro. There is nothing wrong with the basic W7 GUI layout. Most of the tweaks are more personal preferences than anything else.

Ever wondered what Microsoft really thought about the iPad? Ex-Windows boss spills beans

a_yank_lurker

Then light him on fire.

Little grouse on the prairie: IBM's AI facial-recognition training dataset gets it in trouble... in Illinois

a_yank_lurker

@ Doctor Syntax - What Itsy Bitsy Morons did was not check the law for any restrictions on usage for biometrics. They claimed 'fair use' for academic research which does not apply to the Illinois law. Fair use is a copyright issue and does grant any other rights other than possible protection from copyright infringement. Given the scope of their slurping I am not sure fair use covers them anyway. A model release might restrict the usage of the image and the image is almost certainly released under full copyright not CC. Here again our slurp happy Morons are likely to be possible legal hot water but not under the Illinois law. The Illinois law bans using biometric data without specific (written) consent of the person which the morons obviously never did.

So Itsy Bitsy Morons might actually faced a variety of lawsuits for violations of copyright and various privacy laws. If they were smart, the Morons would have gotten written permission from the photographers to use the images in the project as they are using a large number images. They would have in the communication with photographers ask about locations were the photos were taken. If in a location that has restrictive legislation, do not use them or get the necessary permissions. None of these steps were apparently done. I hope many get a nice chunk of chain from them for sloppiness.

a_yank_lurker

Re: "using photos of millions of people in Illinois without informing them"

The owner of the photographer probably never got permission (or may even know the subjects) for using the photos in biometric scanning/testing. Depending on the shot, any people in the photo may just be unknown locals, good luck getting permissions or identifying them.

The problem is Itsy Bitsy Morons goes off half-cocked too often. Grab a dataset (or photos) from the web without checking the law, copyright, etc. is a good way to enrich someone else at your expense. This particularly stupid when grabbing photos from a site like Flickr with contacting the owner with whatever legal issues you need cleared up. How expensive and time consuming is it to send an email and wait for an answer when this would be a good project for an intern or junior staff member.

Microsoft: 14 January patch was the last for Windows 7. Also Microsoft: Actually...

a_yank_lurker

Re: '... the black heart of Microsoft of yesteryear'

2019 was last year thus yesteryear.

What is WebAssembly? And can you really compile C/C++ to it? And it'll run in browsers? Allow us to explain in this gentle introduction

a_yank_lurker

Better fix, maybe

Instead of WebAssembly which just adds another layer to the mess why not write JS code in Typescript or Elm for example and not directly in JS? It seems one of the major complaints is JackAss Script is a badly designed language. And code written in a badly designed language is likely to have some nasty bugs that are hard to track down no matter how good the programmer is.

Free Software Foundation suggests Microsoft 'upcycles' Windows 7... as open source

a_yank_lurker

Linux, ChromeOS, and MacOs for the dense. </snark>. Which one(s) are suitable depends on the situation. That is primarily dependent on what is available in the OS ecosystem and whether it meets the user's needs.

a_yank_lurker

There are very good alternatives to Bloat for the desktop. The issue is not the OS itself but what the user needs to do and can that be done easily on an OS other than Bloat, different issue. The OS name is a synonym for the ecosystem built up around it. When most are talking about issues with using a different OS they are actually talking about differences in the ecosystem not the OS. So whether one really has a choice depends on whether the ecosystem has the software one needs.

a_yank_lurker

Re: Do they know an open source Windows would be the death of Linux?

First, there are licensing issues with parts of Bloat that are licensed by Slurp which would probably kill open sourcing Bloat from the start. Second, it would seriously hurt Slurp as there would be less reason to use Bloat10 with the possibility of many ditching Bloat10 for a FOSS version of Bloat. Give me a FOSS version of Bloat7 and I might keep a Bloat box around and on the Net (my current Bloat box is permanently off line).

Now how much it would hurt Linux, on the server side probably not that much as Linux is very well entrenched there. On the desktop side, this is where we are navel gazing. I tend to think it will slow the adoption of desktop Linux but not stop it. Part of the reason to move to desktop Linux is the antics of Slurp and the general PITA Bloat is (with 10 being the worst). This would not change if there was a FOSS version of Bloat.

It's good to talk: Union says IBM failed to consult system support techies as Scottish Power contract nears end

a_yank_lurker

Re: Well IBM is one problem

Once an organization reaches a critical size it should bring functions like IT in house if they are not already. As the organization grows its internal complexity requires an internally developed/modified solution that is best handled internally. Scottish Power sounds like an organization who should have an internal IT staff.

Rockstar dev debate reopens: Hero programmers do exist, do all the work, do chat a lot – and do need love and attention from project leaders

a_yank_lurker

Rockstar Devs?

In any organization there are people who have key domain knowledge and are very skilled at developing software. This would make them a local 'rockstar' as they have the knowledge and skill to understand the problems and figure out possible solutions quickly. This has been noted by many above. Anyone who joins the team has some learning to do whether it is domain knowledge and/or programming skills.

The problem with the 'study' is not that a project does not have a few 'rockstars', they do. But it is both the domain knowledge and skill that makes one a rockstar. The assumption most make is a rockstar dev can be parachuted into another project with very little domain knowledge and excel; not going to happen. IT is not like playing a musical instrument or a sport where changing bands or teams does not have a steep learning curve.

Also, most real rockstars devs I have met were rather unassuming not egotists that is implied by the term.

Beware the Friday afternoon 'Could you just..?' from the muppet who wants to come between you and your beer

a_yank_lurker

I do not mind working on friends and family computers with on proviso, I get something in return for my time. Money, beer, food are all acceptable payment.

Beer necessities: US chap registers bevvy as emotional support animal so he can booze on public transport

a_yank_lurker

Re: You gotta shoot...

He could have mentioned ButtWiper aka Budweiser an infamous swill.

Ooh, watch out Google. You've got competition. Verizon has a new 'privacy-focused' search engine

a_yank_lurker

Re: irony or sarcasm?

Or they are getting scared of the GPDR fines perhaps.

One-time Brexit Secretary David Davis demands Mike Lynch's extradition to US be halted

a_yank_lurker

Re: Would you trust a USA court ...

No because it would embarrass Silly Valley as a bunch mostly incompetent frauds.

Judge snubs IT outsourcers' plea to Alt-F4 tougher H-1B visa rules: Bosses told to fill out the extra paperwork

a_yank_lurker

Aahh so sorry

The fact H1-B visas have been abused for years by Silly Valley and other assorted criminals to circumvent hiring qualified US workers at US market wages has been known for years. That Donald as part of his immigration control efforts decided to address this is not surprising. The effects of abusing the immigration system over here has been angering many who have often been directly affected. What the frauds and felons failed to realize is abusing the system will be stopped whether by Donald or someone else who has pair to go toe-to-toe with them.

Given the horror stories of the woeful skills of many of the H1-B hires it makes me wonder if the frauds and felons would have been wiser to higher a US worker with minimal skills and train them.

Chrome suddenly using Bing after installing Office 365 Pro Plus... Yeah, that might have been us, mumbles Microsoft

a_yank_lurker

Slurp -

Slurp should prepare to open its wallet for some massive fines and damages. First you have fines for anti-trust behavior worldwide and someone will nail them for a sizable donation to the treasury. Chocolate Factory probably has a torturous interference lawsuit for this as the users are not choosing the change but are being forced to accept it. Again another very sizable donation.

This confirms too many that Slurp's is at least as evil as the Chocolate Factory if not more. But one can avoid the Chocolate Factory with some effort and definitely minimize what the Chocolate Factory is used for. Slurp, being an OS vendor as well as an office suite vendor, is much harder to avoid and their antics are harder to defend against as it is part of an 'update' (or more accurately downgrade).

LastPass stores passwords so securely, not even its users can access them

a_yank_lurker

@phuzz

The main reason I use a local password manager is it can generate a complex password of any length I desire and then store. By default I do not use phones, tablets, or even laptops to access any important account so they do not have the passwords stored on them nor do they need any syncing.