Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment Re:What would be the motive to submit such junk? (Score 2) 91

I've seen exactly this from supposedly respectable pen-test teams. Their recommendation was not to "yum update httpd" but just to go to apache.org. As if visiting the website was all the instructions they would ever need to provide. I was f**king livid. It got worse when I found they had left "bitcoin ransomware files" on the server. Yes the pen test team had credentials (some tests were 'white box' style ) so them gaining access wasn't a problem, and I'm OK with them being a bit irreverent but to not even put their name and email in the note was completely unprofessional. We nearly wiped the entire platform thinking we'd been hacked for real during the pen test. The guy responsible _and_ his manager got a severe bollocking when the truth got out.
Oh and they left a process running on one of the physical xeons listening on a certain port and running whatever you sent there as root. There were so many cores you couldn't see that one was pegged at 100% without looking carefully. I only spotted it from the command history which shows they don't clean up after themselves there either.
All future pen test discussions began with "so tell me what I'm going to see in my logs and how you're going to clean up after yourselves".

Comment Similar story at BT (Score 5, Interesting) 141

They have a "3 Together 2 Wherever" rule which is 'advice' right now but becomes 'policy' in the new year. The biggest push-back isn't from people who want to continue to work from home, most of us _did_ work in the office in the before-times after all. No, the biggest push-back is from people who are OK with the 3 days a week but want to know about corner cases:
What if I have a bad cold and could work from home but don't want to infect my colleagues?
What if there is literally nobody in my team in the same office so I'm still putting a headset on to talk to someone far away?
What if I need to use a non-corporate laptop (a "dev laptop") to do actual proper technical work and find that I'm outright forbidden from using the office wired lan and the small print of the wifi forbids me using that as well - so do I just down tools on those 3 days in the office?

Of course, HR are as useless as a chocolate teapot over this, their responses (when we get them) are scattered around various FAQs (falsely anticipated questions) and emails and often don't answer the actual question and continue to talk about 'opportunities for collaboration'. In one case the response was an email containing a screenshot of text which is not searchable and probably in breach of accessibility laws.

Comment Amazon can't get obvious recommendations right (Score 1) 76

If I have bought every previous album from a band though Amazon then one of the very few times I actually want targeted advertising is for when the band in question puts out a new album.
Yet there are numerous examples where I've only found out several months or a year later.
If they can't get this seemingly obvious thing right then there's no hope that any of these agents will be in any way useful.

Comment Instead of "lessons learned" (Score 1) 108

Instead of "lessons learned", I've been calling it "instructions ignored" for years now.

When you are 'forced' by manglement to cut corners for cost or time reasons etc despite saying to them this is a risk then it really [*****] me off when there's a post project lessons learned session and all the same things come out.

Comment No signal for the ticket app (Score 2) 75

If earth venues can't install a femotcell in their deadspots so the frickin ticketshafter app can get a signal to show the barcode (all for my convenience, remember) then sure, you can hold a concert in orbit, but nobody can get in.

But more seriously, there are far better payloads to put into space and far better ways to support live music of all kinds.

Comment and the one time you want targetted ads... (Score 1) 106

well, for me at least, is when I've bought 5 previous albums from a certain band through Amazon and there is a new one out soon. Amazon has all the data and all the incentive to say "Hey, new album coming soon, do you want to pre-order"?
But no, they can't even get that part right.

Comment Local wireless comms to power socket adaptor? (Score 1) 146

So I can understand that this might not be legal no matter how safely someone builds this (maybe? this is electrical stuff so I've no idea what the exact laws are), and I can understand that power socket accessibility might be hard once the appliance is in place due to the layout of your room. But having a gizmo that you put in the dryer that talks to a smart socket inline adaptor (a bit like a timer socket) to kill the power to the dryer once the clothes are dry would be an 'upgrade' that might have merit for some people.
No, it wouldn't alert you when it's done but it would stop you over-drying your clothes and you'd need to manually flip the switch to re-enable the socket when you next loaded the dryer of course. It would be 100% compatible with all makes and models and no need to access any interwebs.
Additionally there's probably a denial of drying attack if the comms aren't suitably encrypted so at least we'd get an amusing Black Hat talk out of it.

Comment Re:Hot with pathogens (Score 1) 69

At a previous employer using a laptop keyboard was explicitly banned if you were at a desk. You _had_ to use a proper external keyboard. They would just about allow you to walk up to a laptop in a lab environment and type a few commands directly and walk away, but any 'prolonged' stay needed a separate keyboard.
This worked both ways of course. You could always expect to be able to get a new keyboard, mouse, wrist-rest, foot-rest etc at short notice if you needed one.

Comment Re:Hot with pathogens (Score 2) 69

My first thought on reading this story was about where to keep my keyboard/mouse etc. I'm no neat-freak but for a long time I have said that DSE [1] needs a hygiene section because of how gross keyboards can get. I would have thought that a post-covid world would heavily discourage and possibly outright ban shared keyboards - which means everyone needs a suitable locker for their kit.

[1] If the acronym doesn't translate. Display Screen Equipment. All about monitor and keyboard placement and good posture in your seating position.

Comment Re:What's the problem? (Score 1) 104

A previous employer used to hold the monthly team meetings where all the 'corporate' stuff was covered during the lunch hour. As compensation for taking up the lunch break they used to feed us. We got a free buffet of reasonable quality and management got to do the meeting without it taking up time that could be charged to customers. All round it was considered a win. There wasn't pressure to attend but just about everyone did unless they had a pressing reason not to.

Comment Re:Arthur Brown (Score 1) 196

Sometimes. I saw him support Alice Cooper at the Ali-Pally a few years ago (just checked and it was 2011, crikey) and yes he did then. But I saw him at a smaller venue in 2016 and no, he didn't that time. Changed outfits about 12 times though and still moved around like he did on _that_ B&W video of Fire from 1968.

https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fwww.flickr.com%2Fphotos%2F...
https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fwww.flickr.com%2Fphotos%2F...

I still might go to HRH Prog, there are several bands on the lineup that I like lot.

Slashdot Top Deals

When in doubt, mumble; when in trouble, delegate; when in charge, ponder. -- James H. Boren

Working...