Wednesday August 8th, 2018 11:10 Affirmative security defense FTW

I didn’t notice this until the election coverage last night brought it bubbling up, but it appears that Ohio has created an affirmative legal defense for data breaches in cases where the company took the reasonable steps necessary to protect themselves.

Computer law badass Sharon Nelson has more detail and insight on this, but generally reaches the same conclusion I did:

About damn time.

Let me explain. No, there is too much. Let me sum up:

If you’re the sec person/on the sec team and you’re all

but then some attackers come at you like

and they’re really clever, so you go

then your users are all

but you show them this new law like

and the lawyers got your back, tellin users

so your company can be all

In: Computers, News, PoliticsNo Comments

Wednesday April 11th, 2018 15:20 Fundamental Facebook filing flub

Mmmmmm…the alliteration.

But seriously, folks. A lot of people have been spending the last day and a half looking at or talking about this guy:

105122436-GettyImages-94438

There’s been an incredible amount of discussion of social responsibility on the part of social networks, whether social networks should be regulated, if social networks have become ubiquitous enough to warrant a government-sponsored takeover, and blahblahblah.

One problem: Facebook is not a social network.

Say it with me: Facebook is a market research and advertising platform.

It’s just one that conducts its business in an, honestly, revolutionary manner. Ol’ Creeptastic got the people to come to the advertising, instead of the other way around. That’s bloody brilliant.

Sure, it started as a ‘social network.’ But we didn’t even have the term back then. By the time that existed, FB had long since ceased to fit in the mold.

Take, for example, the subject broached by Sen. Chris Coons. He mentioned the fact that it took an entire year for FB to properly remove the options for advertisers to choose the race of the people they wanted to see their advertisements.

First off, I can’t take another breath without jumping for joy that not only was it Captain Cracker McGingerton who brought up FB’s tacit support of racial discrimination, but his name is Coons. Can’t make that stuff up.

Now, I am no longer a developer, nor was I ever on the level of Zuck or probably anyone that works for him.

But I know damn good and well that, at a social network, this is how things would go:

  1. Controversy begins, and eventually goes as far as to appear on TV news
  2. CEO sees controversy
  3. Every dev in the entire company gets an email to remove the federal-law-breaking feature from the site immediately
  4. That tick box is gone within the hour
  5. CEO goes on TV and says he’s sorry, this has been removed, and everyone involved has been fired

Conversely…

On an advertising platform with a massive global presence, it might take a good while for them to plan out how to remove that feature without losing too much revenue or pissing off the wrong people. A year sounds about right.

There is absolutely no possibility that this was a technical problem. The advertising part of FB is little more than a machine that prints money. There’s no old code sitting around. There’s no quirky workarounds that might throw things off. That thing is kept in perfect working order 24/7/365.

So, they could have stopped openly flaunting discrimination laws. They just didn’t didn’t do it right away.

This clearly shows that ads, not users, are the core of not only their profit strategy, but the company as a whole. You don’t risk openly breaking federal laws otherwise.

Thus, an advertising platform.

If we could just start thinking about it like that, all of these conversations will get a whole lot easier.

Also, if people could start dealing with the fact that, complicated TOS or not, they voluntarily agreed to let FB do every single thing they’re currently doing, that would help as well.

In: Computers, News, PoliticsNo Comments

Friday March 9th, 2018 16:21 Don’t care for Apple devices, but damn that manufacturing….

The battery swelled on this thing, so I put it in salt water to neutralize before tossing it. This shot is from 24 hours later, still underwater:

IMG_20180309_160034
(Click to embiggen)

In: ComputersNo Comments

Thursday February 22nd, 2018 15:26 Cisco Easter Egg

Just poking around at IP phones today when I ran across this device:

2018-02-22 15_22_55-Cisco IP Conference Phone 8832 - Cisco

If you look real close, you will see that the person they are calling is none other than:

Neu im Kino: TragikomĖ†die "Rushmore" mit Jason Schwartzman

That is all.

In: Computers, Music/Movies/TV, OtherNo Comments

Wednesday February 7th, 2018 12:08 A new Win10 update is borking domain machines; here’s how to fix it

So far this week, I’ve had three different users looking down the barrel at a BSOD after they did exactly what I asked by running a once-weekly reboot.

Win 10 hasn’t given me a lot of BSOD problems, and most of them have been a simple reboot and things were done. But this sum’bitch right here is nasty as hell.

You’ll end up with an infinite restart loop after a benign reboot – this is your warning sign that this is going to hurt.

asplode

Let’s not muck about with why or how this happened (might be this). Here’s what to do:

  1. Go into restore and pick the latest point you can find. Thankfully restore only messes with installed programs anymore, so it’s easy enough to deal with anything lost after this step.
    • At this point a domain machine will do the first fun thing, which is have a broken trust relationship, even if the restore point was from that same morning
  2. Log in with a local account
  3. Discover that, for no fucking reason at all that your local admin account is now a guest account
  4. Grab (or create if need be) a usb installer for Win 7/8/10 – all will work – and boot to that
  5. Use the Utilmon.exe replace trick (detailed in answer 2 here) and use that to enable the built-in administrator (or change the account type on the existing login)
  6. Sign in as administrator and give admin rights back to your other local account
  7. Unjoin the domain
  8. When that mysteriously fails, open Local Security and go to Local Policies -> User Rights Assignment and re-add your locals to the Back Up and Restore lists, which are now exclusively populated by de-coupled GUIDs
  9. Reboot, unjoin domain again, reboot, rejoin domain, reboot
  10. Drink. Heavily.

My second go at this went a lot easier than numbers 1 and 3, so you might get lucky and be able to skip a few steps. But don’t expect it.

Good luck, kids.

In: Computers, How ToNo Comments

Tuesday January 2nd, 2018 16:43 First thoughts of the new year

I was configging a workstation on the Dell site, just to see what the price would be, when I noticed that selecting the ‘no mouse’ option enabled the following spec code:

nomse

And now, all I can think about is this:

Perhaps 2018 will be an improvement.

In: Computers, Music/Movies/TV, OtherNo Comments

Wednesday September 6th, 2017 09:57 Chimpcrosoft 101

Seriously, I keep telling people this, and they think I’m joking. It seems stupid, but there are real technical reasons why it works so often.

MS_101_chimp

p.s. SMBC is awesome and you should give them some of your money.

In: Computers, How ToNo Comments

Tuesday May 30th, 2017 15:54 Your things belong to you now (some of them, at least)

Big news, via the EFF.

Finally, a court has stepped up to knock down the notion of companies owning not only patents but consumers’ decisions over what to do with their own property.

trebek

In this instance, we are only talking about the right to refill printer cartridges. But the breadth of the ruling is sure to seep into other aspects of technology bemired in the overreach that is a company daring to tell me what I can and can’t do with something I already paid them for.

It’s the government’s job to pointlessly flail about trying to do that.

In: Computers, News, PoliticsNo Comments

Tuesday May 30th, 2017 12:55 Truth

As seen on teh intertubes:
1pz3ft

In: ComputersNo Comments

Tuesday May 16th, 2017 22:55 Veeam “Failed to create Hyper-V Cluster Wmi utils: Failed to connect to WMI on host” Fixed

Yes, I know I should be beaten with the SEO mace for that post title. It’s intentional because I spent entirely too much time on Google trying to use the actual error code as a guide to find the source of the error. Stupid me.

Nearly everything I could find that was specifically related to Veeam either provided L1-phone support answers or only contained part of the reported error1.

That said: If you’re seeing that particular error, the actual problem has a high probability of being a simple fix. And here’s how that goes.

1. Forget about Veeam. That’s most likely not your problem, even if it’s happening on every job. It’s WMI itself.

22. Open WMI management on your Veeam server. It’s under start if you just type “wmi” or you can load it from MMC.

3. Right-click “WMI Control” – should have “(Local)” next to it at this point.

wmi

4. Check the properties to make sure it doesn’t say RPC Server unavailable. If it does, go to another server (that isn’t failing backup – hopefully you’ve got a standalone DC) and start over until you get a result with some basic sys info and a version number.

5. Close that window and right-click control again, but this time connect to another server.

6. Put in the name of the server that is failing backup and see what happens. For me, I got a positive result.

7. Now put in the IP of that same server. For me, RPC fail.

7.5 If those two things don’t happen, sorry. This procedure will probably not help you.

8. Given that scenario, connect to a DC that handles DNS for your domain.

9. Check the reverse lookup entries for the server failing backup. If you’re not seeing the correct name next to the correct IP, put it in there and delete any other reference to either (assuming they’re not accurate to another NIC’s IP, of course).

Be thorough. If someone gave a host a name outside the netbios limit and there’s a shortened entry, get rid of it. Only leave the un-suffixed FQDN entries. Check other subnets too.

RDNS is not something most of us clean up regularly, and conflicting entries can bork things.

10. Redo steps 5-7 from your step 4 server, connecting to whichever one(s) Veeam errored on. Remember to flush the DNS first. If good info now appears, you should be able to hit retry on the backup job(s) and walk away.

Hope that helps some other poor schmuck out there. No need to thank me; just remember to write it up when you solve your next annoying problem. Beats going begging to reddit.

1. Almost all of the posts had error messages that ended in some iteration of ‘bad credentials.’ Seriously, how are you employed if you needed to look that up?

2. This can also be done via CLI. This guy has a cut-and-paste-ready command.

In: Computers, How To(3) Comments

Whois

IT guy, dev, designer, writer.

Got a degree in print journalism from UF but history dealt some bad cards to that industry, so I moved back to an earlier love: the computer.

Was recently at ZMOS Networks, but am now the Senior IT Associate at the Edna McConnell Clark Foundation.

My name is moderately common, as are a couple screen names, so always look for the logo to make sure you're reading something with official Km approval.

You can get to me directly with kyle(@)kylemitchell.org