"And he wonders if she wonders that he wonders about her" Below are the 10 most recent journal entries recorded in the "Any sufficiently advanced Political Correctness..." journal:

[<< Previous 10 entries]

January 19th, 2037
04:14 am
[User Picture]

[Link]

Journal is moving to DW

(1 comment | Leave a comment)

November 12th, 2014
04:05 pm
[User Picture]

[Link]

We now call it the "Chanel" ..
.. vulnerability - because this is the year where every damn vulnerability needs a media-compatible catchy name, and the other option we've seen would've been "WinShock" - it's in the Schannel component, and if you pronounce that like a German would ...

Anyway, it's actually critical, and will fuck over backwards all your Windoses. Maybe even the stuff that doesn't use TLS/SSL, there's some discussion about that right now, but the matter will probably only be settled once the expploits are out and can be reverse-engineered.
Also definitely worm potential in there (think slapper, conficker).

German-language warning & blog post. SANS ISC has an english-language post about this.

Original post is at http://rbarclay.dreamwidth.org/603300.html, and has comment count unavailable replies. You can reply there using OpenID.
November 4th, 2014
11:10 am
[User Picture]

[Link]

If I still lived in the city proper, I'd have a drink now
SWMBO just called to tell that she passed her big test, for which she studied the last 1.5 (or 2.5, depending on how one counts) years.

(As it is, no drink for me yet, as I still have to drive to pick her up.)

Original post is at http://rbarclay.dreamwidth.org/603006.html, and has comment count unavailable replies. You can reply there using OpenID.
November 1st, 2014
11:32 pm
[User Picture]

[Link]

Well, that was strange
Wednesday I went to lunch with a couple colleagues. One of 'em was playing with his Crackberry, and noticed a mail "X was just let go, all access removed, his duties will be taken over by Y".

Uh, WTF? Not that I liked X very much, and I did do my share of listening to his underlings complaints (we're techies - we tend to rant to each other; also, we're all nicotine-addicts, so we communicate more than our more health-conscious colleagues). But still, we're a small company (some 30ish people), and this is a first for me (there was something relating to a criminal offense, but that was before my time here).

Thursday was hectic (we took part not only in this exercise but ran 2 local exercises as well on that day), so it got to Friday until I got a bit more of a picture. Seems there was a Talk(tm) with manglement a month ago, where at least 2 of X's underlings threatened to go look for work elsewhere.

Taking that, the rants of his underlings and the perceived general stress level in his group into account, yeah, I can see why the decision was made. Still a bit of a shock, especially because this company always seemed like a pretty sheltered place ("Geschützte Werkstatt" in local language).

Original post is at http://rbarclay.dreamwidth.org/602702.html, and has comment count unavailable replies. You can reply there using OpenID.
October 29th, 2014
05:40 am
[User Picture]

[Link]

It's that time again - free (as in beer) games
1x Shadowrun Returns, 3x Risk Of Rain, free for the first folks who yell (yes, from the last Humble Bundle. Must probably have a Steam account.)

Original post is at http://rbarclay.dreamwidth.org/602433.html, and has comment count unavailable replies. You can reply there using OpenID.
October 5th, 2014
08:25 pm
[User Picture]

[Link]

But Windows is more user-friendly!
Today I had the pleasure of setting up a new PeeCee for the sister-in-law. And since she wants "what I have at work", Windows 7 is what she gets.

Popped in the DVD, clicked "ok" a couple times, rebooted, looks fine. Just that it doesn't work - no network, no USB, and a completely distorted 800x600 screen (stretched to 1376x774).
Oh, great, now I get to hunt for drivers. On a different machine. Ok, pop "drivers" plus machine product code into Google, hit the relevant HP site, download everything that's there, and then try finding a DVD that's actually still writable. Because, hey, USB! Tech from The Future! We don't support The Future on hardware that's been put out 2-3 years ago.
Copy everything over from the DVD, start installing. Only that 3/4 of the drivers don't work because "your system doesn't meet minimum specs". But at least the WLAN driver did install, so there's network goodness now. Just that it's so slow I feel like back in 28k8 modem days. Grabbing 30MB for the LAN driver took some time, but it came through eventually, so I could run a cable from the nearest switchport - handily located in the WLAN AP on the ceiling there, just have to make sure noone runs into the cable...

OK, "activate" Windows, then hit Windows Update. Cool, only 7 updates, which download&install with nary a reboot, then think "hmm, IE8 is a bit shoddy, better grab whatever's new". An hour later, IE11 was installed. Since I installed a different fucking web browser, of course now it's reboot time.
While I waited for IE11 to finish installing, I also installed Security Essentials, let it do a scanning run, everything's peachy.

Notice that the clock seems a couple minutes off, so set it to sync to time.windows.com. Which mostly timeouts, so in the end choose time.nist.gov from the nice dropdown menu, which at least works.

Hit Windows Update again, umm, 147 updates now. This might take a couple minutes, but since I'n now off WLAN download speed doesn't suck. Or so I thought, because now Windows Update doesn't work. Just sits there going "0kb downloaded, about 0% done".
Hmm, maybe I got me a virus or three from the HP website? Better install a different AV just to make sure. Grab Avira, as that's what we use at 'ork. No malware found. Whatever.

Install Firefox, LibreOffice, VLC and (premonitions...) TeamViewer.

Think about the 800x600 screen. seems it's some Intel on-chip thing, hit Intel.com to look for a driver. Hey, they have a thing that can scan your system and select the correct driver. Needs ActiveX, so use IE. But the thing crashes IE, so install a JRE and try with Firefox... and it crashes FF. Didn't try with Chrome.
NoScript FF and look for hints on the mighty Google. Many, many senseless forum posts later find out which driver to actually use (it's a version from 2 years ago), and, hey, the full 1376x774 resolution. Joy! And only 147MB for a video driver, basically nothing.

Phone a Windows admin friend, get hints to some FixIts, install those, and manage to get 13 of the 147 (only that sometimes it's just 146 or 141 updates, depending on, well, something) updates installed. Now Windows Update doesn't work. Again.

Pop in a 2-3 years old Knoppix, everything Just Works. clamscan doesn't find anything wrong. WLAN speed is perfectly fine, it's just the AP that limits it to 54MBit/s. There's a USB stick on the table, what's on it? Couple movies ... so I just settle back and watch Blutrausch.

My suggestion for user-friendly computing experiences: any Linux distro. Or maybe one of the BSDs.

Original post is at http://rbarclay.dreamwidth.org/602193.html, and has comment count unavailable replies. You can reply there using OpenID.
October 1st, 2014
08:05 pm
[User Picture]

[Link]

About why I'm 80% offline and what I'm doing about it
TL;DR: my main swerver at home will get new IP addresses in the near future, I already know the IPv4 address. And once it gets that, it'll be reachable again - not only, but also, for news peerings. (Must get b***net fix! Also, access to my email would be nice - but I gots me a backup MX and will go the OpenVPN route tomorrow.)

Background: two weeks ago, IPv6 stopped working for me. The ISP claimed that the incumbent telco (which provides my physical DSL, and hands over my data as PPP/L2TP to my ISP) was "shaping out" my IPv6 packets, and
"very sorry, nothing we can do on our end". Now, I got my IPv6 packets via a (Linux speak) v4tunnel instead of natively, so, erm, no, I don't believe that the incumbent is somehow filtering through IP and L2TP and
PPP and IPv4 just to get at the giant bandwidth problem that are IPv6 packets.

Then, 2 days later, my (incumbent-provided) CPE started to get flaky, most of the time it wouldn't even answer ARP requests for its LAN address. Took my ISP 5 days to believe me and to send out the incumbent
with a replacement. 80% packet loss (average over ~ a week) is _not_ funny.
I had Strong(tm) words with my ISP that I wanted the new CPE to come pre-configured for my static IPv4 addresses (a lowly /29, but that's sufficient for home use), they told me that it'd happen, but of course it didn't. A bit of trial&error showed me the web-interface of the CPE at a couple RFC1918 addresses, but my lowly privileges didn't suffice to be able to turn off NAT+DHCP, so I was stuck with that (and still am - fucking NAT!).

Again, 3 days until my ISP deemed to provide me access to someone who was able to at least understand the problem. "Very sorry, the incumbent doesn't provide even us with admin privileges for the new CPEs, so
there's no way to route you your static IP addresses, and you'll just have to live with the NAT. kthxbye. ".

And _then_ it still took two days, plus inside connections, plus an email from my fucking _lawyer_ to get them to accept that not providing the services I pay for means termination of contract and that I won't pay them for the rest of the original contract period. What the fuck? To re-use the analogy I used with SWMBO: I pay for 10 apples and 10 pears per day, delivered in a crate, and now they deliver just the crate and expect me to pay up?

Now it's just the details of sorting out a new ISP, but a least I found a small&clueful boutique ISP again. Who has a ratio of hard-core techies to other roles of 1:3, and I know both of the techies from various beerings and 'ork-related business. Sounds about right. (Also, one of them is Clemens Z. - in a pinch, I know where he lives ;) )

(They're also cheaper than my previous ISP. Strange days!)

Original post is at http://rbarclay.dreamwidth.org/602059.html, and has comment count unavailable replies. You can reply there using OpenID.
September 25th, 2014
05:11 am
[User Picture]

[Link]

Cheap, fast, reliable - I'd like to get at least two of those
Last Wednesday, IPv6 stopped working for me at home. Sent mail to the ISP (I get v6 via tunnel from them cause the CPE doesn't support it natively, also I'm an early-ish adopter), got called back from an actually clueful techie, talked, and he concluded that the incumbent telco (last-mile connectivity is provided by them, the ISP gets my traffic as PPP-in-L2TP-over-IP) seems to have implemented some strange filtering. He promises to open a ticket with the incumbent.

Ok, this isn't good, but I can cope. Timeouts for connections from outside, but as that's mainly for SMTP, DNS and 2-3 hits on my website/day, no big deal. I shut down the tunnel interface on my end, so I don't have to wait for timeouts for my outgoing connections at least.

Saturday morning I lost all connectivity. Couldn't even ping the LAN side of my CPE (though it still answered for ARP, if a tad slowly, couple seconds delay). Hard reset, works. Then it was down again. Did some other stuff, and connectivity came back. Then i went away again, though now I could still ping the CPE (line was in sync, according to the blinkenlights). Wanted to look at the web-interface, timeout. Hmm. telnet to port 80 plus 'GET / HTTP/1.0'. After 3 minutes(!) I got back some HTML.
Methinks the CPE is rather b0rken. Since I still have occasional connectivity and hate talking to drones, I send mail to the ISP.

Tuesday a pretty much clueless 1st-line supporter calls me back. I explain and he promises to get the incumbent to send me a new CPE. I warn him that their new CPEs have a not-deconfigurable filter for port 53, and that this is not an option because I run a nameserver here. He tries to upsell me on a Cisco CPE, for just 350 bucks (excl. tax), I decline. He promises to have a superior call me back.

Today I get mail stating that "troubleshooting over email is too much work, call us". I do. To get a different, even more clueless drone, who needed explaining that a /29 is not "one IP". And who claimed that no filters existed on any of their CPEs. Which is correct, but since my connectivity goes via the incumbent, I get the CPE from the incumbent, which does have this filter. He states that there's nothing he can do, and that he'd get the incumbent to send me a new CPE, and that I'd have to "just deal" with what I get. I ask for that in writing, he declines. I ask him to hold for a moment so I can set my phone to recording (which it can't, but whatever), and he hangs up.

So now I wait for my new CPE which will not do what I need, and thus will provide me with the perfect excuse to cancel the account without having to pay through my nose for the stil-running-for-a-year minimum contract period. (Clemens Z. is now part-owner of a new small boutique ISP, which sounds just perfect for my needs - if only I could get out of my current contract without having to pay the early-termination fee...)

Original post is at http://rbarclay.dreamwidth.org/601779.html, and has comment count unavailable replies. You can reply there using OpenID.
September 19th, 2014
10:20 pm
[User Picture]

[Link]

*sigh*
The in-laws tomcat is in his last throes. I'll miss him.

So this house will, much too soon, be completely feline-free. Now, we'd love to give a home to other cats (two seems to be optimal), but the way local animal welfare seems to be going, that's not going to happen. They seem to be bound to have contracts (which you have to sign to get a pet from a shelter) that state that you'll:
- take proper care of the critter (good!)
- that you'll have them neutered/spayed (good!)
- the critter will stay the property of the shelter (hmm)
- they reserve the right to take your pet away for any reason, and won't even have to state it (no)
- that you'll give the welfare org unlimited access to your home "just to make sure" (WT freaking F?!)

Ah no, you won't get access to my home. Just .. no. Why? 'cuz I actually read stuff before I sign it. You will not get access to my property. Ever. I don't care you stating (not in writing, of course) that you'll never abuse this. The mere fact that you want that is completely over the top. Just: no.

In other news, the local animal welfare shelter is on the cusp of bankruptcy (or beyond, depending on whom you talk to).

Original post is at http://rbarclay.dreamwidth.org/601501.html, and has comment count unavailable replies. You can reply there using OpenID.
September 12th, 2014
07:01 am
[User Picture]

[Link]

Ah, that didn't go as planned
Today/tomorrow is our annual company excursion. Which I hate on the principle that it's on our own time (even if the company pays), and attendance is only optional in theory.
This year it's especially bad - we're visiting Budweis (which's cool), but for $reasons we have to meet the colleagues from $faraway halfway, so that we can enjoy a busride together. Now, Budweis is just 2.5-3h from Vienna, but no, we've got to meet in Linz, which adds a nice hour (or two) to the journey. And going back tomorrow would be a 6h journey (and that's only to Vienna, from where it'd probably take me another hour to get home).
So yours truly and a couple colleagues said "well, fuck *that*" and opted to go by car. Pooling, of course. Only that the guy who's supposed to drive called in sick yesterday, so I said that I'll drive.

But just a couple minutes ago I noticed that both my passport and my national identity card are no longer valid, both having expired ~2 months ago.

Upside: I'm not allowed to go. Fine with me.
Downsides: angry boss (both because of my non-attendance, and for the hotel room that's already booked), angry colleagues. And I just hope there's enough space on the bus so they can go anyway, otherwise it's going to be dicey - I'd lend them my car, but I know that at least 2/3 don't have a driving license, and the third's a German, and I'm not sure if I'd be even allowed to lend him my car for a journey into a third country...

Original post is at http://rbarclay.dreamwidth.org/601279.html, and has comment count unavailable replies. You can reply there using OpenID.

[<< Previous 10 entries]

Powered by LiveJournal.com