A reader on call takes us back to a bygone era, when Blighty's brass lived in a wood-paneled office, and the air was filled with smoke and World War II anecdotes. Welcome to inquire.
Our story takes place in the 1980s. At that time, the era of officers serving in World War II was coming to an end, and computerization was slipping into departments that have so far relied on labor.
The registration reader "Nigel" is processing software updates for certain Department of Defense (MoD) suites. "The software," he said, "is a modified and secure version of Unix that ported Uniplex to the Honeywell Bull XPS-100."
For those who are not familiar with beasts, Uniplex provides a set of integrated office tools, including word processors, spreadsheets, and calendar applications. Long before Microsoft Office became the behemoth of today.
One of the differences is the security category selected when logging in. The selection can be equal to or lower than the user's maximum authorization. It is convenient to ensure that the right eyes see the right documents and Microsoft's recent Azure Information Protection emissions remind Nigel of the cause of events that occurred decades ago.
However, when inquiries started pouring into the help desk after the upgrade over the weekend, this choice was the last thing Nigel worried about. "Why does the printer print "Uncategorized" at the bottom of every page?" is an example.
There is no prize for guessing what the upgrade has done. It is clearly doing its job, even if its meaning is clearly not understood.
By Tuesday morning, a large number of complaints had piled up, mainly about unclassified printing, but there were also complaints about other classification levels. Nigel is on call, so he has to deal with them.
"I picked the highest-ranking person-a deputy air marshal-to visit first," he told us. "In those [unenlightened] years, there was a'Miss Moneypenny' sitting in the office outside in senior positions," he recalled. "They are wonderful ladies, many of them started working in the Ministry of Defense during World War II."
"When I was in my 20s, they used to treat me like their son," he told us.
Nigel was led into the office and found that the deputy marshal of the Air Force was having in-depth discussions with an Air Force Brigadier General. Coincidentally, he was also confused by the "uncategorized" label. Through the pipes and cigarette smoke in the oak paneled room, Nigel found the source of the problem. The official has typed a letter for his golf clubs and does not want to display "Uncategorized" at the bottom of the page.
"Ms. Moneypenny" smiled knowingly after hearing the explanation. For years, the police officer had been dictating letters to her, which were then typed out by the audio typist’s typing pool. The reality of switching to Uniplex was barely noticed by Brass, until the update started to slap "unclassified" on everything.
Rules are rules, and Nigel is not allowed to disable tags. At least, not at first. Until the complaint intensified, the decree was issued: turn off the "unclassified" label. Peace came again.
"At our monthly project review meeting with the Department of Defense, this became an agenda item," Nigel told us. "I don't think any of them realized how many personal letters passed through the typing pool.
"I don't think we use this as a cost-saving measure..."
After the weekend update left users at a loss and confusion on Monday, we all had to answer the phone. However, during your support period, have you ever had to deal with situations where the old world breaks into the new world? Tell your story to On Call via email. ®
The Emotet malware delivery botnet is back, almost a year after law enforcement agencies boasted of shutting it down and arresting operators.
The Internet Storm Center (ISC) of the SANS Institute was one of many organizations that confirmed overnight that the spam-based malware delivery network was back online after a police raid on its command and control infrastructure in January 2021.
Brad Duncan of the organization described in detail in his blog that ISC saw emails with malicious Word, Excel and .zip archives spreading in the wild: "These emails are all used from stolen The spoofed reply to the data in the email chain is probably the owner collected from the previously infected Windows."
Google Cloud suffered a brief outage, which seems to have caused a large number of websites that rely on its system to be paralyzed or interrupted.
If you are having trouble visiting retailers such as Snapchat, Discord, Spotify, Etsy, Home Depot, and other retailers today, this may be the reason: Google Cloud’s network infrastructure is malfunctioning, causing the website to throw a 404 error. Netizens find that they cannot log in or use certain services normally.
The good news is that so far, the IT failure has been resolved, and sites using Google's cloud-based load balancer should be able to run again.
Both AlmaLinux and Rocky Linux provide community versions of Red Hat Enterprise Linux (RHEL), and they have released versions that match RHEL 8.5. Rocky's work is to catch up with Alma by signing secure boot.
Potential CentOS alternatives AlmaLinux and Rocky Linux closely track RHEL. The difference from CentOS Stream is that they are designed to be binary compatible with RHEL, which is the upstream of the Red Hat commercial distribution.
In other words, CentOS 8.x is still the old model, and CentOS 8.5 can also be downloaded, even if CentOS end of life (EOL) is December 31, 2021.
Northrop Grumman has formed a team to design a new lunar rover.
There are three lunar rover left on the moon, all of which are low mileage and only a few cautious drivers. However, half a century has passed since the last wheel.
NASA plans to send astronauts back to the lunar surface in the next few years (in 2025, if you ask the agency, if you ask its supervisory agency, it will be a long time later), and the required part of the infrastructure will be a new one Rover.
GitHub said it has fixed a long-standing issue with the NPM (Node Package Manager) JavaScript registry that allows attackers to update any package without proper authorization.
Chief Security Officer Mike Hanley released news about the issue yesterday. Security researchers Kajetan Grzybowski and Maciej Piechota reported the issue on November 2 and fixed the issue within 6 hours. The impressive speed contrasts sharply with the length of time the vulnerability has existed, and is said to be longer than "the time frame of available telemetry that we can go back to September 2020."
The vulnerability is based on a familiar insecure model in which the system correctly authenticates the user's identity, but then allows access beyond the user's authority. In this case, the NPM service correctly verifies whether the user has the right to update the package, but "the service that performs the underlying update of the registry data determines which package to publish based on the content of the uploaded package file.
Two large real estate investment trusts (REITs) focused on data center construction, management, and financing will all be taken over in acquisitions of more than $10 billion.
In the first transaction, private equity investor KKR and investment institution Global Infrastructure Partners agreed to acquire CyrusOne in a $15 billion privatization transaction.
CyrusOne mainly manages DC headquartered in the United States, but has a large number of shares in Europe. It designs, builds and operates more than 50 high-performance data centers worldwide. The company owns properties in the United States (with over 102 acres of hosting space, 83% of its revenue) and Europe (17% of revenue, 99% of which is leased).
Mozilla hopes to upgrade the monetization machine through the paid premium version of its Firefox Relay service, increasing the current limit of five email aliases to a nearly unlimited number.
Firefox Relay hides the user’s real email address behind the alias to protect the user’s identity and protect their inbox from spam. Firefox Relay is a relatively simple system that can send and forward incoming emails from the user's alias email address to the primary email address, which means that the primary address will not be snooped in favor of the alias.
Relay appeared in beta form last year, and if all this sounds familiar, it should be. Tech giants have been working hard to solve this problem. Apple recently added an option to hide my email to generate a random email address and forward the message to an actual address.
After the Ministry of Digital, Culture, Media and Sports (DCMS) proposed a mandatory implementation of the network assessment framework compliance plan, the government's crackdown on the UK's MSP security practices is getting closer.
Digital Minister Julia Lopez said in a statement: “We are taking the next step in our mission to help companies strengthen cyber security and encourage companies across the UK to follow the recommendations and guidance of the National Cyber Security Centre to Protect their business." Digital footprint and protect their sensitive data. "
In the medium term, some form of NCSC-accredited certification for managed service providers (MSP) and cloud companies seems likely to become mandatory. After the government consultation in the summer, they asked for opinions on the independent supervision of MSP.
After the preliminary investigation found a negative impact on chip design choices, the British government has asked the Competition and Markets Authority to conduct a more in-depth investigation of Nvidia's $40 billion acquisition of Arm.
The competition regulator reported its findings in the first phase of the investigation in July. In the investigation, it received "detailed and reasonable submissions from customers and competitors, which has attracted attention in many markets." The full report [PDF] was released today.
CMA stated that they are concerned that the combined business "has the ability and motivation to impair the competitiveness of Nvidia's competitors by restricting access to Arm’s CPU IP, and weaken the interoperability between related products, thereby benefiting Nvidia’s downstream activities. And increase its profits."
Cloudy data processing program Snowflake has added Python support to its "Snowpark" developer kit.
Clive Astbury, sales engineering area manager, told The Register that customers expressed frustration about the need to export data from Snowflake to use popular programming languages. Adding language support solved this problem. Snowflake worked with Anaconda to access pre-decorated Python libraries, hoping to reduce dependency problems.
Snowpark development kits have also gained the use of Java Functions to enhance their ability to process unstructured data (videos, pictures, and documents), so they can also be fed into Snowflake's analysis and ML engines. Another new feature is a stored procedure, which allows code to run inside Snowflake instead of an external client.
Although it pales in comparison to the bloodthirsty seen in the story of "Mortal Wombat" last year-it is said that this is only a marsupial who is crazy about a family in the outback of Australia-but in New Zealand, an opossum kidnapped a female" "Hostages" are equally absurd.
Please note that this is not a saber-toothed death rat native to the Americas, also known as an opossum, but a cute, Yoda-like, otherwise completely harmless Australasia phalanx.
The Register-Independent news and opinions from the technical community. Partial situation release
Hand biting IT © 1998–2021