The lonely tech post thread.

[two sheds]

But according to security expert Michał Zalewski, about two years ago a developer “with no prior online footprint” and calling himself Jia Tan appeared out of the blue and started making helpful contributions to the XZ Utils library [linux file in almost universal use]. “Shortly after the arrival of ‘Jia’,” Zalewski continues, “several apparent sock puppet accounts showed up and started pressuring Lasse to pass the baton; it seems that he relented at some point in 2023.” And it seems that the two malware-infected updates were released by this Jia character.

So now the plot thickens. Cybersecurity experts are clearly taking the attack seriously. “The backdoor is very peculiar in how it is implemented, but it is really clever stuff and very stealthy,” a well-known South African security guru told the Economist. Even more interesting is the existence of a concerted online campaign to persuade Lasse Collin to pass control of XZ Utils to “Jia Tan”. This particular guru suspects that the SVR, the Russian foreign intelligence service behind the SolarWinds penetration of US government networks, might even have played a role in the attack.

Who knows? But two clear lessons can be drawn from what we know so far. The first is that we have constructed a whole new world on top of a technology that is intrinsically and fundamentally insecure. The second is that we are critically dependent on open-source software that is often maintained by volunteers who do it for love rather than money – and generally without support from either industry or government.

One engineer’s curiosity may have saved us from a devastating cyber-attack | John Naughton

In discovering malicious code that endangered global networks in open-source software, Andres Freund exposed our reliance on insecure, volunteer-maintained tech

www.theguardian.com

 

[Sasaferrato]

I'll be interested to read more details about what they implement. That's a hell of a project, I wonder what they use for stuff like identity and access? Assume they're going to need quite an IT team.

Indeed. If they have any sense they will set up a dept for that work only. It's when you buy in the wheels come off.

Having control of the source code, and the ability to modify it is a hell of a gift to society on someone's part, someone who (or ones) put in the hundreds or thousands of hours.

 

[Sasaferrato]

Most users don't know what a file explorer is.

It's the thingmybob that displays your 500k of files randomly spread, and generally unlabelled.

Because I was an early adopter, 1989, I used to be the 'go to' person when things went tits up. I rescued the files of a photographer called Charlie Cramp, Forest Green, and got paid quite a lot of money. Those were the days when you had the rescue programs on floppies.

 

[UnderOpenSky]

Feeling a bit of a tit right now. My partners PC (3rd Gen i7) isn't picking up the microphone on webcams. Checked everything and as a last resort, removed all the USB controllers from device manager and restarted assuming it would reinstall them when windows starts up. So no mouse, keyboard, well anything usb really. Pulled the kettle lead out multiple times to force safe mode and it's not having it.

So looks like I'm reinstalling Windows tonight

 

[Saul Goodman]

Feeling a bit of a tit right now. My partners PC (3rd Gen i7) isn't picking up the microphone on webcams. Checked everything and as a last resort, removed all the USB controllers from device manager and restarted assuming it would reinstall them when windows starts up. So no mouse, keyboard, well anything usb really. Pulled the kettle lead out multiple times to force safe mode and it's not having it.

So looks like I'm reinstalling Windows tonight

Maybe a repair or system restore would be easier? Just download the version of Windows you're using, and write it to a USB stick with Rufus, or use the windows media creation thing, then boot from it and select repair. Or go down the system restore route.

 

[UnderOpenSky]

Maybe a repair or system restore would be easier? Just download the version of Windows you're using, and write it to a USB stick with Rufus, or use the windows media creation thing, then boot from it and select repair. Or go down the system restore route.

Didn't want to play ball. Anyway just under an hour and it's mostly done, including downloading the latest win 10 build and finding a 2019 iso so I could use a kms emulator and a few other apps. The real magic time will come when she signs into Google Drive and we check her backup regime. The microphone works at least.

 

[Saul Goodman]

Didn't want to play ball. Anyway just under an hour and it's mostly done, including downloading the latest win 10 build and finding a 2019 iso so I could use a kms emulator and a few other apps. The real magic time will come when she signs into Google Drive and we check her backup regime. The microphone works at least.

I'm going through a nightmare with my own PC at the moment. I'm too traumatised to talk about it right now but I will, in time.

 

[Storm Fox]

Someone added my Mum's mobile to a crypto WhatsApp 'Community' she was getting a message every minute or so. I hadn't realised by default the WhatsApp allows a phone to be added to a community without the owners permission. I have now set my Mum's, Dad's, mine and my wife's mobile privacy settings.

Shake's fist at facebook.

 

[UnderOpenSky]

Someone added my Mum's mobile to a crypto WhatsApp 'Community' she was getting a message every minute or so. I hadn't realised by default the WhatsApp allows a phone to be added to a community without the owners permission. I have now set my Mum's, Dad's, mine and my wife's mobile privacy settings.

Shake's fist at facebook.

Yes an invite system where you get a notification seems a better idea. However in all the years I've used I've not had that problem, so maybe it's a balance between keeping useable for your gran and sensible things like privacy?

 

[Elpenor]

Just checking - is this a micro sd card yeah?



It came with my laptop and is 32 gig so I could just buy a much bigger capacity one and it would work fine?

 

[UnderOpenSky]

Anyway today at work I was amusing myself by upgrading machines to 24GB of RAM to wind up my OCD colleague. They're new 9th gen machines which have been found from somewhere and ship with 2x4GB sticks. I know If I remove them to replace them with 2x8GB they will sit somewhere and gather dust until they become e-waste, so might as well leave them in and add the additional RAM. But I could tell it was bothering him.

 

[UnderOpenSky]

Just checking - is this a micro sd card yeah?

View attachment 419555

It came with my laptop and is 32 gig so I could just buy a much bigger capacity one and it would work fine?

It's an SD card to micro SD card adapter. But yes, if it's not really ancient, it will accept bigger capacity ones and they are cheap enough. Performance isn't like a proper SSD. Have you checked your laptop hasn't got space for a second drive. Some will take a NVMe and a conventional 2.5"

 

[Elpenor]

It's an SD card to micro SD card adapter. But yes, if it's not really ancient, it will accept bigger capacity ones and they are cheap enough. Performance isn't like a proper SSD. Have you checked your laptop hasn't got space for a second drive. Some will take a NVMe and a conventional 2.5"

Thanks. I don’t understand the last two sentences, laptop bought late 2020 so will chance it

 

[Saul Goodman]

Just checking - is this a micro sd card yeah?

View attachment 419555

It came with my laptop and is 32 gig so I could just buy a much bigger capacity one and it would work fine?

The bigger the SD card, the more data you're likely to lose when it gets corrupted. I wouldn't use them to store anything that was even remotely important, at least not without a backup elsewhere.
Never trust an SD card.

 

[two sheds]

My SD card is now jammed inside the video camera and I can't get the fucker out

 

[Elpenor]

The bigger the SD card, the more data you're likely to lose when it gets corrupted. I wouldn't use them to store anything that was even remotely important, at least not without a backup elsewhere.
Never trust an SD card.

Ok, so only using it for films i download but have not watched yet. So not a massive problem if it’s corrupted as nothing irreplaceable

 

[Lazy Llama]

Someone added my Mum's mobile to a crypto WhatsApp 'Community' she was getting a message every minute or so.

Mrs Llama had the same thing this morning.

 

[Storm Fox]

Mrs Llama had the same thing this morning.

Also, unlike Groups, there seems to be an extra step to click through to leave the community. As I had never been part of a WhatsApp community, I looked up how to leave online, but it didn't match what she saw. Luckily, she only lives 6 miles away, so I drove around and sorted it.
She was getting quite upset, as WhatsApp is the main method of contact she uses to talk to my brother in New Zealand, so she didn't want just to turn off her phone. My Mum is in her 80s, so tech doesn't come naturally and does bloody well, but didn't need this shit.

 

[Lazy Llama]

Found my Windows desktop had once again decided that it couldn’t be bothered using the 2x4TB drives as a RAID1 set and was just using one. This has happened before.
Something to do with the Intel RST driver stopping working after a Windows Update but not bothering to mention it to me.

Fortunately I spotted it before a drive failed.

Installed the updated driver, which for some reason isn’t covered by the Intel Driver update utility, and it’s now re-mirroring all of the data.

 

[UnderOpenSky]

I hate doing support when I've got a hand tied behind my back. Partner has loads of uni work to do this weekend and can't authenticate with 2FA to get into her accounts. Number matching appears, but followed by a request denied almost straight away. Other methods give "we're having trouble verifying your account".

If I was at work I'd reset her MFA and force her to re-register, but of course I can't do that and their tech support is shut for the weekend. Bright ideas welcome, but suspect there's not much that can be done.

 

[Storm Fox]

Is the time correct on all the devices? For some (most?) 2FA is dependent on the time being correct.

 

[UnderOpenSky]

Is the time correct on all the devices? For some (most?) 2FA is dependent on the time being correct.

Yes, checked that, but thank you.

Found out her laptop hasn't kicked her out, so trying to pull as much data of that in case that kicks her out.

 

[Sasaferrato]

My tiny PC runs 24/7. Call it 'a''

Is there any way that my other tiny PC('b'), that is currently only used to show movies etc, can be able to access the programs on the other machine?

So from b you can do everything could do if you were sat at a.

 

[UnderOpenSky]

My tiny PC runs 24/7. Call it 'a''

Is there any way that my other tiny PC('b'), that is currently only used to show movies etc, can be able to access the programs on the other machine?

So from b you can do everything could do if you were sat at a.

Yes. Easiest way is something like remote desktop, you literally view the other computer on your screen. Not good for stuff like video though, other options are available.

What are you trying to do. Do you use home or pro?

 

[Saul Goodman]

My tiny PC runs 24/7. Call it 'a''

Is there any way that my other tiny PC('b'), that is currently only used to show movies etc, can be able to access the programs on the other machine?

So from b you can do everything could do if you were sat at a.

If 'A' is running a Pro or Enterprise version of Windows, you can use remote desktop. If it's running Home, you'll need to install a remote access software, something like TeamViewer.

 

[Sasaferrato]

Yes. Easiest way is something like remote desktop, you literally view the other computer on your screen. Not good for stuff like video though, other options are available.

What are you trying to do. Do you use home or pro?

I'll get back to you on that.

 

[UnderOpenSky]

If 'A' is running a Pro or Enterprise version of Windows, you can use remote desktop. If it's running Home, you'll need to install a remote access software, something like TeamViewer.

That seems very clunky, but would work.

Chrome remote desktop is another option, but does scale resolutions as well. You can use it outside the home though and Google handle security.

 

[Saul Goodman]

That seems very clunky, but would work.

Chrome remote desktop is another option, but does scale resolutions as well. You can use it outside the home though and Google handle security.

I haven't used Chrome remote desktop but it's supposed to be good. Personally, I wouldn't use any of those options. They're OK for fixing someone's machine remotely, or for file transfers but I'd rather just install the programs you need on machine B, and avoid the lag and headaches.

 

[UnderOpenSky]

I haven't used Chrome remote desktop but it's supposed to be good. Personally, I wouldn't use any of those options. They're OK for fixing someone's machine remotely, or for file transfers but I'd rather just install the programs you need on machine B, and avoid the lag and headaches.

Yeah depends what your doing. RDP is fine to connect to my little server, browse torrents and do other admin bits. Obviously not watch YouTube. If I wanted low latency remote desktop stuff I'd look at Parsec (keep meaning to for local game streaming).

Sasaferrato if you want to do this I think RDP is the simplest and the best. It doesn't look hard to add to Windows Home, but I can't test as I don't have a home machine.

 

[UnderOpenSky]

Ah the joy of PC Gaming. I've seen my FPS drop below 50 a couple of times when playing Helldivers 2 and I'm already thinking about if I need a CPU upgrade, but I really can't justify it, mostly because it would be a total indulgence.

Maybe October next year when it comes to replace my partners, I could use it as an excuse to upgrade mine. DDR5 should be cheaper by then as well.