• 0 Posts
  • 83 Comments
Joined 1 year ago
cake
Cake day: August 7th, 2023

help-circle
  • …until the CrowdStrike agent updated, and you wind up dead in the water again.

    The whole point of CrowdStrike is to be able to detect and prevent security vulnerabilities, including zero-days. As such, they can release updates multiple times per day. Rebooting in a known-safe state is great, but unless you follow that up with disabling the agent from redownloading the sensor configuration update again, you’re just going to wing up in a BSOD loop.

    A better architectural solution like would have been to have Windows drivers run in Ring 1, giving the kernel the ability to isolate those that are misbehaving. But that risks a small decrease in performance, and Microsoft didn’t want that, so we’re stuck with a Ring 0/Ring 3 only architecture in Windows that can cause issues like this.


  • That company had the power to destroy our businesses, cripple travel and medicine and our courts, and delay daily work that could include some timely and critical tasks.

    Unless you have the ability and capacity to develop your own ISA/CPU architecture, firmware, OS, and every tool you use from the ground up, you will always be, at some point, “relying on others stuff” which can break on you at a moments notice.

    That could be Intel, or Microsoft, or OpenSSH, or CrowdStrike^0. Very, very, very few organizations can exist in the modern computing world without relying on others code/hardware (with the main two that could that come to mind outside smaller embedded systems being IBM and Apple).

    I do wish that consumers had held Microsoft more to account over the last few decades to properly use the Intel Protection Rings (if the CrowdStrike driver were able to run in Ring 1, then it’s possible the OS could have isolated it and prevented a BSOD, but instead it runs in Ring 0 with the kernel and has access to damage anything and everything) — but that horse appears to be long out of the gate (enough so that X86S proposes only having Ring 0 and Ring 3 for future processors).

    But back to my basic thesis: saying “it’s your fault for relying on other peoples code” is unhelpful and overly reductive, as in the modern day it’s virtually impossible to do so. Even fully auditing your stacks is prohibitive. There is a good argument to be made about not living in a compute monoculture^1; and lots of good arguments against ever using Windows^2 (especially in the cloud) — but those aren’t the arguments you’re making. Saying “this is your fault for relying on other peoples stuff” is unhelpful — and I somehow doubt you designed your own ISA, CPU architecture, firmware, OS, network stack, and application code to post your comment.

    ——- ^0 — Indeed, all four of these organizations/projects have let us down like this; Intel with Spectre/Meltdown, Microsoft with the 28 day 32-bit Windows reboot bug, and OpenSSH just announced regreSSHion.
    ^1 — My organization was hit by the Falcon Sensor outage — our app tier layers running on Linux and developer machines running on macOS were unaffected, but our DBMS is still a legacy MS SQL box, so the outage hammered our stack pretty badly. We’ve fortunately been well funded to remove our dependency on MS SQL (and Windows in general), but that’s a multi-year effort that won’t pay off for some time yet.
    ^2 — my Windows hate is well documented elsewhere.


  • I certainly wouldn’t run to HR right away — but unfortunately, it’s true sometimes that people just aren’t a good fit for whatever reason. Deadweight that isn’t able to accomplish the tasks that need to be done doesn’t do you any favours — if you’re doing your job and their jobs because they just can’t handle the tasks that’s hardly fair to you, and isn’t doing the organization any good — eventually you’ll burn out, nobody will pickup the slack, and everyone will suffer for it.

    My first instinct in your situation however would be that everyone has got used to the status quo, including the staff you have to constantly mentor. Hopefully if you can coach them into doing the work for themselves and keeping them accountable to tasks and completion dates will help change the dynamic.


  • I’m a tech manager with a 100% remote team of seven employees. We’re a very high performing team overall, and I give minimal hand-holding while still fostering a collaborative working environment.

    First off, you need to make outcomes clear. Assign tasks, and expect them to get done in a reasonable timeframe. But beyond that, there should be no reason to micro-manage actual working hours. If some developer needs some time during the day to run an errand and wants to catch up in the evening, fine by me. I don’t need them to be glued to their desk 9-5/10-6 or for some set part of the day — so long as the tasks are getting done in reasonable time, I let me employees structure their working hours as they see fit.

    Three times a week we have regular whole-team checkins (MWF), where everyone can give a status update on their tasks. This helps keep up accountability.

    Once a month I reserve an hour for each employee to just have a general sync-up. I allow the employee to guide how this time is used — whether they want to talk about issues with outstanding tasks, problems they’re encountering, their personal lives, or just “shoot the shit”. I generally keep these meetings light and employee-directed, and it gives me a chance to stay connected with them on both a social level and understand what challenges they might be facing.

    And that’s it. I’ve actually gone as far as having certain employees who were being threatened with back-to-office mandates to have them converted to “remote employee” in the HR database so they’d have to lay off threatening them — only 2 of my 7 employees are even in the same general area of the globe (my employees are spread in 3 different countries at the moment), and I don’t live somewhere with an office, so having some employees forced to report to an office doesn’t help me in the slightest (I can’t be in 6 places at once — I live far enough away I can’t be in any of those places on a regular basis!).

    Your employees may have got used to you micro-managing them. Changing this won’t happen overnight. Change from a micro-manager into a coach, and set them free. And if they fail…then it’s time to talk to HR and to see about making some changes. HTH!





  • All time, probably the Cinesphere at Ontario place — one of the very first IMAX screens ever built, inside a geodesic sphere.

    Currently (and closer to home) the IMAX theatre at our local museum. They show all sorts of IMAX formatted films (they have a full 4K Laser IMAX projection system), and their snack bar is hard to beat: excellent popcorn and hot dogs, lots of snack options, and the prices for which don’t break the bank (especially when compared to all the other theatres in our area). Last time I went (to see Oppenheimer) I got a large popcorn, large Coke, and a cup of gummy treats — and I think I spent a whole $12 (CAD).

    And while I don’t have one, they have an annual pass available.



  • Does this pump also dispense marked fuels through the same hose?

    In my province of residence gas stations near farming communities often sell “marked fuel” (fuel with an added red dye in it) that are taxed less, and which are intended for farming machinery, road work equipment, boats, and other non-highway use only. If you’re caught with red-dyed fuel being used for any other purpose you can be charged with an offence, and levied fines or other penalties.

    If you dispense a small amount of regular gasoline after another purchaser had bought marked gasoline, the dye in the fuel remaining in the lines likely isn’t diluted enough to tell the difference — and you could (hypothetically) then be charged with possessing marked fuel without the proper paperwork.

    (Anywhere I’ve ever seen marked fuels sold usually has a separate hose for the marked fuel to be dispensed from to prevent this from happening — but I don’t know your gas station or where you live, so maybe they rely on dilution rather than separation to differentiate?)






  • I’m not sure what’s keeping Microsoft and ibm from Open Sourcing all the rest of the DOS versions as well — the 3.x series was very influential, 5 added disk compression, and 6 was the most modern of them all. I can’t remember if Stac’s lawsuit against Microsoft would require them to take out the disk compression parts (although AFAIK the relevant patents are probably long expired now), but even if that’s the case having these available as OSS would also be useful — even if only for a historical context.


  • To put things into context, IBM didn’t get ripped off in any way (at least not from DOS - the whole IBM/Microsoft OS/2 debacle is a different story). The earliest PCs (IBM PC, IBM PC XT, IBM PC Jr., and associated clones) didn’t really have the hardware capabilities needed to permit a more advanced operating system. There was no flat memory model, no protection rings, and no Translation Look-aside Buffer (TLB). The low maximum unpaged memory addressing limit (1MB) made it difficult to run more than one process at a time, and really limits how much OS you can have active on the machine (modern Windows by way of example reserves 1GB of virtual RAM per process just for kernel memory mapping).

    These things did exist on mainframe and mini computers of the day — so the ideas and techniques weren’t unknown — but the cheaper IBM PCs had so many limitations that those techniques were mostly detrimental (there were some pre-emptive OSs for 8086/8088 based PCs, but they had a lot of limitations, particularly around memory management and protection), if not outright impossible. Hence the popularity of DOS in its day — it was simple, cheap, didn’t require a lot of resources, and mostly stayed out of the way of application development. It worked reasonably well given the limitations of the platforms it ran on, and the expectations of users.

    So IBM did just fine from that deal — it was when they went in with Microsoft to replace DOS with a new OS that did feature pre-emptive multitasking, memory protection, and other modern techniques that they got royally screwed over by Microsoft (vis: the history of OS/2 development).


  • As someone who has done some OS dev, it’s not likely to be of much help. DOS didn’t have much of any of the defining features of most modern OS’s — it barely had a kernel, there was no multitasking, no memory management, no memory protection, no networking, and everything ran at the same privilege level. What little bit of an API was there was purely through a handful of software interrupts — otherwise, it was up to your code to communicate with nearly all the hardware directly (or to communicate with whatever bespoke device driver your hardware required).

    This is great for anyone that wants to provide old-school DOS compatibility, and could be useful in the far future to aid in “digital archaeology” (i.e.: being able to run old 80’s and early 90’s software for research and archival purposes on “real DOS”) — but that’s about it. DOS wasn’t even all that modern for its time — we have much better tools to use and learn from for designing OS’s today.

    As a sort of historical perspective this is useful, but not likely for anything else.


  • AWS already had to effectively do this. AWS only exists in two regions in China because they licensed much of the AWS software to be run by a pair of Chinese-government affiliated ISPs inside China (that is, Amazon doesn’t run AWS in either of its China zones — it’s run by a pair of Chinese companies who license AWS’s software).

    This is why the China AWS regions are often quite far behind in terms of functionality from every other region (they either haven’t licensed all the functionality, they don’t keep up-to-date at the same cadence as Amazon, or Amazon is holding certain functions back), and why you can’t really access them from the standard AWS console.

    So in effect, Amazon did have to give their software to Chinese-government affiliated companies in order to continue operating in China.



  • An honest review isn’t what’s going to kill their business. Even a bad product in and of itself isn’t necessarily what could cause the death of their business — it’s their not adequately tempering consumer expectations. From the sounds of it, they’ve oversold what the product can actually do, and are charging a price based on this fantasy.

    If you’re honest in your marketing as to what your product can actually do, and charge a corresponding price then consumers and reviewers may be more forgiving. Where companies like this one which are doing fairly experimental stuff fail is when they over-promise and under-deliver. And reviewers will always take them to task when they do that.