* Posts by Steve Foster

834 publicly visible posts • joined 10 Oct 2007

Two wrongs don't make a right: They make a successful project sign-off

Steve Foster

I thought at first (before spotting the problem) that the potato picture was a topical reference to this story:

'Human foot' in Gateshead field turns out to be potato

Beware the ghost of operating systems past: In which our hero is visited by an old friend

Steve Foster

Ah, BG Info

I still have that on some of my servers...

PSA: The 2020 monolith is a dead meme. You can stop putting them up now. Please

Steve Foster

IoW "art" claimed...

https://www.bbc.co.uk/news/uk-england-hampshire-55227034

[Checks meeting agenda...] Where does it say 'Talk cr*p and waste everyone's time'?

Steve Foster
Facepalm

Re: Nad Watch Live!

I rather think that depends on whether the Nads are also going to catch fire...

Cutting the ties: European hosting provider OVHCloud to offer Google Anthos, no Google account needed

Steve Foster
Thumb Up

Re: I see OVH and think...

Indeed, I added yet another IP block to my firewalls today after receiving spam from a previously unseen OVH server.

I did bump into a way to list all the IP blocks registered to an organisation recently, but now can't quite find it again (something ARIN/RIPE/etc whois based, I think).

UK ISP TalkTalk confirms it will MullMull go-private takeover offer valuing it at £1.1bn

Steve Foster
Facepalm

As Toscafund already own almost 1/3 of TalkTalk, they're obviously figuring that they can't really get any dirtier...

Steve Foster

Virgin/O2 Combo

"Back in May, Liberty Global and Telefónica said they would merge their respective UK telecoms businesses, Virgin Media and O2"

The UK's Competition & Markets Authority wants to investigate this, though (it's applied to take it off the EU equivalent, as it's currently under that body's purview), so it might not happen.

A decades-old lesson on not inserting Excel where it doesn't belong

Steve Foster

Pegasus Opera

is built (or used to be) on FoxPro.

Once upon a time, if Pegasus crashed while posting invoices it would leave the accounts db without both halves of the double-entry in place, so accounts would not balance.

We couldn't deliver prisoner rehab plans because Sopra Steria ballsed up our IT, Interserve tells High Court

Steve Foster
Facepalm

Re: Outsourcing

Ah, but in this case, the outsourcer (InterServe) is itself outsourcing work to another party (SS).

You'd think the MoJ contract would forbid such (or that the MoJ would directly outsource to SS). Oh wait, government...

Institute of Directors survey says most bosses expect no mass return to the office if COVID-19 crisis ever ends

Steve Foster
Facepalm

No, absolutely not!

"The IoD called on UK government to provide tax incentives so small businesses have the wherewithal to invest in digital tech"

No, stop it. "tax incentives" add complexity to the tax system, are generally badly defined, rarely achieve the stated goal, and usually introduce new loopholes that can only be exploited by big companies/multinationals. We've enough idiocy in the tax system already - it'd be much more useful to work on getting rid of such.

Corsair's K70 MK.2 does nothing a cheaper keyboard can't, but the steep price gets you top-notch components

Steve Foster

USB passthrough

I've never really understood why full-size wired USB keyboards don't routinely include a basic USB hub (2 or 4 ports) and memory card reader - the cost is negligible, but the value-add is substantial.

Spain's highway agency is monitoring speeding hotspots using bulk phone location data

Steve Foster
Facepalm

Railway Lines?

And what about places where the railway runs alongside the road? Passengers with phones on the train doing 100+ mph may be recorded as "speeding"...

(eg a large chunk of the A2 between Madrid and Guadalajara runs parallel with a railway line)

Brexit travel permits designed to avoid 7,000-lorry jams come January depend on software that won't be finished till April

Steve Foster
Happy

Re: What's in a name...

Kermits. Very good. Have an upvote.

Bad news for 'cool dads' trying to bond with their teens: China-owned TikTok and WeChat face US download ban by Sunday

Steve Foster
Facepalm

Tok for Tik (sorry, I mean Tit for Tat)

I wonder what the US would say if China turned around and banned FaceBook, InstaGram, WhatsApp and Twitter (or are some of these already banned by China?).

'My wife tried to order some clothes tonight. When she logged in, she was in someone else's account ... Now someone's charged her card'

Steve Foster
Facepalm

Re: Fabletics?

Because they thought that creating a portmanteau from fabulous and athletics was awesome?

Microsoft sides with Epic over Apple developer ban, supports motion for temporary restraining order

Steve Foster

Self-Defeating?

Arguing that Unreal Engine is "essential" potentially makes Epic a monopoly supplier target in its own right. Which might backfire...

Someone please have mercy on this poorly Ubuntu parking machine that has been force-fed maudlin autotuned tripe

Steve Foster
Facepalm

Huh?

Since these are touchscreen devices, you'd have thought that a member of staff could have acknowledged the messages and let the relevant software complete it's updates.

Wrap it before you tap it? No, say Linux developers: 'GPL condom' for Nvidia driver is laughed out of the kernel

Steve Foster
Happy

Re: TAINT_PROPRIETARY_MODULE

Isn't that the point?

Brit unis hit in Blackbaud hack inform students that their data was nicked, which has gone as well as you might expect

Steve Foster
Facepalm

Ah, you've seen https://www.theregister.com/2020/07/23/carding_forum_scams/, I presume.

From 'Queen of the Skies' to Queen of the Scrapheap: British Airways chops 747 fleet as folk stay at home

Steve Foster
WTF?

Interesting Wing Arrangement (article image)

That left-hand wing looks a bit short!

Someone needs more practice at photoshopping...

Digicert will shovel some 50,000 EV HTTPS certificates into the furnace this Saturday after audit bungle

Steve Foster

The certificates for Nationwide do not have any intermediate CAs, so should not be affected.

I can't obviously identify whether it's EV or not (how does one tell these days?).

Email seems lost in the post? You might be a Tsohost customer

Steve Foster

Re: SFU

Same here. They've been spamming my servers for months, and I finally got fed up of playing whack-a-mole, and started firewalling their ranges outright. The spam volume has dropped like a stone.

Microsoft sues coronavirus phishing spammers to seize their domains amid web app attacks against Office 354.5

Steve Foster

Re: 07/07/2020 13:04:41 - ( 2911) 250-SIZE 20971520

That's my server announcing that email of up to 20MB will be accepted.

That seems like a reasonable limit in the modern world - not too small to interfere with normal traffic, not too big to choke the server.

IME, the UCE that does get through actually tends to be quite small (well below that 20MB limit) - it's not often that junk comes with huge attachments.

Steve Foster

Re: Something about motes and beams...

Other [genuine] email from MS servers comes through ok, so I don't think it's TLS-related (though it's a good thought).

And even if MS did want to only transmit over TLS, their servers should end the conversation cleanly with QUIT, not just drop the connection.

Mostly, it's their hypocrisy that peeves me.

Steve Foster
FAIL

Something about motes and beams...

...it'd be nice if they could stop the silly DoS crap originating from some of their *.outbound.protection.outlook.com servers.

Stuff like this, where they just connect and then drop the connection over and over:

07/07/2020 13:04:41 - ( 2911) EHLO GBR01-LO2-obe.outbound.protection.outlook.com

07/07/2020 13:04:41 - ( 2911) 250-Welcome, mail-lo2gbr01lp2055.outbound.protection.outlook.com [104.47.21.55], pleased to meet you

07/07/2020 13:04:41 - ( 2911) 250-AUTH=LOGIN

07/07/2020 13:04:41 - ( 2911) 250-AUTH LOGIN

07/07/2020 13:04:41 - ( 2911) 250-SIZE 20971520

07/07/2020 13:04:41 - ( 2911) 250-ETRN

07/07/2020 13:04:41 - ( 2911) 250 HELP

07/07/2020 13:04:41 - ( 2911) Error: [10054] Connection reset by peer

Steve Foster
Thumb Up

Re: That much downtime?

Given the frequency with which all the cloud services like to go TITSUP, I'd say 265 is probably about right.

Keep it Together, Microsoft: New mode for vid-chat app Teams reminds everyone why Zoom rules the roost

Steve Foster
Trollface

Keep my Camera on?

What camera?

Barclays Bank appeared to be using the Wayback Machine as a 'CDN' for some Javascript

Steve Foster

404 error?

A recent feature added to Brave is an option to automatically try the Wayback Machine for 404 errors - could it be that Barclays had "misplaced" their JS and the browser auto-tried to "fix" the 404?

Boffins find that over nine out of ten 'ethical' hackers are being a bit naughty when it comes to cloud services

Steve Foster
Facepalm

Re: It is happening now

Yes, really. AFAIK, fail2ban doesn't run on Windows Server (though I expect there are fail2ban-like ports/substitutes/wannabes available).

Steve Foster

Re: It is happening now

As it happens, fail2ban isn't an option on the software I'm using, though that might change.

And I always have a momentary brain freeze when I see "fail2ban" (what use is a tool that fails to ban? oh, wait, upgrade failures to banned)

Steve Foster
WTF?

Re: It is happening now

It certainly is.

The number of attempts to log in to my email servers via SMTP, 2ry SMTP, IMAP and POP3 are through the roof.

In the past, it would be the same IP trying over and over (though there's still plenty of that), but it's now also common to see an IP try once and then disappear. And lots of those IPs are part of cloud providers networks.

Not only that, but the spam is also coming from an increasing range of IP addresses.

I've had to further reduce the limit on failed login attempts, as well as begin firewall blocking of IP ranges wholesale.

Not so nice, we investigated them twice: EU opens double whammy of inquiries into Apple's biz practices

Steve Foster

Re: I don’t quite understand this

More like 3rd-party manufacturers being obliged to sell their accessories (eg tyres, wiper blades, seat covers, fluffy dice, etc) for Ford vehicles through Ford dealers, and pay Ford a hefty fee for the privilege.

Or, say, music companies being forced to sell their music (to be played in a Ford vehicle) through Ford dealers, and again, paying Ford a hefty fee for the privilege.

In Hancock's half-hour, Dido Harding offers hollow laughs: Cake distracts test-and-trace boss at UK COVID-19 briefing

Steve Foster
Facepalm

World-Beating? Oh no, it isn't...

...oh yes, it is: it's the worst in the world. Even with the stiff competition from the likes of Bolsonaro!

Bloke rolls up to KFC drive-thru riding horse-drawn cart only to be told: Neigh

Steve Foster

WTF?

I've never been much interested in burgers, even before there was a McDonald's on every damn corner, so have never consumed any of their "offerings" (though I have been inside their premises occasionally in the company of others who did partake). I'm much more partial to pizza, though I'm aware that's almost certainly even worse for me in health terms.

Indeed, thinking about it, I wonder what the effect on the nations' waistlines might have been had the government instructed all takeaway food outlets to close for the duration of the lockdown! (I know I'd have eaten less pizza, for a start)

EU aviation wonks give all-electric training aeroplane the green light – but noob pilots only have 50 mins before they have to land it

Steve Foster

Boost from Solar?

Can't tell from the picture, but as this is primarily aimed at training and therefore probably mostly daytime flight, it seems like an obvious opportunity to cover the upper wing surfaces with solar panels to boost capacity/range.

Lettuce Encrypt, Encrypt We Must: Hobby projects change name after Let's Encrypt fires off trademark complaints

Steve Foster

US "defend your rights" Requirement?

Is the ISRG based in the US? Doesn't the US have some requirements for folks to "defend-it-or-lose-it" on various IP "rights"?

BoJo looks to jumpstart UK economy with £6k taxpayer-funded incentive for Brits to buy electric cars – report

Steve Foster

Re: That's sure to jump start Tesla sales...

"Black Cab"'s are now Chinese (LTI got bought out - by Geely, IIRC).

Morgan's numbers are so low as to be a rounding error on a rounding error. Aston Martin isn't significant either. And of course, Land Rover is Indian now (being owned by Tata), although still built here.

The Nissan Leaf is currently assembled in Sunderland.

Steve Foster

Re: Restructure the Market

"Complicated to administer and police."

Not really, it just goes into the VAT regime, which is the motor trade's problem. HMRC (at least the Excise portion) have traditionally been fairly effective on that front (some notable issues aside).

"Just keep knocking up the taxes on petrol and diesel and you'd achieve the same effect."

Well, that ought to be happening too. The difficulty in doing so is that it's pretty damn visible to taxpayers, so the governments of the day (of whatever flavour) tend not to be overly keen on doing so.

Steve Foster

Re: Restructure the Market

"Sure, provided you're comfortable with punishing the poorest who are least able to avoid your new taxes. I'm not completely sure I am."

By and large, I would expect that the poorest are not actually buying new cars at all, so pushing up the cost of ICE isn't likely to affect them (at least, not directly).

[Road charging is] "completely incompatible with privacy."

Not necessarily. You could certainly make it so if you wanted to do so (and I can see that there are some who would like to do so). However, the EU countries using road charging seem to be doing so without major problems, and without (AFAIK) totally compromising privacy. I don't see why we could not do likewise (non-functional public bodies notwithstanding).

Steve Foster

Re: This does not happen

Maybe because of the modern obsession with the [XYZ]aaS subscription model?

Of course, it's possible that eventually all the existing schemes will disappear, and you'll pay for the "fill" on a PAYG basis just like the existing ICE model.

Steve Foster

Re: Restructure the Market

Exactly. Fuel duty is going to dry up as a source of income. That's another reason that VED needs to be restructured (allowing EVs to pay nothing really is not a viable option).

If you want to encourage the switch from oil to EV, in a gradual way and not have a mad rush to switch at the last minute, forcing the price of ICE up and EV down is necessary. Doing so in a clearly defined manner that is affordable and doesn't simply introduce further problems down the road seems like the logical thing to do.

I agree that road charging is probably required, and that's not necessarily a bad thing if implemented sensibly (eg we ensure a contribution from foreign vehicles using our infrastructure that way).

Steve Foster

Re: Restructure the Market

VED is such a mess right now (with multiple differing schemes) that it just seems sensible to bundle fixing it in with larger changes.

While I get your point about the seriously wealthy not caring one way or another (as you say, the VED is almost immaterial to them), you do want it overall to be as fair as possible, and to be constructively arranged (even if it's principally "virtue signalling").

At the moment, the effective message of the various schemes is "hang on to your old diesel"!

Steve Foster

Re: Free parking for electric cars

Removing the cost of using the existing infrastructure from electric vehicles is ultimately self-defeating (the country cannot afford to give up those forms of income in the long-term).

Plus, such discounts are generally regressive, as the current price differential between petrol/diesel cars and the EV equivalent is such that EV purchases are mostly made by the wealthiest (ie those who can most afford to pay for the infrastructure are the ones least in need of such discounts).

Steve Foster

There are several factors to consider:

a) the profits on the car sales (which definitely goes overseas),

b) the service-based UK car jobs (dealerships/showrooms, garages, logistics, etc),

c) the car financing profits (may/may not go overseas, depending on source),

d) avoiding reintroducing the pollution from cars (the air quality has improved massively during lockdown)

I'm not sure where the overall balance would sit, and how (or whether) you can actually value (d).

Steve Foster

Restructure the Market

My 2p...

1. Introduce a fossil fuel car VAT supplement, starting at 2%, ratcheting up by an additional 2 percentage points every year until it hits 20% - ie gradually double the VAT on any vehicle that is in any way powered by petrol or diesel.

2. Introduce an electric/AF car VAT discount, starting at 20%, ratcheting down by 2 percentage points every year until it's gone - ie remove the VAT for now, gradually reintroducing it. You could cap this at (say) £6k maximum if thought necessary.

3. Drop the existing EV grant.

4. Rework VED so that all vehicles are on the same scheme (there are currently 3 or 4 different ones running in parallel), such that:

a) all vehicles pay, b) those that pollute more pay more, and c) those that impose extra wear and tear on the network or consume extra capacity [think heavy and/or XL vehicles] pay even more. For example, a base VED of £50, plus a fossil fuel component tied to emissions [one element for each of CO2 and NOx, plus room to add others if we find further pollutants], plus a % "XL" levy (say, 50% extra for over 2 tonnes or L>4.5m or W>2m or H>1.5m, and 25% discount for "compact" cars [<1T or small enough to fit 2 in a standard parking space]). It's probably appropriate to implement this new VED with lower starting rates that are ratchetted up by fixed increments for a few years before switching to inflationary rises, to avoid huge overnight hikes for those currently enjoying negligible rate VED on older petrol/diesel vehicles.

OK Windows 10, we get it: You really do not want us to install this unsigned application. But 7 steps borders on ridiculous

Steve Foster
Devil

"deterrent to installation"

"It's a deterrent to installation for sure, but the whole rigmarole can largely be prevented by signing code with a certificate"

"It's a deterrent to installation for sure, but the whole rigmarole can largely be prevented by downloading with a real browser instead of Edge"

There, FTFY.

Contact-tracer spoofing is already happening – and it's dangerously simple to do

Steve Foster
Mushroom

Re: Eh...

Self-immolation, OTOH, might just do...

(obvious choice of icon)

Steve Foster

Re: Unhearing government

Indeed, if I get a call from my bank (to my mobile number), the first thing they do is ask me to answer security questions (something their own advice says is bad).

I always say no, and explain why (the explanation is for the benefit of the staff person calling *and* their trainers [who use the recordings of those calls :p]).