837 posts • joined 21 Oct 2007
Holy jumping shitballs
The department today handed Capita yet another contract, this time to run its fire and rescue services – covering 2,200 staff at 78 defence fire stations worldwide
So not only have they been TUPE'd to Crapita, they're going to have some clipboard wielding halfwit on three times their salary getting in the way and telling them how to do their jobs despite the sum total of its experience in the field being setting the living room curtains on fire when it was 8? This is how we thank these people for doing difficult and dangerous work?
Can someone explain why , given their past failures, we keep throwing work to them?
DJO just did, up there ^
This will be more tribble than it's worth.
"And two: Somebody close that hatch!"
No ones drawn any lines yet , except the EU that has drawn this line around their gps project.
Our government is still arguing with itself about where it wants the lines
They're still arguing about what colour the lines should be, what shape and how broad. Some want dotted lines, others want solid and some want no lines at all. They haven't noticed the 27 other Sharpies of varying colours that have been busily drawing € shaped lines on most things already.
What, did you think the EU was going to wait for us to sort our shit out after the dummy-spitting tantrum? Are we that egocentric to think 27 other countries are going to just stand still for two years? Like any parent, they're just going to cover all the sharp edges with padding and close the door until the nerve-jangling noise stops so they can at least hear themselves think long enough to find the Hedex.
"The Excelsior line!... and that compass in the top will come in handy..."
So off we trot, through the petrified, flaming beaver infested forest with no sense of direction, skint, terrified and lonely with only the clothes on our backs and a walking stick. The metaphor is striking, which is what I suspect you intended and all the pointy-button smashers missed.
Pulseaudio next, please
I finally caved¹ after a particularly nasty deadlock and no sodding logfiles because systemd. I note with distaste that pulse bloody audio is still being used, which I consider to be several orders of magnitude more evil than systemd (I liked systemd's unit files approach to the rcorder problem but not enough to put up with not being able to diagnose why my machine has suddenly crapped itself) and it needs to die in a fire.
Have a look at FreeBSD's audio stack for how to do virtual, multi-consumer access to sound hardware properly without some awful userland daemon pet project sitting in the background.
Icon. I want Pulseaudio at the epicentre, please ->
¹ Migration from Stretch was a doddle. Install sysvinit, reboot, nuke systemd from orbit, change to Devuan's repos, add the repo keys and just treat it as an upgrade. It even worked utterly flawlessly on my Banana Pi NAS box.
Re: The thing is... it's nothing new.
That's 'em. Forgot the "n" at the end, which anyway goes to show how much notice I take of spam.
Re: The thing is... it's nothing new.
It's what the sender's paper recycling bin is for when their litter's been posted back to them.
Mix'n'match spam and prepaid envelopes. Keeps Royal Mail solvent and the spammers out of pocket. I'm sure Anglia Windows would like an MBNA credit card and MBNA would like some new-age meals on wheels and a few Farmfoods vouchers¹, so my handy pass-it-on service fills a gap in the market.
Am I evil? Quite possibly, although all they have to do to stop it happening is leave me alone.
¹ The only shop in the world where the packaging is more nutritious than the food therein.
90% of my playlist is prog of one sort or another and the rest is people like Paul Weller, Sting, Linton Kwesi Johnson etc etc. And some folk music. And Jazz
No Knopfler? Privateering was a pretty good mashup of most of your eclectic taste.
Aye, but He rides majestic past homes of men who care not or gaze with joy pretty much sums up the bipolar situation with regards online advertising. It's all bollocks, naturally, since the web was meant to be fair sharing of ideas and knowledge but the ad-men came anyway and here we are.
From the same track, The sands of time are eroded by the rivers of constant change. This, too, shall pass.
Do what now?
Oh, you mean that shite that gets installed when you flash Gapps. No, sorry, none of that has ever been on my handset. F-Droid has all the apps I need, thanks. I even completely remove that poxy Jelly browser from my builds because I don't trust it. Icecat Mobile is much better.
As we used to say on Usenet
PPoGTFO. Vague, hand-wavy assignment of baddie-du-jour just isn't going to cut it any more. It's looking increasingly like justifying their own position.
If our infrastructure is so fragile that any random Sergey Hackovitch with his computamabob¹ can knock it over, perhaps instead of spending billions on spooks we should be concentrating on making it not so fragile?
¹ Those sodding meerkats have seeped into the consciousness. Bloody ad flingers.
Re: But ...
Sure they can. They'll just go into the address market and say they're seeking an IPv4 address of a certain range and see if someone's willing to sell it.
...and hello routing table madness. Your "just" in that post assumes a simplicity that, while it's SEP (someone else's problem) invisible to the halfwit who caused it, certainly isn't simple. When we get to the stage that every company and its uncle Freddy has a routable /29 (six usable, probably NATted at the gateway on one of them) because that's all they could afford, let's just see how long the core routers stay up with all that extra load.
I'll say it again, you cannot do this reliably with v4. The infrastructure just doesn't support this level of granularity in the address space - which is before we consider rDNS, delegation of off-boundary subnets, misconfiguration and/or assumptions leading to broadcasting on someone else's block etcetera.
Makes remembering 2001:f00:f00::/48 seem a bit like whining about the weather, doesn't it? If your NOC still has kit from nineteen-hundred and frozen stiff that doesn't support v6 and/or admins who refuse point blank to re-skill to v6, perhaps it's time to replace them? They will be full of bulging capacitors, the congealed remnants of the shed skin and sandwich crumbs of a couple of decades, inefficient and power-hungry. The routers won't be looking too healthy, either.
Roland6 wrote: Re: MBA mentality
Remember the problems that were had in getting business to take Y2K seriously and more recently GDPR? "MBA mentality" is more widespread than you may think - particularly outside of the IT department.
Well said. Until the iceberg makes a hole, we steam on at full speed. Then we all go down together¹. I think they teach that damned mantra in Business Schmooze 101.
¹ Except Ismay, the White Star chairman, natch.
IPv6 has no business benefit.
Two words: Routing tables. Once IPv4 trading of sub-class C blocks begins in earnest (you ain't seen nothing yet) the black boxes that connect the dots that your MBA mentality doesn't even think about are going to start breaking in new, hitherto unseen and quite probably amusing ways.
IPv4 was designed with the old class system in mind. CIDR was an afterthought. Like so many of these afterthoughts such as PAE, it was a half-arsed, horrible bodge that just happened to mask one symptom while leaving the underlying disease in place.
Besides, this is the Internet. "Business interests" should not be your first concern. Keeping it open, neutral, working and self-healing should be. Again I find myself checking the address bar to make sure I'm on El Reg and not some bloody awful, buzzword-laden business think-tank site which has a bottom line of "how can we give everyone else a smaller share and us a bigger one?"
Yes, yes, we know, The Register is still IPv4, and not on IPv6. Word from our sysadmins is that we'll migrate Soon™
Joking aside, that is very welcome news, although "go dual stack" would probably be more appropriate a phrase than "migrate," which has connotations of leaving v4 behind.
Re: Data marketplace
Um, instant access to all travel data on everyone? Data fetishism much?
Seriously, we need to start playing Littlefinger's game: What's the worst reason they could possibly have for doing what they do?
Self-driving, self parking, self selling autonomous vehicles.
They're called "taxis." We've had them for years. The AI is a bit suspect with its views on immigration, party politics and penchant for taking "shortcuts" which aren't, as evidenced by the meter reading at the end of the journey, but they tend to work quite well.
It's about time this particular leaky hole was plugged. Getting contact details by the back door of making users agree to share them without permission from the actual owners is a concern I've had for a while, which started when these buggers partnered with the now defunct Cyanogen Inc (CNGN, nothing to do with CyanogenMod/Lineage).
Of course, world+dog are now doing the same thing, so much so that it's pretty much guaranteed that Facebook or some other ne'er do well has your details if you're in more than two smartphones' contacts.
For now. It will be interesting to see how this pans out. Continental and Gates are the only two manufacturers I'll trust to supply timing belts - now I may have one more reason to prefer Contitech if their policy results in a wider review of this shady practice.
Re: A chip in everything...
The same is true of most "smart" devices, the smart functionality doesn't generally bring anything really useful to the table
That depends entirely on your perspective, i.e. whether you're customer or product. One "weirdness" that has emerged quite early on in this process is the blurring of the lines between the two.
In the meantime, I have reached the stage where I can, for example, turn off the garage lights, which I have left on and forgotten about until I'm in bed, by stabbing a button in a browser, open the garage door from within the car when it's pelting down and even schedule the immersion heater for an hour before I get home to allow me a nice soak to wash off the stink of betrayal and incompetence from all around. None of this was obtained from a vendor, though, so it serves me. The other way around is becoming increasingly common - and not just in Soviet Russia, as the meme would have you believe.
Thank you. Power grabbing at the Internet has been an ITU wet dream for years now.
That's the trouble with being a bitter, misanthropic old git: You're rarely disappointed, even when you want to be.
A visit from the head of the International Telecommunication Union (ITU), Hamadoun Toure, to an ICANN meeting in 2007 led to a shouting match between him and an ICANN board member who felt he had been disrespectful.
Well, was he being disrespectful? Was he sitting in a corner muttering about how the ITU should be doing this and that these people were all a bunch of self-serving amateurs? It's obvious to anyone with half a brain that he went there on a mission with an empire-building agenda. Get two people in a room who want something only one of them can have, you get a shouty bickering session. Even more so when one of them already has it and the other is making up reasons he shouldn't.
"Tonight I Tried Some Unusual Payments.
The barman took the promissory note from me and I stood bemused as he proceeded to put it in a little drawer that went "ding" as it opened. No PIN was requested and he kept the note, telling me to bog off when I asked for it back. How am I to pay for the next round without my promissory note if they won't give it back? Should I call the police?"
Have we reached that stage yet?
Re: Not fit for (any) purpose
Oh, they have standards. They're not very high, but they've got them.
They weren't all that clueful back before Lloyds gobbled them up, when they started calling themselves the TSB Bank. So that'll be the Trustee Savings Bank Bank, then?
Resurrected, it seems it's [monkey] business as usual for TSB.
a Northern Texas US District Court
Who'd have thunk?
What are FB's land-sharks smoking? From the judgement:
sending notice to the class in advance of the trial will embarrass it and inflict “reputational” injury.
Well, yes, there's nothing quite like putting a man with one leg into an arse-kicking contest. FB's "reputation" is irreparably damaged as it is; the news just hasn't filtered down to everyone yet.
Of course, if said man cut his own leg off, knowing full well the trial of buttock pugilism was coming, he only has himself to blame.
I'm having that phrase. Take generic chipset, slap some logos into fs/overlay/www/images and put pink feet and some flashing lights on it.
Have a beer.
Re: Only an id10t...
The point is the vulnerability shouldn't have been there in the first place. More proof, were such needed, that using an ISP supplied router is tantamount to giving them your house keys.
Pray tell, how was this port opened in the first place and, more importantly, how did the ISP close it without a backdoor?
Car manufacturers use chips and software because it locks in the customer and makes more money for them and their dealers, it has nothing to do with what is ultimately better for the average driver it's marketing and making a profit.
I wish I had more upvote superpower...
Here's an idea!
Bowden cable to the throttle body, a mechanical key that you can turn off when the engine disobeys your input, a second set of Bowden cables attached to levers on the back brakes for emergency use and a third pedal, I dunno, call it a "clutch" that disengages the engine from the gearbox completely as a last resort.
Re: And they are getting infected how?
Ancient kernel versions infested with binary blobs, uPNP enabled out of the box, web interface with glaring vulnerabilities accessible from the WAN, no SMB egress filtering, backdoors in stock firmware, "telemetry," insecure browsers running malicious js/vb/skiddie-language-du-jour, Windows 10 p2p patches distribution punching holes in the firewall and so on.
How many more vectors do you need? Consumer IT is one big maelstrom of beta testing, spyware and experiments in Darwinism - and these same TLAs are making it worse by keeping the tasty vulns to themselves for use in projects with twee uppercase names.
So no, Feds, nobody is buying your "caring" advice.
They know which channel you're watching, what is playing on that channel and it gives them a further interest to add to your profile. If the TV is "smart" they could also possibly get a rough, WiFi derived location from the exchange. You're not thinking like an ad-flinger.
Filter ultrasound on the handset;
Add _nomap to your SSID;
Firewall the "smart" TV by MAC.
Or just forget all this nonsense and read a (real) book.
I've had a variant of this patch in my custom Nougat build for about a year now. Oreo seems to break it but I'm sure I'll get around to finding out why when Oreo is stable on my device.
Re: "the UK again reiterated its position on the project"
In other words, you are not Trump and repeating your opinion endlessly does not make it any more relevant.
But we do that impression so well, don't we? I mean, come on, Boris is so close with the hair and vacant expression, even if his accent is a bit Etonian, that they could almost be body doubles for each other.
It's embarrassing, it really is. Globally embarrassing.
Why is there no clown icon? Or better still, a clown car with wobbly wheels, the doors falling off and steam coming out of the radiator. That would seem to me to be an apt metaphor for the current situation.
Re: Simple explanation
This is a legitimate, objective and reasonable concern. We could do with a bit of shorthand so, for example, if your VoIP ATA is on 2a03:dead:beef:1::1/64, ::1::1 would be easier to type and remember. Of course, this does sort of fall down when using SLAAC but things that have SSH running on 'em shouldn't be using SLAAC anyway.
I can't deny v4 addresses are easier. The reason I so vociferously support IPv6 is to preserve the fundamental equality of hosts connected to the 'net. Without that, it's not the Internet any more. We've run out of contiguous v4 space and none is going to magically appear from nowhere, not even from AFRINIC's meltdown. Unless v6 is at least tried, the Internet as we know it will cease to be and it'll become just another two-tier them'n'us system.
In summary, I give you Gary Feldman to play the theme tune.
Re: "we offer IPv6 and nobody except Googlebot uses it."
"An IPv6-only mail server is not likely to be able to receive mail from most of the world, so what's the difference?"
If IPv6 were widely deployed, this would be a non-issue. Using it as an excuse not to deploy is a self-fulfilling prophecy.
Have you lot all got secret stacks of /16s that you want to (ugh!) "monetise" in the near future, or what?
Phew, a bit of front-line common sense. I had to check for a moment to ensure I was actually on ElReg as it seems the commentards aren't getting this at all.
Considering we've all been banging on about net neutrality for ages, even though people on this side of the pond give less than an airborne fornication for the US and its rules, this seems a little strange. What about peer neutrality? It was - and still should be, although I don't know how far up the tree the AOLers have been promoted at this point - one of the things that made the Internet possible. And by "internet" I don't mean the Big Blue E™ but the free exchange of ideas and knowledge and the free choice of protocols and infrastructure over which to do so.
Now I hear that not only is there a risk of a two-tier system emerging, it's actually happening. I know PlusNet trialled CG-NAT a while ago but I seem to recall it was dropped. Sadly, exactly the same thing happened to IPv6, it was trialled and then they bottled out.
If we want a world where the same bunch of corporate robber barons who micromanage our lives also control the only sites to which we can connect with our second-class connections, carry on ignoring IPv6.
Re: Simple explanation
Pray tell, how long did it take for you to find out that an IPv4's octets cannot be greater than 255? Or that a /31 is useless? IPv6 addresses are simply a string representation of 128 bits. IPv4 addresses are the same but 32 bits. If you can't read hex you really shouldn't be messing with stuff like this.
I suspect that's why the initial design called for embedding the MAC in the last 64 bits padded with ff:fe, since that forced you to think in hex and discover how simple it is. Obviously, this didn't work for everyone.
And, if you really want to memorise addresses, you can always go static. Your site prefix is 2a03:dead:beef::/48. Your router is on 2a03:dead:beef::1. Your LDAP&KRB5 primary is on 2a03:dead:beef::10 Your DNS boxen operate split-brain serving one set of AAAA and PTR (ip6.arpa) records and recursive service for 2a03:dead:beef::/48 and authoritative, if needed, for foreigners doing lookups on your ip6savvy.example domain. Your firewall blocks anything forwarded in/out on [2a03:dead:beef::]:137-139,445 and keeps a state table of all other traffic out, only letting requested packets back in unless there's a service running. Your workstation in mission control is on 2a03:dead:beef::1337. Eventually it becomes utterly mundane, boring and just as logical as IPv4.
Where is does fall down is all the maddening hoops, MTU settings, tunnel endpoint updates and protocol-breaking new packet types it takes¹ to actually get a sodding connection to the outside world, fending off detractors and nay-sayers while network access providers continue to argue, bitch and moan about how difficult it all is despite the fact that Murdoch's merry band of fraction-wits managed it right across their network without anyone ever noticing.
If IPv4 is so simple, without looking it up anywhere. give me the list of bogon, multicast, loopback and RFC1918 prefixes. No, seriously, I haven't checked my bogons list in a while...
¹ Actually, if you run OpenWRT with the SIT and luci-6in4 modules, it's a doddle. Whatever a doddle is.
"we offer IPv6 and nobody except Googlebot uses it."
And your target demographic? Lemme guess, cat videos. Auntie Mabel reading her e-mail wouldn't know an IPv6 from an IP Freely.
For the rest of us, there's IPv6 or CG-NAT. The choice is yours but don't come crying to me when you can't run a simple e-mail server on your endpoint because it's behind multiple layers of unpredictable NAT and the incumbents have you stitched up like a kipper. Want your own domain? Want to access that NAS from the wider 'net? Need to run a VPN? KER-friggin'-CHING!
Follow the money, son. YKIMS.
Re: Sorry, but it's a very poor sensationalist article
The takeaway from this article is that FB devs don't really know exactly which permissions they're asking for so they're taking the cluster bomb approach, as in ask for everything. Android permissions are granular for a very good reason and, on Lineage, they're thrust in your face at every opportunity to give you a choice if you have privacy guard enabled by default.
One wonders just what other permissions they have "accidentally" requested on install if they can "overlook" a root request. Send premium texts? Activate the camera or mic? Dial 09 numbers?
FB is looking more and more toxic by the second.
. <- and that's the point
Re: limit vaping to 20 watts
Two words for you, Missing Semicolon: Duty cycle. This is not continuous draw. Most regulated mods have a "timeout" function to stop exactly this failure mode.
Re: Vaping is NOT smoking...
Upon reflection, the headline is a bit shit too, given that someone is quite recently dead in rather unpleasant circumstances.
Yet they missed the one where matey tried to make his own "oil" and ended up with lipoid pneumonia - which was again blamed on the vaping community when, in reality, it was just another sodding numpty with zero clue. There's enough information out there on the constituent parts of a safe e-liquid that even a mouth-breather with ten left thumbs could do it.
As for drug addiction, @lost all faith, the first time a vaper is caught mugging an old lady for the £10 of her pension she has left or, indeed, doing anything else harmful to others or self-destructive to buy some e-liquid, I'll admit there's an overlap. Until such time, mind your own sodding business.
Re: limit vaping to 20 watts
Because your way of vaping is The One True Way, yes?
I vape at 15 watts on a DNA40 box mod and a modified Kayfun 3.1ES. I agree that 20 watts is all we need - we being you and I. Why should everyone have to conform to our narrow definition, though? It's this kind of one-size-fits-all oversimplification and micromanagement that ruins everything.
Vaping is NOT smoking...
Ah, bollocks to it. Obviously El Reg hacks are convinced that the two are comparable after the second article with a tagline featuring the word "smoking."
I prefer "wilful." You can't be that clueless by accident. It takes effort.
maybe it's MS changing the APIs in ways they thought might not damage anything.
FSVO "anything," as in "this is our massive pool of unwilling beta testers. Nothing mission critical here."
Re: GDPR Nirvana versus reality
It's not as simple as that. For example if I run a pub and I want to count the number of beers you've bought so that I can charge you the right amount for your tab, I can. You can't withdraw consent for that and still expect to be served.
Quite, but by the same token I wouldn't expect you to follow me around town totting up the number of pints I have at other pubs, either. We also have a choice, to drink elsewhere where you can pay for a round as you get it at the bar with anonymous cash money. If you try to process the data on those transactions, especially around here, you'd probably end up taking your next meal through a straw and shoving your toothbrush up your arse in the morning as that's where your teeth now reside.
The CRAs don't limit their slurpage. You don't have a choice. This is what we're hoping the GDPR rectifies - and not just with the CRAs.
Re: Have you seen the credit reference parasites' answer to this?
Payslips, employment status and all the other metrics that worked just fine before Big Data came along and took informed consent away. The fact that you still want to sell loans to people does not justify this massive, uncontrolled and invasive gathering of data on everyone. In fact, it's more like a protection racket than a business. Nice credit rating you have there. It would be a shame if something fucked it up, eh? Buy this monitoring service to keep an eye on our balls-ups that could cost you dearly...
On that note, there should also be a duty to inform whenever a financial or other institution sends or requests data from one of these places. Relying on a subject access request to find out what lies they've collected, who you're linked with, how bad the fallout from the identity theft incident four years ago was and what addresses they've decided you're liable for the debts therefrom without any oversight is not acceptable. It's very much like having to go cap-in-hand to Crapita every two years when you don't need a TV licence to prevent them pestering the hell out of you.
In other news, it's going to be fun watching the card issuing biggies deal with GDPR. So, Visa, how do you use that purchase history data these days?
And disk mounting
Well, I am compelled to agree with most everything you wrote except one niche area that systemd does better: Remember putzing about with the amd? One line in fstab:
nasbox:/srv/set0 /nas nfs4 _netdev,noauto,nolock,x-systemd.automount,x-systemd.idle-timeout=1min 0 0
Bloody thing only works and nobody's system comes grinding to a halt every time some essential maintenance is done on the NAS.
Candour compels me to admit surprise that it worked as advertised, though.