3764 posts • joined 15 Mar 2007
Re: Clippy is now AI?
Nope, it is AS
Very much so.
Most calculations for availability are based on the assumption of independent errors. Things like bug and manufacturing flaws, along with external "stress events" like lightning or A/C failure, are never EVER included as a realistic model.
That scary old system with 'do not touch' on it? Your boss very much wants you to touch it. Now what do you do?
Re: Insurers, banks, board of trade, government...
"actually produces the in-production machine code"
Is a very valid point, and not just from the aspect of someone editing the machine code to fix a minor bug without facing hours of compilation time.
You also have to deal with the problem that very likely what is archived was not the "last" version of what was compiled since not every project has good code management using CVS/SVN/GIT, etc and built-test cycles that are followed.
In one rather sad case a programmer I knew died and several months later the company had wiped and re-used he PC. Then around a year later they realised the in-use executables were build using a version that had been on that PC but had not been checked in to the central repository. Had they only bought a new HDD for the machine...
Re: At this point..
And yet governments seem only to ban Chinese kit due to this sort of allegation...
Re: offsite backup
There are many ways to destroy data integrity, not just the obvious ransom-ware or HDD failure, but also examples of electrical surge, fire, flood or some oik nicking the thing.
Having an off-site copy is a VERY GOOD IDEA and if you want to DIY then you could sync two NAS locally, move one off-site and then have an rsync job (ideally taking a copy of the most recent snapshot so it is all consistent in time).
Of course you also need to check it is working, not just initially but also months down the line, and to try your recovery process as well. You REALLY don't want to find out its not quite right after a major event!
Re: Customer caught
RAID != Backup
But a NAS that supports automated daily snapshots would have had a sporting chance of recovery with but a day's lost data (e.g. the feature on FreeNAS that comes free with ZFS' inherent copy-on-write operation).
why I use FreeNAS
Not to mention it using ZFS with the data checksums and periodic scrubbing to help fix/detect any HDD problems early on.
Simple and cheaper still, why not have a small "honesty box" next the a couple of main roads for anyone to put in any customs duty they think is needed?
Could be done on time, will cost less than what is not collected, and might have a slim chance of stopping a return to border bloodshed once more.
Why did I read that as a infosec necromancer? Maybe it is closer to the truth.
Re: 33 zettabytes a year?
Not so much cat photographs as pussy photographs. Just ask Mrs Slocombe...
Or a reason to jump to another country..
If doctors had done this on the golf course nobody would care.
The key here is not that it is a doctor, nor that is it a golf course, but that is was a spoken joke that has no permanent internet record to come back and bite you (or anyone else) in 1 day, month, year or decade.
Today's generation of social media users seem not to think even as far as who sees a post immediately, let alone the long term.
Re: The terminology is not the problem.
No the safe word is FLÜGGÅӘNKб€ČHIŒßØLĮÊN and is covered here:
Actually I often think "Is there a CPU without any 'secure enclave' features that would allow me to know my machine has no BIOS or microcode-level root kit?"
I don't know of any product the Vultures describe as secure. I guess it comes down to any product that claims to be security-related is given the "allegedly" treatment here.
Still, this is Yet Another Lesson in the need for layers of security, you know like an Ogre has. Or was that an onion?
Remember the 90s when you were told "don't run unknown software on your computer" at every point in a security lecture? Well now we do it every day in our web browsers.
And mostly its there for shitty advertising reasons...
"Whether the DVLA would be willing to accept a privacy regulating role that's outside its remit is questionable"
They don't need to have a regulation role, just to provide a stable and well-documented API that allows the car companies to automatically wipe personal data on ownership change of a given VIN.
Then make it clear that the car companies are liable under the GDPR and the prospect of being sued a percentage of global turnover will focus their minds magnificently.
Re: New! It's the elReg trip advisor
Edinburgh hotels can be a bit expensive and hard to find during the fringe festival, but there are many good places stay and see. If you can only do a couple of days stop-over in Scotland then Edinburgh is probably the place to go. It is even worth going on one of the open-top tourist buses to get a quick overview of the city.
If you have some more time then a trip to Glasgow is worth while (historic rival to Edinburgh) as it has plenty of good restaurants, night-life (and low-life if you like that sort of thing), and a trip to the highlands for the scenery (weather permitting, but that can change on an hourly basis).
For most of the highlands then a car is really needed, but if you don't want to drive then it is easy to get to Avimore by train (also has a historic steam train line if you fancy that, or the funicular railway up Cairngorm mountain) and the east coast train from Glasgow to Malaig has some amazing scenery (including the Glenfinnan Viaduct that featured in the Harry Potter movies) but you really should stay over at Malaig, not just for the peaceful experience but also as as it is not practical to go there and back in the one day.
Neutron star crash in a galaxy far, far... far away spews 'faster than light' radio signal jets at Earth
And maybe also the answer will reveal time.
And for the rest of the world?
Thing is if the 5-eyes get together and demand that companies in these regions give them this back door, what will the rest of the world do?
1) Say "Its a fair cop, we trust you, here you go gov'ner"
2) Say "No 5-eyes software or services here" and thus provide a gov-mandated alternative for EU/Russia/China/India/etc
Re: For all your searching
My search engine of choice due to its fairly anonymous behaviour (and one of the first to use https from the browser's plug-in).
But I still go to Google for cases when I actually want to see stuff to buy as they seem to do better at returning UK based adverts/shops then DuckDuckGo even though they have me down as UK-based.
What, to 3D print penises in 12" size?
How Pintsize sees himself =>
Some ne’er-do-wells could just upload files of penises in all imaginable (and some unimaginable) sizes and shapes just to the lutz
Not that I, as an upstanding member of society, would suggest thrusting such a prank on an already suffering world.
Re: still expected to take away about £1.7m
Sadly you probably have to be jailed for that.
Re: Unintelligent design
I think most would root Jezebel
Re: More to the point
We can't "disable" it but there was talk of withholding an export license for any new satellites, etc.
I suspect it would just be added to the Brexit divorce bill if we did as I guess we were contracted to supply it and *we* were the ones who decided to pull out of the agreements.
Re: UK has the resources
In principle eLoran is not nearly as accurate as GPS-like systems, but in practice it is good enough for many activities where 10m or so is sufficient (like not being lost at sea).
Main advantage is the high power low frequency system is harder to jam over any significant area, and it would not cost billions to cover the UK. But using it world-wide has the problem of enough ground based transmitters and their running costs (maintenance, power).
As a fall-back for accurate timing and frequency control in the event of GPS outage for whatever reason it would be great, but again with a small market it is unlikely to be developed and unless it is forced upon operators of critical infrastructure then they won't spend the money to add resilience.
You see this is what happens when you use hardware that was never developed in close cooperation with the OS supplier. Oh wait...
If Google was serious about its phones then it should give every employee one and insist they use it, and it alone. Then enough internal feedback might just get the bugs fixed...
Re: /tmp noexec
If it uses the package manager to update then the Debian guide has stuff to re-mount as exec just for the time during updates: https://debian-administration.org/article/57/Making_/tmp_non-executable
Better choices out there
If they are saying to change file system, why not migrate to another cloud provider that actually gives you privacy with "Zero-Knowledge" user encryption? A quick search has Sync.com, pCloud, SpiderOak One, Tresorit, and MEGA as listed "best of" for 2018.
Re: Long ago.
We have 5 nominally identical machines used for "industrial control" use, all around 6 years old now. But one of them turned out to crash at roughly 2-6 month intervals. Memory tests, etc, revealed nothing. Second time it happened it was at 9.30pm on a Friday night while I was out for a beer or three and I had to persuade the security guy to let me in and up to the top floor to push the reset button.
After that we put watchdog daemons on all of them (and quite a few other machines as well) and in practically every case it has saved physical intervention to restore operations.
Top tip - edit your settings so the machine just fixes any file system anomalies and continues, and is not sitting there prompting you to decide on the action. For example:
In general most modern file systems will be OK for any automatic repair, if not then you were going to have to reformat and restore your backup anyway...
Re: You're Doing Corporate WiFi Wrong
Any sane company has at least two wifi systems: one for user's own phones / visitors / IoT crap / etc, and a 2nd (or more) that is more locked down and only for approved corporate devices that need to access internal systems.
Re: A wavelength of 200 ... metres
It was on 200kHz originally, but shifted a LONG time ago to be 198kHz as a multiple of the 9kHz AM band spacing.
We still have an old QuartzLock 2A off-air frequency reference that provides an accurate 10MHz from that LW transmission. Shows a little of the general wobbles (about 3E-8 at 1s interval) and day/night changes though, but if compared to the recent very stable GPS-based QuartzLock E8000 reference they agreed to better than 1E-10 over a day or two averaging.
Re: struggle to get good reception
Today, yes, mostly due to broadband interference and shit el-cheapo SMPSU.
But more seriously due to Radio Luxembourg stopping AM transmissions some years ago.
Re: It was aliens wot did it
Oh dear, am I at risk of being penetrated by a Pointy Mummy now?
Re: Good idea.
A major factor is there is no root account. So you have to guess both the account name(s) that have sudo rights AND a matching password. If you ever look at your SSH/auth logs without any tight IP restrictions you will see lots of attempts to log in with names such as: root, admin, pi, test, oracle...
I find the argument that home users are "used to Windows" is odd these days, most non-technical folk I know of use tablets and rarely touch a laptop/desktop (gaming aside). At one point MS argued that the stable and predictable GUI was a big reason to stick to them, and for Win95/98/NT/2k/XP (without the Fisher-Price style, which was a simple option to select) that was true. But given the general fscking of the user interface over the last decade or two (from 'the ribbon' the the disaster that was win8) that is long gone.
Sure you can lock down a remote device, but that would not be a home user's device but a corporate laptop. Who would allow their work to administer and lock down their own laptop? To restrict the pr0n-browsing opportunity?
Good to see NXP still there
The trend for borging semiconductor houses is bad for all: they asset-strip the acquisition for its most profitable lines and dump the rest. Not because they are not in-use by designers world-wide and valuable to many, but simply because they are not "profitable enough" for the new owners.
Re: david 12
It is true you could install a 3rd party NTP build for Windows for some time now (e.g. from Meinberg), but it has taken a LONG time for Microsoft to get with decent time-keeping.
But you are wrong about 90s UNIX systems, we had Sun machines in the mid 90s that had microsecond format clock reporting (via gettimeofday() calls) even though I think they actually used the RTC oscillator so had 30.5us tick steps from the "watch crystal" used behind them. So better than 100us there. However, it is possible that older Linux boxes were millisecond ticks but I did not have much experience of those until the mid 2000s by which time they were us resolution.
Also this was in a university setting so we had a 2Mbit WAN and reasonable delay stability in the 90s, though of course small businesses and home use was still often dial-up until the 2000s and that would set a significant limit on time setting.
NTP & networks
Incidentally it is not symmetric network delays that cause errors for NTP and similar, but asymmetric ones. NTP knows the round-trip time so it knows if the server is correct what the maximum ambiguity is, and with several servers (always recommended) a bad clock or strange delays on one path can be seen and rejected.
However if you have a system with an asymmetric delay on all paths (e.g. your ISP) then all clocks sources are biased by the same amount and so your server is set to a slightly wrong time. For example my home cable broadband system seems to have an asymmetry of around 3ms when compared to a local GPS-based server. As your round-trip delay is reduced (e.g. NTP server on LAN instead of over the WAN) then such errors are reduced.
PTP is not a "magic" solution to this dilemma, but as it runs on the LAN only and normally via switches that are designed to accurately transfer delay information and with network cards employing hardware time tagging you get greatly reduced errors in all of the locations that NTP sees as one 'blob' of delay, leading to much higher accuracy.
We already have well defined time scales for all cases, its just that many computer programmers don't know or care to use them.
For a smooth linear atomic time scale we have TIA where there is a fixed epoch and time is simply atomic transitions from that point. No Earth-related movement is considered at all. Internally GPS uses a similar idea, but its epoch matched UTC in 1980 and the offset GPS-UTC (which changes with leap seconds) is part of the broadcast information.
For Earth-related work we have always used one of the UT scales (UTC, UT1 and UT2) as they are related to mean solar time, and for as long as humans have bothered with time keeping the cycle of day and night has *defined* our sense of time and date. It is only in the last century or so that we have had access to clocks that are better then the Earth's rotational rate as a time base. Now we have some people saying:
"Keeping track of leap seconds is too hard for computers to do (i.e. lazy programmers ignoring the long history of time keeping) so lets get rid of them as who cares if mean solar time is no longer mid-day?"
But many people do care, and many systems relating to astronomy or satellite use already exist that are based around the previous internationally agreed definition of UTC being kept within 1 second of the Earth's rotation, so they would be broken by such a change.
Windows get proper NTP
Really what they are saying is Windows server 2019 gets the sort of NTP based time keeping support that *NIX systems have had from the 90s?
OK, the PTP support is a newer thing with most systems based on the 2008 spec but it also needs switches/routers that support it if you are doing it properly. As for Google's fugly fudge of time-smear - don't. Please just implement time keeping properly and actually test your systems on the infrequent but inevitable leap-second events.
Also what guarantees that the upgrades in 5-10 years will still fit the storage on budget IoT devices built now?
Re: Is it important?
Point is with FTTP there is no practical bandwidth limit on the infrastructure: change the end point transceivers (assuming enough backbone capacity) and you can get 1GB or possibly 10GB symmetric speeds. At least and order or more of magnitude faster than last-run over copper.
Indictment bombshell: 'Kremlin intel agents' hacked, leaked Hillary's emails same day Trump asked Russia for help
Russia has viable opposition parties?
Another big factor (if you pardon the pun) is the number of people using their phone for both the internet access part (i.e. user-name/password entry) AND for the 2nd factor (e.g. text message code) so once again the phone becomes a single point of failure in security terms.
Re: Symptoms of misguided policies
You are right about "collateral costs" but also we can look at the biggest addictions (smoking and alcohol) and see how they are managed around the world. Generally they are legally available so the quality is mostly 'safe' but with restrictions on sale, use (e.g. smoking bans in public buildings in many places), and advertising along with various campaigns to promote more responsible use.
Now it is not a complete success but overall it seems to be better to manage and tax it than to have prohibition and funding organised crime.
Ah yes, the 9/11 case that killed something like 1/10 of a year's worth of USA gun accidents (or substitute "road traffic accidents" if you are a NRA member).
Also it is pretty obvious in that case the perpetrators should have stood out like a sore thumb but human failings and department rivalry largely had them ignored, which is exactly the same sort of reasons why powers tend to be abused if no checks & balances are applied.
You seem to make the common mistake of thinking of the EU as a single body.
The EU commission is largely made of gov wonks and tend to do the same sort of shady back-room deals that most governments do, but at least their masters can join the tabloids in blaming the "Evil EU" for making them do what they were lobbying for in the background anyway. Just like the UK gov and the telco data retention directive, for example. These are the ones trying to put a plaster on the current EU-US deal.
Then you have the MEPs who actually do a public debate and (mostly) democratic vote as they don't have much of a party-political goal scoring agenda like most lower houses. These are the ones who seem to be standing up for individual rights, just a shame our own MPs seem to care for none of it.
It would be even better had we (the UK) not voted in wasters like Farage who, whether you are pro-EU or anti-EU, did SFA to help any UK interest in any debates or votes.