nav search
Data Center Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

* Posts by SImon Hobson

1534 posts • joined 9 Sep 2006

Apple takes $9m kick down under after bricking iPhones

SImon Hobson
Silver badge
FAIL

Re: weird decision by Aussies

Ah, and thus the ignorance showeth. Time for a bit of education

From the person demonstrating their own ignorance in incorrectly trying to correct someone else's !

Power negotiation over USB cables is a thing that does NOT require the sort of shenanigans done by Apple. Look it up, there are agreed standards for such negotiation - and if there wasn't once that was adequate, then Apple could have done their own in a way that did not prevent use of 3rd party cables.

What Apple DID do was to use technical measures (chip in cable, phone talks to chip, phone refuses to work if right response isn't received) to make it so that cables without the right chip&software would not work for things like playing video to an external screen and so on. Simply, it was a tax - pay Apple's prices, pay "approved" 3rd party prices (which includes fees paid by the 3rd party to Apple), or don't get a fully functioning cable.

It really is that simple - the primary reason for the way it was done was to prevent the option of using inexpensive 3rd party cables. IIRC they dressed it up in the usual "to protect the users from poor quality cables" lies - but ultimately it was protectionism pure and simple.

As a user it would (if I had one of the devices) be my right to choose whether to pay for an Apple (or approved 3rd party) cable or to use a cheap cable and accept that there may be issues. I could (just about) accept Apple putting up a notice when a "cheap" cable is plugged in, warning of the risks, but what they have done is wrong and should be illegal.

This result (on a very related topic) in Australia is one tiny step in the right direction. The money is irrelevant - it's the public slap in the face and the finding that what they did was illegal and wrong that counts.

4
0

Visa fingers 'very rare' data centre switch glitch for payment meltdown

SImon Hobson
Silver badge

Re: Still not understanding

Why it took so long to disable the failing switch once it was identified

As already said, the guys that wold have been able to diagnose this AND do something about it have all gone. The people running it now will probably be junior techs on a different continent with a) manglement imposed limits on authority and b) culture imposed limits.

The latter is important. For many of us in northern Europe it's seen as a good trait to be able to sit down, look at the evidence, and formulate a theory as to what is wrong - and formulate a plan for how to fix it. So as already said further up the comments, a good ops team would probably have had it fixed before many people realised there was a problem.

But AIUI, in many of the places such functions are offshored to, there is a different culture - where individualism is frowned upon, and the techs are supposed to "just follow the flowcharts". In such a culture, to get the offending switch powered off would require the problem passing up many manglement levels, endless meetings, and above all - discussion of who takes the blame.

A secondary factor is the modern disease of not supporting people to make decisions. So even if a techie did realise that "all it needs is to power cycle this switch" - it's a very secure person who can take on that decision and expect his manglement chain to support him in doing so. More normally, the "safe" option is to do nothing - it's not your fault the system failed. But go and do something that should fix it, but for some reason doesn't - well your head is on the block for doing it.

Go and read some of the "the day I ..." stories in ElReg - and in particular the comments. Some of the best ones involve the person "doing something" but being supported by their managers on the basis that "the only person who never made a mistake was the one who never did anything".

3
0
SImon Hobson
Silver badge

Partial failure... is NOT rare

... having a well trained ops team ... It also needs to have the authority to do so.

So much truth, and only one upvote allowed.

I've only been in a very low level of networking - even I've seen more than one instance of such partial failures, switch has failed to switch packets properly but still looks to be OK. There's a limit to how much you can automate for such situations, but as you say - a well trained ops team with the right monitoring and the authority could have dealt with this in a timescale that would have made it into a "Visa had a blip yesterday, nothing to see here" in the next days back pages instead of the major incident it was.

As I wrote in a comment to one of the earlier reports on the problems - the problem users saw was not due to a hardware failure, it was due to an organisational failure to properly plan for forseeable problems and put the right measures in place.

2
0

Microsoft shoves US govt IT contract where ICE throws kids: Out of sight in a chain-link cage

SImon Hobson
Silver badge
Mushroom

Re: Separating kids from parents ? Us Brits can shut up, oh, so can the French!

Not to mention the Home Office insisting on original documents being sent to them - and then routinely losing them leaving the applicant up the brown creek without a paddle. Even if the documents aren't lost, they (HO) can take ages to process anything - no, they don't appear to have a system where they check the documents and return them while they process the application.

See https://forums.theregister.co.uk/forum/containing/3547043

Treasonous May has a lot to answer for - she was quite happy to put evil policies in place while she was in charge there.

Icon for what the people responsible deserve.

1
0

Apple hauled into US Supreme Court over, no, not ebooks, patents, staff wages, keyboards... but its App Store

SImon Hobson
Silver badge
FAIL

Re: On balance, I have to support apple

this applies to pretty much any device

Downvoted you for this shortsighted and dangerous attitude. It's precisely because people accept the "everyone does it so 'so what'" argument that it's been able to prevail.

As I wrote in an earlier reply - if Ford, GM, Toyota, etc, etc ALL decided to make it so that they could control where you got your car serviced, where you could buy your petrol, where you could buy your (eg) tyres, and where you could drive it (eg, it just won't drive on any "road" not in their database). What then ? According to you that's perfectly OK because "everyone does it". Not for me it's not - "everyone does it" is not a measure of "rightness" !

In the automotive world, no manufacturer could manage that (not even Tesla !) - YET, too much competition. But I bet we'll see creeping restrictions in the future if it doesn't get stamped on. For reference, this is exactly the sort of complaint that's getting levelled at John Deere - they are busy using DMCA to prevent non-authorised people servicing the tractors they've sold, ie using the software element and the bad law passed for the computer & entertainment industries to control what the farmer does with the tractor that the farmer apparently no longer owns outright*.

* IMO, one measure of "do I own it outright" is "can I do what I like with it". If the manufacturer retains some controls/restriction then no, I don't own it outright.

0
0
SImon Hobson
Silver badge

Re: ugh. Its sooo obvious..

Apple built and owns its app store and has every right to set whatever conditions it wants on the apps being sold there

Yes, but ...

OK, this is a bit of a strained analogy, but suppose Ford implemented a system whereby when you bought a Ford car, it could only be serviced by Ford, would only accept petrol from a Ford garage, could only use tyres bought from Ford (even though still made by Michelin, Dunlop, etc) - and for good measure, had controls in place that would prevent you using it in certain ways. Basically you have bought the car but Ford effectively controls how you can use it*, what fuel you put in it, what tyres you put on it, etc, etc.

The same argument applies - if you don't like the policy, don't buy a Ford. But that only works if GM, Toyota, Seat, VW, and all the others haven't done exactly the same thing. In the mobile market there are two main options - Apple and Android (with Google applying similar controls, just more easily worked around).

* Example. There is an iOS app for doing WiFi surveys, only available if you jailbreak the device because Apple won't permit it in their store. So you have to jump through some pretty tricky hoops to do a basic network function. Similarly, the iPad I have doesn't support me using a bluetooth GPS - it's cpaable of it because there's a third party option to enable the support, again only possible on jailbroken devices. Yes, two specific function where Apple has specifically denied me the option of using MY device (yes, I paid money for it, so it's mine) for what I want to use it for - unless I jailbreak the device which they go to great lengths to try and prevent.

Oh yes, for good measure - doesn't anyone remember the cases (note the plural) where apps eventually got removed from Apple's App store for doing nefarious things. Apple checks that the App only uses official system calls and stuff like that, but it's unable to police an App "phoning home".

They also deliberately separate "customers" from "suppliers". For example, if a newspaper wants to sell a subscription to a reader, Apple's way doesn't allow that seller to know who the buyer is. OK, privacy by default - but it removes the option for a buyer-seller relationship. IIRC they went as far as changing the rules to insist on the seller using Apple's process - thus blocking direct sales AND allowing them to pocket 30% as a bonus.

0
0

Asylum seeker spreadsheet data blurt: UK Home Office loses appeal to limit claimants

SImon Hobson
Silver badge

After what I've been reading ...

This does not surprise me at all. It seems that the Home Office is institutionally incompetent - not just implementing bad policies, but incompetent in handling just about everything. It's clear from some of the complaints levelled against them that they have no systems in place to do the job properly.

Things like losing important documents (e.g. foreign passports, marriage certificates), meaning that people are left in limbo - unable to get on with their lives (no passport or driving licence means you can't prove you are who you say you are, can't get a job, can't rent a home, and are really lucky if the Home Office doesn't suddenly decide you are an illegal immigrant and start the process to chucking you out.

Even if they don't decide to throw you oout, not having such documents can screw your life up - such as having your bank account frozen because you can't prove your identity.

Or using minor errors on tax returns to label you as a terrorist and throw you out.

But worst of all, they seem to have a policy whereby they can declare someone an illegal immigrant/terrorist/whatever and the process isn't put on hold pending appeals. I.e. they can screw someone over and leave them unemployable, homeless, etc while the Home Office take their leisurely time over deciding if they made (yet another) mistake.

2
0

Da rude sand storm seizes the Opportunity, threatens to KO rover

SImon Hobson
Silver badge

Re: A place in history

Pah, 25MHz, 20MHz, 2MHz - you youngsters today don't know you're born.

I raise you 1MHz and just 1kbyte (yes k, not M or G) of static RAM.

Obligatory Monty Python sketch :-)

3
0

Devuan ships second stable cut of its systemd-free Linux

SImon Hobson
Silver badge

Re: systemd-free?

It might help to understand that there is a difference between Debian where it might be possible to remove sysemd and Devuan where it is not present. If you do remove systemd from Debian then you are on your own - the only supported arrangement is with systemd.

So packagers are free to remove SysV init scripts - not insurmountable as you can provide your own, but still more work.

Packagers are free to remove (eg) calls to traditional syslog and only call systemd's ginger haired stepchild of syslog - so if you remove systemd then you will either have no logging or the package won't run at all. If you try raising this as a bug then you'll get a "wont fix" as you are running an unsupported setup.

This problem will only get worse and worse as systems continues to re-invent (often badly) more and more existing tools.

IF systemd had only been an init system as was originally claimed, then there wouldn't be the vitriol thrown it's way - it would be easy to toss it out and re-instate SysV init or put OpenRC in. But it is NOT an init system - it's a giant hairball of cruft that links far too much together in a non-modular way*. And for good measure, because it lumps so much into the hairball, then it vastly increases the attack surface for bugs. It's designed to encompass as much as they can borg into it - and many of the changes are explicitly designed (even if non-intentionally) to break compatibility and force an either/or choice on packagers (such as whether to use the new supported systemd logging or use the (eventually) non-supported syslog).

Had I still been working at my last place then I'd now be in the process of migrating quite a few systems from Debian to Devuan - all had been held at Wheezy as I wasn't prepared to allow systemd onto production servers.

* Don't let the pro-systemd camp confuse you. Just because code is in a number of modules does not mean that it is modular. Modular systems allow you to replace any module with a different one - such as replacing "syslog" with "syslog-ng" or "rsyslog". Systemd doesn't even provide a stable API between modules, so it just isn't possible to swap out a single module without a lot of work in reverse engineering an API and then watching for undocumented changes in it.

6
0

Open Source Security hit with bill for defamation claim

SImon Hobson
Silver badge

Re: Open Source Security Inc. Doesn't Make Open Source

You may use, copy, modify, and distribute any Linux kernel modified by combination with grsecurity patches under the terms of GPLv2.

What's the issue?

What about redistributing the source for that modified kernel ? GPLv2 says that if you modify and distribute a piece of GPLv2 code, then you are required to provide the source if asked for it.

AIUI, grsecurity also allow you to redistribute the patched source - but if you do will terminate your contract with them. That's not exactly allowing you to redistribute in accordance with GPL - it's basically saying that you can't redistribute if you want to carry on getting their patches in future. That's what Bruce Peren's opinion was about.

1
0

Visa Europe fscks up Friday night with other GDPR: 'God Dammit, Payment Refused'

SImon Hobson
Silver badge

Re: Cashless society

If a piece of hardware can block some half a billion visa cards from working

That was my first thought when I heard about it on the radio - this was not caused by a hardware failure, this was caused by inadequate/faulty business continuity planning. If the BC plan had been adequate AND had been correctly implemented, then there would have been a minimal outage for a minimal period of time.

The scale of the outage (EU wide) and it's duration clearly shout that the BC plan was not adequate or was not correctly followed. So it was a preventable outage.

So what's that about having all your eggs in one basket ? Can't remember the last time I was offered the opportunity of having a Mastercard, it seemed everything was Visa these days.

13
1

Whois? Whowas. So what's next for ICANN and its vast database of domain-name owners?

SImon Hobson
Silver badge

Re: Personal vs business

I've seen other sites in the past though where not even the ToS mentioned any names beyond whatever the brand (site) itself was called

At a previous employer, they wanted to setup a web shop under a different brand name to the ones we were already using. Being in IT I got to see a draft of the website before it went live, and had to go to manglement and point out that "err, this website isn't legal" - and then had to point to the specific legislation (Company Names Act of some year or other IIRC) where it specified what information must be present on any communications. Grudgingly they put the company details buried somewhere on the T&C page where they wouldn't be found.

2
0

GDPRmageddon: They think it's all over! Protip, it has only just begun

SImon Hobson
Silver badge

Re: @AC

Your HTML (or JavaScript or however you put adverts on there).

As I read it, his site does not put the adverts there - his hosting company does it when sending pages out. Ie it's the hosting company that is modifying his code before it gets sent to the client.

I would suggest that it's STILL the website owners problem - they have chosen to use that hosting outfit to serve their site, and they need to ensure that they have appropriate contractual clauses with the third party (the hosting company). In this case, the hosting company (or the ad companies they subcontract to) is going to be collecting data that is in excess of what they, and the website owner, needs to collect in order to perform the act of serving up the website. Thus the hosting company is in breach of GDPR, and the website owner is in breach because clearly they do not have contractual terms in place that would (or should) avoid this.

0
0
SImon Hobson
Silver badge

Re: Brexit.

If the EU has a problem with UK data protection they can fuck right off ...

Ahh, but there's a difference between Privacy FigleafShield and any future EU-UK arrangement. With the EU, they desperately need to not kill transatlantic data traffic - and regardless of what anyone might say, to kill off transatlantic data traffic would have caused massive hurt all round.

With the UK, the high up people will be keen to "make it painful" for us (some have publicly said they would, to discourage any other countries from trying to leave) - so I suspect we can look forward to being forced to jump through lots of hoops and play much much better than everyone else.

0
0

Ongoing game of Galileo chicken goes up a notch as the UK talks refunds

SImon Hobson
Silver badge

Re: @ Roland6

Unfortunately, for this to happen you tend to have to schmooze and not insult each other...

And unfortunately such schmoozing was never going to happen. It was clear from the outset that "the EU position"* was going to be "we'll do anything we can, even if it hurts us badly, to make it painful for the UK". Given that "the other side" has taken up a position of "we aren't interested in any agreement that doesn't punish you for leaving" - hard to see how any sensible agreement could be likely.

* Based on statements made by senior EU bods

0
0

Mobile app devs have, oh, about 9 hours left to decide whether to stay on Google's ad platform

SImon Hobson
Silver badge

Re: loads of email about GDPR asking me to sign up

If you already have suitable consent (a pre-ticked box or scraped data isn't consent, then the email is pointless, and might be illegal depending what it asks.

Not quite.

AIUI many data controllers do have consent - but might not have evidence to the standard required under GDPR, and might not have given clear enough information to the level required by GDPR. Because of this, AIUI the ICO is recommending that data controllers go back to the data subjects and get fresh consent - so they can show that they have obtained informed consent from each subject.

0
0

Finally: Historic Eudora email code goes open source

SImon Hobson
Silver badge

Re: I paid for it...

I paid for it too - great program, but with "some issues" (in particular it had some issues with IMAP accounts).

Someone mentioned supporters not providing a single point in it's favour - so I will. It had a good UI.

By good, I mean it showed different mailboxes in different windows - instead of this really stupid modern idea that everything has to be in one window where you switch mailboxes from the menu on the left. The Eudora way is just so much easier to work with.

I only stopped using it when a system upgrade stopped it working.

0
0

Openreach consults on shift of 16 MEEELLION phone lines to VoIP by 2025

SImon Hobson
Silver badge

Re: So, can somebody clarify for me?

AIUI what they have done so far when doing "fibre only" connections is to terminate the fibre into an NTE (there needs to be something) which DOES include a terminal adpater to allow an analogue (POTS) phone to "just plug in". So customer gets to keep their existing phone (and internal wiring), all that is different (for the telephony) is that the master socket is bigger and needs a power supply (so an issue if there isn't a mains socket nearby as there often isn't).

The NTE also has a socket into which the router is connected (router, NOT modem+router) and the router just needs to talk IP over ethernet or PPP over ethernet depending on how the service is presented (I've not read anything saying much about that side).

At work, I've worked with a few services which were just presented as plain routable IP over an ethernet connection - the provider's NTE handling all the fibre-something conversions together with any protocol conversions that might be needed - so from the end user's PoV you just talk IP over an ethernet link. Makes it a doddle doing your own routing/firewalling/etc - especially in our own office where we had a whole /24 to play with :-)

1
0
SImon Hobson
Silver badge

Re: No thanks

i.e. All at once, so you wouldn't be able to make an emergency call?

See https://www.raeng.org.uk/publications/reports/living-without-electricity

Large part of a city without power for "some time". POTS still worked thanks to the copper connection and exchange batteries. If your end users are reliant on an NTE battery with a life of just one hour then such a failure would lose you EVERYTHING at the same time. Note that the emergency might not occur within that first hour - your proverbial elderly relative may fall during the night following the power cut (perhaps trying to get around the house in the dark).

2
0
SImon Hobson
Silver badge

Re: Problems

neither lifts nor mobile phones can be relied upon in the case of a non trivial power cut

Absolutely. However the same might apply to fu;l fibre products as well - see below ...

Fortunately, the chances of significant losses of supply are reducing as fast as market forces are encouraging the UK supply industry to invest ...

Quite the reverse ! Market pressures - specifically for lower costs - are actively reducing the level of redundancy in the network. Instead there are moves towards things like interruptible supply contracts (ie pay large industrial users to shut down) instead of putting in/maintaining redundant capacity to cater for (eg) a circuit fault.

I recommend a read of this : https://www.raeng.org.uk/publications/reports/living-without-electricity

The subject of what happens to mobile networks is covered - they stop working ! In practical terms, the cost cannot be justified of equipping all base stations with anything more than a token battery backup, nor is it physically or financially practical to have standby generators available to roll out to them all.

What is clear from the report is that it was lucky that the outage was relatively local - had there been a widespread problem then the generators brought in by the DNO (ENWL) could well have been needed elsewhere.

Now back to the telecoms network itself. IF the connection goes all the way back to the exchange with no active equipment then it should keep going as BT exchanges normally have some very large batteries to keep everything running. But if there are any active devices in the link (like there are the green cabinets in FTTC connections) then it's questionable whether these would hold up for any sensible time (or at all) given the ongoing cost of maintaining batteries at every node. AIUI the NTEs used to date in all-fibre connections have a backup battery to maintain POTS service for a short time (hours) in the event of mains failure. I could well see these becoming a maintenance problem - will they ever get changed ?

That's the key benefit of the current copper based POTS lines - very reliable and completely independent of mains power (including powering basic end user terminal) for quite some time.

Nothing insurmountable, but it WILL add costs (eg periodic battery replacements) to various applications.

3
0

UK.gov expects auto auto software updates won't involve users

SImon Hobson
Silver badge

Re: OTA Obsolesence

Not only that, but as mentioned above there is the EoL issue - how long does the manufacturer provide updates for. Not hard to see cars hitting EoL for software updates and the options being to scrap them or pay ever increasing contract prices for ongoing support. Think MS and Windoze XP extended support.

Add in the way that (for example) John Deere in the USA has used their DMCA laws to prevent third parties from repairing tractors and you can see the scope for shenanigans.

1
0

Social networks have already violated the spirit of GDPR

SImon Hobson
Silver badge

Facebook is an advertising platform so you expect new orgainisations like El Reg NOT to use it?

And THAT is the biggest part of the problem. FarceBork have become so ubiquitous that there's an element of "screwed if you do and screwed if you don't" about using it. For many people these days, "the internet" == ("facebook" OR "google") - if it isn't on farcebork or the first page of google's results then it doesn't exist.

So because "everyone is one farcebook", most people are pressured into being on farcebork or they'll miss out. There's a reason that they buy things like WhatsApp which allow people to communicate without using farcebork - by buying it, they bring it into their data mining business and so it doesn't matter which people use, farcebork still get your networking information.

2
0

Admin needed server fast, skipped factory config … then bricked it

SImon Hobson
Silver badge

I'd never seen a component physically blown off the motherboard before!

You'd never lived then lad !

My boss from a few jobs ago had worked at a local outfit that made specialist sonar equipment. One unit he described was a stack of circular boards that fitted into a cylindrical casing - with one board being the power supplies. As is normal, they'd done all they could to protect the unit from "accidents" ...

They got one returned as "not working", and when moved there was a rattling from inside.

Opening up the unit revealed the power supply board had zero components on it - many were rattling around the case sans-leads, some had just "vanished". Went back to the customer and asked "you didn't accidentally connect it to the 1000V supply did you ?" In that industry, they use many voltages and frequencies with the obvious scope for getting it wrong.

The customer was adamant that they hadn't, until said manufacturer suggested it would have to get legal and they'd be suing the manufacturer of the transorbs that had exploded - at which point they admitted their mistake.

For those that don't know, transorbs are a surge protection device that behaves a bit like back to back zener diodes - more or less open circuit up to some voltage, then they break down and become conductive thus allowing momentary over-voltages to be shunted away from the delicate electronics following down the line. But they have a limited power dissipation limit - so basically momentary spikes, not a full time over-voltage. When connected to 1000V instead of 400V - they literally exploded and the shock wave sheared all the component leads off flush with the board.

18
0
SImon Hobson
Silver badge
Mushroom

Re: Lightning icon required =========>

until I noticed that one valve was entirely glowing red

Ah that reminds me of a tale told to me by a friend in the broadcast industry ...

A colleague was sent to service/repair a large transmitter - and as described, the fault meant that one of the valves was glowing red hot. Except that these weren't tiddly little ones like in tellys, these were 'kin big things driving a 1/2MW transmitter ... Said colleague was round the other side of a rack doing some measuring or something when he heard a "big bang" almost instantly followed by the clatter of circuit breakers tripping.

When he looked round the end of the rack he saw his apprentice crouched motionless in front of a pile of glass powder and still holding the can of freezer spray in his hand. Didn't find out if clean underwear was required. Icon suggests what had happened to the hot glass envelope of the valve when hit with the freezer spray.

Apprentice learned the way you don't forget - don't try cooling valves with freezer spray.

I can't repeat some of his other tales - at least not in polite company !

20
0

Supreme Court punts on Microsoft email seizure decision after Cloud Act passes US Congress

SImon Hobson
Silver badge

Re: GDPR

Where does it say that?

It doesn't explicitly say that - but the inconvenient fact is that under US law it is IMPOSSIBLE for a US based business to (truthfully) provide the assurances required. Given what we now know about how the US authorities can, and do, tell businesses to "hand over this data, and BTW you cannot tell anyone" with what appears to be no effective oversight/control - it's just no possible for those businesses to provide realistic assurances about where the data may end up or what it may be used for.

The fact that MS suddenly (as it seems) said "OK then, here's this data you wanted off our servers in Ireland" to the DoJ should be a big hint. They previously claimed that they could not physically access it - so were they lying about that ?

0
0
SImon Hobson
Silver badge

Re: GDPR

AIUI, it effectively becomes illegal to use non-EU providers come 25th May.

At a previous place, I asked several times of the MD whether he discussed this issue with customers he was pushing over to Office 365. He just shrugged it off with "no problem, you can choose where the data is located". Given that MS has just handed over personal data held on a server in Ireland - thus proving that they DO have access to it - this becomes something of an issue.

But even if MS did have the legal separation that they have claimed to have, with the US company physically unable to access data on Irish servers, access to them by customers involves elements under the control of the US parent.

But until Privacy ShieldFigleaf gets struck down (which it will eventually), then companies will cite the protections in that to get away with it.

It's going to get very interesting - as in the Chinese curse.

2
0

Facebook previews GDPR privacy tools and, yep, it's the same old BS

SImon Hobson
Silver badge

Re: Optional

Surely this is against some sort of data protection law?

Under current law, it's questionable at best.

From 25th May it will be expressly illegal - but that won't stop them doing it.

0
0
SImon Hobson
Silver badge

I cannot understand is why successful big international companies want to do it

MONEY

What else is there to know ? These businesses are in business for the function of making money. They may have started out with good intent - Google started out with the aim of making stuff easy to find, Facebook started with the idea of networking people, etc, etc. But just like Google has dropped any pretence at "don't be evil" and now operates in a "how can we make most money, regardless of ethics" mode, FarceBorg has similarly gone down the route of "lets make lots of money" with the networking feature just being a way of getting people to give them the personal information they need to be able to sell it for that money.

0
0
SImon Hobson
Silver badge

Re: Fines on the way for facebook

I gave you a downvote because, yes, that is what SHOULD happen. But look how long Max Schrems had been going at them and how useless the Irish data protection people have been so far.

FarceBorg know that it'll take ages before the authorities decide that they can't keep their eyes closed any longer, and then ages again while they drag it out through the courts.

So I agree, large fines should be in their future - but I can't see it being as soon as we all think would be justified.

1
0

Facebook admits it does track non-users, for their own good

SImon Hobson
Silver badge

Re: RE: As a never-signed up non member....

It will take a damn sight longer to remove stuff from Facebook if you don't have an account, than if you do.

Well you very well illustrate a big part of the problem - many of the tools to "manage" your privacy require you to open an account with $provider, which requires you to accept their T&Cs. So in order to have $provider stop invading your privacy, you have to (taking typical T&C terms) give them permission to invade your privacy.

It will be interesting to see how this pans out when GDPR comes in. Given the story in ElReg about Ireland watering down privacy protections, I expect the first cases will be just tossed out, then there'll be an appeal to whichever EU body is responsible for complaince and the Irish government will be told in no uncertain terms that their law is illegal. There may be several rounds of this before Irish law correctly implements GDPR - and once that's in place then Farcebork are going to get well and truly reamed.

But like the OP, I know for a fact that Farcebork have personal information about me - thanks to "friends" and relatives who can't see what the fuss is about. At the moment I'm waiting for Max Schrems case to reach the point where (inevitably) Privacy SheildFigleaf gets struck down and then we can all start laying into them.

10
2

'I crashed AOL for 19 hours and messed up global email for a week'

SImon Hobson
Silver badge

Re: With hindsight

I had a thought about this ...

They could have fiddled with the DNS to get a poor mans load balancer. Set the mx to (say) a.domain.tld with (say) a ttl of 3 hours. After (say) half an hour, change the mx to b.domain.tld, also with a tld of 3 hours. After another half hour, change to c.domain.tld. And so on. You could script the DNS updates to automate it.

Then each resolver would cache just one of a.domain.tld, b.domain.tld, etc and so (using the numbers originally given would try and contact only one of 5 different MXs. Different resolvers would cache different records depending on the timing of when they last fetched the records. That was definitely doable back then.

If they had geographically distributed servers then they could also have done some conditional DNS stuff to present different MXs to different area - can be done with BIND using views, but I don't know whether that feature was available then.

0
0

Whois is dead as Europe hands DNS overlord ICANN its arse

SImon Hobson
Silver badge

The big problem that many seem to have overloooked is that the EU cannot get at ICANN directly as ICANN doesn't (AFAIK) have an EU presence. However, all the registrars with an EU presence must abide by GDPR - and that means it would be illegal for a registrar to pass any personal data to ICANN unless ICANN abides by the rules of GDPR.

BUT, ICANN is a US based outfit and must abide by US law - which is incompatible with GDPR. That's going to be interesting once Privacy Shield Figleaf is officially declared incompatible.

4
2
SImon Hobson
Silver badge

Re: Unstable operation coming soon...

"you can't tie provision of a service to a waiver on data that GDPR covers"

Citation needed!

Try the ICO guide to GDPR.

Basically, if you are saying that you won't provide the service without the person giving consent then that consent is't "freely given" - so don't bother.

However, that doesn't automatically stop you collecting and processing data because you can collect and process information that is REQUIRED for the performance of a contract. In the case of domain registrations and whois, the registrar is entitled to collect certain information for performance of it's contract. BUT, making that publicly available via whois is not required for the performance of the contract and so must only be done with consent and the person must be able to withhold that consent without affecting the ability to have domains registered.

32
0

Small UK firms laying fibre put BT's Openreach to shame – report

SImon Hobson
Silver badge
Facepalm

Re: FTTP

Although why the house builders would want to charge for access is beyond me

Because they can ? I suspect that for many house builders, it's just another way of squeezing a few more quid out of someone. As you say, it ought to be a selling point to have decent connectivity available - but as you say, demand is so strong that they can throw up any sort of cheap s**t and know that it will sell.

Mum was looking at a new build a while ago, I commented on the lack of any phone and data cables internally to get the response "it's all wireless these days". As to lack of ducting for BT to put the phone lines in, "they wanted too much money" - so instead they get washing lines on a new build where it would have been trivial to put some ducting in while they were doing the rest of the services.

But then, they'd packed them in so tight that there wasn't room in the houses for "proper" staircases - they had those stupid (and difficult, even for me without hip/knee problems) with a "circular staircase" section instead of a flat half landing. And they weren't even built well - evan after being bodged with bits of 3x2 underneath, they had treads that dropped 1/4" when stood on. Icon says what I'd like to do to the groups responsible for allowing such rubbish to be built.

6
0

Want to terrify a city with an emergency broadcast? All you need is a laptop and $30

SImon Hobson
Silver badge
Mushroom

Though what you were supposed to do it the alarm went off is anyone's guess

I believe the standard advice is : go the smallest room in the house, sit down, put your head between you knees, ... and kiss your a**e goodbye. Icon representative of one occasion when this manoeuvre might be appropriate.

1
0

Nope, you're still a transport biz, top EU court tells Uber

SImon Hobson
Silver badge

I always wonder what is the story with insurance if you and your car are an Uber "product"?

UK situation, other places may vary.

Since you are carrying people for money, then you need insurance that covers that - your normal policy absolutely does not cover it. There have been suggestions that Uber is not very diligent in checking that drivers do have the right insurance - and if so then they are complicit in putting paying passengers in uninsured (and therefore illegal) vehicles.

0
0

Sorry spooks: Princeton boffins reckon they can hide DNS queries

SImon Hobson
Silver badge

My ADSL would then be doing random lookups for everybody on the planet, as well as for me ...

Riiiggghhhtt. I've run resolvers before, and one thing I can recommend you don't have is an open resolver on your ADSL line ! We had to lock ours down to just IP ranges used by our clients - otherwise I will guarantee that it isn't long before you start getting used for DDoS attacks* and other dodgy practices.

The other issue is that in so many jurisdictions, plod tends to take the line that it happened on your connection so it must be you doing lookups for (eg) kiddy porn sites. In fact, some jurisdictions expressly make it your responsibility for whatever is done on your connection. Yeah, you might be able to prove your innocence ... eventually. But in the meantime, you'll have been branded a kiddy fiddler in all the local papers, had to manage without any of your IT stuff because the plods took it for examination (you'll get it back, maybe a year or two later - and it might even still work if you're lucky), locals will assume there's no smoke without fire, depending on what you do you could lose your job, the stress could cause your family to break up, and so on.

And when you do eventually prove that it wasn't you and you are totally clean, the papers will report on it in tiny print on the gazzilionth page that no-one reads - so no-one will know that you've been shown to be clean and you'll have this whiff of being a dodgy type following you around for evermore.

* Because DNS defaults to UDP first, there's no verification of client IP address - it can be spoofed. So the b'stard doing the DDoS attack searches for a query that returns a large response that still fits within one reply packet (if it's too big then the resolver tells the client to switch to TCP). So the attacker sends you requests for "foo.bar.com ANY" having found that foo.bar.com actually resolves to 20 cnames. Thus one small query resolves to a lot of data, the small packet is amplified, and the larger result is sent to the target of the attack. That way, a relatively small number of compromised machines can generate a lot of small packets which result in much bigger packets being sent to the target - way more data than the small number of compromised machines could manage on their own.

1
0

UK.gov: We're not regulating driverless vehicles until others do

SImon Hobson
Silver badge

But throw the match into a half empty container of petrol and watch the flame front propagate a lot faster????

Provided the container has restricted ventilation, then the match will just go out - mixture too rich to burn. When a filling station closes, it is NOT allowed to empty the storage tanks, they must leave some fuel in to ensure the mixture stays rich. Then they have to pay eye watering amounts for a specialist contractor to clean the tanks and either remove them or fill them with concrete - I had a conversation with someone not long ago, and they told me that the difference between two quotes (not the quotes, just the different between them) was over £30k !

0
0
SImon Hobson
Silver badge

But a large tank of LIQUID, normally underground, and which does not explode easily is a different matter to a gas that has to be stored in a VERY high pressure vessel (through which it will leak). Perhaps you've never seen a demonstration of just how slow the flame propagation is with a large petrol fire - like you see in the films, pour some petrol out, throw in the match, and you can watch the flame front progressing along the layer of liquid.

In any case, hydrogen is a very very poor choice of energy transport for a mobile fuel use due to it's low power/weight ration (especially considering the weight of the pressure vessel needed) - there are much better. It's absolutely anything but green since most of it comes from steam cracking of hydrocarbons with copious CO2 generation !

And electric charging points aren't going to be very useful. They will either be very slow (and hence not very useful), or very expensive to install due to the supply upgrade that will typically be needed. And the government still hasn't said how it intends to keep the lights on as it is, without adding even more load to the grid.

6
3

Sysadmin shut down the wrong server, and with it all European operations

SImon Hobson
Silver badge
Facepalm

It can be the simplest of things ...

At a place I used to work at, I recall one of the helldesk guys telling a user on-site that they would need to hard power off a server that had become unresponsive. "Press and hold the power button on the bottom server in the rack" was the instruction, and shortly after everything stopped.

Said helldesk guy forgot to take into account that to moast users, a UPS looks like a server, and the bottom device in their rack was the UPS. Oops !

But seriously, I reckon there are 10 types of IT person: Those that have accidentally shut down or powered off something, and those that are lying when they claim that they haven't !

0
0

2001 set the standard for the next 50 years of hard (and some soft) sci-fi

SImon Hobson
Silver badge

Which were all pieces from classical composers

The story I'd heard on that was that they used the classical pieces while filming to "set the mood" and the intension was that there would be music written later. But then they decided that the classical pieces really works and kept them.

It's a film I've watched more than once - but I know I'd be wasting my time suggesting SWMBO try watching it, should wouldn't reach the end of the opening bit before dismissing it as "boring". IMO it's what a film should be - a telling of a story, with plot, effects appropriate to to that telling, etc. Too many films these days seem to be just an excuse to show off the ability of The CGI,

3
0

Law's changed, now cough up: Uncle Sam serves Microsoft fresh warrant for Irish emails

SImon Hobson
Silver badge

Pretty sure EDPR/GDPR will essentially make the use of a US based cloud provider illegal

It already is, it's just that Privacy Shield Figleaf hasn't yet been declared invalid/incompatible with European data protection laws. But when GDPR comes in, it will be "somewhat harder" to say that Privacy Figleaf + US Law complies.

19
0

One solution to wreck privacy-hating websites: Flood them with bogus info using browser tools

SImon Hobson
Silver badge

Re: Spam-fighting?

These days (everything forwards to gmail) ...

So you've gone with a deliberately unreliable mail system which BY DESIGN will automatically THROW AWAY SOME OF YOUR EMAIL with no notification either to you or to the person who sent it. Do you know how many emails you have NOT received that weren't spam ? In addition, they've enforced some systems (eg SMS) which were known to be broken before implementation, and were known to break a lot of legitimate email usage before implementation. But hey, this is Google, big enough to say "screw you" to the rest of the internet - we're changing stuff and you'll change to suit what we impose" to those who actually do run reliable mail servers.

My own mail server is set up to NEVER discard an email - it does NOT accept mail before it's done all the spam checks etc, and if the mail fails then it rejects it which means that any false positives result in the sender being notified. Once you have accepted an email (as Gmail, Microsoft/Hotmail, and all the other large providers do) then you have limited options - you can't notify the sender or you become part of the problem (backscatter), and notifying the recipient rather defeats the point of blocking spam - and your only option is to SILENTLY THROW AWAY any email that fails your checks whether it is spam or "ham".

Would you accept it if your postman went through your snail mail and threw away anything that looked like it is junk mail ?

1
3

10Mbps for world+dog, hoots UK.gov, and here is how we're doing it

SImon Hobson
Silver badge

Re: Average Internet Speeds By Country

Without looking things up, I suspect there's one or two good reasons for those differences.

AIUI, in South Korea they have a lot more people living in large blocks and not so many in spread out manner like we do. The cost of putting fibre into a tower block and serving (say) 50 households is barely more than the cost of putting it into one detached house. So that means there's a real advantage. And someone earlier mentioned that all the high rises already have Virmin Media - same principle, it's relatively cheap for Virmin to cable up a large block compared to a nicely spread out load of detached or semis.

And then some countries have the advantage of not having started with a well entrenched infrastructure. Several comments have already suggested variations on "rip out the copper, use the duct space for fibre" which realistically isn't going to happen on a widescale basis here. But where there's less existing infrastructure - meaning that whatever you do will involve installing more - then there's inhibition to putting in newer tech. SO if there's no existing infrastructure and you've got to dig all the roads up anyway, then might as well put fibre in; but if you've already a full network of copper, then makes sense to the beancounters to sweat that existing asset.

0
0
SImon Hobson
Silver badge

I call BS.. the council would have to approve the work by Anglia water before they could dig.. closed road or not there's a noticing period before an excavation can start.

Well no and yes.

Utilities have a statutory right to dig the road up - the authority responsible for the road CANNOT stop them.

If it is unscheduled repair work, then no notice is required - I assume there's some sort of notification requirement, but there's none of this "apply for a permit and wait six weeks".

Only in the case of scheduled works - ie improvements etc - does the utility have to apply for a permit. At a previous job we've had customers with delayed installs while the provider gets a permit to close a lane so they could put the required fibre ducting through the underground ducts.

0
0

Cambridge Analytica 'privatised colonising operation', not a 'legitimate business', says whistleblower

SImon Hobson
Silver badge

Re: All that lovely data mined from the ???dark??? depths of the connected world.

Which is exactly why I have no f***book account, no twitter account

Which doesn't stop them profiling you, it just means they have to get some of the data from elsewhere - including your "friends" and family. And of course it also means that you can't use any of the controls - yeah great, you can only have any control on your data if you agree to their T&Cs which allow them to do it.

2
0

UK.gov: Here's £8.8m to plough into hydrogen-powered car tech

SImon Hobson
Silver badge

Re: ' Current industrial production of hydrogen gas'

There are two more major issues

You missed out the third one - that 700bar tank will contain "not a lot" of energy in the fuel compared with liquid systems (petrol, diesel, x-thanol, LPG, ...

And the fourth one - that it's completely incompatible with any of the existing distribution and dispensing infrastructure which means a a huge investment before it becomes practical at all.

And the fifth one - that the vehicle won't be dual (or multi) fuel.

Really, this is yet another example of throwing our money at something for political reasons with a complete lack of any rational thought about what the end result is supposed to be. A better use for the hydrogen would be to convert it to methanol which is : liquid at normal temperatures and atmospheric pressures (just like petrol), compatible with existing storage distribution and dispensing infrastructure (just like petrol), can be used in only marginally modified existing vehicles, and so on.

Had "flex fuel" been mandated when electronic fuel injection became ubiquitous, then by now most vehicles would be flex fuel - with suitable seal materials and capable of adapting the fuelling to run on ANY mix of petrol, ethanol, or methanol.

So compatible with existing infrastructure and vehicles - great, can be introduced piecemeal without massive up front costs and upheavals. Not only that, but being easily transportable in bulk (ship or pipeline), it would be fairly easy to set up production where sunlight is plentiful (for making the hydrogen) and transporting the easily transportable liquid to where it's needed.

But where's the trough for snouts if they went for that ?

3
1

Manchester Arena attack: National Mutual Aid Telephony system failed

SImon Hobson
Silver badge
Facepalm

Re: Typical Vodafone

Whilst they'd have trouble fighting their way out of a paper bag

That's my experience with them as well.

When I started at my last place, they had an internet connection from an outfit called YourComms, which IIRC had originally started out as Norweb Telecoms. YourComms was borged into Thus - with the loss off some knowledge as usually happens in these borgings - but still a decent outfit.

Then Thus got borged by Clueless and Witless and service went distinctly downhill. Finally C&W got borged by Vodamoan and it got worse again.

One day as we sat in our office, the internet went down - and after initial checks that it wasn't our end, I was lucky to get through quickly to their support desk and log a fault. 10 minutes later our connection came back on, and we found that a major site we managed services to was still down, and stayed down. By now their support system was in meltdown. The cause ?

Well this supposedly top tier communications company had a networking centre in London, and there had been a very simple problem - a single circuit breaker had tripped. Unfortunately, this supplied one of the power supplies for the kit, and the other one had failed. This highly professional tier one outfit had no monitoring that told them a power supply had failed, it had no monitoring that told them power had been lost to the other power supply, the diesel generator didn't fire up because there was still mains to the building - but no problem, the batteries still worked. Of course, with nothing telling them about these problems, and nothing telling them about the reducing battery voltage, they did nothing until the batteries gave out and the brown stuff properly hit the proverbial fan.

No problem, just flick the switch back on, and let the routers etc boot up again. Yup, that was what brought back our connection - but there's more. A 'kin big router didn't boot up, spares were brought in (and Cisco engineers), and guess what .... they didn't have a working backup of the config ! It took them THIRTEEN HOURS to get our other services back on - losing a complete working day for the cllients, some of whom have staff paid more per hour than I earn in a week.

To their credit they did provide a report of what had gone wrong - and promised to "update their monitoring". But really, needing such an event to find out you have suck basic monitoring in place - sadly this seems to be the level of collective professionalism at Vodamoan (hence the icon). Not having proper config backups - second vote for the icon. Apologies to those people "at the coalface" who have been good within the constraints imposed by the imbeciles further up.

5
0
SImon Hobson
Silver badge

If you think about it, assuming you are (or somebody in your company is) good at hiring good people, how can outsourcing possibly be both cheaper and better ?

It depends. Unless you are very large then it is often very wasteful to do everything in-house - and given that I've had (cough years) of being part of that "provide the skills it's not worth the customer having in-house" I'm glad that this is the case :-)

So, for example, you are a small estate agent with (say) ten people spread across 3 sites. Do you :

a) employ someone with a remit to look after the IT (as part of their job) and give them the time to keep up to date with everything they need to know to fully support and keep up to date your systems.

b) outsource to someone like my previous employer who employs multiple people (so has different people who can be experts in different sub-fields) and who can spread the cost of keeping those people up to date across all their customers.

Same applies to payroll : Do you put the time and cost into keeping one person (and what if they are off sick ?) up to date with all the legislative changes, software updates, etc, etc - or do you outsource to a company that specialises in doing this and so can spread those costs across multiple clients, and has multiple people who can do the work and so remove the risk of having just one person able to do it.

How many times have you heard something along the lines of "only Fred knows how to do that" - and Fred is not available ? I know I've heard it many times in various forms. In one of my previous jobs, I was that "Fred" for a number of areas (in-house IT and some building services) and from a personal perspective it's not healthy as you can never really "switch off".

Even in big businesses where they do have the scale to justify employing teams, there's often a justification (other than just price) for outsourcing.

0
0

New South Wales ponders post-mortem data protection laws

SImon Hobson
Silver badge

Re: Keeping it in the family

Problem with that is you can only "leave stuff you own" in your will. One of the problems with digital assets is that (for example) stuff you "buy" on iTunes isn't bought - you merely get a licence to use it, and the T&Cs specifically exclude transferring that licence.

So when you die, stuff (for example) that you "bought" on iTunes cannot be left to anyone - the licence simply terminates and no-one gets it.

0
0

The Register - Independent news and views for the tech community. Part of Situation Publishing