* Posts by Roland6

10619 publicly visible posts • joined 23 Apr 2010

Space nukes: The unbelievably bad idea that's exactly that ... unbelievable

Roland6 Silver badge

Re: Russian diplomacy:

There are people and there are borders aka lines on a map.

The Scottish people have been around a long time, living in Scotland, yet the border between England and Scotland has over centuries moved around, with the current border a working compromise. I suspect if Scotland was to become a wholly separate nation (again) there will be disputes over the border and adjacent lands.

The 7 maps, whilst clearly showing movement of borders also show continuity of occupancy of the core lands by the Ukrainian people.

They also show that Putin’s land grab is more about geopolitics than people, other than Russia/USSR, like China imported its own people into occupied lands which over generations has allowed them to make claims over ceded territories.

Roland6 Silver badge

Re: Russian diplomacy:

> But it has never been really unified

A bit like Germany then which only became unified as a single country after the fall of the Berlin Wall.

Also although the USA labels itself as a “union”, it isn’t really…

Oxide reimagines private cloud as... a 2,500-pound blade server?

Roland6 Silver badge

Re: Shades of SUN

According the Oxide website spec’s the cabinet’s dimensions are: 2354mm (92.7") x 600mm (23.7”) x 1060mm (41.8"), effectively a 48U rack.

Roland6 Silver badge

Liquid cooling?

Given no mention is made of the cooling and looking at the pictures, I assume this is fully air cooled.

Self-taught-techie slept on the datacenter floor, survived communism, ended a marriage

Roland6 Silver badge

Re: Daily!?! RFC begs to differ

> "Do not resuscitate" or any other "living will" type issues. That can then be placed on your medical records by your Doctor.

Recommend ensuring the local hospital also has a copy on their records.

For practical benefit a copy needs to be in full sight and signposted so that when the paramedic gains entry (front door, window etc. - with or without fire brigade assistance) it is the first thing they see.

Without it, they are required to attempt CPR on home deaths.

Having the form so obvious, means the first paramedic can stand down the second paramedic (to assist CPR), ambulance (to take the person to hospital), police (home deaths are ‘suspious’) - all of whom will be on route, so that they can be rerouted to other incidents (where hopefully their skills can be of benefit). Additionally, all these people aren’t subjected to the emotional trauma from having to perform CPR on someone who obviously either is most likely already dead or isn’t going to survive the recovery. The first paramedic can then simply perform a simple ECG to confirm heart has flatlined, leaving the deceased at peace and in a condition that doesn’t warrant a closed coffin.

Roland6 Silver badge

Re: Daily!?! RFC begs to differ

> This expires in 30 minutes.

Bit generous, this last I have received emails with authentication credentials that expire in 10 minutes…

OpenAI shuts down China, Russia, Iran, N Korea accounts caught doing naughty things

Roland6 Silver badge

Did OpenAI use AI to identify the accounts?

It would be interesting to know how OpenAI identified the accounts. It would make sense for them to be using the user data they collect (you agree to it when you sign up), to monitor service use and abuse.

Feds dismantle Russian GRU botnet built on 1,000-plus home, small biz routers

Roland6 Silver badge

Re: Not much of an incentive to splash out

The expectation for home/micro business routers is that the device will simply be taken out of the box and plugged in. Hence why the random unique passwords became standard across these devices some years back.

Roland6 Silver badge

Ubiquiti Edge OS routers…

>“ A factory reset that is not also accompanied by a change of the default administrator password will return the router to its default administrator credentials”

I presume these devices used something like admin/admin rather than the unique default passwords that have been typical on UK ISP supplied routers for many years now…

Cutting-edge robot space surgeon makes first incision in Zero-G

Roland6 Silver badge

Re: “ we expect the impact of this research will be most notable on Earth”

You mean the patient can more easily operate on themselves?

https://www.theatlantic.com/technology/archive/2011/03/antarctica-1961-a-soviet-surgeon-has-to-remove-his-own-appendix/72445/#

Roland6 Silver badge

“ we expect the impact of this research will be most notable on Earth”

I wonder if the test was on ISS because funding was available…

From events it would seem a real use of this technology would be to perform emergency surgery at the Antarctic research base. Although, I wonder if the time lag would be greater due to use of earth-satellite-earth communications.

Billions lost to fraud and error during UK's pandemic spending spree

Roland6 Silver badge

Re: Well

>” am not sure how you think it costs less although maybe there was a hope it would”

Need to separate costs:

Total QE monies 2009~2012 £375bn

Total furlough monies 2020-2022 £70bn

Neither of these figures allow for inflation etc.

>” it was about saving the currency and avoiding another great depression.”

Yes, it was flagged back in the mid to late 1990s that the UK economy was overly exposed to the health of the global financial market; from looking at the balance of trade figures, it would seem we still are…

> the preprepared plans

I thought that was part of the problem, there were no real plans as the plans that existed were based on assumptions CoViD invalidated. Also, preparation cost money, hence why there was a scramble for PPE…

The biggest issue I had was the lack of preparation in the NHS in the acute wards: patients were dying from an unknown illness for several months before CoViD-19 was finally isolated, yet they didn’t implement strict biohazard containment procedures; I had cousins who were working these wards during this time…

Roland6 Silver badge

Re: Well

Yes there was the outdated practices of Companies House - interestingly “The Economic Crime and Corporate Transparency Act” (the ECCTA) received Royal Assent on 26 October 2023, it requires mandatory proof of id for all company directors, both new and for currently listed companies. It will be interesting g to see what that uncovers, although the timetable which directors need to comply with is a little unclear.

However, the issue was that the government department that handed out the monies did no checks, so can’t even point the finger at Companies House…

Aside: The ECCTA is interesting in that it creates new bar to Corporate Criminal Liability, it would seem under the act, the actions of the senior Post Office management over Horizon are sufficient for their actions to be attributed to the company… what isn’t clear is whether there is any backdating, but certainly any new PO attempts to prosecute Post Masters will be impacted by this act…

Roland6 Silver badge

Re: Well

Well 2008 was a crisis manufactured by the banks… so some parallels with Covid…

What is notable is with 2008 the government decided to throw money directly at the banks, rather than taking to potentially cheaper option of simply underwriting the repayments of the sub-prime loans, which the evidence shows cost significantly more than the book value of the sub-prime loans, whilst also doing nothing to help the victims who lost their homes etc..

With Covid the government bypassed the banks and directly subsidised people’s wages and thus companies. This approach seems to have cost significantly less and maintained a level of capacity in the economy to more quickly pickup (whether it did or did not is a separate discussion point).

Roland6 Silver badge

An attempt was made back in the 1980s… EDI

Okay it didn’t extend to medical records, but the idea of common and open data exchange formats would have. Unfortunately, short term laissez-faire market thinking by politicians largely killed the initiative, the laugh is in the UK the DTI (department of trade and industry) and CCTA prior to No 10 interference was promoting open data exchange formats…

Roland6 Silver badge

Re: Well

Companies - either you are registered at companies house or you aren’t, it is easy to do a check.

Sole traders - these are harder, solution just get HMRC to hand out the monies.

Roland6 Silver badge

Re: Well

Well in the big picture CoVID cost the government significantly less than it spent bailing out the banks from the 2008 financial crisis…

I suspect if the government hadn’t splurged, the economy would have nosedived and not rebounded as fast…

Roland6 Silver badge

Hmmm..

Aren’t we currently depleting our weapons stockpile….

I wonder what might be just around the corner…

250 million-plus reserved IPv4 addresses could be released – but the internet isn’t built to use them

Roland6 Silver badge

Re: Are we really running out of IPv4?

> There are not even enough IPv4 addresses for all the mobile devices.

Does that really matter? We have IPv6 and ways of using IPv4 over the IPv6 carrier service.

Okay it means websites etc probably need to run dual stacks and some way for phones (IPv6 end points) to accept and correctly connect to explicit IPv4 public addresses.

Given the experience of the mobile telcos with 4G/IPv6, perhaps we can expect one of the fixed line ISPs to go IPv6 only, with their router handling the IPv4 over IPv6….

> NAT breaks things.

Depends on what you mean, the original RFC for NAT and the subsequent one for NAPT contain guidance for FTP and ICMP. Okay the solution isn’t elegant etc., but a workable solution was presented. I suspect many of the problems people experienced were more to do with poor implementations of NAT & NAPT (and thus the implementation of the FTP packet header rewriter) although the level of detail in the relevant RFCs does leave much to be desired…

>VoIP

I suggest NAT doesn’t actually break VoIP, it was more the VoIP designers only considering a specific “more purist” view of the Internet and so didn’t concern themselves with designing for NAT and NAPT, even through these technologies would have been widely used in the client environment at the time the VoIP experts were drawing up their RFCs…

> just to get around the address shortage.

NAT did more than this. Remember prior to the ready availability of Internet access, many office networks ran TCP/IP, mostly using the private address ranges (specifically 192.168..). NAT permitted these networks to be readily connected to an ISPs service and gain access to the public Internet. Subsequently, it has made it easy switch ISPs.

From memory, it took a bit of a rebellion for IPv6 to take account of such real world considerations, becoming better because of it.

Roland6 Silver badge

Re: Future use??

> Does X.400 count as an OSI spec?

Good question…

To some as it was incorporated into ISO OSI the answer is yes. However, it was developed independently to OSI and as you note it was intended to operate directly over X.25, so contained some duplication of transport etc.

As to whether X.400 was or was not better than SMTP and Sendmail, well they came from two different viewpoints…

My point was if you had tried to implement a mail system on SMTP, you would have been using the relevant RFCs as your specification and probably would have decided to port someone else’s working code…

>KISS

The MAP/TOP initiative did a good just of cutting through the ISO OSI specifications, creating an OSI profile that was broadly equivalent to TCP/IP, which cause outrage among some in the OSI movement… The trouble with MAP/TOP was they really showed the need for application standards ie. File formats and messaging/api’s; here we are nearly 40 years later and still this is the problem….

Roland6 Silver badge

Now put your phone in hotspot mode and seen how many devices can connect through it?

As a phone it will probably be limited to 4~6 devices, regardless of IPv6 and getting a /64.

Depending on which EE device I use, their 4G network will limit the number of devices, think small numbers eg 6 or 16 devices; the use of IPv6 makes no difference, however put those devices behind a non EE router and you can happily connect 30+ devices through the router to the EE IPv6 4G network.

Roland6 Silver badge

Re: Re:IPv6-only devices

Don’t know could work here…

Although, having a website with only an IPv6 address, might be handy for the dark web or even as a security through obscurity protection…

Roland6 Silver badge

NAT, has its uses, hence why it is so pervasive.

I think if IPv6 routers could achieve a similar level of out-of-the-box security by having block inbound connections set as default (which is effectively what NAT achieves).

What is probably more problematic is the hiding of my network. If I use my EE 4G router (ie. an IPv6 device), I am limited by EE as to the number of devices on my LAN who can talk to the internet. Swap the EE router for my own router and use NAT, EE only sees one device …

So I suspect rather than repeatedly saying “ NAT doesn't give you any security”, we need to say this is how to achieve the benefits of NAT in IPv6 and encourage manufacturers to make such settings out-of-the-box defaults.

Roland6 Silver badge

Re: Re:IPv6-only devices

> Do they really have IPv6 ONLY devices?

Suspect not, although with the widespread adoption of 4G I can see there being IPv6 only networks, so a host’s IPv4 interface isn’t publicly accessible.

Roland6 Silver badge

Re: Future use??

The “limitation” of v6 is the subnet hierarchy that results in the /48 or /56 allocation which some ISPs handout. Not saying it’s as limited as v4 (or a limit we will be bumping into anytime soon) but it’s not as big as some would like to believe, as it was designed to facilitate core routing and keeping core routing tables small.

Roland6 Silver badge

Now try and connect to your phone from the Internet using IPv6, that will confirm whether it is using a public or (more likely) private IPv6 address and thus your carrier is using IPv6 NAT…

Roland6 Silver badge

Re: Future use??

Which rather nicely contradicts the “reserved for future use” caveat found in other prior and later RFCs…

Given 240/8 was only defined and reserved in 1989-08 (RFC1112), you would have thought there would be some indication (ie. a proposal) of what IETF had in mind as a possible use of this address range.

My guess is having allocated Class D (1110 0000), the IETF were left with the anomily of the last block (1111 0000), and decided to fudge matters by hand waving at possible future requirement, thinking IPv6 would replace IPv4 in a couple of years…

As for RFC1812 s5.3.7, it wrongly declares Class E addresses as “invalid”. Instead, it should have reinforce the use of ACL and BGP.

Roland6 Silver badge

Re: Cover them all

> Why not move to IPv6 and get rid of broadcasts entirely?

Sometimes you need the megaphone; try talking to a crowd via Chinese whispers or a cascade of focus groups…

Remember IPv6 allows for some very large subnets, being able to “shout” at all members is useful.

Roland6 Silver badge

Re: Re:IPv6-only devices

Are there any IPv6 only devices?

Most (dual stack) network equipment seems to out of the box only support configuration over IPv4.

Aside: Because of this I’ve never bothered to find out if my (IPv4/IPv6) router actually supports management interface access from IPv6….

Interestingly, whilst my router permits me to enable/disable IPv6, there is no option to disable IPv4.

Roland6 Silver badge

I thought the mobile networks already did this. During lockdown, I had cause to do a deep dive into 4G client addresses and discovered EE were assigning private IPv6 addresses to my devices (both phones and dongles), Three on the other hand were assigning public IP addresses to those with a data plan purchased with a dongle, phone contracts received a private IP address.

Hence why you needed something like A&A’s L2TP-VPN, where your client 4G device initiated the VPN with a public gateway, L2TP being used to provide a lightweight wrapper for the 4G telco network hop, not for end-to-end security.

Roland6 Silver badge

Re: Future use??

Both!

APnic definition:

What is a Bogon Address?

Roland6 Silver badge

Re: Future use??

The IPv6 address space might in theory be very large, but given the issues around IETF’s use of the word “reserved”, it may be artificially limited:

“ In order to allow efficient route aggregation, thereby reducing the size of the Internet routing tables, only one-eighth of the total address space (2000::/3) is currently allocated for use on the Internet. The rest of the IPv6 address space is reserved for future use or for special purposes.”

[ https://en.wikipedia.org/wiki/IPv6_address ]

Okay it’s Wikipedia, but clearly in the light of the 240/4 issues, some research and clarification is necessary.

Roland6 Silver badge

Re: Future use??

The RFCs…

A review of the relevant RFC’s and their status and dateline clearly show the IETF are themselves the cause of the problem with 240/4…

RFC1700 (October 1994) - the last RFC to mention Class E aka 240/4, was replaced by an online database of numbers in 1994, it was only obsoleted in 2002.

Given the massive growth of the internet, resulting in it moving out of academia into the commercial world, along with the knowledge that IPv4 addresses would run out - hence IPv6 and the imminent sunsetting of IPv4, it is somewhat surprising the IETF retained an address block for some unspecified research purpose rather than change its status to unallocated in 1994…

Roland6 Silver badge

Re: Future use??

The (poor) quality of the RFC’s compared to the OSI specifications, was one of the issues identified back in the 1980s. The 240/4 issues is just another example of the fundamental problem, where lack of rigor has resulted in differing interpretations and thus differing implementations.

Roland6 Silver badge

Re: Future use??

> in case the future use is eventually defined as something that's incompatible with the protocol you've supported.

Err no , by definition, we are talking about the IPv4 address space used by all IPv4 implementations, if a future use is incompatible with IPv4 as specified and deployed then you should be using the protocol version field to cause routers to redirect the IP packet to the IPvx processor, just like IPv6…

As noted blocking can be achieved via correct use of BGP.

Interesting, related but slightly different, I’ve not come across an implementation that blocks the use of reserved TCP/UDP ports…

Just one bad packet can bring down a vulnerable DNS server thanks to DNSSEC

Roland6 Silver badge

Re: Only a very small subset of the IETF standards should be affected

>” The most entertaining thing about this is that it requires a standards change to fix”

This also highlights the difference between a Standards body such as IEEE, ISO, ITU and IETF. The Standards. Oldies will revise the Standard and reissue a complete revised Standard. iETF simply issue an RFC saying it amends or corrects some previous RFC, leading to the proliferation of documents.

This document from CIsco listing all of the RFCs concerned with Voice over IP, illustrates the point nicely:

https://www.cisco.com/c/en/us/support/docs/voice/voice-quality/46275-voice-rfcs.html

I suspect many VoIP implementations only work because of the ready access to open source, rather than original development.

Roland6 Silver badge

Re: IETF v ITU

> The IETF produces stuff that people need and use

Like Claas E IPv4 addresses, with RFCs disagreeing as to their status and thus how systems should handle them…

Dumping us into ad tier of Prime Video when we paid for ad-free is 'unfair' – lawsuit

Roland6 Silver badge

Re: Query: the timing of ads

> Precisely how does Amazon fit ads into its presentation of 'content'?

From my usage of Prime (uk)

Much content is labelled as containing ads/ad supported, thus you can select to avoid, either through payment or waiting for it to be offered as free.

However, last night watched a film (free no ads) and then decided to watch the recommended follow up which was also free but contained ads without any notification.

Ads seem to be randomly inserted, and as other have noted they simply cut into the flow, with the film being rewound by a second or so. There seems to be no way to avoid or shorten the ads, so no fast forwarding etc.

So far I’ve not had ads in paid for content or content labelled as free on prime, although suspect it will only be a matter of time. Although I have had ads directly before the content has begun to play.

Roland6 Silver badge

Re: Which one to bin

>” Only thing is the likes of Grand Tour might not have had the same budget”

The opinion in our house was it got better when they introduced some BBC style budget constraints and production values.

Roland6 Silver badge

Re: Which one to bin

You might want to poll the family…

In my house a few years back it was The Grand Tour, then The 100, currently it’s Clarksons Farm, so it was Netflix that got rejected…

Meta says risk of account theft after phone number recycling isn't its problem to solve

Roland6 Silver badge
Joke

Re: Call me old fashioned

Please provide your phone number so I can check and add it to my do not use list :)

Roland6 Silver badge

Re: Call me old fashioned

I tend to use false phone numbers for services/companies that I don’t care about - just ensures they can only contact me by email (if their email gets passed the spam and junk filters).

In some cases it does fail, so you have to use a real one…

Roland6 Silver badge

Re: How do users go from having a new number to knowing the account iD?

> trivial for Meta to fix, simply by not permitting phone number to be used for security purposes.

As the only security factor.

Other services might send security codes to a phone, it will also ask for one or more of email address associated with account, other phone numbers associated with account etc. even mothers maiden name would prevent easy reset/takeover by an unrelated third-party.

Roland6 Silver badge

Re: My guess

If the EU really pick this up, the outcome going to impact everyone who uses a phone number as part of their security: HMRC, banks, …

It is also a reminder to people that simply ditching a phone number, is no longer simple, particularly if you have associated any online accounts with it. (Which given how many want a phone number, is going to be a lot).

However, if we make it too secure, then it will become too difficult to regain legitimate access to an account and the public will respond accordingly.

Venus has a quasi-moon and it's just been named 'Zoozve' for a sweet reason

Roland6 Silver badge

Re: Zoozve orbit

The linked Space article contain one and more to the story

https://www.space.com/venus-quasi-moon-zoozve-radiolab-nasa

Drowning in code: The ever-growing problem of ever-growing codebases

Roland6 Silver badge

The turns full cycle…

We’ve been here before, the issues of large codebases and systems, and their maintenance isn’t new, it was a big subject in the 70’s and 80’s, it is what drove formal methods etc. and the creation of ITIL. So there is a lot of knowledge out there, although accessing it may involve visiting a library and reading paper-based articles and books.

Perhaps with the size of codebases now and the increasing spend on their maintenance, the industry will start to get more professional and adopt good engineering practises.

Curious tale of broken VPNs, the Year 2038, and certs that expired 100 years ago

Roland6 Silver badge

So I presume the solution, was to replace the NTP server.

Also to implement a non-certificated based remote access to the VPN devices, so they could be remotely reset…

AMD bagged more market share in server, desktop, mobile at end of 2023

Roland6 Silver badge

Re: I can see why

The AMD CPUs seem to be better at power management, powering down idle cores, which leads to better battery life and cooler system.

Amazon overcharges shoppers with Buy Box algorithm, fresh lawsuit claims

Roland6 Silver badge

Re: No merit

> so to really find the cheapest option you need to go through the hassle to proceed to ckeckout for each option

Amazon prime seems to resolve that little problem (on Amazon.co.uk) just remember the goods that can be shipped via Prime aren’t necessarily the cheapest or fastest delivery. Prime also seems to skew the buy box to favour Amazon products.

Closure of Windows 10 upgrade path still catching users by surprise

Roland6 Silver badge

Re: That means no re-installs?

>Let me get this perfectly straight because it is important to me: this means that, should something disturb my Windows 10 activation on my old hardware or should my disk drive fail, I can never re-install...

If you didn't back whenever you upgrade, associate your new W10 activation with a MS account then if you reinstall Windows 10 due to HDD failure expect it to require an activation key.

Aside: I don't know if you can now (some years after the event) associate the W10 activation with a new MS account.