Posts by defiler

Re: Bending the rules to breaking point

Nope. I was much less paranoid then.

Funnily enough, I was fucked over by that company. Much later, in a completely different way, and I was collateral damage to the large number of other people who got shafted. :-/

Edit - and that CEO and his PA were both gone by then.

Fair play for covering yourself in these shitty short outages. We had a load of them last summer, and I eventually got round to replacing the batteries in the old UPS I have hanging about. All my server stuff is covered now. My RPis generally aren't (although I have a couple running on PoE).

I'm going to shift my wireless access point to PoE (to tidy up the cabling), so that'll be done, but I've idly considered shunting the Openreach VDSL modem over. It would probably make more sense to hook up the DECT base station that way instead. That way everything runs off the SmartUPS in the garage.

/me acknowledging that I'm not exactly at the centre of that same bell-curve either.

Re: Not my expertise

Not a popular opinion, it would seem. My bugbear with Virgin in that they seem to think it's perfectly sensible to warn customers of "network maintenance" which will "require downtime", which will happen during a weekday, with a window of 8am to 6pm.

On a business contract.

If somebody can tell me what bloody use that is, I'm all ears. All of our customers who run Virgin, we've also added a second independent link via a different ISP on FTTC or channel-bonded ADSL. And it's saved them several times each.

I remember years ago the Labour government announced that they were prioritising government tasks based on the number of column inches in the newspapers.

Can you think of a better way to get a knee-jerk government? I can't.

That's nice, and very sensible, but can we all agree that you're way out on the edge of the bell-curve there?

Re: Unrealistic is my first thought

I got downvotes around here for suggesting a similar thing. I agree completely - whilst we'd all love 10Gb up and down on a nice shiny bit of glass, in the real world we'd just like *everyone* to get a *decent* connection.

It's all noble aiming for the stars and all that, but perfect is the enemy of done. And if the fibre gets to the cabinet in the first tranche, the second hop to the premises can always be done later without wasting all the digging (although it would cost in equipment).

Re: Sometimes I miss...

My neighbour's dog misses his balls too. You can tell because he tries to steal every ball he can find. I don't know his opinion on mice.

Still, best dog ever!

G-BOAB is located at Heathrow.

https://www.daftlogic.com/information-locations-of-concorde-planes.htm

Re: chillers

I'm doubtful a fire suppression system would cope with a large Lithium UPS explosion/fire.

Now here's where you run into your good old-fashioned Fire Triangle. You need a fuel, and oxidiser and a source of ignition. If the thing has already caught then the flame itself is the ignition source. The battery contains both the fuel and the oxidiser in close proximity, so fire suppressant can't get in there to separate the two.

That's why I think Lithium UPSs aren't a great idea. Sure, in some respects they're better than lead acid, but having seen some funny-shaped batteries which were swelling (and batteries that have ignited during discharge), I'd rather keep them out of the server room.

On an associated note, whilst I'm all for electric cars, I do worry what'll happen when the first load have dodgy enough batteries to catch fire whilst charging overnight. Because that fire is going to take a while to stop!

Re: Fools! They should have made sure their solar panels were inflammable!

Inflammable means flammable? What a country!

Re: $deities have a sense of humor

@0laf

Sounds like some of the salesmen I spoke to when I was sizing up panels. One of them wanted £25k for a fairly basic installation (I think it was 10 panels). I was shocked and observed that "they'd better be gold-plated for that price!"

He replied that "absolutely - they're the best on the market."

I corrected myself "no, I mean literally plated with gold that I can scrape off with my keys to get back the difference in cost."

That's the point that he walked out.

Some of those fuckers were reptiles, preying on the elderly with a bit of cash put aside. As I said above, I paid about £10k in the end, and got 14 panels. Looks like the poor old fella in your home got conned.

Whilst I feel a little sad that the company I dealt with went under when the gold-rush ended (they were really professional at a good price), I'm glad that the thieving bastards also got hit. Sadly the thieving bastards will move on to another con.

Re: $deities have a sense of humor

3.36kW here in Scotland. I've pumped out 20MWh in the 7 years, 11 months the system has been active. Cost me about £10k. In terms of electricity generated, it's probably about 25% of the way to paying itself off. In terms of the Feed-in Tariff, it'll have paid for itself by now.

It was off the roof for a few months whilst we had some work done.

Yes, it only generates in daylight. Yes it can be a bit spiky when there's scattered cloud. If you put enough of these panels in across the country that smooths the spikes out, and the roof is otherwise generally dead space. Yes I considered water heating panels, but the FIT swung it for me. No that's not the most environmentally sound choice I could have made. Yes the FIT has dropped, and so has the cost. Given they're half the price now, they'd pay for themselves in electricity generated in about 16 years, on a not-entirely-south-facing roof in Scotland.

Solar panels are not a panacea, but they're a useful tool for creating extra generation from dead space. And the economics (even without FIT) work out, at least in a domestic setting. The Feed-in Tariff does distort the economics a lot, but (for those who aren't aware), you earn three ways. Once for not paying for electricity that you'd otherwise import from the grid. Once for exporting half of your generated electricity to the grid (at wholesale rates), and once for the Feed-in Tariff, which the electricity company pays to fulfil their Renewables Obligation quota.

Oh, and the first thing the installer showed me was how to perform a safe shutdown, stopping the AC side first to cut the power flow before stopping the DC side, thereby preventing arcing.

Re: Was it Tanker?

If L0phtcrack taught me one thing it's that Windows passwords were split into two sets of 7 characters and hashed separately. So a 7-character password was potentially more secure than an 8 or 9-character one, on the basis that if you decoded the letters at the end it may give you a clue to the letters at the start.

Re: He should be proud that of that guy

Or even better, give them a ticket reference and make sure they know which label they're looking for. Then have them call back into the helpdesk using the number on the company directory, and hand over the asset ID and the ticket number.

Takes more time, but it means they're calling a trusted number.

Re: Endian of an era

Scalability of the copros was a serious issue. I read somewhere that the malloc() call in the OS would hand over memory but not actually verify if it was unused by another application. So if you wanted speed and stability, you bypassed the OS and went bare-metal. Problem is, that meant you programmed the custom chips directly instead of via an API, so when AGA appeared, half of the hacks stopped working.

I remember the quote in Edge magazine went along the lines of "half the A500 software doesn't work, but we don't know which half", which hardly inspired confidence.

If malloc() had worked properly then the API would have been useful, and could have been made backwards-compatible when AGA appeared.

Also, David Pleasance shows little hesitation in pointing out just how hard Mehdi Ali fucked up Commodore.

Counter-counterpoint: So you believe that police shooting civilians should never be evaluated or assessed after the fact? It's all well and good investigating the scene afterwards, but given the number of high-profile incidents where people have been harmed by police in the USA, it would be good to be able to establish that the police officer had good reason to believe that they or others around them were subject to a credible threat at the moment they fired a gun.

It's easy to condemn them afterwards by saying "but that person was unarmed", but if they had video evidence to show that the suspect snatched for something inside their coat then the police officer could easily be justified in defending themselves even if it only turned out to be a bus pass.

The best way to learn from a mistake is to see how the mistake was made.

"Quis custodiet ipsos custodes?"

Well, that's where I suggested Blockchain. That way the evidence from bodycams becomes auditable by members of the public, without making the footage public. Forgive me because I'm way out of my depth on this one, but it seems ideal to me if every time footage were submitted to the digital vault it created a quick mess of metadata (start frame timestamp, end frame timestamp, camera serial number, officer the camera is assigned to, cryptographic hash of the actual video stream - or two, because they're not exactly big), that all gets digitally signed by the storage system, and that signed metadata is appended to a dedicated blockchain. That means that each officer's actions are recorded and the recordings are securely held out of sight, but evidence that the recording exists is available to everyone. And if a recording is tampered with then the checksums don't match up. If a second recording is submitted for that officer on that date, it's abundantly clear to the public that a duplicate has been submitted (or more importantly, a different video for the day).

Most people won't care. Most people who care won't know how to replay the blockchain. But the Venn diagram will have enough people who care, and who can verify the evidence in the vault, so that final oversight of the recordings can be held by the public themselves.

I'm slightly startled because I may have uncovered a genuine, real-world purpose for blockchains.

My point to the blockchain aspect is to retain a public ledger of each video, so that if the file is tampered with, everyone can see it. Members of the public could conceivably maintain their own copies of that information without having the underlying video, but if the video that turns up in an investigation or a hearing has a checksum that differs from the blockchain copy that everyone can maintain then everyone knows to cry foul.

No I don't know how that would work, because I'm not really a fan of blockchain. I'm throwing it in as a method of having a persistent record that can't be altered but can be audited by all.

Totally with you on the telemetry though. We were asked to consider evidence systems including body cameras, and comprehensive telemetry was amongst the things we put forward. And checksums upon checksums. Never did the blockchain thing though - that's just something I suggested here for accountability to the public.

Yes, I agree that the video shouldn't be subject to mining. It should be stored intact, with checksums. That's all.

If an incident occurred with the officer or their partner, or in a location that they've visited within a time period (to be determined, but hours to days, not years), that video can be reviewed by a person.

It does need to be regulated, yes. Maybe I'm a hopeless optimist on that one!

Agree with the second part, but they need to be built so that they can't be switched off. How long is a shift? Make sure the battery life will exceed that after 5 years, and make sure they switch on the moment they're out of the charging cradle.

If an officer repeatedly damages their camera, that's grounds for disciplinary proceedings (or at least billing them for the cameras). And you'll have footage of them damaging the camera.

No, it's not perfect. But I think it's generally a good idea.

I may be unpopular on this one, but I'm all for police wearing bodycams.

The police aren't everywhere. Everyone knows this, especially criminals, so having them wear bodycams doesn't mean blanket surveillance. In fact, it's only blanket surveillance of the police themselves.

In the event that a controversy arises regarding a police encounter, the camera footage can be reviewed (or used as evidence for either party), ensuring that actions taken by the police were fair and reasonable (and stupid stuff like unarmed civilians being shot because they approached a police car can be appraised).

It's a high-pressure job, and sometimes they're expected to make snap decisions with serious consequences. If their overview board can see the actual circumstances in which these decisions were made then it could help to sort out good cops from bad cops.

I wouldn't suggest making all bodycam footage public - that's going too far, as I feel that's invading the police officers' privacy, offering random members of the public the opportunity to covertly observe locations, and opening graphic footage of violence and deaths to voyeurs, but it should be available under a court order.

Also, and I'm going to stick my neck out even further here, if the footage were cryptographically signed and then stored in a digital vault, a checksum could be appended to some form of blockchain (yeah - I feel dirty at that bit too) which would allow public oversight to ensure that recordings weren't tampered with without leaving a trail.

So that's my 10p on that one. If you feel that I'm being a lunatic, I'd love to hear a counterpoint.

Do they do a lot of gazing there?

Re: Radiation Leak

Chernobyl was easily detected because during the cold war everybody was looking for radiation; who'd like to bet that nobody is looking these days?

Nah - not entirely. The same Swedish lab that picked up Chernobyl's scent also found airborne isotopes a couple of years ago, so they're still watching at least.

Annoyingly I can't find a source, but I read it on El Reg.