* Posts by Lee D

4232 publicly visible posts • joined 14 Feb 2013

These 17,000 unpatched Microsoft Exchange servers are a ticking time bomb

Lee D Silver badge

If you're exposing a years-out-of-date mail server to the global Internet, you deserve everything you get.

Keep it up to date, or throw it away / replace it / move to cloud services.

Windows Format dialog waited decades for UI revamp that never came

Lee D Silver badge

My colleague laughed the other day when he saw the Windows Failover Cluster tools on Server 2019 Datacenter for the first time and realised that to move a VM's storage around you are forced to drag-drop in an archaic 3.1-like interface to put the storage, VM config, etc. where you would like it to go.

And some of the other dialogs for certain actions Failover Cluster literally bring up Open dialogs that you can't drag/drop, copy/paste into and have none of the modern Windows explorer structures in there (e.g. Downloads, recently-used, Pinned, etc. folders).

Not one half as annoying, though, as discovering that you can 90% set up the cluster in the GUI but if you want to do certain things with S2D, etc. then you are forced to use the Powershell to get the option you need for the exact same commands.

Lee D Silver badge

For all their billions, I could pontificate for a month straight on the poor UI choices throughout Windows, getting increasingly worse as time goes on.

If you don't want people to interface, then remove the options entirely.

If you do, put them in a single set of settings that is logical, ordered and doesn't try to hide advanced settings (or if you WANT to hide the advanced settings, have an advanced settings button under which all those options are for the relevant area).

Honestly, give me an hour in a lecture hall with the Windows UI people and give me the power for one month to dictate how they arrange things (I don't care about looks but also... why are themes no longer a thing? Why can't I *make* Windows look like Windows 7 if that's what I want? What is it to Microsoft to let me customise my PC that way after YEARS of them forcing themes down my throat?).

I promise you the world would thank me. Why is the third DNS server on a network interface only adjustable on another tab on the "old" network connection settings? Why are all the options from old official control panel apps NOT exposed in the new Settings interfaces? Why does AD Users & Computers INSIST on unticking Computers every time when you go to Find? Why can't I decide where the taskbar / start menu goes in an official manner as well as a cheap bit of freeware does?

Seriously. One hour. And then I promise you Windows will be more useable when I've finished. Guaranteed.

It's design-by-committee with corporate interests taking precedence and so it's become an absolute trash heap of old, readable, simple, dialogs which are the only way to actually configure things and which the new, fancy, unreadable, you-gotta-search-for-everything "because we said so", unnavigable, incomplete settings dialogs always end up falling back to when those settings need configuring, but fight you every step of the way to make you get there. And that's the PUBLIC-FACING things. The dialogs to deeper things like deployment and RADIUS are atrocious.

If I met someone who worked in Microsoft UI / UX departments and they didn't realise this, they honestly need to get out of that industry before they break anything else. I could understand "We know, but we're not allowed to change anything", that would be acceptable. But to be ignorant of the myriad interface problems in modern Windows, from the second you turn on the machine to the second you turn it off, is just unforgiveable for a professional who is supposed to be catering to the interface to users.

Apple fans deluged with phony password reset requests

Lee D Silver badge

Apple still has atrocious user interfaces for such things. I manage school deployments, and there were some real doozies before they got wise to proper enrolment and forced everyone to Apple School Manager (which means buying iPads brand-new at full price, no choice) many years later.

There was a point where I took over a batch of pre-purchased iPads that had had an app installed as a previous user, and then the iTunes account was changed. Whenever that app updated, it would decide to reprompt for the (long gone) user's iTunes password to update the app.

'

Again - system level, unskippable, recurring, the only thing to do was to concede and take over that account and sign in repeatedly to clear the warnings until we could wipe all the iPads on site (several hundred).

Then there's their setup dialog which used to let you set up an iTunes account on a new iPad without entering a credit card number... at first it was literally a click, then they got increasing obfuscated and would only allow you to select the option the first time on that iPad and not ever again, and then it became a running battle of stupendous workarounds where you had to cancel the "Sign in with iTunes" dialog some 50+ times to get into the iPad, change the setting to a particular account that had been set up with no credit card, and then you were able to sort things out. But to get there - system-modal dialogs every few seconds, that take an age to clear and then you had to quickly progress a tiny amount to get into the settings dialogs in between more system-model dialogs, etc. etc. etc.

After setting up 200 iPads that way, I banned iPad purchases from the site and they've not added one in 10 years. And that was one of the least of the issues we had with Apple.

Everyone tells me that Apple products/software are so expensive and different because of the superior "design", and I have yet to find a single design feature in any Apple device, hardware or software, that I actually even like, let alone prefer. Some of their design is fecking atrocious.

But, hey, I hear the next iOS will allow you to MOVE ICONS AROUND wherever you want (so long as you want them in a grid still, because we can't let you have too much control, but at least now they won't form a linear arrangement where you can have NO GAPS because Apple said no all those years).

Fujitsu set to be preferred bidder in UK digital ID scheme

Lee D Silver badge

Nope.

My brother literally had no photographic ID of any kind and he's 50.

No driving licence, no passport.

He has a bank account, a mortgage, a job with CRB checks required, etc. etc. He opened the bank account with a birth certificate and some utility bills.

In the UK you still do not NEED ID of any kind whatsoever.

And given that that's possible, even if he had those, all he needs to do when opening an account, renting, starting a job, etc. is to say that he doesn't.

Lee D Silver badge

That's called identity verification - asking for one government-issued document to verify your eligibility to renew another government-issued document is pretty standard and in fact necessary.

Also... you can not have a passport. My brother's literally never had one.

It's when you start joining them for non-goverment-issued tasks that it becomes a problem, and that's basically what killed the Manchester etc. trials - both legislatively and with the people.

Lee D Silver badge

Judging by the last trial that was abandoned at significant cost after a large-scale trial layout with no real "faults" found with the system?

Quite a long time.

Row breaks out over true severity of two DNSSEC flaws

Lee D Silver badge

Re: 7.5 is fine for a DOS

This is why any significantly-large public service should have resource limits on individual queries.

Literally just die and not respond, or throw an error. There's a reason that many of the HTTP error codes are basically timeouts and resource warnings.

I'm disappointed that this isn't the case already - same as when Cloudflare introduced a single regex into their global system that caused an international outage by taking too long to process queries - why was it ever affecting queries that weren't targeting that regex?

Don't process random third-party data with the expectation that it can use as much RAM, disk, network bandwidth or CPU as it likes. It's pretty simple. You have no way to tell in advance, so treat all connections in that manner and quota them down to nothing more than they need. We've even proven that computers CANNOT TELL programmatically how long a query would take to resolve just by looking at it (basically, the halting problem!), so don't EVER expect it to terminate in a reasonable time. Kill it when it starts taking too long.

Each of those queries is - at some point - handled by a function that you could break out of using a simple loop and/or timer.

And then have exponential backoff for that client to stop it repeatedly re-requesting that same query.

That huge multi-national internet-core companies haven't coded their server software in this way is incredibly lax. Just because it's a "new" protocol doesn't mean you don't have to apply the exact same guards against untrusted data as we have had to since the dawn of computing.

Cloudflare says it has automated empathy to avoid fixing flaky hardware too often

Lee D Silver badge

Sounds pretty basic and obvious to be honest.

3 days seems a long time to notice a node is broken.

Booting into a recovery/rescue/testing mode isn't ground-breaking.

Keeping it turned off until it's scheduled for repair is basic automation isn't it?

Every day I'm surprised by just how "un-clever" all these large scale systems are, especially when it comes to the basic back-end operations.

Microsoft confirms memory leak in March Windows Server security update

Lee D Silver badge

Re: Smoking gun?

While that's possible, in that case then the REAL cause of the outage is pushing patches to production without adequate testing for a global / multinational / huge company.

Microsoft's obsession with just letting everything auto-update is the real cause of the problems, and admins having to "step in" for known-bad updates literally days after Patch Tuesday should be extremely rare, rather than a regular occurrence.

Virgin Media sets up 'smart poles' next to cabinets to boost mobile network capacity

Lee D Silver badge

Bravo. Someone summed it up.

Also - those spider webs of cables are a perfect storm of bird droppings, problems when things get windy, shoes lobbed over them, etc.

As someone who buys leased lines on occasion, I can also tell you that those providers who offered to run it "along the telegraph poles" were roundly dismissed, especially when their own engineers told them that it would be highly susceptible to movement over the years and that's not what you want on direct fibre run for a leased line.

I moved into a lovely little rural house recently in a tiny little rural town and was actually surprised to see that the whole street was supplied with one such bitumen-soaked pole with huge dangling cables to each house - I'm literally yards from an area of outstanding natural beauty, the houses are all fabulous rural cottages and thatched farmhouses, and it's the ugliest part of the whole street. It also has guylines cutting far into people's exquisite little gardens, bird spikes along 30-40 feet of each radial cable, and it takes up what little there is of the pavement left over.

It also means that we're never going to get FTTP or possibly even FTTC this decade.

I can only imagine that - whenever it was, 80-90 years ago - when it was first put in, people objected just the same. And they're quite right in terms of aesthetics, but if you wanted a landline it's the only viable cost alternative, because digging up a line to every house is exactly what bankrupted NTL and scarred every pavement in the major UK towns with their cuttings.

I've also been told recently that the POTS line won't be voice-capable for much longer and I must move to a SIP-based VoIP "Digital Voice" using the line purely as a DSL line for transmitting such. At that point, and coupled with the fact that I can't get above 40Mbps no matter what I do here, I really would rather just snip that line entirely and use some other alternative because the landline provides literally zero advantage if I have to power the router, operate a VoIP account, etc. myself anyway. The only alternatives are about 3 times more expensive per month (e.g. Starlink, etc.)

So we have a choice - we can have modern tech and have masts, or we can pay through the nose and find alternate technologies to progress to anything reasonable, or we can stop all such and never have mobile coverage. Given the options, I think I'd rather have the modern pole.

Lee D Silver badge

Quite.

In a quiet little suburban town, we were told that we would get 5G and even had letters through to announce it.

I was quite excited as the workplace where that was has AWFUL 3G/4G reception, as in it's almost impossible to make a call without walking outside and going down the road somewhat.

We got all the planning letters, all the notification, we were actually looking at getting a Netgear Nighthawk to act as a backup line of some substance (given BT's penchant to just keep increasing prices and cutting services).

There was already a pole and cabinet at the location, there's nothing nearby of any worth, there are no areas of outstanding natural beauty to ruin.

18 months later, it was killed by NIMBYs.

Probably the same ones who rent our facilities and then moan on a regular basis that they can't make calls and can't take credit cards (and, no, you're not using our Wifi to do that) while on the site.

Britain enters period of mourning as Greggs unable to process payments

Lee D Silver badge

Re: "Zettle by PayPal" -- Hmm ...

"Further, they are not considered a bank, and escape the rules and regulations which govern banks."

In the UK, and the wider EU, Paypal is literally regulated like a bank - they just don't offer most banking products. In the US, it's very different.

Cash - "balanced the books, took money from the till, zipped it into a rubber envelope, filled out a paper bank form, drove to the bank, and put it into the "Night Drop" box." - all of which has an associated and insurable risk and requires hiring a single trustworthy person to do or oversee all the above rigorously and accountably at great effort and expense - and which can also be a chargeable cost in modern business banking.

Additionally, the credit card fees are almost perfectly pitched to match the exact same incurred costs of doing so, because credit card companies aren't dumb, and otherwise no business would accept credit cards.

Cash is no longer a backup - and during COVID you were twice as likely to be refused to allow payment in cash than credit card. Not least because of the extra handling, but also because it was difficult to get to banks because they were also closing up through understaffing - and that's a trend that's been occurring for decades and still continues long after COVID isn't a business issue any more.

Cash is not a panacea to anything nowadays. In fact it's inviable to operate a cash-only business in many major cities for a lot of retail types. It is not, however, such an issue to operate a card-only business. Hell, you can't even park your car without a card nowadays, and because it costs nothing to obtain one and one is given free with any bank account, basically everyone has a card. Even my young teenager does, because it just doesn't make sense to get her used to handling cash without also teaching her how to manage a card in the modern age. By the time she's in the workplace, and certainly by the time she is middle-aged, cash is likely to be dying further or actually dead.

Lee D Silver badge

2,450 stores.

An iZettle costs £149 and no ongoing fees (just a handling percentage of 1.75%). Not counting that you could probably get a bulk discount or better deal elsewhere.

For £365,050, not one of your stores would have to close or turn away customers ever again. And you could take 98.25% of their money (not counting the fact that you are probably taking that hit on card payments anyway AND you could maybe negotiate a better deal).

Greggs made £188m in 2023. That's £515,068 profit every day.

Are you telling me that it's not worth spending ONE DAY'S PROFIT (not even income, just profit) on equipping all your stores with a secondary, backup, independent card payment system that you only dig out when absolutely necessary, that will last at least 10 years, rather than have to shut up shops for the entire day and turn away customers?

I simply do not understand why companies of any size keep falling for this, when if I had only ONE shop, I'd have a backup card device under the counter.

Brits blissfully unbothered by snail-paced mobile network speeds

Lee D Silver badge

The railway network is far from nationalised infrastructure in the UK.

"Network Rail Limited is the owner (via its subsidiary Network Rail Infrastructure Limited, which was known as Railtrack plc before 2002) and infrastructure manager of most of the railway network in Great Britain."

"Network Rail's main customers are the private train operating companies"

"Britain's railway system was built by private companies, but it was nationalised by the Transport Act 1947 and run by British Railways until re-privatisation which was begun in 1994 and completed in 1997.As a part of the privatisation process, the railway infrastructure, passenger and freight services were separated into separate organisations. Between 1994 and 2002, the infrastructure was owned and operated by Railtrack, a privately-owned company"

https://en.wikipedia.org/wiki/Network_Rail

Also:

"In May 2021, the Government announced that Network Rail is to superseded by a new body, Great British Railways, in 2023"

"Great British Railways (GBR) is a proposed state-owned public body that is to oversee rail transport in Great Britain except for Transport for London, Merseytravel, light rail and tram services. In addition, it is to absorb Network Rail to become the operator of most rail infrastructure across Great Britain.[a] It will not affect the existing powers of the UK's devolved administrations in their areas."

Notice the repeated use of the word most, and the fact that a "public body" is being replaced by a "state-owned public body" without limited-company subsidiaries.

Also note that the last 25+ years of railway infrastructure were under privatisation and have a marked decrease in value-for-money, quality and maintenance over that time.

And even now, "Great British Railways" still hasn't actually happened yet, in 2024.

Lee D Silver badge

And absolutely no use of the inbuilt features of the modern streaming video formats where it can downgrade the resolution, etc. for a short period and then upgrade when the connection restores.

Lee D Silver badge

"the network "sweet spot," the point at which consumer demands for network mobile speeds match what the operators deliver, sits between 1 and 5 Mbps. This seems a little low to us, especially as the average download speed for UK mobile broadband is about 30 Mbps, according to some estimates."

Why would that be low?

The home connection is used for far more than just browsing, it's far more likely to see people doing actual work or watching lots more video, plus it's shared with a few other people on the same connection - so if 30Mbps is adequate at home, 5Mbps is more than adequate when out and about.

That said, the SPEED of the thing doesn't really matter to me. I don't care about the speed when mobile half as much as actually being able to connect. And there are so many deadspots once you get outside cities that that becomes a problem. And I'm counting GPRS/Edge/2G as a dead-spot in this instance. Great for phone calls, pathetic for anything data-bound.

Even then I know of basic GSM deadspots - I work in one! A town outside London, built up with offices and houses and schools and other buildings, and yet there are still places where you can't take or receive even a basic phone call even if you step outdoors, and that just shouldn't be happening in this day and age.

I don't care about speed, sort the coverage. If that means 4G/5G upgrades, then do it, and limit the speed on the individual connections.

It's insane that when I go into London on the train I have recorded 500Mbps on a basic mobile phone but if I want to take a phone call from near a station just a couple of stops outside London, I have to wander a few hundred yards down the road to get basic GSM signals.

They're supposed to do things like ensure that they increase coverage every time they plan major speed upgrades so that nobody is left behind, but it just doesn't happen. The cabinets / masts get upgraded, sometimes, but new ones are never added.

It's insane that the core cellular networks are not nationalised infrastructure, with the providers competing on top and paying a percentage to ensure that the infrastructure gets to constantly expand and upgrade.

Microsoft license shuffle means Power Apps users could break the bank

Lee D Silver badge

When you have to "subscribe" to your essential in-house business tool, you know it's time to change.

Voyager 1 starts making sense again after months of babble

Lee D Silver badge

Re: If ever there was a use case for LLM

That is the singularly most awful idea I've ever heard.

You know that all such "AI" just collapses into a heap of nonsense the second it has to think for itself, receives unexpected data or strays outside its training boundaries, right?

Job interview descended into sweary shouting match, candidate got the gig anyway

Lee D Silver badge

Re: The first one is free

The problem with fancy interview questions is that you are only testing whether people can answer fancy interview questions.

It's a self-fulfilling prophecy - you're selecting candidates based on some arbitrary criteria which is only vaguely related to their job, so the candidate who "does best" may not actually be good at anything vaguely related to the actual job they need to do.

I've always held that job interviews should be little more than "We pay you for a day, you work with us for a day". Anything else is nonsense. All those lateral thinking and logic tests (which, incidentally, I'm *amazing* at, being a mathematician) will knock out people who would have been great at the job if it wasn't for that test. All those impressive answers someone gives in interviews where they turn a perceived problem with themselves on its head and make you think they're wonderful? Congratulations you've hired a very good BS'er. All those interview that utterly impress the management types with management-level BS, while all the people who are hands-on, in the field, etc. are completely hating them? If you go ahead, you've hired someone good at speaking managementese who's going to be hated by their underlings and co-workers.

The interview is a selection process - and a two-way one at that! You have to consider "What am I selecting for with this question?" but more importantly "What am I selecting for when I'm looking at the answer?". Because a simple technical question may well be useful to "get right", but someone who admits they don't know, asks if they've be allowed to research the answer, takes a decent stab, tells you what they are sure of and what they are not based on their previous knowledge/experience, and can state where they'd go to get a definitive answer... I'd rather have that guy. I want to select for their METHOD and their communication and honesty, rather than that they don't know what menu the button is under to restart a cluster, or whatever.

Interviews are a selection process. Select for what you want to see, not some arbitrary score system of nonsense. Because like natural selection, if you cull perfectly good applications based on random nonsense and/or the highest-scoring person is just someone lucky, then you're going to end up evolving entirely the wrong direction compared to what you actually want to happen.

Lee D Silver badge

I was asked to design interview tests at my current workplaces and I have the same attitude.

I don't care that you don't know specifics, haven't memorised a keyboard shortcut book, I'm more interest in how you approach the problem, that you have a general feel for something, and that you wouldn't be stumped if I left you to do something specific - you'd be able to run off and find out the exact details for yourself.

Sure, you really should be able to, say, name a competing but similar product to Hyper-V, for example, but if you can't because you worked on Linux systems all your life I'm not going to hold that against you. I couldn't care less if you can subnet an IP address in your head, I'd want you to double-check with an online tool or similar anyway if it was complex enough that we had to sit down and work it out. I'm for more interested in "A user does this, and then comes to you and says that, please describe what you would say/do in response", and even "Name an OS/programming language. Please name another alternative OS/programming language to the one above and describe how it differs" is a useful question to get a feel for someone.

But a quiz is just a quiz and I wouldn't use anything like that for a formal assessment of someone's capabilities. It's just to weed out people with zero industry knowledge, no customer service skills, or those who are obviously bluffing in their claimed experience.

If you want to set tasks, set a task. Something real, that someone can achieve or not, and then see if you approve of their METHOD not their results. The so-called "inbox exercise". There is no one right answer and I don't expect you to do everything and get it all perfectly correct. I just want to make sure that you aren't going to just pull a wire and take the network down without checking, and that you realise things like change management, etc.

In one interview, I was asked a technical question and immediately my response was to say that there was a potential impact so I would follow whatever change management protocol they had in terms of alerting the team, notifying users, recording the change, assessing the impact, etc. The interviewer said "That'll do me, everything else is secondary" (with a big exaggerated "tick" gesture while writing on their clipboard) and moved on before we ever got to the actual technical answer.

Lee D Silver badge

Interviewed at a school for an IT position once. Actually two similar roles at the same school, and I was qualified for both. They were interviewing on different days for each, so I got given an interview for both roles on different days.

As I was driving to the weeks-before-booked appointment, and it was a 30-minute drive away, they sent an *email* to say that the interview had moved to another venue on the other side of town. Just sheer chance meant I had stopped for fuel and checked my email.

When I turned up, the front of the school looked like a tip.

Was pointed to reception (there were no signs!) by a random staff member.

Ending up sitting on a broken, torn, dirty sofa in a "reception" area which was an area of grubby, torn-up carpet in the corner of a corridor.

Was left waiting there 20 minutes without any sign, long after the interview should have started.

Was eventually collected by someone and led - no exaggeration - THROUGH an in-use staff toilet room. It was the only way to access the main IT office.

"Office" was a cupboard just big enough for 3 people to stand in it. If two of you ducked under horrendous cupboards above your head that were a literal hazard. It was clearly a former cup-washing kitchen type room, because it wasn't big enough for any practical purpose whatsoever. Which was unfortunate because there were 3 of us, me, the guy who'd collected me (who was a teacher) and the IT manager.

I had to sit hunched the whole time because the chair for the interviewee was under a cupboard so standing up meant braining yourself.

Cue an interrogation about... the school. Not once was IT mentioned, but they were disappointed that I hadn't remembered the EXACT pupil numbers on their website (but I was not only in the ballpark but I had merely rounded up to the nearest ten). I get "knowing your customer" and checking the website before interview, but memorising random facts like establishment date and pupil number seemed to be the only thing they were interested in. This went on for a LONG time, and obviously some of it I literally hadn't memorised, some of it they weren't happy unless the number was absolutely exact, and none of it was about IT.

In some prestigious school, I might expect *some* of that, and in fact had worked in many such places hence why I had checked the website and had answers for all the relevant stuff, even if they didn't like them. But this was a run-down state school that looked like it would be condemned any minute. And if it was about child protection policies, or generally working in the school, fine, I'm used to those questions. But this was literally about "what year was this school established", "who was the first headmaster" (hint: absolutely nobody you would ever remember), etc.

At one point got asked a inane "management"-type question that wasn't even relevant to any school role I'd ever had in my life. "I'm sorry, but can I just check, this is the interview for the IT <whatever job title it was> position, right?". They absolutely hated that and tried to terminate the interview there and then. I was already halfway there myself, but out of politeness, and with the help of the teacher guy, we pulled it back to common sense for a second. Then they continued on exactly the same lines. Eventually the manager and I just looked at each other and said "This isn't going to work". We terminated the interview there, not an IT question asked.

We didn't even bother to shake hands. As I was led out, the teacher apologised profusely, and I told them politely that if they didn't want to hire, they shouldn't waste people's time. The guy was clearly trying to either protect his job from people with better experience, or was so antisocial that he literally didn't want anyone to take the role at all. Even if he was trying to "warn" people off the job, there are a million better ways to do that, but that's absolutely NOT what he was trying to do. He'd taken exception to me before I'd even walked through the door... or through the staff toilet, and yet we'd never actually spoke and basic interview / hiring etiquette on my part meant that he had absolutely no reason not to like me at that point.

Nobody, nor myself, mentioned or bothered about the second interview for the other (similar but different) role.

As an IT manager for private schools now, I use that as a lesson when hiring on what NOT to do to any candidate no matter how ill-fitting you think they are.

Other ones I've had included a "technical test" where the question was "How would *you* retrieve all the DNS servers configured on a client machine?". IPCONFIG. "Wrong!". Oh, right, you mean "ipconfig /all" then. "Wrong!". No, honestly, I would. It lists them all. In plain text, in a copyable format, and shows if you have more than two, and shows all interface and their configured DNS. Guy absolutely outright insisted that it didn't and that I was wrong. As this was only a year or so after the above interview, I was already in the "Okay, this isn't going to work" phase, so I battled on and insisted that it does. I had a keyboard thrown at me... "Go on then, show me! You're wrong". So I ran ipconfig /all, scrolled up and there were all the DNS servers listed for each interface in a plain-text copyable format. I even copied it to prove that.

He didn't even have the decency to look humbled. He got very stroppy, told me that it was "the wrong way" and that the only way to do it was through the GUI (that was never part of the question, and the question was how would *I* do it!) - and I pointed out that that took many clicks, was increasingly being hidden away on modern Windows, the classic interface only showed two DNS servers until you went to another tab, and that you had to do it for each and every interface separately. He just stuck with his "Wrong!" attitude. I didn't bother wasting their time from then on.

'We had to educate Oracle about our contract,' CIO says after Big Red audit

Lee D Silver badge

Re: That is why web site Ts & Cs are not a contract

A contract is a "meeting of minds" legally, so many T&Cs are not enforceable, and are often found to be that way in court.

However, there's also a factor of variation and acceptance of that variation when you start.

What people often don't realise is that even a contract is not cast in stone - and there may be unenforceable parts within it, everything from the jurisdiction (i.e. a US company doing business with EU companies can't always have every aspect of their business contract only be answerable to US law/jurisdiction, it simply doesn't work like that) to the actual thing they are trying to do.

"Your statutory rights are not affected" means something, and doesn't even need to be explicitly stated (it often is, but for other reasons!) - because those rights are statutory and are not affected whether they tell you that or not!

To be honest, despite having screwed several companies to the wall with their own contracts in the past, I wouldn't touch or deal with Oracle contracts. They are certain companies you just should not be doing business with.

LinkedIn's turn to fall over: Outage hits thinkfluencer hub

Lee D Silver badge

If you hit refresh a few times

"If you hit refresh a few times..."

Sorry, but with my IT hat on, I hate you. The website is down, so let's pound it senselessly until it comes back up...

EU users can't update 3rd party iOS apps if abroad too long

Lee D Silver badge

Re: Why does anyone buy Apple?

I had a discussion only yesterday where I was trying to work out what value there is in a stupendously expensive iPad if you're going to give it to kids.

I never really got a proper answer.

They're aren't more manageable, they aren't more robust, they don't have access to software that others don't, they aren't better in any practical way... and for the cost of each one I can buy several of their competitors and throw them away if they break.

Year of Linux on the desktop creeps closer as market share rises a little

Lee D Silver badge

Re: Repeat after me:

You mean remote terminals, virtual machines and SIP?

Gosh. I wonder how long they've been the core design of other desktop OS and, for instance, when things like Asterisk took over the SIP-based telephony market.

You keep reinventing the wheel. The rest of us know that Windows was the LAST operating system to add those features, with the exception of Macs that literally REMOVED such features from their desktop environment.

Honestly, of all the arguments...

Lee D Silver badge

Re: Repeat after me:

They said that in 2014:

https://www.neowin.net/news/munich-germany-realizes-that-deploying-linux-was-a-disaster-going-back-to-windows/

After a decade of already being on Linux. I wouldn't call an entire decade of operation (in fact nearly two) "unviable", would you?

And there's already a campaign to return to it again.

Their flip-flop has far more to do with their political landscape and opportunity to profit than it does the technical viability of what they're doing.

And, hell, running Windows software on Linux in 2004 was a VASTLY different landscape to today's mostly-web-services environments.

Lee D Silver badge

Re: Repeat after me:

"In those years there hasn't been a single role or outfit I have worked for that could have adopted Linux even if they wanted to."

That's some serious hyperbole.

They could have adopted it, at any time. It would have cost money to transition, they would have had to made some small sacrifices, not unlike ANY upgrade or system change project.

But saying they COULDN'T have done it is just wrong. They didn't want to.

Any one single item you might consider a blocker will have an alternative that may be less preferable, but equally as viable.

I've yet to actually work in a single place where I couldn't have just replaced everything with Linux overnight, let the users scream and shout for a few weeks, and then business would have just carried on as normal. Maybe you'd have to swap out a banking integration with a dumb bank that only knows about Windows, or had to change the office suite to a web version, etc. but saying that not one place you've ever worked could have gone Linux is just a flat-out lie.

What you mean is: "without impact", but the impact of changing any system is pretty much there, even going from Windows to Windows, or merging two Windows networks, or whatever.

Microsoft: Copyright law didn't stop the VCR and shouldn't stop the LLM

Lee D Silver badge

The VCR was a tool used to do something - and that something could be illegal or not depending on what the user did with it.

LLMs are a tool used to do something - and that something could be illegal or not depending on what the user did with it.

Not only are they the same in that respect, that argument actually means that you still can't use them illegally and still need to get consent for the data you're using, and can't just randomly spew out thousands of copies and sell/give them away without the original owners seeking action against you.

This is a dumb analogy, and actually makes the argument fall against them even worse.

Microsoft's February Windows 11 security update unravels at 96% for some users

Lee D Silver badge

Re: Windows 11 might "face installation issues."

Linux isn't immune.

SystemD is an absolute pain when it goes wrong and I have had it go drastically wrong.

It's simply that more care is taken, and updates are far more modular. There is no "roundup", no manual dependency checking (pretty much each Windows update just to "look for" what it needs, there's no centralised mechanism to handle it all so things can break, especially with things like .NET), far more testing, far more care, no silently obsoleting user's setups but carrying on pushing updates that expect the latest setup, and no reboots unless it's literally a kernel or bootloader update.

Windows they just slap it together and fire it out with the expectation that it's on the user and thousands of IT department worldwide to handle the problems and "just reimage" if it goes wrong.

I suspect that internally at their cloud service there are either thousands of techs just as frustrated with their nonsense as everyone else, or who literally have special access to stop all that happening that they never roll out to other users, even huge enterprise.

Lee D Silver badge

It would be the work of a moment to generate a unique ID for a particular line of code / error value at that line, and present a link to the user like:

"More information may be available at:...."

And then when that error hits and becomes an issue for lots of people, they could make that page and describe the potential causes and fixes.

I mean, hell, there's no reason that part of the error routine couldn't be "Look up this code and see if there's a page I can direct the user at, and if not THEN just display a code and nothing else".

If you did it right, you'd be able to capture stats on new errors just from your web logs, you'd be able to have consistent and useful error messages with solutions when common problems happen, and you wouldn't need to update the OS *AT ALL* for those error messages to be kept up to date with full breakdown of cause, symptoms, diagnosis, resolution, etc.

All you need is a unique hash, a website that returns "Sorry, can't help with that error" for anything that doesn't already have a page, and someone copy/pasting the relevant information into a page for each unique error that becomes an issue. Even if they only did it once a month the week after Patch Tuesday, it would be SOMETHING, and they might actually get some useful telemetry to spot problems in release builds etc. BEFORE they go out to general release to billions of customers.

But what do I know, I'm just a programmer, geek, IT guy of 30 years, and they're a mega-corporation with almost unlimited resources.

Gimme free Azure storage/processing and a cluster of VMs to run a server farm etc. on to serve the pages, and we could have it running by the end of the week and roll out small updates to error routines over the next year to actually do something useful with returned error codes and/or dialogs that pop up with obscure errors and hell, who knows, maybe even blue-screens.

Lee D Silver badge

Re: "Something didn't go as planned. No need to worry – undoing

Well, the first warning sign was that those pop-up notification things are called toast notifications.

Can I interest you in a toasted teacake?

Work for you? Again? After you lied about the job and stole my stuff? No thanks

Lee D Silver badge

Re: With friends like these..

I don't trust companies at all.

I *may* trust certain specific individuals within the company if they have a proven track record of actually doing right by me.

But even they can't guarantee that they'll be around next week, or that the company will do what they should.

I trust certain people, only. Those people - by and large - don't let me down, and they're the ones whose promises I believe, not the companies (and often those promise are at extreme odds with each other).

When a person I trust tells me that they'll get me that raise... I will tend to believe them, and it will tend to happen. Even if the company doesn't want it to.

When a company tells me they'll get me that raise... I have zero interest until it's written down and even then it's not a sure thing.

Trusting a company is like trusting a concept, or a thought, or a idealism. No. But when Fred (who I've known, worked for and trusted for years and doesn't ever let me down if it's at all in their power) says it, then I will listen. And even if Fred then does let me down, it's going to be because the company got involved and/or broke their promises to him. That's not Fred's fault. And Fred, almost always, will then apologise enormously, plus never pass on a promise he can't personally deliver ever again.

You're dumb to trust an imaginary entity, controlled by basically random people outside your control, to do anything. You're dumb to trust most people too. But the ones you can trust pretty much won't let you down.

And that applies to all industries and workplaces. The people I trusted, I'm still in touch with years later and still trust them because of their track record with myself alone. The companies I've worked for? Eventually almost every one of them failed me because the PEOPLE changed.

Lee D Silver badge

Was once on the receiving end of just such a conversation where it was absolutely, 100%, totally, utterly going to end up in me being sacked.

Why hasn't X been done, X was absolutely for you to do, it's really important that we do X, you've failed to do X, you must do X, X is part of your job, you were instructed to do X, etc. etc. etc.

My reply, by email, was nothing more than a date, time and subject.

Referencing an email nearly a year earlier where I'd taken to putting in writing the results of a meeting with EXACTLY the person who sent the above, against their wishes (they hated anything being formally recorded) and had clearly done it as a "Okay, so when this all goes utterly pear-shaped, please remember that you said this, and that I'm reminding you now that you said this" type of email. It was all there, in black & white (or white & black if you use night mode). Don't accuse me of not doing things that you literally stopped me doing and told me not to do.

The temperature went from 1000C to about -273.15C so fast, you could see the contraction cracks appear in the metalwork of the building.

My colleague wasn't aware of what was going on, because at that point I was doing it all in "private meetings" and by email, but even they asked why I had such a big smile on my face for the rest of the day.

Lee D Silver badge

Re: "And to this day, the more he dislikes someone, the more polite he is towards them."

The point of burning bridges is so that NEITHER they - nor I - ever walk back over them again.

It's literally a self-defence mechanism.

Say you burn the bridge with a new and horrible boss and then walk. People say "But what if you go to another job years later and that boss is on the interview panel?" Then I just found another company that I never want to work for, because they hired the person I never want to work for again, and I presume they know what they hired (and if not, I still don't want to work there).

A kind of self-fulfilling prophecy.

Be careful what bridges you burn, sure, of course. But if I burn a bridge and then feel tempted to cross that river at that same point again? Yeah, I need to stop and think carefully about what I'm doing. I burnt that bridge for a VERY good reason. And if I ever feel I made a mistake, maybe I'm not good at deciding what bridges to burn. (Hint: I'm EXTREMELY good at deciding what bridges to burn!).

I dance in the light of my burning bridges, and only hope that they can see me from the darkness of the opposite riverbank.

Lee D Silver badge

Re: Got to love an optimist ...

When I was self-employed, I would often add on a stupidity tax for those clients who were really annoying.

If I have to sigh, bite my lip, and rouse myself in order to just walk in the door of a certain client, I'm making sure I'm compensated for it.

And if I set it "too high" (cough) they would complain but often then just forget all about it. Which was exactly what I wanted.

Nobody ever dared not to pay, though. I'd be into bailiffs and courts for that, for even the smallest amounts, let alone £2k.

Lee D Silver badge

Many such incidents, many not quite the same scale however.

Work in schools, and one school hired a new "IT Coordinator" (teacher). He decided that he knew more than everyone.

One of the things he did was bought a bunch of dictaphones (long along those things were obsolete) that saved in WMA format. And a piece of software (which was absolutely awful and had a million competitors that were better) that opened and used MP3 format audio.

He insisted that I make them work together. Nope. First, I had no part in their purchasing. Second, they're incompatible. Third, I don't take orders.

This went on for a few months. One day, when he was actually particularly nice, I implemented a workaround. If he saved the WMAs in a certain network location then 10 minutes later they would appear as MP3s in the same location. All automated.

Not good enough.

When I left a few months later, he tried to badger me for the administrator's passwords. Not going to happen. I asked why? Because, obviously, the administrator password would make these two incompatible file formats "just work", don't you know? That was seriously his argument.

A few weeks later, I was still getting regular calls at my new workplace from him, determined to get the administrator's passwords. Claimed that the headmaster had told him to.

I reported him to his employer and said I would never provide him with details. I had provided both the headmaster and a governor (who worked in IT) with full documentation including passwords before I left, had them both sign off on it, and told them they were responsible for those details going forward as I would be removing them from all my records.

When I told him that, he got very shirty - because I said that all he has to do is get his headmaster to give him those passwords, or get his headmaster to speak to me and I'll do what I can to help if they've BOTH lost the passwords.

Never heard from him again.

The next employer I spent many years at, and with full knowledge of a very techy Bursar we took a number of shortcuts over the years to save money. These were done knowing full-well that eventually they would be undone, and a bog-standard expensive commercial product used in their place. We both talked the same language, we both knew the implications, we both understand the trade-offs.

We met regularly, I compromised to save money, he compromised to make sure we still had systems I could manage. We saved a ton of money, everything did what was required (and more!), and we both had great fun with it.

Then the headmaster changed. Basically gave the Bursar (my boss) a heart attack with stress. He left and - because of our relationship - not only gave me explicit warning of what was going to happen (including that I would be next-in-line), but also kept in touch to this day and helped me our enormously.

When he left, exactly that happened. All the vaguely-technical stuff that a bursar would normally oversee got pushed to me with the blame for everything (and given that they were completely non-technical, it was almost impossible to argue the case in even the simplest of things).

They ordered a full IT audit. Done. They never showed me the report. (But I was party to it, via a "friend"! And it was hilarious - it was basically saying "What more do you expect your IT guy to do, he's running the place on his own, doing a great job, everything's working, everything that you should have you do have, he's planning ahead, working to a tiny budget, he's paid under-market rate, he has no help, no outside support, no expertise in some of these things, and you refuse him holidays and reasonable adjustments?!").

Anyway, they came up with a small one-liner list of "improvements" from the report. Basically nothing of consequence ("we should have a formal policy on X" - it was literally a sheet of A4 to write down what had been policy for decades! Took me about 10 minutes).

I agreed to do them all, so long as they agreed to do all the points that they needed to do. They agreed. We set a deadline six months down the road.

The next day, I presented evidence that I'd done all my bullet-points. They accepted that. They said no more.

Six months later, I asked them for theirs. Nothing. Literally nothing. One of the points for them was "Decide who should be on a IT steering committee". They hadn't even bothered to do that. A post-it with my and the headmaster's name would have sufficed! Nothing!

So I made an ultimatum... fix it or I go. Oh, and by the way, I know exactly what the full report said, even though you refused to show me, and none of your bullet-points actually address the real issues highlighted in it, so I want some word of what's happening with them too.

Nothing.

I turned up to the meeting where we were due to discuss this (second) deadline and they have invited a deputy head with a broken laptop to hijack it. The meeting turned to yelling and accusations that "nothing worked". So I asked if they'd filed a ticket. They went white. Having staff file tickets, as was the policy!, and not just announcing nothing works, was literally one of the items they were supposed to address. No ticket. "But I told you". 1) No, you didn't, you're an absolute liar claiming that (and I used those words because in this case it was true), 2) It doesn't matter, you're supposed to file a ticket, that's literally the policy, always has been, and now confirmed and written as determined by the IT audit.

So now that we're into meeting-hijacking, not even fulfilling a single bullet-point, senior staff yelling at me in meetings, etc. it's now time.

"If this is how it is, then I'm done. This is my resignation". The envelope was already in my pocket, dated that day.

"You can't.". Oh yes I can.

"You have to work out your notice period". No, I don't. Because I just came from HR. And they have determined that - with all the holiday you never let me take, but which I was explicitly allowed to "rollover" several times because I was never allowed to take it... it's actually MORE than my notice period. I can walk today, and you have to pay me for the entire two month's notice period, plus extra!, and I don't ever have to come back. (The holiday was all accumulated and agreed with the previous bursar, who had always been lovely about it, and MADE me roll it over even if I knowingly hadn't used it, but when he left they stopped letting me take it!)

Bye!

They hated it. But the consequences were even funnier.

1) I did literally just walk and not come back.

2) They got a guy who worked at a BMX track (his only job!) to take over the IT.

3) Within three months, they'd had to spend three times the annual IT budget just on putting things to a place where he could understand them (i.e. no in-house email, migration to managed servers, support contracts for CCTV, access control, etc. etc.). I had warned them, as had the audit, that they needed a skilled person to take it over.

4) The head was reported to the Department for Education for financial mismanagement, and the governors too for knowingly misrepresenting pupil numbers in order to spend the above money.

5) The assistant bursar (a lovely woman) was sacked - for not keeping child protection records. Which was not in her remit, that she'd warned them about in writing repeatedly, and which nobody ever did anything about. She later sued for unfair dismissal, was later cleared of all such responsibility, and became a bursar at another school herself! They'd sacked the real HR person and several replacements in previous years and nobody had ever picked up the child protection checks, so they were just trying to dump it on her.

6) The head was banned from teaching or running a school ever again.

7) The governors were all forcibly replaced immediately.

8) EVERY SINGLE MEMBER OF STAFF was replaced within a year.

9) I got a phone call before I'd even got home, from my bursar friend, with a job offer at another school. I worked there for nearly 10 years afterwards. (My girlfriend at the time was absolutely fretting over "What I would do" etc. as I was telling her why I was home early. How would I get another job? What about my references? What if we couldn't pay bills? Etc.etc. The phone rang, it was my bursar, I had a better-paying job at a bigger school by the afternoon).

Sorry, but if you're going to take advantage of people, please make sure you're in a position to do so.

Google co-founder Brin named a defendant in wrongful death complaint

Lee D Silver badge

Re: More than surprising

It's extremely credible to me that someone that has accumulated $111bn of wealth - by any means, fair or foul - and still retains it is absolutely the kind of person who disregards rules, has no care for other people or their lives, and would do exactly such a thing - including covering it up at extensive efforts merely to avoid paying out money than to actually avoid jail (as he didn't do the modification himself, did he?).

You can't become or remain a billionaire, let alone a hundred-billionaire, and claim to be of moral character and care about others whatsoever. It's completely disingenuous to even suggest so.

That's even not counting things like extramarital affairs when you have children, and with an employee.

This guy's got more money than half the world's countries have as their GDP.

Web archive user's $14k BigQuery bill shock after running queries on 'free' dataset

Lee D Silver badge

Cloud is just a way to go back to charging for computing resources per byte, per cycle, per second.

I don't understand it, and I don't see how people have managed to convince business (who like fixed determinable costs) to go down that path.

For instance, if I was to migrate our in-house AD and VM structure to Azure, how much would my bill be next month? I can tell you *most* of it (reserved instances and all that), but I can't tell you at all what it would actually say on the invoice, nor can I guarantee that tomorrow it won't spike massively through our own ordinary use of the same systems.

Thin client, fat client, thin client, fat client...

Distributed, consolidated, distributed, consolidated...

In-house, outsourced, in-house, outsource...

And now computing is

Purchased, rented, purchased, rented...

Sorry, but I don't want a system where it's even CAPABLE of running up an unexpected $12,000 in a year, let alone one query. It just shouldn't be possible. And when you consider the majority of the clients of such services, surely jumping out of free tiers into $12k bills is something that none of them want, that there should be guards against, and that the query should be denied outright and you have to go in and authorise it individually rather than it "just happens". I'd really rather my servers just stopped, for instance, than issued me a $12k bill for carrying on. And yet I spent many times more than $12k on my in-house servers that do the same.

This isn't about dumb users, or about how much you can run up a bill. This is about profiteering at the expense of having a set credit limit and a separate authorise button for anything over a user-controlled limit that has no default and has to be explicitly set by each customer before they are able to use the system.

City council megaproject mulls ditching Oracle after budget balloons to £131M

Lee D Silver badge

Re: So whose bright idea was it in the first place?

They ended up on Oracle, that's all you need to know.

You only end up on Oracle when you have absolutely no sense, control or idea of what you're actually doing, what that requires, and what the best way to implement it would be.

My concern would be why is this some sort of bespoke project rather than just what everyone else uses for the bog-standard business practices (ERP, HR and bank reconciliation? Gosh, if only there were other places who needed those!).

I am of the opinion that government projects should come with a fixed deadline less than 5 years, a fixed budget, six-monthly audits on progress, and the project terminated if it doesn't mean two of those audit's expectation. And all projects should have that requirement. You want to bid for government projects? You better get on board.

If you can't do something in 5 years, or you slip for more than a year, you shouldn't be doing it.

This place actually seems to have a decent handle on things, for a local government project. "This isn't working, we want to know when it will work, how much it will cost, or we'll cancel it" should be the norm.

Singapore's monetary authority advises banks to get busy protecting against quantum decryption

Lee D Silver badge

Re: Easy solution

Even seen The Imitation Game?

Turns out the only German you need to know is...

Known-plain-text attacks combined with quantum computers will decrypt the rest of the message too, by a reasonable probability.

QE doesn't care about your key size (it just makes your QC larger), only whether it can identify the signal in the noise. And it *can* use the tiniest hints to increase the SNR enormously. It probabilistic, so you really don't want to narrow the possibilities at all, and QE may well have more viable known-plain-text attacks that public key encryption.

Also, quantum key exchange algorithms already exist, as well as quantum-safe encryptions that can be performed on an ordinary computer. You probably have them in your browser already, in fact.

Persistent memory to replace DRAM, but it could take a decade

Lee D Silver badge

Re: And security?

The TPM is only ever big enough to store keys and process information with those keys. That's exactly what it's for.

It's not for "storing data", it's for storing enough information that it can encrypt and decrypt your data while being just tough enough to crack to make it not worth the effort to recover those keys.

You're using a TPM now - somewhere along the way. Almost every server or modern Windows client is using the TPM chip for things like Bitlocker, hence the requirement of a TPM for versions of WIndows 10, a stricter requirement for Windows 11, and even stricter ones for server versions and planned for the future.

Basically, if you wanted to encrypt RAM, you already have the tools in your machine, it's just a matter of joining them up so the memory controller portions encrypt/decrypt using the keys in the TPM "for free" without you having to use processor time to do it.

Lee D Silver badge

Re: And security?

All you would need to do is store a security key elsewhere (e.g. a TPM) and use it to encrypt memory data as it streams back and forth.

Otherwise removing a chip and putting it into another machine would, indeed, allow you to modify that RAM and then put it back in the original machine to reveal whatever access/information you wanted it to.

Insider steals 79,000 email addresses at work to promote own business

Lee D Silver badge

I use individual emails for every company I deal with.

So if I'm signing up for one service, I know exactly what email I gave them, and if I get spam, I know exactly where that address came from. And if I don't "create" an address for a company, there's no way to contact me except on a generic account (e.g. my name) which I never give out.

Then I got an email selling furniture for schools (which was quite clearly a new company spamming to drum up business). I wondered how they had got hold of my address as it wasn't anything I'd ever signed up for. Turned out that the email address they were using was the one I had given RM (remember them?). And they seemed to be an entirely unrelated company.

I unsubscribed, and they still spammed me relentlessly, so I called them up. It took a while for them to get what I meant, and then got to someone who I could actually confront, who was instantly red-faced and sheepish.

Turned out that their director was a former employee of RM, who had recently left to set up a company of their own, and in the process had stolen the entire RM address book and used it to spam all their customers.

To say they were shocked I'd managed to expose this in the matter of hours of being sent an email, that they then panicked trying to undo it all, and that they promised rather comprehensively I would never get another email from them ever again (that was my deal that I offered... I don't care where you got the address from, but if I receive a single further email from you, there'll be a nice message winging its way to RM's data protection department) is an understatement. They soiled themselves.

I never did get another email, nor buy anything from them. And I kind of judge RM that their customer address database / CRM / whatever lets you just exfiltrate the entire contents like that.

But it happens all the time, and it just shouldn't be possible. Why does anyone working at RM (or indeed anywhere) need to see my email address, or be able to export the entire address book to a third party device?

Virgin Media to stand up rival network operator to BT Openreach

Lee D Silver badge

Re: IPv6

Ironic, given that it's a requirement of DOCSIS 3.

Google debuts first Android 15 developer preview without a single mention of AI

Lee D Silver badge

Or maybe ding, dong, the fad is dead! Which old fad? The recurring old fad! Ding, dong, the recurring old fad is dead!

Air Canada must pay damages after chatbot lies to grieving passenger about discount

Lee D Silver badge

And what are the chances of that? About a million to one, I reckon.

Lee D Silver badge

That's just standard practice because so many people would just give up and pay rather than fight because "lawyer" is a scary word, that they actually profit by doing so. Their legal team probably handle dozens to hundreds such cases every day and I bet most never get a small claims against them.

More importantly - if it came to it, you would just demand the transcript from the support session. It's up to them to provide it, not you.

In my experience, companies will fight tooth and nail because it takes a LOT of effort to actually bother to argue with them and most people just don't know how to do it. I've had run-ins with Three, I took down a car insurance company entirely, I fought against a letting agent and cost them £10,000+ and many of their landlord customers, etc. and plenty of others. Because to me it's a game and a point of principle. I've been threatened with court many times, and I've never yet once set foot in one. Strange that. Might have something to do with the fact that when they threaten it, I gladly accept their offer and say if there's anything I can do to advance that process to court, they should let me know. I have, though, also initiated actions that literally stopped companies in their tracks and made them realise that I wasn't going to ever go away - and then they actually bother to read the complaint and evidence (which they simply don't bother to do up until that point) and hastily backtrack and settle.

People need a grounding in legal basics, especially contract law and that's what written often isn't cast in stone even if you willingly agreed to it! They also need to drive such complaints past the point where it costs the company more money than it's worth, and do so on a regular basis whenever they see such things.

But, yes, the standard response is "do nothing and deny" and point at terms and conditions that are basically unenforceable in the situation, and not bother to do anything until you're about to cost them money (and then they will make an offer way under the amount of money it's already cost you or them in terms of hassle, and significantly less than it would ever cost them otherwise anyway).

Lee D Silver badge

Even if the bot was a human operator - does that mean they can spout nonsense and then expect the customer to just suck it up when it's wrong?

If anything, a human being in error would hold MORE weight, not less. So why would they think that claiming the bot was some kind of free-thinking independent entity would make it not liable? Their own humans wouldn't be!

I just don't understand why a company would deploy these things on a front-end website. At absolute best, if you believe every bit of hyperbole over AI, it's like putting a small child on the customer service team and then letting it run off and say whatever it wants, unchecked.

Maybe eventually another fad will come along and these places will learn that such bots are absolutely a liability to them and are in fact a pretty damning security hole - I've seen other news of them be manipulated to get prices and discounts not actually available, and to get into conversations that are wholly inappropriate for any agent - automated or not - to get into on a corporate website.

Southern Water cyberattack expected to hit hundreds of thousands of customers

Lee D Silver badge

Re: Open a second bank account...

"Who, in their right mind, would ever let an near uncontactable, unaccountable company to have free and unlimited access to take money from their bank account? Oh yeah, lots of people....."

With an instantaneous right to revoke and refund the last three said payments, cancel all future payments, based only on you contacting your bank and asking them to and not even having to provide a reason why?

Me.

Because I want to live in the 21st century, if they mess up then one phone call to my bank sorts it instantly (proven on at least one occasion which resulted in Three instantly ringing me after I'd tried to get through to them for hours, and threatening all sorts until I actually informed them that they were charging me for a phone they admitted was never delivered, the contract (with the phone) never signed, and that I'd been asking them to report the IMEI as stolen for the last three months) and I'm never "at zero" on my bank account so a payment here or there doesn't matter even if it's incorrect, especially if I can get them refunded and cancelled in seconds.

DD has safeguards that cheque, etc. simply does not have.

I don't trust utilities at all - to the point that since buying a house last year I am literally planning to obsolete them all from my life by the time I retire, and reduce my usage of them as much and as early as I can feasibly do so.

Electricity? Solar and batteries. More expensive, sure, but expense is not my concern, independence from "estimated" bills, outdated meters, no chance of upgrading, etc. are.

Water? Greywater system and can eventually turn that into a full filtered system. Again, not cheap, but the rain collection I have is more than enough throughout the entire winter.

Sewage? I literally investigated incinerator toilets for this purpose - basically an electric kiln that burns all kinds of human waste into a sanitary ash that you can put on the garden.

Internet? I have a plethora of options there, ran my (very tech-heavy) house off 4G alone for 5 years without issue when BT couldn't be bothered to upgrade local lines, and I'm just waiting for any non-Musk satellite network to come along. Having so many options basically gives me complete independence from any one ISP's nonsense.

And even now I'm working that way:

Electricity - every month I pay their overblown "estimate" (which is amazing given that I read the meter regularly for them and know my usage precisely), refund any excess and spend it on solar. 50% savings each month, and growing every month.

Water - I forced them to fit a water meter, literally 90% saving on water and sewage instantly.

Internet - DSL, 4G with several different networks, and Starlink "on hold" if I ever need it (yurk!). They now rent the Starlink equipment/connection on a month-by-month basis, which is my fallback.

But payments? All DD and credit card. Because the guarantees you have are far superior, cheques are long-dead, and cash is just a dumb idea nowadays. Plus if you know how to game them, you can actually profit from doing so... "0% interest pay in 3" gives me 3 months of free interest on money, while putting nothing at risk (I always have the money to pay outright for whatever I Pay in 3), but I get the product now, they pay for 3 months of inflation, I earn 3 months of interest, and no risk. Not to mention things like 24 months 0% interest on credit cards - I do the same and literally earn 2 years of free interest while they absorb 2 years of inflation... then I just pay it off. Even if I have to get a one-off 2% balance transfer deal, I'm still making profit just by shuffling money around that I already have.

Sorry, but you're living in the stone age and if you are untrusting of them then you should want to be independent of the utilities, not causing yourself hassle when the cheque gets lost in the (marvellously reliable) postal system and then you get hit with a fee for late payment, a charge to revoke the cheque and the hassle of sorting it all out to send another.