* Posts by Lee D

4232 publicly visible posts • joined 14 Feb 2013

Cybercriminals are stealing iOS users' face scans to break into mobile banking accounts

Lee D Silver badge

How many times, a biometric is NOT AUTHENTICATION.

It's the "username", not the "password" and does absolutely nothing to verify that someone is who they claim/appear to be.

And, as demonstrated, anyone can get that username from the user - because it's readily-available and not seen to be "the password". Something accesses your front-facing camera that you also use to log into a device? Oh, look, that have all the data they need to now know what you look like. It doesn't matter what fancy obstacles you try to put in the way (e.g. IR camera, etc.), it's there for them to take, replicate and use forever.

And when that's your username? Who cares. When it's your password? That's just dumb, insecure and wrong.

Stop with the biometrics. Just stop. They are absolutely useless past the point where the computer says "Hello, Dave, would you like to log in?"

China's Volt Typhoon spies broke into emergency network of 'large' US city

Lee D Silver badge

There's a big difference between taking everything back to manual labour, and just running a secure, isolated network that's not connected to the Internet.

There's absolutely nothing stopping people designing secure isolated networks, where every device is approved before it's allowed on, where they can connect over leased lines to other sites directly, and where any kind of rogue traffic wouldn't be able to get out even if it could get in.

All it takes is common sense, money, and not routing to the global, public Internet.

Chrome engine devs experiment with automatic browser micropayments

Lee D Silver badge

Watch Granny run up thousands on her card when she doesn't realise that every time she checks her favourite "online bingo" site it's taking 1p payments that she doesn't know what they are but once clicked "OK" just so she could play her game.

"Without user interaction" is literally the dumbest thing ever, limits or not.

Lee D Silver badge

Re: I see a serious issue with the idea

Oh look, I was right:

<link

rel="monetization"

href="https://example.com/pay"

onmonetization="sayThanks(this)"

/>

What a dumb protocol.

Lee D Silver badge

Re: I see a serious issue with the idea

I would imagine it would be the work of moments to demand that a site that wants to comply puts in a DNS entry which specifies the target wallet details. Thus unless someone can completely compromise that site's DNS details, the payments could only go to that site.

I haven't read the protocol, but I bet there's nothing like that in there, or it's in there as HTML that you can modify, etc.

It wouldn't be a bad idea to have, say, the equivalent of a Bitcoin address that you can publish in DNS and thus if someone visiting wants to pay you money, they can click a button and it would pay to the wallet specified in that site's DNS.

But all it would mean is a thousand domain-squatters, Unicode domains, etc. trying to trick you into thinking that they are that same company - the same as any payment page.

Lee D Silver badge

Re: Flip Side

I do find it hilarious that there's a certain cookie-control window that many websites have and it forces you to go through the list of things in order to deny them.

And on that particular dialog there is no "Reject All", you have to turn off all the individual categories one by one.

And, more often than not, SEVERAL HUNDRED companies are listed individually as "Legitimate Interest" users of my data if I proceed (as well as another consent toggle, and the difference isn't explained).

Whenever I see those style of cookie dialogs now, I just close the site immediately. I don't know what they think they're achieving or being compliant with (because they're not) but does nobody working there think "maybe we don't need to have several hundred companies with a legitimate interest in our user's data" or even "is this a legitimate interest to have that many companies using our user's data?" at any point?

Lee D Silver badge

"and no user interaction"

And in true Dragon's Den style... I'm out.

QNAP vulnerability disclosure ends up an utter shambles

Lee D Silver badge

Keep your storage as storage, your servers as servers and your clients as clients.

There's no need for direct access from client to storage, there's no need for servers to provide more than the bare minimum to clients or access storage they don't need, there's no need for storage to offer any services except storage, and servers should be isolated behind a firewall and external access minimised as much as possible.

DMZ etc. goes back as far as any operating system in modern use, but we seem to have forgotten about it entirely.

Just my home setup - A Raspberry Pi running Plex has storage on a NAS, which is only accessible read-only by that local Pi, which runs the Plex services, which are only accessible via reverse-proxy from an external server (mainly to get around dynamic IP limitations, no reason that couldn't be a single port-forward to an isolate VLAN).

If Plex/Pi is compromised, they have read-only access to... my Plex storage. Oh no! They can download 80's sitcoms! Not even the local network.

If the external server is compromised, they can maybe try to compromise the Pi, if they do so before I notice.

If my client is compromised, my Plex/Pi and storage are still safe (and backed up, snapshotted, etc. anyway).

Put barriers between everything, and poke as few holes as possible.

Lee D Silver badge

There's no way you should be allowing anything other than authorised traffic between machines and a NAS etc.

If you have a NAS offering direct storage to users, with web interface, NTP interface, etc. visible to them, then you're doing it wrong.

Least privilege principle. And there's no excuse "at home" for a professional - even the cheapest routers/switches allow VLANs etc. nowadays and have for decades.

Put the NAS in its own VLAN (like your CCTV cameras are in their own VLAN, and your smart devices are in their own VLAN, etc.) and only the ports absolutely necessary for the operations are allowed between them. In the home case, literally only the SMB/CIFS port, for example.

Upstart retrofits an Nvidia GH200 server into a €47,500 workstation

Lee D Silver badge

In a few years, you'll be able to buy an ordinary desktop card that outperforms this.

You'd have to be a nutter to drop €50k on this for any non-business reason.

It's time we add friction to digital experiences and slow them down

Lee D Silver badge

Or users could just follow established best practice, keep their cryptocurrency wallets locked, encrypted and offline, ensure proper password hygiene and implement sensible update practices.

But, no, let's SLOW EVERYTHING DOWN because people are too dumb to follow even basic security practices to secure $90,000 of digital assets.

Imagine if your bank said "Sorry, we lost your $90,000 savings because we don't have doors on our safes, the password to the box with the money in was 1234 and we haven't updated our CCTV since 2000."

You'd be up in arms.

Backblaze's geriatric hard drives kicked the bucket more in 2023

Lee D Silver badge

Re: not trusting my data

What I run active servers on is largely a matter of trust.

This is not a question of backups, that's an entirely different and separate topic (given that you wouldn't generally put backups on the same medium as your active data for a start).

But not having to service a working production server or array regularly means that you have to be able to trust that it's going go hold up well enough so that you're not there replacing 4% of the drives through failure (rather than choice) constantly.

4% of the drives in even a small server setup each year is a drive every few weeks or so.

Lee D Silver badge

Confirming, more than ever, that I've not trusting my data to anything that isn't Western Digital.

Unit4 software's budget bungle leaves schools counting the cost

Lee D Silver badge

Re: if you've got something that works, why do you replace it

And at that point you do the real run on the old system, and a dummy run on the new system, and you give the junior finance assistant both sets of data and ask them to highlight ANY differences.

And if you can't do a dummy run on the new system - bam... you have your first feature demand before you part with any money.

Tesla's Cybertruck may not be so stainless after all

Lee D Silver badge

Or why not just apply a clear coat at the factory?

Lee D Silver badge

Re: until the Cybertruck is scheduled for a full wash

I just drive fast in the rain... problem solved.

Google silences Bard, restrings it as Gemini with optional $20-a-month upgrade

Lee D Silver badge

Remember... Genisys is Skynet...

I mean Gemini...

Ford pulls the plug on EV strategy as losses pile up

Lee D Silver badge

The journey I'm referring to was on the order of months and took in many European countries.

Lee D Silver badge

I'm British and I love Fords[1] - most of the cars I've ever owned were Ford. My current car is a Mondeo (Fusion in the US) that I bought from new. It's probably the best car I've ever owned.

But I'm a realist - I know that I will need an EV when this car dies.

So I looked.

In the same kind of type / size of car, the Mondeo EV was absolutely panned for sucking horrendously. One of the worst EVs ever made.

The next closest (at the time) was the Mach-E. One of the better rated EVs as the time and literally twice the price that I'd paid for the Mondeo brand-new.

Everything else is either absolutely tiny (useless to me) or huge (expensive and counterproductive for me).

I moved house in my Mondeo. Literally loaded it up with everything I could, made a dozen trips and moved the entire house and everything I own including 2 double-beds, wardrobes, etc. And I can still drive it to work every day, take the occasional passenger, and drive it round Europe (well, pre-Brexit). It's the perfect car for me.

And yet Ford's EV line of cars is pathetic.

[1] This has nothing to do with me growing up in Dagenham, but far more to do with the parts are dirt cheap, for 20 years I just bought knackered old Fords and ran them into the ground and then bought another (I'm no boy-racer, by the way, I really couldn't care about that stuff), and my dad - a mechanic - would happily repair them and change parts for me even if he does always complain about them "not having a single decent bit of metal to jack it up on!".

Raspberry Pi Pico cracks BitLocker in under a minute

Lee D Silver badge

Bitlocker is not "cracked" by any definition.

If you can sniff the TPM keys in plaintext because of a dumb design, that's not Bitlocker being cracked.

That's like those people who say their Facebook was "hacked" when their password is the same for everything and about as complex as "password". No, it wasn't.

Unnecessary hyperbole everywhere about this one.

Rust can help make software secure – but it's no cure-all

Lee D Silver badge

Rust is only useful where all your Rust code resides in a "safe" block. Literally all.

Because one "unsafe" block can break the guarantees of safe code around it.

And guess what you need if you want to convert arbitrary memory into a data structure - like you would for pretty much every driver, hardware interface, and all kinds of lower-level activities? An unsafe block.

Yes, now you're back to square one running unsafe code making assumptions about arbitrary memory contents to try to turn them into data structures, function calls, etc.

Great for basic applications. Not so great for anything that deals with OS or hardware.

HoRNDIS MacGyvers your Mac to get online with Androids

Lee D Silver badge

And I don't care.

Because my phone has bluetooth, the Mac has bluetooth (supposedly!), and a standard bluetooth function is to set up PAN etc. functions to function as a hotspot.

And, yes, I have actually used this (if you are travelling, and you join the paid-for wifi on a plane or similar, they will only allow you to connect on one Wifi MAC address... and they often shut down third-party wifi networks using technology like Meraki Air Marshal - which deauths clients on all other wifi it finds in range! If you instead configure your phone to join the wifi and then tether with other devices over Bluetooth - they are blissfully unaware that you're sharing that connection with a dozen other devices). I use this trick all the time, not least because my phone tends to be an amazing 5G / Wifi 6 router, but it also saves me paying out for connecting EVERY device that we're using (e.g. my daughter's Steam Deck can connect to my phone via Bluetooth, as can everyone's phone, etc.).

I did it once in France to work around some silly restrictions on a cafe wifi and it worked so well, I've done it several times since and teach people how to do it.

But in this case, this is an artificial limitation that doesn't apply to iPhone because they CHOOSE to make it not apply, hence they have CHOSEN to deliberately make it apply to non-iPhones.

And I don't play that game. That kind of trick "costs" you my money as a consumer, every time.

If I have a device with Bluetooth / PAN functionality, I expect to be able to use it with all my other devices that have such capability too (my car also has this, for example, plus the Steam Deck, etc.). I do not expect, nor tolerate, devices arbitrarily choosing what they'll "allow" me to do based on the brand of my unrelated devices.

And it all factors into my purchasing decisions that a company is playing such games, knowingly and deliberately. I don't even care if it "would ever affect me". I don't do business on those terms.

Lee D Silver badge

Whenever I find myself having to battle such nonsense, I just make sure that the nonsense never affects me ever again.

In this case, by removing Apple from the equation rather than my choice of smartphone (because if I go Apple on phone, I have to have Apple everywhere else... but if I stick with Android, the only thing that doesn't work is having a Mac...).

iFixit tears Apple's Vision Pro to pieces

Lee D Silver badge

Re: Cnnot use with glasses so need prescription lens inserts

They would have to flex, not move. Moving them would only moving the focus point back and forth, but would need to move "as much" as the user prescription (i.e. bad eyes, equals several feet away!) and the image would be corresponding far away / shrunk for that person.

They would have to be lenses that can literally "bend" to refocus the light, which would basically be like inventing a universal software-controlled pair of spectacles that can be used by literally anyone, bad eyesight or not, with any prescription, and be able to change from any prescription to any other prescription, without having to worry about ever making another lens ever. We don't have that technology yet.

Rise of deepfake threats means biometric security measures won't be enough

Lee D Silver badge

Biometrics can only ever provide your "username" part of a credential - who you are CLAIMING to be.

They cannot, should not, probably never will, provide your "password" part of a credential - proving that you're that person.

Anyone who thinks otherwise shouldn't be in charge of computer security ANYWHERE in the world.

If I walk up to a face-scanner and it says "Hi Lee D, please authenticate" - that's absolutely fine. If it gets it wrong, no big deal.

If I walk up and it JUST LETS ME IN, that's terrible, awful security that should never be allowed.

The BBC are currently sending FoI Act requests to loads of schools about biometrics - they are obviously prepping for a big story on it.

And in some schools, you can see face-recognition, etc. being used for AUTHENTICATION for things like cashless catering, etc. which is just wrong. Even in an enclosed, secure, low-impact environment, it's just wrong to teach kids that the computer knows who you are 100% to the point it can charge your parents money for your lunch.

Also, every single time I've been sent on the same errand that almost every employer of mine has sent me on - to investigate biometrics - the answer is the same. Under the age of 11, forget it. The markers move far too fast at that age to be reliable, even for fingerprint, etc.

I've always refused to deploy biometrics for the same reason - it's a convenience function to stop you typing in your username at best. It's identification, NOT authentication. But Windows Hello, fingerprint buttons on laptops, etc. have other ideas, and so they are disabled. In favour of passwords, 2FA and actual authentication methods, not toys.

Mozilla slams Microsoft for using dark patterns to drive Windows users toward Edge

Lee D Silver badge

The difference is that Norman Stanley Fletcher had some morals.

Add bacteria to the list of things that can run Doom

Lee D Silver badge

Re: Yes...

"I'm sorry, I couldn't file my report, my monitor has an infection."

Oracle quietly extends Solaris 11.4 support until 2037

Lee D Silver badge

"having a rock solid platform to run your enterprise or mission critical applications, some of which may literally mean life or death to your customers/clients."

Which, to my mind, means something you can easily upgrade, replace, seek alternate support and don't have just one avenue / company for that who are notoriously for killing acquired products or stinging you into bankruptcy just to keep doing what you've been doing for decades.

Sorry, but "uptimes running into the years (decades?)" is a BAD THING. It means you're entirely reliant on that system just keeping working and have never actually thought about what happens when it goes wrong, is no longer supported, needs to be moved to another city, etc. etc.

Lee D Silver badge

If you're dumb enough to pay Oracle - of all companies - for a special extended licensing just for an antique OS, I'm guessing that money isn't a problem and you make a lot of bad decisions every day anyway.

Elon Musk's brain-computer interface outfit Neuralink tests its tech on a human

Lee D Silver badge

What fool would let a piece of Musk hardware into their brain?

ICANN proposes creating .INTERNAL domain to do the same job as 192.168.x.x

Lee D Silver badge

I know of a former employer that have all their AD on a subdomain of ".int" and don't (and can never) own that .int domain name.

In fact, I don't think I've yet seen a production system use a proper internal domain yet, surviving only by convention and chance, or using their ".com" name from the outset instead (which is fine until companies merge...).

Wanna run Windows on an M-series Mac? Fine, buy a license, but no baremetal

Lee D Silver badge

Re: Why the focus on Windows as an Operating System?

Because most humans worldwide have never installed an operating system, nor would know how to.

Lee D Silver badge

Re: More Windows on ARM is good

The US, specifically, education:

https://www.canalys.com/newsroom/global-tablet-market-share-Q2-2023

Lee D Silver badge

Re: More Windows on ARM is good

I forget - which other architectures than x86 has Windows been historically successful on?

Oh, that's right. None.

Despite trying Alpha, ARM, Itanium (IA-64), MIPS, PowerPC etc.

Windows is Windows because it runs "Windows" (i.e. x86) programs. Anything else is either not successful or just emulation of x86 (and hence doesn't need any special considerations made for it by Microsoft).

Hence, they're never really going to bother.

As it is, they can't even get the web versions of their largest money-making application software consistent and with the feature set of the offline versions.

I'd gladly see Windows consigned to the bin for precisely this reason, but the only reason that Windows still exists is that people want to run their x86 programs (even if they don't understand that's what they mean) unchanged. Until that assumption - which was also the argument that regularly killed Linux desktops - changes, nothing will change.

Hell, even Office for Mac was a completely different beast with completely different capabilities and even numbering.

The rise of Chromebooks etc. tells you that none of this matter nowadays, of course, but that involves a complete shift to the cloud and MS haven't proven themselves reliable in that respect (i.e. if I pay them money, and lock everything into their cloud, will my Office / Windows still look/work the same with the same file formats in 10 year's time?).

Sorry, but you won't see Windows on another architecture until the whole concept of "needing Windows" is dead and buried.

Users now keep cellphones for 40+ months and it's hurting the secondhand market

Lee D Silver badge

I don't think I've ever used a phone for LESS than 40 months.

I've had... 5 phones over the last 24 years. That 57.6 months on average.

Boffins eyeball computer vision costs, find humans are cheaper for oversight chores

Lee D Silver badge

No, I'm assured they're going to take all the jobs, don't you remember?

And it's not that they can't do many of those jobs - it's that they are completely unadaptable and making them "learn" again costs more money.

When the ingredients or rules change, you have to go back to the software provider and ask them to fix everything all over again.

With a human, you tell them the new rules, account for a few initial mistakes, and then they carry on at the same cost until things change again.

Unless you know for certain that the job's not going to change for, say, countless millions of items, or in profit, then it's cheaper to hire a human. And even the slightest change in location, environment, sensor fogging, ingredient make-up, recipe, etc. can throw off the AI but won't throw off the human.

Because "AI" still does not LEARN or INFER.

Politicos demand full list of Fujitsu's public sector contract wins in wake of Post Office scandal

Lee D Silver badge

Re: "what processes the department has in place to measure the performance of any contracts"

- Award contract to a company you / your friend have an interest in.

- Do just enough to cater for the basic aims but make sure to leave in lots of bugs and not include any reasonable facility for expansion.

- Wait until people notice the bugs, demand expansion, etc. etc.

- Do JUST enough to be slightly cheaper than throwing the whole thing out and starting again, at enormous cost.

- Leave just enough bugs / unfinished items in the code to come back to it time and time again for years.

- Give you / your friend / your MP a percentage of the profits.

It's almost literally that, over and over again, contracts DESIGNED to almost-fail so you "have to" pay them money again because nobody else would touch it, but the flaws and shortfalls never quite get fixed.

It's far more profitable to sell a broken product twice than a working product first time.

Florida man slams 'tyranny' of central bank digital currencies in re-election bid

Lee D Silver badge

Can't think why he wouldn't want to use a currency that accounted for everything he did openly and transparently and thereby prevented money laundering.

Post Office boss unable to say when biz knew Horizon could be remotely altered

Lee D Silver badge

Remote access wasn't the problem.

Denying it existed, and not having any kind of audit control on its usage, or even on changes made to the system so they could be attributed to Fujitsu or the postmasters is, however, a catastrophic and dumb set of mistakes to make with a system that deals with countless millions of pounds every day.

Windows Server 2022 patch is breaking apps for some users

Lee D Silver badge

Re: Browsing from a server?

You're already doing it, and don't even know.

Many modern system administration tools are just web-interfaces to local services, and a local browser or web browser control in a window.

Cloudflare defends firing of staffer for reasons HR could not explain

Lee D Silver badge

Having never actually been fired, due in no small part to having more of a grasp of HR / employment law than HR generally do, that meeting was a catastrophe from beginning to end.

"At will" or not, there's a massive opportunity for a lawsuit there, and that it was even allowed to happen like that is indicative that someone cut back a little *too* much on the HR department and their training.

Even the response from the CEO in the update is pathetic.

Large companies honestly don't know how to handle HR issues - and Musk/Twitter is another prime example of that. Sure, you "get rid" of that person - and are tied up in lawsuits that cost the claimants nothing for YEARS afterwards.

Lee D Silver badge

Then you need to TELL HER THAT.

And I really don't think it's that simple when you're dealing with large accounts.

Musk claims that venting liquid oxygen caused Starship explosion

Lee D Silver badge

Re: Enough with the Elon Musk Snark

Whatever made you think this is a professional website?

Adios, dead zones: Starlink relays SMS in space for unmodified phones on Earth

Lee D Silver badge

Re: Now you'll never have an excuse for missing that weekend work text or call

"Yes, I think I got the text. I'm not employed on weekends."

It's really that simple, and I don't get why anyone thinks it isn't.

I have a Dual-SIM phone, and one SIM (and my Work Profile on said phone, which contains a completely separate set of apps and account details just for work) is set to silent when I'm not at work.

If there's an EMERGENCY... sure, call me on the other number. Or maybe I'll see the text anyway and respond.

If you *abuse* the emergency facility, even just once, for a non-emergency, work numbers get blocked on the Personal Profile.

The Hobbes OS/2 Archive logs off permanently in April

Lee D Silver badge

It should be industry-standard that when you want to turn off a major archive like this, that you post a torrent of the full content for at least a month first.

If the community considers it important, they'll keep it seeded even after you go offline, and your bandwidth won't be hit one half as bad and 10,000 people all trying to archive the entire site simultaneously.

Top LLMs struggle to make accurate legal arguments

Lee D Silver badge

Gosh, do you mean that the "AI" does not have any inference or insight into the actual meaning of the data and merely regurgitates like the statistical machine that it is?

These things are fancy Bayesian filters, nothing more.

There's a concept of superstition - that if you were wearing your lucky socks when your team won, that wearing your lucky socks MAKES your team win.

Current "AI" is quite literally as dumb as that. We trained it on data and it got small "successes" when it did random things, so it thinks those random things must be what caused its success without any insight as to the mechanism of how or why.

And then when you feed it new data, it runs off with those superstitions and "thinks" (ha!) that they are concrete determinations of what you need from it. And that's when you get what AI people are calling "hallucinations". It's not an hallucination - it's a superstition, and it's precisely as dumb as thinking that your date will be a good one because the guy is a Taurus or Capricorn.

And this isn't intelligence in any form.

Biggest Linux kernel release ever welcomes bcachefs file system, jettisons Itanium

Lee D Silver badge

Sounds like you have beef with the idea.

Need to plug in an EV? BT Group kicks off cabinet update pilot

Lee D Silver badge

Re: "Cost and maintenance are also an issue"

Far cheaper to just lob a 5G interface in it - they won't require high bandwidth or significant amounts of data at all.

Lee D Silver badge

Re: 7kW

I have predicted for many years that petrol/diesel will be taxed to oblivion, then LPG, and then when everyone is on electric they would introduce/increase an electricity tax on EVERYONE (not just driver's).

It's playing out exactly that way so far. They even went so far as to ban gas boilers.

The only escape that I can see is charging yourself at home and doing so with solar. I think that's the only way to avoid the majority of those costs.

And has absolutely nothing to do with my buying an all-electric house, refunding my "overspend" on electricity (sorry, OVO, but you suck at estimating my usage so badly that it's basically fraudulent) each month and buying panels and batteries, and planning to be entirely utility-independent by the time I retire.

Oh... and of course, at the point that everyone is being taxed through the nose for electricity (presumably using some line like "because of the huge demand we need to improve our nation's electricity infrastructure, so here's an infrastructure tax that you've already paid for 10 times over") they'll also tax solar panels.

Lee D Silver badge

Re: 7kW

This is precisely why I made sure my recent house purchase has a driveway.

Previously I was renting in a town of 100,000 people inside the M25, and there were about 17 charging points when I last checked the map (and, yes, points... not just locations). Most of them were council-owned (libraries and civic centres whose car parks closed at 5pm, etc.), places like Tesco's (parking charges if you stay too long), etc.

The only one even vaguely viable was a mile and a half away - presumably I'm supposed to fight 99,999 other people to that point, park in it all night long (leaving my car in the centre of town near the pubs and clubs), and then walk 1.5 miles back home until the morning when I have to trek to my car and hope nobody unplugged it...

That same rental - the landlord refused to fit a LIGHTBULB in a pitch-black alleyway that was the only access. All the residents knew to use torches or their phones, and it was always worrying - coming from rougher areas of London it would be an ideal mugging location. They stated that the reason was that there was "no utility power" there, only private residential power so someone would have to foot the bill. So they certainly weren't ever going to fit a car charger! Also, it was impossible to "DIY" it - the allocated parking was at the front, the entrances at the rear of the building if you lived in the top half of a maisonette, and you would have to throw the charging lead out of the window and hope nobody was below, check that the neighbour below didn't mind you trailing it through his garden, and then the cable crossing the pavement and several other parking spaces to get it to your car.

When I then bought a house, a private driveway was at the top of my list, and I bought one where the main power gubbins are actually in the porch... so it's REALLY easy to wire a charger on the outside of the porch and use it from the driveway.

Sorry, but until literally every streetlamp is a charger (and that has ENORMOUS implications for the cabling further up the system at all levels), you only have private charging to rely on.

I'm also reminded of a friend who lives in Ealing who only ever uses Zipcars because it's just too utterly expensive to park or own anything with parking where they live. It's all gated communities and red-routes. There's no way they could charge their own car even if they had one round there - it was nightmare enough just to get to the local supermarket.