Re: The engineering gospel
An excellent method of removing stray PHBs and beancounters from the vicinity. Pity about the rate of fire.
33005 publicly visible posts • joined 16 Jun 2014
"probable that the code and practices of other vendors are just as bad - they just haven't had such a bright spotlight turned on them."
It's not just the quality consideration. Without being able to inspect the code it's possible backdoors could be hidden in there in the way they can't by Huawei
It's the apparent "better the devil you don't know" approach I find worrying. It leads on to the wondering whether it's stupidity or whether the backdoors do exist and are left ajar for the TLAs.
1) Easy to configure. If I want to change how an init-script controlled service behaves, I sometimes can do that by changing a 12 line init script. And at other times, I have to wade through hundreds of lines of uncommented shellcode. I prefer a unified way, where the same syntax is concise, and applied to every service in the same way.
If I want to change an init-script I can see exactly what it does. The workings are exposed, however many lines there might be. I can run the code from the command line and step through it if need be. If I change a config file I'm just relying on a black box to do something, hope it's right and submit a bug to be marked WONTFIX is it isn't.
2 & 3) See 1 above.
They have the signing keys for secure boot. So long as you can turn that off it's not an immediate problem but in essence it's a dangerous monopoly. If systems are sold with BIOSs that don't provide for that they have control of what can be booted on a PC. Strange things seem to be happening in the world of BIOS - my current laptop has a very strange one without the many parameters you could tweak on AMI and the like.
"if patent offices were required to perform an assessment of that kind they'd need a lot more resources and expertise, and the process of granting a patent would become an awful lot more expensive than it is at present."
Taking into account the damage weak patents are doing, do you really think that would be a bad thing?
At least the courts are starting to notice. What I'd like to see next is a party losing a patent infringement case successfully claiming its costs against the USPTO on the basis that if the office hadn't issued the patent they wouldn't have incurred their costs. That would make them tighten up their scrutiny.
I'm not surprised the press release didn't provide links. Except for aspirations it appears to be an empty high ceremony management process framework. Maybe hitting the COP event with PR was more significant than having something that could actually be pointed to. It's not clear how the issues raised in other comments here are to be met.
The lowest impact data centres will be those in places where there is ample renewable energy and/or low external temperatures for cooling, such as Iceland and Norway.
If the gains are purely in terms of repurposing empty urban buildings then there are better options. We currently have a separation between residential housing and workplaces. The commuting that results from that should be seen* as unsustainable. The best solution would be to convert some workplace space into housing for people who work in the remaining workplaces and move other work out into the surrounding, currently residential, communities. This is not aided by the short-sighted conversion, in areas like mine, of the few remaining former industrial sites into housing.
* And probably will be when it's too late.
Does this "blueprint" actually exist? It's not easy to make out what it might be worth without reading it. Odd, I thought, there's no link in the article.
Obviously the place to look is the OpenUK site. There's the press release on which the article's based. I found a "Read more" link which simply went to a similar article in Computer Weekly. A quick search reveals a few more similar articles based on the press release. Maybe the Eclipse site has a link. Nope, the Eclipse site doesn't even have any mention of it.
Maybe the press release is the actual "blueprint".
It's not even April 1st.
I've been in a situation where I'd rather have been given what they programmed in the first place. What they (client's client) extracted appeared to have had several fields concatenated into one. They had to be taken apart again. I even had to get them to add a flag to tell me just what it was they'd done.
Krebs's article explains. It sounds weird. Weird as in "what were they on?". The sign-up process resulted in a one-time code emailed to the new user's email address. So far so 2FA. But the email seems to have been generated client-side and sent to the server with a POST request which included as parameters not just the email address, but also the subject and body so by feeding POST requests to the server the server would send out whatever emails were requested.
No weak passwords required: no passwords required at all. Apparently IE was required, however. I suppose it stopped those wicked Linux users getting access.
I once spent a couple of very cold, wet, smelly days watching the contents of a pig farm slurry pit being pumped out* to see if any of the thousands of bones looked human. None did.
* Result of a false tip-off to the police. There were a few of those over the years in the search for Thomas Niedermayer.
Concentrated Sulphuric acid and 95%+ Hydrogen Peroxide potassium dichromate?
Makes chromic acid. We used it to disinfect used bacteriology kit. Very effective disinfectant. The H&S briefing for the lab assistnat was to simply drop a few sheets of filter paper into it so she could see them instantly disappear.