* Posts by EnviableOne

2000 publicly visible posts • joined 28 Jan 2016

I think therefore IAM: It's not cool, it's not sexy, but it's one of the most important and difficult areas in modern IT

EnviableOne

In some places, the problem is actually defining what the single source of truth is, and AD or Increasingly AzureAD make a really good case if you are operating a mainly windows / O365 /Azure house as it is the only system that everyone has to be in (contractors, staff, volunteers, temps, casual workers.)

when your starting from scratch designing is easy, when you go into the brownfield site that is a multinational that has a penchant for M&A and none of them has a common directory structure or a common source of truth.

This is where you have to create your own with a specific IAM solution that brings all the others into some sense of order, can pull the info from all of them and make the changes to them also. This tends to get pricey

Siloscape malware targets Windows containers, breaks through to the underlying Kubernetes cluster

EnviableOne

Re: Securing K8s?

number one move should be, change that to DENY_ALL

UK's Labour Party calls for delay to NHS Digital's GP data slurp until patients can be properly informed

EnviableOne

Re: They don't make it easy.

the problem is "the" NHS doesn't exist anymore, it's not one entity, it is 2300+ organisations all forced to compete to save the government the most money, also with private companies who make a profit too,

The patient(now called service user) welfare doesn't come into it

making people well is an afterthought

the staff are the same, but each one of these organisations has a board of specially interested people funding their pet projects and the standards and systems between them barely interoperate, and are generally completely different.

Test and Trace is not NHS, just like NHSx, they are DHSC programs that had the NHS badge gifted to them.

NHS Digital is actually a trading name of the Health and Social Care Information Centre, which is a government ALB, but its central to data sharing and collation in the NHS.

Microsoft flips request to port Visual Studio Tools for Office to .NET Core from 'Sure, we'll take a look' to 'No'

EnviableOne

Fix in windows 11

it'll be in the Office for Windows 11, all running on .net core

Taiwan’s top chip tester, King Yuan, shuts down production and quarantines workers

EnviableOne

Taiwan is still doing very well

As far as I remember, they never actually had to lock down, just quarantined at the border and used effective track and trace.

Until the Delta variants emerged they had 440 cases and 7 deaths, in total, throughout the entire first and second waves experienced in Europe.

Even today they have only 13,409 cases and 478 deaths, some nations had more than that on each of multiple consecutive days.

Looking at their government response, Dido's Test and trace is only doing twice the tests of this one site over the entire country, and I bet their results are back in 8 hours, not the 24 if you're lucky from T&T

If there is any loss of production, with that level of organisation, it will be measured in hours and days, not weeks and months, and TSMC are well-diversified, they have fabs in several regions of the island, and those in other jurisdictions which all tolled will lead to limited effects on the shortages.

Military infosec SNAFUs: What WhatsApp and bears in the woods can teach us

EnviableOne

the system they need exists

have a look at Hospify (hospify.com)

it was designed for a medical environment, but it stops stuff going into General device storage and encrypts user to user

Custom HMCTS video platform bought as part of £280m digitisation project used less than Zoom, say judges

EnviableOne

simple solution

use COTS software for the meeting with people participating (lawyers, judges, parties involved, witnesses, etc.) invited

Stream the output (Gallery view / Slideshare) as a webinar available to interested parties, with code and identification via a webinar platform

Pretty sure you can do this with some of the platforms currently available, if not I'm sure any of the big boys will link their conferencing to their webinar solution for an appropriate pork barrel.

US House Rep on cyber committees tweets Gmail password, PIN in Capitol riot lawsuit outrage

EnviableOne

you forgot one

That list of public-private e-mails missed Ivanka and Jarret's Private server used for Whitehouse work (exactly what her father wanted to lock Hillary up for)

Just when everyone thought things might be looking up, Dido Harding admits interest in top job at NHS England

EnviableOne

Re: £37 billion

which was exactly her assessment in handling the data breach at Talk Talk

Hwy is failing up still a thing in this country...

Remember those wacky cyberpunk costumes in Hackers? They're on display in London this week

EnviableOne

CRASH and BURN

in lights in a towerblock, all ASCII art like

CrashOverride and AcidBurn aren't the best of hacking aliases but letting all the world burn was much on the agenda of the nascent hacking community at the time

European Parliament's data adequacy objection: Doubts cast on UK's commitment to privacy protection

EnviableOne

Re: Just

The EU has had issues with the data protection regime in the UK for a long time, but while we were a member we had protection from sanction over it.

The WP29 committee for the old Data Protection Directive (that DPA98 was based on) have had concerns for 20 or so years about the UK regime and its implementation.

There were 3 grounds that they had an issue with, well before the GDPR was even formulated, and after its enactment, the UK's implementation is far from flawless.

Infrastructure SNAFU results in French public being unable to contact emergency services

EnviableOne

another reason to keep Airwave

the UK are moving to a GSM based communications network (based on EE formerly part owned by orange)

currently tehy use a standalone radio based system form motorolla that is considerably cheaper and more reliable.

Microsoft Irish subsidiary makes $314.73bn profit

EnviableOne

Re: Ireland. again.

the top 3in the financial secrecy index are overseas teritories

British Virgin Islands

Cayman islands

Bermuda

the BVI was the number one pace people hid their money in the panama papers (orders of magnitude above second and third)

FYI: Today's computer chips are so advanced, they are more 'mercurial' than precise – and here's the proof

EnviableOne

Re: Error detection

when the answer is only 0 or 1, there are numerous ways the answer can end up wrong or invalid

even down to cosmic rays (there are open bugs in cisco equipment with background radiation and em interference as known causes)

You were supposed to be watching him. Letters from SEC claim Tesla breached deal to police Elon Musk's tweets

EnviableOne

Re: Halt all trading on Tesa shares.

30k was a target price

the aim was that the roadster, followed by the S would generate enough of a market that economies of scale would make the E (as it was meant to be) profitable at 30k, the plan hasn't quite worked and the scale isn't quite where they need it to be. 4 years of Trump hasn't helped and delays with Giga 3 and 4, but with the resolution of issues around 4 and 3 now coming along, there is possibly light at the endo of the tunnel for the Y being finally cost-competitive with ICE cars without subsidy.

South Korea rounds up chipmakers and hyperscalers to build AI and server processors

EnviableOne

More Subsidy for Samsung

seems like a direct bribe to Samsung to move some manufacturing back from vietnam

UK Special Forces soldiers' personal data was floating around WhatsApp in a leaked Army spreadsheet

EnviableOne

infact that actually happened the germans managed to get hold of the plans for D-Day, from a planner killed during exercises in preperation on the north devon coast (washed up in the bay of biscay) but rejected them as too complex, instead believing that the attack would come over the pais de calais

EnviableOne

Re: Several thoughts

The London Gazette is the UK official record, published by HMSO

Its still where bills are published,

where company formations and sanctions are published,

Its online only now https://www.thegazette.co.uk/

EnviableOne

Unfortunatley there is a MIlitary purpposes exemption from GDPR

Antivirus that mines Ethereum sounds a bit wrong, right? Norton has started selling it

EnviableOne

if you can handle all the false positives and data slurping ...

EnviableOne

now windows does it for you, Defender and other AV will get in a bun fight over each other doing on access scanning, even if you told it to turn Defender off, as it randomly decides your chosen AV is missing during an upgrade and re-activates itself

Seeking an escape from the UK? Regulations aimed at rocket and satellite launches from 2022 have arrived

EnviableOne

Re: "we want to be the first country to launch into orbit from Europe"

Unfortunatley, theres no space, even gibralter's airport has part of its runway in disputed teritory

Plus Geo-Synchronous orbit, shortest distance from the equator works best. ASC is almost 8 degrees South, GIB is 36 degrees north

Google employee helped UK government switch from disastrous COVID-19 strategy, according to Dominic Cummings

EnviableOne

Re: Seems consistent with my timeline

Its not easy to directly compare any nation with any other, but it is possible to draw conclusions on who has done well and who has not, and compare the policies in place in each.

The UK still doesnt have a clue how many people have been infected, as a lot of those infected showed no or mild symptoms and were never tested. The testing regime has been largley ineffective as people might have been tested, but results took too long, with some still not comming back within 72 hours, unless they are in 24hrs or less, track and trace becomes a nigh on impossible task, as there are too many contacts and places to trace. its centralised tracing system was inefective, as they asked the wrong questions, didnt collect enough contacts, and didnt have the local knowledge to be effective, also they were only looking for who they may have infected, not who infected them, to cut off the source. its offical death figures are inaccurate as they only take into account people who have died within 28 days of a positive test, and there were people who went into ITU for longer than that, even so it has one of the highest deaths/100k in the world, which have only improved since vaccination took hold, and arguably securing a large supply of various vaccines was one thing they did right.

If the UK had exploited its advantage as an island, and its leader had not been indecicive and "according to cummings" unable to understand the data, then an outcome similar to NZ, Australia, Taiwan, Hawaii could have been achieved. Where deaths are still in the hundreds or thousands, not hundreds off thousands, and cases are under 50k not over 4.5million even with new variants, and most places with the excepetion of local lockdowns on for outbreaks are relativley restriction free internally, but most still have travel bans or restrictive neighbour bubbles.

AWS Free Tier, where's your spending limit? 'I thought I deleted everything but I have been charged $200'

EnviableOne

Re: "free"

The Unfair Terms in Consumer Contracts Regulations 1999

5.—(1) A contractual term which has not been individually negotiated shall be regarded as unfair if, contrary to the requirement of good faith, it causes a significant imbalance in the parties' rights and obligations arising under the contract, to the detriment of the consumer.

EnviableOne

Re: Free tears

thats because support is based in $CheapLabourLocation wheras accounts are based in $VerbalContractBindingLocation

Who gave dusty Soviet-era spacecraft that unwanted lick of paint? It was an idiot, with a spraycan, in Baikonur

EnviableOne

Re: Soviet tech..

most of the tech on the Concorde was of British design, but we couldn't afford to finish the project, so the french were roped in...

The engineering genius that designed the air-intakes was I believe Ted Talbot based at BAC Filton, Bristol it delivered air to the engines at Mach 0.5 independent of the speed of the aircraft, and in some flight modes, actually provided 63% of the thrust.

EnviableOne

Re: Soviet tech..

I presume you're talking about the unrivalled distinction that the UK has of being the only nation to achieve orbital flight and give up.

Black arrow could have been throwing up satellites at half the cost for the last 50 years

The Epic vs Apple trial is wrapping up, but the battle has just begun

EnviableOne

Re: Colin Wilson 2 - Apple have got this right!

the point of the case is that Apple is enforcing a monopoly on its users' devices and using that to charge what it wants to the detriment of its customers and suppliers.

Epic or anyone else can provide a similar service at a reduced cost to all apple consumers, but they are prevented from doing so.

Yes, Google and Steam charge the same, but on the platforms, they operate on, you are welcome to shop elsewhere or publish yourself, which many developers do, and Epic did originally.

EnviableOne

Re: walled garden

three words: Internet Explorer Anti-trust

India, Twitter brawl in public as latest content rules begin to bite

EnviableOne

Re: Twitter may have a problem

They can remove it from the Indian internet, but Indians will still be able to access it unless they go for the full great firewall treatment.

They can't jail the higher-ups and impound any assets not in India, without recourse to outside authority.

Jack et all, just need to avoid the sub-continent to stay out of jail, as the US/India extradition agreement Article 4 incorporates a political offence exception to the obligation to extradite.

people may find something else, but from a twitter point of view, it's how the revenue from Indian advertising stacks up against their morals, and from previous behaviour, morals are more highly valued than at Google or Facebook.

TCP alternative QUIC reaches IETF's Standards Track after eight years of evolution

EnviableOne

Re: Shame that they used TLS...

with 1.3 ratified and its optimisations, the baggage is a lot less ....

EnviableOne

Re: Ready salted packets

TCP is reliable, Windowing, re-tries, acks and frags

if your transition fails en route it "tries again" and again

gradually reducing the window until it reliably gets data from A-B

Computer Misuse Act: Tell the Home Office infosec needs a public interest defence in law, says CyberUp campaign

EnviableOne

The CMA is auful

The CMA is the worst of both worlds at the moment

Literally, everything can be shoehorned into one of the three or four categories

And with the exception of the causing death clause, the penalties are laughable.

It needs cleaning up to better define an offence and given some teeth to act as a sufficient deterrent

For the protection of legitimate security testing, it should be a case of reasonable attempt to gain permission / inform the system owner, and a membership of a relevant authorising body ((ISC)2, ISACA, CREST, EC-Council, TIGER, SANS, etc.) along with contemporaneous documentation of actions taken and an intent to inform, a CVE request/Bug bounty Submission, would be a good option too.....

If a responsible body, for deciding which certs count, needs to be appointed, the NCSC in its role as National CERT and SPOC makes a good candidate.

What to do about open source vulnerabilities? Move fast, says Linux Foundation expert

EnviableOne

problem stems from lazy programming

All these libraries and components, I'm all for not re-inventing the wheel, but to use someone else's wheel design, doesn't mean you have to bring along the whole cart full of holes with it...

Unfixable Apple M1 chip bug enables cross-process chatter, breaking OS security model

EnviableOne

Re: T1 - anyone?

E1-> E3 -> EFM -> FTTP

Twitter given three weeks to comply with Indian content code

EnviableOne

there are still three?

I can't name one

Royal Yacht Britannia's successor to cost about 1 North of England NHS IT consultancy framework

EnviableOne

Less Super, more Yacht, with the Sir Humphry brigade involved ...

MIght still need to be human-powered though

EnviableOne

Re: Utterly ridiculous waste...

Technically the RN flagship is still Victory

It sits in drydock in Plymouth flying the flag of the Commander of the Home Fleet.

EnviableOne

Re: Aircraft

MoD Procurement has form for this:

The type 26 has been designed with an American missile system for which the navy has no ammo

The Merlin helicopter needed to take the air out of its tyres before it could fit in the hangar on the type 23 for the Sea King it was replacing until they added a foot to the height at refit

The QE class have a less advanced power system than the type 23 built 40 years earlier

The first type 82 was built before the carriers it was supposed to escort, and they were never completed.

the RN was set to retire the Fearless and Intrepid (landing ships) in 1979, luckily it didn't and they were invaluable for the Falklands.

and that's just a sample of the ones in my lifetime

EnviableOne

Re: It is slated to cost about £200m

All picked out by the new 1st (7th?) Lady

I'd be surprised if that 200m doesn't get to at least a billion before it gets cancelled by the next government

EnviableOne

Re: Great British Engineering

Ocean was a one-off, it was a stop-gap measure between the Invincible class retiring(late) and the QE Class coming into service (severely delayed, due in the late 00s)

EnviableOne

Re: Great British Engineering

both Tyne and Clyde used to be lined with shipyards, I think they only have one operational yard each now, and I believe the only way they are kept afloat is with government contracts for parts of navy ships and state-funded ferries.

Ferguson Marine, BAe Systems, and A&P are the only big guys left in UK hands, making larger vessels, and Fergusons are nigh on nationalised, and A&P most do refits and repairs.

UK's BT starts trials of new hollow-core optical fibre networks

EnviableOne

Re: Hollow as Openrech [sic] does best...

government Huawei bashing hasn't helped either.

the FTTC cabs that actually deliver have their MUXes in the other provider's stuff is awful.

NHS GP data grab: Royal College of General Practitioners urges health body to communicate better

EnviableOne

Re: Right to opt out

I have been trying to tell them this all through the process.

an opt-out is not compatible with GDPR

The ICO will force them to roll it all back exactly as happened with Care.data and the link-up with DeepMind

First Forth, C and Python, now comp.lang.tcl latest Usenet programming forum nuked by Google Groups

EnviableOne

Re: Go Forth young man ....

may not have been pre-intrawebTudeyThings, but was definitely Pre WibillyWobleyWooleyShinyTableSpace as TBL et all only booted that out in 1990-91

Bribery charges against Apple's global security boss dismissed in iPads-for-gun-permits case

EnviableOne

The real problem

The sheriff is a political appointment, subject to campaign finance laws, which in the US of Pay aren't worth the paper they are written on.

When you can affect the policies of law enforcement by "donating" to a campaign, then there is no need to follow the law and Murphy's golden rule becomes Law

Plus gun control, or the lack thereof, in the US, is a joke. The whole 2nd amendment was about states maintaining a militia to overthrow the federal government if it became tyrannical, and this function is ably served by the National Guard or the aforementioned LEOs (who probably have better weapons)

Protect and Serve, everyone, use of lethal force should be a last, not first resort, and get money and religion out of politics, then you may have a chance of getting a functioning society.

EnviableOne

Re: Two guilty parties

OFC they got the department 700 "Free" iPads, good service medals all round

Miscreants started scanning for Exchange Hafnium vulns five minutes after Microsoft told world about zero-days

EnviableOne

Re: Hobson's choice then!

That's what MS is trying to do.

notice how exchange online was not vulnerable ...

I bet sales of E1 skyrocketed after that one...

Apple's macOS is sub-par for security, Apple exec Craig Federighi tells Epic trial

EnviableOne

Seems to me

Apple's defence is we are $h1t at security, so we have to be careful who we let in.

Which provides no defence to the claim they are a monopoly and no defence to the fact they are exploiting this position to gouge their users/developers.

At the moment they charge exactly the same as google do, but the choc factory only has an effective monopoly, not a literal one.

the pair of them need to look hard at the service they are providing and the cost of providing it.

App purchase fees are listing and distro fees, so should not be more than about 12-15% (like Amazon Marketplace or e-bay selling fees) and as the volume goes up this comes down.

In-game items are payment processing fees, so any reasonable processor will be working on about 5% (see PayPal, SumUp, WorldPay, Stripe, ....) or less, at the volume they are processing.