Re: Keep your e-mail seperate
Sounds like BT have taken swift action. "I have supported 28 million ..... And now? I am sitting at home polishing my LinkedIn profile".
218 posts • joined 25 Oct 2007
Sounds like BT have taken swift action. "I have supported 28 million ..... And now? I am sitting at home polishing my LinkedIn profile".
Bet he was cockahoop when they finally got them all off.
This hits the nail on the head. You need to spot the moment the encryption happens by seeing the change between two incremental backups. Even if all your backups are WORM and even if they're on tape, there's still the scenario where the encryption is done but the malware keeps serving up data normally with a software shim for say a month before cutting everything off and demanding its ransom. This means you've got a month's worth of useless backups. Even if your archive goes back more than a month, the data will be completely obsolete. There is malware out there that does precisely this.
As AC says, the only solution is to make log checking your religion and spot the problem as it's happening.
PS this one wakes me up in the middle of the night too!
Many SMEs do indeed blindly trust in one platform provider, but in Spotify's case I suspect it's a calculated business risk. Google is less likely to go bankrupt than Spotify, so they probably won't disappear overnight. The cost of downtime is a known factor as is the cost of using multiple providers. Given the dependence on proprietary Google tools, having a second provider would involve a complete port of the system to another set of tools. I imagine the cost of this massively outweighs the cost of projected downtime.
Downtime in itself is not necessarily an evil. The cost of five nines often outweighs the business advantages of doing it.
"re-organisation in sales that would allow disrupt its currant"
Could be a typo. More likely it's a verbatim quote from the sales director.
I would work for free if it was for a team called X-Force. It would be worth it just for the answer my seven year old son could give his mates at school when they ask him what his dad does.
Which is why I'm always amazed when someone spends weeks pitching their product and writing, honing and perfecting their proposal, ping it off in an email to the client and don't bother to make the phone call to be sure it's reached its target. Email delivery is unbelievably unreliable and should not be used as a mission critical business tool.
Bring back X.400 that's what I say.
Judith sounds to me a lot like one of those CIOs who place a strong strategic focus on the Chief and Officer side of things (and don't you forget it mate!) but prefers to deploy a light touch approach to the Information part, which is after all jolly hard to understand and is probably best left to others.
Spot on! However we arrange our infrastructure we are all unavoidably dependant on a host of third party services from the power grid to communications networks to payment processors et cetera. If we forget the word cloud and replace it with internet, we are of necessity all using it. Having a bunch of servers in your own data centre is only the tiniest piece of the jigsaw.
Good point. My understanding is the same as yours, but this article appears to suggest the opposite i.e. that you cannot idependently collect and distribute the same data as Football DataCo. If anyone from Outlaw is reading it would be interesting to know the answer.
For El Reg!
There I was feeling like a pariah and thanks to you, the Registrati, I feel normal again. Let's face it, most of us have sailed past the new weekly limit before breakfast on a Monday. By the end of a boozy Sunday lunch sitting in front of the snooker with a couple of cold ones I should, it appears, be dead. Instead, as the white ball clacks softly into the black, I find myself blissfully at one with the world and all creatures that inhabit it.
Chill. We all get downvotes for comments we thought were really great but clearly weren't. That's the beauty of the comments, they help put our own views into perspective. Stop digging and move on.
Indeed. We should all shy away from mediocrity and instead make sure we check our posts for typographical errors before hitting the submit button.
If indeed you had no breach (although I find your explanation for the resets somewhat implausible) this is still an object lesson in the art of communicating with your customers whilst you are undertaking a seriously disruptive precautionary action.
It's still arguably his name. Many, probably most, last names have their roots in something descriptive. Johnson, Thompson, Smith, Taylor, d'Arc all stem from something descriptive. They're still last names though.Not sure about Beeblebrox.
Having been a Galaxy addict, I bought a Swift and am incredibly impressed with it. At £129 quid it's a no brainer.
Well they're quite clear that it's on premise, so under their direct control.
I totally agree with you however, WTF is meant by cloud in this context. Smacks to me of a PR bod using buzz words to garner some free column inches. There's probably a NATS IT bod squirming somewhere.
In fact what is probably happening is that NATS will replace some old onsite infrastructure with some new onsite infrastructure, probably deploying machine virtualisation so that they can scale up capacity super fast in the event of a spike in load. This would make sense given the last failure resulted from overloaded server hardware due to a spike in load caused by an unforeseen use case of the NATS software.
Depends on whether it's IaaS or SaaS. If it's true SaaS such as Salesforce.com then you are completely at the mercy of the service provider.
If on the other hand you only need infrastructure services, say a bunch of VMs, on which to run your own applications, then just use two (or even three if you're really paranoid) different service providers and mirror your servers. Very easy, very cost effective, and extraordinarily reliable.
We use two different UK service providers, mirror the VMs between the two and have a third location for archive backups.
That's why any decent DR plan will include multiple geographically separated redundant pubs.
Why would you want to give your car to one of the fathers of the Internet? Or did you mean serf?
I know, sarcasm gets you nowhere, but I couldn't resist.
Hear hear!. The only bit I don't get is this continual comparison of engineers/techies and sales staff. It's not what you do, it's about how well you do it.
If the sales person in question is a cold calling telesales person they get paid peanuts - probably less than an equivalently skilled tech job. If they have the rare ability to make sales of tens or hundreds of millions of pounds a year they of course get paid a shed load.
Equally if I fix PC hardware or hack code I get paid peanuts. If on the other hand I write a brilliant search algorithm and pair that up with an ingenious page rank system in order to enable highly targeted advertising, I get paid a bomb. As I would if I were to invent cold fusion in my garage.
To get paid well, it's not enough to do a good job. You have to be creative, innovative and several cuts above average. It's nothing to do with engineering vs sales.
And to those who argue that the City is hoovering up all the best IT talent for huge salaries, of course they do. Finance is basically an IT industry now and they need the best software architects and network architects in the world to compete. It proves that there is indeed a a very well paid market for the best tech talent.
Agreed. So, like Brenda, I assume you give up a good slice of your time working with school kids and nurturing their enthusiasm. Unlike you, I don't, but am seriously considering doing so for the reasons you mention.
This is great news indeed for the kids and for the country.
I have a good female friend with a senior tech position who also does the STEM ambassador stuff. A very worthy and admirable thing to lend your time to!
Saw it last year at the Shoreham airshow where it stole the show and stress tested the ear drums! An iconic machine which I'm glad my kids by happy chance got to see in action see before it was retired.
Without any hesitation I can recommend CloudFloor DNS (http://www.mtgsy.net) who have provided us and our customers with a top notch, highly reliable service for many years now. They're brilliant. The shocker is, their service actually costs a few pounds a month. Unbelievable isn't it! Who'd have thought that you have to pay a reasonable fee to get a good service. Just doesn't make any sense.
Reminds me of an episode of Red Dwarf where Lister is, in a virtual/drug induced world, snogging a gorgeous bird, whereas the lips he is actually kissing in the real world belong to some slobber mouthed alien beast.
Thumb up to that. There seems to me to be an opportunity here to set up a business purely for the purpose of "co-ordinating and managing a large number of SMEs" on behalf of government departments. Based on a management fee of one percent of contract value that would be 100 million pounds on the HMRC contract alone. Sounds like a worthwhile venture to me. Who's in?
To boldly go where no Platonic solid has gone before.
I too was greatly tickled by that particular phrase!
"Darling, just popping out for a spot of terrorism. Should be back in an hour or so. Love you."
I hope Symon and Voland aren't programmers. Their grasp of syntax is clearly somewhat lacking.
Indeed. Which could be messy if their internal software system fails to correctly route the egress traffick, resulting in the shit hitting the fan instead of the correct target destination (the pan).
But this article is just awful. The quote from Sol Cates clearly demonstrates that he has no idea whatsoever what he's talking about. I doubt there was any "backdoor link" that left the "computer database wide open" (what does this even mean?).
I suspect that the only encryption in place was between client and server via https. The "backdoor link" was most likely an unencrypted database, open to anyone either via a web application vulnerability or via direct access to the database server.
You will also notice that even now, the site does not enforce https. If you go to paymypcn.net you end up on a standard http connection (even though they still display the Verisign Secured logo at the foot of the page). You have to explicitly go to https://paymypcn.net to get an encrypted link.
To try and blame the DVLA for this is disingenuous of PaymyPCN.net. This is just a shite web application full of all the usual holes, and John Leyden should have spotted that whilst blindfolded and with his hands tied behind his back.
Which is very good to hear for an open source fan such as myself, but in this context makes the sums look even worse. If the software licence costs are lower, that means that an even more ridiculous and frankly unbelievable sum is being spent on development.
Let's be generous and allow 400 million for hardware expenditure and software licensing (assuming they won't use FLOSS because you don't get the thoroughly outstanding support that can be received from proprietary vendors such as Oracle and MS).
That leaves 10 billion for development. If we assume an average rate of £60 per hour for people involved in the project and working on an 8 hour a day 240 day a year basis, that seems to me to work out at 86806 man years of development time. I could write quite a nice system on that sort of timescale.
In many many ways I would rather have my website compromised than have someone take control of my zone file.
It could give a new meaning to privilege escalation.
Home Central Heating Controller->Smart Watch->Smart Phone->Email Account->Password Reset->Work Laptop->passwordless Private Key->Admin Access to work servers.
The most offensive stuff is not the mandatory company information but the disclaimer and confidentiality notices, which are often enormous. You'll notice from the Out-law article you posted (which is excellent and one I often refer people to) that these notices are to all intents and purposes pointless and carry no legal weight. They should never be included in a routine email footer.
Does the Crown Hosting Service take me to major international sporting events? No it does not.
Does the Crown Hosting Service have a plush office in the West End and does it take me to a 3 Michelin star restaurant for lunch after meetings there? No it does not.
Does the Crown Hosting Service even know what a round of golf is? No it does not.
Asking when rather than if your systems were/will be compromised is good security practice.
So your strategy is to make life as hard as possible for miscreants once they are in. One useful tactic might be to avoid (presumably) unencrypted password stashes called things like Extranet Oracle & SQL passwords 4.3.06.txt.
"it arrived at its decision using magic"
That is a very neat way of describing what most of my customers think. Being a developer of custom business applications, something I hear often is "shoudn't it just do that?". The "it" in the sentence is the key word. I will forever be amazed at how hard it is to explain that "it" does nothing except that which we tell "it" to do.
Ask the developers of climate models whether they really believe that if they just had enough data, if the data were *really* big, the truth would emerge ... as if by magic.
A significant minority of victims change their behaviour after becoming victims. For example, nearly half (45 per cent) opted to shut the stable door after the horse had bolted and 42 per cent report being extra vigilant to avoid a second lightning strike.
Didn't know I was so popular ,,, or controversial.
Pah! Lotus 123 ... modern drivel. SuperCalc, now there's a real spreadsheet.
I bet they make each other produce a current STD test certificate before they feel able to undertake their act of enclosive sexual intercourse.
Accident and Emergency : OpenWound
Geriatrics : OpenGrave
Maternity : OpenLegs
Maternity (for the the executive with a meeting to get to) : OpenSunroof
Plastic Surgery : OpenChequebook
Pharmacy : OpenAllHours
Breaking news - Ukraine crisis over as Putin killed by high velocity frozen pint of British beer. President Obama, currently in Cardiff for the NATO summit, said "I wanna thank you guys. We got carriers and aircraft coming out of our asses, but it takes Brit genius to truly kick ass. Just like WWII." David Cameron couldn't comment. He was chillaxing having just downed his eighth pint of Brains SA (god no).
The meaning of hacker in popular language has come to be the same as cracker. The two are now pretty much interchangeable. We the congoscenti will either have to find an alternative to replace the original meaning of hacker. How about code artiste or vim jockey or extreme keyboarder or even god forbid programmer? More likely we'll just have to be smug in our superior knowledge.
If I'm talking to a non-technical person I always say hacker when I mean cracker. Life's too short to fight the crowd on something which makes no difference to anyone.
Language does change. The meaning of gorgeous is literally "like a pile of of gore". How it got to mean beautiful over the aeons is anyone's guess.
It says "I woz 'ere" and "Kev 4 Shaz 37000BC"
Now a year is not exactly 365 days, but if it were then that would be 525600 minutes. At four nines that allows for an outage of 5256 minutes or 87.6 hours. SLAs calculated on an annual basis are worthless. The same service level would allow for an outage of 7.44 hours before being triggered if worked on a monthly basis, which is more reasonable.
All of the above is of course meaningless if there's no (or trivial) compensation in the event that the service level is breached, which is the case with most SaaS offerings.
One must not however confuse SaaS with cloud. It's quite possible to get a robust infrastructure in the cloud by using two or more infrastructure providers and installing your own business software. That's why SugarCRM is infinitely preferrable to SalesForce. You are in control be it in the cloud or on your own infrastructure.