* Posts by Dr Who

247 posts • joined 25 Oct 2007

Page:

Stealing, scamming, bluffing: El Reg rides along with pen-testing 'red team hackers'

Dr Who

Re: The abuse of "military grade"...

"yeah baby, I'm totally cool and a spy and dangerous and have a massive willy, want to come back to mine?"

Why ask the question when you already know the correct, and perfectly sensible, answer.

PS I have a military grade lawn mower. The exact same model is used by the army to mow their lawns - I kid you not!

6
0

AWS is coming for UK infrastructure suppliers' lunch – report

Dr Who

Data Protection?

On what basis can any UK private or public sector business use AWS whilst complying with data protection legislation? Even with the EU-US privacy shield (which replaces the old safe harbour agreement) and even with a UK data centre, the fact that remains that Amazon is a US incorporated business and as such cannot give any guarantees that it won't have to hand over data to any US federal agency.

In my view, to give any kind of meaningful data protection commitment to UK customers, your company must be incorporated in the UK and your data centre must be at least within the EEA or more likely within the UK.

That said, this is the kind of thing no IT services buyer really cares about ... until their employees' email history is released to the FBI. And as they used to say about Microsoft, nobody ever got sacked for buying AWS.

4
1

Half-ton handbuilt CPU heads to Centre for Computing History

Dr Who

Megaprocessor

So the OS must be Megahard Doors then.

6
0

AI gives porn peddlers a helping hand

Dr Who

And in other news

Tech industry struggles to understand why it has increasing problems attracting women to the industry.

6
0

Everest outage was caused by split brains

Dr Who

A lesson in redundancy

To have redundant everything you need to know what everything is. In the complex interconnected world in which we operate it's often hard to know what you don't know.

One of our servers at Memset (who are normally an all round top notch provider) was affected by this outage. Anticipating that data centres can never actually have 100% up time, we replicate our servers to another DC run by a different service provider. That way we can just switch the DNS and hey presto.

For our DNS we use another normally top notch provider with loads of DNS servers spread around the world etc.... It just so happened that after ten years of flawless and uninterrupted service they had a problem at the exact same time as the Memset outage. All DNS servers were running normally, but their control panel went offline for an hour due to a database glitch - meaning we couldn't switch the DNS to our redundant server.

As it happened, our Memset server came back very quickly and we didn't need to switch, but still, another lesson learned.

Any tips on how to mitigate against this problem would be much appreciated. DNS secondaries with another provider (or our own) would not have helped in this instance as DNS was running normally. We just couldn't modify the zone files.

2
0

WileyFox Swift 2: A new champ of the 'for around £150' market

Dr Who

Don't know about the new one (and the Cyanogen Inc thing is an issue), but my first Swift which I'm still completely happy with is bloody brilliant.

3
0

Arkivum's new CEO gets £3m cash boost to play with – now what?

Dr Who

Arkivum

Delivering all your backend services through our AaaS. When it comes to data, do a dump on us.

0
0

Tesco Bank limits online transactions after fraud hits thousands

Dr Who

This is really bad

The options surely are :

- a failure in the two factor authentication

- a web app vulnerability that allows the bypassing of some or all of the authentication process.

What else could this be? Even if somebody has my "Something I know" they still haven't got my "Something I have " unless they nicked it. It's a bit unlikely that the attacker had nicked the "something I have" fom 20,000 people.

2
0

KCL out(r)age continues: Two weeks TITSUP, two weeks to go

Dr Who

You've totally hit the nail on the head. I'd upvote multiple times if I could. This failure has nothing to do with technology and everything to do with system administration practices.

And yes RAID is not backup. Nor is cross-site synchronisation.

11
0

Fujitsu workers to strike in Blighty over pay

Dr Who

Overheard from a UK Fujitsu employee

OMG the company's cutting its UK headcount by ten percent next year!

Should I :

a) put my nose to the grindstone and keep my head down

b) take what will probably be a reasonable redundacy package and great reference and start planning now for my next career move

c) go on three days of strikes accompanied by "a continuous work to rule, withdrawal of goodwill and ban on overtime"?

Hmm ... let me think about that one for a bit.

1
2

HMRC to create new compliance team focused on 'gig economy' workers

Dr Who

As ever this is being framed as the government ensuring that rapcious employers are not exploiting the workers - whereas of course it's about squeezing more tax from the same tax base.

Even if it were about workers rights however, there's always an assumption that self-employment is inferior to being employed from the worker's perspective. What about the rights of those workers who want to be self-employed? Exploited by a rapcious government intent on squeezing the lifeblood, both literally and figuratively, out of the UK's workers.

3
0

No, software-as-a-service won't automatically simplify operations and cut costs

Dr Who

There's more - much more

From off-the-shelf SaaS to something that works for your business and it processes will need a *lot* of expensive consultant time to configure, customise, script, integrate with other systems, migrate data, retrain and support users etc...

In this respect SaaS is no different to on premise. SAP in the end became famous mainly for its monumental implementation and customisation costs (nearly killed Lego) and things like SalesForce are no different.

2
0

Astronauts on long-haul space flights risk getting 'space brains'

Dr Who

Re: Space hats!

Never mind 50s sci-fi. If the uniforms look anything like this http://bit.ly/2dWu9MK, I'm signing up. (biddi-biddi)

3
0

Bloodhound supersonic car backed by Chinese taxi biz Geely

Dr Who

Excellent news. Of cours the investors have all been duped. The car will never reach 1000mph. As it hits 888mph (we have moved on you know) the flux capacitor will kick in and the whole thing will disappear leaving but a trail of flames.

6
3

My God, I've got nothing on! Microsoft's $200m Wunderlist is down

Dr Who

Normally, I groan when faced with yet another "cloud computing strikes again" type comment, but in this case I'm absolutely in agreement. A todo list is fine on a piece of paper, stuffed in my back pocket. We're not talking project scheduling here, it's just a list. I've just checked and there are dozens of shopping list apps out there too which is unbelievable. Paper, back pocket, HB pencil, job done.

12
2

NHS health apps project plan: Powered by your medical records

Dr Who

Re: There is no security issue

We are all blinded by dogma and nostalgia. The health service in the UK needs more money - a lot more money. We need more doctors and nurses and we need to pay them more. We will need a lot more geriatric and other age related facilities.

What Tony Blair proved is that chucking loads of money at the NHS as it stands is tantamount to chucking it into a black hole. It disappears and nothing improves. Something has to change and an urgent and honest national debate is needed about how to dismantle the current dysfunctional system and build one that can handle the epic healthcare challenges facing us over the next few decades.

One thing is absolutely certain, the NHS as it stands is an outdated, inadequate and inappropriate vehicle for delivering health services in the UK for the 21st century. Let's get over our ideological hangups and have a serious attempt at tackling the problem. If we don't, chaos and disaster in our healthcare system are guaranteed.

8
10
Dr Who

There is no security issue

Because it is not going to happen. Many billions will be spent. Many IT services companies will come and go. Fuck all will be achieved. There is therefore no security implication.

The electronic patient record has been in the making for over 20 years. According to this article it will now be available by the end of 2017. Bollocks will it be.

The NHS will never learn that grand, centralised, monolithic schemes will never work and they will continue to waste our hard earned dosh with the behemoths of the IT industry.

The internet is not a centrally designed thing, which is why it works. It's a set of protocols to which anyone who wants to build an internetty thing must adhere. That's the route the NHS should be taking.

Britain clearly has an almost religious attachment to the NHS, and Jeremy Cunt is not helping things. I think that attachment is wrong. The state should guarantee each and every citizen their healthcare through a state funded insurance scheme. Almost certainly however, the provision of healthcare and its satellite services would be done better by multiple, competing, well regulated private organisations. We have world class medical professionals being managed by an organisation of world class waste and incompetence. This has to change.

5
18

Dropbox: Leaked DB of 68 million account passwords is real

Dr Who

Can someone explain

How did Troy Hunt verify the leaked data by encrypting his own password with bcrypt and comparing it against the leaked hash when he would have had no idea what salt Dropbox had used for his user account? Or did the leak include the salts?

0
0

HPE sharpens knife for next salami-slicing staff redundo round

Dr Who

To me

It looks more like a chorizo.

5
0

Vodafone: Dear customers. We're sorry we killed your Demon

Dr Who

Re: Saw this coming and recently decamped to Zen

Zen. I use them for home and work broadband and landline. Cannot rate them highly enough. You pay a bit more, but it's worth every penny..

6
1

Quip away, but Microsoft Excel 365's REST APIs win the day

Dr Who

Re: Yup you're old

@Ragarth. Totally agree. I just get frustrated with the large contingent on El Reg who are anti-cloud full stop. They base their entire opinion on services such as Office 360 or SalesForce where in effect you lose control. There are many shades of grey between in house and the Office 360 / SalesForce type scenario. Horses for courses and all that.

3
1
Dr Who

Yup you're old

Years ago my company used to licence a copy, at great expense, of the Post Office PAF file, with regular updates arriving on tape which had to be laboriously loaded into our in house system.

Now - we use PostCodeAnywhere of course. Yes, we depend on a third party for this, but so what? We depend on many third party companies to do business, not least our utilities suppliers, accountants, logistics companies, Internet service providers and so on ad infinitum.

With IT, it's not outsourcing that's the issue, it's how you arrange your outsourced services and who you outsource them to that matters.

In this interconnected world, where as many or more of our users are remote as are office based, the geographical location of the systems is neither here nor there. Even firewall's, DMZs, and intrusion detection systems are increasingly irrelevant in a world where the distinction between your internal and public networks is ever more blurred. You need to defend each system individually, not the perimeter.

I'll stick my neck out even further. Anyone who still believes there's an advantage to running an in house data centre where they can touch the hardware and see the blinking lights is hopelessly out of date. If you know what you're doing, you can deliver far more reliable, far better performing, far more functional systems by outsourcing (cloud or otherwise) than you can in house.

PS I'm old too.

5
10

Cray profits literally go up in smoke after electrical incident

Dr Who

Re: Electrical Smoke Event?

Exactly! Why does everything have to be an event these days?

Severe weather event = big storm

Seismic event = earthquake

Unanticipated landing event = plane crash

Morning ablution event = shit/shower/shave

It's the bloody yanks again I tell you. They started it.

9
0

Google Research opens machine intelligence base in Zurich

Dr Who

Re: Actually...

The ch is the hardest sound for a non-native to get right, hence the time honoured test of asking someone to say "chuchi chaeschtli" which simply means kitchen cupboard but is damn hard to day if you didn't grow up saying it. When a Swiss says the ch it sounds OK. When a foreigner tries it, it normally sounds like they're about to deposit an enormous flob at your feet.

Not mentioned in the article but must be part of Google's thinking is that on their door step in Zurich they will have the ETH - probably the best technical university in Europe.

0
0

When DIY is not enough: Web-snack firm Graze has an offline awakening

Dr Who

The main thing I got from this article is that the Graze office is in a smashing building on the river at Richmond in a Georgian quad opposite Facebook and PayPal - a fact that impressed the author so much he had to write it twice.

8
0

Outsourcery to perform ULTIMATE outsource as it enters administration

Dr Who

Re: The Cloud...

In this case, the customers should be OK. Outsourcery, inspite of its misleading name, is just another reseller of MS cloud services and as such it is likely that service will continue. Now, whether being on the MS cloud is a good thing is an altogether other discussion.

2
1

Rogue Somerset vulture lands at Royal Navy airbase

Dr Who

Re: Surely there's a marketing made in heaven here

With the greatest of respect and to your great credit, your post is an excellent demonstration of why you are a techie and not a marketer.

5
0

Salesforce claims 'record' quarter record at Oracle and SAP's expense

Dr Who

Isn't it ironic

I am in general, and in contrast to much of the opinion expressed on the Reg, a fan of cloud and the opportunities, if used wisely, it offers. This though is a little ironic. The company that just irretrievably lost data for quite a lot of its US customers reports record sales because the competion is cr*p. Have you actually used SalesForce? I have, and it's a nightmare. If they're the best, the others must be truly tragic.

2
0

What is Hybrid Infrastructure? Glad you asked...

Dr Who

Horses for courses

These are all good points well made. It surely depends on the user base you are considering when assessing where your systems should run. If the system you are looking at is for internal consumption within your business, keep the system local. If you are serving tens of thousands of consumers via the web, it may well make sense to place that system in a third party data centre with massive redundant routes to the Internet, something that would be tough to deliver from your own premises. If your system is serving both internal and external user communities, then maybe hybrid is the answer.

I agree entirely that using cloud infrastructure is no silver bullet either financially or technically, it just increases the options available for delivering solutions.

0
0

Snafu! BT funnels all customers' sent email into one poor sod's inbox

Dr Who

Re: Keep your e-mail seperate

Sounds like BT have taken swift action. "I have supported 28 million ..... And now? I am sitting at home polishing my LinkedIn profile".

2
0

German lodges todger in 13 steel rings

Dr Who

Bet he was cockahoop when they finally got them all off.

27
0

We suck at backups. So let's not have a single point of failure any more

Dr Who

This hits the nail on the head. You need to spot the moment the encryption happens by seeing the change between two incremental backups. Even if all your backups are WORM and even if they're on tape, there's still the scenario where the encryption is done but the malware keeps serving up data normally with a software shim for say a month before cutting everything off and demanding its ransom. This means you've got a month's worth of useless backups. Even if your archive goes back more than a month, the data will be completely obsolete. There is malware out there that does precisely this.

As AC says, the only solution is to make log checking your religion and spot the problem as it's happening.

PS this one wakes me up in the middle of the night too!

2
0

Spotify hits the G-Spot, leaps into Google's cloud

Dr Who

Re: What about redundancy and DR ?

Many SMEs do indeed blindly trust in one platform provider, but in Spotify's case I suspect it's a calculated business risk. Google is less likely to go bankrupt than Spotify, so they probably won't disappear overnight. The cost of downtime is a known factor as is the cost of using multiple providers. Given the dependence on proprietary Google tools, having a second provider would involve a complete port of the system to another set of tools. I imagine the cost of this massively outweighs the cost of projected downtime.

Downtime in itself is not necessarily an evil. The cost of five nines often outweighs the business advantages of doing it.

5
0

Growth comes with costs for cloud-support flinger Rackspace

Dr Who

"re-organisation in sales that would allow disrupt its currant"

Could be a typo. More likely it's a verbatim quote from the sales director.

2
0

Building automation systems are so bad IBM hacked one for free

Dr Who

I would work for free if it was for a team called X-Force. It would be worth it just for the answer my seven year old son could give his mates at school when they ask him what his dad does.

3
0

Speednames 'fesses up, admits customers' emails are borked

Dr Who

Exactly

Which is why I'm always amazed when someone spends weeks pitching their product and writing, honing and perfecting their proposal, ping it off in an email to the client and don't bother to make the phone call to be sure it's reached its target. Email delivery is unbelievably unreliable and should not be used as a mission critical business tool.

Bring back X.400 that's what I say.

2
0

Lincolnshire council IT ransomware flingers asked for ... £350

Dr Who

Judith sounds to me a lot like one of those CIOs who place a strong strategic focus on the Chief and Officer side of things (and don't you forget it mate!) but prefers to deploy a light touch approach to the Information part, which is after all jolly hard to understand and is probably best left to others.

22
0

dotCloud dotGone: Ex-Docker PaaS passes away amid bankruptcy

Dr Who

Re: Re-locating all that computing hardware

Spot on! However we arrange our infrastructure we are all unavoidably dependant on a host of third party services from the power grid to communications networks to payment processors et cetera. If we forget the word cloud and replace it with internet, we are of necessity all using it. Having a bunch of servers in your own data centre is only the tiniest piece of the jigsaw.

0
0

Boffins baffled by record-smashing supernova that shouldn't exist

Dr Who

Re: Fixed headline

"BRIAIN-BOGGLINGLY" even

1
0

Database rights are no 'impediment' to Europe's data-driven economy

Dr Who

Re: Clarification ?

Good point. My understanding is the same as yours, but this article appears to suggest the opposite i.e. that you cannot idependently collect and distribute the same data as Football DataCo. If anyone from Outlaw is reading it would be interesting to know the answer.

0
0

Boozing is unsafe at ‘any level’, thunders chief UK.gov quack

Dr Who

Thank God

For El Reg!

There I was feeling like a pariah and thanks to you, the Registrati, I feel normal again. Let's face it, most of us have sailed past the new weekly limit before breakfast on a Monday. By the end of a boozy Sunday lunch sitting in front of the snooker with a couple of cold ones I should, it appears, be dead. Instead, as the white ball clacks softly into the black, I find myself blissfully at one with the world and all creatures that inhabit it.

35
1

HSBC COO ‘profoundly apologises’ for online outage

Dr Who

Re: Likely causes....

Chill. We all get downvotes for comments we thought were really great but clearly weren't. That's the beauty of the comments, they help put our own views into perspective. Stop digging and move on.

3
0

Can DevOps and Agile save the planet? US.gov thinks so

Dr Who

Re: DevOps Man...

Indeed. We should all shy away from mediocrity and instead make sure we check our posts for typographical errors before hitting the submit button.

0
1

Hungryhouse resets thousands of customers' passwords

Dr Who

Re: Very disappointing

If indeed you had no breach (although I find your explanation for the resets somewhat implausible) this is still an object lesson in the art of communicating with your customers whilst you are undertaking a seriously disruptive precautionary action.

3
13

Science Museum trumpets Da Vinci expo

Dr Who

Re: "trumpet's Da Vinci expo"

It's still arguably his name. Many, probably most, last names have their roots in something descriptive. Johnson, Thompson, Smith, Taylor, d'Arc all stem from something descriptive. They're still last names though.Not sure about Beeblebrox.

12
0

Storm in a teacup: Wileyfox does Android cheapie, British style

Dr Who

Having been a Galaxy addict, I bought a Swift and am incredibly impressed with it. At £129 quid it's a no brainer.

0
0

NATS climbs into the cloud to fight legacy software snafus

Dr Who

Well they're quite clear that it's on premise, so under their direct control.

I totally agree with you however, WTF is meant by cloud in this context. Smacks to me of a PR bod using buzz words to garner some free column inches. There's probably a NATS IT bod squirming somewhere.

In fact what is probably happening is that NATS will replace some old onsite infrastructure with some new onsite infrastructure, probably deploying machine virtualisation so that they can scale up capacity super fast in the event of a spike in load. This would make sense given the last failure resulted from overloaded server hardware due to a spike in load caused by an unforeseen use case of the NATS software.

7
0

A BOFH friendly cloud service? Shurely shome mistake...

Dr Who

Depends on whether it's IaaS or SaaS. If it's true SaaS such as Salesforce.com then you are completely at the mercy of the service provider.

If on the other hand you only need infrastructure services, say a bunch of VMs, on which to run your own applications, then just use two (or even three if you're really paranoid) different service providers and mirror your servers. Very easy, very cost effective, and extraordinarily reliable.

We use two different UK service providers, mirror the VMs between the two and have a third location for archive backups.

1
0

BOFH: Power corrupts, uninterrupted power corrupts absolutely

Dr Who

That's why any decent DR plan will include multiple geographically separated redundant pubs.

97
0

Veedub flub hubbub stubs car-jack hack flap

Dr Who

Re: Physical access required

Why would you want to give your car to one of the fathers of the Internet? Or did you mean serf?

I know, sarcasm gets you nowhere, but I couldn't resist.

4
0

Page:

Forums