* Posts by Paul Crawford

1840 posts • joined 15 Mar 2007

BOFH: Capo di tutti capi, bah. I'm having CHICKEN JALFREZI

Paul Crawford
Silver badge

Re: The best part of the week...

I was thinking more corporate Merlin & Morgana le Fey myself, and Merlin usually has something up those wizard's sleeves...

7
0

US Navy's LASER CANNON WARSHIP: USS Ponce sent to Gulf

Paul Crawford
Silver badge

Re: Ouch, my eyes...

"if it blows up your eyes, it's illegal, but it's fine if it blows up your whole head"

AFIK that is it, the convention prohibits weapons intended to cause permanent injury, but not if the goal is killing. A kind of twisted logic that makes sense in only a few situations :(

1
0
Paul Crawford
Silver badge

Re: Ponce

I wonder if they sang that on http://en.wikipedia.org/wiki/HMS_Venus_(R50) ?

At last we reached our station

Through skilful navigation

But the ship was sunk, on a wave of spunk

From too much fornication!

0
0
Paul Crawford
Silver badge

Re: HMS Unicorn

Indeed there is a HMS Unicorn, build in 1824 and still afloat in Dundee!

Not exactly in fighting condition, but if the gov makes any more cuts we might need to press-gang in into service once more :(

0
0

REVEALED: Titsup flight plan mainframe borks UK air traffic control

Paul Crawford
Silver badge

Re: Mirrored systems

We have had some experience of fail-over systems and it is much harder to make it work properly than you imagine at first. You have a few rather tricky issues to address:

1) On what conditions do you fail over? Total loss of one system is obvious (power off, kernel panic, etc) but what do you do if some part is down and other look OK? What exactly are the thresholds for action?

2) If you go for something more useful than total outage, how do you make sure its not triggered by a temporary condition (flood of data requests, etc) that might push system load up higher than normal, but is in fact an acceptable short term condition?

3) When failing over, how do you ensure data completeness and integrity? If, for example, one hard on a NAS fails you could end up with partly written files and may not be sure of what the clients think was successfully written.

4) How do you avoid the "split brain" problem when one system takes over from what it thinks is a failed mirror, but that mirror is still doing stuff with shared resources? If you go for powering down the failed system (AKA "shoot it in the head", zombie apocalypse style) to be damned sure its not meddling with shared stuff, how do you then avoid the risk of mutually assured destruction if both lose the heartbeat link and more or less simultaneously kill the other?

7
0
Paul Crawford
Silver badge

Re: Damn, these guys are good

You could argue: Never have a system that you can't manually work around for the time when (not "if") it goes tits-up.

Massive inconvenience, true, but not one died so that is a pretty good outcome.

10
0
Paul Crawford
Silver badge

Re: User submissions need pre-check

I want a flying shark, even without the laser it would be a cool thing!

Oh and while I am dreaming, a castle or island lair so I can have a moat for said flying sharks to frolic.

2
0

Speaking in Tech: Sony breach proves you can NEVER defend perimeter

Paul Crawford
Silver badge

Re: Of course

Agreed:

1) Defend your perimeter as far as reasonably.

2) Assume the enemy is already inside said perimeter...

3) Segment internal machines and protect them from what (2) suggests.

4) Don't forget printers and other systems that never get security updates...

1
0

Ford dumps Windows for QNX in new in-car entertainment unit

Paul Crawford
Silver badge

Re: Honestly ...

On the same hardware?

Really?

2
0

UK flights CRIPPLED by system outage that shut ALL London airspace

Paul Crawford
Silver badge

Re: Edinburgh

"I expect the right answer"

Which is: they are both a bunch of lying, thieving, two-faced, thieving bastards...

0
0

Solar sandwich cooks at 40 per cent efficiency

Paul Crawford
Silver badge

Re: Professor Green?

It was done by Professor Green with a telescope in the Observatory!

Or was it by Miss Scarlet with a strap on in the basement?

Any clues?

11
0

How HAPPY am I on a scale of 1 to 10? Where do I click PISSED OFF?

Paul Crawford
Silver badge

Re: OK

Yes, people need to get priorities straight and that means *useful* screening and not the various pointless additions (like 100ml fluids) that were knee-jerk reactions to a failed terrorist attempt. They are winning you know, not by blowing us up but by wasting our lives and freedom by knee-jerk reactions.

Incidentally can anyone cite a case of the new THz scanners actually leading to an arrest or something to justify the additional invasion of privacy?

4
0

'We're having panic attacks' ... Sony staff and families now threatened in emails

Paul Crawford
Silver badge

Re: Err...

It this the plot of a new film script? Sound interesting...

0
0

One year on, Windows 8.1 hits milestone, nudges past XP

Paul Crawford
Silver badge

Re: "security swiss cheese known as linux"

Indeed, so many desktops running Linux are hacked. infested with malware and pointless browser toolbars and parasitic AV software that didnt do its job, leaving the poor users to wipe & re-install from scratch, and left hunting for their license key to re-enable the OS and the recovery DVD they (failed to make) made when it was new.

Oh wait, got the wrong OS...

3
0

Orion 'Mars' ship: Cosmic ray guard? Go. Parachutes? Go. Spacerock shield? Go!

Paul Crawford
Silver badge

Re: Disappointed!

Nothing like my disappointment!

This isn't the Orion spacecraft I was hoping for...

This is: http://en.wikipedia.org/wiki/Project_Orion_(nuclear_propulsion)

12
0

Deloitte's files on bean counters swept up in Sony hack stash – report

Paul Crawford
Silver badge

Re: A Silver Lining?

"any of them online could only come from one source so it will be easy to trace the downloaders and sue them several hundred gazillion dollars"

Oh please tell me the torrents were seeded from Sony machines before this hack was discovered? The irony would be delicious and good for my red blood cell count...

2
0

IETF takes rifle off wall, grabs RC4 cipher's collar, goes behind shed

Paul Crawford
Silver badge
Joke

But not long enough for bad women!

1
1

Musicians sue UK.gov over 'zero pay' copyright fix

Paul Crawford
Silver badge

How would compensation work? A tax on blank CDs (a past technology for music transfer), or on HDDs, and if so how is it calculated? Given a 4TB disk could hold millions of songs, should it be taxed to the £1k range?

The other side of this coin is the question of pirating, if you have already paid compensation on your audio equipment for the right to copy, why should it matter where you copied from? In such a case it is going to end very badly for the music industry.

Finally, how is this done in the USA where "fair use" AFIK allows copying without a fee? Do they offer compensation for it, and if not, why should the EU?

(Just to say I do believe musicians deserve compensation for their work, but this seems an unworkable position that you deserve compensation for what has been allowed for years and is seen as "fair use").

13
0

Google dodges 'costly' legal precedent, settles Daniel Hegglin case

Paul Crawford
Silver badge

Yes, but its easier to shoot messengers.

8
3

Windows Phone will snatch biz No 2 spot from Android – analyst

Paul Crawford
Silver badge

Re: Telling...

I think the answer is so many people, in particular high up in the company, just don't want a Windows phone/tablet. Have you ever tried to use a typical non-tech person's home Windows PC (not an El Reg reader) that is more than a few months old? It is a horrific experience of blot, advert tool bars, shitty trial-ware AV, etc.

So when they first used an iPad or iPhone with near instant resume, slick UI and more or less "just working" experience they liked it and wanted it for work.

Of course a large scale corporate deployment by a good Windows admin person is easier and in most ways better than wrangling iOS, but it seems not to be what enough important folk want.

2
0

Renewable energy 'simply WON'T WORK': Top Google engineers

Paul Crawford
Silver badge

Re: I seem to remember

It is a good approach, but not many places are suited to using it (i.e. close to the magma's heat). Iceland is a good example, but few others I can think of.

5
0
Paul Crawford
Silver badge

Re: reducing energy consumption

The big things we need for comfort, like heat and clean water and being washed more than twice a year are not something we really want to give up.

Transport is another that we could do much better on, but ain't going away so long as we operate efficient farming, etc, that moves large amounts of stuff globally.

And we have a LOT of folk still in 3rd world misery and they also deserve something better.

So efficiency might help a bit, like 20-50% perhaps, and reducing birth rate would help a lot long term, but really the Google guys are right - we need so much energy for a comfortable life that when either fossil runs out or it screws our climate beyond achievable farming and population relocation changes, we are fscked.

Unless we do something now about large scale generation that is not fossil based.

37
5

Download alert: Nearly ALL top 100 Android, iOS paid apps hacked

Paul Crawford
Silver badge

Re: Fabulous news

I'm sure the official+cracked apps need all those permissions for a good reason.

Fixed it for you...

0
0

'Most advanced mobile botnet EVER' is coming for your OFFICE Androids

Paul Crawford
Silver badge

Just shows if you give an ignorant person the ability to install crap with system-wide capabilities then you get Trojans.

14
0

YOU are the threat: True confessions of real-life sysadmins

Paul Crawford
Silver badge

Re: So in short, you've four motivations to look out for.

Everyone has their price, its just a shame its so low in some cases.

Really you need to plan for people making mistakes or doing the wrong thing, and have arrangements to detect and correct that as far as possible. Often that costs money or causes inconvenience though so its not done...

2
1
Paul Crawford
Silver badge

Re: One trick I heard of..

They were kind. The alternative punishment/time-waste is to send them to a meeting to suffer hours of "death by powerpoint"!

But seriously, the problem in some cases is they only have one admin, or only one that every looks after XYZ systems, so on antagonistic exit (or a bus accident, etc) they find they can't do anything due to a lack of passwords or alternative admin accounts.

Businesses, particularly those with only one admin person, should have a policy of root passwords being written down and kept in a safe and regularly tested to ensure they still allow access, and that password changes are recorded and done for good reason[1].

[1] Changing periodically to me is dumb, it just promotes writing stuff down in insure places. For example, changing once per year would give a hacker a mean time of 6 months to do stuff. just how long do you need to set up shadow accounts, email redirects, etc?

However, if you think a compromise might have occurred, or someone leaves, then changing is essential.

0
0

HUMAN DNA 'will be FOUND ON MOON' – rockin' boffin Brian Cox

Paul Crawford
Silver badge
Joke

Re: Christ on a bike!

I am sure they already have enough DNA from the various "pluck'em, fuck'em, chuck'em" alien sex tourism experiences that red-neck abductees report...

7
0

YIKES: Combination of LIVING WOMAN and MACHINE sighted in NYC

Paul Crawford
Silver badge

Snake skin?

Most women I know would want nothing to do with snake skin.

Alas the bit "Intel is hoping that women are eager to strap a rather flashy, blinged-up gizmo" quickly disappointed me when I read it was the wrist upon which the gizmo would be strapped on.

3
0

Cries of spies as audit group finds possible 'backdoor' in Bittorrent Sync

Paul Crawford
Silver badge
FAIL

Re: Dan 55

I take that back, just had a cursory look at the code and found stuff like this without any comments:

bs, _ = base64.StdEncoding.DecodeString("H4sIAAAJbogA/0SPsW4iMRCG+3sKM0I6W7L8AKCrTtw16ZIOURh7nDXx2pvxLAQtvHucJZBuPP413/fb/DomS6YvfkwoYbDV2TQQuo4Nk801WUZQJljHhc4Slo/tM1uO7l9MWJ+K9Uigt7B8Bw3LjnkAHcbsOJYsrd6riZBHyuKxdGqKQS7c5bJwphFD/JjHOoY2Ku6onETGk9gQFZLwt4zJ598sUoOJOsNF+KJrkYu4XRCFxO2AqAO6GCL6Baj10ZLwf6zxGJCkWn/L7OU0Ulpt7wLamTc867vEzhxKzBJA6R65K34F/zcvoAdLtq8rgKtqSeewVvlTVk3eENaSjtgeLYJzgUfg9n9Ax3LGtYj2TaD0seL1ulPrX58AAAD//wEAAP//1rAncZcBAAA=")

gr, _ = gzip.NewReader(bytes.NewBuffer(bs))

bs, _ = ioutil.ReadAll(gr)

assets["angular/angular-translate-loader.min.js"] = bs

So sorry "Syncthing" but unreadable code for me means untrustworthy code.

5
0
Paul Crawford
Silver badge

Re: Dan 55

Beat me to it: why trust a closed-source program? While open/closed tells you nothing about how good the programmers are, or the underlying ideas, at least with open it is possible[1] to audit the code and much harder to conceal back doors[2].

[1] Possible yes, but not necessarily going to happen.

[2] Back doors are still possible, but code changes/commits need a bit more explaining.

0
0

The Nokia ENIGMA THING and its SECRET, TERRIBLE purpose

Paul Crawford
Silver badge

@fearnothing

Well played!

0
0
Paul Crawford
Silver badge
Paris Hilton

Teledildonics

I'm betting on a nice matching his&hers[1] remotely linked sex toys all in a discrete black box. And guaranteed to fit her black box as well (other colours supported).

[1] Also fits his&his, or hers&hers, of course.

11
0

This 125mph train is fitted with LASERS. Sadly no sharks, though

Paul Crawford
Silver badge

Or the money saved can be put into making things more efficient/faster, and that also earns money.

1
0

Words to put dread in a sysadmin's heart: 'We are moving our cloud from Windows to Linux'

Paul Crawford
Silver badge

Re: Windows upgrades

Moving from OS to OS, or between versions of the "same" OS separated by many years, is often a real pain and takes a lot of effort and testing. For some legacy applications the cost or trouble may not be worth it. If you have legacy code that is not internet-facing, then running it in VMs of NT4, W2k, old Linux, etc, is probably going to be your saviour.

You can typically run a good few VMs on a single newer server with your preferred OS (Linux or Windows) using either a paid-for VM or (if willing to risk it) a free one. All at lower cost and higher performance, security, and ease of backup/restore, than keeping old machines going.

2
0

Emoticons blast three security holes in Pidgin :-(

Paul Crawford
Silver badge

I have Pidgin installed on my Linux box at home, but honestly never use it. Those I used to IM with now use Facebook's chat, which I don't like, and the rest just seem to have vanished with MSN closing.

How many folk still use this?

0
0

BOFH: SOOO... You want to sell us some antivirus software?

Paul Crawford
Silver badge

Re: Why do you use AV, unless you are compelled?

You make an important point, considering how practically useless and excruciatingly unpleasant the "cure" for viruses is.

What matters most is you have some off-line backup & restore strategy and actually use it.

Then you are probably better to run Windows without AV and just be willing to nuke it and restore the backup when t gets infected. This has the added bonus of getting rid of general crap and bloat (aka "windows entropy") as well.

0
0

Ex-NSA lawyer warns Google, Apple: IMPENETRABLE RIM ruined BlackBerry

Paul Crawford
Silver badge

WTF?

Either this guy has been smoking something his former employers would have strong policies against, or he is barking mad. Who wants to be spied upon, given the bad guys (for any preferred definition of "bad"), gain the same capability?

On the other hand, maybe he is sane and just revealed the existence of a behind-the-scenes campaign by the US gov to discredit RIM to a number of big businesses?

On the third hand, for those of you with special capabilities, maybe he is talking up the 'problem' knowing full well they already have to broken enough for business as usual?

34
1

Luxembourg: Engine-room of the tax-break economy

Paul Crawford
Silver badge

Re: Luxembourg

Funny that, I didn't think there was so much software writers and servers in what is basically a big city...

0
0

Eye laser surgery campaigner burned by Facebook takedown

Paul Crawford
Silver badge

@JDX

Or how many who are saved from eye damage by plastic lenses taking some of the blow?

1
0

Rovnix Trojan infection outbreak infects 130,000 machines in Blighty

Paul Crawford
Silver badge

Re: A simply secure OS ?

The problem for most folk is that so much of what they want to do on-line, like buy stuff, relies on stuff that NoScript blocks. Once users get the idea of just clicking 'yes' to make things work you have something just as bad as the typical Windows plus shitty AV software that asks users if they want shaftmesideways.exe to run.

Until (and I advise you not to hold your breath) most web sites are designed to work without suspect scripting that crosses domains, then NoScript is just an annoyance to non-tech folk that they will click-through, rendering it pointless.

1
1

Languages don't breed bugs, PEOPLE breed bugs, say boffins

Paul Crawford
Silver badge
Joke

What, no assembly language projects?

6
0

NSA director: We share most of the [crap] bugs we find!

Paul Crawford
Silver badge

Time scale?

Did he say how long they sit on a bug before disclosing it?

Given the weasel-worded manner of bureaucrats everywhere, they could disclose them a year or two later and still be technically correct in saying they share discovered vulnerabilities.

3
0

Having a Web Summit? Get some decent Wi-Fi!

Paul Crawford
Silver badge

Re: What? Techies that don't have their own mobile data plan?

You seriously think that a typical nearby phone cell is going to offer usable data to 22 thousand delegates?

That is why venues charge a lot for good wifi (though clearly the 2nd part was missing here) as you need a lot of coordinated access points and serious back-end capacity. You know, simplistically 22k users trying to get a miserable-by-3g-standards 100kbit is going to peak at 2.2Gbit/sec for the broadband link out.

9
1

Microsoft: How to run Internet Explorer 11 on ANDROID, iOS, OS X

Paul Crawford
Silver badge

MS missing the point, again.

Why can't they make IE a stand-alone product like every other browser manages? I thought they had got to the point with a GUI-less Windows Server that this was now possible (or at least, not *essential* for Windows to run), so why don't they?

How hard could it be for a multi-billion dollar company to make their software cross-platform like all other seem to manage on a fraction of the budget?

4
0

The NO-NAME vuln: wget mess patched without a fancy brand

Paul Crawford
Silver badge

Re: ... it could “overwrite your entire filesystem”

True, you can't p0wn the machine unless running as root (why? really why do that?)

But you could get up to lots of mischief by overwriting the user's own files, maybe starting with something creative in .bashrc

<twiddles moustache like a cad & bounder>

Can we have a Terry Thomas icon please?

0
0

BlackEnergy crimeware coursing through US control systems

Paul Crawford
Silver badge

Re: AC

"not patched, then there would be no need to reboot"

That was what I meant, these days an unmolested Windows box (as for Linux) should stay up more or less indefinitely.

The problems come when patching, and that leads you to the "soapy frog dilemma":

(1) Do you leave things alone because they are working, and risk someone coming along with a bucket of soapy frogs, or;

(2) Do you patch/update them to keep your trousers on, and risk breaking things.

http://www.youtube.com/watch?v=RJF_bBiMstc

3
0
Paul Crawford
Silver badge
FAIL

Colour me unsurprised

So we have internet-connected machines running critical control stuff, probably not OS patched due to the risks of disruption from untested interactions or bad patches (and the near-inevitable reboots in these as windows-based system), and probably not application patched due to vendors taking their time and/or the same risks of downtime, more testing needed, etc.

And they get compromised.

Are there any El Reg readers who are surprised?

9
0

MEN: For pity's sake SLEEP with LOTS of WOMEN - and avoid Prostate Cancer

Paul Crawford
Silver badge
Boffin

I also wondered about that, after all correlation (which we have) is not causation. But that is science really: Find some unexplained connections, postulate a theory, and then try to perform experiments to disprove said theory. If it holds up, then it is true enough to be usable.

Until someone else comes along with something better that can be tested...

2
0
Paul Crawford
Silver badge

Re: "a statistically quite small group of people"

A few thousand folk is not, in my humble opinion, statistically small. That is the whole point of sampling a population, you can't practically evaluate all so you get "enough" to have some specified confidence interval.

Do you have enough knowledge of statistical method to comment in any more detail?

26
0

Just don't blame Bono! Apple iTunes music sales PLUMMET

Paul Crawford
Silver badge

@werdsmith

Before criticising folk who use iTunes you have to consider the following:

1) Apple managed to get a sensible sales model from the major music labels. You need to look back a decade or so to see just how crap the industries own on-line shops were. Just who gives a fsck about which label your favourite band is on? And the incompatible DRM shit!

2) Some folk struggle to use ripping software. Hell, some struggle with the concept of RTFM, or even of using Google, etc, to find help...

3) A lot of folk bought Apple ipods, etc, and they deliberately did not document the interfaces and often changed them, so getting music on along with album art was hit and miss. Same trick MS has used...except nobody bought the Zune...

4) A lot of new laptops, and all tablets, lack CD drives and few folk will splash for an external USB one unless they can be persuaded of the benefit. Buying the CD may be comparable to, or even cheaper to iTunes in the sale/bargin box case, but buying one track at a time is popular because frankly a lot of albums are pish, with one or two redeeming tracks. If you are lucky. In that case the economics work against CD purchases.

5) While CDs are uncompressed and better than half of the MP3 tracks out there, most folk don't seem to care about Hi-Fi quality. They play them through crappy speakers or headphones and often as background music, and just don't see sound quality as important.

13
1

Forums