Feeds

* Posts by Russell Howe

77 posts • joined 16 Jan 2008

Page:

Ten digital radios to suit all budgets

Russell Howe
Thumb Down

Poor selection

Nothing cheap, nothing portable (as in MP3 player portable, not 1970's luggable).

This article was of no use to me.

2
0

Ten Android games

Russell Howe
Go

Domaination and Freeciv

Both open source, both hardly modern in terms of graphics, but quite enjoy both.

Domination is a Risk clone and rather difficult

Freeciv is a Civilisation clone

0
0

BT blows fibre into 'multiple biz units' for first time

Russell Howe
FAIL

Re: "We are at the forefront of the fibre revolution..."

"... in the UK"

It's a good job they added that qualifier, because it looks pretty f'in' weak compared to many other countries.

Also, just because an area has FTTC, doesn't mean that they quickly roll it out to all the cabs - ours still hasn't got it 6 months since the exchange was done and I also noticed that you can't get FTTC if you live very close to the exchange and have a line which doesn't go via a street cabinet, which I expect would be a bit of a kick in the teeth

0
0

HSBC UK systems major outage

Russell Howe
FAIL

And, hot on the heels of HSBC's outage, along comes Natwest. Accessing http://www.nwolb.com at 1017 BST 5/11/2011 gives:

IMPORTANT INFORMATION

We're sorry our Digital, Mobile and Telephone Banking services are currently unavailable. We're working hard to get them back up and running as soon as possible.

We would like to apologise for any inconvenience caused.

0
0

Corning launches can-stand-the-heat Lotus glass for phones

Russell Howe
WTF?

Come on, El Reg. How hard is to to put a link on a webpage?

Corning's announcement:

http://www.corning.com/news_center/news_releases/2011/2011102501.aspx

0
0

BT superfast home fibre plans fall behind schedule. Again

Russell Howe

Infinity is not just from BT

People can and do resell it. I had a service from UKFSN via Entanet at my previous place. 8 IP addresses and native IPv6. This was £30 a month pluys BT line retail.

30G/month during peak times (8-8 weekdays I think) and unlimited overnight and at weekends.

The pricing seemed OK to me - admittedly, it's not £5/month, but it's also not TalkTalk.

0
0

GNOME emits 'head up the arse' desktop update

Russell Howe
Linux

How about a link to the release notes?

http://library.gnome.org/misc/release-notes/3.2/

3
0

ARM vet: The CPU's future is threatened

Russell Howe
Flame

Power problem

"We want bigger batteries so we can burn more power"

Power => heat. How hot do you want your phone to be? I wouldn't fancy holding a running POWER7 CPU in my hand, even if it had a dirty great heatsink and fan.

Dedicated hardware (yes, this is quite expensive) and highly optimised, clever software (yes, this is also expensive and difficult to get right). Good luck with that.

1
1

Met Police confirms ICT outage but plays down attack fears

Russell Howe
WTF?

Can't run programs?

Er, postscript is a programming language...

Of course, I'm sure it's totally isolated from the parts with a network connection.. right?

1
0

World IPv6 Day fails to kill the internet

Russell Howe
Happy

well..

My quick and dirty check says that 84 of the sites listed in the first 100 here do still list an AAAA address in DNS:

http://www.worldipv6day.org/participants/index.html

22 don't, and I didn't bother checking the other 4. I didn't check that the IPv6 address actually worked, but it's a bigger proportion than I expected. How many had a v6 address prior to the 8th I dunno.

0
0
Russell Howe
Go

Router vs switch

No, it would be a router. It would route.

Your router is a NATing router, i.e. a device which performs NAT and which also routes. It probably has a firewall too as well as the capability to forward ports (i.e. it can NAT traffic both ways).

But yes, it would be possible for your ISP to count the number of addresses being accessed over your link. It might not tell them much though, especially if you have a node which changes address frequently for some reason.

Anyone who uses a router managed by their ISP may be supplyng this information to the ISP anyway - see BT's recent example where they looked at the ARP table on their customer's routers in order to identify who owned a certain device.

It's a weak argument - you control what is on your network. You can run NAT on IPv6 if you wish and make your devices appear as a single box. It's up to you. This is not a reason to stifle progress.

3
0
Russell Howe
Go

No title

Entanet do as well

0
0

Feds break up Chinese-US counterfeit Cisco ring

Russell Howe
Flame

The real crime here

is Cisco's prices.

0
0

Super Micro whiteboxes Ethernet switches

Russell Howe
Stop

Re: Let me guess...

Dunno about the switches, but their NICs are specified as Intel..

0
0

WTF is... IPv6?

Russell Howe

Bad NICs :(

Unfortunately, it doesn't look like those NIC chips support jumbo frames. The Linux via-rhine driver certainly doesn't.

0
0
Russell Howe
Go

IPv6 on a home router

I think MS have specified IPv6 support as required in order for the manufacturer to use some sticker or something on your home router, but last I checked it hadn't had much of an effect.

For what it's worth, the best (in terms of value and functionality) IPv6 (and general DSL) service I've found so far is to use FTTC (aka BT Infinity) with your own router running something like OpenBSD and PPPoE to the BT-supplied VDSL2 modem.

PPPoE I hear you say? "But what about the low MTU?" Never fear - the BT-supplied router supports mini jumbo frames allowing your PPPoE tunnel to operate with a 1500 byte MTU and terminate your public IP addresses on your router.

Oh, and it supports IPv6 too.

AAISP is probably the most progressive with regards to IPv6 support, but it works for me with Entanet via UKFSN.

The only missing piece in the puzzle for me is a cheap low power box to use as a router which supports jumbo frames and can push ~40Mbit/s of traffic without breaking a sweat. The guru plug looks like it might just do it, but I'd like 3 or 4 ethernet interfaces preferably with VLAN support.

I'm still using a Soekris net4801 which doesn't do jumbo frames and is a bit underpowered and expensive.

http://aaisp.net.uk/kb-broadband-ipv6.html

http://noc.enta.net/ipv6-over-xdsl/

http://revk.www.me.uk/2011/01/pppoe-fttc.html

Also note there is a bug in BT's 20CN (not the correct term, really) network which affects IPv6 and which they will not fix:

http://aaisp.net.uk/news-ipv6.html

1
0

Amazon splatters ads to cut Kindle price

Russell Howe

or...

What about starting to put text/image ads on all books which were not purchased via Amazon?

They have control of the device - they can do whatever they wish.

0
1

Wind power: Even worse than you thought

Russell Howe
FAIL

It seems that instead of talking averages or peak or whatever

They should be talking about percentiles.

Averages are near-enough meaningless without the standard deviation anyway.

0
0

Adobe unfurls Flash 10.3 beta

Russell Howe
Linux

Re: 64 bit support?

On Linux for ages (*) :)

* for small values of "ages"

0
0

Traffic-light plague sweeps UK: Safety culture strangles Blighty

Russell Howe
Thumb Up

Title

Also don't forget there are some pretty major construction projects on at the moment in London. Crossrail, the olympics and the Shard, to mention just 3. The number of private cars in central London on my commute from N16 to W1D seems insignificant compared to buses, taxis and commercial vans/lorries.

0
0

Flash drives dangerously hard to purge of sensitive data

Russell Howe
Alert

ATA secure erase?

https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

depends on the drive being sensible, but it might do something useful...

0
0

OpenSSL updated to kill code-execution bug

Russell Howe
Go

s_server

Actually, the openssl(1) commandline tool does have an SSL server built in to it, but yeah, I get your point :)

0
0

Highest point on the Moon found: Higher than Mount Everest

Russell Howe
FAIL

Above sea level?

But surely if you ignore all that water which is sitting in holes on the Earth's surface things become more comparable - the ocean is more than 2km deep in general.

0
0

Firefox engine speeds past Chrome after Jager shot

Russell Howe
Go

At this rate

It'll be done before it starts in another 3 months' time

0
0

UK promises 'transformative' cyber security programme

Russell Howe
Flame

Threats to the UK

Where exactly on that list is "the government making poor decisions"?

0
0

OOo's put the willies up Microsoft

Russell Howe
Go

I think I'm the only one who likes the ribbon

I think it's much more intuitive than a toolbar.

Sure, the people who are set in their ways and incapable of handling change moan until they're blue in the face but it's a pretty flexible interface and the keyboard accelerators are decent.

The fact that half the buttons just take you to the age-old Office '4.3 (or '95 at best) windows (c.f. Fonts, Paragraphs, etc in Word, cell formatting in Excel) is a bit shit - they could do with a redesign in many ways.

Still, the ribbon's a step in the right direction IMHO. It just makes toolbars look so clunky.

I believe MS have a patent or copyright or something on the ribbon, so of course it's in their interest to push it as much as possible.

Still, as a piece of UI design I thought it was pretty good.

0
0

BT bids bumpkins to beg for better broadband

Russell Howe
Alert

FTTC

Surely rural locations far from the exchange benefit the most from FTTC.

The difference between 15Mbit ADSL2+ and 40Mbit/s FTTC for someone in a city is what, 3a 300% boost? Nothing like the 8,000% difference between 500kbit rate-adaptive ADSL and 40Mbit/s FTTC for someone out in the sticks.

You never know, it might even let BT close or downsize a few exchanges, since the fibre runs to the cabs are probably able to reach much further than the copper services traditionally provided by telephone exchanges.

It's up to them how they spend their money, but it's a shame that they are sitting on all this infrastructure which was paid for by the taxpayer (I assume they bought this when they were privatised, but don't know and don't know if they paid a fair price) and to the layman it seems like they're doing what any sensible company would do - squeeze their existing cable plant for all it's worth.

The telecoms industry is f'ed up man.

0
0

Google shocks world with unthreaded Gmail

Russell Howe
Flame

There I fixed it for you

>Threading / conversations are great ... but they don't really get rid of the

> issue of too many people who haven't got a fecking clue how to use email

6
0

National Grid blames BT for gas explosion

Russell Howe

Planning Permission

Is a minefield. BT probably have an exemption for "critical infrastructure" works, etc.

They don't need PP for installing telegraph poles and roadside cabinets AFAIK, or for digging holes and burying things. This may be affected by things like conservation areas, etc, but by and large I would expect them to be exempt.

I don't know if the rules have changed but it used to be that mobile phone operators had the same kind of exemption for masts - they had to notify the local planning authority, but they couldn't really object to it.

0
0

How do you copy 60m files?

Russell Howe

Fastest way?

Pull out hard drive.

Move hard drive to other server.

Put in hard drive.

Or backup to tape and then restore.

Using something like tar or rsync may well have been better than cp

5
1

What Adobe could learn from The Flying Wallendas

Russell Howe
FAIL

DEP

DEP has nothing to do with digital signing.

All DEP does is turn off the "this memory contains executable code" flag in the page table (or equivalent) on the basis that program data and the stack does not typically contain CPU instructions.

Basically, it's a feature that should have been there since day 1 because the only reason you would want to execute program data is for things like self-modifying code and other hacks which aren't worth it in 99.999% of cases.

From what I understand, DEP has to be explicitly enabled in:

* The BIOS

* The OS

* The compiler when building your program

i.e. it's not on by default in many cases, presumably because there is so much utterly shite code out there (both closed and open source) which would break if it suddenly couldn't execute its own data.

Basically, it should be on by default with a clear warning when it is triggered by a crap program, explaining that the cause is either a vulnerability or shite programming (the latter has a good chance of creating many of the former anyway) and therefore the program should be fixed. If that's not possible, then the feature can of course be turned off.

2
0
Russell Howe
Flame

Talk about broad brushes...

"At more than 41MB, it's more than five times as big as competing PDF reader Foxit, and that means there's five times the attack surface to exploit."

That's a bit of a crude measure, don't you think? How much of that 41MB is image files and other ancilliary data?

Quantifying "attack surface" is pretty much impossible to do, but you could at least start with measuring the quantity of executable code in the two products? Or somehow measuring the relative number of features (on the assumption that there is a relationship between features and bugs as well as bugs and security holes)?

Why do we assume Foxit is more secure? Because it has fewer publicly-disclosed vulnerabilities? That's a bit naiive...

Calling it more secure because there is a lower chance that you'll get compromised due to the larger number of exploits targeting Acrobat vs Foxit I could potentially buy, but I'm not sure that "less likely to be compromised" is the same as "more secure" in a general sense.

I would be very surprised if Foxit stood up to the same level of scrutiny that Adobe Reader/Acrobat is getting without having as many holes found.

Unfortunately, we aren't likely to find out - I can't see Foxit commanding enough of an installed base to cause the crackers to switch targets.

Adobe's sandbox idea is alright I guess, but why is this not a feature of the operating system? Applications need to operate on a minimum-rights principle, whereby they only have permission to do what they need to do. Unfortunately, configuring such a setup, whilst possible with Windows is just too difficult to be practical.

It's not helped by applications which require more permissions than they actually need, due to there being no historical reason for them to be careful about what they do. There are still tons of Windows apps out there (I can count several at work) which need to be able to write to their program directory when run as a normal user!

IT bods don't like what Apple do with iOS apps, and the restrictions when it comes to data-sharing between different apps I believe are quite annoying (I don't have an iOS device, so may be wrong here), but I hear very little about security holes in iOS apps. Privacy holes, user tracking, brokenness yes, but not security holes.

OK, that's the "rant" part of my Saturday todo list done. What's next...

0
1

ARM flexes muscles with fivefold performance boost

Russell Howe

ARM powered netbook

Look up "smartbook"

1
0

Firefox 4 beta gets hard on Windows

Russell Howe

(untitled)

"I don't know Linux but I'm going to ask a deep question about it anyway" - that's a rather odd thing to do, to my mind, but I'll bite..

The distributions all share the same kernel and drivers (that's the "Linux" bit), although they often tweak it a little and they all contain different versions.

The graphics part is almost always provided by the Xorg X server - this is written by the Xorg folk, some of which may be employed by companies such as RedHat, but it's really a separate project to the distributions themselves.

The biggest issue on Linux is that graphics hardware development is so rapid and the chips so complex that writing a driver for them without access to the specs (which are almost always never available) is very very hard.

Even if you have the specs, you don't always get the list of things which don't work as they were specified.

So, you have very many slightly different and very complicated devices which are expensive to buy (it's hard writing code for something you haven't got) and no guide to writing a driver.

Then people complain that driver support is crap on Linux.

So, the manufacturers tend to write a Linux driver (for Xorg, normally, maybe with a bit in the kernel too), which by and large is closed source, buggy, contains security holes and is bloated. However, the drivers usually work OK and give pretty quick performance so lots of people use them anyway.

By the time the open source drivers get to the point that they're featureful and fast, the hardware's moved on and the cycle begins anew.

4
0

'Larry and Sergey's HTML5 balls drained my resources'

Russell Howe
Flame

Is it just me...

... or is the real story that browsers are bloated, slow, poorly coded and inefficient, not taking advantage of modern hardware (OK, IE9 apparently uses DirectX for some things - way to lead the curve MS.. DX has been out since W95!) blah blah blah.

Oh, it's also more than a bit to do with the fact that web pages^Wapplications contain embedded programming in the form of Javascript which is making people jump through crazy hoops to produce optimising JIT JS engines in their browsers.

It's time people sat down and worked out what HTML should and should not do. Occasionally some bright ideas come along like out of process plugins, separate processes/threads for separate tabs/windows, private modes which bypass various features, flashblock (which I believe should be on by default for every browser extension in every browser - IE can apparently do this, but it's not the default?) but these ideas are often things which really should have been there from the beginning and which seem pretty obvious now...

Not to mention the craziness that is XmlHttpRequest - if you want a bidirectional communication protocol then design and use a bidirectional data-sharing protocol. That's not really what HTTP is, now, is it?

If this animation slows the machine down then that's the OS's fault for not scheduling things well and if it drains your power then maybe we need to look at OS design and do things like a power cap per application or something?

Oh and why isn't the world on IPv6 yet? We should ditch NAT whilst we're at it as well as kill those proprietary email protocols and get IMAP or something similar up to scratch.

Any volunteers? I'd like it done by pub-o-clock please. I can pay you 20p

2
0

Popular apps don't bother with Windows defences

Russell Howe
FAIL

Breaking news: Software is shit

The post is required, and must contain letters.

2
0

The challenges of mobile billing

Russell Howe
Thumb Up

One organisation I know...

.. has an arrangement where you dial a prefix for personal calls, which are then charged to you.

Anyone found making personal calls without using the prefix had better start sprucing up their CV.

The handsets I've seen staff using are not smartphones, so I assume it's done on the network end by the telco.

0
0

Can't find a smartbook to buy? Blame Adobe

Russell Howe
Paris Hilton

Blame Adobe indeed

Would this be the same Adobe which to date has still not released a 64bit version of Flash for Windows, and which only released a 64bit version for Linux at the end of 2008? I think it might...

http://kb2.adobe.com/cps/000/6b3af6c9.html

Someone can probably correct me here, but I heard the main reason they had so much trouble was because nobody understood their Javascript JIT and only after open sourcing it as part of the Mozilla project* did it get the attention of sufficiently clever people to make it compile and work under a 64bit compiler. I could be totally wrong though - I can't claim to be in the loop.

If the above is true, then I think well-performing ARM might be a tall order for 'em. Now Intel's going to be releasing low-power x86 CPUs for mobiles, I think we can forget about ARM for as long as flash is the web's killer app (yeah, it makes me sick too.).

Then again I'm still holding out for the utopian future without NAT, where everyone is authenticated using some kind of web of trust federation akin to a bastard child of kerberos and gnupg, where IPv4 is in the minority and HTTP is no longer used as a universal tunnel protocol.

Paris, 'cos she's got about as much chance as Adobe of producing a cross-platform version of flash that doesn't suck.

* http://www.mozilla.org/projects/tamarin/

"The immediate goals for Tamarin is to support a broader ranger of hardware platforms, including ARM and X64"

0
0

Victorinox offers hackers £100,000 challenge

Russell Howe
Stop

Term 6a

Would seem to preclude the option of holding the knife to the throat of the guy who put the file on there and demanding to know what it says...

0
0

Minister: Banks should give ID cards to people with no money

Russell Howe
Boffin

I think you'll find it's a bit more complicated than that

Although I'm as ill-informed as anyone else about this...

Surely a BoE deposit is just one of many investments a bank could choose to make with account holders' money? I would expect it to have a pretty low, but near-enough guaranteed rate of return, so it would be a pretty safe investment. I'm sure they also invest cash in riskier things like the stock market, not to mention all the weird and wonderful creations that come out of the derivatives markets.

Regardless, I think what the BoE does a lot of is simply give other banks cash in return for "stuff" valued using whatever hocus pocus seems to be the least worst way at the time, and charge interest on the loan too. Especially now, when cash is scarce, the BoE seems to be quite keen to loan cash out to anyone who can pass it something of perceived worth in exchange.

Where's the house-of-cards icon?

0
0

MS virtualisation bug dodges defences

Russell Howe
Thumb Down

MS response

Seems to basically say "XP Mode is a hack, we don't really advise using it unless you need to and even then you should look to stop using it as soon as is practical. Oh, and look - kittens!"

OK, so technically maybe it's not an exploit, but it sure sounds like a way of bypassing security features, which counts as an exploit against those features in my book. Whether or not it directly allows you to compromise a system, there is still functionality being bypassed that one assumes was designed to not be.

I'd be willing to bet that full on 100% of network applications which are too old and creaky to run on Windows 7 and therefore rely on XP mode are vulnerable as a very vulnerable thing, so saying "it only lets you exploit exploitable XP apps" is a bit of a null statement.

0
0

Password reset questions dead easy to guess

Russell Howe
Stop

What is your favourite colour?

Well, that would be "#rW^Xy60tfA?mS?", of course.

It's just another password. Treat it as such and you effectively work around the stupidly short password length restrictions on some sites.

Even more stupid than password reminder Q&A is the "Password hint" concept which you find in various places (yes, Windows, I'm looking at you).

My favourite "Password hint" which unfortunately I can't claim credit for is "Remember the password"

0
0

Mozilla lays foundation for web's next 100 years

Russell Howe
Go

Hurrah for FOSDEM

FOSDEM is well worth going to. Always extremely inspirational to see the diverse range of things which so many people are working on.

0
0

BT blamed for Davina McCall spamcalls

Russell Howe
Stop

No title here

I'm sure they could, but it would of course have to be at "business" rates :)

0
0

Windows server revenue outpaced Linux in Q4

Russell Howe
Linux

Windows Server & GUI

An interesting question, and the answer is that no, they don't have to.

There's an option when installing which installs it without most of the GUI. You get a console interface (powershell?).

Penguin, 'cause I'm still using Linux. Interesting to note that I operate more Linux servers than Windows ones, but the Linux ones are all virtual so sit on 4 boxes whereas there are more than twice as many Windows servers, all physical.

Yet another job to do!

0
0

NatWest suffers calamitous online banking breakdown

Russell Howe
Stop

It's Friday

A slow response time across a decent time period still counts as a service outage in my books.

Of course there's a distinction if you're trying to diagnose the issue, but if it's crazy slow then it's still broken from a user's perspective.

I'd say it's borderline at the moment - certainly slow, but usable.

1
0

DoH tells NHS to dump IE6

Russell Howe
Go

Firefox MSI/ADM

I totally agree that Mozilla need to package their crap up in MSI files if they're targetting Windows and the ability to configure it via Group Policy is also something sorely lacking.

I take it you've heard of Frontmotion Firefox? It does both, but I'd still rather have it from Mozilla direct.

0
0

Free postcoders bang on Ordnance Survey door

Russell Howe
Alert

Not sure who said it

but another commenter on a related article put it quite well - something along the lines of that if the PAF doesn't pay for itself in terms of operational efficiencies within RM, then it's pointless. The extra income from selling access to the database should therefore in theory simply be a supplement rather than something necessary to the operation of RM.

In that sense, it's less "money for nothing" and more "money for doing what you were doing anyway".

One thing I don't really like the idea of is that if RM do actually open it up, their competitors who previously had to pay them for the postcode data get it for free. That's a double whammy for RM's competitiveness.

0
0

Nokia switches direction and gives away maps

Russell Howe
Unhappy

Limited device support, though

Compatible devices: Nokia X6, Nokia N97 mini, E72, E55, E52, Nokia 6730 classic, Nokia 6710 Navigator, Nokia 5800 Xpressmusic, Nokia 5800 Navigation Edition, Nokia 5230.

2
0

Fem-rage shocker: Woman zaps ex-boyf with pink taser

Russell Howe
WTF?

srsly

That neck looks like a prime candidate for photoshopdisasters

0
0

Page: