86 posts • joined Monday 30th April 2007 14:49 GMT
Oh, the memories
In $former_job in commercial web hosting, customers had the ability to create simple mailing lists. One of them ran a mailing list for a large, disparate charity organisation - and also ran several of said organisation's branch mail systems.
For some unknown (still) reason, they used Microsoft's SBS product with the dumbest POP3 receiver code I ever saw. The following happened:
1. Mail gets sent to list
2. Mail gets expanded to recipients
3. Mail goes to one of the aforementioned SBS POP3 connector widget, which looks at the incoming message and thinks 'this isn't for one of my addresses, it's been sent to some-list@some-domain...'
4. SBS POP3 widget sends message to mailing list
5. GOTO 1.
The list had thousands of subscribers. I lost count how many of these SBS machines were involved - at least 4 - but the resulting storm saw our customer attempt to claim £250k in damages from us for lost business! The last I knew about it, they'd backed down and as far as I know it never got to court.
Hilarious at the time, but the aftermath was bloody irritating.
I would have expected that the existing legislation around obscenity would be used if someone were to be found watching porn in a public place.
Of course, you weren't watching that in public, were you?
The old adage rings true again...
...being that in order to make a few hundred thousand dollars, you need to start with a few million.
Re: Death Star construction
Any Fule Know you don't build a Death Star from Meccano, you build it from Lego!
Re: "malicious traffic identification"
And yes, I was largely agreeing with Chris there.
Re: "malicious traffic identification"
That's known in the business as BCP38 - see http://tools.ietf.org/html/bcp38 - and is a perennial discussion point amongst network operators. Given that BCP38 is now 12 and a half years old, and bits of it are older than that, the likelihood of it being applied across the board is unlikely.
The complexity of modern networks can result in it being technically difficult (although not impossible) to completely validate source addresses within networks for which the kit is "authoritative". Responsible network operators know this and apply BCP38 quite strictly, but they are far outnumbered by network operators who don't even know what BCP38 is. Sadly.
Interestingly if it was applied absolutely religiously it would make spoofed (D)DoS attacks almost impossible. That's a far more laudable aim than cleaning up firewall logs...
All fine and dandy here...
...except I experienced dreadful network performance a couple of years which went on for months. As someone who works on Da Intarwebz and has some experience of networking I was able to show that the uplink from the cable head end was saturated from 6pm to 12pm, and the problem arrived when the local University term started.
After a few fruitless "please provide us with ping tests" and "go to speedtest.net" conversations with VM CS I contacted @virginmedia on Twitter. BOOM - open, honest, frank and clear explanation of the problem, entirely agreeing with me.
It still took several weeks to be resolved, but that's network provisioning for you. And I did quite nicely out of my complaint, ta very much. Haven't had a single problem since.
The company I used to work for had data centres all over the UK. One of them had a prolonged outage starting in the small hours of the morning (for which I was on call) because a capacitor on the HV side of one UPS had physically exploded, taking the HV side of the adjacent redundant controller with it; one had an extended outage when a static switch melted during a routine test causing a complete loss of power to the distribution panels; one had a shortish outage (but long startup) after an electrician accidentally dislodged a cut-out lug at the top of a distribution panel and shorted two phases together in said panel causing the UPS to shut down (they don't like having phases crossed!); another had a planned run on generator curtailed because the building's owner had just finished bricking up the inlet vent for the generator (without notifying anyone) resulting in the local fire service decreeing that said generator was now a fire risk and had to be shutdown.
Then I moved jobs, a new UPS got installed at $newjob, and it transpired someone had got an RMS calculation back to front and said UPS was therefore only 70% capable of full load and kept going into bypass. It got made bigger, and then controllers kept failing.
Since I moved offices to over a mile away, it hasn't barfed. Coincidence?
Poppy, and as they say round here, cock.
Aircraft doors open outwards. The pressure inside the cabin far exceeds that outside when at height, which is how the windows and doors can blow outwards if they fail.
The impossibility of opening them is caused by the control systems, which can be disarmed in an emergency. Opening the doors in flight is a little-used technique to clear cabin smoke, but there are several things in place that have to be turned off to allow it to happen. Mr Lemmeouttahere, being pissed, would have found those things quite tricky.
Back in legal land, the airport authorities deemed the tweet to be unthreatening, as did South Yorkshire Police - but they had to hand it on to the CPS as a matter of course. It was only when they got hold of it that the anti-terror folks got in on the act.
...they're all now in the care of the Department of Correction. Which doesn't sound like punishment for the main perp, does it?
Been with NTL/VM for nearly 10 years. In all that time we've had precisely one bit of shonky service, in Oct 2010 when the local students arrived our broadband became practically unusable of an evening.
Being a networky type, I already had some monitoring in place. Firstly they came out and replaced the old cable modem (which apparently shouldn't have been working since they upped the signal strength for 50Mbps services) as it kept rebooting, and that sort-of solved things until the students arrived. Then it went pear-shaped from 6pm to midnight.
I tweeted about it. Their support guys from Twitter were bloody brilliant - I sent them some graphs, and their reply was "you're absolutely right, your head end is oversubscribed, we're fixing it in 6 weeks". True to their word, they did - and offered me a substantial reduction on my bill. I cashed it in for a TiVo instead (which has also been excellent).
It would have been better if there was no problem at all, but one service outage in 9 years is pretty good.
Oh, and we recently ported a BT number over to them. Absolutely, totally, completely pain-free.
Yep, happy punter.
...but an MP walked by, and it disappeared. They're well-known for bending the fabric of space-time, doncha know.
It was them -> <- meht saw tI!
Never let your left hand know what your right hand is doing, and vice-versa.
The term "compliance" is bandied about in data lifecycle management briefings and product notes like confetti at a wedding. However... The first question organisations (or individuals) need to ask is a completely non-technical one:
With *what* are we expected to be compliant?
Industry "Best practice"?
Also there's a trade-off, particularly for the public sector - the need to ensure that Data Protection laws are followed (that is, only keeping what is necessary particularly pertaining to individuals) but at the same time ensuring that this does not make Freedom of Information requests impossible to fulfil. You might find that statutory law means some piece of data has to kept for 7 years, but if it isn't going to be used (and pertains to an individual) it should not be retained. What a dilemma.
And when that FOI request arrives, all this data has to be produced, at which point the individual is likely to ask *why* you were keeping it.
So, before thinking about the technicalities, think about the reality - what do we need to keep, why, and for how long?
Hey, Mr Anonymous Coward, let's see whether you actually read TFA...
Google - Android Market.
Apple - App Store
Amazon - Appstore
I think you'll find that Apple's beef is with Amazon, not Google. OK, so the Android Market begins with A, but that's where the titular resemblance ends.
This is doomed to fail from the outset - determining what is "infringing material" is all but impossible in any automated system. The FP rate will be *enormous*.
"how will you ever know that your mates on Facebook or the celebs you follow on Twitter are really care about these things"
How do you know that the attractive, personable, 20-something couple who approach you in the street about environmental activism really care about these things when they're often getting paid for it? Come to that, if the subject comes up in the pub, how do you *actually* know that your friend really cares, rather than simply being a sheep?
Newzbin3? 4? 5? 1337?
It was just a diversion. They do this so some dodgy bastard can nick small items like mobile phones from the trays... Thankyou, Heathrow security, for diverting my attention last year and letting some light-fingered member of staff (or a passer-by) walk off with my phone.
"pro" and "consumer"...
'What is next? Apple telling their customers that they can only get software for their Mac or Mac Book from iTunes also?'
How long until you have to pay top whack for Mac OSX Pro which will allow you to install "other" software, ie. not downloaded from iTunes? Not too long now given the OSX App Store's launch.
We poor "home" or "consumer" folks will have to make do with the App Store, and Apple will take a cut from every download. Want to install your own software from DVD or CD? Pay the cut up front on your OS costs.
Hrm. Believable, isn't it?
I'm sure I'm not the only reader of El Reg who's simultaneously a parent and a technically literate Internet user. As an experienced hosting and network engineer of almost 15 years, and a parent for 7, I can see quite clearly that:
* most readers of El Reg know that a global filtering system is doomed to fail. False positives only have to happen once (or worse, more than that) to drive a bus through the whole argument. False negatives are even worse.
* most parents are perfectly responsible for their own children.
* too many Daily Fail readers and their ilk big up the "THINK OF THE CHILDREN" so loudly that those parents who aren't technically savvy get taken along, because explaining the technical difficulties behind such a scheme in terms they understand is very, very difficult - it's far easier to follow the soundbites.
As a parent, my main worry when my kids get a bit older isn't that they'll stumble across some porn when using the Internet at home (and remember, kids, The Internet is rather more than just The World Wide Web). It's that they'll be exposed to something using a mobile phone by a friend. I just hope that they'll be comfortable enough to talk about it to me when they do, and let me deal with it rather than some "parent by proxy" system which kids can work around.
To cap it all, a pair of technical question (which you should write to your MP to ask): Who would be responsible for the system, and how would they enforce it in multi-occupant properties? You know - family homes, with multiple age ranges?
I think a less sensationalist approach to the whole issue by all concerned would work wonders, personally.
"Everyone needs tablets and they need them now and they need the OS to be cheap, and better still, open source."
*Everyone*? Really? I'm doing OK without, kthxbye.
"I would say this counts as SPAM."
SPAM is a trademark of Hormel, Inc, and has nothing to do with UBE/UCE. Nor does it have anything to do with representative government, and in fact I'm going to lobby my MP through 38 Degrees to ban it because it's horrid. That is all.
...let's hope the publishers pass some of the profits over to XH558's owners, or the book is all we'll have. If anyone reading this article thinks they'd like to support the VTTS Trust, go here:
and give them lots of lovely money to keep 558 flying!
I bought one of these
...in Hong Kong during the "nobody can fly to Europe" days, to replace a Touch Pro that the numpties at Heathrow T3 security managed to make me lose. I wanted a Desire but couldn't find one.
I like it. It's taken me a few days to get used to the capacitative screen - I've been a stylus/keyboard user for years - but it does exactly what I want it to. I do find that HTC Peep manages to hog the CPU a bit on large updates, but I can live with that.
Only problem I have right now is that I can't find a case to fit it into...
Oh, and it cost rather less than £320.
My other half
...used to work for NATS. Her boss was the same person mentioned in this article.
Not interesting, I know, but then most comments aren't are they?
"mainstream users have stayed clear of it because of the lack of a clear business need for the technology"
That day will come. Unfortunately, when it comes it's likely to be a Big Bang moment - to persuade the beancounters right now that they need to transition to avoid future pain is itself a painful process. That pain, however, is nothing compared to the chaos that will likely ensue when we really *need* to move to IPv6 and the beancounters start telling us to do it yesterday :(
I've moved my number from Cellnet (original contract started back in 1993) to Orange, to Vodafone and now O2. Who collects the termination fee and who gets paid, as Cellnet eventually morphed into O2?
Maybe every call I make has a small quantity of money being passed perpetually between all the companies involved... and mine's a simple one, I know many people who change networks like they change their pants - once or twice a year :)
I think you'll find that the "_something_" is "innocent"... but you knew that anyway. Irony, see, we all understand that. Except them thar folks from over that thar pond.
But the "until" should actually be "unless". The difference is very, very important:
"until" == presumption of guilt
"unless" == suspicion of guilt.
If you have nothing to hide...
...you have nothing to fear.
Apart from the baseless rumours and unfounded, indeed unconfirmed, allegations about which you know little (or nothing) and can do even less.
I wonder how long it will be (in all seriousness) before people have to be vetted and approved before they can have children? After all, the majority of abuse of young people happens in the home and is perpetrated by those adults closest to them.
<shakes head in disappointed resignation>
Re: Operation Ore
@Dan 55: possibly. Also listed as suspects were many, many people whose credit cards had been cloned or otherwise fraudulently misused, whose careers and lives were wrecked (and in some cases lost, sadly).
Yes, Ore uncovered a lot of diabolical behaviour and gave a lot of people a criminal record (and rightly so), but the collateral damage to those guilty by association was (is) a high price to pay.
Calm down dear, it's only an advert...
Stealing, eh? Let me just get this big bag of bits that I have here (they were megabits but I broke them up so you can have more of them) and put them in an email to you. There, my conscience is salved.
Personally I find Adblock (and occasionally NoScript) particularly useful for switching off those nauseatingly CPU-consuming JSON heavy Flash widgets (sometimes described as adverts) which nail my CPU to the floor and render my PC all but useless. Maybe, just maybe, if the people who wrote them (who I believe are called "programmers", but often refer to themselves as "web designers" because it sounds less dull) got the bloody code right more often and didn't screw the pooch in terms of browser performance then they wouldn't be as damned intrusive.
Do you describe people who ignore adverts in paper magazines, or fast-forward (or use autoskip) the ones on recorded TV, as thieves also?
- Facebook offshores HUGE WAD OF CASH to Caymans - via Ireland
- Microsoft teams up with Feds, Europol in ZeroAccess botnet zombie hunt
- Three offers free US roaming, confirms stealth 4G rollout
- Justin Bieber BEGGED for a $200k RIM JOB – and got REJECTED
- Review Bigger on the inside: WD’s Tardis-like Black² Dual Drive laptop disk