Re: You don't know the pain....

Ability to access any website you want to on your own equipment in your own time, tick.

Ability to use work equipment for non work related web browsing whilst being paid to be doing a job, untick.

Re: maybe

Research is definitely required. This is far more interesting than some of the utter crap that gets funded, simply proving or disproving the ants being able to detect EMF would be worth the research, not that this sort of testing would be particularly expensive!

Re: Blindfold firmly secured? Let's go!

Jon, my point is that the rolling process stopped rolling in many businesses and has remained firmly stuck since. There an an awful lot of businesses out there right now with difficulty meeting their payroll- do you think they are keeping rolling replacements of working equipment going? About the only place I know of still doing that locally from fellow techs is the Council & NHS, who hardly have to worry about such mundane issues as cashflow and not going bankrupt.

Yeah, a lot of businesses aren't this bad but a lot are. Looking at the employment statistics (lies, damn lies and statistics) still shows that the percentage of people not in jobs in the UK is far higher now than before the recession, and applications we post for jobs get responses counted by the hundred so I am assuming that for every thriving business there is another business hard up against it.

And yes, your right. 5 years is awfully arbitary, however the principle stands. Point in case, I just pulled a 1.4GHz pentium 4 of 2002 vintage and replaced it with a 3ghz P4 from 2006 from a steadily diminishing stack of spares. The order of the day here, as with other places I know locally is "make do and mend". It's not too difficult to see that as a ballpark it's going to take another couple of years for us to run out of PC's from stores and have to start buying a handful of replacements, followed by a large torrent of replacements as a shitload of decade old PC's snuff it within a similar timeframe.

We know it's going to happen, management knows it's going to happen but can't (not won't, can't) do anything about it with the financial resources available at this time so it's just going to have to be dealt with when the problem arises in a few years. (It all depends on how long you expect desktop hardware to keep going for, I doubt it's going to be much beyond 12 years...)

Misco also knows- just pick up the misco catalouge and have a look. there are several pages in it dedicated to 3 year old refurbished hardware from other peoples refresh cycles- were those in there 5 years ago? Do you think that's co-incidence or Misco meeting a demand for cash strapped companies buying replacement PC's on the cheap? I'm betting it's the latter.

Re: True but misleading

Mine are rated by risk of somebody getting the password.

1) Could impersonate me on a random forum such as elreg.

2) Could commit me to financial expenditure eg. eBay etc

3) Could directly access money (eg. paypal, bank etc)

1 has shared passwords for virtually everything. 2 & 3 have unique passwords for every single account. If more or less everybody doesn't do this, i'd be quite surprised.

Re: Who let the data out?

But there is going to be good old fashioned offline devices around until the sun burns out so this is never going to be an issue.

And that's good, because i'm going to be one of the people using them. What the hell do I need my fridge, microwave, toaster or lightbulb connected to the internet for? Automatic facebook updates ie. "8:47- opened my fridge"?

Until somebody comes up with a convincing reason for such connectivity then most people aren't going to be interested.

Re: insurance app

OBD/OBD2?

You could do what they are doing with the existing interfaces for the car, all they are doing is putting a prettier GUI on.

Given that abused li-ion batteriy cells become "terrorist" cells and explode with byproducts being leaked including hydrofloric acid, personally i'm all in favour of erring on the side of safety and building all of the safety features in that are physically possible.

And even then we still get occasional devices going up in smoke.

Re: Hit Counters

1400 odd now, proto-facebook has probably had more traffic this week than in the rest of it's existance. ;)

Re: Leading a dead-end maybe

Alternately, people don't want tapes anymore because everybody who wants them already has owns them. Given the quarter million hour MTBF it's not like they need replacing often, you know?

Just because tape is no longer suitable for a large data centre does not mean that it's useless. There is a frigging huge mass of SME's with a handful of servers still using tapes for good reason, they have good data storage capacity (including easy implementation of off site backups) at a low cost and don't have the same security implications that uploading all of your data to an "online backup" provider has.

Re: Reality Check

You'd think.

However, what actually happens is that when a problem arises, the outsourced company addresses every single incident individually and leaves the problem untouched, since from their point of view it's the golden goose laying eggs for them to collect.

I have seen exactly this happen, and to be fair they were paying per incident rather than for a specific level of service to be maintained which probably made that ending inevitable, however an SLA only seems to move the problem elseware. It doesn't address the problem that a company hoping to save money outsources IT to a company who's business who is intending to make a profit by charging as much as they can for as little as they can get away with.

Re: Nimbus is right

StorageObserver - 2 posts • joined Wednesday 27th March 2013 18:04 GMT

The first is on the previous story and praises Nimbus uncritically. The second is here, and praises Nimbus uncritically whilst flaming pure.

Funny coincidence, that.

Just saying.

Re: Systems architect here

I once had this problem. It didn't take me long to figure out that people are just as bad as at work, they'd rather call somebody for free to fix the problem than invest 30 seconds in googling it to figure out how to do it themselves.

This problem was solved by charging £10 p/h (with no call out charge) My experience is that this minimal charge has an equivalent function to having a team of first line chaps on the helpdesk.

In the last two years I have been called out 3 times. Firstly to fix a dead CMOS battery on an old dear's PC, secondly to recover/transfer data from a PC with a blown PSU and thirdly to re-terminate a proprietary and unavailable for sale OBD2-CAT5 cable for a driving instructors scanguage.

Frankly, i'd have probably been perfectly happy doing those three for free since they were actually real problems that I wouldn't expect a user to fix, but if I did then I would have a que again and I don't want one. I think it's a fair dead, they get their problem fixed cheaply and quickly by somebody far more experienced than the local "Mr PC Fix it", and I get to keep my free time.

Re: Maplins better than nothing.

A) Cheap

B) Fast

C) Reliable

Pick two. I consider Maplins to cover B & C and buy online when time allows for A & C. Sometimes you need stuff faster than next day, or "next week" though. (Or next year, if buying from China via eBay)

Re: cute

Its so easy when you work in an office that uses computers purely for administration and standard software isn't it. Out in research land they develop and tweak software to enable them to perform the research and analyse the results, or do you think that you can do everything with off the shelf software, or perhaps Excel macros and a pivot table?

. . . Which has what to do with an SRP denying access to execute from %temp%? Other than nothing, obviously. Straw man argument.

Microsoft overview of SRP's for those people who have just heard of them for the first time:-

http://technet.microsoft.com/en-gb/library/bb457006.aspx

because we all know that viruses only come as compiled binaries and never anything like a java package, a PDF, or really any other file format (None are safe). Most e-mail / internet borne viruses are just using scripting in PDFs or Java applets to infect the machines.

Just add "JAR" extensions to your designated file types to block it as well if it's appropriate in your enviroment?

I maintain that you cannot rationally allow users run executable code sent as attachments on emails and then write a policy saying that the end user is responsible for not running stuff they are sent. Doing so is patently absurd and deserves all the riddicule that can be thrown at it given the number of infections via this entry vector.

User education is important, but it should not be the sole line of defence.

If you want to knock holes in SRP's, the appropriate place to start would be the utterly absurd handling of shortcuts which limits their usefulness in locking systems down completely. This does not inhibit their effectiveness in blocking preventing software from running from specific folders like %temp%, however! Like anti-virus software, SRP's are not a cure all, but should be considered an important tool.

Re: recurrent problem

You go to a court and put in a claim. In the UK, you'd do that in the small claims court for cases under £5k as it's fast track and cheap to do. They get a summons to a magistrates court, at which point whomever owes you the money pays you, and you cancel the proceedings.

Alternately, you can put in a Statutory Demand, which requires the person owing you the debt to pay it to you in 21 days, or agree a payment plan which they do as they don't want to be made bankrupt, or struck off if they are a company.

The problem is the way that it's administered. I maintain that if you take an incompetent admin then it doesn't matter if the machines are running windows or nix. With users running as admins/root and the boxes not getting patched, both are vulnerable to being compromised.

Re: Faraday cage

Why downvote this? When you can lose 30million because your security wasn't good enough, the cost of building a metal frame into the walls, doors ceiling and floor is pretty small. A faraday cage is not exactly impossibly complicated, it just needs wire mesh stuck to the walls and ceiling followed by a decorator plastering over it. (the floor could be done simply by sticking the wire mesh under the carpet?)

At most, your looking at that sort of project being in the tens of thousands range, which is not unreasonably expensive for something which would have prevented this outright.

Trustworthy staff would have also prevented it happening, but I don't trust my staff not to open viruses that people send them, and I doubt that anybody else here does either. I certainly wouldn't bet anything on them not accepting a couple of million pound bribe!

Re: no updates from MS necessary

If you can't configure an XP box to be secure then tbh your in the wrong line of work mate.

Re: Crimson Editor

I'm still using Crimson Editor. In my opinion the only thing it's missing is the ability to replace multiple lines at a go, however to be fair I rarely need to do that sort of replacement.

Re: I can see this getting worse too.

That's because whilst the PC is capable of a lot more, the consoles aren't and most games are designed for all of the consoles plus the PC.

Which means that any game sold on a console is likely to be written for the slowest console with the crappiest controls, and those flaws will be faithfully reproduced in the PC version.

Re: MS is squeezing the enterprise and channel

I was quite disappointed to see this reply, since he's actually right for any of the major server distros that anybody would sensibly use for anything mission critical where the business or lives are at stake.

There is a bit of a difference between running a linux server for hylafax behind a PABX which can redirect faxes to an old fashioned fax machine automatically if the hylafax server packs in, and running something more critical.

Rational discussion of relevant points it might be a bit more productive than denying a situation exists.

Because you wouldn't advocate using a non standard home rolled distro on (for example) a box that is storing health records that doctors need to access, would you? I really hope not if it's a system that lives depend on and your the only person in the world who knows what how the system is set up. What happens if you get hit by a bus and there is a problem a week later?

For sensible distros, over a 5 year period you end up paying more just for maintenance support (ie patches) than you would do for a equivalent Microsoft Server for most small environments, since with Microsofts server products you pay once up front and then get free updates. It starts looking better in larger environments since there aren't CAL's to worry about but it's hardly "free" by any sensible measure.

Note: this excludes the cost of support since it's assumed that you would have recruited competent staff on the operating system that your buying.

Re: Hang on....

I'm not convinced that the WEEE regulation covers being burned up on re-entry. Still, is the requirement not on EEE producers to pay for an items "reuse, recycling and recovery"? If so, this could produce a whole new level (like out of this world) for people trolling these companies. (Could you collect my phone from the Lagrange2 recycling point please?)

Re: SysAdmins versus Ops versus Sec

You obviously haven't ever worked with a project manager.

A project manager doesn't say "we can save money by getting a sysadmin to do it". That is not a process. That's what is said by the "boss" at an SME where your responsible for the maintenance of everything that uses electricity or moving parts.

A project manager breaks a job down into processes and individual parts that can be seperated out and safely delegated (often with break points to prevent a catastrophe if it's not bring done to standard) Those processes are then usually divided in such a way that they can be done by less expensively trained and competent staff. This is usually done by giving each position a narrow set of personal responsibility and severe penalties for stepping outside of the process.

The problem with Microsoft was probably that it wasn't anybodies job specifically to look after issues like this, so nobody did it. Alternately, someone did discover the issue but didn't have enough time to push the problem through the byzantine change management system designed to stop people the horde of relatively unskilled people breaking things they don't understand.

thouhg, to be fair, not many people wear a mobile phone base station behing their ear all day so this thing call the inverse square law applies!

With a reply like that I take it that your the original uneducated anonymous coward!

Base station output is 50-100 watts.

A 3/4g mobile phone held by your ear can emit up to 2 watts.

Wifi output is 0.1 watt.

If you spent an hour on your mobile which was emitting 1 watt (i'll be kind and assume that it's using half what it's allowed to) then it would take 20 hours with GoogleGlasses to reach the same amount of power emitted. (and being non ionising, as we know the effect is not cumulative...)

Remember citizen, Ignorance is strength!

It's nice to see people understand the difference between ionising radiation and non ionising radiation!

The power Wi-fi puts out is so small compared to a mobile phone base station that it's not worth thinking about. The power put out by a mobile phone base station is well beneath the level that there is any scientific reason to think that there could be any effect, let alone any actual evidence that are any health concerns.

Twit.

Re: Assume it was an auto box.

Who made that van?

Just so I know the avoid anything that manufacturer makes, ever.

Re: Assume it was an auto box.

Most cars give you non powered steering unless they kick in the immobiliser. (and what sort of frigging idiot would allow that to kick in while the vehicle is in motion?)

Even if you were locked going in a strait line, personally I would find this preferable to being locked at travelling at 200KPH until you strike something or run out of fuel. At least you could find a nice long stretch of strait road and kill the dammed thing.

I'm stunned that something this safety critical has obviously such a shoddy attitude towards safety.

There is a new technology that allows you to burn carbon in oxygen while generating less carbon-dioxide?

Yeah, apparently if you burn less coal to generate the same amount of electricity (shockingly there are more efficient turbines available now than 40 years ago) then by reducing the amount of coal burnt then you reduce the amount of carbon-dioxide released for the same electricity output.

And that's before including carbon capture and other stuff that one could add into the design of a brand new coal plant.

Re: Re:Same S---, Different Day

Yep. Do the words "WSUS Computer Groups" mean anything to you?

The canary group had the patches yesterday.

Re: Speaking of drive-by download prevention...

I'm a huge advocate of SRP's and have been for years, they complately prevent entire classes of attacks and do far better than anti virus in preventing infections. Your going about it the wrong way though, deny everything and then just allow program files. That blocks off removable media and network shares as well without having to specify every single path under the sun.

The problem with SRP's is that too few people use them for Microsoft to develop them properly. For instance, if you create a shortcut to a location that's denied and then run the shortcut from an allowed location (such as the desktop) then the program runs. Extremely lazy programming from the coder involved there!

Re: Evidence

If you read Inspector Gadgets police blog (written by a serving police inspector) you will eventually come to the conculsion that the police are doing their job keep catching the criminals, they keep dragging them in front of the court.

The problem is that the criminals don't receive a punishment that puts them off reoffending.

Gadget blames the CPS (Criminal Protection Service or Couldn't Prosecute Satan!) and the courts. However, looking at the courts they have "sentencing guidelines" imposed from the politicians, who also set "targets" which police officers can be sacked if they don't meet.

Who is ultimately responsible for the current state of affairs? I don't think it's the police or the courts, I think it's the politicians.

Bad analogy. If we actually replaced 1970's coal plants with new coal plants then the amount of carbon released would fall dramatically due to the new technology included in new plants.

Greens protest against doing that, because the left wing of their movement is more interested in protesting than the actual outcome of their protests.

Re: The horror, the horror

What is actually the threat?

Huge EM fields wiping magnetic storage? Possible, but SSD's don't get hurt when intentonally trying with a deguasser (We didn't think so, but c'mon, had to be tried!) so I wouldn't imagine that a solar flare presents little threat to a SSD if we transitioned in that direction.

Power spikes? Is this more than a UPS can smooth out?

Communications down copper wires being scrambled? Use fibre.

This sounds like a threat that we have the ability to deal with already, to be honest.

Re: it is, to them, a hobby

Alternately, they could know full well what it entails and use it to progress professionally instead of being stuck in their existing (crap) jobs.

/ signed someone who was probably once at the level of one of your co-workers level, currently a manager and about to start his own company.

Be nice to nerds. Chances are you'll end up working for one.

Re: Eh?

I suppose that at this point it may be worth mentioning that Mr. Bonaparte was born in Corsica from parents of noble Italian ancestry, (did you know his father was the representative of Corsica to King Louis's court?) and he therefore the advantage he had in family connections (ie; patronage) and wealth offered him more opportunities to study than typical citizens had. He was part of the nobility, not an enemy of it.

Napoleon was also not responsible for removing the existing dynasty of France, that was the enraged citizenry of France incensed at being taxed to death to pay for winning the American revolution. Louis bankrolled the American Revolution and provided cannons, muskets, powder, shot and military advisor's to the Americans. (As well as the help from the French Army & Navy)

Why did he do this? Because he lost out in the 7 years war quite badly and wanted to get his own back, which means that from a certain point of view you could thank the aristocrats in Britain for the downfall of the Bourbon dynasty. ;)

Also, if we are being pedantic one could point out that the first industrial revolution was followed by the second industrial revolution which was only really ended by WW1. (some would say because the resultant arms treaties killed off the huge spending on ever bigger dreadnoughts...)

So, clueless admins using a bad configuration are just as much of a problem under *nix as under windows, requiring the people writing the software to work around the "admins".

Shocking.

Re: I'm floored

Everybody is obsessed with the floor loading because we have heard horror stories from each other about hundreds of thousands of pounds worth of equipment falling through a floor and landing in the room below somewhat worse for wear.

That, and most people employed in IT are paranoid (it's a positive career trait in IT!) Instead of thinking, hey, what are the chances, why worry about it? we tend to think more along the lines of what are the chances? being the first line of a risk assessment, even if that is just a back of the envelope exercise concluding that we are more worried about a meteorite taking out the office.

Re: "the writing is on the wall for desktop computing."

Exactly.

The only reason we were buying computers ten years ago was that then a 5 year old computer had a AMD K-6 processor in it running at a tiny percentage of the speed of the cheapest new equipment available.

My slowest computers from like 7 years ago have AMD64 3200+ processors in them, which are still sold as a entry grade processor in maplins IIRC. These machines are perfectly adequate for running office 2003 + our one peice of software, the users don't want or need any of the functionality that has come out since and as far as I am concerned the existing computers can continue to run until something burns out, at which point the user can have another one from stores. (spares from downsizing)

If i'm spending money on anything, then it's on infrastructure not on desktops. The constant desktop upgrade treadmill is dead, and most businesses also have a supply of spare desktops so there is not going to be much spending on more desktops in the immediate future.

However, saying that the lack of sales for the reasons above means desktop computing is dead is stupidly absurd. When all of the existing equipment is dead what do you think we'll do, replace a secrateries computer with an ipad? Never going to work, you need desktops for producing things- tablets are just a means of consuming media not for creating it.

No longer a huge cash cow does not mean dead.

Re: Why?

Why alarming?

Because I severely limited what I was posting so I didn't bore everybody to death. Suffice to say those are the major areas.

Minor areas cover things such as sensitivity to particular inputs such as touch, light, smell, sound are also on a sliding scale. (see sensory processing disorder for the extreme) People with a low sensitivity to sound are quite likely to prefer loud heavy rock music, where at the other end of the scale your likely to find people liking the more delicate instrumental music, and that's just the really obvious starting points.