* Posts by James 100

665 posts • joined 26 Jun 2009

Page:

Yammer security sub-standard says US Veterans' Affairs Dept

James 100
Bronze badge

Point?

We seem to have been infected with Yammer via Office 365 - so nothing inside the firewall, just a website where people can post junk. Rather like Facebook and Twitter, but with far fewer users... (In our department, we just use those two free options for everything: nothing is "sensitive", and we generally want to keep in contact with former staff and students who don't have current credentials too, which Yammer seems to miss.)

Management has bought into it, though, so we periodically get posts from them bringing the latest nasty shock - erm, corporate strategy. Other than that, you can load it up to watch the digital tumbleweed blowing.

0
0

'Edward Snowden' discovered hiding in Indonesian river by boffins

James 100
Bronze badge

New identity

Damnit, El Reg, have you any idea how much effort the Russian government put into crafting Snowden's new identity - not just a new name, or even a new face, but giving him a whole new species to hide under, and you go and blow his cover like that?!

0
0

Shingled drives get SpectraLogic archive down to 9 cents/GB

James 100
Bronze badge

Re: Independent failures?

Presumably the calculation is that each RAID-Z3 array will spend N hours each year degraded/rebuilding, then calculated how many years it would take before a further double-disk failure occurred during one of those windows of vulnerability, to get a nice impressive number. Nice bit of benchmarketing, but not remotely realistic of course.

(I preferred the guy - from Intel, IIRC - going through disk reliability figures, pointing out that with a modern drive capacity approaching 10^14 bits, suddenly that "good" error rate of 10^-15 becomes a virtual guarantee that you *will* hit corruption at some point while rebuilding your RAID 5 array - so you need a minimum of RAID 6 just to be able to rebuild an array of large drives reliably. Meanwhile, a scary proportion of our data isn't checksummed, so when it does get corrupted we won't know about it until it's too late!)

1
0

That thing we do in the UK? Should be ILLEGAL in the US, moans ex-State monopoly BT

James 100
Bronze badge

"as i've written before, BT currently has an interest in keeping OpenReaches (Line Rental) charges down, ISP's will have an interest in upping openreaches charges so they get more margin on the passed through costs, possibly by sticking in unnecessary gear and charging their peers for transiting it."

No - BT have been inflating Openreach charges wherever possible (since that allows them to milk their "competitors") including inventing truly absurd charges, like the three or occasionally even four figure charge for reporting complex faults, "SFI". (By shifting goalposts, they now impose a charge if the first engineer fails to find a fault, even when the second engineer finds and fixes it then admits the first guy should have if he'd done the job properly.)

As for unreasonable charges, get back to me when I can dial a UK number starting 07 from anything other than another 07 number without getting gouged to bankruptcy for it! (Yes, to be fair, BT and Three are both campaigning against that particular scam now, but it's been in place a very long time now.)

It was only last year I had an "Openreach" engineer in my home telling me my fault would be fixed more quickly if I used BT as my ISP rather than one of their rivals!

8
1

Ashley Madison hack – Tory MP Green denies registering account

James 100
Bronze badge

Two MP accounts

The other MP account exposed so far was a very obvious fake, with most of the details being wrong, so it wouldn't be a shock if this turned out to be junk too. Someone said a certain Mr B Obama has a whopping seven accounts on there too!

Meanwhile, I read somewhere else that a married convicted child molester had two AM accounts (active, paid up ones, not just unverified registrations like this one) on the go at once. I suppose if you can put up with the child molester bit, tolerating a bit of adultery as well isn't such a big deal, but still...

4
2

TalkTalk not talking much as systems take a tumble

James 100
Bronze badge

VoIP

"On Twitter it asked customers to call after 1pm, and their internal VoIP and data systems are affected."

Well, this is the bunch that told me VoIP won't work over ADSL, it needs a leased line or at least FTTC, so not too surprising they've managed to make a pig's ear of their own too!n (That, and "40 Gb per month is too much usage for an "unlimited" business ADSL line", got us to move to a proper ISP.)

1
0

Conference Wi-Fi biz fined $750k for jamming personal hotspots

James 100
Bronze badge

Re: Just ignore them?

"Yes, there may be any number of reasons for asking a client to leave a network."

YOUR network, yes - but the problem here is that *their* network can order clients to leave *another* network! That's the absurdity of it. Vodafone can't come along and switch my Three service off - because it's not their network.

It's an absolutely braindead flaw, and far too widely abused (I've seen universities abusing it to prevent people tethering their laptops to phones within range of their WLAN, too) - fortunately, the vulnerability was fixed in the 802.11w update, which Windows 8 implemented, so hopefully this will be a problem of the past eventually!

0
0

HP is getting so good now at negative growth, it should patent it

James 100
Bronze badge

Itanium?

"But the higher-margin "business critical systems" saw sales slump 21 per cent, year on year."

Oh dear. Isn't that where their Itanium business gets listed?

Quite how the boss can be "pleased", when almost all of the company seems to be in a nosedive, is worrying ... does she have a plan to fix it, somehow, or just have a really good parachute handy?

2
0

Vodafonica’s Cornerstone missing its UK coverage target, says report

James 100
Bronze badge

O2-Three?

I was wondering what the O2-Three combination meant for Cornerstone and MBNL, since that would seem to mean the UK would be down to two genuinely separate networks, with O2 and Three customers using both of them - a bizarre situation. I'd have expected some sort of announcement of plans, or at least a leak, by now!

0
0

Who should be responsible for IT security?

James 100
Bronze badge

Re: CISO on its own?

I think this depends very much on the business.

For a bank, risk/security is very much a field in its own, so you have dedicated fraud specialists, policies, investigative tools etc. For most businesses, though, computer security should be very much an integral function of IT: the IT department should be aware of security issues, and factor that into all their procurement and policy decisions. In that sort of setting, splitting out security would be a big mistake, particularly in terms of budget. Who funds the firewall, IDS and VPN for example? Is that an IT purchase, or a security one - and what if they disagree? Supposing Security wants that shiny new Cisco IDS switch blade - but IT want to dump Cisco for that nice fast Extreme Networks core switch, which that blade won't fit? Who is responsible for SSL certificates, authentication policies, making sure new components are properly secured...? Recipe for disaster.

0
0

Choc Factory patches zero day Google for Work hack hole

James 100
Bronze badge

No, if you can't agree on a deadline (or equivalent criteria; sometimes there might be a dependence on a third party, like submitting a patched version to the Apple App Store then having to wait for Apple to approve it so users can actually install it) - release it straight away, because they're not engaging properly.

Anything other than agreeing to expedite a fix with a reasonable timescale sounds too much to me as if they're planning to hide it instead - so if you don't disclose ASAP, you'll probably find their lawyers trying to bury you instead. Every day you delay disclosure is another day they might be using to get a court injunction to gag you about it, as Ross Anderson's guys at Cambridge University have encountered in the past.

1
0

Jimbo 'Wikipedia' Wales leads Lawrence Lessig's presidential push

James 100
Bronze badge

Empty gesture

If he really wanted a political campaign, he'd be running for a Congressional seat somewhere tech friendly; instead, it looks as if he wants to be a new Ralph Nader.

Campaign against the likes of SOPA? Yes, I'd get behind that. "Run" for President, with a platform that doesn't actually make any sense (as Gregory Kohs points out above)? That's just silly. If you must focus on the Presidency, better to use the resources to examine and criticise the platforms of the candidates who actually stand a chance: if you can make even one of the two eventual party nominees shift their position on one issue like copyright, you've achieved more than this "campaign" will.

1
0

US appeals court: Yes, Samsung ... sigh … you still have to pay Apple

James 100
Bronze badge

Re: Wow, the US is gonna actually claim some tax from Apple!

Probably not: court-ordered compensation isn't normally counted as income for tax purposes. (The logic is that it's restoring something you lost, so there isn't actually supposed to be a net gain to you.)

1
0

Verisign sues Google's new love-interest .XYZ for a second time

James 100
Bronze badge

Cornering people as a business model

I've never liked Verisign's approach in general - like getting Microsoft to force developers to use their code-signing certificates, rather than equally valid but cheaper ones from their many competitors. To me, that alone is reason enough to avoid dealing with them in any other situation: I'm heartened to hear it seems others feel the same way.

0
0

Would YOU make 400 people homeless for an extra $16m? Decision time in Silicon Valley

James 100
Bronze badge

Better uses for the $39m?

On the other side of the coin, would preserving the status quo here be the best use of the $39m? Someone pointed out earlier that the development would mean a huge increase in the taxes paid for that site each year, as well as providing housing to more people than it does now; better perhaps to invest that $39m in improving services to all the area residents instead. (Another post points out that even the $39m option would have meant both some evictions and some additional investment to bring the site up to compliance, too - making that a worse deal than it looked at first.)

Take the $55m - and pressure the council to put the $39m into providing a decent park and ride service or something so people can commute there from more affordable areas.

(Personally, I find it hard to understand these areas getting so insanely overpriced and overcrowded: why are all these businesses and startups jammed into such a tiny area? Startups could locate elsewhere far more cheaply; the likes of Google could relocate half their CA staff to another state and give them a far better standard of living for less money, a win all round - yet we have Apple building their new flying saucer thing in CA to squeeze in yet more, even as they cite the datacentres elsewhere.)

0
0

Repeatedly robocalling? That's a paddlin' – a record $3m paddlin'

James 100
Bronze badge

Proper regulation

It must be nice having a proper regulator with teeth! One day this week in the UK, I had nine telemarketing calls. All of them anonymous, of course, so no way to file a complaint against the offending entity - high time that facility was removed, or at least restricted and charged for to prevent abuse.

(Yes, I do have a little PBX I'm going to hook to the line any day now to intercept all the anonymous calls and feed them to voicemail - but why should we have to go to these lengths?!)

0
0

Samsung says micro-sats could blanket the world with Internet

James 100
Bronze badge

Wrong market?

For backhaul from base stations, surely there are very few locations where satellite is the best option: either fibre, or a microwave link to another base station with a fibre connection. For filling in coverage blackspots directly, though, it would be great: just have handsets "roam" onto this constellation as a fallback, as Thuraya handsets do now. Putting this lot in orbit, only to have handsets still reliant on a piece of fixed infrastructure to get a connection anyway, though?!

0
0

Cheers, Bill Gates. Who wouldn't want drinking water made from POO?

James 100
Bronze badge

Drinking processed excrement

If he can persuade people to do that, why did he still not manage to get people using Vista?

Seriously, nice to see this kind of clever recycling being funded and rolled out, and I hope people would overcome the instinctive revulsion at the source of the water - after all, it happens anyway via rain, and surely this is no less thorough a cleaning!

4
4

Patching a fragmented, Stagefrightened Android isn't easy

James 100
Bronze badge

Re: Android is the new Windows

In fact I'd say the problem here is that (in one important respect) it *isn't* like Windows. With Windows, Dell can shove in their own buggy drivers and shovel a load of junk adware on top - but it's still Windows, it still gets the updates from Microsoft, and you can buy/download newer versions directly from MS without getting Dell's permission first.

I do like the flexibility of open source - I'll probably be running CyanogenMod myself soon - but if Google had limited the manufacturer and carrier roles to "you provide Linux kernel drivers and any apps you want" and "you can provide network-specific apps" respectively, keeping control of the core OS and updates for themselves, I think the whole Android platform would be better for everyone. (Including the manufacturers, I suspect, since they'd have less work to do!)

3
0

Law prof Lessig vows to take cash out of politics by raising tons of money

James 100
Bronze badge

Re: I wish him well, just....

I'm pretty sure he'd be safe from that kind of threat: cooking up plans with zero chance of success isn't a threat to anyone.

3
0

B is for Brussels: Google's corporate rejig WON'T insulate firm against antitrust probes

James 100
Bronze badge

Re: Odd. Too few shards.

Agreed. To protect against this sort of threat, surely the best remedy would be to break off "Google Europe" as a genuinely independent entity, which buys in search facilities from the original Google (in much the same way Yahoo buys in search from Bing). That way, EU governments has much less leverage to try to force changes on the non-EU websites; any fine would have to be based on the EU turnover only (since the rest of Google is just a supplier now).

Presumably, Google know that the Alphabet stuff won't have any effect on this anti-trust problem - so must be doing it for some other reason. What might that be?

1
0

Assange™ to SQUAT in Ecuadorian broom closet for ANOTHER FIVE YEARS (maybe)

James 100
Bronze badge

Statute of limitations

I can understand the logic behind having a limit, for less serious charges - a long delay could make it difficult to mount an effective defence against charges, making it unfair - but I don't think that timer should tick while the suspect's aware of the charges and "on the run", as in this case. It's not as if he's unaware of the charges, or unable to defend himself in court, so why should the limit apply?

The idea it's all a plot to get him to the US (because of course Sweden is closer to the US than the UK is?!) doesn't hold much water - so why not go to Sweden and beat the charges, if they're so baseless? Going on the run just makes him look guilty.

10
5

ICO fines anti nuisance call company for making nuisance calls

James 100
Bronze badge

One small step

Is this enough to wipe out all the profits they've made from this scam, though? If not, all it's done is erode their profit margin a bit: put up their overheads, in effect, so they can just pay up and pocket the rest quite happily.

With so many of these illegal spam calls being anonymous, though, will they even begin to deal with the worst offenders? Time to ban anonymous calls, IMO - at least from non-residential lines - or have a per-call surcharge; even just a pound per anonymous call should wipe out most of these scammers.

Of course, if enough of us blocked anonymous calls, they'd find it self-defeating and have to stop hiding like that anyway...

2
0

Fancy 10 Gbps home broadband? Broadcom's built the guts of it

James 100
Bronze badge

Re: 10 Gig? Erm, no thanks

I was briefly excited when I heard that BT's "fibre on demand" offering was available on my exchange - until I spotted two things. First, it gave 330 Mbps down, 30 up, for about the same monthly fee as four bonded FTTC lines which would give 320/80 ... and secondly, I looked at my traffic graph and realised just how little of the time I'm maxing out the 80/20 I have now. Even with an ultra-high end ISP (yes, I can max out that 80/20 any time I like, 24x7: apparently, they have some of the lowest contention ratios out there) I just don't have a use for that much. Maybe it would shave a few minutes off the next Windows service pack or VM image I download - if the servers can actually deliver that - but is that really worth paying much more for?

What I noticed straight away, though, was how much better the "80 Mbps" service from a good ISP was compared to the "50 Mbps" cable modem I had before, where they skimped much more on transit and peering bandwidth. On the cable service, streams had to buffer for a while, because the bandwidth really wasn't there; after migrating, that was all gone.

Now, if I could cut the latency a bit, or bump the upstream bandwidth a bit, that would be nice - but it'll be a while before I actually have any use for much more than 80 Mbps downstream.

0
0

Oracle brews PERPETUAL, all-you-can-eat database licence

James 100
Bronze badge

Vendor lock-out?

This sounds a lot like the Microsoft Campus agreement in academia, where they charge a fee based on the number of computers on site (regardless of what software they run). This has an obvious advantage: all your systems are licensed for the relevant software, without any further checks. The downside, of course, is that every system is then licensed for MS software - even if it's actually being used for Linux, Solaris, *BSD or as an embedded control system for something - at which point, there is no saving in using a rival product: you've already paid for the MS option anyway.

I remember coming across this with Oracle in another university years ago - asked why they were using Oracle for an internal user database (something quite trivial, a few Gb at most), the answer was that they were already licensed for it, so why not? Of course, next time the Oracle license is up for renewal, that's one more critical system relying on keeping the license current...

1
0

Biggest security update in history coming up: Google patches Android hijack bug Stagefright

James 100
Bronze badge

Re: Call me cynical

I would like to think this would mean Google pushing out updates to their own parts directly, bypassing both handset manufacturers and telcos, in the same way Windows Update pulls in new patches straight from MS without consulting Dell first. With proper demarcation - regulatory/technical approval of the baseband bit, the manufacturer providing some Linux device drivers and maybe some apps to run on top - that wouldn't be too difficult.

I went for a SIM-free Nexus for exactly this reason last time; maybe it's time the other handset brands got better update support too?

0
0

AIDS? Ebola? Nah – ELECTRO SMOG is our 'biggest problem', says Noel Edmonds

James 100
Bronze badge

"If you want to be happy you need to think of yourself as a container of energy."

I think of him as a container of natural fertiliser, do you think that's close enough?

1
0

All hail Ikabai-Sital! Destroyer of worlds and mender of toilets

James 100
Bronze badge

On Good Friday, I found the kitchen ceiling a foot closer to the floor than usual - turned out the plumber supplied by B&Q had cracked the pipe leading into the cistern, and just wrapped it in PTFE tape rather than repair/replace it properly, so after a while it started watering the floor underneath.

To cap it all, the "professional" plumber had to borrow one of my screwdrivers at one point - there was a narrow gap involved, and his was too big to fit through. I left him to finish the job, and eventually found my screwdriver sitting on the window sill - with the bit removed.

A month later, the replacement cistern started flushing constantly - apparently there was a component missing, so it got stuck after the first N uses. The words "trading standards" and "lawyer" got involved at that point, so they fixed it properly this time.

Back on IT, a friend managed to get a free laptop with my help - it had an odd BIOS bug which prevented Windows running properly. After a few visits back to the manufacturer, they admitted defeat, sent a replacement and said he could keep the faulty one as well - which I fixed by switching to the other HAL, at which point it worked fine. (Buggy ACPI implementation, as I recall - it's been a few years now.)

1
0

STOP! You – away from the keyboard. There's no free speech in our China

James 100
Bronze badge

Re: Situation critical ?

"I would have honestly thought that suppressing the opinions of over half a billion people would be a bit too costly for any state to bear."

I suppose for the current rulers, the comparison is with the cost of NOT suppressing them - Marie Antoinette would probably think a bit more population oppression would be a bargain at any price, after all...

4
0

Sick of politicians robo-calling you? Bin your landline, says the FCC

James 100
Bronze badge

Anonymous phonespammers

My biggest bugbear lately has been the fact the spammers are allowed and able to make their nuisance calls *anonymously*. (IMO, it's high time use of the 141 caller ID withholding prefix either carried a per-use fee to deter abuse, and/or were restricted to residential lines only.)

On the bright side, I just ordered a nice new router - complete with PBX and voicemail facility, which apparently includes the ability to route anonymous and blacklisted calls straight to voicemail without ringing. (Yes, the telco allows blocking a limited number of specific callers, for a monthly fee, but this is a much "cleaner" mechanism I think. The extremely rare legitimate anonymous caller can still leave a message and be called back, no monthly fees, and more control too.)

0
0

We made a new Do Not Track thing – not like you'll use it or anything, huffs emo teen EFF

James 100
Bronze badge

Like politicians...

Like the old saying that the people who seek political office are the ones who should least be allowed to hold it - the problem here is that the only people likely to comply with DNT requests are the ones we wouldn't worry about tracking by in the first place!

I'm on the UK "do not call" list (TPS) - but still get multiple telemarketing calls per day, many of them anonymous, because the worst offenders are the ones who completely ignore the law in the first place. Honest marketers aren't such a problem anyway.

0
0

Hurrah! Uber does work (in the broadest sense of the word) after all

James 100
Bronze badge

Actually works

Those NYC medallion prices do seem insane - and of course ultimately hurt the customers paying the inflated fares to cover them.

I found myself needing a taxi in Glasgow a few weeks ago, and booked with what claimed to be a large cab firm with their own iOS app ... booking accepted, for the time I chose ... but never actually turned up. (I phoned, and was told they didn't actually have a car nearby after all, so I was SOL. Very helpful.) A far cry from the experience friends have described using Uber in other cities!

All I really needed, though, was a realtime map of taxis: if some app could have told me "there's an empty cab two streets away now, phone number xxxxxx", that would have been enough. Supposing I built that app, and covered costs by getting 50p per fare from the drivers: would that mean I need a taxi license for that city, even though I'm not driving or even necessarily setting foot in it? I don't think so; OK, Uber do a bit more, handling the actual payment for the journey as well, but I still wouldn't call them a taxi company.

4
3

Dot-com da-bomb Verisign fires off an OpenDNS rival

James 100
Bronze badge

Re: seems unrelated

Cloudflare works by taking over your domain's DNS hosting, then rerouting (some) hostnames to their own server farms to intercept, cache and filter HTTP traffic. (Unless you pay them extra to continue using your own DNS service and only rely on them for HTTP, a pricing model that makes very little sense to me.)

The Verisign offering also works by replacing your DNS servers, but that seems to be as far as the commonality goes: this replaces your *recursive* DNS server, making it a competitor to OpenDNS (as recently acquired by Cisco) rather than Cloudflare.

2
0

Americans in Europe like using Wi-Fi calling, Ericsson discovers

James 100
Bronze badge

Re: Do you really need it?

Skype's little use for incoming calls, unless you set up forwarding and rely on that.

Since they've gone to the effort and expense of creating their own "apps" to deliver it, clearly O2 and Three DO think it's worth doing - though apparently not worth the effort to get the proper standard working, instead of relying on proprietary hacks - and I for one would indeed find it useful.

Even without roaming, plenty of places here in Scotland have no mobile signal, but do have Wifi. Enabling this would mean my phone could actually function as a phone in those places - and without needing Skype installed and set up, with credit, and even then it's effectively outgoing only unless you mess around with call forwarding. I already pay my phone company to provide calls and text services: why would I want to duplicate that badly with Skype, when I could just use my existing service over Wifi instead?

1
0

VMware, Microsoft in virtualised Exchange blog battle

James 100
Bronze badge

Shark jumped

When having "only" 24 processors and 96 Gb of RAM is an "itsy bitsy" mail server, there's something wrong. More or less enough to store a thousand users' Inboxes (excluding attachments) completely in RAM? Just how many organisations have enough email users to need more horsepower than one of those?

It wouldn't surprise me if the overheads got excessive above that point, so you'd actually be better scaling out rather than up at that point. Probably what MS do in their own "cloud" Exchange offering ... so maybe that's the scale they tune it for, rather than individual mega-box servers?

4
0

BT: Let us scrap ordinary phone lines. You've all got great internet, right?

James 100
Bronze badge

Re: It says "provision on request"...

You aren't actually forced to - BT (Openreach) are quite happy to provide just the wire bit to any ISP that wants it. However, most of those make a nice living out of bundling in the PSTN side - and more pragmatically, one ISP that did offer a broadband-only line then discovered those lines tended to get disconnected and recycled by BT's contractors when installing new lines: they'd see a line with no PSTN service, assume it's spare, and re-use that wire for the new line they're installing.

The problem is, the copper wire itself is the expensive bit: plugging it into a PSTN port in the exchange only adds a few pounds per year to the c £88 they charge for the copper. Saving a small percentage isn't really worth the extra hassle it causes in support, for most ISPs.

0
0

FCC hosts Reagan-off as it enters 21st century

James 100
Bronze badge

"if telcos are willing to provide service for that, tells you something about how much they're overcharging everyone *else*."

Not really - from the article: "citizens pay the discount rate, and Uncle Sam makes up the difference on a normal full-price plan with the telco". So the telco still gets paid as normal, it's just the taxpayer left out of pocket.

You'd think a very cheap basic mobile plan wouldn't cost much more than that anyway - for a while, I was paying £7/month for a SIM-only account in the UK, with three hours of calls, a lot of texts and a few hundred Mb of data, which would surely be plenty for a "lifeline" service without needing any subsidy.

1
0

Obama issues HTTPS-only order to US Federal sysadmins

James 100
Bronze badge

Re: Why?

For browsing static content, yes, unprotected HTTP is normally fine (give or take HTTP tampering, like the NSA's "QUANTUM INSERT" stuff, and the usual adware crud). Having said that, though, you need to be running over HTTPS to get the benefit of things like SPDY - so if you're using Chrome or Firefox, you'll probably see a performance *gain* overall from browsing via HTTPS rather than HTTP, even on typical static pages.

Even without SPDY, once you start encrypting some of your pages/sites, the extra cost to encrypt the whole lot should be pretty trivial - I rather like the idea of encrypting all the traffic as far as possible, not just selected bits.

0
0

The blandness – or madness – of King George of NetApp

James 100
Bronze badge

Safety

"Is safety-first the right approach?"

No. I don't mind if my data occasionally disappears in a puff of error codes. Er, wait...

The tough migration path is a big mistake I think: just like I faced a few years ago with a Windows SBS 2003 server. With no upgrade option (can't just upgrade it in-place to 2008, because that's 64 bit only and 2003 is 32 bit only) we were faced with "Need to migrate to something new anyway, and buy new hardware if it's on-premises ... might as well switch to hosted email then". So, of course, there's now one less MS Exchange installation in the world.

That, for MS, was a rare exception: normally, it's a smooth upgrade treadmill, just the way they want it. "Yes, the new version's expensive/difficult, but not as expensive/difficult as moving to a whole new platform, so go on..." Storage isn't part of my problem these days, but we do have a few 7mode NetApps holding almost everything - and I get the impression NetApp really dropped the ball there.

3
0

Microsoft spunks $500m to reinvent the wheel. Why?

James 100
Bronze badge

Factions

In an outfit the size of MS - or even one much smaller - not everyone will be on the same page. You'll get different teams re-solving the same problem in different ways; sometimes one is better and replaces the other, sometimes you're just left with duplication. Raymond Chen recently blogged about a situation where two rival teams actually wrote rival clients for the same internal protocol, too.

The Windows Installer stuff - MSI - started out within Office 2000, as the Office installer, before being moved and extended. They had other installers before that.

Maybe the management don't like Exchange as a backend mechanism for these new services, for example? Even a "poor cousin" offering right now might still have a better infrastructure MS want to get their hands on, or just a better/different skillset to the existing ones. I never really saw the point of Yammer, but MS seem to like it...

I just hope MS aren't adopting Google's usual habit, of buying up a small company that makes a nice product - then killing the product and mulching the team into their collective, never to be seen again. OK, Google needs staff, but stop killing off products in the process!

0
0

Vodafone IS talking to Virgin Media daddy Liberty Global

James 100
Bronze badge

ISP?

Some interesting angles here. Right now, Virgin has the contract to provide backhaul to MBNL, the combined Three+EE network operation, while Vodafone pools stuff with O2 under "Cornerstone" - with BT buying EE and Three buying O2, something there will have to change drastically. Hard to imagine BT continuing to buy in network backhaul from Virgin.

Right now, Virgin resell EE's mobile services: will they or BT be happy to continue that post takeover, or will Virgin be in the market for a new provider for their MVNO?

Vodafone owns both the old Bulldog/C&W LLU network and Demon - so either offloading that to Virgin, or taking over Virgin's leftover non-cable ISP operation to bolster their own size, could make sense.

Sky wouldn't make much sense, though. They just bought O2/Be's LLU network and customers, only to throw both assets in the bin: maybe they could repeat that with Demon/Bulldog, but they've only just started on their mobile reseller deal with O2. Virgin seems a much more sensible match overall.

0
0

Oh, shoppin’ HELL: I’m in the supermarket of the DAMNED

James 100
Bronze badge

Re: Some Dutch shops..

I discovered the Morrisons self-service checkouts have a nice coin hopper like that. A year or so ago, I'd accumulated a small plastic bucket of loose change, mostly coppers (each time I do laundry, I take the coins out, then don't always pocket them again later, so they slowly build up). Having discovered this, each time I was going to be walking past it anyway I'd fill a pocket with change and buy something small that I wanted anyway - milk, some salad or whatever.

Some supermarkets also have coin-counting machines - which take a fairly hefty cut of your money in the process. Stuff that!

2
0

Microsoft makes Skype beach body ready with web browser beta release

James 100
Bronze badge

No need to install software, just a plugin...

Really, what does changing "software" to "plugin" actually get you?

If they'd genuinely made it browser-only, via HTML5 or whatever, fair enough - even relying on Flash, I suppose - but when you just change it from "you must install the Skype application" to "you must install the Skype plugin" ... why bother? You still need to be able - and willing - to install software for that to work! I suppose it makes sense if this is an intermediate step, before they have a pure HTML5 version?

3
0

Spoiling staff with toys could turn against your business

James 100
Bronze badge

Re: If you dislike change, you're going to dislike irrelevance even more @AC

"if a company goes down the route of alternative service provider, it is essential that they keep some IT expertise"

Yes, that's vital and easy to miss - of course, those experts need to be able to communicate the issues properly, and meet the users' needs rather than their own. Consultants/salesdrones can easily push a solution that meets their own needs rather than the users' - whether they're external suppliers pushing a product, or internal ones with an agenda.

Do those "standard laptops" actually do the job adequately? Especially when they're a year or two old, but being pushed by the IT management because they're less effort to support than more modern kit? Does that configuration actually suit the sales reps, the graphics people and the software developers? When the users have different needs, you need to accept that a single answer probably won't fit: either you're short-changing the developers with some ultra-portable that can only handle email and PowerPoint, or wasting money and weighing the salesdrones down with overpowered machines for their needs.

"I agree that IT departments are an endangered species, and not because they do anything wrong, but because they're not saying what the non-technical managers think they should be hearing. Too often, influential managers in companies are more prepared to listen to the salespeople trying to sell snake-oil rather than their own IT people."

Agreed, in part - but perhaps it's not just because those managers want to hear the wrong thing. Look at this article: full of what the author wants and what suits his needs. Yes, giving everyone the same laptop makes his life easier - but does it suit the users? Maybe their needs would actually be better met by greater flexibility. (Particularly in a software company, of course: there are quite a few obscure bugs I've been able to investigate much more easily by having varied hardware and platforms. Yes, it makes support very slightly harder - but of course we need to support external users on different configurations anyway!)

Remote-wipe can be handy too, when a device or its user goes AWOL - but what happens when your Exchange admin goes rogue or gets fired, or the server itself gets compromised? A whole lot of extra collateral damage that way. Has the author never had a server compromised, or a sysadmin go rogue to some extent? (10 years on, do you *really* know who all those Domain Admin members are and why they're there? All those privileged scripts doing who-knows-what? A colleague's been looking at all that lately ... it really isn't simple, in a large setup.)

0
0

Thousands of 'lost data' reports mean we should ARM the ICO, says infosec bod

James 100
Bronze badge

Re: Anyone else see the gaping hole?

No surprise there really: if the small company I work for had a data leak, would I or anyone else publicly report it? I honestly don't know: with no legal obligation to do so, I imagine not. Why would we? Of course, I like to be proactive and keep everything properly secured anyway...

This company's got a product to push, of course, but that doesn't necessarily make it wrong. I'd like to see the ICO giving more detailed guidance (to be fair, they do already give some) and explicitly linking future penalties to how closely they've complied with it. (Maybe they do that now - but if so, that needs to be more widely reported, so everyone else knows about it.)

0
0

The time on Microsoft Azure will be: Different by a second, everywhere

James 100
Bronze badge

Re: Feb 29th

Yep - Azure crashed because internally the nodes communicate using internally-issued SSL certificates with a one year validity - so on Feb 29th, any node that got rebooted requested a certificate for itself with an expiry date of Feb 29th 2013. Of course, that doesn't exist, so the request failed. That meant the new VM failed to communicate with its host in time, so got rebooted; after a few cycles of that, their systems decided the hosts were faulty and tried resetting those. Which, of course, then tried to get themselves new SSL certificates to connect to the controller, which failed ...

1
0

NSA eggheads tried to bork Nork nukes with Stuxnet. It failed – report

James 100
Bronze badge

Re: Sony First, Nukes Second

Different servers? Of course the nodes attacking Sony had to be online (and so vulnerable to attack themselves, to some extent), but those involved in the nuclear program could be fully airgapped, but with a better gap than Iran's had. Not to mention that FBI/NSA "access" may just have consisted of monitoring their external Internet traffic - so they could see "Norks are probing 100.64.12.34 ... uh-oh, they got in, whose is that?" but not necessarily had any control over in-country systems from that.

My ISP could see if I'm off breaking into Sony - it doesn't mean they can to anything to interfere with my printer, even though it is on the LAN that connects to them.

5
0

German watchdog rips off Facebook's thumbs after online fracas

James 100
Bronze badge

Two step version?

There's a "privacy enhanced" version out there somewhere which displays the social icons greyed out initially, without loading their scripts - so they don't get a chance to track you unless/until you've explicitly requested that service by clicking on it. Once you click (thereby arguably consenting to tracking, since you are knowingly interacting with them) the Like button activates.

Google Analytics and co worry me a bit too; IIRC back before Google bought them, they offered a self-hosted option which avoided all these issues, but of course that got killed off smartish.

5
0

Fibre Channel over Ethernet is dead. Woah, contain yourselves

James 100
Bronze badge

It died?

Was there some actual development to trigger this announcement? Has Cisco announced they're dropping FCoE support, or NetApp announced it won't be supported in the next ONTAP release, for example?

Maybe it's a bad idea, and/or doomed, but the article seems terribly short on facts to support that. Maybe some actual sales or investment figures for regular FC and iSCSI versus FCoE?

2
0

If IT isn’t careful, marketing will soon be telling us what to do

James 100
Bronze badge

Re: Erm?

"The question comes down to whether Marketing is trying to make IT decisions. You don't have to set up an IT department, but if you do, the implication is that you need their skill in the field of IT."

Really, you need to bridge the gap - either Marketing will need to understand the IT side to some extent, or the IT department needs to understand Marketing (or both).

Having a departmental "IT person" is a model I've seen work well for a lot of things - they get to know that department's needs much better, as well as knowing how to get services delivered from the central IT department when needed. Much better than having a homogenised "Helpdesk" knowing nothing about everyone, IME.

(Personally, I'm a systems guy - originally Solaris and web servers, filled in for a while doing some departmental support as a sideline, now DB and development, so I've seen it from each point in the food chain. The whole "all requests must go via the Helpdesk" ... "Helpdesk, port 1A-31-7 in building 11 is on the wrong VLAN, can you tell $(guy from the desk next to my old one) please?" "What's a VLAN?" experience was quite depressing...)

0
0

Page:

Forums