* Posts by SImon Hobson

1067 posts • joined 9 Sep 2006

Page:

Pro who killed Apple's Power Mac found... masquerading as a coffee table

SImon Hobson
Silver badge

Re: iFurniture next?

I thought they already did - p**stake on Youtube

0
0

Kent Police handed domestic abuse victim's data to alleged abuser – a Kent cop

SImon Hobson
Silver badge

Re: Stinks of corruption

> The woman provided the phone to the police and consented to its contents being copied

I would speculate that she consented to specific data only (the video) being copied. If anything else was copied then that would have been without consent and thus a criminal breach under the Computer Misuse Act. Passing that illegally copied data to a third party would be the offence we read about here under data protection laws.

The question then is whether the solicitor might reasonably have suspected that the data he was handed was not "legit" - and reading the report it sounds like he really should have had suspicions, and therefore could be argued to have also committed one or more offences (data protection, assisting an offender) as well as a serious breach of professional conduct.

1
0

Lock-hackers crack restricted keys used to secure data centres

SImon Hobson
Silver badge

Re: Making a non-pickable electronic lock is possible

Which is more or less the basis of modern car security - at least for some manufacturers/models. The key has a "chip" in it, and the security system in the car interrogates the chip when it's close to the ignition lock. So with some models it's possible to have a key which will unlock the steering wheel but won't allow the vehicle to be started - useful for those who tow a vehicle around (eg those small cars you see on tow behind a large motorhome).

0
0

Tweak Privacy Shield rules to make people happy? Nah – US govt

SImon Hobson
Silver badge

> Provide data to companies from an untrustworthy nation? Nah - Europeans1.

> 1. Those who understand the issues and actually give a damn, anyway - which, sadly, is probably not enough to matter.

Ah, but in most cases it won't be just down to the users actually understanding. Take FarceBork for example - they have a big business in Europe. Unless they stop illegally slurping data then they can be up in court and fined worthwhile money - enough to actually hurt them. So what are their options :

1) They could pull out of Europe and have no presence here, none at all. But then they'd lose a heck of a lot of income from EU based advertisers and so on. But having no presence here would put them out of reach of EU authorities.

That raises a question, would it be illegal (or perhaps made illegal) for an EU based entity to trade with them ? That's what did for Radio Caroline - the authorities couldn't touch them while they were in international waters, but they did cut off the advertising income. Or could the EU authorities tackle the export by having the internet carries block FarceBork traffic ?

2) They could restructure their operations so as to keep EU data out of the reach of US authorities. That's what I think they'll do - it'll cost them in various ways (such as not being able to mine global data as one big resource), but it's completely doable.

0
0
SImon Hobson
Silver badge

Re: My opinion on the last bit...

But companies cannot contract out of EU or US law - so contractual clauses providing for privacy are void. For the very reason used to squash the old Safe Harbour, no entity based in the US, or with a US presence, can give any believable guarantees on privacy/protection of information - because US law overrides those contracts and US authorities can effectively slurp data whenever they want.

And all this posturing by the US government will come to nothing - they'll either change their law (which they don't seem willing to do), or much of the transatlantic traffic in data is illegal under EU law. And the EU is big enough to be able to force the issue on this - it's not some tiny island state that needs US "approval" to survive.

There's also a parallel to be drawn here between the EU-US situation, and what would be the case between EU and UK if we vote to leave in June. The EU will turn round and basically tell the UK that either we follow EU data protection/privacy law, or we won't be dealing with EU data. That does rather undermine some of the arguments for leaving since even if we leave, we'll still need to fit in with EU laws/regulations if we want to trade with them.

1
0

So you’d sod off to China to escape the EU, Google? Really?

SImon Hobson
Silver badge

Re: Google gives everything away for free, so how in heaven can EU extort google ?

You're probably (if you ever come back to look) wondering why you've been downvoted.

The problem you demonstrate so well is that Google have built this huge image of offering "free" services. They don't - nothing from Google is free, the cost may not be monetary, but there is a real cost.

There are several aspects to their behaviour that are worthy of note.

The main one is their ability to cross fund anything they like from their huge income - basically they can enter any market they choose and "buy share" in a way that no other company (not even Microsoft) can manage. Microsoft used to do that, and were found guilty of it in the US IIRC. Such behaviour is illegal both in the US and Europe because it allows a big player to increase it's dominance by targetting and eradicating smaller competitors - Google, Microsoft, IBM, Standard Oil, ... Google hasn't been found guilty (yet), IBM (if memory serves me right) got the case dropped after many years of preparation right after a new president was elected - one that IBM had provided much funds to during the election campaign. Hmm, IBM funding a president and getting a case dropped, Google funding a president ...

But in this case, it's the question of whether their action has harmed consumer choice. If every* Android device must come bundled with all the Google apps (which the user can't even remove) then that distorts competition. Firstly, it's hard to make money selling mousetraps if some b'stard is giving them away free (c.f. Microsoft and internet exploder which was also bundled, made non-removable, and given away free) - so other companies will struggle to sell enough of an app to cover the cost of development. That means there is less choice available.

Secondary to that, there is the issue that all these bundled apps aren't free - they all slurp your data so that Google can sell you to their real customers, the advertisers. It's really really really hard to prevent this leakage - and that's by design because the last thing Google wants is for users to actually have any privacy from them.

* Excluding the small number that come without any of the stuff

7
1

AMC sobers up, apologizes for silly cinema texting plan

SImon Hobson
Silver badge

Re: My brilliant idea!!

> The movie should be paused every time someone is using its phone, people will take care of the offender in no time!

We have a wonderful and rather old fashioned cinema where I live - I was there only last night with my good lady. It's a shame that it often only has small numbers in while people go and pay more to use the faceless and dull multiplex in the next town. It has been known for the film to pause and a member of staff to tell a group of unruly kids to behave or leave.

But as pointed out above, they typically only have 2 members of staff - both multitasking. When it's time for the program to start, front of house drops to one person selling tickets and selling nibbles while the other person nips up to start the film. Then during the interval (something else the boring multiplex doesn't have) there's a delay while the projectionist gets downstairs to man the counter - the other person doing the traditional tray of icecreams bit.

They still had the old arc-lamp projector until not all that long ago - then one day I walked past and looked in the skip, and there it was in little bits.

0
0
SImon Hobson
Silver badge

Re: Virulent disease won't be stopped by AMC!

> I sat next to someone who simply...could...not..stop...himself...from...

Last time I went to a live gig, there was a young couple who arrived a little late, and almost immediately the lad was on the phone. Bear in mind that this is the sort of gig where I wear earplugs, his yacking was distracting. After a while I just casually asked if he'd be on the phone all evening, he asked me if it was annoying me, I answered in the affirmative.

He at least had the decency to step outside to carry on, but shortly his young lady companion also left and I don't think they saw more than a few minutes of the performance - I assume something came up.

The tickets weren't cheap, so I do have to wonder at the mentality of some people.

0
0

BT hauled into Old Bailey after engineer's 7-metre fall broke both his ankles

SImon Hobson
Silver badge

I witnessed what I considered to be unreasonably unsafe working from the office a little while ago. It wasn't just me, there are some engineering companies in the building too - with people who do know what they are talking about - and they were clearly concerned as well. In the end I phoned the company who's building it was, and put my concerns to their H&S officer - and left it with him to "step outside and take a look for yourself". Half an hour later the guys were off the roof, and returned a couple of days later with some safety gear.

When I posted on a forum, it was "disappointing" to see how many people took the attitude expressed by one or two people here - how dare anyone get in the way of someone killing themself if they want to.

http://www.diynot.com/diy/threads/to-say-or-not-to-say-that-is-the-question.451972/

0
1

I bless the reins down on .africa ... Dot-word injunction hits ICANN

SImon Hobson
Silver badge

Re: So, precedent set?

> Given that almost every contract has started to contain terms that purport to prevent or limit legal actions against the dominant partner in the contract, are these terms now looking to be invalid?

IANAL, AIUI in English law there is a concept of "meeting of minds". Where a contract was formed by a meeting of minds (ie both parties negotiated on equal terms and reached a mutually acceptable position) then most things go - but where one party is dominant then it can be argued that the contract wasn't formed by a meeting of minds, but imposed by the dominant party in the other and therefore clauses may be challenged.

IMO this is the sort of term that could be considered unreasonable, and if the US has a similar concept then that may well be grounds for having the clause declared unenforceable.

1
0

Line by line, how the US anti-encryption bill will kill our privacy, security

SImon Hobson
Silver badge

Re: I don't see how this would be a problem for Apple

> They are going to make it so it is impossible to get at the data under any circumstances. ... if presented with an iPhone running iOS 10 that includes the changes that make it impossible to Apple to help, the FBI will get the court order and Apple will say "what you are asking is impossible".

And that's where this law kicks in, such a phone would be illegal - it would be illegal for Apple to make it (or import it), illegal to sell it, and if Apple ever turned round and said "impossible" then that's a complete admission that they broke this new law banning unbreakable crypto.

In fact, their current models would be illegal under this law - and that's the problem.

"Anything" with crypto where TPTB can't be given the decrypted data on demand is basically illegal. So Apple must water down their protection to render it insecure - and so must anyone else making or importing anything in the US.

As pointed out, this would render the USA "out of bounds" for pretty much anything technology related. The current "discussions" regarding Privacy Shield would be moot - it would be illegal to provide proper security of any data held in the US even if the government completely backed down and accepted the principle of privacy.

What would happen is that a good chunk of US technology business would be very quickly offshored. There'd be (sticking with Apple for a moment) a "US iPhone" and a "rest of world" iPhone - the RoW version would have security, the US one wouldn't, and the security software would have to be developed outside of the US. A bit like certain encryption tools had to be developed outside the US to avoid their "encryption is a weapon of mass destruction" laws.

Apple, Microsoft, IBM, Cisco, Juniper, and a long long list of US tech companies would very soon be deciding that the rest of the world was a more important market than the domestic US one !

10
0

Bundling ZFS and Linux is impossible says Richard Stallman

SImon Hobson
Silver badge

Re: Stallman can change the GPS as welll...

> Capricious and a bit of an arsehole, but did something good once and now he won’t let anyone forget it.

Actually, I think he still does good.

The first thing to remember is that no-one, and I mean no-one*, "has" to write code and release it under GPL. That many people have chosen to embrace the GPL indicates that a great many people think it's "a good thing". Many of the people arguing that it's a bad thing tend to be doing so because it gets in the way of them "ripping off" someone's work and not "sharing".

I've met him, and yes he does come across as a bit of a tit. But although I disagree on some point, I respect his point of view, and I respect his integrity with it.

I'm a pragmatist myself - I use both closed non-free and open free software, both personally and for work. A foot in both camps as it were, and I can see the pros and cons both ways.

But one thing I am certain of, if it weren't for the "hardline" purists, the computing landscape would be a lot different. Even if you never use a single piece of software written with his purist views in mind, and quite possibly released under GPL, the very fact of their existence creates competition that keeps all vendors in check to some extent or other.

I suspect a few people are "too young" to remember when Microsoft seemed to have a complete and total lock on the desktop, on servers, and even on the web browser. Back then the "easy" thing to do would be to just accept that "Exploder 6" is "the standard" and work with that - it's only because enough people pushed back with open and interoperable standards that such a dominance got broken. I suspect fewer people still remember the "Unix wars" that turned something that was largely open (though not on an open licence) into a minefield of competing proprietary standards - and which in part contributed to Microsoft's rise to dominance.

Now, what's that saying about those who forget history being prone to repeat it ? Says I looking at what Red Hat (and others) are trying to do these days ...

* OK, you might argue that some people get paid to do so, but then they still made a decision at some point to take that job.

18
2

Nest's bricking of Revolv serves as wake-up call to industry

SImon Hobson
Silver badge

Re: IoT?

> Pure BS. Using "networks" has nothing to do with the number of conductors.

I think you missed the point, he's talking about replacing the older hardwired control and monitoring systems using hundred of wires for all the discrete connections, with systems where the information is passed over a network connection with just a few wires.

For example, an electrical switchboard may contain many circuit breakers, and in a substation each of these breakers will have as a very minimum remote trip indication requiring a pair of wires back to a telemetry concentrator to feed the signal back to the control centre. These days they want to be able to monitor status (open/closed/tripped) and control it (open/close) - which would require something like 4 pairs per breaker all wired back to the concentrator.

By networking it, they can have one network connection to a breaker, it can provide much more information (eg reason for trip - short term fault or longer term overload), perhaps report the actual load, and they can program it remotely rather than an engineer having to visit site to manually twiddle some control or (with newer kit) hook a laptop up to it.

Large hardwired control and monitoring systems use a LOT of wires, and in a large plant they can be long ones at that. By adding networking, a lot (and in some cases, all) of that can be condensed down to one or two networks - though there are some functions (especially safety critical ones) that will probably remain hardwired for a very long time.

1
0

Call the Cable Guy: Wireless just won't cut it

SImon Hobson
Silver badge

Re: Direct wiring

Have a downvote for missing the point of structured cabling. It's structured cabling, not network cabling. I'm guessing you must be one of those stupid people who put structured cabling in for the network, and then run separate cabling for the phones, fax, serial terminals, serial printers, ISDN-2, video, ... All things I've run over structured cabling over the years - never used token ring or twinax but I'm sure some here have. OK, I'll admit that most of these are on the decline, but defintely not completely dead yet.

Fine, if you really rally are never going to use any of those then go ahead and fully patch every port to a network switch, but ... It means you are either spending a lot more than you need on unused network ports, or it means you're one of those that ignored advice and only put in a fraction of the points that would be recommended by people with experience. And of course, with the rise of PoE, every port will need to be PoE enabled - otherwise you are back to having different types of port again, and PoE ports don't come cheap, especially on business class switches.

I have experience with manglement just absolutely refusing to pay for the points recommended and then finding a shortage (and hence switches under desks) on the day they moved in, but on the flipside having put in what I'd recommended but having points unused when one or more foreseeable layouts didn't get used.

1
0

Blighty starts pumping out 12-sided quids

SImon Hobson
Silver badge

Re: But, but

> The old thuppence and the new quid probably do have the same relative buying power ...

You beat me to it, it's probably a sign of the amount of inflation over those years. Thinking back at what I could buy with thruppence, it was less than I can buy with a quid now - so not quite equivalent, but also not that far off ! And at the local flicks, they are showing some retro adverts - the one relevant to this is for Fry's Chocolate Cream which was clearly "1/-" (ie 4 thruppences) on the paper sleeve in the ad, but's its less than 4 quid now.

2
0

Pothole campaigner sprays Surrey street with phallic paintings

SImon Hobson
Silver badge

Re: Ideal use for a 3D printer

> http://news.bbc.co.uk/1/hi/magazine/8529964.stm

Yay, so they actually made it into production then. I remember one being demoed on Tomorrow's World. For the readers under about 40, that was a popular science program on (BBC) TV many years ago that primarily reported on new technologies.

On our street a few years ago, it needed resurfacing. But there were one or two bits that weren't too bad. So they left the not too bad bits - with the result that now there are gaps and holes every few feet where the joins were left. Plus more holes all along the sides where they left a join with the old tarmac rather than work to the edge of the road which would have meant some manual work as it's a dry stone wall.

1
0
SImon Hobson
Silver badge

> ... when you have to spend £2k repairing ...

As long as you have evidence that the council knew about the pothole (and failed to repair it promptly) then they will pay out for repairs. They know that if you can't be fobbed off with the "nowt to do with us" type letters and you take them to court then they'll lose. But you (or your colleague) may have to persist a bit.

> I've actually had Surrey roads "engineers" tell me they know XYZ road is full of potholes but they have zero intention of fixing them

Which means they are automatically liable for any damage caused to vehicles as a result.

I know people who've had the council pay for new tyres and wheels.

1
0

Met plod commissioner: Fraud victims should not be refunded by banks

SImon Hobson
Silver badge

Re: Disabling an RFID card.

> Credit and Debit Cards don't have RFID chips in them.

What planet have you been hiding on for the last few years ?

In the UK at least, I think most (all ?) the banks have now taken to issuing RFID (aka contactless) cards - some of them several years ago. I know because I've had "discussions" with every bank I do business with regarding having a non-contactless card.

Some have been quite OK - just told them I wanted non-contactless and they obliged.

One was willing but it needed a bit of a workaround. The lass at the other end had to issue a new card (they've cancelled the old one as they'd detected fraud), then cancel that, and only then send a new non-contactless replacement !

And one point blank refused - so I told them "in that case your card won't be in my wallet".

And as to the outright lies they tell. The good old one is "you'd get your money back if it's fraud". Yeah right. I know someone who's been on the receiving end of that "guarantee". Like heck did he get his money back. He was unlucky enough to have his account emptied (well run up to it's overdraft) just after pay day. They sent a long list of transactions and he had to identify the ones that weren't his - but they wouldn't take his word for it, he had to "prove" that it wasn't him as the money was spent locally. Some he could prove from work timesheets - commercial driver so he could prove he was elsewhere. But for some he couldn't. The police were useless - well actively obstructive. He observed that significant amount had been spend on food and drink, so he asked the copper if he'd contacted the establishments to ask them to retain any CCTV that might show the criminal at work. The copper responded along the lines of "when I get round to it", but when my mate said he was going to go round and ask them, the copper threatened to arrest his for interfering with a police investigation !

And given that security researchers have proved (not suggested, but actually proved) that bank (and in particular, card) security has holes - yet the banks still persist in their 100% secure lie ...

Pop over to https://www.lightbluetouchpaper.org/ and you'll find some interesting and quite frankly frightening news.

1
0

Ofcom wants to crack down on pisspoor BT Openreach biz lines

SImon Hobson
Silver badge

> “Dark fibre is a flawed piece of regulation that introduces an unnecessary layer of complexity and will deter others from building their own fibre networks. It is at odds with Ofcom’s recent statements about increasing competition at the infrastructure level. ...

But in reality it makes no sense whatsoever to have competition at the street cabling level. It makes no more sense than having competition at the street piping level for water and gas, or the street cabling level for electricity, or even at the street level for streets themselves.

It's a natural monopoly at that level - so it makes sense to treat it as such. All it needs is to effectively regulate any provider to avoid the situation we have at the moment where "independent" BTOR does just what suits it's owners - and the accounting is opaque enough to hide and hidden cross subsidies.

0
0
SImon Hobson
Silver badge

> They could stop leaving useless answerphone messages ...

Lucky you. They could also try posting letters to the correspondence address they've been given, rather than the empty premises the line has been ordered for. If you're lucky the tech will turn up and ring to ask where you are (in which case - "I'll be right there, we weren't told you were coming today"). I'f you're not lucky, they'll turn up, find a locked up empty shop, and piss off without even telling you that they've cancelled the order !

Of course, that's after you've managed to persuade the local engineering manager that yes, there are actually BT phone cables into the building - and yes, they do come from that BT DP on the wall in the back street. With one premises they point blank refused to accept that it was there without me going and getting the DP number off it !

0
0

PC World's cloudy backup failed when exposed to ransomware

SImon Hobson
Silver badge

Re: Something doesn't add up here...

> if you get pc world to do your IT then you are asking for it

But if you know nothing about IT yourself, how do you assess whether that big high street outfit that seems to know what it's doing is actually any good ?

In reality, she was one step better than a lot of people, at least she (thought she) had a backup of some sort - how many people have no backup whatsoever ?

2
0

Apps that 'listen in' to your mobile get slapped by US watchdog

SImon Hobson
Silver badge

Re: I'm shocked

> God help us all we really are just dollar signs to these type of people.

Got some bad news, we have been for a long time. There are no scruples in marketing - at least in certain areas of marketing. Basically to many it's simply a matter of whatever they can get away with - and as long as the "cost" is less than the profits then nothing is out of consideration.

0
0

How Microsoft copied malware techniques to make Get Windows 10 the world's PC pest

SImon Hobson
Silver badge

Re: Can this be legal?

> ... question whether or not Microsoft's actions are actually legal in the first place?

In the UK I don't believe they are. I've commented earlier with respect to visually impaired users, and I believe they are probably committing an offence under the UK Computer Misuse Act for starters. It's clear that many of the people having this foisted on them do not want it, and would not authorise it if given a real choice. The fact that MS don't actually state what the update they are pushing on users actually does should pretty well remove any defence of "the user approved it by installing the update".

Then for those where it fails and causes them problems, there could be an argument of Criminal Damage - also a criminal offence.

As since the spyware is not laid out in a meaningfully clear way, and the user does not get to give informed consent (or in reality, even uninformed consent) - there is also the issue of Data Protection offences which unfortunately (see other stories on The Reg) a criminal activity I believe.

And to finish off, since we can probably assume some of this data goes outside the EU, and specifically to the USA, then there is another question to be asked under data protection laws.

EDIT:

And yes, you raise a good point about office documents. There isn't really anything to stop MS stuffing something into Office updates to also circumvent users attempting to avoid the upgrade. One thing I think we can probably look forward to is Office updates with a minimum OS requirement that excludes pre-10 users, and with format changes so users of earlier versions can't work with the documents. Ie if you don't run up to date office you can't work with documents people send you, and you can't run up to date office without running W10. It's something both MS and other vendors (Quark, you complete and utter b***ards) have used in the past to force upgrades.

0
0
SImon Hobson
Silver badge

Re: Aesop's Fables: The North Wind and the Sun

> ... I am applauding Apple for their stance on privacy

What ! Apple and privacy ? You don't have any if you use their stuff - at least not unless you turn off some actually useful features and find a myriad of obscure and unrelated settings to turn off the telemetry they have. Might not be as bad as MS, but they certainly don't respect your privacy either.

For example, did you know that by default, whenever you type or edit anything in the Safari address bar, the entire text in that box is sent somewhere unspecified to be used for something unspecified. Not just the characters you type, but the entire contents every time you change it.

0
0
SImon Hobson
Silver badge

> I recently rebuilt a laptop for a blind friend of mine.

How "pushy" are you and your friend ?

As I see it there are several potential criminal acts here :

1) Someone has already mentioned Disability Discrimination

2) Computer Misuse Act - MS are "doing something" to her computer that's not been authorised* by her.

3) It might even be classed as criminal damage.

So if you are "pushy" enough to pursue it, then this is probably the best sort of case to go forwards with. Probably worth getting in touch with the relevant charities as I'm sure they'll be somewhat interested in what's going on and may already have "things happening".

* No MS, me not turning off updates and you clearly misusing the system to push your nagware does not mean that I have authorised you to push it !

1
0
SImon Hobson
Silver badge

Re: Finally confirmed my belief...

> Windows 10 is a security upgrade in many ways from older Windows versions

It may be, but it is *NOT* a "security update"

> so it's not "subverting" the channel.

Yes it is.

If it were just a security update then it could update Windows 7 to ... Windows 7, make no changes to the way the user uses it, make no changes to the way existing programs work, and absolutely not add outright spyware to send unknown data to unknown places and automatically give your kids' friends' friends access to your WiFi !

And yes, I wish I could downvote you more than once !

2
0

Glasgow boiler firm in hot water for cold calls, cops £180K fine

SImon Hobson
Silver badge

Re: Something doesn't add up...

> Our voice processors ... could set any originating telephone number, or none.

But your telco would block any numbers that weren't permitted. In simple cases, that would be numbers on that line, but I'm sure there were processes to allow other numbers (such as the main call centre contact number for large orgs) to be used.

The problem is that with the rise of really cheap international calling (via oversees carriers with little motive to do the right thing), and VoIP, there are links in the chain that are much much weaker. I deal with VoIP at work, and the provider we use basically relies on the reseller to vet applications for "foreign" CLI presentation. As we are a reseller, I could easiler permit myself to spoof any number and in reality there's not a lot anyone can do about that.

I think the main target should be within the industry, and telcos where the CLI isn't trustworthy should get some sort of restrictions placed on them until they either go bust or improve their processes. So basically, if a telco is caught allowing spoofed CLI - they should have all their CLI blocks and all their calls flagged as number not available or number withheld (that would allow easy call screening) and unless the telco's only customers are spammers, they'll be under commercial pressure from their custoemrs to "fix the problem". Or even just refuse to accept calls from such carriers.

Now, if the ICO named and shamed the carriers responsible, there's scope for an industry blacklist and a new product to sell to customers "call blocking from spam friendly carriers". Don't expect it from any of the big names, they won't want to miss out on the revenue they get for terminating the calls.

0
0

Polite, helpful? Stop it at once in the name of security

SImon Hobson
Silver badge

Re: Security helpful...?

> No, because the door would unlock in the event of a fire alarm

Well perhaps it should do ...

>otherwise someone is going to find themselves in court when that person burns to death.

but that won't help the chap behind the locked door !

0
0

David Cameron hints at Budget law change to end mobile not-spots

SImon Hobson
Silver badge
Pint

Re: Farmer Jones.

Now I've got Farmer Jonesie's Travellin' Disco Show stuck in me 'ead.

http://www.wurzelmania.co.uk/songsD-F.php

Hint, when you likes a band as a young child, and especially if they weren't exactly youngsters back then, don't see them at a country event when you're an adult. It spoils the memory when you see them and say out loud something like "blimey, they're getting on a bit" before you can stop yourself. Ah, a glass of scrumpy, the only beverage I learned to like !

1
0

Data protection: Don't be an emotional knee jerk. When it comes to the law, RTFM

SImon Hobson
Silver badge

Re: ... this will validate EU/US data transfers once more...

> What it will do is give companies enough legal cover to claim that they are compliant until someone like Max takes another case through the courts.

Indeed, it will be, at best, a very temporary reprieve - and will last a lot shorter time than Safe Harbour (I'd guess months rather than years). Because I assume the likes of FarceBork will quickly use it and Max will be back in court with the same case again. All the evidence is already there, already assessed by the court, and nothing significant will have changed.

Anyone who uses Safe Shield will be an idiot, and will find themselves in the brown stuff once it too is declared worthless. Well not quite worthless, though I suspect printed material like that isn't very comfortable for use in "the little room".

The USA, and any company with a presence in the USA, will be off the friends list for a long time - basically until the US government caves in and changes it's laws in ways it so far shows no interest in doing. In fact, so far it seems to be negotiating Safe Shield, while at the same time making it's laws even more incompatible with it.

10
0

Microsoft has made SQL Server for Linux. Repeat, Microsoft has made SQL Server 2016 for Linux

SImon Hobson
Silver badge

Re: Oracle has to hate this news

With a sensible implementation you NEVER have issues with multiple calendars. Just store the date in some calendar agnostic way (yes I know the baseline won't be calendar agnostic) and convert to/from the user specified calendar as required. That's what Unix systems do - storing timestamps as "seconds since epoch" and converting it to a user understandable date/time using the calendar and timezone rules currently set.

1
0

BBC telly tax drops onto telly-free households. Cough up, iPlayer fans

SImon Hobson
Silver badge

Re: Then start showing ads

> And dump the ridiculous license fee

As with the others, please no - that is the worst way to go.

I think most people agree that the licence fee system is flawed - but it's significantly less flawed that the alternatives. Let me explain the outcome of making the BBC into "just another advert funded channel" ...

Advertising income depends on eyeballs, eyeballs on screen means "popular" material, popular material more often than not means "lowest common denominator". So the high quality programs that perhaps don't get huge audiences will go. In the end it'll be wall to wall dross at the level of "Strictly Come X Voice" and "East Dallasty Side Street Neighbours". As well as the type of program, quality will drop - costs will be cut, so what "period drama" does get made will be less detailed (Mr Darcy wearing a nylon shirt from M&S anyone ?)

And while the BBC are swimming frantically to the bottom of the pond, the other channels will be leading the way. Because we do have some very high quality programs, without as breaks, on the BBC - that sets some expectations, and the knock on effect is that the other channels at least have to maintain some semblance of quality if they want eyeballs on screen. Take that away, and if the BBC can get away with (say) 3off 4 minute ad breaks during a "one hour" program, ITV will figure they can get away with 5 or 6 minute breaks - or 4 minute breaks 5 or 6 times during a "one hour" program.

If you don't believe me, take a trip to the USA where you'll find a typical program starts (after an ad break) with the cold intro, then an ad break, then the title, then an ad break, then the first segment of the program, then ...

What a US import (Ice Road Truckers is a good one for the effect) and you'll eventually notice that many times the voiceover will say something along the lines of "coming up ..." quickly followed by "<someone> just did <something>" - that where in it's original form there's have been another ad break that we (thankfully) don't get.

4
1

GDS gets it in the neck from MPs over Rural Payments Agency farce

SImon Hobson
Silver badge

Re: dial up speeds...

> For filling out a few online forms you really only need dial-up speeds

Yes you'd think so, but by the time the process has been bloated with "eye candy", large images, buttons that are images so must be downloaded before you can see what they are (rather than "cheap" text links), etc, etc - each page can quickly be something you don't want to download over dial-up.

You only need to look at other sites that have been destroyedimproved by GDS to see that the designers assume large hi res screens and "ample" bandwidth.

6
0

How will Ofcom reduce our reliance on BT if it won't break them up?

SImon Hobson
Silver badge

Re: It doesn't have to be wired

You are lucky, it seems that BT have something of a history of telling people "sorry, no fast broadband for you - not economic", then when it looks like something else will step in, they'll announce that "actually we will be providing service soon". "Soon" seems to be flexible - if the alternative suppliers pull out (can't compete if BT take most of their customers) then "soon" can stretch out a bit.

Not too far from me is such a community project http://b4rn.org.uk

They have tales of some of the villages they serve suddenly going from "never" to "soon" once BT found out about the competition's plans. As far as I can see, it seems to be doing alright, and they have another project on to go west from Lancaster http://www.b4ys.org.uk - though as one of our customers (who would love it, and could contribute being a land owner) puts it, "I don't think they've realise how much rock there is".

0
0
SImon Hobson
Silver badge

> It doesn't matter who owns Openreach as long as its run on commercial lines they have to worry about competition rules, have to be careful about cross subsidies, have to make some sort of profit and the cash to put fibre into every home would have to come from somewhere.

Indeed. But the big problem which OfCon have kicked off down the road for someone else to deal with later is that BTOR isn't truly separate in it's accounts. Yes it is, in theory, completely separate - but only by "management accounts". Thus by being creative with account practices, they can do all sorts of things - effectively hiding issues like cross subsidies, and also very important, hiding different interfaces (eg BT getting preferential treatment even though it's not allowed).

But even if you solved that, as long as BTOR is owned completely by BT, then any decisions it makes will be the ones BT want it to make - and that means they will be ones that support BT's dominance.

1
0
SImon Hobson
Silver badge

> There were some very good points in there, but they were drowned under "Conservatives did this, which meant that our glorious leaders plans to do that were undone" blah blah bloody blah.

Indeed, it didn't go long before making (factually incorrect) pot shots. One that stood out was "Google and Facebook are criticised – rightly – for not paying taxes on revenues equivalent to the GDP of some countries".

For a politician to have such a poor grasp of really really basic tax principles is rather a poor show. Firstly, no business* pays tax on turnover - they pay tax on profit. Secondly, it's allowed for business to offset costs* against their income to work out a taxable profit. And thirdly, it's accepted internationally that profits are taxed where they are earned.

Our very own HMRC grilled Google for 10 years and only found minor issues in the tax they paid on profits earned in the UK. They grilled Vodafone for some time before agreeing that Vodafone didn't owe much tax on profits earned in the UK.

* There is now an exception in that the clueless f**kwit in No 11 has decided that those in the business of putting a roof over someone's head should be taxed on turnover and not profit. In a clear act of political point scoring, he's directly responsible for putting rents up for a lot of tenants, and the measures are already in the early stages of a judicial revue for breaches of human rights law and (IMO) more importantly illegal state aid as they explicitly give a tax advantage to a select class of businesses.

1
0

Toaster cooks network and burns 'expert' user's credibility to a crisp

SImon Hobson
Silver badge

Re: We frequently used to get people plugging fan heaters into the "clean power" plugs

Ah yes, the fan heater incident ...

We had one of those. The customer has a large unused (and officially empty) "upstairs" which at some point will become office space as they grow. The server room is also up there out of the way. When I fitted out said server room, I provided some sockets off the UPS in places convenient for powering stuff in the cabling rack - and labelled as something like "UPS maintained - IT equipment only".

One day (a couple of years after this was all installed) we get an "angry" phone call demanding to know why we had installed such crap equipment as the UPS was beeping madly and it's all our fault for installing rubbish. I think many of us know the sort of phone call.

I believe one of my colleagues remotely checked the UPS status and found it in overload bypass.

After a bit of questioning, it was determined that a member of staff working upstairs (they use it for storage of their marketing stuff, I guess they were probably preparing some sort of mailout) was a bit cold, and seeing as there was only one socket at each end of the space, decided the sockets in the server room were more convenient - for the fan heater.

Strangely, when they came to us with long list of gripes* at a meeting, this one wasn't made a big deal of it.

* Many of them of the "why doesn't this work ?" "Well we've been suggesting for ${long period of time} that this part of your system isn't fit for purpose but you refuse pay for a new system" "It's still your fault".

1
0
SImon Hobson
Silver badge

> My indoor TV aerial took some cunning positioning

I have a friend that lives at a fairly low level near the sea, and his TV signal comes from a transmitter somewhere past across the bay. His signal strength varies with the tides, because of multipath effects between the direct signal, and the reflected signal off the water - with the path length varying with tide state. I suspect it would also depend on sea state - with a flat calm surface being a good reflector, and a rough sea being a bad one.

My grandmother used to live ina valley, relying on the TV signal diffracting over the hill, and reflecting off the cliff opposite (High Tor, Matlock Bath). She loved watching the snooker - even with 3 to 6 sets of balls on the 3 to 6 tables, there was a lot of ghosting !

0
0

Canonical accused of violating GPL with ZFS-in-Ubuntu 16.04 plan

SImon Hobson
Silver badge

Re: One last missing point on distribution

> I'd like to see examples of "it's that the ZFSoL developers, to get around that incompatibility, just stole code from the kernel

See the link Jeremy posted earlier ...

But, there is in fact a possible easy way round that. Provided the author of that line of code (and anything else allegedly stolen from the Linux kernel) can be identified AND he/she has not assigned copyright to someone else, there is absolutely nothing whatsoever stopping that person from also licensing it under the CDDL - which then makes the problem moot.

And as to "why does it work for nVidia ?". Apart from the way they distribute it - a binary module and a source shim to be compiled for the kernel in use - nVidia are able to give permission for their code to be distributed. I would not be at all surprised if (as has been mentioned) they actually like the module being shipped since it allows people to use their hardware - and if people can use their hardware then that's good for sales.

Of course, there's no such upside for Oracle, so I could see them spotting an opportunity for a shakedown ...

0
0

Gosh, what a huge shock. Ofcom shies away from BT Openreach split, calls for reform

SImon Hobson
Silver badge

Re: Surprised

> Not that BT won't sell itself off when the right opportunity arises anyway.

No, BT won't sell them off for the same reasons they've been fighting this. Owning OpenRetch gives them control - it means that when OR are making strategic decisions, they'll make them in a way that's beneficial to their owners (BT). For example, when deciding what services to provide at any location and at what cost, they can tilt the field in favour of BT.

For example, for a long time, we had no FTTC round the office (even though almost all other cabs in the town were enabled) because the cabinet didn't serve many (if any) residential customers - an effect reported on from around the country. This forces businesses to either make do with ADSL or buy "more expensive" options. Even if those other options aren't from BT, it makes BT's leased lines business more competitive without having to slash prices.

In the past, you only have to look at the features they left out of ISDN-2 to see how this was designed to not damage their leased lines business.

Without control of OR, BT becomes "just another provider" - ripe for having it's services picked off by more nimble competitors.

4
0
SImon Hobson
Silver badge

Re: USO?

> an obligation to connect a telephone for anyone who wanted one, anywhere in the UK, for the same flat rate everywhere.

Yes and no. They had to connect anyone who wanted connecting, but it wasn't a flat rate. There is a standard connection charge for a line, but if you have something that needs extra engineering then they'll charge you for that - and boy do they know how to charge ! I recall I used to take an interest in such things many years ago, but I've not seen prices for over a decade, and back then they charged £1,000 per 100m for trenching (I think that was in a street, open country might have been cheaper). Similarly there is a charge per pole for running a line of poles to fit you a phone line in Middle-of-Nowhere Manor.

So yes, there is a universal service in that you can have a phone just about anywhere - but realistically there are plenty of places you would not be prepared to pay for it.

Much the same applies to the argument about "but we've allowed it for years" regarding access to ducts and poles. Yes that's true, and the complaint from those that aren't using that facility is "it's too darned expensive" - ie BTOR charge a third party a lot more than any notional internal charge for using it themselves.

Even ignoring this, economics of scale still apply - if BTOR have a 500 pair cable up the duct from the exchange to my local PDP then that's going to be fairly well utilised and each active line will take a fairly small amount of space in the duct (ie the size of the large cable divided by a fairly large number of active lines running through it). If Lower Uppem Community Telco want to rent duct space, they may be starting off with only one or two users - and they'll have to pay substantially more per line because they'll have a smaller cable with fewer pairs, and even fewer active connections. The size of a (say) 50 pair cables is far far more than 1/10th of the size of a 500 pair cable, and I assume part of the pricing is the duct space used.

But back to the article, the decision is disappointing - BTOR is still owned by BT, and it doesn't matter what rules are put in place, a business tends to make the decisions it's owners want them to make.

3
1

Whatever happened to... virtual SIMs?

SImon Hobson
Silver badge

Re: Mobile Phone is an App in the phone...

> The virtual SIM would also be a standard, you would be able to use any operator who can provision your virtual SIM

Downvote for being so naive as to believe that. The reality is that you will be able to use any operator that the controller of your device will allow you to. That is what was behind Apple's move - not user convenience (that's just a side effect), but the ability for Apple to have a hand in your ability to connect to a mobile network.

So instead of buying a SIM from whichever carrier (real or virtual) you want and popping it in, in the Apple world, you'll have to connect your device to Apple's infrastructure and select from those operators Apple permits you to use. In reality, that comes down to "whoever will give Apple a cut of your spend". Pretty well everything Apple's done in the iStuff world lately has been down to ensuring that Apple gets it's cut (30%) of everything you spend - and there's no reason to believe other vendors will act much differently.

And puzzled by the expression "controller of your device" ? Well when you buy an iThing, you may have purchased the hardware, but you only have a licence to use the firmware and software on it. In reality, Apple keep a pretty tight reign on what you can use it for - only connect stuff they approve (ever tried connecting a non-approved Bluetooth GPS ?), only run software they approve (via their closed store, they take 30%), only read stuff they take a cut of (c.f. how they changed the rules to prevent newspapers selling a subscription other than through Apple's pay system - allowing Apple to keep your identity away from the paper (Apple gets to sell advertising, not the paper) and taking their 30%), and so on.

Having control of your access to a mobile network would be the cherry on the cake for them.

3
1

Is DNSSEC causing more problems than it solves?

SImon Hobson
Silver badge
Pint

Have an upvote for the NTNOCN reference

Yes, I agree, some basic filtering wouldn't go amiss, and for parts of the internet that won't - well cut them off. The only reason these amplification attacks work is because the ****s can spoof source addresses.

I realise it's not as trivially easy as "drop packets with a source address that doesn't route out that way" due to asymmetric routing - but at the ISP level there shouldn't be much of a problem with "it's not one of our blocks, drop it" filtering.

As a DNS server operator, apart from having filtered the address blocks I service, I'm thinking that imposing an artificially low packet size threshold before switching to TCP would also mitigate the problem since large responses would get converted into small "please use TCP" responses. A bit more load, but having seen what DDoS attacks can do to my DNS servers I'd rather have that than be part of the problem. I've already implemented response rate limiting.

1
0

FBI says it helped mess up that iPhone – the one it wants Apple to crack

SImon Hobson
Silver badge

Re: Cook is just grandstanding

Missed the real biggie - the way they've rigged Safari to send a lot of information to Apple (and Google ?) by default. What's more, you can't turn this off without also turning search hints.

So what does this actually mean in practice ?

Well in the older versions, Safari had a search box - and I don't think many people would be surprise (or worried) that what you type into the search box is sent to a search engine. The address box was a separate entity, and whatever you types there was NOT sent to Apple or any search engine.

In current versions, they've combined the search and address boxes - to make something that's a flipping sight harder to use (I get really really annoyed at the times I have to specifically go to a search engine page to search for things that Safari wrongly thinks look like a URL, and conversely, get even more annoyed when things that actually are a URL are treated as a search term).

So you start typing a URL - with every keystroke, the entire URL is send out to ${somewhere}. That includes if you edit an existing URL - which of course could be a crappy internal system that encodes a lot of stuff into request parameters ...

So to stop that leakage of information, you have to turn off search hints (and IIRC a couple of other things) - but of course you also need to know that you need to do this. But that then means your searches are "less convenient" all because a few people can't cope with the concept of "if you want to search, tell it to search" !

0
0

Dan Kaminsky is an expert on DNS security – and he's saying: Patch right God damn now

SImon Hobson
Silver badge

Re: Actually, I more confused now.

> But, but, but - if my kernel isn't built with IPV6, then surely the request isn't processed but dropped?

This has nothing to so with the stacks compiled into your kernel. The client programs will probably still make dual-stack queries, and get dual-stack replies for services with both A and AAAA records. When your client program (browser, email client, whatever) get the reply, it'll see that there are no IPv6 interfaces it can use and so will ignore any AAAA records it's given.

But the DNS lookup and result will still be the same, so still capable of triggering the bug.

It's possible that the client may see that it has no IPv6 interfaces and so only request A records - but I suspect most clients won't bother doing this. In a way, while it would be more efficient on DNS, it's redundant since AAAA records will get ignored later when the code (which must be there) is looking to see which interfaces it can use and selecting one.

1
0
SImon Hobson
Silver badge

> OK, I understand that, but you still haven't explained how a blackhat controlled DNS can get to answer queries down the chain?

OK, so you (through whatever means) get a client to lookup some url - perhaps you manage to embed it in compromised web sites, put it in spam emails, whatever. The client looks up the url, say screwme.evildomain.com using it's internal mechanisms. The software stack on that client will pass the query up to it's configured name servers, which will pass the query on up until a recursive resolver which finds the nameservers for ervildomain.com and asks one of them for the answer to "where is 'screwme.evildomain.com' ?". The authoritative nameserver will give an answer that is carefully crafted to trigger the bug, and this will be faithfully passed back to the client - and cached by any nameservers handling it.

A typical chain for a home user would be : user's machine -> home router -> ISPs resolvers -> scrote's authoritative servers for the query, and the reverse chain for the answer.

So the scrote trying to use this bug doesn't need to intercept anything, he just needs to get the client to query a name in a domain for which he controls the nameservers - the standard DNS resolution mechanisms take care of getting the query to his nameservers, and the answer back to the client.

1
0

Ofcom must tackle 'monopolistic' provider BT, says shadow digital minister Chi Onwurah

SImon Hobson
Silver badge

> Might be an interesting read. Is this what you're referring to?

Yes indeed, that is it.

> If so then this might have been Ofcom's attempt to address it.

It might have been an attempt, but a completely lame and innefectual attempt.

1
0
SImon Hobson
Silver badge

> At an infrastructure level, Virgin Media and many other independent networks compete with Openreach across large swathes of the country

Ah, now that's a statement any self respecting politician or PR frontman would have been proud to come up with. Completely true and so not challengeable, but completely irrelevant and misleading !

Yes, there are multiple outfits with national networks. But WTF does that have to do with the question ? Answer - SFA !

This is all about "last mile". The local exchanges round here all have competition to BT in the infrastructure and backhaul - what they don't have is anything but OpenRetch pre-corrodoed copper string. And that bit between the exchange (or PoP) and the premises is a natural monopoly - just like you wouldn't expect two (or more) lots of roads, two (or more) lots of sewage/drainage pipes, two (or more) lots of clean water pipes, two (or more) lots of gas pipes, etc, etc.

At our office we actually do have an non-OpenRetch fibre connection. But that's a historical artifact and probably relates to exchange of amounts of cash in the direction of Norweb (or more probably, Norweb Telecoms) back when the area was redeveloped from a redundant and contaminated industrial site to modern industrial & office buildings - and the network covers nowhere else. Since then they have not, as far as I know, laid so much as an inch of new ducting - and I believe that Vodamoan who now own it as part of their acquisition of Clueless & Witless would actually like to decommission it.

It should also be pointed out that BT enjoy a tax advantage over any competition. AIUI, and perhaps ElReg would like to investigate if this is the case and report on it, it goes like this.

If you are ANOther network operator, your ducts, poles, radio masts, etc will all get assessed for rates according to what profit the rates assessor things they could make if fully utilised. Hence you either have to have them fully utilised to pay their way, or remove them because they make a loss - and having them fully utilised is "unlikely" to happen. We actually know of customers cut off when such networks closed down in the wake of the ratings change. OpenRetch don't have this millstone and hence enjoy a tax advantage over any competitor.

2
0

SAP’s Byzantine licensing leaves its customers feeling exposed

SImon Hobson
Silver badge

> ... complex and “opaque” licensing conditions ...

You've just described pretty well any software licence from any major vendor. It's not in the vendor's interest to make licensing easy - they'd rather it be difficult so the user either a) buys stuff they don't need, or b) doesn't buy something they do need and so are doubly hit with penalties as well.

Perhaps there should be a rule that if the account executive can't explain everything without referring to notes then it's not simple enough !

3
0

Virgin Atlantic co-pilot dazzled by laser

SImon Hobson
Silver badge

If you are far enough ahead (or to the side), then you can shine into the front windows - in case you hadn't noticed, the cockpit windows are primarily for forward vision (with quite a bit of sideways vision) and they don't actually have that much upwards vision ;-) Even if you don't have direct line of sight to the pilot/co-pilot's eyes, you only need to get into any of the windows and you'll get reflections around the cockpit. From the side, you probably have a better bet at hitting a crew member.

As for aiming, well to start with you have an aiming device built in since in most atmospheric conditions you'll get a line of light visible from all the water droplets and dirt particles scattering the light. A bit like tracer rounds but travelling at the speed of light ! You only need a momentary hit to cause problems.

But as mentioned, the problem is catching the b'stards. Apart from the clueless f**kwit who decided to shine one at a Police helicopter with high quality video recording, most are unlikely to be caught other than by chance. Short of equipping all aircraft with high-res video cameras, I can't see any easy way round that fundamental problem.

Offering rewards is unlikely to be any good - all the accused has to say is they didn't shine it at an aircraft and they are off the charge. No evidence, no conviction. I doubt if many people are that disliked that multiple (enough to convince a judge) of their "mates" will stand up in court and testify that they did in fact laser an aircraft !

1
0

Page:

Forums