* Posts by SImon Hobson

824 posts • joined 9 Sep 2006


Last flying Avro Vulcan, XH558, prepares for her swan song

SImon Hobson

Re: A little damage was enough

Indeed, it was a major operation, a marvel of planning and logistics, and something I doubt we'd see today - "too hazardous" since there were many problems that could happen, leaving one or more aircraft unable to refuel or reach land.

But, as you point out, while the damage was minimal - it showed that we could and would attack them even though they thought it was too far away to be practical. I guess it's like playing cards - you don't have to hold all the aces if you can make your opponent think you hold them.


Driverless cars deal DEATH to Detroit, says Barclays

SImon Hobson

Re: Not for everyone

>> Most likely by communicating with oncoming traffic, with both cars adjusting their speed so that they meet at one of the passing places.

And when the other car isn't similarly equipped ? Or best of all, the road isn't actually quite wide enough if you take the "machine vision" view of it ?

>> If reversing is necessary at any time, that is something where I think a self-driving car would have the biggest advantage compared to a human driver.

I know I won't be the first to have fun when meeting a driverless car on a narrow road. We'll be able to have you reversing for miles, and when you do get going again, you'll meet the next commuter intent on having fun. Oh yes, I predict lots of fun when they do eventually arrive - or not arrive since I could see a simple journey taking a long time :-)


Microsoft's certification exams: So easy, a child of six could pass them. Literally

SImon Hobson

> Is there a minimum age before you can be a pilot for paying passengers?


(In the UK) For a basic PPL you can start at 14, go solo (ie fly on your own, but still under supervision of the instructor) at 16, and get your private licence at 17. That effectively puts a lower limit of 17 on starting any commercial training, which itself (for an intensive course) will take a year and cost you in the order of £40k to £50k last time I heard any numbers (probably more by now). That will take you to co-pilots seat in a budget airline, and from there you spend years climbing a greasy pole.

If you are very very good and very very lucky then you may get in with Virgin or BA who I believe still take trainees without a private licence and take them through to commercial. But that has to be one of the hardest gigs to get - I can imagine they get a lot of applicants !


Robots.txt tells hackers the places you don't want them to look

SImon Hobson

Re: It has it's uses

> Normally they return a long list of recommendations of varying degrees of severity

And then the PHB sees "anything" flagged up on a report and demands that it be fixed - without consulting those whose area it impacts. I've been on the receiving end of this at a previous job ...

In that case, it was assessors for our parent company's insurers. One thing they flagged up was that they expect to see an account and the terminal blocked after 3 failed logins. They didn't ask us, we weren't even aware they'd been until "management" came along with a list of things we *must* fix.

Had we been asked at the time, we'd have been able to point out that the OS didn't in fact have a means of locking an account like that (it was a looong time ago), and locking the "terminal" really really was a bad idea and was guaranteed to cause problems without adding any security. But we were instructed that we must do it, so we complied and waited.

Sure enough, it wasn't long before the random "I can't log in" calls came in - from all over the company. You see, most users were on dynamic terminals (TCP sessions), one virtual line was blocked, and of course, once all the lower numbered lines were in use, that was the one that people hit when trying to log in. The only exception was if two people were logging in at once - when that locked line would be temporarily in use for a short time and allow others to log in on other lines.

Sure enough, we were allowed to turn off that feature !


So why the hell do we bail banks out?

SImon Hobson

Re: reserve lending.

> the theory is, that 10% of loans go bad, so you need to keep 10% of your loan book *as liquid assets*

I don't think you get the difference between liquidity and profitability.

If 10% of your loans go bad, then you need to charge roughly) 11% more for a loan than you pay for your borrowing. Ie, the 90% of loans that don't go bad, have to finance the 100% of your borrowing.

That is simple profit and loss.

Liquidity is something different - as explained in the article.

Bank borrows a chunk of cash from it's depositors - ranging from *very* short term (ie I get paid at the end of the month and I don't (quite) spent it all at once), through short (say 90 day notice accounts), and medium (various 2, 3,5 year deals). They lend that to some bloke called bollos as a mortgage - for (say) 25 years. Lets assume bollos is a good chap and pays back the mortgage in full - no losses there. But, if the people who lent their money to the bank all want it back quickly - then the bank can'/t repay it there and then. Not because of any bad debts - but simply because they've loaned it out for a longer timescale.

If the depositors wait, then they can all get paid back as bollos pays off his mortgage - and after 25 years they'll all have been paid back in full.

Much the same applies to businesses. There is profit and loss, and there's cashflow.

Put simply, if you sell stuff for more than it costs to buy in/make it plus the costs of paying staff, R&D, rent, etc - then you make a profit. If you sell more, then you make more profit.

But if (say) your customer only pays you 3 months after you have to buy stuff in, and your supplier insists on being paid in 1 month, then you have a funding gap - your cash has to go out before it comes in. So you need some cash reserves - and the more you sell, the worse that becomes.

As an aside, regardless of profitability - most businesses fail on cashflow. Some fail while being healthily profitable, and with good order books.


UK safety app keeping lorries on the right side of cyclists

SImon Hobson

Re: 100M£

> "Every motor vehicle shall be so designed and constructed that the driver thereof while controlling the vehicle can at all times have a full view of the road and traffic ahead of the motor vehicle."

Well yes, even the worst of the truck has a full view ahead - but not down to the road immediately below the front bumper ! That is the case with (almost) every vehicle I know of - there is some dead spot between the "horizon" where visibility is cut off by the bonnet or bottom of the windscreen and the road below the bumper.

In practical terms, to "cure" this for large vehicles would mean making the vehicle even larger - moving the "oily bits" further back so the drivers cab can be mounted lower down. Since vehicle lengths are limited (both by law and practicality in towns/cities), making the "front end" bigger means less load carrying space and so more trucks on the road.

>> I wonder if that is actually true everywhere, and why should it

Well actually it is true in the UK - a vehicle which is not required by law to carry a speed measuring device (ie speedometer) cannot be prosecuted for exceeding a speed limit. It's a matter of practicality since the driver generally cannot (in law) be expected to accurately know his speed.

There is however, for a bicycle rider, the offence of "furious riding" which could be applied. But of course, to apply that you'd have to catch them at it - since there are no number plates to identify the vehicle by.

NB - good luck getting to where I work without turning left, it's on the left on a one-way street !


Forced sale of Openreach division would put BT broadband investment at risk, says CEO

SImon Hobson

Re: New Builds

Actually, I suspect you'll find that new developments are the best served - in terms of options.

Assuming the developer actually gives a flying ****, then the whole estate will be covered by ducting (relatively cheap to install while the rest of the ground works are being done), and with ducting up to each property. For any deployment, it's that "last mile" that costs the most.

So assuming there wasn't some penny pinching or stupidity, such new estates will be the easiest to provision. *All* OpenReach have to do is get the fibre to there - installation is then relatively cheap as all the ducting they need is already there, right up to each house.

Of course, if OpenReach want to actually install any phone lines, they'll need to connect that new ducting to the existing network and pull new cable back to the exhange. There's no reason they couldn't pull in fibre as well, but I can't help thinking there's too much politics to allow that to happen.

PS - I'm in agreement that BT's comments strongly suggest that the supposed "chinese wall" between BT and OpenReach isn't working as it's supposed to.


Amstrad founder Lord Sugar quits 'anti-enterprise' Labour party

SImon Hobson

> WTF does he actually know about the REAL manufacturing industry? Nothing.

Actually I'd suggest he understands very well. As mentioned earlier, his products were famously "not the best", but people bought them because they were cheap. So he understood the demand side very well - if you sell something that's "good enough" then people will buy it if the price is right. The supply side is that you need to know how to make something that's "good enough" and can also be sold "cheap enough" for people to buy it.

History is full of examples of products that were either "very good" but too expensive so people wouldn't buy them, or very cheap but not good enough. The vendors often didn't survive.

SImon Hobson

Re: Hmm @Doogs

> ... but thoroughly uninterested in aiding his constituents

Not sure about our current MP yet, he came in during the 2010 elections when the previous one retired. But before then, we had a "safe (Labour) seat" career politician, in the cabinet, and as far as I could tell, no interest in local politics or constituents (unless it was something in favour of official policies of course).

Whenever I wrote to him, I would seldom get other than a boilerplate regurgitation of Labour policy on the matter. Or a boiler plate regurgitation of Labour policy from whichever department my enquiry got forwarded to.


Mildly successful flying car crashes - in mildly successful test flight

SImon Hobson

IT angle - they've been taking english lessons from UK ISPs and using a different definition of "limited" to the rest of us


The next Nest? We talk to Ring, the doorbell-come-security system

SImon Hobson

Re: A general problem with IoT devices

> I just upgraded my internet connection, now my WiFi has a new name and password.

Why ?

Just set the new router to use the old SSID/password - then you don't have to worry about it. Best still, have a one-off change and set both to something of your choosing and then keep that across any future hardware upgrades.

If the router doesn't allow that, then send it back as a piece of carp and get something that does. Anything even vaguely claiming to be half decent can handle it.

Though personally I don't use ISP supplied routers anyway, they tend to be a) built down to a price with performance to match, and b) of limited functionality. You also don't know what sort of backdoors are built in, like the BT Internet routers that not only have remote configurability, but AIUI remote access to BT Internet bods.

As for physical security, I agree, once people realise what they are, the "tamperproof" screws will be as tamperproof as the Torx and Pentalobe screws used by Apple. The latter had drivers for sale on eBay before the products using the screws were available !

Besides, no tamperproof screw wil resist the universal screwdriver also known as a jemmy.

Then consider if they add remote unlocking. With the current model, this means putting the connections for the unlock motor/solenoid outside the secure zone. Jemmy off lock, apply PP3 to bare wires, enter !

And lastly, is it me or did I miss mention of security in the list of specialists they need to have on-board and in-house ?


EU geo-blocking: Ansip's crusade liable to disappear through 'unjustifiable' loophole

SImon Hobson

Re: Sorry

> Sky certainly should not be allowed to be a pay TV platform (in many countries) AND ALSO have control of Pay TV channels. They must divest Sky1, Sky Sports and Sky News etc, or be a content provider and divest of the Satellite Pay TV platforms.

> I think beer should be free, and benefits the population enormously. That doesn't mean its going to happen.

I think you missed the point - no-one is calling for anything to be free, so your comeback isn't comparing apples with apples.

FWIW, I agree that Sky shouldn't be allowed the degree of vertical integration it has - it's got a de-facto monopoly of pay-TV for large swathes of (at least) the UK and (ab)uses that power to force things to it's way. As Mage points out, they control the distribution, the EPG, the STBs, and do their own content/channels - that's one hell of a cliff to climb for any would be competitor.

Basically, Sky can veto any competing content it feels it can get away with keeping off it's system. If the BBC or the group of companies making up ITV owned the Freeview transmission system and actively used that control to make sure their own output had an unfair advantage over anyone else then there's be a outcry.

So yes, I do not think Sky (or anyone else with that much market power) should be allowed such vertical integration - the "carrier" and the "content" should be separate and contract with each other at arms length, with a suitable regulator able to see that no preferential deals are going on.

But on one point you are correct - nothing is going to change. Sky will carry on gouging customers and using it's size to keep it's dominance. And the authorities will do SFA about it.


Spooks BUSTED: 27,000 profiles reveal new intel ops, home addresses

SImon Hobson

You mean they aren't all in Sales for Universal Exports ?


Attackers target new XSS in millions of WordPress sites

SImon Hobson

I'm not a programmer, and I haven't looked at the code involved ...

Such things are often obvious when looked at "from the outside" or with a fresh pair of eyes. A few times I've come back later (could be days, could be years) to look at some script I knocked up - and found myself wondering why on earth I did it that way :-/ Not just scripts on the computer - many a time I've either been stuck for how to do something and only thought of the way when I've given up for a cup of tea; or found a way and wondered the next day why I made it so hard.

And if you do any writing, always get someone else (ideally who isn't connected with it) to proof read it. You can read through it many times yourself - and another proof reader will find some "how did I miss that !" typos. That's just the way the human brain works.


Why don't you rent your electronic wireless doorlock, asks man selling doorlocks

SImon Hobson

Re: Just who needs 'smarthomes' ?

> OK. Do you tell it what time you want it to come on, or do you tell it what temperature you want it to be at 7:15am?

In a modern home (reasonably well insulated) and with sensible controls (eg TRVs), there isn't all that much difference any more. Yes there is a bit of variation - but then there's variation in my habits (I don't always go to bed at the same time, and so on). And good luck trying to "predict" heating needs based on SWMBO's random shift patterns !

Yes, it used to make a big difference back in the days of thermally balanced systems that were slow to reach the "setpoint". What's that noise I can hear ? Oh, it's the 1960s calling.

SImon Hobson

Re: In 3 - 2 - 1

You missed out - they know where you live because you had to give your real address before you could register the lock and have it work.

And all that information is sat in a database that, judging from past events, was built by someone for whom secuity is something someone else bolts on afterwards.


AGL trumps Tesla with batteries-and-solar-cell package

SImon Hobson

> 4.5 kWh of solar

Aaaaaaaaaaaaahhhhhhhhhhhhhhhhhhh !

Can't people get simple, really really simple, technical facts right. I assume it's meant to say 4.5kW.

In the UK I can't see any point in these due to our high feed in subsidies, err I mean tariffs, which don't include any variable element. So it pays to export it without the losses involved in storing it first. There's no point trying to match supply and demand within the house as everything you produce is paid for whether you use it or export it, and any saving from not paying for imported power won't pay for one of these systems.

I can see that where the cost/reward structure is different, it may pay to store up what you don't need at the time of production (rather than export it for peanuts) and then use it later to avoid buying in expensive power later.


Mozilla to whack HTTP sites with feature-ban stick

SImon Hobson

Re: why, why, why... what is the point?

>> Try that today and you're legally liable for any and all speeding tickets.

> No such requirement here, and if you cannot be clearly identified on the photo (assuming it wasn't an actual pullover), then you can generally not be prosecuted.

Don't know where you are, but in England (probably England and Wales, dunno about Scotland and NI) the registered keeper can certainly be prosecuted as a result of speeding by someone else. The first thing that happens is a form is sent to the registered keeper asking who the driver was at the time. If you cannot or will not identify the driver then you as the registered keeper **WILL** be prosecuted - not for the speeding offence, but for failing to identify the driver. The penalty is the same, so as pointed out, it's to remove the loophole where failing to identify the driver gets someone off a speeding charge.

I know people who have been on the receiving end of this.


Good luck displacing Windows 7, Microsoft, it's still growing

SImon Hobson

Re: Just thinking out loud

> Assuming W10 proves as unpopular as 8 & variants, if you were a PC manufacturer what would you do?

You bend over and do whatever MS tells you to !

Like it or not, the majority of hardware still ships with Windows. Roll forward a few years and that's not all that likely to change.

If you start talking heresy, then you (or rather, your top boss) will get a visit from your MS account manager, and completely off the record you'll be informed of your new licensing costs if you don't toe the MS line. Upshot is that if you don't do what MS says, you'll not be able to sell any more MS powered hardware because the licence costs will make you uncompetitive. Without that MS powered hardware, your sales won't be worth staying open for.

And for good measure, no you can't talk about this meeting - not ever, not to anyone. If you do, then new fees apply.

Thus they'll pull each manufacturer into line separately and kill any rebellion before it starts.

They've done it before, they'll do it again, and they know the wheels of regulatory control turn very ver slowly. So slowly that any changes they are forced to make will only happen long after the objective has been achieved.


Bridge, ship 'n' tunnel – the Brunels' hidden Thames trip

SImon Hobson

Re: Them were the days!

> No mathematical modeling, CAD or even a calculator with the four basics.

> What is even better, a lot of their stuff is still standing and working.

Yes, but we tend to forget the stuff that isn't still standing - and there was a lot of it. Back then, stuff was largely done by "rule of thumb" and trial and error - build something, if it doesn't fall down then it's (probably) strong enough. Went to a talk not long ago about cathedral building - there was a lot of error, and many fell down (towers especially) or needed some serious intervention to prevent collapse.

Still, back then it was "real engineering", seat of the pants stuff, and the engineers actually involved in the work.


Fondleslab deaths grounded ALL of American Airlines' 737s

SImon Hobson

Re: costs per lb

> why aren't tickets priced based on passenger weight?

They would if they thought they could get away with it - even Easyjet and Ryanair haven't stooped that low (yet) !

It would cause some massive PR problems. People would have to declare their weight when booking (and you know how vain some people are about their weight), and be checked at check-in (when a lot of people would be offended to find they are "overweight", and then there's the admin of collecting all the "excess baggage" fees.

And I suspect that overall, it wouldn't make all that much difference by the time you've averaged out a typical passenger group. Though there have been "issues" in the past with abnormal weight distributions in the passenger set - either a party of children (lighter) or a party of well built adults (eg some sportsmen, heavier).


Give me POWER: How to keep working when the lights go out

SImon Hobson

Re: Nowt much to add, but...

> There's no point having a load of servers spun up and ready to go if you've not supplied power to the external network termination gear

Ha ha, yes I've seen that.

In fact, I recall getting called to a site of another company in the group to assist replacing a failed bit of kit. Went into their comms room, there was the big expensive PBX with a big expensive UPS - but the NTE for the phone lines was on the opposite wall, plugged into a 13A socket.

More recently, and on a more mundane level, at work we manage some connectivity for a science park. One of their buildings went off-line recently - because a microwave oven in the kitchen failed and tripped the breaker in the distribution board. The comms stuff was an afterthought and shared the same ring circuit as the kitchen !


E-voting and the UK election: Pick a lizard, any lizard

SImon Hobson

Re: Secret ballot?

> To all intents and purposes, the ballot is secret.

Which is important.

According to something I saw on the gogglebox a while ago, the reason strict rules are there regarding not marking the ballot paper other than to put your X in a box, was to make it so. Before such rules, people would be told to make a particular mark on the paper, so that the candidate (or his representative) could observe the count and confirm that everyone he was paying or "persuading" to vote for him actually had done. Hence the "secret" ballot was anything but, and vote rigging was easy - as in, "vote for me or you lose you house and job".

So the rules were brought in, so that if anyone marked the paper in such a way, the vote would automatically be invalid.


Free markets aren't rubbish – in fact, they solve our rubbish woes

SImon Hobson

Locally Shanks have built a biological waste treatment plant.

In principle, all the municipal waste can go into one end, it gets shredded and piled up for composting, and air is drawn through it to control the temperature.

Under the right conditions, "bugs" process the compostable stuff - with the heat and airflow carrying away moisture. The warm & moist exhaust is taken through a bark-chip bed where more bugs deal with any smells before going up a chimney.

After a couple of weeks, the compost (now fairly dry) is pulled from the pit, and then is mechanically separated - glass, stone, metals, paper & plastic, etc are all separated. Metals go for recycling, stone and glass goes away for use in construction, the paper & plastic is baled up and goes away to a cement factory where it's incinerated to power the calciner.


SImon Hobson

Re: We could have dedicated networks of rag-and-bone men

>> someone being prosecute for removing stuff from the skips

> It depends who owns the skip.


Round here, at the recycling centres they used to sell stuff - I've got some very good axle stands that were sold from the scrap metal bin, and we've had other stuff as well over the years. Seems a sensible idea - if a <something> has a value to someone, then selling it for simple re-use is the most efficient way of "recycling" it.

But there was "a bit of a hoo har" with the contractors who ran the centres on behalf of the council - never heard the details, but it involved police and looking into the financial affairs of some of the managers. Then things changed, different contractors, and an absolute rule that nothing leaves the site other than in the skips. That does seem a bit short sighted when there are big signs up promoting the council's mantra of "reduce - reuse - recycle" - make it hard to reuse someone else's rubbish !


DDoSsers use reflection amplification to crank up the volume to 100Gbps+

SImon Hobson

Re: Prison time will do them good

> Punishment, not so much.

In this case, I disagree. From what I've read, these attacks are deliberate (they certainly cannot be accidental !) and typically done for gain (eg extortion against betting sites before a big event). Education is of no use, because the scrotes already know that what they are doing is wrong - they don't care and are only interested in the money.

Thus significant punishment is the only sensible deterrent.

To pick up from your analogy, this isn't like someone making a spelling mistake - it's more like the school bully taking everyone's lunch money (and beating up anyone that won't hand it over). You can try education, but if that fails (as is likely) then some punishment is in order.

Of course, the practical problem is actually catching the little b'stards. The IP source addresses (and you thought I was still talking about school :-) ) are spoofed - so the only way to find out where they came from is to track them back through the network, which means involving every communications outfit they travel through - good luck with that. When you find the source, it's most likely a compromised machine behind a NAT gateway - so you need the end user's help to identify the machine.

When you get there, you then have to identify where it got it's instructions from, so off you go again around the world. If you - very unlikely - find the source, then that's probably also a compromised machine - so off around the world again.

Not to mention TOR


Belgian minister set to legalise Uber

SImon Hobson

Re: Private transactions between individuals - none of the government's business!

OK I'll bite ...

> I do freelance auto repair. I have no license, no ASE certifications, the government hasn't approved my abilities to fix cars. Is this illegal?

Staying UK here, no it's not. There is no legal compulsion for a car repair business to have a license. There are other legal requirements - such as declaring your business to the tax authorities.

> A man stands beside a road with his thumb out. A motorist stops and offers him a ride, for some gas and lunch money. They motor along for a while, passenger gets out, pays the driver some cash.

> Is this illegal?

That depends.

If the passenger simply offers some cash then it's not illegal. If the driver stops, and offers to take the passenger in return for some reward (doesn't have to be cash, any consideration will do) then that's "hire or reward" which is different.

Ignoring for a second the requirement to have a hackney carriage license to stop and pick up a passenger who flags you down, few people are insured to use their car for hire or reward - so unless you have paid (quite a bit) extra for that insurance, you would now not have valid insurance for the car. That is illegal (bar certain exception that won't apply to anyone I know).

IMO Uber is not all that dissimilar to a "taxi" (private hire) firm using freelance drivers. There's no reason to not allow it - provided they obey the law. Others have already expressed why we have laws on hackney carriage and private hire - it's mainly to protect the public, both those using the service and those sharing the roads. Private hire outfits are governed by fairly strict rules on vehicle condition (tougher and more frequent "MoT") and drivers (such as carrying ID and having had background checks).

IMO Uber should do one of 2 things :

1) They should obey the law as it is. That means they properly check all their drivers to make sure that they are "fit persons" do be carrying fare paying passengers, and they should check all the vehicles to make sure they are both roadworthy and insured. AFAICT they do neither of these.

2) They should campaign for the law to be changed - not just for them, but for all private hire outfits.

Yes - roll back all that red tape which is there to stop people being subjected to (in a small % of cases) travel in unroadworthy vehicles, without insurance, and driven by people they probably wouldn't want to share space with if they knew their background.

So, are you arguing that if your daughter got in a random car - you'd not be in any way bothered whether the car is insured and roadworthy, and that the driver isn't a convicted rapist ?


Fukushima nuke plant owner told to upgrade from Windows XP

SImon Hobson

Re: Please come visit Fukushima

> Suicide rates among the survivors are dramatic (so much about 'nobody died')

Yes, but as has been pointed out, this isn't actually **caused** by the radiation and safety issues - it's caused by the "OH MY GOD, IT'S RADIASHUN" brigade. ISTR that initially the government setup a fairly small exclusion zones, but then gave in to the "OH MY GOD" brigade, stoked up by irresponsible reporting (remember the "OH MY GOD, IT'S NUCLEAR EXPLOSION" reports ?) and extended it far beyond what was needed.

So it is still true to say that very few died from any nuclear related cause. I can well accept that many will have died as a result of scaremongering, pandering to the anti-nukular brigade, and so on.

What we do not hear about is what sort of exclusion zone (if any) has been applied to deal with the massive contamination by all sorts of crap set free by the tsunami. Oils, chemicals, rotting carcasses, you name it - it'll be there.

The nuclear contamination can be found with a geiger counter. The chemical and other contamination can only be found visually and by analysis.

> Why the hell are people afraid of nuclear power?

Because too many have been brainwashed into associating any mention of the word nuclear with images of big mushroom clouds ? Certain groups have made a good business out of such tactics.

And lets not forget that without demonising nuclear, the renewables lobby are really on a road to nowhere. Thankfully there is a glimmer that the tide may be turning (no pun intended) against wind. I have a screen dump here from a couple of weeks ago when the total output from all metered wind power in the UK dropped to just 68MW from a capacity of 8403MW - that's just 0.8% of the rated output. The peak forecast for the day was only 12.5% output !

So even if we took all the windmills already there, and multiplied by 10 (dunno where we'd put them !), they still couldn't keep the lights on !

Since investment in nuclear would massively reduce the carbon footprint of electricity generation, the renewables lobby have to work hard to keep it in the minds of the population as "something that makes mushroom clouds" so as to keep the government (and business) scared of the backlash from supporting nuclear.

Fukushima is used (been on the receiving end) by the renewables lobby as "proof" that nuclear cannot ever be safe. I have seriously had someone drivel on (essentially) with an argument that Fukushima proves that a new design of nuclear cannot be safe. Somehow, the fact that it was designed (probably) 50-60 years ago is of no relevance - current designs must be equally unsafe (and as expensive to decommission) !


What is the REAL value of your precious, precious data?

SImon Hobson

Have an upvote from me.

I agree, it's not so much the value of the data, but the value of the privacy that the lack of that data implies.

I put a value on privacy - not a value you could put a monetary amount on, but a value nonetheless. So I do all I can to reduce the spread of my informations - like carefully looking for those hidden "untick this pre-ticked box if you don't want us to not refrain from selling your data to all and sundry", and yes, just the other day I did find a website where the boxes were hidden until you clicked on some text which made them appear (and the default to be spammed) !

But Tim is wrong on one point. There is actually, in many cases, an actual value that someone is prepared to pay an individual for his/her data. Many retailers (pretty well all the big ones now) have some sort of "rewards" scheme. With those, there is pretty well a clear connection between handing over data (who you are, what you but and when) and getting rewarded in cash terms for that.

For some of them, I've decided the rewards are worth the cost, for others I've decided otherwise.

Mind you, I do sometimes do things to subvert the system. I don't always use the "loyalty" card, and I often pay cash. Sometimes I'll do the shopping in two parts and only put some on the card.

Oh yes, and I've even gone so far as to issue Section 11 notices to some data controllers. That then puts a relatively large cost on them for having used my data - each notice cannot be ignored (unless you want to be in deeper sh1t) and needs manual processing so the manpower cost is going to be significantly more than any gain they'll have made from having my data.

And it has worked the few times I've used it.



Excessively fat virtual worlds – come on, it's your guilty secret

SImon Hobson

Re: I agree

> When they've finished poncing about installing product X that's so special it needs to go on a machine all its own, I'll just clone the machine to a VM

Which is fine until the client whose system it is has a problem, and the vendor just plain refuses to support anything.

Your client points at you, the software vendor points at you - and you have no answer to the fact that you did something the vendor explicitly said you must not do.

Yes I've seen that with a specialised software package. Absolutely no reason whatsoever, complete crock of sh1t, but that's what the the software vendor insisted on.


Want to go green like Apple, but don't have billions in the bank?

SImon Hobson

Re: Intermittent data centres

> Otherwise they're just pulling power from the grid in whatever mix happens to be co-generating at any given moment.

Have an upvote for that statement of inconvenient (to the greenies) fact.

As you say, there is no such thing as a "green supply" - the electrons come from whatever generating plant is actually working at the time.

But more importantly, even if the renewable supply were connected directly to the data centre, it's still not true to say the supply is green. Every kilowatt of green power used by the datacentre is a kilowatt of "green power" not available to the grid. Therefore, it means "something else" needs to turn up the wick to supply that kilowatt of power to someone else.

So given that nuclear is generally running flat out, using a kilowatt of "green power" in the datacentre means that a coal or gas power station needs to open the tap a bit. In extreme, it means some diesel generator fires up - at times, the UK actually runs diesel generators to meet peak demand.

So yes, the claims about "green power" are just all out and deliberate bollocks. "Greenwash" is a good term for it.


WORLD+DOG line up to SLAM Google after anti-trust case unveiled

SImon Hobson

Re: All fee paid responses?

> The question was not whether it was in Google's interest to return links to sites that had not paid for that, but why they would reasonably be required to do so - what legal theory would support such a requirement.

How about, they claim to be a general purpose search engine ?

They claim to show you "results from the internet" relevant to what you searched for - therefore they have entered a contract to do that. If they were to only show sponsored links then that would be fine - provided they didn't claim to be showing you "results from the internet" and instead were clear that they only showed paid results.

I don't have too much trouble with them showing sponsored results - that is how they may their money after all. But they need to do it honestly so people can see what it "from the internet" and what is "paid to be there" - and so make their own mind up which links to use.

IMO they used to do this, but these days their page redesigns appear to be ever so slowly making it less clear.

SImon Hobson

Re: What's the evidence of abuse?

> What does Google do that harms me as a user?

Did you actually read the article ?

The accusation si simple - they use their dominant position in search to stifle competition. Note I said dominant not monopoly - they don't, as you point out, have a monopoly, but they are very much dominant - to the point where for the vast majority of "internet" users, Google == the internet (ie if it's not on the first page of a search then it doesn't exist).

People can argue about the last bit, but it's true for a very large number of people - and it's been made worse by certain browsers now combining the search and address fields such that I now have to put http:// in front of local server names to avoid doing a search on their name :-(

So say you come up with a spiffy new idea for mousetraps, but it competes with google's own mousetrap service. The accusation is that Google will push you down the search results and push their service up the list - thus people who don't already know about your mousetrap service will never see it because they'll not read that far down the list and will have clicked Google's link (near or at the top) first.

So you sit there, quite happy that you get a mousetrap service "free" and wonder where the harm is - oblivious to the fact that someone actually has a far better mousetrap service - but they can't market it without trying to outspend Google.

This is the harm - not that Google is "fleecing" you, but that it's stifling competition and innovation because it has the power to kill dead anything it thinks might threaten it's own services. Thus you don't get to see that spiffy new and much better mousetrap - and you don't complain because you don't know that you're missing anything.

The have been a good few "new mousetrap" vendors who claim that Google has done just that.

The other side is that if Google aren't currently offering a mousetrap service, but see that someone else is doing so quite successfully, then they have the power to do their own mousetrap service. It doesn't need to be better because they can shove it to the top of the results. Then much the same thing happens, those that don't already know about the existing better mousetrap will start using Google's service because it's the top link. The existing service will slowly wither unless it's already reached critical mass to survive by word of mouth - few have.

The result is the same - Google's mousetrap service "wins", the other fizzles out. You as the user will probably never know that you are missing out unless you happened to be one of the early users of the better service.

This is not about Google offering a good search service - which is does, mostly. It's about then being able to massage the results to favour their own services.

I don't think most people would complain if all they did was search - and treated everything equally. I don't think too many would complain if they offered various services but treated them exactly the same as they treated others.

But there does seem to be some evidence, based on various reports I've read, that Google does two things :

1) It uses the income it gets from being the dominant (almost monopoly) search engine to be able to cross subsidise into any other field it wants to take over. Put simply, it can pick a target and throw money at it in a way few others can do.

2) When it does decide it wants to be in a field, it can push it's own service to the top of the list in a way no other vendor can.

The net result is that better mousetraps don't happen - we get the same old mousetrap, with occasional tweaks, but really only as good as it needs to be to avoid people realising that it's actually a pile of old crock. *THAT* is the consumer harm.


WHAT did GOOGLE do SO WRONG to get a slapping from the EU?

SImon Hobson

Re: EU claiming the power to fine

> I agree that Google is guilty of what they say, but if they try to enforce that 10% fine I hope Google says a big F.U. to the EU and stops doing business there in lieu of paying the fine.

There's no way they'd do that.

> Let's see how EU businesses like it when search results stop showing them.

But don't forget, Google would be out of the EU - so would be irrelevant to the majority of EU users who would switch to another search engine. Most likely, I'd expect Google to "go dark" due to legally imposed blocking - as in orders to all the major ISPs that "Google is a criminal organisation, block them".

Google could not cope with that as it would destroy their business model which is to keep competition pinned down leaving them free to dictate the market.

Once Google is out of the running, there are other offerings that would pop up very quickly. OK, there'd be a huge disruption for a short time, but it certainly wouldn't take years. And some of us would be busy with friends/relatives teaching them how to access those alternatives.

As to Bing getting a dominant position in the EU, as much as I "quite dislike" Microsoft and their products and their business practices, I'm not sure it would be that bad a thing. For the reasons given above, Google would soon capitulate - but in the meantime Bing would get a massive boost. Once there is at least one viable competitor then Google's power is vastly diminished. Google would suddenly be competing from the position of weakness.

Ie, if Google aren't the very dominant engine they are now, they'd have to sell mousetraps by being genuinely better, rather than by blocking people from knowing about competing mousetrap vendors which is effectively what they do now.


'Granola-eating tree hugger' takes plunge, becomes IoT upstart

SImon Hobson

Re: Smart Radiator Valves

> Smart Radiator Valves ...are a solution for dumb boilers.

> ... I made sure it had the external temperature sensor ...

That's called weather compensation and is a solution for dumb systems. Yes, it's much better than a fixed temp, but far better still would be smart TRVs which signalled the requirements back and controlled the boiler.

Zoning only goes so far - eg it heats all the bedrooms, even if you only use the back one intermittently as an "office". Ditto downstairs - it won't leave an empty room unheated unless you manually shut down that radiator.

So my ideal system would be a smart TRV on every rad so I can program a typical profile* for each room, combine it with other sensors (if the window is open then it's probably too warm !) and possibly occupancy sensors. Then each smart TRV signals it's state back to a controller which regulates the flow temperature (using the weather comp input if the boiler isn't very smart, or better still a controlled mixing valve on the thermal store). So as the TRVs are closing, the flow temperature reduces to the point where the last TRV isn't fully closed.

* Note that "profile" may or may not include "off" for some rooms - just set back the temperature at night so the (eg) bedroom doesn't get too cold.


You’ll be the coolest guy in IT if you ain't got your ID

SImon Hobson

Only last week I had a (very very) minor version of this.

Had to visit a client, who shares a small building with another business. The business downstairs "mans" reception, and it's one of those "front door is open, but that only gets you to reception and a locked door" arrangements - they also don't have someone sat at reception, they come through from another office when they hear the door chime.

Sorted the clients problem (BT failed to log the fact that they'd been paid, cia the payment facility on their own website, and cut off the internet without warning), put my laptop back in it's case and left. Through reception and ... oh dear, the front door is locked.

Can't go back, can't go out, and there's no bell to ring.

Fortunately, since it's only a small building (large house sized), they could hear me from upstairs, knocking on the inner door.


Silence is golden: Charlie Chaplin's The Tramp is 100 today

SImon Hobson

Re: It seems that one or two people don't get it. "It" in this case being..........

> what one finds funny is very individual

Have an upvote for that.

Some very successful (as in they earn a good living from it) modern comedians leave me wondering what is supposed to be funny in their act. Doesn't make them "not funny", just not the sort of humour I like.

@ J.G.Harston

I agree.

I would suggest you keep an eye out for some of the programs/series Paul Merton does about the actors/comedians of that era.


The VMware, Nutanix mud wrestle is hilarious, but which one is crying with fear on the inside?

SImon Hobson

Re: Hardware vs Software

> Software, well...how much power do you trust your software vendor with? So much that you're willing to bet your whole business on them without retaining any realistic bargaining position?

<SFX: Twilight zone theme>

Something I've been mentioning on and off for a couple of decades, as in (to the FD) "do you really want to write a load of blank cheques to Microsoft". Something I was mentioning to a colleague only this morning - how "cloud" is (in some ways) a full circle back to the 1960s where a powerful ${something} supports loads of "dumb" terminals - and how so many seem to be rushing to cloud without considering the risks (lock in, cloud evaporating, your account evaporating from cloud, ...). And how some vendors (Adobe for example) have moved to cloud/subscriptions so they can extort money for as long as you want to run your creative business - or someone else comes along and usurps them (don't see much sign of that, yet).


NHS England has some sneaky plans for Care.data acceleration

SImon Hobson

Re: The price of failing to cooperate...

To which I'd reply :

"In that case, can I just check that I've got your details correct for the upcoming prosecution ?"

That might just get them to start discussing their responsibilities - which include that they cannot coerce you into allowing this. You have to give your freely given and informed consent - this isn't one of those "covered by the exceptions" situations.


No password or PIN, but I have a fake ID. Sure, take the domain

SImon Hobson

Re: Not just Go-Daddy

> That sounds ok to me. The contact details the registrar already had on record were used to confirm the request was valid.

Really ! Just having the phone answered by someone claiming to be the right person is enough ? In this case it involved the receptionist - you know, those highly vetted and highly paid people who are experts in security. In many cases, when someone leaves, reception is told to forward all calls for the person to someone else in their office - the bigger the organisation, the easier is would be for the highly trained security expert on reception to not notice being given duff information.

Or it could well have just been the cleaner or security guard at a weekend - you know, when it's best to phone up with the "our systems our down, I'll be strung up Monday morning if I can't fix this" story.

On second thoughts, if just answering the right phone is enough, can I borrow your mobile to call your bank - I'd like to withdraw some money on your behalf :-)


This isn't the one-stop EU data protection you're looking for

SImon Hobson

Re: They saw the light.?

> Maybe they finally recognized that the entire Internet would have to block European traffic if they did not allow personal data to be collected.

No, there would be no such requirement or limitation.

> After all it's the fuel that Internet websites run on and it's the price you pay to use things like Gmail or Google Search.

True, and they'd be able to carry on collecting and using that data.

What would, if proper laws got passed, happen is that companies would have to be open and honest about what they collect and how they use it. Just burying a one liner "we will collect personal data and use it to provide services from us and 3rd parties" somewhere in a "War and Peace" user agreement doesn't cut it. What they'd need to do is provide a clear, simple, statement of what they collect and what they'll use that data for.

Many people, for example, may well be happy if Google tell them "we'll collect everything we can from reading your mail, provide personalised advertising based on that data, but we won't pass that data on to anyone else" in return for providing the "free" Gmail service. But most of those people probably wouldn't be happy with a "we will collect any information we can, including personal information such as sexual preferences and medical issues, and sell that data to anyone who'll pay us for it" !

What many companies want to be able to do is the latter without having to admit to doing it - eg by taking the users failure to set an obscure setting in their browser as "permission" to collect any information possible and use it in any way.

This exercise was *supposed* to be about preventing one country deliberately setting it's privacy/data protection laws to "relaxed" so as to entice the likes of Farcebook and Gobble. That leads to "brass plate" headquartering in the way large corporations do in order to (legally it must be pointed out) reduce their tax bill.

It was also supposed to be about making it easier for a citizen in one country (eg the UK) dealing with a corporate based in another country (eg Ireland) when they have an "issue". That seems to have been hashed up so as to produce something worse than we currently have.


Hated smart meters likely to be 'a costly failure' – MPs

SImon Hobson

Re: UK market specifics

> I'm not convinced by the "Primary goal of the project is to be able to cut people off who haven't paid their bill" is this really the primary goal?

Actually, that's the secondary goal. The primary goal is still cutting people off - but for a different reason.

Thanks to decades of "kicking the ball into the long grass for someone else to deal with" - ie leaving the difficult decisions till after the next election, and politicians pandering to the "nucular is bad, can't have any of it" brigade, and don't even get me started on the renewables farce, we are facing a situation over the next few years where it's "not certain" that we'll always have enough power to satisfy peak loads.

There are two ways to do this, and traditionally we've gone down the route of simply building enough dispatchable power stations to be able to meet all reasonable demands. There's always been a small element of load-side control, but primarily it's been about generating what people use. "Economy 7" and similar tariffs are part of that load side management - and were designed primarily to allow the base load to be kept up overnight and keep the "cheap"* nuclear stations running flat out and minimise the diurnal rundown of the other big thermal (ie coal) stations.

As the antis love to point out, nuclear power stations take a long time to build (here at least, the Chinese can do it on time and on budget). So there's little chance of the new build plants being online before the brown stuff hits the fan. We've something in the order of 8GW of wind capacity - which is to all intents useless when there's a lovely static high pressure system over the whole of northern Europe for a week or so, ie when demand is at it's highest because it's ****ing freezing !

Of course, if relations with Russia degrade much more, then we also have to factor the risk of them turning the gas tap off at an awkward moment - and thus shutting down another chunk of capacity.

SO what we're left with is smart metering who's primary function is to ration electricity. Perhaps it doesn't match the dictionary definition, but the end result is that when demand outstrips supply then the price will rocket. The rich will ignore it, the poor will sit and freeze - and wait till 2am to have their tea when they can afford to cook it. If that doesn't alter demand enough, then remote turn off is there specifically to cut off people and so reduce their consumption by force.

Think about the rolling power cuts of the 70s, but on a more granular scale.

All the other bollocks is just fancy dressing to try and pretend it's for our own good and something we should want. Oh yes, and lets not forget that these will store and transmit your usage - every half hour of every day, all going into a big database that we don't need to worry about because a) it's secure and b) it's not allowed to be used for anything but billing. Yeah, we all believe those promises don't we !

* In relative terms. Much of the "expense" is in dealing with the "it must be a lot lot lot lot lot safer than any other risk we accept every day" approach to risk.


Grab your pitchforks: Ubuntu to switch to systemd on Monday

SImon Hobson

Re: read around...

> enough large distros have decided in favour of it

Err have they ?

AIUI Debian haven't decided in favour of it, more like determined that they don't have the resources to fight it ! Saying Debian have decided in favour of it is a bit like saying that Aron Ralston decided on having only one arm (cf 127 hours).

Debian have stated up front that they simply cannot reverse engineer out the dependencies of certain packages on systemd before the next major relase - but they plan to for the one after that. My worry is that once it's in there, more and more stuff will depend on it (because it's there) and the job of untangling the mess will just get harder and harder.

So far I've seen a lot of arguments both ways, still to see a reasonable argument as to what it fixes that actually needs fixing, and the more I get to know about it (and the devs behind it) the more I want my servers to remain free of it. I like my servers stable and reliable - and if they do fall over, fixable.

If I wanted Windows levels of bloat, complexity, opaqueness, etc then I'd run Windows. Hint, I don't run Windows.

If any of the packages I use gains a systemd dependency then it'll get a bug report - though I suspect I'd have to be really quick to get in first with that.


Bite my shiny metal Ask: Java for OS X crapware storm brewing

SImon Hobson

Re: At least on a Windows PC...

> there's a checkbox in the Java control panel, Advanced page/miscellaneous: "Suppress sponsor offers when installing or updating Java"

There wasn't in mine - it only appeared after upgrading from .39 to .40

And it appears unchecked.

But at least the updater didn't prompt me for anything. I'm currently running a scan for it just to be safe.

I'm guessing that perhaps they slipped the checkbox in sometime without actually changing the revision level. So those with the checkbox already get prompted for the malware, while those still without it just get the option installed silently (ready for next time).

I'm sure there's scope for an enterprising person with the wherewithall to go to the Police and report a crime under the misuse of computers act. I think it would be a hard case to make that the user has "given permission" by the action of not noticing this new option appearing down at the end of a long list of settings that the average user couldn't be expected to understand (let alone be fiddling with). Thus installing such malware would be interfering with the computer without the user's consent.


VMware sued, accused of ripping off Linux kernel source code

SImon Hobson

Re: Case..

> ... if you include GPL source code in your work then your entire codebase becomes subject to the GPL, which means you have to make the source code available.

Err no, that's one of the lies the anti-GPL brigade trot out.

You only need to provide the code to the part of your system that uses the GPL code.

Example, you have a big system but include a few utilities. One of those utilities (a separate executable binary) uses GPL code. Only the code to that utility must be made available on demand. The other utilities (which don't use or depend on the GPL code), and the bigger system (ditto) can still remain closed and secret.

Such distinctions are important. There are so many lies and misdirections used to discredit the GPL, we need to be accurate ourselves in defending it so as not to provide further ammunistion.


Broadband routers: SOHOpeless and vendors don't care

SImon Hobson

Re: @ Mephistro Why, oh why...

> In order to hold a manufacturer liable you have to show that they intentionally created a substandard product.

Err, no you don't.

You merely need to show that it was substandard, AND that they either knew or should reasonably have known that it was substandard.

I'm sure that a creative lawyer could argue that by providing an insecure router (a defect unpatched after one year, let alone 7 should be enough evidence) the manufacturer is guilty of "aiding an offender" or "conspiracy to commit a crime" by providing the tools used by the criminals that exploit them.

A good test case "pour discouragement les autres" would shake things up a bit. Lets just say, I'm not holding my breath on that happening.


East Timor was officially removed from the internet yesterday

SImon Hobson

> Apologies if I am being over simplistic about this but wouldn't the appropriate path have been to mirror all .tp over to .tl then after a period drop .tp? Running the two in parallel with different domains is just asking for trouble.

Yes, you are being simplistic !

I believe the plan is to open up the new registry, then get all the existing domains to move across. I assume (would hope) that all existing names would be reserved in the new registry - it would be a bit of a bummer to find your name taken when you come to move.

But that is just the easy bit. The really easy bit.

As the article points out, there is a lot of work involved. Just sit down and work out how many places you have given your email address to. Make out a list - and I'll pretty much guarantee that unless you either a) kept a list from the beginning, or b) have an eidetic memory, then you'll miss loads and loads and loads of places.

So a couple of years down the line, you come to log into something and can't recall your password. No problem - click the "forgotten password" link and put your email address in. FAIL. Because you forgot about it, you can no longer log in, AND you can't recover your password because your old email has stopped working.

That's just one example. I can think of a few services that I'm registered with and might not access more than once a year (or even less). In fact, only this week I accessed a system for work (software licence portal for a bit of software a customer uses) that we probably didn't log into for nearly 4 years - and no-one knew the password as the person (no longer working for us) who created the account didn't record it anywhere we know of.

If that service turns out to be for something critical then you could have problems - just think of all that manual work (alluded to in the article) for site operators changing domain for users !

And of course, think of all those services where your email is your account - I know a few where it's hard or impossible to change (bad design, but sh!t happens).

And then there's all those "forgotten systems" which keep churning away in the background and rely on email addresses embedded in config files and scripts. That little utility that "does something | mail -s "Here's your info" user@domain.tp - they all need finding, changing, and testing. Each one is not a problem - but when there's a lot of them, in systems people have forgotten they have, then it adds up.

For us, if a customer came along and said they were moving domains on their email, then depending on teh system it might not be too much work - but it would be manual work *moving* their existing accounts to the new domain and adding redirects from the old domain.

That's just email. Now lets look at other services.

For *every* web site the server config needs updating. It needs to know what to do when it gets a request for the new hostname. If it's a secure site, then it needs a new certificate - which now needs to be a multi-host certificate (== more costly) as it needs to be valid for both domains.

The fact that you're posting here suggests you're probably reasonably technically literate. For the rest of the population, multiply the problems 10 fold or 100 fold !

So yes, it *IS* a big deal. No it's *NOT* as simple as just mirroring the domains over.

You can't just add the new TLD. If you do that, then people will try to access stuff on it that isn't working or simply gives confusing results == confusion. So you need a phased approach so each domain owner can get the new stuff set up and *then* get the new domain created.

PS - don't get me started on the hassles of getting all the old email autocomplete entries purged !


Debian on track to prove binaries' origins

SImon Hobson

Re: What a complete joke

> So this work 'proves' that the source they built with was the source code they include in their source packages

Yes - that's it's sole function.

> but it doesn't prove the code in their own source packages matches up with the original source code released by the application developers

No, because you can do that yourself - just by diffing the sources.

The whole point is that you can inspect the source yourself, and if you are bothered, you can compare the upstream and Debian versions. That's relatively easy as the sources are there - there's nothing you can't inspect.

What you haven't been able to show, until now, is that the source Debian tell you a package is built from, and which you may have compared to the upstream source, is what was actually used to build the binary.


The Revenue achieved RECORD numbers of e-tax returns ... by NOT shifting to GOV.UK

SImon Hobson

Re: Gov UK +1

I can see why you'd post as an AC !

I too can see the idea behind it, and that was good. Unfortunately it's the only good thing I've seen out of it.

Good visual design is good, but it's useless if the underlying functionality is missing. Yes, some of the other Gov sites are/were crap - but at least they did work. Most of what I've had to use gov.uk for has been a big "WTF ?" as the underlying functionality has been missing.

Yes it's nice to have good form along with good function. But if I have to choose between form or function - then I'd take function any day. Seems like they took function, and tossed it away.

And thumbs up for HMRC keeping control of their own stuff, I really really hate to think what doing a tax return would be like in telly tubby land.


Hello Barbie: Hang on, this Wi-Fi doll records your child's voice?

SImon Hobson

What about friends ?

While the parent who buys it (or at least, one hopes is required to configure it if bought by someone else) gets to see the "privacy" agreement - what about parents of the child's friends ?

I can foresee some "interesting" cases coming to light when other parents find out that others have been exposing their children in this way.