* Posts by theblackhand

509 posts • joined 1 Oct 2009

Page:

Two weeks ago Salesforce had an outage. Now it's outsourced to AWS

theblackhand

Re: the endless blame-game opportunities

From the AWS website, AWS appears to have two Sydney data centres and a Cloudfront/AWS direct connect location at Equinix in Sydney.

Are the two AWS data centres actually third party facilities?

0
0

CIA says it 'accidentally' nuked torture report hard drive

theblackhand

Re: Yeah, sure, right...

c) The CIA promotes person X to position Y. The CIA tells person X that there is a single copy of file Z. Person X witnesses file Z being deleted. Person X is then asked to testify that the only file has been deleted. No lies and everyone is happy....

1
0

Symantec antivirus bug allows utter exploitation of memory

theblackhand

Re: main purpose of Symantec

The main purpose is extracting money from end users.

There might be an accidental side effect of providing some security primarily by making your computer so slow that you stop using it.

The chances of Symantec being used by intelligence agencies to gather information when the software turns your machine into an unusable piece of crap which severely limits intelligence gathering.

5
0

Big Pharma wrote EU anti-vaping diktat, claims Tory ex-MEP

theblackhand

Re: Hurrah!

I thought the issue with the house of Lords was the continued growth (i.e. 400 available seats in the house vs 807 members), the ease at abusing the expenses and introducing a term length with the possibility of re-election following that term rather than wanting to make the whole House elected.

If only they would die off faster....

0
0

Transfer techies at SWIFT tell Bangladesh Bank: Don't shift blame for $81m cyberheist

theblackhand

Re: $10 switches are fine

And without management features, ports won't be shutdown and 802.1x won't be used to authenticate connections and it will complicate finding a WLAN AP or remotely accessible computer planted somewhere out of the way...

0
0

Can ad biz’s LEAN avert ADPOCALYPSE?

theblackhand

Re: Internet marketeers

"The marketers lost any moral argument..."

You really found marketers with morals?

0
0

TWC celebrates $79bn Charter merger by blacking out in New York

theblackhand

TWC in New York

Are you sure the blackout was part of the celebration? Based on past experience, I would have thought the 15 minutes of working Internet was the celebration...

The great thing about temporary offices is that you just get the cheapest, dirtiest Internet that can be delivered quickly. And then wonder why you have no Internet for ~30% of the working week along with the rest of TWC's Mahatten customer base. OK - maybe 30% is an exaggeration and it's only 27%-28%...

1
0

Hey, YouTube: Pay your 'workers' properly and get with the times

theblackhand

What about freebooting?

I realise it is at a slight tangent to the original article, but it relates to the question of who ends up providing the content and reaping the rewards.

In particular - the "battle" between YouTube and Facebook.

I didn't know this existed until I saw a video about the issue on Reddit, but I don't know the real impact.

0
0

Ex-HP boss Carly Fiorina sacked one week into new job

theblackhand

Re: On behalf of the human race

More like:

Trump 2016: Making Republicans unelectable again

Trump trails Clinton by around 6% in polls and trails significantly in the electoral college system by around 250 vs 170 based on expected voting patterns with projections showing 300+ for Clinton.

39
6

Intel has driven a dagger through Microsoft's mobile strategy

theblackhand

Re: 50 billion IoT devices

Re:margin

Typical ARM pricing is around US$5-$15/SoC per 1000

Typical Atom pricing was around $25-30/SoC per 1000 (possibly even lower with rebates/subsidies to get their chips into products)

Typical x86 pricing is US50-$2000/CPU per 1000

These are rumoured prices manufacturers were paying versus RRP. Price isn't everything, but you have to have sufficient yields and sales to cover your R&D/manufacturing/sales/C-level bonuses/dividends.

ARM has the advantage of being cheaper and easier to make, but Atoms weren't where the money was for Intel. There might have been a window where Atom could have been brilliant and ARM failed to increase performance that gave Intel the opportunity to compete in mobile devices, but it didn't happen.

As ARM move forward, they will need to increase their complexity to incorporate a longer pipeline and cache which will drive an increase in SoC size and therefore cost per unit. ARM manufacturers can put pressure on Intel and Intel's margins will continue to fall, but Atom being dropped isn't the death of Intel and they still have a 2+ year lead in process technology.

At the risk of insulting them, Intel may not have the best technical CPUs on the planet, but they have been the best CPU manufacturer (sometimes at the cost of performance/technical excellence to allow higher yields) for decades.

2
1

Yay! It's International Patch Your Scary OpenSSL Bugs Day!

theblackhand

Re: Kill it with fire!!!

Assuming you are running patches for existing vulnerabilities already, you should already be patched for one of the two high severity issues (CVE-2016-2108).

For the second high severity issue (CVE-2016-2107), you need to be running AES (you should be...) using crypto offload. On the plus side, it is likely to only effect newer installs that can be patched reasonably easily, on the bad side it was introduced by a previous patch (although it was in 2013 prior to the Heartbleed.... In addition, the vulnerability allows the decryption of data rather than a remote compromise - bad for you so patch it, but that abandoned website isn't going to become an easy target for script kiddies..

For the low severity vulnerabilities, existing mitigation steps around getting rid of older protocols should have you covered.

Patch as quickly as possible but this isn't too scary on the OpenSSL 1 to 12 scale...

1
0

Batten down the hatches! OpenSSL preps fix for high impact vuln

theblackhand

As others have said, Heartbleed set the expectation that there would be a lot of changes to address SSL/TLS security in the coming years as some of the code found indicated very poor practices.

Completely getting rid of SSLv2 and historical export defaults, slowly killing off SSLv3 while combing through TLS to make sure it was fit for purpose takes time, as does cleaning out issues within the trusted Certificate Authority model, getting people to upgrade their certificates to current standards to address encryption/hash protocols that were approaching the end of their working lives.

However, if it is another DROWN-type vulnerability where disabling SSLv2/v3 is a workaround, I'll sleep easier...

1
0

Another failed merger, Carly? Ted Cruz to bring in ex-HP boss Fiorina as running mate

theblackhand

Re: Cruz and Carly?

Assuming Trump goes on to win the presidency, at least the US will be able to look back and say "at least it won't be as bad as if Carly was involved"

Or is she planning on outsourcing the US electorate to ensure Cruz wins the nomination?

2
0

Panama Papers graph database cracked open for world+dog

theblackhand

Re:illegal behavior

I think it is too early to judge the illegal behavior element as it will take time to sort out:

- entities that are using the service for legal and morally justifiable reasons

- entities that are using the service for legal but morally unjustifiable reasons

- entities that are using the service for illegal reasons now (i.e. Austrlain citizens (around 900) would appear to fall into this category due to their tax laws - potentially US citizens as well, but not aware of any so far as they are more likely to have used legal US tax havens)

- entities that are using the service for illegal reasons in the future... i.e. the actions of some politicians or their friends and families that are "allowed" now, but a future regime may have a different view.

5
3

IBM says no, non, nein to Brexit

theblackhand

You have to smile....

"Putting jobs...at risk"

Isn't that the motto of IBM's offshoring business?

6
0

'No password' database error exposes info on 93 million Mexican voters

theblackhand

Re: has to be said

"He's from Barcelona^H^H^HTijuana..."

1
0

Logging on to United's frequent flyer site might take longer than a flight

theblackhand

Re: Post-Its

If only they asked more security questions than could easily kit under a standard size keyboard...

United, are your security people listening?

0
0

All-Python malware nasty bites Windows victims in Poland

theblackhand

Re: Upon initial execution of PWOBot

From what I can tell, it compromises Windows when a user installs an application that they downloaded from the Internet. I assume that traditional methods of containing this type of threat will continue to be as effective as they have been in the past I.e. Restricting admin rights, up-to-date AV software, user education

As for the Python element? I can't recall a scripting language (compiled or otherwise) ever being used to install software...

0
0

Catastrophic 123-reg VPS cockup deletes Ross County FC website

theblackhand

Re: So your saying they should have a dedicated web developer, a sys admin, a network engineer and a security expert (minimum)?

Depends - as long as they can kick a ball they can be part of the team...

9
0

MIT boffins build AI bot that spots '85 per cent' of hacker invasions

theblackhand

From the conclusion:

"as time progresses and feedback is collected, the detection rate shows an increasing trend, improving by 3.41× with respect to a state-of-the-art unsupervised anomaly detector, and reducing

false positives by more than 5×."

I believe this is after 28 days of operation.

As for usefulness - it sounds like a useful improvement, assuming the sample data is representative of "typical" traffic hitting a variety of common web servers, for a V1 product but its not going to fundamentally alter the security landscape.

1
0

What's wrong with the Daily Mail buying Yahoo?

theblackhand

So the good news is....

...the Mail Group might fail because of this?

Let me guess, this is one of those Daily Mail articles where they tell you the good news about X on Monday and but by Friday, X has morphed into a global catastrophe?

45
0

Boaty McBoatface 'wins'

theblackhand

Re: Democracy in action

Maybe not democracy but definitely British bureaucracy...

I suspect they will go with the "democratic" option of what the 65m+ people who didn't vote would have wanted to choose.

3
0

Panama Papers hack: Unpatched WordPress, Drupal bugs to blame?

theblackhand

Re: If you care about security

In defence of Wordpress, it is relatively easy to isolate and provides a way for non-technical people to spout their words of wisdom - if it was sitting in an environment where a compromise allowed access to key business data, then Wordpress is probably the least of the security mistakes in this story.

A CMS on the other hand, would allow you to get both the documents and the structure and given the timeframes of about 1 year to collect the information requiring less than 1Mbps to retrieve all of the data.

But surely given the nature of the information you are handling, sensible security precautions around authentication, application firewalling and IDS/IPS/monitoring systems would be in-place to avoid the destruction of the business...

Ha! Yeah right...

8
0

Oracle v Google: Big Red wants $9.3bn in Java copyright damages

theblackhand

Re: Here's hoping both of the teams get cancer...

That's a little harsh.

I would propose executing legal teams ( all sides...) in patent disputes once a set period had expired without resolution of the issue.

I would say it was to speed up the process, but I know the lawyers won't be able to turn down the additional profits from one set of legal teams being eliminated and the process restarting...

7
0

Cisco says CLI becoming interface of last resort

theblackhand

A bad GUI doesn't make GUI's a bad thing...

Many of Cisco's GUI's suffer from being terrible or running on underpowered hardware for some of the tasks the GUI is trying to do (looks at standalone AP's and switches in particular...).

0
0

Axe to fall on staff at IBM's Global Technology Services 'this Friday'

theblackhand

Re: 15 Consecutive Quarterly Losses

While IBM makes money, the revenue decline has been happening for quite some time (~10 years) and IBM have used every trick in the book to slow the decline and post "healthy" numbers.

At some point, losing money on outsourcing deals won't be able to be hidden behind tax efficiencies and redundancies and the mountain of cash that they have been using for share buy backs will dwindle.

It's not in HP territory yet, but it only takes one Autonomy....

0
0

999 What's your emergency: Mega millions Met call handling IT muckup?

theblackhand

Re: You can't solve all your problems with air strikes.

Are you sure?

Without wanting to sound too much like a UK prime minister (most of them anyway...), I can't think of any of my problems that an indiscriminate airstrike wouldn't improve to some degree.

5
0

'Powerful blast' at Glasgow City Council data centre prompts IT meltdown

theblackhand
Flame

Re: If the amount of kit in your data centre changes significantly

All this talk about faulty fire suppression equipment, but no body seems to be mentioning how there was NO fire damage to any of the equipment.

Impressive no?

Where is the suppressed fire icon when you need it?

7
0

Your one-minute guide to IBM's financial future – or just imagine a skier tumbling down a slope

theblackhand

Re: Chickens coming home to roost

Well, IBM didn't buy Autonomy for almost double what it was worth....

2
0

Ex-Autonomy CEO Mike Lynch sues HP for $150m+

theblackhand

RE: multi-billion PR company

Isn't a multi-billion PR company just a $100 PR company that convinces HP to buy it?

Hmm - this might be a business opportunity. I'll start by approaching Larry with my "business" and getting rejected and putting a note in my accounts saying "we don't make any money yet, but these projections show we could make billions". Now I just have to sit back and wait....

13
0

BBC Micro:bit delayed by power supply SNAFU

theblackhand

Re: Missed deadlines....

Maybe they could meet the deadline by sending out the unassembled components with a note about not using glue for assembly?

6
0

Wi-Gig signals are bouncing off the walls, can't settle on the sofa

theblackhand

I think you will find...

"As for humans getting in the way of the signal, the solution is simple:"

The specs allow for a brief (upto 1 second at 2kW) directed beam to allow any path to be cleared of obstructions.

0
0

Intel's 6th gen processors rock – but won't revive PC markets

theblackhand

Re: Too many processors will confuse the market

I thought the whole idea of the names was to confuse the market and get buyers to make decisions based on i3/i5/i7 and maybe a performance sticker.

In most retail settings, there will be multiple processor generations and getting what you want without referring to Intel ARK is challenging.

6
1

HP overtakes Cisco in cloud infrastructure revenues

theblackhand

So...

Who was the loser in cloud sales?

Would it be fair to guess HP won the additional sales at the expense of Lenovo as the IBM server business transitioned?

1
0

Apple iPhone 6S: Same phone, another day, but TOTALLY DIFFERENT

theblackhand

Re: Money for old rope

Lets see - I average one FB status update every 4 years so the annual time saving of updating to a new iPhone would be less than one fart.

I think there could be a marketing byline in that...

1
0

America's crackdown on open-source Wi-Fi router firmware – THE TRUTH

theblackhand

Re: So it is true...

The problem with a unified worldwide spectrum allocation is that either:

a) the allocated range is significantly smaller than what is currently allocated limiting potential uses (check the wiki page for the common frequencies that are unused by all regulatory domains)

b) move or remove existing users to free up space. As a lot of the usage is weather/military radar I suspect the time frame for doing that is measured in decades.

0
0
theblackhand

Re: So it is true...

The problem with the acceptable bands is that they vary by country. i.e.

https://en.wikipedia.org/wiki/List_of_WLAN_channels#5.C2.A0GHz_.28802.11a.2Fh.2Fj.2Fn.2Fac.29.5B16.5D

So the issue is that effectively the radios can be used in any country and are software selectable for the chosen country. If the firmware allows the country to be set, then setting the AP to Russia gives more available frequencies without that DFS/TPC reducing your signal strength.

They really need a solution would be providing a way for the radios to work out their location and restricting how they operate

i.e. while I can think of how to identify your country if you have Internet access using GeoIP, how do you do it on devices that have limited or no Internet access or incorrect GeoIP details? And while DFS/TPC can help with restricted bands, they rely on detecting an active channel so if a channel is used infrequently you still have the possibility of interference

And this is ignoring any issues with software quality from manufacturers.

1
0

Apple muscles in on biz world AGAIN – this time with Cisco pact

theblackhand

Re: Now this is interesting...

I'm not sure there is any Net Neutrality argument where the manufacturer of network equipment is the cause of the throttling - I believe the two arguments are either it is done via ISP policy (and the network equipment configuration that results from that policy) or bandwidth limitations on interconnects (either via policy based on peering agreements or financiallimitations of not paying for more ports/lines/bandwidth).

1
0

Prepare to be Thunderstruck: What if 'deuszu' ISN'T the Ashley Madison hacker?

theblackhand

The $500,000 reward...

Is it an actual $500,000 reward or is it $20 for the reward and $480,000 notes that could be a reward if they ever come back to ALM?

4
0

Canned laughter for Canadians selling cans of air at $15 a pop

theblackhand

Re: in the Sixties

I tried this in the 90's with NZ air.

I think I got my branding all wrong when I called it "Placebo"....

1
0

Intel keeps droning on, as PC sales continue to tumble

theblackhand

Drones?

These are not the terrible PC sales you should be looking at

* waves latest niche product at manufacturers to make them believe sales will increase real soon *

2
0

The Raspberry Pi is succeeding in ways its makers almost imagined

theblackhand

Re: Programming magazines

You missed the best part of monthly programming magazines - the misprints/errors/missing lines where you tried to debug what was wrong and failed and waited until the next months issue for the fix.

The good old days of copying a non-functional program to tape, removing the DFS ROM from a model B to free up additional memory and then re-running the program to get useful error messages...

1
0
theblackhand

Re: Log in

Throw away Hotmail too much effort?

Try https://10minutemail.net/ or https://www.guerrillamail.com/

2
0

Prof Hawking cracks riddle of black holes – which may be portals to other universes

theblackhand

Re: down voting

The down votes are from Ashley Madison's PR people trying to clean up their image....

AM are now looking to provide the next generation of directory enquiries....

1
0

IBM tries to dodge $1bn sueball for deal won with 'ethical transgressions'

theblackhand

Re: How do you do this?

South Park produced an excellent documentary about the F35 design process in the episode "An Elephant Makes Love to a Pig" (https://en.wikipedia.org/wiki/An_Elephant_Makes_Love_to_a_Pig)

I'm sure YouTube will have the episode if you need to watch it....

0
0

Net neutrality: How to spot an arts graduate in a tech debate

theblackhand

Re: Google

Google does have a significant investment in this game - they are rumoured to have a larger existing network than any of the other US providers and contribute around 50% of total Internet traffic (i.e. YouTube), but they have a relatively small number of users for their ISP business relative to the big players.

A costly regulatory fix hurts their potential competitors if they are looking to expand their ISP business.

2
1
theblackhand

Re: some protective googles

It is possible to have more bandwidth the the consumers can use, but it generally begins to fall down when:

- you start adding more boxes and eventually reach a point where there will be bottlenecks once vendor slot or port limits are hit

- you start adding latency

- you start adding costs

- you start adding third parties (and their design choices) to reach the destinations you desire

We have had (and still have) networks that deliver the bandwidth they promise, they just happen to be significantly more expensive and most people don't want to pay for the extra "quality". i.e BT Infinity 1 costs £27.99/month versus a 10Mbps Internet link in London costing around £500/month (rising to around £850/month for 40Mbps). This may not guarantee you the bandwidth to the destination you want, but working with your ISP (or changing ISP) may allow you to remedy that for more money....

I realise this isn't a perfect example (i.e. different providers charge differing amounts for differing levels of service - i.e. Cogent/Sprint vs AT&T/Verizon in the US) but it's a significant step up from treating the Internet as a single Ethernet switch.

2
3

NSPCC: Two nonces nailed by cops every day

theblackhand

Re: 50 days in a year?

I suddenly feel much older....

1
0

Here's why Whittingdale kicked a subscription BBC into the future

theblackhand

Re: "Other countries are bounding ahead"

My understanding from the article was that:

- the government would provide funding for services that benefited the whole of the country (examples given of news and children's TV but not necessarily limited to that)

- further services would then need to be provided by a subscription service

- the current DVB-T hardware does not have uniform hardware support for hardware necessary to support a subscription model

- DVB-T2/HEVC is a EU standard and moving to this would allow the introduction of hardware to support subscriptions as a standard in addition to supporting 4K

Personally I believe the BBC needs to change and has needed to for some time - not so much through the current, apparent political conflict but more due to the changing nature of their audience and competing services.

Younger audiences (16-24) watch significantly less TV content than older audiences across all UK channels and have been for some time as this is beginning to affect the older demographics as well (i.e. 25-34).

Combined with BT/Sky's competition of new series and sporting events, the BBC stands to become left behind unless the change how they deliver and charge for their content.

1
0

RC4 crypto: Get RID of it already, say boffins

theblackhand

Quick overview of WLAN security options

So, we now have the following WLAN protocols that are unsuitable for WLAN connectivity where there is an expectation of security:

Open

WEP PSK

WEP Enterprise

WPA with TKIP and PSK

Suitable for restricting access to a WLAN network and making decrypting captured information difficult in less than one month (maybe longer):

WPA with TKIP Enterprise

WPA with AES and PSK

WPA2 (includes AES and CCMP) PSK

Secure to the extent WLAN allows (assuming sensible key lifetimes):

WPA with AES Enterprise - should still be OK, should strongly consider migrating to WPA2

WPA2 (includes AES and CCMP) Enterprise

0
0

Page:

Forums