* Posts by Roland6

1596 posts • joined 23 Apr 2010

Make room, Wi-Fi, Qualcomm wants to run LTE on your 5GHz band

Roland6
Bronze badge

Stealth takeover of the spectrum by 4G/LTE ?

This announcement is made against the backdrop of two significant statements of intent by the LTE vendor/operator community:

1. The use of LTE to create fermocell's and replace WiFi.

2. The demand for more spectrum and specifically the spectrum currently being used by terrestrial broadcast TV.

So whilst there is nothing actually stopping the used of the unlicensed 5GHz bands for LTE, I do question what is the long-term game plan here - particularly as unlicensed spectrum doesn't earn any licensing revenue...

Perhaps the regulator, in a far-sighted move, should make the spectrum released from shuffling the TV channels around unlicensed...

0
0

Lenovo: We SWEAR we're done with bloatware, adware and scumware

Roland6
Bronze badge

Re: So Lenovo doesn't want to sell in the indeterminate future? @Fenton

I think Lenovo in trying to communicate clearly have put your finger on the problem.

It is only with a new factory image that doesn't exist in the channel today, namely the Windows 10 release, can Lenovo be absolutely sure that customers can confidently purchase a Lenovo consumer grade laptop without concern. I expect this will also apply if you purchase a Windows 10 laptop downgraded to 7/8.

Also I suspect given the inventory issues around the Win8 launch, Lenovo have one eye on the launch of Win10.

Obviously, if you are buying today and want to avoid the 'bloat' then do as I've done for years and buy from the business ranges.

0
0
Roland6
Bronze badge

Re: Ingredients

This laptop contains 56% zeros, 44% ones.

An interesting, but potentially purely academic point would be to analysis the typical HDD and determine the exact proportion of zero's and one's (assuming free space is zero'd).

1
0
Roland6
Bronze badge

Re: Too Late....

And which vendors are you considering that actually manufacturer their own hardware to the same standard as the Thinkpad T-series? Which I suspect would be the range your higher up would of pushed for, albeit most probably on the advice of his IBM contact.

2
1

Net neutrality victory: FCC approves 'open internet' rules in 3-2 vote

Roland6
Bronze badge

Re: "FCC's 'Throwback Thursday' move imposes 1930s Rules on the Internet"

This actually opens up a very interesting viewpoint: In 1930's telephony terms all the 'Internet' is, is one vast conference call, where we've all agreed to speak using the TCP/IP protocol suite, which as we know is an open standard!

Hence there is nothing (other than needing very very deep pockets and a lot of nerve) preventing the forking of the Internet and the establishment of a new "Internet" free from the constraints of net neutrality... It is one way around the IPv4-IPv6 migration issue that is bedevilling "the Internet"...

0
0

Net neutrality secrecy: No one knows what the FCC approved (BUT Google has a good idea)

Roland6
Bronze badge

Re: Fuck you Tom Wheel'man re: TTIP

Interesting comparison with TTIP.

What is interesting about this comparison is that we (in the EU) at least did get to see a leaked draft that set the ball in motion to force the EU to be a little (and only a little) more open about TTIP. However, it would seem that there has been no leaks of drafts. So does this mean that the commissioners only got to see paper copies at tightly controlled meetings with no access to photocopier/fax machines?

So I can only conclude that those who voted against adoption, were only half-hearted in their protests.

0
0

SSL-busting adware: US cyber-plod open fire on Comodo's PrivDog

Roland6
Bronze badge

Re: Don't content writers usually get a share of the ad revenue?

Given that many websites currently detect AdBlock, I presume that it will soon be just a matter of time before many more websites will detect (and flag) the use of Ad/content replacement/substitution tools. Certainly where a site earns revenue from the Ad's served I would be looking into this as a revenue protection issue.

0
0

I'm the wire starter: ARM, IBM tout plug 'n' play Internet of Stuff kit

Roland6
Bronze badge

Re: Potentiometer + cloud

>Yes all those cloud devices can do those things.

I hadn't even got that far, I was still working out the provisioning and registration of all these devices as they will all need to be individually identified and registered on to my management cloud. With the mbed IBM automatically register the device on their BlueMIX cloud, but the user has to use the USB connection to obtain the device id so that they can 'claim' the device in the cloud.

Also playing around with the changing a lightbulb scenario, IoT makes this much much more involved. Having just had both of my cars serviced I know the real difference 'chipped' parts make to a job. One car a new set of spark plugs was needed - £8 each, a spanner is the only tool required and job can be performed on the drive. The other a set of 'chipped' injectors that also need to be registered with the engine management system, here the injectors were £130+ each and the job had to be done by a local garage... But IoT will add another complexity, devices will most probably be pre-registered to different management clouds, just as the majority of mobile phones are today and hence will need to be ported to my cloud...

Once the devices are actually in my cloud I can begin to worry about management...

0
0
Roland6
Bronze badge
Happy

But how do I connect it to a lightbulb?

Why would you want to connect it to anything soo low tech and soo yesterday?

The kit does have voltage out connections, so you should be able to simply plug in a couple of LED's and you've got a little light! Want to illuminate a room, then make a 'feature' of you IoT by simply adding another few dozen kits and attach to ceiling etc.

0
0

Lenovo to customers: We only just found out about this Superfish vuln – remove it NOW

Roland6
Bronze badge

Re: Avast anti-virus

If you run any security software that does any meaningful packet inspection, it is doing something similar to what SuperFish/Komodia are doing with respect to certificate handling. However, the big difference (we hope and assume) is that instead of using the same static password and certificate in all installs they create an installation specific password and certificate.

So whilst my security software can perform a MITM attack on me, because it uses a password and certificate that is unique to my system, it is very difficult for a third-party to piggyback on to my security software's 'trusted' intercept.

I suspect this (the use of MITM services for security purposes) is one of the reasons why many may have not looked too closely at the Superfish/Komodia implementation and hence missed the simple duplication of a static certificate. Also who would look closely at software produced by companies lead by individuals with strong security backgrounds for security flaws? and would their senior management believe them if they had found a flaw?

2
0
Roland6
Bronze badge

Re: cert advisory re Komodia: Maxthon

What I'm a little surprised about is how quiet the Maxthon crowd are: their browser fails both of the Superfish certificate tests, potentially due poor design...

1
0
Roland6
Bronze badge

Re: Lenovo All-in-Ones

This advisory from Lenovo provides an (official?) listing of notebook ranges and models: http://support.lenovo.com/us/en/product_security/superfish

It seems to be the source of the ARS list.

1
0
Roland6
Bronze badge

Re: Lenovo All-in-Ones

This article has a list of the models that had superfish installed: http://arstechnica.com/security/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/

Seems they are all consumer ranges - but then I only buy the M, T and W series.

However, from the comments being made across the web, it seems that Lenovo , as the first to fall foul of a security vulnerability introduced by a third-party bundled app., have unsettled some business purchaser's. A warning that other's (eg. Dell, HP etc.) should take note of...

2
0
Roland6
Bronze badge

Re: Total destruction of security

@Nigel 11 - would of up voted, but you final sentence about SSL indicated that you don't understand that this isn't an SSL issue, it is a certificate handing and trust issue, which undermines much of the PKI security we've taken for granted.

4
1
Roland6
Bronze badge

Re: cert advisory re Komodia

This blog: https://gist.github.com/Wack0/17c56b77a90073be81d3 lists a few more parential control users of Komodia...

What is notable at the moment is that no similar self-signed CA certificates have been discovered. However, because closing the door on self-signed certificates, is going to be practically impossible, we can expect this attack vector to be used in the future...

2
0

Why IP telephony is about more than just saving money

Roland6
Bronze badge

>"I should have been more proactive and said: “Forget what you have now and don't worry about what might or might not be possible. Tell me what you'd really like the new system to do.” "

Yes you should have been more proactive, however asking users what they want the new system to do is not a very good question, as users (like most people) will still focus on their experience with today's technology. However, asking them about how they work and what they would like to do different gives far more interesting and revealing answers. Remember, as a technology consultant/advisor, you are the person who knows what technology can do: off-the-shelf, with a little clever tailoring, a lot of bespoking, and what's still in the future.

0
0

Linux clockpocalypse in 2038 is looming and there's no 'serious plan'

Roland6
Bronze badge

> Specifically, that's going to happen at exactly 03:14:07 GMT on January 19, 2038.

Also being picky, that is local system time, which isn't necessarily the same as world atomic clock time..

0
0

Man the HARPOONS: YOU can EASILY SLAY ad-scumware Superfish

Roland6
Bronze badge

Komodia-powered Parental Control software

So we now know how some parental control software works, but what about the rest, for example the parental controls in Norton Family, to name one of several?

0
0

Inside GOV.UK: 'CHAOS' and 'NIGHTMARE' as trendy Cabinet Office wrecked govt websites

Roland6
Bronze badge
Happy

Re: Sympathy for the devil

>Was the agile-developed site useful to you?

Don't know about the patient - they are either dead or made a full recovery without involving a doctor or hospital. But yes the site was useful; it helped to keep waiting lists down so that others could use the NHS!

0
0
Roland6
Bronze badge

Re: Interesting counterpoint to all the koolaid

"It's a shame really as I think the original idea, to bring all this stuff together in one place, with one system, is still fundamentally sound"

Depends upon what you mean by "together in one place"; Google (and other search engines do a very good job of bringing the disparate websites that form the Internet together in one place. I think GDS lost the plot when it thought it's job was more than simply acting as a common unifying portal to all the disparate gov.uk websites.

0
0
Roland6
Bronze badge

Re: Good grief.

>why did they not find out what the systems were for and who used them.

Yes, as observed in the article "knowing who uses a system and why is a basic of requirements analysis." However, this is forgetting that we are talking about trendy web developers, so everything is "Agile", so don't need to do a full requirements analysis, just do a little so you can implement the core of one use case, because you can do some more analysis on the next iteration...

There is a time and place for Agile approaches, the real art is knowing when...

0
0

Superfish: Lenovo ditches adware, but that doesn't fix SSL megavuln – researcher

Roland6
Bronze badge

Re: MS removal instructions don't work

> I had to go into certmgr.msc to delete it.

Yes, and yet another example of the p*ss poor UI work MS have done on both Win7 and Win8!

Use the 'search' box that the Win8 fans go on and on about and enter the word 'certificate', guess what certmgr.msc is nowhere to be seen...

3
1

Lenovo shipped lappies with man-in-the-middle ad/mal/bloatware

Roland6
Bronze badge

Re: Very effective program

>Yesterday I was reading this review of a Lenovo with an interest in buying. Not any more.

But just thing, tomorrow it will be on sale - because of a dip in sales due to this security breech, and thanks to El Reg you have been informed of how to deal with this problem. so that X1 could be an even better buy...

1
0

Alca-Lu cooks up 400 Gbps router interconnect

Roland6
Bronze badge

Across? don't you mean around, so as to provide link redundancy between two servers in adjacent racks...

0
0

First HSBC, now the ENTIRE PUBLIC SECTOR dodges tax

Roland6
Bronze badge

Re: Two things @veti

The money is all accounted for; as the article makes clear it is just HMRC not agreeing with the decisions the Accountants in the individual departments made about VAT liabilities.

Fraud? not really, just an accounting error that will result in a VAT payment adjustment, unless HMRC have found evidence of a clear intention to make false VAT declarations...

Obviously, depending upon the state of a Department's account, we may see them either making cuts or asking the Treasury for additional budget - largely equal to the amount of VAT they are having to now pay.

1
0
Roland6
Bronze badge

Re: Two things @Chris Miller

point 1.

Whilst with respect to VAT this would appear to be an internal transfer, the net effect is that a department has increased it's spendable budget!

So for example my department negotiates a budget of £100M, by reclaiming VAT on all my purchases I can potentially increase my effective budget to circa £120M. This slight of hand only becomes visible when the government thinks it should have £20M left in the pot to spend on a pet project or buying votes and discovers the pot to be empty...

1
0

Home Office wins appeal against £224m e-Borders payout

Roland6
Bronze badge

Re: TTIP

In this case TTIP would of most probably meant the UK government couldn't legally challenge the decision of the confidential arbitration process...

3
0

Are you ready to ditch the switchboard and move to IP telephony?

Roland6
Bronze badge

Switchboard and IP Telephony serve different but related functions!

The switchboard serves a very useful purpose: the intelligent filtering and routing of calls through voice interaction! It enables a business to publish a single contact number and have people call in and then be rerouted to a physical extension. Similarly, outbound calls can be redirected to "the switchboard" when they satisfy some filter eg. calling a premium rate number.

It doesn't really matter whether those calls are routed over proven voice protocols or IP protocols (that have only in relatively recent years delivered services over IP that are broadly equivalent to late 1980's telco protocols), a business still has to provide a switchboard function in some form. Also it is probably a given that it will need to be 'proprietary' because you don't really want to worry about whether the PABX is running on Windows 2003 or whatever.

0
0

£100 MILLION poured down drain on failed UK.gov IT projects - in just ONE YEAR

Roland6
Bronze badge

re: This would be the same report that claims...

Does it also claim that the UK Flu vaccine for last autumn was also 'wasted' spend, since it didn't actually protect against the strain of flu that is doing the rounds?

1
0
Roland6
Bronze badge

Re: Better than expected

>Wherever you're employed clearly considers that a success. *ANY* waste is not considered "OK" in any sane business.

In a business it would be written off as either R&D or "training" and offset against tax...

4
0

Got $600 for every Win Server 2003 box you're running? Uh-oh

Roland6
Bronze badge

Re: Over a barrel.

>A nice little earner for Microsoft.

Well it's going to be a nice little earner for someone: Upgrade and it seems you've got yourself a CRM and/or ERP migration project £££££ or simply pay MS less than one day of consultancy per year per server...

1
0

BLAME ENGINEERS: Workstation sales soar by 8.9 per cent a year

Roland6
Bronze badge

Re: What is a workstation indeed?

I would agree with the question. However, in the mobile workstation niche, I would include the portable All-in-one's, albeit the Dell XPS-18 with an i7 and 8GB RAM and SSD is only an "entry level" workstation, but it can run Hyper-V and a few VM's; shame about connectivity and limited disk but lots of screen real estate...

We've recently configured up a mobile workstation (based on a Dell Alienware machine) for a developer colleague and were a little surprised to find just how few vendors now make mobile workstations . ie. anything with a screen larger than ~15" and decent resolution etc..

0
0

Hacker kicks one bit XP to 10 Windows scroll goal

Roland6
Bronze badge

Re: RSX11M @AC

You got the reference :)

Yes it is rather odd that given the noise about Canadian nuclear plants a few years back and the interest it raised, that the mystery hasn't been resolved. and as you note XX2247 are still keeping a very low profile.

1
0
Roland6
Bronze badge

Re: Backwards compatibility

>VMS on x86-64? Stay tuned. HP finally woke up and handed the future development of VMS to a company with a clue.

I wonder if they will also see the light over PDP-11 and RSX-11M ...

0
0
Roland6
Bronze badge

Re: Backwards compatibility

What Windows changed was to minimize the switch from kernel space code to user space code made inside the GUI APIs because those switch are "expensive"

Yes a major irritation with the i286 and to a lesser extent the i386 was the cost of using the features that supported memory protection, task isolation and OS functionality. By 'cost' I mean not only CPU clock cycles (an important consideration given the 286 ran at 10MHz) but also in OS design terms where the instruction set effectively straitjacketed you into creating something not too dissimilar to iRMX-286 (there are pro's and con's with respect to this, in our case it was a con as it prevented us getting the real-time performance we needed).

I think given the orders of magnitude performance difference between the i286 and current intel CPU's, perhaps now is time for MS to effectively put all of legacy Windows development into a VM/container - like it did with XP on Win7 and design a new version of Windows from the bottom up based on Intel RMX and INtime technologies... I think this would also help get rid of many of the stack/buffer overflow issues that bedevil all current versions of Windows. The only problem is that the core OS would need to be written in ASM...

7
0

World's mega-rich tax dodge exposed: Meet the HSBC IT bloke at the heart of damning leak

Roland6
Bronze badge

Re: Politcally created issue

@Mad Max

Yes there is much about HMRC that is 'different' to other organisations. In some respects all the new law concerning tax avoidance is bring HMRC's take on the matter into line with it's general position on tax demands; namely, under UK law HMRC doesn't need to be reasonable, the onus is on you to demonstrate that their demands are wholly unreasonable (not just unreasonable!). So as you say "unless you can prove the instrument exists for reasons other than tax avoidance, it is illegal".

0
0
Roland6
Bronze badge

Re: "Although there are numerous legitimate reasons to have a Swiss bank account"

A second is that you wish to get paid!

Sometimes in international business it is easier to get monies paid into a non-UK/US account than it is to have monies paid into a UK account. It is probably due in part to the Swiss banking reputation. So you, a UK company, can get paid for delivering an air traffic control system for example, without there being a 'public' audit trail to indicate who actually paid and from which of their many bank accounts...

0
0
Roland6
Bronze badge

Re: Politcally created issue

>Now, the coalition has implemented legislation that says anything implemented with the sole intention of avoiding tax (note the word avoid), actually becomes tax evasion ...

Not sure if this really has changed things that much. For decades many financial investment products have been sold with a caveat concerning HMRC approval. Remember the infamous scheme Jimmy Carr, Gary Barlow et al used, was initially approved by HMRC, but had it's approval retrospectively removed due to the way it was actually operating. Interestingly, this is something (ie. HMRC withdrawing their approval) that can also happen to Pensions, ISA's, Endowment's and other mainstream tax avoidance products that HMRC approve - I know having had several investments do exactly this over the decades.

Also the new law doesn't alter the legality of the infamous scheme referred to, because the papers defining the scheme satisfy HMRC's guidance. HMRC will continue to give such schemes provisional approval and watch to confirm that the scheme actually does what it says it will do, in this case invest in film production and generate returns based on this activity. Hence it can be some years before you know whether that high-growth ISA/EIS/Pension etc. investment you made did actually satisfy HMRC or not.

What the law does do is permit HMRC to more easily reject arrangements and schemes that, whilst using legal constructs, are obviously only intended to avoid UK tax.

1
0

Hear that sound? It's the Windows XP PC bubble popping

Roland6
Bronze badge

Re: So does this mean

>Looking at my slightly ageing PC

Well if you are up to it, my recommendation is look at the price of SSD's, which have come down a lot in price and gone up in capacity etc. Simply taking an image of your existing HDD using tools such as Macrium Reflect Free and putting it onto an SSD will breathe new life into your system, and leave money for taking the family on holiday. Champers on ice or a holiday? don't really need to engage brain...

1
0
Roland6
Bronze badge
Happy

Re: Let's look at it technically

Broken OS? soon fix that with a little bit of lipstick...

Aside: before people jump up and down about all the security enhancements etc etc, just remember the latest domain exploit affects all currently shipping versions of Windows and versions back to at least WS2k3 and probably also NT3.51... So all that added security is some respects just lipstick on NT...

2
0
Roland6
Bronze badge

Re: Huh?

@Mike Dimmick

I think you've just confirmed that for the majority of users, there is no 'support', even for that PC you've just purchased from PC World running Win8. What 'support' you are getting is MS's website and updates (security fixes and features that MS considers to be important) via WUP. So BongoJoe is right, we can knock this 'lack of support' fable on it's head.

But then much of what we use everyday in our homes is out of support - or do you get a new washing machine every year just because the old one has gone out of support? hence to many people using stuff that is "out-of-support" is life as usual...

3
1

REVEALED: TEN MEEELLION pinched passwords and usernames

Roland6
Bronze badge

Re: Increase the noise ?

re: "Correct horse battery staple"

I would be surprised if this specific password isn't in password cracking dictionary's, so yes if you were to use this specific password then you have been warned. However, if you understand the concepts this memorable shorthand convey's and apply these, it is highly unlikely that your passwords will be vulnerable to a phrased dictionary attack.

But then as the sources of these leaked passwords attest to, the problem isn't so much due to users having weak passwords, but website owners not properly protecting the login and password details of their registered users...

4
0

You MUST supply dying customers even if they're in administration, thunders UK.gov

Roland6
Bronze badge

Sensible requirement but crippled due to the usual government hand washing

With more business IT functions being delivered via the cloud ie. from third-parties, this is an obvious and necessary update and clarification.

We've had the recent experience of a hosting company going into administration (remember 2e2?) and the impact that had on its customer's businesses. It is a small logical step to consider the impact on a business of the loss of it's IT at a critical time and Administration is such a critical time. I expect many IP's actually lobbied for these provisions, given how many businesses are signing up to online accounting services; I mean how can you go through the books if the online accounting provider (eg. Sage, FreeAgent, etc.) blocks access to the account due to non-payment of monthly subscription?

However, I do agree with many of the arguments against these government measures, because as usual the government has laid a requirement on business with cost implications and washed its hands of any involvement by not providing any form of compensation for the likely financial shortfall.

3
0

Telstra's rivals eye point-to-point frequencies for country mobile

Roland6
Bronze badge

Clearly proposal has not been thought through

Reading the document, it seems little real consideration has been given to the existing uses to which the 1800 MHz spectrum is put - I found a single handwaving sentence about possible use of a few other spectrum bands. Which is rather odd given that point-to-point microwave links is probably going to be the best way of creating a performant backhaul network for all those rural 4G cells...

I do get the impression that the UK 3G spectrum auction, has clouded spectrum licensing authorities thinking, seeing huge pound/dollar signs whenever the mobile networks ask for more spectrum...

0
0

Samsung: Our TVs? SPYING on you? HA HA! Whee! Just a JOKE of course

Roland6
Bronze badge

Re: same sh*t, different company

>I'm surprised Samsung gets singled out here.

Probably because they are the first provider to truely be honest about their voice system. Remember IBM had fun poked at it for advising staff not to use Siri for business, for exactly the same reasons as Samsung are warning users about. If you interact with a voice recognition system, you can expect, just like your conversations with call centre's, for your conversation/utterances to be recorded and possibly used for service improvement purposes, which may involve other humans actually listening to the tapes and/or reading the transcripts.

7
4

EE 'best' of the UK mobile network bunch, but how good is that?

Roland6
Bronze badge

Re: I can say... It depends on where the measurements were made

I have an EE phone and a Three phone next to each other: In the kitchen/graden I get the best reception on EE. Move from the kitchen to the lounge or stand on the front door step and Three wins. Useful to know when you want to 'politely' terminate a call...

0
0

Crap mobile coverage costs UK biz £30m a week, reckons survey

Roland6
Bronze badge

Business, femtocell offerings have been available (in the UK) for a number of years, only not from the major high street operators. Interestingly, I suspect this is an area that BT will exploit once the takeover of EE is approved.

But then given the average office is these days flooded with WiFi there is mileage in letting in-office comm's use the WiFi and be routed differently on exit from the building, but this doesn't play well with those who wish to see wall-to-wall LTE.

0
0

Ofcom can prise my telly spectrum from my COLD, DEAD... er, aerial

Roland6
Bronze badge

Re: "Broadcast is efficient"

>DTT and its extensive, expensive network of transmitters needs to fade away to leave room for more modern content delivery methods.

And the much larger network of micro cells needed to deliver high bandwidth 4G services (ie. HD TV) to the same population isn't going to be expensive... If anything it will be much more expensive - you only need to look at the costs for BDUK and compare them to the costs of running the UK's TV transmitter network...

2
1

Still using Adobe Flash? Oh well, get updating: 15 hijack flaws patched

Roland6
Bronze badge

>For crying out loud just install Secunia PSI

PSI has not been without it's own problems over the years, there were many problems with the 3.n release both in terms of UI and reliability - it often seems to hang when loading as it tries to connect to Seconia's servers, hence many still regard the 2.n release as superior.

But it is one of the tools I install as standard (although I don't enable auto update), because it gives a clear indication of the overall security status of many of the packages typically installed.

One of it's big plus's is that it discovers multiple and 'hidden' installs. So with respect to Flash (although the same could be said about Java) in the past it has notified me that whilst I've updated Flash (x86) I've not updated the 64-bit version. Likewise some application has included it's own personal version of Flash, which naturally won't get updated via the normal mechanisms.

So yes if security of your system is important installing PSI is a no brainer.

If being functionally uptodate is important then I would recommend tools such as FileHippo's Updater.

1
1

'Tech' City hasn't got proper broadband and it's like BT doesn't CARE

Roland6
Bronze badge

Re: The whole point - encourage new businesses

"Thing is, the whole point of providing cheap, fast internet is to allow small businesses to start up and grow."

That is easily achieved by the owners of a TechHub, contracting for business grade circuits and then offering access to tenants - it's just another office service, companies such as Regus know all about this.

"I know in some areas you can get 100Mbps symmetric leased lines for, what, £4k pa, but those costs are very variable."

Not had to get involved in the details for a while, but from memory the price of a leased line is based on an initial premium plus some variable amount determined by line length.

3
0

Forums