Feeds

* Posts by Ken Hagan

4373 posts • joined 14 Jun 2007

'Snoopers' Charter IS DEAD', Lib Dems claim as party waves through IP address-matching

Ken Hagan
Gold badge

Re: Static addresses

I think just about every ISP gives you the option of a static IP and in a few years time large numbers of people will be using IPv6 as their principal connection and so have a "static" IP without even asking.

It is interesting that both of these are currently seen as "up-market" options for geeks. Apparently Mrs May wishes to be able to track Joe Public with the same ease as she can currently track the geeks. (And yes, I'm aware that she vprobably can't track the geeks as well as she thinks she can.)

It is also interesting that no-one has ever queried the privacy implications of (nearly) everyone having "static" telephone numbers or postal addresses. Perhaps we should be careful which battles we choose to fight. This one looks like we could let it pass. Requests for deep packet inspection or "long-term storage of everything you send" look like more important battles to win.

0
0

BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?

Ken Hagan
Gold badge
Pint

Re: they "save" money

Sounds like the IT department needs to bill the procurement department for the difference in running costs.

The IT department getting hammered sounds OK, though.

1
0

Webcam hacker pervs in MASS HOME INVASION

Ken Hagan
Gold badge

Re: Hmm.

"Ivory tower bullshit that is completely out of touch with reality."

So what are they going to do instead?

Option 1: Vendors will design routers with a big off-switch on the firewall so that every device on the LAN side is directly addressable. Result: said vendors' customers are totally raped and burned within minutes of switching the device on and the vendors, along with any ISP daft enough to foist such crud on Joe User faces lawsuits for apocalyptic levels of negligence.

Option 2: Vendors implement UPnP for IPv6, or its moral equivalent. A daft idea, but no less secure than implementing it for IPv4. In both cases, a device (or malware running on the device) on the LAN side is able to bypass whatever firewalling restrictions are in place without the user's knowledge. In neither case, can an external host force its way in without help from the LAN side.

Option 3: What I said.

2
1
Ken Hagan
Gold badge

Re: Default passords

I don't think "hard to set up" is the problem. It would be pretty easy to rig the camera so that it trusts the first person to connect to it but insists that they set a password before they get any video data. That's going to be simple enough that it will fit on a single side of paper, in big letters, just above a single paragraph that points out the wisdom of making sure that everyone else cannot use the camera as easily as you can.

For the terminally dumb, there is probably also space on this piece of paper to draw a picture of a foreign-and-pervy-looking bloke spying on the lady of the house padding about the house in her undies.

Get it right and you'll get *positive* reviews on Amazon.

0
0
Ken Hagan
Gold badge

Re: Hmm.

"IPv6 wishes to solve this for you."

Indeed it does. Under IPv4, devices (and games, and whatever else) need to "punch holes in your router" and so many people simply enable the "let devices punch holes in my router" feature in their router. (Well, probably not. Actually, many people simply do nothing because their ISP pre-configured the router with this "on" in order to reduce its customer support burden.) This, however, lets *any* device punch holes, not just the one or two that you wanted.

Under IPv6, there's no need for such a feature to exist in your router, so people will get into the habit of using the router's firewall configuration instead and that ought to result in exceptions being made on a case-by-case basis.

2
6

Mozilla, EFF, Cisco back free-as-in-FREE-BEER SSL cert authority

Ken Hagan
Gold badge

Re: Do I understand this?

"It costs money, but not that much money,"

So the free-as-in-beer part of the article's claim isn't true?

If it costs nothing to get the certificate, the certificate should be treated by browsers as worth no more than a self-signed one. After all, a bad guy mis-using that certificate has nothing to lose.

1
0
Ken Hagan
Gold badge

Re: Do I understand this?

They always could. This is basically a self-signed certificate. Browsers that warn about self-signed certificates will warn about these ones, too. (Won't they?) I don't personally understand the point of the proposed service, unless they think that generating a self-signed certificate is currently "too complicated" and needs to be reduced to some button pushing on a web-site.

2
9
Ken Hagan
Gold badge

Re: A major obstacle to encrypting everything

So the killer application for IPv6 is "keepng the spooks at bay".

Excellent. Yet another reason to seek out 21st century ISPs rather than bottom-feeders.

7
1

YOU are the threat: True confessions of real-life sysadmins

Ken Hagan
Gold badge

Everyone has a price?

I assume that *all* sysadmins are familiar with this dictum, but let's think about it. What should that price be? Obviously you won't work again, so the cash needs to be equal to the rest-of-life earnings. Obviously it needs to be paid in such a way that the authorities can't stop you enjoying it. Obviously, it also needs to include some compensation for the lost years in jail.

So those three conditions together are the break even point in your cost/benefit analysis. And someone was willing to say in public that they'd jump for it? Huh! I'd sack them just for being so stupidly cheap.

0
0
Ken Hagan
Gold badge

"a formal HR process that is tested"

So have a few "practice sackings" then, repeated every so often and with role reversals so that everyone can play both sides? Sounds like it could be fun.

1
0

EVERYTHING needs crypto says Internet Architecture Board

Ken Hagan
Gold badge
Thumb Up

Re: What I'd like to see is IPsec with opportunistic encryption, ...

That (RFC4322) isn't something I'm familiar with but if it can deliver on the promises in its abstract then I'd say it is possibly the most important thing vendors should be working on right now. Awesome!

0
0

Mastercard and Visa to ERADICATE password authentication

Ken Hagan
Gold badge

Re: Great...

Nick, since you appear to living in my house (if not my body, which my wife thinks is rather rude), can I suggest that you place the phone underneath the radiator in the back bedroom rather than by the window? For some reason it makes a difference.

0
0

NHS XP patch scratch leaves patient records wide open to HACKERS

Ken Hagan
Gold badge

Re: 16-bit software

If we're talking about 16-bit software, but insisting that they are a migration headache, we're talking about a 16-bit *app* that nevertheless has been coded in such a way that it must run on a Server edition of Windows (since 32-bit Client editions certainly still exist).

So I think I'm still curious. WTF are these hideous crocks?

0
0
Ken Hagan
Gold badge

"a lot of the software running on them isn't compatible with 64-bit Windows"

I'm intrigued. Apart from the obvious but unlikely method of retrieving the Windows version string and copping out if you see the word "server", how does one go about writing 32-bit software that doesn't run on a 64-bit server platform's 32-bit layer. I don't think I've ever bumped into a program that didn't, so even if it possible I still doubt whether it is common.

And a follow-up question: With regard to all of the *technical* problems ... nearly all of the same problems must have been faced by all of the large enterprises that were using XP/2k3 ten years ago and which have since managed to migrate. So how did they do it? Is the NHS facing a qualitatively different challenge from big business, or are we just facing a severe case of "I only started thinking about it last year."?

1
0
Ken Hagan
Gold badge

Re: secure, portable patient records

USB sticks? Really?

Look at it from a doctor's point of view. You are about to recomend a course of action that might seriously harm some patients, but because you can trust the medical records you know that this patient will seriously benefit. Now let those records be the responsibility of the patient.

Look at it from an insurance company's point of view. How long would it be before we saw programs to let patients "correct mistakes" in their medical records.

No. I'm afraid centralisation makes a lot of sense for medical records. It just needs to be done securely. Sadly, most governments seem to look at our medical records as a cost that hasn't yet been recouped by flogging them onto to all and sundry, and maintaining our privacy as merely a way to preserve the value of those records prior to the sell off.

1
0
Ken Hagan
Gold badge

Re: And

Do you suppose those machines (in public areas) had an internet connection, or that the logged in user had administrative rights, or that there were exposed USB sockets still configured to autorun? Are you sure they weren't the embedded edition or the server edition?

1
0
Ken Hagan
Gold badge

Re: It all depends

"It's already paid for."

Do you mean that the Cabinet Office has already paid the money (out of their own budget) and is merely looking for as many NHS Trusts as possible to "sign up" and thereby transfer that cost from the CO to the Trusts, thereby saving the CO officials the problem of explaining why they spent the cash?

That would certainly put an interesting spin on their "sky is falling" rhetoric.

1
0

Judge: Terror bomb victims CAN'T seize Iran's domain name as compensation

Ken Hagan
Gold badge

A pity

It would have been better if the court had decided that they could seize the domain. I think that would have led quite quickly to a fairly conclusive demonstration that the US doesn't control DNS. Such a demonstration would have been quite helpful for the seemingly unending debate over internet governance.

(For those who remain clueless: If some US-based entity started pushing out new DNS records for *.ir, how long do you think it would take for those in Russia, China and Europe to decide that this was a global-scale attack on the integrity of the DNS system and the best cure is to simply ignore DNS updates coming out of the US?)

13
4

Philae healthier... beams CHEESE: Proud ESA shows off FIRST COMET SURFACE PIC

Ken Hagan
Gold badge

Re: You should have linked the hi-res

"It's a lump of coal on a black sheet I tell ye!"

I don't care. It's still my new desktop background.

0
0

Doctor Who trashing the TARDIS, Clara alone, useless UNIT – Death in Heaven

Ken Hagan
Gold badge

Re: My 12 year old daughter

"I'll train her to over analyse it for the next series so she can be miserable too."

Brid-Aine's complaint seems to be the arbitrariness of the plot twists and inconsistencies of the characters' behaviour. She's asking for a coherent plot and plausible character development. If you teach your daughter about those, she won't be able to watch this season of Dr Who again, but as compensation she'll be able to appreciate most decent literature and scriptwriting. That would be a good trade-off.

20
3

Firefox decade: Microsoft's IE humbled by a dogged upstart. Native next?

Ken Hagan
Gold badge

I'm not holding my breath

HTML5 may prove to be that elusive cross-platform GUI toolkit that many people have tried to build over the years, but the idea that you'd run everything in JavaScript is no more sensible than the idea that you'd build an entire OS in the JVM.

Technically, there's simply no point. Cross-platform portability just isn't that hard for code that only processes data. Any app that performs device control will need some kind of native glue to the device, but not much (since many devices are just "our protocol over a USB link" or something similar). Most apps will need some sort of file and directory management, but that's just a few hundred lines of OS wrappers for each platform and has been done a million times before. The sockets API is supported on any platform that actually wants a non-zero market share, and through that API (and numerous RFCs and similar standards) you have myriad additional services in a standard form. The rest is your own algorithms.

You might as well choose the best languages for the components you are writing. The whole lot can be trivially cross-compiled to any and every target architecture. Insisting on JavaScript as an intermediate form and relying on each browser's (general-purpose) JIT to optimise your code serves no purpose.

The only domain where this argument falls down is the UI and whilst I might forgive the general public conflating "end-user-visible software" with "all software", it is rather disturbing to hear a CTO make the same mistake.

The GUI is a sticking point for portable software largely because we just didn't agree on how to do it. We had several different approaches that worked (X11, Mac toolbox, MsWin) and various attempts to make each available on other platforms. As APIs, they had strengths and weaknesses, but there was no clear winner. To be honest, we still don't have a clear winner in terms of capability, because HTML5 is a strait-jacket to anyone familiar with a native GUI API, but it offers "adequate for many purposes" in combination with "fully portable" and perhaps that will do.

And in any case, aren't we all going to be re-inventing the whole field of software engineering once we figure out how to make GPUs do anything except embarrasingly parallel number crunching?

17
2

FTC tells 'scan to email' patent troll: Every breath you take, every lie you make, I'll be fining you

Ken Hagan
Gold badge

Re: Bogus

"It may be the law but what idiotic Patent Office granted a Patent on a obvious process."

One that is required by law to issue a patent to anyone who submits the correct paperwork, and to leave any difficult questions like novelty and obviousness to a court.

3
1

ONE FIFTH of Win Server 2003 users to miss support cutoff date

Ken Hagan
Gold badge

Confused

"The types of apps that will pose the biggest problems are custom-built, in-house apps, especially where the authors have moved on, and apps that have been heavily customized. Typically these are data-intensive and mission-critical, like ERP."

"Three quarters of those that do have a migration plan have the cloud in their sights."

I'm struggling to reconcile these two statements. If you are still on 2k3 because of app-compat, how the hell is the cloud going to help? Either you can find a supported OS for those apps or you can't. Running on virtualised hardware isn't going to help.

1
0
Ken Hagan
Gold badge

Re: Incomplete...

" Any non-trivial software will always need tweaking to make it work in the next Windows version"

Even that is overstating things somewhat. The usual reasons for needing to tweak are a dependency on a device driver or some integration with either the Windows shell or something like Office. If you avoid those, nearly all properly written apps written for WinNT will still run on 2k12 or Win8.1.

In fact, *most* commercial software lists a range of Windows versions on the box and if you've truly supported "XP/Vista/7", you've probably got very few portability horrors left in your code.

0
0

Why Comrade Cameron went all Russell Brand on the UK’s mobile networks

Ken Hagan
Gold badge

Re: The country

"Isn't poor mobile coverage one of the natural drawbacks of living in the country ?"

If the country in question is Theresa May's United Kingdom then it certainly will be one of the drawbacks in the near future. The Times is reporting this morning that she's decided that decent mobile coverage aids terrorism and should be stopped for the sake of the children, or something.

It's been a few years since a Home Secretary went native in quite such spectacular fashion. Maybe her head decided it was Guy Fawkes Night and it ought to blow up or something. (I reckon that Norman Baker chappie got out just in time.)

0
0

UK superfast broadband? Not in my backyard – MP

Ken Hagan
Gold badge

Three days at 9600 baud is enough to download a quarter of a gigabyte. So how slow was this connection and how big was the "program"?

Of course, if the "program" was the Win8.1 update, it would take about a month to download at that rate. And you'd only be running Win8.1 at the end of it. That *would* be irritating.

10
0

Russians hear Tim Cook is gay, pull dead Steve Jobs' enormous erection

Ken Hagan
Gold badge

Re: Just maybe...

Why don't you substitute "straight" for "gay" in your post and see how it reads?

I think you'd be hard pushed to prove that gays are more likely than straights to make public displays of their sexuality. They start younger, too. The average secondary school probably sees boy-girl snogs on a daily basis but hardly ever a same-sex kiss.

0
0
Ken Hagan
Gold badge

Re: Cheap dig

"Really? How come we lock up paedos then?"

Because the law, common sense and (after the victim has reached adulthood) actual experience tells us that children cannot give informed consent.

2
1

Improving JavaScript: Google throws AtScript into the mix

Ken Hagan
Gold badge

Wrong on so many levels

Point one: You can't fix an inelegant language by adding features. Just about every widely used programming language ever proves this point. One of the good bits about HTML5 is its attempt to kill off some abusive contructs by saying "OK, the browser has to accept this, but the validator doesn't and it isn't HTML5 unless the validator says so".

Point two: JavaScript already has "types and classes" in the form of duck typing and prototype-based objects. That's actually a powerful language feature for small scale programming. Adding C++-style objects to the language will spoil the system for those who like it and fail to satisfy you because the old stuff will still be there. AND you'll have to produce a detailed specification for how the two systems relate. (Oh joy!)

Point three: If you want a classful language for writing client-side, platform independent web apps, be aware that it will probably never catch on. Java already exists, is well-specified and up until a few years ago it was almost universally deployed. Even with that "head start", it failed to catch on. Why should your new language be different?

1
2

Windows XP market share FELL OFF A CLIFF in October

Ken Hagan
Gold badge

Re: Why Split Windows 8 - misleading

"Because they are different O/S versions and not just a simple service patch."

Not according to Microsoft. Not only is 8.1 a free upgrade, but for support purposes it is treated as a service pack and so 8.0 actually goes out of support in 2016.

0
0
Ken Hagan
Gold badge
Coat

Re: The truth hurts

"Even the reviled Windows 8 market share is orders of magnitude higher than Linux or Mac."

Actually we don't know that. The missing market share (XP's drop minus Win8.1's gain) appears to have ended up classified as "Other". That's probably Android or perhaps "people configuring their browsers not to say". (If the latter, the sudden surge in privacy-conscious users is much to be welcomed. Perhaps the stories around ShellShock and Poodle (or whatever the name is) have reached a wider audience.)

But it could, theoretically, announce the arrival of Linux (or BSD) on the Desktop.

0
0

Bona-fide SCIENCE: Which forms of unusual sex are, um, mainstream?

Ken Hagan
Gold badge

Re: "...an essential step in defining pathologies"

It's worse than sinister. It's bad science. A pathology is a mal-function of some kind and brings with it the whole notion of "not supposed to happen". The phrase "essential step in defining pathology" makes the wholly unjustified leap in assuming that just because something is rare it is wrong and anything common is right.

By that measure, the common cold is not a problem and should be welcomed, not treated, but extraordinarily high IQ is a disease to be treated and (ideally) eliminated from society.

4
0
Ken Hagan
Gold badge

Re: "view the psychology departments of the world primarily as a source of entertainment"

"Psychology is not a science"

Indeed not, since psychology is a domain of knowledge whereas science is a technique that might be applied to a domain of knowledge. You might as well say "London is not a mode of transport". (Is that close enough to a car analogy?)

2
0

Windows 8 or nowt: Consumer Win 7 fans are OUT OF LUCK

Ken Hagan
Gold badge

Re: When I get phone calls...

"You click on the bloody great power Icon on the Metro screen, or right click on the "Start" button and choose shutdown."

Umm, neither of those were in the original 8.0 release. Their inclusion in 8.1 rather proves the point that normal end-users had to wait a year or so for MS to climb down from Mt Sinofsky and offer a more acceptable UI.

26
0

Pixel mania: Apple 27-inch iMac with 5K Retina display

Ken Hagan
Gold badge

Re: The display

"the rest of the population using fixed sized bitmap fonts"

Who?

5
0
Ken Hagan
Gold badge

Re: Att unwarranted triumphalism

" if you're editing a 4K video stream in realtime, a 5K monitor is the only way to see your footage at 100% whilst still having room for toolbars around the side"

You mean there are still people out there who think they are high-end users but who only have one screen? Er, gosh! I'm a cheapskate but I've been using two screens for my work since the 20th century.

4
1

Happy 2nd birthday, Windows 8 and Surface: Anatomy of a disaster

Ken Hagan
Gold badge

Re: Snatching defeat from the jaws of victory...

"@KenHagan, Debian long ago deprecated the har-de-har-har package format, so you were installing FF the wrong way."

If you check the OP, it wasn't me trying to install it. However ... for the benefit of all the down-thumbers mocking the OP and my own reply, here's a transcript of what happened 30 seconds ago on my machine running a fully patched Debian Stable:

me@ACER:~$ sudo apt-get install firefox

[sudo] password for sudo-root:

Reading package lists... Done

Building dependency tree

Reading state information... Done

Package firefox is not available, but is referred to by another package.

This may mean that the package is missing, has been obsoleted, or

is only available from another source

E: Package 'firefox' has no installation candidate

me@ACER:~$

You see, when I made my "Probably Debian" remark, I knew about Iceweasel and I assumed that most of the Linux fans on El Reg forums would be aware of it too. Since quite a few clearly aren't, let me spell it out for them: Installing firefox on Debian is blocked by default.

1
2
Ken Hagan
Gold badge

Re: Do you hear that?

"Micro$oft listening to their pockets"

Not even that, since the cheapest way to get a familiar Windows UI on a phone would have been to run vanilla Windows on the phone. This would have had the added advantage of already running all the customer's existing software (licences permitting).

No, this was Microsoft listening to ego-manical execs who wanted to "make a name" for themselves and had the whole company to play with for too many years.

2
0
Ken Hagan
Gold badge

Re: Cloud first. Mobile first.

Desktop Our existing customers last.

13
0
Ken Hagan
Gold badge

Re: Pulled off on MS Office?

@xerocred: Do you still remember the old menus? I ask because the corresponding keyboard interface is still supported, so you can (for example) bring up the Edit Links dialog by typing Alt+E followed by K. Bizarre, I know, but MS apparently implemented all of the old UI alongside the ribbon and then hid it.

2
0
Ken Hagan
Gold badge

Re: Snatching defeat from the jaws of victory...

"That was either a long time ago, or a very obscure distribution."

Probably Debian.

1
5

Yes, Virginia, there IS a W3C HTML5 standard – as of now, that is

Ken Hagan
Gold badge

Re: Where is the Reference Implementation?

"the 'correct' behavior"

That's your problem, right there. Since browsers generate output for human consumption and since humans are both tolerant of variations they like and intolerant of those that they don't, there may be plenty of cases where there are either zero or multiple 'correct' behaviours rather than exactly one.

And that's before you consider what the correct behaviour might be for an output device that isn't a large, high-resolution, full-colour display.

(I might add that the IETF has historically taken the view that there should be at least two implementations of a standard and neither should be considered a "reference".)

0
0
Ken Hagan
Gold badge

Re: "Javascript: The Good Parts" - 176 pages"

I bought that book the other week and I'd recommend it.

The page comparison can be read however you like. One way of reading it is to say that inside the 1096-page crawling horror that we know and hate is a much smaller and cleaner 176-page language wanting to get out. The book gives reasonable pointers for how that can be achieved in practice.

1
0

Swedish 'Future minister' doesn't do social media

Ken Hagan
Gold badge

Is Sweden like the UK...?

...in that all the major parties actually hire youngsters to tweet on behalf of their senior politicos?

That way the tweets look authentic (because the youngsters know what a tweet is) and they are always on-message (because the youngsters are paid to be on-message) ... but it is all a pack of lies.

1
0

Microsoft has Windows Server running on ARM: report

Ken Hagan
Gold badge

the small matter of just how to get applications written for x86 running well under ARM

A very small matter. I doubt whether more than a handful of applications still depend on assembly language for anything and probably even fewer have actually been optimised with an eye to the strengths of the x86 family.

They'll run as well on ARM as they do on x86 and unless Microsoft's ARM compiler has gone backwards in the past ten years it will just be flicking a switch in your IDE.

0
0

Apple's OS X Yosemite slurps UNSAVED docs into iCloud

Ken Hagan
Gold badge

Re: Glass half empty?

"Surely this could just as easily be written as Apple backing up your work by default for you, for free."

Except that it is not free. Otherwise everyone would buy the cheap iPads (with hardly any space) and simply use iCloud as the main storage. Sadly, bandwidth costs and (if memory serves) space on iCloud costs as well.

0
2
Ken Hagan
Gold badge

Re: You are on the Cloud

Since I've never actually set up my iCloud account password, I'm curious to know just whose cloud I am "on, whether I like it or not".

Still, it is getting harder and harder to use consumer electronics without getting shafted like this. Why are we creating a world where you have to be a terrorist Linux or BSD user to have any control over your privacy?

7
1

How to hit the top of Google's rankings: 'Use a new dot-thing gTLD'

Ken Hagan
Gold badge

Re: Cost

I put it to you that your list of "big names" includes one that exemplifies why a domain name no longer really matters: Google.

People use Google to convert "what I want" into a domain name "cookie".

Their PC then uses DNS to turn that "cookie" into the current address.

Feel free to substitute your own search engine into my analysis, but as far as domain names go I'm sure that most people read no further than the top or secondary domain, just to make sure it is located in roughly the right continent. Ironically, gTLDs make that harder and so are less attractive to the few humans who still bother to either read or remember DNS names.

0
0
Ken Hagan
Gold badge

Re: For how long?

"having one really says nothing about the quality of the content"

A bit harsh. If you've spent several hundred thousand dollars just for the bleedin' *name* then surely you'd make a bit more effort (on average) than someone putting up their personal drivel outlet. Surely? Humanity isn't *that* stupid, is it?

Oh.

1
0