Feeds

* Posts by Peter Gathercole

1861 posts • joined 15 Jun 2007

Ubuntu? Fedora? Mint? Debian? We'll find you the right Linux to swallow

Peter Gathercole
Silver badge

@Vic re Amarok

Agree on Amarok. When I did a dist-upgrade of my Ubuntu desktop box from Hardy to Lucid it did the 1.4-to-2.something upgrade for me, and I was lost for weeks trying restore all of my music.

The bugs are mostly fixed now (at least the ones that were affecting me), but I still find it bloody annoying to maintain music on an external device. It was sooooooo much easier with 1.4.

0
0
Peter Gathercole
Silver badge

@dajames

I overlooked that one (and that is strange, because I had the exact same problem with TomTom myself). Ironically, I also have problems updating my Android Phone and Tablet because the installers both need Windows (although I think the tablet could be done using an update stored on the micro-sd card if I tried hard).

But I would also wonder whether the myTomTom (or whatever it is called) would suffer the same problem as S-OED that you mention.

So, how do we pressure these shortsighted vendors to provide native Linux apps? They'll have to something to cater for tablet filled PC free households at some point.

0
0
Peter Gathercole
Silver badge

Re: Right. @Seanmon

Tried any Windows install from Microsoft provided (i.e. not vendor supplied recovery) media recently? If so, did every bit of hardware work, especially on a laptop? What! You've never installed Windows yourself? Then you're not qualified to comment.

From experience, I absolutely know that Ubuntu or Mint will be able to use more hardware from generic install media that Windows without the vendors drivers disks.

What you are complaining about is that you can't get a system with Linux installed.

2
0
Peter Gathercole
Silver badge

Re: "Comfortable with the terminal" @Prio

Did you check that your DVD drive worked and the disk was readable in it? This is the biggest problem I get when trying to use older systems. They may load the bootstrap, but get stuck further in on the disk. Does Mint have a 'Check Media' menu item on the boot strap?

0
0
Peter Gathercole
Silver badge

@Gray

I can only assume that you've never used a modern Linux.

All mainstream distros on mainstream hardware will do pretty much everything a home user would want to do out of the box, with the possible exception of patent restricted file formats, and there is no way in hell that you can blame the Linux community for that problem.

3
0

Clarkson: 'I WILL find and KILL the spammers who hacked me'

Peter Gathercole
Silver badge

Re: I don't mind being compared by age...

I have an working knowledge of an internal combustion engine as well, but I don't have greying hair in common. This is despite my being only about two months younger than Jeremy, and is neither because I am bald nor is it because I use dye.

I sympathise with my follicaly or pigmentaly challenged compatriots.

2
0

Review: HP Spectre XT TouchSmart

Peter Gathercole
Silver badge
Unhappy

@Sandtitz

..... only there aren't any. List me a current laptop that has a 4x3 screen that fills the entire lid of the the laptop. I've tried to find one, and I can't.

It's funny that 7 years ago, my needs were quite mainstream. My requirements have evolved (faster processor, more memory, bigger disk, better graphics adapter), but the manufacturers have moved in a completely different direction (shiny, wide-screen aspect ratio, no optical media, bigger or smaller form-factor).

So in order to remain mainstream, I have to change, right?

I'll go back to my cave now, as it seems like I belong with the Dinosaurs.

3
1
Peter Gathercole
Silver badge

Re: Why do I feel so alienated by the PC manufacturers @AC 10:30.

If you look at my other posts, I've been a Thinkpad user for over 10 years.

What I would like would be something with the form factor of a T23, the 4x3, 1440x900 resolution of some of the T43 and T60 models, but a better processor than either of those.

I'll probably have to look for a second-hand T60 at some point, and see how long that will last me.

0
0
Peter Gathercole
Silver badge

Why do I feel so alienated by the PC manufacturers

There is nothing, absolutely nothing, that I can see about this machine that would encourage me to buy one to replace my current laptop. It's -

- Too expensive.

- Too big.

- Not the screen format I want.

- Has a mirror instead of a screen.

- Encourages people to touch the screen and leave greasy finger marks.

- Probably more powerful than I need.

- Comes with an OS that I neither want nor need.

The problem is that almost every company making laptops is aiming to produce the same type of machine, meaning that there is nothing made by anybody that I would consider.

Am I really that much different from mainstream users now?

15
3

Atomic Weapons Establishment ditches 2e2 in funding row

Peter Gathercole
Silver badge

Re: Non-story.

If I were AWE, I would want to invoke the 'distroy all data you hold for us' clause of the contract that they must have. Otherwise, who knows where it will turn up!

2
0

Remember that Xeon E7-Itanium convergence? FUHGEDDABOUDIT

Peter Gathercole
Silver badge

Re: BeFuddled

I always viewed it as Intel royally screwing HP in order to get access to some of the IP that they needed to speed up the Pentium processor.

PA-RISC was a fairly nice processor that HP had developed from discrete logic into multi and then single chip designs. For a preiod of time in 1990-1994, HP, Digital and IBM went head-to-head to try to produce the fastest chip/system. But rapid development of processors is an expensive operation, and HP did not commit to the same level of resource to keep the processor development going.

When Intel wanted to speed up their x86 processors, they needed to use technologies that they did not hold the rights to, mainly for the superscalar and deep pipeline techniques. They approached HP with an offer to take on the development of the EPIC processor which was to succeed the PA-RISC2 64 bit implementation in exchange for the rights to use some of the technologies that HP used in the PA-RISC family. This enabled Intel to produce faster and more competitive x86 cores (I think the first Intel processor to benefit was the P6 Pentium Pro), and in theory removed the cost of developing the next generation 64 bit processor from HP.

When it came to producing the processor that they promised to HP, Intel were a bit tardy. They produced the original Itanium which was something like 2 years late, was not as compatible with PA-RISC2 as it was supposed to have been, and was slower than promised. Compared to other contemporary processors, the Merced implementation of Itanium was considered very disappointing. So Intel benefited greatly with their own processors, and HP suffered.

This left HP with a gap in the late '90s that meant that they had to continue using the PA-8X00 processor family beyond it's natural lifetime. The fact that HP managed to get significant performance increases by iterative evolution was probably a testament to the design of the original processor and the people remaining in HPs processor development team.

Sounds like HP are still being screwed over. I wonder if there is anybody left in HP who regrets the decisions taken back in the mid '90s.

4
1

Stricken 2e2 threatens data centres: Your money or your lights

Peter Gathercole
Silver badge

Re: I love it! @AC 10:57

I quote from my original comment.

"and (importantly) that you control the process and the media."

I think you just made my point over again.

My response to "Dr Who" was actually about rogue administrators in an un-outsourced IT department being as big a risk as an outsourced operation going bad. But I tried to make it a little relevent to the original story as well.

1
0
Peter Gathercole
Silver badge

Re: I love it! @Dr Who

That is why you have a reliable DR set of procedures that take periodic copies of the data out-of-easy reach, and (importantly) that you control the process and the media.

E2E may have the best DR procedures around, but if they 'own' the media that the backups sit on, they are just as unavailable to the end user as the servers that they back up. This is why it is more dangerous.

I wonder how many outsourcing contracts contain clauses that immediatly revert the ownership of the backup media and documentation for the backup process to the end customer in case of insolvency of the outsourcer. Sounds like a good clause to me.

In the case of trusting your administrators, you should spread the responsibility to more that one administrator to make sure that it is performing properly, but this will allow for the situation that if someone trashes all the data on your live systems, you just invoke DR.

Of course, if someone is really malicious, and is allowed to screw with the systems for more than your longest off-site backup is viable, then it is still possible to destroy all the data, but you hope that there is no conspiricy and that such behaviour would be spotted. But you could say the same about the financial director, the pruchasing officer, or even the caretaker. It's not just IT people who could be holding a grudge.

2
0

Tracy brothers are back: Thunderbirds Are Go! again in 5... 4... 3...

Peter Gathercole
Silver badge
Happy

Re: More to the point... @Steve

The records were unusual. They were 7" discs, but were played a 33 1/3 RPM. I'm fairly certain that my father still has the records somewhere.

When I was reading the stories to my children several decades ago, I found myself mimicking Johnny Morris' vocalisations. I guess that it must have had a profound effect on me.

IIRC, Rev. W Audry actually wrote 32 or 33 of the original books, before his son Christopher picked up the reigns. Each of the stories in the original books was said to have been inspired by real events on the railways, and I always though that made them much more believable. Once Britt-Alcroft started getting more stories written, it all went to pot, and the Rev. is probably spinning in his grave at the latest stories.

What I would like to know is whether the Chris Payne, who appears in the titles of the original TV series is the same Chris Payne who worked on computer controlled railways for his final year project at Durham University in 1980/81. If it is, then I knew him.

Listening to records of Johnny Morris reading the Railway Stories, and Ian Carmichael reading Winnie-the-Pooh, also on 33 1/3 7" discs are probably are some of my most enduring childhood memories.

BTW. There were also Century 21 Stingray, Thunderbirds and Captain Scarlet stories on vinyl disc. You've got to remember that there were no home video players back in the 1960s. Records and reel-to-reel tape were all there were.

0
0
Peter Gathercole
Silver badge

Re: I'm worried... @Wize

There are some very good insights into the production problems that Doctor Who had in the 30 minute-an-episode days contained in a book and audio-book by one-time Dr Who producer Barry Letts, called "Who and Me". It is serialised on BBC Radio 4 Extra on their rotation. It's a good read/listen.

There were so many scheduling, budget and logistical issues around this production format (like the sets had to be taken down every week during the episode filming - no wonder they were flimsy) that once you know, you wonder how the show was ever made!

My personal feeling is that the episodic story line was both a benefit and a curse, but I think that it was good training for handling long-running issues in life, and definitely made it more of an event in the week than the current self contained stories.

2
0
Peter Gathercole
Silver badge

Re: The Captain Scarlet effort on CITV was good

But to me it never had CGI wow.

Maybe I need to watch it again, but to me it looks to have been animated using the Max Steel or Action Man CGI rendering engine, which make movements look unrealistic. I know it was probably a different company doing it, but the Starship Troopers CGI series looked better.

Hopefully, they will use a better engine for the Thunderbirds remake.

0
0
Peter Gathercole
Silver badge

Re: The Captain Scarlet effort on CITV was good

I only watch the first DVDs worth (four episodes?) of the Captain Scarlet remake, and I was very disappointed. They messed with the format so much that only the fundamental details survived.

It appeared to be the case that they went completely down the action route, whereas the original series demanded that the kids follow the story. I wonder how much of 'kids have short attention spans' is reinforced by providing programs that need no degree of attention to watch. Possibly a self-fulfilling statement.

IIRC it was billed as "Gerry Anderson's New Captain Scarlet", so I wonder what Gerry actually thought of it. The reason why he hated the live-action movie so much was he had lost control of the franchise (he sold the complete rights to finance one of the later series), and so had no input at all. I agree that it was barely worth watching, apart from the cameo reverse-format puppet hand at the Thunderbird 1 controls, which was the sole amusing bit of the film.

3
2

US diplomat: If EU allows 'right to be forgotten' ... it might spark TRADE WAR

Peter Gathercole
Silver badge

Re: Trade War?

"it applies to them no matter where they operate" - it depends on what they are doing.

This is the US interpretation of a US law. In actual fact, if Microsoft operate on European soil, they are probably doing it through a European subsidiary, which is subject to the laws in the region they are operating.

It has to be this way, otherwise all employees of US owned (I'm talking US holding companies owning the regional subsidiary) companies working on outsourced operations for, say, UK government agencies could be forced to divulge national secrets if asked by the US Department of Homeland Security.

It's different for business transacted over the Internet, because it's much more difficult to enforce national boundaries.

Where the issue is further clouded (pun intended) is if a non-US organisation stores data in a US owned storage cloud. I can envisage situations where US DHS could ask for the data to be migrated onto servers under US jurisdiction, and then they have the law behind them to get it disclosed!

I think that Office365 is probably run by Microsoft US, and the servers are probably on US soil, so the statement about that is probably true. A reason to consider carefully how you use SAAS and cloud based storage.

7
1

Plunging BT sales hit every branch of the biz on way down

Peter Gathercole
Silver badge
Headmaster

@Myself

Bollocks. That shoud read "You're", not "Your".

1
0
Peter Gathercole
Silver badge

Re: Please........ [re. data only connection] @This Side Up

And the cost of all of these physical things..... very little (probably a single electronics module, provisioned in bulk, which would probably be installed anyway even if they did offer a data only service). Anything that is shared or managed centrally (like call-set up, breakdown and billing) would not be any different.

Your argument goes back to old fasioned exchanges (pre System X) where things like ring and dialtone generators were seperate pieces of hardware shared between a small numer of telephone lines.

0
0
Peter Gathercole
Silver badge

Re: Please........ @Roland6

Normal ADSL services uses frequencies well above voice. As a result, I don't think that their service would have provided any enhanced bandwidth, other than there being no need to install microfilters which may make a slight difference to the signal strength.

0
0
Peter Gathercole
Silver badge

Re: Please........ @lallabalalla

Your not being billed for it seperately, so you are only paying an unquantifiable amount for it.

My assertion is that as BT provide it by using otherwise unused spare capacity at weekends, it costs them effectively nothing to include, and they are unlikely to ever offer a package at lower cost that does not have this particular feature. They may offer a data only package, but I bet it would work out the same.

0
0
Peter Gathercole
Silver badge

Re: Please........

You are assuming that if they did offer data-only lines, that they would use less equipment to justify a rebate.

The cost of provisioning the service from your home to the exchange would be the same, most if not all of the stuff at the exchange would be the same, and from the exchange to the rest of the network is all IP now for both voice and data anyway, so again would be the same. There would not be much of an equipment saving.

Bundling it all together is pretty much what they do. The line rental that I think you may be complaining about is not the cost of the voice service, it's the cost of connecting your house to the exchange. This is necessary whether you use voice, voice and data, or data only.

Why not just use their Unlimited Broadband package, and not plug in a phone? The only bit you would be 'saving' on by not using it would be the free weekend calls, and bearing in mind that voice traffic bandwidth was traditionally low over the weekend (so is low cost to BT), it is unlikely they would offer much of a rebate anyway, so how much do you think you would save?

5
1

Netbooks were a GOOD thing and we threw them under a bus

Peter Gathercole
Silver badge

Re: I am still using my Eee 701SD...Same here

Mine is a 4GB model, ordered in the first week they could be ordered, and now has Ubuntu 10.04 on it. I cannot see me putting 12.04, though (far too small and underpowered).

The big problem is that a mainstream distro leaves an uncomfortably small amount of space on a 4GB SSD. I have to aggressively manage cached packages, multiple kernels and other things to leave enough space for the system to work.

But otherwise, it is surprisingly usable.

0
0
Peter Gathercole
Silver badge

Re: Accounting @AC 11:25

Even as a relatively high paid IT consultant, £2500 would represents well over a weeks total income. Justifying it as a tax deductible expense would still make it a considerable purchase for a one person service company. Even claiming back the 20% VAT will not drop such a purchase to below 2 grand, and that is money that could be used for other things (such as paying me), and one of the primary things it would have to be able to do was track it's own depreciation!

Fortunately, I never had the need for that class of machine, as I have not needed to be away from power for more than my 2nd hand Thinkpad can provide.

1
0
Peter Gathercole
Silver badge

Re: Accounting

I totally agree about the accounting package. A usable and supported payroll and accounting package with current HMRC tax tables was the only reason I kept a Windows partition on my Thinkpad. Since shutting down the company, Windows has never been started on it, and it's been Linux all the way.

7
0

Google's Glasses: The tech with specs appeal?

Peter Gathercole
Silver badge

Re: Ghost In The Shell...

But I don't think Bateau's visual overlays are provided by his cybernetic eyes. I think that they are directly injected through his cyberbrain. Otherwise Aramaki and Togusa would not get what they 'see' either.

0
0

How to destroy a brand-new Samsung laptop: Boot Linux on it

Peter Gathercole
Silver badge

Re: Well actually @Spearchucker

In my experience, the various Ubuntu releases work on everything I've put it on with few or no problems.

In the last 8 years since I started using it, I've put it on lots of Thinkpads and other laptops, netbooks, and desktop systems, and while I won't say that I've never had problems, none of them have been show-stoppers.

OK, when I first used my eeePC 701, I had wireless problems until the slightly strange Atheros chipset gained a Linux driver. My Thinkpad T30 does not reset the sound correctly after suspend, and the Mobile Radeon graphics adapter is too old to work with Compiz well, and I came across a wireless card for which there was no Linux support on a Shuttle XPS (which, incidental, did not work in Windows very well either).

I suspect that your Vaio must have some very specific hardware in it, and only works on Windows because you have a system restore image prepared by Sony that contains the right drivers. I would be interested in seeing how well you managed to get it working with a retail windows install disk, and what would not work.

Windows users think that their systems 'just work', but this is mainly because the PC manufacturer has taken the necessary background steps of identifying the drivers and building a bundle of Windows and drivers specifically for their systems. If they went to the same lengths for Linux, it would be the same.

What is amazing in my view is that a single build (one CD, not even a DVD) of, say, Ubuntu will 'just work' on a huge number of different systems without all of the behind the scenes customisations that happen for Windows, because they are done for you.

One of the problems is that Windows drivers are specific to a particular instance of hardware, so a Atheros card from say Netgear would not work with the drivers supplied by Belkin for a card with the same chipset, and often not even with the driver for another card from the same supplier with the same chipset.

Linux is different here, because its drivers are largely manufacturer agnostic. It identifies something like an Atheros chipset, and it configures the driver regardless of the manufacturer (OK, I know Atheros is an old chipset not used much now, but it's the one that came to mind first).

Occasionally, you will come across some hardware for which the PCI or USB ID's are not in the database, so the module code cannot identify the required driver correctly, but this becomes less and less frequent as time goes by, and is usually fixed for what must be regarded as non-mainstream hardware (if it were mainstream, the ID's would be in the database) after a little Googling. Not everyone's forte, I accept, but you cant expect the distro maintainers to be omnipotent!

5
0

Hackers squeeze through DVR hole, break into CCTV cameras

Peter Gathercole
Silver badge
Meh

Re: Don't blame UPnP... @Peter

I'm not sure that I believe you that it is just a router. Most routers now claim to have statefull firewalls in them, and bearing in mind that they are the first line of defence in most peoples home networks, I think that you need to treat them as a firewall.

Indeed, some misguided PC world sales youth tried to persuade me to buy an (expensive) all-singing, all-dancing ADSL router to replace my ADSL modem/router, separate Smoothwall firewall and wireless router, as it would do everything I needed in one box. I don't normally lecture people while in PC world, but he was an exception. I had gone in to try and find a wireless range extender.

But you are right, I should have been more careful in my comment.

Back on topic, you can turn UPnP on if you want, but I am never going to allow a vendor device on my network permission to open up inbound connections without being bloody sure I trust it, and I will offer that advice to anybody who asks me. I believe that it is just asking for your network to get pwned. It only takes one mis-configured or deliberately malicious device or software service/piece of malware (PCs can use UPnP as well) to appear on your network to let in things you do not want. If you do not see the danger, then that is not my concern, apart from having to fend off a future botnet in which your machines are enrolled.

1
0
Peter Gathercole
Silver badge

Re: How do I do a port scan to see what ports my uPNP router has exposed?

Steve Gibson's own Shields Up! on www.grc.com may be a good place to start.

2
0
Peter Gathercole
Silver badge
Megaphone

Re: Don't blame UPnP... @Dom 3

I think that you've misunderstood what a firewall is for. It's there to protect you from devices and services that try to compromise your security regardless of their intent.

My view is that having a mechanism that can override your firewall without your knowledge can never be a good thing regardless of how much easier it may make running your environment. If you need remote access, configure it yourself, and learn in the process. Trying to justify anything else is just lax thinking.

2
0

Who ate all the Pis?

Peter Gathercole
Silver badge
WTF?

WTF?

"Anyway, after a few minutes all the old Unix skills come flooding back: typing backslashes in paths that demand forward slashes"

You think that mistyping slashes is a skill?

There was a time when bottom left to top right was called slash, and top left to bottom right was a backslash. Then DOS came along....

0
0

IBM fuels up more Power7+ servers for impending launch

Peter Gathercole
Silver badge

Re: And the 755 is not water cooled.

Since I posted the last two comments, TPM has corrected the article without adding a corrction note. Just saying to explain what I was commenting on.

0
0
Peter Gathercole
Silver badge

And the 755 is not water cooled.

The 755 is what Watson was created using, and is a cluster of slightly altered P7 750 nodes with Infiniband gluing it all together.

1
0
Peter Gathercole
Silver badge

Power 795 "Blue Waters" beasts - Wrong.

The Blue Waters machine would have been a P7 775 cluster, not a 795, which is the large commercial system.

2
0

Facebook friends bash servers, storage, and racks into bits

Peter Gathercole
Silver badge

Hey, he's invented the Mainframe...

...again.

Back in the day, you had a cabinet or two for the processor(s), at least one for the memory (especially if it were core), another for each disk string controller, and then more for the disks themselves, and then additional cabinets for front-end processors, tape drives and any other ancillary devices.

It was perfectly possible to add and remove memory, disk controllers and strings of disk without having to replace the computer as a whole. Or you could replace the processors, and leave the rest of the system untouched.

I remember on weekend in 1985 when I went home on a Friday night, after using NUMACs crusty old IBM 370/168 which was collapsing under the strain, and came back on Monday morning to the same system with an Amdahl 5860 that to the user was identical, just a lot faster.

Professor Harry Whitfield (director of the computing laboratory at Newcastle University at the time) wrote the following in his annual report for the year:

"The installation of the Amdahl 5860 in late September 1985 and its introduction into service in early October must be regarded as the major event of the year. The whole process went so smoothly (and unannounced) that users 'merely' noticed that the system had suddenly become much more responsive and five times faster."

I admit the analogy is not perfect, but there are serious similarities.

0
0

BT's 'six-month free broadband' offer is a big fat FIB - ads watchdog

Peter Gathercole
Silver badge

TANSTAAFL

Nuf. said.

0
0
Peter Gathercole
Silver badge

Re: why is line-rental mandatory?

It's the model BT has used for telephone lines forever. For metered services (like telephones used to be), it made absolute sense for BT to split out the maintenance and equipment cost from the usage cost, so that they still got money to provide the service even if no calls were made.

Nowadays with everybody offering packages with inclusive calls, it makes less sense, apart from the ability for the provider to hide some charges in the headlines of the advertising ;-)

For people asking for no line rental, which do they prefer. £13 a month for broadband and £14.60 line rental, or £27.60 a month for broadband without line rental, because that is the choice they would get.

It does not matter how it is charged, the ISP (possibly through BT) has to pay for the cost of the upkeep of the wires/fibre from the exchange to the premises, the exchange itself, and the equipment in the exchange. It will either be in the line rental, or added to the package cost. Assuming that taking the line rental out would leave the package costs unchanged is just lose thinking.

For the specific statement 'Telcos in other countries are happy to provide a "dry-pair" for the DSL without voice services' that would be true if there were really separate bits of kit in the exchange for the analogue phone line and the DSL link, but I suspect that in modern digital exchanges, that is not the case. Even if the line was not used for voice, I suspect that the kit would be the same.

0
0

Sheffield ISP: You don't need a whole IPv4 address to yourself, right?

Peter Gathercole
Silver badge

Re: Can they still call this The Internet?

Why? For normal users who do not provide internet visible services, but only use client services, the change will be almost completely invisible. Outbound connection requests will still be given ephemeral port numbers, just like they are at the moment, and these will be recorded by the NAT server to allow packets to be routed back correctly.

In fact, if you have a cable or ADSL router/modem, you are almost certainly running NAT already.

It is only if you offer inbound services to your network that you are likely to notice anything at all, and if you are, you probably already know how to get around any problems. And it's not like they are not telling you what is happening.

2
0
Peter Gathercole
Silver badge

Re: I dont really understand

IPv4 or IPv6 addressing is largely irrelevant to most internet users. DNS and stateless address autoconfiguration or DHCPv6 takes the pain out of knowing IP addresses.

Let me ask you. Do you know, off the top of your head, any IP addresses of servers on the Internet?

And do you care what the address that systems have on your private network?

For most home users, the answer to both of these is no, in which case, apart from the pain of switching your router and systems over to only use IPv6, the change will be almost entirely unnoticed.

Of course, some of us (and I am in this category), do care, and I am dreading the switch, because I want fixed addresses in my network for certain systems (no uPNP for me, no sir). I have to do some learning to find out what I need to do to, and I'm not looking forward to that.

0
0
Peter Gathercole
Silver badge

Re: Does the author know anything about TCP/IP?

If Plusnet give a fixed IP and port number(s), then it is still possible to do port forwarding even in a double NAT environment. You just have port forwarding on both NAT devices.

I would be quite happy to be given a range of ports (say 16) for input services on a fixed IP address, as long as I knew what the external port range was, and what ports each would map to when presented to the local NAT device. This would be preferable to me than having all the ports available on an indeterminate IP address, and having to use a dynamic DNS solution to find my servers on the Internet.

A more complex setup, but I'm fairly certain that the people who want it are the ones most likely to understand how to set their side up.

Alternatively, you could run your ADSL/cable router in bridge mode, and have them map directly to your servers (only having ISP run single NAT in this case), but that is not a configuration I would want as the ISP would then have sight of your private network unless you put another firewall in.

1
0
Peter Gathercole
Silver badge

Does the author know anything about TCP/IP?

"NAT makes it impossible for anyone on the internet to establish a connection to a computer behind it"

Not true. You just have to include port information in the address, and set up an inbound port redirect on the device doing the NATing. So outside, you advertise, say, port 2080 for your web server, and have the NAT device redirect inbound packets received on the 'RED' side port 2080 to port 80 on the private address of the device on your 'GREEN' or 'ORANGE' network. All of the devices that I have used that provide NAT have this functionality, so I'm sure that an ISP could deploy it.

In case anybody does not understand, a valid URL can include a port number, so you can have a URL like www.mywebsite.co.uk:2080/home.html

It works, but there are caveats, particularly on URLs that refer to other pages on the same site. But it works very well indeed for single port services such as SMTP as long as it is known to use a non-standard port.

IIRC, DNS has support for providing port information as well as IP addresses for name lookups, it's just not used.

1
0

BT's shock new wheeze: Make phone calls from smartphones

Peter Gathercole
Silver badge

And in many other places as well

Cable only covers cities and large towns. Once you get into the sticks, cable is almost non-existent.

I'm surprised by central London, though.

0
0

'Better than Adobe' Foxit PDF plugin hit by worse-than-Adobe 0-day

Peter Gathercole
Silver badge

OK, I got it. Thanks.

I had not considered using NOPs to make the return address less critical, nor the fact that you could find the absolute address of the stack frame relatively easily (although it is compiler specific). That stack_smashing paper is dynamite.

Each exploit has to be taylored to the OS and processor, but I guess that Wintel is a big target.

0
0
Peter Gathercole
Silver badge
Thumb Up

Re: Significance @Gerhard den Hollander

Is this PDF safe to read in Foxit?

1
0
Peter Gathercole
Silver badge

@deodesigns

In this case, it cannot be the kernel stack.

0
0
Peter Gathercole
Silver badge

Re: Significance @runwin

OK, I've read the page, and it falls into the "change the return address" scenario that I mentioned. Having read that, and done what I should have done before and worked out the way stacks are stored, it looks as if most systems grow their stack 'down (higher to lower addresses)', and I admit that the return address will be stored in memory with a higher address than the buffer, so could be overwritten.

But I still think for several reasons, that this will be more likely to cause a DoS, rather than a remote code execution problem in this case.

0
1
Peter Gathercole
Silver badge

Significance

I'm always a bit sceptical about the danger of this type of bug. Sure, it will cause unpredictable errors, but lets look at what could happen.

As they talk about stack overflows, I'm presuming that the URL is being copied into a variable stored on the stack, i.e. a local variable. When this exploit runs, whatever is in the memory locations after this variable will contain some data that is under the control of the exploiter.

So. The memory locations after the variable will be another variable, or possibly a stack frame header including the return address and possibly some saved register contents.

If it's another variable or saved register contents, then the previous contents will be lost, and/or some unpredictable behaviour might happen when the variable is used. It might be a pointer, which may mean that some other data address could be clobbered later in the code. It could be a vector (pointer to some code), but in order to exploit this, you'd have to understand the rest of the code really well. If it's a stack frame (and I've not checked the direction of stack growth so don't know whether it will be the frame for this function or another), then the return address may be damaged, which could be used to control where the code returns to.

The comment from Paul Ducklin from Sophos, re. "The crash, which is a side-effect of a stack overflow, pretty much lets you write to a memory location of your choice," seems an over-reaction, as it is likely that you could overwrite an address following this buffer in the page the stack is in or a contiguously later memory page. Any point after this will probably generate a segmentation or address violation, as soon as it tries to write to an unallocated address. To me, this is not the same as "a memory location of your choice".

You've potentially got some executable code (if that is what the URL contains) stored in a memory location you should not have access to, but it's not in the program text, and I've not yet seen a method described of triggering that code (the return address in a stack frame header is the only one I can see which would affect the execution stream). This does not appear to be a practicle means of injecting code, much more likely some DoS attack against the user running Foxit.

So it is important (all bugs should be regarded as such), and I'm sure there may be some special cases I've not spotted, but on casual inspection it can only be described as a DoS vulnerability with a 'potential' remote execution problem. saying any more would be FUD.

Possibly someone could educate me if I am wrong.

0
6

Forget 3D: 13,000 UK homes still watch TV in black and white

Peter Gathercole
Silver badge

Re: Rip off @cornz 1

I hope that you are only using usenet for your content, because if you watch 'live' TV over the Internet (yes, it's a bit of an ambiguous definition, but I believe that it means material that is broadcast over the Internet while being broadcast to air, even if delayed by a few minutes), then you still need a TV license. Your computer becomes TV receiving equipment under the terms of the law.

But if you are using usenet, expect a letter from your ISP accusing you of copyright infringement.

What's not clear is whether the fact that you could watch Internet broadcast TV but don't is enough to remove the requirement for a license.

3
2

A pre-ticked box in web forms should NOT mean consent - EU report

Peter Gathercole
Silver badge

@LDS

It's not quite that straight forward.

Shareholders are already on the hook, as they are unlikely to get the money they invested back. They are just as much creditors as the workers who are owed pay.

In the case of a company that is negligently driven into large debts, especially if money is owed to HMRC (in the UK), then the directors can be sued for corporate negligence, which can result in them being banned from becoming a director for a period of time, personally heavily fined, and in some cases, sent to prison, especially if fraud can be proved.

Limited Liability companies do not offer complete protection, but I admit that there are ways of extracting value from such a company and walking away without the debts.

1
0