* Posts by Lee D

733 posts • joined 14 Feb 2013

Page:

City of birth? Why password questions are a terrible idea

Lee D
Silver badge

Re: From one Extreme to the Other

I lost my little banking-calculator thing that creates transaction PINs for you.

Then my bank started offering a digital PIN on a smartphone app. Much better, I thought, and tried to sign up. How can you lose a smartphone app? Except you can't sign up without plugging in a code from your PINPad thing. Fair enough. I can see the logic there.

I phoned up to get a replacement. Went through the security questions. Told them that I'd lost the PINPad. I was told about the fancy new smartphone app instead. Yes, please, I'll have one.

"Great, Sir, all you need to do is go on our website and put in a code from your PINPad".

"The one I lost?"

"Yes."

After ten minutes of to-ing and fro-ing I got put through to someone who could understand the infinite loop / hole in my bucket situation.

"Great, Sir, I'll send you out a PINPad and when it arrives you can sign up to the smartphone app and then throw the PINPad away as it can't be used any more" (Green credentials be damned, apparently).

"Okay, cool".

"I just need to send you out the pad and also a security code to activate it."

"No problem."

"The PIN pad will be sent by mail, it'll take 2-3 weeks."

"Grr... okay then."

"How would you like the code sent out? I can send it to you by email so you have it instantly or I can pop it in the post and it'll be with you in 2-3 days."

"Well... what difference does it make?"

"Email is faster, Sir".

"But... if the PIN thing isn't here for weeks, how's that help?"

"Well, it's faster sir." (Fortunately, he didn't try the "green" argument or I'd have cited the above exchange anyway.

I was always told that to work in a bank was a prestigious job and they only took the finest candidates and you had to pass all kinds of tests because you were handling people's money. It appears I was lied to.

1
0
Lee D
Silver badge

According to some accounts I have, my city of birth is

49283hasepry79q

My pet's name is:

dsgfob20yweGFITw74

and my mother's maiden name is:

98432bgaisvffagsefroah

Who the hell actually cares what the answers are, so long as you can provide them on demand and other people don't know them. And nothing quite proves that you're the owner of the account than "Mother's maiden name?" "98432bgaisvffagsefroah"... "WOW! Okay, sir, yes, that's definitely you then!".

Hell, it's quite tricky to guess a valid email address for me, let alone the password to read that email. The security questions are even more secure and never used because I usually tie anything important into 2-factor authentication anyway.

0
0

DDoS attack downs University of London learning platform

Lee D
Silver badge

Re: C'mon

I think four-hours is quite good personally.

I mean, quite what can you do but go to your upstreams and ask them to block? If their response is slow, so will yours be - plus some more while you work out who to call, try to block it in the meantime, etc. while you can't get on the net yourself.

Combatting DDoS is, unfortunately, not as simple as just flicking a switch or blocking an IP. Likely nowadays you get hit with randomised packets from millions of sources simultaneously, and just blocking everything is no better than not being able to access your services because of the DDoS.

Sorry, but whoever gave that four-hour quote is a damn idiot, or trying to sell you something that he doesn't have himself anyway.

10
0

ZX Spectrum 'Hobbit' revival sparks developer dispute

Lee D
Silver badge

Re: You appear to be hosting a known malware platform on the site...

Never noticed with my "you have to click on a plugin before it does ANYTHING about loading it" options in my browser.

Hate people who complain about plugins who don't enable the simplest of security options for them.

By the time something asks you about "Adobe Flash" wanting to run on your system, your system has already started to load the plugin into memory in order to obtain that name from the supplied HTML embed.

Turn on click-to-play and then you never see anything worse than a page full of play buttons, and only ever play the single plugin you want, only on the pages you want.

0
3
Lee D
Silver badge

Re: Extra graphical capabilities of the spectrum 128 ?

Not more detailed, no.

They may have allowed more OF them but then you're swapping them into and out of video RAM.

Speccy's worked not on a per-pixel basis but on a 8x8 pixel block (sprite, whatever you want to call it) in a fixed position. With assembler messing about you could indeed make it act per-pixel in terms of on/off but you were constrained by the video hardware of only two colours per block (hence the "blockiness" of most speccy games - the detail was per-pixel, but the colouration was in 8x8 blocks.

Look at the dragon's mane in the first picture - top right of it is red because the background near it is red.

From memory, so maybe not 100% accurate but pretty sure I'm right.

You never got more "detail". You only got more RAM. And you had to swap them in/our of graphics RAM just the same.

4
1

UK data watchdog: Massive fines won't keep data safe

Lee D
Silver badge

It takes a day to form another company with the exact same staff and then "outsource" all your data handling to that company.

That's probably why that sanction never persisted in law.

2
0

Apple announces 'Home' iOS 9 app to run the Internet of Stuff

Lee D
Silver badge

Re: Internet of Thing

Controlable lightbulbs etc. are a damn waste of time

But the "IoT" fad is really annoying given that my car GPS tracker is online, my CCTV is online, my entertainment is all online, even the garden gate is online. It's not hard to find burglar alarms that are online.

This stuff's been around for decades. Just no pillock ever wanted to control their lightbulb from the other side of the world (definitely having Big Bang Theory flashbacks here) and shout about it before. But I've seen industrial boiler controls with modems on them, and all sorts. Why do we have to have a name for a fad that's been around for decades in much more useful forms. Hell, I still have a phone-line -> serial controller somewhere that I got out of a box of 80's-era junk from a previous workplace, and I was wiring DTMF (and even ringer) -controlled phone circuits up when I was a teenager.

6
0

'Millions' of routers open to absurdly outdated NetUSB hijack

Lee D
Silver badge

Except the component in question is a proprietary kernel module plugged into Linux setup?

It's like blaming Microsoft for you buying a Windows device from, say, Lenovo that came pre-installed with spyware.

1
0
Lee D
Silver badge

"NETGEAR told us, that there is no workaround available, the TCP port can't be firewalled nor is there a way to disable the service on their devices."

Well... that's just incredibly stupid.

That said, this is presumably only a local attack - on sensible routers - because you're not going to be exposing USB functionality to the raw Internet now, are you? Are you?

Well... that's just incredibly stupid too.

6
0

100s of Virgin Media customers hit by handset repair glitch, telco admits

Lee D
Silver badge

Re: @ Lost all faith...

My thoughts too.

The local petrol station must be "screwing me over" for not telling me there's a better deal a mile down the road. And all those dedicated server hosts are screwing me over for not suggesting I migrate to a 500Gb hard drive package instead of the 1Tb (when I'm using 499Gb, for example).

And so on and so forth. If you cared, you'd check. Get off your backside and take some responsibility rather than waiting for some government legislation to kick in for these companies to deliberately lose profit informing you that you could get a better deal elsewhere.

My milkman didn't tell me that semi-skimmed was 1p cheaper a pint or that he does discounts if I buy more than 10 bottles a day... I'm being screwed over!

Even though I never bothered to ASK.

1
3

Manchester car park lock hack leads to horn-blare hoo-ha

Lee D
Silver badge

Maybe it's the other way round and only new cars do this - I'm in my late 30's, my cars are never younger than 15 years old! I haven't even yet made it to cars with the "new" number plates, I'm still on a T-Reg!

They have all had central locking, driver boot release (a cable that runs back to front on the car, it's hardly high-tech!). and some have had remote-control boot unlock (but - again - the boot is ALWAYS locked otherwise).

Don't want to lock the boot? Don't close it. That's how EVERY car I've ever used has worked, so I find it odd that people want to leave the boot unlocked?

4
0
Lee D
Silver badge

Is it just me then, where every car I've ever owned locks the boot by default when you shut it and requires a key / keyfob / internal button press in order to open it?

Why the hell would you want the boot unlocked at any point except when you're standing behind it?

18
2
Lee D
Silver badge

1) Why does the boot not lock? Are you telling me someone designed a car where the only way to lock it is via radio? Stop buying these cars.

2) This is why you want (and have always wanted) a physical key.

3) Why the hell were SO MANY cars affected?

Radio locking is a convenience, only. That's it. You STILL have to physically walk up to the car to get into it, so stop being lazy and use a proper key when you get there. It can even be an electronic key, just one that has to be physically put into the lock for one of those many 1-wire protocols to negotiate with the ECU.

There's a reason I stick behind the cutting edge with cars - because this kind of junk is rife. Car locks aren't particularly secure and I certainly don't rely on them heavily to stop whatever is in my car getting nicked - I've seen far too many easy ways to get into a car leaving varying amounts of damage. But I would have been able to lock my car, including the boot, and I'd have been able to walk away.

Prank today. Viable attack tomorrow. Stop buying this junk and take your car back to the manufacturer.

32
3

'Logjam' crypto bug could be how the NSA cracked VPNs

Lee D
Silver badge

Ouch.

This is getting silly now.

Why are we finding so many bugs related to limits on the level of encryption / rounds etc. used harking back to an export restriction for one country that ended nearly two decades ago?

This is highly suggestive that NOBODY is paying attention to TLS security in any sensible way whatsoever.

9
0

Robots.txt tells hackers the places you don't want them to look

Lee D
Silver badge

This is old news.

If you want to protect something from prying eyes, put it behind HTTP authentication or secured scripts. Google can't magically guess your passwords and index password protected areas.

But listing something in robots.txt that you don't want indexed? That's like looking for the evil bit on an Internet packet. If you don't want random people indexing content, don't make that content available to them. Even the "Ah, but I block the GoogleBot" junk is useless - do you have any idea how many other bots are out there just indexing sites at random?

If your robots.txt is used for anything other than "that's a large image folder and I'd rather it wasn't uploaded to Google over time for bandwidth reasons, but there's nothing sensitive in there", then you're giving yourself a false impression of safety.

It's like leaving your file server open to the world but putting the "hidden" bit on the files...

29
0

Adjustments will be needed to manage the Macs piling up in your business

Lee D
Silver badge

As someone who's done AD integration for things as basic as Slackware Linux, I can safely say that I hate Mac integration. Yes, there's UNIX underneath, so it's possible to build an AD login (if you have expensive software or buy Mac servers to do that "golden triangle" junk with OpenDirectory, etc.). But the faffing just shows that they are actively avoiding any enterprise tools. They obviously just DO NOT want people managing Mac servers in a mixed environment.

DeployStudio is fabulous but mainly because it can be coaxed into pushing out Mac/Windows bootcamp images and people can choose what they want to use. Otherwise, everything appears to be a bodge. Locking down proxy settings is a faff without extra bolt-on tools. Keychain junk still appears if you do certain things and users can't avoid it. And mapping drives etc. - though there's nothing stopping you mapping an SMB share, it's again a faff and some things refuse to play ball with it like it's normal storage ("libraries" spring to mind).

Every time I have a dealing with Apple, I just realise that they absolutely do not care about enterprise or educational use of their machines. You bought you, you fix it. There are no decent tools, no integration, nothing. As said, if you have an entirely Apple setup, it's okay, but that's not the reality of most places except, possibly, Apple Inc. And they actively go out of their way to make things different, difficult and unsupported and they don't care that they do that.

I see no reason to support a manufacturer who behaves like that. And I'll be damned if I'm going to pay $100 a seat to a third-party on top of the Apple tax just to get some usable integration on the basics. I don't do that on Windows, I certainly am not going to do it for Apple.

This stuff isn't built for business, stop pretending it is. If someone wants it, tell them fine but it's unsupported and they are on their own. I'll look again if/when Apple bother to release some kind of enterprise-friendly tools themselves, but to my mind that will only happen when they are in their death knell anyway, so probably not even then.

The only people I see use Macs actually have stupendously low requirements and expectations of their machines. They buy it because it's flash, it's fancy, etc. and that they heard that music/graphics are done on Mac. You know what, I've not seen ANYTHING on Mac that's not possible with much less expense and the same or less effort on Windows. And stupid stuff abounds - you can't put the servers in a KVM arrangement because they sometimes require a Mac keyboard to even boot (think I'm joking? Wait until it crashes!). They can't even play ball with the simplest of USB sharing/switching devices.

I hate them. I hate them, I hate them, I hate them.

Sure I'll manage them, it's my job. But, I hate them. However, I will be going to my boss at the end of the year and showing him some stats from the managed network we have (which includes MDM and client software) - I want to see just how much they are used, how many programs are run on them, etc. And then I'm going to dual-boot them with Windows and keep stats on how many people use which OS. And then I'm going to recommend that we sell them off and just buy two rooms of PC's for every room of Macs we have.

10
3

BUZZKILL. Honeybees are dying in DROVES - and here's a reason why

Lee D
Silver badge

"This represents the second highest annual loss recorded to date"

So... we've been here before and they recovered just fine?

As someone who sat and played the Foxes and Rabbits game on their ZX Spectrum (Game of Life I believe it was called or similar?), even as a child I took away that the simplest of rules and systems can result in potentially chaotic behaviour and it's hard to even estimate if it will dip or grow after even the most severe of drops.

Honeybees aren't *endangered* from what I can see - there's just a huge variation in the colonies. Maybe the efforts one year to preserve and encourage new colonies overwhelmed some other resource or caused overpopulation which is now taking effect in recurring a dip.

I'm not saying it's not potentially important - but dire warnings when we literally say in the same sentence "but we don't know why" are useless. Find out why, by all means. Increase funding for research. But it's scaremongering to do that without also mentioning "Well, it might just be natural variation, we don't know".

There are animals out there that surface on prime numbered years to avoid predators who return on a regular basis, and their predator's behaviour evolves quickly to take account but - obviously - in the meantime a lot of their predators will die out because they can't adjust that quickly. And then when the predator's catch on to it, the natural selection means that the prime numbered intervals they surface on actually CHANGES over time - obviously after a particularly bad year, a slow boom happens until the predators catch on again.

Research is needed. But scaremongering is not a fair way to get funding for that.

As is the default in all science: We just don't know. Until we know, any action we take may actually be making the situation WORSE.

4
23

Self-STOPPING cars are A Good Thing, say motor safety bods

Lee D
Silver badge

Re: Speed limit reduction

Nope. http://metro.co.uk/2010/09/28/volvo-crash-test-fails-in-front-of-journalists-and-spectators-526087/

Re: "reasonable" speed limits - there is no concept of reasonable in someone that can't stick to 30 when the sign says 30.

However, taking your examples, what makes you think it's safer to speed past a school in the dark than in the light? I've been to school-hosted events that last way past 3am, especially for hiring out sports halls for wedding receptions, or even just plain old end-of-term party. And, yes, there's kids in tow. And, no, the speed limit is not always for safety - I wouldn't want some moron doing 60mph past the house late at night and then having to suffer the noise of every morning run too.

You can't justify reasonable to be higher when 30mph suffices to get you where you want to go, doesn't cause a ton of nuisance, and still isn't an accident-free speed and has been like that for decades.

If you want to "go faster", campaign - as was done and ignored a few years ago - for HIGHER speed limits. There are countries with much higher and (pseudo-)unlimited speed limits. Campaign for that, and everyone knows what's happening, what speed to expect of nearby traffic, etc. But that's not what you want to do - you want to go faster than the posted limit and not get caught or then be let-off.

The arguments I see are about robots policing and no real officers and blah, blah, blah. Nobody ever says "Let's just make the 30 limit 40 in this particular area". Why not? Because they know that the statistics will show the accidents rising proportionally.

Think of it another way: "You" might be able to "control your vehicle" at those speeds (I may disagree, but whatever). But what about the pillocks. Because it says 50mph, they'll do 55 anyway. Because it says "reasonable", they'll spend thousands of pounds of tax money going to court to argue that 70mph on a blind corner while they are racing their mate was "reasonable". It doesn't work.

Pick a number, stick to it. If the number's not enough, ask to have the number raised. NOBODY ever does. If you're just going to ignore the number whatever it is, please hope you don't hit my car (or myself or friends) even gently.

Don't say "I just want to be able to flout the rules". Tell people the speed you want on that particular road. If more people agree than disagree, surely it stands a good chance of happening and improving traffic flow? And with modern traffic systems, there's no reason a school road can't be 20 in the day and 40 at night or similar - we have the technology.

But you'll find a) Nobody asks. b) You don't care enough to ask, c) if it's raised to 40 you'll want to do 50 "just because", d) accidents will get more frequent and more serious, e) coppers and the locals won't take kindly to you zooming through their neighbourhoods at 3am at any speed anyway.

3
6
Lee D
Silver badge

Dunno, but my dad always goes on about how many horses he has under the bonnet.

They must be very small to fit that many in there.

3
0
Lee D
Silver badge

Re: Transitional period

I see them as totally different things.

Traction control, ABS and power steering all have one thing in common.

Outright failure of the system cannot result in a more dangerous situation. If ABS fails, you still brake as hard as the brakes allow - but if you're don't realise that, you MAY skid more but no more than if the ABS just wasn't there at all.

(Note: Failures of the BRAKING system itself are another matter and very dangerous because failure of it DOES result in a more dangerous situation! Lovely having all this fancy tech but if you put water in the brake fluid, it's still useless)

Traction control - if that fails, again, you're back to "normal" driving.

Power steering - if that fails, you're back to heavy steering of old but still maintain control.

A short period of confusion, maybe, but if your ABS fails and you need to brake, you just hold the brake down and things still happen.

I disagree, therefore, with avoidance or removal of such facilities.

However, emergency braking? If that fails, that could perform unwanted emergency braking SUDDENLY (in spray, snow, slush, etc. as pointed out by other posters here). If cruise control fails, it could accelerate or ignore the driver's input entirely - it has control of the throttle.

It's all a question of if a tech is fail-bad or fail-good. ABS failures result in lights, warnings, and NO ABS but still hydraulic braking under the control of the driver (on or off). Emergency braking failures, however, result in pile-ups, accidents and deaths no matter whether the driver wants to brake or not. They may be one-in-a-million but I object - as a driver - to losing control over something that I'm ultimately responsible for.

Lane-veering warnings - no conceivable failure of the system can result in a situation worse than not having it. It might false-warn, or not-warn, but that's it. It shouldn't control the car, or snatch the steering wheel to put it back in lane (because, again, that's overriding the driver and dangerous).

As I've had to tell several bosses: If you want me to have the responsibility, I have to have the power to control all this stuff. If you don't want me to be able to control it, I don't want the responsibility for it. If something fails, it needs to fallback to the driver and normal systems. It should ENHANCE the car, not control it. If emergency braking fails - by definition, it has control of braking that overrides the driver. One sensor malfunction or bit of water in a cable, and it's going to push you into the hardest kind of emergency stop. Hell, even at speed potentially because the speed it sees is just a sensor again. Just because it says it can't operate over a certain speed doesn't mean it couldn't operate the brakes at any speed in the case of a malfunction.

And an unexpected emergency brake of your own vehicle at 70mph going round a motorway bend in four-lanes of flowing traffic is fatal, no matter the distance in front or behind you.

3
1
Lee D
Silver badge

Re: Speed limit reduction

Was that after the very-public double-Volvo crash tests of exactly this feature where they totalled all the cars involved in front of the world's press?

Brave guy.

0
0
Lee D
Silver badge

Re: I hope this is programmed right ...

You stopping too close to the car in-front just involves him (through no fault of his own) when someone slams into the back of you and shunts you onto him,

There's really no way to win here, except give yourself adequate distance to stop at all times.

I have this ingrained after several near-misses where I stopped perfectly in time myself and then I look in the rear-view and SEE the guy behind notice too late. Only myself rolling/jumping forward into the distance between me and the guy stopped in front prevented the paperwork from being brought out. And I'm sure if I'd done that, and he'd STILL hit me and shoved me into the car in front, it would be a paperwork nightmare to prove that I'd actually stopped safely and was then trying to prevent an entirely different accident happening.

There's a reason that I bought myself in-car cameras, even on a really old, junky car.

On motorways, especially, you don't want to be within inches of the guy in front no matter what happens. Because that turns a rear-end shunt buffered by your boot and the length of your car into a double-sandwich situation with the engine block coming back towards your legs, and the glass towards your face. Stop, and warn and watch the guy behind, and be prepared for anything. In that situation, you can't even jump into the hard shoulder out of his way because he might have the same idea to stop himself hitting you. Stop early, move forward if you have room and it might stop a fender-bender. Otherwise, you just have to let him hit you and hope you don't pile into the car in front..

10
2

Back to the Future: the internet of things as imagined in 1985

Lee D
Silver badge

Re: IoT

Criminals, by their very nature, do this to anything you put in place anyway.

But, equally, criminals don't like alarms going off (even if alarms are next to useless). They certainly don't like the ones that inform the owner or summon help when the alarm goes off. They don't like that I can see them approaching my front door and have months of video to trawl to find that guy that I was sure walked past four times the day before that house was robbed, etc.

Criminals aren't going to stop just because you don't have this gear. And the real fact? Criminals are so simple (that's not an insult, their methods are NOT complex) that they don't need to have IoT to do all this stuff. Decide when you're out? Knock on your door. If no answer, then look around side-alley. Nobody will be the least bit suspicious. If you answer, "Hi, I'm just the area with a company called..." and nobody's any the wiser. Or look for a light on or (more relevant nowadays) a car in the drive (or absence of one).

And it's precisely the point of the IoT (that things are SO cheap that they are ubiquitous) that proof that you actually have money doesn't come from the camera in the porch or the lock on the gate or the smartphone gadget you took in, but by the size of house and what car you drive.

Hell, if they WANT to get into YOUR house, sorry mate, there's nothing to stop them. They can just wait for you and your family to leave in the morning if they're really that invested in taking YOU specifically.

Criminals work by simple methods. They aren't going to sit hacking your remote-control RFID gate-entry lock. They'll just look around innocently and then jump the gate or kick it. I guarantee you that nobody will notice until it's too late. The only way to stop them is to discourage them. And CCTV - though far from perfect, as those simple criminals have worked out to wear a hat to hide their faces! - is something that puts them off. Alarm system put them off. Especially if they suspect the guy in there is smart enough to connect it to his smartphone, and has CCTV that he might be able to see, and that he - as a burglar - will not know anything is raising alarms with the owner until the plod (or, worse, the owner!) pull up outside.

You know you can get fog-security kits for tiny prices now? CCTV is dirt cheap. Alarms, maglocks, RFID entry, GSM relays and alerts - some of these are in the £10-20 range now. An enterprising geek with a bucket of cheap gadgets and time on his hands is likely to be the worst person to try to target. (But they don't target. They're mostly opportunist when they see that the back-gate - which you could have just put on an automatic spring and maglock - is left open by mistake). Same with cars - the junkiest old car, for £20 on Amazon and bit of wiring - can be silently GPS-tracked live on the owner's smartphone and they can cut the fuel pump with a text message or just send the live Google Map to the police.

IoT isn't a criminal opportunity any more than you allow it to be. The devices need security, yes, but they provide a lot more. You can't even get a response from my GPS tracker unless you have a registered and verified phone number. Finding it would be a work of art because it's so small you can bury it anywhere there's a 12v line. Cut the power? It has its own battery backup good for 24 hours.

Same with the CCTV, the access control, whatever else you decide to wire up. Even that junk that they want to put on your power-meter? Sure, it might be insecure but it LOOKING like you're at home (how's that work in the summer and with automated central heating nowadays?) is different to KNOWING whether you are home and, eventually, they still have to visit your home to actually find out.

You know what's infinitely more dangerous? The car park booking at Stansted airport. When you book you give your name and address and tell them how long you'll be gone. Bloody dangerous. But, thank god I have IoT junk all over my house and can phone a neighbour if anything untoward occurs while I'm in a foreign country.

3
0
Lee D
Silver badge

Re: IoT is questionable...

I don't see that as a problem. Rarely does stuff disappear entirely and if you're that bothered you do just replace it. If you bought your house because it has fancy-garage-door-opener-X, then you'll make sure you know how to work it or have the manuals and support for it, etc. If you bought your house and it just happened to have it, it's no big deal to replace it if it breaks.

There are much bigger things you can buy a house for and then not realise how they are operated. Swimming pools, hot tubs, fancy showers, all big-ticket items. A few old CCTV cameras or a couple of access control switches aren't going to figure on the radar and, again, are easily replaced or upgraded.

More importantly is just how much of that stuff is worthless junk. Do you really need to change your kitchen lighting through a potential 16 million colours using RGB LED strips? No. Do you really need to have smartphone-controlled end-of-bed rising TVs? No.

My house is 80 years old. The boiler is standard, the mains is standard, the bathroom is standard, etc. Houses are updated by their owners, it's inevitable. What was a mess of weeds and a falling-down shed is now a pottery studio with kiln and potter's wheel, lighting, tool storage, wifi, etc. It's how it works (and if you think you have a hard time getting things serviced - find someone who can service an electric kiln that they didn't personally fit!).

The next guy is either going to a) pay for that because he knows exactly what it is and wants that, b) not get the option because we'll take it with us or c) not figure it into his pricing and thus not care if he loses the manual or has to re-run the cable to fit his standard garden tools. The CCTV, access control, etc. I've put in? It'll either go with me, or fall into disuse when I move out. If the next guy wants CCTV, access control etc. he's not going to WANT my control box talking out to the Internet anyway - he'll tie his own into the existing fittings.

Standards are nice but inevitably obsolete themselves. Remember when X10 was the ONLY way to wire your house for automation? It was prohibitively expensive, however - still is. So the £10 boxes and cheap remote took over with their non-standard stuff because they're so cheap that if they break you just buy another and wire it in.

The IoT concept is really "tech is so cheap, we get too much stuff for free when we buy a cheap chip, and we can afford to put them into anything and everything". As such, the problem solves itself quite quickly. Nobody's going to care about the previous resident's equipment because it'll be so common that you'll just re-buy or bring your own stuff that you know how it works.

3
3

$19 billion made from dumped e-waste every year, says UN

Lee D
Silver badge

No problem.

China will happily landfill anything you send back. They don't particularly care.

If they did, then they'd implement the next trick - send all electronics exports via a country that DOESN'T care but that you pay to take care of the problem. There are a lot of poor countries that will happily take 5% of the cost just to forward your electronics on an industrial scale, and take the hit of just burying toxic landfill for you when it comes back to them.

The problem is NOT one of passing responsibility back to suppliers. They are the exact people using this stuff in the first place. The problem is that not enough of the world cares about what they do with the waste, and the ones who do "care" will happily pay or legislate to just move the problem back to them. That they are the end-user, the consumer, the source of demand for these products, the people paying for them, and the people turning them from usable product into toxic waste seems to slip everyone by.

But, hey, let's blame China for the fact that we will only buy from them if it's so cheap that they have to use slave labour to make it, and then we can push the junk they produced back to them when it breaks (because nobody REPAIRS stuff any more) and make their people suffer for using the cheap components and not having the money to do a proper cleanup. And then penalise them for failing to adhere to global standards on recycling, handling waste, emissions, etc. And then still not care because they've making the iPad 9 for a price we could never make it for as we have to do all the above properly...

2
0
Lee D
Silver badge

I got voted down on this very site years ago for suggesting that this was happening.

Though you might push your e-waste to a supplier, the last one I spoke to used to take it to Heathrow Airport where it's then exported en-masse. He used to have all the correct paperwork, WEEE disposal licence, etc. and so did the other end. He was actually paid by taking spare copper (cables etc.) and melting them down, and he'd get £1 per monitor and things like that. It gave him enough that he'd collect anything over 20 items for free, load them in his van, drive them to Heathrow where they were sorted and pushed on for "recycling" in other countries.

Sorry, but it probably costs more than £1 per monitor to ship it internationally, let alone dispose of it safely. And the stuff we gave him was stuff that no amount of repair could bring back from the dead. And nasty stuff too - projectors with bulbs, printers with toner, CRT's, fridges, etc. That all costs to take care of properly.

There is no way that's being exported for recycling and then making a profit for anyone, even you could get the base cost of the raw materials back from it. They're shipping it off to countries that will happily sign off that they do "proper recycling process X" and then burying it in landfill and taking their fees for doing so.

I suspect, but similarly wouldn't be able to prove, that the same happens with an awful lot of the stuff that ends up in my council-mandated recycling bin (my council just-so-happens to use the recycling company that the councillor responsible for waste just-so-happens to own - I know, because I got him into the local papers when they stopped picking up my rubbish and did some digging, and COULD prove that). Food waste to composy? Absolutely. Paper, cardboard - sure, that's quite easy to bleach, mulch and re-use. Maybe even glass. But all those plastics? I'm not convinced that's profitable at all when they have to clean, sort, handle, melt-down, and can only use as low-grade plastics afterwards.

11
6

4K refresh sees Blu-ray climb to 100GB, again

Lee D
Silver badge

Looks at something being sold as new potential backup media.

Looks over at single, cheap, hard drive that came as standard in a bog-standard £150 business desktop.

Does some maths.

Realises will need 10 of these disks to get close to the storage capacity of the cheapest hard drive being sold with the cheapest PC at the moment, for a single backup.

Multiplies by number of users / desktops on-site at the moment.

Looks over to servers humming in the corner, in the rack with everything from cheap NAS devices to expensive SAN rackmount devices.

Nah.

Sorry, but something like a Buffalo Terastation will be cheaper to buy than the rewritable drive version of this, plus the disks to match capacity for a one-off backup, and will stay that way until the next available tech is similarly obsolete before it arrives.

And people buying discs? Sorry, but even DVD's are old-hat and found for pence in bootsales and charity shops. Blu-rays are coming into them there. Given that Blu-Ray is currently the BEST format we have out there, to see them appearing in such places means that people aren't actually using them for buying content any more.

If it would take my dad ten disks to do a backup of his old laptop with his photos of the grandkids that he's basically filled up three times over (and bought a cheapie £50 1Tb external drive TWICE now), then it's just not worth the effort.

As it is, machines aren't even being supplied with optical drives any more. There's no need for them for most peope. If you really need them a £20 external USB thing does the business. Hell, give me more USB slots and a Zalman VE-400 any day. I literally only store optical disks because they are the original supplied media, but for the last few years of VL, it's been downloads and logins that are the original media. Everything else is on a single, huge, portable USB hard drive that can pretend to be a USB DVD drive from any ISO on the disk.

HMV went bust for a reason. Nobody buys discs unless they're dirt cheap any more. Those they do buy, they are buying from Amazon. The ones you get you can't play on the computer anyway (tried it with a Disney DVD lately?) and have to have a dedicated player. Then you have to sit and can't skip minutes of junk (which will only get worse as the storage rises), then the disc will want to go on the net anyway,

Compared to just sticking it on your Google Play account and streaming it via YouTube servers, or Netflix or Amazon Instant Video or any other of the million and one services, discs are the bottom of the pile.

If it's pointless for backup, pointless for storage, pointless to buy, doesn't fit in the new machines anyway, requires all new hardware, and then you have to go back to buying net-"enhanced" discs? That's a really hard sell.

10
1

Swedish Supreme Court keeps AssangeTM in Little Ecuador

Lee D
Silver badge

1) He gives interviews on a regular basis to visitors to the embassy.

2) To assist his escape would be ... pretty much illegal I think.

3) I'm sure the plods outside would notice, given that's all they are there to do

4) Where's he going to go? Good luck getting out of the country without anyone noticing.

5) Definitely, supremely, absolutely resisting arrest - even if hiding in the embassy wasn't enough.

0
0
Lee D
Silver badge

More seriously - who's paying the lawyers?

Because I'm assuming that, apart from the odd media interview, Assange isn't in full time employment or education. Presumably, the same people who bailed him out (which out worked really well!), or he's receiving funding from Wikileaks etc.?

Who's paying his day-to-day expenses while he's in the embassy? And who's funding these lawyers (plural)? And, secondly, they aren't actually very good at what they do (I mean, it's hard when your client is on the run, but even so).

Roll on the day when he's slung in a British jail, transported to Sweden, maybe slung in a Swedish jail, and then forgotten about when he comes out. Nobody cares any more. Along with Royal babies and who's now minister of whatever, I'm so bored of him I couldn't care less.

2
5
Lee D
Silver badge

Re: Still looking forward to…

Before or after spending six months in a British jail for skipping bail and resisting arrest?

18
1

Door keys are an option. It's just a matter of time

Lee D
Silver badge

Re: No thanks

Think feature-creep.

There are already freezers used in medical cabinets that text when they go out of temperature ranges or lose power. This is a) useful, b) desirable, c) dirt-cheap. It's not hard to see the same benefits for a decent freezer at home. Hell, I've seen water-alarms under washing machines that text the owner and/or cut off the water at the mains to stop a flood.

The problem is that to get that, you're giving your freezer access to GPRS/GSM networks.

You can get a GSM-controlled, GPRS-reporting, GPS tracker for a car, with controllable relays to cut off the engine and/or sense that the horn has gone off and text you about it. For £20. On Amazon. Today. Give it a few years and that tech is so cheap that everyone puts it in things to sell to you. And it's hard to argue against a freezer that can text you to tell you that all your frozen meat is about to go off.

From that point on, everything else is commodity hardware and feature creep.

0
0
Lee D
Silver badge

Re: Solution looking for a problem

I'm a tinkerer, so I like joining things together but I only do it where I see a purpose.

So my car has in-car GPS tracking. Sure, it can go on the Internet and provide me a live trace of my car's whereabouts but it doesn't, unless instructed. Having it online and able to a) text me if it moves and b) text me it's exact location is very handy, however.

I just put access control on the side-gate to my house. My girlfriend wants to lock her bike away, not in full view, and we have a side-alley that's perfect. We don't want to leave it open, though, so - while balancing on her bike - she has to be able to cycle to the door, unlock it, go inside, lock up her bike, come back out and get into the house. The alley has a gate from and back of it (the back leads to our garden). I don't want the back gate being opened except from the garden. There's no need. So the easiest solution was to put on an RFID reader and a maglock. She can cycle up, doink her tag on the gate and get in without someone else doing the same. She doesn't have to faff with keys from a bike, or get off the bike only to then wheel it into the alley. And the bike is safe.

Side-track? Well, while doing this, it was actually cheaper and easier to put in all the RFID and maglock than even a conventional decent gate-lock. And we know if the gate is opened as it beeps in the house. And, as massive online-orderers, we often have parcels delivered. Traditionally they are given to our neighbours but - honestly - we think that's annoying for both them and us. For large parcels we could now provide a code to get into the alley where parcels can be left and locked away. But for things like that, being able to REMOTELY open the gate is something I'm considering. The same GPS kit I use in the car has the ability to control relays by text message (for cutting off the fuel-pump if your car i stolen), and it's about £20 for the whole thing. Putting that it would let me know on my phone if someone's opened my home gate and allow me to open it for them. I often get delivery drivers phone when I'm at work and ask where the parcel can be put safely.

Now, I have an analog CCTV system. I bought a cheapy DVR recorder for it. It can record 16 channels and has a 1Tb hard drive so it can store several MONTHS worth of CCTV. Better, however, is that it *can* be accessed remotely. I don't do it as a matter of course but - should my side-gate be opened with a code, or I get a phone call, I can see who they are and what they're delivering and that they've done it right and not walked off with my girlfriend's bike in the process.

Feature-creep like this is inevitable as the hardware gets to the point where it's so cheap that you get the feature for free. I'm actually quite anti- living my life through cameras and smartphones. I've spent years of my working life trawling CCTV footage of one kid pushing another in a playground, and it's not at all fun. I quite like the last few schools I've worked for because they just don't have that level of CCTV nor need it. But, still, the ability to buy a cheap device and it have these features is great as a geek. I lock them down and don't just have them providing a way into my home network, but that's just a question of specific management of them.

However, a cheapy £20 in-car GPS has this stuff nowadays, including GPRS/3G live tracking, relay control, text-alert etc. A cheapy £75 DVR has it too, including free smartphone app. As we move forward, everything gets all these features "for free", and that's the real danger - you can't stop manufacturer's putting in a generic chip that does everything and offering its entire functionality up to the user even if they only bought it as a GPS-tracker. But how do you lock that down, manage it, audit its usage, etc.?

That's the problem we face. Not "why would you do that" (the answer is, the second someone makes an electronic fridge control with those features for a couple of quid for each chip, every fridge in the world is going to start having the ABILITY at the very least), but "I have 20 devices that ALL do that by default and for free, how do I manage them?"

Hell, Arduino-compatible boards are £3 each on Amazon. You can get a GSM shield for £20, a wireless one for £10, an Ethernet one for £8, and Bluetooth, RFID etc. for a pittance. That's geek-toys sold as commercial units. Imagine what prices the manufacturer's are being offered when they just want a circuit to do a particular job, and what other functionality those same chips offer? And do you think that just because they use a chip that has all those features, and even if they don't properly hook them up, that's it wouldn't be a security risk still?

The IoT is something that has a natural progression to ubiquitous technology. And it's scary. Because if you're going to pay £1 for a chip that monitors the temperature in your fridge, but that comes with wireless access too, and LCD display drivers, and text-alert functionality (like commercial and medical fridges already do), all for the same price and package size - there's a point at which people will just slap it all on "just because" or forget to turn it off (or not turn it off in case they can licence you that functionality later!). Stopping that isn't going to be possible because of the business case. Managing it as a user is what's critical and needed.

What we don't have is a way to manage the inevitable. We don't have a way to securely enable/disable functionality, enforce a household policy, make them all talk together, etc. That's what's needed. Pretending that your next tech purchase won't tie into the wireless isn't reflective of reality, however.

1
0

For its next trick, Microsoft diminishes the iPad with just a driver

Lee D
Silver badge

I bought my girlfriend a Windows 8.1 ("With Bing!") tablet for her birthday, thinking it would replace her laptop without having to worry about office compatibilty. It has the click-on keyboard case you describe.

Basically every single gripe we have about it is precisely related to its being Windows, not the hardware (which is available for anything nowadays). Windows forgets that it's touch-driven, sometimes. The only way out is the Windows-key soft-button (if that works). Swiping from the edges brings up things that CANNOT be turned off, no matter whether you're in a fullscreen program or not (go for the scrollbar, end up in PC Settings, etc.). There's options in every other version of windows to disable, but NOT the one ("With Bing!") that they sell on the Windows tablets nowadays.

Honestly, every single thing she's commented on, it wouldn't have been a problem with a tablet. The only proper "Surface" devices I've known have ended up as showpieces for similar reasons, We were given them or obtained them and they were quickly relegated from any "real" work whatsoever. Bear in mind that I work for schools and we've been using touchscreens and interactive boards for decades now, and that I've put Windows 8 into two schools on such hardware already.

If you want to use Windows, use a laptop or PC.

If you want to use tablets, touchscreens or anything else touch, don't use Windows. It's just not designed for it.

Hell, with the 365 versions of Office coming to even Android tablets, there's almost no reason to use Windows on a tablet anyway. It's just not built for touch devices, it's just had that bolted on - much like Windows XP for Tablet PC had all the same things bolted on as after-thoughts.

Honestly, I wish I'd bought her a proper tablet and then, if not adequate, a laptop with Windows. The combination is just a mash of bad design ideas.

13
3

Chill, luvvies. The ‘unsustainable’ BBC Telly Tax stays – for now

Lee D
Silver badge

Re: Am I the only person...

I think the price is a bit steep. With digital TV etc. nowadays, there's no reason you couldn't just slap, say, 1/5th of that on the price of a TV. If you can afford a TV, you can afford the licence fee. The more TV's you buy, the more expensive it gets. And you can't "avoid" it legally, and the administration is so much easier.

As it is, if you sell a TV, you have to collect details for TV Licensing. I'm sure they'd rather just have £20 tax on the price of every TV (or even make it relative to screensize!) and save all the paperwork.

The BBC is good, but I'm not sure why I should be funding them in preference to others. The percentage of time I watch BBC content compared to anything else is... miniscule. Less than 5%? And I lived without a TV (or licence) for many years.

Honestly, if you're going to "tax" it, then do so properly and in a way that can't reasonably be avoided and doesn't need a ton of money to make sure people adhere to the rules. Slapping a "£1 per inch diagonal of visible screen" tax on each new TV sold is the way to do that, surely? And then you penalise show-offs, large commerce, and new-purchasers and not second-hand scourers, tiny TV for the kids and only-one-TV-in-the-whole-house people. You can tax at source, and Samsung, LG et al do the paperwork rather than you or the consumer.

And, over the years, you'll get roughly the same kind of money out of it as people need to buy new TV's when the old one breaks, as people stop avoiding the tax, as administration is significantly reduced, and as the old codger with the black and white TV that he's going to keep until he dies doesn't have to worry about it.

I find it ridiculous that a huge workplace can pay the same for hundreds of "digital signage" screens all showing BBC News as some old pensioner does for her 4:3 CRT that she only watches Emmerdale on.

4
19

Tesla's battery put in the shade by current and cheaper kit

Lee D
Silver badge

Re: Kettle efficiency

The problem I have with such efficiency drives:

Multiply by time. The kettle might be stupendously powerful. But unless it's on for an hour at a time, it's not really worth counting. The more powerful kettles boil even quicker.

All your faffing about, if it boils ten litres a day, might say you a single unit of electricity. Maybe.

Sure, it's a lot of energy, but it's not the end of the world.

However, as pointed out, a quite jaunt in the shower might - on electric - be as powerful (or more) and last 15-20 minutes, for multiple people, multiple times a day. That's a lot more power.

All the messing about buying glass kettles and thermos and transferring from one to the other and taking only a little bit of water and so on and so forth... I can't justify the hassle.

And what you want could have been achieved easier with those taps that boil the water for you on demand, the same as the heating elements in the cheap coffee machines that can produce instant boiling water. Nothing is "kept warm". Nothing is heated unless it's to boiling point. And you heat only as much as you need to boiling point.

Two approaches, same cost-saving, one a luxury and convenient, the other messing about with thermoses and drawing lines on your kettle and educating your kids. And, actually, the one with the much higher temporary draw on the power supply, seems to make much more sense to me when you figure out the energy made to produce a glass kettle or vacuum-sealed glass thermos.

0
0
Lee D
Silver badge

Re: Back of an envelope calculations

I was doing the same calculations when the article appeared on Slashdot, and other places.

Basically, it can't compete with a home-brew lead-acid system using established circuitry, well-known and replaceable battery tech (you could literally buy a new battery a week from the Halfords down the road once they start to run down), and something which people will already have in place if they have any kind of home renewable setup. Hell, I was looking at a 3KW mains inverter from 12/24V and they are in the cheap-commodity price ranges now because of all the solar nuts.

Just not sure what they think they are selling that's "new". Sure, different battery tech, etc. but it doesn't seem to add anything. If anything, it takes away (look at those charging cycle numbers, and the max surge output power! It's pathetic!).

I sympathise in that having a company solely reliant on high-end battery technology sucks at the moment. Because we just don't have anything beyond, quite literally, a bunch of laptop battery cells joined together. We just can't compete with that. And the only way forward is to either invent a new battery type that's revolutionary, or make the existing battery types cheaper by producing en-masse. But, sadly, neither option actually solves the problem or gets into the order of magnitude that we actually NEED.

More worrying, I would think for people who own their cars, is that if the company is really that reliant on batteries, you only need a tiny blip in lithium prices, or for such projects to fail miserably, and all that battery warranty comes to naught and one of the prime components of the cars becomes pretty much unobtainable.

Sucks to be an early adopter reliant on some magical, mystical technology advances that nobody has.

11
1

Keurig to drop coffee DRM after boss admits 'we were wrong'

Lee D
Silver badge

Re: Honestly, what is wrong with an ordinary coffee pot?

Don't know about this particular machine, but I use the coffee-pod machines because they're damn fast. Put in pod-thing, press button, boiling how water out in seconds and a cup down in under a minute, ready to drink.

I'm not a big coffee officianado (I live with an Italian who has all the espresso stuff but it's just a bitter thimble-ful of mud to me), but I use it for hot chocolate, tea, coffee, etc. Press, cup, done. And it tastes just as good and even my girlfriend says it's good enough for her - she still makes the odd espresso from her prized coffee stock in the espresso, but it's much more common to see her just buy a particular brand of pod and stick it in the machine. Especially if she's in a rush.

I have one in my office too. Great for visitors. Tea, coffee? There you go. Let's get down to business, no awkward hanging by the coffee machine not yet ready to get down to brass tacks and trying to talk about the weather or your favourite drink. Since I bought one, another four or five have popped up on site as people see mine (guard your pods with your life!).

And they don't suck more electric than a kettle would, they don't have buckets of steam coming out of them (helpful in an IT environment), you can make lots of different drinks, etc. Hell, I've done a cup-of-soup in mine too, just using the hot-water from it. Convenience, basically, but on a scale better than instant coffee or whatever else.

4
0

'Tough' UK public sector blamed in BT sales hiccup

Lee D
Silver badge

Fair point, but you're not seeing the picture I see.

The previous Virgin install cost something like £10,000 just to get the Virgin cable near enough to use. That's on top of the leased line fees. We couldn't use any other provider as they all piggy-back on BT and, thus, are not only more expensive than BT but also just... well, they are BT sold in a different box. There's no way to use a ordinary telephone exchange without involving BT, and - as pointed out - BT backhaul is often the only way that Virgin can supply a line either. Thus they have absolutely no incentive to compete, give good custom, nor anything else. We paid because we HAD to get away from BT.

The other (current) install - a millionaire who lives down the road had basically paid Virgin to run a private line to his house. The cable goes over a kilometre JUST to service his property. God knows what it cost. We only found out that it was there by chance, as it's not listed on Virgin's normal service charts (which all say we can't get their services). We negotiated and they were able to extend it. This is the one where it took BT two years to put in a fibre and they really couldn't care less about us not finishing install because they were convinced that NO competitor was able to service us without us activating the BT line somehow.

They were wrong but only because THEY didn't know about the one-off connection to a single house on the borders of the property that VM let us piggy-back on. They literally did nothing for two years, then hurriedly put things in when we mentioned a viable competitor and at that point discovered that NONE of the planning for the line had ever really taken place properly. Then we cancelled. We still get bothered by them, and still had to pay them (via other providers) to get a VDSL connection in the meantime.

You don't have to have EVERY SINGLE cable to be a monopoly, in the same way that Microsoft didn't need to be on EVERY computer to be a monopoly. And BT abuse their position to the detriment of customers, large and small. The entire village (inside the M25, so not really "out in the sticks") serviced by our school is on junky ADSL and you need VDSL to get anywhere near half-decent speeds, which costs extra, and there is basically no viable alternative unless you happen to have a millionaire next door who's already paid to bring fibre all the way down the road from another town to within a decent distance of you.

Even then, we had to do half the installation (for 1.2km of fibre to get from that guy's house to where we actually needed it), pay the extra installation costs, and wait six months for Virgin to get close. But we could have piggybacked on a BT line, we were stupidly close to getting a BT fibre put in, we had BT phone lines, but it still took two years and ZERO movement to get close to a business-level connection no matter how much we paid BT. They just didn't care because they knew we'd have to use them so any threat of going elsewhere was useless. That was, until they realised that we COULD go elsewhere when suddenly I had guys all over the site drilling holes and pulling cable but - sadly - not checking that the local cabinets/exchange had the capacity to handle it at any point.

Honestly, even weeks after cancelling the contract we had BT guys turning up "to install your fibre". We refused them entry to the site. I can only hope that the other houses and businesses benefit from our hassles and we can turn the town into a VIrgin-served one by the expense we've gone to to get the connection.

The next day after our fibre went in, BT OpenReach were digging more cable a few roads away and leafleting the local town. Either we panicked them, or the Virgin backhaul does actually rely on BTOpenreach at some point. Judging by what we were told (and the cable planning maps I saw, which have the Virgin fed from entirely the opposite direction), we think it's the first.

0
0
Lee D
Silver badge

Not surprised.

I work for a school, we priced up a leased line with them 2-3 years ago. After 18 months, still without a single fibre actually coming into the school, we cancelled the contract (after much warning I might add). Every excuse under the sun. Two guys came and took an hour to drill one hole through a wall (which actually took them two minutes), then left. Another set of guys came and did X and left. Another set did X only when we shouted at the lack of progress, then left. Every time no clue on what was still to happen, what happened next, how long until the next guy turned up.

They hastily pushed through the blown-fibre carrier pipe when we threatened cancellation, so we had an empty tube in place, but when it came to blowing the fibres it was discovered that, actually, after 18 months of knowing this had to be done, there was no room in the cabinet/exchange for the fibre anyway so we'd have to wait another few months for them to upgrade it all. We cancelled at that point and told them to remove their installed gear or abandon it. They abandoned it.

Then, yesterday, a year on, a BT guy appeared to "check on the fibre". He was not shocked when I told him how it was cancelled a year previously and the empty tube just left dangling in my office. But, again, more waste of money and time all round.

If that's how you treat your business leased-line customers, and waste your own money (we'd signed a contract, but had never paid a penny up to that point because we weren't required to, and certainly paid nothing after cancellation either), it's little wonder you're struggling. God knows what the poor fools with BT phone lines are suffering through.

Ironically, their suggestion was that we went with VDSL (FTTC) instead. We did so as an emergency measure to have some connectivity above ADSL levels, but were told the max we could get was 45Mbps where we were, and the max we actually get is 10-15Mbps. So I'm running a school with hundreds of machines off a standard business line with 10Mbps down and about 4Mbps up.

Though we can't avoid them, because of their monopoly on the lines etc., we are currently moving as much as we can from them, including trying to get a Virgin leased line in (which should be pretty independent of OpenReach etc.) and then SIP'ing all the phone lines instead.

BT have always been a shower, ever since they refused to supply ADSL to another school I worked at which was LITERALLY across the road from the exchange. We had so much faffing about, it was unbelievable and whenever the workmen disappeared, we just walked across the road to find them. And even then we ended up with 2 x ADSL2 lines only because they never had VDSL back in that time. So, again, an independent Virgin line was brought in there as well.

I'm only surprised they are still allowed to profit from being the ONLY people capable of installing these lines in the first place and reselling them.

4
0

Why don't you rent your electronic wireless doorlock, asks man selling doorlocks

Lee D
Silver badge

Re: My reason isn't in the list

Not really.

My home uses water, gas and electricity. I'd be quite impressed if, with the installed hardware they could even tell when I got home of an evening.

Old-fashioned spinning-disk electricity meter connected to a phase shared with every third house on my street. Gas on a mechanical tick-over meter, again shared with the street. Water on no meter whatsoever, again shared with the street.

I'm sure if they wanted to they could cut me off temporarily, slap some specific monitoring device further up the line, just to collect that data but I'm pretty sure it wouldn't be worth the effort. That's why the electricity companies want to put a smart meter in your house but, pretty much, want someone else to pay for it.

Total usage, maybe, but for the last two years I've been the one sending the electricity/gas companies the numbers from my meter cupboard, and my water is metered based on house size from what I understand.

And even with a smart meter, the usage pattern of a standard daily peak in usage tells you pretty much nothing of what's actually happening in a home compared to - say - sniffing the packets of when you actually, physically unlock a door live via a cloud server.

Three totally different levels of information.

10
1
Lee D
Silver badge

Even most British Standard, home-insurance-compatible physical locks can be defeated in a matter of seconds if you've any kind of practice at that (e.g. a bunch of old locks in your bit-box and a quick Google search).

Electronic locks are slightly better in some regards - if nothing else they often combine "lock" and "door open / tamper alarm" in the same product, and if they are all cloudy, they could actually tell you if someone had bypassed them, or even just fooled them into opening.

I don't use electronic door locks in my house, but in some workplaces etc. they are much more common than key-locks. I have one on my garden gate, but that only gets you into the side-alley. It's probably quicker to jump the gate than piss about with that lock, especially as it alarms.

But the main reason I wouldn't rent access control is exactly why the manufacturer's would want it - once I've "paid" for the hardware, they are just making pure profit from me for little to no service. Hell, maintenance contracts for access controls systems I manage in work are severely cut down every time we look at them as, unless something goes wrong or someone breaks in, we are just losing money on them. And when something does go wrong, the cost of it is the least of our worries at that point anyway, and doesn't come near the annual average cost of the maintenance.

Monthly payments - no. Do not want. I don't want to rent my life, thanks. That applies for everything from software-licences to houses.

9
2

Barclaycard axes bonking payments bracelet

Lee D
Silver badge

I'm far from paranoid, but I'm also never on the cutting edge (for several reasons).

Contactless isn't yet in the stage where it's viable to attack en-masse. Let it gain ground, let your frauds sink into the background of millions of exchanges a day, and then you can start playing with radios and authorising payments in the user's absence.

I'm just not convinced of contactless at all. Why not even just "contact". I have to tap the Oyster against the thing anyway, there are a plethora of 1-wire protocols you could use and then you don't have the "broadcasting radio messages on known frequencies" problems that you do with contactless. It's no quicker to get within a few cm's than it is to actually touch something. And at least if someone's tapping it, you stand a chance of detecting it with just your eyes or even electrically.

I have, however, sold (not directly, but got them to buy) many RFID-blocking sleeves to friends and relatives without even trying. I had a set. My friends/family saw them, asked what they were, bought their own - or an RFID blocking wallet.

All the current card technologies (Chip & PIN, magstripe, contactless) seem to be insecure, as far as I can tell. The only exception is where you're posted a secure pin-pad thing to authorise large transactions or direct debits - because those MATTER to the banks. You / the retailer getting stung for £20 isn't even on their radar, so they don't care.

Chip & PIN, especially, drives me mad. You have to enter your PIN into random box handed to you with different manufacturer and no verification of what it is, plug a number in, and that can be magically transported through the airwaves to verify at your bank. There are SO many holes there that you can drive a train sideways through them. Not least, I have no idea if I'm being MITM'd and the actual Chip & PIN machine is behind the bar and some guys is just recording PINs from his modified keypad, pretends it authorised, and then later uses them to perform the "real" transaction, plus the occasional fake one.

Sorry, I just don't trust it. Oyster itself went through several versions of insecure cards before it got sensible and yet the "insecure" ones are still just as valid for payment. Give it a decade or so, and I'll have a look again.

3
1

Apple Watch fanbois suffer PAINFUL RASH after sweaty wristjob action

Lee D
Silver badge

I have a bunch of those little milk carton thingies in my office.

"Whole Milk"

"Contains Milk".

Actually, it only "contains" in the mathematical sense - because it is entire, 100%, whole milk. It doesn't "contain" milk. It *IS* milk. There's nothing else in there BUT milk.

But still, on a lid the size of a 20p coin, it has both Whole Milk and Contains Milk written on it.

0
1
Lee D
Silver badge

Re: In fact, warning does make sense

Correct. Peanuts are, quite literally, a type of pea.

However, you can still be allergic to peanuts. And because they are called nuts, the warning is intended to include them too (buy anything with peanuts and it won't say "may contain peas", it'll say "may contain nuts".

Be suspicious, however, of anyone who claims to be allergic to "all nuts". Because most of the things they'll say they are allergic too aren't actually the same thing at all and it's incredibly unlikely that they are allergic to ALL "nuts".

6
1

Major London rail station reveals system passwords during TV documentary

Lee D
Silver badge

Surely the lesson to learn is:

DON'T PUT PASSWORDS ON HUGE DISPLAYS ATTACHED TO THE COMPUTERS THAT NEED THEM.

I don't disagree with writing them down. But put them in a book and lock the book away. Hell, I used to seal our "disaster recovery" password book such that anyone opening it would break the seal that couldn't be redone with damage. Then we put it in the company safe. Anyone slyly opening that to get the password would hastily put it back, and I'd know if a superior had ordered it open without my knowledge (for which I stated in advance, at that point I would be handing in my resignation unless there was a REALLY good reason, e.g. I was in a foreign country and uncontactable and a major incident, or if they were investigating myself for some reason, etc.).

Passwords are still passwords. Don't broadcast them on the same machines that require them. That's pointless. Don't whiteboard them at all. RAF places having them written clearly on bulletin boards? You're idiots. Distribute an internal email/memo to those who need them instead.

If you need to publicly advertise the password, you are effectively making that account unpassworded. That might even be a sensible alternative (if you can only access from the intranet anyway, and have to be logged in to do that, and it's just a hassle of yet-another-password). But you do have to consider that.

UK Data Protection basically says nothing that you can't write passwords down. But they have to be given only to those with need for them to carry out their duties. As such, writing them in a personal book or a memo in your (hopefully passcoded) phone is fine. Putting them on a noticeboard is not.

4
3

Oxford chaps solve problem in 1982 Sinclair Spectrum manual

Lee D
Silver badge

Re: Good times, those

I work in schools. I do their IT.

Every school has what I refer to as a geek clique. It may be a couple of students and a keen teacher, or maybe 10-12 of us all together (including the IT manager). In those groups, we meet once a week and hack on stuff. Just in the last year, we've built drone copters (we tried building out own but it was... over-engineered, shall we say, and likely to never take off), used Raspberry Pi IR cameras to great effect, we're pushing through Arduino now where C-syntax is used to directly push pin voltages to control hand-built circuits with basic components (literally resistors, diodes, etc. none of this modular or high-end rubbish), we discuss the old computers, we demonstrate several programming languages and dive into assembly for our examples of what's actually happening. We discuss Turing, and Lovelace, and dip into Godel's completeness theorems, graph theory and all kind of things.

The kids sit and hand-paint 2D isometric games using MS paint. We knock up parts for the drones in Sketchup and print them out on the 3D printer.

NONE of this is in the curriculum, this is all after-school clubs and lunch-time things and extensions when the lesson is over. In fact, in this school, we rejected even the new IT curriculum as it didn't go far enough. How old are these kids? 10-11 for the most part.

There are geek cliques out there, still. There are people that know "the old ways" and will whip out a Wheatstone Bridge circuit diagram from memory and explain how it works, or churn out some 6502 code from heart. And the right groups of kids still find it fascinating. Hell, I was working with an IT technician in a previous school who was 20, and it's amazing when you realise what a 20-year-old was never exposed to in IT terms. Six months later, the guy was learning programming languages for fun.

The community is still there. In fact, if anything, being a geek isn't quite so bad. When I was a kid, in an inner-city comprehensive, you were shunned for being the geek and had to find those like-minded geeks. The geeks pupils I socialise with now, they don't have that kind of isolation. Raspberry Pi is cool. Making a case for your iPhone on a 3D printer is something that will bring 20 "uninterested" kids to class to see if they can make their own too. Every kid has a smartphone already, theirs just has some programming apps. Every kid is jealous of their drone and will go get their own from Maplin's just to fly it around.

If anything, the community is more alive than ever, even if the old tech has taken a back seat. The reason that you don't see it is that it's part of modern culture too. Being able to "write an app" for your smartphone is something you can do on a freebie website nowadays and all kids do it in lessons as part of the curriculum.

The geek culture is alive and thriving in today's youth, which is great for the likes of myself who didn't have the community side of it when I was young and can now enthuse over quite how cool the operation of even a single transistor is in the company of like-minded people.

If anything, the problem is that technology is so complex, projects can be boring. You want to make a GPS-reader for your RPi project? Buy this GPS module for £20, it talks serial to the board, done. Because you don't really stand a chance of making the circuit on your own due to the complexity. But you can still teach and learn the basics, have fun, find friends who also enjoy it and have lots of geek-out moments where you go completely off-track and start showing them old "computer hacker" movies from the 80's.

Those times aren't dead, geeks are just more accepted nowadays. Being a Sheldon isn't what it used to be.

36
1

Fondleslab deaths grounded ALL of American Airlines' 737s

Lee D
Silver badge

Re: Told you so!

The NHS health records debacle. We sent millions of records abroad to be computerised, all we got back was junk because the handwriting couldn't be read or was mis-read (hypo- instead of hyper- makes a big difference in medicine!).

Signatures? Given that most of the signatures I see every day are fake - nothing more than scanned-in JPEGs of handwritten signature, maybe that's a good thing. Does your credit card need a signature any more? Cheques are already dead. A signature is a VERY poor identifier. I guarantee I can copy your signature with a dozen random examples and a few hours of practice.

So maybe it's a good thing that digital signatures, including certificates, are being used for renewing driving licences, submitting tax forms, etc. and have been for years, and that I've even used several contract-signing services online where people "sign" with full verifiable, legal proof of their consent to the agreement (not just a "tick this box to agree").

Handwriting is dying, I tell you. Give it a few years. I can't even remember the last time I used a pen. Sure, I work in IT but I'm a stalwart who only got a proper smartphone a year or so ago. And if I'm living quite happily not using signatures today, you can be sure the rest of the world won't be using them in a few decades. My employer uses smartcards and digitial certificates to authorise payroll payments in the millions. I've signed my contract online. I verified my identity online for CRB purposes. I pay all my bills online. You can authorise Direct Debit without a single signature online. My bank account gave me a smartphone app to replace the secure-pin-pad thing that I've been using for the last ten years.

I honestly can't remember the last time I signed anything binding beyond a "this is our visitor record, name and sign please". And even that, I priced up an iPad one just the other day.

Handwriting, and signatures specifically, are dead.

2
3
Lee D
Silver badge

Re: Told you so!

Sweden and Finland are considering removing handwriting from their curricula.

And quite how many documents from "the olden days" survived, as a percentage? It's extraordinarily tiny and usually only the stuff that mentions kings, gods, etc. and was worth carving in stone for those who had the money.

Technology is no different. If you take efforts to preserve it (e.g. UK tax history, criminal records, etc.) then it will be preserved. But the vast, vast, vast majority of things won't have that process applied to them. So only scraps and bits will survive as time goes on.

We now record and generate more information EVERY SECOND than the collective entirety of every work up until the computer age. You can't store it all. You can't preserve it all. You don't WANT to keep it all as you can't even begin to analyse that amount of data sensibly.

However, your child's child likely will have no need of handwriting beyond block-capitals. Even private schools are now beginning to decree "digital pencilcases" in addition to the normal pencilcase, including tablet computers, etc., and it won't be long before they are the norm. The next generation will learn to type their name into an app long before they pick up a pencil.

2
8

Apple to devs: Watch out, don't make the Watch into a, well, a watch

Lee D
Silver badge

Re: Zap, darling...

So that's "Developers are too stupid, only we can program perfect apps, who cares what the user wants or whether they realise that one app is sapping all the power. And, hey, we won't bother to tell you the super-secret API tricks we use to save power because that would make your apps USEFUL to others, we'll just keep you all in the dark"

There's a reason I hate Apple. In fact, there are many.

2
1

Your new car will dob you in to the cops if you crash, decrees EU

Lee D
Silver badge

Re: Remind me how this works

No worse than whatever happened previously.

If you can't get a cellphone signal, you can't phone for help yourself either.

Likely the in-car thing will actually have a better aerial than your phone, though.

And there isn't much land nowadays that can't get GPRS at minimum.

If anything, surely this is a boost to GET that 100% coverage that everyone wants?

9
2

Page:

Forums