* Posts by Philip Storry

84 posts • joined 28 Nov 2007


Shared services centres flop: Only one UK.gov department uses them

Philip Storry

Needs detail...

In its departmental overview for 2015-16 the NAO revealed that customers other than the Department for Transport have now withdrawn from their Arvato shared service centre contracts and will seek other arrangements.

Why? We need detail!

And I'm not railing against El Reg here. I went back and checked the original report, and there's nothing there either.

So why are people leaving the platform? Is it something core, or a fixable detail?


OK, we'll have to ask the grapevine. Anyone got any ideas?


Oh no, software has bugs, we need antivirus. Oh no, bug-squasher has bugs, we need ...

Philip Storry

The good news is that the vast majority of vulnerabilities have patches available on the day they are made public

I think what they meant to say was:

"The good news is that the vast majority of patches have vulnerabilities available on the day they are made public. Otherwise we'd be out of a job."


SQL Server on Linux: Runs well in spite of internal quirks. Why?

Philip Storry

Repositories? apt and yum integration? Really?!?!

any dependencies needed are pulled where APT fetches the main install off the MS repo

MS are hosting their own repository for updates of this? As in, actual .deb/.rpm packages that are fetched and installed with "apt update" or "yum update"?

Because that's one thing a lot of big companies often manage to "overlook" when porting software to Linux. It's very disappointing.

But if Microsoft are giving us repositories, and adding them to the system config so that the updates of SQL Server are managed just like any other component, then I have to say I'm bloody impressed.

That's how it should be. I'd assumed that this was just some hacky "it runs, it's done, ship it and hope" kind of affair, but actual repository integration shows a level of effort and attention to detail that's warming the heart of this cynical old git.

Well done, Microsoft. Well done.


Portable drive, 5TB capacity. Hmm, there's something fishy here

Philip Storry

And the problems are with the software...

The included NTFS driver for Mac makes it interchangeable between Windows and Apple notebooks.

Ye gods, what a craptacularly idiotic idea! Who the heck would want to trust their important data to non-native filesystems that are being handled by Seagate software?!?!

That's a genuinely scary thought.

A quick googling shows that they're probably using a licensed version of Paragon Software Group's NTFS drivers - which I'm sure are fine. But for my backups, I'd rather have a native filesystem please...

(Yes, you can just format it. But how many people are going to do that? There must be a better way...)


Three LibTIFF bugs found, only two patched

Philip Storry

Still used by international banks to confirm some types of business. Lawyers like faxes.

You can try to take an email to court, but a lot of jurisdictions don't have any guarantee it's binding. Whereas the 60's/70's/80's were full of court cases around the world that settled, definitively, that a fax or photocopy of a contract was still a contract - you don't get to ignore it because it's a copy.

(Yes, people really tried that scam.)

Also, email can be traced, but fax usually means that there's a phone call and that gives you another level of evidence should you need it in court. Although personally I never really bought that argument, and fax systems seem to be going to the cloud and fax over IP (FoIP) these days.

The last few fax systems will probably be all electronic, never putting out paper unless the recipient wants it. The input (probably an account summary or trade confirmation) is generated by an application and picked up from a file share or some kind of message queue, converted into a set of images, and then sent via either fax over IP or a real phone line, to a system which does pretty much the same in reverse and delivers the images (and maybe OCR'd text) to an application.

But the legal aspects will keep people on that system for a decade or so, until someone realises that the expense of the infrastructure outweighs the potential cost savings in court...

(And it can be expensive. I know of a couple of banks whose license estate for faxing infrastructure is in the seven figure range on software alone, let alone the licenses for the platform below that software. At standard software maintenance rates, that's a pretty nice amount of coin for software which is mostly in maintenance mode these days...)


Apple grounds AirPods launch with shipping delay

Philip Storry

The iPhone 7 isn't any thinner than the iPhone 6 though.

And I think they painted themselves into a corner with the seeking of such slimness.

I have owned phones from the Sony Xperia Z line for the past for or so years, and they're great. But put them down next to an iPhone 6, you (just about) notice an extra half millimetre or so of thickness.

Just about enough room to put a nice rubber gasket in around the headphone jack, so that the phone is waterproof.

Having looked at them, I think that the iPhone 6/7 are too thin to waterproof AND have a headphone socket. They only had three options - waterproof it and make it thicker, waterproof it and remove the headphone jack, or don't waterproof it.

The wanted waterproofing, so that left them two options. I can't say for certain why they chose to remove the jack, but I suspect that Apple view making the device thicker as being a step backwards, and they lacked the courage to do that and put a bigger battery in. So they took the only way out that remained...

Of course, if they were Samsung/Sony/HTC/Huwai/Whoever, they could have just tested the market with another model. But they're Apple, and want as simple a product lineup as possible - hence my verdict of painting themselves into a corner.


20 years to get Amiga Workbench 3.1 update, and only a fortnight to get first patch

Philip Storry

In other news, Samsung looked on and frantically scribbled notes in a folder marked "Android Update Policy"...


Donald Trump running insecure email servers

Philip Storry

It's cool.

He's got experts - believe him, real experts - looking at this right now. Ten years old, very smart - the smartest - and one might even be eleven.

*waves tiny hands*

And unlike Crooked Hillary, The Donald doesn't even know how to delete an email. He just doesn't know. But if he did know, he'd only be deleting emails from those people. You know. Those people.


More seriously - even if someone did break into his email, what do you hope to find? All of his bigotry and hatred is on Twitter at 3AM. All of his bankruptcies were public. His sexual assaults are somewhat public. The people he didn't pay for their work are common knowledge right now.

Oh. I get it. What's the betting at least one mailbox is just full of invoices from the company he stiffed for doing maintenance and upgrades on this system?


Fujitsu to axe 1,800 jobs across the UK

Philip Storry

Global revenue has remained flat at Fujitsu for a number of years

Ah, so this is probably down to the chasing of short-term performance figures.

No doubt next year, they'll record excellent performance.

And two years after that, they'll report high overheads - because clients are leaving them as they can't meet SLAs, and they have to hire expensive contractors in to get certain key jobs done. (Luckily, they have experience from a previous employer. Wonder who that would be?)

The joys of short-term capitalism. Simply making a profit, steadily, year on year isn't enough these days...


Good God, we've found a Google thing we like – the Pixel iPhone killer

Philip Storry

Re: Err, written by a fanboy who has not seen a decent android phone

Ah, but it's the best camera according to DxO! Who do scientific measurements, and everything!

What I suspect we're starting to see is manufacturers gaming that system. Good stats don't necessarily make a good camera, especially if your output is JPEG. I can fix a lot with a good RAW converter/editor, and it's true that many phones now allow RAW shooting.

But let's be honest. It's a phone. You're going to want to shoot JPEG, so that you can actually use the photos. And that means that for all we know, this phone might use exactly the same sensor as the other phones it beat by a couple of points - but just has a different tone curve and a slightly less aggressive JPEG engine. Which would probably be just enough to gain a point here and a point there in the tests... and suddenly you're the best phone camera available!

When you what's being tested, being best becomes *so* much easier.


Apple guilty in iPhone ringtone patent rip-off battle with Sony, Nokia

Philip Storry

Especially for the lawyers.

Oh, who the hell am I kidding? The ratio doesn't matter a damn to the lawyers. They win either way...


Delete Google Maps? Go ahead, says Google, we'll still track you

Philip Storry

I could be wrong - but I don't think this was GPS.

This sounds like a Beacon, which McDonalds have experimented with before. A simple search shows that this is more consistent with Beacon behaviour.


Google hopes to sniff out OS X badware

Philip Storry


But it does have some advantages over XProtect.

For example (and watch the downvotes now!), Apple often seem led by PR and marketing. Even in the face of uncontestable facts, they will often be slow to react "correctly". Many feel that this is because Apple are more concerned with their image than they are with, well, anything else.

Hence quite some time of "you're holding it wrong", or "maps work fine for us!", when the rest of the world is less than happy.

In security terms, that means that sometimes Apple has been well aware of an issue, but been a bit slow to send out an XProtect signature - often taking days.

So I'd guess that this is being done simply because Google wants to be able to secure its Apple clients on its own timescale, not on Apple's.

They might also want to secure some areas a bit more than XProtect can. XProtect only stops known threats that Apple recognises as threats. If Google decides to make a subset of machines more secure by locking down what can be run on them - possibly to meet some government or industry standard when working on a project - this tool would be very useful.


Yahoo! is! not! killing! Messenger! today!, just! the! desktop! client!

Philip Storry

Commodities & compliance...

Having previously worked for in the financial sector supporting messaging systems, I can safely say that Yahoo! does not have any features in it that meet Compliance requirements.

But it does allow you to use a proxy server. So the usual method is to throw a product in as a proxy, and let that do the capture. The product I have experience with is Actiance Vantage(*), which would basically act as a proxy, gather messages and group them into "conversations" based on time elapsed between responses and then export those conversations on a schedule. The export could be via email or as XML files (amongst other methods), so that you can do what you like with the data after that.

I don't know specifically why it can't handle Skype - it could previously handle OCS/Lync, and a quick web search tells me that you can get the client to connect via a proxy. However, further searching shows that Skype encrypts traffic using TLS, which could be an issue. I suppose there might also be infrastructure complications for many banks, if they have Skype for Business on the desktop and suddenly need to open up a proxied route to the outside world. I'd bet that the networks and security teams would be delighted with such a request...

(I would like to state now that this comment was not an endorsement of Actiance Vantage, nor a condemnation. If anything, I'm ambivalent about it - it did the job, and annoyed me no more than most other software did.)


(*) - Actiance were formerly known as FaceTime, but then some small manufacturer of fashion trinkets decided to use the name FaceTime for one of their services without doing the proper due diligence. Actiance/FaceTime sold the name rights to that company. Imagine a parking lot full of Ferraris...


The 'new' Microsoft? I still wouldn't touch them with a barge pole

Philip Storry

This is why I've still not bought a personal/home O365 sub.

I'm not a huge fan of Office (except Excel), and use OpenOffice.org's products for the most part. But I have a Windows VM with Office 2010 in it, all legal.

Mostly just for the very rare occasion when I may need to have 100% compatibility with an Office document.

Of course, we're now two versions on. And most idiots who bleat on about 100% compatibility with Office will always forget that Office itself isn't even100% backwards compatible. So at some point, I'd like to upgrade. And O365 looks like a good way to do it.

On the one hand, around £60/year seems like a reasonable price for the whole of Office. On the other hand, I've not actually needed it for months - so it's definitely a luxury purchase. I can't justify it, and the only way to justify it is to use Office more and lock my data into it. Not likely!

If I ran my own business, I'd probably have my hand forced. But as it stands, I'm sure I'll manage without...


Music's value gap? Follow the money trail back to Google

Philip Storry

Oh dear. What a poor metaphor!

Andrew, Andrew, Andrew...

Such a poor metaphor. It's the 14th of April, 2016. Not the 1st of April. And definitely 2016. So can we please stop trying to equate intellectual property - the ownership of an idea or a record of the expression of that idea - with physical property?

Because it really doesn't help. At best, it muddies the water, and at worst it makes people write simplistic comparisons that actively mislead people.

Let's try a different metaphor. One less stuck in bovine faeces than the wellies you struggled with here.

Imagine that you are a writer. And your writing has value. It can entertain people, inform people, even enlighten people. And you're proud of the results of your efforts, and want a simple exchange - that people give you money in order to have access to the fruits of your efforts.

Which seems fair.

But now imagine that there are only two ways you can get your work out to people. The first is via small-scale printing, locally distributed. It's messy, the end result is a little ugly, and it doesn't scale very well. Only people within a few miles of where you live will ever get the opportunity to see your work. The second is to sell your work to a big national publishing of newspapers or periodicals. They have the scale in both production and distribution - and they'll help you with editing and have access to stock images too! Unfortunately, the downside is that they pay pittance and they insist on the right to re-use your content whenever they like, however they like. And you lose editorial control.

It seems that there's only one option - take the pittance, and make up for it in volume of works. Hopefully you can grow an audience, then demand more money from the publisher. Meanwhile, your growing body of work is being owned or licensed to a company that may not share your values, and merely views you as a line on a profit or loss statement. But hey - in a way you're one of the lucky ones. There are plenty of talented writers who never got the chance to reach as wide a public, because these publishers are quite conservative in their editorial policies - - unless it's "hot", they like to avoid controversy, seeing it as a risky investment. And new things are often controversial...

But you suck it up. Because, after all, there is no other game in town. There's no technology that can fix this for you.

But wait - what's this? A technology that interconnects networked computers! Let's call it the conwork. Or internet. No, conwork is better. Let's use that.

Well, you have loads of fans. And now you could take your work to them on this new frontier!

Except your publisher doesn't care. They're too busy selling physical books and periodicals - which is profitable, and has an existing and well tested supply chain - to bother investing in this risky new technology. And you've signed away your rights to your own work - past, present and future - to the publisher, so you can't take your work to your fans yourself. Which is crazy, but who could have predicted the conwork, eh?

Meanwhile, your most dedicated and most technical fans are starting to transcribe your works so that they can enjoy them on their conwork'd computers.

And there are new, smaller publishers popping up that use the conwork technology. They may not have the big artists, but the ones that they do have aren't constrained by the editorial policies of the big traditional publishers. They can write stuff that their fans really enjoy, and they're less fussed about being banned from vendor conferences. The world is changing, and these smaller conwork sites are getting big readership.

Except for your publishers, who still refuse to sell your works on the conwork... For them, the world is static.

Finally, the publishers - after much negotiation with a company in the technology industry - get round to selling your works to people over this conwork.

But it's too late. People have spent so long trading your work on the conwork for free that the value of it has been changed. They'll never pay what your publisher wants. They're also now used to just getting the article that they want, without a load of lesser articles packed around it and cranking up the expense.

Also, your contract with the publishers still only pays you pittance for each work sold, despite the fact that the publishers now add less value than ever and how much lower overheads than ever.

However will the publishers defend this? Why, by attacking the customers on behalf of the writers - the writers will hopefully not realise they're being ripped off, and the fans won't be listening to the publishers anyway - only shareholders and the artists do.

So you tell yourself that just as soon as your current contract is up, you'll renegotiate a better one. If they'll let you. And if not, you'll have to go to one of those smaller labels, I guess. Maybe. Seems scary though. After all, they still control the old media, so you'd be losing that.

Maybe you'll just stick with the big publisher. They love you, after all, right?

Hang on. My analogy seems familiar... It's almost exactly what the movie industry, the book publishing industry and every other IP industry has been trying NOT to repeat ever since the music industry really missed the boat.

Seriously, your analogy sucks because it misleads people. Conflating physical goods with IP won't work. You could have told a decent story here. Instead, you put out something that's barely fit for this new-fangled conwork thingie...

(And ironically, you did it on one of the new-fangled conwork thingies. I'm still unsure whether it was genius satire, or genuine idiocy.)

I'm not even going to talk about how DMCA takedowns are being filed in bad faith by automated machinery, or how the big music companies believe that they have some divine right to own everything and anything, and fair use be damned.

I'm all for artists getting a better deal. But I know where they won't ever find it. And I'm not going to attack fans or technology companies for the mistakes of an industry. That, it appears, would be taking your job...


Whatever happened to Green IT?

Philip Storry

Re: The bottom line won, green just road its coat-tails...

I have no idea how it became "road on its coat-tails" - I'm going to blame autocorrect! Regardless, apologies to those that it offended...

Can't disagree on what you've said about power generation, by the way!

Philip Storry

The bottom line won, green just road its coat-tails...

It's touched upon in the article, but in an odd way it's now very expensive not to be green.

At work, if I need a new server a VM is spun up. Speaking to friends in other companies, most infrastructures have gone the way of "you need to justify hardware" these days - the default is a VM, on the grounds that it reduces power consumption/rack space/hardware costs.

And then there's the cloud. Ever built a SharePoint farm? So many machines! But if you're using Office 365, then that's Microsoft's problem. And at the scale of their O365 SharePoint farms, you can assume that they want to eke every saving out of them that they can - so it's probably pretty green.

But even aside from that, at a machine level the cycles not spent serving you are probably spent serving someone else. I'd wager that the sheer scale of the various cloud services makes it far more energy efficient than using your own infrastructure, even if you have a virtualised infrastructure.

Lastly there's the hardware itself. I'm struggling to think of a recent time when I replaced something with a new bit of kit that was less efficient than the previous one...

Eco-warriors should take heart. As the technologies developed and scaled, it rapidly became too expensive to be anything but green unless you really needed local performance.

Now if only we had the same kind of cut-throat competition in power generation - then we wouldn't have people clinging on to big coal-fired stations to eke out the last of their lifespan, instead of moving to something that was newer and cheaper.

(My point being that the new technologies for power generation are close, but don't seem close enough or compelling enough yet to force replacement as we do with IT kit.)


'Just give me any old date and I'll make it work' ... said the VB script to the coder

Philip Storry

Re: VBA date handling has taken at least five years off my lifespan

The UK tax year starts on the 5th of April because of our transition to the Gregorian calendar from the Julian, doesn't it? We skipped days in the calendar to make the transition, and merchants rebelled against the idea of being taxed for non-existent days... So the end of year date was moved back to placate them.

Computerphile/Tom Scott made a lovely video on handling time zones, which is relevant to this:


I'd tend to agree - if it's at all possible, rely on the libraries that already handle this stuff. As you found, if you have to handle this yourself it rapidly becomes a very deep rabbit hole...


My devil-possessed smartphone tried to emasculate me

Philip Storry

Reminds me of the Orange nk502/Nokia 8110

My very first mobile phone was a Nokia 8110, branded as an Orange nk502.


Yes, we had aerials on phones back then. That was normal. It was also a very advanced model - it did this new-fangled SMS thing, for starters.

But it was commonly known as the "banana phone", due to a lovely curve that the unit had. It looked great, and was very comfortable in a trouser pocket.

Until you sat down.

Because the curve means that the phone moves towards the horizontal in your pocket, over your thigh as opposed to running up it. And can you guess what the aerial is now pointing directly at?

Trust me, the pointy corner of a modern smartphone is NOTHING compared to the searing unendearing spearing that aerial would give your gonads.

Nokia provided a version of the phone for Neo to use in the film The Matrix - albeit with a spring-loaded cover that they were experimenting with. Virtual reality Kung Fu? Being faster than a computer? Humans as batteries? Floating squid machines? I can accept all that. But Neo not being stabbed in the balls by that phone is pure Hollywood bullshit...


The paperless office? Don’t talk sheet

Philip Storry

Killing paper may well happen, but not quickly

I was working with faxing until 2014 - it's still in some banks. Legally, a fax is a contract no matter where you go in the world, so many trades (in particular Securities) are finalised by fax.

Many of those faxes were never actually paper though - it was simply a transmission medium.

People I know are always amused that I was working with faxing in 2014, and even more amused that I know ex-colleagues still working with it in 2016.

So I'd say look at where the law has its precedents. Banks, councils and so forth like paper not because it's cheap or simple - it isn't. You have to pay for expensive, annoying humans to handle it.

And usually they minimise that human requirement, paying for expensive scanning systems to turn them back into digital documents that they can route and process accordingly.

So I suspect that paper will survive as a transmission method for quite a while, as it's a lowest common denominator and allows for legal mechanisms like recorded delivery.

However, that's just the tip of the iceberg when it comes to reasons. Personally, I find proofreading much easier if I change the medium - these days that can mean loading a PDF onto a tablet, but nothing really beats scribbling marks on paper. But will kids who are growing up with tablets want to do this, or will they just rotate their device for a different layout?

Everyone will have their own reasons. But the fact that some children use little paper outside of school does mean it might yet happen in our lifetime.

Philip Storry

Re: Number 11

In the future, old people will reminisce about the smell of a freshly opened iGroin attachment that they were going to use for their iSexy sessions.

These new direct neuron influence generation helmets* are better, but they lack the physical sensations of the old technology.


* Commonly known as the D-NIGH standard of virtual reality. You're welcome.


Cybersecurity is slowing down my business, say majority of chief execs

Philip Storry

Re: If you can see it, you're doing it wrong

Kind of.

We're trying to change a culture here.

At first, IT was a strange thing in big offices with big expensive kit that worked miracles.

Then, it came down to the desktop, and allowed anyone to perform smaller miracles.

Next, we connected those desktops and gave everyone the benefits of sharing files, emails and so forth.

Recently, we interconnected all the separate business networks via the internet, which was a huge boon but also a security bane.

Security shouldn't be invisible, it should be normal. It should be part of every project, of every procedure, of every technology. But as IT became so ubiquitous that it entered everyone's personal lives as PCs, MP3 players and smart phones IT also became something that people regarded as a commodity - something that "can't be expensive" and "can't be difficult".

Here in IT, we're kind of young. This is a cultural challenge we've never faced before. So let's look at another industry where they have a similar issue - the construction industry. There, safe working should be part of every worksite. Every access point, every construction phase, every job, every bit of equipment - they should all have the safety of the workers in mind. Workers may well be available, but they should not be regarded by the construction companies as a commodity - they require protection.

So every building site has a big sign at the worker's entrance, declaring "no hat and boots, no job".

Health and Safety is still visible, and in a big way.

But it's also just normal. That's the way it is in the construction industry.

Why? Because the law states that if a Health and Safety breach occurs, people can go to jail. It's not just fines. It's potentially their liberty. In the 1970's we got tired of workers being treated as a commodity, and dealt with it accordingly.

You want the attention of these idiot CxOs? Easy. If they get compromised and they can't show that they took security issues seriously, then as well as the company being fined they get the joy of going to court to defend themselves from jail time.

Just like health and safety issues, we probably won't get any traction until we focus the minds of our "best and brightest" CxOs. After a few have gone to prison, companies will take this seriously and then it won't be invisible, but it will become normal - which is what we actually want.

But until then, good security will just be a cost to be shaved as thin as possible.


It's 2016 and a font file can own your computer

Philip Storry

Re: How did this ever become a problem in the first place?

(With apologies if you know all of this already.)

In the case of Windows, this all goes back to Windows NT 4.0.

Windows NT 3.x was stable and had lots of advanced features, but it required a pretty big machine at that time. 3.1 (the first release) was huge, 3.5 was better, and 3.51 was - by comparison to 3.1 - faster than a greased rat up a drainpipe. Sadly, when compared with Windows 95, Windows NT 3.51 was still slow.

Microsoft was running out of optimisations that they could feasibly make, and hardware wasn't catching up quickly enough either.

So Microsoft decided to move the GUI into ring 0.

Ring 0 is where the kernel lives. Intel CPUs had two "rings" where the code runs, each with different levels of privilege. In ring 3, the memory and I/O that the code has access to can be restricted to ensure a process can't affect other processes. Ring 0 has unrestricted access to the whole machine. (There are also rings 1 and 2, but earlier Intel processors didn't implement them so we're stuck with just the two rings.)

Moving the GUI code into ring 0 made window painting/repainting faster, so it was a significant improvement. Windows NT 4 felt livelier and nippier than Windows NT 3.51, so in that regard it was a success.

It was also controversial at the time. Windows NT was advertised as the secure version of Windows, and plenty of people were aware that this might not work out so well.

However, at the time there were no practicable exploits. Machines were only ever connected to what we'd now regard as trusted networks, video card drivers came on floppy disks and updates to them were hen's teeth, fonts were things we installed only if an application wanted it. And so on, and so on. Therefore only geeks and academics cared about the possibly impact of the move to ring 0.

The world is a little different now, and we're paying the price for past naiveties....

(In Microsoft's defence, X Servers usually run in ring 0 too, for performance reasons. I wouldn't bet against the Mac OS X graphical stack doing so as well. People like faster, and the customer is always right because he votes with his wallet.)


VMware axes Fusion and Workstation US devs

Philip Storry

Re: Will be interesting to see how this pans out

I agree with you.

But there's no column on the spreadsheet to fit all that in.

And the spreadsheet disagrees with us both.

And the spreadsheet is God as far as senior management know.

Therefore the spreadsheet wins.



That one weird trick fails: Google binned 780 million ads last year

Philip Storry

You've obviously not visited Buzzfeed/Answers.com/$timewastingsites.

Last week, I clicked on a link that took me there. I'm pretty sure I did half that number just on that one visit...

(Note: I just went to my Facebook feed to find some other such sites to pad out the list, but thankfully couldn't find any despite scrolling back a whole day. However, I now worry that some kind of disaster may have killed all of my less intelligent friends and relatives...)

Philip Storry

Re: So they're cracking down on some scumbags...

Whilst Scientology are classed as a religion, rather than correctly classified as "a cult designed to extract money from people", they probably qualify for some kind of discount from many businesses.

I'd like to see Google refuse to do business with them. But Scientology would probably just start a shell game with many new companies in order to get what they want. Let's face the simple fact that Scientology is the evil here, and Google is - at worst - the lesser evil.

Also, I'd question the source. Scientology makes lots of claims, many of them somewhat distanced from reality. But even if they provided evidence, would you really take it at face value? This is an organisation that has planned to forge government documents in the past, after all...


Eighteen year old server trumped by functional 486 fleet!

Philip Storry

Windows not running for longer than 49.7 days.

As far as I recall, that was Windows 95. And the actual figure was 49.7 days - or, suspiciously, around 2 billion seconds. Yes, the bug was caused by the fact that the system timer didn't wrap around - when it finally hit the maximum value of the DWORD, the machine just hung.

The bug actually affected both Windows 95 and Windows 98, meaning it took almost three years to get enough samples to diagnose the issue.

Thus leading to the joke "Even during their testing, Microsoft couldn't get a Windows 95 machine to stay up for more than 48 days..."

To be fair, most Windows 95 machines that did run as servers were doing either print services or file sharing (often a file share for Microsoft Mail) on a workgroup style network. So most of them were unlikely to be powered on for longer than 5 or 6 days in a row anyway.

But I don't think that should make anyone feel bad about sniggering at the bug. It was, and remains, a dumb mistake.

Philip Storry


“Igor” told us about a pair of IBM e x235 servers that have run since 1997, each packing four Pentium III CPUs, 4GB of RAM and eight 72GB Seagate SCSI HDDs.


Nope. The Pentium III wasn't released until 1999, so he must mean a Pentium II or has his dates wrong.

The amount of RAM is also a little luxurious for 1997, when the average PC had 16Mb and the average server had 32-64Mb. Not necessarily impossible, but dubious. I'd expect 1Gb of RAM tops in an x86 based machine in 1997.

And 72Gb hard disks in 1997? Not that I recall. Not even with SCSI bypassing the ATA limit of 512Mb. Maybe in pixie-la-la-land, but not on any site I worked at. The standard size around then was around the 400Mb region for a desktop, and servers might stretch to 2Gb per disk - but you were more likely to see an array of 1Gb disks.

Everything about Igor's story seems suspect. Those specifications are just too early. I respectfully submit that he's misremembered, and apologise to him for being the one to have to point it out.


El Reg mulls entering Robot Wars arena

Philip Storry

And from the website The Register, their entry is...


Wait. This plan may not work as well as we'd hoped...


Microsoft releases major PowerShell update after long preview

Philip Storry

A shortsighted view


To say "no UNIX shell even comes close" is both accurate and grossly misleading. You didn't give anything to measure by, for starters - close in what regard?

Both have their problems. Object orientation is wonderful, right up until you're doing something with AD and Exchange and find that (for example) the distribution members have a different type to AD accounts so you can't directly compare them without doing some type conversion. That type conversion is a hassle, and a great example of the extra verbosity PowerShell constantly seems to require to accomplish something.

Objects are indeed more powerful, but require more work - plain text definitely has its advantages on occasion.

And what are you comparing as a "UNIX shell"? Just bash? Nobody would dream of using any UNIX shell without also having a copy of cp, mv, rename, grep, awk, sed, sort, and so forth. And for more power, you can always fire up Perl or Python. (And Python is a standard part of most modern distributions, so it's not like you need to install it. Perl used to be, but I think it's now missing from some more modern ones.)

I like PowerShell, but its verbosity gets to be tedious after a while. I like UNIX shells, but the plain text thing clearly has occasional limits that it takes Perl/Python to fix.

Frankly, what makes PowerShell inferior in my day to day work is Remoting. That's such a classic "Microsoft Developer Solution" - nobody bothered to consult anyone who would actually use it. With no decent persistent sessions, it's a PITA to use except in scripts. (WinRM? Ugh. Thanks, but no thanks.)

Want to improve PowerShell? Give me SSH and a tmux/screen equivalent. That'll be just peachy. (And yes, I'm aware SSH is coming to Windows. So it's just tmux/screen we're waiting on.)

Funny thing is, that shows that - just like on UNIX systems - it's not just about one tool. Decent administration requires many tools, working in harmony. PowerShell's almost there...


HPE: If we don't give Deutsche Bank right contracted outcome, we'll lose money

Philip Storry

A more accurate headline...

"HPE - Deutsche Bank still haven't understood the contract they've signed, we're going to shaft them".

Because that's almost certainly what's actually happening here...


Outsourcer didn't press ON switch, so Reg reader flew 15 hours to do the job

Philip Storry

Re: External IP KVM or DRAC?

Because DRAC/ILO/IPMI look very expensive, so the bean counters dislike them.

When you're building any infrastructure that has quite a few servers, the additional cost of DRAC/ILO/IPMI soon adds up to a hefty bill.

Everybody here knows that when you factor in the potential costs - longer outages, and time saved when called out - they're actually pretty good value for money. Not wasting time having to go to the data centre to deploy the Mk I Finger O' Doom is pretty handy. An IP KVM was a useful alternative, but the lack of the power feature made it very much an inferior solution - which was reflected in the pricing of the two technologies.

But try telling that to the guy who doesn't understand, and is wondering why every server is more expensive by a three figure sum...

The drive to virtualisation has often been justified solely just on the basis of shaving that cost off each server (and having standardised drivers/devices on your servers). As you scale up, it becomes a significant saving.


Child abuse image hash list shared with major web firms

Philip Storry

Oh, goody! MD5!

It's lucky they chose an up-to-date hash algorithm that's got no known weaknesses.

What's that, Carnagie Mellon University's Software Engineering Institute? As of 2010 you consider it "cryptographically broken and unsuitable for further use"? Oh, that's unfortunate... MD5 has been known to have collision issues since 2004? My - that is poor.

Seriously, MD5 is fine for some things. But for important things - like anything approaching censorship or criminal justice, perhaps - I don't think we should be using MD5. SHA-2 perhaps?


Web server secured? Good, now let's talk about e-mail

Philip Storry

People attempting proper SMTP TLS is terrifying

As soon as Let's Encrypt can get me a certificate, I'm going to get one. My website should be HTTPS-only by mid-December with a little luck. (The hard work is just content checking, to make sure all embedded content is also HTTPS and therefore doesn't trigger mixed content warnings.)

But SMTP? That terrifies me. I was a messaging administrator for 15 years before I switched to another technology this year. I've done that in healthcare, banking, and other sectors - I've got plenty of experience with doing SMTP+TLS, yet it's still deeply scary.

And it's not the setup of my systems that's really the issue. It's other people's systems. Which are often badly set up and badly maintained. If Blackadder had continued on to do a series in which he worked in IT, the conversation would go something like this:

Junior BOFH - "I want to see how an email system is run... so badly!"

Blackadder - "Well, you've come to the right place. An email system hasn't been run this badly since Hillary Clinton's campaign manager found a cc:Mail CD and a spare half hour..."

In theory, it should be fine. Very few people verify the certificates' signature chain. Or that the hostname matches the certificate. Or the TLS version, the ciphers, or much of anything else. They just use TLS opportunistically to ensure encryption over the public network.

Although it is odd that the only reason it'll be fine is that SMTP+TLS is almost always so badly set up it's actually very insecure.

But I know how complicated this is, and I recall what happened whenever a commercial partner's security team decided to try and enforce proper security in this area. Those were the "interesting days". Very long and very interesting...

And that's what terrifies me about this. The part where everyone else has to learn what I learned years ago - nobody wants to do this properly, they just want to do it well enough that it ticks the box marked "email to partner organisations is encrypted during transport".

Basically, it'll be a right mess.

I'm glad I'm out of the messaging game!


Chrome OS is not dead, insists Google veep in charge of Chrome OS

Philip Storry

Let's be honest here - the WSJ is not a particularly technical publication.

So when someone from Google said "we've been working for a couple of years to merge them", they heard "only one product will survive".

When in actual fact, the Google representative probably meant "we've been working on getting ARC (Android Runtime for Chrome) for two years, and in 2017 we think a Chromebook will be able to run Android apps so well it'll really blur the boundaries".

WSJ in "knows nothing and doesn't do research" shocker!


Big mistake, Google. Big mistake: Chrome OS to be 'folded into Android'

Philip Storry

Re: So what's your point?

I think his point is that it's not the underlying technology - it's the applications.

Windows NT4 was unsuitable for home use despite having the same interface as Windows 95. That's because it had to ensure security and process safety (amongst other demands).

Windows 95 was backwards compatible with a LOT of software. There were some exceptions - for example Delrina Winfax Pro didn't work - but that's because it replaced the COM port driver. The actual application would load and show you your old faxes, but it couldn't send or receive, due to that COM port driver. That's actually pretty impressive - only specialised software that did odd stuff didn't work, and even then it often partially worked. The rest of your Windows and DOS software would run just fine.

Where Windows 95 was impressive in its backwards compatibility, Windows NT 4 wasn't as impressive. Sure, it had a Windows on Windows 16-bit machine and a rudimentary DOS box. But most Windows software wasn't written with security in mind. A lot of 16-bit software did stuff that Windows 95 could allow, but the strict process limitations in NT wouldn't. Hell, Microsoft's own Office suite had a bunch of "this feature doesn't work under Windows NT" and "this feature requires local admin rights to work under Windows NT" issues until about Office 97 or 2000. If even Microsoft's developers couldn't get it right, what chance did others have?

The solution was actually pretty simple. It took two things - time and patience. Over time, most of the software became 32-bit and the compilers wouldn't allow stupid coding behaviour as easily. And software gradually became a little more security aware. But most importantly, users moved to software that was compatible as they either upgraded or switched to other applications.

It wasn't perfect, but after five years or so the world was just about ready to migrate to that new NT kernel. Some software wouldn't - couldn't - work on it. But most did, and it was just like the Windows 95 compatibility situation all over again.

How is this relevant to Chrome/Android? Well, there's an Android Runtime for Chrome. At the moment it only works with (and therefore allows) specific, vetted apps. It's quite possible that Google's plan is to run a "virtual device" on your Chromebook, where you'll be able to have your Chromebook as another Android instance, possibly even with app data synchronisation and the like. Android lends itself well to that architecturally, and it's far easier than trying to get lots of Android apps replaced with Chrome web apps/extensions.

But like those early Windows 95/Windows NT migrations, there will be edge cases where apps do unexpected and stupid things that the Android Runtime guys never anticipated. And there's issues like the notification centre (do they unify it between the Android instance and Chrome?), what data to synchronise, and so forth. It won't be perfect. So Google have some work to do to get it "good enough", and there may be new APIs in both Android and ChromeOS to help developers get the best out of this integration.

In this sense, I see strong parallels between the first two big Windows upgrade/migrations and this one. It's about application compatibility more than anything else - nobody runs an OS just for the sake of running an OS.

(Well, nobody with a life...)


Time Lords set for three-week battle over leap seconds

Philip Storry

Re: And we have...

His name was William Willett.

You're a bit late to kick him in the crotch, as he's been dead for just over a century.


However, there is a memorial to him in Petts Wood. I've been past it a few times, and was astonished as to how free of vandalism it is, all things considered.

I just read the Wikipedia article, and discovered that the man is also the great-great-grandfather of the lead singer of Coldplay.

It really is a ***ing miracle that the memorial hasn't been blown up by now, isn't it?


Laid-off IT workers: You want free on-demand service for what now?

Philip Storry

Re: "I've forgotten how to do that"

Before you leave, send an email to ask if you can take copies of all the {documentation|source code} with you, to help fulfil this requirement.

We all have a good idea what the answer will be.

If they call, then remind them that you asked for the resources you'd need to assist - and they declined to provide them. As such, you're working somewhat blind and feel it would be unprofessional to take such a significant risk with a live system. You're happy to help, but feel they need to be reminded - in writing - of the significant risk that this represents.

Of course, if they want to send over the latest {documentation|source code}, you'll happily read it to get yourself back up to speed, and then assist.

Oh, and when you've got that {documentation|source code}, don't forget that all of this is at your current employer's agreement. I'm sure they'll schedule time appropriately - you'll probably get through it all in a month or so, maybe two - that's OK with SunTrust, right?

Cue a few questions occasionally over the coming weeks to show that you're reading the {documentation|source code}... Some people might accuse you of delaying things by asking questions, but you're actually just ensuring you have a full understanding of the system. Very professional of you, and good mitigation of that risk.

I reckon you could easily spend a full three or four calendar months doing that. The word "risk" is a magnificent motivator in a paper trail...

Now, naturally, they'll probably decline this request for {documentation|source code} anyway when they call. But now you have a paper trail, established from before you left. You can remind them that any changes you make are naturally more of a risk than ones done by those done by the new owners of the system. Keep reminding them of this, in writing, before you make any change.

Congratulations. You're now highly unlikely to be called more than once, and there's no way they can say you were unprofessional or unhelpful. After all, the paper trail shows that they were the ones being unhelpful...


Mobile first? Microsoft decides to kneecap its Android users instead

Philip Storry

Exchange tasks? Rich?

"Business users don't get Tasks support, despite very rich Task support in Exchange"

Very rich? Come off it. Exchange's Task support is about as rich as a second hand car dealer with a lot full of Volkswagens.

A dedicated task service like Remember The Milk, Wunderlist or Todoist could be described as rich. Exchange's Tasks are best described as "you'll get a priority field, and you'll bloody well like it".

OK, perhaps that's a bit of an exaggeration. But what do you actually get? Priority, Start Date, Due Date, Status and "% Complete". Because everyone here would be willing to be a tenner on ever having seen "% Complete" being used by a real-life user consistently...

You can assign tasks to someone, which is nice. And you can set a reminder or set a task to repeat. And that's your lot.

In task terms, that's pretty much the basics.

What are we missing?

No tagging. No assigning to projects (although you could use Outlook's woefully badly integrated Categorize feature, I suppose. If you're a masochist.) No location field, or goelocationary features. No time estimation. Minimal postpone features. No filtering of tasks by anything worth a damn except the date and priority. No daily digest delivered to your inbox. No subtasks or task hierarchy.

Oh, and as we're talking about clients here - no browser integration at all. No, OWA doesn't count - I mean bookmarklets and browser add-ons that make your task list usable from any web page. The closest Exchange gets is if you use OneNote - a rather heavy sledgehammer to crack this nut.

To be honest, I could say the same about the Exchange Calendar or other areas. Microsoft keep buying tools like Wunderlist and Sunrise, but if they attempt to bring them into a monolithic system like Exchange they're doomed to fail. They succeeded because they were focused on being excellent within their own domain, rather than merely another component in Outlook.

They need to be running as little web services on top of Exchange, that can be accessed by https with a simple API, and that can therefore concentrate on having a couple of good clients and a decent service. Let the Outlook team figure out how to ruin the experience in Outlook, but at least you'll still have a decent underlying service and standalone client that does the job well...


If you absolutely must do a ‘private cloud’ thing, here's how

Philip Storry

Re: Business Critical Data out there in the cloud

Tell me more about this JCB going through the whole of Shoreditch. It brings me a warm fuzziness for some reason...

Could it be sent to Hoxton afterwards? That would be just superb.


Google's new squeeze: Brotli compression open-sourced

Philip Storry

Deflate predates 1996 by about 6 years...

PKWare patented it in 1990, and first used it in PKZip 2.

It was soon found that the algorithm could be done just as effectively without using the patented methods, which is why it was used so widely - hence the RFC.

I'll happily admit that I had to go and check Wikipedia for the details, but did so because I was sure it predated 1996 due to the PKZip connection - I'm pretty sure I had PKZip 2 in 1993ish, on my trusty 8086 based computer. Not that I used it to create many archives, as LHA was often better at compressing and I soon found ARJ, which spanked everything else comprehensively until the arrival of the early DOS-based RAR archiver and solid archiving. It was a good time for compression then - plenty of different solutions, lots of competition...

Ahem. Sorry - got off topic there. Anyway, Deflate - older than you think, by around six years...


Twenty years since Windows 95, and we still love our Start buttons

Philip Storry

Ah, memories...

My first job was supporting Windows 95 for Microsoft.

Not actually working for Microsoft, I should point out - in the UK they outsourced their support. I actually worked for ICL Sorbus in Footscray, near Sidcup.

We spent from March to August training on and supporting the Public Preview of Windows 95, then Microsoft picked the two best performing companies from the five that they'd managed to con into doing months of free telephone support for them in the guise of a tender.

The two best were ICL Sorbus, and DEC.

Yeah. I know. I have no idea what criteria they used, and frankly I don't wish to know. But I was there, and that's my recollection of events...

Anyway, I suppose I should now say that I was there on the day of release, answering the support calls from hell, battling the stupidity and cursing the bugs.

But no. I may have only been 18, it may have been my first job, but I'd read BOFH via Fidonet and I knew a thing or two. I'd booked the whole damned week off as annual leave back in April, before management thought to ban such applications. I then kept very quiet about it, lest my colleagues get any similar ideas. (And gathered blackmail material, as a backup plan. The building was only three stories high, so sadly the lift shafts weren't really an option.)

Still, I did spend quite a few months supporting Windows 95 by phone, so I'm going to go for the pity vote here. PITY ME! PITY ME AND MY WINDOWS 95 MEMORIES!

Oh, and a quick note - back in those days, 13 floppies was pretty close to the definition of Bloat. Only Windows NT, OS/2 and perhaps a full install of Office 95 could make you do more floppy swapping! Oh how we rejoiced at CDs...


Windows 10 is FORCING ITSELF onto domain happy Windows 7 PCs

Philip Storry

Re: You will be assimilated into windows 10!

This Dilbert comic - from January 1997! - seems highly appropriate here:



UK.gov issues internal 'ditch Oracle NOW' edict to end pricey addiction

Philip Storry

I laughed

Oracle brought this upon themselves with opaque and over-priced licensing, and I wish the government good luck in moving to something cheaper. Perhaps gold-thread-adorned monks carving on platinum slabs with diamond-tipped drills?

(Or maybe just PostgreSQL.)


UK.gov loses crucial battle in home-taping war with musicians

Philip Storry

Re: How music got free

I shall add it to my reading list, but the review does leave me thinking it's an incomplete source at best.

Skimming the review, it looks to me like it focuses on three things:

1. An organised group of leakers

2. Music industry's long delay in embracing digital

3. The technical experts behind the MP3 standard

But in the review it keeps saying that the only people being hurt in the music industry are the musicians. For example:

"Partisans of 'sharing' sometimes liked to say that they were hitting back against fat-cat music executives. In fact, all they were doing was hurting musicians. The bosses continued to do very nicely, thank you." - it then goes on to explain cutting of artist rosters etc., as if the downloaders were causing this rather than it being an ongoing trend in the industry that dated back to the early 1990's (at least) anyway.

Nowhere do I see the fourth part of the story - the business practices of the record labels themselves. The "record deals" that are actually loans with strings attached. The ludicrous expenses that are encouraged by the labels, knowing full well they will bill the artists for them in the end. The promises of marketing support that turn out to be empty. The enforcement of exclusivity clauses long after the company has given up on the artist(s).

Without that, I think this is an incomplete account. Either there should be a fourth person, or all of this is in the details of the record executive and the reviewer inexplicably skipped it.

Yes, I see that this is a book about how music went digital. But the digital side is the least of the music industry's long-term problems. Their entire business structure has been exposed, and new artists are avoiding them for as long as possible...

Philip Storry

So where do I apply for my free "Greatist Hits" albums?

This seems quite fair.

In the same way that I should be able to apply for a free copy of any "Greatest Hits" album that comes out, providing I can prove I own all the original albums that the hits came from.

After all, I've paid the royalties for those songs already. All the compilation does is put content I've already paid for into a more convenient package. So I should have it for free, because nobody's losing out here.

So where are the vouchers for the refunds on all these Greatest Hits albums I've bought?

And don't fob me off with "bonus tracks" b***shit - they're almost all B-sides to singles or single mixes. And I have those singles too. I'll take some pictures, send them to along, and someone can send me the refund cheque in the post. Ta.

(Only semi-joking. This is a complete failure to understand that copyright is about a right to copy, not a right to profit. There are social benefits to copying that we should be willing to accept a loss of profits for - fair use, time shifting and format shifting are the main ones. At the heart of this ruling lies a blind ideology that copyright should be "profitright", and that this is the sole light in which the law should be interpreted.)


It's OK – this was an entirely NEW type of cockup, says RBS

Philip Storry

Re: du -sh

I respectfully disagree. The management gobbledegook filter clearly states "ingest", so they had the file. What you've described is a failure to "transfer" a file.

No, the word "ingest" means, quite clearly, that the file had some kind of unexpected content.

And we're now ALL thinking the same thing.

"The CSV file had a comma in the wrong place."

Because decades of experience, billions of pounds and ever-improving technology STILL can't defend itself against a comma in the wrong bloody place.

Such as it ever was, is, and no doubt will be.


BOFH: Step into my office. Now take a deep breath

Philip Storry

It's the damnedest thing, but I have this strong suspicion that Simon's recently been at an El Reg staff do and found himself sat next to Dabbsy...

Am I alone in this?


Microsoft spunks $500m to reinvent the wheel. Why?

Philip Storry

Outlook's no gem

"Neither Wunderlist nor Sunrise support a fraction of the sophisticated feature set that Exchange and Outlook use. Outlook allows you to apply categories to both email items and tasks, assign single-click shortcuts, and create rules – the building blocks for complex workflows."

And there lies the rub. You talk about Outlook as if it's a highly polished bit of software, but only the email part is. And even that has its dull corners.

Yes, you can categorise email items and tasks. Categorisation is semi-useless though.

It's mostly a manual process. Oh, you can create a rule to apply categories automatically - but that rule won't run on the server. So if you log off overnight or your PC suspends to save power, then your rules won't run. And if you move an email from the Inbox into a folder via your mobile access or webmail in between your Outlook sessions, then the categorisation never happens (because the rule never sees the email).

So in practice, you'll end up not using categories and just filing emails in unique folders instead. And don't start me on searching - yes, it can be done, but you have to prepend the name with "category:", so very few people bother. (As opposed to just using a #tag style tagging system as most modern web apps do - the hashtag succeeded because it's more intuitive for both input and search.)

Categorisation should be a wonderful thing. But in practice, like many non-email parts of Outlook it just doesn't feel finished. I get the feeling that any feature which isn't either Exchange integration or core email just doesn't get much development time...

Tasks? Yes, I can flag an email and it appears in my tasks. But it only appears in All Tasks list, so the integration is quite limited. So why bother? And yes, tasks also appear in your calendar. But only on the due date, which is sometimes too late as the task may require more time than you have that day. You might as well have a decent implementation separately rather than the anaemic and half-finished Outlook implementation.

I've used Wunderlist (but don't anymore, and not due to the Microsoft purchase - I have something that meets my needs better.)

If I were given the option of departmental Wunderlist or just using Outlook's tasks, I'd go for the Wunderlist option. It may not be integrated, but it has the essentials for task management - views for starred to-dos, today's due (and overdue) to-dos, this week's tasks, and so forth. Its list management is decent, it does tagging, and its sharing features are good.

Not that Wunderlist is perfect - but it's certainly better than Outlook's aneamic efforts.

I sorely doubt that the Wunderlist developers will ever be let near the Outlook client - it's too risky. I do wonder if some new collection of web-and-app services might not be on the horizon though, ready to take over from Outlook in the long term... It certainly seems that having teams dedicated to each functional area has produced better results than one team trying to prioritise three areas. So long as they interoperate and have a common look and feel, who cares if it's actually one product or three at the server side?