* Posts by John Riddoch

354 posts • joined 12 Jan 2009


Roses are red, we've received about fifty. Google's next trick? Pixels for the thrifty

John Riddoch


Roses are red

Bought from the bazaar

We're gathering your data

Contravening GDPR

Q. What connects the global financial crisis, Ursnif malware, and Coldplay's Viva la Vida?

John Riddoch

Re: Is this a thing still?!

People are stupid - give them enough of a carrot to run untrusted code and they will. It's pretty easy to get macros enabled, usually only a couple of clicks (I've had to do it on legit documents where I need the macros enabled), so not a huge hurdle to get in. If you spam enough people, you'll find a few marks and the cost/benefit ratio soon makes it worthwhile.

Attention all British .eu owners: Buy dotcom domains and prepare to sue, says UK govt

John Riddoch

Re: Wow, it's almost...

That is at least part of the problem there - here we are, 2.5 years after the referendum and no-one can agree on what leaving the EU actually means. We can't even agree what to do with Northern Ireland, let alone what kind of trade, fisheries or agricultural deals we want to have with the rest of the EU. Parliament is split between remain, hard brexit and some kind of deal in the middle and no-one is budging. The general terms of leaving should have been agreed BEFORE the referendum, not 3 months before the end of the article 50 term.

Oregon can't stop people from calling themselves engineers, judge rules in Traffic-Light-Math-Gate

John Riddoch

Re: Incredible

"for the stupidest of reasons" - follow the money. My guess is the Professional Engineer Registration Act was sponsored by someone who coincidentally received "campaign contributions" from someone with a vested interest in licensing engineers.

2018 ain't done yet... Amazon sent Alexa recordings of man and girlfriend to stranger

John Riddoch

Re: Be Pure, Be Vigilant, Behave

The computer is your friend. Trust the computer.

Equifax how-it-was-mega-hacked damning dossier lands, in all of its infuriating glory

John Riddoch

The cert was on the security monitoring software, so while service was running fine, it wasn't getting monitored. When they finally upgraded the cert, they had their "ohshit" moment.

Tesla autopilot saves driver after he fell asleep at wheel on the freeway

John Riddoch

"Socially acceptable levels"

And there is the problem - the acceptable levels to the public will be zero casualties, even though that's impossible outside of a controlled environment. Every single incident (regardless of fault) will be interpreted as a failure of self driving vehicles, where what we should be setting the bar at is as good as a human driver.

Sysadmin’s plan to manage system config changes backfires spectacularly

John Riddoch

Re: Automation does have its place

I used to have to do user account creation annually at a university. I'd inherited some (fairly ropy) scripts and an MS Word mail merge template which took a fair bit of manual effort. I reduced it to a couple of Unix scripts which then created a LaTeX file to print out and another output file to create the Novell 4.1 accounts (that probably dates it pretty well). The printouts were handed to the lecturers to distribute to their classes on the first day and get them to log in.

30-up: You know what? Those really weren't the days

John Riddoch

Re: "you were seriously stuck up a gum tree"

Dejanews was the Google of the 90s - all sorts of useful stuff squirreled away in Usenet forums and generally not tainted with the crap you get now. Google covers a lot of things now, but part of the problem is the 100s of ways Linux implementors do things, so you get some instructions for RHEL 6 which don't work on Debian, Ubuntu or, in some cases, RHEL 7.

British Airways hack: Infosec experts finger third-party scripts on payment pages

John Riddoch

Disabling Javascript would have protected you in this instance and against similar hacks. No idea if that would have crippled the site or not, though.

Mozilla accuses FCC of abdicating its role, ignoring comments in net neutrality lawsuit

John Riddoch

Re: Chevron..

They're also predominantly Republicans now, so are more likely to be in favour of anything which benefits big campaign donors, sorry, big companies, hence they'll likely rule in favour of the ISPs.

Oracle: Run, don't walk, to patch this critical Database takeover bug

John Riddoch

Re: What?

I assume it's a terminology thing - for it to be a "remote code exploit flaw", it may need to be an attack vector for non-authenticated users. As you have to be logged into the database, it's not quite as bad as some other flaws, but still needs patched.

Grad sends warning to manager: Be nice to our kit and it'll be nice to you

John Riddoch

Never anthropomorphise computers. They hate that.

Hot US deal! IBM wins $83m from Groupon in e-commerce patent spat

John Riddoch

You're thinking of trademarks. Patents follow different laws/rules, hence you can have a submarine patent - let something become ubiquitous then sue the world because you have a patent on it. Declaring it too soon means people can find a different solution and work around your patent and you don't get royalties.

Y'know... Publishing tech specs may be fair use, says appeals court

John Riddoch

Re: Ok, put it another way...

From close experience - plugging two ovens into a single extension lead blew the fuse on the extension (by design and quite correctly - note that it was someone else who did this, not me). In contrast, I have two extension bars linked together at home serving up a number of low wattage items (mainly around the PC) quite happily because they don't go near the 13 amps permitted by the fuse. It's all about what you plug in, not just the number of items.

The dislike of multiple extension bars dates back to when most items in the house were high wattage and folk would link 2 or more bar heaters, a toaster and an iron into one socket with rather inevitable results. When the blown fuse gets replaced by tin foil or a bolt, the next inevitable results annoy the fire brigade.

Visa fingers 'very rare' data centre switch glitch for payment meltdown

John Riddoch

Yup, partial failures suck. I've seen a fibre path fail just enough to bugger up service but not quite enough for the OS to figure it needed to fail over to the 2nd path. Once we'd figured that out, it was just a matter of disabling the primary path and everything started working normally.

My PC is on fire! Can you back it up really, really fast?

John Riddoch

Re: I recall even my mum (a bit like Dilmom) telling me a fire story

Only real school fire we had was a small one in the woodwork room (I was nowhere near it, so don't know all the details). The rector (head teacher) decided it would be a great opportunity for a fire evacuation test. As we got to the top of the stairs, we could smell the burning smell which had permeated through the corridors - it certainly added a little more urgency to a fire alarm test!

BOFH: Guys? Guys? We need blockchain... can you install blockchain?

John Riddoch

Re: Familiar...

Surely all this needed was some fake status reports on request when the boss wanted updates? By the time he's wondering why nothing has actually been delivered, the next shiny will have appeared on the horizon to take his attention and you can "shut down" the Blockchain project....

Furious gunwoman opens fire at YouTube HQ, three people shot

John Riddoch

Re: Of all places

Is there anything stopping someone legally buying something like an AR-15 (insert over-powered gun of choice instead) in one state then driving to California to use it? I'm assuming there are a bunch of laws against possession of said weapon in CA, but if they're intending to shoot up people with it, those laws aren't really going to stop them....

Another day, another self-flying car pipe dream surfaces

John Riddoch

Re: That's all we need

"There is never any justifiable reason to overtake/undertake on the left"

Wrong. Read your Highway Code. There are at least two viable examples I can recall cited as valid reasons to pass on the left.

Charity accused of leaving sensitive notes behind after office move

John Riddoch

Read the article:

But in this case, the charity and local authority seem to have failed to do so in more ways than one, by allegedly declining the opportunity to pick up the docs.

According to the Evening News, Saunders claimed that neither the charity nor the council helped him when he raised the alarm, which he said prompted him to go to the newspaper.

It should still be reported to the ICO, though, as it's lax security of information.

BT backs down from charging millions in phone book listing fees

John Riddoch

I used to do that. Now I bypass the "sitting on the shelf" bit as any time I need a number, I just look it up online.

Linux's Grsecurity dev team takes blog 'libel' fight to higher court

John Riddoch

Well - from some of the commentary on Wikipedia (I know it's not a great source, but...):

- Grsecurity distribute patches to the kernel, these are governed by GPLv2

- Grsecurity only sell these (not distribute for free), but as well as the GPLv2 license, they attach use conditions, basically saying "if you distribute these as per GPLv2 you don't get any future releases"

Grsecurity claim this means they're abiding by GPLv2, Perens says it breaks GPLv2. I suspect Perens is right, but the IP lawyers will have a bun fight over it in court.

Woo-yay, Meltdown CPU fixes are here. Now, Spectre flaws will haunt tech industry for years

John Riddoch

I think some of the older T-class chips didn't have out of order execution, so they'll probably be safe. They're crap for single threaded workloads, though. I seem to recall POWER 6 didn't have it either, which is how they clocked it so fast (up to 5GHz) without melting.

As for other SPARC/POWER chips? Given that ARM is vulnerable and all of these are based on RISC design concepts, it's entirely plausible they're vulnerable as well. I don't know enough about chips to be able to answer that.

'Please store the internet on this floppy disk'

John Riddoch

Re: Stolen Focus

Similar issue - the target window has focus, but it's in a Citrix session in another monitor; the citrix session doesn't have focus... "Real" focus is actually another window in another monitor on my local PC....

John Riddoch

Re: I'm not sure what's worse

"screenshot in a word document"

Older version of MS Paint would default to saving in bitmap format - for a large monitor and 24/32 bit graphics, that would be a large file to attach to an email. Saving in word would compress it so you'd have a much smaller email. It's a poor solution, but for a non-savvy person, it can be quicker & easier.

Nowadays, paint seems to default to PNG format which is much better, so there shouldn't be any need to revert to Word.

Oh, the weather outside is frightful, but the data centre temp's delightful

John Riddoch

I've been in our conservatory when it's been over 40 degrees. I was lucky enough to not have to spend more than a minute or two there, getting some doors open, I'd hate to have had to work in that kind of heat....

Hot chips crashed servers, but were still delicious

John Riddoch

Re: Power Cables...

Yup, had one when I was at uni. One of the students reported a PC wasn't working, so I followed her to the room. Sure enough, it wouldn't turn on. Went to check power socket, the plug was slightly out. Pushed it in, powered on the machine gave her a bit of a look as she was looking sheepish and wandered out without saying another word.

Hardware has never been better, but it isn't a licence for code bloat

John Riddoch


It's now cheaper to throw an octo-core 3GHz CPU with 32GB of RAM at a problem than pay a programmer to code it on a single core 1GHz CPU with 2GB of RAM. It's perfectly plausible in many cases to do the latter, but why pay your expensive developer to do that when you can get a bigger server relatively cheaply?

HPE server firmware update permanently bricks network adapters

John Riddoch

Re: The good news...

In the "old days", firmwares were much smaller, simpler and less prone to requiring patching. Most of the "brains" was in silicon so there wasn't the need to drop firmware as much. These days, the custom silicon is expensive, coding firmware is cheap so bugs creep out and updates are required.

Add in scaling issues - if all you had was a single large Unix server, flipping the jumper is relatively trivial. With 1000+ servers in VMWare farms/private clouds, flipping all the jumpers becomes time consuming.

To be fair, there probably are jumpers, they're just set to allow updates for the reasons above.

There's a way to dodge Fasthosts' up-to-160% domain renewal hike but you're not gonna like it

John Riddoch

Re: Price gouging.

Probably because the owners of .clinic are charging more to domain resellers.

You forgot that you hired me and now you're saying it's my fault?

John Riddoch

Re: Ah, memories.

I remember using OHPs and going really high tech with a fancy display unit which would hook up to a PC and display your screen via said OHP. It wasn't a brilliant image IIRC, but it did work and was better than having to print out onto acetates or write stuff onto them.

Sysadmin tells user CSI-style password guessing never w– wait WTF?! It's 'PASSWORD1'!

John Riddoch

Re: Conficker

For a lot of my POC stuff (mainly on VMs on my laptop) where I don't care about security but can't be bothered fixing the complexity rules, I use "Passw0rd" which meets the necessary complexity requirements. "Password1" will generally get past most rulesets as well.

From the Dept of the Bleedin' Obvious... yes, drones hurt when they hit you in the head

John Riddoch

Yup, we need a view on the risks profiles and where the cut-off weight is between "acceptable risk" and "unacceptable risk". Without this study, some random number would be plucked out of the air and made law and argued about for years. With this study, the lawmakers can say "under these rules there is only an x% chance of serious injury".

Itching to stuff iOS 11 on your iPhone? You may want to hold off for a bit

John Riddoch

To be fair to Apple

"Apple always screws up the first iteration" - never use a .0 release of anything is a common mantra in computing, that's not limited to Apple. Of course the new code is going to have bugs and the .1 release will fix most of them (and introduce some new ones, no doubt...). In general, wait a couple of days for the early adopters to find the issues, figure out what they are and figure out if the new features are worth the hassle of the new issues.

HPE slices and dices globo org chart

John Riddoch

Bloody management speak:

"we’re going to right-size end-to-end cost structures of HPE to ensure we deliver on our financial architecture”


"jobs cuts incoming!"

Web crash and pricing errors hit Argos

John Riddoch

Re: Not necessarily

Per contract law, advertising a good at price X is considered an "invitation to treat". When you try to buy at that price, it's officially an "offer" which is generally accepted by the vendor. Where something is advertised at the wrong price, they can reject the offer to buy, the trick with online buying is at what point the offer is accepted and what conditions may be applied to the acceptance of that offer. I suspect all online traders now have something in the terms and conditions (which we all accept and never read) giving them the option of cancelling the accepted offer for a variety of reasons, thus giving themselves the weasel room to avoid sending you a 42" TV for £1.

There's a secondary issue around false advertising (bait and switch) if you intentionally advertise at price X but will only sell at price Y, but screwing up your website wouldn't be covered by that.

Check in my all-flash server-storage system? You must be mad! I'm taking it on-board

John Riddoch

Not quite so relevant for military...

The military have their own logistics for moving stuff around, including C-130s and Chinooks, so size/weight is less of a limiting factor than a "private" flyer.

Anyway, isn't everything supposed to be in the "cloud" these days? ;)

All the above said, I'm guessing there will be a niche market for these and they'll sell a handful of units, hopefully enough to recoup their R&D costs. Failing that, it'll be some expensive advertising and getting their name out & about.

Regulate, says Musk – OK, but who writes the New Robot Rules?

John Riddoch

Re: Working out what AI is thinking and why

Yup, neural networks in particular train themselves and developers may not understand how the specific neural pathways have been trained. Neural nets (and other "trained" AIs) are some of the most powerful computing resources available, but transparency isn't their strong point...

Hi Amazon, Google, Apple we might tax you on revenue rather than profit – love, Europe

John Riddoch

Re: Just change the current tax laws.

"I think you meant "that profit accrues" but that's the problem - you sell some software for 100 Euros in France and the French subsidiary internally pays it's Irish subsidiary 99.99 Euros because the company says the software IP is "owned" by the Irish subsidiary."

That's basically the issue - what is the "fair" reimbursement to the "parent" company. If I, as a UK resident, invented some cool widget which I sold through my UK company and a French subsiduary, it's entirely legitimate that some of the French profits should accrue to the UK company as the owner of the IP rights. In contrast, my accountants would recommend setting up an Irish subsiduary, "sell" the IP rights to it and funnel profits via Ireland, possibly also via some Caribbean tax haven as well. It would be legal (if done right) but doesn't make any logical business sense or reflect the true flow of money or profits and it's frankly taking the piss.

Indian call centre scammers are targeting BT customers

John Riddoch

"There is nothing for you here" in an ominous voice.

Absolutely accurate, too :)

10 minutes of silence storms iTunes charts thanks to awful Apple UI

John Riddoch

Re: Not limited to iPhones

VW Passat entertainment system isn't too bad - it'll remember which song it was on if I remove the USB drive to sync more songs to it and reconnect before starting up. Main issue is that if I try to shuffle, it only picks the first few hundred songs it finds, so I get a lot of AC/DC, Bullet for my Valentine, Black Sabbath etc, not so much ZZ Top, though....

HBO Game Of Thrones leak: Four 'techies' arrested in India

John Riddoch

Re: That was a big leak!

They'll probably get killed off in the next episode.

Red Hat banishes Btrfs from RHEL

John Riddoch


Nope, it's not better than ZFS for data protection if you have mirroring or RAID. Here's why:

While DIF/DIX will tell you at time of writing, it does sod-all after the fact, so if your data is corrupted due to any other reason, it will merely give an error (probably a SCSI read error, I'd assume). It won't even try to correct the fault.

Looking at Redhat's note on it, there are limitations on it (direct IO on XFS only - see https://access.redhat.com/solutions/41548). ZFS doesn't have those restrictions. The Redhat doc mentions it as a "new feature in the SCSI standard", so old disks won't support it. ZFS doesn't care what disks you use as long as they appear as an appropriate block/character device.

If you have ANY data corruption on ZFS, it'll detect it on read and if you have multiple data copies (mirrored, RAID-z or whatever), it'll fix it on the fly. If you only have a single copy, it'll error out and tell you which file(s) are unavailable, prompting you to recover those files.

Oracle do recommend you run a zpool scrub periodically (once a week on standard disks, once a month on enterprise level storage) to capture errors - that will also automatically fix any errors on the checksums.

ZFS does have a number of flaws (performance on a full zpool is pretty awful, for example), but it is very good at data integrity.

Google and its terrible, horrible, no good, very bad week in full

John Riddoch

"why Blacks are such fast runners?"

Probably due to eugenics as a side effect of the slave trade. The slave traders picked the strongest "specimens" from Africa and shipped them to the Americas as slaves. The weaker of those died off through over-work, so only the strongest survived. This meant that blacks in America were from a hardy, strong stock which is well suited to various sports (basketball, sprinting, etc).

It's benefited them, but it doesn't justify slavery or what was done to them.

CMD.EXE gets first makeover in 20 years in new Windows 10 build

John Riddoch

Re: What's the point?

"Console windows are used by lots of things other than the command prompt." yup - you'll find things getting launched as "cmd.exe /s [something]". Yes, it's probably just laziness, but in many cases, it's effective and simple and simple means less likely to have bugs.

I've got a verbal govt contract for Hyperloop, claims His Muskiness

John Riddoch

I've said it before - a lot of Elon Musk's ideas are pie in the sky, but if we don't aim for that, we'll keep making small incremental steps. Something from his ideas will work in a real word setting and may revolutionise part of our lives or our planet and that has to be a good thing.

User filed fake trouble tickets to take helpful sysadmin to lunches

John Riddoch

Happened to me

While I was working at a university in the computing department, we had a student from the engineering school (which did an MSc in Information systems) come across asking to use the SPARCstations and the Oracle DB for her summer project. I set her up with logins and gave her some minimal help when she'd needed it.

Near the end of the project, I was in the lab reinstalling the servers (we gave them a clean build over summer) she thanked me for the help (which had been minimal) and asked what I liked to drink. I said whisky, half expecting a half bottle of Grants or something to appear and was rather shocked when she came back a few days later with a 70cl bottle of Balvenie :)

Given how little help I'd actually provided, I was rather shocked, but wasn't going to say no :)

School of card knocks: Russophone criminals offered online courses in credit card fraud

John Riddoch

Re: Sounds great...

That depends on whose card it is/was...

Solaris, Java have vulns that let users run riot

John Riddoch

Calendar manager has been a security screwup for at least 10 years and I remember switching it off across all our servers many moons ago. I doubt many desktop Solaris users even use CDE these days (Gnome being preferred) so it should have been switched off/uninstalled.

As for Java, yeah, the vast majority relate to "untrusted code" which basically means "code run in the browser" in the majority of cases. Another reason I don't install Java browser extensions and I haven't missed them in ages.


Biting the hand that feeds IT © 1998–2019