* Posts by Paul Crawford

3392 posts • joined 15 Mar 2007

China passes new Cybersecurity Law – you have seven months to comply if you wanna do biz in Middle Kingdom

Paul Crawford
Silver badge

But what will the USA actually do?

The Chinese now have their factories and most production process/IP by the balls.

1
1

CERN also has a particle decelerator – and it’s trying to break physics

Paul Crawford
Silver badge

Next question...

Does antimatter fall down?

Of course that is what is expected from all theories, but AFIK it has never been experimentally verified.

8
0

Adblock overlord to Zuckerberg: Lay down your weapons and surrender

Paul Crawford
Silver badge

Re: "We’ll strike back," he promised.

What can the ad-blockers Facebook do that can't be easily undone by Facebook the ad-blockers?

Is more to the point. Unless FB runs adverts from their own servers just like user posts, its still easily separable. And if they do that they can't rely upon 3rd party advertisement houses for revenue.

That is, of course, quite possible. But then the second step is for ad-blockers to disable any animated image/video by default. So FB still punts ads, but they are now neutered in terms of bandwidth and annoyance so really the user has won by not being force-fed any more shit that their "friends" on FB normally punt at them.

18
0

Windows 10 market share stalls after free upgrade offer ends

Paul Crawford
Silver badge

Re: "printer manufacturers"

Generally you will find that (1) any postscript printer works just fine, and (2) most HP models work fine (if you can forgive them over the recent deliberate stuffing of 3rd party ink cartridges that is).

So the quickest test is will it work on a Mac? If so it probably will for Linux, but a little bit of looking around will often show user's experience of the whole thing, for example: https://www.openprinting.org/printers

8
0

Researchers tag new brace of bugs in NTP, but they're fixable

Paul Crawford
Silver badge

Re: Inexpensive fix

Using a cheap GPS for accurate time is not quite so trivial though, as you need to set it up to use the 1 PPS timing signal as an additional input, since the RS232 messages have a significant delay and lots of jitter (tens of ms or more). Here is one example of doing so, but I have not tried it myself:

http://www.rjsystems.nl/en/2100-ntpd-garmin-gps-18-lvc-gpsd.php

0
0

Uber drivers entitled to UK minimum wage, London tribunal rules

Paul Crawford
Silver badge

Re: Will this do anything...

Will also be interesting how a driver-less taxi can deal with disabled passengers who need assistance to board and/or load luggage.

Will they argue they can only take orders from the able-bodied?

Or that somehow taking payment for travel is not making them a taxi service?

8
2

Microsoft goes back to the drawing board – literally, with 28" tablet and hockey puck knob

Paul Crawford
Silver badge

Re: Windows 10

A few minutes removing the crud from the start menu, a quick search and the unwanted applications are gone with some powershell scripts and then sort out the snooping (as much as you can).

Now if only MS had the technical expertises to do that and not have but a few skilled users like yourself enjoying the non-shitty version...

2
0

PayPal patches bone-headed two factor authentication bypass

Paul Crawford
Silver badge

Re: 2fa choices

A lot of UK banks use your debit/credit card and a "card reader" gadget that allow them to send you a code (on web page) and you then answer with a hashed version that provides a means of checking its you and the amount you wish to transfer, etc. I'm guessing the code they send and the maths involving the amount makes it hard to MITM modify enough to easily abuse your account even if your PC is hopelessly compromised.

Also you used to get the RSA key fobs for email (and sometimes banking) where you get a random 6 digit number every minute and that sequence can be checked at the server end to see if its likely to be you attempting a login, etc. But then RSA got compromised (pretty bad for a security company) and as they kept the master keys to keep businesses paying, all of their customers were also compromised. Had each end customer managed their own keys, etc, the damage would have been much lower.

2
0

Microsoft's Surface Studio desk-slab, Dial knob, Surface Book: We get our claws on new kit

Paul Crawford
Silver badge

Nice hardware, but...

So it like an iMac, but with a privacy-slurping OS that gains you a few more programs you could use on it?

4
11

IBM Australia didn't stress-test #censusfail router and blocked password resets

Paul Crawford
Silver badge

Re: Turn it off and back on

But sometimes it does the opposite - you find that config was updated in memory and not saved, so it comes up broken. Either way, it is really stupid that they did not test a complete reboot/power cycle of the system.

2
0

The cloud is not new. What we are doing with it is

Paul Crawford
Silver badge

Commoditisation

One issue with commoditisation or the more general "utility supply" model for IT is it is rather different from most other things we have. Take electricity or gas as a good example, unless you are in the middle of nowhere or have some absolutely critical system you don't have your own generator, and only proper IT places even consider a UPS to allow for glitches in supply and orderly shut down. The reason of course is that the supply of such things is to a simple standard and with very little difference its the same from any utility world wide. Same for food, we are pretty much omnivores so can easily change to what food is on offer from any supplier.

But with IT we have the continued issue of lock-in, either from APIs that only one vendor supports (properly and fully, maybe not even that) or from a growing archive of unique data that becomes a major issue to migrate. And no one is really up for paying for two redundant cloud suppliers "just in case" the brown stuff meets that rotating air mover. In sort, we can't simply move from one supplier to another with ease, except for a few very basic cases like backup storage.

Sure with on-site stuff we still have a form of lock-in as its rarely simple to replace stuff without changes, but we are not normally in a position of an external supplier being in control of what we can do with it. With the cloud they can (and often do) make changes that you have no control over, and can shut you down or price you out of competition more easily because they have your data.

11
0

'Biggest ever' Linux release

Paul Crawford
Silver badge

Re: "commits"

perpetrate or carry out (a mistake, crime, or immoral act)

Well that kind of summarises a lot of the pointless GUI changes and removal of useful features that seems to be today's norm.

2
0

It's nearly 2017 and JPEGs, PDFs, font files can hijack your Apple Mac, iPhone, iPad

Paul Crawford
Silver badge

Re: Cupertino is ...

What we need is heavy-duty sandboxing so that *when* the application is compromised, the miscreants don't have much in the way of resources to play with.

We already have this - its called apparmor

However, its not usually configured because it "gets in the way" and you also have the problem that many developers don't give a flying fsck about looking after a sane access profile. See also:

https://www.ncsc.gov.uk/guidance/end-user-devices-security-guidance-ubuntu-1404-lts

1
0

Is this the worst Blockchain idea you've ever heard?

Paul Crawford
Silver badge

Blockchain technology for music payment seems a dead end, but there is a valid point that the world could well do with some form of micropayment system that dose not involve the septic tank of on-line advertisement networks.

Something where you could pay of the order of 0.1p per music/video play directly (more or less) to the folk who did the work. Cheap and painless so folk don't mind paying for a clean experience (and probably well above what they get from YouTube...)

20
0

Open-source storage that doesn't suck? Our man tries to break TrueNAS

Paul Crawford
Silver badge

Re: The dated interface

Please, please don't make it into another sucky "modern" style! OK?

Keep it functional and discoverable for users who rarely touch the box.

2
0
Paul Crawford
Silver badge

Re: Fail over?

You don't need a cluster for fail-over, only if you want no outage at all.

With two heads you can operate active-active or active-passive depending on the number of shares (1 share = active-passive only). If once goes down the other takes over that pool of data after a moderate time.

3
0
Paul Crawford
Silver badge

Fail over?

What are the reasons that will trigger a fail-over, and do the heads have some watchdog to force a reboot/fail-over in case one head gets sick?

I ask this as someone who has suffered from the Sun Oracle ZFS appliance that would only fail over on a kernel panic of the other head. But the other head would invariably get stuffed in such a manner as to stop serving storage but not so screwed that it stopped the heartbeat links that arbitrated between them. We ended up using our nagios monitoring machine to check for usable NFS mounts and if that went bad for a while it would SSH in to the active head's ILOM to kick it in the NMI button.

2
0

Report: UK counter-terrorism plan Prevent is 'unjust', 'counterproductive'

Paul Crawford
Silver badge

Re: Demonisation

Look around, look back over recent history, and you will always see the "other nation/religion/colour are top blame" as the reason of choice for morons and the politicians craving their support or following an agenda where it suits them.

9
2
Paul Crawford
Silver badge

Re: Display

If you "follow procedure", it doesn't matter how horrific the consequences, you are free of all responsibility for your actions.

They thought differently at Nuremberg

9
2

Ubuntu 16.10: Yakkety Yak... Unity 8's not wack

Paul Crawford
Silver badge

The Gnome devs have ripped out the most useful ... conform to the current Gnome group-think on UI design (which says that the way to make things easy to use is to simply not have any useful features).

Do they ever actually use their own software for real? You get the impression they are bored teenagers who will do anything but bug-fix their own code.

6
0

SHA3-256 is quantum-proof, should last BEELLIONS of years, say boffins

Paul Crawford
Silver badge

Re: Hash functions

The problem they worry about is not the inevitable collisions in the mind bogglingly vast 2^256 numeric space of the hash function, it is the ease (or otherwise) of engineering such a collision so that you can fake a digital signature for nefarious purposes.

13
0

US government wants Microsoft 'Irish email' case reopened

Paul Crawford
Silver badge

Re: users don't control where data resides?

Of course, Google, MS, et al could simply offer a user tick-box choice of data centre jurisdiction and side-step that argument.

But more realistically the best option is not to store any important data on US companies' servers unless you hole the encryption keys. So no web email, etc, where it has to be plain text at the cloud end to access.

14
0

Dutch govt ordered to use open standards for comms from 2017

Paul Crawford
Silver badge

Re: German city coucil

That get trotted out time and time again, mostly because a new mayor complained in 2014. However I see no news of any actual change back, For example the time line here cover that (with some references to check up on):

https://en.wikipedia.org/wiki/LiMux#Timeline

Also you have a chicken and egg problem, if everyone is using something like docx which is not-quite-standard you have compatibility issues (a bit like MS has with differing versions of Word but to a smaller degree). By mandating odt standard you get an impetus to improve behaviour both in LibreOffice and MS Office (which can do odt, it just bitches about it to discourage its use).

7
0

Email security: We CAN fix the tech, but what about the humans?

Paul Crawford
Silver badge

Re: "Not really. What you can do, they can UNdo"

But it makes it harder. And that is ALL you can hope for, as perfect security is simply not possible.

Step 1) Make it harder for the bar stewards.

Step 2) Have a tested, off-site recovery process.

Step 3) Underpants! Profit!

1
0
Paul Crawford
Silver badge

Indeed, the use of things like apparmor to limit just what areas the email client can read/write to is one thing, but obviously gets in to problems in usability given most users want to be able to save and attach from their normal document areas. Still, it avoids your SSH keys being emailed out by mistake...

The other thing that can help a bit is to deny execution to user-writeable areas, either my Linux mount options or windows ACLs. Can be inconvenient for software developers and won't block all scripting or similar attacks, but its a start.

Most of all stop word processors, etc, from executing bloody scripts :(

4
0

One-quarter of UK police websites lack a secure connection

Paul Crawford
Silver badge

Goverment in general?

How do the police sites compare to the government in general? Of course the police are probably handling more sensitive data, but a lot of gov sites have been crap in my limited experience of using them.

1
0

SSDs in the enterprise: It's about more than just speed

Paul Crawford
Silver badge

in the long run, will be about economics and the dollar-per-bit cost

Generally it always is, as performance vs cost for RAID / short-stroking, etc, has been covered.

But for now if you have lots of data (e.g. tens of TB) and limited / sequential access patterns HDD is still way cheaper. When that changes we will buy SSD in a flash.

6
0

Confirmed: UK police forces own IMSI grabbers, but keeping schtum on use

Paul Crawford
Silver badge

Re: OTT Comms

It tells them which phones are nearby, in many cases that is very useful.

Also you have to remember that very few criminals are masterminds like Moriarty...

2
0

Nuke plant has been hacked, says Atomic Energy Agency director

Paul Crawford
Silver badge

Re: Not a surprise

I can only surmise that the "Illuminati" are not some fictive underground secret society but far more likely to be those that we ourselves put into power.

Never attribute to malice that which can adequately be explained by stupidity.

33
0

Russia tests sat jamming

Paul Crawford
Silver badge

Not so necessary as a lot of satellites only dump to polar sites (and receive telecommand updates as well). Given how much harder it is to support the Antarctic compared to, say Fairbanks in Alaska, you could cause serious pain-in-the-ass for all operators by interfering with even just S-band TTC there.

There are other options like TDRS to avoid dependency on dumping to a polar site (and the delays in getting data that way) but a lot of folk depend on that region.

0
0

Command line coffee machine: Hacker shuns app so he can stay at the keyboard for longer

Paul Crawford
Silver badge
Gimp

Re: Make coffee

I thought it was meant for making coffee.

Indeed, last time I ordered that I could not sit properly for 3 days...

2
0

Simpsons creator Matt Groening once drew Mac heaven for Apple

Paul Crawford
Silver badge

Re: " Alpha was sold to Intel, which snuffed it."

Thanks - I stand corrected.

It was still a stupid move by management though :(

0
0
Paul Crawford
Silver badge

Re: " Alpha was sold to Intel, which snuffed it."

I think Compaq was owned by HP at that time, so you can see it as yet another great post-Bill Hewlett/Dave Packard blunder by HP. I feel the need to troll HP by asking how those Itanium sales are doing, but I will avoid that iceberg for now.

Prior to its death, the Alpha chip was regularly top of the floating-point speed results for the "SETI at home" screen-saver and signal processor.

0
0

Apple to automatically cram macOS Sierra into Macs – 'cos that worked well for Windows 10

Paul Crawford
Silver badge

Re: @Chairo

The new "modern" interfaces feel like a return to the bad old times of 8bit processors and low-res graphics with severely limited color space.

Now if only those "modern" interfaces responded as quickly as similar 2D limited colour DOS software on a 386 did...

9
0

A year living with the Nexus 5X – the good, the bad, and the Nougat

Paul Crawford
Silver badge

Re: Spot on review!

My PC sucks! What, should I wipe and reinstall Windows?

My phone sucks! What, should I wipe and reinstall factory reset it?

Ah the great strides that 20 years of OS design have brought...

22
0
Paul Crawford
Silver badge

Battery life?

Possibly the most impressive thing about the new phone is battery life. A day's use is easily handled

No, it is not impressive at all. It might be a little less shit than some competitors, but lasting one day or so is really not anything to write home about. One week would be newsworthy!

15
1

Blighty's telly, radio watchdog Ofcom does a swear

Paul Crawford
Silver badge

Re: So wait

Does the rug taste better with some mayo on it?

0
0

Upstart bags $2.5m to help put the brakes on self-driving car hackers

Paul Crawford
Silver badge

Autonomous?

"To enable full autonomy, a car should have more externally connected electronic control units vs connected cars," Barzilai explained.

WTF is this? So a supposedly autonomous vehicle will not work properly in the event of no mobile connection, or if the other vehicles it encounters are meatbag driven?

Some one needs to take a clue-hammer to this guy and demand that any autonomous car can work and are tested under adverse communication situations, otherwise a $20 Chinese mobile jammer will be able to bring cities to the knees by blocking the roads with malfunctioning cars.

0
0

BOFH: There are no wrong answers, just wrong questions. Mmm, really wrong ones

Paul Crawford
Silver badge

Cider drinker?

https://www.youtube.com/watch?v=mIBMt28d1FA

1
0

Google finds its G Suite spot: Renames apps, talks up AI and BigQuery

Paul Crawford
Silver badge
Coat

G Suite

G Suite - the G string for professionals!

Thanks, mine is the mankini in the corner =>

0
0

HP Ink COO: Sorry not sorry we bricked your otherwise totally fine printer cartridges

Paul Crawford
Silver badge

Re: Oh I've definitely got a soft spot for HP printers

I bought a LaserJet6 in around 1998-ish for serious money (about £600 I think) and it is still working here doing its job. OK I need to have a parallel printer port but at least they still exist on many motherboards if you use one of the ribbon cable thingies.

Now I would not touch HP printers with a barge pole

2
0

Wow, still using disk and PCIe storage? You look like a flash-on victim, darling – it isn't 2014

Paul Crawford
Silver badge

Memory mapping?

"an OS takes too much time"

For many cases you can memory-map a file and as you initially access it, it gets paged in to RAM by the virtual memory system.

Downside is the rare occasions when it is flushed back to disk (typically only if you ask for that, or by properly un-mapping closing the file). So you gain speed but lose consistency/integrity.

0
0

Sage advice: Avoid the Windows 10 Anniversary Update – it knackers our accounting app

Paul Crawford
Silver badge

Re: The missus reckons we should bite the bullet and embrace the penguin.

No point in asking then, you'd be flogging a dead horse.

3
0
Paul Crawford
Silver badge

Re: do we REALLY need to be able to run 16-bit applications in this day and age?

In a number of cases - yes. Companies have programs written for the DOS era that do the job perfectly, and have been for donkey's years. Replacing them would bring a whole lot of cost, risk and business interruptions so if there is not a good reason to change them, they don't.

A good reason is something better for the company. Having your OS provider pull things for little reason is not seen as a good reason.

Ironically for many DOS programs (as opposed to Windows 3.1 16-bit stuff) you get better behaviour from dosemu on Linux, and the options (if you need/dare) to allow direct hardware access to certain things.

7
0

Did last night's US presidential debate Wi-Fi rip-off break the law?

Paul Crawford
Silver badge

Lets hope they get soundly spanked for this - as it is exactly the same principle as the hotel's gouging.

If would be more sympathetic if they had offered all attendees free use of a professional capacity Wi-Fi service they had and politely asked not to interfere thank-you very much, but they did neither.

21
1

Unlucky Luckey: Oculus developers invoke anti-douchebag clause, halt games for VR goggles

Paul Crawford
Silver badge

Re: That said, I must admit I'm uncomfortable talking politics in a tech forum.

We should engage in politics, all of us with all view points. But sadly it seems many are swayed by the sound bites and general picture+lies shit that gets shared on Facebook these days.

However, Luckey is simple a douchbag for his methods of spreading his political views.

6
1

Hubble spies on Europa shooting alien juice from its southern pole

Paul Crawford
Silver badge

Re: "Becoming A TOTAL Earth Science Skeptic" at FauxScienceSlayer

Keep taking your dried frog pills, son. Keep taking them...

7
0
Paul Crawford
Silver badge

Re: The interstellar war would be very short

Maybe that has already started. You know the alien abduction stories...

No, that is just sex tourism, you know the "pluck'em, fuck'em and chuck'em" brochure from the more dubious shops in Alpha Centauri region. That is why they go for red-necks mostly, no one believes what they say afterwards.

4
0

Scale-out sister? Unreliable disks are better for your storage

Paul Crawford
Silver badge

Not so new

The "enterprise" HDD normally had a short re-try time because they were typically used in RAID where it matters a lot less if a sector is bad as it can be fixed from the parity. Of course, they usually also promised better integrity like ECC RAM and so on, more reliable mechanics, etc. Whether it really was delivered in all cases is another matter...

Of course we see different options being sold (such as WD 'red' etc) for this, so I doubt very much if the HDD makers are willing to lose profit margins by making an HDD that allows you to configure key settings like retry time-out, etc, to help its RAID-using customers.

9
0

Unimpressed with Ubuntu 16.10? Yakkety Yak... don't talk back

Paul Crawford
Silver badge

Indeed, and you can disable such advertising feedback spying in Ubuntu without having to pay for the most expensive enterprise version of the software (unlike Windows 10).

14
2

Forums

Biting the hand that feeds IT © 1998–2017