* Posts by Paul Crawford

3484 posts • joined 15 Mar 2007

Microsoft's Surface Studio desk-slab, Dial knob, Surface Book: We get our claws on new kit

Paul Crawford
Silver badge

Nice hardware, but...

So it like an iMac, but with a privacy-slurping OS that gains you a few more programs you could use on it?

4
11

IBM Australia didn't stress-test #censusfail router and blocked password resets

Paul Crawford
Silver badge

Re: Turn it off and back on

But sometimes it does the opposite - you find that config was updated in memory and not saved, so it comes up broken. Either way, it is really stupid that they did not test a complete reboot/power cycle of the system.

2
0

The cloud is not new. What we are doing with it is

Paul Crawford
Silver badge

Commoditisation

One issue with commoditisation or the more general "utility supply" model for IT is it is rather different from most other things we have. Take electricity or gas as a good example, unless you are in the middle of nowhere or have some absolutely critical system you don't have your own generator, and only proper IT places even consider a UPS to allow for glitches in supply and orderly shut down. The reason of course is that the supply of such things is to a simple standard and with very little difference its the same from any utility world wide. Same for food, we are pretty much omnivores so can easily change to what food is on offer from any supplier.

But with IT we have the continued issue of lock-in, either from APIs that only one vendor supports (properly and fully, maybe not even that) or from a growing archive of unique data that becomes a major issue to migrate. And no one is really up for paying for two redundant cloud suppliers "just in case" the brown stuff meets that rotating air mover. In sort, we can't simply move from one supplier to another with ease, except for a few very basic cases like backup storage.

Sure with on-site stuff we still have a form of lock-in as its rarely simple to replace stuff without changes, but we are not normally in a position of an external supplier being in control of what we can do with it. With the cloud they can (and often do) make changes that you have no control over, and can shut you down or price you out of competition more easily because they have your data.

11
0

'Biggest ever' Linux release

Paul Crawford
Silver badge

Re: "commits"

perpetrate or carry out (a mistake, crime, or immoral act)

Well that kind of summarises a lot of the pointless GUI changes and removal of useful features that seems to be today's norm.

2
0

It's nearly 2017 and JPEGs, PDFs, font files can hijack your Apple Mac, iPhone, iPad

Paul Crawford
Silver badge

Re: Cupertino is ...

What we need is heavy-duty sandboxing so that *when* the application is compromised, the miscreants don't have much in the way of resources to play with.

We already have this - its called apparmor

However, its not usually configured because it "gets in the way" and you also have the problem that many developers don't give a flying fsck about looking after a sane access profile. See also:

https://www.ncsc.gov.uk/guidance/end-user-devices-security-guidance-ubuntu-1404-lts

1
0

Is this the worst Blockchain idea you've ever heard?

Paul Crawford
Silver badge

Blockchain technology for music payment seems a dead end, but there is a valid point that the world could well do with some form of micropayment system that dose not involve the septic tank of on-line advertisement networks.

Something where you could pay of the order of 0.1p per music/video play directly (more or less) to the folk who did the work. Cheap and painless so folk don't mind paying for a clean experience (and probably well above what they get from YouTube...)

20
0

Open-source storage that doesn't suck? Our man tries to break TrueNAS

Paul Crawford
Silver badge

Re: The dated interface

Please, please don't make it into another sucky "modern" style! OK?

Keep it functional and discoverable for users who rarely touch the box.

2
0
Paul Crawford
Silver badge

Re: Fail over?

You don't need a cluster for fail-over, only if you want no outage at all.

With two heads you can operate active-active or active-passive depending on the number of shares (1 share = active-passive only). If once goes down the other takes over that pool of data after a moderate time.

3
0
Paul Crawford
Silver badge

Fail over?

What are the reasons that will trigger a fail-over, and do the heads have some watchdog to force a reboot/fail-over in case one head gets sick?

I ask this as someone who has suffered from the Sun Oracle ZFS appliance that would only fail over on a kernel panic of the other head. But the other head would invariably get stuffed in such a manner as to stop serving storage but not so screwed that it stopped the heartbeat links that arbitrated between them. We ended up using our nagios monitoring machine to check for usable NFS mounts and if that went bad for a while it would SSH in to the active head's ILOM to kick it in the NMI button.

2
0

Report: UK counter-terrorism plan Prevent is 'unjust', 'counterproductive'

Paul Crawford
Silver badge

Re: Demonisation

Look around, look back over recent history, and you will always see the "other nation/religion/colour are top blame" as the reason of choice for morons and the politicians craving their support or following an agenda where it suits them.

9
2
Paul Crawford
Silver badge

Re: Display

If you "follow procedure", it doesn't matter how horrific the consequences, you are free of all responsibility for your actions.

They thought differently at Nuremberg

9
2

Ubuntu 16.10: Yakkety Yak... Unity 8's not wack

Paul Crawford
Silver badge

The Gnome devs have ripped out the most useful ... conform to the current Gnome group-think on UI design (which says that the way to make things easy to use is to simply not have any useful features).

Do they ever actually use their own software for real? You get the impression they are bored teenagers who will do anything but bug-fix their own code.

6
0

SHA3-256 is quantum-proof, should last BEELLIONS of years, say boffins

Paul Crawford
Silver badge

Re: Hash functions

The problem they worry about is not the inevitable collisions in the mind bogglingly vast 2^256 numeric space of the hash function, it is the ease (or otherwise) of engineering such a collision so that you can fake a digital signature for nefarious purposes.

13
0

US government wants Microsoft 'Irish email' case reopened

Paul Crawford
Silver badge

Re: users don't control where data resides?

Of course, Google, MS, et al could simply offer a user tick-box choice of data centre jurisdiction and side-step that argument.

But more realistically the best option is not to store any important data on US companies' servers unless you hole the encryption keys. So no web email, etc, where it has to be plain text at the cloud end to access.

14
0

Dutch govt ordered to use open standards for comms from 2017

Paul Crawford
Silver badge

Re: German city coucil

That get trotted out time and time again, mostly because a new mayor complained in 2014. However I see no news of any actual change back, For example the time line here cover that (with some references to check up on):

https://en.wikipedia.org/wiki/LiMux#Timeline

Also you have a chicken and egg problem, if everyone is using something like docx which is not-quite-standard you have compatibility issues (a bit like MS has with differing versions of Word but to a smaller degree). By mandating odt standard you get an impetus to improve behaviour both in LibreOffice and MS Office (which can do odt, it just bitches about it to discourage its use).

7
0

Email security: We CAN fix the tech, but what about the humans?

Paul Crawford
Silver badge

Re: "Not really. What you can do, they can UNdo"

But it makes it harder. And that is ALL you can hope for, as perfect security is simply not possible.

Step 1) Make it harder for the bar stewards.

Step 2) Have a tested, off-site recovery process.

Step 3) Underpants! Profit!

1
0
Paul Crawford
Silver badge

Indeed, the use of things like apparmor to limit just what areas the email client can read/write to is one thing, but obviously gets in to problems in usability given most users want to be able to save and attach from their normal document areas. Still, it avoids your SSH keys being emailed out by mistake...

The other thing that can help a bit is to deny execution to user-writeable areas, either my Linux mount options or windows ACLs. Can be inconvenient for software developers and won't block all scripting or similar attacks, but its a start.

Most of all stop word processors, etc, from executing bloody scripts :(

4
0

One-quarter of UK police websites lack a secure connection

Paul Crawford
Silver badge

Goverment in general?

How do the police sites compare to the government in general? Of course the police are probably handling more sensitive data, but a lot of gov sites have been crap in my limited experience of using them.

1
0

SSDs in the enterprise: It's about more than just speed

Paul Crawford
Silver badge

in the long run, will be about economics and the dollar-per-bit cost

Generally it always is, as performance vs cost for RAID / short-stroking, etc, has been covered.

But for now if you have lots of data (e.g. tens of TB) and limited / sequential access patterns HDD is still way cheaper. When that changes we will buy SSD in a flash.

6
0

Confirmed: UK police forces own IMSI grabbers, but keeping schtum on use

Paul Crawford
Silver badge

Re: OTT Comms

It tells them which phones are nearby, in many cases that is very useful.

Also you have to remember that very few criminals are masterminds like Moriarty...

2
0

Nuke plant has been hacked, says Atomic Energy Agency director

Paul Crawford
Silver badge

Re: Not a surprise

I can only surmise that the "Illuminati" are not some fictive underground secret society but far more likely to be those that we ourselves put into power.

Never attribute to malice that which can adequately be explained by stupidity.

33
0

Russia tests sat jamming

Paul Crawford
Silver badge

Not so necessary as a lot of satellites only dump to polar sites (and receive telecommand updates as well). Given how much harder it is to support the Antarctic compared to, say Fairbanks in Alaska, you could cause serious pain-in-the-ass for all operators by interfering with even just S-band TTC there.

There are other options like TDRS to avoid dependency on dumping to a polar site (and the delays in getting data that way) but a lot of folk depend on that region.

0
0

Command line coffee machine: Hacker shuns app so he can stay at the keyboard for longer

Paul Crawford
Silver badge
Gimp

Re: Make coffee

I thought it was meant for making coffee.

Indeed, last time I ordered that I could not sit properly for 3 days...

2
0

Simpsons creator Matt Groening once drew Mac heaven for Apple

Paul Crawford
Silver badge

Re: " Alpha was sold to Intel, which snuffed it."

Thanks - I stand corrected.

It was still a stupid move by management though :(

0
0
Paul Crawford
Silver badge

Re: " Alpha was sold to Intel, which snuffed it."

I think Compaq was owned by HP at that time, so you can see it as yet another great post-Bill Hewlett/Dave Packard blunder by HP. I feel the need to troll HP by asking how those Itanium sales are doing, but I will avoid that iceberg for now.

Prior to its death, the Alpha chip was regularly top of the floating-point speed results for the "SETI at home" screen-saver and signal processor.

0
0

Apple to automatically cram macOS Sierra into Macs – 'cos that worked well for Windows 10

Paul Crawford
Silver badge

Re: @Chairo

The new "modern" interfaces feel like a return to the bad old times of 8bit processors and low-res graphics with severely limited color space.

Now if only those "modern" interfaces responded as quickly as similar 2D limited colour DOS software on a 386 did...

9
0

A year living with the Nexus 5X – the good, the bad, and the Nougat

Paul Crawford
Silver badge

Re: Spot on review!

My PC sucks! What, should I wipe and reinstall Windows?

My phone sucks! What, should I wipe and reinstall factory reset it?

Ah the great strides that 20 years of OS design have brought...

22
0
Paul Crawford
Silver badge

Battery life?

Possibly the most impressive thing about the new phone is battery life. A day's use is easily handled

No, it is not impressive at all. It might be a little less shit than some competitors, but lasting one day or so is really not anything to write home about. One week would be newsworthy!

15
1

Blighty's telly, radio watchdog Ofcom does a swear

Paul Crawford
Silver badge

Re: So wait

Does the rug taste better with some mayo on it?

0
0

Upstart bags $2.5m to help put the brakes on self-driving car hackers

Paul Crawford
Silver badge

Autonomous?

"To enable full autonomy, a car should have more externally connected electronic control units vs connected cars," Barzilai explained.

WTF is this? So a supposedly autonomous vehicle will not work properly in the event of no mobile connection, or if the other vehicles it encounters are meatbag driven?

Some one needs to take a clue-hammer to this guy and demand that any autonomous car can work and are tested under adverse communication situations, otherwise a $20 Chinese mobile jammer will be able to bring cities to the knees by blocking the roads with malfunctioning cars.

0
0

BOFH: There are no wrong answers, just wrong questions. Mmm, really wrong ones

Paul Crawford
Silver badge

Cider drinker?

https://www.youtube.com/watch?v=mIBMt28d1FA

1
0

Google finds its G Suite spot: Renames apps, talks up AI and BigQuery

Paul Crawford
Silver badge
Coat

G Suite

G Suite - the G string for professionals!

Thanks, mine is the mankini in the corner =>

0
0

HP Ink COO: Sorry not sorry we bricked your otherwise totally fine printer cartridges

Paul Crawford
Silver badge

Re: Oh I've definitely got a soft spot for HP printers

I bought a LaserJet6 in around 1998-ish for serious money (about £600 I think) and it is still working here doing its job. OK I need to have a parallel printer port but at least they still exist on many motherboards if you use one of the ribbon cable thingies.

Now I would not touch HP printers with a barge pole

2
0

Wow, still using disk and PCIe storage? You look like a flash-on victim, darling – it isn't 2014

Paul Crawford
Silver badge

Memory mapping?

"an OS takes too much time"

For many cases you can memory-map a file and as you initially access it, it gets paged in to RAM by the virtual memory system.

Downside is the rare occasions when it is flushed back to disk (typically only if you ask for that, or by properly un-mapping closing the file). So you gain speed but lose consistency/integrity.

0
0

Sage advice: Avoid the Windows 10 Anniversary Update – it knackers our accounting app

Paul Crawford
Silver badge

Re: The missus reckons we should bite the bullet and embrace the penguin.

No point in asking then, you'd be flogging a dead horse.

3
0
Paul Crawford
Silver badge

Re: do we REALLY need to be able to run 16-bit applications in this day and age?

In a number of cases - yes. Companies have programs written for the DOS era that do the job perfectly, and have been for donkey's years. Replacing them would bring a whole lot of cost, risk and business interruptions so if there is not a good reason to change them, they don't.

A good reason is something better for the company. Having your OS provider pull things for little reason is not seen as a good reason.

Ironically for many DOS programs (as opposed to Windows 3.1 16-bit stuff) you get better behaviour from dosemu on Linux, and the options (if you need/dare) to allow direct hardware access to certain things.

7
0

Did last night's US presidential debate Wi-Fi rip-off break the law?

Paul Crawford
Silver badge

Lets hope they get soundly spanked for this - as it is exactly the same principle as the hotel's gouging.

If would be more sympathetic if they had offered all attendees free use of a professional capacity Wi-Fi service they had and politely asked not to interfere thank-you very much, but they did neither.

21
1

Unlucky Luckey: Oculus developers invoke anti-douchebag clause, halt games for VR goggles

Paul Crawford
Silver badge

Re: That said, I must admit I'm uncomfortable talking politics in a tech forum.

We should engage in politics, all of us with all view points. But sadly it seems many are swayed by the sound bites and general picture+lies shit that gets shared on Facebook these days.

However, Luckey is simple a douchbag for his methods of spreading his political views.

6
1

Hubble spies on Europa shooting alien juice from its southern pole

Paul Crawford
Silver badge

Re: "Becoming A TOTAL Earth Science Skeptic" at FauxScienceSlayer

Keep taking your dried frog pills, son. Keep taking them...

7
0
Paul Crawford
Silver badge

Re: The interstellar war would be very short

Maybe that has already started. You know the alien abduction stories...

No, that is just sex tourism, you know the "pluck'em, fuck'em and chuck'em" brochure from the more dubious shops in Alpha Centauri region. That is why they go for red-necks mostly, no one believes what they say afterwards.

4
0

Scale-out sister? Unreliable disks are better for your storage

Paul Crawford
Silver badge

Not so new

The "enterprise" HDD normally had a short re-try time because they were typically used in RAID where it matters a lot less if a sector is bad as it can be fixed from the parity. Of course, they usually also promised better integrity like ECC RAM and so on, more reliable mechanics, etc. Whether it really was delivered in all cases is another matter...

Of course we see different options being sold (such as WD 'red' etc) for this, so I doubt very much if the HDD makers are willing to lose profit margins by making an HDD that allows you to configure key settings like retry time-out, etc, to help its RAID-using customers.

9
0

Unimpressed with Ubuntu 16.10? Yakkety Yak... don't talk back

Paul Crawford
Silver badge

Indeed, and you can disable such advertising feedback spying in Ubuntu without having to pay for the most expensive enterprise version of the software (unlike Windows 10).

14
2
Paul Crawford
Silver badge

For example, Software will now track and install non-GUI apps, libraries and fonts alongside your "regular" applications

What, you mean like Synaptic has done for all these years?

16
0

R2D2 delivery robots to scurry through the streets of San Francisco

Paul Crawford
Silver badge

Re: commas are the worst

Like the poor guy who got a packet of Viagra and misread "take 30 minutes before sex" as "take 30, minutes before sex".

11
0

Days are numbered for the Czech Republic

Paul Crawford
Silver badge

UK & Great Britain explained

Worth a look:

https://www.youtube.com/watch?v=rNu8XDBSn10

4
0

Jeremy Clarkson and Co. rise to top for Great British Bake Off replacements

Paul Crawford
Silver badge
Trollface

Re: I loved Top Gear

*cough* bit torrent *cough*

More so for stuff that is hardly worth paying for in the first place...

0
1

Half! a! billion! Yahoo! email! accounts! raided! by! 'state! hackers!'

Paul Crawford
Silver badge

Re: A bit elitist aren't you El Reg?

I also use Yahool with POP access, it is OK for spammy stuff but it suffers a lot more spam than gmail seems to with a significant upsurge in the last month or so. Maybe this explains a bit?

No phone number with mine, but every (rare) time I use the web login it pesters for one. However if signing up now they demand on.

Gmail didn’t demand one at sign-up but the fskers blocked POP access when I went abroad for a trip and pestered for a phone number to unlock it, which it was simply not worth giving. Returned to operating again when back home.

Both are out to whore you.

2
0

‘Penultimate’ BlackBerry seen on 'do not publish' page as fire sale begins

Paul Crawford
Silver badge

"1440x2560 Quad HD display"

Ah yes, now when can we have a reasonably priced laptop with similar resolution? You know in the £400-500 range.

2
0

Microsoft deletes Windows 10 nagware from Windows 7 and 8

Paul Crawford
Silver badge

Re: Too little, too late

"just for the fun of watching the Cryptolocker payload fall flat on its face trying to run on a Linux box"

I would not laugh too hard in case they go cross platform. In any case if you really treat security as a priority then all of you obvious user-writeable areas (such as /tmp, /var/tmp and /home) should be mounted with at least the 'noexec' option to help defeat users accidentally double-clicking on something malicious. For that and other tips you could do worse than checking this out:

https://www.cesg.gov.uk/guidance/end-user-devices-security-guidance-ubuntu-1404-lts

35
0

Zombie Moore's Law shows hardware is eating software

Paul Crawford
Silver badge

Re: You can already write code to design a chip

True, but then VHDL sucks donkey balls when it comes to ease of use, cost and helpfulness of tool chains, and generally getting stuff working quickly. Its a dense and very pedantic language originally build by US DoD committee to standardise the building of ASICs.

It might be great for those who spend a lot of time using it, and obviously it (along with others like Verilog and simpler ones like ABLE, etc) are based on parallelism which is natural to hardware but not to procedural languages, but it is so far from something that you could easily get casual interest students using.

4
3

Forums

Biting the hand that feeds IT © 1998–2017