* Posts by Gerhard Mack

417 posts • joined 4 Apr 2007


Bloke thrown in the cooler for eight years after 3D-printing gun to dodge weapon ban

Gerhard Mack

Re: But Background Checks Don't Work!

What crimes should she be charged with?

Oh Snapd! Gimme-root-now security bug lets miscreants sock it to your Ubuntu boxes

Gerhard Mack

Re: snapd and systemd

"I just had the displeasure of making a .service and .timer instead of a nice cron script to run a little python thingy, what a f_ckup the insidious systemd is."

What could you have possibly been doing where the cron script wasn't an option? I still create them all of the time regardless of whether the OS install has systemd or not.

Oregon can't stop people from calling themselves engineers, judge rules in Traffic-Light-Math-Gate

Gerhard Mack

Re: A lot of snobs in here today.

"Also, train drivers don't do the maintenance on the engines they drive (and probably never have done)."

When trains ran on steam, if they didn't run the boiler properly they could explode and kill people. The Engineer title is a throwback to the days when the day to day running of the train was a lot more complicated.

Error pop-up? Don't worry, let's just get this migration done... BTW it's my day off tomorrow

Gerhard Mack

Re: took the day off

The maintainers for the date function etc hacked in some weird Y2K compliance by allowing the 2 digit field to overflow to 3 digits. It makes for some amusing output, but it mostly worked.

Linux.org domain hacked, plastered with trolling, filth and anti-transgender vandalism

Gerhard Mack

The real lesson is never use NetSol

Seriously, WHY would anyone still have their stuff there? NetSol is notoriously easy to steal domains from and NetSol have argued in court that they have no responsibility for fixing the results of their own mistakes.

Sysadmin’s plan to manage system config changes backfires spectacularly

Gerhard Mack

Re: Automation does have its place

"I currently administer a small compute server used for teaching and research, and I have never been able to replicate these kinds of errors when using "adduser" to create new accounts."

Adduser is designed to be easy to use, on the other hand, useradd has a ton of fun ways to let you screw things up.

Deck the halls with ... oh, no. DXC tells staff they may not have a job in the New Year

Gerhard Mack

I just interviewed there

2 weeks after I interviewed, the first round of layoffs were announced. And now this is the second round of redundancies I've heard from them since then. I don't think I've ever been so happy to not get a call back after an interview.

Smartphone industry is in 'recession'! Could it be possible we have *gasp* reached 'peak tech'?

Gerhard Mack

Re: Market saturated, no new must-have function, and prices are crazy

"How do you continue to use the phone when the battery is gone? Hold the wireless charger to your head?"

In many cases, you have both wired and non wired options so if you still need to use your phone, you can plug it in. In my case however, it's not often I'm charging my phone when using it (once every other month maybe) and most of the wear happens when I plug my phone in at night and unplug in the morning and plug it in at work again and unplug before I go home so I can eliminate the vast majority of the wear and tear by switching to wireless charging.

Gerhard Mack

Re: Market saturated, no new must-have function, and prices are crazy

Don't knock wireless charging. The only reason I'm considering a new phone right now is that the USB port has worn out after several years of constant abuse. Even if I have to be careful about what chargers I get, at least I could have a charger at home and at work with the result being that my next phone lasts several years longer than my current one.

Pirate radio = drug dealing and municipal broadband is anti-competitive censorship

Gerhard Mack

Re: The true face of democracy....

Lobbyists as an idea are good. It can be helpful to be able to hire someone who knows exactly who to talk to to get things done or know how to advocate a position.

The problem in the US is that they are able to provide campaign contributions or arrange payments for giving speeches. Any civilized country would consider that illegal since it's outright bribery.

Gerhard Mack

"Yeah, that's a familiar idea, and I seem to recall it was killed in the USA by the oligopolies more than decade ago."

It was killed because it didn't work well for internet access. I ran into the same issue here in Canada where I got a job implementing ADSL2+ over rented copper. What ended up happening, was that the telco only had to rent us space in the CO and there were no (nor could there be) regulations allowing access to the "remote co" (FFTN). The result was that Bell Canda was more often than no, able to offer double what we could.

I'm 80% sure that's why the telcos up here don't want to offer FFTH, because then they would have to offer the fibre itself up for rental the way they do for copper and suddenly the other ISPs would be able to compete.

Shingled-minded Western Digital insists its latest hard drive sets disk capacity record

Gerhard Mack

"WHY the heck would I get this when Samsung and others are offering 60 Terabyte SSD Drives (YES! SIXTY TERABYTES!) on ultra fast way-beyond-spinning-disk transfer speeds."

For the same reason I prevented my previous employer from storing backups on their brand new FCAL SAN: Cost where it doesn't need to be spent ($30/TB CAD at the time vs $1000/TB) These things are cheap, and throwing a bunch of them in a NAS is still cheap and perfectly good for data that does not need to be accessed often.

Gerhard Mack

Re: Reliability

"'I'd hope that a 15TB archive drive would be at least as fast."

You haven't been paying attention then, SMR drives sacrifice write speed to gain the extra capacity.

Web browsers sharpen knives for TLS 1.0, 1.1, tell protocols to dig their own graves for 2019

Gerhard Mack

Re: Web browsers are not the problem

We kept a VM with an old version of Windows just for internal management stuff. I mean, even some of the most recent (and expensive) purchases (I mean YOU Broadcom) don't handle modern browsers very well. Some of our 2017 purchases still required a working Java plugin with no web start option.

Microsoft's Jet crash: Zero-day flaw drops after deadline passes

Gerhard Mack

180 days ?

It's fun to see Microsoft revert back to it's old, insecure ways.

Judge: Georgia's e-vote machines are awful – but go ahead and use them

Gerhard Mack

You have equipment that unvetted people by law can't be supervised while using. All it would take is one person to plug in something extra and your private network suddenly isn't private anymore.

Trump shouldn't criticise the news media, says Amazon's Jeff Bezos

Gerhard Mack

Re: Poor Jeff is so right, nobody takes his leftist hate pamflet seriously anymore

I'm not even going to get into how stupid it is to take Breitbart's word on a Washington Post article says. Breitbart is deliberately over the top with it's "news pieces."

"They've been filtering out all of the good things he's done (economy, trade, N. Korea, etc.) "

What good things?

Economy: He inherited an economy on the way up (I'm not going to give the previous president credit for something he didn't control either) and juiced things along with debt fueled tax cuts.

Trade: Hes made some tweaks and is currently crying about how big bad Canada, who the US has a trade surplus with, is not being fair by protecting their dairy industry from American subsidized farms who sell their product below cost. He still can't get his head around the fact that services matter as much as goods when it comes to trade.

North Korea: He started a shouting match that seems to have only ended because the North Koreans managed to damage their nuclear nesting facility to the point where China has warmed them of dire consequences if the facility blows up and spreads radiation into China. For all of the nice talk, they are still upgrading their nuclear facilities and have shown no tangible sign that they will change their ways.

HTTPS crypto-shame: TV Licensing website pulled offline

Gerhard Mack

They don't care

They obviously don't care so the only things that will change their mind will be:

1. a fine.

2. a lawsuit

3. public humiliation.

If you want to solve the problem, find out which of those levers you can pull.

Huawei elbows aside Apple to claim number-two phone maker spot

Gerhard Mack

Re: There's noticeable value ... upgrading from a $200 or $300 smartphone

"Like cable TV, it's all about the bundles. You want microSD, headphone jack, and a lot of LTE bands so the phone works in urban US, rural US, and Japan. $400 in other features come along for the ride."

You have really not been paying attention to what's been going on with the non brand name phones. I just did a quick check on Amazon and right smack in the middle of your price range (in CAD no less) is the Xiaomi MI A1 which has dual cameras, dual band Wifi, dual SIM, multband 3G/4G, headphone jack and a microSD slot.

Experimental 'insult bot' gets out of hand during unsupervised weekend

Gerhard Mack

Re: Costly? No...

I had some lab admins in high school play the kill the other admin game where they would both log in to the Novel server and kill the other guy. Unfortunately, one day they rushed in, sat down and managed to send the kill command with exactly the wrong timing and caused a deadlock. Both PCs were useless until the Novel server was rebooted.

IPv6: It's only NAT-ural that network nerds are dragging their feet...

Gerhard Mack

Re: It's hideous for home users to set up on routers.

You are correct, RADVD does not support static IPs, however, you can set your IPv6 address directly on the endpoint as a static address the same way you would for IPv4.

Gerhard Mack

Re: Second class netizen

"And therein lies the problem. It appears that the engineers were not consulted and the IPv6 protocol was designed to be incompatible with IPv4 - not a good idea."

Are you honestly saying that when AT&T, Microsoft, DEC, Cisco and NTT all participated in the working group that helped decide on IPv6, they didn't send engineers?

Gerhard Mack

Re: It's hideous for home users to set up on routers.

The first question you would need to ask your ISP is if the IPv6 prefix is static. After that, you can actually just assign the IP either on the router if you are using DHCPv6 or on the client machine if not. Static IPs are done the same way as IPv4, it's only the dynamically assigned addresses that are optionally different (Router Advertisement vs DHCPv6)

Gerhard Mack

Re: Mobile devices / 4G networks

"Is that likely to be significantly different from having to check 128 bits for an address instead of 32?"

64 continuous bits for actual routing. In practice, IPv6 is sometimes faster than IPv4. Think of it from a CPU perspective: You are taking action based on a header flag (if x ,read y memory space), slowing down the CPU's ability to process the packet. That's not going to be as big of a deal on endpoints, but on core ISP routers, the timing difference would be noticeable.

Gerhard Mack

Re: Obvious need for..

"There are plenty of ways to kluge a protocol so that old systems think it means one thing, and new systems can find the extra info and do something else with it. Phone companies have been doing it for years."

Not the best example. Phone numbers are really just the equivalent of DNS at this point. And thanks to the fact that there is no central authority, the the phone companies ended up with a completely insecure setup that has allowed attackers to reroute calls and SMS. The vulnerabilities are well known and have been used in the past to intercept bank's 2 factor authentication SMS and break into people's accounts. Also, people would be royally pissed if it took as long to connect to a website as it does to establish a phone call.

Also, the rest of your argument is nonsensical. You can't route packets with extended features without upgrading the core routers that would need to route based on those very extended headers.

Gerhard Mack

Re: Mobile devices / 4G networks

"In retrospect, it would've been better to just cram the additional adress space somewhere in some(rarely) used IPv4 field or something (with an prepend part and append part), so IPv4 carrier routers could just route it. Then support between the client and endpoint router would be sufficient to bring advantages. Then later, the prepended adress space could be used by the carriers when they're ready."

And you are left with something that routes far slower than IPv4 since every router on the internet would need to have to check a flag followed by the prefix, and then the prefix and would still have all of the same compatibility issues of IPv6. In short: All of the disadvantages of IPv6 with none of the advantages.

Gerhard Mack

Re: Big deal, huh

"It does not seem rocket science for a v6 configured NIC to run a parallel v4 emulator and direct traffic internally to the appropriate process. "

We have that now, it's called dual stack and it's pretty much the default. Very few devices are IPv6 only for the time being and that's unlikely to change until IPv6 is supported by a strong majority of endpoints.

Cheap NAND nasty: Flooding market with chips threatens prices

Gerhard Mack

I'm not American so the less you guys buy, the more of a market glut there is for the rest of us.

'Fibre broadband' should mean glass wires poking into your router, reckons Brit survey

Gerhard Mack

Same in Canada

Here we have "Bell Fibe" which usually means fiber to somewhere and could mean 25 mbps max.

Oracle wants to improve Linux load balancing and failover

Gerhard Mack

Re: Stop fiddling with other peoples stuff

I'm not talking bad performance, I'm talking about crashes involving data loss.

Gerhard Mack

Re: Stop fiddling with other peoples stuff

They never consider or test anyone else' scenario. I ran into that the hard way with OCFS. It was designed and tested for DB workloads but freakishly unstable for anything else.

Oracle? A strategic priority for CIOs? Nope, says Goldman Sachs

Gerhard Mack

No one in their right mind starts a project with Oracle.

This isn't about the technologies themselves it's that Oracle are a pain to deal with. They constantly hit people for as much as possible. At an old job, we had an oracle blade system that had a dead blade. They wanted 60k for a new blade, and we would have to renew our support contract first (cost plus penalties) before they would sell it to us.

Another place I heard about, they hit a company for $800k to bring them back into compliance and then wondered why the company didn't want to buy more licenses after that for new projects.

I had to spec out a server not long ago and our sales rep wondered why I specced the machine with fast drives, tons of ram, fast CPU but only 12 cores. "Oracle licensing" It was easier to make a fast machine and go bare metal than deal with the quirks of their licensing system re Hyper-threading (it's a considerable speedup on Oracle) than to worry that I set up the VM system the wrong way and would be out of compliance.

Their attitude in recent years means their stuff ends up mainly being used in places where they can't easily be phased out but never for anything new.

Google Chrome update to label HTTP-only sites insecure within WEEKS

Gerhard Mack

So dump them

No need to put up with bad service. Many hosting providers will give you an SSL cert for free.

Sysadmin shut down server, it went ‘Clunk!’ but the app kept running

Gerhard Mack

Re: Halted machine on other side of the planet

"Some 25 years ago: a small amount of inattention and it was a machine in California, not the machine in Blighty that I powered down."

I've done this often enough that molly-guard is a standard package that gets installed on all servers that I maintain. It helpfully requires that you confirm a shutdown or reboot by typing the hostname of the machine in question.

Computer Misuse Act charge against British judge thrown out

Gerhard Mack

Re: Black and white or various shades of grey?

That is a really dangerous definition since it can be overly broad. Now imagine you view some website via deep link from google but it was unintentionally posted and you were not authorized to access that data. According to your definition, you should be charged. Your definition would be similar to charging someone with burglary because they read the wrong file in a cabinet they had keys to.

A better way to think of it would be if she had to guess a password or borrow someone else' access to get that info. She didn't do that, she simply used the login she used as a part of her job to browse data the system saw no problem in giving her.

If she should not have accessed the data the system was fine with giving her then that is an administrative problem between her and her employer, or a breach of some other regulation since she never misused the computer.

Smart bulbs turn dumb: Lights out for Philips as Hue API goes dark

Gerhard Mack

You can change the colour as well. My flatmate loaned me a pair of bulbs that I have set to mimic a sunrise in the morning. I find it much better than an audible alarm for waking up in the morning.

Adobe acquires Magento to go B2B2C and beyond

Gerhard Mack

Re: Adobe and eCommerce...

Magento is some of the most bloated memory hungry software I've ever seen. They should fit right in at Adobe.

OK, this time it's for real: The last available IPv4 address block has gone

Gerhard Mack

Re: Its the business case, stupid.

It is less work than going CG-NAT. For customers, it makes no difference. That's the beauty of dual stack. I have a techie friend whose ISP switched to IPv6 and he didn't notice until I pointed it out. ISP updated the router firmware, assigned a IPv6 IPs, and his computers picked them up and started dual stacking.

Chrome 66: Get into the bin, auto-playing vids and Symantec certs!

Gerhard Mack

Re: Security Certificates

"Not if you have any kind of certificate pinning. Welcome to several years ago."

Certificate pining has turned out to be an unmaintainable mess and was deprecated in Chrome last year.

Windows Admin Center: Vulture gets claws on browser-based server admin

Gerhard Mack

Re: DC

It all sounds like a way for MS to sell more licenses.

Fresh docs detail 10-year link between Geek Squad informers and Feds

Gerhard Mack

Re: Wouldn't he have some pictures?

"(RE: the "empty recycle bin" thing - surely that removes the files from window's inodes? So the data is still there but it doesn't show in directories? Or does "unallocated" refer to a partition that was deleted or something?)"

You are correct. It very much sounds like they ran a raw scan on the drive for anything that looks like image data and found something that had been deleted but not overwritten by another file yet.

Gerhard Mack

Re: Wouldn't he have some pictures?

"It's very non-specific, like did they find one weird picture, search and happen to find *actual* child porn or was it just stuff about undescended testicles and such?"

If you think a gynecologist needs pictures of undescended testicles you may need to go back through your biology notes.

Reg man wraps head in 49-inch curved monitor

Gerhard Mack

Re: Hand it back?

"the implication being that they were simply more fashionable for being a "tech" company, even though his company actually operates in exactly the same way, in similar locations and has a longer, better track record of profitability."

They are more fashionable because that's what they put effort into. The "Micro ground" coffee, the fruity water that it takes the girl 15 minutes to prepare because the fruit has to be artistically arranged in the sides and held in place with ice before the water gets added, the art in the common areas, the social events etc.

This is literally the most hipster place I've ever been. The valuation is high for the same reason Apple's is: People like the whole experience.

Gerhard Mack

Re: Hand it back?

"I don't know how serviced offices like WeWork, erm, work. I presumed they mostly provided a desk, power, toilets, heat, networking."

My employer has had me in a temp office at WeWork for the past couple weeks so I can tell you they do offer lockable offices that you can rent by the month since I'm in one. Also, the included items are: desk, power, toilets, heat, networking (speedtest.net says 780 MBPs here in Montreal), mouthwash, fruity water with the fruits arranged artistically, tea, "microground coffee", and a beer tap loaded craft beer that gets unlocked at 11 am every weekday.

Microsoft ends notifications for Win-Phone 7.5 and 8.0

Gerhard Mack

The sheer arrogance from Microsoft and the FUD campaign didn't help. If Microsoft had taken a less antagonistic approach, not declared the death of the iPhone and not tried to brand Android an unsafe virus ridden mess, I don't think most of us would have been so hostile.

Yes, Assange, we'll still nick you for skipping bail, rules court

Gerhard Mack

A better link is this one: http://www.government.se/government-of-sweden/ministry-of-justice/international-judicial-co-operation/questions-and-answers-about-extradition-from-sweden/

It clearly states:

"If the person has been surrendered from another EU country to Sweden under a European arrest warrant, Sweden must obtain the consent of that country to be able to extradite the person to a country outside the EU."

Gerhard Mack

"I agree that she said that but it is patently nonsense. If he were to hand himself in and serve out a sentence for skipping bail, and was then extradited to Sweden, the UK authorities would have no further control whatsoever: he wouldn't be on UK territory and he is not a UK citizen. The idea that the UK would be consulted and asked to approve any subsequent extradition request made to Sweden by the US is nonsense."

That is not how extradition works in the EU. If a person is extradited from one EU country to another, the first country must agree before the person can be sent elsewhere. To happen the way you describe, he would have to serve out his sentence in Sweden, return to the UK then return to Sweden again on his own free will.

Gerhard Mack

"You are right: her business is Law. And her response to Assange's argument that if he were sent to Sweden he would be subject to the risk of extradition etc was to fob him off with "the US have done nothing so far". That's not a proper response, in law or otherwise.

If the court's view is they don't care about what might happen in the future then she should say so. My complaint is with her sidestepping the question. That's for politicians not judges."

You have somehow missed the rest of what she said. The point was also that if he were sent to Sweden and the Americans requested his extradition, the UK would have to agree to it before it could happen.

Hitchcock cameo steals opening of Oracle v Google Java spat

Gerhard Mack

Re: Well, it's clear infringement

"Compaq beat IBM by rolling their own BIOS through Clean-Room Engineering."

While keeping complete compatibility with the API. Now imagine where we would be if the API itself had been copywriteable.

Gerhard Mack

Re: Well, it's clear infringement

If that logic had been in place decades ago there would never been a clone of the API provided by IBM's PC BIOS so no PC clones. There would have been no MSDOS (CP/M) clone, no Linux or BSD (used AT&T's API) and no SQL servers.

Oracle is aiming a giant cannon at it's own foot with this argument and if they win, they will also lose more than they gained and damage the entire foundation the software industry has been built on until now.


Biting the hand that feeds IT © 1998–2019