* Posts by John Robson

2182 posts • joined 19 May 2008

New claim: D-Link router exposes unprotected config controls to web – DNS hijackers, ahoy!

John Robson Silver badge


But how often do you check?

I don't use an ISP supplied router - I use the BT modem and PPPoE from a linux box.

I appreciate that that isn't within most people's grasp, and assume that my WAPs are as bad as the routers, but at least they're not directly connected to the internet.

John Robson Silver badge

Re: Hardware vendors usually don't have the whole product in mind

Because OpenWRT is *so* expensive.

Frankly give a prototype of your router to the OpenWRT team and they'll port the code for you - then all you need to do is flash it and ship it, never need to think about upgrades again - which matches the amount of effort hey want to put in, and exceeds the effort they do put in...

Obama's budget packs HUGE tax breaks for poor widdle tech giants

John Robson Silver badge

Re: hmm

According to the US there is no sovereign, there are just (t)errorists and those who might be (t)errorists

Ugly, incomplete, buggy: Windows 10 faces a sprint to the finish

John Robson Silver badge

Re: If you aren't using search [..] you're doing it wrong

"I will forthwith scramble all my possessions in all my drawers and cupboards, put my DVDs in the garage and my tools in the bathroom and spend the rest of my life wasting hours finding back whatever it is I might need to something I might want to do."

If only we had something which could rapidly do the search for me, and get the relevant tool/dvd to me quickly.

In Win7 or OSx or Linux I press a specified key, then a couple of characters of the program I want. This has normally uniquely selected the program, so I can hit enter without ever moving my hands from the home keys.

That's generally significantly faster than trying to remember which sub menu I've stored something in, and select the menu, the sub menu and then the item - and losing my place on the keyboard...

A better analogy might be a DVD shelf where you start to speak the name of the film and you are given the DVD before you've finished the first word* of the title, or at worst a selection of two or three discs (normally a series no doubt).

* "The" doesn't count in the context of a film title

Supersonic Bloodhound car techies in screaming 650mph comms test

John Robson Silver badge

Re: Such fun, Such fun

He might be disposable, the car isn't.

Your gran and her cronies are 'embracing online banking' – study

John Robson Silver badge


First Direct (who are HSBC) are quite happy with Linux on the desktop...

What doesn't work on the HSBC site?

Boffin finds formula for four-year-five-nines disk arrays

John Robson Silver badge

Assuming no batch failure modes

Because that's a good assumption.

A decade ago I learnt to mix'n'match batches in RAID arrays, prefereably mix'n'match manufacturers...

Batch failures are common, even if not due to fault - as they all see the same lifecycle they all tend to fail together, or at least fail during the rebuild, when having been brought to within 1% of it's lifespan the disk is then thrashed for dozens of hours to get all the data read as fast as possible.

'One day, YOU won't be able to SENSE the INTERNET,' vows Schmidt

John Robson Silver badge

"with your permission and all of that"

Why doesn't this reassure me...

Snowden SLAMS iPhone, claims 'special software' tracks users

John Robson Silver badge

So outside Russia are we allowed to know about this law

or does the data have to remain in Russia?

It's 2015 and default creds can brick SOHO routers

John Robson Silver badge

Re: How nice

Don't use a SOHO router?

Modem into a linux box?

Of course my WAP is probably as bad as the routers anyway...

Microsoft wants LAMP for wireless mobe charger

John Robson Silver badge

powerline networking....

I think I'd rather just have a charging pad...

Not that a PV/capacitive/retina(burning) display wouldn't be a nice touch, I doubt it would really do all that much in our power hungry world.

'If you see a stylus, they BLEW it' – Steve Jobs. REMEMBER, Apple?

John Robson Silver badge


Handwriting recognition, and they didn't think to add at least a short biro to the bottom (even if behind a cap).

Which of UK's major ISPs will let you have exotic p0rn? NONE OF THEM

John Robson Silver badge

Re: Sweet...

And yet my NowTV box rarely buffers - and it's used heavily.

OK, no longer on Vermin Media, but that's not device specific..

Alabama tops US teacher-pupil sex league

John Robson Silver badge

Re: Accused or convicted?

Not according to the media...

And that's the "primary" source for this "res..., I'm sorry, I can't use that word. "article" (just about counts)

Dongle bingle makes two MEELLION cars open to exploit

John Robson Silver badge

Why does it even need CANbus access - would a simple GPS/accelerometer module not cover 99.9% of all requirements??

Citrix goes into the mouse business

John Robson Silver badge

"So you've got a tablet but you feel the need to add a keyboard and a pointing device - shouldn't you have just bought a laptop?"

No - I use the keyboard occasionally*, and the mouse even less frequently.

The excess mass and short battery life of a laptop, combined with the weaker screen and reduced connectivity mean that for the vast majority of the time it's not the right option for me. Particularly given the cost of the device, compared with that of a conventional laptop.

In the last 2-3 years of tablet usage I've used a mouse a few times (one Win95 era game played via DOSbox) and wanted for one exactly once, providing family support via teamviewer, and in that instance I could simply talk them around the screen - the video feed was far more important than the control aspect.

Outside of work I rarely use a PC any more, almost all of my personal server maintenance is command line based, and the tablet does that just fine. Frankly if it weren't for security restrictions at work I could do my day job (mostly SSH, scripting rather than coding, and web interface access to the software I support) on a tablet quite happily as well (probably more happily than the current PC based solution). I might want two actually, but that's just to replicate the multi display layout I have at the moment.

I can see that people who have Windows Servers to maintain would like to use a highly portable, long battery life, decent screen device to connect to them, and a mouse then becomes rather useful. Anything that allows niche functionality to be extended by the use of an appropriate accessory has to be a good thing.

I can also see that companies with thin client infrastructures would appreciate the flexibility allowed by having I/O devices for tablets. BYOD, connect to the citrix server and we retain control over the main work environment...

For the *vast* majority of users a PC is overkill nowadays - I've not looked at how well Microsoft support VBA macros between devices, but even that is a fairly small section of users - and it might be that all that is handled rather differently in the cloudy versions of office (maybe, no idea)

* Yes I know I had to have planned to use it, but even when I take the keyboard with me "on the off chance" I've not had to use it. The on screen keyboard works well enough for emergency fixes, the BT keyboard is more useful for extended sessions.

John Robson Silver badge


This is the one way that the mouse will come to the iPad, and it is useful.

I just hope that I can connect both a bluetooth keyboard and a mouse, preferably with an HDMI output as well (i.e. not monopolising the single connector that apple deign to allow - what is wrong with having multiple outputs on a device apple?)

Apple wants your fingerprints in the cloud

John Robson Silver badge

Re: False Sense of Security

"The sum (x + y - xy) is necessarily larger than the vulnerability of a password (y), say, the devices with Touch ID and other biometric sensors are even less secure than the devices protected only by a weak password."

Of course that only applies if the password is the same in both cases.

on an iDevice it becomes easy to say "have a more complex passcode", so have a non 4 digit passcode (so it doesn't even try to hit return for you when you have typed enough digits).

Now x' >>> x, so the comparison is between x and (x'+y -x'.y). I'd suggest that the difference is entirely dependant on y.

*yes* I know one could set the longer passcode even without the biometric, but there is some benefit in the convenience of using the biometric.

Security? Don't bother until it's needed says RFC

John Robson Silver badge

Good idea

Conditional on a couple of things:

- Some UI element which tells the user what level of security is being used

- Some mechanism to define a minimum allowed (still start low and work up, but don't connect if you can't pass some minimum threshold) [NB looks like this is included]

Particularly if I can tell my machine to always ask if a connection won't exceed "level 3"

iPhone addiction will RUIN YOUR LIFE – if only that were true

John Robson Silver badge

Is it just disturbance?

Did they try some people with other phones ringing?

Tesla S P85+: Smiling all the way to the next charging point

John Robson Silver badge

Re: Not bad but still no cigar, methinks!

"Mind you, I'll still need to hire an IC car for holidays - London to Skye or Berlin (600 miles) are both non-stop possible in the diesel Bravo."

You should probably be taking a break in that journey anyway - 10 hours non stop isn't good for concentration...

Antarctic boffins hope stratospheric gravity wave hunter returns to Earth

John Robson Silver badge


Presumably it will be reporting GPS on the way down, so getting reasonably close should be doable - to the extent that a small radio beacon could then be used to home in?

I know the antarctic isn't exactly known as a holiday destination due to potentially inclement weather, but I'd have thought we could get to a reasonably well known location within a week?!

Robox: How good could a sub-£1k 3D printer be?

John Robson Silver badge

I can't (yet) see a home use, but I have a couple of things I would do if there was one I could pay to use at the local library, or a local small shop...

Analysts claim itty bitty iPhone Mini to land next year

John Robson Silver badge

Re: Apple reassuringly never undersold

Apple don't do *the customer's* budget, they make sure theirs is healthy though...

Tesla parades sleek model body and fab batt at Roadster fans

John Robson Silver badge

Re: Perhaps

And you've tested the original roadster and found that it's range was lacking in what circumstance exactly?

245 is about the range you get - VERY cold (or VERY hot) weather will impact that, but hills are gravitational batteries, not perfect ones, but pretty good - they don't cost nearly what you think they will when you stop converting brake discs to dust on the descent and refill the tank instead. The battery conditioning systems are pretty sophisticated, and whilst they do draw power they improve the power efficiency of the battery pack by more than enough to compensate...

Euro SPACEMAN snaps incredible images of our Blue Planet

John Robson Silver badge

Re: Low Earth Orbit

The "traditional" road distance is 874 odd miles - it is only 603 in a straight line though...

ICANN HACKED: Intruders poke around global DNS innards

John Robson Silver badge

Still trust them more than any of the root CAs my browser has loaded...

Although it'll be interesting to know if this ends up in the mainstream press...

UK.gov STILL won't pop a cap on stolen mobile bills

John Robson Silver badge

My phone is stolen, I'll just call my provid... Oh.

Can I borrow a phone, find out the number for my providers call centre (normally quite hard) and phone them..

"what's your account number" 'don't know'

"phone number?" 'don't know'

"password?" 'never had to talk with you before'

Good thing no 'mate' could ever fake that phone call...

Hipsters snap up iPod Classics for $$$s after Apple kills rusty gadget

John Robson Silver badge

Re: Worst thing they did. I can't find any decent MP3 players with more than 64 Gb

Wasn't the original selling point that you could carry *all* of your music with you.

That's still a valid desire. Our classic tends to live by the hifi or kitchen radio, with all the CDs in the loft, but it comes out for gigs and any reasonably journey.

We can't really do that any more - is this because the new assumption is that we don't own music, but rent it over those ever present 6G mobile networks...

Virgin Media's ad fibs EXPOSED by bitter rival BT

John Robson Silver badge

I just got a letter from BT

Saying that I could move from TalkTalk (who I'm not with) only if I did it in the next n days (n may have been ~30, I wasn't paying much attention by this point) because of TalkTalk price rises.

Then two days later I got a letter from TalkTalk about their great new deals if I moved from BT (with whom I don't have a contract, although my provider does)

So apparently I can save hundreds of pounds I don't currently spend, by switching in either direction between two companies with whom I don't have a commercial relationship...

Euro spacemen clear Ariane 6 for liftoff

John Robson Silver badge

Re: Doh!

Seen the "thing to help people escape really fast..."


Rockets are above the payload...

Orion: To Mars, the Moon and beyond... but first, a test flight through Van Allen belt

John Robson Silver badge

Re: Why a heat shield?

'cos you hit the atmosphere at 25 thousand miles an hour.

That's VERY fast

You need a heat shield since the amount of energy you are losing (from the Kinetic form) is massive, and guess how it all ends up (hint. heat)

If you don't have a heat shield (well, look at STS-107) then the vehicle disintegrates, because any "non specialist" material is liquid, and liquids aren't known for their great structural strength.

LA schools math quiz: $500 Chromebooks or $700 iPads for students?

John Robson Silver badge

Re: Raspberry Pi

"It was always that the first thing craftsmen made was their tools..."

Ah, but what tools does a tradesman-to-be use to make their tools?

They do so in their apprenticeship, using their mentor's tools...

John Robson Silver badge

Re: Raspberry Pi

Because I need to carry a screen between my home (which has a couple of screens, not all of which are HDMI, all of which are PI compatible) and school (where the desks have the same)

ESD is so hard to solve with a cheap case

Fragile is so hard to solve with a cheap case

Sony cuff-puter to do one thing smartwatches can't: Give you DAYS of hot wrist action

John Robson Silver badge

Re: Pebble?

"If it is paired to a smartphone there is no need for compute power in the first place. This is the most ridiculous part about the current smartwatch generation. You already have a 4 core monster sitting somewhere nearby so why the hell are you sticking half a gig of RAM and 600MHz CPU as well as all radios known to man into a wrist device? WTF?"

Depends if you consider a device or an accessory.

SanDisk vows: We'll have a 16TB SSD WHOPPER by 2016

John Robson Silver badge

Re: Never mind the enterprise...

I have my backup in two places.

One is on the shiny discs that I purchase films on, and the other (somewhat quicker to recover from) is on BitTorrent.

For self generated content I'll happily back up every 4GB or so onto a DVD, that's what the DVD robot* is for. Then I have a pile of shiny, but very low cost, backup discs (and a robot to help load them back onto the next generation of storage if needed) as well as high speed access to those holiday snaps. At least the TV works better than a dusty slide projector ;)

Frankly the power savings over enough spinning rust to store 16TB of mostly static data should pay for the drive in relatively short order...That's what Facetwit et al. are looking for after all.

* OK the robot is cool, I got it cast off from the office when it got replaced. It was then used at a church until they stopped producing CDs and went to MP3. Very nice piece of kit, massively excessive for a house, but it would make the recovery phase easier.

We have a winner! Fresh Linux Mint 17.1 – hands down the best

John Robson Silver badge


I'm another XFCE user, I don't want menu bars all over the place, I slightly begrudge the panel it's real estate, but can't quite bring myself to run ion3 again (if I was back doing full time development then I would, but not my current operational role).

I did find xnest to be a good option in ion3 for while - run a full tech tiling workspace, and have one of the tiles (normally a large proportion of one screen) contain a "normal" windowing system.

You'll go APE for our new Gorilla Glass 4, Corning reckons

John Robson Silver badge

time warp...

20 minute ad in 10 minutes...

Ofcom snatches 700MHz off digital telly, hands it to mobile data providers

John Robson Silver badge

PMSE shifting again?

Bloody hell, not everyone wants to replace their hardware every time ofcom has another 'bright' idea...

Some of us have to make this stuff last decades - the paltry "if you bought it in the last 3 years" payment doesn't really help people who male stuff last. The theatre I work with depreciate theae things over 5-10 years...

Mozilla, EFF, Cisco back free-as-in-FREE-BEER SSL cert authority

John Robson Silver badge

Re: Sideload the certs already...

At the moment we are mostly forced to explicitly trust (goes to count on this system)...

Heck 21 certs from 10 organisations that start with the letter A alone, about 100 organisations in total (so about 200 certs, although I did notice that a handful of certs were labelled untrusted).

ANY one of those could be betrayed/hacked and I'm screwed, until ${authority} admits it, ${browser} gets updated by ${company} and I get the opportunity to upgrade.

If the DNS root trust is broken then it would need to be reestablished, but DMV servers already exist for that purpose already, whenever that chain of trust is broken (generally because of a middle level domain not supporting DNSSEC nowadays).

I also suspect that it would make the news, globally. Not just a "some Iranian cert authority is suspected to be hacked" item tacked onto a slow news day in southern Spain.

The people who run the root DNS servers have proved themselves capable of keeping such systems alive and (afaict) secure - I certainly trust them more than I trust some random ${geographical/political} authority I've never heard of.

Add a couple of DMV services (which you can use *if* you trust that organisation) and you're away. I'd suggest that each browser company might want to run their own DMV, after all you already implicitly trust them directly, so for the average user it's probably a good compromise to have that installed and ready to go if/when the root anchor is broken...

John Robson Silver badge

Sideload the certs already...

DNSSEC and then the cert can sit in a defined DNS txt record.

Single point of trust (DNS root, and those guys have proved themselves worthy of trust in the past) allows anyone to provide their own certs, no problem.

There is no need to have yet another set of trusted keys automatically loaded to every computer from here to kingdom come... ready to be abused by whichever state/company can crack the lowest security one around.

You know those WEIRD glass sheds in New York? They'll be replaced with Gbps WiFi

John Robson Silver badge

Don't trust USB

Whyever not...

I just use my USB cable which comes without the data pins connected.

NHS: Go digital or you won't get paid, warns Kelsey

John Robson Silver badge

I appreciate the paper based charts and notes at hospital, they have a tendency to carry on working in all sorts of situations....


John Robson Silver badge

More remarkable?

You can't get much more remarkable - although the failure of the harpoons AND thruster may have cancelled each other out somewhat

Philae comet probe got down without harpoons

John Robson Silver badge

Re: Good luck, at the end of the day

At least the recoil didn't take it away from the comet!

Annus HORRIBILIS for TLS! ALL the bigguns now officially pwned in 2014

John Robson Silver badge

SSL is ok...

But as ever implementation is hard.

Ir ecall being told that I should avoid writing code as cleverly as I could, because bugs are always subtler than the code around them.

With really smart people working on this stuff I imagine some of the bugs are *really* subtle, and massively bad.

EU Ryanair 'screen-scraping' case could affect biz models

John Robson Silver badge

Click through

Or just small print with a link off to other T&C's somewhere

What happened to limitations on click through T&C's - is it possible to access the information without passing through the T&C's?

Facebook: Over half a BEELLION loyalists have SPURNED our Messenger app

John Robson Silver badge

Re: Facebook's app isn't really mandatory

XMPP is certainly the way forward on a PC, but the floating heads do have some advantages on a proddable device.

I just need an XMPP proxy somewhere, so that I can get store and forward delivery to my XMPP clients, since they don't "catch up" when they reconnect.

Forget 5G, UK.gov is making 2G fit for the 21st century!

John Robson Silver badge

"Do you want decent mobile coverage or do you want a village untainted by modern transmission equipment? Pick one of two."

Because we couldn't put one up that looked like a telephone pole, or used a street lamp, and looked like a rock.


There are some really good ways to make these things non intrusive.

Poll: Yes, yes, texting while driving is bad but *ping* OH! Hey, GRAB THE WHEEL, will ya?

John Robson Silver badge

Re: Dopamine.

Yes - we should remove their license to drive, and they should go to rehab.

Biting the hand that feeds IT © 1998–2019