* Posts by Mike Pellatt

376 posts • joined 17 Apr 2007

Page:

Expired cert... Really? #O2down meltdown shows we should fear bungles and bugs more than hackers

Mike Pellatt

Re: -->Please don't. You're only encouraging that Fry chap.

Fry just thinks he's very clever.

There, FTFY.

It's nearly 2019, and your network can get pwned through an oscilloscope

Mike Pellatt

They point the train in the right direction ??? <shrug>

I'm really, really, really not going to get into a debate over the two versions of English.

It is what it is. Neither is right. Neither is wrong.

They're valves to me, and I'm quite happy with them being tubes to you.

Courgettes to me, zuchini to you.

Aubergine to me, eggplant to you.

etc. etc. etc.

Mike Pellatt

Silicon semiconductors in your oscilloscope ????

Pah. Young whipper-snapper. My first one was a Heathkit, with real valves ("tubes" to our transatlantic brethren). Xmas pressie from my parents.

They were both down with the 'flu that Christmas, so I had it built and running by Christmas Night :-) (This is why I remember it so well...) (And yes, I was an only child and no-one else from the family was over that day....)

Surprisingly, it didn't have a network port either.

I wonder if anyone's tried to pwn netiwork analysers ?? That would be even more fun...

Germany pushes router security rules, OpenWRT and CCC push back

Mike Pellatt

Re: Routers are not firewalls

Nope, routers are indeed not firewalls.

But NAT has persuaded far too many people that they are.

(I remember NAT capability being introduced into the Linux IPv4 code. Just as I needed it to solve an issue a customer at the time had)

Mike Pellatt

Re: I've been down the route of converting routers to paperweights with OpenWRT...

I see why you got downvoted - I've never bricked a router with OpenWRT (tho I have with DDwrt...). But otherwise, you've got The Right Setup, as it's what I use too.

Firstly, because I used to be on VM and, as another commentard said, the SuperDuperShittyPumaPoweredHub 3000 is, well, a PoS, so it went straight into modem mode with (then) PFSense behind it.

Fast forward a couple of years and I found myself at the end of a 3.5-4Km run of copper. Dug out a Vigor 120 left over from a previous customer. Not bad. Then it got fried by lightning a hundred metres or so away. Dug out a 110 I also seemed to have. Then discovered I could easily tweak the SNR margin with a 130, so that's what I have now. It's sweet. What would Sir prefer ?? Fast connection that drops when there's ring current or a slower connection (still around 2Mbps) that hangs on for grim death through whatever ringing, rain in the DPs, picking up all sorts of RF at night, etc., can throw at it. Oh, and updated to OPNSense a few months ago when I finally decided PFSense was getting far, far too proprietary.

Unless the downvoters are Linux-loving BSD haters.

Mike Pellatt

Re: Giving the vendors a choice will give the users a choice

If you really want control of your router then buy a Mikrotik and learn how to configure it.

Because RouterOS is open source and gives you full control and ownership of your device.

Oh, hang on.

Solid state of fear: Euro boffins bust open SSD, Bitlocker encryption (it's really, really dumb)

Mike Pellatt

Re: Dumb execution to be sure, but:

Not when it comes to encrypted data-at-rest, no.

Woman who hooked up with over 15 spectres has found her forever phantom after whirlwind romance and plane sex

Mike Pellatt

Re: “A trip to Wookey Hole“

And for some bizarre reason, advertised on the A303, which at its nearest point is some 20 miles away.

If you have inner peace, it's probably 'cos your broadband works: Zen Internet least whinged-about Brit ISP – survey

Mike Pellatt

Re: From A&A to Z?

Or no mention of equally-equally good IDnet. My only downer on A&A is their cost of traffic, but I fully understand their business model and why they do it.

Bizarrely, a recent survey by Not Connecting Devon & Somerset At All had A&A in the ISP list but not IDnet.

Pirate radio = drug dealing and municipal broadband is anti-competitive censorship

Mike Pellatt

Re: America

I was looking for the famous Gotts assault case, where a member of the Jackie crew was assaulted by a Post Office employee (in those days it was the GPO who issued and enforced radio licenses) and found it here

Ah, them were the days.....

Mike Pellatt

Re: America

In reality, all this pirate radio guff is the USA copying what we came up with over Pirate Radio in the 60's and 70's - see Marine Offences Act. All the same arguments (although it was more propping up the BBC back then, which was being far too Reithian in overwhleming circumstances).

And for land-based pirates, see the history of Radio Jackie, who had the last laugh and are now one of the few "independent" stations not part of the Global network.

Mike Pellatt

Re: Slippery slope; And not the fun kind

Liberty vs. Authoritarianism is a completely orthogonal axis to political (really economic) left-right.

So, so true. My epiphany moment was finding this well over a decade ago.

Try as I might when answering the questions, I can't drag myself out of the bottom left-hand corner :-)

Scary to realise I'm more way-out than the greens .

Yale Security Fail: 'Unexpected load' caused systems to crash, whacked our Smart Living Home app

Mike Pellatt

I admit to having a few rooms wired up with smart lights and Nest, but I made sure I still have an actual light switch on the wall as well as a thermostat!

Abso-fucking-lutely. All my Fibaro dimmers are wired up to real switches as well. As making the summerhouse watertight, the garden looking decent, replacing safety-critical stuff (like the power socket wired with 1mm cable...) is more critical than whizzy smarthome stuff, getting all the Z-Wave stuff working to OpenHAB is a back-burner job.

I do have buyers' regret over the Honeywell EvoHome, because of its reliance on Honeywell servers for the smarts and their non-publication of the API, but then that was bought when we were planning to holiday let the place.....

Which? That smart home camera? The one with the vulns? Really?

Mike Pellatt

That was a real lol moment

The Consumers' Association magazine has worked hard to build trust in its consumer-focused product reviews.

The Consumers' Association magazine has worked hard to market itself in the same way as Readers' Digest, Automobile Association (in their heyday) and all the other outfits whose main route-to-market is direct mail. The quality of their product is concomitant with that approach.

FTFY.

A so-called consumer champion selling its product via a "free trial" and reliance on inertia not to cancel is seriously unethical.

Why are sat-nav walking directions always so hopeless?

Mike Pellatt

Re: As you might expect...

Earl or lady grey singles them out as anglophiles ?? WTF ??

Those are PonceyTeas, incapable of producing Proper Builders Tea. And they taste all, well, flowery.

Attempt to clean up tech area has shocking effect on kit

Mike Pellatt

Re: It's not always the cleaners

Oh, and of course didn't seem them quickly enough because his peripheral vision was restricted by the hard-hat straps.

Mike Pellatt

Re: It's not always the cleaners

"Every Health and Safety rule is the result of at 3 occurrences"

Ok, now explain why a surveyor working in the middle of a field has to wear a hard hat, hi-vis vest and steel toe boots.

Because there haven't been 3 occurences of surveyors working in fields being trampled by cows becuase they were attracted by the hi-vis and the surveyor couldn't run away fast enough because of the workboots. Next.

Scrapping UK visa cap on nurses, doctors opened Britain's doors to IT workers

Mike Pellatt

Re: our NHS will be short staffed

No, I think physiology was entirely correct.....

Compare average UK BMI with that of the USA :-) (although I will concede that they do appear to be converging)

UK.gov isn't ready for no-deal Brexit – and 'secrecy' means businesses won't be either

Mike Pellatt

Re: Y2K all over again

More like a slow motion car crash.

I'm not so sure. Quite how all those JIT supply chains will work with just an extra 3 minutes per lorry at the border is far from obvious. The car crash could well be quite quick.

Guess who just bought Maplin? Dragons' Den celebrity biz guy Peter Jones

Mike Pellatt

Amazon Prime Now will deliver anything from a UPS to a PSU in a matter of hours.

If you life or work in <BigCityWhoseNameBeginsL>, yes (OK, I work there some of the time). Out in the beautiful East Devon Area of Outstanding Natural Beauty, it works like this.

For starters, it's next day, not same day. Then....

Courier can't find you. Goes back to base. Tries again next day and this time is actually arsed to call you. So you give directions. Which you would have done in the first place if Amazon actually gave you a free text box against your account for delivery instructions, rather than 6 characters for a safebox code. Yes, I have suggested this a million times to customer disservice. So he finds you. Makes a note of directions. The next 4 or 5 Prime orders arrive smoothly.

That or the package just goes back to the sender. Calling Customer disservice makes no difference. Except for another months' free Prime.

Then Amazon changes the courier company they use for Prime. Rinse and repeat.

Note that they deliver to East Devon some of the time from a "local depot" in Bristol. Not Exeter. No, Bristol. Madness.

Card-stealing code that pwned British Airways, Ticketmaster pops up on more sites via hacked JS

Mike Pellatt
Thumb Up

Great pic, guys

Gotta absolutely love the whack-a-mole picture.

Sums up the "serving content from servers you have no control over" problem perfectly

You know all those movies you bought from Apple? Um, well, think different: You didn't

Mike Pellatt

Re: Yet another Apple "problem" click-bait article

You seem to forget the history of "purchase" of "digital content" (it was, of course, digital when "purchased" on CD, DVD, etc., but that tiny factoid has never worried the marketroids).

The narrative promulgated by Apple is that they created the market. Before iTunes it didn't exist. They gave the content copyright owners a way to protect (and grow) their revenue with non-physical "sales".

There's a certain amount of truth to this line. So, as "leaders" in the market's creation, Apple should be pilloried ahead of others if they do anything to make it less frictionless (sorry for the double negative there but I wanted to use that Brexit-related word)

Intel rips up microcode security fix license that banned benchmarking

Mike Pellatt

Re: Silly season...

Nope, I don't.

No-one, anywhere, here is talking about "zero-risk". Of course there's no such thing in The Real World.

But, if 30+ years of vulns have taught us anything, it's that far too much stuff that looks low-risk on first, second, or even the hundredth examination, turns out to be easier to exploit that was realised in the earlier stages.

This is especially the case with these side-channel vulns, without too much in the way of thought experimentation, if you care to look at what they're actually all about.

Mike Pellatt

why would i disable something i paid good money for

Just like... errr.... ActiveX.... Flash.... Java..... etc., etc.

Because it's a security hole big enough to drive a bus through, like all the others.

ZX Spectrum Vega+ blows a FUSE: It runs open-source emulator

Mike Pellatt

Notice I said Sinclair rather than ZX experience, I was more thinking of the QL.

To say nothing of the black watch and the IC12. And the calculator. Those are what I remember Sinclair for.

Travesties, all of them. As I've said before, Chief Dick Sinclair created the IC12 (rated 12W peak, hence the name) by taking a Plessey 10W peak rated IC amp and, errr, sticking a heatsink on it. That was his level of understanding of semiconductor thermal management. And how I learnt all about it the hard way, repeatedly blowing them up....

The Solar System's oldest minerals reveal the Sun's violent past

Mike Pellatt

While we're all being pedantic...

The mineral contains small pockets of inert gases preserved from the chemical reactions from when the Sun’s energetic protons smashed into the calcium and aluminium atoms in the crystals

I didn't think energetic protons smashing into atoms and bringing about a change of atomic number or some other nuclear reaction fell into the definition of "chemical reactions".

Think tank calls for post-Brexit national ID cards: The kids have phones so what's the difference?

Mike Pellatt

Re: Let's get one thing straight. Right here. Right now.

Otherwise, how do you tell legit residents from those lying through their teeth?

Well, in this case, quite obvs, it was done by skin colour. And that is what was so utterly, utterly disgusting about it.

I don't know, today, just what documentary proof might be demanded in 50 years by some Government to determine my citizenship rights. It could well turn out that I'm missing some bit they consider vital then.

But, my skin is The Right Colour, so I guarantee it wouldn't be an issue.

Mike Pellatt

Re: "If there are no ID cards no one can demand them,"

What you read about stolen identities and frauds in US, for example, or the Windrush story, are unheard of in countries with an ID system.

My bullshit-o-meter hit the endstop with that claim of "identity theft unheard of in countries with an ID system."

So I did a bit of googling. It seems France, well-known for its ID cards, does indeed have an identity theft issue. As does, unsurprisingly, every country in the Known Universe.

Here is but one academic study for your digestion to back this assertion up.

Brit spending watchdog brands GP Primary Support Care a 'complete mess'

Mike Pellatt

everyone has their own view and even the users sometimes don't know what they actually want/need or their individual needs differ

"T-Government" (Transformational Government - yes, really) which was going to be the successor to E-Government was going to fix all that.

What people needed would be defined by the IT spec, not the other way round. Yes, really. I remember sitting through this crap whilst a minister talked about it.

Mike Pellatt

Why does this keep happening time and time again?!?

Because there are no/insufficient people capable of framing contracts properly and then managing them within uk.gov.

AKA client-side capability. The cost of which is clearly never properly factored into this sort of thing.

DafT are just the same. It's the root cause of the current rail fiasco - and first became blindingly obvious after Virgin's successful challenge of the ECML franchise award. Which, of course, is still to be re-tendered.

Then, of course, there's the Home Office. G4S tagging fiasco. Probation service fiasco. etc. etc.

And the G4S Olympics security fiasco.

Let's not mention DWP and the WCA.

All, every single one, symptomatic of ineffective client-side contract management. And the constant forgetting of the maxim that the Government can (maybe) transfer (some) financial risk, but the risk of service delivery failure can never be transferred. After all, that's the job of the government.....

UK's Huawei handler dials back support for Chinese giant's kit in critical infrastructure

Mike Pellatt

Re: Security risks are still just risks

Or ask RBS too. Except their Head of Risk was quite explicit about the risks Fred the Shred was exposing the bank to....

Capita strikes again: Bug in UK-wide school info management system risks huge data breach

Mike Pellatt

Re: good question

Yeah. Amey. West Berks Council.

You'd think people would have learnt and wouldn't outsource to them. They have form going back well over a decade. And some of us <cough> saw this coming

https://www.european-services-strategy.org.uk/outsourcing-ppp-library/contract-and-privatisation-failures/west-berkshire-terminates-strategic-partnershi

UK.gov IT projects that are failing: Verify. Border control. 4G for blue-light services. We can go on

Mike Pellatt

DartCharge. Still crazy, sorry, alpha after all these years.

We're now over 3.5 years since free-flowing (sic) charging was introduced at the Dartford Crossing.

Also known as DartCharge.

The payment service for this is still in alpha. Yes, alpha. A live service. Nearly 4 years after it went live.

You really, really, really couldn't make it up, could you ?? And these clowns think they can get a technological solution to managing tariffs without turning Kent into one sodding great lorry park ?? I don't think so.

https://www.dartford-crossing-charge.service.gov.uk/Home/Choose

Mike Pellatt

Re: [Sniff][Sniff]

That's exactly what the GTR franchise was set-up for, too.

I don't expect Failing Grayling's investigation to point that out, though.

National ID cards might not mean much when up against incompetence of the UK Home Office

Mike Pellatt

@'s water music: "Perhaps May's genius was to take the famously 'not fit for purpose' department and redefine its incompetence as a performance target."

Oh, you deserve 1000 upvotes for that one. Superb.

And then she claimed that her civil servants were being over-zealous for, errrrr, implementing the hostile environment that was her policy. And anyway, it was all the fault of the Windrush people for not having the documents that they errr, didn't need at the time or for decades afterwards. Kafka must be so impressed.

Mike Pellatt

Genius statement

"The solution is to fix their appalling decision-making," Patel says. "There's no technological solution to that."

Also known as "You can't fix stupid"

Have to use SMB 1.0? Windows 10 April 2018 Update says NO

Mike Pellatt
Coat

Re: Fix it, don't disable it

I don't think it was "fecked up by design" - i.e. the original intention in the design being to feck it up.

"The design was fecked-up" is perhaps what you meant.

Then again, that's pretty standard for any networking protocol designed at the same time, when security was, well, not considered at all. SMTP probably stands out most of all :-) (although that does of course predate SMB by some considerable margin)

US-China trade war is back on: White House repeats threat to tax Middle Kingdom imports

Mike Pellatt
Coat

Someone who wants to make a deal more than you do....

Like us Brits were told the EU had more to lose than us and would accede to all our demands, then.

Looks like that's turning out well.

Epyc fail? We can defeat AMD's virtual machine encryption, say boffins

Mike Pellatt

Re: Yes, hardware.

Perhaps one of the reasons why meltdown impacted all the major chips in very similar fashion, no?

Indeed not. It's because the meltdown vuln and similar is an inevitable result of the execution-time optimisations common across the x86 arch (and likely also to show up in any CISC execution-time optimisation in some form or another - were there any other CISC arch left around.....)

UK.gov's use of black box algorithms to decide stuff needs watching

Mike Pellatt

UK.gov deciding stuff needs watching

There, FTFY.

UK chancellor puts finger in air, promises 15 million full fibre connections by 2025

Mike Pellatt

Market conditions

Because 100% Business Rates Relief for Fibre Infrastructure for 5 years from 1 April 2017 is creating just the right market conditions for encouraging long-term investment with a 20+-year payback, isn't it ?

Idiot.

Zuckerberg gets a night off: Much-hyped Euro grilling was all smoke, absolutely no heat

Mike Pellatt

Re: Well isn't that just great

.....as we saw for example with roaming charges and more recently with environmental legislation.

To say nothing of getting Microsoft to cough up the necessary docs to properly interoperate with AD. Which neither the US government nor the UK government managed to achieve.

Not that that gov.UK could be arsed to do anything about it

Mike Pellatt

(The EU) is run by a civil service, with a toothless and loud parliament.

Whereas the UK is....

I got 257 problems, and they're all open source: Report shines light on Wild West of software

Mike Pellatt

Re: False positive problem with Black Duck

So their quality of code analysis and interpretation clearly matches that carried out by SCO before launching their "Linux stole all our code" farce.

Quelle surprise. No technical capability whatsoever there.....

Capita cost-cutting on NHS England contract 'put patients at risk' – spending watchdog

Mike Pellatt

Re: Hate for Capita

Only way things will improve is if the public sector .... starts to police contract awards effectively.

But, as someone up there somewhere said, the set of skills needed to be effective on the client side of a contract of this nature, and the set of skills needed to effectively manage the job in-house have a pretty massive overlap.

Add into that, as I keep banging on, you can transfer financial risk (at least in the short term) from the public sector to the private sector, but the risk of service failure will always fall to the public sector. Along with the concomitant costs....

Measure for measure: Why network surveys don't count what counts

Mike Pellatt

It's not "terrible coverage" that you're suffering from. It's the Laws of Physics, Jim.

In this case, radio propagation. The idea that coverage can be achieved in every single cubic centimetre of a city is Total Bollocks (tm) (1). With far fewer massive solid objects to reflect the waves and cause multipathing, you could perhaps get closer to that in rural areas. But there, of course, there aren't enough base stations and the issues become signal strength and line of sight rather than multipathing.

(1) Ob. Peter Cochrane - unless we'd put fibre into every home with NTEs that were also pico-cells.

Microsoft's most popular SQL Server product of all time runs on Linux

Mike Pellatt

Re: Funny error messages

My favourite, from 80's Unix, obvs.

$ make "Maggie resign"

Don't know how to make Maggie resign

Stop.

Clearly, make hadn't been told about the Community Charge :-)

Sir Clive Sinclair dragged into ZX Spectrum reboot battle

Mike Pellatt

Re: I don't have a crystal ball but...

Yes.

When I read "....has descended into a horrible, stinking mess that sullies the Spectrum legacy" I couldn't help but think "more than it did to itself back in the day"

Black watch, anyone ?? Just for starters.

IC12 ? Take a Plessey IC amp, stick a heatsink on it, and uprate it from 5W to 12W. Quality engineering, that was.

Take-off crash 'n' burn didn't kill the Concorde, it was just too bloody expensive to maintain

Mike Pellatt

Re: The most amazing engineering

Indeed. I used to be a Surrey County Councillor.

We had to pause at every full council meeting as the 11am flight went over County Hall in Kingston.

No-one ever complained

Page:

Biting the hand that feeds IT © 1998–2018