Re: Careful of what you write
Back in the day we used RMS Service Desk. There were two notes fields, one for the customer to view, and one for the technicians.
101 posts • joined 17 Jul 2008
To those suggesting using a dns server which blocks domains, this will likely also be subverted in the future as browsers implement DNS-over-HTTPS which bypass your DNS server altogether. Whilst you have control over it today, I would not be suprised if Google forces Chrome to use its own DoH servers in the future.
This is why I am building my home automation so that I am in complete control. At the coal face are simple sensors and relays with arduino and rs485, and I plan to use the open source Mycroft to replace Amazon Echo. I will probably write the software myself or use something existing like home assistant.
I am not a proponent of DNS-over-HTTPS, but on the other hand it is just another application that runs using the internet as transport. Users are free to use it if they want to, and it is not for network backbones to pick and choose what to allow. This is sadly why new protocols like SCTP have not been able to gain traction, because a lot of operators just block them. At the end of the day no one person or organization can make the decision for the rest of the internet. Every day I get more and more surprised it still works at all.
One concept Microsoft (afaik) came up with is that of a RID master. It gives out blocks of numbers to other servers upon request. When the server passes the watermark it will preemptively request a new block. In the case of a loss of connectivity, it can still create new objects until the block is exhausted. I thought this could well be applied to database replication.
It's not ideal but perhaps this could be solved using an external service riser, just for fibre-optic cables. Alternatively, the floors could be configured in a bus with active equipment or taps from top to bottom.
Right now the only options for MFA are OTP-SMS or TOTP with the Microsoft app, so either you hand over your phone number, or you install a Microsoft app on your phone. I would much prefer using FIDO U2F keys where the key is generated and stored on the key, and cannot be copied. It is as good as a physical key, without which the lock is nigh on impossible to pick. Unlike FIDO2/WebAuth the key is write-once and in my view more secure. For instance, if I generate a key on my computer and install it on the phone, it is possible for the key to be copied, which is "not possible" with a FIDO U2F key.
Edit, el reg does not handle unicode very well...
"The post contains some characters we can’t support"
The original was, as unicode codepoints: U+00F6 U+00BB U+0182 U+0236 U+00AE U+0130 U+014B U+01EC U+1F61B U+0116 U+1F63C U+2601 U+1F633 U+262D U+263E U+0147 U+2628 U+1F62A U+022B U+262C U+2649 U+1F63D U+00CF U+0137
Or in HTML escaped: ö»Ƃȶ®İŋǬ😛Ė😼☁😳☭☾Ň☨😪ȫ☬♉😽Ïķ
Still no support for dynamic discovery of web servers which would make sense by putting in the top level domain, and has the added benefit of fall back servers and non standard ports. For example example.com -> NAPTR E2U+https _https._srv.example.com -> [2001:22:33:44::385]:5443, 126.96.36.199:8443
Surprise surprise Openreach is going down the PON route so it maintains control of the physical layer (as opposed to PTP fibre where ISP's can deliver their own wavelengths to customers). I would like to see more smaller companies, maybe even community non-profits laying the fibre to stir up more competition.
They block edns client subnet, thus reducing performance for those using dns-based balancing, when they run their own anycast network. Unfortunately most end users will not realize that by using cloudflare's dns they are actually making performance worse for some sites. They argue that this is due to privacy but most dns lookups not for research purposes result in a tcp or udp connection to the domain name being queried anyway.
One thing that worries me, is that when a company is sold, or goes bankrupt and the assets are flogged off, a malicious third party could acquire the private keys and use it to distribute malware. For example, the British company Wileyfox that makes phones has gone into administration. If I were to acquire the company, I could silently push out malware that dialed premium rate phone numbers. With vehicles the potential is far worse. You could send a firmware that causes the vehicles to identify its competitors' management and try to run them over. Yes this is far fetched right now, but I fear less far fetched in the future.
It seems like it consumer law's need updating to take into consideration this sorry of digital bait and switch. If I bought a fire TV for the main purpose of watching YouTube then I would expect some amount of compensation (yes even though it is a third party service, it is one of the features advertised).
Just because you get free coffee in the office, it doesn't mean you should be able to reclaim £3 for a coffee at a shop for what would probably cost your company 10p to provide. They don't even have to provide it at all. If they are not careful, the company could turn around and scrap these perks altogether.
Biting the hand that feeds IT © 1998–2019