Posts by Chris Hills

My story

I was once asked to go live on an email migration project the DAY before I finished my job, with no handover in place (~1000 users). I hope that worked out for the best.

No more lock-in

This is why I am building my home automation so that I am in complete control. At the coal face are simple sensors and relays with arduino and rs485, and I plan to use the open source Mycroft to replace Amazon Echo. I will probably write the software myself or use something existing like home assistant.

Still using IPv4?

You don't need NAT, you need a FIREWALL.

Personal Data

Right now the only options for MFA are OTP-SMS or TOTP with the Microsoft app, so either you hand over your phone number, or you install a Microsoft app on your phone. I would much prefer using FIDO U2F keys where the key is generated and stored on the key, and cannot be copied. It is as good as a physical key, without which the lock is nigh on impossible to pick. Unlike FIDO2/WebAuth the key is write-once and in my view more secure. For instance, if I generate a key on my computer and install it on the phone, it is possible for the key to be copied, which is "not possible" with a FIDO U2F key.

Try typing this password

Edit, el reg does not handle unicode very well...

"The post contains some characters we can’t support"

The original was, as unicode codepoints: U+00F6 U+00BB U+0182 U+0236 U+00AE U+0130 U+014B U+01EC U+1F61B U+0116 U+1F63C U+2601 U+1F633 U+262D U+263E U+0147 U+2628 U+1F62A U+022B U+262C U+2649 U+1F63D U+00CF U+0137

Or in HTML escaped: ö»Ƃȶ®İŋǬ😛Ė😼☁😳☭☾Ň☨😪ȫ☬♉😽Ïķ

Is this a good fix?

When I buy IT products, I despise not having control of them. Limiting updates to the manufacturer enforces lock-in and obsolescence. There is a middle-ground where-by a physical jumper could be provided when an update is to be applied.

And yet...

Still no support for dynamic discovery of web servers which would make sense by putting in the top level domain, and has the added benefit of fall back servers and non standard ports. For example example.com -> NAPTR E2U+https _https._srv.example.com -> [2001:22:33:44::385]:5443, 12.34.56.78:8443

Hah

These days most source code is embedded in the page itself. Web sites that do not require javascript are getting few and far between. That said, webassmbly seems to have taken off like a rocket so the only javascript in future may be a thin glue layer.

AKA we're cashing in on the hard work of open source contributors.

Is anyone keeping track of all the failed government IT projects.

No PON thank you

Surprise surprise Openreach is going down the PON route so it maintains control of the physical layer (as opposed to PTP fibre where ISP's can deliver their own wavelengths to customers). I would like to see more smaller companies, maybe even community non-profits laying the fibre to stir up more competition.

802.1aq

This sounds like SPB (shortest path bridging) under another name.

Why only IPv4?

The internet is moving on, IPv4 is legacy.

I run apps in the browser with a poor man's citrix environment using xpra from the winswitch project.

Ain't it funny

They block edns client subnet, thus reducing performance for those using dns-based balancing, when they run their own anycast network. Unfortunately most end users will not realize that by using cloudflare's dns they are actually making performance worse for some sites. They argue that this is due to privacy but most dns lookups not for research purposes result in a tcp or udp connection to the domain name being queried anyway.

Good

The reason people have to resort to commercial mail services is because of the cartel that has a stranglehold on mail delivery. This might make domain operators start to treat all mail equally again and stop outright blocking mail based on out of date blacklists of other spurious methods.

A new cause for concern

One thing that worries me, is that when a company is sold, or goes bankrupt and the assets are flogged off, a malicious third party could acquire the private keys and use it to distribute malware. For example, the British company Wileyfox that makes phones has gone into administration. If I were to acquire the company, I could silently push out malware that dialed premium rate phone numbers. With vehicles the potential is far worse. You could send a firmware that causes the vehicles to identify its competitors' management and try to run them over. Yes this is far fetched right now, but I fear less far fetched in the future.

What I want to know is

What can we, the citizens, do about it?

It's obvious

There is far less chance, if any, chance to get kickbacks from open source development.

MSI Package?

Does this mean they are finally going to provide an MSI package?

*cough* UPRN

There is so much efficiency to gain by making property UPRN's available for free, but at present you have to pay a large licensing cost.

Why ethernet?

I do not understand the fascination of ethernet in the datacenter as opposed to the faster and more flexible infiniband.

Consumer legislation

It seems like it consumer law's need updating to take into consideration this sorry of digital bait and switch. If I bought a fire TV for the main purpose of watching YouTube then I would expect some amount of compensation (yes even though it is a third party service, it is one of the features advertised).

Normally X.509 keys have a lifetime of 1 or 2 years max for an end user/device certificate so if someone found it today it likely would not be much use unless your mark happened to have a clock running a few years slow.

The rest, though, yikes.

The level of chutzpah is outstanding. Has Equifax contributed anything at all to the development of Struts, or are they happy to profit off others' work for nothing?

Just because you get free coffee in the office, it doesn't mean you should be able to reclaim £3 for a coffee at a shop for what would probably cost your company 10p to provide. They don't even have to provide it at all. If they are not careful, the company could turn around and scrap these perks altogether.

What do you expect

When you hire people who are just as greedy as you but smarter. Alas not smart enough to not get caught.

Ouch

This is going to require some serious effort to remove individual records from backup tapes.

Maybe...

Maybe there were 2 fibre breaks, but only the second break caused the loss of service. I would expect there to be regular fibre breaks that we never hear about, it is just coincidental that two parts of the same ring were broken at the same time.

Why not..

..use land stations instead of satellites? GPS can be augmented through a system called RTK, so why bother with the satellites at all?

As long as it is based upon line sync speed, cable and fttp providers will be unaffected. Actual throughput depends upon many more complex factors.