Re: BBC radio free worldwide
I've posted ListenAgain links on Twitter and had confirmation from ppl in the US that they worked. IDK how patchy that is or if it's changing with the forthcoming change to mandatory login.
Posts by Tom Paine
2256 publicly visible posts • joined 19 Aug 2008
Page:
Break crypto to monitor jihadis in real time? Don't be ridiculous, say experts
Thursday 8th June 2017 11:58 GMT
ther or not terrorists used encrypt comms to conspire among themselves is puzzling.
What's puzzling about it? Without prejudice to whether or not it's a good idea -- comms have a unique property in comparison with all the other incidental things used by terrorists (vans, knives, er,.. trainers? hoodies?) in that they provide access to someone's social and, ahem, professional network(s). That could enable you to find direct members of a conspiracy or group (if someone else made the bomb or is preparing their own attack) and presumably sympathisers and people who should have informed on them but failed to, etc.
That information's probably less useful in defending against random independent self-starter types like the current crop than the IRA, of course. But there's no guarantee there aren't more traditional multi-person cells. Perhaps some of the disrupted plots were of that sort, IDK.
NSA leaker bust gets weirder: Senator claims hacking is wider than leak revealed
Thursday 8th June 2017 07:48 GMT 
Qatar
The crisis is significant because Qatar hosts the USA's most significant middle-east air base,
(1) Qatar hosts the US FIfth Fleet. https://en.wikipedia.org/wiki/United_States_Fifth_Fleet
(2) the crisis over Qatar is significant for a lot more reasons than that. The GCC states have behaved as a single bloc for many decades; a FSB-triggered breakdown in trust and cooperation gives the Middle East pot another vigorous stir.
Going to Mars may give you cancer, warns doc
Wednesday 7th June 2017 22:31 GMT
Scientists have found signs that it could have water ice hidden beneath the bedrock,
Scientists have also dragged a scoop a couple of inches below the surface in topsoil which shows hexagon structures similar to those caused by frost heave in permafrost areas of earth and found...
https://en.wikipedia.org/wiki/Chronology_of_discoveries_of_water_on_Mars#Phoenix
http://www.asc-csa.gc.ca/images/astronomie/mars/phoenix/phoenix-dug-ice.jpg
Meteor swarm spawns new and dangerous branch
Wednesday 7th June 2017 18:00 GMT
Re: Interesting use of statistics... "lies, damned lies and statistics"
nobody actually knows why, approximately 11,000 years ago every large animals went extinct across North America
Sure they do: the arrival; of homo sapiens. As in Australia and Europe, our arrival was quickly followed by population crash and extinction of megafauna.
Hand in your notice – by 2022 there'll be 350,000 cybersecurity vacancies
Wednesday 7th June 2017 17:40 GMT
Re: Outsourced to India
These days, no boss will think of emplying people here.
Why, then, is unemployment is lower than it's been since the early 1970s and employment at an all time record high?
Just for S&G I typed "IT security" into Jobserve just now:
9,909 jobs for IT security
http://www.jobserve.com/gb/en/JobSearch.aspx?shid=9CC35AE07E68E9A9F5
The biggest British Airways IT meltdown WTF: 200 systems in the critical path?
Tuesday 6th June 2017 14:30 GMT
Re: Do any really large companies rip it all out and start again?
My DR test failover, at an operator of systems hosting financial tradiing:
The DR / failover plan existed on paper but hadn't been tested for years, since when enormous changes had been made to the code, systems and environments. Eventually management let ops spend a weekend testing it out. On paper, and in regulatory filings, it took 30 mins. The first time it was tried took 14 hours. After three months of working on all the issues that came to light, tried again: 2 hours this time. Another iteration of fixing and testing. Third time: 27 minutes. They now test it every quarter. They were in the fortunate position of having Friday night and most of the weekend to make changes with zero customer impact, but everything had to be fully operational by Sunday evening, ready for the start of trading; doing that if you're a bank, or an airline, or any other 24/7 operation must be enormously difficult, and of course the longer it's left untested, the harder and more dangerous it gets to test.
Tuesday 6th June 2017 11:49 GMT
Re: Feynman: see also Haddon-Cave
Another tangent: accident investigation reports can be very thought provoking, as well as interesting in their own right. Chernobyl, both Shuttle accidents, the Deepwater Horizon / Macondo 252, Piper Alpha, and all sorts of air accident investigation reports -- all have lessons, and describe similar patterns of organisational and system design or operation failures or accidents waiting to happen to those in many fellow commentards' workplaces. Recognising them doesn't necessarily help you stop them happening, because the root causes are often many pay grades above one's own., but it does make saying "I told you so" more fun,.
Tuesday 6th June 2017 09:17 GMT
Re: Ignorance and greed
I am always amazed at how poor most people are at judging risk. In particular, people tend to overestimate and agonize over vanishingly small risks and underestimate the mundane, everyday risks they face.
Well spotted. Here's a bit more on that.
https://en.wikipedia.org/wiki/Risk_perception
In the wods of Mr Monroe, "Six hours of fascinated clicking later,.. "
Monday 5th June 2017 13:35 GMT 
Normal Accidents
Another opportunity to plug this 30+ year old book about large scale system accidents (nuclear plants, air crashes, Apollo 13, oil tankers, etc) which, although computers aren't the focus of the book, taught me more about stability, reliability and security than many books supposedly on those topics. Pick up a copy from Abe Books or your favourite non-Amazon supplier today, you won't regret it.
https://en.wikipedia.org/wiki/Normal_Accidents
Who's going to dig you out of a security hole when the time comes?
Monday 5th June 2017 13:48 GMT
So if we dig out our copy of the ISO 27001 standard we read stuff like:
Backup copies of information, software and system images shall be taken and tested regularly.
The use of resources shall be monitored, tuned and projections made of future capacity requirements.
I've worked on ISO certs but I don't think I've ever seen the very expensive official documentation. I thought it was completely unprescriptive about what controls are needed, and says that should flow from your risk assessments? That's why I've always preferred NIST SP 800/53 with it's nice long list of controls...
Retirement age must move as life expectancy grows, says WEF
Friday 2nd June 2017 14:56 GMT
Pensions
So I'm around 50, and for 25 years or so I always ticked the box on the form you get on induction day to say "Yes please take some of my pay, make a matching contribution and pay it into my pension" (Those things add up to 3-5% of your income in total, 5% being rare high-end figure afaik.) Being the sort of child of the 60s muppet who generally assumed The Powers That Be had got the basics pretty much covered, I never really worried about it and just filed the statements without worrying what they meant. (Of coure they were small numbers when I'd only been saving for ten years.)
Now I have 15 years working life left, absolute tops -- if I'm exceptionally lucky and can stay employed in a profession where the median age is about 30 -- I started wondering about who pays my rent once I retire,and starting to feel uneasy about statements saying things like "This will pay you an annual pension of: £3500". IMAGINE my surprise to wake up one morning and hear a pensions expert on the radio saying "Of course, as you all know, everyone should be saving 10-15% of their income for a decent pension". Wait, what??
As I don't own a house, I have a very bad feeling my retirement years will be spent in a council flat in a 30 story high rise in Wolverhampton. I'm pretty fucked off about this.
That is all.
Trident nuke subs are hackable, thunders Wikipedia-based report
WannaCrypt: Pwnage is a fact of life but cleanup could and should be way easier
NASA Sun probe named for solar wind boffin Eugene Parker
Friday 2nd June 2017 11:32 GMT
Re: 3.9 million miles?
The high regions of the Earth's atmosphere exhibit similar temperatures. The thermosphere (80-600 kmetres up) has temperatures up to 1500C. A reflecting heatshield is all it takes.
All you have to do is lure him into Hotblack Desiato's black stunt ship and before you can say "25th Amendment" he'd be toast! Or, indeed, plasma.
Friday 2nd June 2017 11:30 GMT
Re: To put this into perspective....
The high regions of the Earth's atmosphere exhibit similar temperatures. The thermosphere (80-600 kmetres up) has temperatures up to 1500C. A reflecting heatshield is all it takes.
But here's the thing -- although the (visible) surface of the sun is a mere 5500 deg C or thereabouts, the temperature of the (invisible to the naked eye) corona is measured in the millions of degrees. Why that should be and how it comes to pass is one of the things solar physicists would like to getting a better understanding of (what with it superficially appearing to violate thermodynamics and all. It doesn't really, of course)
Elon to dump Trump over climate bump
Thursday 1st June 2017 12:05 GMT
Re: Surprised?
People still defend windfarms
Do they? Do they really? How completely bizarre, people liking a cheap carbon-free source of power, Whatever has got into them to make them start behaving rationally?
http://www.independent.co.uk/environment/wind-power-now-the-cheapest-source-of-electricity-but-the-government-continues-to-resist-onshore-a6685326.html
I'll take the sandtrooper in white: Meet the rebel scum making Star Wars armour sets for a living
BA CEO blames messaging and networks for grounding
Tuesday 30th May 2017 11:45 GMT
Re: Where was the "power surge"
Indeed. There are rather a lot of commentards here and on the previous story of the 27th offering detailed, blow-by-blow accounts of what must have happened, and they're all different -- except that everyone's dead certain Cruz is an incompetent idiot and that it's all due to the famous outsourcing deal.
I'm not saying the outsourcing had nothing to do with it -- I'm not in the position to know -- and I don't take his assurances that it wasn't a factor completely at face value. I just wonder how so many people know so much more about it than I do, when we all read the same article...
BA's 'global IT system failure' was due to 'power surge'
Monday 29th May 2017 14:17 GMT
Re: "Tirelessly"?
Finally, a bit of actual detail from Mr Cruz. I took the liberty of transcribing relevant bits, hear it at
(starts about 12m in) http://www.bbc.co.uk/programmes/b08rp2xd
A: "On Sat morning, We had a power surge in one of our DCs which
affected the networking hardware, that stopped messaging --
millions and millions of messages that come between all the
different systems and applications within the BA network. It
affected ALL the operations systems - baggage, operations,
passenger processing, etc. We will make a full investigation... "
Q: "I'm not an IT expert but I've spoken to a lot of people who are,
some of them connected to your company,. and they are staggered,
frankly and that's the word I'd use, that there isn't some kind of
backup that just kicks in when you have power problems. If there
IS a backup system, why didn't it work? Because these are experts
- professionals -- they cannot /believe/ you've had a problem
going over several *days*."
A: "Well, the actual problem only lasted a few minutes. So there WAS a
power surge, there WAS a backup system, which DID not work, at
that particular point in time. It was restored after a few hours
in terms of some hardware changes, but eventually it took a long
time for messsaging, and for systems to come up again as the
operation was picking up again. We will find out exactly WHY the
backup systems did not trigger at the right time,and we will make
sure it doesn't happen again."
(part 1)
Monday 29th May 2017 12:12 GMT
72h and counting
It's Monday lunchtime and it's looking like the PR disaster has greatly exacerbated how memorable this will be in years to come when people come to book flights. This is what they should have been googling three days ago:
Grauniad: "Saving your reputation when a PR scandal hits"
https://www.theguardian.com/small-business-network/2015/oct/23/save-reputation-pr-scandal-media-brand
Torygraph: "Six tips to help you manage a public relations disaster"
http://www.telegraph.co.uk/connect/small-business/how-to-manage-a-public-relations-disaster/
Forbes: "10 Tips For Reputation And Crisis Management In The Digital World"
https://www.forbes.com/sites/ekaterinawalter/2013/11/12/10-tips-for-reputation-and-crisis-management-in-the-digital-world/#bc0de87c0c68
Listening to endless voxpops from very pissed off BA pax, those articles make very interesting reading. BA seems to have confused the "Do" and "Don't" lists...
They're now saying the famous power failure was for a few seconds; agree with above commentards saying that's suggestive of some sort of data replication ./ inconsistency issue. Still hungry for the gory details though... come on, someone in the know, post here as AC (from a personal device obvs)
Sunday 28th May 2017 00:41 GMT
Re: Operational Failover is incredibly complex
Those companies probably don't have a mishmash of legacy systems, some decades old, and complicated links to other service providers and their networks. That said, I intuit - possibly wrongly - that a mishmash of legacy systems would be less likely to fail completely, because different chunks of it would have been originally designed as standalone, or at least much less interdependent. (Anyone care to wield the cluestick with actual data or proper research on whether that's the case?)
It's interesting too that quite a few of these sorts of mega-outages hit industries that were some of the first to computerise in the 60s and 70s -- air travel and retail banking. What other sectors would fit that category and are also high volume / mass market infrastructural systems, I wonder?
* (looks uneasily at all those ageing nuclear stations built on coastlines before they'd discovered the Storegga Slide... )
Saturday 27th May 2017 19:44 GMT
Re: Heathrow and Gatwick?
The article says that flights from Heathrow and Gatwick are affected. BA flies from a lot of other locations so presumably the systems are not down but the local delivery of GUI...
The BBC and other outlets reports say it was (is?) global, with all aircraft movements stopped everywhere in the world. Except the ones in the air. presumably.
Saturday 27th May 2017 19:42 GMT
Re: Whoever saved a few £million a year with that outsource...
Whoever saved a few £million a year with that outsource...
.. just cost BA a £billion +
Maybe; maybe not. We've no way of knowing whether the outsourcing deal had anything to do with this.
GDPR is going to bring in mandatory breach reporting. I'd like to see mandatory RCA reports for system failures of anything that causes this level of disruption and inconvenience to that many people. Not sure how you'd mask out security-sensitive info (OS or server packages and versions, say) but dammit! we are geeks and we MUST KNOW THE GORY DETAILS! Feed us! Feed us!!
Sorry about that, spent a bit too long gardening out in the sun this afternoon I think :>
Saturday 27th May 2017 19:35 GMT
Re: Really a power failure?
You can come up with any number of scenarios to explain the gap between the claim of "power failure" and the apparent impact. I've no idea what the story is, but "power failure" is too glib.
I can't believe BA don't have DC level redundancy. The proverbial jumbo jet crashing on LD4 (say, I have no idea if they're in that site, though it's dead handy for Heathrow) shouldn't mean more than, say, 30 mins service outage, tops. And that's assuming lots of legacy gear that can't easily be moved to a modern, realtime replication, hot failover mirrored servers / data / sites set up; if you were starting from scratch today with greenfield sites, a DC outage wouldn't be noticed outside the IT dept.
The revolution will not be televised: How Lucas modernised audio in film
Sunday 28th May 2017 16:33 GMT
I was there, too - Leicester Square - and I suspect my mind was more thoroughly blown than yours because (1) I was 7, and (2) the only time I'd been to a cinema before was Bambi at the local fleapit. It was a school friend's birthday treat to go, with me and one other lucky kid. It was already the most awesome day of my life when his glamorous Mum drove us to London in a Rover P6 and hit 100mph on the M11... /then/ my first ever experience of fast food - a Wimpy - I had no idea what burgers were! - then a long queue, and I remember being awestruck by Stormtrooper dummies in some sort of shop window. Then inside, confused to find there was a B movie beforehand, and being even MORE convinced we'd walked into the wrong film by mistake when it said "Episode IV: A New Hope"; and then the opening shot... my face must have been a picture :>
Suffice to say I was doodling spaceships in exercise books for years afterwards. Come to that, even today, when the weekly conf call gets really boring,..
Biting the hand that feeds IT
