* Posts by The Original Steve

667 publicly visible posts • joined 24 Jun 2009

Page:

Microsoft locks door to default guest authentication in Windows Pro

The Original Steve

Re: Pointless idea

"The irritation with Windows is there doesn't seem to be a default out-of-the-box automation user account that isn't administrator."

Yes there is, just not on clients. Look up (Group) Managed Service Accounts if you're running a domain environment.

But you can just create a user account. Having anonymous anything is poor security quite frankly. Don't know why there's any argument over it - if you want to do something on a system you really need to know what is doing it, and therefore a well managed service account should be created as security best practice, regardless of platform being used.

It's time to retire 'edge' from our IT vocabulary

The Original Steve

I suspect like many on here, "Edge" has never been a term I've used.

It's cloud or I need tin.

If tin then what's the requirements.

//End

Meteoroid hits main mirror on James Webb Space Telescope

The Original Steve

Disappointing

Am I only person to feel a little disappointed by this? They say they knew it was a risk and tried to mitigate by material choice, but given it will have some impact to the mission before we've even taken a picture it would suggest a type of shield or alternative protection really was a requirement. Pleased they can minimise the impact, but given how early we are in the planned mission it's not looking super promising we'll will get close to 10 years planned, let alone a possible extension.

Buoyant tech sector bucking the UK trend, says consultancy

The Original Steve

Re: Atrocious

Whilst you maybe right technically, on £100k* a year you take home £66k after HMG has taken their total deductions and that's before pension contributions.

Rewarding people who do the education, work their way through the lower paid roles (servicedesk -> admin -> consultant -> architect etc), do extensive training both paid and in their own time and obtain related certifications is perfectly reasonable in my view.

I don't agree that taking 44% off their renumeration is reasonable however. When I was getting paid for servicedesk or IT admin roles I was losing 21% of my renumeration. I kind of thought the point of percentages was that it scales by it's nature...

Whilst I'm sure some people may think I'm being ungrateful or pompous, on my generous (but hard earned) salary, should my employer offer me a one off £1k bonus for passing a rigorous or particularly tricky exam that may take me weeks of study in my personal time I just wouldn't really bother now. When I was earning in the 20% bracket then I did. Mainly because as a 40%'er my time is more valuable yet I'd be earning less per hour for the studying effort than when my time was less valuable when I was more junior.

For example:

50 hours of study to take home £800 (20% rate) is £16 an hour.

50 hours of study to take home £600 (40% rate) is £12 an hour.

And of course you're more likely to be paying 40% if you are older and thus have a family to spend time with or have wealth to spend on holidays and probably more advanced in your career so career development is likely to be less essential. Arguably this could make your free time as a 40%'er more valuable, and thus earning even less per hour than a junior fresh out of collage even more perverse.

.

.

*I do appreciate that £100k is a great deal of money. But I think it's reasonable for people who did well in their education, have done extensive training, work very hard in technically demanding roles and worked their way up the career ladder to be paid a good chunk more than someone in a less skilled or challenging role.

Let's say an office manager is paid around £33k who does valuable work but is internal, non-technical and not particularly highly skilled. Then I don't object to a cloud architect being paid 3 times that to be honest (I'm biased of course) - mainly as the higher paid role is customer facing, has extensive deliverables they are solely responsible for, requires extensive and regular training, is highly technical and is ultimately a specialist role.

The office manager loses out on 21% of their renumeration vs. 44% for the cloud architect. That doesn't seem that reasonable to me given the work required to become a cloud architect and maintain that role, particularly when the pay gap is tens of thousands, not hundreds.

Sun sets on superjumbo: Last Airbus A380 rolls off the production line

The Original Steve

Gutted and excited

Never flown on a 380, but my brother and me paid for my mum (with us going with her!) to go to Mauritius for her 60th which was meant to be last year. I went out of my way to ensure that we flew business on the A380. Really hoping that's still an option when the world has reopened...!

Nearly 140 nations – from US and UK to EU, China and India – back 15% minimum corporate tax rate

The Original Steve

Re: Isn't it better for the EU if those taxes..nope

The largest company pays the largest amount of tax... well of course it does.

I pay considerably more tax than my partner does, as I earn literally 5 times her salary gross. Even if we paid the same percentage of tax (which of course we don't, she pays the "normal" rate and I pay the "higher" rate), then I would pay considerably more tax than she does.

The point is that Apple (along with most other major multinationals) pays less tax per $ earned (or per $ of profit) than a medium or small business would pay.

Using my salary as an example, I pay around £28k on income tax per year. She pays £1,600 a year. Instead, if I ended up paying just £5k a year on income tax (with the same salary as I do now when I pay £28k income tax) then you could say that I pay considerably more tax than she does and I'm the largest tax payer in my household. That's true, but it's also utterly immorale and misses the point. Per £ earned I'd be paying far LESS tax than my partner does, even though I earn considerably more than she does.

With Apple being the most profitable, most cash-rich and the higest market cap. company in the world it SHOULD be paying the most tax in the world. However if it's 1000x larger (by profit) than "Bob's Phones Ltd" yet it's total tax liability is around the same then clearly something is wrong.

Just because the most profitable company in the world pays the most amount of tax doesn't mean it's paying it's fair share of tax. It's kind of expected that it'll pay the most corporation tax (which is a tax on profits) when it's the most profitable company in the world.

LibreOffice 7.2 release candidate reveals effort to be Microsoft-compatible

The Original Steve

Surprised

I'm the first to say that it's fantastic for all that the incumbent has good competition to (at least try) to keep them something close to being honest.

But as someone who's only ever really used Office (outside of dabbling with LibreOffice years ago in a failed attempt to minimise our Office licence fees on RDS) I'm rather surprised at both the general look and feel of today's LibreOffice and also that they are still so far behind in these "niche" features - like tables in a text boxes and clickable hyperlinks to index marks in the page. Whilst I'm sure the majority do not use these features in Word often if ever, it's this kind of thing that has limited it's market share more than anything Microsoft have done in my opinion.

I'm not saying that Microsoft Office is great or perfect (far, far from it), but in terms of usability and features the competition appears to be rather behind still.

Leaked print spooler exploit lets Windows users remotely execute code as system on your domain controller

The Original Steve

Mitigation

"Martin Lee, technical lead at Cisco Talos, said: "Exploits such as this underline how important it is to both securely authenticate users and be in a position to identify unusual network activity."

Which is of course true.

It also costs a tidy sum and I can imagine a firm like Talos or its Daddy Cisco would be able to sell me something that does these things...

As opposed to having a separate server for each role and / or using Server Core for DC workloads which is a more powerful mitigation IMHO.

Side note: An often overlooked downside of cloud is that IT is under direct pressure to reduce VM footprint as you're paying for each VM by the minute. Even the lowest of the low on prem server gives you headroom for running a DC and a file/print server roles as two separate VM's and a Win Standard licence let's you run two VM guests.

Want to keep working in shorts and flipflops way after this is all over? It could be time to rethink your career moves

The Original Steve

Flexible working

I've said on here before that I'm the exception to the rule - I miss what I had before.

Worked for a large consultancy firm where in general you work from the client site Mon - Thu and can charge expenses for the hotel / food / fuel during that time, and you WFH on a Friday. However I often worked onsite for the full 5 days during the first few weeks to build up the relationships, and then would work 2 or 3 days onsite for the remainder of the project in general. Some weeks I'd be in the full week, sometimes I'd go weeks without leaving the house and often somewhere in the middle depending on the needs of the client and the project. That's the main point - it's what is best for the project.

I really do miss the face to face interactions. I've yet to use a remote tool that compares to having 6 geeks in a room with a whiteboard during a project kick off. Likewise it's great to sit at home and hammer out a HLD or other design doc.

Now I fully appreciate I was very, very luck to have those arrangements, and I know that I'm the exception as I genuinely miss having that flexibility since we've had to WFH exclusively.

On a side note, I changed jobs start of the year to a smaller consultancy. Paid considerably more and they're based about a 6 hour drive away so I won't be expected to go into the office at all other than once in a blue moon (and the MD has agreed they'll be paying for it). Will likely need to occasionally go to a client site for a workshop but that'll be far less frequent than before. So I'll be WFH about 90% of the time and have gained a considerable pay increase too. Thought I'd take advantage of London salaries whilst getting my new employeer to commit to WFH as the rule which on the back of what's been said in this article it sounds like it maybe a wise decision!

Ransomware victim Colonial Pipeline paid $5m to get oil pumping again, restored from backups anyway – report

The Original Steve

Re: FAIL $5 million for criminals

I agree with a lot of what you said, but trying to blame a vendor - mainly (based on your post) about the size of their patches - is the one thing I would disagree with.

A well designed architecture builds into the design that layers are not infaliable and can / will be compromised. This could be the fleshy bit behind the keyboard, an explot in the OS or an application, the network itself, something server/side, or even operations / processes (e.g. social engineering).

Security works best in tiers. Would I use Windows on a SCADA system. Sure, why not? Embedded Windows works fine, is easy to manage and can be just as secure as anything else given the right configuration. A poorly configured *BSD or Linux appliance will be more insecure than a well configured Windows device.

Personally I think the OS should be chosen based on compatibility, configuration management, support and total cost. If my team and suppliers only know Windows then shoving in another platform maybe "more secure" (in your opinion) out of the box, but as we wouldn't have the appropiate configuration management and monitoring tools nor the expertise and skills then over time it would almost certainly end up being less secure than a Windows based platform.

Air-gapping (doesn't even need to be literal, but severely limited network access such as totally seperate networking with network based security services, blocking all ports in/outbound, proxying), SIEM that's actually used, end user education, security reviews including pen-testing, well configured firewalls, IDPS, endpoint protection, extremely robust backup and DR processes (as with other posters, I'm still a big fan of using tape for critical workloads), MFA and good credential management policies / proceses, attack surface reduction, disk encryption, honeypots, web and email filtering, many small subnets as a security perimeter, physical security and.... patching.

I'm sure that if we could have our way, we would make it physically impossible for a single packet to get from anything into the SCADA network - but security is always a usability trade off. We can protest as much as we want, but pragmatically in this modern world it's unlikely we can have all the security we would want to have such as real air gapping - so as with so much in the security sphere we need to implement a comprehensive, tiered security and recovery strategy.

If you can only provide good security because of your OS choice I'm not sure I'd personally want to be hiring you for your security skills.

Just one in 5 Googlers plan to swerve the office permanently after COVID-19

The Original Steve

Flexibility?

How is having three strictly defined options, sanctioned by your manager flexible?

Flexibility is saying "come in or stay home, whichever works best for you - however your manager reserves the final decision if we think you're taking the piss", no?

I'm one of the few who actually feels somewhat short changed by the WFH "revolution". My previous job was usually 4 days on a client site, 1 day WFH however if I needed too I could WFH or I could work all 5 (or sometimes more!) days onsite. Went to my actual company office for a total of 4 days in 2 years and that includes my 2 day mandatory induction. WFH for a week when you are report writing or being in the client's office for a full week during a project kick off where you generally decide (with your clients agreement) seems perfect in my opinion. YMMY of course.

Hence WFH exclusively has been something of a negative to me personally, but I appreciate I'm in the minority on this one given my "privileged" prior working arrangements.

'Unhealthy' Azure Portal instances in UK West take a little lie-down over lunchtime

The Original Steve

Seemed knackered for me around 11ish this morning and wasn't working until at least 3pm.

Very noticable that it wasn't working even an hour after they announced it was mitigated via Twitter.

I'm the lead consultant on the Azure team for a "cloud" MSP... Productive day!

The first rule of ERP? Don't talk about ERP: App-maker IFS reckons market has moved on

The Original Steve

Interesting and interested...

Whilst I'm sure there's a lot of marketing BS here as is the way with any ERP (or any vendor at all!) vendor announcement, if they can walk-the-walk it actually sounds surprisingly sensible and A Good Idea.

Devil is in the detail naturally... Having worked with IFS it's very Oracle dependant making it obscenely expensive once you have a typical Oracle DBA at the helm and insists on using Oracle Forms and their middleware for anything not included in the box.

Get IFS to use some cloud native elements such as Azure SQL DB or Azure SQL Managed Instance and it could be rather compelling.

It's an industry that needs a bloody good shake up. Having a smaller / "middleweight" give it a go should be applauded IMHO.

The laptop you bought in 2020 may stop you buying a car in 2021: Chips are going short

The Original Steve

Re: Stop me from buying a car? Probably not.

Personally I find the following chip-based technology useful in my BMW 435d:

1. Heads up display

2. Sat Nav

3. Traction control

4. Stability control

5. Cruise control

6. Electric memory seats

7. Keyless start

8. Climate control

9. Tyre pressure monitor

10. Intelligent 4WD

That's without the more engine-based chippery benefits whcih help with economical driving. (E.g. computer based fuel injection, computer-driven gear selection based on driving mode and GPS location including upcoming road gradient, digital range display, coasting whilst driving with an automatic gearbox).

There's a lot of junk in modern cars, including my own (why would I want to display the news on the iDrive?), but there's also a lot of advanced features which may not make the car itself "better" in terms of getting from A to B, but it makes it safer, quicker, and far more comfortable and efficent compared to older vehicles.

Windows' cloudy future: That Chrome OS advantage is Google's to lose

The Original Steve

Disagree

Whilst they are bloody awful regardless of the OS, the chepeast Windows laptop kicking around is circa £200 or so. Given that most businesses have sucumb to purchasing a subscription for productivity and management (GSuite or M365) that's kind of seperate.

A poor computing experience regardless of platform choice, but a smooth (in terms of pre-configuration and support) experience can be had regardless if it's Windows with M365 or a Chromebook with GSuite in charge. The management from InTune is actually pretty good to be honest. I miss the advanced stuff in Group Policy, but as an MDM it's fairly solid.

My own anecdote: I started a new role at the start of the year and was sent a Lenovo X1 Carbon with an i7 and 16GB RAM plus Thunderbolt dock on W10 Ent managed via M365 / InTune.

My SO started her new job 2 weeks later and had a new Lenovo Chromebook sent to her. Everytime she sees me working she pretty much turns green with envy. Poor trackpad and keyboard, battery life is fairly comprable and she's now paying for a 4G backup SIM / WiFi dongle after we had a broadband outage for 3 hours meaning she couldn't work at all. Coupled with having to use her LOB app via RemoteApp (so still paying MS a licence fee for it as it's hosted on a RDS farm in Azure) I know she would much rather have a "normal PC" to work from.

The Huawei Mate 40 Pro is so mired in strangely hardy glue that the display shattered during iFixit's teardown

The Original Steve

Re: I did it Huawei

@AC

Totally agree. My Mate 20 Pro is out of contract as of last week after 2 years of solid service and I'm thinking of just going SIM free. Sincerely miss my Lumia 950 XL too.

Real shame about the P40 Pro being sans GMS, if only for a few key banking apps.

UK state of the Internet report: Virgin Media 'fast', BT's PlusNet last

The Original Steve

TalkTalk are dire (as most consumer ISP's tend to be) with their customer service, and of course their security (or lack of it) is what they are most famous for.

However, that's not to knock their network itself. I was a very happy customer of their FTTC product until their "mega hack" a few years back. I left out of principle rather than due to their network performance which I always found to be rather good for a LLU FTTC product.

Crap customer service, horrific security and an utter lack of respect for their customers - but personally (and from what I've seen / been told from other geeks who were using the same TT LLU FTTC service as me) the product itself was nearly as good as you could get.

Remember that pretty much every location in the UK has a ton of ISP's reselling BT Wholesale IPStream, and then most have a few LLU providers such as TalkTalk and Sky. For me, my choices in my market town are some resold BT IPStream service, Sky and TalkTalk (no VM here) in terms of companies with their own fibre plumbed into the phone exchange data racks.

Not interested in a BT Wholesale product, and TalkTalk were the cheapest at the time and during my 3 years or so of being a customer their network performance was quite frankly great. BT, TT and Sky all have awful customer service. Along with thousands others, I left TT purely due to their disregard of my personal data and I'm now a happy Sky customer. Whilst there's not much in it, I'd even go as far as to say that TT may even have a slight edge in terms of performance.

New Workspace for your WFH office? Nah, it's just Google shooting G Suite with the rebrandogun

The Original Steve

Re: Serious question - usability?

Agree with everything you've written - although I'm fairly sure Excel Online (inc O365 etc) allows for co-editing spreadsheets, at least to the workbook level (although not the individual cell if I recall).

Meet the ‘DPU’ – accelerated network cards designed to go where CPUs and GPUs are too valuable to waste

The Original Steve

Re: It's more than a SmartNIC

It does sound truly ground-breaking.

I mean, a processing unit that does compression for storage, encryption for networking, running virtualisation for compute.

Who knows, in 10 years they may even combine them into a single, super-chip. Maybe call it something more generic like a central processing unit?

/stop sarcasm && stop snark

Amazon makes 850,000m2 bet that its people will get off the kitchen table and back to an office

The Original Steve

Re: Why offices?

I'm sure I'm in the minority, but I really, really miss it.

I usually work from a client's site Mon - Thu, staying overnight 3 nights a week in hotels, WFH on a Friday. I miss the diversity, engaging face to face with clients and colleagues and I actually miss the commute believe it or not. Time to ramp up for work or to unwind before seeing SWMBO and the kids is something I sorely miss to be honest. Actually making time to listen to a podcast or a radio show just doesn't seem possible to me when working from home like I am currently - I'm only using my ears so it's the perfect driving / commute task to do. I can't bring myself to sit away from the family for an hour or two just to listen to the radio.

I recently joined an existing project that's been ongoing for over a year, and trying to get up to speed remotely has been a real struggle. The obvious social interactions such as a drink after work is one thing, but just spending 10 minutes by the water cooler / coffee machine / outside having a smoke can be surprisingly productive both directly and indirectly.

Think I probably had the best of both worlds as the nature of the role means it's very diverse anyway, so there's a lot of getting up to speed on the latest project and meeting new clients - both of which are made easier face to face. Combined with a very small commute to/from a hotel and working from home on a Friday does make me somewhat more bias that most I guess.

The Surface Duo isn't such an outlandish idea, but Microsoft has to convince punters the form factor is worth having

The Original Steve

Interested, but I'll pass

At first glance yesterday I thought they can jog right on at that price with those spec's, but actually after watching the press briefing video today I'm far more interested in it. Can see the value proposition for those who commute via public transport to be fully productive without having to get a laptop out (which is never practical). The money clearly goes on the screens which whilst isn't as cool as the actual single folding screens from Huawei and Samsung seems to have a lot of engineering in it and does appear to be genuinely well thought through, well optimised and very productive.

But this is MS we're talking about, which means no way will I try a 1st generation product. (Ex-Windows Phone, Band and Groove user here!)

If this is still going strong in 3 years time, I'd be very tempted by a 3rd generation version of it. As long as they have the stamina that is.

After banning Chinese comms bogeyman, UK asks: Huawei in this mess? It was a failure of capitalism, MPs told

The Original Steve

Re: Obvious

"2.7 million people isn’t that many for a country of 60 million"

It's 8.18% of the workforce based according to the ONS.

Source: https://www.ons.gov.uk/employmentandlabourmarket/peopleinwork/employmentandemployeetypes/bulletins/uklabourmarket/march2020#employment

Someone got so fed up with GE fridge DRM – yes, fridge DRM – they made a whole website on how to bypass it

The Original Steve

Re: Advertent FUD

I use both a water jug with a Britta filter and also a kettle (well, hot water dispenser) with a built in Britta filter. I do by 3rd party (Amazon own-brand) filters though as the cost is ridiculous for the branded ones.

I'm not clued up at a technical / chemical level, but I live in a very hard water area and find the use of the Britta filters soften the water dramatically which results in next to zero limescale in my kettle as well as removing unpalatable tastes and scents which is ideal for light teas.

I'd rather like it if I could filter the washing machine, dishwasher and shower, but that's purely to reduce the limescale and thus prolong the life of the goods. Although I believe dishwasher salt is mean to do that for me.

I wouldn't bother with a filter for the taste alone, but 6 years on the same kettle without needing to descale it at all is something of a miracle given I had to do it every few months pre-filter.

Surf's up: Microsoft emits new security baseline for Edge 83 with way to shut off access to built-in browser game

The Original Steve

Rather like it

Sure I'm in the freak in the corner, but I really like the new Edge.

Now I am very much in the "Microsoft ecosystem" both personally and in my work life, so it's value proposition should be higher than FF, Chrome, Safari and the rest of the browsers. Being Chromium based, the engine is naturally going to be pretty reasonable, but I've found I'm getting the best of both worlds. Microsoft have clearly (and finally) thrown considerable focus and effort on Edge, and I find its paid off. Do recommend the Dev channel as a good balcnce between stability and features.

I've been around long enough to understand people's healthy skepticism with Micros~1 and browsers given their history, but I do suggest people give it a try before slating it - particularly if your company uses Micros~1's cloudy offerings as well as selling their own souls by using W10 and a Micros~1 account personally.

RetroPie 4.6 brings forth an answer to 'What do I do with this Pi 4 I bought last year?'

The Original Steve
Pint

Re: Pi 4 mouldering?

That sounds very impressive, and a truly excellent use of the Pi (purists may disagree and think that the Pi should be used for educational purposes only, but that's not my view).

I have to cheekily ask... Have your scripts on GitHub or similar for us lazy admins to get some inspiration from?

Enjoy, it's clearly well earned ----------------------------------------------------------->

Kubernetes is 'still hard' so VMware has gone all-in on container-related tech with expanded Tanzu, vSphere 7

The Original Steve

Hyper-V

Rather interested in the below:

"Despite giving away Hyper-V, Microsoft never won more than about 20 per cent of the market."

Maybe by number of hosts installed or VM's running possibly, but in terms of customers I'd put money on it Microsoft has more Hyper-V customers than VMWare has ESXi customers.

Source is purely my own experience: I worked at a medium sized crisp factory (600 employees) about a decade ago where I ran vSphere, and I then moved to a pharmaceutical firm with > 20,000 users who also used vSphere for a couple of years. I then left and joined a small/medium MSP with about 90 customers. 2 were using ESXi, about 60 were using Hyper-V and one was using Xen. (Rest were so small it was physical servers only or no servers at all!).

Since then I've joined a consultancy and one customer (50,000 employees) was running vSphere and is looking to replace with Hyper-V, and another customer (800 employees) is already on Hyper-V.

Hello, support? What do I click if I want some cash?

The Original Steve

My other half moved to Scotland the end of last year near Dumfries. Every chip shop we've been to has had deep fried Mars bars on the menus, as well as haggis and even deep fried pizza.

Virtualization juggernaut VMware hits the CPU turbo button for licensing costs

The Original Steve

vSphere vs Hyper-V

If you've deep pockets, vSphere is frankly the best on the makret. However if you don't need the very best, datacentre edition of Windows per host gives you their VSAN (Storage Spaces Direct) and unlimited Windows guests for considerably less considering you'd still need licences for Windows VM if using VMWare.

These days for greenfield sites that are a Microsoft shop guest wise Hyper-v covers it off

Is everything OK over there, Britain? Have you tried turning the UK off and on again? ISPs, financial orgs fall over in Freaky Friday of outages

The Original Steve

Re: A historic day in every way.

There's been two referendums on our membership of what we now call the EU. One a couple of years after we joined, and the other in 2016. Basically a generation between them.

And 1.4 million people in a population (not electorate!) of 65 million is only a rounding error if you didn't like the result.

Finally, whilst the the British often demanded exceptions and different treatment / opt-outs (Euro, Shengan etc) we're famous for sticking to the rules that were agreed. Unlike certain other countries I can think of... The nation of queuers will stick to all rules no matter now ridiculous they may seem. Not sure why us attempting to negotiate opt-outs and exceptions when the rules are made is a bad thing in your eyes.

The Six Million Dollar Scam: London cops probe Travelex cyber-ransacking amid reports of £m ransomware demand, wide-open VPN server holes

The Original Steve

"It is 2020, what was the customer data and critical systems doing on Windows boxes, rather than Linux with a snapshotted file system underpinning the storage?"

If you think you are safe from attacks, viruses and malware just because of a particular technology choice, then you're both sorely mistaken and I wouldn't be surprised if you've already been done over without knowing it.

Security isn't actually a technical issue per se, it's cultural. As posted above, a properly configured Windows Server is more secure than a poorly configured <insert OS of choice> server.

End user education, tiered security, least user access, well trained administrators and strong processes including the assumption you WILL be compromised (and thus have a strong, tested, offline backup) are SOME of the measures to help mitigate security issues.

Changing an OS is like changing the brand of car you drive. How you drive and maintenance of the vehicle make far more difference to how likely you'll be involved in a collision.

Questions hang over Gatwick Airport after low level drone near-miss report

The Original Steve

Re: DJI Database

DJI sell products that's literally detect all DJI products (and I think other 3rd party ones too) to airports and other government and related organisations.

DJI drones literally broadcast their location and serial number in real time which their AeroScope product picks up.

https://www.dji.com/uk/mobile/aeroscope

Thanks, Brexit. Tesla boss Elon Musk reveals Berlin as location for Euro Gigafactory

The Original Steve

Re: Please not the old Southampton chestnut...

An interesting article which gives a good comment and counter argument.

Although I did raise an eyebrow at the way some facts were worded. Stating 70% of UK made cars are exported and half of those are sent to the EU somehow seems rather more alarming (given we're meant to be leaving the EU) compared to saying that less that 40% of UK made cars go to the continent. Personally if less that 50% to the EU markets then arguable would it not make more sense to be outside of it and take the hit whilst securing FTA's with the majority of the customers of the cars we make? Purely econmically speaking.

Although when going to the website home page it kind of lost it's credibility. 5 seconds on the home page suggests it's a counter to the rabid nonsense sprouted by the Daily Mail. Whilst that's not in itself a bad thing, it does somewhat water down decent articles like the one you linked too as it's clearly just as biased as the pro-Brexit lot.

Gas-guzzling Americans continue to shun electric vehicles as sales fail to bother US car market

The Original Steve

Re: Who needs a vacuum cleaner on wheels with E 0.62 / L in the land of president Trump.

Couldn't care less about the HP - it's the speed and handling.I'd take a BMW M2 CS over your American motor any day of the week. That's faster 0-60 than your "most powerful car made in Fords history" and can take a corner too.

The CS model is also a bit cheaper, although I'd probably opt for the non-CS M2 Competition instead which is considerably cheaper and 0.5 seconds slower on paper.

Amazing you can honestly write on a public forum that American cars are somehow a better choice. Build quality alone is a different level, then handling. Sure, raw HP numbers the other side of pond wins hands down. Getting from A - B or on a track however and you'll be eating those numbers whilst suffering crappier build quality, worse handling and you'll be paying more for the privllage.

A very satisfied BMW 435D owner. (That's the bi-turbo, 6-cylinder, 4WD, diesel coupe)

Morrisons tells top court it's not liable for staffer who nicked payroll data of 100,000 employees

The Original Steve

Re: Depends if decent efforts at data security made by Morrisons

No ability to launch any executable other than the application required (SAP or similar) on a device without Internet access and someone from IT babysitting you whilst you are on the device.

Your move.

The Original Steve

Real life example

My current client is a mid sized pension provider. Whilst lots of staff have access to single records (vetted staff, audit trails, no way to export), the auditors do - apparently - need unfettered access to all the records.

As such, there's a locked down endpoint (kiosk mode, whitelist for executables and no browser, all external ports disabled), chained to a desk in a dedicated meeting room. Screen recording is enabled and for good measure theres always at least one clued up employee sitting and watching too.

It's not bulletproof, but given the sensitivity of the data and the level of access I feel it's entirely reasonable and proportionate.

Funnily enough, the auditor was very unhappy with this arrangement and complained to the FD. When the FD came to 'discuss' it with me I already had a letter printed out referencing this case, and that I'd be delighted to water it down if she signs the letter that clearly shows she has signed off on going against the security consultants advice and on behalf of the company the IT function and myself would not be held liable should something happen.

Auditor still hates me, pension info remains locked down and the world still spins.

All we need is just a little patients: Google's Alphabet hires new chief health officer

The Original Steve
Coat

Streams?

."...mobile app Streams for diagnosing acute kidney injury... "

Are they taking the piss?

Good guy, Microsoft: Multi-factor auth outage gives cloudy Office, Azure users a surprise three-day weekend

The Original Steve

Re: It slows down considerably once you get to multi GB mail storage

Not disagreeing with your headline point about TB being less susceptible to corruption than Outlook.

But...

1. PST files are a PERSONAL export of mailbox content. Outlook uses an OST file as an offline cache, but it doesn't use PST files for anything unless you export content from your mailbox to a PST you create. PST's are really only a thing for end users to do their own, manual archiving and is not recommended in enterprise scenarios.

2. Exchange uses a relational DB for its mailbox store. A cut of what was the JET database. Last 4 or so releases of Exchange have been very reliable in terms of mail store.

3. As PST's aren't used, corruption claims don't apply. Should your OST become corrupt, simply delete it. Only your offline cache, it'll get automatically rebuilt.

4. Both Exchange on premise and Exchange Online have an archive feature, which essentially adds another mailbox for each user for archive purposes. Users can simply drag and drop content from primary to archive, or admins can create rules.

YMMV, and I wish you luck with TB, but personally I'd take Outlook as a heavy duty mail client in an enterprise over TV any day of the week.

Ye olde Blue Screen of Death is back – this time, a bad Symantec update is to blame

The Original Steve

Re: Any decent AV?

I replaced Kaspersky with Webroot across 70 clients, 4000 odd endpoints and everyone loved it.

Saying that, if you're on Windows 10 and not an MSP, I find Windows Defender managed with InTune to be excellent.

Nutanix lures cloudy bingers with Danish trilogy: HPE GreenLake deal, ServiceNow tie-up and ProLiant DX pact

The Original Steve

Re: No thanks

Putting to one side questioning my storage knowledge simply because I advocate using native OS for storage subsystems rather than expensive appliances, I take issue with the general point you raise.

Whilst you are right that SMB support on non-Windows devices is still (amazingly) bloody awful, if you don't mind me saying so it sounds as if you misunderstand Storage Spaces Direct (S2D). S2D is the storage subsystem, not the presentation layer. You can of course deploy scale out file servers that sit on top of your S2D to present SMB, but in this context and in the majority of deployments you use S2D as the storage subsystem for your VM's to reside on, not for the OS/apps inside of a Linux VM to connect to.

Therefore you can quite easily and happily use what MS now call "Azure Stack HCI" (S2D + Hyper-V) and run Linux VM's on top, with the VHDX files living on a ReFS S2D volume. Linux VM's wouldn't even need to have SAMBA installed.

I'd much, much rather use SMB 3.02 over iSCSI as it's demonstrably better performing, easier to setup and administer and better resilience. Feel free to search for references, but if you're stuck I'll point you in the right direction.

The only time your concern would be valid in my view is if you are running a heterogeneous environment where your hypervisor is Linux based and you were running S2D as your backend storage subsystem for your VM's, which would be nuts. Might as well use the equivalent of S2D on your Linux distro of choice, either converged or hyperconverged.

Of course let's not forget that you could use the above model (S2D storage and KVM / Xen for the hypervisor), and simply present the S2D storage via NFS which Windows Server fully supports. That might be a goer if you have separate storage and compute teams, but generally speaking if I'm using Windows or Linux for the hypervisor for ease of use I'd likely use the same OS type for the storage layer too.

The Original Steve

No thanks

Far, far cheaper to buy some DL380's or similar and slap on either Windows or Linux to get software defined storage from the OS.

Only familiar with MS Storage Spaces Direct which comes with the OS, has all the features of Nutanix et all but costs nothing extra. All generic x86 tin.

Know Linux can do the same too if you prefer that. Save yourself a packet and roll your own.

Creators Update meets its maker: It's 1903 or bust for those clinging to Windows 10 1703

The Original Steve

I despise the overly complex way MS are handling Windows and the updates.

But my (possibly incorrect) understanding is that Windows is similar to Ubuntu as you describe. LTSC every 5 years (I think, maybe 3), for servers or you could go with the 6 monthly releases for the latest features. Regardless of which one, there's monthly security patches too.

LTSC is also available for the client too, although I know MS highly discourage use of it for normal desktop usage. (In the past at least Office literally wouldn't install if you were using LTSC on Windows 10 which is fucking mental, but since when were MS sensible in that regard?!)

Oracle demands $12K from network biz that doesn't use its software

The Original Steve
Coat

Re: Glad Oracle did this..

Can't believe I'm saying this, but if you're after bare metal then hyper-v is both free and actually rather good including running Linux VM's.

If your desktop is Windows (which I doubt) then it's also a free option to enable.

Got a couple of devs I know who have just moved to hyper-v and WSL and they seem to like it

How long is a lifetime? If you’re Comcast, it’s until a rival quits a city: ISP 'broke' price promise

The Original Steve

Re: Lifetime warranty

Been a big fan of ProCurve switching for years and years. Must have deployed a few hundred of them across multiple clients.

I've found them to be very reliable, but I've called on their Lifetime warranty twice and both times had the same experience as you. Free, fast and hassle free.

Shame pretty much everything else HP/HPE is utter dog shite.

Hey, it's 2019. Quit making battery-draining webpages – say makers of webpage-displaying battery-powered kit

The Original Steve

Actually found Edge (ducks for cover) to be very battery friendly and it allows for ad blockers. Can't remember what one I've used but can't recall the last time I saw an ad on my droid (in the browser at least).

Genuinely worth a go.

British Prime Minister Boris Johnson moves to shut Parliament

The Original Steve

So the majority of MP's voted for the referendum, then when the majority of the electorate that voted opted to leave the EU, a majority of MP's then voted for the EU withdrawal act which sets the exit day (which was amended to 31st Oct). A majority voted against Mrs. May's Withdrawal "Deal" / Treaty three times and the speaker said it can't be voted on again without there being something different.

Because the UK and the EU can't agree a deal, the only outcome is a no deal unless something gives, surely?

Whilst I'm not in favor of no deal as a preferred outcome, leaving should be implemented (as the electorate was told in writing from HMG at the time that it would).

The above seems very logical to me, even if not having a trade agreement in place is far from ideal, it appears to be where we are.

So unless we get some wiggle-room from the EU on the backstop (although I'd love to see a hell of a lot more changed in the rejected withdrawal deal), I'm not entirely sure what else can be done other than to try to make the most of leaving without a deal. If we refuse to leave without a deal, then we can't leave if Parliament refuses to accept what the EU and the UK Government have negotiated.

There's a lot of passion on both sides of the debate, but I'm most angry with the politicians. If you vote on legislation that sets an exit date and then reject the deal negotiated then no deal is the outcome. MP's outraged by no deal that voted against the deal and voted for the referendum and the EU Withdrawal Act have failed to do their jobs, as scrutiny of bills is literally a massive part of their job.

What a fucking mess!

Microsoft Chrom... Edge hits beta as new browser prepped for biz testing

The Original Steve

Rather like it

Not a fan of Google's slurp, and sadly FF hasn't performed adequately for me for years now.

Been using the Dev channel of Edge for the last few months and I'm genuinely impressed. Flawless compatibility (as you'd expect) and essentially has most of the benefits of Chrome whilst also having the benefits of Edge. (Yes there are some. Netflix 4K steaming, integration with MS services etc.).

Recommend people give it a play. You maybe pleasantly surprised.

How four rotten packets broke CenturyLink's network for 37 hours, knackering 911 calls, VoIP, broadband

The Original Steve

How to fix?

I'm what my MD has called an "expert generalist" in that I've spent the best part of 2 decades doing ethernet networking, storage (FC and iSCSI SAN's) and compute (VMWare and Hyper-V) as well as applications (SfB, Exchange, SharePoint etc.)

Whilst I'm familar with network loops and can have sufficient networking knowledge around TCP/IP for things like QoS/DSCP, STP, VSRP etc, I'm curious as to what the engineers in this case needed to do once they "fixed" the offending kit that sent out the bad packets. Article says that the packets already generated were still bouncing around and continuing to broadcast around the nodes and it took them a further 3 hours to get onto these nodes to remove the bad packets already generated.

My question is how..? A case of just rebooting the kit as the packets and sessions shouldn't be persistent? Or is there some dark art I'm unfamilar with where you can go onto a node (I'm reading a node as a switch / router. Afraid fiber isn't one of my skills) and almost select packets based on a filter and then remove them?

Just curious.

Web body mulls halving HTTPS cert lifetimes. That screaming in the distance is HTTPS cert sellers fearing orgs will bail for Let's Encrypt

The Original Steve

Re: Follow the money

Whilst these tools are good for the most common use case scenarios, there's often very many other scenarios that aren't covered. And if I need to remember to do my Exchange, Skype for Business, IIS servers with multiple and complex cert bindings and other servers, the piss easy vanilla IIS boxes are hardly any bother to add to the list.

Tools to renew certs are all well and good, but generally they only renew the cert in the OS cert store and maybe IIS binding too. They are the vanilla and super easy ones.

Not forgetting certs that aren't issued by public CA's and devices that don't use Linux and Windows such as iLO/iDRAC, routers/firewalls etc.

When I was the Infrastructure Architect at a MSP a year or so back where everything was Windows based for our clients (at least that was critical in terms of certs) I ensured that we raised an automated alert when a cert on a box has less than 2 weeks left before it expires.

Helped prevent certs expiring and also caught the lazy engineers who never deleted the expired one post-renewal too.

Incognito mode won't stop smut sites sharing your pervy preferences with Facebook, Google and, er, Oracle

The Original Steve

Re: Paranoid much

Say that to the Ashleigh Maddison users

Oh good. This'll go well. Amazon's Alexa will offer NHS advice

The Original Steve

I actually didn't think this was really a big issue at all, if all it's doing is allowing Alex to relay stuff from the public NHS website. No more worrying than your ISP/browser/Gov from knowing/recording you've accessed the NHS website.

But the point about a teenage girl using it about a sexual related query and that query being stored on the account is a good example of the worry. Likewise Amazon collating the queries and using that to build profiles etc. Very troubling indeed.

Page: