* Posts by Glen Turner 666

229 posts • joined 3 Jul 2009

Page:

Microsoft doc formats are the bane of office suites on Linux, SoftMaker's Office 2021 beta may have a solution

Glen Turner 666

Re: Zotero

Zotero and EndNote are the two most popular citation managers, so to have Zotero described in this review as "...integration with an open-source citation management system called Zotero" did make me wonder how little academic writing the review's author has done.

If you do academic writing then you need a citation manager before you even begin to read -- then you can let the citation manager record all your sources as you go. Zotero works better than EndNote for modern multi-device users and I'd strongly recommend Zotero over EndNote for PhD candidates (who aren't just writing one essay, but a multi-year series of documents). In response, EndNote offer $0 licenses to current students, but this has the effect of making your years of curated citations inaccessible when you leave the university sector (again, more of a concern for higher-degree students rather than undergrads pumping out disconnected essays they'll never revisit).

LibreOffice 6.4 nearly done as open-source office software project prepares for 10th anniversary

Glen Turner 666

LibreOffice made corporate use of Linux possible

Thanks mostly to LibreOffice, but also to the Evolution email and calendar client, it is possible to use Linux as a client operating system within a large organisation. I think that's a win the article could have mentioned.

The other notable achievement of LibreOffice is it's dedication to reading a wide variety of superseded file formats.

But I'll agree with the article that the main effect has been to keep Microsoft honest with Office pricing and features (such as an easy PDF export).

Running on Intel? If you want security, disable hyper-threading, says Linux kernel maintainer

Glen Turner 666

Re: Surely...

If an attacker wants to defeat the Spectre mitigations then all they need to do is run a tight loop in their code and the mitigations will switch themselves off?

GitHub upgrades two-factor authentication with WebAuthn support

Glen Turner 666

Re: Git servers don't support 2FA on updates from Git clients

The point of WebAuthn is to replace typing that password with a button press, verifiable end-to-end, with no opportunities for keylogging or other MITM. So you'd end up with a better user experience with WebAuthn as well as it being more secure aginst the common issues.

The point of signing commits is a little more subtle. That protects your code from unauthorised modification to the repository and means that you can verify the commits as unchanged, so if GitHub is hacked you can check that your code has no unauthorised changes -- no need to rely upon other parties, such as assurances from GitHub. If all the developers use hardware devices for the GPG-signing (which is a pain to set up but just a keypress to use) then that's pretty unhackable -- essentially there's a unalterable path of trust from that keypress to code later cloned from the GitHub repo.

Typing a password a lot isn't great security -- it multiplies the opportunities for keyloggers, it puts false positives in the logs when people mistype them, effective passwords (>10 random characters) are simply too hard. You'd get more security using a password database which is then secured using a cyrptographic device.

There has been two real advances in security in the past decade: cheap authentication keys (of which Yubikey is the best known) and replacement of firewalls and VPNs with end-to-end encrypted and authenticated sessions (eg, Google BeyondCorp).

Glen Turner 666

Git servers don't support 2FA on updates from Git clients

GitHub's 2FA works on the web interface only (the same is true for GitLab). Once U2F or WebAuthn 2FA is enabled you need to generate a SSH key or a HTTPS token (aka password) to push a commit from a laptop's command line. These methods do not request 2FA. So the use of a keylogger or theft of a developer's laptop still exposes the repository to unauthorised modification.

The GIt command line client could be updated to support U2F or WebAuthn upon a "git push" but this has not happened yet.

Lacking that support at the moment your choice is to secure a GitHub SSH keypair or a HTTPS token using an proprietary authentication key (eg, Yubikey). This is usually a multistep process -- use the hardware key to secure a password database, then that database releases the access token after validation of the hardware key.

You can also securely sign commits by using a proprietary authentication key which implements GPG-signing and set the repository to require GPG-signed commits.

Unfortunately neither SSH, HTTPS or GPG expose the security of the key storage. So the Git server can't tell if the key exchange with with a secured keystore or with something as terrible as a passwordless SSH or GPG keystore. This is the problem U2F and WebAuthn exist to solve.

Pentagon makes case for Return of the JEDI: There's only one cloud biz that can do the job and it starts with an A (or rhymes with loft)

Glen Turner 666

Re: The arguments are solid

You forgot this option: Oracle don't need to win.

JEDI is around $10B of business. Let's say Oracle use $10m on a lobbying effort, and because of the fuss they kick up win 10% of that business. That's a massive ROI and Oracle will cry about losing all the way to the bank.

Google to bury indicator for Extended Validation certs in Chrome because users barely took notice

Glen Turner 666

Re: Security is hard

It *is* a matter of design, and designs around the address bar are poor but cheap. The screamingly obvious design is to prevent people entering credit card details onto a non-EV page.

Bill G on Microsoft's biggest blunder... Was it Bing, Internet Explorer, Vista, the antitrust row?

Glen Turner 666

Re: So which company do you think DID see the future often?

I'd suggest that you are overlooking Apple. It had a pretty remarkable run at computers: Apple II, Macintosh, the aluminium iBook laptops (compare with the competition from Toshiba -- one is a "modern laptop" the other isn't), the iMac. All iconic.

Then there's the non-computer products. The Newton, which although failed said "this is what the future of handheld computing will look like". The iPod, which had a revolutionary user interface and content licensing which meant you didn't need to visit the dodgier side of the Internet. The iPad, which said "this is how slabs work" and has an ease of use the competition still can't touch. Then there's the iPhone -- remember that before the iPhone that Microsoft had spent years as the best smartphone, but was irretrievably blown off that perch by the third iteration of Apple's phone. Along the way were good products in markets Apple have since left: printers and cameras.

NeXT, whilst not a Apple product, was a Steve Jobs product. Designed by ex-Apple engineers.

And isn't that the real concern about the future of Apple after the death of Steve Jobs -- that without his vision and drive that Apple won't see the future and won't be able to bring its considerable design skills to the product?

Dev darling Docker embraces Windows Subsystem for Linux 2

Glen Turner 666

Re: What are the benefits?

It depends upon your organisation. If you're tracking the development in MS Project, using Visio for diagrams, Sharepoint and MS Word for documents, then it makes as much sense to use Windows for Linux development as it does to use Linux for WIndows-oriented corporate applications.

On the other side, Red Hat have done surprisingly well at making CentOS or Fedora into a good corporate desktop: it can authenticate via AD, do email and calendar with Exchange. So your point remains a good one.

You've also got to consider the Microsoft side of things. Companies have some pride, and not being able to effectively program their own Azure product from their own Windows operating systems clients must have stung.

UK comms watchdog mulls 5G tweaks: Operators want moooooar power

Glen Turner 666

Re: Now We Will Need Tin Hats

Are you sure? The document talks of the "terminal power limit" going to 28dBm. "Terminal" being handset.

I read the proposal as widening the spectrum allocation to match that of EU so that the beamforming (ie, active) antennas designed for EU use can be used in the UK.

Table 2 in the proposal gives the base station powers: +65dBm/5Mhz (3150W) EIRP for passive antennas, +44dBm/5MHz (25W) TRP for active antennas (in an active system think of TRP as if each client has their own 25W transmitter on the base station). Note that these aggregate to considerable powers for base stations covering entire 20-80MHz allocations, you could expect the aggregated amplifier output for a basestation high above terrain (ie, no limits to output power, all quadrants active, entire band lit, lots of users) to exceed 10KW.

In any case, the inverse square law means that basestation powers don't matter.

The increase in terminal power is more of a worry but there we've got to go with the longitudinal medical research which doesn't show any effects from extended handset talk use. Fortunately the amount of time smartphone handsets are held to the head is decreasing, so average risk is falling in any case.

Astronomer slams sexists trying to tear down black hole researcher's rep

Glen Turner 666

Boyer explains Dr Bouman's role

There's an excellent essay on Facebook by Misty S. Boyer explaining Dr Bouman's role in the project, with copious references. You'll need to go and find it as I can't paste it here as the text is too large for a Reg comment.

https://www.facebook.com/paganmist/posts/10156249525816313

Glen Turner 666

Bryan Cantrill tweets

There was an excellent response by Bryan Cantrill on Twitter:

"This photo of Dr. Katie Bouman seeing the first image of a black hole upon reconstruction is perhaps the most evocative photo of intellectual breakthrough that I have seen -- of anyone, ever. It captures the moment of breakthrough just perfectly: the delighted grin; the eyes that show equal part elation and relief; the clasped hands that still reflect the intense anxiety of just seconds prior. It is a look that says, in short: "IT WORKED!" Anyone who has had such a moment in their life -- of prolonged intellectual struggle followed by breakthrough -- recognizes something of themselves in this picture of Dr. Bouman. That is why this photo resonates; not just because of Dr. Bouman's team's work (though that is obviously incredible!) but because her moment of joy inspires us -- all of us -- to strive for our own breakthroughs. There are regrettably some -- few, but noisy -- who have tried to discredit or minimize Dr. Bouman's role, largely because they have misunderstood what makes it so compelling. My observation would be that anyone minimizing Dr. Bouman upon seeing this photo must not have had that feeling themselves; for these embittered few, the feeling of breakthrough must be as foreign as the specifics of interferometry used to achieve it. Let us choose to collectively ignore these detractors -- and choose instead to be inspired by not just the achievement of Dr. Bouman's team, but by the incomparable elation of breakthrough, as epitomized by Dr. Bouman herself."

Be wary, traveller: There is no going back if you step over the Windows 10 20H1 threshold

Glen Turner 666

Re: Be wary? Don't do it then.

Windows Insider Fast Track is essentially Microsoft's equivalent to Fedora Rawhide. There's a surprising number of generous people willing to run these slicing-edge operating systems. Neither should be run on a machine used for Real Work. The advantage of the Linux alternative is that those people can grow their skills into fixing the issue, rather than merely reporting it.

Ignore the noise about a scary hidden backdoor in Intel processors: It's a fascinating debug port

Glen Turner 666

It *is* a fascinating debug feature. But as the slidepack points out, there's the ability to use it for havoc by using the debugging facilities. For example, burning a fuse to activate a debugging feature of the random number generator, in which the RNG always returns the same number. Being a fuse, that change will survive a reboot.

Buffer overflow flaw in British Airways in-flight entertainment systems will affect other airlines, but why try it in the air?

Glen Turner 666

Not the flight systems, the entertainment system, but still...

Its not a safety of flight issue, but he'd dropped the entertainment system at the beginning of that transatlantic flight people would be rightly upset about the selfishness of entertaining himself at the cost of everyone else's boredom.

Adi Shamir visa snub: US govt slammed after the S in RSA blocked from his own RSA conf

Glen Turner 666

Re: More privacy 200 years ago

If you give the clock another twist, say 430 years ago, then that places you into the reign of Elizabeth I. Where the state took a great deal of interest in what we would regard as private affairs, such as your relationship with your chosen god. The reason for the state's invasion of your privacy? Terrorism.

Cut open a tauntaun, this JEDI is frozen! US court halts lawsuit over biggest military cloud deal since the Death Star

Glen Turner 666

About Oracle's entire future, not just Oracle Cloud v AWS

Well obviously Oracle is upset, because their future is on the line.

Oracle make an expensive on-premises database. AWS make an off-premises compute cluster, which also includes a database API. So the US Department of Defence moving to AWS and re-writing their code to use AWS's API rather than Oracle's API means that the use of Oracle's database ends, which means that the annual licensing fee paid to Oracle also ends.

The threat from DoD's AWS strategy is not limited to DoD. They are a huge employer of contracted IT staff, and many of those contractors will carry their heretical notions into other government departments.

Oracle's complaint that there should have been multiple vendors falls a little flat. It's not the job of DoD to keep Oracle afloat, but to seek to maximise DoD's own efficiency. Which using just one cloud API does. But of course Oracle is going to try it on, after all if they win even 10% of the DoD's business that's still a billion bucks.

It's also interesting to reflect how Amazon owning AWS has allowed AWS to thrive. Oracle's usual strategy would have been to purchase this upstart system, much as they did with MySQL. But Amazon's systems are completely reliant upon AWS, so Amazon can't sell AWS without risking the availability of Amazon.Com's $0.5m per minute.

Use an 8-char Windows NTLM password? Don't. Every single one can be cracked in under 2.5hrs

Glen Turner 666

Re: Plenty of financial institutions need to buck up.

The XKCD algorithm seems suspect to me. Its basic assumption is that people can make a random choice of common words -- without reference to a dictionary and without using any random number generation.

I just asked 15 coworkers to give me three random words -- there were 7 words appearing twice and two words appearing four times. This sample suggests that the size of the in-practice word pool may be small.

Given the skew in lotto number selections, we know that humans can't make random choices from a pool of ~50 selections even when it is in their financial interest to do so.

Given the apparently small size of the pool and human's poor ability to choose randomly, I suspect the in-practice XKCD-algorithm key size may be substantially less than that suggested by the author's back of the envelope calculation. I'd want to see a controlled study before recommending its use.

Glen Turner 666

Re: The only way is OATH

OATH is fine as a second factor but it lacks enough security to stand on its own. It's easily for TOTP to fall to a machine-in-the-middle attack. HOTP looks fine theoretically, but the re-keying after failure is deeply problematic.

Having written this, OATH TOTP is far better than nothing, SMS codes, or an 2FA app. There's some fine clients, not just Google Authenticator. For example, andOTP has no Google-derived code but was written from the specification.

I'd recommend that people look into a secure hardware token. One which does FIDO/U2F for second-factor authentication, FIDO2/Webauthn for account authentication, and does HMAC-SHA1 Challenge Response for securing password databases. Yubikey are the dominant company in this space, but there's a handful of alternatives.

The hardware token provides key material for the password database. Maybe mix that key material with a trivial password so that a lost key can't be used immediately. The result is strong: the token challenge-response and password generate the key material needed to decrypt the password database, and the password database contains maximal-length, actually-random passwords for the websites which need passwords. KeePassXC provides a good implementation, but there are plenty of alternatives.

When configuring websites for FIDO/U2F second-factor authentication be careful to disable weaker 2FA alternatives which the website may also offer, such as SMS codes.

Finally, note that OATH's MITM shortcoming when compared with hardware tokens isn't always a weakness. I use OATH for some accounts as I may need to share the account (eg, some vendor websites only allow one account per client company) or where I may need to read the code over the phone for someone else to log into the account. For those accounts OATH provides better protection than a password alone.

'This collaboration is absolutely critical going forward'... One positive thing about Meltdown CPU hole? At least it put aside tech rivalries...

Glen Turner 666

Re: Why don't people patch?

Your post also misleads. Loading the "spectre" firmware supplied by Intel caused some models of CPU to fail. Therefore, operating systems like Linux could not automatically apply the firmware and it was left to machine owners to do so manually via their machine vendor providing updated BIOS firmaware. See https://www.theregister.co.uk/2018/01/18/red_hat_spectre_firmware_update_woes/

Can't unlock an Android phone? No problem, just take a Skype call: App allows passcode bypass

Glen Turner 666

The only video conferencing which doesn't suck is Zoom. To cut a long story short, it's the product Cisco's WebEx team wanted to build whilst they were at Cisco.

Funnily enough, China fuming, senator cheering after Huawei CFO cuffed by Canadian cops at Uncle Sam's request

Glen Turner 666

China doeth protet too much

Let's not forget that China has history of doing the same. Australian mining executive Stern Hu was jailed by the Chinese for eight years after China wasn't getting its way during iron ore price negotiations and Rio's refusal to admit Chinese company Chinalco into one of its projects.

Pencil manufacturers rejoice: Oz government doesn't like e-voting

Glen Turner 666

Pencils don't leak when stored

We use a pencil because they are easier than pens to store for the long period between elections. If that worries you, well you are permitted to use your own writing device to mark the ballot.

Voter ID will almost certainly disenfranchise everyone living in remote areas. Very few people have their issued documents (birth certificates and so on) and getting replacements when the mail takes three weeks and is based on addresses rather than names isn't straightforward.

A lot of the posts here have poor familiarity with Australia's polling process. The idea that you'd be able to open a ballot box and fiddle with the contents is a little unrealistic. So pencil marks are fine. It's well worth volunteering to be a scruitineer at least once in your life. It is eye opening to see the degree to which Australian elections are secure.

There's little fraud. Partly because the compulsory voting means that the real voter will also present themselves, leading to fraud being quickly discovered. Australian's aren't upset by being forced to appear on a Saturday to vote. They are upset when being forced to appear on a Saturday to vote and then being told they voted twice. That's the sort of anger which leads people to give their full cooperation to the Federal Police, and then not letting the Police slack off.

The undermining of out voting process is really happening through the postal voting system. For example, by political parties putting themselves forward as the agency to approach to obtain the postal voting papers through. The wide range of reasons for postal voting is also too broad: eg, employers should be forced to release people for voting, rather than those staff seeking a postal vote. Postal voting means that incidents close to the election date have less influence then they ought to. You'll remember it was only days before the first ACT election that it started to be known that the leading party was a pack of new right loons. The recent by-election in Wentworth would have been much less close if there were less postal voting, as noted by former PM Turnbull.

Official: IBM to gobble Red Hat for $34bn – yes, the enterprise Linux biz

Glen Turner 666

Re: Patents

IBM already had access to Red Hat's patents, including for patent defence purposes. Look up "open innovation network".

This acquisition is about: (1) IBM needing growth, or at least a plausible scenario for growth. (2) Red Hat wanting an easy expansion of its sales channels, again for growth. (3) Red Hat stockholders being given an offer they can't refuse.

This acquisition is not about: cultural change at IBM. Which is why the acquisition will 'fail'. The bottom line is that engineering matters at the moment (see: Google, Amazon), and IBM sacked their engineering culture across the past two decades. To be successful IBM need to get that culture back, and acquiring Red Hat gives IBM the opportunity to create a product-building, client-service culture within IBM. Except that IBM aren't taking the opportunity, so there's a large risk the reverse will happen -- the acquisition will destroy Red Hat's engineering- and service-oriented culture.

Your RSS is grass: Mozilla euthanizes feed reader, Atom code in Firefox browser, claims it's old and unloved

Glen Turner 666

RSS also useful for enterprises

An interesting choice because RSS is very useful for enterprise applications. It's the easiest way to get "dashboard summaries" into people's browsers (for things like Top Ten open issues, or unread phone messages). So by removing these features Mozilla is pushing their users towards IM clients like Slack.

Linux 4.19 lets you declare your trust in AMD, IBM and Intel

Glen Turner 666

Why CPU rng

A few reasons:

1) The CPU's random number generator can be random, based upon provably random phenomena rather than a pseudo-random number based upon mathematical manipulation.

2) There are some sources of actually-random data in a computer, although they are usually not the same strength as "provably random". An example is the jitter from disk drive events. But these sources are rapidly disappearing as physical devices towards silicon. This is the operational problem with not enough 'entropy' (aka real randomness) being available as a machine starts.

3) It's "too easy" for these actually-random sources of data in a computer to be influenced from outside the computer. Since they are not built as cryptographic devices. Whereas the random instructions within the CPU can include tamper detectors (such as for high EM fields).

4) Timing and other covert channel attacks are simpler against software than against hardware. Those attacks are also simpler against hardware not intended to be cryptographic devices than against hardware designed with covert channels in mind. It is easier in hardware to build a black box where all instances of the instruction take the same time to complete, use the same power, and so on. (As an aside the current issue with CPUs is that the care of design needed to defeat covert channels done for the RDRAND instruction needs to be repeated throughout the CPU design for other instructions.)

These reasons explain the last line of Ted's LKML e-mail: "Note: I trust [Intel's hardware instruction] RDRAND more than I do Jitter Entropy [from the computer's hardware devices]".

Nunes FBI memo: Yep, it's every bit as terrible as you imagined

Glen Turner 666

Steele memo not only source of Russian influence

Note that the Steele Report isn't the sole source. From July 2016 Australia's intelligence agencies were warning the US's FBI of Russian attempts at subversion of their Presidential election. The initial Australian intelligence was gained from old-fashioned "drink the source under the table" espionage.

Obviously this second source doesn't fit into the argument the Nunes Memo is promoting, since it makes the Steele Report irrelevant -- the FBI was going to investigate whatever the provenance of Steele's work.

SHL just got real-mode: US lawmakers demand answers on Meltdown, Spectre handling from Intel, Microsoft and pals

Glen Turner 666

Is that a log in your eye I see before me?

No one wants to deal with the government agency empowered and best placed to deal with high impact cybersecurity issues -- the NSA. Until the US Government fixes this, criticising non-government entities is pointless.

Australia's future technology headlines … for 2019!

Glen Turner 666

Another set of predictions

The development we didn't predict. The reputation of Silicon Valley -- and IT startups in general -- was trashed by their insularity, their poor behaviour towards women, their dismissive attitude towards social responsibility in general, and towards paying taxes in particular.

How my prediction went. Poorly, WPIT didn't make the mainstream press as a potential sinkhole of taxpayer funds and a risk to the nation's economy which needs to be managed beyond the usual levels of IT project executive oversight.

2018 prediction: optical networking prices will continue to plummet, and many corporate networks will insert a WDM fabric under their ethernet transmission. The NBN's powered boxes by the side of the road will look archaic within half a decade. A newer design would use small, cheap, unpowered in-pit WDM muxes. Yes that needs fibre-to-the-premises, but fibre is now cheaper than copper for all but trivial cables.

Related: networking gear from China will become so cheap that bespoke-made items will make sense for large networks.

The Quantum of Firefox: Why is this one unlike any other Firefox?

Glen Turner 666

Fast down the straights but steering not precise

Yes, it's faster. But it's also buggy. Been using it for a day and issues with: Reddit posting, Facebook layout, New York times scrolling. These are not obscure websites or activities. So perhaps wait a while.

Linux kernel hardeners Grsecurity sue open source's Bruce Perens

Glen Turner 666

"If the burden of argument in the US is the same as English law than it would be balance of probabilities". That applies to issues of fact, but the meaning of that clause of the GPLv2 is an issue of law. So the court will determine that matter of law, and if Perens is correct in his assessment of the license then he has a defence of truth for the claim of defamation.

Back to ASICs: Mellanox pumps up Ethernet speed to 400Gbps

Glen Turner 666

Single-flow speed of nBase-xx4 links (was: SFPs + Fiber = cost more than switch?)

"So, that means that the highest possible speed for a single connection is 100Gb?"

No, you get 400Gbps. The nBase-xx4 interfaces run four "lanes" of ethernet symbols. The symbols are round-robined between the four lanes. An ethernet symbol is 64 bits logical, 66 bits on the wire (to allow for clock recovery).

If you are thinking that this means the media carrying the four lanes needs to have exactly the same latency then you would be correct. This is conveniently enforced using fibre assemblies and connectors with multiple fibres.

Oz government wants its own definition of what 'backdoor' means

Glen Turner 666

Warrant for access to a safe?

You can't get a warrant to access a safe from a safe manufacturer. There is no backdoor. They'll just tell you to buy a drill and brute-force it.

You can place a warrant against the safe's end-user. But that's exactly what the feds are trying to avoid here. Because this isn't about access to gain evidence, it's about access to do surveillance. That's why the Five Eyes forum was seen as appropriate by the Australian government, and downright Orwellian to the rest of us.

Well, that escalated quickly: Qualcomm demands iPhone, iPad sales ban in America

Glen Turner 666

Re: I don't get it...

"Intel are claimed to be using protected IP in their product, but Apple are being taken to court?"

Yep. You are thinking along the right track. If you buy a chip from I, and they've used Q's invention without a patent license, then I is the only party from which Q can gain satisfaction. You, as the purchaser of I's phyical product, have no liability (which isn't as great as it sounds, as the settlement between I and Q might well remove from the market the product you purchased, thus lowering its usefulness).

But to this we add the ITC. They can prevent import of a product into the USA based upon a claim of patent infringement. Now toss in some sharp business practice by Q: they ask you for a patent license. Now you can respond "no", upon which Q says "it would be a shame if we made an allegation of patent infringement to the ITC". Now you could choose to fight this out, and win. But a win is not useful if you have been forbidden from selling your widgets for the years the court system can take. So you pay Q.

Moreover Apple are complaining that Qualcomm aren't just seeking at patent license based on the price of the radio chip (bugger all) but based on the price of the iPhone. That is, the patent license fee covers the inventions of others too. That's cuteness by Apple -- you can base a patent license fee on the phase of the moon -- but all the same it is an appealing argument.

Crashed RadioShack flogs off its IPv4 stash

Glen Turner 666

Externalities

So what's the cost to people running internet routers? We've taken a handful of route table entries and auctioning them by /24 increases the number of route table entries a hundred-fold. I think we should probably put a stop to this behaviour before it becomes endemic and filter out the more specifics of auctioned addresses.

No middle ground, no compromise: VMware blocks Cisco's SDN play

Glen Turner 666

SDN future is driven from cloud providers, not supplier strategies

"The problem is that large customers rely almost exclusively on Cisco and VMware, and they aren't interested in the open-source switches and open-source hypervisors with open-source management software that's needed to make hybrid SDN actually workable today."

This paragraph summarises my issue with the article. It's writes as if the enterprise vendors are the major source of influence over SDN. Whereas SDN is being driven by the cloud vendors, all of whom build their own switches, all of whom run their own software on those switches. It's likely that the future of SDN in the enterprise will be a byproduct of the main game at those cloud vendors; rather than anything in the strategic plans of VMware or Cisco.

In my view it's very likely that one of the cloud vendor SDN technologies will become so widely known that enterprises persisting with traditional enterprise networking and VxLAN will find themselves in an expensive niche.

Green software blacked out Australian State

Glen Turner 666

I'd be a little bit cautious to ascribing an outage to the last thing to fail in a chain of failures. Especially in a report written by one of the players. It soft-soaps AEMO running its own weather models, and thus missing the warnings from BoM. The result was that the SA grid hadn't been prepared for a major weather event. Also there's a number of forward-looking statements in the report about future grid design, but the question why AEMO management failed to address these design issues prior to the SA outage isn't discussed.

There's plenty of blame for all involved. Even for SA residents and their installation of air conditioning rather than purchasing efficient homes in the first place. Demand management is one area which the SA government hasn't sought change, despite it being one of the cheapest ways to lower electricity prices.

Confirmed: TSA bans gear bigger than phones from airplane cabins

Glen Turner 666

Let's see what other countries do

I suppose the test will be what the UK and France do, as they have access to substantially the same facts.

Banning large batteries from the cabin isn't the worst idea. It's basically a decision that they'd like to deal with explosions of 150g to 1000g of explosive in the hold rather than in the cabin. The list of airports seems approximately where a substitution of battery for explosive could be expected which also have flights to the USA.

I also wonder if the agencies are concerned about an explosive laptop being used as a tool in a larger scheme, such as breaching the flight deck door.

As South Australia blacked out, PM's office was told renewable power was not to blame

Glen Turner 666

Weather in South Australia

Folks, it hardly matters what the energy mix was. Let's have a thought experiment where we return to operation the coal-burning power stations at Port Augusta and Leigh Creek. The six tornadoes would have still cut the large powerlines between Adelaide and those generators.

The essential failure was the lack of awareness of South Australian weather at NEMCO. That lead to poor decisions, such as not bringing online all the gas generation actually located in Adelaide. We even had this misunderstanding from the Deputy Prime Minister, who said that this wasn't a severe weather event on par with a cyclone, which is to misunderstand the destruction a tornado can cause, although in a smaller area than a cyclone.

The shutdown of wind power due to electrical distribution system instability was very unfortunate. But again, that software behaviour was squarely NEMCO's job to know. And they didn't. At least being software this issue is cheap to fix. Not that there was enough wind power for the state in any case, since those tornado-affected distribution lines were carrying power from many of those windmills too.

The discussion about nuclear reactors is even more laughable. Less than a year ago South Australia had a Royal Commission into the nuclear fuel cycle -- including nuclear power -- which reported that all forms of nuclear power are uneconomic for this state.

What is really interesting is the very different read of this issue within South Australia -- people who actually experienced the edge of the weather event -- and elsewhere.

BOFH: Elf of Safety? Orc of Admin. Pleased to meet you

Glen Turner 666

Re: Reminds me

I have a plane pilot's headset with bluetooth and it's excellent. Keeps the noise out and you can use the phone whilst in the datacentre. They come up on the auction sites every now and again at a reasonable price. Recommended.

Australia to review effectiveness of ISPs' copyright-defending website blocks

Glen Turner 666

"Effectiveness" is code

Note that the spokesperson is saying that the future review is into the "effectiveness" of the section. In Australian Public Service policy language "effectiveness" is a very different thing from "efficiency". "Effectiveness" is how well the mechanism works _without regard_ to other factors, such as expense or the robustness of the Australian Internet.

This would signal a substantial policy change from the current s115a, which requires the judge to weigh up the competing interests when approving a proposed injunction to block access to the "online location". That is, the legislators desired website blocking to be "efficient" rather than merely "effective". Therefore "effectiveness" should not be the primary criteria for evaluation of the legislation.

It would have been useful for Simon to have questioned the spokesperson on their choice of words. If the response was written then the expectation is that words hold their usual meaning.

Too much landfill, too little purpose: CES 2017

Glen Turner 666

Re: I must be way out of step..

I think what is lacking is compelling *systems*.

Drones aren't an interesting thing. A set of drones which can find a lost child on a crowded Bondi Beach is interesting.

Similarly wearables aren't interesting. But a wearable which manages your diet and exercise is interesting. At the moment they only pump out raw numbers and if you want to track diet and exercise there's still a lot of "getting thongs to talk with things" to do the analysis. Let alone putting that analysis into immediately useful terms: can I have this bit of cake I just waved under the wristband's camera?

The basic problem is that whilst hardware is cheap, systems are expensive. The iPhone wasn't only a touch screen, battery, CPU and radio. It was the "app store" system which made that bit of glass interesting; just as iTunes Music Store made the iPod a better MP3 player than the better hardware from Creative.

CES simply threw a lot of hardware out there. Worse still, it will throw out different hardware next year. So if systems builders rely upon products released at CES will never get beyond the "make it run on the platform" stage before having to start over. At best CES is a demo of technical capability which allows systems builders to assess potential hardware partners.

Australia's future technology headlines … for 2018!

Glen Turner 666

My prediction: WPIT

The acronym WPIT will become known outside Canberra. The Welfare Payments Infrastructure Transformation is essentially the replacement of the Model 204 database and applications code originally established by the Department of Social Security in 1983. The code has survived name changes (to Human Services/Centrelink), umpteen ministers, and 35 years of budgets and mini-budgets of changes (all of which had to be live by a particular date, a date usually set for political or accounting reasons rather than as the result of an implementation plan, so we're not talking a lot of programming to a deadline with no nice-to-haves which might ease future maintenance or migration).

The cost of rewriting this code to run on a replacement system is said by the government to be $1b to $1.5b. $1.5b seems optimistic: even on simple SLOC-based measures the 30m lines of code will cost roughly $2b. It's hard to see how it could be lower, as a lot of the measures for reducing cost aren't available for this task (eg, incremental feature delivery). All this technical discussion hides that Australia doesn't have many people with management experience of this scale of project and management is where the real risk hides (the seeming over-optimism about future project costs is a worrying sign).

This is high stakes IT: the scale; the risk to clients; the macroeconomic risk. Stuff this up and there's no saving your government and your country could enter recession.

The Minister appears competent, which is a good start. But of course if he's too good then he won't be content to stay at DHS for the decade this job will take.

Swedish prosecutor finally treks to London to question Julian Assange

Glen Turner 666

Not sure this works in Assange's favour

I don't think this is a win for Assange. He still can't leave the embassy, as the UK will arrest him for his failure to appear, at which point the USA might well lob in a deportation request. A request which will then be top of the queue, assuming that Sweden withdraw their request for arrest.

As for things being different with President Trump, let's see. Because Trump owes the FBI a lot, and the US law/intelligence agencies desperately want Assange. If only to make an example of, as they are doing with Manning. I'm not sure Trump views Assange as anything more than a convenient dropbox for the work of Putin, and if Wikileaks didn't do the job then someone else would have been found.

I get the feeling that this is much more about solving Equador's problem than Assange's problem.

VW Dieselgate engineer sings like a canary: Entire design team was in on it – not just a few bad apples, allegedly

Glen Turner 666

Realistic tests are a recent development

The problem with faulting the 'government' tests is that you assume that the test is possible outside a lab. Remember how VW got busted: a lab had finally made it's emissions test gear small enough to fit inside a car, so emissions could now be tested in the field.

Before the car-portable test what is the government to do? To not regulate at all, because no realistic test was possible? Or to regulate a lab test and then ensure some real-world effect by preventing car makers from optimising specifically for the test?

Let's Encrypt in trademark drama

Glen Turner 666

Update -- Comodo to abandon trademark registration

This thread <https://forums.comodo.com/general-discussion-off-topic-anything-and-everything/shame-on-you-comodo-t115958.3.html> contains the most hilarious statement ever by a CEO, see comment #3. A staffer later posts that Comodo will file to abandon the trademark registration:

"@robinalden Reply #28 on: Yesterday at 03:41:45 PM:

"Comodo has filed for express abandonment of the trademark applications at this time instead of waiting and allowing them to lapse.

"Following collaboration between Let's Encrypt and Comodo, the trademark issue is now resolved and behind us and we'd like to thank the Let's Encrypt team for helping to bring it to a to a resolution."

The Register's Australian technology headline predictions … for 2017!

Glen Turner 666

BYOD

I think it very much depends on the sector as to what BYOD means.

For universities it means that students bring their own laptop and expect it to work with minimal fuss: connect to wireless, print, plug in somewhere to recharge. There's no attraction at all in a device without a screen -- the huge use of mobiles by students suggests that the screen is actually the important part of the computer.

For schools I wonder if you could take your idea once step further. The kids don't carry their computers around at all, but only the computer's storage (say, a Micro SD card). That storage is the boot device for a VM at both home and school. Add some simple software maintenance and I think this has some value and is worthwhile poking around with. The biggest problem would be Windows.

Business doesn't know what to do about BYOD, and they keep watering down the concept in the hope that it becomes something else. Unfortunately in doing so they lose the benefits of the BYOD approach, and loop back to the start of the process without making any headway. Increased BYOD by contractors and the lack of "enterprise mobile" means they'll have to grasp the nettle eventually. If only offering "outside the firewall" Internet with a certificate-mediated access (VPN or PKI) back into selected resources.

Australian test finds robot essay assessors on par with human teachers

Glen Turner 666

@James51 and originality

The NAPLAN test is the worst sort of high stakes testing. Writing a essay outside of the standard criteria will --- even with humans marking --- get you poor results as it won't fit within the marking rubrics. These rubrics -- 'marking criteria' would be the less jargon phrase -- are designed to allow no scope for creativity. As a trivial example of creativity: if you gave the answer as a poem that would garner no additional marks and would threaten the marks allowed for grammar and spelling.

The NAPLAN system is gamed by schools, with weeks of "teaching to the test" being commonplace. Although the government denies it, the NAPLAN preparation constrains the time available for actual teaching of material. In particular the Year 9 NAPLAN falls exactly when algebra is being taught and at a recent corridor chat at a teaching conference there was consensus that there was a fall in student ability in basic symbolic manipulation because NAPLAN has vacuumed time away from that foundation skill.

The government denies the tests are high stakes. But in reality they gateway admission to all advanced programmes. Even for trades programmes oversubscribed programmes are often determined by NAPLAN ranking -- why wouldn't you drag up your school's average given the opportunity?

Back to school: Six of the smartest cheap 'n' cheerful laptops

Glen Turner 666

Perhaps more attention to dimensions and weight?

Looking around uni is always interesting, as students put down their own cash for laptops and expect to use them seriously rather than for games. The typical notebook by far is the Macbook Air, followed by the Dell XPS 13. With that in mind I'd suggest that this review doesn't give enough attention to dimensions, weight, and battery life. Just on dimensions alone it is difficult to recommend a lot of the laptops in this review, as they're not going to fit well into a school bag.

If you want to see what bargain manufacturers could be doing for school users then look at the Toshiba Chromebook 2. Small, light, good screen, quiet. It's well underpowered for WIndows, it's lack of sockets limits its upgradability (and thus lifetime), but you'd hope that manufacturers would take hints from the form factor.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020