* Posts by SImon Hobson

1365 posts • joined 9 Sep 2006

Page:

Netgear 'fixes' router by adding phone-home features that record your IP and MAC address

SImon Hobson
Silver badge

Re: Why is this so bad?

And other information.

Well as you ask, in reality it's not of any value to them. But flip it around, and ask why collect it in the first place ?

The first rule of data management is that if you don't collect data then it can't leak. If you do collect it, then you need to secure it. We can't trust Netgear to keep it secure (given their track record), and they've turned on this collection without asking the user first. It does NOT matter in the least if there is a way to turn it off, nor does it matter in the least if it's in the release notes - this was turned on without the users consent.

But the article says they collect more than just IP and MAC, and in reality we don't know what they collect. What if they decided it would be useful to collect DNS query information ? No problem ? Have a read of this article which might just change your mind.

So it's not really about WHAT they collect, it's about the fact that they collect anything at all, and without asking the user first.

16
0

Phishing scum going legit to beat browser warnings

SImon Hobson
Silver badge

Re: El Reg fail

The obvious solution is blacklisting certificate authorities supporting phishing sites

Yes, the obvious but wrong solution.

If you do that, then inherently you are saying that all certificates must be something above domain validated, but not necessarily fully EV. Once you go above domain validated (ie you have sufficient control to receive an email to the hostmaster, or create a specific TXT record, or put a file on the web server) then you cna kiss cheap or free certificates goodbye. And then you can kiss goodbye to "everything on SSL" since for probably the vast majority of people, the cost of an SSL cert is just something they can't be bothered with for their club blog that gets half a dozen hits a day.

But I suspect that will be the next target - the big guys like Google really don't understand or give a s**t about the little guys. They are quite happy to change the rules and the rest of the world has to tag along with them. Just look at how enthusiastic they (along with so many others are) for breaking email - demanding SPF even though it's known (and was known while still in incubation) to be fatally broken in several ways.

1
0

Robot lands a 737 by hand, on a dare from DARPA

SImon Hobson
Silver badge
Alert

Re: Huh?

Pedant alert ...

You can't pass your PPL in a Cessna and fly a 747 the next day.

Actually, yes you can if you have the money. I believe it is technically possible to train for and get your PPL in a 747 - though the difference in cost between the per-hour cost of a light piston single and a 747 would make it a very expensive proposition.

Assuming you took the conventional route to your PPL (SEP(A)), you could still jump in a 747 the next day if you had the money to buy lessons for the type-specific qualification.

4
1

Why Microsoft's Windows game plan makes us WannaCry

SImon Hobson
Silver badge

Re: It is the apps tied to ActiveX that cause the problems

... why do those machines even have access to anything on the Internet? ... Why not isolate those machines on a firewalled subnet or vlan, make sure they don't talk SMB1 and use them as before?

In many cases, the computers DO need some form of interaction with the rest of the business. Take the case of a precision CNC mill someone mentioned - it'll need to be on the office network so that the design engineers can upload the milling programs to it (what if one of those file transfers accidentally transfers something nasty from an infected desktop ?) In the case of (say) an MRI scanner machine, it will need to be on the network so that images can be exported from it.

The simple fact is that yes, these devices CAN be protected, more or less, one way or another - and the rest of the network protected from them. But it's not a trivial exercise to do.

Lets assume that for security reasons, the MRI scanner computer is party to the same security policies the rest fo the business has - that's going to mean authorised users (active directory) and the access controls that go with it. Have you tried doing the firewalling to allow AD to work across a "locked down more watertight than a duck's backside" firewall ? It's "interesting" the amount of network traffic needed for AD to work correctly.

That's not to say this can't be done, but each device will have different requirements, and it takes time to work through how to deal with each of them. So there you are, as others have pointed out, with an IT team, limited budget - and tasked with keeping everything running as well as doing new stuff. You're barely coping with the everyday - where is this time going to come from ?

So ultimately, it comes down to manglement (at whatever level) not providing the resources needed. And again, as someone else has already pointed out, when we are constantly told that the NHS has to save lots of money - who's going to stick their neck out and "waste" budget fixing something that "isn't broken yet" ? It's not an NHS thing - it's the same across all businesses.

4
0

Google DeepMind's use of 1.6m Brits' medical records to test app was 'legally inappropriate'

SImon Hobson
Silver badge

Re: Streams is showing real patient benefits.

Google really are good at this stuff

And therein lies the heart of the problem - we know darn well what Google are good at. They are very good at ignoring the law and using their size to avoid the repercussions. They are very good at mining large volumes of data.

Thus, we can have little (or no) confidence that they won't take this data that should be kept in it's own secure silo, never leaving UK (or at least, EU) control and jurisdiction, and then mine it along with other data that would probably de-anonymise it.

So far, I have not read anything to suggest that Google has the corporate structures in place to respond as MS have done with the Irish emails case - ie tell the US authorities to sod off as the US company & staff don't physically have the access to provide them with the data which is held by a different legal entity on Irish soil.

But most of all, I have seen nothing (but plenty to the contrary) to suggest that Google wouldn't pause even a second to consider mining the data along with everything else it holds.

2
0
SImon Hobson
Silver badge

Re: 'inappropriate' or 'illegal'?

... the declaration patient sign when they join up with their GP or sign forms at hospital.

I don't recall ever signing any data protection stuff with my GP, but then when I last signed up with them, they were still on paper records.

Ditto when I've been to hospital - they've created records without asking my consent. They've also ignored my letters on the subject, but that's another matter !

0
0

Microsoft to spooks: WannaCrypt was inevitable, quit hoarding

SImon Hobson
Silver badge

Re: If you cannot patch it quarantine it

They have enough time and budget to ...

You are assuming that "they" are in a position to choose what they do. In all the cases you've cited, some PHB, or committee, will have decided what projects are going on - the grunts at the coal face just get told what they are doing.

Besides, some of the projects you have mentioned are not related to the separate projects of running the various local networks. You have to remember that there isn't "the NHS" - there is a collection of hundreds of trusts, commissioning groups, blah, blah.

I assume by "entirely pointless £10bn IT project" you mean the national IT backbone and slurp everything project. That was a completely different group not connected to any of the trusts affected by the ransomware outbreak.

27
0

Just 99.5 million nuisance calls... and KeurBOOM! A £400K megafine

SImon Hobson
Silver badge

Re: 0.4p per call ?

how about using the proceeds of crime act ?

I was thinking about that, or similar. A director is legally responsible for what goes on in the company - and there is absolutely no way whatsoever that a director of a company like this could not know exactly what was going on. AIUI, "limited liability" stops when the company is acting illegally with the director's support.

All it needs is some creative use of existing law. This sounds like yet another case of "can't be ar**d using the laws we have, so lets have some new ones".

6
0

User loses half of a CD-ROM in his boss's PC

SImon Hobson
Silver badge

bearing the largest toolbox we had

Ah yes, I've done that trick one or twice over the years. Anyone properly equipped to work on the early Macs would have had a particularly serious looking T15 Torx with a shaft at least 9" long - waved around in the right manner, you could properly intimidate a user with one of those :-)

Of course, at the other extreme, you make fairly "industrial" tasks look really delicate (and so make your skills look better than they actually are) by the correct choice of very small tools held in the right manner.

4
0

ISPs must ensure half of punters get advertised max speeds

SImon Hobson
Silver badge

Re: Annoyed... The rather pathetic progress continues...

So why is it that now, in 2017 I/we are still moaning about this?

Because Government, Telco's, Offcom, Openreach dropped the ball and have been fumbling around ever since - each one passing the buck.

BT and OR didn't drop the ball. BT has, and always will be, on the side of what it thinks will make it the most profit - that's what businesses do. If you have a knowledge of telecoms history, it's easy to see a long line of decisions clearly made so as to protect their profits. For example :

When ISDN came along, in other countries (notably Germany) they supported some interesting and useful features - result was wide adoption of ISDN-2 even for home use. In the UK ? BT priced it artificially high, and restricted features - with want can only be interpreted as a means of preventing people dropping their expensive (=profitable) leased lines and replacing them with cheaper ISDN-2 setups.

Even now, we see BT controlling what OpenReach do in terms of what's best for BT - not what's best for OR or the country. To that end, the recently enforced separation between BT and OR doesn't (IMO) go far enough.

Maybe this whole mess needs to be Nationalised?

Good god, no. I can only assume you are relatively young - everything is relative. Those of us of a certain age remember what nationalised phones and railways (to pick just 2) were like. People complain about the state of our communications and transport now, but really, it's positive nirvana compared to a few decades ago.

When my parents moved back when I was still young, we couldn't have our "own" phone line. Apart from a "you get it when we can be arsed" approach to installation times, there wasn't enough copper into the village, so instead of actually pulling some more cable, they forced new users onto party lines. Yup, your phone line was shared with a neighbour ! I suspect few people younger than perhaps about 30-40 will have ever come across one of those.

And as for the railways, the BR of old would make Southern look like a slick operation !

It's nothing to do with it being sold off later, it's to do with the fact that government just can't do "services". If it's in public ownership, then every career politician wants to make a name for themselves for fiddling with it, and as with the Post Office, the treasury will see it as a money box to be raided as ofetn and as heavily as they can get away with. In part, that's what was wrong with the old Post Office when it ran the telephones - the government took all it's money and so it never had the cash to do things properly.

At least in private ownership, the business can go to the money markets to raise cash for investments. If the investment looks sound, then the money will be there. And where there's deemed to be a "public good" case for subsidy, then that can make money available as well - that's what happened with FTTC, even though BT did obviously game the system in it's favour.

2
0
SImon Hobson
Silver badge

Got a bounce message back

Anyone else tried to send any comments by email ? All I get back is :

<broadbandspeeds@cap.org.uk>: host aspmx.l.google.com[74.125.133.27] said:

550-5.1.1 The email account that you tried to reach does not exist.

0
0
SImon Hobson
Silver badge

Re: Bugger maximum speeds

Having dealt with procurement for a number of different connection types, having a minimum (or committed) speed would make sense. I bet few people understood what contention ratio meant back when ADSL came along - how many actually realised that "512kbps @ 50:1 contention ratio" actually meant they could get less than dial-up speeds and the ISP was still meeting it's promise.

The problem comes when you try and define what the minimum rate actually is. At work, we had a customer that got the full ADSL line rate (literally a stones throw from the exchange) but actual throughput was crap thanks to the ISP having underinvested in backhaul.

0
0

systemd-free Devuan Linux hits RC2

SImon Hobson
Silver badge

As others have stated - politics and entanglement.

In the case of Debian, there was a long and "heated" discussion. In the end there was a vote which looks to have been designed to produce the desired answer rather than get an accurate count of opinions. If rationally analysed, it comes out with a clear majority (by a long way) of people not wanting systemd - but because of the way the options were chosen*, and some of those were interpreted*, the outcome was decided as being a majority in favour of systemd.

* Eg, "we don't want to debate it any more" was taken as "we want systemd".

But AIUI, part of this came about due to the ever greater effort needed to disinfect upstream packages - particularly desktop environments. As others have pointed out, systemd goes way way way beyond what it was originally sold as - and it appears to be a deliberate ploy to infect as much software as possible and thus make it ever harder to keep that software disinfected. Part of this is deliberately deprecating old but reliable and well known interfaces and replacing them with "new shiny" ones. Thus you get the problem that unless software has been written to use the new shiny (but really, in most cases no better) interfaces then it doesn't work well/at all on a systemd system - but if it is written to use those systemd interfaces, then it doesn't work well/at all on non-systemd systems.

KEY POINT systemd is incompatible by design. it is clearly a key design tenet that it must break as much compatibility as possible with "legacy" systems. That is a key driver to making it herder and harder to avoid it.

This last anti-choice point should alone be good enough reason to avoid it. We saw a decade or two ago what happens when one dominant group (in that case, Microsoft) is able to eliminate choice. Things stagnate, choices are made for the wrong reasons - ie if your only choice is Windows Server then you have to run Windows Server regardless of whether it's the right/best choice for your application. In the browser sphere, we saw how once they'd seen off the competition and eliminated choice, IE got stuck in a mire of mediocrity and dragged the whole web down with it for several years.

If systemd were so great, then people would adopt it by choice. With a few exceptions, most of the adopters have done so because they've given up fighting it (or at least, just run out of resources to fight it).

And I'll finish with :

PID 1 is (after the kernel) THE most critical component of your GNU/Linux system. It MUST be secure and stable. Basic software engineering principles dictate that it should be as small and simple as possible, with as few interfaces as possible, and basically minimise all avenues for bugs and vulnerabilities as is reasonably possible. systemd is the opposite of that - it may be multiple different binaries, but they are close coupled, with ill defined interfaces between them, and above all written by a team with (to be very polite) a less than impressive track record in producing "good" code.

Do you really want your system to be 100% reliant on software produced by people who deliberately break things and then leave others to clean up after them ? Do you really want your system to be reliant on people who re-create historical dangerous "features" and them blame the user when it hoses their system ? Do you really want your system to be reliant on people who's code is so "good" that they've been banned from contributing to the kernel ?

23
1

'I feel violated': Engineer who pointed out traffic signals flaw fined for 'unlicensed engineering'

SImon Hobson
Silver badge

Part of the problem there are the modern discharge tube or LED strobe lights. With the old rotating mirror lights, it was easy to see on the photo if the lamp was on and hence the vehicle was exempt* from the normal rules. With the strobe or LED lights, what they were finding is that there's nothing to show during the "off" periods which are considerably longer than the "on" periods. Round this way, I;ve notticed that the ambulances now have static blue LEDs on their rear number plate lights - which means there's an indication on the photos that they are on a blue lights call.

* Technically not exempt, but subject to different rules.

4
0

systemd-free Devuan Linux hits version 1.0.0

SImon Hobson
Silver badge

Re: I don't understand the hype

You CANNOT fully remove SystemD from Debian - that is just a myth.

AT THE MOMENT it is near enough possible to get rid of all the functional bits of SystemD, but as time goes on, SystemD spreads it's tentacles into more and more packages.

Basically, SystemD re-implements many previously standard and well understood interfaces. Logging ? Syslog or one of it's modern replacements). Time ? NTP. And so it goes on.

The SystemD camp keep deprecating these standard interfaces - so that packages increasingly over time have to use the "new 'improved'" interfaces or they can't run properly on SystemD systems. Once they do that, then they won't run on systems without those interfaces - ie they won't run without SystemD.

And because Debian (through a very flawed vote process that actually didn't support it) chose to make SystemD the default - any bugs along the lines of "doesn't work properly without SystemD" are just closed as "won't fix".

What Devuan does is take all the Debian base stuff, and fix all those gratuitous dependencies on SystemD. The vast majority of packages are just taken direct from the Debian repositories - the Devuan specific ones are the ones with the crap removed. The expectation is that over time, unless Debian sees sense, that Debian will slowly diverge from Devuan as it allows the SystemD crap to spread.

13
2
SImon Hobson
Silver badge

Plain Debian still allows you to switch to SysV init in a matter of minutes ...

Err, well sort of, but not really.

The problem (as already mentioned) is that SystemD just isn't an init system as it was described as whenever there was any dissent from using it. The problem is that there are so many tentacles that it invades all over the system to the point that you CANNOT uninstall SystemD without breaking an increasing amount of stuff. What you will find if you try it is that you cannot remove all vestiges of SystemD without making your system unusable - such are the gratuitous linkages with bits of SystemD that's enforced by SystemD reinventing established ways of having software interact with other bits of software/the system.

15
1

Tesla hit by class action sueball over autopilot software updates

SImon Hobson
Silver badge

Re: Autopilot

Not really comparable. Unless you have really top end flight management, you only use autopilot once away from the ground - and you generally only need to tell it to fly a heading (or course) and altitude (or climb/decent rate). In general, there aren't pedestrians, animals, other cars, lorries (trucks for our US friends), etc all doing unpredictable things in very close proximity - not to mention a requirement to stay within a narrow (10 feet or less) strip of tarmac with twists, turns and junctions.

So really, an aircraft autopilot is a totally different - and very very much simpler - thing.

8
1

RIP Bob Taylor: Internet, desktop PC pioneer powers down at 85

SImon Hobson
Silver badge

Over the last few years we've seen a generation start to pass

It only seems that way. it's easy to see a list of "people we associate with our work/hobby" and think that "wow, we seem to be losing a lot". I think it's just a case of these are the people we recognise as having something to do with our interests - and tend not to remember the steady stream of "others". As that era was when so many of the fundamental developments happened, it's quite natural that those involved should be running out of time - lets face it, we're talking about stuff that happened half a century ago (give or take a decade).

Heck, a lot of us weren't even born when some of this was going on !

2
0

Finally a reason not to bother with IPv6: Uh, security concerns...?

SImon Hobson
Silver badge

Re: I think bollocks...

So what exactly is stopping this detection system from ...

As I read the article, the entire article boils down to "security tools haven't been updated to handle IPv6 yet". No sh!t Sherlock !

Well guess what, go back a few years, and tools then didn't detect what we now consider to be "common" threats. Tools improved, tools will improve, what we need is for the vendors to extract digit from orifice and handle "modern" network traffic - where modern could be considered to include "been around for 2 decades".

5
0

RootMetrics finds provinces stagger to 4G

SImon Hobson
Silver badge

Re: In parts of the UK even 2G is unavailable

I can assure you that you don't have to go "to the end of nowhere"* to have no signal, at all, form any network. Just try around the Lake District and you'll soon find a few notspots !

* Not that Skye is the end of nowhere, last time I was on Skye I was en-route to "even further away from anywhere", aka Lewis. I vaguely recall finding the coverage there wasn't bad.

1
0

Printer blown to bits by compressed air

SImon Hobson
Silver badge

One things I miss since I changed jobs is an industrial airline with "blow off gun" attachment, and somewhere outside to use it. Mind you, I don't miss the "everything covered in candle wax" aspect of the environment there !

Particularly useful for blowing out the fans which make a lovely whiiiizzzzzzzzzzzz when you get the blast just right.

3
0

Startup remotely 'bricks' grumpy bloke's IoT car garage door – then hits reverse gear

SImon Hobson
Silver badge

And people wonder why I refuse to use rubbish that relies on some outside device to work ...

39
1

People may have been wrongly sent back to prison over faulty tags

SImon Hobson
Silver badge

Re: The "Serious Fraud Office"?

The word sexual came in my post you took offence to :

or the "serious sexual offence" of slapping your stroppy teenage daughter across the face when other methods of bringing the brat into line have failed

Yes, AIUI there is at least one father put on the sex offenders register for that. Perhaps you should try reading things properly before you start taking offence to them.

0
0
SImon Hobson
Silver badge

Re: The "Serious Fraud Office"?

By your own admission only "almost" always - so therefore there must be cases where it's not assault. Sometimes a "quick slap" - not assault, just a quick slap - is what's needed to bring a stroppy teenager into line.

That you suggest otherwise suggests that you've never had to deal with them.

And besides which - where does the "sexual" come from even if it is deemed to be assault ?

0
1
SImon Hobson
Silver badge

Re: The "Serious Fraud Office"?

"Serious" in those contexts will have a specific legal meaning

Or not. Like the "serious sexual offence" of being caught short and having to take a leak behind a tree, or the "serious sexual offence" of slapping your stroppy teenage daughter across the face when other methods of bringing the brat into line have failed (by her own admission, she deserved it). Yes, both of these "serious" offences have landed people (note - all men, Treasonous May and Harriot Harpy both considered all men as sex criminals that just hadn't been convicted of something YET) on the sex offenders register.

It's a common trick to stick serious in the title, so that people will thing "that's OK, if you've got to do something seriously bad to have your life destroyed on the whim of some official". But what they do is not define serious as "only serious things" so that once the law is passed without too much complaint - then it can be used against anyone.

1
1
SImon Hobson
Silver badge

Re: Knee - jerk reaction...

I cannot for the moment see how faulty tags can be laid at the government's door

How about the fact that they were told and ignored it ? As mentioned above, Ross Anderson's analysis was quite scathing - not just of the tags themselves, but also of the systems behind them which seemed designed to allow problems to go undetected.

Once that information was out, and especially the court case he helped win was settled, there should have been a review right there and then. But I suspect everyone involved stuck their fingers in their ears, went "laa laa laa", and tried to pretend it was someone else's problem (if it even existed).

3
0

First EU-US Privacy Shield annual review to take place in September

SImon Hobson
Silver badge
Mushroom

Re: "...check that everything is in place and working well."

Ah but it is, it's working just exactly as it was intended to work: ie to allow US interests to continue business as usual, allow US TLAs to carry on mining the data, and to allow EU officials to pretend it's all OK.

So yes, it's all working perfectly so far.

Icon says what I think should happen to the agreement when it gets reviewed.

3
0

Uber wasn't to blame for robo-ride crash – or was it? Witness said car tried to 'beat the lights'

SImon Hobson
Silver badge

Re: side on impact

It's very very hard for a slow moving car to knock a fast moving one onto its side.

Other way around ?

A stationary car can roll another. If the oncoming car turned across it, then it's (relatively) low bonnet would be first into the path of the Uber car. The Uber car could then "drive up" the bonnet like a ramp and do what in the film/stunt business as a pipe roll.

On the other hand, drive into a stationary or slow moving car "side in" and it's very hard to roll that car over.

16
2

Ofcom wants automatic compensation for the people when ISPs fail

SImon Hobson
Silver badge

Re: works both ways

If similar charges were enforcable on customer no shows ...

Oh, so you've never had to have a fault fixed then ? It's normal with every provider I've ever dealt with (and I deal with a few through work) that when the troubleshooting gets to the point in the flowchart that says "engineer visit needed" you get read a standard spiel along the lines of "If the fault turns out to be in your equipment or wiring, or if the engineer cannot gain access, then there will be a charge of £X."

So yes, they do enforce such charges : Fault in your wiring ? Charge. Tech turns up at allotted time and you aren't in ? Cancelled install or fault ticket and a charge.

0
0

Shine on, you crazy Eind minds: Boffins fire out 43Gbps infrared 'Wi-Fi'

SImon Hobson
Silver badge

Re: Faster backups

If your backups took 5 minutes instead of 50 minutes, what difference would that make to you? You aren't waiting on them, they're taking place in the background.

Well it's actually the difference between fraction of an hour and "hours" - so yes it is a significant difference in time.

And yes I am waiting on them. At present they tie up my laptop - I can use it, but while it's running backups it's "a bit sluggish". When I manage to clear the significant list of things that require a dip into my "far from infinite" income then I'll be able to improve things (either a laptop that can have much more memory than this one supports, or a separate machine to run backups on, or both) - but at the moment that's not a "next week" timescale.

The other issue is how long the machine being backup up is on for. Sometimes it can be difficult persuading people to not shut the machine down before it's backup is finished.

0
0
SImon Hobson
Silver badge

Re: There's no consumer use case for this

Who the heck needs 42 Gbps wifi? Heck, who really needs 420 Mbps wifi?

Well for one use case, when I'm doing backups at home I try and plug the laptops into a wired network - it makes a VAST difference to backup speeds. It's not just the raw speed, it's the latency as well - there's a lot of round trip exchanges in determining which files needs copying.

3
0

DNS lookups can reveal every web page you visit, says German boffin

SImon Hobson
Silver badge

Re: How does DNS work in the real world?

Now my recollection of how DNS works in the real world is that there's potentially quite a lot of caching between me and (e.g.) my ISP's DNS server

Actually, you'd be surprised how little caching there is between a user and the caching resolver they use - and many routers will default to handing out the ISP supplied DNS resolvers to internal clients.

Form reading it, it's clear that this technique will instantly lose most of it's potency once you are separated from the client by a decent cache - hence some suggestions to run your own internal DNS cache/resolver. If you do that, then unless you set your ISPs resolver as a forwarder for your local resolver, they would have to sniff traffic to get your DNS queries - and they will be vastly less useful due to the caching.

7
0

Ubiquiti network gear can be 'hijacked by an evil URL' – thanks to its 20-year-old PHP build

SImon Hobson
Silver badge

I wouldn't call them a premium product - but the reason we sell it and use it is that you get a lot for your money.

There's still things I've put my name to on the wish-list (the way they've done wireless network groups doesn't make sense), but given that it's almost trivial to run a multi-site, multi-SSID, WiFi setup from one place - with APs that don't break the bank - it's pretty good kit that's generally easy to manage.

We've found the hardware fairly reliable (I can only remember one failure so far), and when I needed support, it was good.

And getting a couple of freeby* AC access points out of them didn't hurt either ;-)

* I think they found their first production run had some issues, so they gave them away to people on their forums to help get some units in use and get feedback.

7
0

BT's Openreach to hire 1,500 engineers

SImon Hobson
Silver badge

Re: A little off topic, but....

Actually, there are mobile phones made especially for people with poor eyesight and stiff fingers. My elderly Mum has one, and to be honest it's been a surprise how well she's taken to it.

Mind you, she does occasionally press the "help" button by accident when putting it into.getting it out of her handbag and then we all get tests saying she's pressed the help button. That's a tradeoff between making it hard enough to press that it won't happen accidentally, and easy enough that someone can press it when they need to.

1
0

Thank heavens the wrangling over BT's Openreach separation has ended

SImon Hobson
Silver badge

Re: Assets

That's just what I was thinking.

We now have this "independent" business, 100% owned by BTG, who doesn't own anything it manages (because that's all owned by BTG), and presumably all new stuff they install will be owned by BTG because otherwise ti would be a nightmare working out who owns which bit of cable in a duct, and where the budget is set by BTG.

Perhaps it's just that I've never had any involvement with "big business" finances - but why is transferring ownership of the assets any harder than (say) dividing up the CDs during a breakup ? If the assets were transferred, then BTG would still own them - the assets would be owned by BTOR, but BTOR is 100% owned by BTG so there's no net change. Then if BTG were to start selling off shares in BTOR then it would get back (in effect) the value of those assets. I can see that where BTG has borrowed to invest, then there'd need to be a trasfer of the loan with the assets - but that's not really that hard a task.

or perhaps it's a ploy, so that as some future time, BTG can sell the assets to BTOR (and lending it the money to o so). This them saddles BTOW with huge debts.

1
0

Smart meter firm EDMI asked UK for £7m to change a single component

SImon Hobson
Silver badge

Re: The pi-zero w is less than £10 and I bet it would do all they need and more.

@veti

With hundreds of millions of the things installed worldwide for years now, there have still been zero, count them, zero credible reports of remote hacking

Ah, the "it hasn't happened yes so you can discount it as a risk. Hmm, in "a few decades" I've never needed the seatbelt in the, so on that basis they aren't needed for me ? And i can stop paying for insurance as I've never needed it in the past ?

@Alan Brown

Mine's like this, mounted at floor level at the back of a cupboard in a corner that's difficult to get into because the cupboard door doesn't fully open due to a radiator in front of it.

I find the easiest way to get a reading is to use a smartphone camera and before that it was a pain in the arse.

Dad made a contraption with a stick, a couple of blocks of wood, and a couple of small mirrors for reading the gas meter. The mirrors allow you to stand up and see the display - two mirrors being needed to avoid it being upside down.

2
0

One IP address, multiple SSL sites? Beating the great IPv4 squeeze

SImon Hobson
Silver badge

Re: Thumbs up, but have to respectfully disagree with some things

NAT has a purpose

NAT is horrible, cludgy, breaks stuff (I have a special, NSFW, vocabulary for the "we are proud to break stuff" approach taken by Zyxel), and forces countless developers to have to WASTE time working around the shit it causes. If all the effort that went into NAT and working around it's breakage had gone into other stuff, the world would be a better place today.

NAT comes into the category of "if the only tool is a hammer, all problems look like a nail" - and too many people still haven't learned to recognise screws, bolts, etc !

NPT on the other hand does have a place as long as it's done sensibly, but even then I'd argue there are few places where it's the right tool.

1
3
SImon Hobson
Silver badge

Re: Simple answer

They almost forced it on me. And no questionnaire on what's inside my network

That's becoming the norm for up to date ISPs. The one wanting info on everything down to your inside leg measurement is probably still stuck in the "IPs are scarce, everything has to be justified" mindset and just haven't woken up to the fact that they can hand out a /56 or /48 to all customers without having to think about it.

Many ISPs are now turning on IPv6 in their supplied routers, so many users have it without even realising. My own ISP at home ran a trial, then it went quiet and we've heard nothing from them for a couple of years - so I'm still stuck using a tunnelbroker tunnel (thanks Hurricane Electric) for now.

1
1

ESET antivirus cracks opens Apple Macs to remote root execution via man-in-middle diddle

SImon Hobson
Silver badge

Yes, but this is a route for the attacker to subvert the update mechanism of a security product to inject that code into the system - and run it with root privileges. The first step in subverting a system is the step of "how do you get the code onto the system" and the second step is "how do you run it". In a "secure" system, both of these steps are difficult.

This exploit isn't trivial to use - but it makes things a lot easier. Essentially, you need to setup a fake update server, then somehow get the victims computer to connect to it instead of the real one. Compromising their SoHopeless router and fiddling with the DNS can do that bit.

Were the update system secure, then an attempt to do this would trigger errors as you can't get a matching certificate for your fake server - or you shouldn't be able to ... <cough> Comodo <cough>.

1
0

Licence-fee outsourcer Capita caught wringing BBC tax from vulnerable

SImon Hobson
Silver badge

Re: The few programs worth watching in the US of A

Yay, a voice of reason in amongst the unthinking. Shame I can only give you one upvote.

Your advice should be, for all those who wish for the BBC to become "just another commercial TV company" should go and look at how it's worked out in the USA. It's clear from watching some of the imports from there just how much of a program is as breaks. for some of them, I'd be watching in puzzlement as the narrator sets off on another "coming up ..." bit quickly followed by another "and here's where we got to ..." - then it dawned on me that these were the before and after segues for a commercial break that we didn't have.

Even people who never ever watch any BBC content gain from it being like it is. Without anything to hold up standards*, then "less crap than the rest" starts to look good. But if there's a few properly good things around, then mediocre shows up for the rubbish it is. Thus us having the BBC as it is benefits not just ourselves, but others around the world.

* yes, I know, they've fallen a bit at times, and there's a lot of rating driven dross - but they still make a lot of really good stuff.

5
0
SImon Hobson
Silver badge

Re: "High standards"?

Since when has Crapita ever had high standards, much less its protection racket goons?

At one time, I had an empty house on my hands - and yes, I got the letters which basically said "you are a criminal, you'd better pay up quickly".

I wrote and complained that the letters didn't have the legally required company information (like name/address !) - only to be told that since TVL operates for the BBC, and the BBC operates under Royal Charter, they are exempt from that !

I wrote and told them that the house was empty, and got a letter back which effectively said "we still think you're a criminal but we'll hold off harassing you for a bit". I was rather hoping to get another threatening letter so I could then go and report it as a crime under The Protection from Harassment Act 1997 - one letter alone isn't harassment, but two or more is according to the definitions in the act.

Given that their first letter is deliberately threatening, I can believe any story about their goons being heavy handed.

1
0

New UK laws address driverless cars insurance and liability

SImon Hobson
Silver badge

Re: Blue Windscreen of Death

> The manufacturer only releases updates for cars up to X years old so what do you do? Your car is effectively uninsurable and worthless.

Indeed, and there are other scenarios as well.

So apart from being able to effectively send all models of a certain age to the scrapheap, there's the "protection racket" issue - in effect, the owner will have no choice but to pay whatever the manufacturer charges for updates.If the manufacturer won't provide updates unless you pay an annual "service charge" then you have to pay that charge. Annual charge more than the value of the car - tough.

So the ever decreasing practical life of a car, mostly due to technology and the cost of what would once have been simple and cheap repairs, takes another step.

And it's retrospective as well - unless the manufacturers are forced to state future service costs for some arbitrary future lifetime, then there's no way to know in advance of purchase what the car is going to cost to keep "insurable". yes there's a certain amount of unknown in it now - but at least the cost of parts etc tends to be generally predictable.

And of course, it opens up further opportunities for gouging and lock-in. Want updates ? We'll only provide them through our franchised dealer network ! Want new brake pads ? Oh didn't you notice the mention on page seventy-eleven of the 6 point T&Cs that the pads have software in them to talk to the autonomous driving system, so you can only use our own pads at a 1000% markup compared to what the very same pads (from the same factory) without our name on would cost, and only available through our franchised dealers who are the only ones with the tools to re-code the car to the new pads !

Yup, I reckon these proposed rules herald a new era of vendor lock-in.

1
0

Installing disks is basically LEGO, right? This admin failed LEGO

SImon Hobson
Silver badge

Re: RAID cock-up

I'll raise you two more ...

We had (past tense) a customer who bought a Mac server from us (yes, that dates it a bit). Their "technical" guy wanted to plug something USB into it - and assumed that the USB connectors were behind those pop out panels on the front. He genuinely couldn't connect having popped out the three drives with the system failing ! Luckily, when I told the RAID controller to add the 2nd disk back in, things seemed to be intact and I left it to rebuild the first disk.

Then we had a customer with a support contract with a large manufacturer. The techie comes out to replace a failed drive, and being unsure which one was the failed one, proceeded to pull each drive in turn ...

6
0

Why I had to sue the FCC – VoIP granddaddy Dan Berninger

SImon Hobson
Silver badge

Re: less gummint regulation is nearly always a good thing

Downvoted for this :

You've misunderstood where the competition is. It's between ISPs, not between the packets handled by any one given ISP.

The problem is that for many people, there is (in practical terms) no competition between ISPs. AIUI, in the USA there are large areas where your choice is between a slow and expensive single DSL provider, and a single expensive cable provider. So if you want a decent speed, you have a choice of one supplier - the cable company.

So, if that cable company (for example) decides that a video streaming service (for example, Netflix) is too much of a competitor to the cable companies video services, and decides the artificially throttle IP packets from that streaming service - then the customer doesn't have the choice of changing ISP to get a better service. They are hostage to the ISP and whatever services it decides to permit or not throttle - decisions made primarily on "how much can we screw people for ?". So (for example) Netflix doesn't want to pay extra to have it's traffic not throttled, then anyone in that cable company's area gets a poorer service.

This is the big problem - where there's a lack of real competition, and the incumbent is in a position to artificially bu**er about with any traffic is sees as detrimental to it's own revenue streams. And that exactly describes mcuh of the US internet market as far as I can see.

4
0

Reg tours submarine cable survey ship
'Geo Resolution'

SImon Hobson
Silver badge

The rack mountings.

Just a heads up - there's nothing "novel" about the equipment mountings. Those "coiled wire rope" things are standard naval shock mountings. Example supplier here

I recall <cough> decades ago as a young apprentice seeing videos on what they do when a submarine (which is what we were building back then) is depth charged. All I'll say is that they take on shapes that you'd not imagine them capable of - and then (more or less) return to normal !

Of course, you have to make sure there's enough free length in the cables to allow that movement between vessel and equipment. If not, then the equipment survives but is no longer connected to anything which rather defeats the object.

0
0

Meet LogicLocker: Boffin-built SCADA ransomware

SImon Hobson
Silver badge

Re: Option: shut down the line.

Yeah, my first thought was "shut down the plant - would that be before or after the malware has wreaked havoc" ?

Think about it, if the PLC just randomly turns stuff on and off, then with most plants it's likely to cause damage, and with many it could cause serious environmental or safety issues. For example, I remember reading a few years ago about a lead processing factory that installed a maaasive UPS that could keep the whole plant running if the power failed - yes, multi-MW territory. It cost "a lot", but the alternative was the risk an uncontrolled shutdown that could cause lead dust to be released into the environment. That wasn't the subject of the article, the article was on how they then figured out that with careful management they could use some of the stored energy to peak lop their electricity load and so save a considerable amount on their electrical bill.

The problem is that in general it's not practical to build a system in such a way that the PLC can run amok and safety/supervisory systems will detect it and prevent damage from happening. You can easily spend many time the cost of the system on the safety measures, and for most plant that isn't justified.

0
0

Oz consumer watchdog: 'up to' speeds shouldn't be in broadband ads

SImon Hobson
Silver badge

Re: Only 15 years late...

I'm, assuming your FTTN is what we in the UK call FTTC - a VDSL2 service,

AIUI, this may well be down to interference between subscribers to the cabinet. The high frequency signals aren't perfectly contained by the low spec twisted pair cabling, so when several subscribers take the service, and their pairs are in the same (or adjacent) cable, then the signals interfere and the result is a reduction in the number of usable bins or bits/bin for certain bins. The result is that the first person on a cabinet gets a grest speed, but it starts dropping off a bit as other subscribers get connected and the signals start interfering.

Another factor may be backhaul dependent, but with gigabit fibre back to the exchange, you'd need something in the order of 20 users all pulling 50M before you saturated it. I don't know if larger cabinets have multiple backhaul channels (eg 2 or more 1G links aggregated) - but if not, then by the time you get up to cabinets serving hundreds of users, there's scope for local contention for the backhaul.

1
0

Last Concorde completes last journey, at maybe Mach 0.02

SImon Hobson
Silver badge
Unhappy

Re: Saw in Action Twice

It was one of those things I always wanted to do, but travelling half way down the country for that just wasn't on. I had resolved to driving down to Bristol to see this last flight land (and sleep in the car if I had to), but then I got stuck with a meeting at work I couldn't get out of.

2
0

Japanese team unveils terahertz band 100 Gbps wireless tech

SImon Hobson
Silver badge

Re: Rural Folk aren't this fcuking stupid.

Is there any topic you don't turn into a rant about G.Fast?

Did you actually read his comment ? Like starting from the first line about giving rural dwellers false hope, and then going on to speculate about how BT is likely to use any excuse to avoid what needs to happen. Yes it's a bit of a rant, but to be blunt - it's mostly right on target.

2
0

We don't want to alarm you, but PostScript makes your printer an attack vector

SImon Hobson
Silver badge

Re: @SImon Hobson

Why ? It's actually quite a nice language to work with and I enjoyed it.

Now, if anyone suggested I had to do anything with PCL then they might learn some new colourful vocabulary.

0
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017