* Posts by SImon Hobson

1402 posts • joined 9 Sep 2006

Page:

The award for worst ISP goes to... it starts with Talk and ends with Talk

SImon Hobson
Silver badge

Re: common factor

Yes, OpenRetch are a common factor here. BUT ISPs have a menu of options to choose from - most notably they can ay different amounts for the connection depending on the SLA. Basically, you can have a cheaper connection if you are prepared to wait more days for repairs - so guess why the cheaper ISPs have worse stats on repairs.

0
0
SImon Hobson
Silver badge

Re: I had BT Business Fibre...

... a colleague mentioned Vodafone business fibre ... I made the switch

Where I used to work the boss decided to get one of their lines ... last year. As of a few weeks ago they still hadn't made it work ! It was a really simple problem - BT OpenReach misrouted the line as the office building is fed from two different cabinets. All Vodamoan had to do was to correctly cancel the FTTC and re-order it, they were supposed to have done that in January, and NINE MONTHS later they still couldn't fix it.

We got another line from another ISP. BTOR did the same misrouting, and even with that and another problem, it was up and running in a couple of weeks.

Plus, Vodamoan insist on you using their absolutely crap router - it's in the contract terms. The router really is crap and seems to be aimed at the dimmest of consumer users - it certainly isn't of any use to many businesses. And they won't set reverse DNS on a single IP (or the static PPPoE link IP) - you have to pay extra for multiple fixed IPs if you need to set reverse DNS (eg to run a mail server).

Based on my experience - don't consider Vodamoan as a business provider, or better than StalkStalk.

4
0

Google sued by Gab over Play Store booting

SImon Hobson
Silver badge

Re: Is Marc SERIOUS?

Trusted? Please tell me Marc, Just how may apps has Google pulled this year ...

We know that, but to the average punter, they are told by Google that "Play Store is the only safe place, use any other store and you are inviting the four horsemen onto your phone" - so the average punter will not consider any other source.

Actually that needs a correction, because the average punter doesn't even know that other sources are possible - if it isn't in Google's store then it doesn't exist. Only well above average punters actually realise there are alternative sources.

On that basis, I'd say that the suit has merit IF they can show that they weren't in violation of any T&Cs.

Analogies to "it's my party ..." etc are not really valid. It's more like one company owning just about every venue in a city/state/country and arbitrarily refusing bookings from an act that competes with one of it's regulars. Even that analogy is a bit weak.

1
5

HSBC biz banking crypto: The case of the vanishing green padlock and... what domain are we on again?

SImon Hobson
Silver badge

Re: To be fair to HSBC.

Try reading CAREFULLY.

Would have HAD (past tense) a Chinese passport at some point, when becoming a naturalised UK citizen the person would only have a UK passport.

3
0

Smart meters: 'Dog's breakfast' that'll only save you 'a tenner' – report

SImon Hobson
Silver badge

Re: Benefits - *cough* 1972 *cough*

But this Brexit vote was carried by a minority of the population who wanted to leave.

But en even smaller minority voted to remain.

For those that didn't vote, then the only sensible interpretation is that those people wanted to go with the majority - if they didn't want that interpretation then they should have voted. Put another way, less than 35% (roughly 1/3) of the voting population voted to remain - vs the roughy 2/3 who either voted to leave or "voted" (by abstaining) to go with the majority.

13
6
SImon Hobson
Silver badge

Re: Really, that Much?

Suppliers aren't allowed to simply 'switch you off'

Except when they run out of generation capacity and need to lose some load. Or when they make a mistake.

But that is only the "plan B" for when "plan A" doesn't work. Plan A is simple :

Because successive governments have kicked the problem down the road, it's "quite likely" that we'll run into problems where supply doesn't meet demand - and renewables just won't fill the gap. The solution to this is rationing by price. When you get home on that cold dark (solar PV does work at night), when there's a couple of weeks of widespread high pressure across Northern Europe (windmills don't work when there's no wind) and want to cook your tea - you'll find the display flashing red to tell you that the price of lecky is up tenfold (or more).

So most people who aren't rolling in excess cash will either eat something cold or wait till early hours of the morning to have tea !

THAT is the primary function of these devices - (price) rationing.

And it's the one feature that they never talk about in public.

44
3

Ice-cold Kaspersky shows the industry how to handle patent trolls

SImon Hobson
Silver badge

Re: What are lawmakers doing?

Patent trolling exists for long, and there's still no law to block the scam

OK smarty pants - write a definition of a patent troll ! it must be clear and unambiguous, able to stand up in court, and most importantly it must NOT prevent any legitimate patent holder from defending their rights.

Before you start, have a look at this Wikipedia article and see if you can see the parallels.

7
0

British broadband is confusing and speeds are crap, says survey

SImon Hobson
Silver badge

Imagine if the electricity board were allowed to supply you with "up to 240 volts" when in reality only supplying a degraded supply at 120V

Or how about, imagine if the electricity company were supplying you with an "up to 60/80/100A" service ? Well that's exactly what they do - your house (depending on the age, location, and local infrastructure) will have a 60A, 80A, or 100A fuse in the mains supply - ie the fuse that you can't get to, sealed inside the box on the end of the supplier's cable.

Can you use all 60/80/100A ? Well, sort of - as long as your neighbours don't also try it ! The supply industry works on an averaged demand of only 2kW (that's about 8A) per household - if every house decided to try and use it all at the same time then it would blow the fuses (possibly as small as 300A) at your local substation !

In our office building I happen to know that most of the offices have a 63A fuse protecting the submain from the meter room to the office. Down in the meter room, there are rows of meters (one per office), fed from a distribution box containing the suppliers fuses. There are 10 units fed from each phase in the box, and a 315A fuse upstream. So 10 units, if they all pulled 63A would be trying to pull 630A through a 315A fuse.

In general this isn't a problem - diversity of loads means that people don't all try and use all the supply capacity at the same time. There is massive variation in demand, and some correlation (eg most offices use power during 9-5 and little outside of that), but overall there is nothing like the capacity needed to be able to supply everyone with what they thing they are buying.

Elsewhere, there are some countries where your electricity supply has a much lower rated current - and you pay according to that limit which may be as low as 5A in some places, enforced by a circuit breaker provided by the lecky company. Mismanage your loads (eg forget that the washing machine is on when you try and boil the kettle) and the lights go out.

The internet is the same. There is massive diversity of demand (bandwidth usage), and no ISP could afford to buy enough bandwidth for the theoretical possibility of satisfying every user trying to use their "full amount" at the same time. The main difference is that (historically, it's changing these days) the electrical distribution system was designed by competent engineers, with a view to providing a reliable network. The internet is largely run under the control of beancounters with money the primary motive - ie not looking at "what bandwidth is needed to provide a decent service most of the time" but "how cheap can we go before the complaints get too bad".

Clearly different ISPs have a different view on what's acceptable.

meanwhile, in the UK lecky business, there's a lot of push now to cut costs - and that includes a significant shift from having spare distribution capacity to having disconnectable customers. ie if there's a major fault, instead of being able to route around it, they pick up the phone and tell some commercial customers to cut their demand - a facility for which the customer gets a discount on their bills, and a further discount when/if it's actually used.

And finally - "Smart Meters" are primarily about bringing this to the domestic market. Think 1970s style rolling blackouts when there's not enough lecky, but done on a house by house basis rather than block by block.

2
0
SImon Hobson
Silver badge

Re: ADSL2+

More specifically, it's to do with the ruling that you can't advertise a speed above the level that a certain percentage of users can get - part of a past attempt to get a bit more honesty in internet connection marketing.

So yes, ADSL2+ is technically capable of 24Mbps - but only if you are almost in the exchange. Once you get out to real line lengths, the speed drops off. it just so happens that across the installed base, x% can get 17Mbps or faster, so 17Mbps is what's advertised. I can't remember what x is, but that's where the 17Mbps comes from - some will get better, IIRC we had a customer getting well over 20Mbps before they upgraded to FTTC.

1
0

Sonos will deny updates to those who snub rewritten privacy terms

SImon Hobson
Silver badge

Re: Note to self

... If they had any EU outlets they'd be on a fairly solid collision course with EU data protection laws ...

No you raise an interesting point. Sonos may not have a European presence (I haven't looked, don't own any of their kit) but it is imported and sold by companies with an EU presence. So how does that work when you buy it from an EU based wholesaler/retailer chain - but the US only manufacturer imposes terms in breach of EU regulations ? I know they changed the rules on product descriptions so that when you buy something, you can take account not only of what the retailers says it does, but also what the manufacturer has on their website - ie if the manufacturer's website says it can so $something but it doesn't, then that's sufficient to have a claim against the retailer.

I suspect that is someone were to bring a test case, (some combination of) the importers/wholesalers/retailers might be found liable. Perhaps in cases like this, the importer is liable for compliance - like they are for things like electrical safety etc - that would open up a whole can of worms if the importer is legally liable for compliance with EU data protection laws for a product they have no control over the software in it.

Now I suspect that if the importers suddenly turned round to Sonos and told them that they are dropping the brand for legal compliance reasons, then Sonos might change it's tune. Yup, certainly sounds like a test case is needed - not just for Sonos, but for stuff generally.

0
0

Jocks' USO block shock: BT's 10Mbps proposals risk 'rural monopoly'

SImon Hobson
Silver badge

Re: NI did it some time ago

... there were companies setting up wireless links to groups of houses

Meanwhile, over here the government in a dramatic show of joined up thinking (that's sarcasm BTW) more or less killed off the wireless internet (and alternative cable) industry by way of business rates. IIRC, basically, they decided that someone with a radio mast must pay business rates on what the tower could potentially make in revenue if fully utilised to the maximum the technology permits - while not similarly crippling BT OR for it's poles and ducts.

Around here, we had radio offerings (initially done under government financing) which in places meant several masts to repeat a signal to a small (or even, single) user. Turning round and charging business rates on the basis that the tower providing service to one user as though that tower was servicing hundreds of users is a sure fire way to kill off the service.

And the estate my work office is on has manholes labelled Norweb Telecom because they (I assume with grants) put in ducting when the former ironworks was redeveloped. Vodafone (the current owners via a chain of acquisitions, Norweb Telecom -> Yourcomms -> Thus -> Clueless & Witless -> Vodamoan) have decided to abandon all these ducts (and the ability to provide direct fibre services without involving BT OR) - officially because they are clearing out "legacy" products, but I can't help thinking that the rates on the ducts used to support a very small number of users just doesn't make it worthwhile.

1
0
SImon Hobson
Silver badge

Re: Get stuffed BT, give the £600M to B4RN...

Any UK telco can provide service anywhere it wants to, there are no restrictions. What limits them is their ability to actually make any money or even cover their costs.

What you've missed out is BT's (whether that's BT or BTOR I'm not sure) policy of not providing service to low return areas UNTIL that area has an offer from another provider. B4RN had that, and apparently a lot of other networks have had it too :

BT tells a village that they won't be getting FTTC, so another provider decides it's viable. Once that other provider announces it's plans, BT steps in and announces that "after a review" it is now viable to offer FTTC after all. This is clearly a well poisoning exercise designed to stop other providers getting the critical mass of subscribers - and anecdotally BT will go around signing up customers to ADSL (with a 24 month contract) and the "promise" of FTTC "very soon", thus tying customers to BT so they don't sign up with the alternative provider.

B4RN mention this on their website, IIRC it happened in a number of villages.

So it's understandable that another provider might want to know BT's plans before they commit a lot of money. If BT publicly state that they won't be providing FTTC (or any other fast service) to a location then there's a better chance of making a go of it than if BT state that they will be. Because of BTs size, they can do things that other providers can't - it's just plain economics that if you have a huge profitable base then you can afford to take more risks at the edges, while if most of your services are at the edges then you have to be a lot more careful.

BT has a history of making business decisions which are clearly and blatantly designed to protect it's most profitable services. Predatory tactics designed to damage competitors (especially the small ones with better offerings) are nothing new.

0
0

Big question of the day: Is it time to lock down .localhost?

SImon Hobson
Silver badge

Re: Is localhost even needed?

I can't think of a single use-case where we wouldn't be better off using the machines real name or IP

OK, for starters, how about where the machine doesn't have a properly configured name - and by properly configured, where all the right DNS stuff is in place etc. IME it is very common for this to be the case - in fact I'd go so far as to suggest that there are more devices where a name lookup will fail than there are were it won't (especially in home networks).

And then you have the problem of changing addresses - if you bind to an address and it changes, then what ?

And security wise, if you only need intra-device access, binding to localhost rather than an interface address instantly gives you a layer of security.

But what I don't get is why hardcoding localhost in the hosts file is a problem with IPv6 ? A quick look on my older GNU/Linux systems shows that both IPv4 and IPv6 entries have been there for ages.

29
1

Linux kernel hardeners Grsecurity sue open source's Bruce Perens

SImon Hobson
Silver badge

This isn't accurate, to say the least.

...

GPL doesn't cover any future related works nor does it oblige the authors of the previous versions to release any further ones to the public, their clients or to anyone else.

You are correct that the GPL says nothing about anyone having to distribute to any particular person - so yes, GRS can pick and choose who they deal with.

But they are freely admitting that "we are selling you this GPL2 code, you have the right to redistribute it, but if you exercise that right then we'll do something to you (in this case, withhold future versions)". That IS putting a constraint on you exercising your rights under the GPL2.

Just like "free elections" where you can vote for anyone, but don't expect to find more than a pile of ash where your home was if you vote for anyone but "the official candidate", are not free elections. Just like all those business owners were quite free to accept or reject an offer of insurance from the local mafia/whatever.

Now, is this case about defamation or about the GPL ? Well the case depends on whether BP was correct in his assessment. If he's correct then the case should fail, if he's wrong then he could lose. So before the judge can decide how to rule, he can't avoid determining if BP is correct. SO I suspect that this will see the argument tested properly in court.

5
0
SImon Hobson
Silver badge
Headmaster

If your opinion is wrong ...

Actually, under English law you can be in the wrong even if your statement is factually correct.

For example, a newspaper prints an article stating that Mr Yokel of Wurzel Street is in court charged with (something) - which may be perfectly correct. However, if that Mr Yokel lives at No 5, the other Mr Yokel living at no 23 has standing to sue the paper for defamation - because although the statement is 100% correct, it incorrectly leads readers to believe that Mr Yokel of no 23 has been charged with criminal offences when he hasn't. So by not making it clear that they are specifically referring to the Mr Yokel at no 5 they have left themselves open to action.

1
1

Capita's smart meter monopoly is owed £42m by industry

SImon Hobson
Silver badge
Mushroom

What, 22 postings (so far) and no mention of Capita and 4fold overspend. A lot of you must have decided it's pub-o-clock on Friday afternoon I guess.

1
0

UK.gov to trial vouchers for 'gigabit-capable' connectivity with SMEs

SImon Hobson
Silver badge
Facepalm

Re: 'gigabit-capable'...

Looking first at your FTTP on new builds... this has some merit but ...

Doesn't help with builders like the one I've been talking to recently - mum was thinking of buying one of his new housesshoeboxes. I looked around saw that if there were any more corners cut then they'd be round, and asked about phone lines since I could so no evidence of any ducting (nor any provision for other than a single socket behind the TV). "Oh no, they'll be overhead, it was going to cost too much to put ducting in" came the reply.

Icon summarises my feeling at the time.

2
0

Google goes home to Cali to overturn Canada's worldwide search result ban

SImon Hobson
Silver badge

Delisting on Google does nothing to change that

Actually yes it does. For a very large proportion of internet users, Google results == the internet.

So what this means is that a user searching Google for the counterfeit products, they won't get any results linking to the vendor's sites. That means, to all intents, for a user searching on Google, those sites do not exist - and hence the products aren't available. Presumably if they already know the domain name then that's not a problem, but without finding them first, how will they know that they exist AND what the URL is ?

They could switch to another search engine, but many people don't know how to do that. Also, I assume that if Bing is still linking, then they will be next - or perhaps they voluntarily delisted the sites in the name of not supporting piracy ?

7
0

House fire, walk with me: Kodipocalypse now includes conflagration

SImon Hobson
Silver badge
Mushroom

Re: Mine runs perfectly safely on a Raspberry Pi

I agree - it's scare tactics - but the threat itself is real, just not really related to Kodi players specifically. Certain online trading sites are awash with electrical stuff (lots of power supplies for laptops, LEDs etc for example) being sold by foreign sellers. Some of this won't have a CE mark, much will have a "fake" CE mark, some will be quite genuine and safe - unless you are an expert in the field, you won't know.

There's a reason some people say CE stands for "Chinese Export" or simply Caveat Emptor.

9
0

Reg reader turns Geek's Guides to Britain into Geek's Map of Britain

SImon Hobson
Silver badge

Re: A few suggestions from me

Sadly the Sellafield Visitor Centre is no more

I didn't realise it had gone, but I knew the whole "visit Sellafield, nuclear power is really quite friendly and nothing at all like those horror stories in the press" experience had been substantially watered down. At one time, you could (as a member of the public) go on a coach round the site, and at school (on a pre-arranged visit, presumably with some "soft" security screening) we got to walk across the pile cap on one of Calder Hall's reactors.

These days it's much higher fencing (complete with electricity and tamper detection) and "coppers" with sub machine guns. Security has even impacted steam train excursions as they used to use the turning facility at Sellafield to turn the engine round. As this involved the engine (with it's crew) entering the facility by a few yards, AIUI it got axed "because terrorism" - just think what two guys with a steam train restricted to a pair of steel rails could do !

0
0

When 'Saving The Internet' means 'Saving Crony Capitalism'

SImon Hobson
Silver badge

Re: Local loop unbundling would of course mean the equivalnet of Openreach being formed.

The interesting part being that most of the world isn't in "the big cities". It only works in the big cities, and not even in all of them, and in all of each big city.

My nearest "big city" is 100 miles away, and I don't think much of that is serviced by multiple fibre networks.

0
0
SImon Hobson
Silver badge

Re: You get what you pay for

I pay more to my internet provider than my neighbors so I can get data from the internet quicker than them. I like having that choice.

That's great - though I gather a lot of US people don't have that choice - but is NOT in any way related to "net neutrality".

If a company will be more successful by paying more to get their data to me quicker than their competition, then that's part of their business strategy and operating costs.

And therein lies the problem.

If you are someone the size of (say) Goobble, or Farcebork, or ... then when you come to negotiate with the likes of ComCrap (as someone above called them) you are in a strong position. ComCrap knows that it needs such companies - it knows very well that the bulk of it's customer just will not accept slow or no access to those service. In fact, if you are one of the few biggest outfits like these, then you probably won't be paying anything at all - you might even counter-threat ComCrap that you'll cut off their customers if they don't pay you !

But suppose you are some new startup, you've got a great idea, and you're sure it'll take off once people can use it. So you go online and start for the customers to start coming to you ... But before long you find that you are getting more "it's crappily slow" reports than you are getting satisfied users. After some investigation, you find that ComCrap have throttled your traffic - so you contact ComCrap to ask what's going on. At this point, you realise that ComCrap don't give a crap about you or their users - they tell you what you will pay them to unthrottle your traffic (a lot more than anyone else) and your negotiating power is to accept that or walk away. So there you are, trying to get a new service going, while being "asked" to pay massively more than what the big guys are paying - and all the time knowing that someone like Goobble will not think twice in setting up their own version of the service if they think it'll make them money.

Being a startup, you can't afford to pay the mob's (ComCrap and the like) "protection money" - so your service gets a reputation for being slow. When Goobble launches it's competing service, they get full speed (because they are already paying, but a fraction of what you were asked to pay) and so all your customers defect.

It may also be that your service competes with something ComCrap offers - and in that case, ComCrap is going to throttle your traffic deliberately to make it's own service "better" and make sure that users don't go to your competing service.

So the idea of net neutrality is to ensure that all providers get to use the tubes in a fair manner. What it doesn't do is say that anyone should get a "free ride". You will have to pay a service provider to get your bits into the tubes at your end - and the more traffic you send, the more you will find yourself paying. ComCrap's customers are already paying ComCrap to cary the bits they consume, you are paying your ISP for the bits your send - having ComCrap charge you is double dipping, charging two people for the same traffic !

9
0
SImon Hobson
Silver badge

Re: Local loop unbundling would of course mean the equivalnet of Openreach being formed.

Not necessarily.

AIUI New Zealand went for LLU some time ago - but they went "all in" and forced a complete split between the business of providing the connections to premises and the business of providing services over those connections. That's something that the latest changes (forcing OpenReach to be a legally separate entity from BT) still doesn't match.

Going only from what ElReg commentards write here, it sounds like that has resulted in their equivalent of our OpenRetch being free to innovate without being constrained as our OpenRetch is - it's clear that a lot of OpenRetch policies were designed to protect BT from too much competition.

Ultimately, providing that "last mile" is a natural monopoly. If you are building a housing estate - no-one would expect multiple companies to come in an built competing road networks, build multiple competing electricity distribution networks, multiple competing drainage networks, and so on. No, people expect one set of roads, one set of lecky supply, one set of drains, and so on.

It's been shown time and time again that, except for some limited circumstances, it just isn't practical and cost effective to built a competing last mile network. So you have to rely on one company to build one network, and allow all service providers to use that network on fair and equal terms. If that one company is tied to the incumbent service provider in opaque ways that allow that incumbent to direct how the company operates and innovates - that's when you see the sort of problems people complain about with OpenRetch.

4
0

Linus Torvalds may have damned systemd with faint praise

SImon Hobson
Silver badge

if Poettering got it so obviously wrong, how come all the combined experience and wisdom of the contributors and developers of just about every major distribution out there went along with him?

AIUI, with Debian there was a lot of "discussion", and eventually some committee decided to bring an end to the "discussions" by calling a vote. The vote was cleverly worded with more options than just "yes, go with systemd" and "no, don't go with systemd". In the end, by cleverly including other options, it was made to look like there was overwhelming support for systemd and so it came to pass that Debian put the nails in it's own coffin.

In reality, the votes FOR systemd were a minority - but by including votes for "I've had enough with the discussions" etc, the result was rigged.

Of course, there were also the outright lies that I suspect led to more people voting for it than would have been the case had there been any honesty. Lies like "it's only an init" and "you can still use sysv init" - the first being an outright lie as we've since seen how far and wide it's tentacles have gone, the second is a lie by omission because while you can still use sysv int, you can't get rid of systemd entirely.

But prior to this vote, the issue was "how much effort to put into de-systemdising Gnome 3" given that RH has been heavily infecting it and it was getting harder and harder to disinfect it. I think there were even suggestions at one point that "we'll allow it for Jessie, and by the next release we'll have figured out how to remove it" !

4
0

FREE wildcard HTTPS certs from Let's Encrypt for every Reg reader*

SImon Hobson
Silver badge

Mebbe you need to look at the subject a bit more in depth?

Mebbe you need to read what people write.

No-where did I state that these were insurmountable problems.

I could host a site locally (I already do for one, and that's SSL enabled) - but that has it's own costs. Or I could pay to host the site with another host that does support SSL certs - but that has a cost, paying for the hosting that's currently 'free', and paying whatever the host charges for adding an SSL cert (some do it free, some charge £50/year !).

The point is that it's not a zero cost for many situations. And it's annoying to read time and time again this assumption that every site currently not SSL enabled can be enabled by simply getting a zero cost cert.

0
0
SImon Hobson
Silver badge

Please stop repeating the lie that there is no cost in using SSL.

If you use shared hosting, you cannot use your own cert - and must pay your hosting company to add a cert. A provider we use at work charges £50/site/year ! I get "free" hosting with my internet service, but this does not support SSL at all - so yes "all I have to do" is switch hosting which means paying someone else for something that is currently included in my internet package.

If you host more than one site, then you have to use SNI - which puts restrictions on the software you can use and also locks out older clients. Whether you like it or not, older clients are still in use - whether you piss off the users or not is up to you.

So yes, it's now really cheap - but it is not "free" in general.

0
0

Openreach kicks off 'rebrand' by painting over BT logo on vans

SImon Hobson
Silver badge

Re: What's the cost for just the Website Logo

Me too - went to their website to see what sort of doodle they'd paid out lots of money for, and at 13:35 it's still very much a BT logo on there. Given that the website is probably the easiest of the lot to update, it says a lot about their plans and processes !

5
0

Wi-Fi Dream Home Of The Future™ gets instructions for builders

SImon Hobson
Silver badge

Re: Lucky me

If it's built to regulations then (on the ground floor) there will be oodles of insulation either under the slab or between the slab and the floor base

Insulation will not make it warm. Basic school level physics will tell you that the concrete slab won't be warmer (on average) than the layer of air above it - ie the coldest air in the room. Therefore the slab will almost always be colder than the room, and cold to your feet.

We're not talking heated concrete slabs here (which I'd be happy with) - we're talking "as cheap as we can build it" unheated slabs. As I said, I could not write what I really think of these developers without the post getting taken down for bad language !

As it happens, we're just waiting for the vendors to agree (acrimonious separation, they are arguing between themselves) on our offer so we can move. I already have on my list of things to do ... rip up the kitchen floor and reconcrete it with heating pipes in it. As well as fix the other cheapskate bodges in the extension - like full cold bridging across the cavity because they couldn't be ****ed taking the original outer leaf off and doing it right.

0
0
SImon Hobson
Silver badge
FAIL

Re: Lucky me

Lucky you indeed. Mother is moving into a newbuild and the ****ing cheapskate ****wits aren't even allowing for a phone service without washing lines ! Their sole allowance for telephony is a backbox behind where the TV is expected to go in the living room, with a bit of wire sticking through the wall and dangling outside. No internal phone cabling, no provision for computers AT ALL and a house construction that makes discrete running of cables later on IMPOSSIBLE. When I commented, the vendor said "everything's wireless these days isn't it".

I have nothing I could possibly write in public to say about the standard of support by builders/developers for even 20th century technology, let alone 21st century living. IN this house, they've even cheaped out by not fitting a 32A supply for electric cooking. I don't think I could buy a new house unless I could buy it at the stage where they've built the shell and fitted the roof (and I have enough visibility to see that they've not f***ed any of that up) - and then I can do the rest properly, rather than paying for them to do it then paying to rip it all back to bare block and doing it again.

And WTF is this modern determination to build all new houses with cold slabs of concrete for the floor ?

2
0

Research suggests UK consumers find 'fibre' advertising misleading

SImon Hobson
Silver badge

Re: OMG!!! Colour me shocked

Indeed.

Head over to the ASA's website and submit a complaint - reference the article and say you are adding your support to the complaint these companies are making. The more people that complain to them, the harder it is for them to ignore it.

If you can reference actual instances of confusion with people you know then that ought to help.

0
0

Fighter pilot shot down laptops with a flick of his copper-plated wrist

SImon Hobson
Silver badge

Re: Random PC reboots

found a portable space heater plugged into the UPS

Ah yes, that old one. Had a customer at work phone up one day complaining that the UPS in their server room was beeping madly - so it was clearly faulty, why had we sold them such a pile of junk, and all the other sorts of "uncomplimentary" comments you might imagine. And this was escalated to their senior management.

Funnily enough, very little was said when we arrived on site to find a fan heater plugged into a socket clearly labelled "UPS circuit - computer equipment only". Yup, someone was cold (the server room was a partitioned off bit of the attic that will one day be office space) and just plugged in the heater in the nearest socket.

0
0

Banking websites are 'littered with trackers' ogling your credit risk

SImon Hobson
Silver badge

Re: Are there any legitimate uses for client side scripts on a banking website?

Isn't it obvious, all these scripts are to make the site "fresher and more responsive" - or at least, that's the sort of canned excuse I've had back from one bank that's recently "improved" it's site to be far slower and harder to use than it used to be !

Yes, that's a joke. You are right, there are very few legitimate uses - most of this crap is just that, crap. Just well polished crap designed to "look pretty and never mind the function" (or lack of function).

8
0
SImon Hobson
Silver badge

Re: I think we need to know...

The pop-up is advertising some security software that the bank would like its customers to install. A quick web search turned up lots of bad reviews of it from people who say it wrecked their machines when they installed it.

Rapport - lets just get it out in the open. I did try it some years ago - lets just say that it's effects were immediate, wide ranging, and resulted it in being uninstalled with no mercy. The little pile of utter s**t.

I keep a separate browser, configured to clean itself on quit. I have the same problem - every login gets the "Install Rapport or you are leaving yourself wide open" popup, and several other problems related to not saving preferences.

And one bank I use has recently "improved" it's site to be the worst pile of useless and confusing eye candy imaginable - bad enough that I'm considering changing banks.

9
0

Live blog: Fired FBI boss spills the beans to US Senate committee

SImon Hobson
Silver badge

Re: Best quote

Ah, but with some expert editing, the tapes could have almost any plotline !

2
1

Sons of IoT: Bikers hack Jeeps in auto theft spree

SImon Hobson
Silver badge

Re: Nothing to hide

Yes, it does seem like a flippin stupid idea doesn't it - leave the vehicle identity on full display for anyone to get with zero effort. Then add in basic mistakes by manufacturers using the VIN as the key to creating an online account to remotely control the vehicles ...

3
0

Lexmark patent racket busted by Supremes

SImon Hobson
Silver badge

Re: Takes me back

"this cartridge will self destruct in 10 pages"

Ha, that reminds me of an OfficeJet 9100 I once had. Didn't print all that much (and yes, had problems with drired up nozzles) - and one day got a message on the display saying the cartridges had expired. Words to the general effect of "gosh, that's not cricket" were uttered when I looked it up and found that in fact, the chaps of questionable parentage at HP did in fact time-bomb the cartridges. IIRC, from the date the cartridges are put in the printer, they have just 18 months.

There was absolutely nothing whatsoever in the manuals, packaging, online warning of this limitation. I tried phoning (IIRC) Consumer Direct who handle interface between people and their Trading Standards departments and they seemed unable to see why this should be any problem at all.

Lets just say that after that I have never recommended an HP inkjet to anyone.

2
0

Init freedom declared as systemd-free Devuan hits stable 1.0.0 status

SImon Hobson
Silver badge

Re: Init freedom?

But yet again, we have to point out to those who swallowed the lied and misdirections from the systemd camp :

This isn't about init !

If all systemd was was an init system, that could be swapped out for a different one, then there'd be no complaints.

Systemd was sold as being an init system, it isn't. It's a whole furball of crap that doesn't belong as part of an init system, all tightly bound up in such a way that you basically need it all or none of it. And because they've been aggressive in what they borg into it, too much has now gained dependencies for it to be easy to remove. Yeah, you can (almost) run Debian Jessie without systemd - as long as you don't want to run many useful packages. But that will get harder and harder to do as more and more gratuitous dependencies get stuffed into everything.

The approach taken by the systemd camp is to borg more and more functions into systemd, changing the API in such a way that if you want your program to run on a systemd system then you need to link against their libraies and use their APIs. Once you do that then your program won't run if systemd isn't running - and so you end up having to maintain two variants of the program.

5
0

Netgear 'fixes' router by adding phone-home features that record your IP and MAC address

SImon Hobson
Silver badge

Re: Why is this so bad?

And other information.

Well as you ask, in reality it's not of any value to them. But flip it around, and ask why collect it in the first place ?

The first rule of data management is that if you don't collect data then it can't leak. If you do collect it, then you need to secure it. We can't trust Netgear to keep it secure (given their track record), and they've turned on this collection without asking the user first. It does NOT matter in the least if there is a way to turn it off, nor does it matter in the least if it's in the release notes - this was turned on without the users consent.

But the article says they collect more than just IP and MAC, and in reality we don't know what they collect. What if they decided it would be useful to collect DNS query information ? No problem ? Have a read of this article which might just change your mind.

So it's not really about WHAT they collect, it's about the fact that they collect anything at all, and without asking the user first.

16
0

Phishing scum going legit to beat browser warnings

SImon Hobson
Silver badge

Re: El Reg fail

The obvious solution is blacklisting certificate authorities supporting phishing sites

Yes, the obvious but wrong solution.

If you do that, then inherently you are saying that all certificates must be something above domain validated, but not necessarily fully EV. Once you go above domain validated (ie you have sufficient control to receive an email to the hostmaster, or create a specific TXT record, or put a file on the web server) then you cna kiss cheap or free certificates goodbye. And then you can kiss goodbye to "everything on SSL" since for probably the vast majority of people, the cost of an SSL cert is just something they can't be bothered with for their club blog that gets half a dozen hits a day.

But I suspect that will be the next target - the big guys like Google really don't understand or give a s**t about the little guys. They are quite happy to change the rules and the rest of the world has to tag along with them. Just look at how enthusiastic they (along with so many others are) for breaking email - demanding SPF even though it's known (and was known while still in incubation) to be fatally broken in several ways.

1
0

Robot lands a 737 by hand, on a dare from DARPA

SImon Hobson
Silver badge
Alert

Re: Huh?

Pedant alert ...

You can't pass your PPL in a Cessna and fly a 747 the next day.

Actually, yes you can if you have the money. I believe it is technically possible to train for and get your PPL in a 747 - though the difference in cost between the per-hour cost of a light piston single and a 747 would make it a very expensive proposition.

Assuming you took the conventional route to your PPL (SEP(A)), you could still jump in a 747 the next day if you had the money to buy lessons for the type-specific qualification.

4
1

Why Microsoft's Windows game plan makes us WannaCry

SImon Hobson
Silver badge

Re: It is the apps tied to ActiveX that cause the problems

... why do those machines even have access to anything on the Internet? ... Why not isolate those machines on a firewalled subnet or vlan, make sure they don't talk SMB1 and use them as before?

In many cases, the computers DO need some form of interaction with the rest of the business. Take the case of a precision CNC mill someone mentioned - it'll need to be on the office network so that the design engineers can upload the milling programs to it (what if one of those file transfers accidentally transfers something nasty from an infected desktop ?) In the case of (say) an MRI scanner machine, it will need to be on the network so that images can be exported from it.

The simple fact is that yes, these devices CAN be protected, more or less, one way or another - and the rest of the network protected from them. But it's not a trivial exercise to do.

Lets assume that for security reasons, the MRI scanner computer is party to the same security policies the rest fo the business has - that's going to mean authorised users (active directory) and the access controls that go with it. Have you tried doing the firewalling to allow AD to work across a "locked down more watertight than a duck's backside" firewall ? It's "interesting" the amount of network traffic needed for AD to work correctly.

That's not to say this can't be done, but each device will have different requirements, and it takes time to work through how to deal with each of them. So there you are, as others have pointed out, with an IT team, limited budget - and tasked with keeping everything running as well as doing new stuff. You're barely coping with the everyday - where is this time going to come from ?

So ultimately, it comes down to manglement (at whatever level) not providing the resources needed. And again, as someone else has already pointed out, when we are constantly told that the NHS has to save lots of money - who's going to stick their neck out and "waste" budget fixing something that "isn't broken yet" ? It's not an NHS thing - it's the same across all businesses.

4
0

Google DeepMind's use of 1.6m Brits' medical records to test app was 'legally inappropriate'

SImon Hobson
Silver badge

Re: Streams is showing real patient benefits.

Google really are good at this stuff

And therein lies the heart of the problem - we know darn well what Google are good at. They are very good at ignoring the law and using their size to avoid the repercussions. They are very good at mining large volumes of data.

Thus, we can have little (or no) confidence that they won't take this data that should be kept in it's own secure silo, never leaving UK (or at least, EU) control and jurisdiction, and then mine it along with other data that would probably de-anonymise it.

So far, I have not read anything to suggest that Google has the corporate structures in place to respond as MS have done with the Irish emails case - ie tell the US authorities to sod off as the US company & staff don't physically have the access to provide them with the data which is held by a different legal entity on Irish soil.

But most of all, I have seen nothing (but plenty to the contrary) to suggest that Google wouldn't pause even a second to consider mining the data along with everything else it holds.

2
0
SImon Hobson
Silver badge

Re: 'inappropriate' or 'illegal'?

... the declaration patient sign when they join up with their GP or sign forms at hospital.

I don't recall ever signing any data protection stuff with my GP, but then when I last signed up with them, they were still on paper records.

Ditto when I've been to hospital - they've created records without asking my consent. They've also ignored my letters on the subject, but that's another matter !

0
0

Microsoft to spooks: WannaCrypt was inevitable, quit hoarding

SImon Hobson
Silver badge

Re: If you cannot patch it quarantine it

They have enough time and budget to ...

You are assuming that "they" are in a position to choose what they do. In all the cases you've cited, some PHB, or committee, will have decided what projects are going on - the grunts at the coal face just get told what they are doing.

Besides, some of the projects you have mentioned are not related to the separate projects of running the various local networks. You have to remember that there isn't "the NHS" - there is a collection of hundreds of trusts, commissioning groups, blah, blah.

I assume by "entirely pointless £10bn IT project" you mean the national IT backbone and slurp everything project. That was a completely different group not connected to any of the trusts affected by the ransomware outbreak.

27
0

Just 99.5 million nuisance calls... and KeurBOOM! A £400K megafine

SImon Hobson
Silver badge

Re: 0.4p per call ?

how about using the proceeds of crime act ?

I was thinking about that, or similar. A director is legally responsible for what goes on in the company - and there is absolutely no way whatsoever that a director of a company like this could not know exactly what was going on. AIUI, "limited liability" stops when the company is acting illegally with the director's support.

All it needs is some creative use of existing law. This sounds like yet another case of "can't be ar**d using the laws we have, so lets have some new ones".

7
0

User loses half of a CD-ROM in his boss's PC

SImon Hobson
Silver badge

bearing the largest toolbox we had

Ah yes, I've done that trick one or twice over the years. Anyone properly equipped to work on the early Macs would have had a particularly serious looking T15 Torx with a shaft at least 9" long - waved around in the right manner, you could properly intimidate a user with one of those :-)

Of course, at the other extreme, you make fairly "industrial" tasks look really delicate (and so make your skills look better than they actually are) by the correct choice of very small tools held in the right manner.

4
0

ISPs must ensure half of punters get advertised max speeds

SImon Hobson
Silver badge

Re: Annoyed... The rather pathetic progress continues...

So why is it that now, in 2017 I/we are still moaning about this?

Because Government, Telco's, Offcom, Openreach dropped the ball and have been fumbling around ever since - each one passing the buck.

BT and OR didn't drop the ball. BT has, and always will be, on the side of what it thinks will make it the most profit - that's what businesses do. If you have a knowledge of telecoms history, it's easy to see a long line of decisions clearly made so as to protect their profits. For example :

When ISDN came along, in other countries (notably Germany) they supported some interesting and useful features - result was wide adoption of ISDN-2 even for home use. In the UK ? BT priced it artificially high, and restricted features - with want can only be interpreted as a means of preventing people dropping their expensive (=profitable) leased lines and replacing them with cheaper ISDN-2 setups.

Even now, we see BT controlling what OpenReach do in terms of what's best for BT - not what's best for OR or the country. To that end, the recently enforced separation between BT and OR doesn't (IMO) go far enough.

Maybe this whole mess needs to be Nationalised?

Good god, no. I can only assume you are relatively young - everything is relative. Those of us of a certain age remember what nationalised phones and railways (to pick just 2) were like. People complain about the state of our communications and transport now, but really, it's positive nirvana compared to a few decades ago.

When my parents moved back when I was still young, we couldn't have our "own" phone line. Apart from a "you get it when we can be arsed" approach to installation times, there wasn't enough copper into the village, so instead of actually pulling some more cable, they forced new users onto party lines. Yup, your phone line was shared with a neighbour ! I suspect few people younger than perhaps about 30-40 will have ever come across one of those.

And as for the railways, the BR of old would make Southern look like a slick operation !

It's nothing to do with it being sold off later, it's to do with the fact that government just can't do "services". If it's in public ownership, then every career politician wants to make a name for themselves for fiddling with it, and as with the Post Office, the treasury will see it as a money box to be raided as ofetn and as heavily as they can get away with. In part, that's what was wrong with the old Post Office when it ran the telephones - the government took all it's money and so it never had the cash to do things properly.

At least in private ownership, the business can go to the money markets to raise cash for investments. If the investment looks sound, then the money will be there. And where there's deemed to be a "public good" case for subsidy, then that can make money available as well - that's what happened with FTTC, even though BT did obviously game the system in it's favour.

2
0
SImon Hobson
Silver badge

Got a bounce message back

Anyone else tried to send any comments by email ? All I get back is :

<broadbandspeeds@cap.org.uk>: host aspmx.l.google.com[74.125.133.27] said:

550-5.1.1 The email account that you tried to reach does not exist.

0
0
SImon Hobson
Silver badge

Re: Bugger maximum speeds

Having dealt with procurement for a number of different connection types, having a minimum (or committed) speed would make sense. I bet few people understood what contention ratio meant back when ADSL came along - how many actually realised that "512kbps @ 50:1 contention ratio" actually meant they could get less than dial-up speeds and the ISP was still meeting it's promise.

The problem comes when you try and define what the minimum rate actually is. At work, we had a customer that got the full ADSL line rate (literally a stones throw from the exchange) but actual throughput was crap thanks to the ISP having underinvested in backhaul.

0
0

systemd-free Devuan Linux hits RC2

SImon Hobson
Silver badge

As others have stated - politics and entanglement.

In the case of Debian, there was a long and "heated" discussion. In the end there was a vote which looks to have been designed to produce the desired answer rather than get an accurate count of opinions. If rationally analysed, it comes out with a clear majority (by a long way) of people not wanting systemd - but because of the way the options were chosen*, and some of those were interpreted*, the outcome was decided as being a majority in favour of systemd.

* Eg, "we don't want to debate it any more" was taken as "we want systemd".

But AIUI, part of this came about due to the ever greater effort needed to disinfect upstream packages - particularly desktop environments. As others have pointed out, systemd goes way way way beyond what it was originally sold as - and it appears to be a deliberate ploy to infect as much software as possible and thus make it ever harder to keep that software disinfected. Part of this is deliberately deprecating old but reliable and well known interfaces and replacing them with "new shiny" ones. Thus you get the problem that unless software has been written to use the new shiny (but really, in most cases no better) interfaces then it doesn't work well/at all on a systemd system - but if it is written to use those systemd interfaces, then it doesn't work well/at all on non-systemd systems.

KEY POINT systemd is incompatible by design. it is clearly a key design tenet that it must break as much compatibility as possible with "legacy" systems. That is a key driver to making it herder and harder to avoid it.

This last anti-choice point should alone be good enough reason to avoid it. We saw a decade or two ago what happens when one dominant group (in that case, Microsoft) is able to eliminate choice. Things stagnate, choices are made for the wrong reasons - ie if your only choice is Windows Server then you have to run Windows Server regardless of whether it's the right/best choice for your application. In the browser sphere, we saw how once they'd seen off the competition and eliminated choice, IE got stuck in a mire of mediocrity and dragged the whole web down with it for several years.

If systemd were so great, then people would adopt it by choice. With a few exceptions, most of the adopters have done so because they've given up fighting it (or at least, just run out of resources to fight it).

And I'll finish with :

PID 1 is (after the kernel) THE most critical component of your GNU/Linux system. It MUST be secure and stable. Basic software engineering principles dictate that it should be as small and simple as possible, with as few interfaces as possible, and basically minimise all avenues for bugs and vulnerabilities as is reasonably possible. systemd is the opposite of that - it may be multiple different binaries, but they are close coupled, with ill defined interfaces between them, and above all written by a team with (to be very polite) a less than impressive track record in producing "good" code.

Do you really want your system to be 100% reliant on software produced by people who deliberately break things and then leave others to clean up after them ? Do you really want your system to be reliant on people who re-create historical dangerous "features" and them blame the user when it hoses their system ? Do you really want your system to be reliant on people who's code is so "good" that they've been banned from contributing to the kernel ?

23
1

Page:

Forums

Biting the hand that feeds IT © 1998–2017