* Posts by batfastad

854 posts • joined 1 Aug 2009


Unexpected MySQL database meltdown fingered in GitHub's 24-hour website wobble


To be fair they have a very talented and well-respected MySQL team at Github.

I would reckon the issue possibly with their Orchestrator open source tool https://githubengineering.com/mysql-high-availability-at-github/ https://github.com/github/orchestrator

Ericsson's very good bad quarter, Mozilla encrypts SNI, new TIP projects, and more


The public key (frequently rotated) which is used to encrypt the ESNI message in the TLS ClientHello is published in a DNS TXT record. More info in the RFC draft https://tools.ietf.org/html/draft-rescorla-tls-esni-00

Virgin Media? More like Virgin Meltdown: Brit broadband ISP falls over amid power drama



Someone quoted complaining about lost clients... Well they actually lost them the moment they made the cost decision to use residential broadband with no failover.

Even if you don't want an additional fixed circuit then tethering off a 4G connection is perfectly acceptable to get things done these days.

Your RSS is grass: Mozilla euthanizes feed reader, Atom code in Firefox browser, claims it's old and unloved



Like everyone else, RSS brought me here!

Since Google killed off Reader I've been running my own ttrss instance and it's great. Does exactly what I need. Might be a good option if you're one of those people who likes spending their spare time running their own sh1t and work time running other peoples'.

In the two years since Dyn went dark, what have we learned? Not much, it appears


Re: Workstation, Server, and Router Options

You probably want to look at dnsdist for DNS load balancing. It's a great solution. I use it in a few different application environments, in front of small cluster of active-passive Stubby instances which provide DNS-over-HTTPS (multiplexed HTTP/2 connections if your upstream DoH resolver supports it).

DNSdist - https://dnsdist.org

Stubby - https://getdnsapi.net/blog/dns-privacy-daemon-stubby

'Fibre broadband' should mean glass wires poking into your router, reckons Brit survey


Re: Fibre broadband should mean FTTP

IIRC G.fast is still FTTC and only contains perhaps 2-3 miles more fibre than ADSL.

A quick turd is still a turd. Especially when given money to provide infrastructure by advertising "fibre".


Fibre broadband should mean FTTP

... I agree.

In terms of miles from browser to, say, google, the difference in total fibre length between FTTC and ADSL is probably a couple of miles - likely less than 5% of the total.

But who wouldn't expect BT to polish a turd when there's an opportunity to grab tax payers' dosh.

The future of radio may well be digital, but it won't survive on DAB


I like DAB

No wait, I got that wrong, I meant I like the sound quality of a potato. Underwater.

IPv6 growth is slowing and no one knows why. Let's see if El Reg can address what's going on

Big Brother

Especially when Reg is behind Cloudflare. Cloudflare make it as simple as ticking a box to enable IPv6.

More likely is that Reg needs to get its user tracking, ad punting and data logging systems fixed to handle IPv6 addresses.

Cloudflare promises to tend not two, but 65,535 ports in a storm


Re: Why only IPv4?

Watch the vid... https://blog.cloudflare.com/spectrum/

You get an IPv6 by default and a v4 address on request.

Mozilla's opt-out Firefox DNS privacy test sparks, er, privacy outcry



DoH is actually a very cool technology. Many people already ditch their ISP's DNS servers because they are unreliable. What do they replace them with? or whatever the Cisco/OpenDNS ones are. But there is still huge scope for manipulation and interference of any unsecured DNS queries, regardless of who your resolver is. Using dnscrypt makes things slightly trickier for snooping but you're still putting trust on whoever runs the proxy.

DNS over HTTPS means your ISP and anyone else in the path is not able to see your DNS lookups. and would bring some speed gains by re-using/multiplexing HTTP/2 connections.

Considering that a decent chunk of many sites are already served by Cloudflare's CDN, and in many cases people are already putting regular DNS lookups through Google/Cisco, I don't have much of an issue with this in terms of privacy. You've already opted-in to the Nightly builds (and all its telemetry) so being opted-in to further studies within the browser is sort of expected I would guess.

Tories spared fine after being told off by ICO for election telemarketing


Unlawful direct marketing?

Throw the book at them then.

Equifax: About those 400,000 UK records we lost? It's now 15.2M. Yes, M for MEELLLION



So they are going to broadcast to the current resident of a property that a previous resident at that property's details are on the Equifax hack list. Sounds legit.

There's a way to dodge Fasthosts' up-to-160% domain renewal hike but you're not gonna like it



I was using the UKReg brand of Fasthosts for years, many years ago. And they were overpriced even then.

Moved all my domains to namecheap.com and gandi.net (for the TLDs that namecheap didn't support at the time). Highly recommend both.

Power meltdown 'fries' SourceForge, knocks site's servers titsup



Luckily Sourceforge downloads were always mirrored. Still are I believe.

But last time I looked I had to fight through a barrage of JS/Ad farm mirror redirector pages, all refusing to give me a direct link.

Having a mirror for people to access critical projects = good.

Having ad bloat, tracking, JS, redirecting nonsense in front of your mirrors, that goes down when your site is down = poor. Really really poor.

123-Reg customers outraged at automatic .UK domain registration


Customer retention -> vendor lock-in

By automatically registering the .uk for customers, they increase the number of domains that customers would have to transfer to another registrar should they be inclined to leave 123-reg.

Atlassian releases 'Stride', because HipChat isn't hip enough to whack Slack



We've got full Atlassian here, on-prem because that's where it's at these days. Would probably switch to Slack if they offered an on-prem version.

HipChat is ok but the UI isn't anywhere near customisable enough for my liking. I wish it was a bit better to use with any XMPP client but so much of its functionality is based around the web app core.

UK.gov unveils six areas to pilot full-fat fibre, and London ain't on the list


@Mike Scott 1

> patchy DAB

No mate, the UK has full coverage of patchy DAB. In my area it has the bitrate of a potato. Underwater.


Digital Leader

"To keep Britain as the digital world leader that it is, ......"


I've just come back from 2 weeks in rural-ish spain where I had a "fibra" connection. Full actual FTTP/FTTH into the house, not even ethernet from the street.

Meanwhile in the UK my exchange has been FTTC enabled but unable accept orders because "waiting list" for almost 2 years.

DMARC anti-phishing standard adoption is lagging even in big firms



"It's still impossible to turn SPF on properly as so many ISPs and companies don't have proper SPF records..."

The problem I found was the reverse. Big ISPs mis-configuring their relay clusters to forward instead of relay/re-envelope. At one time if you had a strict SPF, noone forwarding their mail to @btinternet.com or @yahoo.com and countless more would receive mail from you because they were (still are?) trying to spoof your source domain, which you were stopping with your strict SPF.

I still run my own e-mail but have moved on from running corporate e-mail several years ago, because f*ck th*t.

GTFO of there! Security researchers turn against HTTP public key pinning


Re: Trust

I wish changing CAs was that easy. Unfortunately trying to get the intermediate/bundle that matches the exact cert product you've bought normally means a trawl through far too many of the CA's KB pages.

Red Hat acquires Permabit to put the squeeze on RHEL


@Alan Brown I wish I could upvote 100 times!

ZFS dedupe = "DO NOT DO"

I have been running ZFS on Linux very happily for a few years now. No issues whatsoever.

HMS Frigatey Mcfrigateface given her official name



Very nice! So how many affordable housing units, school places, hospital beds does this add?

Not that scary or that hard: Two decades of VLANS


Beep beep beep

It's 2am, why is my phone buzzing? Server down alert? Let me login and check it...

10 mins later. Oh, it's because a VM has DRS migrated to another host. A host which doesn't have that specific VLAN configured on the trunk port from the switch. Cheers network team.

If I had a Euro for every time that has happened...

Five-eyes nations want comms providers to bust crypto for them


How to find a needle in a haystack

Q: How do you find a needle in a haystack?

A: Bigger haystacks!

HMS Windows XP: Britain's newest warship running Swiss Cheese OS


Very nice!

How many social housing units, hospital beds and school places does it add?

Fasthosts' week to forget: 4-day virtual server summer bummer



... still exist?!!

2 kool 4 komputing: Teens' interest in GCSE course totally bombs



I count computing as a hobby. I spend all day at work working with computers then most of my evening doing the same. A relative chucking out their Acorn Electron. Programming, writing+reading data from casette tapes, moving to a PC, more programming, upgrading, fixing, programming, databases, programming, networking, servers etc.

The very reason I liked mucking about with computers from a young age was because it WASN'T taught formally at school. I could follow my fascination and learn on my own. Though there was a GCSE in IT which covered basic programming in BASIC IIRC.

What did I do at Uni? Archaeology and Latin. What do I do as a job? Yeah, not those.

UK PM May's response to London terror attack: Time to 'regulate' internet companies


A needle in a haystack

Problem: A needle in a haystack

Answer: Bigger haystacks!

New 'Beaver' web server has exactly ONE user outside China




Well pretty much the only thing I'd trust IIS for is domain-holding ad-spam pages, so I can believe that.

'Major incident' at Capita data centre: Multiple services still knackered



Well you don't think that the money their customers (NHS Trusts, Councils etc) pay actually gets spent properly and proportionally on the infrastructure backing their services do you?!

Look it's contract renewal time... lets take the money and sweat the assets of our existing platform for a few more years. After all, we've got executive pay reviews coming up soon.

The fact that a DC has gone down and that has taken out production service is unforgiveable in this day and age.

Cloudflare doubles down on its troll-hunting crusade


> I didn't think that was how democracy was supposed to work?

Are you new?


Backup crack-up: Fasthosts locks people out of data storage for days amid WCry panic



... still exist??!

LastPass resolves UK connectivity blooper



"We modified the Domain Name System (DNS) to bypass our 3rd party provider in that region."

It took 2+ days - sounds like they've been waiting for TTL expiry! Lol if that's how they make routing changes.

Linux homes for Ubuntu Unity orphans: Minty Cinnamon, GNOME or Ubuntu, mate?



After being a long-term Mint user (Cinnamon -> MATE -> XFCE I've been using Xubuntu as my primary laptop OS for a few years now. XFCE is fast and customiseable and hardware support in *buntu is great with my weird devices.

Is Britain really worse at 4G than Peru?


4G? GPRS more like

I upgraded to a phone that had 4G about 6 months ago and in London O2 coverage is pretty disappointing. I rarely activate 4G now. At least on 3G I tend to get full HSDPA+ or whatever it is.

With 4G enabled my phone seems to spend more time without any signal at all, unable to receive calls and SMS.

TVs are now tablet computers without a touchscreen



My parents Samsung smart TV has been gradually downgraded over the last 2 years and my old Now TV box has been auto-updated to the point that input lag is about 10s. This is something that had always put me off having all this functionality in a single device... do one thing and do it well.

Thankfully I still have an Android TV box which handles "smart TV" functionality... for now. Though it's still only a matter of time until the apps require updates to continue working and further down the line those apps will no longer be available for my version of Android. That will either be a night following guides on xda developers unlock bootloaders, flash recovery and roms etc, or charity shop/bin and buy new.

Manufacturers need to take more responsibility for their devices to ensure a longer functional life and reduce waste, even if it comes at the expense of new shiny things.

US military makes first drop of Mother-of-All-Bombs on Daesh-bags



Seeing so much money spent and excitement generated over the creation devices to kill humans makes me proud to be a human. Not.

Y'know CSS was to kill off HTML table layout? Well, second time's a charm: Meet CSS Grid



Hopefully El Reg will keep it 90s by still using the default HTML 4.0 table style...


eBay dumps users into insecure authentication mechanism


SMS 2FA insecure?

SMS 2FA insecure? Someone needs to tell HMRC that.

Since a couple of months back it's now impossible to login to the personal tax portal without setting up SMS-based 2FA.

As someone who changes SIM cards a few times a year depending on which provider offers enough ooodlebytes of data for the least money, this is a no-go. TOTP FTW.

Be our Guetzli, says Google, to make beastly JPEGs beautifully small


Re: A better solution...

El Reg should take the lead here by stopping adding vaguely-related stock photography to the top of each article.

Scality guarantees 100% availability


Sex Panther.

So it's 100% available... if you make it 100% available.

That's almost as good as "60% of the time, it works every time" (see title).

Privacy concerns over gaps in eBay crypto


See icon ----------------------------------------------------------------->

Have been wondering this myself for 10+ years.

Even though there is little personal information on the non-HTTPS eBay pages there is still identifable information in the form of (many) session IDs.

Whenever you've got a session with a user the session IDs should only be transmitted over HTTPS. Basic.



Was going to question this myself. A VPN would only be any good if it was straight into eBay's networks.

Microsoft foists fake file system for fat Git repos


Git Submodules?




I like the way they reliased they've got a problem once a git checkout hits 3 hours. Presume they were happy with 1-2hr checkout times?

Maybe that's what Windows update has just been doing in the background all these years!

David Hockney creates new Sun masthead. Now for The Reg...



> And obviously I hate scousers because they transported my ancestors on the slave ships out of Liverpool.

Yes, scousers still to this day are renowned throughout the world for their magnificent wealth gained off the back of the slave trade.

NHS reply-all meltdown swamped system with half a billion emails


All England rule

"A software configuration error meant that the system applied an 'All England' rule"

Tories/UKIP are probably gunning for just that!

Google launches root certificate authority


HTTPS everywhere!

HTTPS everywhere! Well, to the edge anyway. Behind the load balancers? Ahem.


Biting the hand that feeds IT © 1998–2019