* Posts by Ian 7

143 posts • joined 5 Oct 2009


'Occult' text from Buffy The Vampire Slayer ep actually just story about new bus lane in Dublin

Ian 7

Have some Faith!

OK, Google. Music in 2019 isn't what it was, but Play nice, will ya?

Ian 7

All the best music was written before 1988 anyway


Microsoft tells volume customers they can stay on Windows 7... for a bit longer... for a fee

Ian 7

Re: Microsoft is giving people some extra time...

Different product, same (or at least, related) branding. Not the same thing at all, really, other than they can both edit text files.

Google Chrome: HTTPS or bust. Insecure HTTP D-Day is tomorrow, folks

Ian 7

Re: stuck on HTTP

Troy Hunt also did an excellent Pluralsight course on what developers need to know about HTTPS. If you've got an account, it's definitely an eye opener

Azure promises to keep your backups safe and snug for up to 10 years

Ian 7

Re: Up to

Don't be daft, it means you can choose any retention period up to 10 years. This is a little bit different than consumer-level service offerings like £20/month ISP deals or free Dropbox.

Ian 7

Apples to oranges comparison

AWS RDS's high-availability failover between availability zones (AZs) isn't the same thing as geo-replication and failover between regions - it's all within a region. AWS has multiple AZs within each region and you're right, it's trivial (and a good thing) to replicate and failover between them. Azure is moving to a similar AZ model but has already had update domains and fault domains for a while which kinda-sorta gives you the same features, and which automatically give you similar within-region high availability for SQL Azure. Neither cloud had a super-simple, check-a-box cross-region high availability and failover capability, but Azure is now talking about its failover groups and active geo-replication features, which do give you genuine cross-region failover which is what you need for enterprise-level high availability.

It's important to know the difference between AZs and regions - some people seem to think that single region use of multiple AZs is all they need; for many purposes it probably isn't.

Microsoft Azure Europe embraced the other GDPR: Generally Down, Possibly Recovering

Ian 7

Re: Absolutely

Multiple AZs is a good start, but that wouldn't help you in this case as an entire region went out. AZs help you with issues at an individual data center, but AWS/Azure/GCP roll out changes at a region level so you need to be multi-region to protect you from times when that kind of thing f***s up. And it will. It may be more cost effective for you not to bother, depends on your RTO/RTP requirements.

When you get into multi-cloud conversations, you're well into the law of diminishing returns.

MCubed: Speaker lineup shows how to put ML and AI to work

Ian 7

Machine learning - state of the art

Is it just me, or does anyone else wonder why invitations to a machine learning conference aren't tightly targeted to those with the highest propensity to want to go based on previous behaviour across a range of dimensions, instead of just a catch-all article page aimed at everyone? :-)

It couldn't be that ML/AI is still only useful in more nice applications than the hype might suggest, surely?

Might explain why I'm followed round t'internet by adverts for things I've already bought or have no intention of buying now I've done a little bit of research on them... Artificial "Throw it all out there, see what sticks" might be a more accurate description for much of this right now...

HostingUK drops offline after losing Farmer vs Fibre competition

Ian 7

Re: DR

"You could spread across several different clouds, across in-house and cloud, across in-house, externally-hosted and cloud. But a particular cloud is ONE point of potential failure."

Depends which cloud. Go to one of the big boys - AWS or Azure say - and you'll get a data centre network with the capability* for you to host and run your applications with proper and complete redundancy and fault tolerance built in. Go to one of the relative minnows who have been bought and sold by a bunch of VCs with costs stripped to the bone each time and you'll get what you pay for. For better or worse this whole sector is becoming like the big supermarket chains vs the Mom'n'Pop corner stores - the bigger guys do it mostly better and cheaper, but diversity dies.

* although they give you the capability to do it right, they're kind enough to let you do it wrong if you are so inclined, so you'll be just as vulnerable to this kind of failure unless you tick the right boxes on the web console too

AWS outage killed some cloudy servers, recovery time is uncertain

Ian 7

Re: Isn't cloud supposed to be fault tolerant?

It isn't supposed to be magic, just fault tolerant. Magic would be preventing anything failing ever - no-one who knows anything about Cloud, including the vendors, say they have that kind of magic. Fault-tolerant means providing capabilities to hide, mitigate and recover from failures. Cloud vendors do say that you need to build and architect applications to expect failures, and they provide lots of capabilities to allow you to do that. For example, AWS separates each region into Availability Zones (think "isolated data centre") and specifies that the way to get high availability and fault tolerance is to split your application hosting over at least two AZs. How difficult is it to do that? Basically check a few boxes in the web console or add a parameter to a couple of CLI/API commands.

It is completely trivial to get an application running on servers in multiple AZs talking to a database that has a master in one AZ which is real-time replicated to a read-only replica in another AZ, and then to promote that replica to be the master automatically in case of failure. Do that, and problems like the one mentioned here are barely noticeable. AWS (and Azure and GCP do similar things) handles high-speed connections, load balancing and automatic data replication between AZs for you. This handles issues with a single data-centre going down very elegantly.

Occasionally entire regions do go down, but *almost* never multiple regions at the same time. If you want to be clever and super-fault-tolerant, you build your application to work over multiple regions, not just multiple AZs. That isn't quite as trivial due to having to understand the data replication model - single-master, multi-master, eventually consistent, plus issues like latency etc. but there are good patterns out there to allow that, and if you are building from scratch rather than lifting-and-shifting and can take advantage of some of the globally-replicated NoSQL services all platforms provide then the problem largely goes away.

And yes, if you're super-super-paranoid, you can even build a multi-cloud-provider solution. That definitely isn't easy. Or cheap. But then that hasn't changed from the old on-prem days.

Facebook furiously pumps brakes on Euro probe into transatlantic personal data slurping

Ian 7

GDPR is being enshrined in UK law, regardless of Brexit. Granted, they "could" more easily be changed further down the line, but from day 1 of Brexit we'll still be subject to GDPR.


We wanted a camera, they gave us the eye of Gemini – and an eSIM

Ian 7

Dr Janko Mrsic-Flogel

Is the Planet CEO Dr Janko Mrsic-Flogel the same Dr Janko Mrsic-Flogel who is CTO of the ZX Spectrum mob Retro Computers Ltd? Or, you know, a completely different Dr Janko Mrsic-Flogel?

Powerful on a Scrabble board, he is!

Galileo, Galileo, Galileo, off you go: Snout of UK space forcibly removed from EU satellite trough

Ian 7

Re: #headdesk

"la la les passeports bleu!", surely ? :)

Use of HTTPS among top sites is growing, but weirdly so is deprecated HTTP public key pinning

Ian 7

Watch https://www.pluralsight.com/courses/https-every-developer-must-know and make up your own mind. If you haven't got a Pluralsight subscription, the TL;DR is "yes, there's every point in pretty much everything going HTTPS".

From July, Chrome will name and shame insecure HTTP websites

Ian 7

Re: Meh

As a trivial example of why it's a GOOD thing to encrypt all pages, even ones that don't have a form on them to collect your data, consider this: You have a bunch of pages that just have some content on them, no forms. They DO have a link to your login page (which itself uses HTTPS). Without HTTPS, it's very simple for requests for those content-only pages to be intercepted and altered before they're sent on to the customer - so the customer receives all the same content with a login link which looks the same but which now actually sends the user to a malicious site which harvests his/her login details.

If HTTPS is mandated for all pages, that kind of attack just cannot happen. HTTPS doesn't just protect data that you send, it guarantees that the data (i.e. the HTML/Javascripts) that you've received is what was intended by the site owner.

The blockchain era is here but big biz, like most folk, hasn't a clue what to do with it

Ian 7

Re: Am I the only one who doesn't really have a clue what blockchain is?

By being wrong (or at least focusing on a specific use case built on top of blockchains rather than on blockchains themselves) I think you've absolutely perfectly summed up the situation. I *think* I know roughly what they are, but I'm still waiting for that Eureka moment where I understand what all the fuss is about. At the moment, to me it sounds like a different type of mousetrap, but I don't understand why some people think it's a better type of mousetrap.

"Build a better mousetrap, and the world will beat a path to your door"

Just can't catch a break, can ya, Capita? Shares tumble 40% amid yet another profit warning

Ian 7

There's a bit of a misunderstanding going on here - Capita's market cap (# of shares * share price) has just fallen £800m. Sounds dreadful! But this is on the back of them saying they're going to issue £700m of new shares - new shares don't create new value, they dilute the value of existing shares, and that's (mostly) what's just been priced in. So market cap as measured by shares*price falls $800m now in anticipation of more shares, assuming the share price stays the same when the new shares are issued the market cap as measured by shares*price will rise £700m, net fall £100m. Nowhere near as disastrous.

That is an assumption, mind! And I'm not defending Capita, I've had horrendous service from them in the past too.

See http://www.bbc.co.uk/news/business-42885211 for more analysis on the share price fall, explaining better than I just did why it's not as bad as it looks at face value.

Tech giants at war: Google pulls plug on YouTube in Amazon kit

Ian 7

Oooh didn't know that - thanks for the tip! Android-only and music-only for the moment, but hopefully a step in the right direction. iOS and video support next would be great...

Ian 7

I'd love to agree - that's why I bought a Roku streaming stick a few years back and why I want another one. You can get all the services on a single, cheap device which allows you to really shop around for which services you want to subscribe to. However, in the UK at least Roku have virtually pulled out; none of their latest generation products are officially available and the grey-market imports you can get don't support important local services like BBC iPlayer. Instead Roku make the locked down, completely crippled NowTV box for Rupert Murdoch. Such a shame.

Will you be on Cloud9? AWS emits cloudy code editor it nabbed last year

Ian 7

Corporate locked-down environment

I wonder if this will help me get around the locked-down nature of my corporate IT environment and infrastructure, where it can take months to get access to the most basic of external web-based resource? And if it does, is that a good or a bad thing? Good for productivity, bad for security...?

It's 2017, and command injection is still the top threat to web apps

Ian 7

Re: moving functionality from the server side to the client “brings its own security challenges”.

Totally agree - validation etc. on the client is purely to help improve user experience; it needs to be replicated on the server to be any kind of guarantee that it's doing what was intended. And yep, I also agree that there are too many inexperienced web developers out there who don't appreciate that. I'm being polite and swapping "inexperienced" for "idiot" :)

We had a guy apply for a job here recently who was after £60K plus benefits, which he said was a significant pay CUT from what he'd been earning in California and London, and who could boast on his CV that he'd got experience with cool stuff like Ethereum plus every Javascript framework you could care to mention, but who had no clue how to write a secure application, nor one that was scalable or highly available. Apparently "the framework takes care of that". Knob!

New UK aircraft carrier to be commissioned on Pearl Harbor anniversary

Ian 7

Re: Pearl Harbour

Sadly they didn't quite mange to sink Michael Bay's career, 60 years later

Apple whispers how its face-fingering AI works

Ian 7

Re: Blast from the past

Don't mention the wireless charging on the 920 several years before that... :-)

Munich council: To hell with Linux, we're going full Windows in 2020

Ian 7

"...Accenture, co-founded by Microsoft..."

Accenture wasn't co-founded by Microsoft at all. Accenture came out of the Arthur Andersen accountacy firm and in it's earliest incarnation began in the 1950's, long before Microsoft was created.

Accenture and Microsoft do have a joint venture they started together called Avanade, and like all big consultancies Accenture is an accredited Microsoft partner. LIke they are with over 100 other companies (including Red Hat, Software AG and IBM) as listed here: https://www.accenture.com/gb-en/alliance-ecosystem

Visual Studio Team Services having some 'performance issues'

Ian 7

Agile Manifesto

"We can't even do a standup/scrum meeting this morning because VSTS workboard is so slow :("

Individuals and interactions over processes and tools


Just sayin'

SQL Server 2017: What's new, what's missing on Linux, and what's next?

Ian 7

Re: WinFS

Not sure if that's a trolling comment, but WinFS is NOT the Windows file system they are talking about. WinFS died about 10 years or more ago, it never saw the light of day.

https://en.wikipedia.org/wiki/ReFS might be more appropriate - at least it's their current "future" file system

Chap tames Slack by piping it into Emacs

Ian 7

Re: Well, points for making it work I guess

Clearly a clever guy so kudos as you say, but you have to ask what more useful things he could have done with that time and effort...

From the article: "he's only made aware of Slack happenings that mention him by name or suggest things he really needs to know about, such as “whenever something explodes in the server"

Wouldn't it have been easier for him to just set his notification preferences to only alert him to mentions of his name, and to set up appropriate channels for live alerting?

FREE wildcard HTTPS certs from Let's Encrypt for every Reg reader*

Ian 7

Re: An admirable effort.

Anyone who doubts the value of HTTPS should see Troy Hunt's course on Pluralsight - https://www.pluralsight.com/courses/https-every-developer-must-know. In fact, forget the "anyone who doubts..." bit. Everyone should see Troy Hunt's course on Pluralsight (other providers are no doubt available, I have no commercial relationship with either Troy or Pluralsight, etc. etc. blah blah blah)

HTTPS is a necessary component of a secure web. It is not however a sufficient component. So yes, HTTPS == safer, HTTPS != safe

Software dev bombshell: Programmers who use spaces earn MORE than those who use tabs

Ian 7

Re: Hey, did you know the editor could do that automatically?

Isn't 2.4 years the amount of time a front end, JavaScript-framework programmer has to become expert in what they do before their skills are rendered completely irrelevant by TheNextBigThing.js and they have to start again? Ahem.


<bitterFormerCICSBMSMapDev />

<evenBittererIBelievedInAngular1.0ThenAngular2.0CameOutDev />

<totallyApocalypticReactJSSayWhatNowDev />

<thankGodForServerSideCodeDev />

<oldTechnologiesNeverDieTheyJustResurfaceWithNewPackaging />


Samsung's Bixby assistant fails English, gets held back a month

Ian 7

Re: Rather unfortunately named assistant

It was David Banner who Bixby played, not Bruce. Although apparently on his gravestone (ooops, spoiler alert) it became "David Bruce Banner". Theories abound as to why... https://scifi.stackexchange.com/questions/91702/why-was-bruce-banner-named-david-banner-in-the-old-tv-show

Script kiddies pwn 1000s of Windows boxes using leaked NSA hack tools

Ian 7

Nation state grade

I'm loving seeing the "nation-state grade software" phrase thrown around. Would anyone rush out to buy a nation-state grade wordprocessor? The nation-state grade website I have to use to fill in my tax returns isn't exactly a shining example of the state of the art. This stuff must come from those 'other' government-paid devs, yeah? You know, the really good ones. :-)

Yes, this is (mostly) a joke. I know it's serious stuff!

Linux on Windows 10: Will penguin treats in Creators Update be enough to lure you?

Ian 7

Re: Java is so easily messed up... just put spaces in a path or a password...

I was tempted to downvote you for providing factually correct and interesting information plus links to external sources on a Reg anti-MS flame thread, but couldn't quite bring myself to do it... Give it time, I'm sure someone will! :)

Update or shut up: Microsoft's choice for desktop Skypers

Ian 7

Re: Another Cloud con

How does the cloud make tracking your chats any easier for Microsoft to do than having a fat client app running on your PC?

Guess who's suffering an email outage. Go on, it's as easy as 123-Reg

Ian 7

You know the difference between revenue and profits, right...? Them pesky costs thingies...

What gifts did ol' kitten heels May get this year?

Ian 7

Re: the only well-known May worth talking about (IMHO)

Brian May strums a decent guitar. Other than that I'm really struggling to think of any more famous Mays...?

How Rogue One's Imperial stormtroopers SAVED Star Wars and restored order

Ian 7

Re: The Force Awakens is just a bad movove

Totally agree about the villain being central to any good Star Wars movie. Episode 1 had Darth CutInHalfAfter5MinutesScreenTime who looked badass till he fell apart. Episodes 2 and 3 had the Emperor to hold them together but he was still hiding in plain sight so wasn't moment-by-moment scary and he had not-quite-Darth Overacting to compensate for anyway. Episode 7 had a prefect from Slytherin as the villain *and* he lost a laserbat fight to a completely untrained opponent when he wasn't crying about how badly treated by his parents he was - wuss! Episode 3.9 ('cos it's closer to 4 than 3) had a completely mental, ass-kicking Darth Vader back in full "you took my last Rolo ya bastich" mode and that's the point that had me stood up and cheering! Finally a top-class baddy again. LONG overdue!

'Twas Brillo but then Android Things, which watched as Google Weaved its Nest

Ian 7


Do you guys have to exhaust your hyphen-budget before year end or you don't get given so many next year?

DNS devastation: Top websites whacked offline as Dyn dies again

Ian 7

Re: Inevitable

Not as inevitable as someone shouting "Blockchain - that's the answer!"

Chaos Monkey 2.0

Ian 7

Re: Chaos Monkey? Or as we call them

Users, in our case...

London's Met Police has missed the Windows XP escape deadline

Ian 7

Re: Government investment in the Police

Haven't we got an extra £350million a week sloshing around somewhere now...? Ahem.

Bezos bags bonkers bucks as almighty AWS astounds again

Ian 7

Re: it isn't cheap, so i am not surprised its a cash cow

Brexit supporters only see the good news post-Brexit. Remainers only see the bad news.

Trump supporters only see the good stuff they want to see in Trump. Anti-Trumpers only see the bad stuff.

Cloud supporters... well, you get the idea. Objective reality and in-depth research seems to have very little impact in any decision making any more. Time will tell; life's too short to care too much about any one camp in any given argument when the world has been taken over by marketing sloganeers. Maybe the world really is just too complex to understand and we really should decide things by tossing a coin...?

Smartphones aren't tiny PCs, but that's how we use them in the West

Ian 7

Re: QR codes are a great way to point people at malmare

So are you happy to click on http://bit.ly/29BwXvC - you can see what the URL is, yep? No problem, right...?

Revolutionary Brit-made SABRE hybrid rocket engine to burn in 2020

Ian 7

Anyone old enough to remember HOTOL? https://en.wikipedia.org/wiki/HOTOL That ended well (and made me decide to curtail my budding career in aerospace engineering)... Fingers crossed for a bit more progress with this beast!

On a positive note, all those "artist representations" of what HOTOL might look like are now getting a second airing with the new SABRE branding.

Wales gives anti-vaping Blockleiters a Big Red Panic Button

Ian 7

Re: Vaping is harmless

Lack of evidence isn't the same thing as evidence. What studies have been done; what were the methodologies; have they been peer reviewed? No studies HAD shown that lead in petrol or cigarette smoke or CFCs were harmful... until all of a sudden lots of studies showed that those things were all harmful!

On the other hand, I strongly suspect that there isn't any harmful effect of second hand vaping too - I've just got no evidence to back that up!

Bluetooth 5 debuts next week

Ian 7

200m range

Ha ha. Ha ha ha ha ha ha ha ha. Ha. Riiiiiiiiiight. Can't imagine there'll be too many end users who get that sort of performance...

Microsoft .NET Core update asks developers: How you doin'?

Ian 7

Cross platform

I get that The Reg isn't the best place to get a fair and honest answer to this, but how many people might consider running .Net on any platform other than Windows (yes, yes, MS=evil, why would I cripple etc etc etc)?

I'm a C# dev, very comfortable with the language and .Net framework programming, but have more than a passing familiarity with Linux or OS/X. Conversely, I guess most Linux or OS/X devs don't know much about .Net? Then again, Mono had a reasonably successful business model merging the two. Just wondering what the market is, really...

Google open sources Thread in bid to win IoT standards war

Ian 7

Re: "peripheral technologies" => trojan horse

True altruism doesn't exist, certainly not in business. Mutual benefit is the best that can be expected. To hope for anything else is to be disappointed - but even if you do find an example of "true" altruism, how is that actually any better in practice than something done for mutual benefit?.

Microsoft sets Feb 2017 date to kill last SHA-1 zombies

Ian 7

Re: Quis custodiet ipsos custodes?

What's a PRISM "member"? ALL companies (well certainly ones that are based in or trade in the US) have to comply with PRISM information demands. You make it sound like Microsoft have signed up to do this for fun! By all means share around honest information about the $h1t they - and ALL big companies - do, but don't go making up stuff they don't; you just make your arguments specious.

Microsoft lures IT pros with breadcrumb trail of candy to its cloud

Ian 7

Re: Just a passing fad

"We've been using thousands of clerks to process payroll since forever; today the CEO asked if we should migrate to 'a computer'"

Said someone in your position, forty-odd years ago.

Ian 7

Re: Really?

Well, my company for one has jumped into the cloud with both feet... err... that's perhaps not quite the right metaphor! Anyway, we're a medium-sized company (between 100 and 1000 employees (I'll keep it as vague as that to avoid being told off by my HR department) whose business is entirely on-line and we even have annoying adverts on the telly. And we run entirely from Azure. Have done so for over a year. And are still making a handsome profit, before the doom-sayers kick off.

I've said it before and I'll say it again - cloud isn't for everyone, certainly not yet, but as time goes by more and more people WILL move to it. Having said that, while I'm convinced of the benefits of the cloud, I'm not convinced of the benefits of these certifications.


Biting the hand that feeds IT © 1998–2019