* Posts by big_D

3284 posts • joined 27 Nov 2009

Hello darkness my old friend, what happened last week in Redmond?

big_D
Silver badge

It is more than just a skin, it is the integration with Edge on Windows - i.e. cross platform browsing experience (syncing passwords, bookmarks, open tabs etc.)... But unless you are using Edge under Windows, there isn't much point using it on Android or iOS.

3
2

Prank 'Give me a raise!' email nearly lands sysadmin with dismissal

big_D
Silver badge

Simon has left El Reg. There was a farewell article a couple of weeks back.

14
0
big_D
Silver badge
Facepalm

DROP Financials

We had an OLAP cube running in Essbase, one of the first OLAP tools in the mid 90s.

The problem was, if you recalculated a filled cube, it would take forever! Well, 4 - 5 times as long as normal.

The "quick" database was recalculated every 4 hours and took about an hour to calculate. The procedure was:

1. Export bottom level data

2. Drop the database

3. Import the bottem level data

4. Recalculate.

Can you guess what happened next? Yep, I did 2, 3, 4, ooops!

I was new on the project and asked my colleague what the procedure was. He said, just re-calc and blame the missing data on user error! :-O

I went to the head of the financial department, told him, that we had had a problem with the export - well, we did, didn't we, I forgot to do it! I then told him we would import the previous export and then run the transaction file against that and then recalculate.

I reconstructed the data, recalculated and informed the users, that we had had a problem and they should check their inputs from the last 3 hours. In total, we lost 2 transactions.

I got commended for being up-front with the customer.

33
0

Space, the final Trump-tier: America to beam up $8bn for Space Force

big_D
Silver badge

Re: Inner Space?

You put your finger on it, Martin Short was the problem. ;-)

1
0
big_D
Silver badge

Re: Inner Space?

A crap movie with Dennis Quaid from 1987.

31
2
big_D
Silver badge

The sub-head was the best bit of the article, well the most believable at any rate.

13
1
big_D
Silver badge

Excellent sub-head!

Join the Mobile Infantry and save the Galaxy. Service guarantees citizenship. Would you like to know more?

Yes please! Will I be serving under Rasczak?

18
0

Intel hands first Optane DIMM to Google, where it'll collect dust until a supporting CPU arrives

big_D
Silver badge

My guess is, if they have given Google a DIMM, they have also given them a test rig to try it on, just that stuff is "boring" and not worthy of the press event for Optane.

If Intel can test them, they have kit somewhere that can use the DIMM therefore they can probably give GOOG one to play with as well.

8
1

Devon County Council techies: WE KNOW IT WASN'T YOU!

big_D
Silver badge

It should also be a form letter, so they just need to enter the pupil's and parent's details into it and the rest remains the same, so somebody ballsed up the template, by the look of it - either that or the education department should do take basic Office courses!

24
0

Top Euro court: No, you can't steal images from other websites (too bad a school had to be sued to confirm this little fact)

big_D
Silver badge

Re: Fair use means fair use!

@ EN1R0PY

The problem isn't the child. His use would fall under fair use or educational exceptions in most countries. Giving it to his teacher for marking and presenting it for his class, for example, would have been fine.

The school was in the wrong, publishing it on their website without checking.

And it isn't about the owner going hungry or even "wanting" to sue the school. Under the law, as soon as he becomes aware of the breach of copyright, he has to take action, otherwise he loses all rights to the image.

2
0
big_D
Silver badge

What if you can't find the copyright holder? Are you supposed to just not use an image in case there is a copyright?

Essentially, yes. That is the way copyright law has always worked, with "orphaned works" having its own section under law and treated slightly differently, but it is still covered.

Just the Internet seems to ignore the law, because it isn't convinient or it takes time, while pressing Ctrl+C and Ctrl+V doesn't take any time at all.

I think it unfair to put it on the person (in this case a school project taking it from a website with no indication of copyright) if they have searched and had been unable to find the copyright holder.

In which case, they shouldn't have used it. It is that simple. Is there any doubt that you have obtained the rights to publish the image? Yes? Then you shouldn't use it.

I also find it distasteful that the photographer sued a school rather than asking for it to be removed because he owned the copyright but hey that's my opinion.

Who says he didn't ask? And the other point is, in many jurisdictions, under the law, if you are aware of an infraction to your trademark or copyright and you do nothing about it, you lose the trademark/ copyright on that work for all future uses. It isn't always a case of wanting to sue soemone, it is often a case of not having a choice, if you don't want to lose all your rights to it.

23
4
big_D
Silver badge

The school should have contacted the website that hosted the original to ask for permission and they should have passed that request back to the photographer. The question is, whether they did any due dilligence at all?

If the original site didn't have that information, that is another matter entirely.

6
2
big_D
Silver badge

Re: New internet standard...

They tried that back in the 90s, it was claimed that having a local, temporary cache of images broke copyright! That was, luckily, thrown out.

21
0

Stress, bad workplace cultures are still driving security folk to drink

big_D
Silver badge

Re: Curiously American @AC

I did have a job, where I booked my holiday 3 times, had it cancelled by the company 3 times, due to project demands, then a memo mid November that all holiday had to be taken by the end of the year.

I turned round to my boss and said, "see you in January."

He didn't find that funny and a "solution" was found - 2 weeks holiday in December, 3 Fridays in November / December free, 2 weeks carried over, to be taken by March and the rest paid out.

1
0
big_D
Silver badge

Re: Curiously American @AC

My current employer doesn't expect you to answer the phone or mail outside of work hours.

An employee wanted to access his email from home, between shifts and was told, when he isn't at work, he is supposed to be resting and recouperating and therefore his request was denied.

5
1
big_D
Silver badge

Re: Curiously American

In most countries where I have worked, the minimum holiday entitlement has been legally defines, usually at least 4 weeks.

6
1

Greybeard greebos do runner from care home to attend world's largest heavy metal fest Wacken

big_D
Silver badge

They would have been the legal responsbility of the nursing home and if they had broken out (left without permission / without booking themselves out), they would have to be brought back (power of attourney).

3
0
big_D
Silver badge
Pint

The local news here also showed an 80 something woman with rolator going around the site, having a great time and having to stop every couple of steps as young people passing by wanted to take a selfie with her.

There were also a lot of 60+ visitors, looking at the news footage.

On a side note, the largest European Reggae festival was last weekend near me. Reggae Jam in Bersenbrück. A great atmosphere, also a visible atmosphere, if you know what I mean.

8
0

You've heard of Michael 'Air' Jordan – well, get ready for 'AI-R' Jordan

big_D
Silver badge
Boffin

Big hands...

Do all basketball players have such overdeveloped hands? They are unproportionally big and the fingers too long for the body of the "player". Creepy.

1
0

Internet overseer ICANN loses a THIRD time in Whois GDPR legal war

big_D
Silver badge
Childcatcher

But think of all those ambulance chasing IP lawyers who won't be able to go fishing off ICANN's back! Do you really want to make their kids go to a public school?

And you say that ICANN isn't important! :-D

13
1
big_D
Silver badge

Re: Mind you I'm more than a bit uncomfortable

You still need to provide a valid name and address for billing. But the anscilliary whois crud is not collected and the data is not published in whois, because it would be illegal.

If you can get an EU issued warrant to look at the information about a domain, the registrar will have to hand over the informaiton it does have, but it can't hand over the information without either the warrant or the explicit written permission of the identifiable persons in the data.

39
3

Oi, clickbait cop bot, jam this in your neural net: Hot new AI threatens to DESTROY web journos

big_D
Silver badge
Headmaster

Re: Click

The sooner this is implemented, the better! :-D

I'll still use the RSS feed to manually decide what to read... If my RSS reader implements this, I'll hardly get shown anything, as I only have El Reg and Thurrott in my feed...

3
0

Microsoft's cheapo Surface: Like a netbook you can't upgrade

big_D
Silver badge

Given that the processor is faster than high-end processors of the Netbook era, it should be a lot faster than those old netbooks. :-)

4
2
big_D
Silver badge

Re: Linx 12x64

It depends on what you are trying to do with it. For a lot of verticals or simple office document editing, it should be more than enough. I had an Atom based Samsung tablet for a while. It wasn't a speed demon, but fast enough for Word, Excel and Outlook and the odd Store game.

Obviously, if you are going to be installing Gentoo on it and compiling everything as you go, it is going to be a real slug.

4
3
big_D
Silver badge
Facepalm

So, tell me again...

How do I stick more RAM, a bigger drive and a more powerful processor in an iPad or a Surface Pro?

19
5

'Can you just pop in to the office and hit the power button?' 'Not really... the G8 is on'

big_D
Silver badge

Does a running gun battle to the airport count?

I worked at a client who dealt in national elections. When the government won, the rebels claimed the elections were fixed and our team had to make a hasty retreat to the airport with private security hanging out the Landcruiser windows and returning fire to the following rebels!

I was lucky, I had been due to rotate out to the site, but they cancelled on-site support at the last minute.

The government's wire-tapping kit was also so old, every time they evesdropped the telephone line, the cc:mail modem dropped the line due to the loud clunk! We had to politely ask them to stop tapping the line.

41
0

Alaskan borough dusts off the typewriters after ransomware crims pwn entire network

big_D
Silver badge

Excactly, Korev, the story says that the backup infrastructure was also infected. So that doesn't mean that under "normal" circumstances they would have had to go back a year.

7
0
big_D
Silver badge

1st rule of an IT system...

When I learnt computing, the first thing we were taught is, when you implement a new IT system, you also document the manual procedures to carry on working, if those systems go down.

It looks like they managed to cope reasonably well, given the circumstances, although I doubt the manual procedures were defined in the disaster recovery plan.

11
1
big_D
Silver badge

If someone with high level access was spearphished, it is unfortunate and they need to look at their training. But even with good security, there is always a weak link somewhere that allows them in.

10
0

Cache of the Titans: Let's take a closer look at Google's own two-factor security keys

big_D
Silver badge

Re: New???

Probably because more more people are using their smartphones for a lot of tasks, so that would mean most of the time the 2FA wouldn't work.

0
0
big_D
Silver badge

Re: New???

The Neo is also needed if you want to authenticate on an Android device.

1
0
big_D
Silver badge

The Authenticator is fine, until you are signing in on the device where the authenticator is installed, then it is no longer 2FA, because the 2nd factor is "compromised", because you have direct access to it.

E-Mail is insecure (not encrypted, anyone who has your email address and password can get the email.

SMS - you can clone the SIM card / get the provider to issue a 2nd card (has happened in several caes that have landed in the media) and you can intercept the SMS. Also not encrypted. That is why you should never use SMS for authentication or bank TANs.

With something like the Yubikey NEO / FIDO tokens, you need the password and the token. The token can never be "on" the device you are signing into, so there is no compromise there either.

4
0
big_D
Silver badge

Google FIDO 2FA - only with Chrome

If you aren't a Chrome user, Google isn't very interested in your security.

7
1
big_D
Silver badge

Yubikey Neo

I've been using a Neo for about 4 years. It is ideal for users who have both a PC and a smartphone. It plugs into the USB port on the PC and by hovering it near the NFC sensor on the phone, it automatically transfers the information.This has the added benefit, that you don't need to pair the token first, if you are using a "guest" device, you can just enter your password and wave the token at it and you are logged in.

I use mine, for example, with LastPass, which supports the Yubikey both on the desktop and on Android.

Due to Apple's NIH mentality, iOS devices are, unfortunately, scuppered.

6
3

Microsoft: We've almost dug Your Phone out behind sofa. But will it make Insiders app-y?

big_D
Silver badge

Text message?

Wow, how 1990s of you. I think I've sent 1 SMS in the last 12 months, and that was because I lost the email address of the phone's owner.

I generally use Threema or Signal these days.

1
25

Microsoft devises new way of making you feel old: Windows NT is 25

big_D
Silver badge

Re: 16MB?

I remember two key applications we had used himem.sys and qemm386.sys respectively. That meant diddling around with batch files to copy 2 different config.sys files back and forth and rebooting, so that you could earily switch from one to the other.

2
0
big_D
Silver badge

It is a shame he didn't bring the VMS/DCL command syntax with him. That was one of the most beautiful operating systems to work on.

26
4
big_D
Silver badge

Re: 16MB?

Luxury! We had 1KB RAM and counted ourselves lucky!

20
0
big_D
Silver badge

POSIX

The POSIX subsystem lasted a long time... It was replaced in XP and Server 2003 by SFU, which was dropped in Windows 8 / Server 2012. Its successor today is WSL, albeit it works a bit differently.

4
0

Boss helped sysadmin take down horrible client with swift kick to the nether regions

big_D
Silver badge

Yes, good luck.

As someone who has had an On Call story published by you, I can say it was fun and a privilege.

I wish you all the best in the future.

8
0

Heatwave shmeatwave: Brit IT departments cool their racks – explicit pics

big_D
Silver badge
Thumb Up

Re: Why is this even a story?

I hat a few QFs. A mate had problems with SCSI termination and was going to through a SCSI card and 4 drives in the bin. I nabbed them off him, set one jumper and had a blindingly fast set up on my PC!

5
0
big_D
Silver badge

Re: Temperature ratings

One company I worked for had a rack in a south facing 3rd floor room, with large windows. The CEO got air con in his office, but he declared the IT had survived this long without AC, it didn't need it.

The "trick" was, the first person in in the monring opened the windows wide to allow the air to circulate... :-S

I installed a thermometer in the room and in the rack. Average summer temperature in the room was 38°C. The middle of the rack was approaching over 60°C!

Interestingly, we only had one server throw a hissy fit, an 8 year old HP server. The rest (only 6 years old) all ran stably throughout the summer! We did however borrow an air compressor in the June and cleaned the dust out of every machine in the rack, 6 years worth of dust isn't good for the lungs!

6
0

Tech support chap given no training or briefing before jobs, which is why he was arrested

big_D
Silver badge
Big Brother

Re: Vetting? Does he thinks he's James Herriot?

I was helping install a new personnel system at a Naval dockyard. I was thrown on the project at the last minute, got the vetting forms on a Friday afternoon, had to fill them out over the weekend and drive halfway across the country on the Monday morning...

The problem is, the vetting takes 3 months. I needed to start work on the Monday and you got a maximum of 3 daily passes, then you had to wait for the vetting to complete, before getting a permanent pass...

On the Thursday, I turned up for work and my colleagues abandoned me at the gate. The security guard checked his records and said I couldn't come on site. I tried to point out that the vetting was under way, but that didn't help.

Then I had a brainwave. I explained that I was converting the data from the old personnel system to the new one and if I didn't finish that work, he wouldn't be getting his pay check at the end of the month... That did it, I got a 3 month temporary pass.

Obviously being paid is more important than security. The good news is the vetting was completed and I was allowed to apply for a permanent pass. The bad news, that was 2 months after the end of the project.

53
0
big_D
Silver badge

Re: Back in my day

Training is too good for them... Or too dangerous.

I had one engineer turn up because my hard drive was making "funny" noises when the PC was turned off (the heads clanging against the platter as they "landed".

He promptly removed the drive and opened it up! He then removed the particla filter, claiming that was the culprit, clappering against the platters as they slowed down. He then screwed it all back together.

I pointed out, that you shouldn't take a drive apart outside of a clean room. He said no problem, they had dismantled hard drives on the training course and the trainer even had one with a clear perspect cover, so you could see it working! :-D

Of course, the drive started to serious numbers of bad sectors after that.

I tried explaining to my boss... Yes, but he had to open up the PC to get the drive out. No, he opened the drive. Yes, of course, he had to remove the drive. Not remove open, dismantled, exposed the platters to the air! SH1T!

A quick call to the maintenance company and he had the same conversation again, taking on my part this time... Followed by apologies and an express packet with a new HDD in it!

This was the same engineer that decided the best way to repair a bubble jet printer wasn't to replace the broken purge unit (for removing air from the pipe between the resevoir and the head), but to remove the tube from the head and suck on it to geet rid of the air... Then promptly spitting a mouthful of ink all over the personnel manager's desk and running to the toilet to clean his mouth out! The PM just looked at me and said, "he never, EVER, sets foot in this building again!"

83
1

UK.gov is ready to talk data safeguards with the EU – but still wants it all

big_D
Silver badge
Facepalm

Re: Conflicted

So, the UK wants "out", but it wants to stay in... Glad that is sorted.

11
1

Another data-leaking Spectre CPU flaw among Intel's dirty dozen of security bug alerts today

big_D
Silver badge

Re: @ big_D and it's all to appailing even to consider

I agree with your analysis of the situation, up to a point.

You keep banging on about Intel, as if they are something special in this situation. I keep trying to point out that, while Meltdown is solely an Intel problem, Spectre is an industry-wide problem that affects pretty much every processor designer / maker at the moment.

It is as if all skyscraper builders had designed in the wire outside the ground floor to collapse the building.

At the current time, there is no alternative.

They are all, including Intel, working on new designs to rectify this, but this isn't something that will happen over night. Therefore they all, including Intel, are working on patches to the microcode, among other things, to circumvent or at least mitigate the problem.

Intel have been shoving out microcode patches for everything going back to Sandy Bridge (2011). AMD are doing the same, as are Qualcomm and Co.

Just look at the Windows and Linux patches in the last 6 months, all have had regular updates for Intel and AMD microcode changes to combat this.

The chip makers are also providing as much information as possible to help mitigate this problem at the software level.

Your only real choice at the momnt is to either not use a computer at all, or dump your PC and smartphone and dig out a Pentium III machine or earlier...

I am not saying that Intel are innocent, just pointing out that the whole industry is guilty and there are no real "safe" alternatives on the market at the moment, even if you wanted to abandon Intel because of Spectre. That would strike AMD, ARM, SPARC and most other processors off the list as well.

0
0
big_D
Silver badge

Re: @ "And what would they do with recalled chips?"

Whatever they do with trash normally, I would seriously doubt intel would actually recall the hardware, they are much more likely to pay a set price for RAM, motherboard and CPU sufficent to buy an equivilent product from someone else.

My point being, they can't replace them with a "bug free" chip from their own product lines and there are currently no equivalent products from other manufacturers that aren't also affected.

I guess they could replace those Core i7 and Xeons with Pentium III chips or AMD Athlon+ chips from the turn of the Century. AMD multicore chips are out, ARM and SPARC chips are out, any powerfoul x86/x64 clone is out... So, what would you spend the money on?

The best Intel, AMD, Apple Qualcomm and the others can do is patch the firmware and give enough information to the OS vendors and application developers that they can do their best to protect their software from such attacks.

it is already shaken but irrespective of what happens to intel all your predictions about the end of the world if Intel disappear is just rubbish. There is emulation and they could implement everything that the CPU was supposed to do on other hardware, with options to turn security down if more accurate emulation if required.

You are forgetting the timescales. There is no magic bullet for this. Every chip designer is currently rushing around trying to get new designs into the pipeline. The problem is, that is a long pipeline, so there won't be any "Spectre free" designs for the next few years. It is something we will have to live with.

And I never said it would be the end of the world if Intel went down, I was just pointing out that, currently, there is no alternative to Intel, if you want a Spectre free design.

As to OS and apps then since they are mostly written in portable lanaguages then they should all move over to new hardware with minimal changes.

OS? Not really, a lot of it is still done in Assembler/machine code, even if a majority is written in C/C++ or high level, managed languages. But it is the low-level libraries that will need to be re-written first, before the rest can come over. That can take years, even with a big programming team to pick through those 10s of millions of lines of code and re-test everything.

Even something "trivial" on paper, like changing from Bigendian architecture to Littelendian architecture, would require a lot of work, you still need to review all of the code, whether manually or automated, to ensure you pick up every instance of Bigendian moves.

Applications are a little easier, but, for example, up until recently most of Excels macros and VBA was written in Assembler for performance. You aren't going to re-write that in a few weeks!

Again, this isn't about defending Intel, this is just pointing out, that currently, there are no "safe" chip designs from ANY of the major players that would be in a position to push out the required numbers of high performance parts. There might be some small players, with low performance chips, like the Eden x86 chips (32-bit) that might not be affected by Spectre, but that would set you back to turn of the Century performance and software, no modern Linux, no modern Windows or OS X, no PC with more than 4GB RAM...

0
0
big_D
Silver badge

Re: A whole lotta "not just intel" @AC

That should be 2021, not 2012! Shame the edit is only 10 minutes...

5
0
big_D
Silver badge

Re: A whole lotta "not just intel" @AC

ntel x86 offerings are insecure, Intel are still selling their insecure chips and until they show that they have learned their lesson then truely they cannot be trusted.

Intel sold premium products on promise of security and when it became public that their products were faulty at time of sale then they should have recalled, they still have not been.

And what would they do with recalled chips? This problem affects pretty much ALL processors from all manufacturers, including ARM and various other RISC processors, AMD etc. Some more, some less.

None have released Spectre free chips, although Meltdown was almost exclusively Intel.

Why haven't they? Because they can't. It isn't a simple matter of writing a bug fix. These problems are fundamental in the design of all modern processors. You need to go back to the late 90s to find a design that doesn't embody these techniques. You need to then unlearn everything you've been doing in processor design for the last 20 years and come up with a new way of doing it!

That isn't going to happen over night. There will be a couple of new generations of chips, which were already in development when this all hit, which will still be partially vulnerable to these attacks. I would guess, that we won't see a completely corrected design until at least 2012, if not later. And chances are there will be incompatibilities with existing chips and software.

This is going to shake up the whole industry, not just Intel, it will affect all processor manufacturers, all operating system vendors (including Open Source), all web browsers, all hypervisor vendors and possibly a large number of normal applications vendors. It might be that existing Windows, Android, iOS, MacOS and Linux versions will no longer run on new hardware, that new versions will be required and new software to run on them.

That will mean legacy software will be stuck on legacy chips. And legacy software will be anything from Windows 10 back (although the next iteration will probably be available in a legacy processor and new processor versions), it is unlikely that Windows 7 or 8.1 will get patched for new processor designs, they are already EOL and will be stuck on old hardware. The same for any software that isn't 100% compliant with the official documentation.

This obviously also applies to all other operating systems and software as well.

If it really is a complete redesign of multithreading and hyperthreading on the processors, that is a game changer for everyone. Move to the new hardware and buy new versions of all of your software or stick with older, vulnerable chips and run your existing hardware.

6
3

Open plan offices flop – you talk less, IM more, if forced to flee a cubicle

big_D
Silver badge

Re: What about disturbing others?

I hat phones and conferencing as well. And I don't mind working in teams, I currently sit in an office with 2 other people and my boss next door, with the door open. Most of the time, it is great, the noise level is acceptable.

But in the large open-plan offices, where dozens of teams have to work together, the noise level is often too high to concentrate.

I also hate it when other people can look over my shoulder. It is irrelevant, whether I am just doing my work or dossing off and reading the Reg, I feel somehow violated, that people can just look over my shoulder, without me knowing about it or allowing it.

79
0

Forums

Biting the hand that feeds IT © 1998–2018