* Posts by big_D

6775 publicly visible posts • joined 27 Nov 2009

Microsoft approved a Windows driver booby-trapped with rootkit malware

big_D Silver badge

Re: Ah, Microsoft

Exactly, and it isn't as if, say, oh, I don't know, Google, Apple or Linux distros has never been caught with their trousers around their ankles, by letting malware into their app stores/repositories, for example.

Given the limitations of AI checks, the limited number of human resources than can be thrown at the problem and the sheer quantity of submissions, none of these systems or programmes can be 100% fool-proof. It is how, and how quickly, they react, when a problem is recognised that is more important.

(For the record, I use an Android phone, a company iPhone, an iPad and several Windows and Linux PCs, so I'm not trying to excuse Microsoft for letting this in in the first place, or get at Apple, Google et al.)

Ouch! When the IT equipment is sound, but the setup is hole-y inappropriate

big_D Silver badge

Re: Which orifice??

Lenovos are even better. They have 2 USB-C ports, the first of which is used for power. The second of which is also Thunderbolt, but you can't use it to power the laptop, unless it is through a Thunderbolt dock...

I simply replaced the power lead with the Thunderbolt dock lead, but the Lenovo wouldn't recognise the dock, I even re-installed the drivers, nothing. Then I tried swapping the USB-C port the dock was plugged into... GAH!

big_D Silver badge

And desktops... Although in a recent case, Dell supplied the wrong PSUs for a bunch of Optiplex mini-PCs. They were 20W down on what they should have been, which led to the Optiplexes booting, but with a warning on the screen that the PSU was under-powered and the machine was throttling the processor to compensate.

Google bestows improved device management tools, authentication options on Chrome OS admins

big_D Silver badge

In the wild...

they have become essential to ordinary life during the pandemic

I have yet to see a single Chromebook in the wild. They are still as rare as hen's teeth, here in Germany.

Flexispot Deskcise Pro V9: Half desk, half exercise bike, and you're all sweaty. How much does it cost again?

big_D Silver badge

Re: What - no generator?

I've just received hyaluronic acid injections into the knee, which replaces the fluid in the knee, which has been lost over the years (I also had "gravelly" knees).

It was painful during the injection and the first day or so swelled up, but it makes a big difference in the long run.

big_D Silver badge

Re: What - no generator?

It also looks like a 1970s/80s exercise bike (a house down the street put one on the pavement for refuse collection last week, it looked almost identical in form).

VMs were a fad fit for the Great Recession. Containers’ time has finally come

big_D Silver badge

Re: No more managing operating systems and monolithic apps

An OS is the Kernel + drivers + routines to enable I/O. Everything else Ubuntu (or Windows or macOS, iOS, Android etc.) delivers on top is not part of the OS, it is part of the complete system. Most so-called OSes these days are the OS layer + GUI + a bunch of bundled crapware that has nothing to do with the OS, everything that isn't the OS gets bundled into the description, which is wrong.

The OS is what lets the container operate. It is still needed.

big_D Silver badge

Re: Hmmmmm

Except that applications have full access to the OS, excluding mobile OSes, and they can overwrite files, delete files in the user domain belonging to other applications, with permission escalation, they could break out of their own "zone" and trample all over the OS.

The container sandboxing is supposed to hinder that, stopping app from damaging the OS or other containers, even if it is poorly configured, hostile or gets taken over by malware.

big_D Silver badge

Re: No more managing operating systems and monolithic apps

TPM's article was a sloppily worded in places. You still need an underlying OS, the container doesn't provide that. It does allow easier sharing of an OS with multiple containers / applications, keeping things nicely separated, but you still have the OS.

His words would have had more impact, if he had been more careful in the description of the role of the OS and the container, rather than saying there is no OS...

big_D Silver badge

Re: Hmmmmm

It is swings and roundabouts. There are arguments both ways. Containers will always have some overhead and if performance tuning is really needed, you will need a dedicated machine for the application. If you are running in a shared cloud environment, the ease of movement between hosts and the added security will be more useful.

I can see lots of situations where containers are useful and lots where "going native" is still the better option.

I think we will be doing both for the foreseeable future.

big_D Silver badge

Re: Hmmmmm

Security is the main argument. If the containers are isolated in their own sandboxes, if one goes rogue, it can't kill the host OS or other applications running in other containers.

The argument in the "for" article are a bit off though. You still need an operating system in which to run the containers. The container just contains the application code and configuration, it doesn't provide the OS to run the services, it needs to "borrow" the core OS features from the underlying OS. There is no way around that, other than making the container a full VM...

I think that they have their place and, in the cloud, they are a good option. If you are running your own hardware and VM environment, it makes deployment in some respects easier and removing or replacing a container is easier than deinstalling an application and putting in a new one. Now crud left kicking around that needs to be manually cleared out.

That said, I've had containers or host environments that were real dogs and running the base application on the OS directly was actually quicker and easier. QNAP being a good example, I used a Unifi container on a QNAP NAS. It installed cleanly and easily, but you couldn't upgrade it, you needed to have the container information to install the update, but that information wasn't available on the QNAP, it was all hidden. The only way around it was to export the config, delete the container, install the updated container and restore the config. Unifi's built in update routines don't work in the container.

In the end, I put the full Unifi management software on a Raspberry Pi. It works much better than the QNAP implementation of Docker.

This isn't Docker's fault, the problem is how QNAP implemented it, easy installation out of a store containing Docker containers. But no information on the installation parameters and updates can only be done by hand using the command line and you need the installation parameters that were used by the GUI, which aren't documented and the GUI doesn't allow updates.

I like the idea of containers, but it still needs to mature and "rogue" environments that have a half-arsed implementation won't do anything to help improve their acceptance. I think we will be having both options (container and manual installation in a normal operating environment) for a long time, going forward.

There will always be situations, where the extra performance of direct installation will override the simplicity and security provided by a container and vice versa. (E.g. running a time critical application locally, you will install it directly and fine tune the OS and software, running on a shared cloud host, you will want to sacrifice some performance for the added security overhead.)

'Lots of failed startups came out of Campus': Google axes London hub because startup scene 'doesn't need' another 7 floors of workspace

big_D Silver badge

The whole point...

of the Internet is that you can do "it" anywhere, whether that be business, pleasure, setting up a startup etc.

Berlin also has a big startup scene.

But the problem is, the concentration of people in these areas drives up the prices, so the cost of starting up is significantly higher than if you started up somewhere else. The old-world "seat of power" mentality still rules the roost among Internet startups, which is just plain silly, the "Internet" is their seat of power, which means they don't need to be in one place.

Likewise, before the pandemic, companies like Google, Microsoft & Co. were going on about distance working, virtual meetings, communications tools that allowed people to work from anywhere, yet they still tried to stuff more and more of their own people into overcrowded and over-priced pieces of real-estate... Instead of actually living their marketing departments' promises.

Final guidance on Schrems II ruling: Data from EU could be held up if a third country lets authorities access it

big_D Silver badge

It is worse than that. You can't use a cloud provider storing your data in the EU, if they also have a presence, let alone HQ, in the USA... With FISA or the CLOUD Act, the US Government has said it is irrelevant where the data is stored, if the company storing the data has any offices or employees in the USA, the data is within the US jurisdiction.

Hence the scramble for data centres with local owners, with no ties to the US cloud providers. The US cloud provider has servers in the facility, but they are controlled and maintained by a local third party and the US cloud provider has no administrative access or authority over the data stored there.

It is more complex and less flexible than a US-owned cloud service, which can move the data around willy-nilly, but it at least tries to provide a backstop for EU companies wanting to take advantage of cloud services. It is either that or use home grown cloud services.

big_D Silver badge

Re: Uncle Sam and Boris

No, the UK implementation of the EU GDPR was never compliant and was sent back to Parliament on several occasions for rectification.

But, now that the UK has left the EU, they will have to repair the UK Data Protection act to be compliant with GDPR, if they want to continue processing EU data. They have the same responsibilities as any other country vying for the processing and storage of EU sourced data. If the US can be told to go screw, I doubt they will have any problems telling the UK the same thing, if they fail to tighten up DP, let alone make it more lax.

Updating in production, like a boss

big_D Silver badge

Been there done that.

I spent months specing up a system for food tracing integrity. Made a data model with referential integrity and traceability, definitions of all the fields and a bunch of classes and methods to go with it.

Management took one look at it, threw it out and cobbled together a database without any referential integrity and no controls... For food tracking through production... What could possibly go wrong?

big_D Silver badge

The problem is, you try that and the answer is usually, "fine, we'll find someone cheaper who will do it without making unreasonable demands!"

big_D Silver badge

Unfortunately, it happens all to often.

I worked at a software company that sold turn-key systems to customers. But there was only the live environment, all the testing was done in-house on our development system. Updates were just applied to the customer systems.

And, if something went wrong on the customer system, well, there was a SQL window with a hidden keystroke to open it, where us support people could really balls things up, if we weren't careful. There were lists of commands for common faults, but you still needed to enter the right transaction numbers and parameter values, mistype one of those, or miss one out altogether, and you'd have an unholy mess on your hands. A colleague and I used to always double and triple check each other's commands, before we would execute them.

It happened regularly, that the users would make a mistake and we'd have to hand-craft SQL to undo the damage they'd done. No way to test, no backups (they cost money), just get on with it.

Luckily, I've now moved on and I have the luxury of a test environment and direct access to the backup server to make an image, before doing anything that could have unforeseen consequences.

New York congressman puts forward federal right-to-repair bill

big_D Silver badge

France already has similar legislation and Europe is looking at taking it on as well...

So Apple & Co. will have to start offering repairable devices and non-prejudiced access to spare parts and documentation outside of the US anyway, if they want to keep selling their products internationally.

I would think, if the products can be repaired in Europe, companies will find it hard to continue the non-repairability ethos in the USA over the long haul.

big_D Silver badge

Re: It's like the

I was at a Xing networking event (German equivalent of LinkedIn) at the Amazone factory in Lower Saxony. They did a tour of their factory and I asked about repairability. The Amazone representative seemed quite perplexed, as I explained the John Deere situation.

His reaction was, "why the hell would we want to do that?"

Tim Cook: Sideloading is a disaster and proposed App Store reforms would harm user privacy and security

big_D Silver badge

And the Apple execs threw macOS under the security bus' wheels in court, claiming that it is a malware infested mess, compared to iOS.

Bad Apple Safari update breaks IndexedDB JavaScript API, upsets web apps

big_D Silver badge

There is a difference between auto playback and playback not being possible, at all...

I agree, no page should autoplay any content, especially adverts. But ignoring standards that allow media to be played at all is a very different kettle of fish.

UK competition watchdog begins probe into Apple and Google's total domination of the mobile landscape

big_D Silver badge

Drivers in Linux don't write themselves either. You have a new bit of hardware for your phone? You still have to write the drivers or get somebody to write them for you and, even in the Linux world, that can often cost big money.

Want to keep working in shorts and flipflops way after this is all over? It could be time to rethink your career moves

big_D Silver badge

Re: Indeed!

I think the commute does make up part of the equation. I've gone from a 2 - 3 hour commute, when I was working for the consultancy, to a 15 minute commute these days, the only traffic jams are when you get stuck behind a tractor for a few hundred metres.

We are currently in a rotating schedule - always somebody on-site, the rest working from home. But apart from the odd ad-hoc call, we are "on our own". We have a team meeting/conference call maybe every 3 - 4 weeks, about the same schedule as before the pandemic.

big_D Silver badge

Re: Not only Brits!

Yes, I even sent them a calendar marking the days in Germany and the days in the UK.

big_D Silver badge

Re: Not only Brits!

Correct, my employer did it correctly - they were used to international assignments, so it was all taken care of and nothing changed for me.

big_D Silver badge

Re: Indeed!

I did 15 years of WFC (working from customer), where I was shunted from one project to another, only telephone calls and the odd face-to-face with my "boss" (usually once every 6 months for an appraisal). The rest of the time, I was in client teams or small teams of changing employees from our consultancy.

No real contacts, no friends, no network within the company. I think in the 15 years, I spend, maybe, 8 months working at my base site - which moved 3 times without me!

With videoconferencing things are a little easier, but you are still an outsider to the rest of the company that is "working together" on site. There are some benefits to working from home (or away from base in general), for sure, but over the long haul, there are also a lot of negatives.

You are tied up in the project you are working on, all communications are on the project. All those casual encounters within the office disappear, you are no longer "in the loop" on what the other teams are doing, your network becomes sporadic contact and then just the Christmas Do, if you even go to that - most years, I went to the client Christmas Do and not my employers, because the client one was local to the hotel I was "living" in and the company one was a couple of hundred miles away.

The worst, for me, was after 15 years of being shoved from pillar to post, with a management team working out where I was going next, I suddenly found myself without a project and the management team had been laid off, so I have to use my "network" within the company to find another project. That is easier said than done, when you haven't worked with the same person for more than a few months over the last 15 years.

big_D Silver badge

Re: Not only Brits!

Once I moved to Germany, the Inland Revenue still tried to come after me for UK income tax, even though I was resident 360 days that year in Germany...

A bit of to-and-fro and they eventually realised that I had left the UK and was resident in Germany.

big_D Silver badge

Re: Not only Brits!

You pay tax in your normal country of residence (where you are registered), but after 180 days, you have to also pay tax in the country where you are currently living. At worst, you have to pay double tax (i.e. tax in both countries), then go through the hoops of claiming it back from one or other.

I went through this in the early 2000s, I was UK resident, but had worked in Frankfurt for over 6 months. Luckily, my employer took care of the tax situation, even employing a tax consultancy to do my income tax return for the year.

Dealing with the pandemic by drinking and swearing? Boffins say you're not alone

big_D Silver badge
Joke

Re: The 5 rules of problematic drinking

Yes, but it was a urine bottle. ;-)

Pre-orders open for the Mini PET 40/80, the closest thing to Commodore's classic around

big_D Silver badge

Re: The PETs inspired me.

LOL, could be. Although I expect a lot of classes in the 80s were like that.

For reference, the school was Sackville.

big_D Silver badge

Re: Those were the days

Tim Danton has just published a book, of at the Raspberry Pi Foundation, "the computers that made Britain - the home computer revolution of the 1980s".

https://wireframe.raspberrypi.org/books/computers-that-made-britain

I got the free download yesterday (left a donation to the foundation).

big_D Silver badge

Re: The PETs inspired me.

We had them at school. They were great. I taught myself to program them in machine code before the computer course began. The teacher knew less about them than I did, a classmate, Alan, and myself were then duly appointed helpers, when it came to programming and the teacher concentrated on the theory and history sides of computing.

When I got to college, they still had PETs. My first lesson was to write a program to show how much we knew about programming, so the lecturer could gauge the level of the class. Simple program, given a value, work out the minimum number of coins to give in change.

Finished in about 10 minutes. I spent the rest of the hour writing machine code around the code program to draw "windows" on the screen and use an 8x8 character-graphic grid to represent each number the user entered (i.e. whopping big numbers in the "window" at the top of the screen) and little piles of coins at the bottom.

The lecturer's reaction? "Wow, I didn't know you could do that with a computer!" Oh, brother! And I thought I was there to learn...

I remember that we also had wordprocessing and spreadsheet ROMs in the ones at college.

BT 'welcomes' whopping £2bn investment by French telco Altice

big_D Silver badge

Re: Living next door to Altice

Smokie released this version in 1976:

Smokie, who the f' is Alice (NSFW)

;-)

big_D Silver badge

Re: Living next door to Altice

Shouldn't that be Smokie?

big_D Silver badge

Re: Investment in BT?

Yes, my thoughts exactly. BT hasn't benefited one iota out of this "investment"...

big_D Silver badge

Re: But what about Brexit?

Also, Altice hasn't bought a controlling interest in BT, so probably not a blip on the radar. Only once they get to controlling interest or a buyout is it of "real" interest...

Samsung brags that its latest imaging sensor has the ittiest-bittiest cam pixels in the world

big_D Silver badge

The pixel wars began in the early 90s, when the first digital cameras started cropping up.

"What, you have an old Olympus Camedia, not a patch on my SureShot, it has 4 times as many pixels!"

big_D Silver badge

This is why, despite smartphone manufacturers' claims, you'll have to pry my real camera with interchangeable lenses from my cold dead hands.

Smartphone cameras (regardless of manufacturer or OS) make reasonably good photos, but they will never match dedicated cameras with professional lenses, because physics.

A Swiss Army Knife or Leatherman might be able to saw through a piece of wood, but it won't make as good a job of it as a dedicated saw, of the correct type for the wood and type of cut.

It is the old argument of the tool (or camera) that you have on you is better than the correct tool that is at home in the toolbox, when you need it.

I do a lot of nature photography and, if I'm out walking the dog and see something interesting, I can often get a usable shot from my smartphone, but I'll always take my camera, with the correct lenses, when I do a photo tour. Even so, I might still take some snaps with the 'phone, if something sudden happens and I don't have the camera in my hand.

big_D Silver badge

The problem hasn't been the size/number of pixels, per se, for a long time. The restricting factor is the depth of the phone and the size/quality of the lenses.

There are reasons why a decent lens will often cost more than a high-end smartphone and are longer than a smartphone.

The 'phone manufacturers have to compensate with binning and software to make up for the lack of clarity due to the form factor restrictions.

Wine 6.0.1: For that one weird app on that one weird Mac

big_D Silver badge

Re: Easier to run a VM

I had some old Siemens software for my PBX. It required XP - this was Windows 7 time frame, through Windows 10.

It wouldn't install on 7, 8 or 10, it had to be XP. XP Mode on Windows 7 didn't work - no direct hardware access. Likewise, in a VM, with USB passthru, it still wouldn't work. It had to be a physical XP machine.

I didn't try it with WINE, but that probably wouldn't have helped either, in this particular case.

I just kept an old XP laptop in a cupboard for those rare times I needed to change settings or export the call logs.

'Condolences on the death of your conscience' says card from Indonesian delivery drivers to local Uber clone after payments slashed

big_D Silver badge

Re: Good on them

In Germany, it is, generally better. The vehicles are inspected regularly and if they have any technical defects, their license will be removed on the spot and will only be returned/re-issued, once the driver has had the vehicle professionally repaired and can prove it to the relevant licensing authority.

All the drivers I've had in Germany have been professional and friendly, although most have a blatant disregard for speed limits.

big_D Silver badge

Re: Good on them

That is why I support local taxi drivers, here in Germany.

The rates are set by the local council and all taxis have to charge the same rates and all have to have a calibrated taxometer in the vehicle.

Add to that that Uber was employing drivers illegally, here, there was no real incentive to use Uber - in Germany if you are plying for hire (i.e. transporting people for money), you need a professional driving license and the relevant insurance for the vehicle (commercial insurance), which can only be obtained if you have a professional driving license - this has nothing to do with the taxi licenses, which the council allocate, this is just another category on the driving license.

Uber were not making sure all their drivers had the relevant license (only a small percentage had, when they were first taken to court) and therefore the majority of drivers were driving illegally, without insurance, when they were on-the-clock.

Such disregard for public, driver and customer safety and welfare did nothing to help their image, nor did "mispelling" Über.

Apple ditches support for pre-2015 MacBook Air, Pro laptops with macOS Monterey

big_D Silver badge

I made the mistake of buying the first generation 24" iMac. With a 64-bit processor, but only 32-bit UEFi, Apple dropped it fairly quickly - at least compared to the Windows running in Bootcamp. After Apple stopped providing updates, I used it in Bootcamp, with current Windows updates for another 6 years, before the motherboard died.

I like OS X/macOS, but the arbitrary decisions to dump hardware, long before it has come to the end of its useful life makes me wary of buying another Mac.

My 2004 Acer laptop still runs Linux fine and my 2010 Sony laptop still runs Windows 10 fine (after an SSD upgrade about 5 years ago) and still gets monthly security updates today.

I understand why they want to cap support on older hardware, there is no commercial incentive, if the old (perfectly functioning) hardware doesn't get the latest OS, people will buy new shiny. But as a user, it isn't a good selling point.

Apple's macOS 12 adds improved virtualization though no sign of anything like Boot Camp on M1 silicon

big_D Silver badge

Re: No one needs Bootcamp anymore

The problem is, the Windows PC or the Mac is the cheap, disposable part of the equation.

Are you really going to tell your boss to throw out a $500,000 piece of equipment, just so you can't plug in a shiny new M1 Mac? The old Windows XP PCs on running lab equipment and production lines are kept around, because throwing out several million in working plant and lab equipment, just because the control software won't work on a more modern version of Windows isn't an option. But those PCs are usually isolated from the rest of the network and don't get Internet access (at least with the companies I've been involved with over the years).

Heck, we even have an old sign printer (prints metal and acrylic signs) that requires MS-DOS and a physical serial port. That isn't even networked and we have 2 spare, old PCs with the right sort of BIOS and physical serial ports, just in case the old PC dies. The printer still works and a replacement costs north of 50K.

big_D Silver badge

Re: No one needs Bootcamp anymore

It was a little black ISDN PBX for home / small office use.

The USB port passthru in VMware and Windows XP mode weren't compatible with it. In the end, I just kept an old XP laptop in a cupboard for when I needed to change the settings.

Now we are stuck with Siemens WinCC, the viewer still uses IE11 and ActiveX controls... Just waiting to see what they do now that IE11 and ActiveX is going away.

big_D Silver badge

Re: No one needs Bootcamp anymore

There are certain applications that need hardware access to work. I had a Siemens phone system, the control software only worked in XP and wouldn't work when virtualised (even on Windows 7 with XP Mode or VMware Workstation). The product was still on sale in late 2015 and the software hadn't been updated to work with a version of Windows that was actually in support!

But if you are down to that level of problem, an ARM based chip isn't going to get you very far either, so I agree, Bootcamp probably isn't really necessary these days and if you really are desperate enough to need hardware support, a cheap Intel mini-PC is probably a better bet.

Lotus Notes refuses to die, again, as HCL debuts Domino 12

big_D Silver badge

Re: Domino

It was a great benchmarking and stress testing tool for servers and clients alike.

big_D Silver badge
Coat

HCL Advertising to Cloud Providers:

Stress test your cloud today, install Domino on it!

Mine is the one with the Lotus Notes Survivor badge on the lapel.

Apple settles with student after authorized repair workers leaked her naked pics to her Facebook page

big_D Silver badge

Re: Details

Have you ever watched Lous' channel?

Apple repair centres often "throw out" hardware as irreparable and tell the customer they need a new iThing.

The customer then takes the hardware to an unauthorised repairer and they find that a 50c resistor has blown and can be fixed in 10 minutes, while the customer waits. That is a huge problem for Apple, there is no real money in repairing iThings, especially if someone else is making the money on the repairs, the real money on repairs is made by telling the customer the old device is dead and they need a new one.

Apple tries many ways to stop this happening and one of those methods is claiming that your privacy is sacrosanct with Apple & its partners, and not with unauthorised repairers; which this case proves is complete and utter Blödsinn (German for nonsense, but literally, stupid sense).

big_D Silver badge

Re: Details

But that is Apple's argument, Apple only let authorized repair centres do repairs, because they are trustworthy and your privacy is sacred to them. An unauthorized repair centre won't care for your privacy and will publish your intimate information online...

Oh, wait... It is the hypocrisy of Apple in this situation: Apple is trustworthy, independents aren't!

This case proves that their reasoning for not having independent repairers is false.