* Posts by sean.fr

75 posts • joined 30 Aug 2012

Page:

You're on a Huawei to Hell, China tells US: We'll fight import tariffs, trade war to bitter end

sean.fr

Re: The devils in the detail

I am not sure you got the point I was making. President Roosevelt blocked trade and froze assets in July 1941. Perl Harbor was the Japanese miltary response in December. That did not end well for Japan.

So China has made plans to survive any blockage without starting a shooting war with the USA. They have built islands to defend trade routes. They bought into European ports. They have invested in overland routes. They even run regular trains to the UK.

sean.fr

The devils in the detail

If I buy a PC, here in Europe it is probably "manufactured" in Ireland.The expensive parts are mostly manufactured in Chine by Foxcom. But the bits are assembled in Ireland for Dell /HP and so it gets a CE mark. Ireland is not putting a Trump tax on the Intel chip manufactured in China.

If my Cisco switch assembled in India has silicone from a Chineses fab plant, it still can have that backdoor. It only makes security sense if the silicone is fabed in the USA. It only makes economic sense if the Trump tax is exported to any country selling into the USA.

China saw the impact of the USA blockage of the Japanese colonial empire - and the resulting shooting war starting with Perl Harbor. The US Military is bigger now. Bigger than USSR, China, UK , France and German militaries combined. They can not do a Perl Harbor to break a blockade.

The whole Belt and Road project is China setting up to deal with this kind of treat from the USA.

It is not a Western democracy China does not need to keep the electors sweet.

This is maybe their chance to push the USA out of the way. Much as the USA pushed the British empire out of the way.

Autopilot engineer drove off to Chinese rival with our top-secret blueprints in the glovebox, Tesla claims in sueball

sean.fr

Stealing Ip an American tradition

The whole history of Silcon Valley is people leaving one employer and starting a rival venture with the IP.

NASA: We need commercial rockets! SLS: Oh no you don't!

sean.fr

Re: Why add new modules

Money to get launch costs down makes some sense. But launching stuff you do not need is not the way to go. If at some point you get 22 tons of raw material into a low space orbit for just the 200k dollars fuel cost, you now need the tech to carry your product back to earth. It may be down hill but if it is at all bulky, heavy or delicate like 200Km of premium fibre at 1 dollar the metre, problem. We can not do it yet.

It could be one or two human hearts - at 250k dollars each. A better investment would be to spend the money on a new and cheaper source of insulin for under insured Americans tax payer, rather than spending on health care for the super rich.

The health downsides of putting people into a zero G factory to work on the heart production line is far greater than health benefits of the products. Would anyone approve a factory were workers have serious health issue after 12 months. Like not being able to walk for a day or two. Your bones and muscles weaken, and you may get permanent eyesight changes. Plus a significant risk of your transport to work exploding.

If this stuff make any commercial sense, you do'nt need the tax dollars. You need venture capitalists.

sean.fr

Re: all a waste of money

The limit to the length between fibre joins is the mechanicals. How big a roll of cable can you get on a truck and pull in. Typically around 4km. Bandwidth is improving by putting better active equipment on the existing fibre types. It is not normal for tax payers money to pay to improve the fibre and not fund the equipment on the fibre or fund more installation into the ground.

The major drugs issue are affordablity, and resistance. Space is just not important.

Assuming the processes can be perfected, it is unlikely that manufactering commercial quantities of anything in space of anything will be be thing in the next 100 years. Transport costs are out of this world.

sean.fr

Why add new modules

If you just want micro gravity there are more than enough modules in place.

We know micro gravity is bad for your health, and we have known for some time. If you want long space flights, you need to fix that issue.

So next space station tech to try is spinning to get something like gravity. It is hard, as you need a large radius from the centre of rotation. Maybe 100 to 200 metres assuming a couple or revolutions per minute. But it does not have to be symmetrical. A long arm with countereweight may work.The connection from the gravity zone to centre of rotation would be under tension so that makes it a lot easier to find a light solution. Plus, we may find 0.5G is good enough. Maybe a few hours a day is enough - so does not need to be so big a space. But what we are actually - doing is same old same old. So we just do not know. For scale, the ISS is about 100m long now.

sean.fr

all a waste of money

This space station is said to have cost 150billion dollars so far. Not a lot of bang for the tax payers buck. Skylab and Mir were much better value for money. So dumped it in the sea now please. Liberate some money for real science like probes – remember voyager.

Just a reminder: We're still bad at securing industrial controllers

sean.fr

no telnet or snmp 2v please

Telnet sends passwords in clear text over the wire.

Unless you change it, snmp have the default passwords public and private.

Assuming using the popular version v2c, rather than version3. passwords in clear.

HTTPS and SSH2 are better. Use HTTPS for the first box as it is easy. Then use SSH2 to copy the text config to the next box.

But to be fair, you are more likely to have downtime due to a hardware failure and human error than a hacker sniffing the wire.

The easiest hack is to just walk off with the equipment. So step one, is sort out physical access.

Raspberry Pi 3 Model A+ support to arrive in Linux 5.1

sean.fr

Re: Kernal / Kernel Who will not notice the difference?

Standardized spelling is not critical to understanding or precision in communicating ideas. People were writing laws and contracts before dictionaries became popular around 1800, and then they only established a locally normalized spelling.

If you ask a friend under 40 to show you their phone messages, it will become clear than in an informal context, spell is not particularly important.

In my case, my PC localization is not english so it is just not spell checking.

sean.fr

Re: Kernal change - Who will not notice the difference?

You are picking me up on a spelling mistake?

So very 20th century.

Do you not have a smart phone?

If the sense is clear, the communication has worked.

sean.fr

Kernal change - Who will not notice the difference?

GNU GUI and applications like libreoffice are the car.

The linux kernal is like petrol/gas.

You need fuel but you do not excited about fuel.

I can not find a application that would only run with a different kernal.

The Raspbian respository is pretty much identical to the complete Debian.

Freeradius, Wireshark, LibreOffice, the usual Web servers, and web browers, vlc, vnc, ssh, ftp, tftp, SQL databases; it is all there.

What would be helpful is a more powerful processor.. at the same price, power consumption, and same board form factor.

The free technical assistance from Broadcom early on has proved a great commercial investment.

A generation of engineers are learning their trade on Pi. Which is very good for chip sales long term. These people go on to design set top boxes, and washing machines. Broadcom could cut a deal on a more recent ARM, or the Pi people should talk to the ARM competition.

Typical! You wait ages for a fast radio burst from outer space, and suddenly 13 show up

sean.fr

screen saver

This would be a cool computation to put in a screen saver, like SETI did.

Boeing 737 pilots battled confused safety system that plunged aircraft to their deaths – black box

sean.fr

more acceptable to be killed by a human

Pilot error is a major cause in crashes. Automation basically kills less people. Therefore it is a reasonable design decision to to automate as much as possible. In the same way air bags can hurt you, but we require them to be fitted in new cars because overall the benefits outway the risks by a large margin.

The route cause is flying with bad instrumentation. Even if you fly manually, bad sensors can kill you. In daylight you can judge you angle of attack, height and speed. At night, or weather probably not. You have to trust the instruments. You can tweek the software, and pilot training, but that is larglying ignoring the real issue. The aircraft was not in a fit state. If you crash a car because your breaks fail, no-one asks why driving without breaks is not taught. ABS can help, but if you loose break oil or the pads are worn, or the tyres are worn, its a maintenance issue.

Microsoft liberates ancient MS-DOS source from the museum and sticks it in GitHub

sean.fr

who owned CPM

As I remember it Digital Research did not actually own most of the CPM source code as it was re-written as class exercises by Kildall's students and was in the public domain. Only about 2K bytes were owned Kildall. Hence the large number of CPM clones and ports.

With sorry Soyuz stuffed, who's going to run NASA's space station taxi service now?

sean.fr

space station boring

Giving the spending there is very little coming out of running a space station. Not going to notice a little pause. Time to put the money back into Voyager like projects.

If for some reason you're still using TKIP crypto on your Wi-Fi, ditch it – Linux, Android world bug collides with it

sean.fr

WiFi security is a mess

For a Wifi admin there are no good choices systems. It is common in public spaces to have hot spots with open SSIDs and a captive portal. Neigbours do not need to any dycrpt to see your traffic. You can have much more secure systems but only if the phone/tablette/ PC has the right supplicant and cert. Unless you can impose one OS, in a mixed environment they do not have a simple common mode that just works and is secure. In a Bring Your Own Device world, it is either or.

With the Internet of Trash, it is only going to get worse.

sean.fr

WiFi security is a mess

For a Wifi admin there are no good choices systems. It is common in public spaces to have hot spots with open SSIDs and a captive portal. Neigbours do not need to do any dycrpt to see your traffic. You can have much more secure systems but only if the phone/tablette/ PC has the right supplicant and cert. Unless you can impose one OS, in a mixed environment they do not have a simple common mode that just works and is secure. In a Bring Your Own Device world, it is either simple or secure.

With the Internet of Trash, it is only going to get worse.

First low-frequency fast radio burst to grace our skies detected at last

sean.fr

does fast mean brief or short?

It said fast. Fast given the speed limit would have been interesting. But just a short snippet of unidentified noise, less so You can image something transiting the signal/noise and bending or reflecting it. If you could identify everything in the sky it would be surprising. I can not identify everything I find on the floor in my house...

Here we go again: Monopoly case another round in Arista vs Cisco

sean.fr

Cisco cli is messy

The cisco command line is a mess and inconsistant between versions. The part cloned is usually just the basic setup. The Cisco clones tend to actually be a bit better than the original. "Save" is more obvious than "write mem" or "copy running startup". "config t" does not block "show config". None of that awful "aaa new model".

On an unfamiliar product, it is usually best to read the "quick start guide". Get the switch talking via http interface. Generate any certificates you need. Then SSH to copy the basic config for the next unit.

So even if Cisco force "show" to become "display" . in the age of web interfaces - the details of the cli are not important to purchasing decisions.

Submarine cables at risk from sea water, boffins warn. Wait, what?

sean.fr

Question of time scale

There is little problem planning a downtime to alter the shore installation given several years notice. Unplanned cuts get fixed all the time. The operator network have enough capacity to just works with what is left. On the multi decade time scale, you have maintain power plant. The only potential risk is that sea defense fails or coastal erosion catches you by surprise.

sean.fr

Exterior cables in ground

Cables in the ground are designed to stand in water. Pits fill with water.

Long haul telecoms cables will be armored - steel or gevlar . Several layers of plastic, Plus Steel Tape. Plus Gel or tape to swell and block any water that does get in. Search youtube with "Outer Sheath and Armor Removal Procedure for Interlocking Armored Cables" or similar terms to see the cables being worked on..

Ariane 5 primed for second launch of year after trajectory cockup

sean.fr

unless you in the rocket

Losing 5% may be acceptable if the launcher is not called Challenger/Apollo.

I hope SpaceX do better.

Microsoft: Yes, we agree that Irish email dispute is moot... now what's this new warrant about?

sean.fr

Re: Moot

The legal sense it is a question suitable for a moot court. Normally an issue not already get determined definitively by a court or a issue without consequence and suitable for debate. A moot court being in effect is a mock court or public debate. Commonly a training lawyer and others. This is sense used in "Friends" making it more popular in the non lawyer world. Sadly the dispute over the word moot occurs as some listener hear mute - silent rather than moot mean public/crowd or some think others confound moot and mute.

Any online legal dictionary will clarify this easily enough. The original point is moot as it notably for not being settle in court. It is without consequence, because the new law will apply to future cases.

France gives les citoyens the right to cock up official paperwork

sean.fr

Re: tax returns - auto filled

Around 2000, I was on series of short term contracts for a UK company in France, paying PAYE in UK.

In a gap between contracts I returned to the UK. UK cut up rough about unemployement benefit as "I had insufficient cultural links to the UK - paying taxs did not count... So when the next contract came through I opted for a French contract.

Try telling the Uk tax man that you can not prove you are paying French tax as it is not yet due.They tried to stick me with a fine of £100 for non production of documents. I opted to go to trial, and finally a competant human actually checked how the french system worked and it was resolved..

They are not really set up for cross border working. Crossing daily or at weekends. It is only 35 minutes and house prices a lot lower.

Try renewing a UK passport in France now. You end up "sans papiers" for 6 weeks. There is no urgent or same day service.

sean.fr

Re: tax returns - auto filled

The basic French income tax returns are fine, as they are automatically filled. They have access to your employers payments and your bank accounts. I tried not declaring £100 in oversees account, but they gently suggested that I had not declared everything. I have closed my Uk account to avoid the paperwork...

Tax habitation (council Tax/city taxes ) is messy. The tax on garages depend on the distance from house. My wife pays tax on a office that does physically exist. You can get a discount depending on the type of water heater you install. Plenty of scope to get it wrong.

Income Tax is collected after the tax year closes. So when you retire, or become unemployed in 2018 you have a big tax bill from when you were working in 2017.

The UK PAYE system is better, as it is calculated by your employers payement system as you go, and the government has been paid before you get it. The government issues a tax code so your employer can do the calcuation withot seeing the details of your life. France is planning to move to the UK system. The transition will be interesting as we can not pay two years IncomeTax in

one year.

Nervy nuke-armed nation fires missile with 5,000km range

sean.fr

Re: If your not on the list, you're not getting in

If Iraq or any other country REALLY had weapons of mass distruction, the USA could not attack.

To much risk they would zap us or our friends.

Which is why Cuba took nukes from the USSR, and why North Korea wants them.

Official: Perl the most hated programming language, say devs

sean.fr

lots of existing code

There is a lot of existing code you can pull in from CPAN. Pretty much anything you want has been done,

The hard bit is regular expressions used to fiddle with text.

It is ugly, But if you need it, it is powerful. The alternative of rolling your own code to pattern match in strings is much worse - particulary if you may need to work with ascii and unicode and other text coding schemes. That is why Linux is strung together with perl scripts. You know you will find it on any Linux machine.

Blade Runner 2049 review: Scott's vision versus Villeneuve's skill

sean.fr

So slow

It looks good, and the plot is OK. It needs recutting to be an hour shorter. The music is overpowering as it working every hard to fill the long pauses. People speak in bay watch time. Keep the dialogue, but cut the unnatural gaps between speakers. Looks like a 1 hour 40 film with an hour of filler.

Brit broke anti-terror law by refusing to cough up passwords to cops

sean.fr

Re: He should have just emailed it to himself encypted of course

Data caps in the western world are not an issue. Most of us have ASDL or fibre. Plus a monthly unlimited 4G phone with data contract phone is about 30 pounds in the UK and 16 euros in France. There are also data sims for one off needs. For the less well served there is Starbucks and MacDo. You are likely to find such a hotspot in the Airport at each end of your trip.

If you are going to a place without internet "all that you can eat", they are probably not going to give a hard time at the airport to open you PC, except perhaps North Korean.

sean.fr

Re: Defeating Draconian laws

It is easy to show to an acceptable level you do not have the password, by having the person who has the password, saying what they did, and why, by phone and email. Preferrably, with a newspaper on copy. You can pre-plan they wipe the key if you do not arrive problem free.

Note, if the data is on a micro SD, you are less likely have an issue, as they are just so small.

If you are CAGE and planning to take US solders to court for war crimes, or are the partner of a journalist talking to Snowden, you will already be on the list for a home visit.

If you were not before, having good security practices at the airport is likely to put you on the home visit list and possibly on the no fly list. Piss off the man at your own risk.

sean.fr

Re: Defeating Draconian laws

Security 101, do not keep the password with the encrypted data .

Arrange for the password to be held by a third party in another country.

After you arrive safely, unencrypt. When you are stopped at the border, you explain you do not have password so you can not comply. Let them phone the person who does have the key. Ideally this should be a lawer or a respectable association, or at least someone less likely to have dawn raid.

Better still, carry the key in person, and send the data over the internet later. A well implimented One Time Pad is unbreakable because there is no pattern to find.

Fancy that! Craft which float over everything on a cushion of air

sean.fr

Hard wall hovercraft

There was vehicle popularly known as a hard wall hovercraft. Basically it was boat that blew air through the skin to make an air film between the boat and water. I remember seeing them at Calais after the real hovercraft left and before the Seacat Hydrofoil arrived. Not found in Google. Does anyone else rember them?

Facebook will deny ads to repeat promoters of fake news

sean.fr

Belief Politics and the freedom to be wrong.

Are you going to allow Google, Facebook, twitter and other private companies to disappear atlanteanconspiracy.com because they claim dinsaurs did not exist. Or is it going to pass fact checking?

Are you going to disappear holocaust deniers?

What about Armenian Genocide denialer.

Are you going to disappear Lukewarmers sites, because disputing established warming facts makes you a shill for big oil.

Would it not be better to just mark stuff "facts disputed". You may need to block terrorist sites. But if your state is not the target, who is a terrorist and who is Nelson Mandela is opinion and not a fact, it is an opinion and you can argue where the line needs to be, but only if you can see the line.

Malware 'disguised as Siemens software drills into 10 industrial plants'

sean.fr

Iran?

We can argue if the USA was right to end WW2 with A bomb. But once they deployed the A bomb, others would wanted the A bomb ...including unfriendly powers.

When the USA attacked industrial controllers in Iran with stuxnet, they openned Pandor's box.

In France there is a major government effort to lock down key industrial infra. There are government (ANSSI) audits, and fines for non-compliance. At present the only confirmed industrial damage is a Steel plant in German. There are several claims of Russian attacks on infra, including attacks on electrical generation causing outages, but it is disputed if the attacks were the cause, or just found because of the investigation after the incidents.

Linux-using mates gone AWOL? Netflix just added Linux support

sean.fr

What hardware Intel and ARM?

Netflix be supported linux cross platform or just Intel Linux? . I can do this with my Pi3? How is the rights management done? Cause under linux I have low level access to the screen as I can recompile the OS if I need to. I would expect high quality ripping to be a problem for Netflix.

Happy 20th birthday to the RADIUS RFC

sean.fr

" No. RADIUS is a protocol. It does not need to handle password change requests."

The Radius protocol is able to do lots, like send text replies. It is able to set your Ip addresses. It can set access lists on what an authorised account can do. It can cause a modem to call you back.

It has extendable vendor attributes, but you can not changer your password?... You have to talk to a separate back end via a different comms device to do this basic function.

You can see it is from a time when it was OK to not change passwords. Radius was to avoid you putting lots of live passwords into comms equipement configs.

sean.fr

Radius's big hic

Unlikely Active Directory, the Radius can not prompt you to regularly change your password. In general an administrator manually puts the text in a users file. He emails it to you, and you never change it.

For switches/industrial equipment/company WiFi tablets/phones you want people to regularly change thier own passwords so you can see in logs who did what.

You can have Radius pass the validation task to an AD but then you are running a closed windows system because Radius is missing a very basic feature. Plus you are forced to use your Windows Office PC password for network/critical stuff.

Time for a rework for the next 20 years.

Errors in Australia's Centrelink debt recovery system were inevitable

sean.fr

Government immunity

If this was a private company, there would be consequences from the regulator.

One way or another the governement will take half of what we earn. It does not matter if you call it a petrol tax, or a licence to provide a phone service, or an employers national insurance, tax on cigarettes or VAT. The trick is to keep it cheap to collect, and easy to enforce so it is seen to be fair. Both overpayment and underpayment is a big problem for low incomes. If you are overpayed, you are likely to get a correction at some point later and you may not have the reserves to cover it.

If you can not calculate accurately the benefits now, you need to rework the benefits and the billing systems until you can actually do the maths. You can require employers to use payrole packages certified to report the info the government needs each time payrole is run, eg weekly or monthy.

Even if payment itself was cash in hand.

Global IPv4 address drought: Seriously, we're done now. We're done

sean.fr

Re: IPv6 is fundamentally broken

The basic problem is an INTER network problem so it is logical to between the networks and leave the networks untouched. An ISP problem not, not a user problem.

Apps on internal devices do not send IP addresses, they send to names.

They expect the IP stack to resolve the name to an IP address and a MAC.

They do not care if you are using really using ATM or NetBois or MPLS so long as the IP stack is happy.

If your ISP can couple your ISPs DNS to IPv6-IPv4 NAT, THEY can allocate a temporary IPv4 address to the Ipv6 address and sort it out with NAT at the at ISP. It would be invisable to us. We should allow us to keep the investment in apps, knowhow and hardware. The crappy bit can be regroup into a DNS/Firewal application (1U 19inch rack box) if you do not want the ISP to do it. But they already provide DNS, and are running BGP4 routing, plus a lot of stuff not really in my best interests like logging every url I use for the government, blocking sites banned by the government, throttling if I use SSH in Iran.

sean.fr

Re: IPv6 is fundamentally broken

In a company, you are more likely to use a company proxy and your OS and browser are talking to the proxy, and the site should only sees the proxy, and your IT probably pay a service to keep you way from the more risky sites. You have the option to erase on exist or block cookies. Your font list and screen res are not unique. Not perfect - but not that bad either.

sean.fr

Re: IPv6 is fundamentally broken

The ip addres can be is several forms

the compressed 2001:db8:42:1::2

or

or the full form

2001:0DB8:0042:0001:0000:0000:0000:0002

so it is shorter if you count it funny

IPv6 is a lot not more bits.

sean.fr

Address allocated but not live

If all these people and companies are refusing to move to IP6 after so many years of pushing it, you have got say there is soming very wrong with it. The basic IPv6 model makes the is wrong assumption we want everything on the internet. We ( low level, part time and amateur network support folk) want to stay with what we know, and there are many more of us than ISPs and backbone peering super egg heads.

We are fine with IPs and Internet peers using IPv6, if you keep on the dirty side of the firewall. We want none of it inside our companies and homes. We are happy with or 10 and 172 addresses. We have are comfortable with NAT, OSPF, Vlans and tags. We DO NOT WANT an internet for every device. I do NOT want my LED light bulbs or my garage door on the internet, because I can not protect them. It is hard enough to keep the PCs safe. I can patch the PC, but not the coffee distributer, or the toilet water pump.

So make it easy to keep IP4v inside, and you can use whatever you want outside.

It simply is not true the IPv4 addresses have run out. They are allocated, but much are not actually used on the internet.You can check this yourself using ping. Pick some random addresses, and ping. Yes some people block at the firewall, but most companies do not as it is really hard to debug your internet connection if you do.

Monthly charges for each IPv4 address.

You will get lots of scrappy bits returned. So like was done for phone numbers, you need to weaken the link between the number and routing. Another layer of mapping is required, But on the firewall or the dirty side of the firewall. Plus if you are billing individual addresses, you can fine / block addresses used for DDOS / spam / scam. You would encourage encrypting on everything - firewall to firewall - so everything is signed - end to end - and harder to snoop / spoof.

Update or shut up: Microsoft's choice for desktop Skypers

sean.fr

Re: Skype as a free alternative to H323

H323 is an open technology, is point to point and can be encrypted. But was designed for an Internet Addresss per codec, and that period is over.

Skype did have the potential to just work on everything. The boss is on holiday when the wharehouse burt down but can have a look via his big phone which will in general already have Skype. He can talk to the insurer, who also will have Skype on his tablet. He can talk to managers on the smartTV in the VC suite. Even the firefighter can stream live to the incident room using a 4G phone. You could use an APPLE , or Polycom client, but there are just so many different incompatable systems.

Paying is not the issue directly. Corporate would prefer to pay. Just the things you do to push a pay servicer, also tend to stop it being universal. Aunty Nelly will use a free service. Therefore boss will want the free service too so Nelly can see the kids on holiday. So Nelly or Boss needs to be able to call in to Corporate using the free app.

If Microsoft billed for End to End Encryption, Multipointing, and recording and other premium services, that could work. Just no US company can offer End to End encryption due to USA interception regulations.

Room for an open protocol, point to point system with extendable encryption. Even P2P requires some servers for call setup. So possibly with peering fees for Business users wanting servers away from prying eyes.

sean.fr

Skype as a free alternative to H323

Skype was a threat to corporate videoconf - H323. It was free, and it just worked, anyone to anyone, any device to any device. Once you had HD Skype in the TV, there was little motive to spend a 2K dollars on a classic VC codec. But Microsoft has killed off the TV Skype, and there are barriers to stop you calling Skype for Business from home (free p2p) Skype.

If you are on a platform where Miscrosoft gets a dollope of money, Windows there is a future. For Android/Linux/Mac, there is no money, and so it is likely to become harder to talk to corporate.

But I think Microsoft are probably too late. If you are running Skype for Business in your Corporate VC suite, you have a big screen + PC +microphones in the suite. The same hardware can run one of many other, open / free systems. Some of them will work just fine on anything Microsoft does not want to support for free.

Cisco TelePresence control software had remote-exploitable bug

sean.fr

Vid Conf is a mess

The whole legacy video Telepresense style Conf technolgy is a messy. The H323 protocols were not designed to play nice with firewalls and Network Address Translation. For calls inside the company H323 work just fine. Call setup uses a central server called a gatekeeper who knows who can do what, and approves each call. Your MCU will talk to the Gatekeeper and say, "if you want to mix video sources, I can do that". Your ISDN gateway will talk to the Gatekeeper and say, "If you want to use the phone lines/ISDN, I can do that". Ad hoc calls between companies works very badly. By default Gatekeepers do not assume trust, and do-not co-operate. Both system admin need to manually set up the trust in thier gatekeepers . caller by caller. In very simple setup you can bypass the server to call direct, if there is no NAT, no firewall, and no ISDN and no MCU.

If you remember Netmeeting - it was in direct mode. But when you got a 192 - 172 - 10 address, you stopped getting calls. Thats the NAT issue.

But between companies, there will be NAT, and you probaby want to accept phone calls into the meeting, at least sometimes.

In practice, if you have an MCU, it probably not anywhere in the network where it can get contacted by strangers. All MCU appliciances I have seen are rebranded RadVision.

If your MCU audio message says in English "press the pound sign" - its Cisco/Codian/Tandberg/Radvision and likely to have the security issue.

Crims shut off Ukraine power in wide-ranging anniversary hacks

sean.fr

How sure this is not hype

We are in a context where major pressure is beeing used to distant Trump from Russia. Earlier reports from Ukraine had significant walk back. While malaware was found when investigating earlier outagates, it was less clear the malware actually caused the outages.

YANG: Coming soon to a router near you

sean.fr

Keep is standard, and simple

There will always be some fancy new thing that will solve problems you never knew you had. Anyone else deploy ATM? Loved traffic contracts. All gone now...

This fancy stuff creates vendor lock in. Buy boxes from at least two vendors. Keep the configs simple and base them on a limited number of roles Data Centre + Edge + Distribution + Core + remote office. Cut and paste is your friend. Can you replace each pizza box with a pizza box from another supplier?

Keep the management tools generic - SNMP - none of this autoconfig stuff. This fancy stuff all claims to let you configure 1000 vlans from two clicks your smart phone while on a skiing holiday. However there is always a hic. Did you every find a problem with a new firmware/patch, or type point instead of comma ? Bet you were glad you roles it out host by host and not let the Network Management Station push it to the whole network in one go.

Everyone has an IP network, and most of us have the same problems. The answers are on Youtube. Tempted to try Trill? Found it in Youtube? No, Your ready for YANG or TRILL or X when there are 50 videos on it.

UK prison reform report wants hard-coded no-fly zones in drones to keep them out of jail

sean.fr

Blocking drones easier than blocking phones

Drones use a limited number of well known frequencies for control. They often use 2.4Ghz and 5.8Ghz frequencies also used for home WiFi. But the protocol are very differently coded. The comms is often frequency hopping but it only intended to block accidental interference, not active jamming. You can monitor the signal, allow for any WiF and microwave ovens you are expecting, and send the police to investigate the source of anything else. Jammesr4u sell commercial drone jammers for a few hundred dollars If you jam using directional aerials pointing to the sky, you can avoid degrading the local wifi. In any case you only jam after you have detected the rogue signal.

sean.fr

Blocking phones in a zone is easy enough

You not need to block all phones to block phones inside a zone.

Detecting is easy enough. To work they need to talk to a base station. By comparing the handshaking timing at as observed at three or four antennas, and you have a location. There is timing info in the protocol GSM which makes it easy. Then you de-register phones that are in the forbidden zone. Better, you just record. Actually you want prisonners to keep contact with the outside world as prisons with good family contacts re-offend less. So you allow the phones, on condition they are declared and they are aware they will be recorded.

Computer forensics defuses FBI's Clinton email 'bombshell'

sean.fr

Adoing FOI is the crime, defense secrets is a red herring

Government emails are recorded and archived, and are subject to Freedom Of Information requests. Later, historians can pick over them. The national security arguement is to miss the point. She probably did not leak anything that "the enemy" did not know or care about. Her crime was keeping stuff out of the reach of Americains using FOI. She does not dispute the facts.

Page:

Biting the hand that feeds IT © 1998–2019