* Posts by Lee D

1702 posts • joined 14 Feb 2013

Sainsbury's IT glitch spoils bank holiday food orders

Lee D
Silver badge

Re: First world problems

Doing the virtual shopping gives me the time to write the lengthy post!

6
4
Lee D
Silver badge

Re: First world problems

Sorry, but it's 2017.

And I don't have two hours to drive to a "local" Sainsbury's, run around with all the idiots that can't park or drive a trolley, fight over the last bagel, spend an hour wandering around looking for whatever soup it was, queue up, unpack it all onto a belt, repack it all onto a trolley, unpack it all and repack it all into the car, drive home, repack it onto the kitchen floor, then repack it all into the cupboards.

And having to do it peak hours if you want to have dinner after work, or fight with re-stocking staff if you want to do it late, or not at all if you can only do it on a Sunday evening, etc. etc.

And the point of doing it online is not because I'm a cripple (though my ex basically was, as are about 1 million other people in this country), but because I don't have the time in between work and sleep to piss away two hours and a lot of physical effort when someone will do it all, just as good, for a fiver. And I don't want to waste that time getting rammed in the ankles and having my car scratched either.

Also, they PACK IT ALL without the unnecessary packing/repacking, oh, I forgot the bags, oh I have to throw the bags away, oh it's all fallen out of the bag, I should buy "proper" ones...

They PRICE IT ALL, not messing about with ten minutes of beep, beep, GERRTTT, "Sorry, John, can you get me a price? Sorry about this"

They DELIVER IT ALL (I order bottles of Coke, water, etc. and make them bring it to me rather than me lug it around everywhere in an unsteerable trolley). And they will do so WHEN WE NEED (i.e. I need it to arrive by 8, because I don't have the time to shop and we'll only be in between 8 and 8:30, or the party stuff arrives tomorrow morning so we don't have to run around while we're trying to get everything else organised).

They will even take it into your kitchen and - sshh - if you are elderly or struggling or you slip them a few quid, they sometimes will even help you unpack.

You don't have to be in a wheelchair to appreciate all that, for £5 extra on the price of the shop. I would pay a Boy Scout a tenner just to do it all for me, so I could go and do something else for two hours - and I don't even have kids! - but there's no way they would ever think it worth the effort for such a pittance. Hell, even an hour of my time is worth many times more than that. In fact, just sending granny down to the corner shop for a loaf of bread is cruel in comparison even if she's able-bodied but a bit slow and it takes her 20 minutes to get out of the house.

And, literally, rather than spend half an hour running around the cupboards finding out what I need, I can see what I ordered, when I ordered, and then just re-order without forgetting anything as it's all on there already from last week. Even the CHOOSING is quicker. No impulse buys, no pressure sales, no remembering where the soap is, no "we rejigged the store to keep you on your toes", nothing. I can order the shopping in my lunch hour to be delivered as I get home if I just suddenly remembered the cupboards are bare.

"Do the shopping, love."

"Click, click, click, done. It'll be here in an hour."

And I don't even have to work out which of the seven billion varieties of bread we normally order, it's all just there.

Welcome to the 21st Century. I'm not saying we'd die without it, but if you DON'T take advantage of it but whine about the five minute queues in a bank, you need to reprioritise.

Now, if we can just scrap the stupid Sunday trading laws, we might actually consider ourselves a modern country.

17
14

Sysadmin finds insecure printer, remotely prints 'Fix Me!' notice

Lee D
Silver badge

Then why print-by-email?

0
0
Lee D
Silver badge

Re: "the printer was no longer visible"

Google Cloud Print?

Go ask your local school.

Because it means that the kids are authenticated via their Google accounts (can be done without any AD integration by google-sync tools), they can print from their Google Classroom, Google Docs, Google Mail, etc. accounts (all free and unlimited storage for schools, by the way), no matter what device they print from (web, home PC, Chromebook, Android, iPad app, etc.) and it comes into the network as a Google Cloud Print account that you can plug direct into, say, PaperCut (so you are authenticated again, departmentalised, held-for-teacher-authorisation and billed accordingly before a printer is ever involved). Whether they are in the next room or the next continent (e.g. on holiday doing their homework, printing it to their teacher's printer to get it in on time, etc.)

Some things have uses. Even if they have the word Cloud in them.

And what horrendous, disgusting, terrible abuses of privacy are possible? The kids scribbles might be briefly visible to a bored tech at Google. Except they are one of the few companies (*cough* f*** you Apple) that provides EU data protection guarantees that state that your Google Education account data for ALL users will never leave the UK.

10
12
Lee D
Silver badge

"On one visit Doug couldn't help but notice a multifunction laser printer that had been hooked up to a neighbouring network, but left wide open to the world."

"So one day Doug dug into the printer's web interface and figured out how enough about the network to which it was connected to learn the name of the company that owned it"

"And because he knew enough about the company to also send a document to the printer by email..."

Er... which is it? Is it open to the world, or did it have the print-by-email switched on? Was it open to the network and exposing the address book, or was the web interface open, or was it browseable?

Because something doesn't add up here, as an anecdote.

If the printer is insecure, and you SEE THE PRINTER, leave a Post-It on it.

If the printer isn't visible but you found it on the network, just print to it.

But, no, he went hunting on LinkedIn, then probed mail settings, and then the address book stuff? Address book from the printer? On an MFP it might contain certain people who've scanned, etc. but if the AD is open enough that you can just get a list of all users then that's a bigger problem than an open printer.

My biggest question, really, though, is how you're able to access another company's network whatsoever. Even in a shared office. Because that's the REAL problem here. If one office can happily send broadcast to everyone, or probe IP addresses and web interface of any internal devices, that's a much serious problem - just think of WannaCry.

Techy detail please, when he says he could "see" this printer, and the configuration of that network that allows him to see that that DOESN'T come down to "Holy cow the whole site is insecure, but hey, let's play games with a printer".

18
0

'Major incident' at Capita data centre: Multiple services still knackered

Lee D
Silver badge

Stop relying on one datacenter to be up.

This is WHY Windows Server and lots of other OS have HA functionality.

Hell, it's not even that hard to enable. Or just provide a secondary system somewhere else that does the same even if you don't have fancy connections between them.

If your platform is not virtualised, why not?

If your platform is virtualised, turn on the HA options so that the VM replica in another data center just starts up and becomes the primary and your domain names, etc. resolve to all IPs that can offer the services.

I still don't get why ANY ONE FAILURE (one datacentre, one computer, etc.) is still a news item nowadays. It shouldn't be happening.

Even if you deploy on Amazon Cloud or something, PUT THINGS ELSEWHERE TOO. It's not hard.

24
0

Life is... pushing all the right buttons on the wrong remote control

Lee D
Silver badge

Despite the number of gadgets I have, I have one VM remote. I bought my girlfriend the same model of remote so she had one too. Both do exactly the same.

And we each have an app on our smartphone (literally an IR-blinker, not some fancy web-tech junk) that controls everything should we lose both of the identical VM remotes.

What the hell are you people doing not to use programmable remotes and/or smart apps by now? Why do you have so many gadgets and not think "throw all those remotes in a drawer, buy one universal, programmable remote"?

And you have the smartphone beside you while watching TV, most likely, and if you buy the right one (or the right headphone-port-gadget in the £1 range), you can control everything and literally remove the buttons that you never use from show.

Samsung S5 Mini, for reference. Comes with Plex, but irplus is simpler and has a much larger remote database and can use LIRC files. Plex lets you schedule and checks TV listings etc, though, so it's up to what you want to use.

It does get me when supposedly techy people whine about techy problems that aren't a problem for any techy.

2
4

Windows is now built on Git, but Microsoft has found some bottlenecks

Lee D
Silver badge

Re: GVFS sounds super dumb

Give the guy his due.

He wanted to continue using Bitkeeper. Lots of people in/around Linux used it and paid for it (even if they didn't always have to).

Then the owner of the company that make Bitkeeper decided to be a twat because someone from Samba fame started to reverse-engineer it's proprietary formats so they could integrate with it.

He pulled the rug, the software was made unavailable.

So Linus knocked up an alternative in a few days, that pretty much sent Bitkeeper scrambling and now even Microsoft use it, and Bitkeeper is nowhere to be heard of. Since the very early days, it's been almost entirely other people - including Microsoft - developing git, but you have to admire the way that was done.

"Okay, you won't play ball any more, despite it being nothing to do with us kernel developers at all? Okay, I'll write an alternative that's more focused on our process, better for us, and does things yours can't. Oh, look, there it is, done. Bye!".

There aren't many people who can re-write an independent implementation of a large commercial product overnight, that ultimately leads to nobody even touching the other software any more, and Microsoft basing product lines and their entire development process on it.

6
0
Lee D
Silver badge

Re: GVFS sounds super dumb

Embrace.

Extend.

Extinguish,

Welcome to step 2.

Or are we not supposed to dredge that up with "new" Microsoft that's releasing SQL Server for Linux, Visual Studio for Linux, etc.

It's almost like they want to grab those "developers, developers, developers"...

13
34

Auntie sh!tcans BBC Store after 18 months

Lee D
Silver badge

I'll save you the bother.

1) Check we're talking about the right series (Nicholas Lyndhurst).

2) Series 3 and 4 and a Christmas special won't be there.

0
0
Lee D
Silver badge

Okay.

I want The Good Life, Series 3 and 4 in a digital/streaming format. I have the DVD's already, but they are old hat. I pay for my content, and I'll pay for the convenience of online content (e.g. I have a large Amazon Instant Video and Google Play TV/Movie library already).

Currently only series 1&2 are available ANYWHERE else on the net.

I have 1&2 purchased on Amazon, for instance.

Can I get 3&4 on the same service? No.

Am I going to try to remember that I have 1&2 over there and then switch service to get 3&4 over there? I try my best to avoid that already.

Are we talking new content? It was made in the 70's, is shown on all the channels, but like fuck can you actually get it. And if I *had* bought it on BBC Store, I'd now have to find somewhere and buy it all over again.

And then people wonder why you can't make an online business take off - it's junk like this. I WILL PAY SOMEONE TO GIVE ME LEGIT ACCESS and I either get screwed over, wait forever, or literally cannot do it.

And it's not just the BBC. The same applies to lots of the old things that never made the digital age - The Two Of Us still doesn't exist on DVD incorporating all episodes, but they show them occasionally. Even Just Good Friends has the same kind of non-digital stuff.

The reason you can't maintain the business model is because you're trying to control the product rather than actually sell access to it. It's actually counter-productive. And you have zero interest in releasing your archives at all, even if you're publicly funded.

You're sitting on a damn goldmine and you can't be bothered to just give some content to Amazon/Google, let them convert it, stream it, manage it and market it, and say "Give us a pound every time someone buys an episode".

5
0

NHS Digital stopped short of advising against paying off WannaCrypt

Lee D
Silver badge

Unlikely, given that nobody has spent the Bitcoin ransoms that were collected.

Yeah, that "anonymous" network? You can trace every payment from every wallet out to every endpoint, by just visiting one of the thousands of blockchain info websites.

Sure, if you break it down into enough pieces and "launder" it through enough genuine transactions, people will lose track. But at the moment, a lot of money is sitting in a BitCoin account that nobody has dared touch.

Because the second you touch it, every Bitcoin exchange is going to be tracking it and refusing to deal with it's products, most likely.

And if you're not being paid, or being paid a pittance (nothing compared to 20 years in the slammer, for instance), or being paid into an account you daren't touch.... why would you send out anything so incriminating as a release code?

0
0

EU security think tank ENISA looks for IoT security, can't find any

Lee D
Silver badge

Re: please...

I can do it much more simply.

Customers may return a product for a full refund for up to five years after the purchase date if it has a demonstrated security weakness under "not fit for purpose" regulations.

Nice and easy to determine in a court of law.

Minimal additional legislation required over existing.

Decent amount of comeback on manufacturer's who push out junk.

Decent incentive to actually make things work properly.

Already handled under existing product returns, etc. processes for all involved.

In the same way that a bank vault that doesn't shut would be sent back to the manufacturer, an IoT device that can't be secured from the Internet should be sent back too.

3
0

New York Attorney General settles with Bluetooth lock maker over insecurity claims

Lee D
Silver badge

Re: Get real.

Then just use a stick.

The point of taking the key is that others CAN'T DO IT EVEN IF THEY WANT TO.

3
1

ZX Spectrum reboot firm slapped with £52k court costs repayment order

Lee D
Silver badge

Re: Get GPWIN!

I coded some things up for the GP2X, which also worked on some of its successors.

They were cool little gadgets precisely because they were just Linux and you could run anything on them.

The GPWin looks really enticing, I keep seeing it pop up, but I think things like the OpenPandora have tainted me against trying them.

Problem is, nowadays, that we all carry out full-screen, high-res consoles wherever we go. Occasionally people phone us on them, but other than that...

2
0
Lee D
Silver badge

Re: RetroPi on a Raspberry Pi

More accurately:

Just add TZX's.

No ROMs required.

1
0

Payroll-for-contractors company named at centre of AU$165m tax scam scheme

Lee D
Silver badge

Re: As if...

It's not "Is nobody going to notice this scam, ever?"

It's "can we make our money and run before anyone notices?"

Which, let's be honest, could easily have happened here.

13
0

Chelsea Manning leaves prison, heads straight for booze and pizza

Lee D
Silver badge

Re: Here we go again

Assange is irrelevant.

Certainly to the point where he gets ignored as someone who thinks they can stand on the prison roof and shout demands that their friend in America gets released, while below the judge waits to sentence him for breaching bail.

7
2

Good news, OpenVPN fans: Your software's only a little bit buggy

Lee D
Silver badge

You don't want to use lower entropy sources for - of all things - a VPN that's exhausted entropy.

If you don't have the hardware to provide the security you want, software can't fix that for you except by - literally - pretending otherwise and carrying on regardless. Guess where the security problem is with that?

And it doesn't take much to add entropy if you are running a VPN device on even a virtualised machine. If you don't know how, then you shouldn't be designing or operating virtualised VPN devices.

Refusing to allow low-entropy sources is no different to refusing to allow low-size keys. It's purely a security decision. Anything else means someone will knock out a "VPN router" that has OpenVPN's name on it in the firmware, but is actually so low on entropy as to be bog-useless. Not having the option means you can't do that without literally having to patch it in (and release your patches?). And then the problem is in your patch, not in every OpenVPN device ever made.

1
0
Lee D
Silver badge

Re: Only analysed Linux platform?

If something can override, say, %WINDIR% or %SYSTEMROOT% or %SYSTEM% or %ProgramFiles% before your program starts then you already have problems far beyond what OpenVPN can inflict - and if you're that paranoid, you use the hard-coded override as specified above in your quoted manpage.

Setting an environment variable on Windows like that is already a privileged operation, so if you can do that, you’ve pretty much owned the system already,

The fact that is that any number of programs DON'T use the system API at all for that at all. There are no warnings against their use on any MS KB page that I can find. They are used in everything from batch scripts to hard-coded into programs (via library calls to look up environment variables).

So, they are probably not-unreasonable in their refusal to use a proprietary, likely platform-specific API, over allowing you to pick up environment variables and hard-override the options and - better - NOT USING THE COMMAND LINE AT ALL, but a locked-down, permissioned, isolated config file anyway.

5
0
Lee D
Silver badge

Re: Those are bugs?

Oh, gosh, look... people who know to wrap the things that are known to cause trouble, so they don't cause trouble.

If this is really this surprising and "good example" in this day and age, it explains a lot about why other things are so rubbish.

Don't even get me started on people who don't wrap malloc and free to prevent double-free's, etc.

And, seriously, once done once it can carry over in other projects really quite easily. Literally a page of code that wraps calls, and then forcing people to use your safe alternatives by some kind of redefinition or overloading.

OpenVPN is good quality code, no doubt, but it mostly looks like that because OpenSSL and similar are just pieces of unfathomable shite in comparison.

2
0

More UPNP woes: Crashable library bites routers and software

Lee D
Silver badge

Was an ED pre-orderer.

You're wrong.

I literally DO NOT HAVE UPnP enabled on any device.

Everything works.

2
0
Lee D
Silver badge

Re: Why is ANYONE allowing UPNP to run on his router?

Almost EVERY modern game uses central servers - Steam, Origin or some proprietary server - as a go-between. Peers do not talk direct to peers any more. That was why you required UPnP/port-forwards, as you didn't know what IP would be contacting you in advance, so you had to open the port.

All modern games instead communicate to a server (which has open-ports) which co-ordinates the passing of data between you and the people who want to join. It's called matchmaking, but that's a side-effect of being the central server that everyone relies on to be open and handle connection-formation.

Nothing since DirectPlay has required UPnP to work. P.S. I have Skype. I turn off Skype UPnP options, it works. Same for torrents, for VoIP, for messengers, etc. - all things that you USED to have to port-forward for and don't any more.

UPnP is an unauthenticated (authentication exist but it's not necessary in teh core protocols unless configured, and nobody configures it, and some software doesn't work when it IS configured) method to forward arbitrary ports on the Internet to arbitrary ports on your local network. This means it can LITERALLY serve requests to open your SMB port to the world. And it will do so, without question, confirmation, password or the user knowing. Literally, any bit of malware can expose your network immediately, permanently, through your firewall, and without you knowing - and there are viruses that do just this.

It's a stupid idea and needs to die because it's NOT NECESSARY. You can run servers on modern games no problem (matchmaking) and if you're opening up ports to the world for older games, that needs to be a conscious action, not something that happens automatically and without confirmation affecting not just your computer but EVERY computer on your local network.

Your kids, upstairs in their bedroom, on the isolated wireless VLAN you made for them so they don't infect you, can run a program that will send a UPnP request that will open your router, network and every VLAN / port to the world. And you have no way to stop it, while UPnP is still enabled, because UPnP is basically designed to do just this for ANY request it receives.

Switch it off.

1
0
Lee D
Silver badge

Re: Why is ANYONE allowing UPNP to run on his router?

Rubbish.

It doesn't affect gamers at all.

1000+ games on my Steam account, including years spent on CS from 1.6 up to GO, and no UPnP whatsoever.

The only need for UPnP is if you need to punch a PORT-FORWARD which is only necessary if you are running the server yourself (hint: Don't. That's why people rent game and dedicated servers if they are serious).

I've never had UPnP enabled, and yet I can do EVERYTHING that normal people do, for many years through a double-NAT set of firewalls. It's only use was punching holes for bypassing NAT for, e.g. SIP and video conferencing, but those problems are long-ago dealt with and no workaround like that necessary.

If your software needs UPnP or even a port-forward (including servers, which shouldn't need UPnP or port-forward, they should just be opening the relevant port and not be behind a NAT), then you have no idea how to program and shouldn't be writing networked games.

Certainly, nothing on Steam from CS to GTA V, AOE2 to Worms etc. has ever needed UPnP or a port-forward on the client end.

If you do not understand this, or what UPnP does, or why it's dangerous to even have enabled, you shouldn't be the person giving advice to others.

5
2
Lee D
Silver badge

Re: Kan you speak Engrish?

Er... which word would you use?

"Signedness" is a term often used in programming. There's a Wikipedia article on that exact word, for instance.

Though it may not be fully correct dictionary English, it's certainly an acceptable term in the field.

It's whether or not the variable is signed. The state of that is its signedness. Not pretty, but certainly not ugly.

And no, the "sign" of the variable isn't sufficient. That describes, from a mathematical point of view, whether or not it currently holds a negative value or not. NOT whether the variable itself is capable of holding a signed value.

13
0

PC repair chap lets tech support scammer log on to his PC. His Linux PC

Lee D
Silver badge

I don't need to.

They both start the conversation talking about shit like the weather, and whether I watched the football the other night, before telling me who they are, what they want and why they're speaking to me.

Literally, it's a flag on my mental "Hang Up" list to waffle incessantly to a person you clearly have never spoken to in your life about things which - anyone who knows me would know - I don't even discuss with the best of friends anyway.

The people who I do actually have dealings with generally start conversations like:

"Is that Lee? Cool, I've got some more of those laptops in stock, would you be interested?"

Or "Hey Lee, what was the date of install for that equipment you wanted?"

Or "Lee, mate, did we ever hear back about that quote?"

Because they quickly learn if they don't keep things that terse, their calls mysteriously can't make it through to even our main switchboard for some obscure technical reason. (clicks button, closes telephony server control software, whistles innocently).

0
0
Lee D
Silver badge

Re: For the phone scammers ...

I usually employ the phrase "You do know that you're committing fraud for a living?". You follow it up with not-so-much pleas to their better nature, but attempts to embarrass them. "Is this what you went to school for? So you can scam old ladies to earn a pittance? Would your friends be proud if you were to tell them what you do? What if someone phoned up your mother and tried this? Would you be proud of that? Hey, mum, that's cool! I scam people for a living in the same way! How funny! How's it working out, the fraud game? Does it earn you a lot? More than just sitting in a respectable job making the same kind of phone calls but with a genuine purpose for a real company? What are you going to do if you get caught? Is that going to go down well? Are you going to still be able to afford to keep that job when the police knock on the door and start asking for your victim's money back?"

I've had everything from "Microsoft" to "BT" calling up to try to tinker with my systems, but no one has lasted more than a minute or so against that, even the ones who protest and want to argue and think being forceful will just make me comply. I'm sure they don't go off and rethink their lives immediately but hopefully if enough people do it, the ones who are just "led" into doing it and don't think about what they're doing will drift away from that kind of enterprise.

And no genuine person on the phone is going to tolerate that kind of phrasing, so if they are actually trying to help (e.g. you're in a large company, not very techy, and you didn't know that they were contracted to provide IT support or whatever), the chances are they'll then set out to provide proof that they're authorised to do what they're doing.

37
1

For now, GNU GPL is an enforceable contract, says US federal judge

Lee D
Silver badge

Though the clarification is nice, does ANYONE actually think the GPL and any other licence isn't valid in any sensible country?

If there was even a modicum of doubt, there would be thousands of infringements a year, for more than anyone could chase up, to take advantage of a grey area if nothing else.

I think people quite understand that US/EU law won't take kindly to ripping off GPL or other licenses on code, so they don't try - unless they're in a country that wouldn't care less about doing that.

I can't imagine, say, Microsoft just shoving a GPL library into Office and then trying to argue it in court. That's a massive hint that they know they'd lose in seconds.

Though I'm sure there are code violations (e.g. things in firmwares that were sold by some random Chinese firm to an American wifi-router maker or similar), I think it's been quite clear-cut for many, many years that you rip off GPL code at your peril. It doesn't mean it doesn't happen. But it's quite obvious that you wouldn't get away with it in any first-world country. Or the US.

4
1

Taiwan government to block Google's public DNS in favor of HiNet's

Lee D
Silver badge

This could have worked 10 years ago.

Surely DNSSEC and associated record-pinning will make this just stop lots of website etc. working entirely?

0
1

Agile consultant behind UK's disastrous Common Platform Programme steps down

Lee D
Silver badge

Re: Agile and government do not mix

You used "agile", "deliverable", "waterfall" and "mandarin" (in the context of bureaucrat) in the space of one comment.

And you complain about others being buzzword-compliant?

11
18

Email client lib blown apart by CC: list of death

Lee D
Silver badge

When writing a library that you intend other people to use to communicate over the public Internet, at least have the courtesy to make some basic tests to check, e.g. that all NULL calls to functions are caught and the like.

People whine about it being C, but this is just sloppy anyway. If you can't spot that NULL can slip through to a function, AND you don't bother to check pointers handed to you for NULL, what the hell kind of other junk has slipped through that you don't care about testing?

Seriously, I have a game that I wrote for myself in C99. Even *that* has NULL checks on every pointer inside every function. I can't say it's "secure" (I wasn't trying for secure) but it's dumb to act on any pointer without checking it's not NULL first. Hell, make a macro or wrapper for your functions if you're that bored of writing things like that. At least you can sort-of forgive "oops, didn't realise the macro would expand that way", even if you are still an idiot - especially if you're writing libraries for public consumption.

9
0

Spend your paper £5 notes NOW: No longer legal tender after today

Lee D
Silver badge

But environmentalists make very bad oils for fivers when we extract their juices.

4
0

BT to pay £22m in interest to rivals in ethernet overcharging case

Lee D
Silver badge

Re: Where's my cut?

You weren't overcharged. You agreed to a price and contract and paid it to those third-parties.

Any refund would have come from those companies direct because your contract would have guaranteed it and was much more clear-cut. Or you had no refund owing whatsoever.

This is those companies recouping anything they may have had to refund you (likely zero given most of the guarantees on those circuits) and the interest on them being out of pocket during that time based on their contract. Not you recouping from them based on yours.

As always, your contract is with the company who supplied you, not the underlying contractor they choose to use. Otherwise you'd be in a whole heap of trouble because no end of shouting would ever fix your problems and they'd just tell you "talk to BT, nothing to do with us, oh by the way you owe us this month's payment".

3
0

Unpaid tech contractor: 'I have to support my family. I have no money for medicines'

Lee D
Silver badge

Which is when you add 20% to your price to cover that uncertainty and all it brings with it.

If you have the qualification enough to be in demand, you should be negotiating a pay that you can live off.

0
1
Lee D
Silver badge

Re: How it made money is therefore a mystery...

And when they have a bill they can't pay, they just need to sit on your money for another week to pay it.

Sounds suspiciously true.

7
0
Lee D
Silver badge

Re: I lack sympathy, somewhat.

So it's either they can't handle a single week without income and thus risk debt and maybe even bankruptcy (or literally not being able to go into work the next day!), or they have to accept lower monthly wages spread over a year with longer guarantees of employment in a job they don't enjoy?

Isn't that simple economics? I cannot walk out the door without it immediately impacting my next employment, but equally my employer can't kick me out without justification and consequences. Self-employment is exactly the opposite of that. I didn't say that either situation is nice, but they VOLUNTARILY opted-out of the guarantees because they don't want to work the lower-paid jobs. Per-hour they earn more, but they have VOLUNTARILY gambled that they won't break their leg, lose their car, get a sudden bill, or be paid late. That's NOT a sensible position for someone who is being "forced" to do that in order to earn a living, and especially not if you have no backup plan.

If you have no money, can't get a job, and the options are "go self-employed" or "take lower money", then you have chosen to go self-employed at risk to yourself and your family. Sure, you can say "but we couldn't survive on the lower money" but - guess what - it means you CAN'T SURVIVE on the higher money either, should ANYTHING go wrong. That gamble was a conscious choice, the overall situation is still no better on average.

Not only that, getting loans, mortgages, credit or even jobseeker's allowance is a lot harder if you're in -

or have come from - self-employment. There's a reason for that. Those places know your income is much more likely to be unpredictable. I was once refused a mortgage when regularly self-employed by a set number of long-term clients while earning TWICE what I was earning when properly employed (when they did grant me a mortgage without batting an eyelid).

Yes, I'm British. And I have been in this exact position you describe. That situation is a no-win, it has nothing to do with self-employment.

And I have consciously chosen - after a career in self-employment straight out of uni - to go to normal employment for many good reasons. And one of those is precisely this: When faced with the gamble, you can't guarantee it will pay off, even if the alternative situation looks worse than you can afford to take.

Hey, you have no money? I'll pay you £500 a week. Or £1000 a week but only if you spin heads on a coin - spin tails and you have to work that week for free. The offers are mathematically equivalent. If you "need" £700 a week to cover costs, can you ever really win on either option? No. One run of bad luck and you're stuffed and won't recover.

And especially if you have no savings, you cannot afford to take the gamble. Even if it's "your only option" and "forced" onto you.

7
10
Lee D
Silver badge

I lack sympathy, somewhat.

Either you have a contract with that company that they'll pay within a certain time, and you should be working to the maximum of that window. Or threatening them with collection if they don't pay on time as per the contract.

Or you have a contract that doesn't say a word about payment schedules, which means you have almost no fallback without going to a court and proving they were unreasonable (which will cost you more than it's worth).

Though they haven't declared bankruptcy, a "commercial dispute" could easily mean their suppliers have turned off all their IT because they haven't paid, or the bank has shut their account for similar reasons. Just because they haven't declared bankruptcy YET doesn't mean they aren't in serious trouble. Especially if they can't tell you what's happening.

But, this is the risk of self-employment, which is more an opt-out from all kinds of employee and income protections (which still don't save you if you the company goes bankrupt, by the way!). There's a reason you "get paid more" - because you need a reserve of cash, have to fight your own battles, etc. which employed people get paid for them.

Yes, I've been self-employed. For 10+ years. Made a good living out of it, and I gave it up not for any reason relating to not being able to live off it, or being screwed over (I never used an umbrella company, though, but also never had a non-paying client - because a non-paying client isn't a client, they are a debtor). But if a client doesn't pay, you stop working for them and move on. If your umbrella company doesn't pay, you do the same. Pretty much, the excuse does not matter.

In fact, being self-employed, are you not perfectly able to approach your clients direct and ask them to employ you through any other umbrella or even directly? I'm not guaranteeing they'd even consider it, but if you're any good, they'll be glad to hear it surely? And if not, that's the price you pay for freedom of employment like that.

When you choose to opt out of being tied to particular company, client, job, task or obligation that you don't like, this is your price to pay for that flexibility and freedom - though nobody deserves to have their money withheld.

However if you want that freedom and then go back and tie yourself into a company to get the amount of work you need, surely that's the worst of both worlds - absolute reliance on a company that has no obligation to push any work your way? And to not have sufficient reserves to tide you over that is unrelated to self-employment at all - it just means you've not saved for ANY eventuality.

7
6

ISPs must ensure half of punters get advertised max speeds

Lee D
Silver badge

Re: Money talks

It's open to scamming, though.

You go away for a week, you stick a huge interfering electromagnet on the line.

The sync speed drops, they charge you nothing for the week, despite having to pay for all the infrastructure and capacity *IF* you'd suddenly decided to sync at full speed.

You come back off holiday, take the magnet off. You've saved yourself a tenner, they can't detect it, but they had to provide all the backend for it.

Same for each night, of throughout the day based on your desired usage.

Suddenly, they are required to give you 100Mbps backend 24/7 but you're paying precisely only for the a fraction of that, only in peak period, and nothing else.

You could save a lot of money, that wouldn't be visible as you turning it off, not using it, etc. for which they'd normally still be billing you, and it wouldn't be their fault.

Either cost it by megabyte with a "best efforts" line speed (the faster your line speed, the more money they make quicker, so it's in their interest to give you the fastest possible and give priority to HEAVY users!!), or cost it flat-rate per month for a given minimum line-speed.

Anything else is open to abuse, and it's already hard enough to recoup the pricing of telephone and broadband lines to rural locations, etc.

1
0
Lee D
Silver badge

It's a good idea.

There's no point having a specification if only a tiny portion of users ever achieve it.

Ofcom should have enforced this DECADES ago.

That said, pretty much I get the speed I'm promised:

Package - 75 Mbps

Min - 21.1 Mbps

Max - 73.2 Mbps

Avg - 55.7 Mbps

But that's probably because I have a SamKnows broadband monitor sitting on my router (isolated from the network, so all it can do it test outside speed, but it seems to make the ISP reaction times a bit quicker... :-) )

1
0

You only need 60 bytes to hose Linux's rpcbind

Lee D
Silver badge

Not being funny:

What Linux distro does not start from the equivalent of:

ACCEPT RELATED, ESTABLISHED

ACCEPT ssh <-- possibly!

DENY all

as default rule on iptables?

Even ufw has defaults that basically correspond to the same.

Who is installing rpcbind, opening it to the world in the configuration and then again in the firewall? Because, pretty much, the package maintainer ought to be shot if they are adding firewall rules, and the firewall package people who ought to be shot if they're allowing rpcbind to the world by default.

6
2

Waiter? There's a mouse in my motherboard and this server is greasy!

Lee D
Silver badge

Train the rodents to attack the infrastructure of your enemies.

Nobody would ever suspect...

"A rat brought down Google last night" is much less attributable to malice than cutting a submarine cable in the middle of a war.

11
0
Lee D
Silver badge

Re: I'm not surprised in the slightest

My dad has always worked for breweries, delivering beer around London, since the days of Watney's.

You ask him before you go to a gastro-pub for a meal, because he gets to see their cellars, where they often store all their food. You'd be amazed at what you find down there.

I mean, beer, you're probably alright with (it's in metal kegs, and gets pressurised through waterproof pipes, so the chances of contamination are low from a fresh keg), but whether or not the burger is cooked fresh in front of you or not matters not if it's sitting in moudly, damp, rodent-infested conditions.

A flash-cooking of, say, a pre-cooked burger like that can't kill everything it picks up, it just makes it appear edible.

6
0

Oh lordy, WD just SCHOOLED Seagate in running a disk drive biz

Lee D
Silver badge

Re: I'll never buy Seagate again

It's all anecdotal, and I've been having the same conversation for decades (remember Maxtor / IBM etc.?)

But when I took over my latest workplace they had Seagate in all their servers and all their NAS (some of which were brand-new).

Within a year, I'd had so many failures that I was sick of it and replaced them all with WD. I'd literally never done more rebuilding of RAID arrays in any other job until I took over those Seagate devices (and, yes, they were "enterprise" versions and not just cheap consumer junk). Even the Seagate replacements (I literally order identical model numbers when the server-drives fail, to get an exact match) died at just the same kind of rates.

Meanwhile the clients were all WD Blue and never had a single problem.

Since I replaced them all, I haven't had a single failure in 3 years, and I estimate there are probably 200-250 hard drives on site for various jobs (from CCTV to NAS to RAID to workstation etc.).

I always avoided the arguments of old (back in the IDE / 20Mb drive days) of which manufacturer was better as it was mostly subjective and we only ever had a couple of hard drives anyway. But I have to say that this place has completely destroyed my trust in Seagate drives.

I actually get better reliability out of the cheapest-of-cheapio SSDs that are used 24 hours a day than I did out of enterprise Seagate hard drives.

And, just for reference, I have Samsung / Crucial SSDs in dozens of machines, WD Blue in hundreds of machines, WD Reds in their dozens, plus dozens of IBM-supplied (HGST really?) drives for the "serious kit" on the server / storage end.

4
0

Having a monopoly on x86 chips and charging eyewatering prices really does pay off – Intel CEO

Lee D
Silver badge

Intel's had plenty of competitors over the years.

Remember Cyrix? Via? Now AMD are still around but they don't own anything near a decent portion of the market. Not because they couldn't, but because they haven't. AMD, to me, has always seemed one generation down. Even my completely non-techy bosses specify "proper Intel" (meaning not mobile or low-end i3 chips, and not AMD) because of their years of dealing with things even if they are removed from the end hardware. I can't say that I'll be the IT manager to disagree and change their spec (even though I have the power to do so).

In fact, Intel's biggest threat now is ARM. Their only ally against ARM is really Microsoft. While Windows doesn't "work the same" on ARM, Intel can maintain their position. But if Windows falls out of favour, or if the PC truly does start to die or being just a web device, Intel could be in real trouble very quickly.

I bought an RPi 3 the other day. Have you seen the speed of that thing, for a tiny 5v, 2A = 10W device? Your phone is ARM, even if it's Apple. Your tablet is almost certainly ARM if you paid less than a grand for it.

It's not a huge leap to imagine that in a decade or so, we'll be using Office 365 (harder to kill off) on mobile devices and non-Windows machines (Chromebooks, etc.) and the x86 will be the reserve of, say, gamers.

7
1

Straight outta Shandong cluster noobs set new LINPACK world record

Lee D
Silver badge

Re: ??

Gosh, I wonder how they can do better next year?

0
1

TVs are now tablet computers without a touchscreen

Lee D
Silver badge

Re: Chromecast

Any number of cheap knock-off Chromecast-like things will also do it.

But privacy isn't really an issue if - like mine - the Chromecast is only powered when the HDMI is selected, and is properly - like any client should be - restricted in what it can do (i.e. it can't see any of my local network). And, pretty much, I use it for showing Google Play movies on the screen.

If you're that paranoid, just use DLNA.

Needs broadband is ridiculous in this day and age. We're talking about streaming video, if you don't have broadband, your choices are severely limited anyhow.

Needs additional hardware - yes. That you can replace for £20 a throw rather than £2000.

For reference, I have a Chromecast, a VM box, a Blu-Ray player which can play DLNA, a Android-based satellite box that can do DVB-S for Freesat / Italian satellite. The TV, however, is as dumb as they come with only SCART and HDMI and an RF interface for analogue/Freeview that's not even plugged in.

TVs are display devices. Buying a TV because it runs the app you want or accesses the content you want is stupid, because someday it will stop working like the article. Buy a TV that has a port on it you can put video and audio down, put all your "content" on cheap, replaceable, throwaway boxes that you can upgrade and replace as suits the situation, that don't all need to talk to each other, and that you can add new ones of whenever you like. Even that Android will be out-of-date and unsupported in a couple of years, and then it's just a health hazard sitting on your local network.

Last time I counted, including games consoles, etc. I had about 10 ways to view BBC iPlayer on my TV. Everything from an app on a smartphone pushed over a Samsung proprietary link, to Chromecast from a browser, to the Blu-Ray/Wii having access to it built-in. When one goes "wrong", who cares when you have so many other ways to access, or so many other services to do the same. And my entire setup - with all those boxes and necessary cabling - doesn't come to half what that guy paid for his TV. Probably not even a quarter. And I've had the same setup for nearly 10 years now, and just added to it piecemeal (it is in fact the second Chromecast as the new ones do 5GHz Wifi, which the old ones didn't).

And I bet an Android-based Smart TV is much more privacy-infringing than a ChromeCast, if that's what you're worried about. You have absolutely no clue what that's doing with its data. At least a ChromeCast that you only use for watching ChromeCasted things you have a chance of isolating and seeing what it's doing.

10
2

'Grueling' record-breaking VR movie marathon triggers hallucinations

Lee D
Silver badge

Re: Thus neatly proving ...

Yeah, not something to put on your CV.

"I hold a world record."

"Really, what in?"

"Hallucinating periodically and nodding off, while sitting on a sofa eating finger-food for 48 hours".

8
0

Another ZX Spectrum modern reboot crowdfunder pops up

Lee D
Silver badge

Re: Why?

Most new TV's I've seen don't even HAVE Scart any more.

Multiple HDMIs.

And maybe a digital-only RF-in.

Honestly, go look at the back of the display models in John Lewis or wherever. An awful lot of them don't have SCART, analogue or composite at all. And VGA is almost dead too unless you're buying ones made for digital signage.

Also, the composite on Spectrum is a hack anyway. The original Speccy does not output composite without soldering. I think the +2/+3 had R/G/B in some fashion on a DIN plug (which tells you its age!).

0
0
Lee D
Silver badge

Re: Why?

As someone who owns three Spectrum's at the moment, including one that was re-jigged to include modern composite video via a ULA soldering-hack, new memory boards and new caps, let me just say:

Emulators are perfect. Just pick a good emulator.

Spectaculator on Windows, for instance, I can't find a single thing that it doesn't run - intended and unintended bugs and all. Does sound input from real tape, plays back to real tape while doing all the debugging and snapshotting and Multifacing and emulation/passthrough of everything from MIDI to the Currah MicroSpeech.

So, yes, you can do everything you ever want on emulation, including even TV raster simulation, curved screen, etc.

To be honest, though, RetroPie and a TZX file does just as good a job for any game you've ever heard of (I think it uses fbzx but there are lots of alternative cores for all the systems on it).

I wouldn't buy this, but then I wouldn't buy the Vega either.

And with RetroPie, for £30 on a Raspberry Pi and a handful of Xbox 360 controllers I already had, I can run every game I've ever owned, for every system I've ever owned, from one box which makes no noise heat or wiring mess, from a single menu, and it "just works" once you've done the initial configuration.

If anything, just wiring up the old Speccy's gives me the heebies-jeebies that I'll break them or discover they've stopped working, but they certainly don't add anything. And who has composite on their TV still nowadays? Certainly nobody has RF input anymore, certainly not one they want to faff trying to tune a Speccy into (because although it might output over RF, "modern" TVs that can still tune analogue TV have a hard time spotting the Speccy signal and it often requires a lot of fine-tuning).

Don't even get me started on trying to load from tape. Even on my original Speccy's I tend to just plug the audio cable into a smartphone which outputs the necessary tones from a TZX file in perfect, crisp sound rather than trying to get it back from an old tape deck into an ageing Speccy.

20
3

Seagate launches non-flying disk drive for drones

Lee D
Silver badge

Would be much easier to just slap in a wireless chip into the drone so you can just clone it to your laptop or even phone, and then you can just carry a wireless-connected drive of your choice rather than partner up with a terrible drive manufacturer.

As it says, 250 flights of an hour each. You aren't going to do all that without being near a computer at some point.

Years ago I bought a Wifi SD card, which has 32Gb of storage and also shares it over a Wifi network of your choice when it's full (e.g. to a phone or to a real network). Amazing technology for something that just works like an SD card to the recording device. I bought it for astrophotography, so I didn't have to touch the camera mounted to the telescope in order to access the images, but I'm sure they could come up with something sensible, much cheaper than a £200 drive, that basically only does what an £80 drive and a USB adaptor does.

And I can get a Samsung 256 GB EVO Plus MicroSDXC for £133. You're not telling me I'd need more than that. That's "only" 50 flights of 4K video by their same estimations.

5
1

Forums

Biting the hand that feeds IT © 1998–2017