Re: An entire article blaming Microsoft...
"but they DID put a patch out there for a long-obsolete OS..."
AFAICS this was a belated recognition that they had no excuse for leaving an error like that unatched for so long.
16426 posts • joined 16 Jun 2014
Nothing's perfect. You're going to have to work on constructing the best system to fit your requirements. But why start with the least secure platform you can find? That's just plain daft.
And why set up a monoculture? Make different parts run on different platforms. It makes it harder to support? Well it also makes it a damn sight harder to attack and if you get attacked then you might find that your supposed ease of support was illusory.
BT pension fund would be fine if they hadn't decided to not ''take a holiday' from paying into it after privatisation.
"They" in this case is not BT. The guilty party was the IR/HMRC. It is thay who decide that a pension fund is overfunded and that continuing to pay would be tax evasion. They fail to take due note of the fact that investments can go down as well as up, as can interest rates.
The adequacy of funding depends on interest rates. The amount that can be paid out from a given level of funding depends on the interest rates. We currently have very low interest rates. To fund the liabilities of the pension fund at these rates is huge. The holiday was insisted on at a time when interest rates were much higher.
Tax inspectors pensions are a public sector Ponzi sceheme so they are immune to this sort of situation. Were this not the case they might have been les capricious about declaring holidays.
Presumably this money can be got back from the shareholders?
The consequence of the enforced payment holiday is that the business (AKA the shareholders) has for some years been making large payments for a considerable period in a vain attempt to catch up and is connetted to do so for some time to come.
"Efficiency and cost cutting are pretty much your only options"
Your IT systems then become they key to providing that efficiency. Your business becomes, as has been said in another comment, an IT business that happens to fly planes. Or another way to put it is that IT becomes one of your core competences. Becoming incompetent at that is stupidity.
"Let's get something clear here. a CEO may be accountable for the ultimate financial performance of a company - that is his job - but he is clearly NOT responsible for the success or otherwise of a particular DR."
He is - or should be - accountable or responsible, whichever you prefer, for ensuring that the CIO has taken whatever steps are necessary to ensure the proper operation of his side of the business.
If the CEO has lost sight of the fact that his business relies on IT for the moment to moment operation of the business (not just day to day) and not acted accordingly then he should cease to be the CEO.
There is still no verb "to architect".
Could you please suggest a pre-existing alternative.
The implication of the word is something at a higher level than "design" would cover, dealing with the overall form and how the components fit together but not quite the same as "specify".
If there isn't such a verb - and off-hand I can't think of one - then it might be necessary to devise one. Importing a word from one part of speech into another is a long established practice in English. All it requires is for enough people to do it so that it becomes accepted. Objections along the lines of "there's no such word" seem to be part of the process.
"The best moves have been the ones where a ground up review/re-write/rearchitect/retest have been part of the move adding new functionality, plugging gaps properly and properly re-testing."
And we all know what the chances of that happening are when the objective is cost-saving.
"When I was in part of the civil service in the 90s they changed travel expenses from 'per diem' to 'actuals' to cut costs."
You were lucky. Although I had to go to courts & crime scenes there always seemed to be some new IR reg that meant that my travel claim was invalid: start from home, should have started from the office, start from the office, should have started from home and that sort of nonsense.
"the chance of the software you use being available on Linux is about the same."
Yes, if Wine can run malware under Linux then it could also run your Windows software so the chances are indeed about the same. Looking for the equivalent native Linux applications is a much better bet.
Something tells me that's not the reaction you were hoping for.
"The prospect of getting ransomware is probably close to zero"
As a small population of users we're not worth targeting. If Linux were to take off then that would change. I do wonder, however, what would happen with Linux and MS Office running via Wine. Office would be as vulnerable to macros and I don't see why Wine wouldn't support Windows malware if it were introduced. Best stick to running native LibreOffice.
I've recently been looking at autosync via Webdav. Webdav where V is for Versioning. So if your file gets encrypted your last good version should still be on the server. The cost, of course, is providing adequate space on the server for multiple versions.
Another aspect of this is that the ransomware is going to make use of the file system; whatever it sees in the infected PCs file system it will have a go at encrypting whether it's local or remote. That will, of course will include anything in the autosynced directory. But, at least on Linux/Unix, running KDE I have the option of setting up a remote Webdav link in the Dolphin file manager. That doesn't, as far as I can see, appear in the file system at all; it looks like a directory to Dolphin but not to anything such as ls using normal file system semantics. I don't know if that facility is available in Windows or Macs; if it is it's less likely that ransomware will be coded to tap into it and follow it. On Linux it certainly is possible so adds an extra line of defence on top of Linux's advantage of being a relatively small targetmarket.
A third thing I came across is that LibreOffice (and, I understand, MS Office) can edit remote files by Webdav protocol so neither the client file system nor file manager need have the file exposed to them.
There seem to be a number of ways in which this protocol can be used to defend the actual files from ransomware. Just don't bypass it by also exposing the server as something that appears in the clients' file systems via SMB or NFS.
"Also, the airlines state, that devices with Lithium batteries should never be checked and only taken as hand luggage"
The first rule of panics is that the latest panic supersedes all previous panics.
The second rule of panics is that the countermeasures of the latest panic override those of all previous panics.
The consequence is headless chick syndrome.
"I find myself reluctant to just push off somewhere else where I'd have to start building the trust again."
It helps to work on multiple company projects and being able to liaise with staff in the others. That way you can collect a number of contacts who trust you before you even work for them.
"Once the dust settles I would see this as a victory for UK based IT workers"
And more than just UK-based but in.house.
Whether you're running a bank or an airline or anything else where the IT operation is essential to being able to function you have to regard IT as one of your core competences. Outsourcing it simply doesn't make sense.
It seems as if power failure has simply become the latest PR spokesnumpty's boiler plate to be used when even they realise "only a few customers were affected" isn't going to wash.
Or ... could it be ... all these "all the UK ran on renewables" and "solar accounted for more than nuclear" stunts were achieved by a bit of load-shedding?
"One question though, their tech support was outsourced to India, but was the actual work outsourced to Capita by any chance??
Its strange BOTH are claiming power issues."
Also the Pension Regulator's site has been offline for some time: http://www.bbc.co.uk/news/business-40057025 Was that a Crapita business?
Biting the hand that feeds IT © 1998–2019