* Posts by Doctor Syntax

16427 posts • joined 16 Jun 2014

How's that for a remote login? NASA puts New Horizons probe to sleep 3.5 billion miles away

Doctor Syntax Silver badge

Re: the data speed

In the days of ASR33s & 35s that speed was almost unimaginably fast.

UK.gov cuts deal with Microsoft to avoid £15m post-Brexit price hike

Doctor Syntax Silver badge

Re: It is not public cloud but private cloud Office 365

According to your link the data centres are in the UK but it's still someone else's computer.

As you stare at the dead British Airways website, remember the hundreds of tech staff it laid off

Doctor Syntax Silver badge

So the site was dead, not just TITSUP*

*Total Inability To Serve Up Pages

Doctor Syntax Silver badge

Re: The solution? Start with more outsourcing...

"stockholders are the problem. They want their money"

I don't know how this will work out for BA's stockholders but it didn't do too well for United; I see from the Beeb that they're down 3%.

Radio hackers set off Dallas emergency sirens at midnight as a prank

Doctor Syntax Silver badge

"Or they were phoning the emergency services, to find out why the sirens operated by the emergency services were going off."

And in the event of a genuine emergency those 800 people would have been occupying communications bandwidth better used in dealing with the emergency.

Doctor Syntax Silver badge

The sirens are operated by the emergency services and, presumably, not easy to avoid noticing when they're operating. So 800 people thought the emergency services needed to be told that the sirens had gone off!

Law Commission pulls back on official secrets laws plans after Reg exposes flawed report

Doctor Syntax Silver badge

"didn't they all drop out?"

Or stabbed each other in the back. Delete as appropriate.

Doctor Syntax Silver badge

"This is a consultation by an independent body instigated by a previous prime minister"

So the current prime minister will feel free to ignore its wimpish recommendations and go ahead with her own, properly robust, idea of what's needed.

Internet Society tells G20 nations: The web must be fully encrypted

Doctor Syntax Silver badge

Re: About f'ing time encryption was pushed as compulsory on the internet!

Between them it's up to the Internet Society and IETF to push it; introduce encrypted protocols and then deprecate the old ones. After all, they set they standards. Clearly they do need to make public presentation of the case but they need to do more than talk; fait accompli can be difficult to argue with.

Eric S. Raymond says you probably fit one of eight tech archetypes

Doctor Syntax Silver badge

Disaster magnet: Never does anything obviously wrong but nearby things start to fail. Identified as far back as punched card days when mere presence was sufficient to make the card handling machinery start to crumple cards.

Doctor Syntax Silver badge

Re: Clickbait

"If you are a Reg reader..."

And Dilbert reader. There's another.

Doctor Syntax Silver badge

A classification system that can't fail. If you can't find anything specific just use the catch-all, JOAT.

Subpostmasters prepare to fight Post Office over wrongful theft and false accounting accusations

Doctor Syntax Silver badge

Re: Horizon, I know it well! (Well did, and bits of it)

That description immediately raises one possibility because elements of it are all to familiar. It sounds as if all sorts of modules were producing the XML portion. And if they couldn't produce valid XML in some modules it's quite possible that they might also have failed to produce well formed XML. I've certainly experienced that in the past. We had to train the staff in the primary contractor's tame Indian S/W house to write well-formed XML. Periodically they'd rotate them out and the next thing we'd receive a new variant which mis-handled names such as O'Neil. In our system I'd make sure that file was rejected and feedback was sent up the line. But if some non-well-formed XML were allowed to fail silently...

A/C, you have my sympathy.

Doctor Syntax Silver badge

Re: Injustice

"we need to take a closer look at how our legislative and justice system let this travesty continue"

An obvious factor is that the cases are prosecuted one at a time. It makes it very difficult for the pattern to emerge before considerable damage is done.

Doctor Syntax Silver badge

Re: Words

"and the PHB's at the post office didn't care"

Maybe it's time they started. If the complainants establish their case and the prosecutions then get looked at the possibility of perjury charges starts to raise its head.

Gartner halves tech splash forecasts, blames the US dollar

Doctor Syntax Silver badge

Re: Out of interest

"How accurate do Gartner's projections tend to be?"

And did they make any money on the Grand National?

Who really gives a toss if it's agile or not?

Doctor Syntax Silver badge

It's worth remembering that it's the disasters that make the news. I've worked on a number of public sector projects which were successful. After a few years of operation, however, the contract period was up and the whole service put out to re-tender.* At that point someone else gets the contract so the original work on which the successful delivery was based got scrapped.

* With some very odd results, it has to be said, but that's a different story.

Doctor Syntax Silver badge

Re: Agile Expertise?

"I always thought that one of the key goals of agile is to be able to cope with clients who continually try to change the specs and architecture."

it works if you're able to exhaust their capacity to change; at some point they need to stop so you can deliver something. When politicians are the clients that's not going to happen this side of the heat death of the universe.

Doctor Syntax Silver badge

"I'm in agreement with the guy above - a dozen devs, a page layout designer or two, some databases. One manager to co-ordinate and no bloody jargon."

Don't forget a well-defined, soluble problem. That's in your case, where you're paid by results. If you're paid by billable hours it's a positive disadvantage.

Doctor Syntax Silver badge

Re: 25% Agile:

"Working software is the primary measure of progress."

What about training the existing users, having it properly documented for the users of the future, briefing support staff, having proper software documentation, or at least self documenting code, for those who will have to maintain it and ensuring it doesn't disrupt the data from the previous release? Or do we just throw code over the fence and wave goodbye to it?

Doctor Syntax Silver badge

Re: 'What's Real and What's for Sale'...

"On time, on budget, to specification: Put these in the order of which you will surrender if the project hits problems."

In the real world it's more likely to be a trade-off of how much of each to surrender.

Doctor Syntax Silver badge

Re: Government still spends an outrageous amount of money on IT

"There are only 60 million people in the uk ,so the amount of criminals is less than that."

Courts, at least high courts, seem to have enormous scheduling problems.

That's from personal experience. In the worst cases I've spent several hours on each of several consecutive days waiting to be called as a witness despite the fact it would have taken, worst case, about half an hour's notice to get from lab to witness box.

They need to schedule judges, barristers, barristers' juniors, instructing solicitors, witnesses and jurors. Whilst the sittings are built around the judges' schedules it's not always easy to estimate how long a particular trial will last and if one overruns then it might disrupt not only the remainder of the list but also other courts where one of the barristers or witnesses might be scheduled to appear. Add to that the fact that start of business can sometimes be held up as some other matter has to be urgently brought before the judge.

It's not surprising that magistrates' courts are the one thing they've sorted out - my limited experience there is that they have multiple brief cases so, although one might waste half a day, there's no "can you come back tomorrow?".

There could be a huge win by improving high court scheduling but I doubt it could ever be an easy job.

Doctor Syntax Silver badge

Re: 'What's Real and What's for Sale'...

"Usually I check something(s) in every day, for the most major things it may take a week, but the goal is always to get it in and working so it can be tested."

The question is - is that for software that's still in development or software that's deployed in production?

If it's the latter and your "something" just changes its data format you're going to be very unpopular with your users. And that's just for ordinary files. If it requires frequent re-orgs of an RDBMS then you'd be advised to not go near any dark alley where your DBA might be lurking.

Software works on data. If you can't get the design of that right early you're going to be carrying a lot of technical debt in terms of backward compatibility or you're going to impose serious costs on your users for repeatedly bringing existing data up to date.

Payday lender Wonga admits to data breach

Doctor Syntax Silver badge

Generic PR statement with omissions corrected:

We take issues of customer data and security extremely less seriously than making the biggest possible profit

Forget Mirai – Brickerbot malware will kill your crap IoT devices

Doctor Syntax Silver badge

Re: telnet??!!?

"WONTFIX. They say to install dropbear instead."

Which in turn has had its problems, e.g. https://www.theregister.co.uk/2015/02/20/250000_routers_have_duplicate_ssh_keys/

If someone is serious about bricking mass deployments of vulnerable kit upatched versions of that could be near the top of the list.

Doctor Syntax Silver badge

Re: Telnet really?

"but there are configurations out there that require telnet due to crap applications."

The problem here isn't telnet being used because it's needed. It's telnet being used despite not being needed or not having secure passwords if it is.

Doctor Syntax Silver badge

Re: I think the best way to describe this

"I think its a good thing, and there should be more of it, the only drawback is its dependency on central C&C."

Looking at the attacks they interrogate various aspects of the system although it's not immediately obvious what they were doing with it. The second one in particular collects quite a lot of detail. This puzzled me until I realised it wasn't a script running on the device, it was running on the C & C server which will be collecting intelligence on the devices being attacked. It seems quite possible that this is in part an analysis phase to design a worm which will brick devices a whole lot faster.

Doctor Syntax Silver badge

"Then why don't you hear about Kirby and Electrolux vacuum cleaners anymore"

Never heard of Kirby. But we have a Bosch branded vacuum cleaner, a Hotpoint branded washing machine, both bought fairly recently replacing Vax & Zanussi. Dishwasher is AEG. Freezer is Zanussi. I'm not sure how familiar these are in the US but they're all well known brands here.

One of the possible fates of good brands is that they can get asset stripped. Some firm of beancounters the brand and, not having any idea themselves of how to build an electric kettle* or whatever cuts corners to bring the price down and eventually ruins it. However the original owners who put in the work had a valuable brand and got paid for it.

*You may recognise recent experience speaking here. So far Amazon Basics looks like they've got their kettles built by someone who knows how to do the job better than the well-known brand. But then Amazon now have a brand to look after.

Doctor Syntax Silver badge

Re: Telnet really?

"Anybody that deploys any Unix computer with telnet installed and answering is a moron and should consider a career change."

The people deploying these don't know they're deploying a Unix computer. They think they're installing a gadget they bought in a box that says video camera, video recorder, thermostat or whatever.

Doctor Syntax Silver badge

"Unlikely as it would probably cost less to do a fly-by-night and reappear a few weeks later under a new name."

Rinse and repeat every few weeks until the market learns that no cheap devices survives for long? Fine if you want to keep driving round in a Robin Reliant van.

Build a brand that earns a good reputation and that brand is actually of value. That's where the big money is in the long term.

Doctor Syntax Silver badge

Re: @Doctor Syntax - make buyers more careful in future

"but of course then you are paying a lot more so that's a step most won't take."

It depends on how many cheap devices they buy and get bricked. The penny will drop eventually.

Doctor Syntax Silver badge

"Whats the probability that it was written/commissioned by someone who has been on the receiving end of a bot DDoS attack"

Or someone with a better device to sell clearing away the competition?

Doctor Syntax Silver badge

Re: Is it just me who is secretly applauding this...

"mostly it's just adding another headache in the lives of poor bastards that just want to automate their homes"

And the poor bastards who, by trying to automate their homes (in itself a solution looking for a problem) are becoming a headache to vast swathes of the internet. Look on it as overall optimisation.

As a lot of the targets of botnet herders and of this attack seem to be security DVRs it's likely that at least some of them will have been installed by "professionals". If someone prompting themselves as a security professional installs an IoT device without securing then their customer care operation deserves all the grief it gets.

Doctor Syntax Silver badge

Re: Is it just me who is secretly applauding this...

"Unless, of course, THEY'RE getting bricked, too, meaning you're damned if you do and damned if you don't."

That's the point. This is going to brick insecure devices in general. If you're making one of them you'll find both you and your equally insecure competitors are having your products bricked. In any case you're almost certainly just relabelling the same product as your competitors. If you don't tighten up your operation you're toast. And if they don't your competitors are also toast. Those of you who get wise have taken on some extra costs but you're still alive but, because you've all had to take on extra costs (either by your upstream vendor improving the product or changing to another vendor's product) you're all moving in step. It remains the same competitive market but at a slightly higher price until the extra cost has been absorbed.

The alternative is that the generic Chinese approach gets such a bad reputation so quickly that only well-known brands are able to sell by getting a non-bricking reputation. This could even be an operation by someone with a better product aiming to wipe out the competition.

At the moment it seems to be working on a thing by thing basis from C & C servers. If it gets turned into a worm it will propagate a lot faster.

Doctor Syntax Silver badge

Re: Is it just me who is secretly applauding this...

"a shedload of support calls and returned 'faulty' items might get their attention."

As Charles 9 keeps telling us, a lot of this stuff is bought on the grey markets which might make support and returns more difficult. However, it will affect reputations and make buyers a lot more careful in future when they come to replace the bricked items. That, more than anything, will grab vendors' attention.

And the oft touted argument of price competition between vendors really doesn't come into it. There's no point in being a penny or two cheaper than the competition if nobody's buying your product because it's known to get bricked.

Facebook's 'delightful' AI Clippy the Paperclip creeps into Messenger

Doctor Syntax Silver badge

Re: and it will be as broken as Google is

"Sometimes one feels safer knowing that there are no musical groups comprised of alto clarinets, bagpipes, banjos, and violas."

I think our local arts centre could probably assemble one at fairly short notice.

Staff, projects shed as Ubuntu maker Canonical tries to lure investors

Doctor Syntax Silver badge

Re: Reason to invest with Canonical

And do it all without snooping.

Doctor Syntax Silver badge

Re: Live by Linux, but it's getting more Windowsy every day

"Add to this the PITA of systemd. I know somebody will pick me up on this"

I will, but only to agree with you.

As to KDE you can turn all the fancy stuff off. Irrespective of whether it sucks all the performance out of the UI it's just down-right annoying.

Doctor Syntax Silver badge

"That was true until systemd came along"

Amen, brother. But there's no convincing way to argue that systemd is modelled on Unix.

Printer blown to bits by compressed air

Doctor Syntax Silver badge

Re: Air lines

Lab airlines aren't usually particularly vicious.

Chemicals OTOH... Because of the nasty biologicals that might be encountered we used chromic acid as a cleaning solution. The best way to impress a new assistant of the care they needed to take with it was to toss a piece of paper into it so they could see it disappear instantly.

'Amnesia' IoT botnet feasts on year-old unpatched vulnerability

Doctor Syntax Silver badge

Meanwhile someone seems to have taken an alternative approach to insecure devices: https://www.bleepingcomputer.com/news/security/new-malware-intentionally-bricks-iot-devices/

Outsourcers blamed for cocking up programmes at one in three big firms

Doctor Syntax Silver badge

Re: "talent models"??

I assume "talent" means "employees"...?

It seems to be the case. I came across someone describing himself as a talent manager. Probably HR finally got fed up of being called Human Remains.

Customer satisfaction is our highest priority… OK, maybe second-highest… or third...

Doctor Syntax Silver badge

Re: You lost my sympathy right here:

"what if your home has hard water"

It doesn't. In fact, when we moved here from High Wycombe it de-furred the kettle in about 2 weeks flat.

Doctor Syntax Silver badge

Re: Frankie SAY Relax

"Say", not "Says". Tsk.

You're thinking of the wrong Frankie. He meant Frankie Smith down the pub.

Doctor Syntax Silver badge

Re: BS 5216C:2005 Proof correction marks (Pack of 20)

Don't forget an adequate supply of stet.

Doctor Syntax Silver badge

Re-reading the comment, and bearing in mind where your story ended up, I wonder if it was a joke we all missed.

Doctor Syntax Silver badge

Re: tea please

"paper cup of hot water"

Hot? Luxury!

Doctor Syntax Silver badge

Re: "coffee please"

"in a cup that last saw a dishwasher"

Toddington services?

Doctor Syntax Silver badge

Re: "coffee please"

"I'll have a tea."

It'll probably be served tasting faintly of coffee.

US govt ceases fire in legal spat with Twitter to unmask anti-Trump 'immigration official'

Doctor Syntax Silver badge

Quite likely the arrival of Twitter's suit was the first anyone sufficiently high in DHS's legal department had heard of it and they probably went ballistic.

Biting the hand that feeds IT © 1998–2019