* Posts by DonL

87 posts • joined 13 Mar 2016

Page:

Holy moley! The amp, kelvin and kilogram will never be the same again

DonL

Re: And as usual...

"There's always an appropriate xkcd..."

Perhaps it was part of the point of the joke, but the definition of the pound is actually linked to the kilogram:

"Various definitions have been used; the most common today is the international avoirdupois pound, which is legally defined as exactly 0.45359237 kilograms"

https://en.m.wikipedia.org/wiki/Pound_(mass)

Scumbag who phoned in a Call of Duty 'swatting' that ended in death pleads guilty to dozens of criminal charges

DonL

Re: So the police bear no responsibility ?

The gun laws laws, where everyone can just unexpectedly draw a gun, make the police very nervous. I can't see this happening so easily in countries with strict laws.

In the two years since Dyn went dark, what have we learned? Not much, it appears

DonL

Bind/Named

Personally I don't understand why anyone would use a DNS service instead of using Bind/Named on one or multiple cheap VPS servers (from different providers) for something this basic/simple.

These days it seems like it even the basic stuff is getting to difficult for a lot of people, which is quite sad in my opinion. (I don't mean to offend anyone though.)

Don't make us pay compensation for employee data breach, Morrisons begs UK court

DonL

Re: You shouldn't be able to get to there from here.

"It it further means there needs to be an air gap between internal systems holding sensitive data and anything with a public internet access then that would be a good thing, too."

That would indeed be the only way to stop this kind of thing from happening.

It would be helpful if they included these requirements in EU laws or guidelines. I don't think a lot of companies are doing this currently and it is therefore extremely easy for rogue employees to leak data (Either by email, http upload, ftp or USB). Also, employee privacy laws make it very difficult to detect these kind of things.

Vodafone hounds Czech customers for bills after they were brute-forced with Voda-issued PINs

DonL

Credit limit?

Pay by SMS may be handy to pay for an € 1 app, but it's way to fraud sensitive to allow the payment of large amounts. If Vodafone didn't impose a suitable limit (€50 for example), then that's negligence on their part.

Oracle trying hard to make sure Pentagon knows Amazon ain't the only cloud around

DonL

Nuclear bunkers

Perhaps it's already a contract requirement, but I'd put my datacenters in nucleair bunkers.

In my opinion it would be naive to think a commercial entity could keep your operation going during wartime since it would be an easy target.

Lacklustre HPE storage sales fail for flash fans

DonL

Last time I checked flash storage was still incredibly expensive at the major vendors.

But if you build your own storage, then flash isn't that expensive at all. (Think Supermicro with some affordable Enterprise SSD's from Intel/Samsung/Micron etc.)

Sure it takes a bit of time (not that much though), but the savings are huge.

It's a net neutrality whodunnit: Boffins devise way to detect who's throttling transit

DonL

"an excessively congested link will see packets dropped when their time-to-live (TTL) expires."

I don't think that's true. When a packet passes a router the TTL is decreased by one, when the TTL reaches zero the packet is discarded. This is done primarily to prevent packets from ending up in an endless loop. Additional time spend in the buffer does not decrease the TTL any further as the TTL is not actually time related.

What happens with congestion is that the buffer of the router fills up because the packets cannot be forwarded fast enough, when the buffer is completely full new packets are discarded as there is no free memory to store them in.

You want how much?! Israel opts not to renew its Office 365 vows

DonL

Re: £££££££££££

"I don't know why governments are even entertaining the move over to subscription services like O365"

Because MS has made the on-premise version more expensive than the O365 version, even though the on-premise version is included in the O365 version.

Therefore we subscribed to the O365 version, even though we're not using the online stuff at all.

You basically can't fight MS as long as the users (unaware of the pricing) keep shouting that they need MS Office "since that's what everyone else is using" (their words, not mine).

Schools (which are paid by the government) are also facilitating this by teaching everyone how to use MS Office and providing copies of MS Office at an extremely reduced price.

London's Gatwick Airport flies back to the future as screens fail

DonL

Re: 4G

"What LGW should have done is go with an an ISP who have a brilliant tie in with a mobile provider and could offer a decent 4G service incase the redundant cables to LGW were cut."

Which is exactly the type of connection we ordered from Vodafone (not in the UK though). When the fiber cable gets cut, the IP block automatically gets routed to the 4G connection.

For our branch offices we use 3 WAN connections from 3 different providers (2x VDSL2 and 1x 4G), so the IPSEC tunnel is automatically rerouted over another connection when the current connection goes down. This all for €150 p.m. connection costs in total with a € 300 Ubiquiti Edgerouter Pro. (per branch)

I guess airports lack the creativity and freedom to implement such rather simple/cheap but very effective solutions.

Home Office opens AWS cash firehose a little wider with police IT deal

DonL

Re: Icon

"And in other news, the RAF will be renting its F-35 frontline fighter jets off Lockheed Martin and Theresa May will be renting her shoes off Marks & Spencer using her existing M&S account."

That would actually make more sense since, unlike your virtual servers, your jets and shoes can't instantly disappear. But if they could then that could suddenly leave you without jets and shoes in the middle of a crisis and people would understand why renting them would be a bad idea :)

DonL

Putting your matters of national importance in the datacenter of a bookshop...

Whatever money they're hoping to save will be lost in a blink of an eye if anything goes wrong or was overlooked, and it'll cost years trying to fix the mess.

IPv6: It's only NAT-ural that network nerds are dragging their feet...

DonL

Mobile devices / 4G networks

As far as I know of, none of the mobile networks support IPv6.

Even if I just wanted to use IPv6 for my home network (to extremely simply the example), I wouldn't have any advantage of it just because of lack of support on 4G networks alone. Dual stack basically means double work and no advantages.

I used to be very enthusiastic about IPv6 back in the days, but there are so many showstoppers it's not funny.

In retrospect, it would've been better to just cram the additional adress space somewhere in some(rarely) used IPv4 field or something (with an prepend part and append part), so IPv4 carrier routers could just route it. Then support between the client and endpoint router would be sufficient to bring advantages. Then later, the prepended adress space could be used by the carriers when they're ready.

Sure the protocol would look ugly on paper, but in the end it wouldn't really matter.

Brit spending watchdog brands GP Primary Support Care a 'complete mess'

DonL

"Because there are no/insufficient people capable of framing contracts properly"

I doubt it can be done for anything remotely complex, everyone has their own view and even the users sometimes don't know what they actually want/need or their individual needs differ. When doing things in-house you can often just be flexible, with outsourcing it suddenly needs to be 100% specified which leads to new contract negotiations for the changed requirements. Since there already is a contract in place you're left to mercy of the outsourcer, this often doesn't work out very well at that stage.

Heatwave shmeatwave: Brit IT departments cool their racks – explicit pics

DonL

Temperature ratings

For these reasons, when purchasing network equiptment, I now take operating temperature ratings into account. Some equiptment can accept very high temperatures, making additional cooling during summer unnecessary.

I never had to use a fan or had heat related outages, but I know these small patch racks can get quite hot at times.

No one wants new phones – it's chips that keep Samsung chugging

DonL

Re: Less nonsense, more useful features.

"the first decent phone in a long time that gives you more than 1 lousy day of battery life."

The Huawei P10 Plus gives me 6 hours of screen on time in addition to standby all day long (7:00 in the morning untill past 0:00) with lots of apps open. It has 128GB storage, 6GB ram, IR transmitter, SD card slot and fingerprint reader (which can also be used as home/multitask/back key) on the front.

I used to have a Samsung phone, but these days their only priority seems to be the edge display/looks.

Kaspersky Lab's move from Russia to Switzerland fails to save it from Dutch oven

DonL

Re: Having come up against Kaspersky's DRM...

"To me at the end of the day code inspection doesn't matter unless you're able to make sure the code you inspected is actually the code that is being installed(along with any updates). "

In the Dutch mail they have sent to their customers, they state that the compile process will be verified by an independent organisation.

Airbus CIO: We dumped Microsoft Office not over cost but because Google G Suite looks sweet

DonL

"company officers can be imprisoned."

That is not true:

https://www.whitecase.com/publications/alert/new-eu-guidelines-data-protection-officers

"the GDPR does not lead to individual liability of the DPO for non-compliance by the business"

The cloud provider I have checked didn't accept responsibility for fines if data leaks because of errors on their side. However they claim they fully comply of course..

In other words: Storing your data elsewhere can be very risky since you have to take full responsibility for your suppliers.

DonL

Putting your sensitive data in the cloud..

Especially for a company that is so knowledge intensive, I find it strange that they would want to put their data elsewhere outside of their control. You can never really know for sure if anyone else is reading/copying your sensitive documents.

Also, can't employees very (too) easily login from their home PC and download the documents? Normally you'd have multiple independent lines of defense (firewalls, logging, tokens, access rights), so people that don't need to work from home are unable to access their documents at all when not at a physical terminal in the company.

I don't know about the controls O365 or GSuite provides, but for me it would be a major concern. If anything unexpected were to happen, the company could go down in no time..

It seems to me the CIO might be right feature-wise (I don't know), but he seems dangerously optimistic about this.

How do others view this?

Dumb autonomous cars can save more lives than brilliant ones

DonL

Estimates

The problem is that "10 per cent better than humans" is an (probably optimistic) estimate and it may very well end up being worse than humans. If they think it's 90 percent better then it's probably still optimistic but at least going to save lives.

I'm all for adding safety features (i.e. automatic breaking) to cars, but fully automatic driving still seems like a stretch at this point.

Guess who's now automating small-biz IT jobs? Yes, it's Microsoft

DonL

"manage things like patch deployments and file permissions on staffers' Windows boxes, but also set and revoke permissions and accounts on Android and iOS devices through MDM tools and controls for Office 365."

So it's just a management product like all the others, a lot have MDM integrated these days. Effectively the impact of this product is zero. Zenworks, for example, is easy to install and super stable (runs on Linux). It does all of this and more.

I heard sometime that the MS equivalent (can't recall the name) is a horrible beast and it's very time consuming to manage, so if you're a MS only shop their new product might be an option. For the rest of the world the problem was already solved by other products.

Knock, knock? Oh, no one there? No problem, Amazon will let itself in via your IoT smart lock

DonL

Pickup point?

In the Netherlands you can just have your package delivered to a pickup point (there are many!) and then just pick it up there. Some are even open until 21:00 and you get a notification on your smartphone when the package is delivered. Problem solved. I use this service exclusively so I don't have to be home or get up early etc.

Legacy clearout? Not all at once, surely. Keeping tech up to snuff in an SMB

DonL

Re: Consultant inception

"Is there a consultant consultant we can consult to pick the right consultant?"

Exactly, everyone recommends the stuff they can make the most money with anyway.

Walmart tells developers to stay away from AWS

DonL

Here is an idea

Why not just put your most valuable data on your own servers and be in full control?

Personally I don't understand the obsession of some companies to put everything in the cloud and have a huge problem everytime a vendor messes up, changes plans, declares a product end of life, increases profit by decreasing support, goes bankrupt etc.

You then have all of your IT people shouting at the sideline hoping someone else fixes it.

HPE ignored SAN failure warnings at Australian Taxation Office, had no recovery plan

DonL

I've seen more often that a SAN vendor (not HP) dismisses alerts as unimportant. As a customer you then have to keep insisting on parts to be replaced and eventually they'll do it.

I can imagine that if they didn't pressure them, they effectively ended up with a SAN with one failed/unreliable component and thus no redundancy. If one more thing then happens, the entire SAN may go down.

As for the cloud, statistically it's only a matter of time before a major outage will happen. The number of storage related failure notifications and outages I have seen is alarming (kudos to them for full disclosure though).

In my opinion you're best off with running your own datacenter and keeping everyone sharp, even though it's obviously no fun pointing everyone on their mistakes and sometimes cancelling contracts if vendors don't improve.

Does Microsoft have what it takes to topple Google Docs?

DonL

Re: "they don't need to deal with geeks"

"Persuading the bosses - in particular, the ones in head office abroad - to spend money on servers they can't see, that don't obviously bring in revenue, is hard. Far easier to slip it under the radar in the form of operating expenses on a monthly basis, and for the most part, better for the company."

It's called leasing, and afterwards you get to keep them and they just keep on working without the monthly costs.

Huawei P10 Plus: The bigger brother is the real contender

DonL

Re: Ins and Outs

"An infrared "blaster" and infrared sensor are two different things. Which is it?"

Both actually. It doesn't seem to be mentioned anywhere, but you can use the sensor to program a button in the remote control app by just pressing the button on the original remote control while pointing at the sensor.

The app also contains a rich database of devices, it even includes airconditioning units. But you can also just use the Peel app instead of the Huawei app, if you prefer that.

Linux kernel gets patch for 11-year-old local-root-hole security bug

DonL

Re: SKB?

"downtime n. The period during which a system is error-free and immune from user input. Compare UPTIME. See also CRASH."

No need for that anymore with kernel live patching. Canonical offers it for up to 3 servers for free and Kernelcare.com is so affordable that the hassle to manually update and reboot isn't worthwhile anymore.

So you want to roll your own cloud

DonL

Re: Been there, done that ... Got ProxMox

One thing I always notice when comparing cloud offerings is that the companies using VMware (for example) instead of open source are pricing themselves out of the market. The turnkey/ease-of-use part of the solution comes at a huge cost. And it seems that the really big ones are able to negotiate deals that are impossible to achieve for smaller parties.

I've also compared offerings before and from a price/functionality/ease-of-use standpoint Proxmox seems to be ideal.

And there seems to be at least one company offering billing functionality (I just googled quickly):

https://hostbillapp.com/features/apps/proxmox.html

Microsoft Germany says Windows 7 already unfit for business users

DonL

Re: Enough Whining.

"Wine lists InDesign 7 compatibility as "garbage"."

The report you link to says: "The test results for this version are very old, and as such they may not represent the current state of Wine."

And the newer version (CS6) is gold. (The single bug that was mentioned has a solution, in case you mention that)

But again, feel free to stay with Windows if it works for you. No need to bring in false arguments.

DonL

Re: Enough Whining.

"So tell me, how precisely do you run Adobe InDesign on Linux?"

With Wine:

https://appdb.winehq.org/objectManager.php?sClass=version&iId=26506

And I bet there are alternatves too that run on Linux natively.

But feel free to stay on Windows, I'm just answering your question.

IBM Australia didn't stress-test #censusfail router and blocked password resets

DonL

I guess they figured it would sound dumb if they admitted someone simply forgot to save the configuration. And now people could draw the conclusion that it might be a router failure.

The cloud is not new. What we are doing with it is

DonL

Re: Not what was promised...

It needs to have a real standard to become a commidity. Only once you are able to (continuously) replicate incremental VM/storage snapshots among cloud providers and your own datacenter and are able to live migrate VM's between clouds and your own datacenter, then the cloud will be ready.

Until then, (unless you have a very specific business case) it's best to stay on-premise and just wait it out.

Dyn dinged by DDoS: US DNS firm gives web a bad hair day

DonL

Re: Redundant DNS providers

"The problem in this case is that DYN is the host for these domains which are spread over many servers."

Exactly.

The ONE thing cloud is ideal for: Rent 2 or more VPS servers at DIFFERENT providers and let bind take care of zone transfers. And then even the big names mess it up.

HPE tops in tape. Yes, tape is still a thing

DonL

Re: ribbons of trust?

And with the physical write protect switch enabled, little can go wrong during a restore.

The IRS spaffed $12m on Office 365 subscription IT NEVER USED

DonL

Re: Not just government

"Our group IT moved us onto Office 365 a while ago, but I'd be willing to bet >95% of employees aren't even aware it exists."

We bought Office365 licenses too, but only because it is cheaper than on-premise-only but includes the on-premise Office licenses as well and is licensed per user (instead of per install, which is tricky to track). We never used or activated the online part.

Are they sure the government didn't do the same?

Cyanogen mods self away from full Android alternative

DonL

McMaster

McMaster kind of destroyed the opportunity for them by making wild statements and overplaying his hand.

I don't see how they are going to regain trust again.

Y'know that ridiculously expensive Oculus Rift? Yeah, it just got worse

DonL

Re: Fools tax

"> "Personally I'd rather pay the extra and have it for a year sooner."

"Sensible people wait"

There is something to be said for both, depending on how much you want something. Some people really want some specific kind of car where others couldn't care less about. Some people really want some phone that others couldn't care less about. Etc.

Who cares, for each his own :)

US govt pleads: What's it gonna take to get you people using IPv6?

DonL

Re: Pot / Kettle

"I want those things behind a NAT router, not directly exposed to the Internet."

NAT doesn't matter, with IPv6 you can still just block incoming connection using connection tracking (just like NAT does) and have the exact same level of security even when every internal system has their own public IP address. Most consumer routers with IPv6 support are configured like that on default.

The problem with IPv4 is that (because of the IP shortage) eventually your provider will start doing NAT and your own router won't even have a public IP address unless you pay a premium. It already happened on the mobile network, so your phone doesn't have it's own public IP.

Not that a lot of people will care about that unfortunately, unless you want (for example) to run your own servers or use IPSEC properly.

6-in-10 punters return their self-destructing Samsung Galaxy Note 7

DonL

"No. Samsung is the manufacturer of the device, but they don't have remote access to it."

They can just roll out a firmware update to shut the effected devices down. The user will still have to accept the update, but most will accept it eventually.

Also, when a Samsung account has been configured on the device it gives them a lot of control. (Remotely push applications, unlocking, factory reset, etc.)

EFF dinks HP Inc finks in rinky-dink ink stink

DonL

Word of the month: anti-feature

"Something that works against your customers' interests"

Brilliant!

Windows Server 2016: Leg up or lock in?

DonL

Re: It's an Azure push

"Look at how quickly CIOs heard the OpEx siren song and switched to Office 365."

We bought the Office365 licenses just because it was cheaper than the on-premise-only version but includes the on-premise version as well. We never activated or looked into the online part though.

MS is obviously just playing weird licensing games to push their agenda. You pay top-dollar for crappy software that doesn't even include support.

Are you sure you want to outsource IT? Yes/No. Check this box to accept Ts&Cs

DonL

Re: 30 days notice is good....

"30 days notice is good"

Try finding an alternative, migrate all of your data, change your business processes where needed and training your users, all in 30 days.

Good luck with that!

Official: Cloud computing is now mainstream

DonL

The missing details

Surveys like this may make it sound as if everyone is moving to the cloud. But the survey questions are usually phrased in a way that if you run just one insignificant thing (out of dozens) in the cloud, you have to tick the "Yes, we use the cloud" box. Then the outcome is portrayed as a big win for the cloud, even if actual usage would be minimal.

Which is why I don't participate in cloud surveys as the outcome doesn't reflect reality in my opinion.

HP Inc's rinky-dink ink stink: Unofficial cartridges, official refills spurned by printer DRM

DonL

Re: My printer not HP's

"True, but wouldn't it better if it simply voided the warranty (toggled a bit somewhere) and then worked anyway?"

A lot of HP printers count the number of non-HP cartridges inserted. The number can easily be seen through the web interface of the printer. I don't know about the implications it will have for warranty, but it can't be good.

Skype shuts down London office, hangs up on hundreds of devs

DonL

Re: So, any suggestions for alternatives?

"What we really need is:

- Cross Platform

- Open Protocols

- Standards Based"

Check out Matrix.org in combination with Vector.im clients.

Works great, it is open source and works in a distributed way so you can run your own server (if you want) and still communicate with everyone.

Alleged buggy software wrongly flunks wannabe lawyers from bar exam. What happened next won't shock you

DonL

Re: Quite common in my experience

"Maybe some questions count for more than others"

Correct, they often assign a different weight to certain subjects. I agree that it's not always transparent. But with the complexity in scoring, there is an increased risk of errors.

Makes me wonder whether the lawyers didn't just marginally pass the test and a small error (wrong weight assignment) made the score a fail instead of a pass. I wouldn't want to sue and have my name mentioned in the court documents in that case though ;)

Azure is on fire, your DNS is terrified

DonL

Re: The cloud strikes again

"6: Gmail is perfectly good and reliable. Why host something in house that's not quite as good?"

If a customer has problems sending email to us, I can see exactly what is going on. Also I can often work around the issue even if it's a problem on their end like wrong SPF records or faulty TLS configuration. I can even proof a message was delivered to someone in case there is a dispute (like someone (falsely) claiming an email was not delivered, which could have otherwise had financial/contractual consequences).

That can be difficult in the cloud.

DonL

Re: The cloud strikes again

"3: You reasonably assume that a large company who specialise in providing infrastructure will be better than you at providing infrastructure."

Large companies have large company issues and a complex and constantly changing infrastructure. Also, some people working there are good and some a less good (who will mess stuff up).

If you don't need the complexity than chances are very good that you can build a more reliable and more cost effective infrastucture yourself.

Page:

Biting the hand that feeds IT © 1998–2019