Posts by I could be a dog really

Re: BT are the problem here

I don't blame the freeholder for that. With a previous work hat on, I managed a campus network on a science park. One time I went up, and the university (who also had a presence) had had a new service installed by BT - to say I was "unimpressed" would be an understatement. Had I been there when the work was done, I'd have given the people responsible a bit of a grilling.

They'd had to drill through a concrete slab floor above the services room - and right above the comms cabinets. Everything was covered in a thick layer of concrete dust - and presumably the insides of the UPS was as well (since that was fan cooled). And for good measure, the top covers of two cabinets were stoved in from not being designed to support some gorilla standing on it.

In the small block of flats I have a rental in, they've ignored the services closet, and just strung multiple fibres, using multiple CSPs, around the front of the building.

Too late !

Firstly, they'd have to completely replace ALL components that are under (L)GPL so that there is no GPL code left. That's a major job - basically starting from scratch with a different toolset.

And that would not absolve them of the requirement to provide source for the systems they've already shipped - meaning that anyone could continue to use that and adapt it as they want.

As the others, just don't. Don't inflict pain on yourself and the charity. Don't subscribe to a broken by design* email system.

Either go to someone small enough to care and actually talk to you if/when you have problems, or if you have some admin skills - run your own mailserver (though that isn't without it's own risks.) I run my own, and TBH I'd need a vary good reason to go back to useing someone else's.

* AFAIK, every major provider runs a broken by design system - in what universe is it acceptable to state "Yes, I've accepted that message for delivery" and then decide (based on vague "because spam" rules) to toss it in the bit bucket instead, leaving neither the sender nor recipient any wiser about it's non-delivery. Either accept and deliver it, or don't accept it - it's really, really not hard to do.

The difference back then was that they were "just another option" competing with several others. Now, thanks to some astute actions, and some (confirmed by courts) illegal actions, they've steadily killed off competition* and so they can now turn the screws and extract profits from their victims.

* While there are some alternatives, e.g. LibreOffice, in practical terms the whole M3653 ecosystem is so interconnected with complex and proprietary gaffer tape that there is no alternative for anything but small chunks of it. That's why they bundled Teams in - to make it the easy (and zero cost) option so as to kill off much of the markets for the competition, until (again, only after the damage was done) they were forced to unbundle it.

Re: Experts have always known and were ignored, as usual

You are seeing 2+2 and making the answer 5 there.

The original premise was "infosec person says $X must be disabled because ..."

Then someone says it's not infosec's place to say $X must be disabled - it's for them to bring it to manglement that $X is a risk, for $reasons, and here are $options. In that case, $X was incompatible with some certification the business held - but that doesn't automatically mean $X is incompatible with that certification, it could simply be that they need to revisit their specific certification to see if it can be updated if $X is in fact important to the business.

Going from memory, things like ISO9001 don't mandate you do something a specific way - but that you have a system which is acceptable AND you actually follow that system. If your system doesn't allow for $X then you can't use $X, but it may be that you can update your system to allow for use of $X.

Re: There is a simple fix - which will not be implemented

It does not matter what your network is, air gapping DOES NOT WORK. It gives a false sense of security, and makes things a little harder for adversaries, but it does not guarantee security.

Re: Nah

Meanwhile, back in the real world of small/medium business ...

"Various users" use direct SQL access for ad-hoc queries. Been there, done that.

If it's a "proper" database, then as already suggested, you properly apply permissions and/or create views to prevent such accidental deletions. In our case, the system used C-ISAM files and we used Informix to access the files behind the system's back. When we built the Informix databases, we'd create the tables in Informix, then delete the files and replace them with symbolic links to the real C-ISAM files. That worked well enough for us, especially after I found out how to automatically extract table descriptions and script creation of the whole lot in one go. It also meant that if any one did drop a table (no-one ever did, only 4 of us in IT used it - end users came to use for reports) it would only drop the symlink and do no harm.

Re: IPV6 over my dead salary

How many expensive network engineers would want to adopt IP when they only know [IPX|Decnet|AppleTalk|Sneakernet].

As already said, if someone only knows IPv4 and not IPV6 then they aren't a network engineer by today's standards.

But the main thing is that for the bulk of users - which would be the masses of home users - there is very little (if anything) needed to use IPv6. For example, most of the significant ISPs in the UK (Plusnet being a notable exception even though they ran trials many years ago and are owned by BT who do) do IPv6 as dual-stack with IPv4 by default - and the users just never notice. It's there by default, most OSs these days prefer IPv6 over IPv4, so that's why IPv6 adoption is now high.

Granted, it's a different situation for large business users - but they tend not to be sitting being a consumer grade CGNAT for their connection.

Re: What happens outside of a controlled environment ?

I wish I had more than one upvote for that - I was wondering if anyone would mention the requirement to pick up the "land mines" (I'm going to borrow that description).

And for us, there's also :

• Sticks (ranging from tiny mulchable twigs through to mower-stopping sticks) that fall off the English Elm next door

• Leaves (ranging from solitary to "lumps") that can go through the mower but might well be seen as an obstruction to be avoided.

• Get the strimmer out to go round the edges where the mower disk can't reach.

• Move the grand kids' stuff like the slide

• Lift the washing line out so you can just mow across where it's socket is

• Move the stuff that should be there, but needs moving to allow mowing - like some ornaments and a picnic table

As for the animals, we have four :

• One cat would hiss and spit at it, but ultimately move

• The other cat would be laid back enough to just ignore it

• One dog would come running back to daddy quivering

• The other dog would be barking at it to "come and play properly"

Re: How ..

the UK to pay an annual danegeld to the Afgan Govt to ensure the safety of everyone on the spreadsheet

Does anyone honestly believe for one second that the Taliban would have kept their side of the bargain ?

Re: Is Broadcom even suffering?

But plenty of companies would rather pay lawyers and fight to stick with someone who doesn't like or respect them

That's one interpretation, another is that to switch to a different tech stack is non-trivial and takes time and resources - how many times have we seen articles about such migration projects going wrong, and in retail, the Walmart-ASDA divorce comes to mind as a prime example. So I suspect in many cases it more a case of "we can't migrate fast enough, we need the existing supplier to support the systems until we're done".

In Tesco's case, it looks like they contracted based on assurances about future support availability - but Broadcom have decided they don't want to honour the contract. I think it's a safe bet to assume they have a plan that involves not using VMware long term.

Re: So how are the Apple customers going to get the money ?

But what you are missing here is that's it's not about "agreed to pay the price", but "has no choice but to pay the price".

In your contracting example, the agency you work for can choose between you and others - and realistically if there are multiple people available, at some scale you will be competing on price. So, for example if one contractor offers to do the work for (say) £200/day, but another wants £1k/day - who's going to get the gig (assuming both are reasonably equivalent in capability etc.) ?

Then let's look at the agencies. If one wants a 100% markup, but another will accept a 50% markup - again assuming similar qualities, who's going to get the gig ?

Same with the company the agency contracts to, and same again with the supplier.

The key thing is that at all stages there is a market - except in some very niche areas where skills are very scarce.

But in the Apple walled garden, there is no market - Apple dictates how much commission the app developers will pay and the devs have no alternatives they can go to who might offer better "value" (for some developers idea of the balance between services provided and cost.) Because Apple prevent any competition, they can get away with what most consider to be excessive fees - and also dictate what devs must do (e.g. also forcing devs to use Apple for any in-app purchases which means more commission and separating the dev from knowledge of their users.) And if dev costs are artificially inflated, then that gets passed onto customers who end up paying more than they would if there were a functioning market.

Those last few words are the key thing. It's not about the absolute cost - it's about whether there was a functioning market, and if not (as has been declared the case here), whether people paid more as a result (also ruled to be the case here.)

Re: Imagine there is a complete outage of a region

I took it as meaning "I didn't notice anything as I don't use anything that was affected".

Guess what, "I" didn't know until I read about it. But then, I don't have any of this IoT crap - except for a few bits I lost the power of veto over (there's an Echo Dot in the other room) and don't generally use.

Re: Art for art's sake, Money for God's sake

It sounds like they are only claiming creative works on things like the icons, documentation, etc. So essentially saying, if we lose on the licensing issue, you'll still not be able to use the software - with an implicit "unless you remove all the creative works".

I'm not sure why nobody ever did a dead easy mass-market-friendly Linux thin client that just turned a low-end PC into an X terminal, but it I've never seen such a thing.

Does Linux Terminal Server Project fit the bill ? Only been going for ... ooh ... decades ! OK, it's not a turnkey "boot up an X server" system, but that's the ideal application for it.

Re: Proprietary software and its consequences.

If you read the article properly, being proprietary is really irrelevant - exactly the same technique would have worked against a FOSS system implementing the same facility.

Re: Staggering? Ha!

This one wouldn't.

I was amazed to get this far down the comments before someone else said it - I am not in the least surprised either. I would imagine a lot of this is "legacy" "it works, c.b.a. looking at it again" stuff - unloved, unfunded for management or updates.

And that's when you consider people who actually have a clue. Once you consider how many people, including business managers, don't have a clue - then it becomes even less of a surprise.

... that exposed the proxy cache, complete with login names ...

That's into BOFH territory. I'd have at least replaced user names with "*"s for a short time to spare the guilty.

Re: BT is still at it!

Absolutely. I too have been on the sidelines for a long time - some of it as an end user, some of it managing services for clients. Remember when ISDN-2 had a £400 install fee, and they did a £200 limited time offer. Rumour had it that they had a very big order, but the rules prevented them offering a discount to one customer - so they made it a national offer.

To be fair, the regulator does have a bit of a tricky line to walk. Too restrictive and they are accused of helping to keep prices too high for end users. Too lax and they are accused of allowing the incumbent to damage competitors. I think these two area overlap somewhat in the middle - so they can be accused of both at the same time.

Looking back to when ADSL arrived round our way. For a long time it looked like we would not get anywhere near BTs target for expressions of interest - for a while I kept checking the numbers on their website and putting posters up at work encouraging people to sign up. For a long time, price was a disincentive - ADSL cost a lot more than using dial-up. I recall getting a flyer through the post from an outfit who could offer a 2Mbps symmetric service over 2 copper pairs - and IIRC the price wasn't bad. Then BT slashed ADSL prices - good for most end users/consumers, but pulled the rug from under said alternative outfit as their offering was now sufficiently more expensive than ADSL that I suspect they would fail to reach a critical take up. I never heard any more from them.

Was the regulator right to allow the massive price cuts ? Hard to say how things would have panned out if they hadn't - it killed off a few potential other offerings (e.g. 2Mbps symmetric without charging two arms and two legs), but it massively increased uptake of ADSL and benefitted lots of consumers.

Re: You'd be amazed...

The two don't have to be exclusive.

I too am in the "buy the disk and rip it" camp - but I also use some streaming to find new stuff, try out other stuff, ...

Re: Redmond argued schools, education authorities are responsible for GDPR

If Microsoft makes it impossible then maybe they shouldn't be using Microsoft products.

There are multiple problems, but the fundamental one is that MS lies about their systems. For decades, they've claimed you can use their 365 ecosystem and "all you need to do is set your data storage to be in the EU". Those who understand this have always understood that this claim was a steaming pile of manure - only now are the cracks starting to appear, like this ruling, the recent admission to the French, and the like.

But don't expect the authorities to actually do anything - by playing the long game, MS now have government sized customersvictims over a barrel. By repeatedly choosing convenience over safety, "the world" has allowed itself to be led down a path that now sees us stuck - to "not use MS" would now be excruciatingly painful and expensive for too many customersvictims and so they continue to choose convenience over long term safety.

Re: Cast not blame unnecessarily

You mean, like 1 in 7 of the male population ?

The EPO button should be very clearly labelled, and have a cover such that it needs positive action to press vs. the door release that can be open and easy to hit.

If they don't appeal, the case sets a precedent.

Plus, the fine can sit there on the file, just waiting for the company to do something putting it within reach. For example, if they start selling services to agencies over this side of the pond - and then suddenly there's a business entity that can be held to account.

The deliberately lose multiple satellites/day when they reach end of life. As the article says, they use massive numbers of them. If you have a fleet of 30k, with a lifetime of (say) 5 years), then you will be replacing 30k/5 = 6k/year, or getting on for 20/day. It's clear that a modest increase in bird life would have a significant impact on economics.

There are many reasons for a bird to have a limited life - fuel capacity and technology development would be two of them. Power should come from solar panels, but then they probably need batteries to even up supply and demand variations - so add battery life to the mix as well.

Re: Cables in the sky?

Nice idea, but in practice would involve significant latency (variable), and frequent dropped or repeated packets as the sky cable reconfigures. At low altitude, the satellites would be whizzing every which way, meaning a mech that's constantly reconfiguring - hence latency that's constantly varying depending on the path taken, and lost or duplicate packets (or just delayed) each time the mesh reconverges. The only way to avoid that is using geostationary birds - but then you get the 2 seconds or so latency that used to be so much fun with transatlantic phone calls.

Re: Caller Id

It WAS doable in the past, they just CBA to do it.

All it would have required would be contractual clauses along the lines of "we'll accept calls from you, you have to assure yourself that any CLI is genuine - and if it turns out otherwise, you compensate us and/or you find yourself blocked". That shifts the onus - other telecoms companies either clean up their act or find their customers get a recording along the lines of "Sorry, but your call to the UK number is blocked because your telecoms company is a bunch of sheisters" (or more polite words top that effect.)

20 years ago, that would have worked as the companies involved would have been big enough for it to matter.

.

Now it's a lost cause. Every man and his dog can operate some sort of IP based phone setup. While it might possibly work if all the big businesses applied similar rules, I suspect there's just too many players now for it to work. With a previous work hat on, we were a reseller for one of the early IP telephony providers in the UK. If one of our customers wanted custom CLI, then the process was that they had to show us documentation to show they legitimately "owned" the number, and we'd approve that with the provider (via their portal.) Of course, our own telephony was as a "customer" of our reseller account - so we could have done pretty well anything unless they has some other checks in place (don't know, we never tried anything naughty.)