* Posts by Lotaresco

1501 publicly visible posts • joined 24 Sep 2007

Akamai: We stopped record DDoS attack in Europe

Black Helicopters

"Eastern Europe", Hmmmm

I'm left wondering if it was a "State Sponsored Botnet" that was responsible.

UK internet pioneer Cliff Stanford has died


Among the good things he did

The most notable good thing he did, the one that earned him a suspended jail sentence, was revealing the extent to which Shirley Porter had gone to conceal her assets of £34 million. She was facing a surcharge of £43.3 million due to her role in the "Homes for Votes scandal". Porter had transferred most of her wealth to other members of her family and into secret trusts, and had claimed assets were "only" £300,000. Cliff received information that showed where most of her assets were which lead to her having to settle her debts.


Re: Sad news.

It got worse when Thus plc introduced their "Crap Legal Team[1]" and started to accuse good customers of aggravated mopery and demanded that we all indemnify Demon for its legal costs - without limit. I voted with my feet at that point. It was obvious that under Thus, Demon had become one of the corporate walking dead.

[1] Mutated from "Crack Legal Team" by the users of demon.service


A proper entrepreneur

More than slightly eccentric and driven to achieve something. His Rolls-Royce fixation was much commented on and in the early days Demon made customers feel part of the team. I wasn't in the first 130 but I was one of the early customers in the first 200. I learned a lot at that time and it was my experience countering trolls, hackers, script kiddies, and net vandals that caused me to enter the weird world of information assurance. A career that has continued to the present day. I owe my income to Demon internet and more particularly to Cliff, Giles, Richard(s) and the rest.

Nokia Bell Labs gets funding to cool down data centres


"What are the chances this $2M project is going to find a revolutionary way to keep servers cool that both uses less energy and is cheaper to implement and operate?"

One of the data centres that I used to work in used passive cooling. It had a large chimney/stack at one end of the building. Waste hot air was exhausted there. This causes the air to accelerate up the stack drawing cool air into the building. It was cheaper and lower maintenance than having an active cooling system but only viable in latitudes with cool average air temperatures.

So, possible but possibly not viable for the scale required. Move all US datacentres to Canada and Alaska?

An alternative is to put DCs underwater, as Microsoft have experimented with in Scotland. The seas off the north coast of Scotland are ideal because they are cold and also because the area has plenty of power (nuclear, HEP, wind) and high bandwidth cables because of past provision for the oil and gas industry.

Microsoft details 'planet-scale' AI infrastructure packing 100,000-plus GPUs


Re: Singularly pretentious

Abort! Abort!

No one can find a CD with a recording of "Daisy Bell".

Abort! Successful mission cannot be achieved!

Internet 'spy system' delayed because nation can't get the equipment


Re: Thanks, Pol Pot

"Cambodia is still digging its way out of the hole dug by the Khmer Rouge slaughtering all of the intellectuals."

Which should be a warning about the inevitable consequences of the anti-intellectualism being promoted in the UK and USA at the moment. The stupidity of encouraging a belief that all opinions are equal is leading us into dangerous territory where astrology and sympathetic magic are regarded as being as equally valid as astronomy and physics.


Re: Thanks, Pol Pot

"The only exception to this rule was Thailand -- I don't know how they got away with it but they've always been independent."

They "got away with it" because they were lucky to have a progressive King (Mongkut[1]) who could see the way that the wind was blowing during the mid 19th C and who modernised Siam extremely quickly. He also realised that Westerners had many hang-ups over social conventions and modernised traditional Thai dress and customs to conform to Western expectations. Neighbouring countries that tried to preserve their customs were regarded by Westerners as "primitive" and therefore fit to be conquered by military means or by missionaries. Mongkut tamed both Western military and Western missionaries and adopted Western education in science and technology meaning that the Western powers largely left Siam alone because it was seen as "one of us."

A very clever and cunning man who also managed the royal succession extremely well, ensuring the continuity of the monarchy and the maintenance of Thai idependence.

[1] The King who features in "The King and I" musical.

Dido Harding's appointment to English public health body ruled unlawful


Hold my beer...

Dido Harding, carries incompetence to new levels. Her performance at TalkTalk was bad enough, when as CEO she appointed herself as CISO. Then when the inevitable "sophisticated hack"[1] occurred she ran to the press and declared that no one had ever told her that she had to protect personal data. That time £47 million but that's insignificant compared to how much she blew on the failed Track and Trace programme.

[1] As ever not a "sophisticated hack", just a SQL injection attack.

In an arms race with criminals to protect our privacy, it's too early to admit defeat


Genie is now a long way from the bottle

Over the past few decades I have worked hard to ensure that personal data given to large institutions remains private. It has been a difficult job, because there are always individuals who can argue a storm about how everyone else should be banned from seeing personal data, but *their* pet project really needs it. I've been lucky to work with some really good statisticians and privacy experts to create systems that hold bulk personal data and that can be used to extract statistically valid de-identified data sets for statistics. The sorts of data sets provided to university researchers for example who are looking at demographic data and trying to devise optimum strategies for service provision. The de-identified data removes all links to the subject(s) and prevents cunning tricks such as aggregation of data or geographical location being used to identify an individual.

And increasingly I wonder why I bothered, because a survey of people's attitudes to the collection and use of this data just presented a giant shrug from the vast majority of the subjects. A common comment was that they assumed that all of their data was accessed by government and corporations and they were fine with that because they want the services and they don't want to waste time overcoming privacy restrictions. People in general place no value on personal data. They give it away free to anyone who wants it. Given that is a common (probably the commonest) attitude to personal data it may be time to accept that, as in the USA, that ship sailed long ago and the EU/UK concerns about personal data are an anomaly rather than the rule.

For the record, I go to incredible lengths to protect my own personal data. I think everyone should think very carefully about the subject. But for most people being able to tell a robot assistant to order more Sugar Puffs, a basket of sex toys, and some antibiotics is more important than protecting any misuse of sensitive personal data.

Reality check: We should not expect our communications to remain private


"we should not expect out communications to remain private. We should require it."

An argument that is defeated by anyone who uses social media or gmail and therefore gives large corporations free access to their personal information and communications. It's a sad truth that we (the IT/Security/Privacy community) talk about privacy and reasonable expectation of privacy and the users really don't care and vote with their feet. They prefer "free" as in beer to free as in the context of "free from oppression".


Sadly not true

@Joe Fay stated: "We know what the threat is. But the tools to counter them are in our reach."

Individuals and corporations do not have the tools to counter nation state actors including the security services of their own countries. These organisations have access to tools and computing power not available to citizens[1] that can break commercial encryption or grab credentials. Governments do not trust commercial crypto at higher levels of assurance, they use their own crypto and a variety of algorithms and implementation that individuals cannot obtain and could not afford even if they were available. Some companies list these products but any attempt to buy them will be met with a demand for authorisation of the purchase by the appropriate government department.

AES256 will slow down a well-resourced attacker, not stop them.

Anyone remember the fuss that the Met/Home Office made about Apple's iPhone encryption being "too strong to break" which went away pretty quickly when they realised that the Israeli company Cellebright had already broken iPhone encryption.

[1] Not quite true since anyone with access to sizeable bot nets has a lot of distributed computing power to hand.

IT technician jailed for wiping school's and pupils' devices


"I refuse to access certain peoples’ email system using Outlook or Mail on my iPad or laptop because the idiots in question insist that they have ‘full control’"

M$ for example. "In order to access our sites you must load this software onto your personal devices and permit us to have full administrative control of your devices." Well that's a whole mountain of "nope" starting right there. I don't need your money, you're the ones who needed me. Bye.

The end of free Google storage for education


It's a well-trodden path

I've lost count of the number of times that a supplier has claimed to offer "free" and/or "unlimited" services, only to pull those services when people started to use them. The first time it was Demon who offer "unlimited" internet then quickly removed it when they realised some users were leaving their systems connected 24/7 and downloading media content rather than just checking in every so often for email and possible Usenet as they expected. Several cloud storage companies have come and gone offering unlimited transfers and/or unlimited storage. Providers of services on the Internet, or more probably their marketing teams are fully skilled in the two aspects of marketing, both flim and flam.

Toshiba reveals 30TB disk drive to arrive by 2024


Re: And then I go & read ARS Technica...

"You can get SATa adapters that just take a bunch of microSD cards. I don't know how the speed is, but I'm guessing it's very poor."

In the past I RAIDed a load of floppy discs, just because I could. The speed was about 10MB/min for a RAID 0 array. Doing the same with 8GB USB drives achieved 80MB/s. I would expect 80-100MB/s for a microSD card RAID. Easy enough to try if you want to "do your own research".


"Never in a million years would I trust that much data to mechanical hard drive. Impressive feat, but no thank you."

I've been trusting much more data to mechanical hard drives for at least a decade. Given that my drives are configured as RAIDs their failure rate is actually higher than that of a single drive. It would make sense to have high capacity drive for either nearline or offline backup. Locating the drive in another building would improve the odds of not losing everything in a single incident.

UK.gov threatens to make adults give credit card details for access to Facebook or TikTok


Re: Another missed target

"mainly because of how long it took them to ban pirate bay"

They banned Pirate Bay? When did that happen? It's still up and working here.

"pr0n movies are usually staffed by actors and actresses and bare"

That's a job description, isn't it?


"This isn't about pron, as Facebook & Instagram actively block it anyway."

I must be imagining all the pron that is being shown on Facebook then. The few technical groups that I read on FB are plagued with images that appear to be from gynaecology textbooks on how to remove (or is it insert?) objects in orifices. These are sponsored images which means Facebook is getting paid for them and is reluctant to remove them.


Expert opinion

I have no difficulty in believing that government ministers, back benchers, and advisers know an awful lot more about pron than I do and have relevant practical experience. I think we can assume that this issue is as safe in their hands.

Geomagnetic storm takes out 40 of 49 brand new Starlink satellites


Re: No loss

"Sometimes you have no choice, broadband isn't available everywhere or is very slow."

There is a choice, but it's not offering quite the same service. OneWeb offers the same 200Mbps speed but has a business model that means they are unlikely to supply to individuals. Governments, corporates, telcos, education seem to be their target markets.

UK science stuck in 'holding pattern' on EU funding by Brexit, says minister


Re: "We're in the early stages and they're some quite positive signals"

"But we've taken back control, and that's the most important. Right ?"

Taken back control with the "oven ready deal" negotiated by someone who didn't know what a customs union is, supported by someone who didn't know why there was a port at Dover, with the assistance of someone who thinks Queen Victoria is still on the throne.


Re: Funding

"REAL Brexiteers (not their dupes) moved to Monaco."

Not all of them. Nigel Lawson led the fearless opposition to the EU from his holiday home in France, then applied for a carte de séjour to facilitate his permanent settled status in France post Brexit.


Re: Brexit got done

"It showed how we were overpaying for food (as was established before the referendum)"

Just remind me:

Have food prices gone down or have they increased since Brexit?

Has the quality and choice of food in supermarkets improved or declined?

Are Brexiters rushing out to pick all that lovely homegrown produce that they raved about, or are they letting it rot in the fields because they can't be bothered to get off the couch?

And of course are British fishermen now facing a sales bonanza now that we have "taken our fish back" or are they going out of business and selling their boats, nets, and quotas?



Re: The big problem is

"the tories run around believing they're in god's own country of the 1950's"

Before the referendum Brexiters were shouting at me that they wanted to go back to the 1970s "before we joined the EU(sic)". I warned them that having lived through the 1970s they would not like the experience. However to them it was a mythical far off land full of friendly coppers, thatched cottages, long summer days, lashings of ginger beer, Butlins, golden beaches, donkey rides and no money worries. The fact that if they were old enough to remember the 1970s that they would have been children, therefore unaware of politics or economics and feather bedded by their parents didn't penetrate their thinking.

I warned them that in truth the 1970s were awful with rapidly declining manufacturing, coal mines running out of coal, education starting a long downhill slide, runaway inflation which was in fact "stagflation" with rising wages, rising unemployment, declining manufacturing output, hyperinflation, declining living standards, profound social unrest, and regular shortages of power and fuel.

And here we are just over a year from "Brexit" and the 1970s are coming home to roost.


Re: Brexit got done

"The UK did NOT have the option of joining EFTA."

Not actually true, but if it makes you feel better. The UK didn't even begin negotiations to join EFTA. Not only that but they were desperate to stay out of the Customs Union. The ERG is terrified of everything "foreign" and does not want the UK to behave like a civilised nation that negotiates treaties with equals. The ERG fondly imagines that they will issue orders and the world will fall into line, desperate to do trade with Glorious Brexit Britain. Reality is however somewhat different as trillions of pounds are leaving the UK economy.


Re: Brexit got done

"And it is working remarkably well. Northern Ireland has enjoyed something it hasn't enjoyed since it was founded a century ago, being the UK's fastest growing region"

Wait! What is that you said? That NI is the fastest growing region in the UK because it has remained inside the EU Customs Union? That NI's interests are best served by being unified with the Republic of Ireland? That's a remarkable moment of scales falling from the eyes, isn't it?


Re: One sub postmaster's story

"They work exactly as you describe - pedestrians have right of way at entries and exits (so traffic stops and let them cross), and cyclists go around the outside and traffic waits before making a right turn across the bike lane (equivalent of a left turn in the UK)"

Here in Italy, priority goes to whoever gets there fastest in the most powerful/largest vehicle. So pretty much like the UK.


Re: "Where does it say that's happening?"


The direction pointers? I'm liking that better than "indicators".


Re: The big problem is

"Smoke me a kipper, boys, I'll be back for Brexit!" -- Ace Rimmer

The problem being that Johnson isn't even Ace Rimmer, he's more like his alter ego, Ace Hole.


Re: we're in a holding pattern, with our association not being granted

"UK companies can still be involved in Galileo, just not in the secret military part of it."

It's worth remembering that it was the British government that insisted that third countries could not take part in the development and implementation of the military aspects of Galileo. Petard, own, hoist; as is so often the case with this government.


Re: Funding

"You'd be surprised at the amount of stuff spoken in English at CERN over pints. Some of it is even science-related at times."

I'm currently working on a big science programme in France, not too far from CERN. My home is very close to LNGS in Italy. One of the pleasures of this life is that both places have good bars selling real beer (there's an award winning microbrewery near LNGS). And the Brits have managed to exert a malign influence on our European colleagues that has persuaded them that a pint and a chat are great for team building. I used to work in Vaud at one time and I still miss Friday evenings in the fish and chips restaurant at Rolle. English was the main language but for social/domestic use it was essential to learn French, German and Italian.

I recall in the 1980s in Switzerland being astonished that in a French speaking canton, error messages for telephone calls were German only. My Swiss colleagues just shrugged and said "We have to learn German to do admin!"


Re: Lamentable Funding

"Look up 'The brain drain' from previous decades."

Quite. Twenty years ago the then Tory government started the closure of the research institution where I worked. This was the second time that a Tory government worked hard to shut down my research funding and the third time that a Tory government had decided to tell me that I was not needed in the UK as a (then) healthcare researcher. I still have a personal letter from Patrick Jenkin telling me that the NHS didn't need medical researchers and that it was "not the role of the NHS to fund unemployment". I left the country to work in Germany, Switzerland, Italy, and France where I found that these countries and the EU actually value academic research and fund programmes for the long term. Also academic researchers within the EU have status, whereas in the UK politicians treat science research with contempt.

Why would any researcher want to stay in the UK?


Re: Brexit got done

"Like Switzerland and Norway The later having been invited to join several time and always said no"

Norway applied to join the European Communities in 1973 (ie not "invited") but the country rejected membership in a referendum. Despite this, both Norway and Switzerland are within EFTA and within Schengen. Both implement EU directives. The UK had the options of remaining in the customs union, joining EFTA, joining Schengen. The current government's haste and xenophobia got us into the current mess on the promises of unicorns and cake for all.


Re: Equality

"Also, try getting published without the right 'credentials'."

I published my first scientific paper in the 1970s when I had no "credentials" at all (did you mean "qualifications" BTW? I didn't have those either at that time) and was 20 years old. I worked evenings in a laboratory and was allowed to perform my own research project. At the end of the work I was encouraged to publish. It's still my most cited work, fifty years after publication.

OTOH unless you have performed genuine research, done the appropriate literature searches and have argued your point cogently then you will fail peer-review and not get published.

A friend's son is in his mid-teens he has neither credentials nor qualifications. Yet he is happily publishing papers in mathematics and computing and these have been accepted by leading academic publications.

Waymo sues California's DMV to block autonomous car crash data from publication


Should mental health crisis text conversations be used to train customer service chatbots?

Stuff that noise. Should chatbots even be the first contact that a person with a mental health crisis encounters when searching for help?

Betteridge's Law applies.

Having encountered chatbots in various guises, I have to say that they can drive even someone who is coping well and has a supportive network to harbour intense, dark thoughts after just a half-hour of nonsense. People who are having a mental health crisis need an understanding, empathetic, human being to talk to. Not a bl**dy chat bot.

Robot vacuum cleaner employed by Brit budget hotel chain Travelodge flees


Re: Love, Death & Robots

Yes, Alastair Reynolds is a writer I always find interesting. Beyond the Aquila Rift was also good.


Love, Death & Robots

The episode Zima Blue features the robot that upgraded itself to sentience, then decided it had been a bad idea and downgraded to where it started from.

Tesla driver charged with vehicular manslaughter after deadly Autopilot crash


"I've seen Airplane."

Point of order, that's Otto Pilot.


"Stupidity is not a sin and not prohibited in law. "

Stupidity is frequently prosecuted in law. To that extent it is prohibited in law. It is referred to as "negligence", a failure to perform the actions that a reasonable person would have taken to avoid serious or fatal consequences. This can range from civil consequences - causing injury or property damage by negligence is a tort - to criminal consequences, causing death or serious injury by negligence is manslaughter or negligent homicide depending on the jurisdiction and the circumstances. The threshold for deciding if negligence applies is what most people would consider to be a definition of stupidity.

"A failure to behave with the level of care that someone of ordinary prudence would have exercised under the same circumstances."

Also worth noting that stupidity is often a capital offence when it involves the laws of nature. For example, getting into a cage with a hungry tiger.

Canon: Chip supplies are so bad that our ink cartridges will look as though they're fakes


Re: Eco-Tank to the rescue!

I agree. I bought two Epson Eco-Tank printers to replace workgroup printers because we no longer print 500 page plus reports for customers - they accept PDF copies. It was an good move and reduced costs, improved print quality and pleased the users. It also saved the pain in the neck which was discovering that toner cartridges had "caked" reducing the laser print quality and needing cartridges and transfer belts to be swapped out before their scheduled EOL.

The Eco-Tanks have performed well and their major use these days is for printing paper copies of travel documents and notices for the site where they are installed. Occasionally an engineer will print off a manual so they have a handy reference that doesn't need a device to read.

Never mind the Panic button – there's a key to Compose yourself


Re: International keyboard layout

"On Windows, I just use the international keyboard layout"

Sadly not available for English keyboards, just US keyboards.

Fisher Price's Bluetooth reboot of pre-school play phone has adult privacy flaw


Where's the harm?

Well... Pen Test Partners previously reported on the "My Friend Cayla" doll and other similar devices. Cayla was not marketed as a Bluetooth phone but did contain a Bluetooth headset with insecure pairing. They showed that it was possible for an attacker to access the headset and then to have "private" conversations with the child. It doesn't take much thinking to realise that this is the sort of thing (access to a child without parental supervision) that would be of interest to the most reviled sex offenders. The absolute lack of concern from Genesis the manufacturer of Cayla was shockingly complacent. The CEO stated "Cayla was basically the subject of a tech prank," and then refused to consider improving security of the doll. In consequence the German Federal Network Agency instructed parents to destroy the dolls as it constitutes a concealed espionage device which is illegal in Germany. The Fisher Price telephone will also be illegal in Germany for the same reason.

In the UK and USA the government don't seem to care if someone tries to groom your kids remotely.


It Cheers Up My Day

... To see yet another interest exploit by Pen Test Partners. They put effort into searching out weaknesses in consumer products and, if you get to meet them, are very nice guys too.

Fugitive mafioso evaded cops for two decades until he was spotted on Google Street View


Re: Well who'd a thunk ?

"I don't think he shared his data, it was someone else (the restaurant)."

This is also a problem for witness protection. It was reported on Radio 4 last year that the US has had to relocate some families several times because the children have appeared in photographs taken by their friends and random strangers photographic street scenes. Image search can easily find these images and give the bad guys[1] a location.

[1] Often very, very bad guys.

Dutch nuclear authority bans anti-5G pendants that could hurt their owners via – you guessed it – radiation


Re: WTF?

"If a brain control implant is going to be inserted... Shove it up my nose, much shorter trip."

This statement is not true for politicians. Rectal insertion is the shortest route to their brain.

Newly discovered millipede earns its name by being the first to walk on one thousand legs


Re: Splitter!

The group taxonomists is divided into two subgroups, cladisticians and idiots.


Re: Clearly it should be millepedes or millepeda

"At 1,760 yards, I wonder who's pace is 1.76 yards long."

My remembery is that the pace is actually two steps. Also that professional Roman pacers used a hodometer, a version of a distance measuring wheel which measured distances of 5,000ft (one Roman mile).

One white cat and a volcano short of a Bond villain: Rocket Lab's Peter Beck shows off the 'Hungry Hippo'


Re: Hungry Hippo

"Does no one remember the mechanical marble grabbing game?"

I do. I also remember back in the 80s referring to three dimensional bar graphs which were a new thing at the time as "Lego(tm) Plots" but omitted the (tm). it didn't take long before Lego(tm) saw our scientific paper and put a shot across our bows telling us to always refer to Lego(tm) as Lego(tm) and to never omit the (tm) or they would sue our collective donkeys. So I refer to Lego(tm) as Lego(tm) these days and don't see it as at all absurd. What do you say Lego(tm)(tm)?

Boffins use nuclear radiation to send data wirelessly


Re: a small step

Last night the current Doctor reversed the polarity of the neutron flow but did so en passant.


Re: a small step

"Oh, they do. There's several neutrino detectors, including one that (mistakenly) measured them going slightly FTL."

That has happened twice now, with two different detectors. The first time was with the INFN OPERA experiment, later attributed to a loose fibre optic cable. The second time was with the Fermilab MINOS experiment, which gave a mean neutrino speed of 1.000051c; the 99% confidence interval was 0.999976c to 1.000126c.