* Posts by Steve Foster

775 posts • joined 10 Oct 2007

Page:

Bad news for 'cool dads' trying to bond with their teens: China-owned TikTok and WeChat face US download ban by Sunday

Steve Foster
Facepalm

Tok for Tik (sorry, I mean Tit for Tat)

I wonder what the US would say if China turned around and banned FaceBook, InstaGram, WhatsApp and Twitter (or are some of these already banned by China?).

'My wife tried to order some clothes tonight. When she logged in, she was in someone else's account ... Now someone's charged her card'

Steve Foster
Facepalm

Re: Fabletics?

Because they thought that creating a portmanteau from fabulous and athletics was awesome?

Microsoft sides with Epic over Apple developer ban, supports motion for temporary restraining order

Steve Foster

Self-Defeating?

Arguing that Unreal Engine is "essential" potentially makes Epic a monopoly supplier target in its own right. Which might backfire...

Someone please have mercy on this poorly Ubuntu parking machine that has been force-fed maudlin autotuned tripe

Steve Foster
Facepalm

Huh?

Since these are touchscreen devices, you'd have thought that a member of staff could have acknowledged the messages and let the relevant software complete it's updates.

Wrap it before you tap it? No, say Linux developers: 'GPL condom' for Nvidia driver is laughed out of the kernel

Steve Foster
Happy

Re: TAINT_PROPRIETARY_MODULE

Isn't that the point?

Brit unis hit in Blackbaud hack inform students that their data was nicked, which has gone as well as you might expect

Steve Foster
Facepalm

Ah, you've seen https://www.theregister.com/2020/07/23/carding_forum_scams/, I presume.

From 'Queen of the Skies' to Queen of the Scrapheap: British Airways chops 747 fleet as folk stay at home

Steve Foster
WTF?

Interesting Wing Arrangement (article image)

That left-hand wing looks a bit short!

Someone needs more practice at photoshopping...

Digicert will shovel some 50,000 EV HTTPS certificates into the furnace this Saturday after audit bungle

Steve Foster

The certificates for Nationwide do not have any intermediate CAs, so should not be affected.

I can't obviously identify whether it's EV or not (how does one tell these days?).

Email seems lost in the post? You might be a Tsohost customer

Steve Foster

Re: SFU

Same here. They've been spamming my servers for months, and I finally got fed up of playing whack-a-mole, and started firewalling their ranges outright. The spam volume has dropped like a stone.

Microsoft sues coronavirus phishing spammers to seize their domains amid web app attacks against Office 354.5

Steve Foster

Re: 07/07/2020 13:04:41 - ( 2911) 250-SIZE 20971520

That's my server announcing that email of up to 20MB will be accepted.

That seems like a reasonable limit in the modern world - not too small to interfere with normal traffic, not too big to choke the server.

IME, the UCE that does get through actually tends to be quite small (well below that 20MB limit) - it's not often that junk comes with huge attachments.

Steve Foster

Re: Something about motes and beams...

Other [genuine] email from MS servers comes through ok, so I don't think it's TLS-related (though it's a good thought).

And even if MS did want to only transmit over TLS, their servers should end the conversation cleanly with QUIT, not just drop the connection.

Mostly, it's their hypocrisy that peeves me.

Steve Foster
FAIL

Something about motes and beams...

...it'd be nice if they could stop the silly DoS crap originating from some of their *.outbound.protection.outlook.com servers.

Stuff like this, where they just connect and then drop the connection over and over:

07/07/2020 13:04:41 - ( 2911) EHLO GBR01-LO2-obe.outbound.protection.outlook.com

07/07/2020 13:04:41 - ( 2911) 250-Welcome, mail-lo2gbr01lp2055.outbound.protection.outlook.com [104.47.21.55], pleased to meet you

07/07/2020 13:04:41 - ( 2911) 250-AUTH=LOGIN

07/07/2020 13:04:41 - ( 2911) 250-AUTH LOGIN

07/07/2020 13:04:41 - ( 2911) 250-SIZE 20971520

07/07/2020 13:04:41 - ( 2911) 250-ETRN

07/07/2020 13:04:41 - ( 2911) 250 HELP

07/07/2020 13:04:41 - ( 2911) Error: [10054] Connection reset by peer

Steve Foster
Thumb Up

Re: That much downtime?

Given the frequency with which all the cloud services like to go TITSUP, I'd say 265 is probably about right.

Keep it Together, Microsoft: New mode for vid-chat app Teams reminds everyone why Zoom rules the roost

Steve Foster
Trollface

Keep my Camera on?

What camera?

Barclays Bank appeared to be using the Wayback Machine as a 'CDN' for some Javascript

Steve Foster

404 error?

A recent feature added to Brave is an option to automatically try the Wayback Machine for 404 errors - could it be that Barclays had "misplaced" their JS and the browser auto-tried to "fix" the 404?

Boffins find that over nine out of ten 'ethical' hackers are being a bit naughty when it comes to cloud services

Steve Foster
Facepalm

Re: It is happening now

Yes, really. AFAIK, fail2ban doesn't run on Windows Server (though I expect there are fail2ban-like ports/substitutes/wannabes available).

Steve Foster

Re: It is happening now

As it happens, fail2ban isn't an option on the software I'm using, though that might change.

And I always have a momentary brain freeze when I see "fail2ban" (what use is a tool that fails to ban? oh, wait, upgrade failures to banned)

Steve Foster
WTF?

Re: It is happening now

It certainly is.

The number of attempts to log in to my email servers via SMTP, 2ry SMTP, IMAP and POP3 are through the roof.

In the past, it would be the same IP trying over and over (though there's still plenty of that), but it's now also common to see an IP try once and then disappear. And lots of those IPs are part of cloud providers networks.

Not only that, but the spam is also coming from an increasing range of IP addresses.

I've had to further reduce the limit on failed login attempts, as well as begin firewall blocking of IP ranges wholesale.

Not so nice, we investigated them twice: EU opens double whammy of inquiries into Apple's biz practices

Steve Foster

Re: I don’t quite understand this

More like 3rd-party manufacturers being obliged to sell their accessories (eg tyres, wiper blades, seat covers, fluffy dice, etc) for Ford vehicles through Ford dealers, and pay Ford a hefty fee for the privilege.

Or, say, music companies being forced to sell their music (to be played in a Ford vehicle) through Ford dealers, and again, paying Ford a hefty fee for the privilege.

In Hancock's half-hour, Dido Harding offers hollow laughs: Cake distracts test-and-trace boss at UK COVID-19 briefing

Steve Foster
Facepalm

World-Beating? Oh no, it isn't...

...oh yes, it is: it's the worst in the world. Even with the stiff competition from the likes of Bolsonaro!

Bloke rolls up to KFC drive-thru riding horse-drawn cart only to be told: Neigh

Steve Foster

WTF?

I've never been much interested in burgers, even before there was a McDonald's on every damn corner, so have never consumed any of their "offerings" (though I have been inside their premises occasionally in the company of others who did partake). I'm much more partial to pizza, though I'm aware that's almost certainly even worse for me in health terms.

Indeed, thinking about it, I wonder what the effect on the nations' waistlines might have been had the government instructed all takeaway food outlets to close for the duration of the lockdown! (I know I'd have eaten less pizza, for a start)

EU aviation wonks give all-electric training aeroplane the green light – but noob pilots only have 50 mins before they have to land it

Steve Foster

Boost from Solar?

Can't tell from the picture, but as this is primarily aimed at training and therefore probably mostly daytime flight, it seems like an obvious opportunity to cover the upper wing surfaces with solar panels to boost capacity/range.

Lettuce Encrypt, Encrypt We Must: Hobby projects change name after Let's Encrypt fires off trademark complaints

Steve Foster

US "defend your rights" Requirement?

Is the ISRG based in the US? Doesn't the US have some requirements for folks to "defend-it-or-lose-it" on various IP "rights"?

BoJo looks to jumpstart UK economy with £6k taxpayer-funded incentive for Brits to buy electric cars – report

Steve Foster

Re: That's sure to jump start Tesla sales...

"Black Cab"'s are now Chinese (LTI got bought out - by Geely, IIRC).

Morgan's numbers are so low as to be a rounding error on a rounding error. Aston Martin isn't significant either. And of course, Land Rover is Indian now (being owned by Tata), although still built here.

The Nissan Leaf is currently assembled in Sunderland.

Steve Foster

Re: Restructure the Market

"Complicated to administer and police."

Not really, it just goes into the VAT regime, which is the motor trade's problem. HMRC (at least the Excise portion) have traditionally been fairly effective on that front (some notable issues aside).

"Just keep knocking up the taxes on petrol and diesel and you'd achieve the same effect."

Well, that ought to be happening too. The difficulty in doing so is that it's pretty damn visible to taxpayers, so the governments of the day (of whatever flavour) tend not to be overly keen on doing so.

Steve Foster

Re: Restructure the Market

"Sure, provided you're comfortable with punishing the poorest who are least able to avoid your new taxes. I'm not completely sure I am."

By and large, I would expect that the poorest are not actually buying new cars at all, so pushing up the cost of ICE isn't likely to affect them (at least, not directly).

[Road charging is] "completely incompatible with privacy."

Not necessarily. You could certainly make it so if you wanted to do so (and I can see that there are some who would like to do so). However, the EU countries using road charging seem to be doing so without major problems, and without (AFAIK) totally compromising privacy. I don't see why we could not do likewise (non-functional public bodies notwithstanding).

Steve Foster

Re: This does not happen

Maybe because of the modern obsession with the [XYZ]aaS subscription model?

Of course, it's possible that eventually all the existing schemes will disappear, and you'll pay for the "fill" on a PAYG basis just like the existing ICE model.

Steve Foster

Re: Restructure the Market

Exactly. Fuel duty is going to dry up as a source of income. That's another reason that VED needs to be restructured (allowing EVs to pay nothing really is not a viable option).

If you want to encourage the switch from oil to EV, in a gradual way and not have a mad rush to switch at the last minute, forcing the price of ICE up and EV down is necessary. Doing so in a clearly defined manner that is affordable and doesn't simply introduce further problems down the road seems like the logical thing to do.

I agree that road charging is probably required, and that's not necessarily a bad thing if implemented sensibly (eg we ensure a contribution from foreign vehicles using our infrastructure that way).

Steve Foster

Re: Restructure the Market

VED is such a mess right now (with multiple differing schemes) that it just seems sensible to bundle fixing it in with larger changes.

While I get your point about the seriously wealthy not caring one way or another (as you say, the VED is almost immaterial to them), you do want it overall to be as fair as possible, and to be constructively arranged (even if it's principally "virtue signalling").

At the moment, the effective message of the various schemes is "hang on to your old diesel"!

Steve Foster

Re: Free parking for electric cars

Removing the cost of using the existing infrastructure from electric vehicles is ultimately self-defeating (the country cannot afford to give up those forms of income in the long-term).

Plus, such discounts are generally regressive, as the current price differential between petrol/diesel cars and the EV equivalent is such that EV purchases are mostly made by the wealthiest (ie those who can most afford to pay for the infrastructure are the ones least in need of such discounts).

Steve Foster

There are several factors to consider:

a) the profits on the car sales (which definitely goes overseas),

b) the service-based UK car jobs (dealerships/showrooms, garages, logistics, etc),

c) the car financing profits (may/may not go overseas, depending on source),

d) avoiding reintroducing the pollution from cars (the air quality has improved massively during lockdown)

I'm not sure where the overall balance would sit, and how (or whether) you can actually value (d).

Steve Foster

Restructure the Market

My 2p...

1. Introduce a fossil fuel car VAT supplement, starting at 2%, ratcheting up by an additional 2 percentage points every year until it hits 20% - ie gradually double the VAT on any vehicle that is in any way powered by petrol or diesel.

2. Introduce an electric/AF car VAT discount, starting at 20%, ratcheting down by 2 percentage points every year until it's gone - ie remove the VAT for now, gradually reintroducing it. You could cap this at (say) £6k maximum if thought necessary.

3. Drop the existing EV grant.

4. Rework VED so that all vehicles are on the same scheme (there are currently 3 or 4 different ones running in parallel), such that:

a) all vehicles pay, b) those that pollute more pay more, and c) those that impose extra wear and tear on the network or consume extra capacity [think heavy and/or XL vehicles] pay even more. For example, a base VED of £50, plus a fossil fuel component tied to emissions [one element for each of CO2 and NOx, plus room to add others if we find further pollutants], plus a % "XL" levy (say, 50% extra for over 2 tonnes or L>4.5m or W>2m or H>1.5m, and 25% discount for "compact" cars [<1T or small enough to fit 2 in a standard parking space]). It's probably appropriate to implement this new VED with lower starting rates that are ratchetted up by fixed increments for a few years before switching to inflationary rises, to avoid huge overnight hikes for those currently enjoying negligible rate VED on older petrol/diesel vehicles.

OK Windows 10, we get it: You really do not want us to install this unsigned application. But 7 steps borders on ridiculous

Steve Foster
Devil

"deterrent to installation"

"It's a deterrent to installation for sure, but the whole rigmarole can largely be prevented by signing code with a certificate"

"It's a deterrent to installation for sure, but the whole rigmarole can largely be prevented by downloading with a real browser instead of Edge"

There, FTFY.

Contact-tracer spoofing is already happening – and it's dangerously simple to do

Steve Foster
Mushroom

Re: Eh...

Self-immolation, OTOH, might just do...

(obvious choice of icon)

Steve Foster

Re: Unhearing government

Indeed, if I get a call from my bank (to my mobile number), the first thing they do is ask me to answer security questions (something their own advice says is bad).

I always say no, and explain why (the explanation is for the benefit of the staff person calling *and* their trainers [who use the recordings of those calls :p]).

Steve Foster

Re: OT - Did I miss something? 301 moved permanently??

Over the weekend. As you say, a PITA.

7*7 = a simple equation for taking total control of multiple VMware-powered clouds

Steve Foster
Joke

Re: 42?

You mean ${6*9} surely!

Watch an oblivious Tesla Model 3 smash into an overturned truck on a highway 'while under Autopilot'

Steve Foster
Joke

Re: what is really scary

It's the lighthouses that won't get out of the way that'll really get hurt!

Publishers sue to shut down books-for-all Internet Archive for 'willful digital piracy on an industrial scale'

Steve Foster

Re: Unusually

As I understand it, publishers receive ongoing payments for works lent by libraries, not just the normal purchase price of the work (using some fancy formulae).

Assuming the former is accurate, then while the IA is probably pushing the envelope somewhat, as long as they're paying the lending fees apropos for the vastly increased lending, the publishers aren't actually losing out. Indeed, arguably, they're likely to benefit from the increased awareness of their product (more readers means more sales [ultimately]).

Of course, it would probably have been better if the IA and publishers could have come to a negotiated agreement before all this kicked off.

New TLD redirect?

Steve Foster
Facepalm

Re: Smartphone app

If both are available, and working, why not just leave visitors on whichever one they chose to use? (especially when you've previously received negative feedback about forced redirection)

Even worse are those sites that then drop you on some sort of "pick your region" landing page, when the URL you typed expressly contained the relevant region in the first place!

Steve Foster
WTF?

New TLD redirect?

Visiting the UK ElReg (.co.uk), I'm suddenly being forcibly redirected to the US (.com) site instead (yes, yes, I know, .com isn't solely US, but YKWIM).

Please, *please*, *please* turn that back off.

Surprise! That £339 world's first 'anti-5G' protection device is just a £5 USB drive with a nice sticker on it

Steve Foster
WTF?

Take Yer Pick...

"A Fool and his money are soon parted."

"There's a sucker born every minute."

"Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.", Albert Einstein

Highways England waves around £62m contract for National Traffic Information Service after brief chat with vendors

Steve Foster
FAIL

Re: Utterley Useless

Oh, and the distraction when they use the information displays for non-urgent messages (like "Red X Enforced" and "Don't Drink and Drive"), particularly ones that are "terminal inexactitudes".

Steve Foster
WTF?

While They're Tinkering

Please could we:

a) have public access to the traffic cameras back on (they've been "access denied" since the Coronavirus lockdown started), and

b) how about putting a certificate on www.trafficengland.com, so that it's secure?

Steve Foster

Re: Utterley Useless

You forgot the excessive use of the variable speed limit system when neither the traffic volume nor current conditions justify it (yes, there are times when it's needed, but it's quite obviously being used beyond that).

cmd.exe is dead, long live PowerShell: Microsoft leads aged command-line interpreter out into 'maintenance mode'

Steve Foster

Re: simple shit so much easier with cmd

I understand the idea of safe defaults, but disallowing local scripts to be run in a scripting engine as a baseline configuration really is going overboard.

Steve Foster

Re: simple shit so much easier with cmd

Critically, CMD.exe does not rely on the .Net Framework. Monad^HPoSh needs that.

It wasn't just a few credit cards: Entire travel itineraries were stolen by hackers, Easyjet now tells victims

Steve Foster

Stelios & EGM

This isn't the first time Stelios has forced an EGM to be held, as he does like to throw tantrums from time to time. He basically thinks he always knows better than the EasyJet board - sometimes he might be right, but trying to throw his weight [vis his large shareholding] around like this just makes him look petty and vindictive.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020