* Posts by Dr Who

477 publicly visible posts • joined 25 Oct 2007

Page:

Verizon outages across US as hurricane recovery continues

Dr Who

If Trump was President none of this would have happened. Poseidon is a personal friend of his and they have a very very very great relationship. Diverting the storm would have been NO PROBLEM.

NHS drops another billion on tech in the hope of finally going digital

Dr Who

9 months late?

We're 40 odd years on from the widespread use of mini computers and private networks in the NHS to deliver patient administration systems at a regional level, yet our new prime minister still has to say "We've got to have fully digital patient records." A national electronic patient record is more like 30 years late. The magic IT wand to fix the NHS is waved around with gay abandon by each new government, deliberately avoiding the real problem which is that the NHS is too big and too complex to fix. The way to tackle a hugely complex problem is to break it up into smaller chunks, which can each be solved separately.

Key aspects of Palantir's Federated Data Platform lack legal basis, lawyers tell NHS England

Dr Who

Re: Grease

Is the word

Dr Who

Re: Internal

The internal development is done :

https://www.opensafely.org/

It's all about the lobbying, as we call it when we're being polite.

Admins wonder if the cloud was such a good idea after all

Dr Who

Re: It's not really a cloud specific issue

Couldn't agree more. Subscribing to the proprietary features of one of the cloud platforms can let you build a lot of functionality very quickly, but the vendor then has you well and truly over a barrel. It also takes disaster recovery completely out of your control. We run our cloud infrastructure across multiple cloud vendors and have designed it in such a way that failing over from one cloud to another is straight forward (proved by both testing and recovery from actual failures).

Black horse down: Lloyds online banking services go dark

Dr Who

Re: A realisation of what they are

To be fair that's exactly what all sorts of brands do. Coca Cola doesn't make Coke. McDonalds doesn't make burgers.

Starliner's not-so-grand finale is a thump in the desert next week

Dr Who

Whatever you make of Elon, and I think he's a monumental fucking nut job, you can't help but be impressed by SpaceX.

B2B ISP Fastnet staggers back to feet after VMware incident

Dr Who

DNS

"I think it goes to show how important but overlooked DNS is in the underpinnings of the internet," the source told us.

This "source" should not be in charge of anybody's IT systems. Bit like when Dominic Raab (then Brexit secretary) said he "hadn't quite understood" how reliant UK trade in goods is on the Dover-Calais crossing.

Elon Musk claims live Trump interview on X derailed by DDoS

Dr Who

Re: Shelf life

x -> Threads switchers is something I've noticed too. But .... are they all real? There seem to be too many almost identical "Threads is so friendly and nice. I had 100000 followers on X now I've switched to here and look forward to meeting you all and getting lots of followers.". That message is taking unfair advantage of Threads users' laudable but naïve urge to prove that the platform works as a nice X alternative. Classic click bait technique.

Need to move 1.2 exabytes across the world every day? Just Effingo

Dr Who

Titter ye not

It's like car model names. Whatever name you choose, there's a country somewhere where people will titter.

SAP system gives UK tax collector a £750B headache as clock ticks on support

Dr Who

Scrap tax

As the cost of HMRC IT infrastructure approaches the total tax take, the cheapest option may be to scrap taxation.

Capgemini wins deal with UK tax collector worth up to £574M

Dr Who

New initialism

WCPGW?

Guesses in the comments.

Cold comfort to teachers who got paid late, but ERP software rollout had 'unrealistic' timeline

Dr Who

The bar is low

When a mitigating factor for huge time and cost overruns is that the project "... has culminated in the delivery of a functioning ERP system".

Boeing's Starliner set for extended stay at the ISS as engineers on Earth try to recreate thruster issues

Dr Who

I think it's a squeaky bum cheek issue

When even astronauts are saying "if it's Boeing I'm not going", the writing's on the wall.

Users rage as Microsoft announces retirement of Office 365 connectors within Teams

Dr Who

Re: "Office 365 connectors within Teams will be cut"

Everything is fine. Until it isn't.

This, Azure functions, Google workflows etc... make it very quick to deliver some functionality. Messy, flaky, undocumented, but quick. That's why in house devs keep using it. They can provide a quick and dirty solution to someone's problem. By the time it inevitably fails, the devs will probably have moved on long ago, leaving others to pick up the pieces.

Doing something really nice, with vendor agnostic technologies that don't lock you into one of the big vendor proprietary stacks, is harder. It has ever been thus and IT developments tend to follow the path of least resistance. There are of course durable, reliable, supportable, portable workflow solutions out there, but none of them were delivered by an in house IT team.

UK education department awards contract uplift to Horizon scandal-plagued Fujitsu

Dr Who

Nothing like nailing down the deliverables

This extra work will not fall foul of the usual gotchas because they've gone to the effort of properly scoping the work. Specifics such as "Agile Core Services" and "a value uplift" will leave Fujitsu no wriggle room when it comes to a dispute.

London hospitals left in critical condition after ransomware attack

Dr Who

Re: "our IT arrangements are as safe as they possibly can be"

Good analogy. Especially because vaults still get robbed.

Whatever you do and whatever you spend, there will be a sufficiently skilled, well resourced and determined adversary who could defeat you (if you have something that's worth nicking). There is always some limit to the countermeasures you can afford to put in place, so you must always make your plans on the basis of when, not if, you will be compromised. Excellent preparation for a breach is the sign of a well managed business.

Also, not all data has/have equal value. As such, different databases should be secured to different levels.

Miscreants claim they've snatched 560M people's info from Ticketmaster

Dr Who

To regain credibility, Ticketmaster should be transparent about the breach, its impact, and the steps to prevent future incidents ...

Whoa! Just saw some pigs fly past my window.

The British Library have set the gold standard in actually doing this with their recent and catastrophic breach. https://www.bl.uk/home/british-library-cyber-incident-review-8-march-2024.pdf

Ransomware negotiator weighs in on the extortion payment debate with El Reg

Dr Who

Re: It is better to avoid a problem than have to fix it.

Even with the biggest budgets and the best security brains, you must still operate on the "When not If" basis. Defend yourself yes, but you can never be certain. Therefore, it's the quality of planning for what to do when the breach happens that is the mark of an organisation that is on top of its cyber-security.

Open Source world's Bruce Perens emits draft Post-Open Zero Cost License

Dr Who

Re: Third time good but ...

I passed a final exam whilst stoned once, but I reckon I too would have failed had I been on speed.

Leicester streetlights take ransomware attack personally, shine on 24/7

Dr Who

They could be sulking

Perhaps these lights were made by the Sirius Cybernetics Corporation. They're a bit bored of turning on and off all the time, so are staying on permanently in protest.

Global taxi software vendor exposes details of nearly 300K across UK and Ireland

Dr Who

Meaningless gobbledegook

" I found [the database] using the API of an IoT search engine"

Can anyone enlighten me?

Fujitsu set to be preferred bidder in UK digital ID scheme

Dr Who

Re: Confusion

Nice. For the analogy to be complete though - Joe would find himself staring in the mirror doubting whether what he could see there was really himself. Mind bending stuff.

Fujitsu - purveyors of the finest gaslights.

Microsoft confirms Russian spies stole source code, accessed internal systems

Dr Who

Not really. The executive probably does not have access to the source code. But if I can send internal emails as a Microsoft executive, I probably have a better chance than most of wangling such access.

Palantir boss says outfit's software the only reason the 'goose step' has not returned to Europe

Dr Who

What an absolute cock!

In Swiss German there's a brilliant word "Chläpfigring" which has no direct translation to English but roughly means "one whose face you have an overwhelming urge to slap". This man is definitely one of those.

Mamas, don't let your babies grow up to be coders, Jensen Huang warns

Dr Who

The coders are dead! Long live the coders!

Coding is the process of telling the machine what to do. First however you have to understand what and how you want to tell it, and that's the tricky bit.

There is a new IT discipline called Prompt Engineering, which people are making a lot of money out of. Prompt Engineers develop the natural language questions / instructions you enter at the AI/ML prompt. They can even develop template prompt texts which you can vary certain parts of (you might call these variables user input). All of a sudden, Prompt Engineers look rather like software developers.

Multiple billions up for grabs as UK government launches cloud services tenders

Dr Who

This is almost bibilical

Matthew 25:29

For unto every one that hath shall be given, and he shall have abundance: but from him that hath not shall be taken away even that which he hath.

Legal campaigners challenge UK.gov decision to redact NHS-Palantir contract

Dr Who

Home grown, open source, privacy driven, fraction of the cost but without the massive lobbying budget and capability.

https://www.opensafely.org/

Politicos demand full list of Fujitsu's public sector contract wins in wake of Post Office scandal

Dr Who

I think El Reg should launch the Fujitsu Contract Tracker (FuCT).

A Google sheet should do it - listing the contracts, along with value, duration and competition status as the info becomes available.

Maybe crowdsource the info from readers.

Microsoft prices new Copilots for individuals and small biz vastly higher than M365 alone

Dr Who

More guff will spew forth

Personal productivity apps like the Office suite can be powerful tools - in the right hands. For 99 percent of users it just helps them produce mountains of meaningless and pointless guff. Project plans and databases done in Excel. 100 slide Pointless Point presentations. Word documents with no heading levels, headings done with manual bolding and indentation done with the space bar.

The addition of an AI assistant will simply compound the problem for those 99 percent, even if it might help the 1 percent who get the hang of panning the nuggets out of the AI generated silt.

How governments become addicted to suppliers like Fujitsu

Dr Who

Re: Corruption

It's the "Nobody ever got sacked for buying Microsoft" phenomenon.

It was not ever thus though. I think the nails in the coffin for small biz involvement in public sector IT were the introduction of national framework contracts and the EU public procurement rules. Both of these made it prohibitively expensive for smaller suppliers to even tender for public sector work.

AWS rakes in half a billion pounds from UK Home Office

Dr Who

Yes minister that's correct. Their CTO is based in Monaco and their Head of legal in Geneva. You'll need to visit them regularly if we sign this deal, so it's a bloody handy coincidence that you love F1 and skiing.

Rackspace runs short of Cloud Files storage in LON region

Dr Who

Re: Guy I used to work with...

Upvote for clattering bell end

Google Drive misplaces months' worth of customer files

Dr Who

The cloud is not entirely the issue here (trust me as one Doctor to another).

The problem is confusing file sync with file backup whether you're syncing to a cloud drive or to a NAS device in the same room as you which you can see and touch and administrate.

Any user who doesn't know the difference between sync and backup (and there are many) will lose data, however much they value those data, irrespective of whether it's in the cloud or directly attached to their own network.

Palantir bags £330M NHS data bonanza despite privacy fears

Dr Who

Already done.

Home grown, open source, privacy driven, fraction of the cost but without the massive lobbying budget and capability.

https://www.opensafely.org/

Clorox CISO flushes self after multimillion-dollar cyberattack

Dr Who

When not if

In the face of a highly determined, skilled, patient and well resourced adversary it is impossible to defend a complex and distributed IT infrastructure. The notion of "locking down the network" no longer has any meaning. We can't defend against all the known threats, let alone the unknown.

We must therefore do what we can within the resources available to defend against the most common threats, whilst at the same time investing heavily in an effective and rapid alarm and recovery process for when the inevitable breach does happen.

The potential cost of cyber security is limitless in as much as you can never achieve perfection. Given that no organisation has unlimited resources to throw at the problem, choices must always be made between risk and cost.

Pharma boffins sharpen hunt for target molecules using graph DB

Dr Who

Refreshing

With every Tom Dick and Harry labelling everything upwards from and Excel spreadsheet with a formula in it "AI", here's a company that's called its database technology ... a database. Shocker. Their marketing team missed a trick with that one.

Cloudflare dashboard, API service feeling poorly due to datacenter power snafu

Dr Who

Who polices the policeman

Cloudflare provides reliability and continuity services to a *lot* of customers. There is nobody providing those same services to Cloudflare.

As well as these latest incidents, their distributed DNS name services (which are used as the default in a lot of data centre environments, in the same way as Google's name servers are set as defaults in may places) went tits up on the 2nd of October with intermittent fails for the same lookups. Again that was due to a reconfiguration / upgrade snafu.

SolarWinds charged after SEC says biz knew IT was leaky ahead of SUNBURST attack

Dr Who

Brace yourselves for impact ...

The only difference between SolarWinds and the others is that they got compromised and then got caught. We can be certain that there are many, many more supply chain vulnerabilities out there, which the developer has buried their head in the sand about, just waiting to be found and exploited by the bad guys. MOVEit alone was pretty bad.

Microsoft creates a new kind of credential: the 'Applied Skill'

Dr Who

Re: Not certified

I kind of like the idea, especially relating to Excel. You can make them specific, for example =VLOOKUP(), and targeted, for example at Welsh NHS recruitment staff.

CIA exposed to potential intelligence interception due to X's URL bug

Dr Who

Re: Ridiculous!

The Reg article is misleading. Why would you need an X profile impersonating the CIA? All that was needed was for the adversary to set up the Telegram profile that was linked to by the incorrectly shortened URL on the *real* CIA Twitter/X profile. That's why this was so dangerous until the white hat grabbed that Telegram handle and made it clear that it was not the CIA Telegram account.

If you set up a fake CIA X account you could put whatever Telegram handle you wanted in. The whole URL shortening issue would be neither here nor there.

What did the VisiCalc fairy bring you for Spreadsheet Day?

Dr Who

If you could have hung around to gawk at it, it was a Mac or more probably UNIX

Generative AI slashes cloud migration hassles, says McKinsey partner

Dr Who

Re: The use of generative AI

Maybe this is a test by El Reg? Can the readers spot the AI generated articles? If so, I'm calling this one - definitely AI.

However, she recommended not skimping on an API gateway between an organization and the outside world in order to surface some of the "real-time alerts" if developers are accessing non-proprietary models or data they shouldn't be touching.

In no instance of the multiverse does this mean anything to anyone.

CDW data to be leaked next week after negotiations with LockBit break down

Dr Who

Ironically if you search for CDW ransomware attack, along with headlines such as this Reg article, you get a bunch of results from CDW's own blog such as :

- How to Increase Your Ransomware Recovery Capability - Work with an expert partner to learn how your organization can better prepare to recover from a ransomware attack

- Fend Off Ransomware with a Cybersecurity Recovery Program

- The Anatomy of a Ransomware Attack: 7 Steps to Prepare ...

If nothing else, this incident will somewhat dent their credentials as a trusted cyber security partner I would think. In a similar fashion to the way the house robots dent the amateur entries in robot wars ...

NASA taking its time unboxing asteroid sample because it grabbed too much stuff

Dr Who

Too much material my ar*e. In a moment of almost infinite improbability, the cannister turned out to contain an alien time capsule revealing the secrets of an engine enabling instantaneous space travel over any distance. They're just trying to think of a name for it.

Decades-old Home Office asylum system misses EOL deadline, no new timetable in place

Dr Who

Case study

CID “started as a database containing basic details about asylum seekers and was initially expected to be an interim solution."

This is what they should teach Comp Sci and MBA students. How IT happens in the real world.

Cumbrian Police accidentally publish all officers' details online

Dr Who

Good job

EXCELlent work everyone.

Brit healthcare body rapped for WhatsApp chat sharing patient data

Dr Who

Re: Something not quite right here

It's not the app that's the problem. It's the mechanism (or lack of it) for controlling access rights. Who decides who will be a member of the WhatsApp or Signal group? Who decides what each of those members can see or do with the data? There are no mechanisms in place on messaging apps whereby an organisation can maintain control of and audit who accesses what information.

Artificial General Intelligence remains a distant dream despite LLM boom

Dr Who

Effectively saying that something must be true if you can't disprove it. A very theological argument. It doesn't work for all powerful beings or all powerful technology.

TCS bags £234M Teachers' Pensions deal as Capita set to end 29-year run

Dr Who

Alternatively ...

FUBAR-ready, SNAFU enabled, omnishambles platform

Page: