Posts by Dr Who

Rise to your level

So .... the incompetent head of NHS transformation and operations is now the incompetent head of, presumably the same, at HMRC. That explains a lot, particularly about if you're having any self assessment troubles.

Troy?

Something fishy going on here. First we have Troy Hunt and now Troy Mursch. Can this be coincidence? Troy is where trojans come from. I smell a horse.

Whatever the truth may be, if I ever become a security pundit I'm changing my name to Troy Who.

I'm not a Linode user but

VMs are available from $5 per month.

Get two in different locations and mirror them. Nothing fancy, rsync and DB replication will do the trick for most web application servers. It's really straight forward and a simple DNS change saves your cured pork belly.

We go one step further and place the mirrored servers not only in a different location, but with a different service provider.

The golden rule : there is no such thing as 100% data centre availability.

The next big thing

Massive Infrastructure as a Service or MIaaS

On the basis that being compromised is inevitable at some point for every organisation, the measure of effectiveness is whether there was a procedure in place for dealing with and mitigating the consequences, and how good that plan turns out to be. It seems that Deloitte have such a plan and time will tell how good it is.

All of that said, having an email admin account without 2fa seems to be a bit of a schoolboy error by any measure. We had a really good fire drill in place but neglected to fix the leaky gas pipes in the basement.

What I want to know is whether lenders are still consulting Equifax credit checks when extending credit to private individuals. The scale of technical incompetence at the company is clearly so huge that, breach or no breach, their credit scores cannot possibly be trusted. I suspect their credit scoring algorithm is something like :

int value = rnd.Next(10, 100);

or is that a bit too sophisticated?

Hot and wet

... which is great if you're with a woman but ain't no good in the jungle (Robin Williams)

Thumb up for Thomas Fischer of Digital Guardian. Tiger Swan cannot blame Talent Pen. If Tiger Swan is using a third party then they need to establish clear security policies and audit the third party to ensure compliance.

1.3 billion!

At a rate of £50 per hour, 8 hour days and 240 working days a year I make that 13,885 person years. I can just never comprehend this kind of thing. How can anyone spend nearly 14 millennia of people's time delivering a tax system FFS?! Or have I got my maths horribly wrong?

And precisely how many involve a background check on the ex's new shag?

See it's only the K5. The K9 has no such problems.

Fasthosts - always pulling a fast one.

Do a Google News search for Fasthosts, and be amazed that anyone is still using them.

Anyone who claims they can deliver five nines availability, even for discrete components let alone a complex web of hardware and software, is talking out of their arse. Five nines means you can have a maximum 0.864 second outage in any given 24 hour period. Of course you can start saying that the up time calculation should be done over a week, month or year but where do you stop - a decade? Up time stats only have real meaning over short periods.

So, hands up, who for any amount of money is going to guarantee less than 0.864 seconds of downtime over DC, comms, hardware, and 200 interdependent applications. And how do you even define what counts as "up"?

It's basically all finger in the air stuff.

To all space comms experts

I've set up a satellite dish for fixed domestic satellite Internet. It's a bit of a pig, to say the least, to get the alignment spot on and the signal can easily be disrupted by stupid things like leaves growing on a nearby tree.

My question then is how does a mobile terminal such as an individual sat-phone or an aircraft moving at several hundred miles per hour acquire and maintain a high bandwidth connection to either a geostationary or LEO satellite?

Email is a bit like KFC

Sometimes it's fingerlickin' good. Other times it's just ass wipin' bad.

The shit bit is things like this, spam, people still sending out messages with 500 recipients in the Cc field and then the people who still Reply All to that same message.

The great bit is it's the last bastion of the Internet as it should have been. SMTP for all its faults is a protocol to which all email services comply. I can get my email service from anyone, or run my own email server, or write and run my own mail server and still communicate with everyone else who is on email, irrespective of where they get their email service from. The tragedy of FB, Whatsapp, Snapchat etc... etc... is that they are walled gardens. There is only one Whatsapp service in the world, and it's proprietary. This goes against all the early promise of the Internet, back to the dark dark days of Compuserve and AOL.

Fnar Fnar

Anyone who says that playground humour has become more prevalent since the 60s should talk to my colleague Buster Gonads who can testicle to the fact that no such trend is observable. In fact any such claims are unfeasibly large porkies. Just today I walked into a restaurant and asked the waitress for an opinion on toilet humour, and she gave me one. What more proof do you need?

You could look at an event such as that of the last few days as the Internet's version of a wildfire. In the short run some damage is done but in the long run the fire's job is to clear out dead wood and enable the regrowth of a stronger, healthier ecosystem. Short term pain for long term gain.

"We are looking to bring it back online as soon as possible"

There's a gaggle of techies sitting around with that slightly vertiginous / nauseous feeling in the pit of their stomachs, sweaty palms, and fingers trembling too much to type accurately at the command prompt ... all of them quietly mumbling "fuck fuck fuck oh fucking fuuuuuck" under their breaths. AKA the patch borked everything and the rollback isn't working.

Shit meet fan. Do your thing.

Hell's bells! Ramsay's raunchy relative's robbing rollocking.

It's enough to put effin flames in your kitchen.

NASA engineers are currently conducting a final check on the list of commands that will maximize scientific returns during the kamikaze dive, before uploading the instructions to Cassini on April 11.

April 11th 2017 : "Cassini to NASA Engineers. Well you can fuck right off if you think I'm doing that. Cassini out"

What about applications

In a browser based application there's often a genuine case to use a beforeunload confirm if for example the user has not saved some changed data.

The obvious comment here is, why on earth is anyone still using any services delivered by 186K.

However email migrations in particular, which used to be a trivial task, are now a nightmare. First, email is used by most users as a storage system, resulting in multi-gigabyte mailboxes. Secondly, people now expect to sync their mail, contacts and calendars across multiple devices (phone, tablet, laptop) using ActiveSync, IMAP, CalDAV etc...

Moving even a single mailbox is a significant job, and the time and effort involved increases proportionately with the number of mailboxes. OK there are some automation tools you can deploy such as imapsync, but none of them are perfect and all need a lot of manual intervention.

In the light of this, maybe people don't move away from poor providers because they don't know where to start, and they can't afford to get someone in who does.

Heard in IT Support. "Office 365 is down again Bob. Odd that our phones aren't ringing off the hook with irate users. Well if they're not bothered I'll just finish my lunch and then call Microsoft. Oh ... wait ...."

Is it just me

or was most of this article complete gobbledegook? I kept having to reread sections which looked on the surface like they should have meaning, but even with rereading may just have well been a load of blahs.