* Posts by Keith Langmead

295 publicly visible posts • joined 8 Mar 2007

Page:

The IT world moves fast, so why are admins slow to upgrade?

Keith Langmead

UAC is probably the last big one I can think of, so Windows 7*. The last few times I've had to do work on an XP machine it was the one feature I missed, invariably logged in as a standard user and realising I needed to switch into an admin account, rather than just run the installer and enter my admin creds when prompted. Powershell being universally available would be my second thing, but that doesn't come up as much when having to support old customer machines.

* I know it was released in Vista, but IMHO it wasn't polished until 7.

Tech support fill-in given no budget, no help, no training, and no empathy for his plight

Keith Langmead
Headmaster

Re: Universities are the absolute worst for shadow IT

When I was at Uni a friend who worked in the IT department told me much the same. Part of the problem was they had very few if any experienced and talented staff. Most got a job there as their first IT gig and did it for a year or two to get the "supported large organisation with n thousand users" on their CV, then jump to a better much higher paid IT job elsewhere. The only experienced staff were mostly those that were so crap they couldn't get a job elsewhere, and were happy to just bumble along until retirement.

Windows 10 given an extra year of supported life, for $30

Keith Langmead

Re: Define "consumer"

Yeah, sadly I suspect you're right.

Keith Langmead

Define "consumer"

One possible question mark will be what they define as a "consumer". Will it literally be anyone who is a consumer, eg they're a private individual and it's their own person computer, or will it simply be "Windows 10 Home edition"? Obviously not an issue for the majority of consumers, but I'm sure I can't be the only one in tech running Pro edition at home as the extra price was worth not having the Home edition annoyances.

UPS supplier's password policy flip-flops from unlimited, to 32, then 64 characters

Keith Langmead

Name and shame the 3rd party "experts".

"The third party recommended a limit on character length of the password, we previously did not have one."

So the big question is, who is that third party?

Microsoft sends Windows Control Panel to tech graveyard

Keith Langmead
Facepalm

Re: cue the wailing

Control panel also lets you do amazingly complicated and advanced things like... opening more than one control panel item at a time!!!

The number of times I've forgotten that Settings is a kids toy, been looking at one part of the settings menu, realised I needed info from elsewhere so separately go to that other area... and then realise that no, you can't do that. It's binned off what you were looking at before and used the existing Settings session/window to open the new thing instead.

Keith Langmead

Re: cue the wailing

Yep, and also POP3/IMAP accounts if you need to configure many of the "advanced" settings, since the Outlook accounts view completely hides that info these days.

Miles of optical fiber crafted aboard ISS marks manufacturing first

Keith Langmead

Re: Viable business case?

If they're already selling the normal ZBLAN at $1000 per meter and the hoped for benefits from this method are realised, I'd have to guess they'd be able to demand significantly more money for zero-g ZBLAN. Even with the cost of getting the materials into space and the product back again, that makes me think it could easily be a very profitable venture. Especially considering weight vs value for the fibre, where weight tends to be the limiting factor for most space based manufacturing.

Zero use (at least now) to most of us, but for some of the big players with deep pockets looking at potentially slashing the TTL and increasing the speeds of their long distance connections... what wouldn't they pay for that advantage over the competition.

Exchange Online blocked from sending email to AOL and Yahoo

Keith Langmead

Proactive monitoring perhaps?

"However, it is also all too easy to trip up and for users to find themselves on an SBL without realizing it until the emails stop being delivered."

However, it's also all to easy to setup monitoring and alerting to check whether your outbound email IPs have appeared on certain SBLs, so you can do something about it proactively!

Hmmm, maybe that was handled in the past by the same team who tested their patches before they were publically released... so no longer gets done.

Apple's Vision Pro costs big bucks to buy and repair ... just don't mention the box design

Keith Langmead

Haven't <> Aren't

"Apple has just 150 apps that were updated for the Vision Pro so plenty of developers aren't customizing their software for the headset,"

Surely a more accurate description is that they HAVEN'T updated their apps yet, not that they aren't going to at all which seems to be the suggestion from that sentence. Presumably it's not necessarily a 5 minute job to update the apps, so would seem more plausible that some are just waiting to see 1) how well the initial sales actually go, and 2) once released, how much demand there is from their own user base.

Sysadmin's favorite collection of infallible utilities failed … foully

Keith Langmead

Re: Defragging isn't a big deal anymore

Yep indeed.

Hard Disk DRIVE

Solid State DRIVE

Elon is the bakery owner swearing in the street about Yelp critics canceling him

Keith Langmead

Re: No Twitter

"Twitter/X is a default signpost for just about every service, business and government department on the planet."

But for how long. I'd argue part of the reason it reached that point was the fact that you COULD login and interact with people/companies/departments etc if you wanted to, but if you just wanted to see the latest updates from someone you could do so without having to login at all.

As such it was a handy univeral destination that you could depend on anyone being able to access. We've long used it at work for service status updates, since it's not reliant on our infrastructure and anyone can access them there, but now that you're forced to login to see anything the utility of the service drops off.

Even though I have a twitter login, I'm not logged in on all the devices and browsers I use. On many occasions I've followed a link to see more information on something that look vaguely interesting, gotten to Twitter where it insists I first login, and decided "Nah, can't be bothered" and just gone elsewhere instead.

Windows 11: The number you have dialed has been disconnected

Keith Langmead

Re: Built to last

04) You use RemoteApp, which when combined with the Toolbars* functionality works fairly seemlessly with the task bar... but MS binned off Toolbars in Windows 11, ignoring complaints in testing about its ommission, thus making RemoteApp far more of a faff to use than it was before.

* for those unaware, with RemoteApp you can't pin the shortcuts to the task bar (or the desktop or elsewhere) because they get regularly refreshed/recreated, but you can create a Toolbar that links to the folder containing the shortcuts, and then add that to the taskbar, allowing you to fire up a remote app connection from the task bar just like you would with a local app.

That script I wrote three years ago is now doing what? How many times?

Keith Langmead

Re: On the flip side

Absolutely. It helps being fairly old (24 years working in IT), so many of the core concepts people overlook today were fairly new and often talked about when I first got into computers at college.

It's so much easier to understand what's happening in front of you, when you understand what's going on behind the scenes. I must have been half way through my career when I properly learnt the binary maths behind IP addresses, subnet masks etc. Suddenly understanding WHY a subnet is the way it is, rather than relying on remembering the 255 or / notation by rote with no real grasp of what it really meant.

Take Windows 11... please. Leaks confirm low numbers for Microsoft's latest OS

Keith Langmead

Binning off the Toolbar option

For me the big deal breaker is them removing Toolbars, suggesting that no one uses them even though when in testing LOADS of responses from users said they did! If you use RemoteApp it can be near seemless when used with a toolbar on Win10, but without the toolbar functionlity they've made RemoteApp use far more clunky in Win11.

Comms watchdog to probe errors that left Brits unable to make emergency calls

Keith Langmead

Government expectations

I love the comment from the government reported by the BBC - "The government has said it took BT nearly three hours to alert ministers to the problems it was experiencing."

which seems like a typical non-technical failure to grasp the idea of priorities. If the issue started at 08:30 on Sunday I'd take a wild guess that the only relevant BT staff working (either actively or on call) would be the engineers, and they'd be busy trying to fix the problem. They're engineers, so they're sure as hell not gonna be calling Whitehall who likely can't contribute anything practical to fixing the issue, they'll just be updating their immediately line managers. I imagine you'll have to go up a few levels of management (none of whom would be actively working on a Sunday morning, so possibly not immediately contactable) before you reach someone with the authority to speak direct to the government on behalf of BT. They don't indicate whether any status pages or similar were updated with information, but that's presumably more likely to happen in the short term, than finding someone willing and senior enough to place the call, especially when initially they'd likely have zero information to pass on anyway.

Standard "I can speak to you about the issue, or I can fix the issue... I can't do both".

Ex-Twitter sextet sues Elon Musk for 'stiffing' them on severance

Keith Langmead

"Here in the UK there is a further step or two to this...the next generation that inherits it, flogs it off to the national trust for peanuts, because they are nothing like their great great grandparents,"

Or more often, flog it for peanuts to the National Trust to avoid the crippling costs of maintaining the property + grounds, plus future costs from inheritance tax for the future generations... but with an agreement thay they retain use of the property on n many days per year for the next few hundred years. So someone else pays to maintain the place, and they get to rock up occasionally and get the benefits of the property for things like weddings, massive parties etc like they still owned it.

Search the web at least once every two years or risk losing your Google account

Keith Langmead

Re: Our internal analysis...

Yeah, as much as I'm sure they'd love that additional 2FA info, and will encourage people to use 2FA for security reasons, I can't imagine they'll ever force people to adopt it. At least not while there's nothing preventing a user searching Google or viewing Youtube without actually logging in with their Google credentials, as many would just put up with the less customised UI of both when not logged in, and Google would likely end up losing more juicy user data than they gained.

Student requested access to research data. And waited. And waited. And then hacked to get root

Keith Langmead

Re: In Code We Trust

Yeah, bet that's a mistake you've not made since! :) Been there, done that, got the t-shirt. Gotten into the habit these days of logging into the machine as local admin rather than domain admin to do a disjoin, that way there's no chance of doing it without knowing what the current local admin password is.

Windows 11 puts 'disgusting' Remote Mailslots protocol out of its misery

Keith Langmead

Re: Net Send was disgusting.

Oh yes. At Uni in the late 90s we had a lab full of Sun terminals. Someone knocked up a script which would rlogin to a random terminal and play water drop audio file. Looped with a random time delay, and you'd periodically hear a drip sound coming from a random part of the room. And of course since Telnet was still a thing and security wasn't, you could connect (with an appropriate SOC login obviously) from anywhere in the world to confuse whoever happened to be in there at the time. Ahhh, fun times.

Keith Langmead

Re: The trouble is…

Surely search for and run "Startup Apps", scroll down to the entry for Teams, toggle Off.

Yes, Samsung 'fakes' its smartphone Moon photos – who cares?

Keith Langmead
Alien

Once this becomes standard our lizard overlords will be able to move freely on our side of the moon once more, safe from any intrepid photographer trying to capture their nefarious schemes. Think you've spotted something fishy on the moon? Take a photo to prove it to everyone... nope, just a normal picture of the moon!

Microsoft makes Outlook Mac native email app a freebie

Keith Langmead

Re: Client not worth paying for

Considering the latest version of Outlook for Mac doesn't support Exchange mailboxes (365 / Outlook.com fine, but no on-prem Exchange) and just shows Exchange under "Coming Soon" rather than a supported type, I think it's a bit true. You have to switch/revert to Legacy Outlook to configure an Exchange mailbox.

If your DNS queries LoOk liKE tHIs, it's not a ransom note, it's a security improvement

Keith Langmead

Re: Effective DNS Cache Size

There wouldn't be any impact on the cache size, as those permutations wouldn't be getting stored.

If Google needed to query the record for www.theregister.com then it would make the query for www.tHeRegistER.cOm, the auth DNS for theregister.com would receive that request, see that www.tHeRegistER.cOm = www.theregister.com, and reply with the answer while maintaining the ID number and case of the requested domain. Once received Google would then update its cache for www.theregister.com.

It doesn't need separate cache entries for theregister.com, tHeRegister.Com, TherEgISter.coM etc as they're all the same domain when stored in case-insensitive format. The case sensitivity is only used within the queries between Google and the Auth DNS servers, not in storage.

Microsoft feels the need, the need for speed in Teams

Keith Langmead

Re: Ditch

And as an added bonus it becomes WAY easier to control how long the meeting goes on for. For instance you can decide the meeting will only last 40 minutes, or perhaps 80 minutes etc. Or if it's gone a bit rambling at the end, rather than having to make excuses to leave you just don't re-join after the next disconnection.

Keith Langmead

Re: Pricey

"that you have to create a "Team" in two steps, and wait fifteen minutes between step one and step two would be funny if it wasn't so sad."

Sounds about right. Replication time for any changes in 365 always seems to be awful. Make a change to fix a user's problem, wait a few minutes and try again... still broken. OK, wait 60 minutes... still broken. Right, so did the thing I tried not work, or has it not replicated yet? Try again the next day... working!

Twitter begs some staff to come back, says they were laid off accidentally

Keith Langmead
Coat

Re: More proof

That and lots of previously inactive Twitter users logging in purely to post what their new Mastodon address is, and hunt through the people they follow to find out what their new addresses are to follow them there as well... not like that's precisely what I did last night after not posting on Twitter in ages. :)

PowerShell pusher to log off from Microsoft: Write-Host "Bye bye, Jeffrey Snover"

Keith Langmead

Re: "Admins don't want command line interfaces"

Personally I want both! Yeah I know, wanting my cake and eating it. :)

For something I'm unfamiliar with or don't touch very often the GUI is always king, having the ability click around the UI until I find what I'm looking for (because invariably I know what it is, I just can't remember what they call it)... and crucially a fully functioning GUI, not the half arsed Exchange GUI where you can only view a subset of the information.

But for regular tasks and automation command line and scripts win out every time, both in speed, and also when scripted in consistency since you can ensure the exact same options are selected every single time.

Microsoft updates Edge's Internet Explorer mode

Keith Langmead

Updating their other apps to no longer require IE

I wonder if they'll finally fix the issue with the "view it in a web browser" option in Outlook which only works with IE! Specifically, that option generates and then calls a .mht file rather than a standard html file, but Edge/Chrome/Firefox don't support that file type. So by default it'll open in IE regardless of what your system default is, and even if you change that default for that one file type it still doesn't work since the chosen browser can't render the page. I could almost forgive them if it was only older Outlook versions with the issue, but last time I checked people with the latest 365 builds still reported the same behaviour. And of course even if you still have IE, these days plenty of emails can't be viewed as they pull info from the website, and that in term redirects you to a page telling you IE isn't supported. Apparently Chrome used to have a experimental option to make it work, but that's since been removed.

Microsoft backtracks on lack of easy Windows browser choice

Keith Langmead

Re: Customer Enhancement Programme

Absolutely true. Standard procedure seems to be :

1) Roll out new "feature" that no one has asked for.

2) Receive masses of negative feedback from the testing community reporting that it breaks stuff / doesn't work / is incompatible with existing and commonly used apps/hardware.

3) Ignore the feedback through a few rounds of testing.

4) Release the update (aka force it on everyone) with the "feature" unchanged.

5) Receive even more negative feedback from normal users for the same reasons that were given by the testers.

6) Pretend this is the first time they've been made aware of the issue and rush to create a fix.

Rinse and repeat.

How legacy IPv6 addresses can spoil your network privacy

Keith Langmead

Re: Underwhelming

Yeah hardly earth shattering, at least based on that explanation of the "vulnerability" in the article. Surely in terms of risk, this is no more than the difference you currently get in a NAT IPv4 setup between whether you have a dynamic IP address allocation from the ISP or a static IP address, and no one's suggesting that having a static IP address is a terrible thing that should be avoided at all costs. Plus, in order to take advantage of it, you as the attacker need access not just to a site/service that the victim connects to, but one that more than one of their devices including the vulnerable TV in this example connects to. All that just to know that the connection you saw yesterday came from a device on the same network as you're seeing today, but not necessarily the same actual device.

A tiny typo in an automated email to thousands of customers turns out to be a big problem for legal

Keith Langmead

Wary of ALT-S

With old age and repeated bad experiences I've developed caution regarding blindly hitting Alt-S only to realise I hadn't included something... or worse.

Gotten into the habit these days of leaving the address fields empty until the very end (or even emptying them and re-adding the addresses for replies) for important emails, just so I get those few extra seconds after I finish writing the email and then set who it's going to to realise what if anything needs changing before I hit send. Has saved me multiple times.

Amazon India execs questioned after sellers allegedly use site to smuggle marijuana

Keith Langmead

Re: So, at what point

"and how is the AI statistical analysis supposed to recognise it?"

Quite easily, simply insert the standard amount of governmental lack of knowledge of a topic, add a chorus of "you employ lots of very clever people, so you MUST be able to find a way", and then ignore any replies from those same "clever people" when they point out the thing isn't actually possible/practical.

It's the same process as we see from our Home Office demanding the tech companies both 1) keep everyone 100% secure online, and 2) allow the authorities full access to that same data.

Navigating without GPS is one thing – so let's jam it and see what happens to our warship

Keith Langmead

Re: I guess I'm too much of a navigation geek...

So long as you remember that while most people generalise that the sun rises in the east and sets in the west, that's only true at around this time of year and March (eg the equinox). June/July for instance it can be closer to rising in the NE and setting NW.

Actually had to explain that to a friend on holiday in July when working out which path to take, as while I think they knew it in a factual sense, they'd never needed to think of it in a practical sense. Me on the other hand... years of trying to photograph sunrises/sunsets and planning when to be in certain locations has made me very aware of that fact. The suncalc website is probably my favourite website... after thereg of course. ;)

Without that knowledge it's fine if you're just after rough "head in a vaguely northern direction", but not so useful if you need more precision.

Monitoring is simple enough – green means everything's fine. But getting to that point can be a whole other ball game

Keith Langmead

"The leader of that team then said the problem was as the alert was an email, they get too many of them etc"

IMHO that's one of the most critical things with any monitoring setup I've worked with, getting the dependencies setup correctly to reflect reality, and preventing those receiving the alerts from being flooded with alerts.

Eg if you have :

Firewall > Switch > HV Server > Virtual Server > various services on the server

all being monitored, where if something breaks and stops working then everything to the right of it will also be down, you only want to be alerted to the most critical item that's down on the left, otherwise for instance while you're scanning through the alerts for services on a VM that are showing as down, you can easily miss that the Firewall in front of it all has stopped responding. Off the back of that you need to have an understanding of how the infrastructure fits together, which services rely on each other etc.

At a basic level monitoring's simple, but once you start digging into it it can become a minefield.

Tolerating failure: From happy accidents to serious screwups … Time to look at getting it wrong, er, correctly

Keith Langmead

“Principle of Least Access”

Aside from the obvious security benefits, my favourite side effect of a properly laid out “Principle of Least Access” is it can sometimes make tracking down the source of an issue much faster. Had a customer suffer from a randomware attack in the past, and being able to quickly say :

"OK, content in folders A, E and F have been encrypted, but not the other folders. Which user or users only has access to that specific set of folders? Focus our investigation on their machines so we can find the culprit, get it disconnected from the network, and get the borked data recovered from backup".

Not the only way to track things down, but sometimes you get lucky and can either immediately identify the infected machine, or at least massively narrow down the scope of the search.

Keith Langmead

Re: Fixing errors

"Another policy was to tell the operators that, if they made a mistake, to talk about it and they would not get in to trouble."

Absolutely, making an honest mistake shouldn't get you in trouble, but trying to cover one up should.

Stack Overflow acquired for $1.8bn by Prosus (no, me neither)

Keith Langmead

Re: Just StackOverflow?

Yeah I was wondering the same thing. To my understanding Stack Exchange Inc is the company, Stack Overflow is just one of many sites they run on various topics.

So for instance does the purchase include Server Fault, or Super User etc? If not then presumably if they do screw up Stack Overflow you'll just find another new forum appearing with Stack Exchange to replace it.

That Salesforce outage: Global DNS downfall started by one engineer trying a quick fix

Keith Langmead

Re: wth is it with always dns?

In my experience it's most often non-technical people including management who suggest "it'll be the DNS", often because that's the one technical thing they've heard of and they want to sound like they know what they're talking about.

Certainly among my colleagues whenever we refer to "it's always DNS" we're not seriously suggesting that it is, we're taking the piss out of former bosses who insisted that may be the cause of any issue.

Keith Langmead

Re: "We have taken action with that particular employee"

May also depend on whether they tracked down the engineer at fault (eg they were keeping their head down and hoping to avoid blame), or the engineer immediately put their hand up and admitted they were the cause of the fault.

Assuming they were otherwise competent at their job, IMHO someone who will admit to their mistakes rather than trying to cover their tracks is someone it's worth keeping around. Their replacement could be of the cover their tracks variety, and that could lead to even worse issues when something goes wrong.

Crane horror Reg reader uses his severed finger to unlock Samsung Galaxy phone

Keith Langmead

Re: It would have been more interesting...

Yeah I was thinking the same thing. Surely any tech checking if the finger is real/alive has less to do with knowing the exact characteristics of a live vs dead/fake finger, and more about detecting more than just the finger print so it can then detect the difference when that state changes. Otherwise you also have to get into the realm of deciding what the acceptable range of values should be to cover everyone, since one person may naturally have much warmer or much colder fingers than someone else. So since he had access to the phone and setup the dead finger as being valid, when he then used it the phone obviously unlocked because it was a perfect match.

Makes me think of Nick Fury in Winter Soldier, where he'd previously already registered his dead eye so he had a backup in case someone removed his official working eye scan from the system.

Don't cross the team tasked with policing the surfing habits of California's teens

Keith Langmead

Re: High-level manglement can be just as much a nuisance as unions

And a huge waste of time. Those "old-timey suit wearers" have likely never needed to learn how to type, so why would they start now? If you're a < 10 WPM one finger typist who can afford to pay someone else who can do the same thing at least 10x as fast then why wouldn't you? In situations like that you want systems which streamline things like dictation etc to make your current workflow faster, not binning it all and trying to learn a completely new skill while dealing with a massive drop in productivity.

Ah, you know what? Keep your crappy space station, we're gonna try to make our own, Russia tells world

Keith Langmead

I think you're right. Competition even when friendly can be a good thing. I also think moving away from the current "all our eggs in one basket" situation might not be such a bad thing either.

Keith Langmead

Re: Keep your crappy space station, we're gonna try to make our own

... in fact, forget the space station!

Keith Langmead

Re: It does have a finite life

"The ISS has been one of the greatest achievements anyone has achieved. We should work for a replacement - but it should not be decommissioned before a replacement is actually in place."

Or perhaps design the replacement such that it's initially an extension of the ISS rather than starting entirely from scratch in a separate location. Use the ISS as basecamp until you've built enough of the new structure to allow that to take over, essentially treating the ISS as a building site porta cabin, with the aim to ensure the new extension can eventually run entirely independently from the ISS. Then one day once it's completed the deconstruction of the old ISS can happen and the two separated from each other.

PSA: If you're still giving users admin rights, maybe try not doing that. Would've helped dampen 100+ Microsoft vulns last year – report

Keith Langmead

"You're right about legacy apploications but things need to be seriously old to cause that sort of problem."

Sage Payroll, current versions. So not a small company or a niche product, and not really a legacy app. It STILL doesn't handle UAC properly so to install an update for it you need to be logged in as an admin user. If you attempt to install the update as a normal user and enter the admin credentials via UAC you find part way through the install it breaks out of the elevated security context and back to the user context... which doesn't have permission to do the update so the update crashes and often hoses your Sage Payroll installation.

Microsoft lines its UserVoice forums up against the wall, readies firing squad of '1st party solutions'

Keith Langmead

Deleting old content

"A wholesale dumping of the data without a migration would seem foolish at best. The company does, however, have form in such matters."

Yep, see the Technet Gallery as a prime example. A brief time spent as a read-only site, before being completely deleted with all the submitted content binned off. Yes, they have (or are in the process of... it's not cleared from their site) migrated all the MS provided scripts over to Github, but realistically it was the user submitted scripts on there which were actually worthwhile but those have simply been deleted. All because they say that since they don't own those scripts they can't move them over... true, but MS could have just left the Gallery as a read-only resource for a few years rather than months.

OVH data centre destroyed by fire in Strasbourg – all services unavailable

Keith Langmead

Re: Who knew data centres were tinder boxes?

Not necessarily once personnel were evacuated. While at college I did work experience at a large company with a massive mainframe + couple of minis, the place was like a rabbit's warren of kit. The guy showing us the room explained about the halon system and pointed at the alarm and warning lights, and we were told that if those went off 1) there was a fire, and 2) we have a certain number of seconds to get out of that room before the halon turned on. Not it would turn on once we left, rather it was turning on in n seconds (60 I think) and we REALLY didn't want to be in there when it did!

Nominet boardroom battle may already be over as campaign to oust management hits critical milestone

Keith Langmead

"publicbenefit.uk has a list of those in support of change, 8 of them have fewer than 20 names which seems an odd choice from a simple cost-benefit viewpoint. Are there additional factors involved?"

What it doesn't show is how long they've been members. I'd bet many of those with only a few domains are old members, eg companies who previously did a lot more domain business but have since perhaps wound things down, or changed direction, but maintain membership since it allows them to keep direct control of their domains. Hell, could well be a bunch of old nerds who've partially retired but like to keep a hand in the game for their own use and perhaps that of friends and family, for whom £100 a year to maintain the status quo is a small price to pay. And they're likely also the types who'd be all over a vote like this.

Missing GOV.UK web link potentially cost taxpayers £50m as civil servants are forced to shuffle paper forms

Keith Langmead

Empire building

Call me suspicious, but I wonder if the department heads responsible for the online form are also those responsible for processing the physical one... department heads who are responsible for a large number of staff to process those forms justifying large salaries for management. In which case they may not feel such a pressing urge to fix that glitch before now since it would mean less staff required, department size reduces, less managers required etc. Nah, can't be, I'm sure all civil service management operate purely for the greater good of the nation and not person interest.

Page: