* Posts by Keith Langmead

270 posts • joined 8 Mar 2007

Page:

PowerShell pusher to log off from Microsoft: Write-Host "Bye bye, Jeffrey Snover"

Keith Langmead

Re: "Admins don't want command line interfaces"

Personally I want both! Yeah I know, wanting my cake and eating it. :)

For something I'm unfamiliar with or don't touch very often the GUI is always king, having the ability click around the UI until I find what I'm looking for (because invariably I know what it is, I just can't remember what they call it)... and crucially a fully functioning GUI, not the half arsed Exchange GUI where you can only view a subset of the information.

But for regular tasks and automation command line and scripts win out every time, both in speed, and also when scripted in consistency since you can ensure the exact same options are selected every single time.

Microsoft updates Edge's Internet Explorer mode

Keith Langmead

Updating their other apps to no longer require IE

I wonder if they'll finally fix the issue with the "view it in a web browser" option in Outlook which only works with IE! Specifically, that option generates and then calls a .mht file rather than a standard html file, but Edge/Chrome/Firefox don't support that file type. So by default it'll open in IE regardless of what your system default is, and even if you change that default for that one file type it still doesn't work since the chosen browser can't render the page. I could almost forgive them if it was only older Outlook versions with the issue, but last time I checked people with the latest 365 builds still reported the same behaviour. And of course even if you still have IE, these days plenty of emails can't be viewed as they pull info from the website, and that in term redirects you to a page telling you IE isn't supported. Apparently Chrome used to have a experimental option to make it work, but that's since been removed.

Microsoft backtracks on lack of easy Windows browser choice

Keith Langmead

Re: Customer Enhancement Programme

Absolutely true. Standard procedure seems to be :

1) Roll out new "feature" that no one has asked for.

2) Receive masses of negative feedback from the testing community reporting that it breaks stuff / doesn't work / is incompatible with existing and commonly used apps/hardware.

3) Ignore the feedback through a few rounds of testing.

4) Release the update (aka force it on everyone) with the "feature" unchanged.

5) Receive even more negative feedback from normal users for the same reasons that were given by the testers.

6) Pretend this is the first time they've been made aware of the issue and rush to create a fix.

Rinse and repeat.

How legacy IPv6 addresses can spoil your network privacy

Keith Langmead

Re: Underwhelming

Yeah hardly earth shattering, at least based on that explanation of the "vulnerability" in the article. Surely in terms of risk, this is no more than the difference you currently get in a NAT IPv4 setup between whether you have a dynamic IP address allocation from the ISP or a static IP address, and no one's suggesting that having a static IP address is a terrible thing that should be avoided at all costs. Plus, in order to take advantage of it, you as the attacker need access not just to a site/service that the victim connects to, but one that more than one of their devices including the vulnerable TV in this example connects to. All that just to know that the connection you saw yesterday came from a device on the same network as you're seeing today, but not necessarily the same actual device.

Nominet suspends 'single digit' number of Russian dot-UK domain registrars

This post has been deleted by a moderator

A tiny typo in an automated email to thousands of customers turns out to be a big problem for legal

Keith Langmead

Wary of ALT-S

With old age and repeated bad experiences I've developed caution regarding blindly hitting Alt-S only to realise I hadn't included something... or worse.

Gotten into the habit these days of leaving the address fields empty until the very end (or even emptying them and re-adding the addresses for replies) for important emails, just so I get those few extra seconds after I finish writing the email and then set who it's going to to realise what if anything needs changing before I hit send. Has saved me multiple times.

Amazon India execs questioned after sellers allegedly use site to smuggle marijuana

Keith Langmead

Re: So, at what point

"and how is the AI statistical analysis supposed to recognise it?"

Quite easily, simply insert the standard amount of governmental lack of knowledge of a topic, add a chorus of "you employ lots of very clever people, so you MUST be able to find a way", and then ignore any replies from those same "clever people" when they point out the thing isn't actually possible/practical.

It's the same process as we see from our Home Office demanding the tech companies both 1) keep everyone 100% secure online, and 2) allow the authorities full access to that same data.

Navigating without GPS is one thing – so let's jam it and see what happens to our warship

Keith Langmead

Re: I guess I'm too much of a navigation geek...

So long as you remember that while most people generalise that the sun rises in the east and sets in the west, that's only true at around this time of year and March (eg the equinox). June/July for instance it can be closer to rising in the NE and setting NW.

Actually had to explain that to a friend on holiday in July when working out which path to take, as while I think they knew it in a factual sense, they'd never needed to think of it in a practical sense. Me on the other hand... years of trying to photograph sunrises/sunsets and planning when to be in certain locations has made me very aware of that fact. The suncalc website is probably my favourite website... after thereg of course. ;)

Without that knowledge it's fine if you're just after rough "head in a vaguely northern direction", but not so useful if you need more precision.

Monitoring is simple enough – green means everything's fine. But getting to that point can be a whole other ball game

Keith Langmead

"The leader of that team then said the problem was as the alert was an email, they get too many of them etc"

IMHO that's one of the most critical things with any monitoring setup I've worked with, getting the dependencies setup correctly to reflect reality, and preventing those receiving the alerts from being flooded with alerts.

Eg if you have :

Firewall > Switch > HV Server > Virtual Server > various services on the server

all being monitored, where if something breaks and stops working then everything to the right of it will also be down, you only want to be alerted to the most critical item that's down on the left, otherwise for instance while you're scanning through the alerts for services on a VM that are showing as down, you can easily miss that the Firewall in front of it all has stopped responding. Off the back of that you need to have an understanding of how the infrastructure fits together, which services rely on each other etc.

At a basic level monitoring's simple, but once you start digging into it it can become a minefield.

Tolerating failure: From happy accidents to serious screwups … Time to look at getting it wrong, er, correctly

Keith Langmead

“Principle of Least Access”

Aside from the obvious security benefits, my favourite side effect of a properly laid out “Principle of Least Access” is it can sometimes make tracking down the source of an issue much faster. Had a customer suffer from a randomware attack in the past, and being able to quickly say :

"OK, content in folders A, E and F have been encrypted, but not the other folders. Which user or users only has access to that specific set of folders? Focus our investigation on their machines so we can find the culprit, get it disconnected from the network, and get the borked data recovered from backup".

Not the only way to track things down, but sometimes you get lucky and can either immediately identify the infected machine, or at least massively narrow down the scope of the search.

Keith Langmead

Re: Fixing errors

"Another policy was to tell the operators that, if they made a mistake, to talk about it and they would not get in to trouble."

Absolutely, making an honest mistake shouldn't get you in trouble, but trying to cover one up should.

Stack Overflow acquired for $1.8bn by Prosus (no, me neither)

Keith Langmead

Re: Just StackOverflow?

Yeah I was wondering the same thing. To my understanding Stack Exchange Inc is the company, Stack Overflow is just one of many sites they run on various topics.

So for instance does the purchase include Server Fault, or Super User etc? If not then presumably if they do screw up Stack Overflow you'll just find another new forum appearing with Stack Exchange to replace it.

That Salesforce outage: Global DNS downfall started by one engineer trying a quick fix

Keith Langmead

Re: wth is it with always dns?

In my experience it's most often non-technical people including management who suggest "it'll be the DNS", often because that's the one technical thing they've heard of and they want to sound like they know what they're talking about.

Certainly among my colleagues whenever we refer to "it's always DNS" we're not seriously suggesting that it is, we're taking the piss out of former bosses who insisted that may be the cause of any issue.

Keith Langmead

Re: "We have taken action with that particular employee"

May also depend on whether they tracked down the engineer at fault (eg they were keeping their head down and hoping to avoid blame), or the engineer immediately put their hand up and admitted they were the cause of the fault.

Assuming they were otherwise competent at their job, IMHO someone who will admit to their mistakes rather than trying to cover their tracks is someone it's worth keeping around. Their replacement could be of the cover their tracks variety, and that could lead to even worse issues when something goes wrong.

Crane horror Reg reader uses his severed finger to unlock Samsung Galaxy phone

Keith Langmead

Re: It would have been more interesting...

Yeah I was thinking the same thing. Surely any tech checking if the finger is real/alive has less to do with knowing the exact characteristics of a live vs dead/fake finger, and more about detecting more than just the finger print so it can then detect the difference when that state changes. Otherwise you also have to get into the realm of deciding what the acceptable range of values should be to cover everyone, since one person may naturally have much warmer or much colder fingers than someone else. So since he had access to the phone and setup the dead finger as being valid, when he then used it the phone obviously unlocked because it was a perfect match.

Makes me think of Nick Fury in Winter Soldier, where he'd previously already registered his dead eye so he had a backup in case someone removed his official working eye scan from the system.

Don't cross the team tasked with policing the surfing habits of California's teens

Keith Langmead

Re: High-level manglement can be just as much a nuisance as unions

And a huge waste of time. Those "old-timey suit wearers" have likely never needed to learn how to type, so why would they start now? If you're a < 10 WPM one finger typist who can afford to pay someone else who can do the same thing at least 10x as fast then why wouldn't you? In situations like that you want systems which streamline things like dictation etc to make your current workflow faster, not binning it all and trying to learn a completely new skill while dealing with a massive drop in productivity.

Ah, you know what? Keep your crappy space station, we're gonna try to make our own, Russia tells world

Keith Langmead

I think you're right. Competition even when friendly can be a good thing. I also think moving away from the current "all our eggs in one basket" situation might not be such a bad thing either.

Keith Langmead

Re: Keep your crappy space station, we're gonna try to make our own

... in fact, forget the space station!

Keith Langmead

Re: It does have a finite life

"The ISS has been one of the greatest achievements anyone has achieved. We should work for a replacement - but it should not be decommissioned before a replacement is actually in place."

Or perhaps design the replacement such that it's initially an extension of the ISS rather than starting entirely from scratch in a separate location. Use the ISS as basecamp until you've built enough of the new structure to allow that to take over, essentially treating the ISS as a building site porta cabin, with the aim to ensure the new extension can eventually run entirely independently from the ISS. Then one day once it's completed the deconstruction of the old ISS can happen and the two separated from each other.

PSA: If you're still giving users admin rights, maybe try not doing that. Would've helped dampen 100+ Microsoft vulns last year – report

Keith Langmead

"You're right about legacy apploications but things need to be seriously old to cause that sort of problem."

Sage Payroll, current versions. So not a small company or a niche product, and not really a legacy app. It STILL doesn't handle UAC properly so to install an update for it you need to be logged in as an admin user. If you attempt to install the update as a normal user and enter the admin credentials via UAC you find part way through the install it breaks out of the elevated security context and back to the user context... which doesn't have permission to do the update so the update crashes and often hoses your Sage Payroll installation.

Microsoft lines its UserVoice forums up against the wall, readies firing squad of '1st party solutions'

Keith Langmead

Deleting old content

"A wholesale dumping of the data without a migration would seem foolish at best. The company does, however, have form in such matters."

Yep, see the Technet Gallery as a prime example. A brief time spent as a read-only site, before being completely deleted with all the submitted content binned off. Yes, they have (or are in the process of... it's not cleared from their site) migrated all the MS provided scripts over to Github, but realistically it was the user submitted scripts on there which were actually worthwhile but those have simply been deleted. All because they say that since they don't own those scripts they can't move them over... true, but MS could have just left the Gallery as a read-only resource for a few years rather than months.

OVH data centre destroyed by fire in Strasbourg – all services unavailable

Keith Langmead

Re: Who knew data centres were tinder boxes?

Not necessarily once personnel were evacuated. While at college I did work experience at a large company with a massive mainframe + couple of minis, the place was like a rabbit's warren of kit. The guy showing us the room explained about the halon system and pointed at the alarm and warning lights, and we were told that if those went off 1) there was a fire, and 2) we have a certain number of seconds to get out of that room before the halon turned on. Not it would turn on once we left, rather it was turning on in n seconds (60 I think) and we REALLY didn't want to be in there when it did!

Nominet boardroom battle may already be over as campaign to oust management hits critical milestone

Keith Langmead

"publicbenefit.uk has a list of those in support of change, 8 of them have fewer than 20 names which seems an odd choice from a simple cost-benefit viewpoint. Are there additional factors involved?"

What it doesn't show is how long they've been members. I'd bet many of those with only a few domains are old members, eg companies who previously did a lot more domain business but have since perhaps wound things down, or changed direction, but maintain membership since it allows them to keep direct control of their domains. Hell, could well be a bunch of old nerds who've partially retired but like to keep a hand in the game for their own use and perhaps that of friends and family, for whom £100 a year to maintain the status quo is a small price to pay. And they're likely also the types who'd be all over a vote like this.

Missing GOV.UK web link potentially cost taxpayers £50m as civil servants are forced to shuffle paper forms

Keith Langmead

Empire building

Call me suspicious, but I wonder if the department heads responsible for the online form are also those responsible for processing the physical one... department heads who are responsible for a large number of staff to process those forms justifying large salaries for management. In which case they may not feel such a pressing urge to fix that glitch before now since it would mean less staff required, department size reduces, less managers required etc. Nah, can't be, I'm sure all civil service management operate purely for the greater good of the nation and not person interest.

Keith Langmead

Re: I'm still mystified

Problem with MS is their two annoying habits of :

1) putting pages relating to the current version of a product at a path that doesn't include the version number, and then changing it when the next version is released so you end up with broken links if the page was found while still the latest version.

2) Deciding that because they no longer officially support something that the pages for it are no longer required so binning them off... cos as we know text storage is expensive and MS have limited storage capacity.

I've gotten into the habit of saving useful pages to pdf/onenote rather than just saving the link, just in case, which has saved me when dealing with old systems several times now.

(oh and it also annoys me how often they post information without bothering to mention which version of the product they're talking about, or even including some kind of published date so you can work it out.)

Family wrongly accused of uploading pedo material to Facebook – after US-EU date confusion in IP address log

Keith Langmead

Re: Bring back VMS Standard Date/Time...

So in a sorted list you're fine browsing through the entires in :

April

August

December

February

January

July

June

March

May

November

October

September

order? Also saying that dates are stored using a date/time variable ignores that that also has conversion issues, unless the system 1) knows which date system the source system used, or 2) the date variable uses the ISO format for consistency, which causes all kinds of issues as anyone who's experienced working with dates in SQL can attest.

No, boss, I'm not playing Minecraft. Minecraft is where I run VMs on the desktop now

Keith Langmead

Nested minecraft

"The virtual machine apparently runs well enough to play Minecraft"

If you can run Minecraft with the VM, the obvious next step is building a virtual computer within the virtual minecraft, then install minecraft on that...

Cornwall councillor suggests authority paid £2m for Oracle licences that no one used on contract originally worth £4m

Keith Langmead

Re: Byzantine Oracle licensing

Same with MS licensing. MS insist you must have correct licensing, yet refuse to confirm whether what you have is correct and direct you to one of their licensing partners. Licensing partners will advise, but also refuse to warrant that what they've told you is correct and that you're properly licensed.

Barclays Bank appeared to be using the Wayback Machine as a 'CDN' for some Javascript

Keith Langmead

Re: 404 error?

Yep, "That's fixed it for now, we'll download a copy of the files to our web server and repoint things later... anyone fancy a celebratory pint?", and of course "later" never happened.

Dumpster diving to revive a crashing NetWare server? It was acceptable in the '90s

Keith Langmead

Re: A long time ago

Or worse... when that poor sod is you and other than recognising the bodge as your own handywork, you've no idea of why you did it and how it works! :)

That's the main reason I always document my work. Finding undocumented things done by others is annoying, but when it's something you did yourself and you now can't remember what/why it was done... that's just downright embarrasing.

Real-time tragedy: Dumb deletion leaves librarian red-faced and fails to nix teenage kicks on the school network

Keith Langmead

I remember doing similar in my Uni days on the library catalog machines. They all run Libertas which was from memory was a simple text based Unix system allowing you to search for books, so black and white screens, basic etc, but also rarely used by students. If you knew how you could break out of it and get to the shell to access other systems via telnet. So while students queued up for access to a PC, those of us in the know would grab one of those machines out of sight of the librarians, and use it to access things like BBS, MUD, and Unix based email.

Zoom's end-to-end encryption isn't actually end-to-end at all. Good thing the PM isn't using it for Cabinet calls. Oh, for f...

Keith Langmead
Coat

No one needs End to End encryption!

Not sure what the issue is here, everyone knows that there's no legitimate need for end to end encryption online. That's what the UK government keeps telling us (along with governments around the world) to justify banning us from using it / back dooring its implementation, so it must be true right?

You've duked it out with OS/2 – but how to deal with these troublesome users? Nukem

Keith Langmead

Re: Timing is off..

Yeah I remember OS/2 Warp being shown off at the Computer Shopper Show in 1994, with loads of PCs available for people to have a go on.

What really let it down was they'd clearly made no effort to tune the machines to work at their peak on those machines, so they performed really badly. A friend actually bought a copy and installed it at home on a slightly lessor spec machine than they had, and once he'd taken the time to actually ensure the correct drivers etc were installed had it running way better than the ones they had on display.

Now Internet Society told to halt controversial .org sale… by its own advisory council: 'You misread the community mindset around dot-org'

Keith Langmead

Re: Corruption

No, I get an idea from a meme... I then checked elsewhere online to confirm the figures were correct (couldn't re-find the meme yesterday, so those figures posted were based on published stats I found not the original meme).

Keith Langmead

Re: Corruption

As a meme I saw recently pointed out, for an American earning $50k their taxes contribute $36 to food stamps and $6 to other social safety net programs, but they also contribute $6,000 to corporate subsidies. Anyone complaining about the first two and not the last one isn't against socialism, they're against poor people.

Instagram influencer fools followers into thinking Ikea photoshoot was Bali holiday

Keith Langmead

Re: Insta-what?

Or more accurately a mobile phone photo sharing site. You can only post to it via mobile/android tablet (dunno if iPad can), so if you want to do any post processing on your computer you have to then transfer it to mobile to post.

El Reg presents: Your one-step guide on where not to store electronic mail

Keith Langmead

Re: Deleted

The Recover Deleted Items option in Outlook (for recovering a message that's been "permanently deleted" but still within Exchange's protection period) only lets you see the Subject line, date, to/from details of a message, so you have to restore it in order to view the content. Wish they'd apply the same to the Deleted Items folder!

I believe with an Exchange setup you can already set it at server level to clear older items from all users' deleted items, so they can't override it... but of course you need to combine it with ensuring all staff know that 1) email shouldn't be "stored" there, and 2) anyone ignoring rule 1 WILL find those messages have disappeared in due course. Plus having management buy in that it's needed and not just IT being nasty, for instance showing how many gigs are taken up by Deleted Items, and the money that costs in terms of Exchange server storage and backup capacity.

Please tell us why you're not securing yourselves, UK.gov asks businesses

Keith Langmead

Re: Small biz

I think the marketing departments of many of the "cloud" providers need to take some responsibility for this. They sell their services to small companies as being easy and quick fixes, and leave out the limitations of what they offer. I've heard several small companies state that they have "offsite backups", only to find that they're simply using one of the cloud sync services. Have to explain to them that no that isn't a backup, and provides no protection if for instance their data is encrypted, or a file is overwritten, since that'll be synced as well and many of the services only keep the most recent version of a file.

Aw, bad day at your air-conditioned, somewhat clean desk? Try shifting a 40-tonne fatberg

Keith Langmead

Presumably you'd still end up with the same problem as now, but you'd simply be moving it up stream. So rather than one 40-tonne fatberg in one location, you'd have say 40 1-tonne fatbergs, all of which need individually removing, but which are all in smaller less accessible pipes so harder to work in.

Remember the 1980s? Oversized shoulder pads, Metal Mickey and... sticky keyboards?

Keith Langmead

Sugary coffee + keyboard membrane

Mid-90’s while at College I did work experience doing 1st line support for a large company that had a mix of PC’s, mini’s and a mainframe. The terminals had seriously robust, but stupidly expensive keyboards costing a few hundred quid each.

One day I had a call, user had spilt coffee on the keyboard. Went to their desk, collected the keyboard, and after consulting with the onsite engineers gave it a good wash, dried it out and returned it… all good, something new learned.

Couple of weeks later I get another call on a Monday morning, keyboard (same type) not working, coffee spillage. Great, I know what to do! Collect it, and repeat the cleaning process. Return it and discover it still doesn’t work. Find out from the user that they spilt the coffee on Friday, but it still worked so they didn’t bother calling us. Chat with the engineers and discover (I had no idea about this stuff at 17!) that coffee + sugar will eat through the membrane if left for long enough. The keyboard was replaced, and the user informed that their manager would be getting a hefty bill (internal billing) for the replacement!

The safest place to save your files is somewhere nobody will ever look

Keith Langmead

Re: Been There...

I've seen many many customers do this over the years. Amazingly I've actually seen a customer with a complete folder structure in their deleted items. I assumed it was due to them deleting the folders but then discovered they'd manually created them and used Deleted Items in Outlook for storage, sorting their "archived" mail into specific folders.

First time I saw it was years ago, migrating a customer between mail systems. Due to the size of the folder + limited storage and upload speed we opted to exclude the Deleted Items content, thinking it was deleted so no longer required, and no point spending time transferring it. Customer was not pleased when they found their "archived email" missing, and just couldn't get their heads around why that wasn't an appropriate place to store messages.

Windows 10 update panic: Older VMware Workstation Pro app broken

Keith Langmead

Re: "Win XP only seemed good because they finally built a desktop OS on the NT kernel"

"Actually. that was Windows NT4 first, and then Windows 2000 brought in the missing goodies from Win9x (DirectX and some laptop/USB functionalities). XP was the third iteration."

But technically XP was the first version that was NT based but intended for home use. Before then, Windows 2000 was intended to be the successor to NT4 for business use, with Windows ME as the companion successor to Windows 98 for home use. But as we know that sucked, and many people opted for 2000 at home as well, so ME was the end of the line for that kernel and from XP onwards they stuck to a single codebase.

UK Home Office primes Brexit spam cannon for a million texts reminding folk to check passports

Keith Langmead

Re: First problem, right here ...

"Except that's not true. You can *believe* or *think* that if you offer visa-free travel to EU27, well EEA+CH+..., they will reciprocate. However, that's not the same as knowing. That was my only point."

I don't believe or think anything, I know (as confirmed by that link) that the EU have already voted in favour of the matter. So assuming it was adopted by the Council of Ministries, it's already enshined in EU law.

Keith Langmead

Re: First problem, right here ...

> They cannot know because it's not up to them, it's up to the EU27

I'd argue it's firmly in our court to decide. The EU have already made it clear that they're perfectly happy to allow VISA free tourist travel after we leave, IF and only if we agree to have a reciprocal arrangement.

See: http://www.europarl.europa.eu/news/en/press-room/20190403IPR34819/brexit-reciprocal-visa-free-access-for-eu-and-uk-nationals

It's our government that either rejected that or failed to confirm they would allow it (can't remeber which they said at the time), but the ball is firmly in their court to allow or prevent is from having VISA free travel in Europe.

Breaking, literally: Microsoft's fix for CPU-hogging Windows bug wrecks desktop search

Keith Langmead

Re: "customer service call and chat volumes – has steadily dropped"

Too right, the quality of their updates has become so bad that it's hardly news worthy when they go wrong, and everyone just resigns themselves to dealing with the aftermath, or doing everything possible to delay updates and hoping the glitches are fixed by the time your PC forces them to install. IMHO the main selling point of Pro vs Home edition on a home setup is the extra time you can delay updates! I'll pay the extra just to avoid my PC being used as a test lab for their updates.

I didn't even realise there was a worthwhile call/chat option available! Always found the best option was to head to the forums, see if anyone else has the same thing, and if not post. Then wait and hope for an MVP or similar to answer, cos if it's a MSFT response you just know it'll be useless... lots of "I understand", while clearly not reading the information you've provided, and suggesting reinstalling Windows or something equally useless.

Latest sneak peek at PowerShell 7 ups the telemetry but... hey... is that an off switch?

Keith Langmead

Re: Surely...

"....to comply with GDPR they need to make the slurping "Opt-In" and not "Opt-Out" as opt-out is essentially having a box automatically ticketed, like on websites marketing section when you fill in your address, which now, under GDPR, is a breach of GDPR."

Only if the data they're slurping is personally identifiable information, if it isn’t then GDPR doesn’t apply. Whether their belief that it’s not PIR is accurate is another matter of course. :)

Apple is a filthy AWS, Azure, Google reseller, gripe punters: iPhone giant accused of hiding iCloud's real backend

Keith Langmead

Re: I don’t see them reselling a service

Yeah that was my thought as well. Presumably if the suit specifically talks about them “reselling” then that may be the simplest defence for Apple. They’re using those systems to provide their service, they’re not reselling them, so even if you think they shouldn’t be using 3rd party services that’s not what they’re being sued over.

Surely it’s also beneficial to their users since it provides even more redundancy… if the data is spread across those different services, even if MS/Amazon/Google had a complete meltdown, the data held in the other services would still be available.

UK's GDS head Kevin Cunnington leaves to tell world+dog how (not) to do digital

Keith Langmead

Calculating savings

"GDS's estimate of savings is heavily dependent on avoided costs in departments. Estimates of avoided costs are high, based on rejected applications in spending controls."

If the savings are based partly on rejected applications, does that include every rejection even if a single project has had more than one rejection? After all, surely if a department has a need for something a rejection will just result in them reviewing it and trying again, it may not result in the need being abandoned.

So I'm designing a system to fix issue x. I submit request 1 which costs £10m and it's rejected. Issue x still needs fixing, so I review things and submit request 2 which costs £10m. Again that's rejected. Request 3 goes through successfully with a reduced cost of £5m. Now by their calculations, have they saved £5m, £10m, £15m or £20m?

To members of Pizza Hut's loyalty scheme: You really knead to stop reusing your passwords

Keith Langmead

The potential power of free pizza

Hopefully might cause a few users to change their ways by making them focus on stuff they care about.

Bad guys could gain access to your email – “Meh, it’s mostly junk anyway”

Bad guys could access our corporate data – “Yeah, but it’s not my data!”

Bad guys could claim your free pizza – “What, this is serious! Better change my passwords!”

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2022