* Posts by John Riddoch

578 publicly visible posts • joined 12 Jan 2009

Page:

AI models show racial bias based on written dialect, researchers find

John Riddoch

Re: Not at all surprising really

"Garbage In, Garbage Out", or in this case, racism being fed into AI by means of the training set will lead to a racist AI. Google tried fixing this with some manual tweaks, but it wound up putting diversity in where none existed (e.g. black or Asian soldiers in the German army from WW2).

Even if you don't explicitly ingest racist information, most written works from the last few centuries up until very recently have predominantly been written by white men who were writing for other white men. As a result, the world view of anyone "reading" that written work will have biases inflicted upon them which are very hard to remove.

Job interview descended into sweary shouting match, candidate got the gig anyway

John Riddoch

I recall someone telling me about an exam test for Excel where it was a mockup interface of Excel and asked you to perform various tasks[1]. One of them was "copy cell A2 to cell B5" or whatever and the only way which worked was to use "Edit/Copy -> Edit->Paste" via the menus so everyone who knew the keyboard shortcuts would fail that part of the test. There are at least 4 methods to copy cells I can recall off the top of my head and there are probably more which will work equally well, so having it only support one was pretty short sighted.

Any time I've been asking the technical questions, I tend to be fairly open to whatever they'll come back with. There's usually 5 different ways to start dealing with a problem, all of which are valid. I'm generally looking for an idea of their approach than specifics (which are mostly found via Google, let's be honest).

[1] this was some time ago when experience in MS Office wasn't a given.

'We had to educate Oracle about our contract,' CIO says after Big Red audit

John Riddoch

Re: Audit checks

Most software is installed in a single use case with a fairly clearly defined license requirement and it's relatively simple for a company to stay within those bounds.

Oracle RDBMS has so many options available for use it's hard to keep track of which ones might be enabled and what the impact to your license fee might be. Don't run diagnostics pack without licensing, because that's another charge. Add in the complicated (and self-serving) virtualisation rules and you can end up using significantly more licenses than you think you're using. Next, we add on the fact that Oracle licenses are expensive and there's a strong incentive for Oracle to investigate your usage because you're probably using more than you should without realising and they can extract lots from you.

World-plus-dog booted out of Facebook, Instagram, Threads

John Riddoch

Re: I've got a tenner...

BGP or DNS are my guesses, but DNS is most likely.

German defense chat overheard by Russian eavesdroppers on Cisco's WebEx

John Riddoch

Ah, yes - the Bowman system, aka "Better Off With Map And Nokia" as it was penned by the troops forced to use it...

It's that most wonderful time of the year when tech cannot handle the date

John Riddoch

And yet 2000 was a leap year, which meant that anyone who only partially understood the rules would get caught out. If you only knew the "every 4 years" part, you'd be fine. If you remembered the "except every 100 years" and forgot the "unless it's the 400 year mark", you'd get it wrong. One of those occasions where being mostly wrong was better than being mostly right...

As for 2100 - there's still a push from some to get rid of leap years/days, so we may not be working with the current calendar by then anyway. Which means we'll likely have other software bugs in date functions to deal with. The three certainties in computing: BGP errors, DNS failures and incorrect time/date functions.

China breakthrough promises optical discs that store hundreds of terabytes

John Riddoch

How long is it readable for? This is pointless for archive storage if it degrades within 10 years. The problem is that you're not really sure on the longevity until you've stored it for a while.

A path out of bloat: A Linux built for VMs

John Riddoch

Re: Your next talk?

AWS pretty much roll their own hardware stack using the Nitro cards which do most of the hypervisor/IO work on each node. That's obviously a niche case where hyperscale cloud providers can make savings by making dedicated hardware whose only purpose is to run virtual machines.

John Riddoch

Re: The really clever thing about IBM mainframe VM/CMS was...

"Do any x86/*nix virtualisation solutions use shared read-only boot disks?"

Solaris sparse root zones shared the binaries from the global zone. It made for efficiency, but it was a pain to manage as it lost flexibility as every package had to be installed in the global zone and moving zones between servers would be even more complicated.

When red flags are just office decoration: Edinburgh Uni's Oracle IT disaster

John Riddoch

There's a joke which I've seen where the engineer's "this is full of shit" gets translated up the management line to "this is akin to manure" before going to senior management as "it is like that which provides growth" as the rough edges get chipped off the communication. No-one likes to tell their manager that things are failing because they'll get the blame, so nothing gets reported accurately.

See also: Horizon. At least in Edinburgh Uni's case, it hasn't resulted in wrongful convictions of innocent people.

Developer's default setting created turbulence in the flight simulator

John Riddoch

Re: literally fell out of the back of the cargo truck taking them from the airplane

Worst I've seen was a Sun rack with some T3 disk arrays in the bottom of it. The guy unloading it from the van didn't get it properly on the tail-lift and as the tail lift was lowered, it caught the truck floor and made a lovely "flip over" manoeuvre onto the ground... Not sure on the total value, but this was about 2003 so it wouldn't have been cheap.

My mate who was taking delivery of them had to go through a post incident safety briefing because of the potential for injury/death if some poor soul had been in the way... Given that the delivery driver should have been more experienced in the safety precautions necessary, I think they were chasing the wrong person.

John Riddoch
Joke

"And don't call me Shirley"

Japanese government finally bids sayonara to the 3.5" floppy disk

John Riddoch

Re: Ha! Ha! I'm typing this on a PC which still has a 3.5" floppy drive...

I stopped having a floppy drive mostly by accident. My PC at the time had a bad habit of taking ages to start up Explorer and I tracked it down to the floppy drive, I think because I hadn't yet reconnected it after some work in the guts and noticed it loaded quicker, so I left it unplugged, but still in the case for when I needed it next. A year later, I realised I hadn't needed it nor missed it and my next PC didn't get a floppy drive installed. If I hadn't had that issue and left it disconnected, I'm sure I'd have probably gotten one installed Just In Case (like you did), but I haven't missed having one over the years.

I still have the drive in a drawer somewhere, although I'm not sure I have a PC I can install it to; I think the floppy drive ports on motherboards were rendered obsolete some time ago.

Major IT outage at Europe's largest caravan and RV club makes for not-so-happy campers

John Riddoch

Re: What does CAMC run on

Quite possibly it's running IIS behind a Linux based load balancer/reverse proxy. That would report Linux as the OS running on the IP but IIS headers returned via HTTP(S).

The rise and fall of the standard user interface

John Riddoch

Efficient interface

The history of vi tracks from this. Once you get the hang of its obscure commands, vi is very powerful, allowing very quick editing with minimal keypresses. When you consider it developed from "ed" (the old single line text editor) run over a slow serial line, it makes sense. You didn't want to send complicated commands to the expensive server from your dumb terminal, because that took limited bandwidth on your serial line and used expensive CPU cycles.

Does vi follow any UI guidelines? No. Is it user friendly? No. Is it efficient once you get to know it? Yes. Given that it was the only editor guaranteed to be available on Solaris, AIX & HP-UX servers, it became my default editor to use when managing them. With Linux, you're far more likely to have nano or something available but I still just use vi/vim.

BreachForums admin 'Pompourin' sentenced to 20 years of supervised release

John Riddoch

Re: "forbidden to use the internet"

That is actually a really harsh punishment - many things these days are difficult or impossible to do without internet access. Some examples:

- taking stuff to the dump - you have to book appointment online here

- paying bills - most of them require online banking or payment via website

- banking in general - all those branch closures make it harder

Five ripped off IT giant with $7M+ in bogus work expenses, prosecutors claim

John Riddoch

Re: Wait, what??

Yes for UK, I studied accountancy in the early 90s and one of the things I learnt was that illegal earnings had to be declared to HMRC. I did wonder how many criminals did declare those earnings and whether HMRC (or Inland Revenue in those days) would pass that information along to the police...

I suspect that part of the law serves two purposes - first, to put the boot into criminals by doing them for tax evasion as well as their crimes and secondly it's probably easier to prove "person hasn't declared earnings" than "these earnings are part of this criminal enterprise" a la Al Capone.

How governments become addicted to suppliers like Fujitsu

John Riddoch

Agreed. I can usually get mine filled in in about 15 minutes; takes me longer tracking down dividend/interest payments than going through the form. It hasn't changed much in about 10 years, I think, but it works. Doesn't need any more bells & whistles.

DARPA's air-steered X-65 jet heads into production with goal of flying by 2025

John Riddoch

Re: Germany's F-104 tragic statistics

The Luftwaffe didn't fly any combat missions between 1945 and 1995 (when it was part of a NATO force in the Balkans) so that's a safe assumption.

Another airline finds loose bolts in Boeing 737-9 during post-blowout fleet inspections

John Riddoch

Re: A gross understatement?

Possibly - there are, I think, 3 options:

1. They weren't tightened/installed properly at the factory and no further inspections have been done since it went into service, so a flaw in assembly.

2. They've come loose and haven't been picked up at an inspection, which would indicate poor maintenance

3. They've come loose between inspections; e.g. you're supposed to inspect these bolts every 200 flight hours and they've come loose after 100 hours, so there's a gap between "bolts becoming loose" and the next inspection. That would indicate a flaw in the maintenance schedules or design/installation of the bolts.

In any event, something will get added to the maintenance checklists but I'd be worried about any other bolts which could either be loose already or could come loose and cause another incident. The relevant authorities will no doubt be working at figuring out which of the above applies and sorting out the details.

Microsoft pulls the plug on WordPad, the world's least favorite text editor

John Riddoch

EOL characters

Wordpad had the advantage that it managed with Unix newlines, so if you got a file from Unix/Linux, you could view it without having find unix2dos somewhere to fix it. I think that was my main use of it over the years.

It's a passably usable word processor without any of the bells and whistles, but it's certainly capable of creating some simple documents with basic formatting. Hardly surprising they're ditching it, probably to encourage use of O365.

CEO arranged his own cybersecurity, with predictable results

John Riddoch

Re: Customers are the security liability

Humans are the weak point in most company's security because they're fallible and prone to try and help. Just yesterday, El Reg reported that attackers just needed a "10-minute call with the help desk" to break in.

Various companies are now working on this, with education for staff on how to not be an idiot, test phishing emails etc and people still fall for it.

Lapsus$ teen sentenced to indefinite detention in hospital for Nvidia, GTA cyberattacks

John Riddoch

Re: "broke into Rockstar Games using an Amazon Firestick, his room's TV, and a phone"

He's either really, really good or Rockstar's security was really, really atrocious. Possibly a bit of both, to be honest, but I agree it's pretty darned impressive.

SEC charges ex-medtech CEO with fraud for selling plastic fake implants

John Riddoch

Re: Sound business principles

Yup, same thing happened with Activision/Blizzard - https://www.sec.gov/news/press-release/2023-22 - Workplace bullying is fine according to the SEC, but keeping schtum to investors about your staff leaving because of it is absolutely not allowed.

Also Google+ having massive insecurities - SEC fined Alphabet for not advising investors of potential vulnerabilities: https://www.theregister.com/2022/03/07/supreme_court_alphabet_google_plus/

Doom is 30, and so is Windows NT. How far we haven't come

John Riddoch

Re: Computer did get faster, software did get bloated.

It became cheaper to double the RAM/CPU than it did to have a programmer fix the issues.

40 years ago it would be 10s of thousands to upgrade your server, but say £5k of programmer time to optimise your code in assembly. Now it's 10s or 100s of thousands of programmer time to optimise the horrible spaghetti Java code, or £5k to add another server to the web farm. There's no point optimising code to be efficient any more unless you're doing specific embedded software on micro controllers and even then, it's probably still cheaper to buy a Raspberry Pi to do the job...

Share your 2024 tech forecasts (wrong answers only) to win a terrible sweater

John Riddoch

Governments around the world realise how silly they've been working with traditional currencies and all adopt Ethereum as their new, unified currency. This sudden consensus also results in world peace and harmony and an end to wars (yes, even in the Middle East).

Revival of Medley/Interlisp: Elegant weapon for a more civilized age sharpened up again

John Riddoch
Joke

Re: lore

Reminds me of question - which git put that "S" in the middle of the word "lisp"?

Will anybody save Linux on Itanium? Absolutely not

John Riddoch

I remember the early Itanium announcements, declaring how much faster it would be because you'd optimise code at compile time rather than runtime. That struck me as being a "better" way to do things, because you didn't mind if compilation took ages, provided it resulted in an efficient binary. Of course, initial compilers were poor and the resultant assembly wasn't as good as expected. I recall Intel finally releasing a compiler which made it better, but by that time, other architectures had moved on, Microsoft, IBM and Sun had ditched the idea of porting their operating systems to Itanium (or were very close to it).

The LWN.net article seems to explain it concisely - a seemingly good idea aged poorly and no-one wanted to give up on it after investing however much time and money into it.

Why have just one firewall when you can fire all the walls?

John Riddoch

Yeah, you can get away with major outages caused by an approved change record with a minor slap on the wrist and the agony of a post incident/change review, but a minor outage without a change record often results in a swift exit from the company.

Lawyer guilty of arrogance after ignoring tech support

John Riddoch

Similar while working at uni...

Couple of students pitch up at the door of our office complaining that one of the computers wasn't working in a lab. Of course, it would be the one furthest from our office... Trudge along, sure enough, pressing the power button doesn't do anything. Wander round the back, notice the plug not quite fully in, so give it a whack to push it all the way in, reach round and press the power button... voila! working PC. Gave the pair of them a look and wandered off without saying anything...

As the Top500 celebrates its 30th year, with a $5 VM you too can get into the top 10 ... of 1993

John Riddoch

Re: SPARC power

When I started in IT, the "New Thing" from Sun was the E10K - 64 UltraSPARC I CPUs @ 400MHz, 64GB RAM, etc, etc. It was a full rack system you'd wheel into your data centre and hook up to power/ethernet etc and cost in the region of £1m fully loaded.

About 10 years later, the T5220 was a 2U rackmount server with 64 threads/128GB of RAM for a fraction of the price and I'm pretty sure it would outperform the E10K.

That realisation was kinda scary...

BOFH: Adventures in overenthusiastic automation

John Riddoch
Terminator

"People in this building don't much like self-propelled equipment," I say. "It's a long story."

Is the other one still in the basement?

The iPhone 15 has a Goldilocks issue: Too big or too small. Maybe a case will make it just right

John Riddoch

Re: Recovering fanboy here.

If Apple hadn't made them an O2 exclusive when they came out in the UK, I'd probably have climbed aboard the iPhone hype train. (Un)fortunately, my experience of O2 was poor signal at my parents' house, but my work Vodafone was fine. As such, being tethered to O2 meant I didn't get one and wound up on the Android path. Which has probably saved me 100s of pounds over the years...

How TCP's congestion control saved the internet

John Riddoch

Ah, ATM

We were being told in 1997 by our lecturer that ATM was the way forward and Ethernet would die out. In those days, thin-net was still used in our computer labs and anything RJ-45 related would probably connect to a dumb hub rather than a switch. Ethernet survived by adapting into being switched by default (it had already started in those days and accelerated as costs came down) and avoiding the worst issues with congestion that it suffered on coax/hub deployments and getting faster, so the advantages of ATM weren't as clear as they had been.

Arm's lawyers want to check assembly expert's book for trademark missteps

John Riddoch

That misrepresents what happened. Arm didn't go after Markstedter directly, they went for the hosting company (see previous article). Said web hosting company folded under the legal letters and took down ALL her sites including ones not affected by the trademarks so she had to cede control of the ones Arm deemed to be violating their trademarks to get anything back at all.

The lack of any meaningful response from Arm is pretty appalling to be honest and very poor PR for them.

Sure, give the new kid and his MCSE power over the AS/400. What could possibly go wrong?

John Riddoch

Ah, MCSE

a.k.a. Must Consult Someone Experienced, such was the high regard the qualification held. It was a pretty common qualification for someone fresh out of uni/college without any real world experience. Much as in Fred's case...

The world seems so loopy. But at least someone's written a memory-safe sudo in Rust

John Riddoch

Re: Perhaps /etc/sudoers more of a problem than perhaps C memory safety

Usually the issue arises with wildcards or command line options which do more than you expect as well as the better known shell escapes (like from vi). I know we had to put in a bunch of exceptions so that "/bin/cat /var/log/*" didn't blindly give access to any file on the system. However, it's possible to write safe sudoers rules, but you can't mitigate software bugs as easily.

Pokémon Go was a 'success disaster' and Niantic is still chasing another hit

John Riddoch

Re: The buzz has worn off

Pokemon Go had a ready market with all the people who had played games on Nintendo, played the card games, watched the Anime etc so it was an easy grab. Adding in some of the cooperative features like raids has helped foster communities of players together as well.

Wizards Unite should have managed the same with the Potter franchise but it flopped (my understanding is that the gameplay wasn't great) and has since been dropped.

We all scream for ice cream – so why are McDonald's machines always broken?

John Riddoch

The old Spectrum 48K manuals were amazing too, including all sorts of really cool information about the hardware and the Z80 assembly opcodes.

BOFH: WELCOME TO COLOSSAL SERVER ROOM ADVENTURE!!

John Riddoch

No win game

"total possible points of 0". Gotta love the implications of that! :D

Soft-reboot in systemd 254 sounds a lot like Windows' Fast Startup

John Riddoch

I don't recall AIX installations ever giving you an option to not have those default filesystems, it just creates them regardless. I know we collapsed everything into /, /var and /home years ago on Solaris when I used to work with it. There didn't seem to be much need for the separation of usr & opt and it added overhead to systems management and meant we could run slices 5 & 6 for Live Upgrade targets. ZFS root then removed the option of a separate usr or opt filesystem and it was sometimes a pain to even get /var split off.

When I started working with Solaris in the late 90s, we were told / & /usr were separate to help system recovery as we should be able to recover a system from just the root filesystem. As /usr/bin & /usr/sbin migrated into symlinks from their equivalents in /, that became less of a fact of life, but "we've always done it that way" creates a whole legacy of its own. This was also back in the day I suspect some larger systems had to split them into different disks because of size limitations.

AMD Zenbleed chip bug leaks secrets fast and easy

John Riddoch

Re: Parsing the data

I'd assume the miscreants simply harvest as much data as they can and then sift through looking for obvious security items, maybe anything with "BEGIN OPENSSH PRIVATE KEY" or "password=Passw0rd" in an HTTP POST. Gather enough data over enough time, apply some sensible search terms and you've got a chance of getting something useful. It doesn't sound like you can direct it to gather specific data, but hoover up enough and you'll find something. I guess the difficulty in getting "good" data is why it's only rated as a "medium" risk.

Oracle's revised Java licensing terms 2-5x more expensive for most orgs

John Riddoch

Re: with 49,500 employees, all of whom are applicable

You could probably justify it in that those cleaners could be using some kind of HR system (holiday planner, timesheets, shift scheduling etc) which uses Java, but overall, the inclusion of all staff & contractors feels like gouging. Because it is.

Many companies will have a few Java apps used by a small portion of their workforce and licensing all employees doesn't make any sense. The licensing forces you to go all in or try to find a way out of it. I assume Oracle are hoping people will go "all in" at which point they may well decide to deploy Java in more places because they're already paying for it. That makes it harder to get out of using it longer term providing some convenient (for Oracle) lock in. The right thing to do is to run, not walk, away from Oracle Java as quickly as possible.

You're too dumb to use click-to-cancel, Big Biz says with straight face

John Riddoch
Joke

Re: ever mindful of the limits of netizens' mental capacity

Footnote from Good Omens, by Terry Pratchett and Neil Gaiman:

"NOTE FOR YOUNG PEOPLE AND AMERICANS: One shilling = Five Pee. It helps to understand the antique finances of the Witchfinder Army if you know the original British monetary system:

Two farthings = One Ha'penny. Two ha'pennies = One Penny. Three pennies = A Thrupenny Bit. Two Thrupences = A Sixpence. Two Sixpences = One Shilling, or Bob. Two Bob = A Florin. One Florin and one Sixpence = Half a Crown. Four Half Crowns = Ten Bob Note. Two Ten Bob Notes = One Pound (or 240 pennies). One Pound and One Shilling = One Guinea.

The British resisted decimalized currency for a long time because they thought it was too complicated."

The last line is brilliant :)

Ofcom proposes Wi-Fi and cellphones share upper 6GHz band

John Riddoch

Overlap

"Wi-Fi access points tend to be deployed indoors, whereas mobile base stations are located outdoors" because literally no-one uses mobile phone signals indoors or wifi access outdoors...

Alton Towers has onsite wifi round the site (with patchy support, to be honest) and that's mostly outdoors, I'm sure other places do the same, so I can't see the demarcation of indoors/outdoors working at all well.

Oracle pours fuel all over Red Hat source code drama

John Riddoch

Re: Opensolaris anyone?

I'd always found Solaris to be better to work with - it had >20 years of development making it an enterprise capable operating system, Linux had >20 years of people pulling it in different directions (desktop, server, embedded controller, etc). Live Upgrade was a great tool, allowing low risk patching/upgrades (we even upgraded Solaris 8 to 10 with it) with an easy backout, especially when integrated with ZFS. SMF sped up system boot times in the same way as systemd does, but it's also fallen victim to the same rabbit hole of integrating features it really shouldn't be, like moving resolv.conf into some complex svccfg commands.

That said, Solaris was dying before Oracle took it over. The flip flopping of support of x86 hardware meant no-one wanted to rely on a roadmap on cheap hardware and SPARC was expensive. OpenSolaris was an attempt to win back customers but it was too late to stop the exodus to Linux/x86. I still believe Sun should have aggressively pushed on x86 and worked with Intel/AMD to develop some of the SPARC features like hot-swap CPUs and hardware resilience, but they didn't want to lose the cash cow of SPARC servers.

Quirky QWERTY killed a password in Paris

John Riddoch

Back in an old job in the late 90s, I did a lot of my work on a Sun workstation. At the time, Sun keyboard were all in US layout, so I got used to that layout for most of my work. Somehow, I could still switch to my Windows machine (some stuff had to be done on Windows, especially the Novell Netware admin) and map back to where " and @ were without any issues.

38 percent of tech job interviews offered exclusively to men: report

John Riddoch

It's an issue which will take years to balance the representation. Industry is mostly male, so women don't even start it and the few who do are often driven out for various reasons. Net result? Probably 90%+ of candidates for IT/tech jobs are men. If you take random samples out of those interview candidates, you'll have a lot of men-only interview sets. I'm not convinced it's entirely an employee screening issue.

There's a lot of work trying to get women involved in STEM work which will hopefully start addressing the imbalance in gender representation.

False negative stretched routine software installation into four days of frustration

John Riddoch

It could easily be that the company's systems had a configuration option which changed the reported message at one stage and the installer's logfile parser couldn't hack it. Or possibly some combination of install options broke the logfile parser's logic. Either way, the software vendor's QA department didn't catch it during testing.

Amazon confirms it locked Microsoft engineer out of his Echo gear over false claim

John Riddoch

"go through many eyes" - most likely, it doesn't. An AI system (more likely an automated set of if/else statements) will determine the outcome of whether you broke the vaguely worded rules or not, then your appeal will be reviewed by the same system with the same result. Getting a real human to look at any kind of complaint is pretty difficult in the big tech companies because people are expensive and there's profits to be made.

Page: