Posts by Sean Healey

IP Numbers

"Currently IPv6 uptake is slow and IPv4 space is running out"

I though that IPv4 technically already was exhausted. RIPE announced that they had begun issuing their very last block 2 years ago ... http://www.ripe.net/internet-coordination/ipv4-exhaustion

The internet has delayed the end of IPv4 through turnover and trading of existing allocated address spaces, and of course NAT.

I'm suprised to see that there are still 15 million IPv4 addresses left in the unallocated pool ... http://www.ripe.net/internet-coordination/ipv4-exhaustion/ipv4-available-pool-graph ... which has actually _increased_ in recent weeks!

Tornado season has begun

What an awesomely stupid place to build wind turbines ...

... http://www.iowastatedaily.com/news/article_be00bb56-73ec-11e1-baab-001871e3ce6c.html

"The wail of a tornado siren is something most Iowans have heard, as Iowa is smack dab in the middle of “Tornado Alley” — a hotbed of several Midwestern states comprising a notoriously deadly tornado zone."

... unless of course, those clever engineers have invented the tornado-proof wind turbine ?

@Property

...actually a domain is more akin to a mailbox than 'real estate'. All it does is point people to where your actual real estate is, or in the more simplified cases, provides a route for information to be directed to you.

I completely agree with the majority of comments above - as an email/web hosting provider I frequently use whois for a multitude of reasons. There definitely needs to be a certain amount of information about the registrant available. There is no point having a record which identifies only the technical contact - thats often a dead-end in the case of dubious domains. I think I disagree about 'private individuals' - as spammers and fraudsters are not all that often companies or organisations.

Bottles...

For what its worth, a 'bottle' in NZ tends to be 750ml, not these weaner 330ml things you get over here in Europe.

Still, your average Kiwi bloke will get through a 'crate' (12x) of bottles in a night at a good bash.

@Rubbish Box

I would mostly agree with that.

The service is generally excellent - no outages that I've noticed on my connection which is in use 24/7 - and the price has recently been dramatically cut too.

Still, the default SpeedTouch unit is a hunk of crap. I'll be ordering a decent ADSL2+ modem fairly shortly myself.

Why would you go with NetGear though, thats almost as bad! The wireless works perfectly on mine - I've given my downstairs neighbour a WPA2 key for it - he can access it no problem and gets good speeds despite loads of solid stuff (including a metal filing cabinet) between him and the access point. I reckon if you're having wireless issues, changing to a NetGear device will be throwing your money away.

Alarmist Comments

> He added that scientific consensus held that that kind of sea level

> rise would be possible if Greenland's ice melted, but that that melt

> would happen "after, and over, millennia".

How is a documentary comment about sea level rises related to ice melt 'alarmist' ? Its *happening* for chrisakes. Its happening *now*. It is a *fact* that coastal regions are suffering unprecedented erosion due to higher sea levels, and its also a *fact* that there are smaller islands which have begun dissapearing under the waves. We just don't tend to hear about this stuff because only poor people live in these places.

Ice melt rates have recently accelerated:

http://news.bbc.co.uk/1/hi/world/europe/3922579.stm

http://news.nationalgeographic.com/news/2006/09/060920-greenland-ice.html

Aw heck, just chuck 'greenland ice melt' into google to see the piles of info out there on this.

@Fraser

"I also just don't see any advantage of gathering the data in this way."

I personally cannot see why 'data' has to be gathered in the first place!! I have not seen or heard of one single sound justification for this.

It is simply a case of unscrupulous sales and marketing people targetting the education sector because they have found a dodge for tapping into schools purchasing budgets. It is exactly the same with the ID cards scheme - they are quite clearly inventing half-baked justifications for this in order to get their hands on taxpayers money, through a side door which is supposedly guarded by MPs, but several of those same MPs are on the boards of the tech companies themselves.

RE: Thank god we still got pints

"I for one am happy we can stick with pints, I could not go into the boozer and ask for a half (litre) as it sound gay so I would have to start drinking by the litre i.e. 2 pints of grog."

Mate - I suggest you head 'down under', and try swilling your lager 1L jug at a time alongside the real drinking men ...

... asking for a 'half' is pretty camp no matter what unit its in.

Portability

Um, is it just me ... surely having an XP/Vista 'version' another Mac 'version' and yet another Linux 'version' blow away most of the point of having a USB flash memory module in the first place ...

Looks like a lovely bit of kit, but if I can't use it to store data accessable from any machine with a USB port, its little more than a high-tech key ring adornment I'm afraid.

Maybe I missed something in the article - please feel free to correct me if thats the case.

If an offence was committed, who was the victim?

I'd love to know who exactly was the 'victim' of this blokes supposed crime. If he's being charged with unauthorised use of a network, how did these 'PCSO' goons determine that his network access was in fact unauthorised?

Presumably the wardriving geek dropped himself in it when questioned - I can't see any other way that this could stick legally.

Code vs Data

"Who cares about the Wikipedia code"

Well actually a lot of people. Just because one particular instance of the WikiMedia engine powers the joke that is Wikipedia, doesn't mean its a shite piece of software - I've just built a departmental documentation repository on it, and its become a damned useful tool!

I think that highlights the folly of Tims ideal of ignoring code in favour of data. Although it has to said that the reverse is not true either - both have to be taken into account in equal measures to ensure any kind of long term success.

The Open Source argument seeks to protect developers ability to truly innovate - I believe the ongoing arguments surrounding GPL are merely part of the process of evolution toward a better way of creating software than the traditional proprietary closed source model. For that reason I agree with Brad - a revised BSD license would be welcome.

@A J Stiles

Similarly, simply installing the 'adblock' extension in Firefox does a pretty reasonable job of enabling you to read content sans advertising ... without the hassle of having to set up and maintain a proxy server.

OTRS

I note that 'OTRS' is repeated throughout the article as if this is some evil invention of the Wikipedians.

OTRS is in fact a fairly decent piece of FOSS, which can be found at http://otrs.org/ and is entirely independent of Wiki-land.

Please don't tar them with the same 'incompetent' brush as Jimmy Wales' crew!

Positive Contribution

"it suggests that those organisations that are more culturally switched on to good IT management practice seem to be saying that Vista has a positive contribution to make."

What a crock.

This comment simply reinforces the point that people who muck about with statistics can make them 'prove' any concusion they want to.

To me, all your statistics are saying is that the more 'formal' IT departments are more likely to go forward with upgrades in the short term.

As for why this might be, my opinion is that these types of department are more likely to plan this activity and be able to allocate the resources needed to run the project. More importantly, they are almost certainly more integrated into the upper levels of the company management reporting structure - which means they will find it easier to get signoff from the related business management streams to spend the money!

As usual, there is no doubt in my mind that upgrades are primarily driven by companies on M$ support agreements being coerced by EOL of their existing products - requiring them to buy licenses for the same software again and again.

Race to Market

This is why I applaud AMDs approach of spending the time to properly design a decent bus to support true multi-core processors.

Intel had to produce the 'Frankenstein' double-core duo by effectively glueing to single cores together just to beat them to market.

Nice Idea, but...

I'd like to see this succeed - not just for mobiles, but more generically for the myriad of gadgets we usually see clusters of plug-in adapters powering (wasting loads of energy through conversion to heat...).

Mind you, I recently purchased a 'Freeloader' - a solar powered device designed with the same intentions (powers mobiles, ipods etc apparently), and discovered with major dissapointment that it is utterly unfit for purpose. It produced 30secs worth of charge to my Nokia after 2 days in the blazing sun while out camping recently.

Desktop Search = Gimmick

As at least one other poster has commented already, I have no idea why everyone finds 'desktop search' utilities so useful.

On my system, even with 250GB drives full of files, I know exactly where everything is because its sensibly organised.(No, there is no 'Z' in organised).

Since everyone is getting so wound up about why desktop search utilities don't work very well - can someone please post a rational explanation of why they are really needed in the first place??

Reasonable Times??

"Private courier firms at least make an effort to deliver at more reasonable times."

That is the biggest load of BS I've heard all month.

I have yet to deal with a freight company which will give you any estimate of delivery time within one day, or which delivers outside of 9-5 mon to fri. I am intimately familiar with the hard to find Citylink Cricklewood depot as a result. (Not to mention UPS in Kentish Town and FedEx in Enfield)

I am sick to death of having to drive to pick up parcels I have been charged a fortune to have delivered - and then there is the customer service - I have wasted literally days of my life trying to get through to freight company customer service lines.

'White Label' package...

Could this be rebadged version of one of the various popular open source PHP based webmail interfaces? (ie Horde/Squirrelmail)

I'm running Squirrelmail on my FreeBSD box, and the port security auditing has been squealing about 'multiple' vulnerabilities in PHP4.x for weeks now. Nothing to be done about it though because Squirrelmail doesn't run under PHP5 and there doesn't seem to be a patch for the vulnerabilitie(s).

In the meantime I'm trying to find a decent alternative Webmail client.

What about the vendor??

Surely its the vendor of the dodgy kit who should get nailed for this, not their customer? The vendor *definitely* knew whether the kit they were selling was licensed or not.

Case in point - the recent Russian Cisco reseller scam which got busted ...

http://www.channelregister.co.uk/2006/07/14/cisco_grey_market_bust/

...It wasn't the end purchasers of the stolen kit who were banged up, it was the vendor who had committed the actual fraud and quite rightly took the rap. Why the difference here?

Here we go again ...

According to the chief marketing officer of Barclaycard, this contactless hybrid credit card "has all the security and flexibility of a full service credit card."

Um, actually no it doesn't - and I don't think anyone has seriously thought about this. Although it has "chip and pin" validation just like a regular card, the card is contactless, which means that it can be read by a near-proximity radio transmitter/receiver. Regular cards require that they be physically inserted into a reader.

Oyster cards need to be 'touched' in/out at the train station - but this is merely because the gate readers have their sensitivity tuned for that application. A rogue reader can of course have its transmit power cranked up while will allow it to access cards within a metre of two in the same way as the RFID passport crack recently documented by El Reg.

Given the above, just imagine how easy it would be for a fraudster to carry a hidden card reader in their shoulder bag/briefcase on a train attached to a laptop programmed to detect nearby cards and brute-force crunch the pin number of any card it located. Remember that "offline" chip and pin readers are common in situations such as market stalls - this kind of scenario could trivially exploited so that you could find yourself having unknowingly made purchases on your Oyster/Visa while reading your paper on your morning commute.

None of this was any real issue when you could only use the card to buy a £2 tube journey. Now that the scope has been expanded to include other goods and services - it will immediately begin to attract the interest of those who would abuse the system for illicit gain. I sincerely hope the transaction amount will be strictly limited, but knowing Barclays record on combatting fraud I doubt it.

IP Density

"Bringing up the rear are the luddites of Antarctica, with a pathetic 15,620 IP addresses, 0.001 per cent of the world total."

Sure thats a minute fraction of the global allocation, but according to "http://www.indexmundi.com/antarctica/population.html", Antarctica has a "peak summer population" of "3,822 total" which means that there are more than 4 IP addresses assigned for every man and woman on the continent! Not all that suprising though when you consider the place is populated solely by techie scientists...

Unruly Behaviour

Stop the little sods from consuming sugary drinks, and watch their behavior calm down..!!

Airport Metal Detector

Duh!

The airport metal detector will still flag up an alert for your concealed knife even in you had painted it a cute soft pink colour(*) and tied a pretty bow around the handle ... can't say the same for this 'heuristic' method.

(*) which *is* spelled correctly thank you!

Oh, and for the bod who couldn't resist the good old line about there being 'hardly any Linux users', sorry mate but by using this forum you're actually one of them:

www.theregister.co.uk = Apache/2.0.54 (Debian GNU/Linux)

(http://uptime.netcraft.com/up/graph?site=www.theregister.co.uk)

The pro-microsoft crowd tend to overlook that a large chunk of the sprawling internet is powered by Linux and BSD, which ought to make it an ideal target for attack when there are rich pickings to be had from all kinds of fraud and extortion related angles (credit card data theft, user impersonation, malware distribution, ...)

cross-platform vulverability

I agree with Scott ...

... This contest seems to have simply proven what I've suspected for some time - Java and Javascript is a cross-platform weakness which is exposing the more secure systems to abuse in ways they are not natively vulnerable. I think this ties in with the comment that 95% of exploits are application based...

Windows Admin

Have you guys actually tried to use a Windows machine in a non-admin context?

As a seasoned Unix admin, I've tried many times to use the same working methods on my 'doze machine as I do with my 'nix boxes, but every time I run into the brick wall known as the registry. A lot of applications either break or malfunction in strange ways if registry write access is denied (which seems to be the case even with 'Power Users' membership).

This is because Windows software authors tend to write their applications to store user preferences and settings in the registry - requiring write (therefore privileged) access to the system central repository, where a Unix software author would write the same data to a user-specific config file, requiring nothing more than the users own profile permissions...

...maybe even...

'The Ring'

- which features a video which if watched condemns you to die 7 days later.

ISP Migration

Damn, I was just about to sign up with Be for my business broadband too!

Whats the story, is the vulnerability in the ISP-supplied router? I always use and maintain my own router, so that won't be a problem, however the ethical side of it worries me a bit...

This does remind me strongly of several years ago when I bought a Zyxel broadband modem/router, and it transpired that they were being shipped with permissive packet filters on the WAN side which left Telnet/FTP/HTTP ports open to the 'net, giving direct external access to the router management facilities. Most people didn't know to change the admin password from, you guessed it, '1234', so peoples supposedly secure routers were being easily hacked from the 'net. Zyxel took quite a while to patch that little problem.

Citizen Militia

...Such an absurdly outdated concept, which in many of the preceding comments is clearly still clung to fervently by pro-gun Americans as justification for personal gun ownership.

Anyone who actually thought about that for even a minute would realise that over the last 50 years, all you dutiful employees of Lockheed Martin, Boeing, Carlyle Group and many other huge companies have been working hard to provide the increasingly imperialist US government with all the tools it needs to crush a citizen uprising effortlessly.

In reply to the post claiming that UK gun crime is now worse than it ever was before the handgun ban was introduced, I'd like that author to consider that point from another angle - Who is perpetrating the majority of high-profile gun crime in the UK these days? I'll tell you - mainly young black kids affiliated with the increasing numbers of gangs, who have bought the whole US style glamourised "guns are power" thing. These kids think that "packing heat" is the way to get "respect", and that "popping a cap in yaw ass" is the way to settle an issue thanks to the twisted values being sold to them by America through exported culture.

Information Overload

Unusually I do agree with the results of the research in this case.

Having someone talking to me and trying to read related text at the same time is like having to listen to two conversations at once. Result: I can't absorb a lot of the information given.

Somehow I do find it a lot easier if displayed information is graphical - its as if my brain can parallel process it through a different channel to the spoken information or something.

Human Error

I guess its time to roll out the classic SCI-FI quote:

HAL9000 : "Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before and it has always been due to human error."

Insecure by Design

Paul Anderson brings up the common argument used to explain why windows is the primary target for malware authors. Sadly this is little more than denial that Microsoft software does have some serious issues.

(Yes windows is certainly the most common desktop operating system, but it definitely doesn't have 95% of the server market!)

One undeniable reason there are so many exploits for Windows is that it is so easy to create them - and that is simply down to its insecure design. Until Vista, Windows simply didn't have the same process memory protection and [effective] privilege based safeguards which are built into other OS's from the ground up. I even read recently that IIS was coded to share *kernel* memory space in an effort to get it to perform on par with *nix based webservers. No wonder script kiddies can walk into most IIS hosted websites - any flaw in the webserver software can be used to gain control of the entire machine its running on.

Not really renewable

Um, no - Geothermal sources are not exactly renewable.

Although at first look it might sound like a limitless free source of energy provided my good ol' mother earth, electricity is usually generated by pumping water deep into earth heated by geothermal activity and tapping the resulting steam in the same way as coal-fired or nuclear power.

The problem with this is, the longer the source is 'tapped' in this way and the more load you put on the system, it tends to start cooling the geothermal source over time ... this effect has long been noticeable in the town of Rotorua in New Zealand where private dwellings commonly use geothermal sources for heating, in addition to the electricity generation utility. Nearby tourist sites such as Geysers over recent decades have significantly reduced in power and frequency of activity as a result.

Mass Destruction

I wonder if its worthwhile reminding those who continue to bang the 'Saddam the War Criminal' drum of a few salient points:

Within not too many years of Saddams killing of a few thousand Kurds with chemical weapons (1988) - Rival Rwandan tribal militias committed genocide of over a million of their fellow countrymen with knives, clubs and an outdated collection of handguns and automatic weapons (1994).

Despite this, no intervention of any kind was attempted by western governments in Rwanda.

These same governments went on pursue Saddam to his destruction as he had apparently commited crimes against humanity through use of WMD against his own people.

Put into context, WMD appears to be a tool of the political arena, rather than the military.

Microsoft 0wn3s those who Do sell pcs.

No M$ doesn't make or sell PCs - it doesn't have to because it has every manufacturer and fabricator who does by the balls through their evil licensing schemes. PC fabricators basically must dance to the M$ tune if they want to sell machines which run windows because they are bound by the M$ licence agreements.

The best bit is that they have to pay M$ a windows fee for every machine they sell even if it doesn't have windows on it. Why do you think Dell was so reluctant to sell Linux machines - they would have been losing the equivalent of the windows fee on every Linux machine which went out the door, worse because the customer doesn't pay anything for the copy of Linux.

Open your eyes - how do you think M$ makes *billions* - how do you think they got to be a monopoly with their unreliable substandard software?

Another response to Steve Roper

You gotta be kidding. The whole point of golf courses is that they comprise acres of expensively manicured grass which *doesn't* have trees on it. Of course some have pitiful clusters of trees around them, but that doesn't exactly make a productive carbon 'sink'.

As for the 'VERY LOUD' wind farms - have you actually seen one? The enormous wind farm on Gran Canaria for example is virtually inaudible when we visit a relative who lives nearby.

What I can't figure is, how come every time a company looks at doing a project like this - they always seem to decide from the outset that they're going to do it right where someone else has a conflicting interest. Whatever happened to the 'planning' stage in project management?

Sean.

Asleep at the wheel?

You can see why LU has had a sense of humour failure over this ... they've been caught asleep at the wheel. Again.

The video clearly shows one of their employees only a few metres away to the left of the barriers, who is oblivious of someone stopping at the top of the escalators holding a pair of skis, who is there long enough to check for the all-clear from his mates and clip himself into the skis before commencing the stunt.

Just goes to show that relying on CCTV for security means you are only able to helplessly watch on a monitor as events unfold. The kind of stuff you really want to prevent happening in the first place is usually over long before you can despatch someone from the control room.

Heat Loss

Anyone who knows the tinyest bit about outdoor survival knows what 90% of your bodyheat is lost through your head, so you would have thought a smaller head would have become predominent as big headed individuals died of exposure in harsh conditions...?