Re: FiReControl project
"We all said to our senior management that we should not touch it with a long pokey stick "
I wouldn't have touched it with SOMEONE ELSE'S long pokey stick....
15085 publicly visible posts • joined 8 Feb 2008
"I'd be interested to see exactly how these cameras are allowed to operate"
Simple. Noone's reported them yet.
If a device is causing interference it must be switched off, even if it's been declared as compliant, etc etc etc - and we know how reliable a lot of declarations on equipment are.
"The First Amendment can ONLY be legally applied in regards to government action."
Except that in a privately owned publicly accessible environment (like a mall), the administration is legally treated as "government" for the purposes of the first amendment (of the USA constitution) and ends up being subjected to those rules. This has been thoroughly thrashed out in US courts.
The question is whether a conference area is classified as publicly accessible.
And then there's the question of whether walking around with a "wifi detector" is 'technical means' within the FCC's definitions even if enforcement is meatspace.
"What grants the venue owner the sole arbiter of who gets to use the unlicensed spectrum in that area?"
Nothing, as it's not the venue owner's to arbite.
This will get interesting but in the longer term expect that outfits which want to hold you to ransom over connectivity will shield their premises. That way they can block 4G access too.
"ARIN could identify the 'dark' IP ranges themselves and allocate them legitimately "
No, ARIN can't. It doesn't own them. Jon Postel handed them out and he's dead, so unless you're a medium it's hard to unilaterally cancel the allocation.
ARIN only owns the ranges it inherited when it was setup. Everything else (which is the first 64 class A ranges at least) it can only take if freely given.
"Yet IPv6 essentially eliminates NAT, which is the #1 Internet security device in use today"
NAT == "security by obscurity"
Decent firewalling rules aren't hard. NAT protects devices behind the router by good fortune rather than good design (and uPNP blows that all apart anyway)
"I ended up getting my IPs removed from 105 different blacklists over that time, and most of them were awesome people, some were actively hostile"
That was predicted when the early ones got stomped on by spam-friendly ISPs.
The flipside is that the more hostile ones aren't used much and you're probably better off worrying about the tens of thousands of privately operated blacklists running on individual mailservers which you'll never get out of.
You could resort to taking legal action against your ISP for supplying IP addresses which were unfit for purpose due to past customer misuse. Or you could take the easier option and take your business elsewhere, instead of staying with a spam-friendly ISP (which is one of the goals of a lot of the blacklists. Hurting spam-supporters economically is the only way to make a point)
"How about forcing ISP's to issue them.."
At some threshold point, Ofcom have a plan to forbid ISPs without IPv6 from selling their service as "Internet" (That was their response to a complaint that not selling IPv6 isn't full Internet, therefore misleading)
They won't say what the threshold is.
Perhaps it's time to start lobbying Ofcom and the ASA.
"I tend to be more specific and just block the ports I don't EVAR want accessed, like internal network sshd ports, Samba, X11, VNC, and anything "listening" on a windows box."
It's important to block traffic OUT from your network too.
Boxes which don't need external access shouldn't be given access to it. In particular webservers (which should be treated as disposable) shouldn't be allowed to initiate connections to virtually anything on the outside world. That way when they get compromised they can't be used as staging posts to attacks elsewhere.
"I'm assuming that wasn't the case in the US"
Yes and no. The USA has legislated local monopolies. It's supposedly open to competition, but the major telcos got monopoly concessions from the state PUCs in exchange for promises to invest in infrastructure.
The investments never actually happened, but when the telcos went back to get more concessions (such as baby Bells remerging) in exchange for more investment, the PUCs didn't ask any questions. The end result is that the investment never happened and AT&T (Ma Bell) has been reassembled into 2 pieces (to avoid any antitrust action) and is no longer subject to the "universal service" obligations from its 1935 antitrust settlement.
This is known as the "ten trillion dollar swindle".
"Because backwards compatibility is such a success."
In the case of IPv6, you CAN'T make it backwards compatible.
The actual TCP/IP side is pretty much the same (16bit port addressing), but no v4 device can talk to a v6 one without some form of NAT entering the game and the sheer numbers make it impractical. (FWIW tunnelbrokers usually embed the public IPv4 address as the first part of the IPv6 anyway)
"Much better to have it supercharged.
(yes yes there are ways to mitigate turbo lag, but never mind that)"
Ever seen a turbo supercharger with a one-way clutch to allow mechanical drive at low throttle settings? (No, not a twincharger, this is a single unit driven both mechanically AND by exhaust gas). They were and are a "thing" on 2-stroke railway locomotives.
Back on topic, what we need is IPvInfinittyAndBeyond. :)
"eventually your provider will start doing NAT and your own router won't even have a public IP address unless you pay a premium"
It's been like that for years in SE Asia and sometimes multiple layers of NAT before the enduser gets a connection.
On the other hand it's frequently impossible to get IPv6 from the ISPs
"As a cyclist in Birmingham, all I really want is for the council to fix the sodding pot holes: serving round them puts me in the way of things and they're easily big enough to have me off my bike"
A few substantial damages/injury claims tend to make councils revise their liabilities. One Yorkshire council ended up paying out in excess of £30k to a cyclist who broke his arm and unsurprisingly the roads there are now very good.
> "!ve set the answering machine to automatically answer all calls on two rings saying "Hello, all calls are screened for nuisance callers....."
> ... Most telephone sales people hang up as soon as they hear the answering machine
Most autodiallers will determine it's an answering machine (humans say "hello" or other greeting, then wait), so the odds are pretty good that the telesales dweebs never heard your message.
If you'd like to waste their time a little, make the start of the message sound like a human answering and leave the message part 10-15 seconds into the call.
The interesting thing (for me) is that when I moved away from BT to TT, I dumped the old number, made sure it was ex-directory and registered it with TPS. It only started getting calls after Experian got hold of it and started selling it.
Because TT wouldn't change the number because of nusiance calls, I dumped _that_ number when I changed provider again (people do it on mobiles. i don't see why we get so attached to landline numbers) and did the same again. I _also_ picked up a 070 number for £12/year (the last 5 digits spell FUCK-U as a clue to anyone with half a brain) and give that to businesses or anyone else untrustworthy.
If they want to pay £1.50 to call me then they're welcome to do so (I don't get any revenue and when I explained to the telco why I wanted them to charge the max rate anyway, they went along with it) So far that number's had a few sales calls. I had one guy talking for 15 minutes before letting slip how much the call was costing him..... <mwa ha haaaa>
"Though I don't think they gave up ARM licence and I think they did keep at least one communications controller with an ARM core."
The management engine in Intel vPRO boards is ARM. They've used it for decades in controllers but that's all they've used it in.... up to now.
"shouldn't we stop calling them "closed circuit" cameras"
Much of the world has called this stuff "surveillance cameras" or "video survellance" for decades.
"CCTV" is a particularly british term.
When I was a nipper one SF story I read had a world full of cameras where covert survellance _wasn't_ the issue, because every publicly placed camera was required to be publicly accessable. The scenario was that if you were wondering if the streets ahead were safe you could dial up the cameras along the way to see who was hanging around nearby.
It's going to be interesting to see how Avtech handle this. Judging by what I can see on Aliexpress there are a lot more knock-off devices on the market than genuine ones.
"It's not a cheap alternative to real Fibre"
It's not cheap at all.
The advantage from BT's point of view is that they can charge you 250% of the cost of the terminating equipment upfront and still get to keep it. if they run fibre there's a much longer payback period.
The flipside is that most copper in the Uk is so rotten that they'll need to run new stuff anyway. At that point it makes long-term sense to run fibre, but BT is so pathologically hidebound that they'll insist on running copper anyway even if it costs several times as much to do so.
"Take teen pregnancy, for example, what do the graphs show? "
It's lower than it's ever been in history. Bear in mind that 150 years ago kids used to get married at 13(*) and accurate reporting has really only existed since the 1960s
(*) Yes, really and 11-13 was the common age for losing one's virginity unless you were upper class.
. When the UK introduced consent laws, 16 was rather arbitrarily chosen - and not on maturity grounds (people arguing for that were shooting for 21). It was set to try and stem trade in child prostitution.
"Even the Barclays advert showing how they regretted the online name they chose when younger should make it clear, you chose wrong and will be punished for it."
'tis better to have a stupid online name as a kid, which you can change later than post in your own one and have it linked to your adult profile forevermore.
"As it stands, guidelines or not, it is possible for a 15-year-old to be imprisoned for having pictures of their 15-year-old girlfriend, obtained with their consent. They have committed a crime. Just because the guidelines state they shouldn't be prosecuted for it doesn't mean that they never will."
I can think of exactly such a case from when I were a lad and reading court transcripts in the local paper for part of my homework.
A 15yo boy was in court on charges of underage sex with his 15yo gf.
The judge, courts and police didn't want to deal with it, but the girl's father had taken legal action to _force_ the criminal case to go ahead.
The boy was convicted, discharged and given absolute name suppression. The judge did NOT have kind words to say about the girl's father or the stupidity of a law which allowed such a case to proceed when it was not in the interests of natural justice.
It's not just police with this problem.
There are as many fire services and school departments, with wildly varying degrees of funding and managment ability
Which leads to wildly varying degrees of quality on a county-by-county basis.
The idea of regionalising/nationalising these is nice, but the problem is that it's extremely likely that those who end up running the show will be the incompetent trough-snufflers rather than the ones with decent ability.
Https is just a transport layer.
The website itself needs to be securely setup and the vast majority are trivially subvertable.
The problem with pointing _that_ out is that you end up ruffling the feathers of some self-declared expert who in this case has the power to give you a bad day, instead of being forced to fix it.
"North Korea ain't gonna be automating anything any time soon"
Be that as it may, North Korea has demonstrated its ability to sink ships and submarines.
The problem with high tech anything is that the means to take it down is quite frequently low tech and low cost.
The winning formula for high tech _must_ be low enough cost to allow it to be cheaply deployed, or you have yet more F35s.
"Yet more accidents keep occurring,"
And that word - "accident" is half the problem.
If it was predictable, it wasn't an accident, it was inevitable and the only question was "when".
With modern safety systems in place there are very few wrecks/crashes/etc that are actually attributable to mechanical or electronic failures - and when they are we seldom allow such failings to remain unremediated.
As with industrial "accidents" where operators are found to have bypassed safety interlocks or procedures for speed, many of the rail industry's problems have similar causes. Similar observations apply for road crashes. The screamingly vast majority are caused by multiple levels of operator error on multiple parts.
The aviation industry noticed this decades ago and that's why human factors is a mandatory study subject for pilots. All the safety precautions in the world are no use if the monkey in control decides they're too much nuisance and deliberately breaks them - and that's why the safest course of all is to eliminate the monkey whenever possible.
"The general power for systems is supplied by batteries, charged by wheel generators that only work when the vehicle is moving. "
Wellington's ones had a small motor-generator onboard for charging the batteries (old electromechanical systems means it was easier to use a small 400V motor to drive a generator and keep them charged that way.)
They also had a small onboard diesel generator (about 5kW) which was there specifically to allow the bus to be pulled to the side of the road if the power went out so it wouldn't obstruct traffic. (I only ever experienced this being used twice in the time I lived there)
Most importantly of all, they had a button beside the driver marked "emergency power cut off", which did exactly what it said. It would be "unusual" if it was absent on a Muni trolleybus or any other kind of heavy electric traction vehicle.
Without knowing the full investigation and noting the statements about thyristors, my pick is that the brakes worked but the motors weren't cut off (or possibly went to full power even before he hit the brakes), so the bus didn't stop in the distance the driver was expecting to and he didn't hit the emergency shutoff quickly enough to recover in the remaining space (or at all).
The "traction motor overspeed condition" is a good indicator it went to full power. The report states that there's an emergency power off as well as a "poles down" switch and a couple of other options.
It doesn't take much of a shunt to hurt people if they're not strapped in and anyone who's not driven a EV shouldn't underestimate their acceleration (I was surprised even in a Leaf, They get off the line and up to 30mph faster than any muscle car), so a "failure to full power" at switchon in the morning might easily result in the bus lurching forward and hitting the one parked in front of it at enough speed to hurt the driver.
> I believe the air brakes operate on positive pressure to disengage
Correct and I can tell you from experience that one of the more amusing ways to annoy a trucker is to discharge his air tank. It takes quite a while to be refilled (whilst the engine's running to drive the teeny pump that does it) before he can drive off.
"including electric busses that use overhead wires to get power."
aka "trolley bus" - which is what was specifically mentioned in the story.
Electric motors have substantial torque and having the controllers fail to switch out drive current when the brakes are operated (or accelerator lifted) is going to result in the vehicle taking a _lot_ longer to slow down than normal even with full braking applied.
Good luck in the average driver thinking about other available methods of turning off the juice when this happens. Even someone with some instruction is going to have a moment's panic before they react (A relative drove trolleybusses in Wellington, NZ in the 1980s. Even those old electromechanical control systems would fail in interesting ways from time to time)
The story says only the driver was injured. Did this happen in the marshalling yard/bus garage?
"My company imports - though it seems not for much longer. When we stop importing that will have consequences for those who export to us."
Losing the UK is a tiny drop in the market.
And my experience with UK-based companies which set themselves up as EMEA agencies is that they rip the hell out of everyone in the entire EU (EG: serverlifts - $13k in the USA and £15k here) whilst their dutch/german counterparts have more reasonable markup policies. I think it will be very good for a lot of companies if they have to find new EMEA partners outside the UK and even better for UK customers if the UK ones lose that agency status entirely.
"If you collect enough account details then you are in a position to paint a good picture of individual users"
This is exactly why Bletchley Park kept everything - and the intelligence they deduced from this stuff was often more useful than directly decoded strategic commands (much of the more sensitive stuff wasn't able to be intercepted because it was on landlines or face-to-face meetings, but could be deduced from intercepts showing ABC person ordered to XYZ site, based on known past activity, locations and affiliations)
That's why this kind of activity is still done, but it's worrying on several levels that intelligence agencies are hoovering up every possible bit of information about everyone they can, "just in case", instead of concentrating on known problems and the circles they move in.
"Problems in IT security don't happen because of a lack of money, but because people decide to do incredibly stupid things."
Actually they DO happen because of a lack of money.
The discussion usually goes along the lines of management asking how much it will cost and what's the benefit - then deciding they won't fund it.
When the benefit is described as "you don't get to go to jail if we get hacked" they tend to perk up their ears a bit. Keep the interest personal and companies will do the right thing (and if you're ever refused permission to do somehting critical on cost or other grounds, keep the email and reasoning behind it in a safe place where it can't be deleted/removed. It's called covering your arse. Bear in mind that management like this are sociopaths who will happily throw you under a bus to save their own skin.)
A long time ago in a different country, laws were passed which made management personally culpable for certain activities in addition to criminalising them. The day after, the CEO of the company I worked for circulated a memo which started "Because I have no desire to go to jail because of the actions of an employee, these activities are utterly prohibited..."
"but when pressed most will admit that refreshes of that nature are exceptionally rare."
However when it comes to storage and related stuff, once it gets to 5 years, support contracts get ruinously expensive (eg: £10k/year for our tape library vs £1500/year for years 1-5)
This has resulted in a whole industry springing up soley dedicated to providing support for 5-10year old kit and that's proving quite profitable.