* Posts by Alan J. Wylie

645 publicly visible posts • joined 21 Aug 2009

Page:

Drowning in code: The ever-growing problem of ever-growing codebases

Alan J. Wylie

Re: Thank you Liam

"30 foot high Jenga tower"

ObXKCD

You're not imagining things – USB memory sticks are getting worse

Alan J. Wylie

I discovered the hard way that doing an initial backup of lots of files to a mounted USB stick with LUKS encryption caused so many writes that it wore it out.

Now, I create a temporary encrypted filesystem no bigger than the stick, back up to that and then "dd" the image onto the raw device.

Zen Internet warns customers of an impending IP address change

Alan J. Wylie

I wouldn't think you'd have any problems setting it as a simple straight-through router

I run like that, for IPv4 at least, using PPP, ever since I had a dodgy router that leaked memory and required regular rebooting. Add plugin pppoe.so to the options file. In the Fritzbox "Account Information/Internet Settings" page, just enter "." as the username, something random as the password, the Fritzbox then passes PPPoE straight through.

I've had an HE.net IPv6 tunnel since long before Zen starting supporting it, so have never got round to configuring it. I do see local and remote Link Local IPv6 address appearing in the ppp log though.

Alan J. Wylie

Re: It depends on the use-case

But not from a *residential* IP address block. Because it'll quickly get RBL'd (see my answer above).

Nothing but "Checking 82.68.155.94 against 83 known blacklists - OK" at MX Toolbox for my IP.

Alan J. Wylie

Re: Anyone using the IP for a self-hosted mail server" should just stop

I run my own mailserver. Zen allow you to set reverse DNS (PTR record) for your IP address (scroll down to the FAQ section)

$ dig +short -x 82.68.155.94

wylie.me.uk.

Until, IIRC, GDPR, my /29 was CIDR'd with my personal details.

Alan J. Wylie

Re: Lifetime guarantee

General Terms and Conditions

ADSL T's and C's

18. Changing this contract

18.1 This contract may be changed by us, including our charges, at any time. We will notify you of any changes at least 14 days prior to them taking effect.

Alan J. Wylie

https://www.ipxo.com/blog/ipv4-price-history/#paragraph-32 from July last year suggests $45 to $60 is a typical price per IPv4 address.

My /29 is in 82.68.0.0/14, approx quarter of a million addresses (though no mail from Zen, yet). Multiply those together and it will keep your senior management in very acceptable single malts for a long, long time.

Alan J. Wylie

Me too. I've had a /29 since November 2003. No mail from them announcing a change.

Date order placed: 14-Nov-2003

The following static IP addresses have been assigned for your exclusive use:-

Number of IP addresses: 8

IP addresses: 82.68.155.88 - 82.68.155.95

ICANN proposes creating .INTERNAL domain to do the same job as 192.168.x.x

Alan J. Wylie

Re: Why is toplevel query to "zghjccbob3n0"?

I've got a github login. It seems to be associated with a list maintained by "Chris Buijs", containing top level domains that do not exist, yet are frequently queried.

From "https://github.com/cbuijs/accomplist.git"

$ git grep zghjccbob3n0 | grep -i chris | grep -vE ".{1000}"

chris/abuse-tlds.list:zghjccbob3n0

chris/dnsmasq-abuse-tld.conf:server=/zghjccbob3n0/

tlds/black.list:zghjccbob3n0 Chris-Abuse-TLDS

tlds/dnsmasq-filter.conf:server=/zghjccbob3n0/ # Chris-Abuse-TLDS

tlds/dnsmasq-regex-filter.conf:server=/zghjccbob3n0/ # Chris-Abuse-TLDS

tlds/knot-daf.conf:daf.add 'qname = zghjccbob3n0 deny' -- Chris-Abuse-TLDS

tlds/plain.skipped.invalid.domain.list:zghjccbob3n0 # Invalid-TLD-Chris-Abuse-TLDS

tlds/unbound-filter.conf: local-zone: "zghjccbob3n0" always_nxdomain # Chris-Abuse-TLDS

$

Alan J. Wylie

Which is why The Register loves the standards process

obligatory xkcd

What's worse than paying an extortion bot that auto-pwned your database?

Alan J. Wylie

Take a tip from Oracle: use a really secure combination, such as scott / tiger

CEO arranged his own cybersecurity, with predictable results

Alan J. Wylie

Unannounced security tests

At a couple of my previous places of employment, there have been unannounced (even to me, as a senior security engineer) phishing tests. It puts me on the horns of a dilemma. Do I

1) Get to my feet and loudly announce to the office "Beware - a phishing e-mail has just arrived", ruining the test, or

2) Stay quiet and run the risk of the less aware staff compromising security.

Google Groups ditches links to Usenet, the OG social network

Alan J. Wylie

A very timely RFC: RFC 9518 Centralization, Decentralization, and Internet Standards

RFC 9518, published just this morning.

Whereas early services like the Network News Transfer Protocol (NNTP) and email had multiple interoperable providers, many contemporary platforms for content and services are operated by single commercial entities without any interoperable alternative -- to the point where some have become so well-known and important to people's experiences that they are commonly mistaken for the Internet itself

Alan J. Wylie

Re: alt.sysadmin.recovery

Someone started a new thread there in June: "Subject: Quiet in here". Only 31 posts since then.

Microsoft floats bringing a text editor back to the CLI

Alan J. Wylie

Re: vax/vms eve?

A blast from the past eve would be nice.

Complete with a free pot of gold paint.

Microsoft issues deadline for end of Windows 10 support – it's pay to play for security

Alan J. Wylie

Re: Meanwhile... Landfill operators... Start your engines

I mostly run Linux (and have done for decades), but still have a laptop (BIOS date 2010) that came with Windows. It's my only MS computer and I keep it for very occasional use, usually flashing firmware over USB. At least for that use I won't be too concerned about security updates.

Regulator says stranger entered hospital, treated a patient, took a document ... then vanished

Alan J. Wylie

Re: A future who me?

From the IC's report, linked to in the original article: had been accidently turned off by a member of staff prior to the incident taking place, as part of an energy saving exercise

That time a JPL engineer almost killed a Mars Rover before it left Earth

Alan J. Wylie

Main B Bus undervolt

Oh no, not again!

Share your 2024 tech forecasts (wrong answers only) to win a terrible sweater

Alan J. Wylie

  • Someone asks an LLM to predict the future 1 year from now. It commits suicide.
  • Someone asks an LLM "Is there a god". It replies "Yes, now there is a God."

OpenCart owner turns air blue after researcher discloses serious vuln

Alan J. Wylie

Re: So... if I read this right...

Perhaps he should change his name to Wayne Kerr

Wayne Kerr electronics is a real company in Bognor Regis.

Bored Ape NFT party is a real eyesore, say irritated attendees

Alan J. Wylie

Re: What a missed opportunity

[bright lights] used to be a real problem on all movie sets

It still is. High power lamps shining onto an aeroplane to simulate sunrise during filming caused some of the plane's windows to fall out

Alan J. Wylie

Good video from Big Clive

The cause of the Bored Ape UVC eye burn incident?

As mentioned in the article, It's not the first time that there has been UV eye damage at a function in Hong Kong. He thinks that this time there was a "lavatory" theme room with exposed UVC germicidal tubes around the top of the walls.

US govt talks up $2B X-ray photobooth to check its nuke weapon sims are right

Alan J. Wylie

Tickling the dragon's tail

The term "Tickling the dragon's tail" was coined by Richard Feynman, the experiment itself was designed by Otto Frisch.

How is this problem mine, techie asked, while cleaning underground computer

Alan J. Wylie

Ford Engine Plant in Cleveland, Ohio

Back in the '80s I spent 10 weeks one summer commissioning several microcomputer controlled MJ multi wheel grinding machines for grinding the bearings of a 6 cylinder crankshaft. There were lots of teething problems with the software that only showed up in production. I had an Intel MDS II In Circuit Emulator for debugging. The whole place was hot and dirty with metal particles and lubricating fluid, so they built me a little hut out of 2x4 and polythene sheeting, complete with a small air conditioning unit.

Alan J. Wylie

A cave, rather than a mine, and a laboratory, rather than a computer

I used to work for Laser-Scan Labs in Cambridge, founded by Professor Otto Frisch. Reading his biography "What Little I Remember", I came across this description of him visiting Blue John Cavern, whither a Manchester Hospital's radium supply had been moved for safe keeping, in order to get some radon gas, a decay product of the radium, for his research into separating out the uranium 235 isotope using heat and gravity.

This was shortly after he and Rudolf Peierls had published their memorandum on the feasibility of an air droppable atomic bomb.

At my request Oliphant arranged for me to get some radon from a hospital in Manchester; the radium had been removed to safety, deep below ground in the Blue John Cavern in Derbyshire, a well known tourist attraction in peace time.

So one day I went by train to Manchester and was taken from the hospital by car to the cave. Down I went over slippery ladders and through narrow, muddy passages to a slightly larger cavity where, incongruously, there was a laboratory table with a lot of glassware on it, bulbs and tubes and stopcocks, rather like the equipment I had used in Hamburg. That was the plant for "milking" the radium, for extracting the radon and compressing it into a small glass capillary, no longer than half an inch.

At Oliphant's request the radium had not been milked for a whole week so that a large amount of radon had accumulated. Less than an hour later, when the local technician had done the work for me, I walked out with my little suitcase containing a heavy block of lead at the centre of which was this tiny capsule full of radon, equivalent in radiation to about three-quarters of a gram of radium.

Any safety officer would shudder at the thought that I walked out with that thing, protected by only a couple of inches of lead, and that I travelled within a few inches of that radiation source first by car and then by train. Today that would be considered an unacceptable radiation hazard both to myself and to other people in the compartment.

What happens when What3Words gets lost in translation?

Alan J. Wylie

It has a bit of redundancy, but really not too much as you probably know if you've ever been misheard

What the navy needs are more efficient ships

...

Fish'n'chips.

Alan J. Wylie

I didn't have much problem a year or two ago. No mention of W3W, however I took a great deal of care to ensure that my location was described exactly.

Me: Clapham Station, North Yorkshire

...

Me: Yes, that one, not the one in London. Yes, it does have a Lancaster Postcode.

There was even a Clapham Junction there, once.

Alan J. Wylie

Re: viz

I'm sorry, but that isn't a valid Four King Maps reference. However, bum.fuck.willy.shit describes a location half way between King's Lynn and Norwich

Alan J. Wylie

Either you're handing out raw floating point variables, or you've built a database to track individual atoms. In either case, please stop.

Example: Location: SD 75120 72690 / 54.1494253905477, -2.38241125754417

Alan J. Wylie

Re: My personal experience

Complaints were made, and that was the least of them. The mobile phone mast I connected to was in Lancashire, but I was in Yorkshire. It took 40 mins for the message to get passed from Lancs Police to Yorks and on to CRO. All that time I was standing away from the casualty on open moorland to get a signal (fortunately the weather was clement) before I was called back. Mobile connectivity is so poor in some mountainous areas that calls should never be terminated. The police refused to acknowledge any of this as a problem: all my complaints, to both police forces and the IOPC were brushed off.

Alan J. Wylie

My personal experience

I had to call 999 to request the local Cave Rescue to evacuate a companion with appendicitis. The police (who for historical reasons handle cave and mountain rescue calls) required a W3W location. I provided them with one (though I also have two OS grid ref apps on my smartphone). The operator then identified my as being at Ingleborough Show Cave, when I was actually at Gaping Gill, about a mile away with no vehicular access between the two.

P.S. See page 16 of Mountain Rescue Magazine

Why What3Words is not suitable for safety critical applications

Alan J. Wylie

Or you can try Four King Maps as an alternative. NSFW

El Reg article

Alan J. Wylie

Here's a real life example of W3W going wrong: Keswick Mountain Rescue Team

An 83 year old female collapsed in Crow Park. The informant gave the 999 call handler a What3Words location which was close to Hawes End. The team sent a Landrover first truck to the location only to find nobody. Further enquiries revealed the true location within walking distance of the base. Fortunately more team members had arrived at base and were able to respond quickly to this potentially serious medical incident. The casualty was assessed and stretchered back to base for further assessment and to await the arrival of an ambulance.

This is the second callout in 3 days (and there have been others) when the W3W location has been close enough to be believable but wrong enough to be useless. W3W should not be relied upon on its own. Always give a verbal description of where the casualty is and better still a grid reference from a map or use the app

Windows screensaver left broadcast techie all at sea

Alan J. Wylie

When I used to work in cyber security, one of my colleagues was contracted by a cruise company to run a check on the on-board networks: WiFi, compartmentalisation of the public and internal networks, etc. Unfortunately (for the cruise company, not my colleague), delays in the schedule meant that he could only start once the ship had left port. The testing only took a couple of days, but the cheapest way of getting him home was for him to stay on the ship for another three or four days. Nice work if you can get it!

Want tech cred? Learn how to email like a pro

Alan J. Wylie

Re: Wrapping at column 78

A memory from the late 70's just came to mind and I've just turned up this possible source for the 72 character limit: The format of a Fortran IV punched card

Positions 7-72 are used for the actual program code. Often programmers use a TAB (8 spaces) rather than type 7 spaces.

Positions 73-80 are infrequently used, but when they are they are used for identification codes which are only of interest to the programmer, they are not computed.

Alan J. Wylie

Re: Wrapping at column 78

P.S. for anyone interested in the history of incompatible and broken terminal hardware and emulators, read the comments in the Termcap file

Alan J. Wylie

Re: Wrapping at column 78

why 78 or why 72???

The answer goes back a long, long time. ASR 33 teletypes, VT52 terminals (both of which I've used) and many others have a width of 80 columns. Tabs are 8 characters.

I suspect the 72 limit comes from those numbers.

For the 78 character limit see RFC 2822 Internet Message Format

The more conservative 78 character recommendation is to accommodate the many implementations of user interfaces that display these messages which may truncate, or disastrously wrap, the display of more than 78 characters per line

Alan J. Wylie

Wrapping at column 78

One thing missing in the article: wrap your lines for easier reading.

I'm a proud user of emacs/VM

And my proudest e-mail

Our AI habit is already changing the way we build datacenters

Alan J. Wylie

Smoking hairy golfball

This article from 1981.

Brit broadband subscribers caught between crappy connections and price hikes

Alan J. Wylie

Re: Whilst they can raise the price

I may be wrong, but I think Zen's contract used to be 12 months?

Prior to 1st June 2022, Zen had a "price for life" contract. I'm still on it.

The number’s up for 999. And 911. And 000. And 111

Alan J. Wylie

"NZ7501" - what is that, UK OS grid

Yes, The UK Ordnance Survey Grid, as found on all of their, and also Harvey's Maps

And off the top of my head, it's somewhere about 50 kilometers south and east of Durham.

That's one of the advantages of Grid Refs. If you know where one grid reference is, within a 100km square, calculating the distance and direction to another can easily be done in your head.

Alan J. Wylie

You no longer call from a fixed geographic point with a known number, but are at the mercy of a skew of GIS systems that may or may not work for you.

Exactly this happened to me. At 07:50 I dialled 999, needing Cave Rescue to evacuate a casualty with appendicitis. I knew exactly where I was in North Yorkshire (Gaping Gill) and the Cave Rescue Organisation would have known exactly too (in fact, several of their members were with me, but for insurance reasons calls have to go via the Police). Gaping Gill is in North Yorkshire, but the mobile mast I connected to was in Lancashire, so I was put through to that Police Force. After going through the "What Three Words" farce[1][2], after which the operator tried to put me at a different cave several miles away, I was told that North Yorkshire Police and then CRO would phone me back. This didn't happen until 08:40. I've tried raising complaints with the two forces and also the IOPC, but all they are interested in dealing with are the actions of individual officers, not that the system is broken. I was told, in particular, that one police force cannot transfer a call to another, nor set up a three way call with Cave/Mountain rescue organisations. In remote areas where signal is poor, 999 sometimes goes via an alternate provider or signal is so intermittent that the phone cannot be called back. Also the caller may have had to move away from the casualty to get signal, leaving them alone and without first aid attention. The rescue organisation duty officer has local knowledge which will often allow them to easily locate a caller, knowledge which the small number of call centres can never have.

A couple of links to similar incidents:

overdue on a walk over Fountains Fell in the dark and poor visibility

lost on Ingleborough

[1] BBC: Rescuers question what3words' use in emergencies

[2] Mountain Rescue Magazine Summer 2021: Why What3Words is not suitable for safety critical applications

Red Hat strikes a crushing blow against RHEL downstreams

Alan J. Wylie

EU's Cyber Resilience Act contains a poison pill for open source developers

Alan J. Wylie

That random person in Nebraska that keeps getting mentioned

XKCD "Dependency"

Attackers hit Bitcoin ATMs to steal $1.5 million in crypto cash

Alan J. Wylie

The baddies scanned DigitalOcean's IP address space and found Crypto Application Server (CAS) services on port 7741

Have General Bytes never heard of Ipsec and VPNs?

IT phone home: How to run up a $20K bill in two days and get away with it by blaming Cisco

Alan J. Wylie

Microsoft "Active Desktop"

I had a similar problem, sometime about 1997. Microsoft had introduced Active Desktop, which "allowed users to add HTML content to the desktop". This content came over the Internet, even if there was nobody sitting in front of the computer overnight. Our ISDN bill shot up until we worked out what was going on.

Nations agree to curb enthusiasm for military AI before it destroys the world

Alan J. Wylie

shall we play a game?

Me: shall we play a game?

ChatGPT: Of course! What game would you like to play?

Me: How about Global Thermonuclear War?

ChatGPT: I'm sorry, but I can't play Global Thermonuclear War with you as it is a fictional game from the movie "WarGames" and is not appropriate or ethical to simulate a real-world scenario that could cause harm or damage.

Instead, there are many other fun and safe games we could play together. Would you like me to suggest some?

The quest to make Linux bulletproof

Alan J. Wylie

replace the filesystem with a database

See ICL's Content Addressable File Store

the search logic was incorporated into the disk controller. A query expressed in a high-level query language could be compiled into a search specification that was then sent to the disk controller for execution. Initially this capability was integrated into ICL's own Querymaster query language, which worked in conjunction with the IDMS database; subsequently it was integrated into the ICL VME port of the Ingres relational database.

Alan J. Wylie

Re: For such a supposedly scholarly article

not a single mention of puppet

Perhaps Liam didn't want to trigger anyone's nightmarish flashbacks.

Page: