Posts by Graham Cobb

Re: Where are the sane Americans?

By the way: If you are ever in Munich, I really recommend a visit to the "Document Centre" there. It is very well done, not boring (despite the name - it isn't about having to read lots of documents - it's an educational museum), not too big (I found the one in Nuremberg too big) and has a really interesting focus on how the hell the Nazis managed to con first Munich, then Bavaria, and eventually the whole of Germany. And also on how Hitler himself (an unlikely charismatic leader, one would have thought) acquired complete power.

Not only is it interesting history, it is so relevant to understand how perfectly ordinary, nice people can be trapped by an ideology of blame and hate promising simple answers to really hard societal problems.

Re: make "substitute your country of choice" great again

I find this one more believable than any of the similar announcements in other countries:

1. This is a technology company talking, not a political leader.

2. Reliance Jio is a serious and very effective company. They make a lot of money, in a country where most people are extremely poor by European standards.

3. I wouldn't bet against Ambani. I met him once when I was selling mobile telecoms and was impressed.

Re: PC world and hard discs

Appalling behaviour by PC World, of course. But I do recommend disk encryption for all hard disks. Partly to avoid what you describe, but also so that when the disk dies (or I replace it because it is too small) I can just discard (or sell or give to someone else) it without bothering to erase/overwrite the content. Once I remove the password from my password manager the data has gone - no one (even me) is getting that back again.

Personally I encrypt at the partition level - I don't encrypt the partition table or the grub, EFI and boot partitions but the data, swap and tmp partitions are each encrypted with their own keys (which live on a thumbdrive to be available for boot).

Re: Linux with btrfs subvolumes for root and home

In my experience, yes. But I can only point to my own experience.

In my experience the filesystem full problems have gone away. If I get a filesystem full I either temporarily add another disk, sort it out, and then remove the temporary disk (which causes BTRFS to move all the data off that temporary disk to elsewhere in the filesystem) or, even easier, just extend the underlying LVM logical volume and resize the disk.

btrfs filesystem df and btrfs filesystem usage provide all the information I need to understand how full the disks are. I keep an eye on these to avoid filesystems getting full: I extend the underlying LV volumes as required - typically every few months.

By the way, all this is one reason I use LVM - it is easy for me to create a small temporary volume for rearranging my (big) BTRFS filesystems.

I don't really understand Liam's issue about snapshots. I use snapshots very heavily (both manually and using btrbk for backups on disk and on other disks). Of course keeping snapshots around will use up disk space but, as I said, it is easily monitored using btrfs fi df and btrfs fi usage. The one thing that is almost impossible with btrfs is to know how much disk space will be freed up by deleting something (because files may still be taking up space if they still exist in other subvolumes, such as snapshots). That is best handled by some discipline in the way you create subvolumes and, particularly, snapshots.

I haven't tried to repair any disks so I can't comment on that. However, note that I have been using btrfs since quite early days - even when it was still quite buggy - and have not needed repair.

I do recommend, if you can spare some disk space, running btrfs over LVM so it is easy to change "disk" sizes and create and remove btrfs devices.

Re: Service level agreements to suffer

AI is certainly going to shake up this business. You are right, of course, that much of what the supplier AI will do is regurgitate stuff from the documentation. But that does have some notable value: that is probably at least 60% of what human 1st line support does today, and it feels like it is exactly what generative AI is good for. In theory, of course, you could ask any AI to do this, but you don't want the documentation of your system loaded into any old AI - you still need confidentiality for your business documentation and processes [whether your supplier can guarantee their AI offers that is another question, of course].

But, as another commenter pointed out, it is time to renegotiate the support SLA so it ignores all those queries, which are now automated, and instead measures what used to be 2nd line support: dealing with real bugs in code or business processes, questions on how to handle externally driven changes (such as new legal requirements or business strategies), etc.

The SI business will change, with fewer first level support people and developers, but at least as many solution architects to work out how best to bring AI technologies to the SI and its customers.

Re: I'm systems rather than dev

How does the old saying go? Something like... "Those who can't do... find an AI"

Re: Sheer lunacy

Function keys? FUNCTION KEYS??!!!

My ASR33 ain't got no g*dd*mn FUNCTION KEYS!

I queued overnight in a street under the arches of Kings Cross station in about 1977 to buy a real, very heavy, second hand teletype in a sale. There were about 50 of us queuing all night, with thick coats and sleeping bags, to get the bargains - not just teletypes but all sorts of secondhand business electronic gear.

Fortunately I only had to place the order then: I didn't have to take the thing home on the train.

Re: DIC - Data Industrial Complex

Interestingly, Senior Railcards can be acquired without a photograph. And no photos taken during the process: turn up at a station in person and show a photo ID - which is not copied. Once you have one, you can renew for the next year without further ID at all - just pay the fee.

I guess they will stop allowing this once all the sad old gits like us have gone.

Well, yes and no.

Of course you are right: forwarding operates at linespeed and routing operates in seconds.

But minutes would be worryingly long: during routing convergence loops are very likely and a lot of traffic can be generated during routing loops in low-latency networks, possibly delaying routing algorithm convergence even longer if routing messages are delayed or even lost in full links and buffers.

Anything threatening national defence should be dealt with swiftly proportionately.

In particular, collateral damage must always be considered. And anything involving any possible risks to public would have to be completely illegal unless a shooting war was currently underway and even then require a clear order from a senior commander who would need to be held personally responsible for damage or injury to non-combatants.

You are mostly right. However, I think the antics of the orange one might be helping to focus the minds of even the UK government!

If our core, strongest allies can no longer be trusted then even the UK will need to start serious consideration of building multiple options into big procurements.

Re: Lotus

Strictly illegal but I don't think Lotus or A-T ever took action against anyone bypassing the protection on otherwise legally licensed copies...

I think that in those days that wasn't even illegal. What was illegal was running the software without purchasing the "legally licensed copies". IIRC, defeating DRM and other protection devices only became illegal itself during the (DVD-based) DRM wars.

Exactly. There is nothing illegal about making up and writing down a story containing all sorts of copyrighted material. That is clear "fair use" (other terms are used in various jurisdictions, but they all allow that, as far as I know). The legal issue is about publishing the material you created for yourself.

And following that, I traveled to Greece. Where a local SIM required my passport number (or other ID).

Last year, on holiday in Italy, I bought a prepaid SIM (for cheap data in my Android tablet) in a random High Street phone shop. I didn't have my passport with me (yes, I know I should have) but the guy was perfectly happy to make the sale and I never provided him, or the network, a passport number or any ID. He did do various stuff to activate it so maybe he made up a passport number or something. I don't know.

Re: while addressing greedy stooges

Hey! I resemble that remark!!

Of course I know what a meme is!

While certainly true, dependence on US, and other Western countries, is well known. The planners may well be over optimistic, but the risk is, at least, understood and accepted. To be honest, I don't think any country considers it could survive if all its major partners turned against it.

A dependence on China for keeping the country running is, however, rather more serious. While there is no reason to assume China is going to turn against us, there is certainly a higher risk of that happening than many other partners. And that is only considering government actions: there are also criminal elements to be considered.

Re: Thumbs up

Anyone have a recommendation of something we could use on my wife's laptop which doesn't make Windows look/behave differently in normal use but which allows me to get a sensible interface, with sensible controls, tools and privileges, good reporting and a good shell, when I am maintaining her PC for her. Like setting up automatic backups to my Linux servers, file-sharing with our home cloud, regular virus scans, scripting things so some things are done at home but not tried when we are away on holiday, etc.

Re: What’s the money for

I am thinking about doing this. Not that I believe I am smart enough to know when it will stop - just that I think I am sensible enough to be able to make more money than the people who fervently believe.

It is the same approach I did with Bitcoin a few years ago. I bought an amount of "bitcoin growth" stocks. About $2K.

Each time the stocks doubled in value, I sold half of them - getting my $2K back. I was able to do that three times, IIRC, before they stopped doubling. I still own the last lot - they are basically flat.

I always knew it was a bubble. Once I had managed to do it once, it was free money. I feel a bit sorry for the people who provided the money for me - but not too much.

Re: TFL

That's Bobby Tables' fault!

The interesting thing is that, for Trump, he probably has no conception of how you could be surprised, let alone contemptuous of that argument.

To him (and how many other major US politicians? I don't know) there is nothing surprising or unusual, let alone corrupt, in choosing supporters who have fought for, and funded, him and his party colleagues. I don't think he even imagines anyone else feels differently. That is what making campaign contributions is for: getting your views incorporated into government.

I knew that Trump gave power to people who funded him. But what I hadn't realised is that he doesn't even conceive of that being suprising, let alone corrupt - it is just what politics is about, in his view.

Re: Brilliant career move, there

Actually, the corporate guys (Baxi and Raajah) have done little harm to their reputation, and probably increased their value to their employers (and future employers). It is a few years now since I did corporate technical marketing but companies are always looking for ways to get external validation of the benefits of their product. Even if you do have a great product it is has hard to let the world know; and if you don't you still need to highlight what it can do. This support from MIT Sloan authors was quite a feather in their cap!

Respected institutions (including various publications, universities, research groups, analysts, etc) are always underfunded and are looking for corporate sponsorships or sponsored gigs (speaking at conferences, tradeshows, user group meetings, etc). Their views often carry a lot of weight with customers so they can charge a lot of money for endorsing suppliers. Of course, they don't normally go as far as saying one supplier is better than another but they are often willing to endorse or promote a particular talking point which highlights something which happens to be a competitive strength of one supplier.

But it is a very difficult tightrope to walk. Even while avoiding direct endorsement of a product, they have to be careful not to just endorse the marketing talking points of the supplier. I had many difficult calls and negotiations with various experts we were sponsoring in various ways in order to arrive at words they would use which supported our talking points and strengths, without endorsing or recommending our products. Some of them were very good at getting to a reasonable and fair compromise protecting their position, reputation and institution while saying enough to support our claims that we would pay them (and come back again for another article or speaking gig). I understood their position and they understood mine, and we negotiated like adults.

I suspect that Siegel and Zeijlemaker have had a roasting from MIT and will be much more careful next time.

Re: We don't need yet another blueprint

It used to be that relying on the US was a safe proposition for HMG - after all , US weapons were protecting us and other considerations seemed small in comparison.

But, in a post-Trump world, who knows what US policy might be (from one day to the next, even)? If the UK did something Trump didn't like (say, supporting Ukraine, or sending RAF planes from Cyprus to protect a relief convoy going to Gaza, or something), the US could decide that AWS could no longer do business with HMG and, poof!!, all of a sudden no tax can be collected!

Re: "cloud-based facial biometric comparison product"

That's par for the course now. I've been to a couple of major EU capitals in the last few weeks. Both times the queue for non-citizen arrival border processing was an hour. Basically a whole plane load of people from the UK, with 2 people handling non-Schengen processing, and having been given instructions to do the full questioning thing. [Actually, in both cases, after queuing for an hour a more senior border control person came and gave the 2 officers an instruction which resulted in each entry going back to taking less than 30 seconds, presumably to clear the queue]

What I don't have visibility of is whether the same long waits are happening for EU visitors entering the UK.

Unfortunately, it doesn't really work like that. The services the cloud vendors are offering, and the competances need to drive them, are really not the same as building your own. And driving the Amazon cloud to spin up new instances, or create new services (let alone buy the right amount of capacity to handle workloads and allow for failures) is not the same as doing the same thing in Google, for example.

However, it could be made much simpler if the (big) commercial cloud users forced cloud vendors to standardise. Then we could see real competition (and even workload mobility) between clouds, and even see the hardware vendors offering the same tools and APIs for on-prem deployments.

The power is in the wrong place at the moment - it is with the big 3 cloud vendors, not their customers.

Re: "... hibernation support is a somewhat neglected area of Linux support"

I don't know if its a coincidence, but this week a bunch of patches have hit the BTRFS developer list regarding suspend/hibernate. Mostly about cancelling long running stuff (like disk scrubs) so suspend can go ahead, but also discussing the things that can go wrong! Horrible!!

I'm glad my last (and only) kernel contribution was in 2002!

Re: What a great idea

Which is why abend' is right that we need more competition in cloud services so customers can choose their tradeoff between price, speed, reliability, support, etc.

Re: This points to the fundamental issue with cloud computing and "centralization"

Yes.

Smart people know that - and still use AWS because the tradeoff is worth it. After all, if your own datacenter has no redundancy, AWS can be a major step up even though it has this failure mode.

It is unlikely to be worthwhile for most commercial enterprises to get "better than AWS" reliability. Which is fine.

What is not fine is that the people who do need to keep running (like banks) don't realise AWS is not good enough.

Re: Does freedom of speech work both ways?

In regard to the COVID question, I think there's room for reasoned debate on the topic; unfortunately, reasoned debate is a resource which remains in short supply when it comes to COVID-19.

Only in the US. The rest of the world seems to have no debate on the issue. The science of Covid is very clear to everyone else, and the origins also pretty much so.

Re: The obvious solution?

Making coal?

Re: TDS

b) offer that position to whoever best fits the role, regardless of their demographic? (Equality of Opportunity)

No, that isn't Equality of Opportunity. Equality of Opportunity takes into account the history of the applicant, and how they have dealt with the various challenges that have faced them, including previous opportunities, or lack of them.

Equality of Opportunity is bloody hard. It is not a tick-box exercise, nor is it about applying the same process to all candidates. Equality of Opportunity is about the hiring manager giving each candidate the opportunity to demonstrate why they are one of the best candidates for the job. That may include finding out how the candidate has dealt with challenges, what they have achieved against the odds, why they will be a great choice to do the job, etc. In your example, it is as important to question how the hearing candidate would make a difference to the company's success as it is to understand how the deaf candidate can contribute.

Hiring is never easy: you need to assess potential. What they have done before is part of that, but only a part. You need to assess what they will contribute in the future.

Re: Not sure the FAA understand much here

it's the "modern digital systems" that are the most easily attacked, as in this case

That's not quite fair... Yes, the "modern digital systems" are shared by many (often thousands) of customers. So when they fail they affect many, many more people than the old analogue systems which effectively served one customer.

On the other hand, the old, non-shared systems didn't scale. Most of the people affected by the failure of the modern systems wouldn't have been able to have service at all, at any time, however reliable that service was. Modern airports didn't get to handling the volumes of flights, passengers, luggage and cargo that they do today without the scalability provided by those shared systems.

In the 90's I was working on (the network management of) the new wide-area "ring" technologies which BT and their competitors were rapidly deploying. Those technologies (SONET, etc) mostly predated ATM and IP backhaul and really opened up reliable, flexible, high speed wide area networking. They were shared infrastructure, supporting thousands of users at any one time, so were affordable (to the big businesses who were the target at the time). They were well designed and engineered and had redundancy (self-healing rings), all at a reasonable cost - a fraction of a dedicated resource.

However, they were not designed to deal with actual adversaries. None of the systems I worked on were designed with military requirements. The military had their own systems, and no one had thought of criminals scaling protection rackets up to the levels of today's ransomware attacks.

I have no idea what happened here, but it is easy to imagine scenarios. Modern phone networks use protocols where the signalling tells the network what sort of call it is - not the actual number. Signalling is provided by end user equipment (dumb phones, mobile phones, VoIP, etc) in many different forms and using different protocols, and is validated and heavily firewalled on entry to the telco network (for example, so that people can't pretend to be another operator delivering a call to avoid being charged or traced). Pretending your call is an emergency call might be used by hackers to avoid charges or to cause a denial of service attack, for example. So equipment and firewalls apply all sorts of validations.

I could easily imagine that if a link had been incorrectly marked as "emergency calls are never carried on this link" a firewall might reject the call. Or if a software upgrade to a firewall broke the configuration somehow I could easily imagine this failure.

Of course, with hindsight, there should have been (i) proper testing, (ii) high priority alarms generated when rejecting validation for calls claiming to be emergency calls, (iii) proper capture and very rapid escalation of the call centre reports of emergency calls failing.

Re: Work visas, really? Where are they?

Unfortunately for the farmers, they didn't get their chequebooks out for the Trump campaign. The high-techs and the oil companies did, though.

You gotta play to win, y'know.

Re: UK Fascism

Where can I sign up for a credible resistance movement?

Well, I send money to Big Brother Watch and NoYB.

Re: Yes!

I didn't even bother with a case (I hate them). I just put the best Blue Peter sticky-backed-plastic on the back and keep it as my second phone (mostly as a small Internet device when travelling). I bought an identical small, thin iPhone (is it a 13? I don't know) and continue to treat it exactly the same way. It falls out of my shirt pocket often but this one hasn't broken so far.

Does this announcement mean I won't be able to get small thin iPhones any more? I had better stock up.

Re: I don't buy the half of children being protected thing...

Sexton is confused... He said: "If children are using VPNs to bypass, then that's bad because that hasn't worked and they're accessing pornography. But if it stops half the children, that's half the children that were viewing pornography that are now not, and that's good."

If we even assume what he says is correct, he has missed the other half of the children. He should have added "But, unfortunately, the other half the children are now looking for, and finding, sites which are (by definition) illegal and unregulated and being exposed to violence, murder, sex abuse, drugs and terrorism. We wish them luck in managing that."

Re: Control flow of ideas

This is about power and money.

Specifically money.

Trump is beholden to the large telcos (through campaign funding, etc) and is on a path specifically to undo all the telecoms reforms the FCC made - such as increasing competition, improving services, encouraging investment by public bodies and local governments, providing access for poorer people such as immigrants (legal or otherwise), etc

This has nothing to do with children, really.

And, particularly if they crack down on VPNs, we are raising a generation who all know how to use Tor and use it routinely!

So they won't just be seeing legal pornography but the most vile, illegal and hateful sites. And from there... how to earn or steal bitcoin (including sex work, selling pics of family members, buying and selling drugs, ...) and maybe even knives, guns and violence.

Wonderful

Re: The ReJester

Of course it isn't an insult. As I understood it, the police action claimed to be on the basis that the signs could provoke violence from people who disagreed. I would have thought that in that case the police should be providing protection to the sign-bearers and/or arresting anyone who looked like a violent skinhead who might have attacked them!

I wrote to Chris Philp (then policing minister, now shadow Home Secretary of all things!) suggesting that he instructs the police make a very visible public apology for the misuse of their powers, thus making up somewhat for the loss of public visibility and on-going debate which would have occurred if the signs had been seen on TV. I also suggested that the Prime Minister may like to make a humble suggestion to the King that he makes a personal statement that while he (obviously) has every confidence in the role he performs, he deeply recognises the right of others to disagree and regrets the heavy handed behaviour of his Police and so will permit the campaigners to post their Not My King sign outside the palace for a week (and maybe even privately sending them a small cash donation himself - I certainly sent them one).

I never got a reply - surprise, surprise.

Re: Tor also works quite well

Yes, and that is the biggest reason this is so stupid. In 5 years, when every 20-year-old has been using Tor for all their browsing for several years because of this law, there will be no chance to monitor even run-of-the-mill dumb criminals' traffic!

At the moment, Tor use is exceptional. Next year every teen boy will be using it.