* Posts by Stu J

233 publicly visible posts • joined 5 Aug 2009

Page:

Don't want your Kubernetes Windows nodes hijacked? Patch this hole now

Stu J

People actually run Kubernetes on Windows?!

That sounds like a whole new level of masochism. Weirdos.

Samsung Galaxy S25 is so smart it wears Crocs, allegedly resists quantum decryption

Stu J

Re: Is there a reason I would change?

I similarly got pissed off with Vodafone (not least the enshittification of their network), decided I didn't need to upgrade my S22 Ultra, and dumped them for 1pMobile who have been great and much better value in terms of airtime plan and flexibility, and better customer service to boot - can highly recommend.

At some point I might buy a new phone outright but I've got no plan to go back to stupidly expensive monthly contracts with the big operators.

Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch

Stu J

Presumably...

...they're just not testing this kind of shit any more, because it's expensive to have different types of hardware, and not trivial for your average automated tester to automate testing a full OS on physical tin.

"Boots on a VM in Azure, regression test pack that covers <single digits percent of code paths> passes, it's fine, ship it"

Oracle's Java price hikes push CIOs to brew new licensing strategies

Stu J

Please tell me you have video evidence of their reaction...!?

China starts building world's largest fully steerable radio telescope

Stu J

Re: Very Interesting

UNESCO World Heritage site, and was used by the West to track Sputnik as it was the only thing capable at the time. Also used for Cold War early-detection capability, recieving images from the moon, and monitoring many early space missions.

And it's bloody beautiful, I used to drive past it several times a week, and on a lightly misty/frosty winter's morning, in the early morning winter sun, it was an absolute sight to behold. It's up there with Concorde in terms of beautiful engineering IMO.

Yup, half of that thought-leader crap on LinkedIn is indeed AI scribbled

Stu J

Enshittification

LinkedIn has been on a steady decline for a long time now, but this statistic does explain the steepening of the downward gradient I've noticed over the past 18 months...

Northern Ireland schools ditch £485M Fujitsu deal after less than a year

Stu J

Re: Sometimes technology is the problem, not the solution.

Or, get the education department to hire a team to build and run it themselves. Cheaper than paying consultancies, the knowledge stays in-house, and you're not constrained by stupid contracts, if you need to pivot, you can.

Individual schools don't have the budget or scale to be able to do that kind of thing themselves, so they'd be off to the for-profit sector buying whatever shiny shite some sales-weasel has dangled in front of their faces.

If you've got £500M of public money to spend over, say, 10 years, if you can escape stupid civil service salary bandings (and ditch the stupid public sector pension while you're at it), that could build you a solid, empowered, high-performing team that could deliver 10x more value over that period than any consultancy ever would.

Stu J

When even Crapita and TCS decline to bid......

......you're clearly asking for far too much, and offering far too little.

I'm guessing that Fujitsu only figured that out once they got through the doors.

Presumably either Fujitsu had written their contract tightly enough - or the EA's contract was sufficiently weak or ambiguous - that once Fujitsu pointed out the the EA that they wouldn't actually be getting what they thought they would be getting (without ££££ change orders) they were both only too happy to walk away.

Airbus A380 flew for 300 hours with metre-long tool left inside engine

Stu J

Crashes?

Neither Southwest nor United have had any recent _crashes_ due to engine failures...

Yes they have had engine failures that have warranted emergency landings. Yes, in one case the debris caused a window to break and the poor passenger seated next to the window died as a result. But none of these cases could be classed as a "crash" - so why try to sensationalise those incidents?

Two-engined aircraft are designed to be able to continue flying with only one engine - potentially for as long as 5 hours, and engine shutdowns/failures in flight are relatively common in the grand scheme of things - 5 or 6 times so far in November, no injuries, no major damage to anything on the aircraft...

UK watchdog hints Voda-Three merger will likely pass

Stu J

How about approval only if...

...they deliver roaming-capable (i.e. accessible to O2 and EE customers and their MVNOs) proper usable 5G coverage to every single metre of every single railway line and motorway in the country (and yes, that includes tunnels).

Then at least as a country we'll have something useful out of them before we all inevitably get shafted by price rises.

Google Cloud burst by 12-hour power outage in German region

Stu J

Re: Is It Possible ...?

"How did we survive the 70s and 80s without WiFi-based safeguarding. Was it just a miracle?"

In case you hadn't noticed, nonces took full advantage of the lack of safeguarding in the 70s and 80s (and earlier too no doubt), that's the whole reason WHY safeguarding exists, you dope...

macOS HM Surf vuln might already be under exploit by major malware family

Stu J

Although it's delightfully altruistic of Microsoft to help Apple out by pointing out vulnerabilities in Safari, one would have thought it would be a far better use of their time to work on the security posture of their own malodorous software instead...

Developer pockets $2M in savings from going cloud-free

Stu J

Yawn

Businesses that run large, relatively stable, predictable workloads are likely to save money on-prem, long-term.

But they do sacrifice a degree of agility. If their customer base was to triple over the next three weeks, could they source, configure, and install enough hardware to cope with the additional load? Unlikely.

If they wanted to develop a new product with as yet unknown resource requirements, would they have enough spare capacity to do that, without affecting their production workloads, and without having to down tools to wait for new hardware to arrive? Because I've experienced this exact situation when relying on on-prem tin.

37Signals is literally at one end of the spectrum. The counter-argument at the other end of the spectrum is the UK charity Comic Relief, who provisioned serverless infrastructure that facilitated the processing of tens of millions of pounds in donations from hundreds of thousands of members of the public, for less than £100; their previous on-prem solution was IIRC 1000x more expensive, and sat doing nothing for the vast majority of the year.

Everyone else is somewhere in the middle. You don't have to run all of your workloads in the cloud; you don't have to run them all on-prem. There is a middle ground, but anti-cloud zealots like DHH seem to forget this and present their own experience as "look, this is true for us so cloud sucks".

US indicts two over socially engineered $230M+ crypto heist

Stu J

Give them a medal instead

Any time anyone makes a mockery out of crypto-bros, it makes me smile.

UK watchdog fears Voda-Three merger will balloon phone bills for customers

Stu J

Fuck Vodafone

I've just left them after 10 years to go to an MNVO on EE. The prices have been going up and up, and the service has been getting worse and worse. The final straw was them switching off 3G mid-contact, at the same time as applying an inflation-smashing mid-contract price rise.

The promise that they would improve 4G and 5G by turning off 3G has been absolute bullshit - instead half the time nothing better than 2G was available. So why should we believe that they would keep their promises if they merged with Three?

Since shifting to EE's network, I'm getting 5G most of the time, and 4G everywhere else. I'm just annoyed that I developed Stockholm Syndrome and put up with Vodafone's crap for as long as I did, and even more annoyed that my wife's contract still has another 6 months to run.

'Error' causes Alexa to endorse Kamala Harris, refuse to discuss Trump

Stu J

Re: Commie!

The vast majority of MAGA yanks wouldn't know a "Commie" if it slapped them in the face and shat down their throat.

Anything "left" of them (which could still be comfortably right-of-centre in the grand scheme of things) gets labelled as "Commie" by these brain-dead morons.

Missing scissors cause 36 flight cancellations in Japan

Stu J

Re: The ghost of 9/11 casts a long shadow

On most large airliners there's only a fire axe in the cockpit, not in the main cabin, and I'd be surprised if cabin crew ever had access to them, even on smaller regional airliners. If you've already got access to the cockpit then all bets are off.

The only person who would ever wield a fire axe in anger would be the Captain, or possibly the First Officer on the Captain's instruction.

You don't start randomly smashing an axe into the cabin walls unless you're pretty certain you've got a fire spreading between the inner wall and the fuselage wall, and even then, you'd be pretty careful where you smashed so as not to cut through anything important that would make an already bad situation worse...

Intel's processor failures: A cautionary tale of business vs engineering

Stu J

My favourite (somewhat over-) generalisation

Companies run by engineers don't make a profit

Companies run by beancounters don't make *anything*

London council accuses watchdog of 'exaggerating' danger of 2020 raid on residents' data

Stu J

Don't fine them. Jail time. *That* should focus their priorities.

Tesla parental controls keep teenage lead feet in check

Stu J

You don't need a towing license any more (for car plus trailer), they've "re-grandfathered" it back on to everyone that didn't already have it

Stu J

Re: No this one is Fair

So as a 17 year old male, I had to pay a fortune for insurance back in the day. Some of my contemporaries wrote off their cars 3, 4, 5 times in 18 months. I've never had an accident in 25 years of driving.

It's fundamentally unfair to "tar everyone with the same brush" based on sweeping shared characteristics. Correlation does not imply causation. Not all 17 year old males are complete fuckwits the second they get behind the wheel.

Other countries include the cost of 3rd Party Insurance in the equivalent of Road Tax. That would be a far better solution IMO. Then, if you want to insure fully comprehensive, it's on you to buy a private policy.

Stu J

Apparently insurance for automatic-only license holders is currently significantly more expensive, because many people that have them aren't very good drivers (often turning to the automatic-only license after multiple failed attempts at a manual test), and have a higher percentage of crashes.

Unfortunately this makes it a self-fulfilling prophecy as if you have the choice between needing a few more lessons to pass a manual test, versus over £1000 more on insurance, anyone with half a brain is still going to take the manual test.

It's about time the car insurance was completely overhauled. If you've got a license that entitles you to drive a vehicle, that should be the end of any questions about the type of license. Their over-use of statistics and profiling is criminally unfair.

AWS is pushing ahead with MFA for privileged accounts. What that means for you ...

Stu J

Re: So far so good, but...

You make sure you've got at least 2 passkeys registered so if you lose one you can still log in and disable the second. If you've only got one phone, then a yubikey or similar can be the second passkey device.

Microsoft's Recall should be celebrated as the savior of SMEs and scourge of CEOs

Stu J

Re: Nope

The Headley-Grange Curve?

Stu J

Re: Nope

Also it's only capturing what's on the screen every 5 seconds, and it's not recording inputs - so that alone won't be sufficient to automate processes.

I stumbled upon LLM Kryptonite – and no one wants to fix this model-breaking bug

Stu J

Re: for "prompt engineering"

It uses Bing APIs under the hood apparently. And Bing (and Copilot) are down apparently.

Is the long awaited Raspberry Pi flotation about to happen?

Stu J

Crucially what I've spent on it has been incremental. I've added bits as I felt the need to, or as I could afford to.

I can get security patches probably ad infinitum. Even if the Raspberry Pi foundation went bump tomorrow, the community's large enough to keep on supporting even the older legacy Pis.

Whereas with your Mac Mini, you're beholden to Apple and when they decide they want to pull the plug on supporting your hardware.

Don't get me wrong, the Mac Mini is a decent small box computer, but we're comparing grapes with pineapples here.

It's OK, you can stop shilling for Apple now. Nobody asked for you to come on here and start evangelising about the Mac Mini, and you're being about as tedious and annoying with it as the people who try to convert you to their religion in the street when you're just trying to go about your daily business.

Stu J

Well, yes. That's because it's a low-power low-cost device. It's not designed for video transcoding which is a relatively specialised use case FFS...

It's like you're trying to compare a hammer to a screwdriver when all you want to do is put screws in things - a hammer's the wrong tool for the job. A hammer's still a really useful tool to have though...

I've got a 3B, 4, and 5 in a rack in my loft, the 4 and 5 with cheap SSDs instead of SD cards. I've got a Zero W acting as a Bluetooth proxy downstairs.

Total cost significantly less (like, less than 1/3rd) than a Mac Mini capable of doing the same thing.

3B runs my ADS-B receiver and feeder (docker on raspbian)

4 runs HomeAssistant and NGINX very capably (docker on raspbian)

5 runs OpenWRT (bare metal) and acts as the router for my entire network, including PPPoE termination, firewall, NAT, etc, etc. Best router I've ever had, by a long, long way.

UK lays down fresh legislation banning crummy default device passwords

Stu J

Well they need to make the likes of Amazon, eBay etc responsible. A few fines and lawsuits might focus their minds a bit, and stop the influx of counterfeit/crap tech imports that claim to meet standards but clearly don't.

Stu J

A good start...

...but companies should also be mandated to provide perpetual local control of all devices.

Being reliant on a cloud service that could shut down (or ramp up subscription costs) tomorrow on the whim of a company (or whoever decides to buy them) is not a good position for consumers to be in.

It doesn't even have to be a "both" - even making firmware available that provides the ability to read data from and send instructions to the device locally, and allowing users to load that firmware if they don't want to be locked in to a cloud model would be better than the status quo.

I've nothing against manufacturers paywalling more intelligent functionality, storage etc behind a subscription, but the raw device capabilities should be accessible and documented if the consumer requires it and wants to roll their own integrations.

Sacramento airport goes no-fly after AT&T internet cable snipped

Stu J

Re: Redundancy

Generally speaking, each airline gets their own connectivity installed at each airport, and it's up to each airline if they stump up for redundant feeds (and routers). Getting circuits connected can have a lead time of 3-6 months, and proper redundant circuits can increase delivery time and complexity.

At one major (top 10) US airport I used to work with 5-10 years ago, of all the international carriers that flew into there, only Lufthansa bothered with redundant circuits......but they both terminated into the same datacentre in the airport. One of the circuits was then sent on a dedicated fibre link to the airport's new redundant data centre about two miles away from the main terminal building.

Lufthansa and some other airlines did enquire about the cost of getting new circuits into the new datacentre, and the ridiculous amount quoted by the telcos would have wiped out the best part of a week's worth of profit for their flights from that airport. So they didn't bother. It's a risk/reward calculation.

So all the airport's systems were beautifully redundant, but if the original main datacentre in the main terminal suffered a complete power outage, all airline connectivity would have been lost (including for Lufthansa), in spite of having another state-of-the-art datacentre with dual-redundant geographically disparate fibre backbones between the two datacentres and the airport network.

Microsoft to use Windows 11 Start menu as a billboard with app ads for Insiders

Stu J

Re: Where can Microsoft be billed ...

If you could bill Microsoft for wasted CPU cycles, then the abomination that is the Teams app would be costing them billions...

Support contract required techie to lounge around in a $5,000/night hotel room

Stu J

I once had to fly out to Los Angeles from the UK to apply for an airside pass for a project we were working on at an airport in the LA area.

I had to turn up in person to register on a Tuesday morning (they only ran the sessions once a week at the time), have my fingerprints taken, do a quick classroom course, then bugger off back to blighty for 3-4 weeks while the FBI decided I wasn't a threat, before we could start the project delivery. All in, less than an hour's "work".

I figured out it was about a grand cheaper for the company to send me out Premium Economy on the Saturday flight, and back on the Tuesday night, and pay for an extra two nights hotel and expenses, and a hire car for the duration - than it would have been to fly me out Economy on the Monday and back on the Tuesday. So I got a weekend sightseeing in SoCal on the client's dime.

Red Hat tries on a McKinsey cap in quest to streamline techies' jobs

Stu J

Clueless

Anybody worth their salt working for an organisation that brings the likes of McKinsey in should immediately polish up their CV/Resume and start looking for alternative work. Either job cuts or outsourcing (or both) are coming, or organisational culture is about to go down the toilet. Either way it's not going to be pretty...

Funny how these management consultancies never suggest removing the layer of management that brought them in, which is probably what's actually required.

What strange beauty is this? Microsoft commits to two more non-subscription Office editions

Stu J

Why the hell would you want to install Office on an embedded system...?

Microsoft forges One Teams App To Rule Them All

Stu J

Re: "with separate icons on the taskbar"

It still regularly kills my webcam though.

Google Meet, Slack Huddles, and Zoom have *never* killed my webcam.

What the actual hell is Teams trying to do to it that requires it to be replugged for it to come back to life?

Euro-cloud consortium issues ultimatum to Microsoft: Fix your licensing or else

Stu J

Re: Peak?

If you're setting something up outside of Azure so that 32 users can log in at any time of any day without significant delays (which is what the equivalent MS offering would permit) you'd need 32 VMs running 24/7/365.

There is no technical reason for this whatsoever - it's purely Microsoft's discriminatory/predatory/protectionist scumbag licensing terms.

Of course you can start to do clever automated demand prediction and management to try to scale stuff and work around it on non-Azure deployments, but the fundamental point is that you shouldn't bloody well have to.

I'm hoping that Microsoft genuinely get taken to the cleaners over this. Their pathetic licensing restrictions stopped us 10+ years ago from offering a highly specialised SaaS VDI hosted on our own tin, because it destroyed any economy of scale across multiple customers.

Instead we had to deploy Windows PCs everywhere, so MS only got the revenue for those OEM licenses, instead of probably 10x more revenue for ongoing VDI licensed subscriptions.

The expense that stopped our project from going anywhere perversely wasn't the Microsoft licensing costs, but was the fact that their licenses stipulated that we couldn't share physical servers or SANs across multiple customers. Having to commission new servers and SANs for every single customer, with associated VMware licensing, lead time, and implementation effort destroyed any economic benefit SaaS VDI could have offered.

Microsoft behaves in a horribly protectionist manner and abuses its position to stifle innovation. They've got everyone by the short-and-curlies, and they don't even have to try to be good any more, as evidenced by the generally terrible quality control of products they release these days.

Stu J

Re: Peak?

365 x 24 / 12 =

Guess what?

730

It's called an average.

Windows 10 failing to patch properly? You are most definitely not alone

Stu J

Re: Ahhhh Windows Update

Honestly, what the merry fuck is it actually doing under the hood that takes so long?

Meta says risk of account theft after phone number recycling isn't its problem to solve

Stu J

I don't think that broadcasting which numbers have changed hands is a particularly safe or sensible approach.

However, there should be an API which companies with legitimate requirements can query - they send a phone number and the last date/time they validated it, and the API responds with a simple "valid", "invalid", or "unknown" depending on whether the number has migrated to a different SIM since they last verified it.

Jenkins jitters as 45,000 servers still vulnerable to RCE attacks after patch released

Stu J

Why the hell...

...would you have a Jenkins server accessible on a public IP, rather than behind a VPN or a Zero Trust Load Balancer?

That's like having your car keys hanging in a flimsy glass box outside your front door...

Former Post Office boss returns CBE to sender over computer system scandal

Stu J

I've been saying for years that there needs to be proper personal accountability at an individual and board level for systems implementation and integration.

You wouldn't let someone that had watched a few YouTube videos and previously built a garden shed, design and build a skyscraper. There are Chartered Architects and Chartered Engineers that have to sign off on things, have to be properly qualified and experienced to do so, and suffer personally if they are negligent, especially if they knew about problems and didn't whistleblow.

So why do we deem it acceptable that literally any bunch of muppets can be trusted to implement and run secure and fit-for-purpose software-heavy systems, without any kind of formal oversight? When these badly-designed systems have real consequences on people's finances, personal data, and their lives? Why shouldn't there be the same sort of oversight required for all major IT projects, public and private sector, with suitably qualified people empowered to say "no" to non-technical stakeholders wanting to cut corners, or to consultancies wanting to do a shit job while maximising profit?

You can become a Chartered Engineer within the IT Industry - but there's no real point people attaining that status at the minute, because it's not required by anyone, even though it probably should be.

Microsoft confirms Smart App issue renaming everyone's printers to HP

Stu J

Re: If you don't want bloatware you cannot uininstall

I'm so so glad I barely ever have to deal with Windows any more.

Bank boss hated IT, loved the beach, was clueless about ports and politeness

Stu J

Re: Every single time

I'm not sure laptops with RJ11 modem ports necessarily even had USB ports - sure there might have been a brief overlap, but I suspect this may have been in the days of PS/2 connectors

Mid-contract telco price hikes must end, Ofcom told

Stu J

Inflation driver

This kind of contract clause not only persists current inflation, it actively drives inflation higher.

Given the BoE and government have a desire to keep inflation at 2%, surely it would be sensible to have a legal limit of 2% on in-contract price rises, if you're going to permit them at all. Same for insurance renewal quotes (subject to you not having made a claim in that policy year).

'Corrupt' cop jailed for tipping off pal to EncroChat dragnet

Stu J

Inadequate sentence

She should have been sent down for far longer as a much stronger deterrent for unilaterally endangering a multi-national investigation into some of the worst scumbags in Europe. Prize idiot.

So this one time, at Bandcamp, half the staff were laid off

Stu J

* TREAT their employees well

Bloody Autocarrot

Page: