* Posts by simpfeld

97 posts • joined 24 Sep 2009


UK smacks Huawei with banhammer: Buying firm's 5G gear illegal from year's end, mobile networks ordered to rip out all next-gen kit by 2027


Terrible Decision

No Huawei security issues shown by GCHQ testing or anyone else for that matter.

Plenty of security issues shown in US originated equipment (Cisco, Juniper, encryption standards with introduced weaknesses).

Yeah, cause UK intelligence sensitive information is travelling over mobile networks without end-to-end crypto, if so that person needs firing.

Of course we didn't want to annoy the orange one, but I guess we are keeping our options. The Chinese leader may tell him he's great and allow him to open a few hotels and Huawei will be okay again.

July? British government could decide to boot Chinese giant Huawei from the UK's networks by this month


Re: Still Waiting to See Evidence

Ermm, a third party security researcher could easily show evidence of Huawei backdoors, this hasn't happened! But it has happened with numerous US originated equipment.


Still Waiting to See Evidence

We still haven't seen an example of Huawei having backdoored their equipment. We have had vague suggestions it is (or might be in the future).

Whereas our transatlantic friends have had numerous public examples of them backdooring kit, Juniper Cisco it goes on.

GCHQ even have (had) a lab security testing Huawei equipment and never found anything.

Yet another example of the government saying trust us (how has that worked before). Whereas the truth is we just don't want to upset the Americans.

Openreach tells El Reg it'll kill off copper sales in 118 UK locations next year


Re: Quick Question regaring Fibre

I wonder why it would be asymmetric, I can understand why on DSL (limited frequency range so optimised to use for each direction), but on fibre. Sounds like an artificial scarcity situation again so people still have to pay for business class leased line. There isn't so much asymmetric network gear!

Admins beware! Microsoft gives heads-up for 'disruptive' changes to authentication in Office 365 email service


Re: Help me understand

Yes, I'd like to know what is so wrong with Basic over TLS (IMAPS on a dedicated port). I guess starttls has had issues with "Man in the Middle" with not passing the starttls to the real server, so being able to intercept. But I don't see any difference between IMAPS vs an HTTPS based authenticator. A genuine question from me too!

The winners and losers of infrastructure clouds revealed: AWS, Microsoft, Google and Alibaba get fatter


Re: Welcome to the new mainframe.

So true. Then we are going to hit what I have heard people call "Cloudshock", when people suddenly realise how much cloud is costing and pull some things back in house (test environments being an obvious choice). I have heard stories of cloud companies that managed to very quickly spin up due to cloud but suddenly find 40% of their turnover was going straight to AWS.

People are quite naive about the cloud. I have heard a senior exec say in a meeting with all this competitions (between AWS, Azure and Google) things will just keep getting cheaper...Wow.

And an accountant saying to me, will the cloud deployment be always cheaper than our present On Prem one...We are simply swapping CAPEX for OPEX really was my answer.

This is just the latest version of what the Jargon Dictionary used to call the "The Cycle of Reincarnation". Their example was

"function in a computing system family is migrated out to special-purpose peripheral hardware for speed, then the peripheral evolves toward more computing power as it does its job, then somebody notices that it is inefficient to support two asymmetrical processors in the architecture and folds the function back into the main CPU, at which point the cycle begins again.".

This is just a new cycle of the mainframe -> distributed systems -> cloud (mainframe), with a different hat on.

Very little helps: Tesco flashes ancient Windows desktop on Scan-As-You-Shop device


ATM Software

I saw an interview with an ATM software vendor that said the best thing to use is Windows. I think they said, what else would you use. I thought ANYTHING just ANYTHING else. Ease of use (esp programming ease) doesn't seem the primary design goal on an ATM.

Some ATM vendor I saw was now using Android as a light weight UI OS with the smarts on a back end system.

Waitrose seems to use Android on it's self scanners from the look of the UI.

BT: UK.gov ruling on Huawei will cost us half a billion pounds over next 5 years


Why are they still in Business?

I can understand why Openreach makes money (no choices in so many areas) but BT. Especially BT Enterprise, easily the worst company I have ever dealt with!

I'd have had to deal with Oracle and Microsoft.

No Mo'zilla for about 100 techies today: Firefox maker lays off staff as boss talks of 'difficult choices' and funding


Switched back to Firefox for privacy reasons

As Firefox allowed me to host my own sync servers (bookmarks, history, passwords, open tabs on each device) which is impossible with Chrome or Chromium based browsers. Actually someone opened a bug about this on Chromium (hosting your own sync server) and they pretty much closed in straight away (the Google mothership would never allow that!).

The new engine is pretty fast but I doubt many other people care about their privacy! In the same way they don't mind connecting an microphone in their house to the Internet!

Just in case you were expecting 10Gbps, Wi-Fi 6 hits 700Mbps in real-world download tests


My Mantra

Wireless when you have to. Wired when you can.

Has served me well over the years. My phone needs to be Wireless but the TV doesn't !

We are absolutely, definitively, completely and utterly out of IPv4 addresses, warns RIPE


Re: Lies, damned lies, and statistics that don't lie.

"Any idea why the IPv6 traffic has a 5% difference during the week versus the weekends"

It's thought this is due to corporates having lower IPv6 adoption than domestic ISPs.

Microsoft explains self-serve Power platform's bypassing of Office 365 admins to cries of 'are you completely insane?'


Re: IT Screwed over by Microsoft

"In my opinion (constantly being criticized for it) the cloud is not a good solution"

It's remarkably hard to find any critical analysis or comment of cloud solutions from a brief internet search. Seems to largely be treated as a "you just don't get it Grandad", if you ask for any analysis of the approach vs on prem.

One of the biggest issues I see are backups. Seems like even telling people that this cloud solution esp SaaS, will not really be able to be backed up by us (even if we have the data we probably won't have the software to run the backup against, if vendor goes tits up etc), is just being old fashioned.


IT Screwed over by Microsoft

This has pretty much always been MS's modus operandi. The always sold to other staff (in the past senior management and let IT pick up the pieces later). Things like Outlook, pretty much needed Exchange with this, but certainly (esp in the early days) wasn't the best email/groupware server out there, IT just had to suck it up.

We are going to see a lot more of this as the cloud becomes the only option, easy to get into for management, "hey we can save money on IT, we don't need to buy all this stuff", to "wow this is expensive to run month to month, IT how did you let this happen!".

Hell hath GNOME fury: Linux desktop org swings ax at patent troll's infringement claim


Have Big Players Contributed?

Given Red Hat, Ubuntu and Google (Chrome(books)) all use Gnome technology, shouldn't they fully fund this defence. It should be small change to this collection of companies.

Three UK goes TITSUP*: Down and out for 10 hours and counting


Re: "experiencing intermittent service"

Strange, the downdetector seems to suggest it's countrywide.


"experiencing intermittent service"

Yeah I have to say that bugs me. Has anyone got any access at all, the network looks completely down country wide!

Any to give zero feedback all night on any platform isn't good.

Conspiracy loons claim victory in Brighton and Hove as council rejects plans to build 5G masts


Re: Neoliberalism SUCKS

"PRECAUTIONARY PRINCIPLE", sounds like you are asking to prove a negative.

To say otherwise you'd have to show some evidence of risk.

Off somewhere nice on holibobs? Not if you're flying British Airways: IT 'systems issue' smacks UK airports once again


Re: Not again!

Yup it's working brilliantly, IT costs were reduced so some exec got a bonus for that and if problems result in executive heads having to roll, no problem, the golden parachute can be deployed.

Microsoft hikes cost of licensing its software on rival public clouds, introduces Azure 'Dedicated' Hosts


Re: $106k over three years

I guess the main thing is at some level you are swapping capex for opex. A lot of accountants/companies like this. And okay you can do leasing deals on hardware, but often this is seen as borrowing on the companies books and even if can be tuned (financially) to be pure opex, you cannot turn up and down costs as easily as Cloud/SaaS.

Not saying this is right, but some companies run on thinking it's being better to own nothing. And probably think they don't need as many IT staff to run this.

Will cost more in the long run, but doesn't matter as they didn't get a big bill upfront and have to get that approved (maybe by the board).

I have heard the phrase "Cloud Shock", when an accountant wakes up and suddenly sees how much all these cloud things are costing. I have heard of cloud companies who suddenly find they are sending 25% of turnover to Amazon, as it was so easy to spin up things.

We are just in a new Cycle of Reincarnation, mainframe -> Client Server -> Cloud (mainframe again really) --Probably--> in house some things (when people start seeing the costs of all this)

Freaking out about fiendish IoT exploits? Maybe disable telnet, FTP and change that default password first?


Re: How many home users *need* the admin password anyway ?

Sadly its getting very hard to buy a camera that doesn't need a cloud service to work. The best now are some cheap Chinese ones that can have it turned off.

I bought a Tenvis HD 720 for 20 quid. It works, but you either need to use an Android app to fully configure it (which I had little luck with) or an ActiveX IE (yes really!). But once setup it can be viewed with VLC , and can have the cloud service disabled.

My cheap web camera from 8 years ago let me configure most things and view it from Firefox. Why did they remove that and leave ActiveX!

Sadly most people just don't care!

Are there any cheap cloud free webcams anymore fully configurable from a modern browser? Anyone know?

Eggheads confirm: Rampant Android bloatware a privacy and security hellscape


Re: a critical application like Google Play Services

On my new phone (a PocoF1 if that matters) I decided to go cold turkey with LineageOS and not install any Google Apps or Google Play services. Most things are absolutely fine. A few things complain about lack of Google Play Service but continue to work (if you click through the warnings). These include the "National Rail" app, Hive and surprisingly Nest. For mapping I have use HereWeGo which is okay.

Everything else seems fine. The only completely broken thing for me is RingGo which starts but just blows away. I can use their mobile website for that. I guess it would probably work if I took a microG version of LineageOS but as I'm mostly there I have resisted. (microG being an open source reimplementation of the Google Play Services, not everything is there )

Windows Defender ATP is dead. Long live Microsoft Defender ATP


I don't have a problem with MS doing this

At least this isn't MS's main business and unlike the AV vendors it isn't in their interest to oversell this. Just would make their main revenue businesses look worse (i.e. The security of Windows).

PuTTY in your hands: SSH client gets patched after RSA key exchange memory vuln spotted


Re: PuTTY's days are numbered

I had (admittedly quick) look at this and can't see a way to make it do GSSAPI/Kerberos, which PuTTY does well (i.e. no password when going from AD joined Windows to Linux).

Does this feature work?

Radio gaga: Techies fear EU directive to stop RF device tinkering will do more harm than good


Re: Gonna ask what may be a stoopid question here...

Probably nothing and probably not thought of by some Eurocrat.

This could make Raspberry Pi (and their ilk) devices illegal (if taken to absurd conclusions) or even laptops with wifi/bluetooth.


Industry Lobby

I kind of thought this is the result of an industry lobbying effort.

Or like the US equally ill-judged directive, maybe the concern about certain WiFi frequencies that have been known to hurt Doppler radar. But this is a rare issue and have been deliberate ill advised config by a few people. So basically sledgehammer and walnut come to mind.

Sure, you can keep Grandpa Windows 7 snug in the old code home – for a price


Re: Don't worry 7,

I don't think cygwin uses the POSIX in the NT kernel. They are like the opposite of Wine convert POSIX calls to Win32. The POSIX in most Windows releases is dreadful and not really used and barely worth talking about. Only recent developments with "Linux" on Windows 10 have improved matters.

Boffins debunk study claiming certain languages (cough, C, PHP, JS...) lead to more buggy code than others



I wonder how rust would do as the claim is it removes memory bounds issues.

Always wondered if this would just move the issues, a study like this might show if there is value to this approach. And if the rust OS redox is a sensible way for us to all go.

4G slowcoach Three plans network and IT overhaul to get foot in the door with 5G


Replace Home Broadband Unlikely

We hear this with every new technology from the mobile operators. We heard it with 3G, 4G and now 5G. I remember those 4G adverts about streaming movies to your phone, which you'd be insane to do on most data plans.

All of these (3G, 4G) were fast when few used them, now many are on them they can be pretty slow. When using 4G in central London it can be really painful with all those mobile devices in a small area.

Fundamentally Wireless is a shared medium, and cables aren't. 5G even with directional signalling just isn't going to compete with FTTP (which should *hopefully* be making progress by 5G launch/popularity). By this time mobile data requirements will have gone up plus video will be moving to 4K in houses. Do we really want to have all these homes using 4K and slowing our mobile experience down. No thanks.

They aren't actually competing technologies. The mantra I used to hear:

Wired when you can, wireless when you have to.

Still seems to hold true, use the correct one for the job. I'm always amused by people using WiFi to a TV right next to a router. Just run a cable for the TV and leave all that WiFi bandwidth for devices that actually need it phones, tablets, laptops etc.

We (may) now know the real reason for that IBM takeover. A distraction for Red Hat to axe KDE



It will probably be in EPEL but sadly that will mean no RH support if you find issues. That's a deal breaker for such a critical component in our organisation.

Worst. Birthday. Ever. IPv6's party falls flat


Re: Follow the $

Yeah that is really annoying. There is really no excuse not to statically allocate IPv6 prefixes to home users.

A quarter star to Sky and BT that at least to sticky allocation, you will always get the same one if you don't release it.

This is just ISP's desperate to hold onto the static allocation extra cash of IPv4 they have got used to with their small business/enterprise products.

Sadly the protocol designers in their ivory towers mostly seemed to assume getting static allocation. It does all work just isn't very clean if it changes. They obviously didn't see how money grabbing some ISP's can be.

An example of the hassle with this is for LAN servers that you'd like to be static. Even if you use private addresses (ULA) internally, I don't know of any host (OS) that you can say I want to statically allocate my ULA prefix but my global (Internet addresses) prefixes should be got from NDP (as it has to be as it can change, see money grabbing ISP). This means that my server coming up is now dependant on my NDP server(router) being up, not so great for reliability (or rebooting things when your router is down, or when everything is rebooting (after a power outage)).

IPv6 growth is slowing and no one knows why. Let's see if El Reg can address what's going on


The Big Issue is Businesses

I have IPv6 at home but not at work. I think this is the big drag factor in IPv6 deployment. Businesses.

Apart from slow players (looking at you Virgin and TalkTalk) Home users are gradually getting there.

Business in general, sees no real reason to implement something when they have no issues accessing all the Internet on IPv4 and aren't short of addresses in the v4 private ranges. Not until there is *some* degradation in the IPv4 experience will we see adoption of IPv6.

IPv6 isn't perfect, far from it. But it is deployable and is better than IPv4, but humans tend to be awful at just getting on with something when it's obvious is needs to happen but not that it has to happen right now (e.g. global warming).

There will be blood: BT to axe 13,000 employees


Amazed BT are still in business

To be honest I'm always amazed they are still in business at all. I mean I have dealt with some bad companies but BT take incompetence to new levels in my experience.

I have taken 4 months to arrange a paid engineer visit to a site to do some work. On both occasions, despite checking that all was well the week before, they failed to attend the site as arranged. I have had contracts set up by a BTLB for these visits, with other parts of BT telling me these contracts "weren't going anywhere in BT" as they are wrong (what a thing to say to a paying customer, you guys sort it out between you).

BT seem to have only a few people that will take ownership of problems but would rather pass you to the next call centre.

The actual engineers we have seen have been very good (though near or past retirement age), you wonder if the recruitment drive is such a big deal as it looks like they need to replace *a lot* of ageing engineering staff. How many are new people adding to the pool?

They obsess about EE and BT sport whilst being unable to get the basics right.

I can understand domestic customers being lumbered or just having always been BT customers forever. But businesses, I can't understand why you would...Even for lines I'd rather get some other company to frontend Openreach and they can deal with BT.


Re: Hope BT Local Business are getting canned

Couldn't agree more. If you don't know the horror of this, a BTLB is a third party company that BT outsource some of their business customers account management to.

My experience is that they are really only interested in new sales (presumably all they get paid by BT for), so any issues with an existing contract (even a pretty hefty one) don't get actioned well. Seem keen to bug you for new work when the existing stuff isn't going well.

Someone in BT probably got paid a pile of cash to think up this broken BTLB scheme.

Audiophiles have really taken to the warm digital tone of streaming music


Worried about Digital download's future

I'm slightly concerned about the decline of digital downloads, I get the feeling these will disappear in time.

They seem like the best way to get music for me. Firstly, I can download in DRM free lossless formats (FLAC) and don't occupy any house space like a CD. The advantage over streaming services is that I own them and they can't be withdrawn at a whim e.g. by companies falling out with each other.

My second choice is second hand CD's. I only need to read once to rip and they can live in a cupboard. But CDs seem to be in the decline too.

To be honest I'm not bothered about the lossless format, it just means I can always get back to the raw audio to move to any future file formats without re-ripping, without artefacts of a sequence of lossless decodes/re-encodes would potentially introduce.

Why people like Vinyl is beyond me. Inconvenient, crackling and a self degrading format. Where they often have to make the lower frequencies mono to stop the stylus jumping out of the grove (and this is a frequency above your sub-woofer operates before anyone thinks this doesn't matter) and the quality gets worse the further into the disk you play. Liking vinyl hipster anti-science a bit like global warming denial. Only excuses for it is sentimental reasons, artwork appreciation and avoiding the loudness wars on some recordings (but then you should digitise immediately and never play it again!).

I wish there was a DRM digital download service for video, but that just doesn't seem to exists at all. Unless anyone knows better?

OK, this time it's for real: The last available IPv4 address block has gone


Re: IPv6 in the DMZ

One of the big drivers has been US mobile companies. They run out of private 10.x space quickly, as 19 odd million isn't large in mobile subscriber numbers.

Google's not-Linux OS documentation cracks box open at last


Re: "I'm not sure anyone can realistically replace the Linux kernel"

Your joking. In 2008 the Linux Foundation estimated (using other people's tool) the following "Additionally, it would take $1.4 billion to develop the Linux kernel alone. This paper outlines our technique and highlights the latest costs of developing Linux.".

The kernel at it's very basic isn't over hard (task switching, memory management etc). Making these efficient and reliable plus adding thousands of drivers is really hard.

Nothing lasts forever, But replacing a fully open project like Linux with a closed tossed over the wall Kernel isn't a big win surely!


Fuchia not such a dream future

An OS I can't contribute to that just gets tossed over the wall every so often. Also combined with the suggestion this will only install over network (with local device caching). Yeah a great win that!

I'm not sure anyone can realistically replace the Linux kernel (even with Google's resources) and provide the same level of functionality. For all Android's sins (and there are many), I can still get access to standard Linux things that are unlikely to be present in Fuchsia (iptables, monitoring tools, proc filesystem etc) some maybe, but certainly not all and not with the depth of functionality.

Also Linux will have much greater driver/filesystem support than Fuchia ever realistically could. This allows third parties to take Android AOSP sources and tune the kernel build for new hardware/filesystems.

As a recent Google ex-employee said, Google are now more interested in competing than brining new technology. This is likely the main motivation (to lock out Amazon and other vendors that use AOSP) from simply taking their OS (even though this was encouraged before they had market share).

This is unlikely to benefit end users...

Hot NAND: Samsung wheels out 30TB SSD monster


"Encryption eats a lot of CPU cycles, which have become a concern after Spectre/Meltdown, and the stability of sw based encryption is shaky at best."

With LUKS on most CPU's the encryption has very little overhead at it uses the AES instructions in the CPU (so basically it is done in hardware).

One set of benchmarks I saw has the encrypted disks as faster than non-encrypted. Last time I read it it was thought this might just be to do with newer more optimal code in the LUKS code...but I'll take that with a pinch of salt.


I think realistically it is likely in the 5% region of CPU overhead.

TalkTalk to splash £1.5bn laying full fibre on 3 million doorsteps


And given TalkTalk still can't even do IPv6, should we trust them to deliver 1Gb without CGNAT!

Well done, UK.gov. You hit superfast broadband target (by handing almost the entire project to BT)


Re: Exchange-only lines?

"Why they couldn't just put a rack in the exchange, and call it a cabinet, and mount the equipment there, I don't know. However, I did end up with 70Mbs actually delivered, so happy enough with the solution."

I wondered this and looked it up. It took me a while to find the answer. Apparently they aren't allowed to, as they think VDSL in the Exchange would interfere with the in Exchange plain old ADSL (RF leakage etc).

Makes you think the better solution would just be to get everyone over VDSL and ditch old ADSL completely (certainly for that Exchange) and if people don't want VDSL speeds just put them on a slower contract at the same price.

PowerShell comes to MacOS and Linux. Oh and Windows too


Bash is superior but isn't supposed to be as feature rich as PS

So many people here are posting things BASH can't do but PS can. But BASH wins on simplicity to do relatively simple things. PS syntax like most MS things is flabby and non-obvious.

Lesson one any Unix admin learns, is know when your task is too big for the shell and time to switch to back in the day Perl now Python et al.

Uncle Sam's treatment of Huawei is world-class hypocrisy – consumers will pay the price


Re: Also

And also. I worry more about UK (through the US too) government spying on me then kicking my door in for a thought crime e.g. porn age verification, looking into restricting encryption on the road to building our Orwellian society.

The Chinese government can't kick my door in!

To be honest the Kaspersky, are probably suffering from the same protectionism in the US.

UK.gov admits porn age checks could harm small ISPs and encourage risky online behaviour


There is a good video the Open Rights Group have from a conference.


At 14:12 and 16:20 even more so show there is virtually no research been done on this at all! So not an evidence based policy at all.

I always think this is being done to placate the blue rinse brigade in the Tory party that find this new newfangled Internet a scary place.

This video also talks about how bad the schemes being prepared really are.

CrashPlan crashes out of cloudy consumer backup caper


Darn it

I was looking at them as a further backup of a home server. Sadly lots of people are unhappy as their recommended replacement (Carbonite) doesn't have a Linux client (which I believe lots of users used to backup a home NAS). Neither does Backblaze.

Red Hat banishes Btrfs from RHEL


RH looking at a different solution "Stratis"

Asking about this elsewhere it looks like Red Hat are doing work on the "Stratis Storage Project" .

This seems to be a bit of a management system that will allow you to emulate pretty much all features of an next generation file system using existing layers (LVM, MD , XFS). But adding things like block level checksumming to MD/LVM to allow the equivalent of individual file check sums. The argument seemed to be to, building this in a single layers like BTRFS and ZFS is too hard. The layering allows you to make the programming/debugging more manageable. I guess the key would be communication between layers, bad block checksum tells XFS the file is corrupt etc.

Details here:



They also seem to have some interest in "BcacheFS". A "Bcachefs" developer says there are fundamental issues with the BTRFS design:

"btrfs, which was supposed to be Linux's next generation COW filesystem - Linux's answer to zfs. Unfortunately, too much code was written too quickly without focusing on getting the core design correct first, and now it has too many design mistakes baked into the on disk format and an enormous, messy codebase "


Not sure the truth of this, I don't know enough about it.

Latest Windows 10 Insider build pulls the trigger on crappy SMB1


SMB1 only

Wow SMB1 ripped out.

Lets rip out NetBIOS over TCP/IP and run SMB over so called directly hosted port 445 (goodbye WINS)

But better still disable, NTLMv1 and NTLMv2 and just do Kerberos only. NTLM is arguably a much bigger problem than SMB1.

Then we can start talking about how you are addressing security issues!

Does it take a widely exploited flaw before MS disables some of this old crap. Flaws in NTLMv1 and v2 have been widely discussed in hacker conferences for years.

DUP site crashes after UK general election


DUP not good on Cloud solutions?

Or never expected to need a scalable website?

But then again who did?

HPE to staff: 'We are permanently clipping your costs'


Was the HP HPE split worth it?

As soon as they split I had a phone call from sales people from both HP and HPE. They seemed to not totally know which piece controlled which product lines if they were a bit obscure (presumably this is clearer now).

This split just seemed to lead to needing to duplicate staff in many functions for the two new companies. Driving up costs.

I don't have enough experience of these new companies but have end customers seen a massive benefit to these new businesses being more "focused"?

Call me cynic, but the main benefit of the split would seem to be an exec who probably got a massive bonus for this business "innovation". Or maybe execs getting promoted as there are now two sets of senior exec positions to fill! And associated costs

Happy to be told otherwise by people who know more.....

Microsoft Master File Table bug exploited to BSOD Windows 7, 8.1


"$MFT requires SYSTEM level access", no it works with an unprivileged user.


So easy to trigger

I found the fastest way on Windows 7 was to open a cmd window and type

start c:\$MFT\123

Then I can't open another file on the system and pretty much everything locks up.

To remotely exploit you would seem to need the root of a drive shared or a domain account that can open admin shares:

start \\machine\c$\$MFT\123



Biting the hand that feeds IT © 1998–2020