* Posts by theblackhand

924 publicly visible posts • joined 1 Oct 2009


British Library pushes the cloud button, says legacy IT estate cause of hefty rebuild


Re:Cloud OpEx versus onprem CapEx

The story hints that there has been significant underinvestment in the past and that there is a skills gap for cloud services in the current IT teams.

That translates into CapEx being difficult to obtain but once it is obtained it will likely be eked out over an extended operational lifetime.

And on the cloud side, a lack of skills often results in a failure to update and decommission older systems which results in spiralling OpEx costs without ever addressing the funding gaps in skills and legacy systems.

So I'm not confident that we would see any medium to long term benefit or difference for either approach or a hybrid of the two if the underlying issues are not addressed

Another airline finds loose bolts in Boeing 737-9 during post-blowout fleet inspections


Re: Loctite

Rather than certify a new reputation with the FAA, Boeing choose to add some software that made the old reputation look OK so they could sell more of the same old crap.

What could possibly go wrong? Other than the software malfunctioning and causing board members heads to become so tightly wedged where the sun don't shine that their heads cannot safely be removed by even the most skillful medical team.

Bank's datacenter died after travelling back in time to 1970


Re: Yearly tasks....

A long time ago? What are you talking about?

The 1990s was only 10 or so years ago....

Red Hat greases migration to RHEL for CentOS 7 holdouts


Following significant customer demand, "Why did you do this?" will be added but you will need to enter credit card details before you can see the answer after agreeing to IBM's terms and conditions.

The answer will be "you should have just paid for the RHEL licenses, it would have been cheaper..."

HP printer software turns up uninvited on Windows systems


In Windows, if you go to the Microsoft Store and search for Sprinkler where will be an app with what looks like the poo emoji.

Install that, wait 10 minutes and every festering stain on humanity will be installed...

Note: on OEM systems, the manufacturers poo sprinkler may be pre-installed and you maybe unable to notice any additional applications following the use of the generic windows poo sprinkler.

Vanishing power feeds, UPS batteries, failover fails... Cloudflare explains that two-day outage


Would testing have helped here?

My reading of the power situation was that IF the data centre had used it's generators for powering just the data centre, the earth issue likely would not have happened.

Only the data centre knew about the deal to sell excess power back to the grid and as that was unknown to Cloudflare it is very unlikely that it would have been a test condition.

My take on the lesson here is that if you need things to be done reliably at cloud scale, you either have to be able to quickly scale horizontally across facilities (challenging as your interconnects either become the bottleneck on scalability or the cost of additional facilities becomes a significant factor in scaling) or you run the data centres yourself to allow these risks to be managed inline with your company's goals.

Or you try to be transparent and hope the explanations are sufficient to satisfy customers and you keep enough systems up to get by.

Linus Torvalds releases Linux 6.6 after running out of excuses for further work


The thing that always amazes me about Linux topics is the crossover between "I use Linux because of how flexible and powerful" it is and those that dislike any new features even if they plan not to use them.

Improved SMB performance means faster NAS/filer performance from appliances and various storage distributions for home and business users and I guess we will see if your security fears materialise based on these features.

If you don't use it, switch it off...

UK tribunal agrees with Clearview AI – Brit data regulator has no jurisdiction


France have fined Clearview and Clearview have not paid as France has no jurisdiction to impose the fine until Clearview either has an entity within French territory or a French entity starts working with them.

I would argue this is the difference between how the French and English feel laws should be interpreted rather than a failing of data protection laws when there is no jurisdiction.

Volkswagen stuck in neutral after 'IT disruption'


Re: Rumours...

While it wouldn't be the first subscription type service to cause issues, maybe this is the kick that hardware manufacturers need to understand why it's such a terrible model for anything other than their revenue streams...

Or maybe my beers just half full. Or maybe I forgot to renew the subscription for the other half.

IBM Software tells workers: Get back to the office three days a week


A small correction...

IBM Software, sensing an easy way of culling staff, has mandated a swift return to the office for staff globally, telling those living within a 50 mile (80km) radius of a Big Blue office to be at their desks at least three days a week.

IBM also called on the government to also large corporations to allow the use of guns in their HR practices to cull the weak, infirm or those they just considered too expensive.

IBM Cloud to 'uplift' prices by up to 29 percent


Re: IBM Cloud to 'uplift' prices by up to 29 percent

The race is still on for IBM and Oracle - which will be the first to give up on in-house cloud and go with one of Azure/AWS/Google?

While I'm sure they would prefer to go with an alternative, I'm not sure their government customers would be too happy...

IBM shows off its sense of humor in not-so-funny letter leak


Re: Blame AI

Are ElReg commentards attempting to take over from the Onion in the "accurately predicting the future via sarcasm" game?

How many months before Watson appears at a comedy festival to demonstrate IBMs advanced in AI?

So much for CAPTCHA then – bots can complete them quicker than humans


Re: Task failed successfully.

"After 10 tests, there is only 1 in 1024 chance of humans doing all of them correctly, while bots will get them every time."

I think you maybe onto something.

My only concern is that 1 in 1024 is too low and increasing it to 20 tests makes the chances of it being a bot

This would obviously show a huge increase in popularity for the tests (based on the numbers of tests completed...), and adding an audio component that detects frustration based on muttered swearing could provide an additional level of checking in the future...

Euro monopoly cops to probe Microsoft for slipping Teams into Office


Re: Edge

There might be a reason for not mentioning Edge:


Or are you referring to the monopoly it has on being used to install Google Chrome?

UK's proposed alt.GDPR will turn Britain into a 'test lab' for data harvesting


Re: Yay - yet more laws

Harmonizing EU and US data laws? 1998 called, admires your optimism and thinks it might just have a way around this mess....

25 years later and 4 workarounds that have been dismissed by European courts (correctly - it's difficult to dispute their arguments) as unsatisfactory, here we are with neither party prepared or likely to move and yet somehow, multinational business must go on.

I'm ignoring the UK because the best they can do in this is choose a side.

BOFH: Cough up half a grand and we'll protect you from AI


I think what you mean is that a long-term solution is better than a workaround that will just need fixed properly later...

BOFH takes a visit to retro computing land


Find an emulator....

Digging up old hardware starts with a "bargain", is briefly interrupted by some failed hardware, encouraged by buying a replacement card for a small fortune before entering the world of resoldering and buying dead cards and motherboards in the hope that you can find that elusive working component.

If the game you were hoping to play was "1990s hardware technician" then you're in luck, for other games you have emulators to get to the really fun task of configuration settings to try and make them them work properly...

UK government scraps smart motorway plans, cites high costs and low public confidence


Re: "adding ramp metering."

Having worked in IT long enough to see multiple generations of OS/applications, it always surprises me when people on El Reg suggest teaching/training/changing peoples habits as the low cost option.

In large companies, a large portion of the group will adapt with or without training but a statistically significant portion (lets say 20% based on the 80:20 rule) are resistant to change even after multiple training sessions or require workarounds (i.e. upper management where PA's manage the majority of their communication).

Applying that to the UK driving population of ~40 million (or ~32 million if you reduce it to drivers using vehicles at least weekly) that is a sizeable group to change without significant cost/effort (i.e. retesting every 10 years would likely cost drivers £200m/year assuming a similar cost to obtaining a license and the cost of individuals time versus alternative activities being around ~£50/renewal) and while I have no doubt there would be some benefits to this around better driver behaviour, studies of post-license driver education from multiple countries have shown very little benefit in terms of accident reduction.

The reality is that there have been significant improvements in vehicle safety and road engineering over the last 10 years in the UK (21% reduction between 2009 and 2019 or 24% reduction between 2011 and 2021 but COVID impacted the 2011-2021 figures) even with ~2% annual usage growth over those periods

Forget ChatGPT, the most overhyped security tool is technology itself, Wiz warns


Re: "in the end, it's not really about the tools you buy"

Are you suggesting that purchasing a firewall was not enough?

It's siting safely in a locked room in the box it came in.

And even I'm unsure if this is sarcasm or just reality in some organisations.

Microsoft Office 365 Cloud has a secret lining


Re: Is that not an oxymoron ...

This presumes "someone else's cloud" is a worse option than the most prevalent existing option of "someone else's data centres"

The results of ~10 years of security reviews and assessments designed (subjectively...they were designed by the contractors that later failed the assessments) to demonstrate how insecure cloud computing was.

Note that the DoD cloud solutions are not generally accessible and require authorised connectivity following an assessment of your own premises security implementation.


FOSS could be an unintended victim of EU crusade to make software more secure


I would suggest your comparison to tobacco advertising is flawed.

WHO estimates the removal of advertising and marketing resulted in a 7% decline in tobacco consumption in European countries where the bans were in-place and resulted in significantly lower numbers of new smokers.

From numbers released by tobacco companies, the marketing and advertising budgets were still being spent but on initiatives to help sellers versus advertising targeting consumers (i.e. smoking areas/smoking "gardens" in pubs and bars).

And the bans paved the way for tougher anti-smoking legislation as opinion wasn't being swayed by consumer focussed advertising.

Unfortunately, almost none of the issues with cyber security overlap with tobacco - cheap (relative to cost of manufacturing), poorly supported IoT/similar low cost devices (versus hugely profitable tobacco where even with huge taxes on products, tobacco manufacturers made billions) means vendors have even more reason to disappear while offering no support. And a "replace rather than fix" policy would eventually come into conflict with other EU policies around environmental issues.

My suspicion is that the "€180-290 billion saved" figure won't come from manufacturers if end users (companies rather than individuals - per incident cost for individuals likely don't pay for support or carry out maintenance for a variety of reasons from stability to system validation to poor practice (amongst others).

The "market" approach seems to be cyber insurance but it's immature at present based on spiralling costs and how it is implemented/paid out. I suspect it will arrive at a workable solution long before the manufacturer regulation approach without making products unviable in the EU

(That's not meant as a general "regulation" vs "free market" opinion, just a criticism of attempting to regulate an area that is poorly understood and I'm sure regulations will become a part of this in coming decades as viable paths appear)

Linus Torvalds to kernel devs: Grow up and stop pulling all-nighters just before deadline


Ban hammer?

What you need is the BOFHs patented clue hammer.

Repeated application either imparts the required clue or permanently fixes the problem.

Tried and tested on hardware. Tempted but untested on westward.

Dev's code manages to topple Microsoft's mighty SharePoint


Re: Exchange

What a ridiculously complex system.

We once had a WordPerfect user who kept all of her correspondence in a single document. Seperate by page breaks naturally, she wasn't mad....

Mars helicopter mission (which Apache says is powered byLog4j) overcomes separate network glitch to confirm new flight record


Re: IoT always the weakest link in the network....

So there is less space in space than we initially thought? Do we have the space needed in space to make more space if we do run out of space?

Cisco requires COVID-19 shots for all US staff – even remote workers


Re: Get rid of the religious exemption.

Depends if you go Church of Satan or the Satanic Temple.

Satanic Temple is the more mainstream option and tend to go with the follow tenet for their vaccination policy:

"One should strive to act with compassion and empathy toward all creatures in accordance with reason."

The Church of Satan is much smaller and their policy on vaccination is very much down to individual choice but don't cause harm to others unless you are prepared to be destroyed by them so arguably that does support vaccination...

For anti-vax you a probably looking for the evangelical nationalists but they all paint Satan as the bad guy while they do what ever they want. Without any acknowledgement of the irony...

East London council blurts thousands of residents' email addresses in To field blunder


Re: Apology accepted

I admire your optimism that only one level of categorisation is necessary...

Home office setup with built-in boiling water tap for tea and coffee without getting up is a monument to deskcess


"... than poorly heated Legionnaires' disease coffee made from a warm tap."

How can you get Legionnaires' from a tap that's been broken since 2017?

And if you're fast enough to get to it in the few seconds between the maintenance people "fixing" it and it breaking again, I suspect what ever gave you superhuman speed likely also gave you an improved immune system.

Turns out humans are leading AI systems astray because we can't agree on labeling



We need another standard....

And an AI to create the standard of course.

Yep, you're totally unique: That one very special user and their very special problem


A little harsh

Having supported Adobe/Coral products on Windows and Mac's in the 90's, the differences were night and day in terms of what you could produce.

Windows was fine as long as you didn't run into memory problems (i.e.you weren't doing anything large) and didn't require clip art or fonts. And even support for things like lartge capacity removable storage (i.e. Zip drives) was significantly more reliable on Mac's. And if you wanted to get material printed externally, the printing bureau was probably using a Mac so guess option didn't require IT support.

Over time those differences disappeared as Windows hardware overtook the PowerPC platforms and by the time I next had to deal with mixed Windows/Mac environments it was 2007 and the differences between the platforms were largely down to user familiarity with an OS rather than genuine differences - it was not uncommon to see high end Windows servers doing the heavy lifting with a mixture of Mac's/Windows boxes scattered through studios depending on user choice. That presented other issues, but they weren't unsolvable.

Groupware is not dead! HCL drops second beta of Notes/Domino version 12 and goes all low-code and cloudy


Re: Teams, obviously

Consistently the worst may give the impression that is unchanging (particularly if you used competitors and just wished it would do X "that" way - you could never accuse Notes of being just another clone...) there were changes.

Honest - maybe even some that were positive. Oh...those were bugs. Ignore me.

Bill Gates on climate change: Planting trees is not the answer, emissions need to be zeroed out to avoid disaster


Here's Mr Gates key statement about planting trees:

“It has obvious appeal for those of us who love trees, but it opens up a very complicated subject ... its effect on climate change appears to be overblown.”

30 million trees is able to capture the CO2 produced by 100,000 "average" people on this planet.

The UN believes that global population growth over the next 10 years will be 1.2 billion people. So 360 bn additional trees to offset population growth before we start looking into an overall reduction.

For the UK's part, the Tories are proposing an estimated 50 million trees a year or 0.5bn over 10 years for a population rise of 3.5 million in the same period. Approximately half the amount required.

Realistically, the UK would need a population decline of 3.5 million and planting 50 million trees a year to have a real effect. Or just the population decline...the trees are a rounding error even if they look pretty.

Linus Torvalds labels Super Bowl 'violent version of egg-and-spoon race'


Re: As an American, I can tell you some Super Bowl secrets

Can I offer you some broccoli?

UK Cabinet Office spokesman tells House of Lords: We're not being complacent about impact of SolarWinds hack


"If those vaccinated can still become carriers of the virus then the risk of the long gap before the booster jab is that it may make it more likely for vaccine-resistant mutations to develop."

While this is possible, the question is how do you deal with a limited supply of vaccine? Do you dose only the people you have two doses for or do you give lower levels of coverage to the largest group possible and hope that supplies increase to allow you to reduce the gap between doses?

Ethics/fairness suggest providing the greatest coverage is more important than "what if" risks givel the 40%+ mortality rates in the over 80s. Particularly when the "ideal" situation isn't possible.

As an approximation to the UK rollout (i.e. ignoring slow starts/acceleration as doses increase) of 2m doses a week, the "second dose within 12 weeks" delivers 65% coverage of the 13m target population within 7 weeks and 2nd doses within 8 weeks for a completion in 14 weeks. The "ideal" situation delivers 65% coverage of this same population within 14 weeks and completion in 16 weeks. Combined with patient transport/vaccine storage issues/scaling up vaccine supply chains/contingency in the event of vaccine shortages, I'm not sure there is any real argument for an alternative to the current method.


"The scientists' role is to provide the best estimates of numbers on the basis of knowledge available at the current time. Ditto the economists. "

The problem is that for most experts in any chosen field, there will be those with alternative views.

If we take Coronavirus, there have been scientists saying we aren't locking down fast enough based on very little evidence (that may later prove to be correct) and scientists that are saying we should lock down gradually as they want overwhelming evidence that it is the right thing to do.

While the tendency has been to blame the Government/SAGE, the role of the media where the are choosing multiple options and then pointing at the one that is viewed as most correct is easy.

I'm not trying to give the government a free pass - I think they have clearly made mistakes all through the handling of this crisis. Where I am a little more lenient is in distinguishing between being presented with evidence, letting departments/minsters discuss it and producing a resulting action. Historically this would have taken weeks or months but is being done in days or sometimes even hours.

Saying things has always been easier than doing them, particularly when many layers of bureaucracy is involved. And that is backed up by countries with devolved power doing better than those with centralised power.

File format conversion crisis delayed attempt to challenge US presidential election result


Re: baby eating Satan worshippers

And baby-eating Satan worshippers would seem to be an oxymoron based on rule #9

After 11 years, Australia declares its national broadband network is ‘built and fully operational’


Re: Fibre to the Premises

"5G...they can only install Antenna masts where there is Fibre... your essentially sharing a Fibre connection"

It doesn't have to be fibre, there are other backhaul options - microwave/radio are common and capable of significant speeds.

But yes, you will be sharing that backhaul connection. As you would with pretty much every Internet connectivity option.

Dutch officials say Donald Trump really did protect his Twitter account with MAGA2020! password


Isn't it a bit risky using you net worth as your lugguage combination?

Uri Geller calls off 20-year ban on Pokémon trading card that 'stole' his 'signature image'


Re: being willing to be involved in making yourself look a fool

Or the funniest thing you will ever see...

Who among you can resist an eight-core, 2.9GHz mini-PC or thin client that drives four displays?


Re: Not really embedded ready

"We looked at AMD embedded processors as a replacement for our Intel processors."

Is this with the latest designs or older units? AMD's embedded options have trailed the desktop/server CPU's in both core versions and process. 2020 embedded are the first ones that are likely to be competative with Intel (theres a similar story on the mobile side)


2020 generation embedded: Zen 2 cores/5th gen GCN GPU/7 nm

2018 generation embedded: Zen+ cores/4th gen GCN GPU/14 nm

2015 generation embedded: Excavator cores/3rd gen GCN GPU/14 nm

Of those, it's only really the 2020 versions that are likely to be competative with Intel as they move to 7nm and start to outperform Intel 14nm+ or later chips.

And if you were testing against the 2015 generation chips, maybe AMD will give you a freebie 2020 version to make up for wasting your time.


"Since nVidia own ARM, that kind of makes them allies of Apple for the time being."

Being an ally of nVidia hasn't been a good thing historically - they tend to drive prices up until their allies start to struggle. Or run to an alternative.

Linus Torvalds hails 'historic' Linux 5.10 for ditching defunct addressing artefact


Re: bye bye 2038

Shhh - if they perfect stasis in our lifetime I was planning to use Y10K to fund my retirement

Everything's falling apart. The Moon is slowly rusting up – and it's probably Earth's fault


It's 2020

You really think the moon crumbling and falling from the sky will get more than a shrug and a "it doesn't surprise me"?

Remember that backdoor in Juniper gear? Congress sure does – even if networking biz wishes it would all go away


Re: Backdoor scorecard

So many downvotes....

Reference: https://en.wikipedia.org/wiki/File:NSA_HALLUXWATER.jpg

If you are downvoting security references based on limited knowledge, maybe it's not knowledge but just biases and rumour? The NSA TAO leaks aren't exactly secret.


Re: Backdoor scorecard


Cisco - yes

Juniper - yes

Huawei - YES

All part of the same NSA TAO group exploits revealed by Der Spiegel. Just because Huaweis firewall products aren't as popular in the west doesn't make them invulnerable.

'Beyond stupid': Linus Torvalds trashes 5.8 Linux kernel patch over opt-in Intel CPU bug mitigation


Re: There must be a simpler fix...

Your fix is changing the target of the attack from application space (i.e. browser or ash session keys) to the kernel - deduce the code encryption keys at the kernel via a timing attack and you're back to the original issue

SD cards hop on the PCIe 4.0 bus to hit 4GB/s with version 8.0 of storage spec


Re: So not full speed on any Intel platform then

I'm wondering about power as well - while the standard may support 4GB/s there is also a lower 3GB/s option versus SDXC maxing out at 1GB/s which is much higher than you would typically see on an SDXC card reader.

The interface appears to be rated at 1.8W vs current cards that are under 100 mW.

Tales from the crypt-oh: Nvidia accused of concealing $1bn in coin-mining GPU sales as gaming revenue


Re: More long term than any other?


If at first you don't succeed... IBM finds Watson a new job: IT ops and cloud-to-the-edge computing in the 5G era


"solution in search of a problem"


Concerning the Ulta premium chess playing doorstop market isn't enough for you ElReg?

Such high standards at Vulture towers

Vodafone chief speaks out after 5G conspiracy nuts torch phone mast serving Nightingale Hospital in Brum


For the UK "celebrities", a little bit of community service helping out the NHS would be appreciated.

I'm sure Amanda would do a fine job washing dirty scrubs.

Amir maybe a little harder - I'm not sure which job he could do without quitting halfway through.