* Posts by Roland6

6620 posts • joined 23 Apr 2010

Contractor convicted of pinching supercomputer cycles to mine cryptocurrency

Roland6 Silver badge

Re: Economics 101

It's a super computer being run on a bureau/cloud compute basis...

System idle time has zero cost until someone actually wants to use it at which point it has a price. So the AU$76,000 is what they would have billed a paying customer for the compute time used.

So moral of the story, if you want to make money mining cryptobucks, don't pay for compute time on someone else's machine.

We're not getting back with Galileo, UK govt tells The Reg, as question marks sprout above its BS*

Roland6 Silver badge

Re: A dumb question but... where does NATO fit into this?

I got the impression that Trump was going to reduce US funding of NATO ie. pull the plug on NATO...

Roland6 Silver badge

Re: You are joking?

>So why do you need an encrypted global positioning system independent of NATO - unless you want your own defense force.

Suggest you read the history of Galileo. At the time GPS was for the US military, civilian usage was secondary. Yes, you could for a fee gain access to the high res.. signals, but these still came with the US military first caveat - ie. the US reserved the right to modify (as it has done over the years) signals to give false positional data. If you want to build reliable commercial applications and you are non-US you can't rely on GPS.

Roland6 Silver badge

>Try the "GPS test" android app

Those canny Chinese... my Huawei picks up 9 satellite constellations, including 'unknown'.

I wonder whether if BS ever gets off the ground if any phone manufacturer (other than a Chinese one :) ) will bother to support it without charging a huge premium...

This is how demon.co.uk ends, not with a bang but a blunder: Randomer swipes decommissioning domain

Roland6 Silver badge

Ends? Opportunity for a sequel...

I note Vodafone's domain registration is due to expire on 5th May 2021. I wonder whether Vodafone will actually let it go and so enable some entrepreneur to resurrect it or they will simple domain squat for a decade or so...

Bad news for 'cool dads' trying to bond with their teens: China-owned TikTok and WeChat face US download ban by Sunday

Roland6 Silver badge

Impact on TikToc (India) ?

I note recently ByteDance shutdown Vigo Video - widely used in India, to encourage users to migrate to TikTok.

So it would be interesting to know if Trump's ban will impact say the iStore (India) because it effectively is just a shim on the iStore (USA), likewise for the Play Store...

Video encoders using Huawei chips have backdoors and bad bugs – and Chinese giant says it's not to blame

Roland6 Silver badge

Re: Please explain root access via telnet in year 2020

Root access via Telnet is quite common on out-of-the-box networking kit, the vendor assumes the user is sufficiently competent to either disable or secure this access path as part of their configuration and deployment.

>root access via telnet (CVE-2020-24218)

It seems the real issue here is that the Telnet daemon cannot be disabled and neither can remote (ie. WAN) access.

[source: https://kojenov.com/2020-09-15-hisilicon-encoder-vulnerabilities/#root-access-via-telnet-cve-2020-24218 ]

Interesting point here is that I've often explicitly disabled both remote access and the Telnet service in the admin web interface of network equipment, but I've not checked that this actually disables (ie. kills) the Telnet daemon...

>What about unauthenticated file upload (CVE-2020-24217)? What are we uploading here?

A .rar file which can contain a simple shell script, which will gets executed immediately. Ie. you don't need a binary file.

[Source: https://kojenov.com/2020-09-15-hisilicon-encoder-vulnerabilities/#unauthenticated-file-upload-cve-2020-24217 ]

Roland6 Silver badge

Re: Well there's your problem

>"The security holes are present in software, whose developer is unknown" to Alexei Kojenov @Salesforce and Huawei. A situation you would expect with proprietary software. I've no idea who actually wrote all the software that was supplied pre-installed on my Humax box.

I'm sure the manufacturers of the video encoders know exactly who they purchased the software from.

Roland6 Silver badge
Pint

Re: Hidden in plain view

>Pick your vendor and show me an intentional vulnerability ...

Well in the spirit of the article and some other 'security' vulnerability reports, many major router manufacturers.

The routers in my house are 'vulnerable' as they have a readily accessible "Factory Reset" button which once used means the device can be accessed (LAN/WAN) using the default credentials: admin/admin.

Roland6 Silver badge

>Is there a list of manufacturers that use the suspect silicon BTW?

Asking the wrong question; the vulnerabilities are in the application software the manufacturers add to their product, its just that currently they all use the Huawei chips. I expect that if these manufacturers switched silicon supplier (or used a different silicon supplier for certain products) the vulnerabilities would still be present.

So the correct use for a list of manufacturers that use the Huawei silicon is to enable you to avoid purchasing any products (not just the video encoders) from these manufacturers as it would be reasonable to assume they would have exercised a similar level of attention to the security of these other products...

Roland6 Silver badge

>You get what you pay for so don't blame your suppliers. You chose them and the buck stop there.

Didn't comprehend the article?

Huawei SOLD the chips that others have used and added poorly secured application code from unknown third-party(s).

Elecrow CrowPi2: Neat way to get your boffins-to-be hooked on Linux from an early age and tinkering in no time

Roland6 Silver badge

Re: "The kiddiwonks won't even know they're learning"

>The ONE neurosis she has, which is completely artificial and not based on anything - a fear of dogs.

That's quite common with kids who grow up without pets, I solved this one by getting a puppy.

The other fear, of large animals is tamed (ie turned into respect) by horse riding lessons and spending a little time on a dairy farm - however, bullocks do need some respect as they can at times be intimidating even to adults.

The Battle of Britain couldn't have been won without UK's homegrown tech innovations

Roland6 Silver badge

Re: Will you kindly stop with the "Britain alone" myth?

>The murdering shit Stalin invaded Poland in coordination with Nazi Germany and was very much not supporting Britain until the Germans invaded Russia in 1941

Remember, the US wasn't really supporting Britain at the outset of the war either, as that would have spoilt trade with Germany...

Roland6 Silver badge

Re: Post-War mistakes...

It is also educational to understand that the German industrial reconstruction was overseen by military personnel and not UK/US industrialists (think upper-class twits), who used the textbooks written by UK/US researchers, resulting in the creation of a very different ethos to that which has prevailed in the UK and USA...

I seem to remember when Japan rebuilt, it too read the US/UK textbooks and implemented them...

Roland6 Silver badge

Re: Will you kindly stop with the "Britain alone" myth?

and not to mention Stalin's contribution that caused Germany to be distracted and so gave the Normandy landings et al a much better chance of success...

Don't pay the ransom, mate. Don't even fix a price, say Australia's cyber security bods

Roland6 Silver badge

Re: Easy to say

>How in the world would your backups get encrypted too?

Remember early crypto-malware huge around for some months before announcing it's presence, so easy for multiple backups to be compromised.

Remember the really valuable stuff (from a business continuity point-of-view is generally the work in progress not the stuff from several months back that was archived for legal reasons.

Apple to Epic: Sue me? No, sue you, pal!

Roland6 Silver badge

Re: SLAPP

>Epic wants a bigger piece of the pie and decided to just take it without saying "please sir, may I have some more"

Which is exactly what Apple did when it set up the iOS walled garden and set the tariffs at the level they did...

Yes, Epic have gone about starting an anti-trust case in a cack-handed way and as you note, will probably get this defense for their action thrown out, which will be a shame, as it is time the monopoly app store business models where legally investigated.

Roland6 Silver badge

Re: SLAPP

>Why is this the case? The PlayStation Store and Xbox Live Marketplace are not smartphone marketplaces and the same product is sold there too.

So all Apple need to do is to demonstrate that a member of the public can buy the iOS version of an Epic game from either the Playstation or Xbox store and install it on their iOS device, without involving Apple...

Ie. Fortnite (iOS) is not the same product as Fortnite(Xbox).

Roland6 Silver badge

Re: Anti-Trust

>While the iOS is a strong walled garden I am not sure if one can argue anti-trust.

Depends on how you argue things. Apple have a total monopoly on the iOS walled garden.

Remember when MS was hit, there were fewer installations of Windows worldwide than there are iOS devices today.

Paragon 'optimistic' that its NTFS driver will be accepted into the Linux Kernel

Roland6 Silver badge

Wouldn't be surprised if MS have licenced Paragon's driver...

Roland6 Silver badge

Re: An addition to the list

>or ponzis.

I think you will find that those who operate ponzi schemes have 'commercial interests'....

Huawei set to exit server, storage, networking business in the UK

Roland6 Silver badge

Re: Smartphone business is on the way out

The restriction on Huawei seems to be on the usage by silicon foundries of US sourced software (and thus subject to US export licencing) in the design of chips and production control on their contracts with Huawei.

So the way around this will be to develop such programs which don't require US export licences.

Plus given how murky company ownership can be, Huawei could do a Nokia and 'exit' the phone business, so that some other entity (Microsoft in Nokia's case) can produce and sell 'Huawei' phones...

Roland6 Silver badge

Re: So, how was it that

> So Trump banned them from competing.

But allowed them to continue to participate in Standards making, ie. contribute their IP...

Microsoft: We're getting rid of Flash by the end of the year - except you can still use it

Roland6 Silver badge

"And Microsoft plans to make Flash Player loadable through its browser plug-in interface."

So back to how things were at the beginning when Flash, Shockwave etc. were third-party plug-in's....

With a million unwanted .uk domains expiring this week, Nominet again sends punters pushy emails to pay up

Roland6 Silver badge

Re: I feel left out

>As a result of yet another cock-eyed misinterpretation of the GDPR

Remember all the fuss about WhoIs determining what registrations were and weren't personal and the policies put out by Nominet about their hoovering up of PII that wasn't compliant with GDPR, so many ISPs simply withheld PII from Nominet...

@Andy Non

Do you know if removing the privacy flag is global though, i.e. so anyone can have access to my contact info or just Nominet?

No this flag only affects what gets sent to Nominet.

Obviously, once the new email address in 123-Reg has been around for a few hours, you'll then be able to create a new Nominet account using this email address and set up a few contact fields that aren't available via the 123-reg console.

Roland6 Silver badge

Re: I feel left out

>Apparently I can't update it either as my domains are held by 123-reg and it is up to them to update Nominet - a process that apparently is supposed to be automatic.

No, the process isn't totally automatic, 123-reg as a result of GDPR don't automatically pass what could be PII data to Nominet. You need to call 123-Reg and ask them explicitly to remove the privacy flag from your 123-reg registration records to enable the automatic data exchange with Nominet, then wait a few hours.

Don't remember seeing it documented on 123-Reg website, but Nominet UK support told me what the problem was when I encountered it last year.

There’s no new normal coming for PC sales, just the boring old normal of a long, slow decline

Roland6 Silver badge

Re: Mature Market

Well, there is the potentially disruptive child around that could accelerate the decline.

I know of one large PC user who gave all their staff Raspberry Pi's to take home - it having an RDS Client and web browser installed; all that is necessary to access cloud-based corporate systems...

UK govt: It's time to get staff back into the office! Capita: Hey everyone... about that...

Roland6 Silver badge

Re: Well we all know what the governments concern is...

>My question is more about the domino effect in larger cities.

Well the fundamental issue is the extent to which that city relied on a daily influx of people.

As we are seeing in London and other major cities, much of the infrastructure and retail business has grown up to service the daily influx and not the local (resident) population.

A significant drop in the daily influx will expose the true position of cities, namely, they are dependent upon their hinterland. So with more people staying in the dormitory towns means there will be more opportunity for businesses there eg. use a hairdresser near to my home and not the one round the corner from work in another town/city.

Fundamentally, what we are seeing is the type of 'progress' being referred to in the saying "You can't stand in the way of progress", so the best approach is to adapt and change; but don't expect the change to be without casualties or pain.

Roland6 Silver badge

Re: Well we all know what the governments concern is...

>I'm not so sure that this is the issue - the Unions are pushing a similar line to support workers.

I suspect the unions see home working as a threat to their traditional power-base. Strikes become something quite different when you don't have large offices where a supervisor can exert influence and control and get everyone to adopt group think and down tools etc.

> The majority of ElReg readers can work from home but that doesn't reflect the larger reality, particularly amongst support services or retail.

Having teenagers I've been looking at this slightly differently. Given what we now know about CoViD-19, I suggest the best candidates for roles that require interaction with large numbers of the general public are young people.

Roland6 Silver badge

Re: Well we all know what the governments concern is...

>Large commercial landlords staring into the abyss if large companies reduce the size of there offices

I wonder how segmented the commercial sector is, ie. are those who own lots of office space the same ones as those who have been building warehousing.

Roland6 Silver badge

Re: Isn't it ironic

>From what I can see, it is simple as long as you stay resident in the UK. If you stay resident, you get paid and taxed via PAYE as normal, regardless of where in the world you physically are at that point.

Just need to watch out for double taxation, I seem to remember places like Ireland will tax you if you are there for more than 9 months continuously.

>However I am happy to be corrected if someone can give me a link to what legal/tax issues a company has if its employees decide to work from another country.

Well the issues I encountered were down to more practical matters:

- Forget about working (at home) on any project requiring security clearance.

- Expect to have to pay out of your own pocket travel expenses to a designated base office in the UK.

- Expect not to be offered on-site work where it is cheaper and quicker to get someone more locally based.

- Expect to have to work the UK 'office' hours normal for the company you are employed by.

Roland6 Silver badge

Re: Isnt that good?

>However, it involves taxing the money from the people who saved it - well-paid workers, upper management, and companies themselves - and giving it to the people who lost out.

Now, go check out the results of the last several elections and consider the likelihood of this actually happening.

Given what Rishi Sunak is rumoured to be considering, we might be in for a surprise!

Roland6 Silver badge

Re: Isnt that good?

>keeping your home at a reasonable temperature 24/7 probably won't cost that much more than letting it go cold during the day and then heating it back up in the evening.

My son has discovered that an Xbox One, if used for a few hours with the window and door closed can comfortably heat his bedroom to a temperature that is significantly warmer than the rest of the house...

Google, Amazon pass on UK Digital Services Tax by hiking ad prices, fees at same rate the government takes

Roland6 Silver badge

Re: 20 years ago

>Heck, have all websites have a mandatory link (plain HTML, ...) to said site, clearly marked Advertising, and watch the net be free again.

Like having a domain name of the form: xyz.advertising (or xyz.advertising.uk) ?

I'm sure Nominet would happily provide and administer such a domain ...

Party like it's 2004: Almost a quarter of Windows 10 PCs living with the latest update

Roland6 Silver badge

Re: But it bricks dell computers!

Had a couple of HP desktops where the update lost the NIC and the USB drivers... Not having a blank CD available (W10 could see the default CD-ROM drive), making the drivers available so that W10 could find them was fun...!

Someone's getting a free trip to the US – well, not quite free. Brit bloke extradited to face $2m+ cyber-scam charges

Roland6 Silver badge

Re: It's only money...

>What about a Trade embargo on foreign owned golf courses.

Seems the sort of blackmail the current US administration has become notorious for.

UK government should recommend sale to Sports Direct (I think their owner may have donated to the Conservative party)...

Roland6 Silver badge
Pint

Re: It's only money...

>Taking DTs personal* property?

Apply the DT (China) logic:

DT's Golf course is controlled by the US government because it is owned by the President of the US. Last time I looked the President is a member of the US government and a US citizen, therefore the taking of the property is fully justified. :)

Supreme Court rules against Huawei in long-rolling Unwired Planet patent sueball: Take the licence terms we set or else

Roland6 Silver badge

Re: Standards

>It would mean scrapping the current global patent system and starting from scratch.

It wouldn't require changing the patent system, just the Standards based FRAND add-on.

As demonstrated by the Sewing Machine Co-operative, there is no reason why the Standards body shouldn't negotiate the FRAND rate with ALL patent holders and then act as a clearing house; anyone wanting to implement a Standard need only pay the (published) royalty rate to the Standards body who then forward appropriate amounts to patent holders.

Yes, I know companies like to have special agreements and obfuscate amounts actually paid and not pay twice for things, but they would rapidly adapt to the new system; which would also have the advantage of facilitating the implementation of an IP tax...

Oh dear, what a pity! It seems you can't join the directors at the Zoom meeting today

Roland6 Silver badge
Pint

Zoom - Not done badly...

Given the number of users they had back in January (pre-CoVid19) and the speed of their ramp up, it has been a little surprising that we haven't seen more problems arising out of their rapid scaling of service.

IT blunder permanently erases 145,000 users' personal chats in KPMG's Microsoft Teams deployment – memo

Roland6 Silver badge

Re: make deletion routine

>Unless you need it on...

Which typically happens just after you finish the chat...

Roland6 Silver badge

Accidential...

Looks like the sort of accident that will have some senior people taking a deep breathe and popping the champagne corks...

Bletchley Park Trust can’t crack COVID-caused revenue slump without losing staff

Roland6 Silver badge

Re: I'm sure they are trying

>But why haven't they hit YouTube. The computing museum part appears to have a channel yet last updated 4 months ago. Why haven't they been using social medium to get their message out there.

Probably because the relevant staff have been furloughed.

Whilst the furlough scheme has saved outgoings, one of the conditions is that staff can not be doing the job they would normally get paid for; however, they can volunteer elsewhere... So in some respects TNMC needed to get some volunteers to enhance their social media profile and help write funding bids...

Ex-Apple engineer lifts lid on Uncle Sam's top-secret plan to turn customized iPod into 'Geiger counter'

Roland6 Silver badge

Re: Apple should launch this for the public.

I was referring to the observation "Apple should launch this as a product" ie. they should release an iPhone/iPod in 2020 with this functionality, rather than let people who want it, purchase a third-party add-on for sub £50 from Amazon.

Roland6 Silver badge

Re: Apple should launch this for the public.

Beaten to it by Softbank who launched the Pantone 5 phone with built-in radiation sensor back in 2012...

Obviously, with Fukushima in 2011, Japan was an obvious market for personal/pocket geiger counters - ether standalone or smartphone attached, that uploaded data and so permitted the creation of radiation heat maps.

Linux kernel maintainers tear Paragon a new one after firm submits read-write NTFS driver in 27,000 lines of code

Roland6 Silver badge

Re: re-thinking the priorities of including this NTFS driver in the base kernel

And the worst case: a high performance Linux-based server system that actually READS AND STORES DATA using NTFS. Seriously, why would anyone be using *THAT* INSTEAD of ZFS or even EXT4???

Well given the general direction of travel...

Microsoft Windows (Linux) - it would allow an install over a pre-existing WIndows install....

Which raises the question of whether the (existing) Linux community should be enabling this to happen or whether it is something that should be left to MS...

SAP blogger reveals top tips for keeping clients happy: Don’t swear, remember to write a pithy subject line, and TURN OFF CAPS LOCK

Roland6 Silver badge

A friend has made a good living these past 15+ years, simply dusting down her old customer care material from the 90's and presenting it to a new generation of call centre managers and operators, it does seem that common sense is easily forgotten...

ANPR maker Neology sues Newcastle City Council after failing to win 'air quality' snoopcam project bid

Roland6 Silver badge

Re: Procurement nightmares

Or the sales people really can' be arsed (sounds like this one) and rather than answer the questions they just supply reams of pdfs, often hundreds of pages long, and just say the answer is in the attached. Somewhere. Probably.

From the article I suspect this is what happened here, namely the Neology sales team's answer didn't completely answer the ITT question, whereas the Siemen's one did. The ITT would have been initially assessed on the (typically number of letters/words limited) responses rather than on the supplementary information.

Huawei Matebook X Pro 2020: Nothing too crazy but at least it's more fixable and cheaper than comparable Apple wares

Roland6 Silver badge

Re: Like comparing an apple with a watermelon

Or put a (whole) watermelon in your lunch box...

eBay won't pass UK Digital Service Tax costs on to third-party sellers – unlike Amazon, which simply can't afford it

Roland6 Silver badge

Re: How convenient

>This article is about Amazon passing the tax on to the other companies who sell through Amazon.

What is not clear is how the monies are accounted for.

It would not surprise me if Amazon and Ebay handle and thus account for monies differently, so in Ebay's case by using PayPal they only receive the commission payment, not the full payment, resulting in a lower taxable turnover figure...

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020