* Posts by Ommerson

134 publicly visible posts • joined 10 Mar 2011


Electrical explosion at Google datacenter injures three


Re: Arc flash?

In the UK any larger commercial premises will have an 11kV supply and a small substation on the premises managed and owned by the distribution network operator. There are some in central London with dual-fed 33kV supplies - typically larger, newer developments.

Will be similar state-side, although the supply potential may be different.

£42k for a top-class software engineer? It's no wonder uni research teams can't recruit


Re: It's all about the banding

The joys of unionisation and collective bargaining. A model that might work for workers at a factory making widgets where workers are largely interchangeable, but a poor fit for workers in the knowledge economy. The ability level of software engineers varies wildly and there's a skills shortage.

This doesn't just impact universities, but also pretty much every part of the public sector - and particularly local government, often with the result of organisations contracting out the work to one of the usual (mostly incompetent) suspects rather than gaining an in-house function to develop - and then maintain in production - the software.

Forget toilet roll, bandwidth is the new ration: Amazon, YouTube also degrade video in Europe to keep 'net running amid coronavirus crunch


Last week the networks saw a marked swing towards VPN traffic, but it held up

This week, many children will be at home as day, and many parents will be using the electronic child-minder. Could be an interesting week for the bottom-feeding end of the industry.

SELECT code_execution FROM * USING SQLite: Eggheads lift the lid on DB security hijinks


Competitors for SQLite?

I'd be hard pressed to name any.

Monster magnet in my pocket: Boffins' gizmo packs 45.5-tesla punch and weighs just 390g


Re: When will I be able to put it on my fridge door ?

Mine are all titanium - and in fact, piercers in many areas of London aren't allowed to use surgical grade stainless steel (which is mostly non-magnetic in any case).

Blundering London council emails unredacted version of notorious Gangs Matrix to 44 people. Data ends up on Snapchat


Re: Gov Workers /No Expertise required

A reliable assumption in local government: Anybody without a professional qualification (e.g. borough solicitor, survey, planning officer) is incompetent. Those with a professional qualification may be too - particularly if that skill could be used elsewhere more profitably.


Councils face a real problem when it comes to employing competent - and particularly experienced - IT staff and developers. There's a skills shortage industry-wide, and when you're one of the lower payers, and perceived to be neither competent, nor an exciting place to work, the result is never likely to be great.

The government's clamp down on IR35 in the public sector has made this much, much worse as this is how the skills gap used be filled in many a council.

Councillors rarely have any insight or experience here either. It's hard to imagine them coming to the conclusion that they need to employ more competent people and pay them more in these roles when they're simultaneously contending with year-on-year budget cuts.

Under GDPR there is now individual responsibility and culpability for the data protection officer. Who on earth would do this job?`

IT meltdown bank TSB: It's as good a week as any to announce we're taking back control


Re: Migration

I understand that one major banking group which had its own huge IT screw-up provides special employee accounts and will only pay salary into them.

Windows XP point-of-sale machine gets nasty sniffle. Luckily there's a pharmacy nearby



PoSALeady surely?

Guess who's addicted to GitHub, busy on Slack, stuck in 2015? No, not another hipster: It's the Slub backdoor malware


It may be that the attackers had a good idea of the systems and level of patching of the victims' computers.

Furious Apple revokes Facebook's enty app cert after Zuck's crew abused it to slurp private data


In other news

Would somebody care to speculate how on earth TechCrunch (linked at bottom of article) thinks their cookie opt-out is in any way GDPR compliant?

Staff sacked after security sees 'suspect surfer' script of shame


Re: "wouldn't be common freakin' sense to not surf dodgy websites at work?"

If you are an avid reader of Private Eye's Rotten Boroughs column you'll know that it's not council officers who are getting in trouble for poor network hygiene, but the councillors themselves. You can well imagine that the average councillor is not very literate technically, gets given a council device, and has the opportunity to visit the darker parts of the internet they wouldn't dare visit at home lest their husband/wife found out.

Black(out) Friday for HSBC: iOS and Android banking apps on the fritz


plus de change

First Direct's mobile banking app doesn't work for me unless on Wifi - telling me I haven't got an internet connection when I blatantly have.

Have talked to customer services who have no idea why it's happening, and all they can suggest is reinstalling it - which entails sending out two security codes by mail under separate cover.

Congrats to Debbie Crosbie: New CEO at IT meltdown bank TSB has unenviable task ahead


Think I know what I'd rather have....

Modern banking platform, running a micro-service architecture on a private cloud on commodity hardware, likely in others' high availability data centre in an active-active configuration, and employing industry standard middle-ware that its easy to hire staff to operate OR

The traditional mode o banking IT of shelling out every 10 years for the next generation of IBM mainframe because it can run running creaking code, quite possibly dating from the 60's, and in COBOL; staffing this operation is a significant risk in its own right and change takes literally years (Ask RBS about this).

I reckon TSB is in a much better place long-term than the other major banking groups who are working out who how on earth they're getting off their legacy systems. The appetite for a radical re-platforming is much reduced.

Much talk of building their own challenger banks from scratch (or most likely, with more expensive IBM middleware) and migrating customers slowly. Several of these start-up incubators are in the Old Street area in London - strangely enough just down the road from Monzo :)

I understand that when Lloyds and TSB merged, they merged onto TSB's IT platform. Which Lloyds is now left with ;)


Re: Don't worry, DevOps will sort it out

At least it will be modern DevOps skills that are readily available on the job market.

Windows XP? Pfff! Parts of the Royal Navy are running Win ME


I strongly suspect the reason for ME was the highly specialist kit that is attached to the systems. The ability to write to memory-mapped IO from user-space used to be a convenient shortcut for developers - avoiding the need to write device drivers (or possibly having to write them in order to port to a newer version of Windows). ME was the last version of Windows where this was possible.

Mourning Apple's war against sockets? The 2018 Mac mini should be your first port of call


One of the USPs

Often not mentioned - but one killer application of Mac Minis is as build servers.

If you're building iOS applications and using CI (and many are), you have no choice but to use a Mac as a build machine. Laptops and iMacs don't stack up well in rack cabinets. All those ports are also useful for attaching a load of extra storage.

Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know – and who is telling the truth?


Re: Occam's Razor

If you're in the business of verifying that the motherboard contains what it should you'd hi the parts off, mill of the packaging and check the die with a verified sample. Perhaps the genius of a component masquerading as a passive, is that nobody would bother.


Presumably because the contents of the SPI flash are easily verified- and something more sophisticated customers would actually do.


Re: A component inside PCB layers...

Multi-layer PCBs have power and ground planes - entire layers that are pretty much entirely metalled with copper. Quite some heat capacity there. This answers the question elsewhere about where the power comes from - directly underneath through a via.

In fact, embedding a device into the middle layers of a PCB is genius - likely to evade optical inspection.

PPI pushers now need consent to cold-call you


Re: If anyone

Even though the calls original from abroad, the human on the other end of the line is usually somebody with a British or Scottish accent - quite likely a British citizen. They all know full well that what they are doing is illegal (and if they don't, they'll fairly quickly find out after a few calls). Let's working in a boiler-room illegal too.

Unsurprising report: UK local govt sites remain totally crap


Re: Have to mention Birmingham

However, the rigid adherence to a CMS is the cause of a UX-clusterfuck on many a council website.

Smart meters in UK homes will only save folks a lousy £26 a year


Re: Not sure (I know)

.. and a vast number of back room administrative stuff and customer services representatives dealign with the fallout of estimated bills.

LibreSSL crypto library leaps from OpenBSD to Linux, OS X, more


Re: Code is truly awful, but sadly not unusual

While we're at it, a cursory glance at ssl_asn1.c shows plenty of pointer de-referencing too, without so much as a check for NULL or an assert().

Quality stuff that wouldn't get past my code review if one of my team developed it.

Oh SNAP! Old-school '80s Unix hack to smack OSX, iOS, Red Hat?


Furthemore, how was the author running shell scripts on iOS? It might have BSD unix heritage, but sure doesn't ship with shell tools, nor allows their use (without jail-breaking that is)

London commuter hell will soon include 'one card to rule them all'


Oyster is everything that ITSO isn't: Fast, ubiquitous, and more importantly - deployed, working and trusted (mostly) by customers. It also handles significantly more transactions (probably tens of millions a day) than ITSO is likely to any time soon.


The government has already been pursuing a 'one card to rule them all' solution for about a decade. It's called ITSO.

It's been designed by committee and is obsolete before it's even hit prime-time.

It's found some use for concessionary fares on buses, and, in theory will be rolled out across rail franchises - although the franchisees aren't terrible keen.

The DfT has paid TfL quite a bit of money to make the Oyster infrastructure compatible with ITSO. It's worth noting here that Oyster is firstly commercially successful and handles *way* more transactions than ITSO does - or is likely to.

The real killer reason why TfL won't be switching is said to be that the transaction time on an ITSO card it really long - far longer than for Oyster. Not so much touch your card, but hold it there on the reader for quite a long time. If everyone used ITSO on the underground, gate-lines would suddenly have enormous queues behind them and stations would close due to overcrowding.


For at least some taxi drivers, it will be accountability and audit trail such a card generates that is the problem. No more jobs 'for cash'.

NOT APPY: Black cab drivers enraged by Hailo as taxi tech wars rage on


There is an alternative explanation that perhaps the cabbies don't want all of their payments going through (traceable) electronic channels?

When fares are cash, it's pretty hard to prove one way or another that a driver is evading tax.


Re: sworn enemies

Also: pedestrians and - particularly - cyclists. Or indeed anything else that gets between them and their next fare.

Torvalds rails at Linux developer: 'I'm f*cking tired of your code'


Once again, Linus engaging in behaviour that would get him fired for workplace bullying in just about any major tech company.

It's not you, it's EE: UK mobile network goes titsup, blames gremlins


That their website was totally hosed as well at one point (outright refusing connections), and that they don't have network status page is piss-poor.

Achieving a robust network status page is not hard: static content on a cloud service such as AWS, with a different domain name (just in case somebody forgets to renew the domain name, or an attack of DNS poisoning).

15,000 London coppers to receive new crime-fighting tool: an iPad


Re: Only £13,333.33 Each.

Out of interest, I wonder how much the Police pay (all-up) for a desktop computer? Reports in the media this week suggest that the cost of provisioning one at a local council ran into 5 figures.

Naturally, the cost of the physical goods is only a small part of the TCO.

It's also fairly apparent, the a large part of this budget will have gone on providing the back-end services and applications that will be used on the tablets - which will be amortised over a larger roll-out.


Re: Have they picked the right tablet

You'd have to be particularly stupid to steal a mobile-data equipped iPad from the Police. Conviction rate of those trying is likely to be really high.

Someone stole your phone? Now they'll have your STARBUCKS password – the horror!


Re: For once

If they made the same mistake on Android, this attack will be much worse, simply because getting into the filing system of the device is potentially so much easier.

REVEALED: How YOU PAY extra for iPHONES - even if you DON'T HAVE ONE


MAP - or retail price maintenance - is thoroughly illegal across the EU on most goods (there are a few exceptions such as magazines and newspapers, and books - but definitely not electronics goods), and the penalties are eye-watering.

I suspect the similarity in pricing on electronics goods is mostly down to the wafer-thin margins.


Re: the problem is subsidised handsets

If you calculate the all-up cost over the length of the - and I did for my last two iPhone purchases - you'll find that the network subsidy is considerably cheaper than buying the phone outright and then finding a SIM only package. Furthermore, the SIM only packages with equivalent data to the iPhone packages aren't terribly cheap either. Seems the networks are far more interested in losing money on subsidies and having locked-in customers than flighty ones on SIM only packages.


Potentially Visual Voicemail - which you definitely miss once you've had it. And it's not offered by 3 or Vodaphone.

Microsoft fears XP could cause Indian BANKOCALYPSE


Re: Mass starvation and widespread looting.

The software on these terminals is laughably dated too (as well has having appalling usability). Yet supermarkets are still buying more of the same old crap.

Presumably the other thing that will change with the discontinuation of Windows XP is MS supplied drivers for new hardware - there will come a time when XP just can't run on modern PCs.

Euro Parliament votes to end data sharing with US – the NSA swiped the bytes anyway


Doesn't sounds as if this development will have much effect on the NSA's ability to collect data: It will just no longer be getting it with permission.

MacBook Air fanbois! Your flash drive may be a data-nuking TIME BOMB


Re: Not possible.

You'd be very wrong about this. Large businesses prefer to be, you know, running their business rather than building computers. They are quite happy paying extra for premium hardware and premium support so that downtime due to failures gets sorted out quickly. It's a small part of the total cost of ownership of a computer.

It's worth pointing out that the Dell XPS range was a pro-sumer product aimed at the gaming market . Dell even managed to ship these around the time of Windows Vista's release without working graphics drivers.

One hopes that Dell actually properly integration tests the premium models targeted at medium and large enterprises

Stallman's GNU at 30: The hippie OS that foresaw the rise of Apple - and is now trying to take it on


Re: Y'all GNU kids remember...

If the infamous Torvalds/Tananbaum flame-war is anything to go by, it's fair to say that Linus didn't like what he saw.


The open source movement fails frequently to understand that software has non tangibles, such as design and usability. It's rare that the OS even stops to think that their users might not be particularly like them, or even care. Instead there's a lot of naval gazing.

We note that the company that has probably sold 100 times more UNIX systems than anybody else - and to regular consumers - is really big on things such as UXD and design - and leverages vast amounts of Open Source software licensed under non-GPL licenses. They've had a large part in rendering thoroughly obsolete, the FSF's first software release: GCC.


Re: proprietary binary blob drivers -- A lot of this is graphics

And a huge omission:

* Image signal processing subsystem.

This last one being a really large lump of IP that differentiates the good phone vendors from the rest.

I can tell you, having had access to the full documentation (under NDA) of a particular SoC used in phones, you still don't get any documentation on the ISP or GPU.

Investor lobs sueball at BlackBerry, says it 'misled' shareholders


This sounds equivalent to walking into a book-makers' shop, placing a £10 bet at 100-1 outsider and then asking for your money back when it loses.

Apple Maps directs drivers INTO path of ONCOMING PLANES


For drivers with a legitimate reason to go airside, this is probably the correct route.

MPs slam bumpkin fibre rollout, demand halt to further £250m cash spaff


As has been pointed out elsewhere, the roll-out is complex. Not something a mom-and-pop local company is going to able to achieve, and seems to have been the expectation from some quarters.

I also wonder whether any of the other (in most cases, non-existent) competitors were obliged to offer the the fibre wholesale to ISPs or would they have simply got a monopoly for service provision over the fibre? If they were, this might explain the business being attractive.

As it stands, BT at least knows what it's doing, is doing it fairly quickly and provides a wholesale product at a regulated price once done.

Hardbitten NYC cops: Sir, I'm gonna need you to, er, upgrade to iOS 7


Re: Absolutely Ridiculous

Stolen phones are exported out of reach of the UK networks' block list.


Re: Umm.

You'd need both the lock-code (required after every reboot before the fingerprint scanner can be used) AND AppleID and password. It would be a highly switched-on mugger who knew this.

Torvalds suggests poison and sabotage for ARM SoC designers


Re: He's right.

They are documented - often in great detail. But the documentation is frequently under NDA, and most of the code is contributed by the SoC vendors.

The Linux Kernel mainline is very, very far from being the mainline for any ARM SoCs anyway, all Linus will achieve is more forking.