Posts by DaemonProcess

Totally agree with this article

AWS have always made life difficult and the security people have consistently put day1 startup mentally at a higher priority than customer success, pulling the wool over the eyes of senior management in the name of security. Whenever I see a message like 'unable to find a policy to allow this' all that I have ever wanted in the past 10 years is a simple button which says "Fix this" so that AWS can go away and create the IAM records it needs for me to continue. It knows what it needs so why can't it fix it, for me alone. This is a fundamental oversight that has cost me thousands of wasted hours over the past decade.

how did this come to be?

I can imagine one scenario - "why don't we put our DNS in DynamoDB because it's faster. We can also combine it with IAM and certificates so we can get all the info we need in one operation!"

Works great until a bad update of the API DNS record stops anybody else from querying or correcting the error because its self-dependent.

AD

I suspect active directory sorry Entra ID plus Fabric over data had something to do with this. AKS can be moved, the only weirdness is Namespaces.

The other reason could be customisation to remove all semblance of LLMs in the admin or operation. I bet MS hate that.

This is the content I'm here for!

If AI is to be used to improve anything, please let it be testing. However CS grads are only interested in ideation, creation and reproduction. oo-er

how was i to know the console and keyboard had been connected to the rack next door?

It happened to me - the console in the secure server room had been left logged in, plus the host names were short and very similar.

I went up to the correct rack, hit the spacebar to wake up the console, found it logged in as root, then happily typed shutdown -r 0 ....

How was I to know that because we were 1 console short it had been connected to the server next door?

Cue a lot of unhappy testers. But thank goodness it was just testing. The software came up fine afterwards.

Its the services that lock people in

Things the hyperscalers do well is behind the scenes SDN, service connections, security and logging, bolt-on services. The lock-in comes from forcing proprietary API code as service glue. You can overcome some of this using Terraform, Ansible, Puppet, Chef etc but scripting also relies on translation into the vendor's own command line interface. Ionos will need to radically increase the number of open source services on offer, which will mean a large investment. I fear they got left behind 15 years ago due to concentrating on SMB workloads and will not be able to catch up to compete against the huge money available to the big 3.

plenty of old kit

Obviously a vendor can't keep supporting old stuff forever because (a) nobody makes the same components and (b) you would never sell anything new that supports the latest in IT fashions sorry standards.

I've seen companies running 20 year old hardware and literally getting spares off e-bay. Up to 1 application per 10 staff over 200,000 users. Procurement standards causes this problem.

I suspect the IRS may still be running 1000s of ancient PC blades as web servers for different application purposes, with no re-engineering and no doubling up of apps per server. Its easier to manage even if they are idle for 99% of the time.

And every time they replace a mainframe back-end with a mid-range system they find that after 10 years that goes off support, the middleware and utilities have been bought out and dont exist the same way, the libraries aren't compatible and the o/s isn't supported either.

If the current trend is to re-factor every application into K8s then there will be a big delay in solution architecture working with the latest in tax law. Good time to be in Gov cloud business.

Not so new

I implemented parallel zlib compression in 1999 on hp-ux , so not so new. It was easy because the vendor had some lovely simple #PRAGMA options for multi-threaded parallelism in C.

It showed up to 1600% cpu reported in top when running on 4 cores, totally destroyed the ability of the o/s to account for it properly.

One problem was compress (zlib) had a small 64k maximum block size, so it spent more time managing it's threads than actually doing stuff. If I could have changed that which would make it not backwards compatible I would have gone for 4MB or so, to limit the i/o ops and reduce the thread management. The actual speed therefore was not 16x faster but maybe 2x.

You could get 2x faster in the original single-threaded implementation by simply reducing the compression strength, so the whole exercise wasn't worth more than an academic investigation. De-compression was so fast that i/o was the bottleneck and it simply wasn't worth doing that in parallel according to my testing.

Secure boot bypass

So the secure boot bypass vuln just released had test private keys which are still trusted held in github for a while...

Yep, been there

Including pre-installed servers and storage in rack adding up to 1 metric ton, being too heavy for the lift/elevator. On another occasion the machine room floor was strong enough but the ramp wasn't. At another site the rack was too tall for the lift and had to be tilted right over.

More network required

68 virtual network adapters isn't anything like enough.

192 would be better.

Take some credit

I think the Register needs to take some of the credit for helping destroy the credibility of the chip.

Be careful of who you diss Reg because 20 years later we are stuck with only 2 types of mainstream CPU with a 3rd only just coming in. Back in 2000 we had a whole bunch more to choose from and life was more interesting. The trend to make everything in software is going to hold back hardware innovation going forwards. You could point out how much is being offloaded to graphics processors these days but how many architectures of those do we have - 2?

Having said that, the first iteration of the Itanium really was poor. The 2nd was faster but very complicated.

The other thing that killed it was HP themselves. In the early post Compaq/Dec merger years I've never seen such a company where the management was so wholly set against each other. No wonder Hurd went to 'Orrible.

as we are here...

Maybe they used ZFS and discovered reading not-quite-written data causes corruption, hehehehe.

Seriously though I suspect it is a cache-sync issue here. Same sort of idea but a different level.

I would like to see the cloud operators enter into a big mutual agreement where none charge egress data fees for backups to another cloud provider.

But I can't see them doing it, even though a simple API call on their platform could wipe everything.

If you are on M365 you have the option of independent backups to AWS or elsewhere from ISVs.

ZFS here we go again

"ZFS is fast, more fully featured and totally safe"

" Oh, there's another teeny-weenie buggette that may corrupt some data but most likely not"

I'm still steering clear of this. From the description it sounds like multi-user / multi-process testing may be a bit lacking at the moment. Could all fanbois please volunteer.

cheap layoffs

The cheapest way to downsize ("optimize demographic talent profile") is to encourage resignations, so they can shift your role either offshore or these days onto a small bit of serverless code.

snooty

When I went into a BMW dealership once and asked to look at their Z3 (it was 1997) they said sure, but after judging my scruffy IT worker just finished a weekend of changes unshaven look then asked how I expected to pay for it. I was a contractor... so I said cash and walked out never to return.

They seem to expect the customers to be mad fanboys, just like Ferrari. But BMW engineer the car's life at 4 years or 200k km, maybe less. Hardly anyone under 40 still thinks they engineer cars built to last. Thanks to the multitude of Youtube car channels people are better educated. So as well as trying to sell to the old fanboys, BMW are now creating cars for the aspirational wealthy demographic, the ones who cant actually afford it but want to flash the badge at their mates on the estate or on Instagram.

worth a try

I downloaded and ran Bodhi for a few years and loved it. It is well worth a try.

nostalgic start

Your next challenge in os/2 Warp !

Why? Because you can!

new tech

Normally with new tech it's vice and fraud crime that is first to use it for profit, such as dodgy crypto dealers. Now it is major corporations backed with lawyers.

Better re-train as a hairdresser.

ICL text

The old British computer company ICL in the 1980s had an internal information text system, which was nearly identical to teletext. This was a kind of fore-runner to an Intranet containing company announcements. It ran on series 39 mainframe. There was even a lonely hearts page, which I thought was hilarious because all the women in the office would try to work out who was looking for a date. You would see the pages scroll through on monitors in offices. I can't remember if you could log into it, too long ago now.

Sport

You forgot to mention a land of inferior cricket :-)))

and rugby

don't go near Aussie rules either, that's no-rules violence.

bill paid?

Maybe they somehow forgot to pay Microsoft for a few months.

Caps

It came to us like a bolt from the blueberry syrup.

capacity and scheduling

A lot of my problems with this in the past have been around either bad software, interrupts, poor configuration or general capacity.

I used to use processor affinity to bind cores to network or serial cards interrupt servicing, making sure I left free cores for other tasks. I outsmarted myself a couple of times with that but it did work with heavy NFS.

Thankfully eventually the kernel got better than me and the speed and number of the cores meant I really didn't need task sets any more.

My USB music recording has never been perfect even with Ubuntu studio low latency. At least Ubuntu got Jack working which is more than I ever managed from source.

Thanks for the heads-up about Nvidia chips.

I reckon the explicit branch prediction and parallelism instruction bits took a hammering from the speculative execution bug workarounds.

Probably runs slower than it's predecessor now.

foreign law

I've seen this:

Although working in the UK and resident in the UK, you agree to be bound by the laws of Texas... In the event of any proceedings against you, you must lodge a bond of 10000 US dollars with a court in Dallas within 48 hours.

I don't mind

Actually I am far more likely to trust the civil servants than the politicians above them. I read somewhere that every prime minister up to Cameron used these services to snoop on journalists and political opponents and I don't think the incumbent mob will be much better. However in some cases even that is justified, because back in the 1970s labour and the unions were indirectly receiving money from the USSR in an effort to de-stabilise the country. Out of chaos comes opportunity for the fringe elements to gain power. I still suspect Haroid Wilson may have been a KGB agent especially as he canned TSR2.

Slow improvements

Things are getting better, slowly. Remember the Chrysler vulnerability of a few years back which allowed root dbus calls directly from the internet with a default password, so that anybody could crash a car remotely?

Computer security as applied to the automotive industry is now being taught at the University technical colleges in the UK, so some cars of the future (e.g. JLR) should at least have better authentication and a chain of trust. But how much of this software development is being guided by this when the cheaper programmers are elsewhere in the world and the directors think that sales depend on features/benefits more than security?

The problem here is that most of these attack vectors involved hacking the manufacturer and getting hold of the credentials from the inside, so it doesn't matter if you have a strong password, trusted certificates or even blockchain tech, people get to your car and account through the front door with that.

So it's more a matter of if, rather than how, hence the PR efforts to prevent widespread panic about car security.

the new standard

Happened to me once.

The only thing more evil than being laid off is being told you are not being laid off but there isn't a job for you any more. Basically forcing the employee to find themselves a new job without being paid redundancy severance.

Ironically I had just saved the company over a million pounds in the previous 4 months.

So I went contracting and doubled my salary for the next 15 years. Ironically my contracting roles tended to last longer than all my permanent roles... a lack of staff appraisal system is probably the reason.

Techies are bad a selling themselves, always better to have a recruiter sell you.

Hurley burly

I saw Elizabeth Hurley tweeted at BA saying she was stuck in Antigua for 20 hours. I was about to say lucky for some but she said nobody had been given food or water or access to a hotel.

31,250 bps - from a Spectrum!

Hi. In case nobody said it previously, well done for getting 31,250 bits per second midi out of a Speccy! And if you kept it all in sync then even better. I struggled to send serial faster than 9600.

price increase

April's big price increases caused a few companies to jump to AWS. GCP also offers some good deals. Azure's growth is partly because Microsoft are forcing customers into it by putting more features into Azure AD and associated products, such as Purview and Sentinel, many of which need Azure AD P1 or P2 to get the full features. Its very hard to fight that in the Enterprise and means a lot of companies feel forced to keep at least a minimal Azure account to integrate all identities.

nasty process

I agree with the report.

Recruitment by the Tiktok generation for the Tiktok generation.

kill me now

Sorry, that should be kill -9 $ME and I don't care what gets left open and hanging.

or in WSL: sudo systemctl stop $MYSERVICENAME and maybe it will stop it or maybe it will complain and leave it running.

Now if systemd could go a bit further into Windows it could improve the powershell horror