Not with a surgically inserted laptop it won't.
344 posts • joined 17 May 2012
Ably blog claims company doesn't need Kubernetes to scale, surge in traffic takes down entire website
Nothing to see here
The beauty and evil of standards is that there are so many to choose from.
We don't use K8 or Docker here either. It just seemed to us to be overly complex for the deployment of a simple JAR. We use a script to build the jar and deploy to a staging area. It works well. We are in total control, and there are no unnecessary layers.
Of course, as with any projects, the STO reserves the right to change his/her mind at any future point in time, with out notice or explanation. So by the time you read this we could be on AWS using Elastic Beanstalk. Exciting being in devops.
Been there - on a Nuclear Power Plant
similar story. We had built the first image for a power control plant that was to hook up and manage a number of nuclear power stations. Thanks to the local telecoms muppets we were way behind schedule and hadn't started our clone of the standard image on to the workstations. Until one evening, the system came online, and we started doing a long suite of tests with the power station. And left for the night.
When I got in next morning all hell had broken lose. People were going mental and the site managing director wanted to rip me a new one. It seems that we had sent a "SCRAM" command to the reactor. For those not knowing, this shuts down the reactor hard and fast, and can take months to recover from. I asked for an hour to find out what was going on.
With the hour up, we went back in to the meeting for round two of lets beat up the IT techies. Where I asked if "Jerry" was joining us (not his name). Jerry was there. He was from the company building the reactor control equipment that we connected to. His work was behind schedule, caused by our work being behind schedule. So I asked him how come all the PC's in the control office were all up and running. He then somewhat sheepishly admitted that he had, over night, cloned our working machine that was doing tests and installed the image over all the new machines that we had not yet configured. He then started doing some commands to see if the reactor was behaving.
The problem was that he had not changed the unique addresses of the workstations. This is pore internet, so they were sort of like IP addresses but exactly the same. The protocol allowed the boxes to come up. So Jerry booted all 8 boxes. And sent a command to the reactor.
Now the protocol was: Send a command. Reactor sends the command back for confirmation. The PC then replies, yes, that's what I want, and the reactor says OK, here is the result. Trouble was, one PC said yes, that's fine but 7 said - no, we didn't ask for that. So the reactor does another round of checks. And agsin 1 says yes and 7 say no. The reactor then assumes it's under attack and shuts itself down. Hence the scam command.
Fortunately we didn't cause too much damage as we were only talking to the control test rig, not the actual reactor. But it did get me the missing lock on our computer room and Jerry a flight home. Oh, and we got our names on rather splendid mural at the entrance hall for having saved the say!
The explosion icon, well, its obvious.
UK health secretary Matt Hancock follows delay to GP data grab with campaign called 'Data saves lives'
Facebook granted patent for 'artificial reality' baseball cap. Repeat, an 'artificial reality' baseball cap
Happened to me as well!
At what was once described as Europe's Biggest Data centre . have no idea if this was true, but as a 23 year old, it was pretty damn big. Think a large aircraft hanger filled with mainframes, tapes, printers and drum storage. The local power builders managed to put a JCB through the heavy duty three phase power supply, which mist have brought tears to the operator.
We ran a motor-generator set, with a large fly wheel to keep the generator going until the diesel kicked in. Which it duly did, coughed spluttered and died. We had forgotten that diesel can wax, which ours, unused for years, duly had. So the injectors clogged and the thing refused to work. The embarrasing thing is that we were an oil company, and we were supposed to know about such things!
Fastly 'fesses up to breaking the internet with an 'an undiscovered software bug' triggered by a customer
Fastly cost savings
I thought I would look at Fastly to see if they could host my companies website,
eCommerce - Check
Small business - Check
Savings of £150,000 over a three year period. Sound good, that £35,000 savings per year,
WAIT ONE - we aren't spending anything like that to manage a web server, three app servers and a database server. With associated firewalls, routers, etc. Its costing us a LOT less than this.
People need to understand that the "cloud" should really be pronounced "someone else's computers"
Te bug is real but can it be exploited
If I understand this correctly, two co-operating processes can communicated over a hardware side-channel. The speed that this happens at is, frankly, irrelevant The fact that it happens is the real worry.
However, if this is on IoS you have to either get the app from the app store, or jail break the iPhone/iPad. If you jailbreak it then you're very much on your own. If its apps from the app store then you are downloading compromised applications. If you have a compromised app then I am not sure whether the CPU bug matters at all, given that you have, however inadvertently, downloaded something nefarious.
On an iMac or MacBook (and I am in the market for a new M1 MacBook, so this does matter!) then the problem is more serious. You can download apps from anywhere.
There is no saving grace (not even, there are so many other points of intrusion that this doesn't matter). Nor that similar problems plague Intel and AMD.
Back door in to the comms systems
I do recall when I was Application Support Manager for a sizeable telecoms company and found, quite by accident, that the installation engineers had deliberately installed a support line in to the main switch. The switch it self was HUGE, thing mainframe and add extra cabinets. These forward thinkingguys had put this modem in so they could remote dial in to the system and patch any faults. But they hadn't thought of any security. None whatsoever. You dialled in to the number and you had a console, albeit at 9600 baud, directly in to the internals of the switch operating system. From this you could do anything you wanted: Want a new number? Easy. A free-for-life phone line? Simples. Whats more, this went in at such a high level nothing was even logged so we never knew if this was hacked.
Can't get that printer to work? It's not you. It's that sodding cablin.... oh beautiful job with that cabling, boss
"Well Analysis - New Knowledge"
Which brings to mind a story of another system. This was to track oil tankers used in commodity trading. The name was "Tanker Information Tracking System".
Which was actually used, until one young female analyst found a new trading route, and promptly announced it with glee, only for someone to yell across the desk, "Then get it on your T*TS".
Management heard, and the name was changed that afternoon!
Use Windows and POS in the same sentence... Yes, that's right: Point of Sale. What were you thinking?
Can't remember them all? Do what a team I worked with did. Get the secretary to type up all the passwords on to sheet, in a large easy to read font. Then laminate it it and sellotape to a convenient printer in the middle of the team.
When I pointed out that this included several passwords to trading systems and data systems, and that it was easily readable from the lift lobby, which was public access, there was a collective gulp.
Their solution? No, your wrong. Taking it down would be to easy. They had a new blank bit of card put over the list of passwords, hinged at the top, so they could lift it up and read the password out (normally, shouted across the desk in a large open plan office.
Any suggestion of a shared password manager was treated with derision.
Drag Autonomy founder's 'fraudulent guns' and 'grasping claws' to the US for a criminal trial, thunders barrister
Minister tells the House of Lords it'll be another 12 weeks before UK's deleted criminal records can be restored
Part of the problem...
... is that the data predates wide spread rollout of relational databases. Its not just a case of restoring the rows to the tables. This is a hierarchical data store which uses record offsets to link to the next record in the set. What this means in practice is that once the erroneous delete happened there are only two ways back:
1) Stop the database and recover from backup. But that would wipe out any active ongoing investigations.
2) Restore the backup to a spare machine, run some scripts to compare the restored backup to production to see whats missing, and then manually re-enter the missing data by hand. The fun part is (re)establishing the links to all the 3rd party agencies that connect to the PNC.
Well, I suppose (2) could be improved by writing a program. But then you would want to test that VERY carefully, sort of like, much more carefully than the original script was tested!
Its not that simple, because of the links to distributed system. Having to restore and roll forward one system is bad enough. I've done it on mainframes and fun is not the word I would use. Add in that this is not a relational system, its ADABAS, and you have a whole new circle of hell to navigate.
Then, its not one database. Its many, with the PNC at the heart. You would have to restore and roll forward all the linked database. Now you REALLY are in the dark and smelly stuff.
Re: Backups - Not the answer
Unless you have inside knowledge that you are not sharing, I am calling bullshit.
The database at the core of the PNC is not the complete system. It is linked to a wide number of ancillary databases, such as DNA database, Fingerprint Database, etc. It is quite possible that the PNC was backed up. However, when the purge job goes ahead it will tell each of these other databases to delete the records as well. So they go ahead, in the sure and certain knowledge that the "Are you sure?" question has already been answered by the PNC operator.
Probably about a second after saying "Yes", the PNC operator has that "oh shit" moment we have all had in our past. Normally we would fake some form of error, shit the system down, restore the last backup and roll forward to about a minute before the mistake. Simples.
This is a real problem in any distributed system. Because now you have to get each of those system to restore and roll forward to the same point in time. And this almost never happens because the backups, transaction logs, even the timebase, is not synchronised across all these system. So you get left with dangling references between systems.
Its a problem for distributed systems. Its a real problem when you have distributed systems run by different organisations, on different hardware, OS, databases, and most probably with different backup strategies.
I agree is a monumental cock up. But a backup would probably not have been the simple solution you suggest.
Fun with halon
I worked in a computer room in the early 80's when Halon was all the rage. This was a VERY large computer room, the equivalent of several large aircraft hangers, with multiple main frames, tape room, printer rooms, etc. It was fitted with the "state of the art" fire suppression system. There was a control panel that prevented the halon from going off when people were in the room - well it gave you 45 seconds to get the flock out of there when the alarm went off.
The system was to have bulbs of halon in both the ceiling and floor voids. These bulbs had pyrotechnic devices to shatter them when triggered. Translations - a small explosive charge. They were wired in series with a trickle charge to show that the circuit was complete. It all showed up on the control panel outside the doors. What could go wrong?
Well, when the control unit has a hissy fit and fails dangerous, it sets off the charges. Which it did. Without any warning whatsoever. Some, but not all, the globes of halon exploded. Some didn't which from a fire protection point of view was a problem. However, a bigger problem for two of the operators was when they did go off close to a person. One of the main frame controllers was sat at his desk when the globe above him blew. He was thrown out of his chair and broke his arm.
Worse was to come. A lady in the tape room was reaching in to a tape unit (remember those ones with 2400' tapes?) when the globe beneath here exploded. She survived but here dress didn't. She ended up in her underwear!
Everyone had a ringing in their ears from the bangs, made worse by the rather belated sirens going off warning us to get out.
Icon - well obviously!
And you thought that $999 Mac stand was dear: Steve Wozniak's Apple II doodles fetch $630,272 at auction
you jest. But imagine the conversation between Jobs and Woz.
Jobs: Your keeping those scrappy notes now we have sold the fist Apple 1? Who would have thought someone woul buy that hand wired monstrosity for USD 666.66
Woz: Hold my beer. In in a couple of decades all the Apple 1's will be in land fill sites, and these will be a thousand time what that Apple 1 sells for.
Jobs: choke, splutter cough.
A 1970s magic trick: Take a card, any card, out of the deck and watch the IBM System/370 plunge into a death spiral
How to crash a vax with TDB
Back in the days DEV had their own relational database, imaginatively called Rdb. I was a trainer in SQL and Rdb for a short period. Towards the end of one day we create a test database, with a few test tables with date times in them. One of the students decided that a useful thing to know was the maximum time between entries in this table, ie how long did they go between receiving messages. So he wrote a cross-join over the table in a very crude way.
Pleased as punch that it ran on the table with a few 100 rows, he showed me his code. I strongly advised him not to run it on production, and that we would go over the code the next morning as a worked example.
Of course, he ran it on production, where the table was not a few 100 rows, it was 10 millions of rows. And of course he brought down the production share trading Vax. Fortunately for me, everyone else in the class had heard me telling him not to run it. Saving my bacon, but not his. We were man down after morning coffee!
ISP for fun and profit
Some years ago I worked with a telco that was rolling out a single rack unit that would replace a whole cabinet full of modems. This was specifically aimed at the large ISP's who had rooms full of racks, each one stacked with 9600 baud modems.
As we were talking to them a network engineer came in to the room and calmly powered off a whole cabinet, waited 30 seconds and powered it back on. When we innocently asked what he was up to, fearing our kit would have a hissy fit if he did that to it, he explained. One of the modems had got stuck and wasn't connecting properly. It was too hard to figure out which one it was, so he narrowed it down to the cabinet and simply power cycled all of them.
And all the other people copnnected? Don't they get disconnected? The reply was priceless: "Well, what do they expect for just a tenner a month?"
Fudging the CPU upgrade
I do recall working on mainframes in the mid 80's. We did a memory and processor upgrade to one of the Sperry Univac 1100's. Before we had field service put the new cards, actually I think it was whole racks) in, we wrote a job that would sit there and do nothing useful except gobble up all the memory and the new processor. When the new system was turned on, we told everyone to expect a performance boots, and so it was perceived for a couple of weeks.
Then, of course, people started to notice it was actually just as slow as before and issued complaints. So we tweaked the system to get more power, meaning we just started to ratchet down the amount of resources our cpu hog was taking. Happy users.
We kept this game going until well after bonus day, with praise coming in that whenever some user notices poor performance the system engineering team could magically get it fixed!
Burning down the house! Consumer champ Which? probes smart plugs to find a bunch of insecure fire-risk tat
Re: The stupid, the lazy and the first mover
A person I know has his Echo connected to his lights. Sounds great: "Alexa I'm home" and the lights in the hall, living room go on. He has the same thing at night "Alexa Goodnight" turns the lights in the living room off, and the Hall, Stairs and Bedroom lights on.
He thought this was great until we left the house together "Alexa, goodbye", and all the lights went out. When I pointed out to him that he had just told Amazon and everyone who can hack its IoT that the house was now empty, he was all "No, it's from Amazon, that makes it secure".
Zero. Zilch. Nada. That's how many signs of intelligent life astroboffins found in probe of TEN MILLION stars
IT blunder permanently erases 145,000 users' personal chats in KPMG's Microsoft Teams deployment – memo
Well, there goes their FSA license
KPMG should have their FSA license revoked, but probably won't.
I recall working with a large commodity trading group who had to install, and prove that they had installed, robust chat backup of all chat facilities. That caused a lot of angst when traders were told that they could only use specific named, versions of tools for IM and chat. These were the ones that had centrally controlled backup policies. Failure was to risk revoking the license to trade.
Conveiently being found out that all the history had been erased would not have been good. Not good at all.
Microsoft Defender casts a jaundiced eye over Citrix, slams services in quarantine on suspicion of being malware
Microsoft Defender fails Microsoft
A have a Surface tablet that runs Windows 10 and Defender. It has decided that a feature update from Microsoft is malware and refuses to install it. Windows 10 detects that the install has failed and repeats the download / install.
Rinse and repeat. The surface now can't take any MS updates.
So why not just disable Defender? Because its controlled by policies published by the CIO, who has read the Dummies Guid to Defender, and turned on all the defence mechanisms remotely. Including the one that allows safe removal of Defender.
So, I now have a shiny doorstop.
Geneticists throw hands in the air, change gene naming rules to finally stop Microsoft Excel eating their data
Why you don't use a spreadhseet as a database
How many time have we said it: EXCEL IS NOT A DATABASE.
It a wonderfully, full function spreadsheet. It handles spreadsheet data. It does it well, and for most people it is pretty inuitive. I normally bash Microsoft, but Excel is very good.
But it is not a data storage or data transfer tool. We have very good databases (SQL Server or Access if you want to stick with Microsoft - other databases are available).
So, Scientists, use a tool suitable for the job and stop whining when you use a hammer to crack a peanut and your peanut goes to dust.
Euro police forces infiltrated encrypted phone biz – and now 'criminal' EncroChat users are being rounded up
Well, me too.
"Our investigation found that your name, email address, and travel details were accessed for the easyJet flights or easyJet holidays you booked between 17th October 2019 and 4th March 2020."
But I haven't booked a holiday with EasyJet for well over 3 years. Certainly not between 2019 and 2020.
Me thinks the greek complains too much.
Former Labour deputy leader Harriet Harman calls on UK govt to legally protect data from contact-tracing apps
Re: "A minister's letter is not legal protection"
It was interesting when I looked as the Oxford University app. I am somewhat anally retentive abuout EULA so I downloaded theirs. Oh, yes, lots of happy-clappy statements about how safe the data was, how it won't be misused etc. And then it came to who they will share data with:
MailChimp (and here comes the spam)
This list goes on. Unfortunately, I can't find it in the app store to confirm all of this. But safe to say, I was extremely concerned.
Cloudflare goes retro with COBOL delivery service. Older coders: Who's laughing now? Turns out we're still vital
Hello World in Cobol
The issue is not how long Hello World is in Cobol (it's 5 lines, if your asking).
No, the problem is how long the JCL is to compile it on IBM/MVS - that can be twice the size of the program. EASILY!
Oh, and only truly experienced programmers remember that the compiler was called: IGYWCLG
Apollo 13 set off into space 50 years ago today. An ignored change order ensured it did not make it to the Moon...
Re: Lucky 13
Like you, I was glued to the TV and my little transistor radio. I had watched as Apollo 8 went around the moon in wonder and awe. I woke up at some ungodly hour to watch Armstrong and Aldrin walk on the moon. I was a child of the space race and it never, ever gets tedious.
I just rewatched the movie, obliviously knowing the ending, but never getting bored by it.
And yes, I highly recommend both of Kevin Fong's podcasts "13 minutes to the moon". The testament of those who are played out on the screen is fantastic, chilling and inspiring.
Damn you, coronavirus. Damn you. Now you've gone too far: James Webb Space Telescope, Moon mission work paused
Re: Sad, but necessary
Whilst I agree the steps are necessary, and that the moon is likely to be up there for some time (assuming Seveneves was not a prophesy), there is a problem. The James Webb space telescope was already running behind schedule and is fighting to make a launch window. If it misses the window, I don't know when it will launch.
If budget cuts happen (looks likely) then its just possible JWST could be another victim of COVID
Re: You don't need to know how 1,600 services work
With respect to the cruft that develops over time, Monzo say that they include metrics with each of these microservices. This means that they can detect what is cruft by monitoring what doesn't get used. They can then decommit those services that become unused over time as business models change.
Furthermore, if they record which services do get used a lot, and which are slow to deliver, then they know where to spend engineering effort to optimize.
I actually think this is very smart indeed.
Hat tip and a virtual pint to Monzo.
Ah, night shift in the 1970s. Ciggies, hipflasks, ADVENT... and fault-prone disk drives the size of washing machines
Re: Ah, that takes me back..
Yeah, loved working on the VAX. Ours was an 11/780. VMS was a sweet joy after working on JCL and HASP.
We did have to satisfy one user who point blank refused to have a terminal. He only used punch cards. So I think we had one of the few VAXen with a card reader and card punch, and still had to retain a very noisy manual card punch.
Re: it's a very nice library
That is indeed true.
It is also true that writing RIST code is not easy. It is very hard indeed, and requires taking a step back from what we normally consider the way to do things in languages like C, C++, C# or Fortran. In RUST memory has to be treated with respect. By comparison, if you treat memory with respect and code to RUST's exacting standards, the compiler will created and guarantee memory and thread safe code for you.
But if you start saying that this is just too hard, or too slow, and that you know best, you can quite easily create UNSAFE code that basically tells the compiler you know best. Sometimes you have to do this, for example when interfacing to raw block structured devices. You have to map the memory array in to a RUST structure and yes, you do know best.
But if you do this in application code, you are building a product that breaks the contract. Users will take your library and rely on it, because, well, it's written in RUST, so if it compiles, it will be 'safe' (for what the RUST compiler thinks is safe). But if it turns out that its not thread safe, or it doesn't play nicely with dandling pointers, etc. you are leading the users up the garden path.
So, a better approach would have been for those people who wanted a RUST safe version of Actix to fork the project, correct what they perceive as coding errors , and benefit the whole community.
Re: Not Permitted - Upvote
I know you're going to take some stick for this, but I do see your point. Personally, I dislike doing too much of anything in the browser, and certainly nothing that can be done on the server. Only things that really need to be done in the browser should be done there.
Mine's the one with Thymeleaf for Profit in the pocket.