* Posts by Rob F

39 publicly visible posts • joined 4 Oct 2012

For password protection, dump LastPass for open source Bitwarden

Rob F

Re: Why not share via Bitwarden?

I've worked at a number of MSP's before and having an enterprise grade password sharing system is paramount. Ideally you'd have everything authenticating through an individual's identity for each client, but there are just some systems that won't allow it or it's prohibitively expensive for the services cost model.

The password gets wiped from the systems memory and the password is never shown on screen in clear text. Every access for the password is audited and there is granular control on access for each password, if you need it.

It also helps you with password rotation with reminders to change passwords etc.

It isn't completely foolproof, but nothing ever is. I'm not aware of any of the systems that were used ever having a password based breach.

Supply chain blamed amid claims of Azure capacity issues

Rob F

It really depends on how flexibly you can implement your solution. There are some architectures I have designed and deployed that could agnostically move anywhere. Making networking decisions that allow easy transition of frontend and backend services is one thing, as well as keeping resources as stateless as possible.

Elon Musk set to buy Twitter in $44b deal, promises stuff

Rob F

Does anyone recall the downfall of Digg?

It only takes another platform to scale out and take the attention away to heavily disrupt Twitter. The Twitter Infrastructure blog has always had interesting posts on what they've been doing https://blog.twitter.com/engineering/en_us/topics/infrastructure and although they have their secret sauce IP on how things work, it wouldn't surprise me if an equivalent couldn't be quickly brought to compete with it. The bigger problem, if it could be overcome, would be financing it.

Alarm raised after Microsoft wins data-encoding patent

Rob F

I didn't know that

Quite a thorough process https://maierandmaier.com/practice-areas/post-grant-practice/post-grant-review/

AWS chops data transfer fees by massive extension of free tier – 2 months after rival previewed R2 Storage

Rob F

Just waiting for Azure to respond to this

with their exorbitant egress fees.

We have some sad news about Facebook. It has returned to the internet after six-hour mega outage

Rob F

Re: Not a failure of testing - a failure of change enablement

While I agree with you that the WHATIF process needed to be run, since they run everything through Facebook, there was no out of band recovery process for when things go wrong. I'm still speculating that they somehow added an illegal character into a change and the system doing in the BGP modification received some form of empty string that was empty that was then pushed.

Some things just can't be tested because it is impossible to simulate the production environment, so you just have to continually improve your failsafe mechanisms, to mitigate that.

AWS announces new region in the Land of the Long White Cloud – New Zealand

Rob F

There is quite a bit of discussion with customers about repatriating services and data

We've had quite a few discussions with customers about going into Cloud now in Australia and then bringing those services back to New Zealand when the Cloud Platforms are available. This seems to sit well with a lot of customers, and we've had a lot of commitment on the basis of Azure and now AWS committing to build into New Zealand.

I think interestingly that the Virtual Desktop products are one of the hottest tickets of discussion. I had thought VDI was going away, but it has returned with a vengeance, especially with the extended lockdowns we've had and customers moving into further commoditisation of bring your own endpoint options.

New Zealand has been shown in recent times to be a forward thinking, digital ready market, and I think this is the outcome of this.

Microsoft Azure deprecations: API changes will break applications and PowerShell scripts

Rob F

Microsoft are famous for backwards compatibility

But I think they've had to change their approach with Cloud because they are such a vector for attack and just have to keep moving forward.

Annoying for people maintaining systems, but potentially a necessary evil.

Google's newest cloud region taken out by 'transient voltage' that rebooted network kit

Rob F

Australia does seem to have some brown out issues

Which is why the Tesla battery farm in South Australia.

I wonder if there was a surge due to non-consistent supply?

Cloud load balancer snafu leads to 3D printer user printing on a stranger's kit

Rob F

I experienced a similar NAT problem about a decade ago

A security engineer installed a new Barracuda appliance at a community college. The next day I get a call out that their SBS server had crashed and no mail was being sent or received and the SBS was generally not serving requests.

When I looked at the system, the mail queue had 300k objects and I had to halt all services just to stop things crashing. I did a lot of cleanup, which I won't bore you with the details of. I then investigated wtf happened and it turned out that the Barracuda had NATd all public SMTP delivery to appear as an internal IP to the Exchange server. The problem is that the college had previously put in a SMTP relay configuration that trusted all internal IPs. Some spammers had quickly identified this and smashed it to send out their payloads. The public IP finally got blacklisted and I had to then go through the fun of getting them whitelisted through all the PBLs etc.

Security had managed to make the environment worse, but did fix it afterwards.

China sets goal of running single-stack IPv6 network by 2030, orders upgrade blitz

Rob F

I thought IPv9 was being ratified

and resolved some of the shortcomings of IPv6. https://www.researchgate.net/publication/340381435_Comparison_Research_on_Future_Network_Between_IPv4_IPv6_and_IPV9

The problem may be that the copyright and ownership is Chinas.

Ah, I see you found my PowerShell script called 'SiteReview' – that does not mean what you think it means

Rob F

A company I worked for back in the early 2000s

Acquired a business that was owned by a guy that also owned the local video sex shop and was very relaxed on what could be on systems or openly watched.

There was a grace period to get people to clear out anything that breached our business policies, but one guy was too far gone and not only kept about half a terabyte on the file server, but would also openly watch it.

We ended up having to fire the guy after multiple warnings and I don't think he could reconcile that he'd done anything wrong.

I found stuff in folders for months after that.

As another vendor promises 3 years of Android updates, we ask: How long should mobile devices receive support?

Rob F

Mobile tech gets old quickly

I can understand the predicament that vendors have with mobile phones as even though the form factors aren't changing that much, the componentry dramatically changes in new phones across 5 (or even 3 years). We have problems keeping spare parts for enterprise IT equipment for that long because of the supply chain changes. You should see how much HPE charge if you want hardware support beyond those periods.

I'd be of the opinion that vendors should allow you to move to a generic Android or customised ROM once support for your device ends, so you can at least continue to receive software updates.

Going back to the hardware topic, it's possibly an option like what they have done with some OS's to have a long term release version that people can choose to purchase that gives them a longer period of support and parts availability. The question though would be whether it was in anyone's financial interest to do so.

Robo-taxis hit the streets of Beijing – albeit a small fleet in a geo-fenced suburb

Rob F

I'm excited about robo-taxis and automated vehicles in general but...

I think somewhere like China had to do it first, for less than ethical reasons.

First is the insurance company model, especially in the West, still hadn't got the situation sorted regarding culpability with incidents with automated cars. Second, China has the kind of control that could strong arm any bad PR off the face of the earth, until robo-taxis become the norm and the bugs are tweaked out of it.

I might be just following the trope of China = bad, but like a few developments in the last decade or so, there's had to be an element of Wild West before things become a bit more established and adhere to protocols etc.

I'm really hoping one day to convince my City of residence, Auckland, to invest heavily in automated vehicles, because we are about 20 years behind schedule infrastructure wise.

Welcome to the World Of Tomorrow, where fridges suffer certificate errors. Just like everything else

Rob F

Re: Reg 'fridge

I actually did my University last year project on this in 2000. It unfortunately wasn't viable back then, but the cost and supply chain/blockchain availability makes it way more viable than it ever was. The other problem back then was the network connectivity and IoT capability. The latter of this article shows this still is in its infancy.

I've worked with a number of power groups using SCADA and even their enterprise industry grade boxes are poor protection wise and so any hope of customer grade being anywhere near protected is a pipe dream.

I imagined a connected kitchen that a) could determine the power requirements for food in microwaves and ovens, b) could actually start cooking food based on your remote commands and c) would give you meal recommendations based on what you had in your house and the expiry dates etc.

I wanted to patent a) but there was already ambiguous submissions that would have contested it.

Facebook's Libra is a terrorist's best friend, thunders US Treasury: Crypto-coins dubbed 'national security risk'

Rob F

I quickly read the Libra White Paper

It is here if you are interested

https://libra.org/en-US/white-paper/

I'd say a decent amount of provisions have been made, like the establishment of an independent subsidiary Calibra.

KYC of all users is required, so I'd say the national security risk excuse is bunk. Could it destabilise established currencies in the future? Possibly, but it is supposed to be a stable coin.

The backing of the currency with assets is something that should help with the coin confidence. https://libra.org/en-US/about-currency-reserve/#the_reserve

To be honest, I understand the concern about anything associated with Facebook being bad news, but if you think about why they would want this to exist, it's just a really great way of removing the barrier to entry for so many commercial platforms. They could effectively wipe away any currency conversion costs that currently cost them money and hassle. No doubt that they could probably drive analytics on your purchase patterns etc. which will be another revenue stream, but the fact that Visa and Mastercard are already on the Libra consortium suggests this isn't going to be something new to them.

Official: The shape of the smartphone is changing forever

Rob F

Augmented smaugmented

Never mind screen ratios, what is my augmented reality view ratio going to be?

My last two phones have been the Huawei P9 Plus (18:9) and the Samsung S9 Plus (18.5:9) and I really don't notice any difference between them viewing wise, despite the S9 Plus having a 0.7 inch longer diagonal display, despite being only 5% larger length wise. The width of the two devices is identical, any larger and I wouldn't be able to use it as a phone or have it fit in my pocket.

Feds charge Man after FCC boss Ajit Pai's kids get death threat over net neutrality axe vote

Rob F
Terminator

I never understood the position of the 'victim' to have the position on whether to press charges or not. Regardless of the decision, the person did or didn't break a law. Why it matters how Pai thought on the issue should be irrelevant to whether charges should be held. I guess police would prefer to have the backing of the victim as they are able to get co-operation and conviction that way. Does anyone ask the family of a murdered person whether they want the case dropped or not.

I despise Pai and all the self interested groups that have removed Net Neutrality and have had fantasies of making them suffer, but stooping to their level or worse will always come back to bite the other side in the ass. I wouldn't almost counter that they are banking on the over-reactions to justify the means.

Great time to shift bytes: International bandwidth prices are in free fall

Rob F

This sent me down a rabbit hole

Some fascinating research from NTT Data about the developing SDM

https://www.ntt-review.jp/archive/ntttechnical.php?contents=ntr201706fa1.html

https://www.ntt-review.jp/archive/ntttechnical.php?contents=ntr201706fa3.html

The exponential growth from Tbps to Pbps doesn't actually seem that far off.

Rob F

Re: Wavelength? Not bandwidth?

I guess they are both technically correct, which is the best kind of correct.

https://sites.google.com/site/bit4554fiberoptics/how-it-works

"Wavelength-division multiplexing (WDM) can transmit multiple optical carrier signals on a fiber pair by using different wavelengths. These wavelengths are sent down branches to their expected destination using wavelength filters. WDM provides full mesh connection by wavelength and facilitates the allocation of dedicated wavelengths between two specific nodes. WDM can also be upgraded by adding more optical channels without additional fiber. The multiplexing of several wavelengths on the same fiber allows 16 x 2.5 Gbps of information to be carried throughout the oceans."

So, 4 multiplexes on a wavelength gives you the 10Gbps.

Hey cool, you went serverless. Now you just have to worry about all those stale functions

Rob F

Re: BaaS

I see you are following the Ticketmaster Mantra

BlackBerry unveils bold new strategy: Suing the c**p out of Facebook

Rob F

Re: Enough, already

It may take a case of this size for the software giants to force that kind of change.

If it can't be removed, then reducing the term to a few years may be an acceptable compromise

At last, sex trafficking brought to an end with US House vote on new internet law (Yeah, right)

Rob F

How did they manage to miss this opportunity?

Stop Inspiring Sex Traffickers Act (SISTA) - Fight Internet Sex Trafficking Act (FISTA). Nod to Ali-G.

On a more serious note, places like Australia and New Zealand take a much more pragmatic approach of legalising brothels and escort agencies and aggressively patrol it, rather than forcing it underground. Anyone trying to circumnavigate the rules gets the full force of the law. I believe women (and men) that choose to be involved in the business are vetted to ensure there isn't a coercion underbelly.

I am beyond being surprised that any of the recent legislation coming out of the USA is anything less than a capitalist, oppressor, oligarchical wet dream. Nothing is allowed to hit the Senate or Congress without it being meddled and having cheap shot caveats injected into the legislation. Adding riders is just another unbelievable perversion.

Virtual assistant backlash imminent so buy them anyway

Rob F

Re: Hmmm

I support a number of Legal firms and speech recognition has revolutionised the dictation and transcription processes they have to run through. The product of choice appears to be Nuance's Dragon Legal. I asked out of interest what the accuracy level they were having and they said it was in the high nineties and doing a clean up at the end wasn't too time prohibitive.

I can't remember if Legal admins could bill for that time, so if they couldn't it has allowed them to up their billing hours or be more productive.

Verizon is gonna axe its 'unlimited' data hogs

Rob F

Semantics of a word

The argument I have seen for this is determining what the word unlimited is. To me, unlimited in the context of internet is unlimited bandwidth. I have been led to believe that the industry wants to use it as unlimited availability. It is an easy assumption to make when you have been on a capped service and move to an unlimited service that there is no cap, meaning you have unlimited availability and bandwidth. I don't know why one would be surprised by this confusion? I guess it gives the ISP's an easy out when they say "Oh we meant X, not Y" and then boot people who they perceive are abusing the service, but can still advertise it as just unlimited.

It also gets interesting when they perceive you to be using a home broadband connection for business services. They can get nasty about that too.

YouTube stars shilled for Warner Bros, screwed up, and now the FTC has written an angry letter

Rob F

Re: Reap as you saw

This happened in Italy especially with the prime time gameshows. They actually had to implement a law that had a visible statement on screen when they were actually advertising something. The presenter would just waltz into another area and start talking about said product or products. I recall finding it reasonable and not as jarring as diving in and out of adverts. They would just transition back into the show.

VMware licence changes put users on upgrade treadmill

Rob F

Re: AWESOME!!!

I wish I could agree with you, but I don't. Every project I have to work on as an integrator is hampered by the shortfallings of Hyper-V. People need to remember the following: If your environment is complex or mission criitical and doesn't require multiple hook ins to your DR, storage and other automation products, Hyper-V is not for you. It is good enough for a simple environment that doesn't need in-depth root cause analysis because the available tools (3rd party or Microsoft) are lacking.

It does a reasonable job regarding VM management, but it still feels at the level of an ESXi 5.0 environment i.e. rough around the edges, but good enough. Expect to spend the amount you saved on licenses and more on getting people to troubleshoot and configure your environment

Caption this: WIN a 6TB Western Digital Black hard drive with El Reg

Rob F

The GoPro predecessor was slightly larger than Ted expected.

Virtual currency speculators shut down cloud

Rob F

Re: Cross Marketing

If you had said AWS and PrimeCoin, I would say you were on to something as they charge by the clock cycles. Companies like DigitalOcean are only going to make money on Pareto's Law where 20% of the servers are heavily used. If all your servers are running at 100% CPU 24/7, then it will get very expensive for them very quickly or they will have to change their business model.

What do you mean WHY is Sony PS4 so pricey in Oz?

Rob F

Here in the land of the long cloud

NZD$649 around USD$10 cheaper than in Australia. https://ebgames.co.nz/featured/playstation-4

In general a 1 to 2 kg device would generally cost NZD$100 to deliver plus import tax for expensive items, so I'm not actually feeling too sore about it.

Bill & Jobs' excellent adventure: Steve's tech looked better than mine

Rob F

Citrix

I use Windows/Office very happily on many a fondleslab with Citrix.

Citrix for the home user would be a nice addition.

DoJ to Kim Dotcom: We never asked you to retain files

Rob F

Re: Whom to believe

It isn't that hard to fabricate an e-mail. You can fabricate the delivery path and the headers and even the content themselves. For that very reason, the football association only accept faxes or e-mailed scanned documents on the transfer deadline.

So unless Kim has something concrete like a signed document from them, then he's going to struggle to prove this case whether it is true or not.

Sheffield ISP: You don't need a whole IPv4 address to yourself, right?

Rob F

This is how I see it going

The final block will finally be sliced up and exhausted and then we will be on to the exciting game of highest bidder wins. Like carbon credits, the price will go up as the availability decreases and especially ISP's and hosting companies will have to acquire ranges any way they can. I have already been involved in a project where a company had an entire migration to a managed datacentre for their web-servers (some major clients) which was pretty involved, for the princely sum of a /20 range that they owned.

I also know Universities that have so many public IPs that they use public ranges internally so don't be surprised if they suddenly make a quick buck by selling some of those ranges.

The tipping point is when the price of these ranges changing hands becomes more expensive than just upgrading the infrastructure/using 6to4/etc. The question in my mind is just how quickly these prices go up. If it is reasonably gradual, then the majority will have time to get themselves sorted. If if goes into the stratosphere very quickly, then get out the popcorn because it is going to get interesting.

Telecom NZ slashes cost of unexpected journeys

Rob F

Offsetting Vodafone's efforts

I'm pretty sure this is a response to Vodafone NZ releasing their Data Angel plan.

Pay NZD$15 when you land in Australia and get 100Mb of data. The same price gets you 40Mb in Europe, Asia and the USA. There are higher data amounts and usage lasts 30 days, which is pretty good.

Business sues for $750,000 over bad Yelp review

Rob F

Beware uninformed customers

I worked for an insurance remediation contractor service in the UK on the IT side. I had to write a number of workflow systems through the CRM system to filter out anything that wasn't a verifiable complaint so it could could be correctly reflected in the reporting system.

People would complain because of things like we couldn't replace the model of sink that was manufactured 20 years ago or because we wouldn't repair beyond "as fit" (as per your insurance agreement). The majority of the real issues lay down to heel dragging on behalf of the insurer, agreed scope of the work and the customers understanding of that (i.e. it may not have been explained well). Most people don't read the fine print in their insurance and get bitten by it. Just because it was the cheapest insurance doesn't equate to equal coverage to a more expensive one.

10 Gigabit Ethernet still too expensive on servers

Rob F

I am working on a education VDI deployment

on a large greenfield campus. Their preferential vendor was Dell and their core switching is Brocade.

Pricing up the Dell Blades was a strange one because the M620 comes with 10G on the LOM. Additional 10GB Broadcom cards were the same price as 1GB cards and that is before the insane discounts that the education sector gets.

The M1000e was kitted out with 6x IO Aggregators which have QSFP+ on board for a 40GB to uplink. Unless you start spending silly money trying to convert the QSFP+ to optical, you need a SFP+ or QSFP+ capable switch. The one that made sense was the Force10 S2410, but it doesn't exist any more so we had to go for the S4810 which comes in at $30k and then there is the price of the cables. Again education prices made these dramatically cheaper.

Where it got really expensive was the Brocade MLXe 24 port SFP+ modules. Unfortunately the Brocade MLXe doesn't support 40GB QSFP+, but their top of rack switches, the ICX 6615 does. Also Dell were being really fussy about what they would support, so this became a no go.

So really, this reiterates what others have said. Switch prices and options are the problem. I am struggling to justify having 96 SFP+ ports on a two-switch redundancy design, but it was really the only option given to us. When the environment is fully kitted out with SANs, uplinks, connections to the Blade Chassis, we will only need to use 4 per blade chassis, 1 per iscsi SAN and maybe 4 to the core.

Datacentres have a different problem, but environments that are smaller really need some smaller switch options to justify 10GB or a reduced price point.

HP upgrades Linux Foundation membership to Platinum

Rob F

Re: Internal investment

Recently had to work on a DL380p and the new HP Intelligent Provisioning application on the NAND looks like it runs some form of Linux.

Also, if Steam starts to get serious about their Linux games, HP would be probably keen to ensure their prospective consumers have decent graphics drivers.

Surface RT: Freedom luvin' app-huggers beware

Rob F

Re: "New apps can only be installed from the Windows Store"

The Computer nerd in me says that you are absolutely right, but my experience is that if Microsoft take a similar approach to the store as Google does then most users aren't going to care that they cannot run unsigned code. If they put their business interests first, then I guess it will be a race to see who unlocks the system first and get the EFF to defend it.

ScanJet sings number one hit

Rob F
Thumb Up

I think my favourite musical computer component goes to

What is Love on 8 Floppy Drives

http://www.youtube.com/watch?v=Xk_XaJ7gE4Q

and

Radiohead - Nude

http://www.youtube.com/watch?v=pmfHHLfbjNQ

Could do without the torturous memory of waiting for tapes to load.