
New eyes, old data
Absolutely fascinating and well done to the team.
I think many more discoveries will be made by looking at historic data.
200 posts • joined 11 Jan 2013
I shudder to think what GB's new data protection legislation will look like based on previous form, particularly the 'oven ready' Brexit deal with the NI Protocol signed in what can only be described as bad faith and the finger of blame now pointed at the EU rather than the UK government.
Any substantive divergence from current (EU aligned) GDPR carries the risk of organisations having to continue to comply with EU legislation if they want to do business with organisations and individuals in the EU.
Having then to comply with two sets of requirements means more rather than less red tape for UK businesses.
A new industry will spring up helping businesses to be able to demonstrate compliance with EU legislation and validate an organisation's data protection adequacy.
Plus the UK is no longer part of the club that makes the rules, but is still subjected to them. This was crystal clear from the beginning of this sorry process.
Aethon is a logistics company - other security horror stories come from toy and other consumer goods manufacturers who try and make their products smart.
It is better to prepare and prevent than it is to repair and repent (Ezra Taft Benson).
The extra cost of investing in proper cyber security by design would have been far less than the reputational damage caused by (in this case) at total lack of understanding or appreciation of cyber risk mitigation.
Product design is not just about aesthetics and ergonomics, it is just as much about security and reliability.
The company fined here has one share of a nominal value of £1, which is unpaid (thanks to the information available at Companies House). So a fine of £80k against the company may have been issued and that makes a good headline, but it will never be paid.
It is time that the culprit here (and others like him) are held personally liable.
The thing is, most of us are completely unaware of how much data we consume.
Networks have become so good and fast (generally speaking) that they are no longer a constraint for what we want to do.
With that:
- websites have become more content rich and more network dependent / dynamic
- videos have gone from 480 or 576 line resolution to HD or even UHD at 2160 lines (not that you need that on a relatively small smartphone screen)
- images are often not optimised in documents (e.g. logos which make a standard Word document 2MB or more in size before you add any text)
- ...
Wouldn't it be nice if data consumption was considered in the building and running of applications and content to ensure that it is fit for purpose, but not wasteful. Every byte processed, transmitted and consumes requires energy.
I am living that reality working with battery powered LPWAN devices and networks - and this is constantly on my mind.
At a much larger scale it also applies to mobile/cellular, WiFi and wired communications.
"The problem is that no one has ever done a comprehensive study of how good the filters on altimeters are, so no one knows how bad the problem will be."
Better get on with doing a study then rather than speculating what may or may not happen. We can speculate 'til the cows come home and I am sure there are good arguments for both sides.
The reality (and outcome of a thorough study) will probably be somewhere in the middle of the two extremes, resulting in a qualified 'go ahead, but within the following parameters'.
Congratulations to the team that achieved this.
Pure science is wonderful even if practical applications may not be immediately obvious.
Sometimes you do stuff just because you can! For simplicity, try paper cups and strings :-)
Megaphone - not to be shouty, but just because it is adjacent technology...
The economics behind Content delivery networks (CDNs) are quite simple:
The content provider pays for peering bandwidth when the destinations (Netflix subscribers in this instance) 'sit' on another ISP's network. That costs money, and as someone else said earlier, as on demand video is streamed (unicast) rather than broadcast or multicast, every active video stream consumes bandwidth - and in this case peering bandwidth.
At some point (scale) it becomes cheaper to invest in infrastructure which hosts content closer to the subscribers, thus minimising the ever growing peering bandwidth costs. Hence the rise of content delivery networks. Updates are pushed from a core to the edge nodes once, and the edge nodes then serve the streams in their locality.
It looks like SK telecom is actually concerned about the economics of their own backhaul networks and potentially even local access (something that CDNs don't address) - and in that case Netflix, YouTube, Prime and other (video) services being consumed more and more may require investment in greater bandwidth and less contention than they have previously got away with. Netflix, in that instance, may just be the biggest target for SK Telecom to address their issue.
SK Telecom seem to be caught between a rock and a hard place - price competition for broadband providers on the one hand and rising network costs and required investment on the other. Kicking Netflix off may fix the network capacity issues they seem to experience, but may lead to a customer exodus at the same time.
The network is just a pipe.
SK Telecom seems to have forgotten that simple fact.
People only pay for the pipe because of the content they want to consume - not because the pipe is so wonderful.
Pipes can be substituted (fairly) easily and SK Telecom has about 15% market share in the fixed line broadband market in SK (21.5 million households, suggesting about 3m connections).
Netflix have about 3.8m subscribers in SK altogether.
The network provider will 'lose' this battle - they will either back down or lose end customers.
The Nature article explains the kWh reference as follows:
In the context of specific yield, we use kWh to denote primary solar energy prior to thermal and other losses, and kWhPV to denote electrical energy supplied to the device from PV panels after conversion.
Solar irradiance at or the equator can be up to 1.36kW/m2 (at the top of the atmosphere)...
While still 'alleged' behaviour, this would not surprise at all.
Just watching 'Billion Dollar Code' and I am quite sure that all of these shenanigans are not isolated incidents or accidental, but deliberately anticompetitive and cold-hearted capitalist in nature. I don't mind capitalism per se, but the ugly excesses it sometimes drives.
Azure, AWS, Akamai and Cloudflare are all claiming the 'biggest DDOS' crown - a bit like superyachts - is it length, is it displacement, is it internal volume?
Regardless of whose is the biggest - these are all serious and likely to only get worse. Makes it very clear that CPE based DDOS protection for on prem or dedicated data centre infrastructure would never be able to fend off a volumetric attack (but may clearly still be very relevant to application layer DDOS mitigation). Volumetric DDOS mitigation requires a network and collaborative mitigation strategy.
If I read this correctly, the complaint is that the vehicle did not ascend inside a specified imaginary tube, but strayed outside it for 2 minutes. I doubt airspace at that altitude was terribly crowded (i.e. probably nothing else around for tens of miles) and this cannot be compared to someone drifting across lanes on a busy motorway.
Will be interesting to see what the investigation establishes in any case.
It is not Vodafone and VirginMedia delivering this service, but Capita - and it is an MPLS network:
https://www.scottishwan.com/media/1219/swan_architecture_diagram_new_brand.pdf
I understand and agree with what you are saying about the NHS - certainly for hospitals and those sites where you may want to conduct remote surgery (are you volunteering as a subject?), hence my reference to hospitals as candidates for WAN infrastructure rather than Internet delivered services. Same will apply to some of the other larger public sector sites.
EMIS is actually available over the Internet (via a VPN connection) today. Not sure if that is a temporary exception due to Covid home working requirements, or a permanent feature. To support my assertion see the link below:
https://support-ew.ardens.org.uk/support/solutions/articles/31000154893-how-to-access-emis-web-from-home-including-smart-card-readers-
As it happens I am very familiar with public sector networking as well as the current and previous iterations of the services in this article, which is why my unsupported assertion about the volume of Internet traffic is exactly that, but an informed one. Almost all school network traffic is Internet-bound and schools typically make up c. >50% of local authority sites.
Quality of service is an interesting point and the old chestnut argument for MPLS services. It has its place, but there are very few services and sites that actually require it. Web based services are built to cope with the variable performance conditions of the Internet (which are often less variable than WiFi in a public sector building). Covid and home working has proven that pretty much anyone with a half decent Internet connection can easily use video conferencing, collaboration tools and corporate email / systems from home.
Just to set the record straight - Capita won the deal and operates the network. Vodafone and VirginMedia bid jointly together, while the third bidder was BT.
You are right in that VirginMedia's presence is geographically limited in Scotland and does not cover the full country. That itself would not have disqualified them and Vodafone's infrastructure across rural Scotland is significant anyway.
Capita's position was even more extreme, as it is not a carrier and leases infrastructure / circuits from a number of providers - Openreach, VirginMedia and others. This is common practice and can be successful - economically and operationally, as proven by Capita who extended the scope of this contract significantly over the life of the service.
The strategic question is "WHAT should be procured"?
Given that most network traffic is now Internet or cloud service bound, the need for private WAN services should reduce to cover sites which really need it (data centres, potentially large offices and hospitals), with the remainder of sites probably quite happy sitting on a half decent broadband service (thinking about schools, smaller offices, GP surgeries, pharmacies, etc.).
A smaller, high performing private WAN and lots of managed Internet connections might be a better / more flexible and cost effective solution.
Just saying...
No real surprises in the financial statements, but the clear shift in the market to full fibre delivery for consumers comes through in the statements from BT and VirginMedia O2.
CityFibre and other niche FTTP/FTTH players have thrown the cat among the pigeons with their fibre ambitions - and it is great to see this (finally) being picked up by the mainstream carriers.
BTW - I apologise to all cat and pigeon lovers for the use of this idiom in the spirit of Chief Cameron Miekelson - just over two minutes of light hearted entertainment can be found here if you haven't seen this before:
https://youtu.be/NBGOryiqZZI
We all know how well that works out with DVLA data and unscrupulous car parking enforcers...
While they may currently say that data would not be shared for marketing or selling purposes, private sector organisations will extract value from it - fine tuning insurance premiums, tailoring products and services (obviously for improved revenues and profits), etc.
I don't make this comment flippantly, given the tragic loss of life associated with this:
Boeing 737 MAX showed that even in a mission critical environment and on an aircraft costing >$100m, sensor redundancy was not implemented.
If it is not done there, then it is unlikely to be done on other systems where we may be inconvenienced (not killed) when a sensor malfunctions.
Repairs also need to be economical. Had a washing machine a few weeks ago where the bearing needed to be replaced. A standard repair item for many machines at £10-15 for a set. For my model, the combined item included the drum! Total cost £180 (plus labour).
Phil Zimmerman felt the heat of the US government when it conducted a criminal investigation into his (alleged) 'munitions export without a license', i.e. PGP being made available globally. Thankfully this was dropped.
(All) governments have this lovely double standard - they want to keep their own communications secure and private, but be able to read everyone else's.
Definitely the right direction of travel.
I am sure there will be some teething problems and it will be interesting to see how tight OpenRAN specifications are for true, cross-vendor interoperability.
Remember 'standards' like DPNSS which offered basic baseline features, but much of the meaningful stuff was still vendor specific? Or in the early days of VoIP you had two competing standards for DTMF transport - in band and out of band - and good luck to you if you connected two systems with different implementations that needed to 'talk' DTMF across them...
The devil is in the detail here:
The PSTN is getting switched off (which includes many of the services most people are familiar with such as analogue exchange lines and other services that rely on the WLR product from Openreach such as ISDN2 and ISDN30, lift alarm lights, traffic light connections, etc).
The copper remains in the ground and will provide services for a while longer...
Many will still use FTTC (the connection from the cabinet to the end location is still copper) and ultimately then migrate to the follow on product SOGEA (i.e. no underlying phone line anymore). Even at that time the copper is still in use.
It will take much longer to connect every home with fibre all the way.
The marketing machines selling FTTC as a fibre service have a lot to answer for!
Salespeople are largely coin operated and will find ways of maximising their income based on the incentive plans put to them - there is nothing wrong with that. Commission plans need to be designed to incentivise behaviour (and deals) which are in line with company objectives.
I have no issue with salespeople earning large commission payments. Their total pay has a significant risk element to it (often lower basic salary, but higher total earnings potential through commission, easier to fire through 'performance management' as few others have as stark a performance measurement as "% of target achieved").
Moving the goalposts after the fact is wrong, but I have seen it many times - the money 'saved' is offset by higher staff turnover and high achievers probably leaving in disgust at a time of their choosing.
In this case HP got the benefit of the deal(s). Commission should be treated as a cost of sale and paid according to plan.
Disclaimer - I do not work in Sales...
Biting the hand that feeds IT © 1998–2022