Posts by Lee D

Re: The only reason "everyone" runs Outlook is because "everyone" uses Exchange.

Samba is used for SMB/CIFS file access. It works. And a lot of devices have it (most is pushing it... most Android tablets would never ship with Samba by default, there are apps to be SMB clients, for example - sure, NAS, media centers maybe, etc. but otherwise no).

But that's just one tiny feature - with no authentication whatsoever. That's the "home user accessing the computer that's open to the entire network" feature, not any significant usage of SMB/CIFS that even a basic NAS would implement.

Centralised storage relies on authentication. Authentication relies on Active Directory/LDAP/Kerberos integration. In the case of Samba, those things aren't "standard" LDAP/Kerberos, I believe (correct me if I'm wrong, but didn't Samba have to ship with its own implementations? That may have changed now, but the days of things like LikeWise Open etc. it was necessary to install completely different and separate versions to the LDAP/Kerberos software that came as standard on most distros).

Samba touts itself as:

"the standard Windows interoperability suite of programs for Linux and Unix.... secure, stable and fast file and print services for all clients using the SMB/CIFS protocol... an important component to seamlessly integrate Linux/Unix Servers and Desktops into Active Directory environments. It can function both as a domain controller or as a regular domain member."

You're talking about unauthenticated (or trivially authenticated, i.e. local computer logins) access to a share... but the software is claiming to offer an interoperability suite for Linux/Unix machines, as well as AD integration and domain controllership.

Additionally, although such SMB/CIFS isn't trivial to implement, it's literally just a tiny and necessary first step to any kind of network integration. It's literally not even enough to log into a network shared drive, for instance, rather than a home shared drive. Samba have had "co-operation" from Microsoft enforced by an EU court, not to mention EU funding, and DECADES of developer time put behind them. And they fulfill one tiny component.

Sure, the software gets used a lot for that (basically the equivalent of "smbclient" functionality, as was), but Samba is claiming to be, aiming to be, and has for a long time wanted to be, a lot more than a network filesystem interface. And yet it still can turn into a nightmare to, say, get to \\domain.com\netlogon ... AD auth, DFS, internationalisation, ACLs, etc. all kick in on even the most bare basics of "trying to get your Unix machines to talk to Windows machines".

There are no domain admin tools. Not even an "AD Users & Computers" equivalent. We're told to "just use the Windows tools" (I'd actually pay more for a Windows AD management tool set that worked on non-Windows computers, than I would for a software that let me set up a Windows AD running on a non-Windows computer). So you can't run a Windows-style AD using Samba alone, without having to manage users extremely manually.

The fact is, 27 years after initial release, 15 years after "Active Directory Support" was listed, it's still not there for anything other than a bog-standard, simple-passworded share - something trivially achievable with TFTP, let alone NFS or similar alternate technologies. But we have "Apple Time Machine Support" and Btrfs-compression!

I have created, managed, and decomissioned entire school networks reliant on Samba and projects like Likewise Open (as was, it keeps changing names) - one school we had netbooks that authenticated against the AD via PAM. They "work". If you're prepared to accept a whole bunch of caveats, severely limited functionality and manageability.

The reason is that it's incredibly hard to follow the protocol. Even just keeping the barest of "I'd like to access \\server\folder\filename" functionality working, up-to-date and secure takes up a vast chunk of developer time once it involved integrating with a fast-moving proprietary product that has to be reverse-engineered.

P.S. There's only one command in Window Powershell that I use with any regularity. The modern equivalent of ntdsutil to promote/demote DCs (I never remember the commands and have to Google them each time, that's how often I use them). Given that I administer Windows networks for a living for the last 20 years, using that as an attack on Windows is really quite weak.

Fact is, I can create and permission a user in Windows AD in seconds, including fine-tuned delegation of AD editing rights to the user, and all kinds of settings, group membership, inheritance, etc. It's just not possible in "Samba"... certainly not without an entire swathe of commands typed in on the console - and in a Samba-only environment, I'm not sure it's possible at all (you need AD Users & Computers running from a Windows machine?).

What you have is the equivalent of saying "We have Microsoft Office" when what you really have is a command-line tool like antiword that parses a .docx file for text. Sure, that may be "all most people need" but it's certainly not what's been advertised for the last 15-27 years.

Re: Look out

An early death costs huge in terms of taxes returned over your lifetime, not to mention effect on any children, etc.

The insurers may want you to die early, but the NHS will still have to fund you for treatment, and you won't be paying back student loans, debts, mortgages, taxes that you've been given (e.g. to fund your education, etc.).

"What an insurer wants" is vastly malaligned to "what's good for society".

Re: Deeply concerned about staff downtime

Much more concerned that there's no central update mechanism, GPO or scripting to run the client update, or even RD so you do the entire thing from one place.

RUNNING around is a sure sign that you don't understand IT and are about to break something much more important than a bunch of shirt buttons.

Hundreds of machines, thousands of users, and I've run more because "some guy just tried to plug in an unauthorised USB stick on the other end of the site" than anything else.... ever.

Re: Not sure if I read this right...

You'd be amazed at the places that use SQLite.

I've seen it everywhere from access control products to website to educational software.

It's usually bulletproof. Because even when you allow people to throw arbitrarily corrupted databases and any SQL query you like at it, if you properly secure it, it's almost invincible.

As stated, even this flaw isn't possible if someone bothers to read https://sqlite.org/security.html and follow its advice.

The question is not "OH MY GOD WE ALLOW PEOPLE TO EXECUTE SQL IN THE BROWSER!" - it's "what security model is it executing that in?". Fact is that running SQL inside the browser is a very popular, useful and desirable feature (just because you see the potential security problems with them , it doesn't mean that the FEATURE to be able to do things isn't desirable).

And SQLite is pretty rock-solid. That's the first ever serious flaw I've ever seen in SQLite ever mentioned. Look at their security page above... do they sound like they are messing around and just slapping things together?

No software is fully bulletproof. But SQLite comes damn close. And is incredibly useful. Why operating systems don't offer centralised database functionality as part of the OS, I never understood. Everything from users to configuration files to program installation manifests should really be a database, meaning something DESIGNED to be query and modified like a database. MSIs and things do contain databases but not in the same format. A generic, OS-wide, database feature (even down to filesystems, remember the WinFS promises?) is something sorely lacking.

Bookmarks in a browser already use such a database (Opera's bookmarks were a plain SQLite file for what? Nearly the last 20 years? Not much software has that kind of testing behind it). You may disagree with the concept of WebSQL but it's not a Chrome-exclusive feature, and if you're implementing it, I'd damn well rather they used SQLite than MySQL or (ARGH!) MS SQL!

Note: I've banged on the SQLite backends with some programs I've written myself. A school full of kids sitting tests in a custom bit of software, each client literally spin-locking a central network SQLite database to add and query their results on the fly. It worked like a damn dream and was rock-solid. I'd rather ditch the entire rest of Chrome and keep SQLite than the alternative, any day.

Re: Well, if they can secure it, then it's okay, I guess

"More secure"

Than a handset?

Than a VPN over any public broadcast mechanism?

I doubt it.

If you worry about security, you don't care about the medium - you care about the measures necessary to secure it.

5G, in that regard, like all its predecessors would always be an untrusted medium for data, and most definitely for voice. It can *be* secured. You just VPN/SIP over it to a trusted endpoint from a trusted handset. Same as anything else.

Selling 5G on "security" is the worst idea possible. Nobody who cares would use it, nobody who uses it would care.

Re: So Tax Returned Limited

I think they introduced a law very recently which combats exactly that.

Specifically the ICO, I think, asked for it so they can chase directors and assign personal liability if the company has been declared bankrupt and avoided the fines they've imposed.

5G may be overhyped. But it's an inevitable requirement for the future.

It's only sensible to assume that, in the next 10-15 years, we will:

- Have more cellular devices online.

- Have more cellular devices per person/household (e.g. smartphones, smartwatches, GPS trackers, cars, smart meters, etc. etc. etc.)

- Those cellular devices will thus be more densely packed and need to share bandwidth.

- Some of those cellular devices will require greater speeds than are available today. Whether that's people streaming 4K movies, playing VR, website HTML sizes increasing, more live-streaming of video, or whatever, it's a reasonable assumption that they will use - on average - more data than today.

As such, 5G is necessary. For nothing else than it's capability to support more devices in the same areas using more frequency bands, with the total speed available to share out from each mast having to be more than at the moment.

It's not that people are complaining - people are satisfied. But you only need one "fad" (think "Pokemon Go / Tamagotchi / etc. but with something cellular-based") and if you have failed to prepare, the whole network will collapse for even today's use. And naturally there will be more things online tomorrow than today. Fail to prepare for that, and everyone's current capacity drops in proportion to the number of new devices. How long before you're buying a "Netflix box" or Amazon Fire Stick that directly streams over 4/5G and doesn't need to connect to your wifi at all? Especially with eSim technology, they could easily do that, and thus bypass issues with other cellular providers or their backhaul providers.

It's an inevitable and necessary upgrade. Hence, why people would hype it up, I can't understand.

I live my life via a 4G Wifi box and a smartphone. I literally do not have a landline connection (despite there being one in the property, it would cost more to activate and use, to provide a slower connection than I already get over 4G). If I can live your entire digital life without ADSL/VDSL/Cable today, then 4G is already viable to do this on. 5G just means that EVERYONE would be able to do so. I game, I stream, I have a SIP phone, etc. etc. Nobody even notices, you just join my wifi from a little box and you're "online". They even question the need for the box because I could just "hotspot" from my phone, they say. They know that... they use it themselves.

5G could easily make your "Internet" connection travel with you (so you can check your plane tickets from work, for instance, without filters getting in the way), and make landlines obsolete. It's far from a useless leap in technology (unlike, say, 4K/8K/HDR/etc. which will still sell millions of devices alone).

Literally, my only hope is that, with the new speeds and high-capacity, data prices will drop. I can get 40Gb for £22 a month. I actually use 90Gb a month on that package (it doesn't include certain streaming services). I really could easily burn through 400Gb in a month if I had the money to do so. There's no technical reason in the way of me doing so at all, even in the middle of a large city inside the M25, sharing the "connection" capacity with all the neighbours and anyone who walks past with a smartphone.

But if 5G gives me bigger data allowances, greater speed, and a more resilient connection using more frequencies, I'll buy into it. Whether that's a 5G SIM in my existing 4G box, or whether that's buying a special 5G Wifi box with eSIM, I know that I'd end up getting it.

In the UK both are.

You just may have to retain the original in order to prove its origin via headers etc.

(Hint: There's a reason that Exchange has a "legal retention" functionality. If they weren't binding, they wouldn't be able to form evidence of any kind).

There was a time when fax was accepted and email not, but when I moved house last year, I signed a lease agreement electronically, no problems. I pull my suppliers up on their failures via email records, no problems.

A country that doesn't have email as a binding contract now (provided, as with any medium, that the content is actually received and stored properly... anyone could fake a fax from any number the same way anyone could fake a fax from any email address) is probably a bit backwards.

If you'd accept it in court as evidence (and everything from Facebook posts to emails have done that in all kinds of jurisdictions), then it's fine.

With things like Exchange and the proper retention / audit options, it would also be almost impossible to claim you hadn't received it, too. Hell, a president is just about to be put behind bars and that'll come down to emails at some point, you can guarantee.

The question of "legal service" by email is slightly different, and that has been resolved (positively) for a long time.

Re: The right attitude

Agreed - most of the time.

If you say "press the button on the corner of the screen" to someone that grew up without computers, then they are going to look for a physical button on the display itself, not a virtual "button" in the corner of a non-tactile lit display.

But users can also be absolute morons too. I have more-than-one user for whom it has taken four years to grasp that they can use the scroll wheel rather than having to hunt down the window edge, find the half-greyed-out miniature and ever-changing box, click and hold and then drag down the screen, instantly jerking 50 pages at a time and spending an age trying to get it back to the page they were looking it.

And STILL, it's not their first action when they need to scroll, they don't get that they have to be in the right window (if you have ten scrollbars, how's it going to know what scrollbar you're scrolling?) and so when you have a scrollbar in a textbox on a webpage, the farce continues no matter what method they use.

Don't get me wrong, they're lovely people, just not the most computer-literate. But I wouldn't start by assuming they just *know* how a computer works.

My staff induction process consists of a first series of questions which are "What level would you like me to pitch this training at? You okay on computers? Happy for me to go at Warp Nine and you stop me if you don't understand, or you want me to lead you through it?"

Re: Not just O2

Station guard?

No it's more akin to complaining to the ticket office, and then being told "Not my fault, mate, we hire the ticket machine from Job Bloggs Ltd. I'm working for <insert rail company here>. Not my problem."

If you bought a product or service from O2, your only legal, financial and customer-service recourse is to them, or an ombusdman of their industry. I don't care WHY they're having problems (whether that's that they haven't paid their bills, that their suppliers are useless, that their contractors didn't turn or, or that heavy snowfall in the Outer Hebrides stopped the consultant coming out today). That's up to their business processes to handle.

My only interaction with them would be via the service they are contracted to provide, and are failing to do so.

In the same way that no court would entertain someone saying "Well, my contractors didn't deliver the goods, so I couldn't give them to the customer who sued me" (they'd just tell them that's their issue, and irrelevant to the case, they are still bound by the contract whoever their goods come from), customer service, returns policies, etc. work the same. They would actually get sued by the customer, and then they would have to sue the supplier to get their money back if that was the case.

You only have to deal with the people you bought the good or service from. You NEVER have to deal with any one of their contractors or manufacturers. Otherwise quite literally you'd be given the run-around between 50 different companies who all do one bit of the work, in order to fob you off as long as possible.

Bought phone from shop and it doesn't work? Take it back to the shop. It's up to them to argue with Samsung/Apple.

Bought phone service from O2 and it doesn't work? You shout at O2. They can blame anyone they like, it's their responsibility, choice of contractor and problem to resolve, not mine.

Otherwise, you'll literally end up being told "Yeah, well, your local mast is run by Bloggs Masts Ltd, who we paid to run it. We don't care. Speak to them."

Re: Automation does have its place

@Anon The guy in question was a highly-paid specialist IT consultant brought in to do disaster recovery on their systems... he had a year, a clean slate, virtually unlimited funds, new kit (everything from network switches to PCs to tablets to servers from the ground up), all the time in the world, and absolute control of anything he wanted.

He was brought in as "the expert" to set the tone for the system. I was hired later as the guy to "keep it ticking over" day to day. It took 6 months to turn that situation on its head.

Re: Pah - what's the point ?

If someone has to buy your business, it's obvious that:

- They know their original price was just there to scam you and until you complained, nothing happened. They don't care whether you get a good deal, they just want your money.

- They can't compete against the others in a fair comparison.

- Your company doesn't care about what they actually use, preferring to lay their business at the hands of a fancy dinner for the CEO.

All of the above are only ever symptoms of the same kinds of "who-cares" management.

If you're signing up for multiple years on the above basis, it's game over, nobody is ever going to change that in the contract term and then the "renewal" can be to ANYTHING else and still win praise ("It will cost us more, but that's because we're not locked in any more", "I found a better deal for us", "I negotiated with our usual supplier and got a discount", etc. etc.).

I've learned to just ignore it. These people have elevated themselves to a position where their failure doesn't matter, even if it appears as a huge percentage of the costs on the balance sheets. They could literally spend company money on moving manure around in a box and nobody would care, because they "make enough money" even with that. Totally ignoring that they could make *more* money if they didn't.

Every sufficiently large organisation ends up going this way, and there's pretty much nothing you can do about it except start your own company and cut that stuff out yourself.

Personally, every single clawing salesman I ever see is just a warning sign - if you want my business that badly, there's something wrong. The more you crawl and discount, the more you're just trying to play the human rather than the numbers, and the lower those numbers could have always been ALL ALONG.

I've actually got into arguments with salesmen about such things and told them I wouldn't do business with them ever again. They can't understand it, and all they care about is their commission.

Personally, my workplace has several dozen mobile phones with a provider who just resell Vodafone contracts. We are paying way over the odds for pathetic amounts of data, text, minutes, etc. and nobody cares. We don't have any special requirements, we have a handful of "SIM-only" things for GSM equipment, and we're paying £30+ a month for 48-month contracts with only 100Mb of data in some instances. We also pay through-the-nose for a "device fund" which we can use to get them to send us a new phone. They obviously scrape the interest off those as we pay all the time but only rarely request a new phone. They never have the phones we want. New phones are ALWAYS locked to their network. They take ages to deliver. They send a SIM separately days later (presumably direct from Vodafone in a way we could do ourselves!). The SIM never fits the handset. We phone up and then they send us a multi-SIM. Then we have to wait for that to arrive. Then we have to phone them back up and give them the SIM, IMEI etc. and they lock them all together. And they NEVER have records and I have to faff and keep track of SIMs, numbers, IMEI's etc. for them.

And yet, in my personal life, I deploy exactly the same kinds of devices, either on a £5 a month minimum rolling payment I can stop at any time, or a £25 one-off payment and pennies per text (for the GSM ones, guaranteed not to cut to you off just because you don't use them much). Unlocked handsets. SIMs that I don't have to tally at all. I could literally slice the organisation's monthly mobile phone bills by at least 5/6ths if I was allowed to, plus spend only half what they do on devices, and there'd be no difference in service (only positive), and I'd even move the numbers over if it was necessary. For that you'd get TEN TIMES more data, probably free phone calls, etc. and none of the lock-in problems.

But they continue to use them for reasons I can't fathom.

Re: Ah the Cloud

"Where does rain come from?"

Nice try...

***A*** cloud, or clouds.

Not ***THE*** cloud. Unless you live on Planet Cloud which just has a single blanket coverage.

Re: Is Daz in sales ?

"I put all my eggs in someone else's basket and have no idea where the basket is or what's happened to my eggs but I'm assured that I can get them back and look at them any time I ask to..."

Yeah... poor Daz, my backside.

At the very least you need it as an EXTENSION on in-house/on-prem, but not a replacement. That's just stupid.

Fortunately, the exact thing that Daz is suggesting (outsource the IT department to Microsoft) is likely the exact thing that will happen too. Not only is it "how to put all your eggs in someone else's basket", it's also "how to put myself out of a job even if everything worked 100% as I expected".

Re: "Up to"

And yet, as a mathematician, I know that what you're suggesting is basically just a charge per gigabyte.

And everyone would moan like hell about that.

If you pay, say, £30 a month, you might get 300Mbps / 300Gb for that. But you're unable to use it all because of the speed, so they charge you proportionally... then that basically means you're paying £10 a month for 100Mbps / 100Gb (because you couldn't have used all the data in the time you're given, so the speed and bandwidth are basically equivalent) and so on.

What speed you did it at is basically irrespective if you want to allow them to let you pay proportionally.

But sell someone a Internet connection on the basis of "we'll provide a connection, we won't tell you what speed it could reach, but you'll pay 10p per gigabyte" and nobody would touch you.

Sure, it might encourage them to up speeds as much as possible, but it wouldn't be long before people realised that actually they don't want that at all and they'd rather the kids couldn't run up a thousand pound bill because of them leaving Bittorrent running.

Much like happened with cellphone roaming charges, for instance. Which are... pay per Mb. Same thing, different scale.

Re: Would have expected this from a luser.

You'd think an infosec consultant would be able to install something to, say, monitor login accesses to her computer, or at the very least record footage on the webcam or something.

Because it would be really hard to go to court when your own evidence basically says "Oops, that happened when I pressed Ctrl-Alt-Delete to logoff not knowing that usually means 'reboot' in Linux", or "Nobody but me ever went near the machine".

I have 10+ ARM powered devices in my house, and I don't even try to buy them.

Two smartphones (not iPhone).

One GP2X (I used to develop for it).

One tablet.

One RPi.

One TomTom (defunct)

CCTV NVR

...

With the exception of the GP2X, these are hardly far from consumer items. I deployed 50 Intel Atoms a few years ago - they worked fine for office tasks, no problem at all. A lot of people who have Intel Atom don't even know they do.

P.S. Intel Atoms suck for low-power usage. I know of precisely one "RPi-competitor" board that they brought out to try to capture that bit of the market, and it's very unpopular. Even Mini/Nano-ITX with laptop chips did a better job 10 years ago.

Power = heat. Heat = cooling. Cooling = expensive. A rack full of ARM chips in the proper layout will reduce costs and, so long as it runs PHP and Wordpress, that's a vast, vast potential saving right that just for a bog-standard hosting provider. And, yes, you can get Intel Atom dedicated servers. Check out OVH/Kimsufi (same people, first/second-hand kit - it's second-hand because someone used them for years already).

Maybe not your use-case, but I'd happily pay for an ARM-powered PC with PCIe, SATA, etc. connectivity and Linux.

Not to mention things like Spectre and Meltdown. I think you miss that some of the most powerful chips that people use today are from ARM. Most people never max out their CPUs and when they do, Intel stuff just dials down to ridiculous speeds nowadays (Intel are still selling machines which are clocked at 1GHz as "4GHZ" machines... they can maintain 4GHz for only seconds under normal cooling arrangements). But their phones and other gadgets are doing tons in software and ramp up past those speeds just for playing with silly graphics filters.

While you were sleeping, ARM owns the mobile phone market, tablet market, is already inside the Chromebook / mini-book market, the games console market, has Microsoft making Windows for it, basically has the IoT market to itself, and is now edging into the server market quite happily.

What makes you think for a second that someone who stole your domain name would put their genuine home address onto the WHOIS when they did so?

If someone stole your bike, would you be expecting them to register it as their own on a public list of bike-owners? And if they did, would you assume those details to be correct? And if they did, would you pile into that person or would you be expected to - for example - go to the police/courts who'll determine who really has it, return it to you if possible, and you'll have precisely ZERO dealings with any ensuing law enforcement action beyond providing a witness statement (they won't tell you the criminal's home address!).

The equivalent here would be "file a complaint to ICANN". That does NOT need YOU to have public WHOIS information for every domain name in the world.

Your argument is one of the weakest arguments I've ever heard in my life.

Re: The traffic wardens literally just hand the ticket to the driver EVERY DAY,

"or just use common fucking sense. How else are you supposed to deliver beer barrels?"

With an appropriate licence to park in an appropriate and safe location. Generally speaking, double-yellows and double-red lines indicate a place where's NOT safe and appropriate to stop and deliver goods of any kind, let alone barrels weighing more than I do which need to be trollied down the street and thrown into a big hole in the ground.

Gosh, if only someone had considered that when they painted those lines and made lines that you COULD park on to deliver, but not just stop on, to ease the flow of traffic while allowing essential business services to proceed.

Moron.

Re: Hmm.

I think you're right.

I hate "sequels/remakes for the sake of it". That kills so many franchises for me.

Bladerunner, Total Recall, Ghostbusters, all kinds of things have been ruined by re-makes.

Very, very, very few movies series ever get the momentum going... I was honestly surprised that MiB3 was actually as good as it turned out (mainly cos I love the little time-guy character, and they cast the "young" K really well).

Even Aliens was killed by the "too many sequels" thing and they STILL keep banging on it and the Predator franchises.

Some things are just better left alone. Don't even get me started on "The" Italian Job...

Re: Exam question.

I know a secondary school science teacher who has literally encountered dozens of pupils who have no idea how a match works or how to light them and are shocked that it's actually a real flame that burns their fingers.

In one way, I see that as progress (kids aren't exposed to people smoking), in another way, it is quite worrying that they don't understand how something quite basic works.

Re: Not working here

There's a reason I signed up for another bank account and don't really use it... for precisely such instances where I can't get to money that I may need to. Monzo seem to be very good considering the account is virtually dormant. But guess who gets all my business when HSBC really affect something I need to do?

On the secure-key thing... I once had an interesting conversation. I'd lost the physical key calculator thing. I phoned up HSBC to get a new one. Oh, they said, you can just use your smartphone now. Cool, so I don't need the key thing any more? No... just sign up and get the smartphone app and it will generate codes for you. Okay... how do I sign up for that. Well, you just install the app and then put in a code from your SecureKey into it. The secure key I don't have? Oh, they said, you can order a new one from the website. Okay. How do I do that? "Just log in to the website". Okay, how do I log in? "With your usual details". Okay, what about when it asks me for the code? "Oh, then you just type in the number given on your security key calculator thingy". The one I haven't got? "Oh, you can order one on the website"

It literally took three people to resolve the logical fallacy at play. The solution was to post me a SecureKey, and a signup-code. And then I would use that PRECISELY ONCE to install the smartphone app.

And then they had the cheek to ask how I wanted it sent. Well, we can email or post you the code but the device will take 2 days to arrive. Okay... but... the code is useless without the key, right? Yes, but we can email you. What would be the point of that? Well, then you'd get the code faster. Yes but... I won't be able to use it until the key arrives anyway...

I sensed another infinite loop so I applied "goto: Just_send_me_the_damn_thing".

Re: Shock

Not really. They could sell a ton of kit whatever software you claim to use to manage your storage.

What's surprising is that the idea sounds nothing better than the kinds of things I was scrawling on coasters 20 years ago.

Hell, at one point there was a piece of software that you just ran on ordinary Linux/Windows clients - it took up a certain percentage of your disk space, spoke across the network with all the other clients and they worked out a way to manage all the storage such that X percent of the PCs had to be turned on, but that they could all take advantage of all the space storage doing nothing across the hundreds of half-filled client drives in any large organisation.

It was really cool. It worked. It also had enormous downsides (notably network traffic and resiliency and things like backups) and never became popular. It was a bit like DRBD but running on the free sectors of a support filesystem (which it just allocated as it needed them), with every computer a master and slave node simultaneously, and a bit of clever logic to make sure your data is replicated around enough nodes to stay up. Coupled with, in effect, a Samba server over a virtual filesystem that worked by requesting data from given nodes. And an almost DHT / peer-to-peer like network to make sure that any node could advertise the availability of its data and share in sending it to the right places on request at full line speed. And enough resiliency that Fred turning off his PC didn't really make a difference as he was only storing tiny shards of data.

It was, in fact, Samba-over-Bittorrent, really.

Now... THAT was a brilliant idea. What this was sounds like nothing more than standard data replication on the block level.

It's probably best off dead - UpThere only existed since 2016, had $77 Million of funding, 60 employees, and could barely replicate functionality that's present in Windows DFS, for instance.

Re: Be careful what you wish for

Much, much easier solution.

If you're director of a company that does these things... you can't be director any more.

If you're director of a company that declares bankruptcy... you can't be director of a company ever again.

If you're found to be a director again... jail.

The problem is not "company did something illegal"... it's that everyone involved avoids punishment for that and you can't send a "company" to jail.

So you fine the company. They fold. Now what? You need some kind of long-term solution so that it doesn't happen again, that hurts the people who did it.

And a permanent blacklist is really the only way. Sure, you can work round it with having someone else in charge but you have to a) find a mug to do that, b) not be found to be running the company, c) not run out of people to do that for you. And if they know they can be permanently blacklisted too, then they'll be more cautious.

We also need business credit firms to start DENYING credit to companies run by directors with bad histories. They shouldn't be able to get credit accounts and not pay suppliers, simple as that.

It's the 80's software house problem all over - form company, extract the urine, not pay anyone, disappear, fold company, sell assets, form new company, buy old assets, hire previous staff, rinse and repeat.

If once the company folded you couldn't start a new company, at least without convincing someone else to take the same fall from you, then you could break the cycle.

But, in absence of that, deliberately and knowingly breaking the law, whether as part of a company or in your personal life, should mean fines and jail terms for you too. Just because you were part of a company, shouldn't exclude you from legal liability when YOU deliberately and knowingly broke the law. In a huge multinational, sure, there may not be one person who pressed the "break the law" button. But in these firms, there's clear and obvious responsibility for who put that list into the call center and allowed it, and even on behalf of the operatives when they get told "I'm on the TPS, you shouldn't ever be phoning me".

I don't see why being part of a company should insulate you from the law - data protection has personal liability, health and safety can have personal liability, so why shouldn't deliberate avoidance of compliance with telecommunications laws?

In terms of FINANCIAL liability - yes, that should be limited. A billion dollar company going bust shouldn't mean every employee gets landed with a bill. But where they have broken the law, those individuals knowingly responsible should be prosecuted personally too - you can't prosecute or jail a company, only fine it.

I'd give them the choice. You can pay the outstanding company's fines from your own pocket even though it went bust. Or we can prosecute you personally as if you were the entity responsible, because you were the person in legal charge of the entity responsible.

Then, maybe, such illegal actions wouldn't carry from chairperson to chairperson unnoticed. Taking over a company means you have to purge all illegal actions, or at least be seen to be doing that as well as can reasonably be expected. Not just carry on and take the fine.

P.S. this would trickle down to things like delivery firms that "just pay" parking fines they incur as part of their business. There's no point having a parking restriction that you can just ignore. Start taking their vehicles off the road and putting points on driver's licences for doing it.

If you're only enforcement of an illegal act is a fine, and that fine can be avoided by folding with no penalty whatsoever, and the person who folded the company can just start another literally the next day and carry on, then the system is flawed. It would be like never putting a single person in jail or arresting them, just fining them, and then watch as criminals murder people and pay a fine, or just declare bankruptcy, and then go out and murder again, knowing it'll just be another fine.

If it's illegal... stop it. Don't give them a financial slap that literally doesn't affect one employee in any way, shape or form and can just be accepted as a natural consequence of business.

I game over 4G.

It's fine. 30-50ms usually. Of course it spikes, but then if you game over wireless you're getting bigger spikes all the time and I bet you didn't notice those (seriously... run a constant "ping -t" to your wireless router IP in the background, go and play a game, come back and I bet it's not "1ms" constantly as it would be on a wired connection).

5G will lower it further but it's already more viable than most people's broadband.

(P.S. I run game servers, and everyone always used to moan about how low my ping was "because it's in his back room"... er... no... my servers were in France, I was in the UK... I just don't have junky wireless, I QoS my gaming packets, I have a good, well-managed connection, and other users even on my local network blasting the connection into oblivion don't get to stomp over my gaming ping... I was going through an ordinary ISP, to a foreign server, same as everyone else, and getting sub-10/sub-20 pings all the time. So, trust me, I'd notice if 4G pings were atrocious, because that's all I have nowadays.).