Posts by Lee D

I quote sources that aren't definitive, but I'm sure you can find confirming facts if you dig hard enough.

2015: "Shipments [of Android smartphones] dropped to about 205 million"

2015: "iPhone sales ballooned to 74.5 million in the quarter, a gain of about 90 percent from the third."

Even with 90% growth this quarter, iPhones are being out-sold 2:1, nearly 3:1. Even today.

And Samsung make 95% of those Android phones.

So, not saying you can't sell phones without them, but the people selling Android phones that (in the majority) allow SD cards and removeable batteries are TWICE as popular as iPhone. And that's in Apple's best (and Samsung's worst) quarter.

Please, stop believing the iPhone hype. For every guy out there with an iPhone, there are three with other models of phone, and they probably collectively cost less than the iPhone did. The same applies to tablets / iPads.

Sources:

http://www.cnbc.com/id/102417855

http://www.slashgear.com/samsung-dominates-95-of-android-phone-sales-say-analysts-15282170/

Re: Phew...

Come on guys.

SSL takes MINUTES to purchase, a pittance per year, and then you can slap it into the website in a week if you need it. No-one's asking for a full security review, just a HTTPS on the form that submits.

You were able to piss about with Pratchett HTTP headers in your Apache easily enough, adding a duplicate site under SSL takes about ten minutes.

Even applying the "do-it-semi-properly" corporate multipliers, it's shameful that this still isn't done.

You can't report on other's security misgivings when you can't even manage to get close yourself.

Re: Road user charging

To use a car, you have to do this thing where you go into a public area and follow public roads where there is almost no restriction on the amount of cameras there can be or what can be recorded.

To use a car in Europe, you can either a) avoid all motorways or b) you have to pull into a toll every exit / motorway change and pay a toll (sometimes directly, sometimes by taking a card and paying at the other end, or sometimes by having to have a particular electronic tag).

To use road charging via satellite, you'd have to retrofit every single vehicle with an untamperable black box that ties into the location system, the telecoms system (GPS etc. DO NOT talk upwards!), and have some form of readable unique ID. That's quite expensive, even as a mandated item in new cars, and would take DECADES to deploy. It would also have to be Europe-wide, presumably. Nobody's going to sneak that into a parliamentary bill as a side-item. (And, no doubt, if they did the penalty for disabling it would be harsher than any charge they could put on you for using it). Nobody is going to launch an entire satellite system at the cost of billions on the basis of recouping their money on a system which will likely cause all kinds of dissent once it's mandated in cars, even if other countries accept it quite happily. That's NOT what Galileo is for.

To be useful for road user charging, Galileo would have to be more efficient than the road-toll system, more accurate, cheaper and actually do it. In fact, Galileo is merely something like an order of magnitude more accurate than GPS, which is already more than accurate enough for road charging. There's nothing stopping GPS being used for road charging TODAY. But we don't have a sniff in that direction because it's political suicide (watch the news over the years, listen out for hints like this, see how many are probed by the government to gauge public reaction and then never mentioned again - e.g. 80mph on motorways - NOBODY wanted it, which annoys me greatly as everyone then whines about speed camera deployment etc.).

My European friends are already shocked that ALL the tolls in the UK are not only optional, but also quite tricky to find if you don't know the UK and easy to avoid if you want to. Seriously. M6, Dartford, Severn, everything else is completely bypassable and even those are no great burden to avoid if you want. I was struggling to name toll roads beyond that when they asked.

Why is it that just because it's a car, it's somehow ingrained in your consciousness as more important than all the other freedoms you're having methodically stripped from you? Personally, I pay a couple of hundred pounds in "road tax" every year. That's a pittance. I pay more tax on my phone contract than on my car usage, and that includes the price of a phone! What's that equate to? Fixing one pothole a year? And then you have tax on fuel, which probably pays the wear my tyres cause to paint on the road and not one percent of the cost of the shit my car spews out.

My Italian friends pay a road tax, the same for petrol as we do (almost to the pence when you convert from Euro to pounds), and they pay at EVERY motorway change they ever make. You go one junction and you pay. You go change from major motorway A to motorway B and you pay again. And there is often no viable alternative whatsoever.

And do you hear them moan? No.

If you think Galileo is there to charge you for road usage, wait ten years. If there is road usage charges, likely it'll be a manual system (like tolls) like EVERY OTHER EUROPEAN COUNTRY HAS. Fancy technology in your car won't filter down to the populous for decades at least, even with mandatory laws. And certainly not if it relies on positioning networks that can be jammed and communications networks out in the middle of nowhere to talk back.

Honestly, paranoia is fine, but this is just rubbish.

What's Galileo's purpose? To tell the US to stuff their GPS systems up their bottom and provide more profit in scientific data and commercial usage (planes, boats, etc.) than any amount of road tax could generate in it's lifetime.

Re: My wife's car has automatic headlights.

If you need to be seen, sidelights.

If you need to see, headlights.

If you "don't notice" for several hundred yards, chances are you don't "need" headlights, as such.

That said, if your car doesn't put at least sidelights on at the first sign of dusk, you're going to be run into, and it's almost certainly a problem with your car. That you notice means that you are driving fairly responsibly, though.

I'm torn. I only buy cars that are almost entirely mechanical - it's impossible to get ENTIRELY mechanical nowadays. I just don't like the car second-guessing me. But I'm also one of the few people I know that would happily slap average speed cameras on every street corner, and tie them in to alert nearby police to cars with false/invalid/hidden number plates, so it would be almost impossible to speed without flagging up something somewhere with your name on it.

I don't speed. But equally I don't want the car DECIDING that I'm speeding when actually I'm not (how does it deal with, for example, side-road speed limits posted on the main road, "20mph limit in one mile" etc?). I work in IT and just don't trust the equipment enough here to let it do such things, even with an override - that just adds to the confusion in such situations where the pedals don't correspond to the driver's wishes and then - all of a sudden - do.

I implicitly trust ABS, traction control, engine management, airbags, seatbelts, etc. They are fabulous technologies that save lives in one way or another. But equally I don't trust the car to actually choose how to drive. If I brake, ABS ensures that my braking is as efficient as possible. If my wheels spin, traction control will manage those wheels to ensure grip on the road to try to conform to my desire to accelerate / brake / corner. If I hit something, seatbelts and airbags will perform drastic measures to ensure that the damage to myself is as low as possible in such an extreme situation but not active otherwise.

It's the parts where cars attempt to detect the situations where you DON'T take an action (e.g. automatic emergency braking, automated lane control, even cruise control) and do it for you that I don't trust. There might be a good reason not to (I'm heavily of the opinion that it's BILLIONS-TO-ONE against the human NEEDING to accelerate in an emergency situation unless they'd be an ABSOLUTE pillock of a driver just seconds before anyway).

Cars, like computers, should do what they are told. You can help me do what I've told you to, that's fine. But the second I stop telling you to, you shouldn't suddenly decide that you must anyway unless it's absolutely, and assuredly, life-critical (and that has an entirely different standard of testing).

I'm not a fan of the middle ground. Let me drive the car and take responsibility for it, or don't. Don't put me behind the driving seat, telling me it's all my fault if something goes wrong, and then take away control. Automated car or manual car, not the in-between.

Re: Call centres.

Once had one calling to sell me telephony services (specifically VoIP).

Line was so bad, I made them call my mobile.

Line was still bad, made them call the workplace landline direct.

Line was still bad, told them I'd never touch their products if they can't make a coherent phone call themselves in order to sell it.

Re: not enough runtime

The end conversion is more efficient but you're still pulling DC voltage from somewhere at some point - so you have to weigh up - efficiency when you're running on battery versus day-to-day efficiency. AC is, I believe, more efficient to transport around a building.

However, some datacenters and telephone exchanges have been on (as you point out) -48VDC for years. The hardware is available. Nobody uses it because it's not that much better than just a cheap PSU on a 240v line. And any electrician can come in to sort out the 240v, not all of them will touch deadly voltages at DC (hint: the reason we use AC is that, if it contacts you through Earth, you have a good chances of being able to let go as your muscles spasms rather than contract tightly as they do under DC - My father worked in garages that service lorries for decades, it's common practice to have a large piece of wood "on standby" should someone bridge the (DC) lorry batteries, because you literally have to whack their body away from it).

The fact that what you suggest doesn't happen en-masse and automatically everywhere tells you that there are problems with it. The circuitry to generate 240v AC from 12v DC is actually commodity hardware. The circuitry to distribute and step-down huge DC voltages is not.

And PSU UPS aren't unusual. Hell, you can get ones that go in empty drive bays and all sorts (don't Argos sell ones in the extension lead itself?). The "simplest" solution is often the best, even if it's the most technically complex. And 240v AC works everywhere and is available everywhere and doesn't require specialist rack units and "just works" and UPS to generate it are bog-standard.

Codebases.

The "old" Opera codebase has been squeezed out. All the developers have gone on to other companies (e.g. Vivaldi browser). There's nobody left at Opera who can manage that code, so they basically started the rewrite that has been released as the new versions of Opera (anything past the 12 series).

That's why the new Opera's are junk. That's why they can't put back in old features into the new Opera.

That's why they can't manage the Opera Mini code that hasn't been updated since. That's why they have had to buy another company out, to buy the talent back in.

The domain name was:

localtownlocaldistricttypeofschool (.mobi, .info, .whatever).

If someone cyber-squats on TLD's like that, it'd only take a second to kick them out as "passing off".

But, no, the alternative is to buy EVERY POSSIBLE TLD? Sod that. We gave up after two and just made it clear which one was us.

Re: El Reg has jumped on the bandwagon

Don't want to crow about this (well, actually I do, but saying that excuses the following) but it's not that huge a deal to roll out a Beta site that does this.

I mean, really, IPv6 Day proved that you won't break anything just by enabling or pushing an AAAA record. From there, it's just a case of opening up port 80 and 443 on IPv6 IP's. From there, you have a beta copy of the site from the same Apache servers. From there, it's just a case of asking us to trial it so we can break it while you fuddle around with scripts and logs and all those nasty hard-coded things.

While there, a cert from a CA plugged into the Apache config would at least enable it, and securing, say, just the login form would be a welcome addition.

I realise you may have cloud, failover, load-balance, etc. on such a site but, really, it's not like a 5-year-plan kind of thing so much as a couple-of-weeks to start a Beta and the year following to check it isn't going to fall over and you have hardware to cope with the strain. And we've (I've!) been crowing about this for a bit longer than 5 years now!

Re: RFC 7465 - Prohibiting RC4 Cipher Suites

RFC is a request for comments.

Not a standard. Though it might evolve into one.

I've seen the California driving licence. "Federal Limits Apply" is (not exactly, but is well known as) the code for "Illegal Immigrant" there. In fact, some of the more unscrupulous work party collection mobs will check the ID for that line to make sure you are an illegal before they pick you up...

http://www.cbsnews.com/news/california-opens-drivers-license-applications-to-illegal-immigrants/

This guy did it 5 years ago, I didn't know him 15 years ago. However, it may have been longer than a year, I did just guess at that, but he went around the world for years anyway before going back. The story may be exaggerated but is not "untrue" - the guy was variously arrested for going up the down escalators and down the up escalators, and "looking at the white lines in the middle of the road", etc. so it's not prima facie evidence.

Re: The last books and testament

Like Japanese TV series, try to end on a high. Don't drag it out, eeking every ounce of nostalgia out of it until the series is over half junk. Let it go, let it finish, and then enjoy what it was forever. Rather than wishing for what it could have been "if only".

Some things OUGHT to come to an end. I'm sure Sir Terry had at least one thing he wanted to see end, himself. Let it finish, be magnificent and the work of a genius front-to-back forever more, not some watered-down sequelled-to-death money-grab.

But, to be honest, I couldn't even stand the TV adaptations.

Some things should just stay in books. And some books should come to an end. Hell, some books shouldn't ever finish completely (good and bad).

Let it die with Sir Terry, and be his.

Cold-calling sellers will dial 110% of the numbers their staff can handle at any one time. This is so that there's ALWAYS a live call waiting to be dealt with no matter what. They will not waste a second of their call centre operatives time waiting for another number to dial up. Like overbooking on plane seats to ensure you always have a full plane.

This results in silent calls when there are too many live calls and not enough operators taking them. And rather than leave you hanging, put you on hold, or put you through to someone, they will just cut you off after a time because that way they "spread out" the annoyance they cause with them so no one person complains about dozens of phone calls. Below a certain amount per day, this is actually still legal to do (as stupid as that is).

It just means that the call centres break down their operations to many tinier call centres, such as the ones in the article, so they can get away with 10 companies making phone calls constantly and making a thousand silent calls each, rather than one making 10,000 silent calls.

In answer to my own question, having purchased a unit, it's no noisier than 4 hard drives and a fan is normally.

However, if you buy one, keep this reference to hand:

http://commonmanrants.blogspot.co.uk/2014/01/buffalo-linkstation-partition-not-found.html

The machines DO NOT like disks with existing GPT partitions and seem to store their firmware on the array somehow. I've had to wipe all my disks back to zero to get it to recognise them to boot up initially and even then it was a massive faff involving the above because of the dreaded "emergency mode" that it shipped in.

Other than that faff, it seems to be quite good value.

Re: VLK

Who cares?

What it's saying is that to know if it's already running on a computer, it makes a mutex called by something (similar to, but probably a hash of) the GUID of that computer. It might end up with the same mutex on two machines, but who cares about that? All it needs is to know if it's running on THIS machine already without giving the game away with VIRUS_MUTEX_1 showing up in its code.

And, sorry, but any decent install with a VLK should still be giving unique GUID/SID's - that's what sysprep.is for.

Re: Whoa

Sigh.

Yet another morning where I have to warn my users about 30-45 minutes of downtime if they dare to reboot in the middle of the day or turn off their PC at night (which I've asked them to do).

Time to start cherry-picking the important ones to make a week of tiny updates instead of one globular mass that's likely to take out every PC on site.

Why would an employment blacklist be illegal?

The employer chooses who they hire and in this case they have employed these people, had their trust breached, and then refused to ever hire them again.

Schools, police force, army, hospital, politician, law, you name it, there are "blacklists" all over the shop and all legal.

What you can't do is discriminate on certain grounds (colour, age, ethnicity, gender, etc.) but if you've employed someone, found them inadequate, and then refuse to employ them again in any of your branches, that's up to you. And the police force, as a whole, are one of the places where you WANT a blacklist because you don't want them going to another police force and doing exactly the same thing.

Pity, however, that the actual art vs cost value of them is diminishing rapidly.

I don't get the copyright extensions, the "Disney" laws, etc. at all. The only explanation is lobbying and pandering to the industry.

Working in schools has shown me some light, however. If anything, we are teaching children to grow up in a world where content-sharing is the norm and anything and everything is available for download for free. I can't think of a better justice for all the years of copyright heaviness than an entire generation of people who are STILL surprised that you are supposed to pay for using a font, for example, even if you can download it for free.

Copy-and-paste from Google to Word for use on a poster is seen as the norm, now, for images and text. Nobody bothers to police it in schools any more because it's just become ordinary.

Go into any school, look at the displays. If you don't spot a copyright violation (maybe you could claim fair-use or educational-use for some things but I bet the copyright holders would disagree if you were to ask!) in five minutes, I'll be amazed.

Hell, have you SEEN what it costs to comply with some of the licence requirements for putting on a simple school play from a known text? Time, effort and money.

Stop speeding and stick to the driving laws of the country you're in. Pick another country if you disagree with them.

Why, when it's driving, do we all suddenly feel the urge to break the law but NEVER campaign to, for example, raise the limits (the 80mph on motorways proposed in the UK was shot down due to complete lack of interest) if we want to drive that fast? What is it about cars that makes us magically want to break a clearly set-down, long-established number?

Stick to the limit. Then it doesn't matter if you have a speed camera every foot of the road that's entirely invisible and you're not allowed any devices at all. Or the complete opposite.

Honestly, people, I'm not a goodie-two-shoes but every time I discuss this, people take offence at the suggestion that they should just keep it under 70 rather than bitch and moan about what colour the pole was that the camera which caught them was attached to.

Re: A Web Site To Check Your Own DNS Settings?

Exactly.

There's a few reasons why, when I deploy a web proxy in a workplace, it sits as a bridge and transparently proxies all web AND DNS to only its proxy server or a preferred DNS server.

This way, such things cannot be messed with. Even if you change your client DNS or decide to use OpenDNS or WHATEVER you decide to do, web access (and, optionally, all DNS access) is automatically caught at the default gateway and redirected to a filter that makes sure it ONLY goes to the authorised server.

I've had similar setups in several schools now. Doesn't matter what you do to your device to change the DNS servers you're trying to use, you end up using the ones I set and no others. Doesn't matter what tricks you try, if you go out on port 80 or 443 to ANYWHERE, I know about it, can record it, modify it (not without SSL noticing or trusted client certificates, of course), and block it.

And this is just another reason for DNSSEC.

You probably already have to do DNS proxy anyway if you're a commercial place with VLAN's, so why not just ensure that all DNS is proxied only to your internal servers, and that your internal servers are only allowed DNS out from them to their chosen DNS servers.

Seriously, you don't want to allow someone to forge DNS on your networks, especially if TLS etc. are dependent on DNS being authoritative. In my opinion, nowadays that's worse than a bucket of rogue DHCP servers... at least the tools to just block those from ever working are in every managed switch.

Re: VAT Fraud!

I didn't make the rules, or claim they are perfect, and there are so silly exceptions.

But all fuels and energy supplies are at a reduced rate of VAT. Plus, there are specific benefits that counter-act such things. So it's certainly RECOGNISED as not being a complete luxury or it would be at full VAT. Energy for business use is full VAT, for example.

All gambling is exempt, for instance, but that's charged much more duty elsewhere. I believe that's an administrative issue where it costs more to mess about working out the VAT reliably than just making it exempt and charging other tax elsewhere on the same thing with something that's more easily calculated.

Please note: I do have 30-40Gb images running every user in an entire school, with every driver and every piece of software on them, on 320Gb hard drives to give people a bit of leeway on profile size etc.

My C drive on a machine I imaged for myself last week is using 60Gb already.

Install a couple of games and you can add 20-30 Gb EACH for some of the AAA titles.

But you know what something like 70% of my active storage is comprised of? Photographs. 18Mpixel huge damn JPEGs in their thousands, thrown into a folder.

Two years worth will fill up any 320Gb drive that our computers come supplied with by default (and we buy low-to-mid-end business machines for clients).

On Amazon, you can get a 1Tb external drive for about £50. I do not know of a single computer user that does not have one "to put their photos on". And there's a reason they have them - they fill up their machines with them.

We're not talking power users, gamers, or anything else here. We're talking using the computer as your first go-to storage for anything. Sync an iTunes library and you can end up downloading 10's of Gigabytes. You don't need to be a power user to easily fill up a few hundred Gigs of machine within a year, and power users are more likely to know how to properly manage storage than any.

Sorry, but my latest batch of machines comes with 1Tb drives by default for a reason - even on low-end hardware. For business purposes, our databases are in the 10Gb or so area with a few terabytes of total storage for hundreds of users. I have MORE than that at home just in photo and home movie archives. People's personal storage is HUMONGOUS nowadays, far exceeding anything they'd have or need in work which tends to pertain to... well... only work, and they don't realise they are syncing their entire photo store with cloud providers etc. all the time and then syncing that back down to their PC's.

And my biggest storage users are people bringing in photos, syncing their Google Drive, DropBox, iCloud, iTunes etc. accounts and accidentally bringing down their entire dozens-of-gigs home photo archives.

My dad is a complete non-techy. His computer doesn't even have office as he never writes a letter, he just uses it for browsing. He's not a photographer, or a videographer, and doesn't have any fancy photoshop or anything like that installed. He's bought two external backup drives to my knowledge, because he filled up the laptop to the point nothing would install, and then filled up the data partition on it that he didn't know he had, then filled up the first external device he bought.

Home movies every time you have the grandkids in the park, and a thousand 18Mpixel images from every trip you go on will push you into the 1Tb territory in NO TIME AT ALL.

I'm honestly surprised at the response. I thought I was doing well to only have 2Tb of live storage. I know techy people with 24Tb RAID arrays in their houses who curse that it's so expensive to go any higher.