* Posts by IanRS

169 publicly visible posts • joined 24 Sep 2013

Page:

Outback shocker left Aussie techie with a secret not worth sharing

IanRS

Re: Rewiring the town hall

I remembering doing some first aid training, also about 40 years ago, that involved the correct use of a broom in treating electrocution.

Meta faces multiple complaints in Europe over plans to train AI on user data

IanRS

Will your right to object be effective?

I've gone through their right to object process, which is pretty deeply buried. You have to provide a reason why you do not want them to use your data, which they will then consider, and may reject. What are the odds that every objection is somehow overturned?

Thanks for coming to help. No, we can't say why we called – it's classified

IanRS

Re: 1 in a million scenario

Just got back from the EMF festival (emfcamp.org). Blinkenlights are compulsory, on everything. Except the very good pizzas.

China shows off machine-gun-toting robot dog and its AI-powered puppy

IanRS

Re: Charge! (at the nearest power outlet)

Isn't the price of a 'Spot' somewhere under $100K. To many military forces that is a disposable item, considering that many advanced missiles cost $1M+.

Google, Apple gear to raise tracking tag stalker alarm

IanRS

Re: Tracking the trackers

Only if you don't put your phone in flight mode.

What's Latin for "Who tracks the trackers?"

Valve vexation: Boeing's Starliner grounded again

IanRS

Re: This Boeing grounded itself

Quite likely, but still not good timing for Boeing with the current FAA investigation still active.

IanRS

This Boeing grounded itself

https://www.telegraph.co.uk/world-news/2024/05/08/boeing-plane-makes-emergency-landing-as-fails-to-deploy/

The nose gear failed to open, so the pilot had to make an emergency landing. Fortunately, nobody was injured, but I suspect the underside of the plane might need repainting.

Block accused of mass compliance failures that saw digi-dollars reach terrorists

IanRS

Likewise, the time to check whether a user is on any sanction list is when the account is created, not to wait until the money is on the way.

Software support chap survived breaking his customer

IanRS

He started that way, but slimmed down to the 0Gig.

City council audit trail is an audit fail after disastrous Oracle ERP rollout

IanRS

Re: And the quality award goes to

Back in the days when I was a real techie, rather than an architect, I occasionally had clients who wanted an IPS installed. If I already had a good working relationship with them I would ask whether it had to be functional or just auditor compliant. A worrying number, mainly in the financial sector, just needed to be auditor compliant. "Yes, we have an IPS." "Yes it is running" Just don't ask if anybody looks at the reporting dashboard.

Change Healthcare faces second ransomware dilemma weeks after ALPHV attack

IanRS

Legality of paying

US law does not currently prohibit paying a ransom for people or goods, and data possibly falls under 'goods', but it does prohibit paying people or organisations on various sanctions lists, which can include known members of ransomware groups or the groups themselves. Hence paying a ransom may or may not already be illegal, depending on who gets the money.

Yes, I did just crash that critical app. And you should thank me for having done so

IanRS

Re: Proper testing

I once had to come up with tests for a file transfer system which had to move files around in such a way that after a file was transferred it was removed from the source system. i.e. The intact file should only exist in one place.

Test 1) Start the transfer of a large file. Part way through, disconnect the network cable at one end . Check that after the failure is detected the file is still on the source system and the partial file has been deleted from the destination.

Test 2). Start the transfer of a large file. Part way through, disconnect the POWER cable on one side, then the network cable. After repowering, check that the file is still on the source system and the partial file has been deleted from the destination. Repeat the test powering off the other side.

The project manager would not authorise the second test. "Something might break."

Record breach of French government exposes up to 43 million people's data

IanRS

Too little, too late

"Also, as soon as we became aware of this intrusion, we took additional measures with the Cap emploi network to strengthen our systems for protecting access to our applications by our partners."

i.e. As soon as the horse had bolted, we shut the stable gate.

Bullitt Group had $256 cash in the bank at the end, PWC reveals

IanRS

Re: That's cheap

Lunch

Logitech MX Brio 705 – where Ultra HD meets Ultra AI

IanRS

4K?

What is the point of a 4K business-focused webcam? If you are talking to a network-distant person whatever conference software you are using will reduce you to a low resolution blob, and if they are within a high-bandwidth low-latency connection distance, then you might as well walk across the office and visit them. I'll stick with one costing no more than a quarter of what this one does.

Capita wins uncontested extension to mega millions Northern Ireland Education contract

IanRS

If the constant extensions without reprocurement are allowed because the extension cost (£546M - £350M = £196M) is thought to be less than half the cost of the original value (£350M), then somebody has failed their maths homework.Capita provides services to their normal standard then.

Apple promises to protect iMessage chats from quantum computers

IanRS

Re: can be done in only six weeks

Yes, it has been successfully used to demonstrate that 21=3x7. Factoring 35 failed. Other much higher numbers have been factored by QCs, but these have all been special cases that other algorithms can solve.

BOFH: In the event of a conference, the ninja clause always applies

IanRS

Re: You have to know the obscure rules ....

I suspect the BOFH and PFY are more inclined to a style more like Calvinball rather than Mornington Crescent, but the grown-up version where not knowing the rules can lead to serious injuries.

Work for you? Again? After you lied about the job and stole my stuff? No thanks

IanRS

Re: "And to this day, the more he dislikes someone, the more polite he is towards them."

Life is too short to bear a grudge. Therefore you need to make it a really intense grudge if you only have 40 years left to bear it for!

IBM Consulting is done playing around, orders immediate return to office

IanRS

As a consultant (but not working for IBM) I have always been under the impression that your primary task is to provide services to the client. On that basis I have worked where the client wanted me - sometimes their offices, sometimes WFH. Strangely, no client has said that I would work better from my consultancy office.

Boffins demo self-eating rocket engine in Scotland

IanRS

Judging by the activity at 1:37, they didn't.

HMRC launches £500M procurement for new ERP, though project's already a 'red' risk

IanRS

Re: FFS .... yet another ill-defined vague 'Request for Magic' Project.

But these processes are 'intuitive'! I suspect that really means undocumented.

BOFH: Just because we've had record revenues doesn't mean you get a Xmas bonus

IanRS

Re: In the glorious past

Sounds similar to a bonus I nearly had some years ago.

You get a bonus if you meet your finantial targets. My devision met its targets. The UK business as a whole met its targets. The European side of the business met its targets. The merkins didn't, so nobody got a bonus.

Government and the latest tech don't mix, says UK civil servant of £11B ESN mess

IanRS

Re: Hot Air

It does not matter which party is calling out directions, because the same background bureaucracy service (they stopped being civil a long time ago) is driving.

Telco CEO quits after admitting she needs to carry rivals' SIM cards to stay in touch

IanRS

Re: DR Strategy

There is a story, perhaps apocryphal although I have been assured at least parts of it are true by people who should know, that a telecom facility covering quite a large region died, and when the NOC tried to contact the nearby on-call engineers they could not get through, because the engineers had mobiles on that network. The post-incident review recommended that engineers should also be reachable through another network, and this was taken up. Perfectly sensible action.

Given that the facility was in Basingstoke, the kit probably died of boredom.

Introducing the tech that keeps the lights on

IanRS

Data diodes 15 years ago

I had cause to work with data diodes between different security zones about 10-15 years ago. They were made by linking 2 PCs with an optical fibre connection, but instead of the normal dual link (TX to RX each way), there was only a single link. The TX laser diode on the non-transmitting side, which could be high or low side depending on the requirements, was desoldered from the network card. It had to be replaced with a suitable value resistor, as if there was no current flow the network card raised an error.

The downstream PC was always the more capable hardware. Since there was no flow control or error feedback between the PCs, all data transfers were done by a UDP based mechanism and the receiver needed to be always able to keep up with the transmitter. I believe there was a checksum mechanism in place to confirm successful bulk file transfer, but retry requests needed to be sent through the sneaker-net interface.

4,000 days of Curiosity: Rover still 'strong' despite worn joints, vision issues

IanRS

Re: american rover worn out after driving short distance

The normal wind speed is low, but it can exceed 30m/s in a storm. The atmospheric density is pretty low, so a fast wind would not impose much of a push on the rover, but it can still move light stuff, like dust and grit, around and leave it in places that engineers would prefer stayed clean.

Word turns 40: From 'new kid on the block' to 'I can't believe it's not bloatware'

IanRS

Re: I would not want to be on the Word dev team today

They will be busy integrating some form of CoPilot, aka The Return of Clippy.

"I see you have downloaded LibreOffice. Let me delete it for you."

Police ignored the laws of datacenter climate control

IanRS

Boom

At least it did not blow up. Or in, or out, or any other direction.

22 million Brits suffer broadband outage blues and are paying a premium for it

IanRS

Re: WiFi or broadband?

This is exactly why I have built an internet status widget (ESP32 with OLED display onboard) which reports one of the following connectivity statuses:

No Wi-Fi: Check Wi-Fi router is running

Wi-Fi linked, but no connectivity: Check Wi-Fi router is running

Only to Wi-Fi router: Check Wi-Fi and VM boxes

Only to VM modem: Check purple bar on VM box

Only into local VM network: No local fix

Full connectivity: Be happy

The only thing it cannot check is the VPN gateway at my wife's place of work, so guess what is the leading cause of my wife yelling "The internet's down" when WFH?

Google Chrome to shield encryption keys from promised quantum computers

IanRS

Re: Teaser......Diffie/Helman might be more secure than described......

The two 'standard' algorithms that use QC to break current cryptography are Shor's and the less famous Grover's. Shor's algorithm is the one that is meant to factor large prime products, and so break asymmetrical key pairs, and Grover's algorithm provides a short-cut method of attacking symmetrical encryption, reducing the time needed to the square-root of the brute-force time. This seems good, but is equivalent to halving the key bit length. e.g. Reducing AES-256 to AES-128, which is still secure enough for most purposes. Unless I've missed a new success for Shor's algorithm in the last year or two, the best it has managed so far on a real QC is showing that 21=3x7, and even that needed a bit of help.

There are much higher prime products which have been factorised by a QC, but they all fall into a special case group that can be handled by a different algorithm.

Let's play... Force off the power to someone else's datacenter systems

IanRS

Re: So hard, yet so simple

It is said that any piece of software contains at least one bug, and can be optimised to be shorter by at least one CPU instruction. The conclusion is therefore that all software can be reduced to a single instruction, which does not work, so probably NOP.

Indian developer fired 90 percent of tech support team, outsourced the job to AI

IanRS

Re: Hope MS are listening

I assume MVP means something like Microsoft Verified Professional or similar style 'qualification', but I always see it as Minimum Viable Product - too much exposure to inappropriate Agile practices. Having thought about though, I don't see why my interpretation should be seen as inaccurate.

Is it a drone? Is it a balloon? Whatever it is the US warns locals not to let them fly in Iran

IanRS

Re: Beware drones carrying genies

My A level chemistry teacher made the NI3 for us. Doubt it would happen these days, unfortunately.

Scientists think they may have cracked life support for Martian occupation

IanRS

Re: How about plants ?

No one would have believed, in the last years of the nineteenth century, that...

Feds, you'll need a warrant for that cellphone border search

IanRS

Re: I think I get it...

If the exception applies within 100 miles of a border and an international airport counts as a border 'point', then surely the circles on that imgur map should have a radius equal to the thickness of the border stripe. They are slightly larger in diameter than the stripe, but certainly not twice as wide.

ENISA leans into EU-based clouds with draft cybersecurity label

IanRS

And who will care?

If 73% (top 3 providers) of the market cannot get your special sticker for their product without giving the crown jewels away, then they simply will not join your scheme. If the top providers in a market do not meet a particular criteria, then that criteria will not become a requirement for any kind of procurement where any thought is given to realistic requirements (rare, I know). Hence 'ENISA certified' will only ever be required by EU government projects who will then end up with just the bit-players in the arena who cannot play at that scale and government projects will take even longer to deliver. However, they will of course be so much more secure.

You can cross 'Quantum computers to smash crypto' off your list of existential fears for 30 years

IanRS

How many years away?

I strongly suspect there will be a very similar wait for usable quantum decryption as there is (and has been) for usable nuclear fusion. All the practical problems will be sorted out in twenty years. Twenty years later: it will be ready in twenty years.

Microsoft suggests businesses buy fewer PCs. No, really

IanRS

Re: As much as I like VDI

I've been involved in a few thin client / VDI trials over the years, and one of the criteria has always been video performance. Many years ago the justification was only 'training courses often have video', but video is a lot more common these days. It always come down to a choice of sending the still compressed video over the wire and needing a powerful computer to decompress it locally, which most 'thin' clients fail at if they really are thin, or decompress it at the far end and send uncompressed data over the network, which normally cannot cope.

Strangely, what does work is having a full power machine as the client, which does seem to rather defeat the purpose of the exercise.

VDI works for spreadsheets, but that should not be enough justification for the beancounters to enforce it on everybody else.

Do you use comms software from 3CX? What to do next after biz hit in supply chain attack

IanRS

Arrogance or ignorance?

"this type of thing can never happen"

Saying that is just asking for trouble.

The second dust bowl cometh for America, supercomputer warns

IanRS

Link to paper

Most links to the paper hit the Springer pay-wall, but it can be found at https://cgspace.cgiar.org/bitstream/handle/10568/51470/Climate%20suitability%20for%20Cocoa%20farming.pdf

Even the abstract has the positive news, so there is no excuse for reporters missing it. "According to the model, some current cocoa producing areas will become unsuitable (Lagunes and Sud-Comoe in Côte d’Ivoire) requiring crop change, while other areas will require adaptations in agronomic management, and in yet others the climatic suitability for growing cocoa will increase (Kwahu Plateu in Ghana and southwestern Côte d’Ivoire)."

IanRS

A few years ago there was a paper published which claimed that climate change would render many of the areas which currently grow cocoa beans unsuitable for that crop. This was, of course, picked up and reported by mainstream media: "Worldwide shortage of chocolate", etc. The paper also said, although the media generally did not, that the areas that would become suitable for cocoa was three times the area that would be lost, if suitable preparations were made - cocoa grows best as part of a layered environment, so the flora above and below where the cacao trees would be planted would need to be planted first.

IanRS

How is the machine learning trained?

ML relies on being given lots of sample data, from which you hope it learns a pattern related to what you want to know. Without lots of examples of 'this scenario leads to a bad end,' how is it going to predict this? It looks like an example of trying to learn a small section of output and hope that that can be extrapolated to extreme conditions, and there is no way that climate models can be considered linear.

White Castle collecting burger slingers' fingerprints looks like a $17B mistake

IanRS

Only the first one counts?

"In court, White Castle argued that it was only on the hook for the first instance in which it collected its workers' fingerprints..."

If you murder lots of people, does only the first time count?

If you commit lots of robberies, does only the first time count, even if you rob the same person?

If you collect lots of biometric information, does only the first time count, even if repeatedly from the group of people?

Generally the law sees repeats of an offence as separate offences, hence the use of 'n counts of x' in offence summaries.

Brit MPs pour cold water on hydrogen as mass replacement for fossil fuels

IanRS

Re: Here we go...

Read the reply again.

It is not a case of 'we need to solve this problem', but that of 'existing science shows there is no (efficient) solution to this problem'.

Google frees nifty ML image-compression model... but it's for JPEG-XL

IanRS

Learning the wrong topic

It might work out where your eyes focus first, but it cannot tell a slug from a snail.

How not to test a new system: push a button and wait to see what happens

IanRS

Many many years ago I was asked to create some tests for a file storage system. The intention was that a file could be moved between two storage areas, but you only ever saw it in one. The whole file could be accessed from 'A', or 'B', but you should never see it in both at once, nor should you ever be able to see a partial file anywhere. I specified: use a large file so you have a few seconds to act in, start the transfer, disconnect the network cable, wait a few seconds, check. No problem with that one. The second variation said start the transfer, disconnect the power lead from one side, then the network cable, repower but do not reconnect the network, wait for startup to complete and check. The project flat out refused to run this test. Considering this was a system intended for usage in combat areas (even though in staging posts rather than front-line), I did not consider it an unreasonable scenario. However, the manual stated that systems must always be shutdown down cleanly by following the specified procedures.

UK government set to extract hospital data to Palantir system without patient consent

IanRS

Data for planning

"This organisation handles an average of N operations of type X per week. We have a backlog of M cases."

Repeat for all operation types and other activities.

If the data is for planning purposes, what more do they need?

Microsoft mulls cheap PCs supported by ads, subs

IanRS

I just hope it is not exactly 1 million to 1.

AMD's Epyc 4 will likely beat Intel Sapphire Rapids to market

IanRS

Complementary service?

"Compute Ops Management is a complement to rather than a replacement for iLO."

i.e. An extra expense-as-a-service rather than a replacement one.

Page: