Posts by David Roberts 1606 publicly visible posts • joined 25 Jan 2007
Kids poke sticks in wasp nests for shit and giggles and dares.
If maturity ever arrives they remember that shit and giggles hurts.
So not surprising that it is the young who are tempted to buy DDoS services to see what happens. Serious talking to first time. Serious punishment second time.
Is it just that BT and Plusnet are the major ISP providers, or is it router specific?
If I understand this, it has nothing to do with the WAN side of the router, but is an issue between the DHCP server on the LAN side and W8.1 and W10 PCs using DHCP.
So unless everyone is failing it may be a bug/feature of those specific routers.
Haven't noticed anything on the two W8.1 laptops here.
Using a Buffalo router though.
Mr. Picky would like to point out that X.25 is/was usually only between the end client and the exchange.
Inside the network is usually X.75 which (IIRC) does much the same as TCP/IP in scattering individual data packets all over the network then re-assembling them at the other end.
Which seems to tie in with your description of TCP/IP routing not being symmetric.
There is one small problem there.
The usual expectation for an OS is to make a one off payment (not too expensive, obviously) and then have open ended free support. People also generally expect to pay for a software package and just keep using it.
Beyond a certain point this is not a finacially viable model for the supplier.
Tough, you say, that's their problem the money grubbing bastards.
Eventually it is the users problem when the supplier can no longer afford to support the software and/or goes out of business.
The tactical approach is to spend as little as possible this financial year (see all industries which rely on infrastructure). Bonuses reflect cost performance in the current year.
The strategic approach is to budget in this and every future year for ongoing infrastructure maintenance including (with software) support, migration, update and escrow of the software including the supporting hardware and the build environment.
Good luck with the business case (nuclear, railways, roads, navy.......specialist computer controlled hardware..... ).
Other sources stress that Visa is vulnerable to a distributed guessing attack but Master Card is not.
Also that use of Verified by Visa blocks this attack.
It is not clear to me how variation in the fields used aids the attack; possibly confirming the basic number and expiry date allows you to focus on other fields (think Cluedo) but I am not convinced that it makes it easy to brute force name and address.
Assuming that you have a name and (partial?) credit card number it should be relatively straightforward to brute force the full number, expiry date and 3 digit check code (not needed for card not present, I think). The system should be able to detect and block such a distributed brute force attack.
Wondering what implications this has for receipts which only print the last 4 numbers of the card.
How much is it to rent the equivalent in a bog standard server farm (if there is such a thing these days)?
Say you aren't into development but just want a web server, mail server and VPN end point?
I can see the flexibility in a virtual server environment, and the potential economies for the provider, but is this now the best route to an emtry level hobby server?
They can be made to back door their encryption products on their platform.
Still can't touch stuff encrypted on your PC for decryption on another PC. VPN to an endpoint outside the UK doesn't seem to be covered either, nor does a secure connection to your bank.
I thought encryption back dooring was aimed at the protocols themselves.
The cable companies went bust.
Virgin is the result of consolidation of bankrupt cable companies who were unable to cover the costs of their rollout from subscriber revenues.
In what way is this a viable financial model for cabling up expensive locations?
1) Raise money from investors.
2) Roll out new infrastructure.
3) Go bust so investors lose their money.
4) Fire sale of assets
5) Company without the capital cost overhead makes........
6) Profit.
As has been stated so many times, if there was money to be made by rolling out new networks then everyone would be doing it.
If you want to fully split off OpenReach then make sure that it has a Univesrsal Service Provision charter, and the right to recover costs spread across the whole country. This means raising the access costs for everyone, plus a levy on other urban networks to prevent "cherry picking" so that the playing field is truly level. Share the pain for the common good. This should also solve the "bought out by foreign asset strippers" problem.
Or renationalise it ; oops, that means any funding for expansion is on the Government books. Same problem with the Government setting up an organisation to build out fixed and mobile networks to the last 5%. The Government is desperately trying to get capital expenditure off the books through Public Private Partnerships which has already been shown to be a fine way to reduce long term costs.
Hey, why not just demand cheap stuff because........
Easy. Just be careful what you wish for.
I am struggling to block ads and also get an acceptable response from my tablet.
Firefox supports ad blocking but the browser seems to lose touch (sorry) with the touch screen at times so that I can't click on links and the on screen keyboard freezes up for seconds at a time. It also seems to consume a lot of power, gaining on the charger. Not seen with other browsers.
Dolphin seems to have much the same screen problems when ad blocking.
So I am currently using chrome which doesn’t show these problems but does show ads.
I have read up about ad blocking with chrome but the proxy configuration (for each network connection) looks to be a real and continuing pain.
So can anyone recommend an Android browser without performance problems?
From the article it appears that the device can only be updated over the Internet. No facility to update locally over the LAN or to use USB.
Nice central control until there is a problem connecting to the Internet. Then you are in the same space as having a web site as the only route to report Internet problems, or the traditional "send an email" to report email problems.
This may make loading custom firmware more difficult, but the downside is now being demonstrated.
More details on the exact problem, please.
I recently started using an app called Beep&Go on my phone.
Nothing sophisticated - it just photographs the bar code on your loyalty card then displays it for the scanner in the shop.
Saves me loads of time plus I don't have to carry a second wallet for all the plastic.
Works for my library card as well.
Yes, I am a loyalty card victim, but there is technology available to help.
A fully electronic wallet would be even easier but a low tech approach has removed the biggest hurdle; sifting through all the bloody plastic.
A conviction for dealing drugs severely limits your ability to travel internationally. In fact, any criminal record is likely to cause similar problems.
Could be the firm was so dumb it didn't think to check on this until the issue arose in normal business.
Even more likely to be a problem in NZ where they tend to fly trainees to Oz instead of running in country courses.
Still seems unjust to not check for a criminal record then get all bent out of shape later. Then again, this is how most insurance companies work for any information not disclosed.
For a while used phones get passed around to less privileged family members (that is, ones who can't afford the monthly contract on a new phone).
After a number of two yearly updates everyone has a working phone. Therefore sell off the surplus.
Although we have never sold on a phone and have a phone museum in various drawers. Comes in useful now and then for an emergency non-smart phone. So I am probably talking bollocks.
"The Department for Culture, Media and Sport illustrated the point by comparing it to downloading an entire series of Game of Thrones in less than a minute."
Given that I am not convinced I could shift that much data (although unquantified) across my wired Gigabit network in less than a minute.
Unreliable sources suggest that an entire series is around 7GB which is roughly 70 Gbits over a network. Absolutely flat out that is still over a minute. Presumably they just multiplied by 8 to get 56Gbits and conveniently forgot about any protocol overheads.
I would be impressed by a remote server and an ISP network which could deliver that kind of content at that speed to multiple households on the same street.
This kind of illustration is bad because, although the absolute figures may stack up in a lab environment it builds the expectation that this is a real world scenario. People will now expect to be able to download a complete series in less than a minute.
Try telling people that the speed means that they could download a complete Patch Tuesday update in well under a second. Blame Microsoft when this does not happen. Tell them that any web page should load in a fraction of a second. Blame Google when this does not happen. (Hang on.......)
Just irritated by non-technical unachievable sound bites (bytes?).
They have all the equipment to instantly identity potential criminals at the border and deny them entry.
Plus a database of all the ones they let in by mistake before this technology was available.
I would have found the study more convincing if it had been based on passport photos. All of mine make me look like a retarded criminal (ummmm.......) and a small sample from others are equally unflattering.
Possibly based on location, gender, ethnicity and voting preference.
Don't want those down home white Christian (other religious fundamentalists are available) types watcing single sex and/or mixed race action.
By mistske, at least.
Master level is tests such as "only if it is a really good looking horse" and the like.
At least you can now blame the application if you request only chaste kissing but forget to specify where.
The obvious first case for autonomous vehicles is on dual carriageways and motorways.
Keeping a safe distance, maintaining a safe speed, collision avoidance; only a small subset of the challenges found in urban areas.
Kick the can dowm the road for full autonomy in all locations until the infrastructure can be upgraded to physically seperate vehicles and pedestrians/cyclists. Even then the first and last few hundred yards are likely to be at least supervised by humans.
Wouldn't it cost more than that just to pay each user the compensation?
No information about how the compensation is to be paid either. Unless this is some subtle punishment where paying the compensation is intended to cost far more than the fine. Whatever, a trivial sum and an insult to the victims.
In my very hazy recolection IR35 was supposed to target the bottom end of the service industry - building labourers, office cleaners and the like - who were forced to become self employed and thus lost all employment rights and protection. This also moved tax collection from PAYE (one big target) to loads of individual small targets.
However because it is enormously difficult and not cost effective to chase thousands of individuals on minimal wages for small amounts of tax, other targets for the legislation were noted. Put the same amount of effort into chasing an IT contractor that you would have to put in chasing an office cleaner and you get a much larger return on your effort.
The large numbers of self employed today are still in the service industries; Uber drivers, various delivery services for example. These people need protection against loss of rights through disguised employment and general exploitation. In general IT contractors do not but are far easier to chase. Making employers collect the tax is potentially cost effective for masses of low paid workers. All it will do is piss off highly paid contractors who will just move contracts.
Manufacturing has traditionally moved constantly from wealth to poverty.
Back in the (way back) day cheap stuff was made in Hong Kong. Japan was also a source of cheap manufactured goods. PC production was moved between poor countries.
1) Find dirt poor country and get government grant to build factory
2) Employ local dirt cheap labour
3) Profit
4) Raise local wealth, standard of living, basic wage demands, level of education
5) Less profit
Rinse and repeat.
The main question is which country will replace China, and when.
It won't be the USA until they out compete all other countries for points (1) and (2).
Used to have an Asus netbook for times of extended travel. Killed off by XP bloat.
Tried to use an Android tablet but it lacks some software available on Windows.
Now have a small HP upgraded with an SSD. This is slowly wearing out (touch screen not reliable so disabled, keyboard starting to be iffy) so presumably a replacement may be required in a couple of years.
The netbook format fills a need where you require support for specialist peripherals only available under Windows, portability and useability on planes, keyboard, works without an Internet connection.
The cameras in phones are enormously useful. I even use them for reading the impossibly small print on electronic devices; just photograph then use the zoom function. Good for any number of things including photos of family, friends, scenery.
Selfie sticks are a good idea as well; they let you take pictures with yourself in them if you so wish. No need to do anything fancy with a tripod and self timer. No need to find someone else to take the picture. All good technology which is useful. Researching emigration to NZ we found that if you wanted to go as a couple you needed evidence you were currently in a stable repationship, including pictures of you togetjer if possible. Realised that we don't have any pictures of us together; one of us is always behind the camera. Selfie stick is a sensible option.
Now to the people; on the train to London the other week and two other seats at the table were taken by young women. I was perplexed to watch them spend the first 10 minutes of the journey staring into their phones held at arm's length tilting their heads from side to side and puckering their lips to get a picture they liked. I don't think they had just come out of plastic surgery so they probably looked the same as they did over the last week.
So the technology itself is fine; some of the uses perhaps less so.
How much of Apple's market is in the USA?
If the money is offshore and the growing markets are offshore why not just run the whole thing offshore and suck up any import duty on products as less than the tax on repatriating money? Level playing field with Samsung?
At the moment I'm not seeing the incentives to move any manufacturing to the USA.
There are reasons for the success of these.
Firstly, the beer; back in the '50s and '60s it was very hard to get good, well kept beer because it take a degree of effort and commitment to keep a good cellar. You might learn which locals served a good pint in your area, but anywhere else was a lottery.
Cue pasteurised beer. Watneys Red Barrel , Double Diamond, Worthington E. Go into a pub anywhere in the country and you could get a safe if uninspiring pint.
If the local beer hadn't been crap it wouldn't have taken off. CAMERA helped to reverse the trend and now the choice is much better.
So to the Golden Arches. Uninspiring but with two small kids in tow life is stressful enough. Having somewhere that is clean, has clean toilets and consistent food you know the kids will eat trumps (sorry) local colour and culture every time.
In both cases I think the market is built on a safe recognisable brand. Takes away a lot of the adventure but also takes away a lot of stress. If people need a safe haven to help them to cope, then I think this is a good thing.
Back in the day I seem to recall a coke/pepsi bar on the roof of Milan cathedral. Seemed wierd but as a school child also slightly comforting.
I do NOT agree with the apparent attempt to force the local planners to allow international corporates to ride roughshod over them.
McD and Red Barrel are victims of their own success ; icons of corporate blandness. Not that I've seen Red Barrel lately, nor eaten in a McDonald's.
Most phones have a built in web browser. So software with enough access could connect to a web site, invoke 2FA, catch the incoming SMS and paste the code back into the web site.
Which is why 2FA using SMS is not a fully secure system because you need two clearly different delivery channels for the two factors, not just two applications on the same device.
On further searching, most of the information is dated 2013.
Still no idea of the physical requirements, but loads of stuff about a communications hub in your house to link gas and electric meters and other smart devices which may wish to participate.
Every mother's son on the planet can have access to your data, but "only if you agree". Of course it is all channelled through Crapita first so we know it will be securely and thoughtfully managed regardless of expense.
I haven't really looked into it so far because my default position is "not until it has been running long enough to show major benefits" which may be never.
Our gas meter is on an outside wall (so easy to read anyway).
Assuming a smart meter will require electricity, does this mean the installer will want to drill holes in walls and lift flooring to access mains electricity?
Had a quick search but just got "free with added fluffy bunnies" responses.
I have a fairly expensive tablet - Sony Xperia Z - but I've had it a few years now and it still works fine. Used every day for reading El Reg.
My potential use cases for tablets now revolve around cheap screen and wide ranging software.
Engine monitoring and diagnostics over Bluetooth.
Satnav with large screen (and free software).
Possibly a WiFi reversing camera.
None of these need a top of the range tablet. Sub £100 UKP makes any similar use more attractive.
As usual, correlation does not imply causation. Cheap tablets are quite possibly finding new use cases and not generally replacing expensive tablets.
The carriers kicked back against roaming because "they would have no incentive to invest" and now it has been shown that they haven't invested anyway.
Granted that having access to infrastructure you don't have to build can give a cost advantage. However MVNOs do this already.
So as others have suggested, there needs to be compensation built into the tarrif structure if you roam onto another network. The basic connection facility is already there for "emergency calls only".
Perhaps the underlying issue is the capabilities of the billing systems. Although they seemed perfectly capable of screwing roaming users before the EU stepped in.
At first glance this looks like a "magic fairy dust" solution for where there is no easy fix.
Presumably the answer to all attacks - as long as the firewall can:
(1) Identify all potential executables including interpreted scripts.
(2) Not block anything covered by (1) that you really do want to download.
I would be interested to know if this is a realistic proposal.
Old enough to remember the time when we were advised to "dress down" from corporate style suit and tie to "smart casual" because tech contacts in industry weren't really taking us seriously as techies.
Always a good idea to fit in and make your contacts feel you are "one of them" if you want peer respect.
1) Mandatory security testing befor a product is allowed on sale. This includes the policing of non-compliant imports from the usual suspects. All it needs is legislation and policing.(!)
2) Approved supplier then places money (and source code in escrow) with central patching organisation. So when the manufacturer conveniently ceases to trade the code can still be patched. Patches tested and distributed by central body. So patching and support outlives an individual hardware version or manufacturer/supplier.
3).......
4) Profit! Also, hopefully, more security in the IoT.
Oh, and if a firewall on a private network can identify and police port scanners then why do I see continuous port scanning from foreign IP addresses on my Broadband link?
The first step in all this IoT pawnage seems to be port scanning to identify vulnerable home systems.
Filter out the port scanners or at least slow the bastards down and you have taken most of the skiddies toys away.
Extrapolating this starts to get a bit Big Brother but if money isn't spent up front then the cost of slamming multiple stable doors is likely to be much higher.
Complainers in the UK might want to take note.
If the USA market can't support metropolitan fibre build out (with alleged higher charges both for fixed and mobile data) then perhaps the UK can't either? Especially outside metropolitan areas?
Not good news for rural areas, obviously.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
