Posts by Doctor Syntax

Re: Hardly leeching when the dark fibre was laid off the back of Government contracts.

"Maybe we need to bypass BT completely next time regarding full fibre FTTP rollout"

You really think anyone else is going to find the finance a roll out a full FTTP network instead of just the areas where there are easy returns?

Re: The consumer would like some of Ofcom's attention too

"No, I don't pay line rental for either."

And you really think your ISP isn't being billed for it and including it in your ISP bill?

Re: The consumer would like some of Ofcom's attention too

"These days, we should be plugging our telephone handsets into our routers."

And what does your router plug into? If you think you shouldn't pay for that connection back to the ISP get it discontinued and see how well your internet service works.

"We're well passed the point where we need to replace the USO for phone service with a USO for broadband that includes VoIP."

The USO, AIUI, requires the phone service to continue to operate in the event of power failure. POTS does this by being powered down the line by UPSs at the switch. Your router isn't going to be powered over fibre. Even if this is dropped you still need a connection back to your ISP. That needs to be paid for. If you're not to be billed direct your ISP will be billed instead and pass the cost on to you. Neither your telco nor your ISP are charities dedicated to supplying you with a free connection.

Re: Seems bizarre to me...then I'll try and explain

As a public sector entity they had an un or under-funded pension scheme, but that "didn't matter" because like all public sector pensions, the cost would be stiffed to future tax payers.

You are right to lay the blame for the pension black hole at govts. door but not at that particular door. At one stage the fund was deemed to be in surplus and HMRC - or probably IR back then - ordered BT to take a contribution holiday. Over funding is considered to be a form of tax evasion.

As all state pensions, including Civil Service pensions, are run as a Ponzi scheme the tax authorities don't really grok the extreme long term nature of pensions funds. The valuation of a pension fund is based on what it would cost to turn the liabilities into annuities and this is based on interest rates. Annuities are also based on life expectancies and increases in those need to be allowed for when looking to the long term.

What's not taken into consideration is that interest rates can go down as well as up. So when interest rates went down and stayed down as a result of a financial bubble, for which Treasury policy and their sometime political head Brown must accept some responsibility, the valuation on which the taxman's decision was based was shown to be wildly optimistic. Increased life expectancy has further hit annuity rates. In consequence BT is committed to making large contributions trying to catch up. It's not simply a matter of paying what it wasn't allowed to pay before because the fund has lost any stock market and income gains from the contributions that weren't made back then and that also has to be covered.

Another factor was the withdrawal of pension funds tax relief on dividends*, another of Brown's bright ideas. The dividends contribute to growth of the funds and this contribution was cut by removal of the tax relief. It clearly amounted to taxing the future and that future is here. It did a lot of damage to pension funds in general, not just BT's, and is one reason why there are few defined benefits schemes left.

As things stand the best we can hope for is that as interest rates rise the annuities will offer better prospects and the hole will be at least partly dealt with due to that.

* I thought then, and still think, that the pension funds were culpably supine back then. They had offered projections of future value based on the tax regime as it then was. When the regime altered they should have presented members with valuations which showed the difference between what was now projected and what would have been projected under the old legislation if only to cover their own backs and explain why things were looking less rosy. The fact that it might have put political pressure on Brown by exposing the long term consequences of his actions would, of course, have been a fortunate by-product. I notice reports suggesting that the recent budget has sneaked in another technical looking change that will affect some saving schemes in the long run. The Treasury got away with in 20 years ago, why would they not expect to succeed again?

Re: The consumer would like some of Ofcom's attention too

"Consumers are still being forced to pay for old-style land lines"

No problem. Just get your land line discontinued. I'm sure your ISP will find some other way of connecting you.

Re: Fragile. Very fragile.

"Someone came in at that point and stopped him before he fried himself."

There's always a spoilsport.

"The million-row excel file that should have been moved into Access fifteen years ago"

And to a proper database server 14 years and 11 months ago.

Re: Smartware

"It included a database application"

The company was bought by Informix for no good reason except that their (Informix's) then management suffered from a lack of BOFH and openable windows in their offices. They did some work to use Informix as a back end. But only as a back end to the spreadsheet.

"The problem here is the delay between it being actively exploited and KNOWING it's being actively exploited"

No, the problem is submitters providing code to treat the possible symptoms rather than cure the disease - or, if they don't know how, telling someone who does.

"temporarily disabling something to ensure that it can't be exploited, while a full fix is being developed, is a perfectly acceptable security approach"

Disabling in instead of fixing it isn't. What was stopping the submitters of sending in patch to fix the problem instead of hiding it?

"they're unlikely to be reported if no-one can run the affected code."

Except they could be reported by security researchers who think it better to cure the symptoms instead.

"Which would you rather have: a system that doesn't work or can't be trusted?"

It's a false dichotomy. The effort that goes into the break it now fix should go into the fix it properly fix. What I want, and which I expect Linus to provide, because of this approach, is a system that works and can be trusted.

"So why is it right when Linus says effectively the same thing?"

Linus isn't saying the same thing. What he's saying is fix the problem instead of hiding it.

AFAICS what's happening is that the security researchers are sending in patches which will throw an error if a dubious bit of code is hit even if it wouldn't cause a problem in that instance. They're then expecting him to incorporate that code in the kernel tree for the next release.

What he wants is that the code itself is fixed. That can then be backported into older kernel versions* (that, of course, could also be done with the just kill it fix). However the effort that goes into the just kill it patch could either be put into a proper fix by the researcher or, if that's too difficult, into a proper bug report so it can be fixed. Either fix is likely to go into the same kernel release cycle anyway and it's vastly preferable that it's a real fix. If he allowed just kill it fixes in the real fixes are likely to be delayed.

* Linux distributions don't always run the same kernel version. These appeal to different types of user.

Production systems tend to be very conservative with LTS vernel versions and only security fixes made available as kernel updates. Consistency of operation is highly valued.

More adventurous distros exist for those who must have the latest, greatest, coolest toys. These value novelty over consistency and can expect breakages from one release to the next. A release will have the latest kernel available at the time of packaging.

Users who want to test new stuff - equivalent to the Windows Insider Fast Ring can either go for a bleeding edge distro or install RC kernels in other distros.

"But even so; any user who cares about the sanctity of their data probably agrees."

What if the crash the system approach leaves the user with corrupt data?

The effort should go into fixing the root problem.

"What do you do when you biggest issue is PEBCAK?"

The kernel hardening approach would seem to be switching off the computer and removing the keyboard. And maybe the chair.

"I'm not sure what you take from the article but maybe you should read the previous article as well to get some understanding."

Even better, go and read the actual post.

"there are no lessons to learn."

There's one: it can happen to us.

Re: I'm technically under a NDA

"It's not Friday....I don't need mental images like that in my head!"

You do on Fridays?

Re: Really useful article.

"Haven't you been following the whole systemd debate?"

What did you think my comment was about?

Re: Do not run with scissors

"Scripts can be useful, but be careful with them."

Be even more careful just going in there and hacking it by hand.

You should not be relying on them for everyday tasks, or even "every year" tasks, because you're just opening yourself up to problems.

This is just what you should be using them for. As you say, you can get them ratified, check into the source code revision system of your choice or whatever in order to have a repeatable set of operations on which you can rely. For rarely performed operations this is even more important than daily ones.

Effectively you are then doing software development, whether you're a tiny one-man operation or a huge multi-national, and the same standards as you'd expect a software developer to use should apply - testing, verification, dummy-runs, early bail-outs, stop on every error, etc.

Yes. Why would you fly by the seat of your pants doing operations manually when you have this option?

Re: Something missing?

I would also suggest that the differences between scripting an operation and performing it manually is little different from performing it "manually" (on a computer) and actually doing the operations in person.

1. It can be reviewed by yourself and others. That way it can be checked for errors, including typos such as rm -rf ~fred /*

2. It's repeatable. If you have a saved script that was successfully yesterday you know it will perform exactly the same operations today and tomorrow which you might not do yourself if sitting there thinking "Now what did I do next?".

Re: About time....

"have shared storage"

Genuine question...what's that got to do with a router?

It's something a lot of routers offer these days - stick a USB socket on the side of the router and let the punters plug a thumb drive into it and it appears on the network. The good news is you don't have to use it.

Re: Well...

"A better guide would be a table"

Too complicated for those who just want to look at a single number. How would the likes of Amber choose their ISP?