* Posts by DonL

107 publicly visible posts • joined 13 Mar 2016


NASA mistakenly severs communication to Voyager 2


Re: Voyager 1 & 2

"Would you need a management console to restore networking if the remote server, by default, waited for the comms for a length of time and if nothing is received, auto-roll back to the previous config?"

Professional networking equipment lets you do this. You can change the configuration and activate it. Then, unless you confirm the change within a definably number of minutes, it will automatically roll-back to the previous configuration.

The equipment still also has a management console, for other issues that might occur (like hardware defects).

Lawyers who cited fake cases hallucinated by ChatGPT must pay


"I really don't like the term "hallucinate" for this behavior."

I understand how transformers work technically and I still feel that "hallucination" is an appropriate description because a hallucination is something that looks very real even though it isn't.

I asked ChatGPT what it knew about the street I live in and it came up with a complete story about how it was named after a small river that starts there and which would be famous with the locals. It described in detail how it ran through multiple villages.

It was so convincing that even after living here for a long time, I still investigated it only to find out that it's not true in any way at all.

Furthermore, I asked once about the source of some facts and it just made up a real-looking URL. When asking about the source in a different language, it came up with a translated version of the URL. Both URL's do not exist however.

So while technically very explainable, it does indicate how tricky it can be. If you don't do proper fact checking on everything it says (when it matters), then accidents are likely to happen.

Datacenters still a boys' club, staffing shortages may change that


Exactly, women rarely care about computers

But it's OK, other occupations have the exact opposite ratio (lots of women, very few men).

I think we should just accept it.

To protect its cloud, Microsoft bans crypto mining from its online services


Virtualization is meant for sharing CPU's and is not meant for processes using 100% of the assigned CPU all time time. It eats performance away from other customers.

Uber staff info leaks after supplier Teqtivity gets pwned


It used to be the case that all data was securely stored on internal servers, only accessible on-premise or through VPN. Now a lot of data is stored in the cloud and is directly connected to the internet. Therefore the attack surface is much larger and more leaks occur..

Theranos' Sunny Balwani gets longer sentence than Elizabeth Holmes


"Balwani's counsel and the prosecution also differed on whether Balwani or Holmes were really leading the conspiracy."

The Wikipedia pages are pretty telling though:



"In the 1990s, Balwani worked for Lotus Software and Microsoft. During Balwani's tenure at Microsoft he worked in sales. He claims to have written thousands of lines of code; however, independent investigations could not verify this, and numerous Microsoft managers who were asked about him could not remember him."

"In July 2000, Balwani sold his shares in Commerce One, netting nearly $40 million shortly before the company went out of business, just before the dot com bubble burst."

"Holmes met Balwani in 2002 during a trip to Beijing as part of Stanford University's Mandarin program. Holmes was 18 at the time, and had just graduated from high school; Balwani was 19 years older than she was and was married to another woman at the time."

"On November 29, 2021, Holmes testified that she had been raped while she was a student at Stanford and that she sought solace from Balwani in the aftermath of the incident. She also said Balwani was very controlling during their romantic relationship, which lasted more than a decade, and at times he berated and sexually abused her. In her testimony, she stated he also wanted to "kill the person" she was and create a "new Elizabeth"."

Loads of PostgreSQL systems are sitting on the internet without SSL encryption


"The recommended approach was to give customers the option of an allow list to restrict network access, he said."

This is by far the most important advice, there is never a need to allow the entire world to connect to your database. All it takes is one bug, weak password or wrong setting and someone has access to all of your data.

Japanese boffins build solar-powered, remote-controlled cyborg cockroach


"What evidence is there that cockroaches can feel pain?"

The fact that it turns when a current is applied is strong evidence in itself.

It's like cutting out your vocal cords, then applying electric currents to your body and then laugh because you start jumping around. Since you can't scream anymore there is no evidence that you're feeling any pain, so there is no harm done right?

Normal people call that torture, but I imagine you would need to experience it yourself to be able to conclusively determine that you still feel actual pain even when you're incapable of clearly expressing it?

Claims of AI sentience branded 'pure clickbait'


Re: Agree 100%

I think the mistake (in my opinion) being made is that people are trying to pin words that are normally used to refer to living beings, on a computer program.

It might seem interesting, but it makes a rather strange discussion comparing apples with oranges. Computers and living beings are two completely different things, even if they seemingly acted exactly the same they're not comparable at all because they are biologically/technically (the difference in words says it already) fundamentally different.

HP pilots paper delivery service for Instant Ink subscribers


Re: Paper isn't required due to the cost of ink

"That's why I switched to Instant Ink. If the ink dries out then it isn't my problem it is theirs!"

Exactly, this was my thought too.

Over the 5 year lifespan of my previous printer I bought:

- A printer;

- 1 pack of paper (500 sheets);

- Several sets of cartridges, also some non-HP cartridges;

- Got the printer replaced under warranty once;

- Got (non-HP) cartridges replaced under warranty once.

All while only printing less than 400 pages.

HP cartridges are very expensive while the non-original cartridges perform very poorly in my experience.

Recently I bought a cheap (€80) new HP printer, activated HP+ and Instant Ink. Now I don't have to worry about this stuff anymore. Also with Mopria support there is a good alternative for the HP printer drivers and apps.

So far I'm very satisfied.

Full Stream ahead: Microsoft will end 'classic' method of recording Teams meetings despite transcription concerns


Powershell is a mess:

- The syntax is horrible, they should have just used an existing language like python and extend it with a library;

- The Linux version of powershell isn't supported by all modules (like the O365 module);

- MS often abandons modules and then releases something new which lacks a lot of features of the old module;

- It's not backward compatible, sometimes you need to use an older version to get something done.

- The <verb>-<noun> idea messes up autocomplete, so instead of "Get-Module" they should have gone with "Module-Get" so you could see the available options through autocomplete after typing "Module-".

Perhaps it grows on you if you only use powershell, but when you're working with multiple languages then powershell is really awkward to work with.

Microsoft tells US lawmakers cloud has changed the game on data privacy, gets 10 info demands a day from cops


So how exactly could this be surprising? If you choose to place your data somewhere out of your control because you can't be bothered to care, obviously people can (and in some cases will) be digging into it.

Vendors like IBM know and get out of their cloud once they sold it and it's no longer under their control.

Would anyone store their most private letters at some strangers house just because they offer it? It's exactly the same thing.

The cloud has it's uses, but the trust some people have in it for anything important is misplaced.

Microsoft delays disabling Basic Authentication for several Exchange Online protocols 'until further notice'


Modern authentication is not a standard

The problem is that "modern authentication" is not a standard, although it uses a few standard protocols. Also the authentication token that is received afterwards need to be renewed regularly, which is also not a standard. And then how would you be able to use this with POP3 or IMAP?

If they were to disable basic authentication then you could only connect products to Office 365 that explicitly support it.

The servicedesk application we are using for example supports POP3/IMAP but not the Microsoft proprietary implementation.

The only solution I could personally come up with was to forward all mail to our own server and then fetch the mail with IMAP from there.

The following statement also indicates the issue:

"We have worked for nearly two years to push our app developers both internal and external to modern auth. We've put in a tremendous amount of work"

Microsoft spinned the change as a simple security improvement, but in reality a lot of stuff needs to be done only to implement support for Office365. If Gmail where to do the same, it wouldn't even be compatible and you'd need to put in the same amount of work for every provider you'd want to support.

Something to consider in case Dell freezes over: HP unfolds 2-in-1 laptop with Intel Tiger Lake brains, bigger screen


Re: Why

Our company owns dozens of HP (probook) laptops and the build quality, support and warranty is very good. Failure rate over the last 15+ years has been consistently extremely low even in the harsh conditions in which they're being used. Even as a (relatively) small customer when you log an issue, they often call back within 30 minutes and repair or exchange the device rather quickly.

My experiences with Dell however have been disastrous.

Having said that, perhaps level of support depends on the country you're in.

AWS announces new single-purpose on-prem hardware and tie-in storage tier


Re: Someone should do this for video conferencing

"So if someone just provided a plug-and-play device with Jitsi, or something, sitting on it & with automagic security patches &c, I bet a lot of people would like that."

Nextcloud Talk works very well and there are devices that have it pre-installed:


Any finger will do? Samsung Galaxy S10 with a screen protector reportedly easy to fool


The sensor essentially has to "see" through the screen protector, making it essential that the screen protector is optimized for this. So when someone isn't using an authorized (tested) screen protector, then this isn't really a suprise.

Perhaps the update is going to rule out any "fingerprints" that are too flat?

VMware on AWS: Low-risk option or security blanket for those who don't like change?


Re: Who are the customers for cloud?

"The developers don’t have rights to vcenter."

IT departments being overly protective will have a hard time indeed, but it's easily possible to limit user rights so nothing can go wrong.


Re: Who are the customers for cloud?

"They want to go to a self-service portal and click on a VM, click again to get an EBS Volume, and click again to provision networking to their application."

VMware vCenter provides this functionality.

IT outages in the financial sector: Legacy banks playing tech catch-up risk more outages, UK MPs told


"The Parliamentary inquiry into IT failures in the financial services sector was launched last year after the meltdown at TSB that lasted almost a week in April 2018."

Exactly, ironically the migration at TSB from a proven platform to a new platform was the cause of the meltdown. And now they seem to be suggesting that other banks should do the same.

Proven technology may not sound cool if someone chooses to call it legacy to discredit it. But it's generally rock solid, well maintained and often provides more features than the latest/upcoming technology.

DXC Technology seeks volunteers to take redundancy. No grads, apprentices, and 'quota carrying' sales folk


Re: Times they are a Changin...

"This suggestion was met with the type of responsiveness of the comments herein this thread. "SharePoint is a tinker toy!!", "SharePoint is not Secure!", "We use Lotus Notes here!!!!""

"those who are not embracing the need to change and reinvent themselves in some situations are setting themselves up to be shown the door."

It seems you didn't embrace the need to change and reinvent yourself to use Lotus Notes if you ask me. :)

Holy moley! The amp, kelvin and kilogram will never be the same again


Re: And as usual...

"There's always an appropriate xkcd..."

Perhaps it was part of the point of the joke, but the definition of the pound is actually linked to the kilogram:

"Various definitions have been used; the most common today is the international avoirdupois pound, which is legally defined as exactly 0.45359237 kilograms"


Scumbag who phoned in a Call of Duty 'swatting' that ended in death pleads guilty to dozens of criminal charges


Re: So the police bear no responsibility ?

The gun laws laws, where everyone can just unexpectedly draw a gun, make the police very nervous. I can't see this happening so easily in countries with strict laws.

In the two years since Dyn went dark, what have we learned? Not much, it appears



Personally I don't understand why anyone would use a DNS service instead of using Bind/Named on one or multiple cheap VPS servers (from different providers) for something this basic/simple.

These days it seems like it even the basic stuff is getting to difficult for a lot of people, which is quite sad in my opinion. (I don't mean to offend anyone though.)

Don't make us pay compensation for employee data breach, Morrisons begs UK court


Re: You shouldn't be able to get to there from here.

"It it further means there needs to be an air gap between internal systems holding sensitive data and anything with a public internet access then that would be a good thing, too."

That would indeed be the only way to stop this kind of thing from happening.

It would be helpful if they included these requirements in EU laws or guidelines. I don't think a lot of companies are doing this currently and it is therefore extremely easy for rogue employees to leak data (Either by email, http upload, ftp or USB). Also, employee privacy laws make it very difficult to detect these kind of things.

Vodafone hounds Czech customers for bills after they were brute-forced with Voda-issued PINs


Credit limit?

Pay by SMS may be handy to pay for an € 1 app, but it's way to fraud sensitive to allow the payment of large amounts. If Vodafone didn't impose a suitable limit (€50 for example), then that's negligence on their part.

Oracle trying hard to make sure Pentagon knows Amazon ain't the only cloud around


Nuclear bunkers

Perhaps it's already a contract requirement, but I'd put my datacenters in nucleair bunkers.

In my opinion it would be naive to think a commercial entity could keep your operation going during wartime since it would be an easy target.

Lacklustre HPE storage sales fail for flash fans


Last time I checked flash storage was still incredibly expensive at the major vendors.

But if you build your own storage, then flash isn't that expensive at all. (Think Supermicro with some affordable Enterprise SSD's from Intel/Samsung/Micron etc.)

Sure it takes a bit of time (not that much though), but the savings are huge.

It's a net neutrality whodunnit: Boffins devise way to detect who's throttling transit


"an excessively congested link will see packets dropped when their time-to-live (TTL) expires."

I don't think that's true. When a packet passes a router the TTL is decreased by one, when the TTL reaches zero the packet is discarded. This is done primarily to prevent packets from ending up in an endless loop. Additional time spend in the buffer does not decrease the TTL any further as the TTL is not actually time related.

What happens with congestion is that the buffer of the router fills up because the packets cannot be forwarded fast enough, when the buffer is completely full new packets are discarded as there is no free memory to store them in.

You want how much?! Israel opts not to renew its Office 365 vows


Re: £££££££££££

"I don't know why governments are even entertaining the move over to subscription services like O365"

Because MS has made the on-premise version more expensive than the O365 version, even though the on-premise version is included in the O365 version.

Therefore we subscribed to the O365 version, even though we're not using the online stuff at all.

You basically can't fight MS as long as the users (unaware of the pricing) keep shouting that they need MS Office "since that's what everyone else is using" (their words, not mine).

Schools (which are paid by the government) are also facilitating this by teaching everyone how to use MS Office and providing copies of MS Office at an extremely reduced price.

London's Gatwick Airport flies back to the future as screens fail


Re: 4G

"What LGW should have done is go with an an ISP who have a brilliant tie in with a mobile provider and could offer a decent 4G service incase the redundant cables to LGW were cut."

Which is exactly the type of connection we ordered from Vodafone (not in the UK though). When the fiber cable gets cut, the IP block automatically gets routed to the 4G connection.

For our branch offices we use 3 WAN connections from 3 different providers (2x VDSL2 and 1x 4G), so the IPSEC tunnel is automatically rerouted over another connection when the current connection goes down. This all for €150 p.m. connection costs in total with a € 300 Ubiquiti Edgerouter Pro. (per branch)

I guess airports lack the creativity and freedom to implement such rather simple/cheap but very effective solutions.

Home Office opens AWS cash firehose a little wider with police IT deal


Re: Icon

"And in other news, the RAF will be renting its F-35 frontline fighter jets off Lockheed Martin and Theresa May will be renting her shoes off Marks & Spencer using her existing M&S account."

That would actually make more sense since, unlike your virtual servers, your jets and shoes can't instantly disappear. But if they could then that could suddenly leave you without jets and shoes in the middle of a crisis and people would understand why renting them would be a bad idea :)


Putting your matters of national importance in the datacenter of a bookshop...

Whatever money they're hoping to save will be lost in a blink of an eye if anything goes wrong or was overlooked, and it'll cost years trying to fix the mess.

IPv6: It's only NAT-ural that network nerds are dragging their feet...


Mobile devices / 4G networks

As far as I know of, none of the mobile networks support IPv6.

Even if I just wanted to use IPv6 for my home network (to extremely simply the example), I wouldn't have any advantage of it just because of lack of support on 4G networks alone. Dual stack basically means double work and no advantages.

I used to be very enthusiastic about IPv6 back in the days, but there are so many showstoppers it's not funny.

In retrospect, it would've been better to just cram the additional adress space somewhere in some(rarely) used IPv4 field or something (with an prepend part and append part), so IPv4 carrier routers could just route it. Then support between the client and endpoint router would be sufficient to bring advantages. Then later, the prepended adress space could be used by the carriers when they're ready.

Sure the protocol would look ugly on paper, but in the end it wouldn't really matter.

Brit spending watchdog brands GP Primary Support Care a 'complete mess'


"Because there are no/insufficient people capable of framing contracts properly"

I doubt it can be done for anything remotely complex, everyone has their own view and even the users sometimes don't know what they actually want/need or their individual needs differ. When doing things in-house you can often just be flexible, with outsourcing it suddenly needs to be 100% specified which leads to new contract negotiations for the changed requirements. Since there already is a contract in place you're left to mercy of the outsourcer, this often doesn't work out very well at that stage.

Heatwave shmeatwave: Brit IT departments cool their racks – explicit pics


Temperature ratings

For these reasons, when purchasing network equiptment, I now take operating temperature ratings into account. Some equiptment can accept very high temperatures, making additional cooling during summer unnecessary.

I never had to use a fan or had heat related outages, but I know these small patch racks can get quite hot at times.

No one wants new phones – it's chips that keep Samsung chugging


Re: Less nonsense, more useful features.

"the first decent phone in a long time that gives you more than 1 lousy day of battery life."

The Huawei P10 Plus gives me 6 hours of screen on time in addition to standby all day long (7:00 in the morning untill past 0:00) with lots of apps open. It has 128GB storage, 6GB ram, IR transmitter, SD card slot and fingerprint reader (which can also be used as home/multitask/back key) on the front.

I used to have a Samsung phone, but these days their only priority seems to be the edge display/looks.

Kaspersky Lab's move from Russia to Switzerland fails to save it from Dutch oven


Re: Having come up against Kaspersky's DRM...

"To me at the end of the day code inspection doesn't matter unless you're able to make sure the code you inspected is actually the code that is being installed(along with any updates). "

In the Dutch mail they have sent to their customers, they state that the compile process will be verified by an independent organisation.

Airbus CIO: We dumped Microsoft Office not over cost but because Google G Suite looks sweet


"company officers can be imprisoned."

That is not true:


"the GDPR does not lead to individual liability of the DPO for non-compliance by the business"

The cloud provider I have checked didn't accept responsibility for fines if data leaks because of errors on their side. However they claim they fully comply of course..

In other words: Storing your data elsewhere can be very risky since you have to take full responsibility for your suppliers.


Putting your sensitive data in the cloud..

Especially for a company that is so knowledge intensive, I find it strange that they would want to put their data elsewhere outside of their control. You can never really know for sure if anyone else is reading/copying your sensitive documents.

Also, can't employees very (too) easily login from their home PC and download the documents? Normally you'd have multiple independent lines of defense (firewalls, logging, tokens, access rights), so people that don't need to work from home are unable to access their documents at all when not at a physical terminal in the company.

I don't know about the controls O365 or GSuite provides, but for me it would be a major concern. If anything unexpected were to happen, the company could go down in no time..

It seems to me the CIO might be right feature-wise (I don't know), but he seems dangerously optimistic about this.

How do others view this?

Dumb autonomous cars can save more lives than brilliant ones



The problem is that "10 per cent better than humans" is an (probably optimistic) estimate and it may very well end up being worse than humans. If they think it's 90 percent better then it's probably still optimistic but at least going to save lives.

I'm all for adding safety features (i.e. automatic breaking) to cars, but fully automatic driving still seems like a stretch at this point.

Guess who's now automating small-biz IT jobs? Yes, it's Microsoft


"manage things like patch deployments and file permissions on staffers' Windows boxes, but also set and revoke permissions and accounts on Android and iOS devices through MDM tools and controls for Office 365."

So it's just a management product like all the others, a lot have MDM integrated these days. Effectively the impact of this product is zero. Zenworks, for example, is easy to install and super stable (runs on Linux). It does all of this and more.

I heard sometime that the MS equivalent (can't recall the name) is a horrible beast and it's very time consuming to manage, so if you're a MS only shop their new product might be an option. For the rest of the world the problem was already solved by other products.

Knock, knock? Oh, no one there? No problem, Amazon will let itself in via your IoT smart lock


Pickup point?

In the Netherlands you can just have your package delivered to a pickup point (there are many!) and then just pick it up there. Some are even open until 21:00 and you get a notification on your smartphone when the package is delivered. Problem solved. I use this service exclusively so I don't have to be home or get up early etc.

Legacy clearout? Not all at once, surely. Keeping tech up to snuff in an SMB


Re: Consultant inception

"Is there a consultant consultant we can consult to pick the right consultant?"

Exactly, everyone recommends the stuff they can make the most money with anyway.

Walmart tells developers to stay away from AWS


Here is an idea

Why not just put your most valuable data on your own servers and be in full control?

Personally I don't understand the obsession of some companies to put everything in the cloud and have a huge problem everytime a vendor messes up, changes plans, declares a product end of life, increases profit by decreasing support, goes bankrupt etc.

You then have all of your IT people shouting at the sideline hoping someone else fixes it.

HPE ignored SAN failure warnings at Australian Taxation Office, had no recovery plan


I've seen more often that a SAN vendor (not HP) dismisses alerts as unimportant. As a customer you then have to keep insisting on parts to be replaced and eventually they'll do it.

I can imagine that if they didn't pressure them, they effectively ended up with a SAN with one failed/unreliable component and thus no redundancy. If one more thing then happens, the entire SAN may go down.

As for the cloud, statistically it's only a matter of time before a major outage will happen. The number of storage related failure notifications and outages I have seen is alarming (kudos to them for full disclosure though).

In my opinion you're best off with running your own datacenter and keeping everyone sharp, even though it's obviously no fun pointing everyone on their mistakes and sometimes cancelling contracts if vendors don't improve.

Does Microsoft have what it takes to topple Google Docs?


Re: "they don't need to deal with geeks"

"Persuading the bosses - in particular, the ones in head office abroad - to spend money on servers they can't see, that don't obviously bring in revenue, is hard. Far easier to slip it under the radar in the form of operating expenses on a monthly basis, and for the most part, better for the company."

It's called leasing, and afterwards you get to keep them and they just keep on working without the monthly costs.

Huawei P10 Plus: The bigger brother is the real contender


Re: Ins and Outs

"An infrared "blaster" and infrared sensor are two different things. Which is it?"

Both actually. It doesn't seem to be mentioned anywhere, but you can use the sensor to program a button in the remote control app by just pressing the button on the original remote control while pointing at the sensor.

The app also contains a rich database of devices, it even includes airconditioning units. But you can also just use the Peel app instead of the Huawei app, if you prefer that.

Linux kernel gets patch for 11-year-old local-root-hole security bug


Re: SKB?

"downtime n. The period during which a system is error-free and immune from user input. Compare UPTIME. See also CRASH."

No need for that anymore with kernel live patching. Canonical offers it for up to 3 servers for free and Kernelcare.com is so affordable that the hassle to manually update and reboot isn't worthwhile anymore.

So you want to roll your own cloud


Re: Been there, done that ... Got ProxMox

One thing I always notice when comparing cloud offerings is that the companies using VMware (for example) instead of open source are pricing themselves out of the market. The turnkey/ease-of-use part of the solution comes at a huge cost. And it seems that the really big ones are able to negotiate deals that are impossible to achieve for smaller parties.

I've also compared offerings before and from a price/functionality/ease-of-use standpoint Proxmox seems to be ideal.

And there seems to be at least one company offering billing functionality (I just googled quickly):