* Posts by john.jones.name

231 publicly visible posts • joined 1 Aug 2017

Page:

Telco CEO quits after admitting she needs to carry rivals' SIM cards to stay in touch

john.jones.name
Mushroom

Filtering and media reports - optus PR said nothing...

this is all because their where media reports theorising that the reason they could not get hold of optus was because Executives used only Optus and had no backup

I will tell you all members of rivals firms e.g. Vodafone carry known backup SIM and are instructed to swap to those as part of a BCP (business continuity plan)

I highly doubt it was a "personal" DR strategy they are just trying to either explain away the fact they did and said nothing for HOURS while the whole network was down

(the NOC will have been actioning and running full stream but the execs where shown to be pointless and did not communicate to their customers )

the real issue was while emergency calls (000 / 999 / 911) on GSM roam to whichever network is available and it that works for Optus as they are rarely the only carrier/provider in a area THEY HAD NO BACKUP solution for all their digital/VoIP lines beyond switching to Optus GSM which was also down - this effected HOSPITALS, doctors and trains

Frankly the Australian Government should be looking at how to regulate firms who are not publicly listed in australia and have responsibility to foreign owners

optus network assets and config has clearly been sweated and lack investment

they should have been filtering their routes and at a minimum using RPKI and investing in IPv6 like other ISP's... they did not and wanted as much money sent back to the parent corp as possible

when we see RPKI and IPv6 on the optus network then we will know the engineers have been given the budget and they actually have had the time to fix this mess...

do not trust them beforehand

Cisco to sell enterprise version of $400 Bang & Olufsen earbuds

john.jones.name
Flame

China DSP and SOC

I'll be none of the code has been vetted or even looked at which SOC are these double rebranded ear pieces based on ?

ServiceNow quietly addresses unauthenticated data exposure flaw from 2015

john.jones.name
Mushroom

good luck

good luck getting incident information unless your a customer...

Getting meshy: BAE scores £89m deal with MoD to build new battlefield network

john.jones.name

no way unless repackaging

unless they are repackaging existing kit there is no way 89M pays for custom radios

all you can do is essentially recenter the frequency around Military frequency allowances and even then 89M wont pay for all the actual engineering to be done...

all they will end up with is supply chain full of china/APAC based vendors rebadged with no clue that the kit is being used for military use...

intresting would be the split in fee's between BAE to Kellogg since those "consultants" don't have any RF experience they just talk a good game

AWS: IPv4 addresses cost too much, so you’re going to pay

john.jones.name
WTF?

reporting without walking

ISSUE: None of your web servers has an IPv6 address.

www.theregister.com IPv6 address = None

SOLUTION:

1/ Login to your Cloudflare account.

2/ Click the Network app.

3/ Toggle IPv6 Compatibility On.

ISSUE: Your domain is insecure, because it is not DNSSEC signed.

Domain Registrar for www.theregister.com = CSC Corporate Domains, Inc.

SOLUTION:

1/ Login to your Cloudflare account.

2/ Go to DNS > Settings.

3/ For DNSSEC, click Enable DNSSEC.

(In the dialog, you have access to several necessary values to help you create a DS record at your registrar CSC.)

ISSUE: Your web server supports TLS versions that should be phased out deliberately, because they are known to be fragile and at risk of becoming insufficiently secure. TLS 1.1 phase out

SOLUTION

1/ Login to your Cloudflare account.

2/ Go to Domain > “Crypto” tab

3/ choose the “Minimum TLS Version” as TLS 1.2

I dont think this is complicated. get on it.

BT hires chartered management accountant and telco veteran as next CEO

john.jones.name
Mushroom

be nice if they got rid of spam on their networks

SHAKEN system, short for Signature-based Handling of Asserted information using toKENs. would help...

if your going to switch people to digital voice and SIP it would be good to actually sign outgoing call's as coming from BT oh and can you sort out RPKI Route Origin Authorization at the same time this is basic stuff

Microsoft's Azure West Europe region blew away in freak summer storm

john.jones.name
Mushroom

Fibre underground is not effected by storms they strung it on poles...

I would bet they cheaped out and used aerial Fibre run

microsoft will have known this and didnt care thinking the other links would be fine until bang they didnt have capacity to balance a failure

1.6Pbps is the addition of all links its practically nothing if you have a lot of DC's with 100Gbps links

maybe just maybe they should have located "west" in more countries and not just the cheapest bandwidth wise...

data and network sovereignty have you heard of it ?

Oracle pours fuel all over Red Hat source code drama

john.jones.name
Mushroom

Re: Opensolaris anyone?

Linux killed Solaris, why buy expensive box's from sun/oracle that funded the spaghetti code maintenance when you could change it yourself or pay someone else cheaper (I'm not saying its better just cheap)

really the whole argument about RedHat/IBM removing src rpms is aimed squarely at Oracle everyone knows that, every time a redhat sales people walk into large accounts Oracle people are there or are going to be there saying they will do it for free and oh can we sell you a database/etl...

CEO sorry after telling staff to 'leave pity city' over bonuses

john.jones.name

where does that 26 million come from ?

do you rape the earth cutting down trees and extracting oil / plastics to achieve that ?

do you feel pity for those that suffer after you ?

maybe just maybe you should consider those that come after you and actually lead... NASDAQ: MLKN needs to be sustainable now not in 2030

Microsoft breaks geolocation, locking users out of Azure and M365

john.jones.name
WTF?

www.theregister.com FAILS by the same rationale

Whoever administrates www.theregister.com is VERY behind the times

ISSUE: None of your web servers has an IPv6 address.

www.theregister.com IPv6 address = None

SOLUTION:

1/ Login to your Cloudflare account.

2/ Click the Network app.

3/ Toggle IPv6 Compatibility On.

ISSUE: Your domain is insecure, because it is not DNSSEC signed.

Domain Registrar for www.theregister.com = CSC Corporate Domains, Inc.

SOLUTION:

1/ Login to your Cloudflare account.

2/ Go to DNS > Settings.

3/ For DNSSEC, click Enable DNSSEC.

(In the dialog, you have access to several necessary values to help you create a DS record at your registrar CSC.)

ISSUE: Your web server supports TLS versions that should be phased out deliberately, because they are known to be fragile and at risk of becoming insufficiently secure. TLS 1.1 phase out

SOLUTION

1/ Login to your Cloudflare account.

2/ Go to Domain > “Crypto” tab

3/ choose the “Minimum TLS Version” as TLS 1.2

I dont think this is complicated. get on it.

Power grid worries force Amazon to run Oregon datacenters using fuel cells

john.jones.name
Flame

generator ?

why don't they just call it what it is a generator powered by LPG

fuel cell implies hydrogen and solar but hey why bother actually constructing any sort of supply chain...

invest in the local supply chain for an alternative fuel... sounds like hard work...

Privacy on the line: Boffins break VoLTE phone security

john.jones.name
Mushroom

radio

this is more a radio attack linked to the fact radio should need to do this and lession is it should ONLY DO IP/data transport and trying to optimise by using specific LCID 4 and LCID 5 is DUMB

note using Wi-Fi Calling (plain SIP call) is not subject to this.

In praise of MIDI, tech's hidden gift to humanity

john.jones.name

Re: MIDI a great idea... on paper

apple...

john.jones.name

Singapore branches out onto internet of trees

john.jones.name
WTF?

Radio and lasts for ?

no where does the article say how the tilt sensor actually works i.e. is it bluetooth or Lora

how long does the battery last approximately

Australia asks FBI to help find attacker who stole data from millions of users

john.jones.name
Mushroom

No...

No we should not put up with this

They stored these details unhashed and allowed employee's to query it

this is exactly like passwords were stored previously before anyone with a clue started to have doubts (think 1970)

they should have been hashed (so you can compare still easily enough) and only unencrypted by a select few i.e. legal when dealing with warrants.

this is exceptionally bad design

its going to cost the government (taxpayers) a lot of pain and money dealing with the fall out of a private companies failure

India reportedly asks smartphone makers to add local satnav silicon

john.jones.name
Go

Re: "reduce dependence on foreign systems while improving accuracy"

Yes it will be more accurate because the Indian Regional Navigational Satellite System (IRNSS) is a regional satellite navigation system and as such designed to reach into Valleys and Streets with tall buildings.

There will be two kinds of services:

1/ Special Positioning Service (SPS)

2/ Precision Service (PS)

This is compatible with GPS devices both services will be carried on L5 (1176.45 MHz) and S band (2492.028 MHz). The navigation signals are transmitted in the S-band frequency and broadcast through a phased array antenna to keep required coverage and signal strength.

The data structure for SPS and PS takes advantage of the fact that the number of satellites is reduced since its not covering the globe and broadcast ionospheric corrections for a grid of 80 points to provide service to single frequency users.

There is no reason why device manufacturers can not update the software to decode these messages if their devices are receiving L5 GPS signals.

iPhone 14 Pro and iPhone 14 Pro Max are the first iPhones to offer dual-frequency GPS they are being exceptionally lazy only doing L1C/A

while ZenFone 6, OnePlus Nord, Galaxy S20, Pixel 4 etc all do L5 today

L5 GPS is something I look for on phones, It makes a huge difference

either way good for India for making Navigation better in their region !

Microsoft finds critical hole in operating system that for once isn't Windows

john.jones.name
Mushroom

it was dbus used for sound...

honestly what were they thinking, kill off all dbus and just use the same API as android

Brit techie shows us life in Ukraine amid Russian invasion

john.jones.name
Go

REDCROSS

while its terribly nice thought, airbnb is one of the worst ways to go aout this between fee's to credit card companies and employee's wages who are accountable to shareholders basically its NOT GOOD

we have a great way to donate time/money/resources to those caught in a warzone (setup specifically for this)

https://www.redcross.org.uk/

please share and donate what you can

Moscow to issue HTTPS certs to Russian websites

john.jones.name

Re: "Z" for zombies

thats false information see the certificate used in transport of this webpage

https://www.gov.uk/government/publications/email-security-standards/transport-layer-security-tls

Apple, Google, Microsoft, Mozilla agree on something: Make web dev lives easier

john.jones.name
Mushroom

just make SVG work so I can see graphs

rendering unreadable graphs is very annoying, vector graphics is the answer but the support despite standards is lacking...

if SVG worked in all the browsers I'm sure developers would use it and data visualisation would be clearer and better all around

Google blocks FOSS Android tool – for asking for donations

john.jones.name
Mushroom

Re: duh!

you would think that someone at OpenStreetMap Foundation would think of a creative way around this:

if you have a android phone install it and help map your neighborhood

on google play:

https://play.google.com/store/apps/details?id=de.westnordost.streetcomplete

on Fdroid

https://f-droid.org/packages/de.westnordost.streetcomplete/

if you would like to sponsor the developer:

https://github.com/sponsors/westnordost

(sadly he has very few and its a amazing bit of kit)

South Korean telco goes down, blames DDoS attack, later admits its BGP broke

john.jones.name
Go

if anyone from KT is reading this

please pretty please sort out your DNS

no DNSSEC security and optionally no IPv6 for

name2.kt.co.kr. None

name.kt.co.kr. None

name3.kt.co.kr. None

your corporate web server still supports MD5 which really should be phased out and indicates maybe lacking some security elsewhere...

You've heard of HTTPS. Now get a load of HTTPA: Web services in verified remote trusted environments?

john.jones.name
Mushroom

all terribly nice now how do you prevent Certificate Authorities screwing up

if anyone tells me there is a certificate transparency log I'll laugh...

basically you need a way to establish trust and frankly that requires a root or offline signing party and expensive safes (you know what they do for DNS party)

this has been rehashed (boom boom) so many times

Indian broadband connections top 800 million … sort of

john.jones.name

average 17.8 Mbps download and 9.65 Mbps upload - real numbers

Huge disparity in the results

even for a region an 2.73 Mbps download and 1.02 Mbps upload average

average was calculated across 5,190,664 samples at https://speed.measurementlab.net/

G7 countries outgun UK in worldwide broadband speed test

john.jones.name
Go

real numbers - Performance - Log Avg Throughput in UK (Mbps)

across 7,301,264 tests in the UK

the Log Avg download speed was 24.1 Mbps

the Log Avg upload speed was 7.21 Mbps

these are from https://speed.measurementlab.net/

which is what the USA used for their updated broadband map... why does the UK not have a broadband map?

go measure your own speed and contribute to the data set. https://speed.measurementlab.net/

john.jones.name
WTF?

Virgin media averages 53.85 over 1,512,184 tests - where are their numbers ?

I would love to know where they are getting those numbers from because the public tests of their network show 53.85 Log Avg (Mbps) over 1,512,184 tests.

wondering if they make false advertising about their speeds then can they be fined ?

Tired: What3Words. Wired: A clone location-tracking service based on FOUR words – and they are all extremely rude

john.jones.name
Mushroom

WHat Three Words - commercial algorithim that cant be shared without license payment

so you want to tie the ability to tell someone where you are to a commercial service?

Brilliant just brilliant didnt we go through this over a hundred years ago and decided it was not optimal

yes yes we did...

dont use what three words, it has errors and is annoying

scarily enough someone at google mapping tried not to be evil and set open location codes free

https://en.wikipedia.org/wiki/Open_Location_Code

if you want an Evaluation of Location Encoding Systems https://github.com/google/open-location-code/wiki/Evaluation-of-Location-Encoding-Systems

Former NASA astronaut and Shuttle boss weigh in on fixing Hubble Space Telescope

john.jones.name
Holmes

the USA have other scopes with same sort of design pointing at earth

I suspect there is a lot of shared systems.

maybe get them on the phone and point out the same things could happen to their equipment...

‘Fasten your seat belts, raise your tray table, and disconnect your Bluetooth headsets from the entertainment unit’

john.jones.name
Holmes

qantas never crash

Qantas gave up on in seat entertainment

they simply equip users who want a screen with a managed iPad and wired headphones

people who already have an iPad/android/windows simply can connect to the Wifi and download the entertainment app

everything is an app...

the App simply is a HTML interface to the onboard server which can stream movies or audio (podcasts)

basically like a netflix in the sky

WTF are United Airlines thinking ?

UK enters negotiations on a digital trade agreement with Singapore

john.jones.name
Thumb Down

yes singapore wash

basically singapore have ZERO tax on things like software so basically lots of software companies setup there and they now want to sell into UK...

this is exactly like ireland only much worse...

UK watchdog blesses Virgin Media and O2's union, says there's no risk of market distortion or competition loss

john.jones.name
Mushroom

ipv6 and gaming

IPv6 why use it ? its faster, it makes your game response times faster, xbox/playstation recommend and say this.

john.jones.name

network investment

@idiot taxpayer here again

why invest in this DSL thing I already have banks of 56k modems

its not like they are ever going to make bigger web pages or ask my to do meetings on the internet are they ?

oh wait

john.jones.name
Alert

just look at if they do IPv6

Sky yes

BT yes

EE yes

Andrews & Arnold yes

Zen yes

Three yes

Virgin Media no

o2 uk no (while EU o2 does)

talks to the level of investment in their network even if you do not use IPv6

Western Australia rushes out legislation after cops access contact-tracing data to investigate serious crimes

john.jones.name
Mushroom

WA gov incompetance

the WA government proved themselves incompetent when they went with a checkin that was not private

the testing rates are terrible and so it spreads and no one is aware...

They could have stood up and used this on apple and google

https://covid19.apple.com/contacttracing combined with a private QR check in log that only gets sent when requested

oh I dont know much like New Zealand... so WA gov is worse than NZ...

let that sink in...

Snakes on a Plane meets The Simpsons as airline creates ‘whacker’ to scare reptiles away from parked A380s

john.jones.name
Mushroom

yeah but Africa just got hippo's and wild dogs

Australia has far more deadly animals and we dont go round hitting the bush we just walk to school and worry about magpies

If your internet wobbled last weekend, you have Vodafone India to thank for it

john.jones.name
Mushroom

RPKI and DNSSEC....

vodafone idea need to get it sorted ASAP

they have nothing modern

no IPv6

no DNSSEC

no RPKI

no DANE

wonder why everyone is leaving to Reliance...

Spy agency GCHQ told me Gmail's more secure than Microsoft 365, insists British MP as facepalming security bods tell him to zip it

john.jones.name
Mushroom

Some products have DANE

Microsoft Office 365 lacks DANE support yet the feature is coming to Exchange Online servers....

so yes they both are planning to support DANE and not at the same time...

https://techcommunity.microsoft.com/t5/exchange-team-blog/support-of-dane-and-dnssec-in-office-365-exchange-online/ba-p/1275494

GMAIL can support DANE now if you get the MX right and sign your own domain so technically gmail is more secure.

I hope Microsoft product managers might pay attention and follow through...

Lenovo's latest gaming monster: Eight cores, 3.2GHz, giant heat sink, two fans. Oh, and it has a phone bolted on

john.jones.name
Go

APAC will eat this up (inc Australia)

Honestly I see this doing exceptionally well in APAC

what would have been nice is the ability like the Motorola desktop mode to the Edge+ to a display over video-enabled USB-C or USB-C-to-HDMI.

basically allowing Playing mobile games on the big screen as a bonus it allows a controller and big screen...

UK's National Cyber Security Centre recommends password generation idea suggested by El Reg commenter

john.jones.name
Mushroom

passphrase

exactly

Mimecast bins SolarWinds and compromised servers alike in wake of supply chain hack

john.jones.name
FAIL

no DNSSEC and no enforcement of its own cipher preference

their DNS servers still do not have DNSSEC (pretty basic) even though it can be abused and their website enforcement of its own cipher preference is not present.

not exactly a good look.

Fix the DNSSEC ASAP for your customers sake

AWS throws its home-grown Arm CPUs at new memory-intensive instance type

john.jones.name
Stop

type of ram ?

not all RAM is created equal...

How fast is read time and write time for not cached entry ?

How much cache does core have and what is the hit rate ?

Does storage detect Errors ?

UK dev loses ownership claim on forensic software he said he wrote in spare time and licensed to employer

john.jones.name
Stop

teach them how to use dd

anyone can create a clone from a device using dd

I would hope that most forensics teams would know and use dd rather than some commercial toolset that would be trivial to subvert with a aggrieved principle author...

the mind boggles

Snapdragon X65: Qualcomm says its next-gen 5G modem handles up to 10Gbps downloads, knows if you're holding it wrong

john.jones.name
Holmes

I cant see a single Qualcomm 5G modem CPE win

I see Balong 5000 modem everywhere

if they are serious they need to do a Home office modem

(its not like there is a pandemic and people are working from home or anything)

Choc horror: The UK's Information Commisioner probes its own mammoth £6,248 Hotel Chocolat spend

john.jones.name
Mushroom

was it fair ?

if 500 each got a equal share then all power to them

If the directors only got a share...

the Vegan chocolate box is around £12.50

anyone from ICO wants to post as anonymous to say if staff got chocolates ?

Nominet faces showdown with British internet industry: Extraordinary vote called to oust CEO, board members

john.jones.name
Mushroom

security... won't someone think of the webservers...

when someone reefers to security I always want to scream that's your job... The Base not an extra that you should be praised for...

For example the nominet web server does not even enforce its own cipher preference so maybe just maybe you should fix that BASIC thing.

This is a public facing supposedly security conscious root of trust type organisation and it cant even get its website security right... who knows whats going on behind the scenes.

I have no pity

After 11 years, Australia declares its national broadband network is ‘built and fully operational’

john.jones.name
Go

Fibre to the Premises

5G is a joke you only have to look at a coverage map of Australia to understand that they can only install Antenna masts where there is Fibre... your essentially sharing a Fibre connection

Maybe the current bunch of bastards (Australia slang for members of parliament) get in again the NBN might well be sold off to the highest bidder and the highest bidder will maximise the shareholder value by doing what telstra has done for the last years, the bare minimum to keep the money rolling in (nothing but repair and slow upgrades to existing infrastructure) there will be NO INVESTMENT.

if australia wants to be connected then INVESTMENT is the only way things will IMPROVE.

Vote for the bastards that INCREASES investment and provide for a way to EARN money in diverse places rather than just in the city (which has plenty of fibre).

Page: