* Posts by tip pc

532 posts • joined 7 Mar 2018

Page:

It's cool, claims Samsung as it pushes 3D IC SoC tech at overheated world

tip pc Silver badge

Immediate trickle down

> Samsung said its 3D stacked chips will be used in mobile, wearable, AR/VR, and high-performance computing platforms.

I love the way hitech now days trickles down to consumers pretty much immediately.

Wouldn’t be this way if it wasn’t for phones constantly pushing the boundaries, you’d have been ridiculed for suggesting that 10 years ago.

America's largest radio telescope blind after falling cable slashes 100-foot gash in reflector dish

tip pc Silver badge
Coat

Re: Not sure?

would wonder what the secret service would think of Mr O creeping downstairs the white house stairs in his slippers and helping himself to a cold bottle of lemonade from the fridge.

obviously in his wife's dressing gown.

UK.gov to propose new rules for online political campaigns after last election marred by an avalanche of fake news

tip pc Silver badge

“ Now, even in formally presidential systems such as France and the US, the president doesn’t have many of those powers. But, more importantly, their presidents are directly elected. Because they have so much power they need the legitimacy of an election.”

Looks like trump is really struggling to get anything passed, which is a good thing, but goes against the amount of power you think they have.

“ In the UK it’s the Government that controls Parliament”

Only when they have enough members in parliament aligned to their party or coalition to ensure that votes by those members support their agenda. Mrs May & BoJo had huge troubles getting their agendas through in the last parliament.

“In the UK the ruling party just decided among themselves that Johnson was going to be the new President and nobody in the country was asked whether they thought it was a good idea to give all this power to him.”

We eventually had an election in December 2019 and the majority of voters voted for MP’s of the party led by BoJo. You can’t say voters didn’t know A vote for their Tory MP wasn’t a vote for BoJo.

Voters who voted for TB last time round didn’t know they get Brown though.

“ The only elected positions in the UK are those of members of the House of Commons. We don’t elect our Head of State. We don’t elect our Prime Minister. ”

Voters voted for BJ at the last election, some of those voters voted for BJ as Tory leader in their party leadership elections just as people voted for Corbyn to lead the Labour Party and also for Corbyn at the last election.

“ @tip pc I have a degree in political science”

Really? Politics science is an oxymoron

tip pc Silver badge

“Being an MEP is a directly elected position. Being a UK Prime Minister isn't. Did you see Boris Johnson on your ballot paper? Or Michael Gove? Or Dominic Cummings?”

I’m not sure you’ve understood just how this whole democracy & voting stuff works.

Corbyn, Starmer, Sturgeon etc where not on anyone’s general election ballots as leaders of their parties or as prospective country leaders.

We vote for MP’s / MEP’s who are generally members of a party with a collective view.

That party will then select candidates to represent it in each voting area.

You can join a political party and vote for its leader.

Non of us voted for any EU leaders, they are elected by their MEP peers and EU leaders.

The most direct vote of leadership you will currently get is voting for your PM.

Citrix warns of patch-ASAP-grade bugs in its working-from-home products, just as we're all working from home

tip pc Silver badge

Re: Customers are committed for the long-haul

It’s never easy or strait forward replacing one embedded tech for another, far easier to just keep applying patches.

Even in a world of sdn, vendor lock in rules the roost.

India explores blockchain-powered voting but not to enable online elections

tip pc Silver badge

“ Chandra envisioned just-in-time printing of ballot papers for absentee voters, with those papers recorded on a blockchain to assist with verification of their existence and the votes they express.”

Surely they only need to verify that a vote has been made, not who voted for who.

Recording who voted for who will surely lead to some despot in the future sending some voters to re-education camps.

China now blocking ESNI-enabled TLS 1.3 connections, say Great-Firewall-watchers

tip pc Silver badge

“Sorry? In the "west" our TLS traffic is already being intercepted on an industrial scale?”

That’s not what I wrote.........

I wrote.....

“ I’m surprised China don’t just use a massive transparent proxy and just mim everything, permitting tls1.3 and everyone with nothing to hide being non the wiser.”

Anyway, some research links for you

https://www.gov.uk/government/news/uk-to-introduce-world-first-online-safety-laws

https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/504192/Operational_Case_for_the_Retention_of_Internet_Connection_Records_-_IP_Bill_introduction.pdf

https://www.theverge.com/2016/11/23/13718768/uk-surveillance-laws-explained-investigatory-powers-bill

Spot any similarities in my suggestion and my links?

...............

tip pc Silver badge

"How do you know what cert CN/subject alternate name to forge when SNI is encrypted? How do you get your client to not break the connection if they don’t trust your root cert?"

Not Disagreeing with you but ZScaler claim to have that sussed, i suspect their solution requires a trusted root installed on all hosts, but china could do that.

https://www.zscaler.com/blogs/corporate/tls-13-busting-myths-and-debunking-fear-uncertainty-doubt

"The Zscaler advantage

Zscaler is a true inline SSL proxy. It terminates the SSL connection established by the client and establishes a new SSL connection to the server; from a client’s perspective, Zscaler becomes the server and from the original SSL server’s perspective, Zscaler becomes the client. Considering that Zscaler is not just inspecting the SSL traffic on the wire, but terminating the connections, Zscaler has full visibility to the CN (Common Name), and other certificate parameters typically not visible to a passive SSL inspection devices."

tip pc Silver badge

I’m surprised China don’t just use a massive transparent proxy and just mim everything, permitting tls1.3 and everyone with nothing to hide being non the wiser.

It’s probably the easiest closest comparison to what currently happens in the west.

At least China are open about their snooping. Most people in the west don’t know they are being snooped on.

Transport for London asks Capita to fling Congestion Charge system into the cloud

tip pc Silver badge

£355m for 5 years!!!!

£71m a year to charge people to go into central London.

Considering the volumes of traffic still entering and paying to enter the emissions zone clearly the current transport mechanism is lacking functionality to help reduce those numbers further.

The thing is, the more successful at converting journeys to non congestion/ emissions charging alternatives the more the charges need to become to pay for this infrastructure!!!!

Programming pioneer Fran Allen dies aged 88 after a career of immense contributions to compilers

tip pc Silver badge
Pint

Alzheimer's disease stolen another shining light

So sad that she wen't this way, gave so much of her brain during her life and ended in this terrible way.

Raising a glass in solute.

VMware discontinues Datrium hardware and hyperconverged OS, effective immediately

tip pc Silver badge

Gutted, I hope their draas is good

Gutted for those who recently convinced their leaders to purchase this kit to now find its vapourware.

Makes it all the more harder to buy from smaller companies now.

How did you spend your time at university? Pizza, booze, sleeping? This Oxford student is snooping on satellites

tip pc Silver badge

Would be really interesting if he could send to the satellite too.

Would be interesting if he found a way to send to the satellite too, either for free service or to actually gain access to remote systems.

Serves as a good reminder to people that authentication is not enough, as you never know who is listening.

Geneticists throw hands in the air, change gene naming rules to finally stop Microsoft Excel eating their data

tip pc Silver badge

Re: CSV annoying

a CSV is a CSV,

if you need more structure just use xml or if its specifically intended for opening in spreadsheets use the ODF spreadsheet format.

there are solutions. use a acsv for sharing CSV data, if it needs more structure then use ODF & structure as you want and need.

use a CSV then don't complain that there is no standard when there are standards you could use.

Your issue is different to those that want to import data into a sheet or the spreadsheet mangles the data on entry/import.

tip pc Silver badge

Re: I must be missing something...

“ Enter "10-12" to indicate pages 10 and 12”

10,12 would indicate pages 10 and 12, 10-12 would be pages 10 through 12.

I got 99 problems, and all of them are your fault

tip pc Silver badge

Re: Ahh yes the

"Cue dragging the laptop bits to the office , managing to get a USB stick to connect, and downloading the drives data to it.."

in the olden days i'd just swap the hdd / sdd into a non broken spare and be up and running in no time.

If you have kit that needs to be operational its always wise to have spares as keeping offline spares is cheaper than an expensive machine not working for however long it takes to procure a spare.

We have 4 hour maintenance contracts on key primary kit & next day on secondary. Depending on where the kit is it can take 4 hours to get an engineer there anyway so its as good as having our own cold spares.

Arm, Vodafone flex their muscles to show Cisco they’re fighting fit on the edge

tip pc Silver badge

Re: would that be a 16 core machine ?

how much for something like that?

UK data watchdog having a hard time making GDPR fines stick: Marriott scores another extension, BA prepares to pay 11% of £183m penalty threat

tip pc Silver badge

Re: A non-optimal strategy

going after the small guys ensures there is precedence for when they go after the big fish.

The Banks jumped at the notion that they will be responsible for their contractors taxes. The banks are not stupid enough to let the taxman gain obvious advantage over them so have rushed to reduce their exposure.

tip pc Silver badge

Re: Toothless Crones

The ICO thought they where being smart dolling out huge fines as a deterrent to others.

The ICO should have just issued realistic fines & shamed the companies involved.

The ICO now just look stupid and have created a lobbying industry giving them future headaches.

Mozilla warns more Firefox website breakage to come because devs just aren't checking for SameSite snafus

tip pc Silver badge

does my browser have this enabled or not?

I'm more concerned by the fact that browser vendors are intentionally modifying the behaviour of some browsers and the users won't necessarily know (even though it may be beta software it should be clear and obvious what the user is getting & not some random or unspecified allocation).

Chrome --> "it's only available for an unspecified subset of users"

FireFox --> "SameSite behavior has been activated for 50 per cent of beta users."

USA decides to cleanse local networks of anything Chinese under new five-point national data security plan

tip pc Silver badge

Re: Why not clean routers, webcams, 'Smart locks', etc.

Why did you have to take the lock apart to determine it phoned home to China?

Surely logs on a router would show you that.

Apple re-arms the iMac with 10th-gen Intel Core silicon

tip pc Silver badge

“iPhones have the fastest phone processors by quite a margin.“

Apologies to those on the left of the Atlantic, as Glen wrote, “pretty Pokey” means plenty of grunt, aka quite powerful as you have determined in your own tests gnashes.

tip pc Silver badge

funny how those same arm chips (thinking a13 bionic) are pretty pokey in iphones (iphone se for $£400) & ipads, geekbench shows them outperforming my late 2016 i7 macbook pro.

i'd take an a14 in a mac mini especially if it was really cheap.

Chinese debt collectors jailed for cyberbullying under ‘soft violence’ laws

tip pc Silver badge

Re: I love debt collectors...

“ There's nothing you can say or do that could ever be worse than what my ex-wife put me through.”

What if they send in the ex wife?

Workplace Technology latest division to be jettisoned from Capita – back into the hands of its original owner

tip pc Silver badge

Re: "increase in expenditure on sales team"

I can’t imagine that would have dented their profits.

Business expenditures are accounted for before taxes so at worst they’d have paid less tax.

Leaky AWS S3 buckets are so common, they're being found by the thousands now – with lots of buried secrets

tip pc Silver badge

Re: Outsourcing

Amazon haven't configured the buckets insecurely, its the people that have spun up those buckets that have deliberately made them insecure.

There is blame but not Amazon to blame.

tip pc Silver badge

Re: And the corporate world ...

"An on-premises data centre is securted by firewalls and gateways, often provided by external professionals. It takes some work (or F5 :|) to leave exploitable holes and even then those holes have to be exploited."

"firewalls and gateways, often provided by external professionals"

why have you outsourced your firewall & gateway provision & security to external professionals? They may as well be in the cloud.

Many things depend on what your incentive is. Internal IT are incentivised to ensure their operations perform correctly, 3rd parties are generally incentivised to ensure they are billing the customer for as much as possible.

Aviation regulator outlines fixes that will get the 737 MAX flying again

tip pc Silver badge

the plane may find eager customers

their customers will find not so eager customers willing to fly their Max's regardless of how cheap the tickets.

Boeing confirms it will finish building 747s in 2022, when last freighter flies off the production line

tip pc Silver badge

Sad to see the queen of the sky’s go but won’t be flying in a 737 Max

Sad to see the queen of the sky’s go but won’t be flying in a 737 Max. I’ll be checking if the airline has Max’s and will fly an alternate if I have to. I think easy jet is airbus only, Ryan air had a huge order for Max’s. BA’s owners indicated intent to buy Max’s but has none.

I flew tui to menorca the other year, fulfilled by Norwegian in what I think was a Max, comfy for a small commercial jet but I’ll be making sure I know the airframe before booking.

I don’t mind the non Max 737’s.

https://www.independent.co.uk/travel/news-and-advice/boeing-737-max-plane-crash-ethiopian-airlines-lion-air-ryanair-faa-a9261701.html

Garmin staggers back to its feet: Aviation systems seem to be lagging, though. Here's why

tip pc Silver badge

Re: Hmmm

aka the broker

could also be called insurrance

keep an eye on the accounts for ~$10m for recovery services.

tip pc Silver badge

Re: My weekend rides synced to Strava this morning

surely someone would have needed something off a backup in the 3 months so someone should have noted the backups being unencryptable.

Maybe everyone should test a sample restore once a week as an early warning of ransomware. Would be easy to search backup logs for changed extensions though

tip pc Silver badge

Re: My weekend rides synced to Strava this morning

I should have added that my Garmin synced over WiFi while it was in standby.

tip pc Silver badge

My weekend rides synced to Strava this morning

My weekend rides synced to strava etc, just awaiting relive to ping me. Connect website let me login but then showed the holding page.

I really enjoy Garmin gear, I hope they get through this stronger.

It will make interesting reading as to how they got out of this.

Fitness freaks flummoxed as massive global Garmin outage leaves them high and dry for hours

tip pc Silver badge

Rides now syncing to Strava at at least

My weekend rides uploaded from my edge this morning & synced to Strava.

tip pc Silver badge

Re: Attack surfaces

I’d be really surprised if the virus writers managed to write software to also infect Garmin customers via updating the connection software to the Garmin devices, I’d be even more surprised if they also wrote said software for the Mac.

Viruses normally spread when computers have direct connectivity with each other (I accept the original virus may have arrived via email) and this virus seems to be concerned with encrypting stuff and making the business pay to unencrypt and stop rather than alter the target companies software updates.

If this spreads to Garmin customers that’ll be a whole other terrifying story.

Still I think your Mac is safe, for the moment.

What evil lurks within the data centre, and why is it DDoS-ing the ever-loving pants off us?

tip pc Silver badge

Why is the IT manager deploying HA Proxy?

"Jon was the IT manager of the whole show and responsible for all the gizmos from the CEO's mobile phone to the receptionist's desktop and everything in between."

"In the end, "I spent a good few hours spinning up new VMs to have all traffic route through a layer of Linux servers running HAProxy." He was able to carve out the application manager traffic and therefore allow a small percentage of requests to succeed and the fixed code gradually rolled out."

He could of just rate limited the inbound traffic to a lower amount or perhaps limited the number of sessions each server could muster, both likely would have been quicker and cheaper than spinning up new gear and deploying extra stuff, assuming the actual bandwidth they where handling required proper network gear that could actually do rate limiting etc.

I'd be really worried if my IT manager started installing & spinning stuff up.

You've had your pandemic holiday, now Microsoft really is going to kill off TLS 1.0, 1.1

tip pc Silver badge

Built on strong secure foundations

"the first secure global SD-WAN service built natively on Microsoft Azure"

What will possibly go wrong?

Also expect regular scheduled Tuesday/Wednesday outages.

Cisco restores evidence of its funniest FAIL – ethernet cable presses switch's reset button

tip pc Silver badge
Mushroom

Not a ROUTER or a HUB

"Or in other words, putting an ethernet cable into a router can put that router into and endless spiral of FAIL. Which given that the whole point of a router is to have cables plugged into it, is a less-than-optimal situation."

Its a sodding SWITCH for gods sake. It may have L3 abilities but its not a ROUTER & don't even think about calling it a HUB.

From 'Queen of the Skies' to Queen of the Scrapheap: British Airways chops 747 fleet as folk stay at home

tip pc Silver badge

Many 747 flights, 1 scary flight

Flew In many BA & Virgin 747’s

By far the scariest flight was Air India Mumbai to LHR ~2007. It was mainly empty, extremely dated as in it still had what looked like 1970’s decor & the old massive projectors non of which seemed to work. We pulled away from the gate hours late. Stopped at the end of the runway, powered engines up and down ~10 times, engineers onboard lifted access hatches near the stairs and disappeared under the floor, further power ups and downs, pulled off the runway and additional engineers boarded, further power ups and downs, crew seemed happy and the additional engineers got off, pulled to back of runway again, power up down etc, more running downstairs and then hours after we left the gate they kind of decided to just go anyway. The flight was ~20% full but was so hot, I’ve never been in a hotter aircraft, we never seemed to be that high for the duration of the flight, my suspicion being that the air bleed system failed before takeoff and they couldn’t adequately pressurise the thing & over compensated with heat. I was so glad to get home.

Nvidia watches Brit upstart Graphcore swing into rear-view mirror waving beastly second-gen AI chip hardware

tip pc Silver badge

Crysis?

why no geek bench or crysis stats?

how many coins can this thing mine in a day?

Old-school security hole perfect for worms and remote hijackings found lurking in Windows Server DNS code

tip pc Silver badge
Paris Hilton

Windows really needs an application firewall.

How long before exploits for these zero days are seen in the wild.

Paris because M$ have been caught with their pants down once again.

Four years after swallowing Arm Holdings, SoftBank said to be mulling Brit chip biz sale

tip pc Silver badge

Re: One Word.

if Huawei bought ARM there would be no new iphones, no new anything from Qualcom etc etc.

ARM designed cores are in most things electronic, especially portables, especially good performance low power.

Huawei bnuying ARM would be a big problem.

Asia’s internet registry APNIC finds about 50 million unused IPv4 addresses behind the sofa

tip pc Silver badge

Re: if at all

so much nonsense in this its hard to know where to start

"However, the truth is the "they" you are referring to are not IPv6 people. "They" are a host of IPv4 advocates trying to make IPv6 behave like IPv4 when such behaviour is counter productive and inefficient."

--this is so not true, ipv6 advocates are constantly telling us ipv6 is as easy and simple to use as ipv4 when its not. It turns out its advantageous for many many reasons to change the apparent source/destination or both IP addresses & even use equipment to break the end to end sessions which is handily easily achievable in IPv4 but IPv6 tries to prevent that in its very design and further anti nat stance.

"The IPv4 core specification defines all IPs as globally routable."

--rfc 1918 provides for a /8 /20 & /24 non internet routable private ip addresses

"IPv4 has the same feature. Its called DHCP static address assignment, and is surprisingly popular with IPV4 admin."

--DHCP is not built into IPv4 its a bolt on. The initial SLAAC is a privacy failure, current versions will now mean domestic users will have their DNS of internal machines that will never connect to the internet suddenly known about and catalogued by their ISP.

"Link-local address allocation is such a popular feature it got back-ported to IPv4 despite major performance loss on allocation, issues with IPv4 not coping with multiple IPs per machine interface, and the 169/8 range being globally routable adding security issues the IPv6 dedicated private range does not have."

-- 169/8 is globally routable but 169.254/16 is not!!! there is no security issue for a machine on 169.254/16 as it can't be routed too across the internet, just like the other rfc1918 addresses can't be routed to.

"You also aware of a little old protocol called ARP? The one which puts the word 'address' in the term "MAC address"."

-- ARP is what a machine does to find the MAC of a machine that can receive traffic for an IP. ARP is links L2 with L3. ARP doesn't put 'the word 'address' in the term "MAC address".' MAC address already has the word Address in it. On LAN 's machines connect via MAC addresses, IP's are needed to route from 1 LAN to another. IP's are an overlay to MAC's & provide a hierarchical method of organising & addressing machines and systems. IPv6 looks like its trying to be both an I & MAC in 1.

IPv4 has shown itself to be extensible and has had a long life far beyond what it should have had because of its extensibility.

IPv6 has not gained wide spread adoption because it has sought to be like IPv4 but better and has proven to be flawed and its proponents picking the wrong fights when it comes to privacy & usability.

IPv6 should be being advertised as greatly different to IPv4 and different toolsets being used to manage it.

if IPv6 is seen as a different thing that can run on the L2 underlay then it will likely gain more adoption.

IBM job ad calls for 12 years’ experience with Kubernetes – which is six years old

tip pc Silver badge

Re: Windows 2000

i wouldn't class using a beta as having experience of the actual publicly available product.

lots of changes happen from early beta to shipping product.

tip pc Silver badge
Pint

Re: Mandatory Experience

i've been saying for years that my CV needs to be buzzwordy enough to get through the recruiter & HR and detailed enough for the eventual techie to short list me.

My CV is ~ 3 pages and the only ones who complain are HR droids, techies like to read what i've been through, phrased that way deliberately.

Oh what a cute little animation... OH MY GOD. (Not acceptable, even in the '80s)

tip pc Silver badge

Re: BUFH (Bastard User From Hell)

"BUFH (Bastard User From Hell)"

upvote for the term alone!!!

the reg need a midweek BUFH column now.

We've paused Sigfox roof aerial payments, says WND-UK, but we'll make you whole after COVID

tip pc Silver badge

Re: I don't get it £840k a year for something you could do over LTE

That’s just like rfid, costs pennies and retailers etc use it on labels to track goods, stock check and theft prevention.

Decathlon use it to great effect, place your goods in the Self service till packing area and it’s auto totalled and on the DB for ok to leave the store once paid.

RFID is powered by the signal sent from the antenna, you’d need a lot more than 2000 of those antenna to cover 90+% of the nation.

tip pc Silver badge

Re: I don't get it £840k a year for something you could do over LTE

I hear you.

I suspect the trackers they use will cost far more than pennies, hence why I used a £20 budget.

Especially when they pay home owners £35 a month to host a mast and provide power.

£840k pa for infrastructure hosting on top of staff wages and other costs of running a business suggests they need somewhere near ~£5m turnover.

Charging a business £5 pm per device tracked would leave £40 pa per device (1st year) for mvno and profit. A business that can’t pay £5 pm for a Tracking service is likely on too much a shoe string.

tip pc Silver badge
WTF?

I don't get it £840k a year for something you could do over LTE

you can get a cheap mobile from amazon for under £20 & sim cards for under £5 a month with ~ 1GB of data usage.

why not coble up some solution that uses cheap lte components and form your own MVNE to support it?

i get that the iot things are to be low power etc etc, but LTE is low power too & if these things are on shipping crates and effectively beacon every so often & this system picks up that beacon, triangulates the position and stores it on a DB, for 2000 to get ~91+% of the nation i'm sure a phone mast would pick up the signal too as there are certainly more than 2000 of them.

Digicert will shovel some 50,000 EV HTTPS certificates into the furnace this Saturday after audit bungle

tip pc Silver badge

Re: 1000% UNACCEPTABLE

The article explains, st the end, that the timing isn’t down to figicert, it’s following pre agreed rules.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020