* Posts by I_am_not_a_number

18 posts • joined 7 Jun 2018

Castrol, Submer shift gears to datacenter immersion cooling


Re: Are Castrol making something new ?

" In comparison a liquid that boils at 34°C (93.2°F) would be simple to remove."

At the risk of sounding flippant, ether's boiling point appears to be 35C, but unfortunately it's very flammable for that very reason.


Re: I can't see this happening at a busy DC...

Yes actually a very good observation.

At the moment DC utilisation per unit space is limited by BTU cooling metrics "per tile" of space, right?

However, in reality once we reduce the cooling equation, won't they just pack the kit in, in increasing densities?

i.e. so called "efficiencies"?

With more kit again, it'll just drive up the failure rate again as a proportion of the assets. We only need a few pieces of kit dripping fluid for it just to be a hassle.

It reminds me of a time when the internet and computers were supposed to save us time and allow us to do the same work in less time, but instead we're just pushed to do more with less time (agile comes to mind).


I can't see this happening at a busy DC...

OK, so for a single system this might be nice.

But, scale this up in a busy datacentre with 100s of parts being replaced per week, there's going to be lots of parts dripping with fluid:

-As they are transported across the data hall after removal.

-In situ as they are being removed.

-In boxes or anti-static bags in preparation for logistics return.

-In storage areas as they await collection (pooling).

-In field engineers cars if the DC doesn't allow parts to be stored onsite (3rd party/co-lo DCs charge per cubic m of space and even then there's a daily charge per day if part isn't collected after 48hours)

Also, how much additional weight will the data centre floor need to support if there'll be reservoirs of dielectric fluid?

If we treat cooling as a utility, would vendors share these reservoirs of fluid?

I can see the Health & Safety people tut-tutting already at the very least.

UK digital secretary Oliver Dowden starts national security probe into proposed Arm-Nvidia merger



Softbank has a diverse portfolio of tech companies, which means it's less focussed on a specific sector and therefore (anti-)competitive behaviours.

To me, the quote below from Softbank was probably the main assurance to competition regulators, shortly after the Arm acquisition:

"..It is also intended that ARM will remain an independent business within SoftBank, and continue to be headquartered in Cambridge, UK..."

Computer says no: An expression-analysing AI has been picking out job candidates for Unilever


Yay, finally a chance to apply some obscure GDPR articles

"Article 22 GDPR Automated individual decision-making, including profiling"

"The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her"

Dell stamps on the gas for backup devices with speed and cloud boost



This sounds more like a data sheet than the usual El Reg fayre... No critique of it's capabilities Chris...?

Colour us shocked: Google in €50m GDPR fine appeal bombshell


Re: Google takes small onion from pocket, then says it's …

Where google says, "...it had "worked hard" to create a transparent and straightforward GDPR consent process for its ads personalisation settings"

For the first part, they're trying to reduce the fine by arguing against Article 83.2(c):

"[Regarding] the general conditions for imposing administrative fines)...the intentional or negligent character of the infringement..."

Ditto the second part regarding their concerns, relate to Article 83.2(k)

"..mitigating factor applicable to the circumstances of the case, such as financial benefits gained, or losses avoided, directly or indirectly, from the infringement..."

CNIL's final decision will likely be based on the perceived "m.o" of Google.

2018 ain't done yet... Amazon sent Alexa recordings of man and girlfriend to stranger


Re: Future analysis anyone?

@Cynical Pie,

Not sure what your point is, my friend. Mind clarifying?

It sounds promising, but maybe I'm just a bit dumb to be able to follow the dots you're drawing...

EU politely asks if China could stop snaffling IP as precondition for doing business


Questionable quality...

Even if they can't restrict the IP theft, the phrase "cheap chinese knock-off" is not for nothing.

They put great value on image, but f* all on quality.

People aren't stupid and will vote with their wallets.

Ticketmaster tells customer it's not at fault for site's Magecart malware pwnage


Re: Their Site


But if you look more closely, it looks like their lawyers are positioning themselves using GDPR article 82(3):

"A controller or processor shall be exempt from liability under paragraph 2 if it proves that it is not in any way responsible for the event giving rise to the damage."

And in doing so, lay the grounds for a potential counter claim to their processors, if that falls through:

"... [controllers] shall be entitled to claim back from the other controllers or processors involved in the same processing that part of the compensation corresponding to their part of responsibility for the damage"

Lenovo tells Asia-Pacific staff: Work lappy with your unencrypted data on it has been nicked



Hmm.. Singapore doesn't seem to be on the GDPR/Third countries with adequacy decision but they seem to have some kind of data protection under the Personal Data Protection Act 2012 (PDPA).


"The data protection provisions in the PDPA (parts III to VI) generally do not apply to:

"Business contact information. This refers to an individual’s name, position name or title, business telephone number, business address, business electronic mail address or business fax number and any other similar information about the individual, not provided by the individual solely for his or her personal purposes.,,"

Penalties seem to be a bit weak (1 GBP = 1.72 Singapore Dollars) , I'm personally not convinced about the prison term below:

"...A fine up to SGD10,000. In the case of a continuing offence, the guilty person is liable to a further fine not exceeding SGD1,000 for every day or part of the day during which the offence continues after conviction.

Imprisonment for a term not exceeding three years."

That's pretty broad set of exclusions IMHO + anyone's guess whether their equivalent to the ICO will act to enforce...

Identity stolen because of the Marriott breach? Come and claim your new passport


Re: Burden of Proof

Not sure what whether this answers the US centric view of "burden of proof" - I'm assuming that you mean by demonstrable losses, which obviously in this case, will be hard to prove, since ID theft isn't enacted until potentially years later...but perhaps the following might help..

The following section 168 of the UK Data Protection Act 2018 (which references GDPR) stipulates that, if you've suffered distress, then you have a right to claim compensation.


"168 Compensation for contravention of the GDPR

(1) In Article 82 of the GDPR (right to compensation for material or non-material damage), “non-material damage” includes distress."

Compensation mechanisms are referenced in articles 77-83. Since the hotel isn't a public authority, then none of the state level derogations will apply and therefore, fair game for any punishments..

Er, we have 670 staff to feed now: UK's ICO fines 100 firms that failed to pay data protection fee


Re: No foresight

Apologies for the brevity, not intended to be blunt...

Assuming I've not misunderstood:

"ICO stands for "Interesting Coat Outfitters" they've done nothing other than flash a couple of windcheaters..."

Would you count fines & prison sentence in one case as "nothing"?


"requirement to "promote the awareness of controllers and processors of their obligations under this Regulation" - both of which are apparently not happening."

Do Youtube, LinkedIn, Facebook & Twitter count?





Technical foul: Amazon suffers data snafu days before Black Friday, emails world+dog


Amazon can't just brush it under the carpet now...

Might be useful:

Art. 82 GDPR Right to compensation and liability:

"...Any person who has suffered material or non-material damage as a result of an infringement of this Regulation shall have the right to receive compensation from the controller or processor for the damage suffered."

Data Protection Act 2018:

Section 168:

Compensation for contravention of the GDPR

(1) In Article 82 of the GDPR (right to compensation for material or non-material damage), “non- material damage” includes distress.

Brexit campaigner AggregateIQ challenges UK's first GDPR notice


Re: "how are the ICO going to enforce the GDPR against a Canadian company?"

Not sure I agree.

--> https://gdpr-info.eu/issues/third-countries/

"...At the time that the General Data Protection Regulation became applicable, the third countries which ensure an adequate level of protection were: Andorra, Argentina, Canada (only commercial organisations),"

It suggests that the "Supervisory Authority" in Canada are obliged to assist to the extent that the existing (canadian) laws that govern data protection requires.

Article 45 may also apply:


"Transfers on the basis of an adequacy decision"

If so, then article 47 applies regarding "Binding corporate rules", which commit those entities to ensuring "Data Protection" principles that make them "their legally binding [..in..] nature, both internally and externally;"

Here - https://gdpr-info.eu/art-47-gdpr/

Law firm seeking leak victims to launch £500m suit at British Airways


Re: And So It Begins - Payback is a bitch

I see alot of remarks here who regard the ICO as toothless. Perhaps before May 25th 2018 but after that date, less so.

Article 58 covers the powers bestowed upon the "Supervisory Authority" (ICO) and now can:

"obtain access to any premises of the controller and the processor, including to any data processing equipment and means, in accordance with Union or Member State procedural law."

"...to order the controller or processor to bring processing operations into compliance with the provisions of this Regulation, where appropriate, in a specified manner and within a specified period;"

(ref: https://gdpr-info.eu/art-58-gdpr )

The second of the points above is a bigger deal as the ICO can "order" them to comply. Related is Article 32 which is a key provision, as it covers "Security of Processing" which carries the burden of providing assurance of the CIA triad. I'm sure it'd be a major hassle if the regulator is breathing down your neck and publishing at the same time any (lack of) progress.

I can almost hear the people in the back row saying "yeah, yeah but it's never been tested in court, blah blah". True. Equally, the ICO will be keen to be seen as being able to flex it's muscles after it's relatively weak fine on FB.

That said, there's alot of unjustified glee about the potential fines.

Whilst it's true that it can be 2% or 4% etc, it also needs to be "effective, proportionate and dissuasive."

The operative word here is proportionate since it needs to take into account "the intentional or negligent character of the infringement" (Article 83).

If BA can show that they've had an ongoing programme of security audits, risk assessments and/or pen tests, then, I can see them arguing the toss and get away without a "total b*tchslap". At the same time, there's still sufficient scope for it to hurt.

Japanese fashion puts the oo-er into trousers




Perhaps they figured Steve Bannon might be on to something...


Biting the hand that feeds IT © 1998–2022