Posts by The Basis of everything is... 154 publicly visible posts • joined 28 Jun 2019
But Google have decided that childhood ends at 13 and your kids can opt out of all controls and restrictions at that point. So your choice becomes trust your kids or get them a dumb phone. Except that schools already mandate they must use certain apps so that's not really an option.
Several years ago one of my cousins came out of retirement to do some design work on high voltage engineering that wasn't taught at the universities any more. And yes, it was after spending an evening in a bar with a bunch of random other engineers lamenting what kids these days take don't know and take for granted.
I don't recall the details, but at the currents and voltages involved integrated circuits don't so much as go yellow and runny as sublime. Pretty much the same happens to people too. I just hope that some unfortunate soul didn't discover both facts at the same time.
Plenty. My ISP-supplied router (Plusnet) appears to have deliberately disabled it even though the same router from their parent company (BT) apparently works nicely. The first versions of the Draytek Vigor routers I had claimed to be IPv6 ready but in reality their support for it was very basic and nowhere near feature equivalent to what they could do with IPv4. Happily they've got so much better.
Hurricane Electric provide a free IPv6 tunnel service which works very nicely with the Vigor, and you get a choice of a /64 or a /48 even for a home network - which is billions of internets worth of addresses.
Even in the day job I've noticed a subtle change from "What's that?" to "yeah, we don't need to worry just yet" when asking if they need to consider IPv6 in their connectivity plans.
There's ODBC drivers for all the SAP databases, assuming you're allowed to connect directly (and don't risk the hellfire of indirect access licences). Otherwise it is possible to connect to SAP application servers using RFC calls via VBA and bits of SAPGUI (says google) to get at the higher level data constructs. Having a friendly ABAPer around would probably help along with a supply of bananas and fiddle toys to keep them contented. Or was that for librarians?
Quite why you're having to muck about in Access when you're migrating to SAP is another question - and one that does not bode well. I feel your pain and frequently dispair at the repeated mistakes of this industry.
Just to see what the options for a new customer are around here (semi-rural just south of Birmingham) and PlusNet will very thoughtfully save me the hassle of dealing with a real phone line as "Our Fibre package is phone line free. Simple and straightforward broadband. Simple as that."
With their mobile being phased out in favour of EE (33% price increase), an unknown cost to find another phone service / buy VoIP kit and hassle of number changes, and a DSL option that promises minimum speeds they've never achieved this is not looking good.
And apparently my contract, which still has 13 months left to run, is now only for broadband and line rental. Why do I feel that "We'll do you proud" is turning into foxtrot uniform?
Maybe I'm old-fashioned, but if I have two identical systems fed the same data, then I'd expect them both to give the same result. Especially if it's something safety critical like making sure airplanes that have been carefully shepherd into close proximity to each other don't actually bump heads.
Or maybe there's a missing irony icon?
(Not that you'll find much iron in an airplane of course, or these days much metal at all given the preference for making everything out of araldite and burnt string.)
BtfFS is my go-to filesystem for Linux, mainly for the snapshot that lets me implement near-instant backups as far as users are concerned (which then get copied off somewhere safe at leisure.)
At $MAIN_JOB I'm stuck with EXT3 or XFS 'cos that's what the vendor demands where it really counts - and the Lords of Chaos have decided we might as well use XFS everywhere else for simplicity.
In practice I've found that BtrFS is horribly slow for databases in all but the tiniest MariaDB case, but it's not difficult to stick an XFS filesystem in for that - a little more complexity but get the best of all worlds. Yes you can turn off CoW where you have DB files if you really want and maybe one day I'll do a performance test with that.
And running BtrFS on the desktop (and sandpit servers) makes patching, upgrades and other tests boring - if something doesn't go right just Timeshift it back and try again.
And yet nothing said about what Google, Apple, Facebook, Microsoft can do in terms of tracking you, your content, device usage and 3 of those have rights to directly muck with your stuff too. And before anyone says linux is different, when's the last time you did a full analysis of all the packages that apt/mintupdate deployed for you? And that's before thinking what's going on with CPU microcode and firmware updates.
Surely the change must have had some effect on the final product, or why else you you be changing it?
And for all checking and paperwork in the aviation industry it still has it's fair share of "oh $hit" moments where everyone has signed off on the paperwork with what turned out to be less than a full appreciation of exactly what they were signing off on.
Having said that, the engineering discipline I learned back then has proven invaluable for many subsequent years of swearing at bits instead of pieces. While in many ways things are better than they've ever been, we've still got a lot to more to [re]learn.
(I'll raise a cocktail to the memory of the Mods and Docs office. It might be Finnish inspired though...)
Any modern phone should default to a randomly-generated MAC so no tracking is possible. And consider using VPN client so the wifi operator still can't snoop on the sites you visit, one that links back to your home router should be sufficient to preserve your privacy on open networks.
When wifi first came in pretty much everyone in the area left their wifi wide open for neighbours to make free use on the basis that AT&T were already making too much money and with a 10MB service we couldn't use all that bandwidth ourselves so might as well share. Reportedly I could walk from my apartment into the city center and have free wifi virtually all the way. AT&T didn't like it, but there was nothing they could do.
I can't help feeling this is less about saving the children as enhancing donor profits - on both sides of the pond.
Look at any API Management platform and you'll find features for monetisation. It's a key feature, not just a nice to have. Develop a free service, persuade other to use it, adopt it, grow it and base their existence on it and then when you reach sufficient volume you start charging. Your uses either have to pay up or go out of business.
Monetization with Azure API Management https://learn.microsoft.com/en-us/azure/api-management/monetization-overview
Monetize your custom HTTP APIs via AWS Data Exchange https://aws.amazon.com/blogs/awsmarketplace/monetize-your-custom-http-apis-via-aws-data-exchange/
Overview of Apigee monetization https://cloud.google.com/apigee/docs/api-platform/monetization/overview
Not quite.
You pay for cloudy services in a selected zone or region, depending on the service
If you want more resilience, you pay for cloudy services in multiple zones and regions, at a multiple of the cost.
And if a service goes pop, you'll get a a few dollars back for that particular service. If everything else is up but not actually usable you'll still be paying full price for that.
Which I'm sure is great consolation if you've just lost hundreds of dollars in lost business, disruption etc.
You would have thought so.
But councils all seem to be fiercely independent, especially once the members get involved. I've previously worked with a Birmingham-based services company that claimed a "Template for Local Government" that had some some success with a few groupings of councils, but eventually all of them fell apart over political (office and party) differences rather than technology. Quite often even getting different parts of the same council to agree with each other to sign off a common spec was near impossible. It's amazing that local government is able to function at all.
Local authorities typically have:
payroll & expenses
hr - benefits, hiring, reviews, time, approvals, reporting
stock, consumables and stuff they give out/distribute
distribution & warehousing of stuff
assets
purchasing, goods receipt, accounts payable
finance & management accounts
reporting on anything and everything
orders, fees, subscriptions, taxes, receipts
treasury
CRM for handling "customer contact" e.g. green bins, pest control, pemits
Think of anything that every type of business might do, somewhere in local authority somebody will be doing just that. At least until it all gets reorganised/split up/tendered/outsourced/merged/abolished.
Maybe using the word enterprise in association with the stereotypical council is a bit hard to swallow, but it's still the same processes. Even if somewhat twisted and mangled into their own worldview.
You're now expecting Microsoft to block the installation of applications on your machine at OS level? Just think about that for a second, and then take a guess at how long until they get sued.
If you don't want stuff installed on your computer, or the ones you managed, don't give users the ability to install stuff. Or get one of the many security / endpoint protection tools etc that will give you the control over what actually happens on your computers, and even then keep install rights restricted to as few as possible.
And you owe me a beer for potentially defending M$ too. I feel dirty....
Last year I finally got around to sorting out home email properly. I did think for a while that maybe I was being a bit too geek as who in their right mind sets up email for fun when it's virtually given away for free? This is why. That and my wife kinda likes the domain name we have. She's not a geek either.
So I'm paying £2.50 per month to Mythic Beasts to host the domain and be a mail service and so it ain't free, but then I spend more than that on beer. It "only" gives 5GB storage, but it's never gone above 500MB 'cos I have getmail picking up mail from them and saving it to a little postfix server and then cleaning off MB after 2 weeks.
Multiple getmail configs isn't going to scale well, but for a family or even small business it's doable. Postfix is free. Dovecot is free. Ubuntu is free. This is all within the capability of a Raspberry Pi to run, with as many TB of disk that you care to hook up to it. If you want webmail, shared calendar and task I've heard you could even run a Nextcloud instance on there too although that sounds a bit optimistic, but that does work nicely on an old PC or small VM. But then I guess that's not cool and cloudy, especially when MS want you to pay £80 per year, every year, forever.
Quite why anyone want to keep gigabytes of old email is another question. One that I ask my missus every so often. When I'm feeling brave...
For UK: I've just grabbed two books at random (Second Variety and The Essential Calvin & Hobbes for those that need to know) and both have the following statement on the first few pages.
"All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permission of the publishers.
This book is sold subject to the condition that is shall not, by way of trade or otherwise, be lent, re-sold, hired out or otherwise circulated without the publisher's prior consent in any form of binding or cover other than that in which it is published and without a similar condition including this condition being imposed on the subsequent purchaser."
For USA: I'll have to check back on that - don't have any USA editions to hand although I don't recall seeing any such wording in theirs.
Which I guess mean IA are bang out of order (that's a legal term apparently) if they tried this in the UK - maybe they'll get sued here too? And also if my kids rip the cover off a book it appears I can't then give the book away. Although if they rip the cover of any of my books I'll likely be wanting to give them away...
No need for ChatGPT to be giving the game away, it seems all browsers now make the address bar double up as the search bar so if you miss-type or truncate a copy/paste of a URL, for example one that references a document repository like sharepoint or any other WebDAV server instead of just giving a 404 you now get a page full of irrelevant crap and you've also just given your default search engine some interesting keywords. And if you're tied into their cloudy work offering too they also know who you work for, everything else you've searched for and are in a nice position to start joining the dots as to what your company is up to.
Or should I be upping the dosage of dried frog pill again?
NB. With a lot of hassle you can make Firefox separate out search from addresses, but it seems with Edge it ignores the so-called privacy setting to stop this at the moment. How convenient.
It will all be mandated as safety-critical and you won't have a choice.
And because it is safety critical only those holding a current manufacturer licence (aka dealers) will be allowed to do any maintenance.
And because it is safety critical the car will have to be services on a schedule as mandated by the safety licence holder (aka dealer)
And because it is safety critical the car will have to be connected to the manufacturer online safety monitoring facility at all times (at your expense)
And the worst part is, all this is already being put into place in current cars. It ain't the future, it's here already.
So pre-scanning is going to apply to cloud storage and communications?
I presume then the scanning code, integration config and any training data needed will be made publicly available free of charge for anyone implementing things like Nextcloud, Syncthing, Postfix/Dovecot, Thunderbird / K9 et al, which are freely available to anyone who wants to runt their own private cloudy groupware & communication apps can do so.
Thought not.
Gotta say +1 for shooting your own argument down - software and firmware has to be assumed to have bugs, so if it can't be updated then it's only a matter of time before it becomes known insecure instead of merely presumed insecure / not proven secure.
But yes, a physical enable/disable update that actually makes a difference (SD-Cards anyone?) should be mandatory. Sorry, you don't get a +2
FWIW I installed a brand new Win 11 machine 2 months ago and was able to do so without creating a personal Microsoft account. It took a lot of googling to find there is a very small link hidden away to let you configure against a traditional domain, which then lets you get an old fashioned install and to be fair it then worked as perfectly as you'd expect for a Windows laptop.
Second day on the job and I then had to join the Azure AD domain and all the goodness of M365 et al...
How much longer this will be allowed is another question - they seem hellbent on creating a master directory of the human race and controlling everything you see and do.
If you send data to anyone, you pay your ISP.
If you send data from any of the cloud providers, who besides being Big Tech themselves also provide a lot of the infra to the rest of Big Tech, you also have to pay egress charges for every byte sent, whether that is data to yourself or directly to your customers/users.
So you're effectively paying both sides already.
Now if the argument is certain organisations are not paying enough because right now in many there is a choice of provider to use (but certainly not all - have a look at regional data egress pricing to see the effect of competition) should we really be saying that telcos and ISPs should be allowed to pick on organisations to pay more? Who do you think is ultimately going to foot the bill? Hint: See above.
There's still a huge amount of private WAN out there. Running VPNs over the internets may well be nice and cheap, but there's no service guarantees so if you've got workloads that need a guaranteed throughput or have sensitivities around latency or response time, or you're simply not allowed to use internet for security/policy reasons then buying a WAN service is still the way to go. And unless you're big enough to be laying your own fiber you're still at the mercy of a provider not screwing up.
If you're all-in on O365, and especially if working remote, then do a little homework and prepare yourself for the inevitable local glitch that cuts you off the interwebs. Funnily enough all the capabilities of working offline are baked into the products. e.g.:
Teams: Keep key contacts in Outlook and/or on your phone and actually talk to them the old fashioned way.
OneDrive / Sharepoint: Use offline folders and keep a local copy of key docs
Exchange: Send/receive might be problematic, but you can at least keep recent mails locally on any decent mail client if you tell it
Install the apps on your PC rather than use the web versions
I've lost much more worktime due to muppets digging through phone cables or running over street cabinets. Most organisations should be able to come up with a plan to keep the important things going for a week or two with little cost given all the tools we have available to us now.
Actually, that's not entirely true. The biggest killer of working time has been pointless meetings that could have been completed much quicker and amicably in a lunchtime pub. Now maybe Teams needs to come with a beer tap?
That's true some of SAP's own cloud offerings, but there's also other options to have S/4 in a cloudy environment and still have all the modifications. Of course SAP want you to move to one of their own cloudy as-a-service offerings, some of which you dance entirely to their tune, with minimal configuration options and constant pressure to subscribe to more more more.
It shouldn't be a surprise that any customisations created for ECC6 or other products will need some attention to work with or on S/4. And by attention I mean anywhere from review and test through to start again from scratch or switch to some equivalent standard feature instead.
Just like in the real world, there's a lot to be said for having a major cleanup whenever you move house. If nothing else it gives you more space to fill with cruft again.
I've used Keepass for years since a (now former) employer who handled stuff for a bunch of very security aware clients made us standardise on it. And taking a leaf out of their book, I don't put all passwords in the same file.
Example
Mobile file has everything you may need to access from a device while out and about. This is synchronized to all devices and desktop using Syncthing. No cloud involved, and any updates while away also get synchronized back home too.
Home file has everything else, lives solely on desktop (with backup) and never goes anywhere near a mobile device.
For the really paranoid you could use an Offline file on removable storage for really important passwords that you don't use frequently if you don't think your deskop is secure enough.
Most likely issue for me is mobile broken or gets lost / stolen, in which case if somebody gets into it they have a chance to crack Keepass and be rewarded with a bunch of low value passwords. I suspect you'd make much more money from selling the knowledge on how to crack Keepass than cashing in some almost-expired airline and hotel points...
Of course the strength of your master passwords / fingerprint reader is still a weakness. And if you're truly paranoid you'd not be using a fingerprint reader as your frontline security method would you?
Keepass is as good a password manager as any - and I've worked in secure sites where it was the mandated solution so I figure if it's good enough for them it's good enough for me.
Syncthing also works well for secure synchronisation of the password DB between devices (Linux, Window and Android all proven, not tried any others) but of course like any replication based solution you must make sure you don't try to update the password DB on two devices at the same time. It#s also handy for automagically backing up photos or other files on your mobile back to a system you control too.
I'd also recommend having one keypass file for passwords you'd want on a mobile device, and a second for any that you definitely don't want to have on your mobile if it gets lost, stolen or otherwise attacked. And of course you'd be making periodic backups of your keepass files won't you?
In that case you've picked the wrong plan or the wrong MSP. Or both.
Outsourcing done well can save you a whole lot of problems and money, and most techies will go a above and beyond, especially if treated with courtesy and respect, whenever something interesting occurs.
But you have to make real sure that you have the right contract and you're buying what you need instead of the cheapest you think you can get away with. If your sole aim of outsourcing is to cut costs and to screw every last penny out of what should be a partnership then you are very likely going to end up with regrets.
Exchange Backup for small/home business
Bacula triggers script to call Exchange backup to dump the database to a file, backups up that file, and them sweeps it to an archive area and delete yesterdays archive. Nothing fancy beyond a bit of config and a bash script. Using free Bacula edition too. Annual VM export to speed up a full rebuild should the worst ever happen.
Exchange Restore for small/home business
Upload VM export in the event of total loss. Restore backup file if that's been lost. Use Exchange tools to restore what you need from that. Win.
Only time I had to do it, it took most of a day to get some lost mails back - and that was mostly googling for the clue on how to do it for real. Not difficult, but not exactly scalable either. And not something for the non technically minded to attempt so hardly suitable for most small businesses to attempt to do in-house.
Bootnote
Now the whole lot has been migrated to postfix & dovecot for mail and Nextcloud for shared xDAV calendar & contacts - and the other goodies it can do which I'm still playing with. Mail is easy to restore (at least under test conditions) the calendar & contacts will be a problematic if somebody accidentally deletes something - still not something for the non technically minded to attempt. And yes, getting postfix to work was an interesting learning experience...
A friend of mine is an environmental health officer. He was used to hearing certain service calls over the tannoy whenever he went into a local branch of a certain supermarket carrying his official hat and coat to do an inspection.
It was when he started getting met withing a minute of entering other branches - even ones outside his area - by a friendly helpful manager when he was not in work clothes he started to get suspicious that perhaps the systems used to spot known shoplifters were perhaps being put to other uses too. Maybe not entirely ethical by the supermarkets, but he found the personal service was a nice way to beat the checkout queue and for quickly finding everything on his shopping list.
As for is it legal, there are some huge loopholes under the heading of security / prevention of crime and protecting health & safety when it comes to using surveillance tech.
Worked on an as-a-service project a few years ago, where thanks to having to allocate multiple subnets at design time (and before launching too, so no idea just how big the subnets would really have to be, or how many we would actually sell) the 10.x.x.x space wasn't big enough.
Also brought home just how wasteful IPv4 subnetting really is, and how inflexible a lot of networky things are. For home use I have an entire IPv6 /48 just for fun, and I can't afford the 'leccy bill to use even a tiny percent of that. Even assuming I could get a gazillion RPi's in the first place.
Assuming that other people also have IPv6. Did a small project with some overseas techies that needed some small servers for a few weeks. Figuring this will be easy as everyone out east already has IPv6 just run up a few VMs on the lab server and sorted. Oh well, at least Plan B worked....
Maybe they did? With all the universities world wide and the 100's of people of are legitimate experts in encryption, who do you go to?
And how do you know they're actually any good and not in the pay of or subject to pressure from others who would like to have a slight glitch in your encryption implementation?
Yep, it's a rabbit hole once you start poking around those sorts of questions. Possibly even a tinfoil lined rabbit hole...
How long do you think it will take to:
o Build out a cloud service suitable for enterprise use - ie VMs, containers, provisioning, network, DNS, storage, all the other typical cloudy services.
o Get your new cloudy service certified for use with all the enterprise vendors big companies use
o Get to the point people feel comfortable entrusting their corporate IT to the new EUcloud
o Actually migrate everything that you've carefully entangled with all the AWS/Azure/Googly services
Even if they dropped the hammer tomorrow it will take years to get everyone out of the current US-based providers, practically guarantee a trade war and quite likely tie up any new EU venture in endless intellectual property and copyright spats.
I know of a couple of companies that claimed a "local authority template" for ERP, and at least a few attempts at implementing. Sharing ideas and source code / config / customization generally wasn't an issue.
Changing the template to local requirements is generally where it all went wrong, especially where it was a shared service between a group of authorities and each had their own way of detail working and nobody was willing to give way on the finer details e.g. line-item names on payslips, field labels on data-entry forms. End result is paralysis as the customer cannot agree what they want and deadlines approach and go whooshing by. And that's before the union "we want money to change working condtions" mob got involved.
And even when they were all agreeing enough to go live, after a few years and a change of management or political control and then previous agreements were revoked 'cos basically politics.
As for being a supplier, the last thing anyone wants is to be stuck on a project with the Customer From Hell. I have had people tell me to my face that I'm only in it for the money, and the look of hatred when I pointed out they didn't work for free either was a joy to behold. It came as a surprise to them that ERP people actually wanted to do a good job to the best of their ability and that spending weeks on end in cheap hotels away from friends and family is not actually a good way to live.
Bootnote: There are also some excellent local authority ERP implementations. But of course you never hear about them 'cos they just quietly get on with the job without any fuss or drama. Same products, different management. Need I say more?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
