* Posts by ChipsforBreakfast

91 publicly visible posts • joined 20 Sep 2019


San Francisco's light rail to upgrade from floppy disks


Re: Curious what the floppy replacement will be?

Damn, that is a memory I'd tried to lose! Once upon a long ago when e-mail and the internet were still very much in thier adolescence I designed and built a system for an embroidery programming company to allow them to send bitwise images of 3.5" floppies by e-mail or modem because those damn machines all had to use their own special disk formats... fortunately the data was amenable to compression (the images tended to be mostly empty space anyway)!

Seems almost like another lifetime now!

AI will reduce workforce, say 41% of surveyed executives


Re: Artifical Intelligence? More like Artificial Idiot!

Have an upvote for making me smile on a Monday!


Artifical Intelligence? More like Artificial Idiot!

I have yet to see a single instance where AI has produced anything of value to a typical workplace. As far as I can see it has two uses for most businesses :

- Writing copy for marketers who can't be bothered/aren't able to write it for themselves.

- Acting as a glorified search engine who's results you can't actually trust.

There are obviously some industries where AI is clearly beneficial. It's ability to sort, classify and evaluate large volumes of strictly typed data against a desired outcome is far ahead of anything humans can achieve unaided - a huge boon to research in many areas but these are not the type of AI's that people generally see. They're specialised, trained for a specific task and they do it very, very well indeed. Whether anyone can train a model to deal with unstructured human input and produce reliable,trustworthy and useful outcomes is questionable to say the least.

As for AI replacing human call centers, why not - in far to many it's as though it already has. Just try calling any 'communications provider', by the time you fight through the impenetrable wall of telephone menus, all too often fronted by an 'AI powered' speech recognition system that can't actually understand anything at all unless you speak in BBC English & an Oxford/Cambridge accent then lose the will to live listening to an unending loop of 'We are experincing high call volumes' & brain-melting muzak you are inevitably wound up and annoyed. Then you are faced by an inquisition that would put the Spanish to shame in the name of 'security' only to end up speaking to someone who probably has less authority to actually do anything than king canute had over the tide. I'm sure AI couldn't do any worse.

Contrast that with another call I had to make to an insurance company. Simple press button menu, short (under 1 minute) wait, speak to a real person who listens, checks and resolves the issue in less than 5 minutes.

Guess which compnay kept my business?

AI will not fix poor customer service. It will however increase executive bonuses while infuriating customers even further. Do that too much or too often and customers will vote with their wallets & go elsewhere.

And someone might want to remind said executives - if the AI is running the call enter and technology is delivering the back end product, what's left? Wouldn't it be more efficient for AI to manage the AI's.. and a whole lot better for the shareholders.....

Cops turn LockBit ransomware gang's countdown timers against them


Re: Where?

It is indeed a .onion site and it's really not difficult to find if you look for it. My guess is El Reg didn't include it because a lot of web filters block anything with a .onion link by default, no other reason.

The Post Office systems scandal demands a critical response


Re: We need more articles like this one

Absolutely correct.

The complexity of some tenders beggars belief, it's practically a specialism in itself just responding to them. The level of absolutely pointless garbage required just to qualify to tender is equally ludicrous, it would not be the first tender document I've reviewed and decided to walk away from simply because completing the tender was such an onerous & time consuming process it simply wasn't worth our while to do it, despite being fully qualified and capable of doing the work.

The process itself is clearly designed to favour large-scale bidders who can absorb the unproductive cost of completing the tender process, a cost which is, of course, recovered tenfold in the ultimate cost of the contract. Since only the large corporates can afford to bid there's literally no competition to keep those costs in check.

Jobs for the boys... how are are they going to be able to pay for those 'donations' ?

Post Office boss unable to say when biz knew Horizon could be remotely altered


Re: Compensation?

That is exactly what I was looking for - it was extremely difficult for me to believe that nobody ever questioned a representative of Fujitsu under oath. That they have been questioned is unsurprising, the question now must be what did they know and what did they say. That's a matter for the police but I sincerely hope that their investigation examines just how much pressure the representative was put under by their employer to 'toe the line' and indeed whether Fujitsu deliberately sent a representative who did not actually know the facts to avoid the risk of those facts being disclosed in open court.

Bottom line, if there has been criminal conduct it's CORPORATE criminality and the employee who was used as cannon fodder shouldn't be the only one under investigation.

If we truly want to see an end to these scandals we need senior executives in the dock at the very least.


Re: Compensation?

Indeed, but faced with testimony from the sub-postmasters of exactly what they saw happen in some cases literally before their eyes, surely a competent defense lawyer would have insisted on calling someone from Fujitsu to the stand to question them on how what the sub-postmasters claimed to have observed could happen and whether or not the system was, in fact, reliable.

If they did then there's potential for very serious criminal sanctions if it can be shown that person lied or withheld information from the court...


Re: Compensation?

There are very significant questions remaining unanswered.

- What 'help' did Fujitsu provide to the Post Office in regard to the prosecution of sub-postmasters? If they acted as experts in court (as it seems reasonable they might) then their duty is to the court, not to the Post Office. If they gave evidence that the Horizon system was secure when in fact it was not and they KNEW it was not, that could be extremely serious indeed.

- When, exactly, did the Post Office become aware that the Horizon system could not be relied upon? If prosecutions were brought after that and those prosecutions relied in a significant way on Horizon it's not much of a stretch to consider them to be malicious.

- Did anyone benefit financially from the errors in Horizon or the unauthorized activities of Fujitsu employees accessing terminals remotely?

- If so, who and where has the money gone?

- Horizon remains in use. Has it been subjected to a full, external forensic audit to confirm it's now secure and fit for purpose?

- Who did that audit and why hasn't it been published?

How governments become addicted to suppliers like Fujitsu


Time for legislation

It's past time for legislation to effectively control the almost incestuous conduct so frequently seen around government IT contracts.

Budgets should be baked into the contract and legally enforceable (if you SAY you'll do it for £x then that is what you get and if you got your costs wrong, tough luck!)

Likewise timescales (with a reasonable allowance for unexpected issues) should be legally binding with significant penalties for failure.

Contingency funds should likewise be baked into the contract and similarly legally enforced, to a maximum of 20% of the total contract value.

Any company which fails to deliver on time & on budget should be legally barred from tendering for all future government contracts for a minimum of 12 months.

Repeated failures to deliver should see companies legally barred from tendering for at least 10 years.

Any company who's system is shown to be unreliable/inaccurate/unfit for purpose should be banned permanently from all government work and required to pay compensation, in full, to everyone adversely impacted by the system concerned.

Only when there are real, enforceable penalties for such unacceptable behavior which directly hit the bottom line of the culprits will we see an improvement.

You don't get what you don't pay for, but nobody is paid enough to be abused


Re: is 10x $$$ normal?

£600 - £750 for 1Gb/sec - that's on the expensive side unless you are looking at fully redundant connection with failover.

I'm typically seeing between £350 & £450 for 1Gb/sec with wholesale considerably lower than that if you have the volume to qualify for it.

GPON is a lot less and a real contender in the SME market, at least for now, although it remains to be seen what will happen once the contention ratios start to bite.

It's ba-ack... UK watchdog publishes age verification proposals


Finally... A real use for DALL-E

"Facial age estimation"....

I give it lesss than a week.

UK's cookie crumble: Data watchdog serves up tougher recipe for consent banners


It's all in the browser

Cookies can be tamed in the browser, if the browser makers decide to. Some are clearly more likely to do that than others - the big players won't do anything that hurts their ad revenue (Apple, Google, Microsoft I'm looking at you here!) but it's perfectly possible.

Waterfox does a pretty good job of it out of the box, firefox can be configured to do it fairly easily too. Increasingly users are getting fed up of being seen as the product and are turning more & more to technical countermeasures to take back control of their personal data - just look at the number of people using ad-blockers now.

Advertisers & data brokers are driving this - they seem to have completely failed to understand that consumers simply DO NOT WANT to be tracked, analyzed, catalogued and fed a curated diet of crap to inflate corporate profits. They miss the point that what I'm looking for now is NOT what I want to see in adverts several hours later - by then there's a damn good chance I'll have found it & bought it so their profiling is worse that useless, it's actually annoying. Annoying enough that I, and many more, are reacting to it negatively and in at least some cases coming away with a negative view of the brands involved.

When brands go to war with their customers the brand always loses.

1 in 5 VMware customers plan to jump off its stack next year


We are currently a mixed shop, roughly 50/50 between Hyper-V and VMware, looking at options.

We find Hyper-V is good for smaller scale deployments but lacking for larger scale situations where it becomes complex to manage and maintain.Like many, VMware's price hikes and uncertainty surrounding the takeover have left us wondering whether to move elsewhere. We did consider standardizing on Hyper-V for everything but Microsoft have quietly dropped the free standalone hypervisor making us question just how committed they are to the technology, seeming as they do to prefer pushing people towards Azure subscriptions.

Azure, AWS and the rest of the public cloud vendors.... well, if there were to charge a quarter of the price and make the pricing structure intelligible to mere mortals we might think about it...

So we started looking around. Proxmox was suggested to us and we decided to put it through it's paces and it has performed remarkably well. We now have it deployed in several small clusters and recently handed over a large, multi-DC distributed system which was built & tested in a fraction of the time and at a fraction of the cost that would have been involved for a comparable Hyper-V deployment. It's fair to say we are very impressed with Proxmox so far and are currently planning a phased migration from Hyper-V initially and ultimately VMware (the VMware clusters are more complex and will take a lot more planning to migrate).

My only criticism of Proxmox (and it's not really Proxmox to blame!) is the absence of enterprise-level backup tools such a Veeam and the manual nature of the migration process - it'd be very nice to be able to simply import VM's from Hyper-V or VMware and let the system handle all the conversions.

How is this problem mine, techie asked, while cleaning underground computer


It's a three way split....

Between the steel factory who's production floor PC's were so full of metal dust that PSU's had a half-life measured in days (they did eventually move most of them to less inhospitable locations & buy enclosures for the ones that absolutely had to stay, but not before we'd gone through a case of PSU's that would usually last a year in less than two months).

Or the ink factory where any attempt to work on their servers would result in the poor engineer emerging looking like a page from a Rorschach test as the various powdered pigments collected within the machine were dispersed over said engineer's hands, clothing and occasionally face.

Then there is the distribution warehouse with around 4 inches of God knows what collected on top of the steel beams over which the cabling has to run. Tracing cable faults there from the top of a hydraulic platform would rapidly result in you resembling something that had just escaped from the nearest coal mine!

And that said IT was a white-collar job!!!

The number’s up for 999. And 911. And 000. And 111


This assumes three things :

1 : the caller has a map to hand.

2 : they are able to actually read said map & locate their position on it accurately.

3 : the emergency services operator they are talking to can do the same.

Remarkably few people have maps today. Fewer still know how to use them properly (and I am including a sizeable number of casual hikers/hill-walkers etc. in that!). As experiences above suggest emergency services operators aren't always able to do so either (and may well not have the relevant map available).

What surprises me is that with almost everyone now carrying a capable GPS locator almost everywhere they go (even indoors my phone is capable of finding my location to within 50m or so) there are few if any apps which will SIMPLY DISPLAY THIS INFORMATION.

Just the coordinates. No fancy maps. No address lookups. No requirement for network connectivity. Just show me the damn location so I can relay it to someone else!

I've had this happen to me. Middle of nowhere, Scotland. Traffic accident (thankfully nobody hurt) but requiring police attendance - took the cops 8 calls and almost an hour to finally find the location purely because I had no way to get my ACTUAL POSITION from the fancy phone I had without a bloody internet connection!

Would be so, so easy for both Google & Apple to solve this problem. Dial emergency services, phone displays the coordinates from the GPS on screen. Hit the 'Where the hell am I' buttonj and it does the same (with the fancy map if you happen to be online).

Easy, simple, worldwide & effective. So why don't they do it?

Alien versus Predator? No, this Android spyware works together


Time for REAL security.

We can start with a good old fashioned physical off switch, or better yet a removable battery just like the old days. Then you can be sure that off means off.

Likewise, physical indicators for high-risk functions such as cameras & mic's - not LCD icons, real physical indicators that light up when a device is powered on, not under software control.

Those two things alone would be enough to limit the potential of a phone as a real-time surveillance device and neither compromises either functionality or usability.

Beyond that, we need vendors to start taking user privacy & security seriously. We can't prevent malware but we can limit the harm it can cause and make such harm far easier to reverse. It should be almost impossible for persistent malware to survive in a closed environment such as a mobile phone, that it's not is entirely the fault of the mobile OS's and the companies behind them, something that only serious market pressure will ever change.

Parts of UK booted offline as Virgin Media suffers massive broadband outage


Re: Raging Tweet...

Good luck finding any... and providers willing to actually route it for you unless you are the size of a major multinational or happen to own a gold mine!

Those who actually HAVE PI space are not letting it go and they ain't making any more (well not in IP4 anyway)!

Do you use comms software from 3CX? What to do next after biz hit in supply chain attack


A lesson in how not to handle an incident

Step 1 - Ignore it and hope it'll go away.

Step 2- Deny it. Claim it's a false positive.

Step 3 - Admit it, but don't say anything useful.

Step 4 - Argue with customers who need actual information and not marketing spin.

Step 5 - Watch as those same customers plan their migrations.

We are (or perhaps that should be were) a 3cx reseller & user. Their handling of this incident has been poor to say the least - poor disclosure, poor communication, poor remediation. Ok, this impacted a part of their offering that thankfully few of our clients actually use but that's not the point - if I can't trust their vulnerability handling processes I can't trust their application.

Here's how Chinese cyber spies exploited a critical Fortinet bug


The obsession with monitoring everything and knowing down to the last packet what got transferred over your network is fast being shown for what it is - a clear and present danger to the security of your network & everyone using it.

If you deliberately break protocols designed to ensure the privacy, security and integrity of your data then you really shouldn't be surprised when an attacker takes advantage of your hard work. Same argument applies to this as applies to all those TLA's wanting to break end to end encryption to 'protect' us - what's broken is broken and whether it's broken by the good guys or the bad guys doesn't really matter - it's still broken and ANYONE can take advantage of it.

Do we really need to peer inside every packet at the gateway - my view is no, we don't.

Four top euro carriers will use phone numbers to target ads and annoy Google & Facebook


Re: Like it is for emails?

That's the point where I very politely point out that NOT deleting the details will cost them a hell of a lot more than £200....

Funnily enough, that seems to work very well indeed!

What's up with IT, Doc? Rabbit hole reveals cause of outage


Don't mention squirrels!

New warehouse, massive place with 15m roofs into which numerous cameras, wireless access points and other IT stuff were installed. All in all, about 60 brand spanking new cat5e cables carefully laid in the equally shiney & new cable tray running the 80m length of the place.

Everything installed, tested & signed off. Expensive hydraulic platform returned to the hire company & the racking team move in to build the new racking. Fast forward 3 months. Call comes in that about 70% of the stuff isn't working any more. Remote checks show various switchports that should be active very much inactive with no good reason apparent.

Engineer is sent to site armed with cable testing kit... Yep, 70% of those new cables were dead. Problem is, now the racking is in there's no room to get the platform back in... After a Lot of head scratching and some fairly interesting calls we finally sourced a machine narrow enough and with a high enough reach to get up to the cables, only to find them thoroughly chewed.

My first thought was rats but pest control later caught not one, not two but 5 bloody grey squirrels running around in there. Destructive little buggers had been using the tray as some kind of squirrel superhighway & chomping cables at random as they went!

I haven't seen a mess like it before or since.

Too big to live, too loved to die: Big Tech's billion dollar curse of the free


Centralised service, centralised problem.

Email was never intended to be run by two mega corps. That's not how the protocol was designed, nor was it how the designers invisiaged it would work. By allowing it to be dominated in this way we've totally lost the inbuilt resilliance the protocol was designed with.

Lets be honest - faced with a choice of pay X pounds/dollars a year or lose your email, most users will pay up. They may gripe, they may moan but very few will be motivated enough to change and even fewer of those will be technically adept enough to do it. The only thing preventing Google doing that right now is the inevitable bad press but sooner or later the financial imperative will become too great to ignore.

Expect to see a decoupling of the 'Google account' used for sign-in to phones, apps etc. from the actual email service well ahead of this so as to limit potential regulatory issues as much as possible. Email will become an additional, paid for, service.

Me, I'll stick with my own mail server on my own domain like I have for the last 22 years.....

'What's the point of me being in my office, just because they want to see me in the office?'



We have always placed trust in our employees. There is no micro-management (we had one, once. He lasted less than three months before being abruptly shown the door). Employees from the newest first line to the most experienced senior engineers are simply allowed to get on with their jobs, trusted to do so without continual oversight and equally trusted to know when they are getting out of their depth.

The atmosphere of openness this creates encourages people to learn from each other and to speak up when they don't know - better for us, better for them & better for our clients.

We drum into all staff from day one that mistakes are not only tolerated, they are expected and will not result in punishment They are how we learn. Nobody is disadvantaged or disciplined for a mistake, they are helped to put it right & understand what went wrong so they don't do it again.

There are no time clocks. No hour counting. No clockwatching. We don't log hours worked or when people do or don't choose to come into the office. We DO regularly check customer feedback & satisfaction levels and we do follow up very quickly if these seem to be slipping.

In short, we treat our staff the way we'd want to be treated. Like adult human beings, trusted to behave honestly and to keep our customers happy.

The result - almost zero staff turnover and exceptional client retention. A very happy CEO and a very pleased CTO (me!).

Moral - trusting your staff is the key to building a strong, resilliant & productive team - in or out of the office. And there are better ways to measure & monitor productivity than counting heads at desks or hours worked.

China promises its digital currency will offer 'controllable anonymity'


Which backs up exactly what |I was saying - NO digital currency or payment method is a suitable replacement for hard, physical cash.

Had those tourists had wallets full of actual money instead of plastic cards they wouldn't have had a problem, would they?


Privacy is the tip of a very nasty iceberg

I may seem something of a luddite here but bear with me. If I'm not mistaken we already have numerous & very effective ways to make cashless transactions should we so desire. Bank transfers, cards, even apps all exist for exactly that purpose and by and large function well enough that they've become accepted in society for daily use.

Cash is different. Physical cash is exactly that - a physical, immutable representation of wealth. If you hold it, you have it and it's yours to spend as you see fit. If someone wants to take it off of you then they need to physically confiscate it, a process sufficiently complex and time consuming that it's intrinsically resistant to abuse. It's not practically traceable and has no privacy risks. You can't hack my wallet from a bedroom halfway across the world. You can try and pick my pocket if you like but that carries a distinctly non-zero chance of you getting a punch in the mouth and quite possibly jailtime which again tends to limit the risk involved.

If the bank is closed (or worse, bust) then the cash in my pocket is still mine. It still has it's value, I can still spend it, at least for as long as other people agree it has value.

Now, replace that with a CBDC and a 'digital wallet'. Instantly all the advantages of cash are gone. Digital transactions are traceable, so no more privacy (anyone saying anything else really needs to go look at some modern history!). It's only 'yours' for as long as the bank say it's yours - it can be blocked or invalidated at any time, easily. Pissed off the government, no more money for you. Voted for the wrong party? Said the wrong thing? Spent more than you should on 'bad' things? Same result... what you thought you had, you don't have. That 'digital wallet' can be and undoubtedly will be hacked eventually - everything is.

For central bank transactions, perhaps it's justifiable BUT there are already plenty of solutions for that... it's not the driver for this.

In short, CBDC is not a solution to any problem faced by normal individuals. It's at best a waste of time and at worst a tool for total control & oppression on a scale never before seen.

The privacy issues are the tip of the iceberg.

Chemical plant taken offline by the best one of all: C8H10N4O2


Alcohol + CRT = fun!

I have witnessed the result of a poorly-placed CRT encountering an entire pint of lager. Spectacular light show, copious smoke and one fire-alarm induced evacuation later management were persuaded to relocate the monitor away from the end of the reception desk nearest the bar....

Nuclear power is the climate superhero too nervous to wear its cape


Re: Deaths are not the only metric

Please, dial down the angst. The exclusion zone is far from lifeless and has in fact become something of a wildlife haven. The exclusions zone for Fukushima has already been lifted.

Yes, Fukushima plans to release treated waste water into the sea - water treated to remove most radioactive contaminants leaving only a very low level of radioactivity - lower, in fact, than the naturally occurring background radiation.

All of which fails to note that modern reactor designs such as those discussed in the article are designed to prevent exactly the type of accidents that occurred in either of these incidents.

As for your 'argument' you know full well that cleanup will take decades to complete - do you seriously think we have that long to wait?


Re: Deaths are not the only metric

I don't disagree with you - there is never a perfect solution. The point really was about the relative lifespan of the two - turbines have planned lives of 20 year, solar panels roughly the same or less, depending on the conditions. Most proposed reactors are aiming for lifespans of 40 - 50 years minimum (many current plants are sitting at around 40 years operation & still passing safety inspections).

So while they do use significant quantities of non-recyclable material they use it less often and probably manage to generate more power over their lifespan too - not zero impact (nothing is) but less impact per KW/h generated. It's also contained in a far smaller area, lessening the physical impacts on the surrounding area & wildlife.

Nuclear power is not without concerns, drawbacks and impacts that's for sure but they are at least comparable to quite possible lower than (I'm no expert, just an interested layman) the renewable alternatives.


Re: Deaths are not the only metric

Regardless of what's happened in the past (and the article does a very good job of explaining why that's not really relevant to this discussion), there is a choice to be made now.

We can invest in nuclear power alongside renewables and meet the goal of zero carbon emissions from power generation

Or we can decide not to.

If we decide not to, we either have to drastically reduce & rethink our use of power or we accept that we are not going to be able to reach the zero emission goal and we'll need to deal with the consequences.

If you have an alternative that doesn't involve drastic negative changes to our accepted way of life I'm all ears...


Re: Deaths are not the only metric

And how about you explain how we are supposed to keep the lights lit, industry operational, homes heated, electric cars charged and all the rest while not emitting carbon without it.

Wind is not reliable, has a huge physical impact, turbines with around a 20 yr lifespan (far less that a nuclear reactor) which aren't recyclable - it's not the answer.

Solar suffers the same reliability problem especially in the UK and has similar issues with physical impact. Making the panels relies on hard to obtain materials and energy-intensive processes - not the answer either.

Base load on the grid needs to be met by reliable sources - nuclear is ideal for this. Renewables are good for some things but there are needs they simply cannot meet.

If you truly want to get to zero-emission power generation it will need a combination of all of these technologies, as well as significant investment in energy storage to achieve it.

Major IT outage forces UK emergency call handlers to use 'pen and paper'


Fail to plan, Plan to fail...

We know systems will be compromised. It's fast becoming inevitable, no matter how comprehensive the security or how determined the management are when all is said and done defenders need to be lucky all the time, attackers only need to be lucky once. We need to start accepting that when we're designing, specifying and commissioning systems for critical infrastructure.

We need to look at enforcing diversity - multiple systems, multiple suppliers, multiple architectures, multiple access paths. Yes, that will introduce problems with interoperability but those shouldn't be insurmountable with careful design. We need to be mandating that level of diversity across the entire critical infrastructure - no one supplier, system or datacenter should be permitted to operate in more than a quarter of any given segment of critical infrastructure.

Monocultures are notoriously fragile (windows, I'm looking at you!) - they need to be avoided when dealing with life-critical services. Only by promoting diversity and actively discouraging monoculture can you both promote innovation and enhance the resilience of the system as a whole.

New Outlook feature: It freezes up when dealing with tables in emails


Plain Text

Round here, plain text has always ruled the roost. 72 characters wide, properly formatted signature separator, 4 lines of a signature at most and absolutely no damn HTML anywhere.

Yes, I'm old.

Ditching VMware over the Broadcom buy? Here are some of your options


Re: Grim on the low end.

Do have a look at Proxmox. It's robust, easy to manage from both GUI & CLI and frankly just seems to work. Converting the VM's can be a bit of a nuisance but it's a one shot deal - once it's done, it's done.

You get full clustering, failover, HA, backup and even distributed storage (if you want it, we didn't and went with a traditional SAN architecture). What's more, a single web-based GUI manages all the servers in the cluster. For us at least it's more than a match for Hyper-V and easily stands up against VMware.

And it doesn't cost a bloody fortune either!


I have to agree - we're in the process of shifting a whole pile of VM's from both Hyper-V & VMWare onto a common ProxMox platform. Relatively painless so far.

Micron aims 1.5TB microSD card at video surveillance market


Re: Oh great!

In quite a few scenarios recording at the edge (ie. in the camera) makes a lot of sense. Not only does it keep the network a lot quieter you'll often find the camera itself is far harder to reach/destroy than the NVR is.

Of course, the gold standard is on-camera, on-NVR and off-site but if you're that paranoid you already know that (and have the diamond mine to pay for it!)

Next six months could set a new pace for work-life balance


Explain to me, if anyone can, just how we can effectively operate a customer facing business on a 4 day week without increasing headcount (and thus costs) when our customers operate 5 days a week. I can't see how it's possible unless it becomes a legal mandate and everyone works 4 day weeks.

Then we get to the thorny issue of pay - 20 % less work without a drop in pay. How does that work? Do we carry out 20% less work but charge the clients 100% of their service contracts? I can't see that lasting long before the bean-counters start chipping away at it - "But you're only providing support for 4 days, why should we pay the same as we did for 5?". Before you know it, company income is down 20% while costs stay the same or rise....

It's a nice idea, in theory. In practice, it's simply not going to work which is almost certainly why none of those trials ever became permanent.

Elon Musk orders Tesla execs back to the office


Of timeclocks and toil...

Having come from an environment where the Timeclock was king and TOIL frowned upon I was determined not to allow such a culture to take root where I am now. I know first hand just how toxic a time-punching, clock-watching environment can be & just how creative people can get at undermining it!

We have never had a timeclock, no time recording and a flexible working policy that's focused on trusting the staff to get their work done, quickly and efficiently without us needing to breathe down their necks and monitor everything they do. It works. We have excellent staff retention, high staff satisfaction, good case-resolution rates and a very low customer complaint rate.

With that said, I do understand the desire to see staff back working from the office. It is considerably more difficult to manage remote teams as effectively. There are far fewer opportunities for ideas to form organically (at least two of our more successful products have originated from chance conversations in the office kitchen) and less chance for junior staff to learn by osmosis.Teams, zoom, conference calls; they all have their place but none can fully replace the office environment & direct personal interaction.

It's not impossible to do WFH long-term but it's a significant challenge, one we are still trying to find the best answer to. I doubt that answer will be a Musk-style edict to get back to the office full time but I can't see it being fully remote either - an acceptable middle ground will eventually emerge.

Zero-day vuln in Microsoft Office: 'Follina' will work even when macros are disabled


The 90's called...

They'd like their worm back please...

Son of Melissa??

Atlassian comes clean on what data-deleting script behind outage actually did


Sh*t Happens

No matter how many safeguards you build, checks you put in place or precautions you take the fuckup fairy will come calling sooner or later. The more systems you manage, the sooner she's likely to get to you - there is no escape.

That's why we have things like backup strategies and RTO's, so that when she does visit it's not a company-ending event. At least they've been honest about what happened and how long it's going to take to put it right. No marketing spin. No fluff. Just an honest 'we screwed up, sorry'. They should be commended for that at least.

Their lackluster RTO on the other hand isn't so easily forgiven....

'Bigger is better' is back for hardware – without any obvious benefits


Somewhere, if I dredge the depths of the storage boxes in my attic I still have a working Sinclair QL, complete with the original user manual. I suspect the microdrive cartridges are long dead though - they never were the most reliable of things.

I must dig it out sometimes and see if it'll still power on....

Millions of APC Smart-UPS devices vulnerable to TLStorm


Re: "the firmware updates are not cryptographically signed securely"

You are 100% correct. I've found myself having to explain networking basics (and I'm genuinely talking about basics here - networks, subnets, ports & protocols) to more developers than I can remember of late.

I wouldn't expect a dev to be able to design me a full blown enterprise network but surely it isn't too much to expect them to understand what a subnet is when they're writing network-aware code?

Do you know what TikTok is? Then you might make a good magistrate, says Ministry of Justice


Re: I looked into

Surely guidance is just that - guidance and as such the magistrate is free to ignore it if they see fit.

Thus those 'repeat customers' could well find themselves exhausting the magistrate's patience quite quickly and suffering the (probably well deserved) consequences..

I can almost hear them bleating about guidelines as they're led away to begin a year's stretch!

Zuckerberg wants to create a make-believe world in which you can hide from all the damage Facebook has done


Re: Oh for Gods sake

My money's on batshit.

(thumbs up for the Asimov reference)


If that's the future...

Count me out.

I'll happily retire to my little corner of darkest Scotland and live out the rest of my days far from the madding crowd of AR-Spectacled zombies thank you very much.

Reg scribe spends week being watched by government Bluetooth wristband, emerges to more surveillance


Re: Over-reaction

Most certainly not. Those who behave like that deserve the full weight of the law to descend on them from a very high height indeed.

Mobs, yobs and clowns do not make a totalitarian state. Pervasive, unending state surveillance and intrusion into people's private lives does.


Re: Over-reaction

I am not against controls and never said that. In fact, I clearly stated my support for controls while we were in the early stages of the pandemic and the disease was largely an unknown quantity.

What I am, very firmly, is against are ongoing controls that have little to no value against what is now clearly an endemic disease. What purpose does surveillance serve in the control of this illness? Given the vaccinated can still spread the disease, what is the value in vaccine certificates? Where is the proportionality test to justify these measures?

If Covid were significantly more lethal the picture could be very different. If we had no vaccine the picture could be very different. It's not, and we do.

The question remains unanswered - what is it about covid that means levels of state intrusion into our daily lives that were unthinkable 18 months ago are now suddenly not just acceptable but apparently desirable?


Re: Over-reaction

I don't, and I've 'peddled' no untruths at all. If you'd like to show me one I'll be happy to stand corrected.

I never claimed your life is worth less than anyone else's, nor did I ever say the vulnerable population 'cause me problems'. I'll thank you not to put words into my mouth.

To address the point I think you are trying to make, society cannot operate solely for your protection. It never has. People catch and die from all sorts of diseases all the time and nobody blinks. We don't shut down businesses, close borders, introduce surveillance or curtail liberties because of it. We manage the risk, individually and collectively.

Covid seems to have turned that on it's head, or more specifically the government response to it has. Over the last 18 months we've somehow gone from a nation who were solidly opposed to ID cards or pervasive surveillance to a nation who seem willing to welcome any level of state control and monitoring in the name of 'safety'.

I question why.

Why are we surrendering our freedoms for so little tangible benefit? Why are we tolerating this laser focus on Covid to the exclusion of all else? Why have we allowed ourselves to become so blinkered that we willingly ignore the collateral damage caused in the futile attempt to suppress Covid? Why do we now willingly provide far more information into our daily lives to the same governments we so rightly criticized for stealing far LESS information from us?

I DON'T value your life any less than anyone else's. I supported the initial measures to control the disease while we studied it. Those days are past. We have enough knowledge to effectively manage the risk without becoming a fear-riddled surveillance state.


Re: Over-reaction

Actually it's not. Factually there are many diseases roughly as transmissible as Covid and many which are significantly more transmissible.

Covid is not exceptional.

That's not conjecture, it's scientific fact. Please feel free to check for yourself, I provided one easy to use source already but there are many others.


Re: Over-reaction

I assume those handing out the downvotes are also the same people who had no objection to the conduct revealed by Snowdon, to facial recognition by police, to ID cards or to Apple's proposed scanning of the personal content on your phone.

There is no half way with totalitarianism. If we will not see the risks that are so clearly staring us in the face now then why were we all so outraged before?

Same authorities. Same problem. Different reaction.

Amazing what a few months of endless propaganda will do.


Re: We know who is most at risk from it

Agreed, vaccination is a key strategy and I'd encourage everyone eligible to get vaccinated.

It must however remain a personal decision and we must respect both people's choices and their right to choose.