Posts by Lil Endian

Re: "their own backups as a contingency"

I don't know what the mix of CloudNordic customers are, but I'd bet a fair number of them would glaze over after listing to that :-)

Hehe! Well, I wouldn't be very good at my job if I spoke to a non-techie client like that ;)

I've been working with SMEs since the 80s, I can speak non-geek - and draw pretty pictures too! I'm a bespoke programmer. Part of my role is to ensure that my/their software runs and is resilient. As such, I advise where appropriate, even if I don't undertake the agreed upon action myself. I used to provide Doze desktop support as part of a contract to those ends, but kicked that in 2000, cos pushing string up a hill. I mostly deploy client/server applications, and I now leave client side support to their chosen service supplier.

And yeah, they always can access source via escrow in the case of the proverbial bus :D

Couldn't agree more Doctor. It's lesson #1 to anyone I'm advising: what's the most important part of a computer system? Your data. Because any other part of the system^[1] can be replaced, hardware/OS/applications, but if your data's gone then it's gone.

[1] Speaking generically. If risk lies elsewhere it should be identified, eg. bespoke code/hardware, obsolete doobries etc.

Re: "their own backups as a contingency"

Any resiliency is better than none! If there's only the primary data that's the problem. The setup can be any combination primary/backup1/...backup_n with storage local/cloud/offline.

Since all systems are deemed vulnerable, the more the merrier - with appropriate backup encryption of course!

If <user's> primary and only data was/is stored on CloudNordic/AnotherCloudProvider, they clearly don't know what risk analysis is, or they do and it was deemed an acceptable risk/loss or they intentionally didn't deployed a back up solution, eg. for saving funds.

If CloudNordic customers did maintain backups, be that local/cloud/offline, then they should be okay(-ish) and (advisedly) finding a new cloud provider.

Re: And Then ?

I did consider "stupidity", but there's no "tort of stupidity". For which I find myself thankful!

Re: All Eggs in One Basket

Well, having a "master key for all machines" is effectively the same problem as the one in this affair, isn't it ?

Hmmm, yes and no. The issue is that systems that were previously "on separate networks" were later not segmented. In the initial scenario there were, therefore, no "master keys" - and then *poof* there were. The muppets. There's no indication that a "master console" weakness was present before or after, other than as a synonym for using an actual terminal/console that could access the entirety of those systems. Again: the muppets.

Re: Where are the backups?

I just thought I should add that I'm not saying cloud users should not have their own backups as a contingency, of course they should. That doesn't mean that the onus is not on CloudNordic in this case. As far as I'm concerned if said user does not have a resilience/contingency plan then they're negligent.

Re: And Then ?

The entire "cloud" idea looks questionable.

While I fully agree that the cloud is not the place for business critical systems and data, and sensitive data, this is not a case of "magic". CloudNordic failed in basic security principals by their own admission:

During the work of moving servers from one data center to the other, servers that were previously on separate networks were unfortunately wired to access our internal network that is used to manage all of our servers.

Unfortunately? Try negligently. They put all of their eggs in one chicken coop, and the fox was already in residence. Granted, it's early days so things might change, but it's unlikely that a company would make such a statement on a whim.

Re: Where are the backups?

Why is it the company's [CloudNordic's] responsibility to make backups of the customer's data?

If a CloudNordic customer borks their own data, that's on the customer. If CloudNordic borks customer data, that's on the CloudNordic.

This case is the latter, and the onus is on CloudNordic. They fucked up.

[Edit: It's CloudNordic's own data that they failed to adequately protect and by extension, their customers' data.]

Re: No shipping

Yeah, '78 sounds good for UK, I was pretty sure I'd seen it before '80. Stateside was 1977.

Finally found the page I was looking for, from The Centre for Computing History: Atari VCS.

Couldn't find a 2600 price, but for a reference point, the Atari 800 was released in 1979 for, wait for it... an initial price tag of $999.85!

Re: Lovingly recreated joystick?

Bah! I wanted to love... complain about... love complaining about the CX40 first! Wah!

Not microswitches on the CX40, it was those kind of two-bits-of-solder-held-apart-inside-a-flattened-plastic-bubble switches - can't think what they're called.

But man! I got through dozens of those! Those white plastic rings for tension/centring, shocking! The first microswitch joystick I recall was a Quickshot, well, decent one at least.

Re: No shipping

The 2600 was the first gaming system or home computer I had hands-on IIRC, and that was before summer of 1980. There weren't many home computers around then, being Acorn Atom and ZX80 times. That's after the Apple II ('79). I'm fairly confident, but can't cite, that the VCS would have been cheaper. Happy to be wrong.

Re: Programming is independent from language

I think you're missing my point, and that's my bad. Let me rephrase the statement "programming is independent from language" as "programming is independent from coding". Same thing. And yes, they're sweeping statements, but if viewed definitively I argue that the underlying point stands.

Learning different programming languages, ie. coding in that language, involves learning that language's semantics and syntax. Learning programming, that's logic, and involves logical steps which relies on sound program flow - the aforementioned sequence/condition/iteration. In essence, the programming part does not need to be relearned. Yes, there's a difference between OO and procedural program structures, but the individual functions, the actual working bits, are still made of the same program flow.

Program design at its lowest-ish level: anything but a trivial program and CISC/RISC assembler are bound to require a different number of instructions, but that program flow will contain the same options of sequence/condition/iteration. In essence the top-down program flow would be close enough to be perfectly recognisable.

One does not need to relearn programming when learning a new language. But there might be a more convenient program flow for a given language/use case!

Programming != Coding

[...floored by APL or Forth... -- I'll add Algol, if I may!]

Re: Why?

For corporates and large orgs this is usually a political (non-)decision. Anyone that okays the decision to replace an existing, and importantly working, business critical system risks committing professional suicide if the project borks or if the rolled-out system is discovered to contain flaws and it's "too late". So the C Suite and D Suite types don't want to go there. Not that they usually suffer penalties for incompetence, usually quite the opposite: a golden handshake and a role in another firm, or as a government adviser!

Re: Programming is independent from language

Your logic seems fallacious. Just because there's a potentially higher headcount doesn't mean there isn't a shortage. We know there's a dearth of COBOL experience currently, but you're saying there isn't. I don't get it, apols if I'm blind to your point.

... there should never been any new programming languages because, by definition, no-one will initially know how to use them...

Again: wut? That's blatant non sequitur fallacy.

The problem with COBOL is not the language itself, it's the environment in which it is used that is largely unfamiliar to programmers today.

Here I agree.

Re: Programming is independent from language

...its easier to learn COBOL than it is to translate millions of lines of code...

Agreed. That's what I meant in the bit (Hugely impacts A) but you put it much more concisely^[1]! The problem is $Corps want to cut out as many programmers from programming as they can, leaving just the ones that can make automated tools to replace said programmers. It won't work, hence: because the $Corps should stop fucking about and help themselves by not scrimping.

As far as legacy H/W goes, generally speaking I'd have thought COBOL to be a highly migratable across platforms, thanks to the likes of CODASYL.

Like I said, programming is independent from language. If one can program already, essentially all you're doing is learning some new catch words - unlike learning a new natural language, the diversity of which is broad, yet still underpinned by the same objectives, ie. to communicate about objects/actions etc.

[1] Note to self: posting when knackered leads to drivel... watch it!

Re: Aaaaaaarrrrrrrrgggggghhhhhhh!

Wait until you see "Visual P++"

If I weren't so jaded, that thought would have me twitching. If I were fickle, the actuality would have me heading to Beachy Head.

Something libreoffice can.

Something else LO can do: Python macros. No fekkin cloud required :)

Ah! Paris!

Yeah, Paris would be a test for sure.

Going slightly out of lane, this reminded me of a time when I was with my then GF. She's French, from Lille, and a really nice person - not the kind to create problems or antagonise others, a safe driver. She was driving on a dual carriageway, somewhere around Lille. Not a lot of vehicles on the road, when she pulled out in to an overtaking position on the only car in front, which seemed odd as she'd been quite comfortable being behind the car and we weren't in a rush. I threw her a quizzical look.

"The car coming up behind," she said "is a 75 plate, that's Paris. When non-Parisians drive in Paris, the Parisians make driving really difficult for them. So, whenever a Parisian car is seen outside of Paris, we return the favour!". It took a quite a little while for her to slowly overtake and get back into the nearside lane.

A bit naughty, but at least the 75 plate slowed to a legal speed.

Re: LoJack

I like that.

It could still be a bit awkward for the cops en route to that 'bank robbery in progress'. I'm not doing the maths, but limiting the transmission field to X metres might work, considering the vehicle speeds and reaction times etc.

Re: CPUC vs DMV

Maybe I wasn't clear, but that is what I was saying:

The points would be cumulative with regards to the system, not individual vehicles. Enough points accrued, and it's off the road for all vehicles using that system...

The idea being that the entire fleet, operating the same system, uses a shared licence - regardless of operator. So, if 12 points are needed to revoke operational licences, and a fatal incident gets 12 points, one fatal incident and they're all "grounded". Pranging a bollard may be 1 point; speeding 6 etc etc

Really though, they just shouldn't be operational at this time - they're not ready.

Re: Emergency Vehicles...

I wanted to suggest using LoJack as the signal source. But if emergency vehicles emitted such a signal it would give away the vehicle's location to anyone wanting to know it, and I'm pretty sure that would be abused.

Re: Failing the easy part

...anxious to get to their destinations... -- not anywhere near as much as if they were in, or in need of, said emergency vehicle.

It's also one of the easiest since they have flashing lights of a certain color and even the noise of a siren should be able to be detected and localized to a direction.

Probably not as easy as we'd like. Reflections of sound and light would be a huge problem for determination of direction. However, direction may not matter - detection of either could force a pull-over until further data is gleaned. Yeah, so the siren is heard across the town and you stopped, tough titties, you wanted to be in an AV.

Hmmm... Perhaps deploying an LLM is overkill, or maybe dumb it down and just train it to play Leader Board. It's ancient and has been surpassed, so fits nicely.

I don't think Sunak's a billionaire, yet, but point taken.