* Posts by sgj100

22 publicly visible posts • joined 4 Mar 2022

UK council still hadn't fully costed troubled Oracle project 2 years in

sgj100

As has been noted by other commentators local authority requirements (and the public sector in general) are not the same as commercial companies. The rules, regulations and requirements they have to satisfy are complex and mostly created by central government and handed down from on high. However, what I don't understand is why each council goes about implementing their own system in their own unique way. Surely the requirements don't vary significantly from one LA to another (at least between councils of the same type - i.e. county, district, unitary etc).

Pat Gelsinger's grand plan to reinvent Intel is in jeopardy

sgj100

Re: Drastic (& Sarcastic) Solution

The US still has a version of this. The "Jones Act" requires that all goods transported by water between U.S. ports be carried on ships that have been constructed in the United States and that fly the U.S. flag, are owned by U.S. citizens, and are crewed by U.S. citizens and U.S. permanent residents.

CrowdStrike blames a test software bug for that giant global mess it made

sgj100

Re: What is old becomes new again

But they do! Crowdstrike's CEO, George Kurtz, was the CTO of McAfee in 2010 when McAfee did something similar!

sgj100

Fuzzing

The preliminary incident report from Crowdstrike says that they in the future they will be adding fuzzing to their testing process. Why the **** wasn't this already the case?

How to maintain code for a century: Just add Rust

sgj100

If you had taken the time to use the search engine of your choice before writing an intemperate post you would have discovered that the "idiot in charge" is very much a programmer.

https://sylvestre.ledru.info/CV_sylvestre_LEDRU_english.php

Command senior chief busted for secretly setting up Wi-Fi on US Navy combat ship

sgj100

Re: Should be given a medal

The text of Article 19 of the Universal Declaration of Human Rights says

"Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers."

Which in today's environment, where much information is only available online, could be interpreted as implying that internet access is a human right.

ML suggests all that relaxing whale song might just be human-esque gossiping

sgj100

...former linguist Noam Chomsky?

In what sense is Noam Chomsky a former linguist? He's still alive and although his political books and publications outnumber his linguistic output he is still widely known for his linguistic work.

Old Windows print spooler bug is latest target of Russia's Fancy Bear gang

sgj100

Wayzgoose

Nice to see that the GRU are up on archaic English traditions. Perhaps they read about it in the same guide book as their compatriots boned up on Salisbury Cathedral.

A wayzgoose was at one time an entertainment given by a master printer to his workmen each year on or about St Bartholomew's Day.

Dump C++ and in Rust you should trust, Five Eyes agencies urge

sgj100

According to the CWE Top 25 Most Dangerous Software Weaknesses published by Mitre there are 15 issues that have been present for every year from 2019 to 2023.

Of these 15 five are memory safety related which could be mitigated or eliminated by using MSLs.

Out of bounds write (no 1 in 2023)

Use after free (4th in 2023)

Out of bounds read (7th in 2023)

NULL pointer dereference (12th in 2023)

Improper Restriction of Operations within Bounds of a Memory Buffer (17th in 2023)

Of course it is possible to write safely in non a MSL - the point is that for far too often it simply doesn’t happen and this has been the case for many years. If we want safer software (and we should) then a move to MSLs is definitely part of the solution.

https://cwe.mitre.org/top25/archive/2023/2023_stubborn_weaknesses.html

Government and the latest tech don't mix, says UK civil servant of £11B ESN mess

sgj100

Re: Talent is highly concentrated (and not cheap)

The Government/Civil Service don't seem to recognise that outsourcing a project doesn't remove the need to have in-house expertise to specify, procure and monitor said project. I do have some sympathy for people working in public sector IT as they have to deal with politicians introducing legislation without any thought of how that legislation is actually going to be implemented. Legislative requirements only seem to become more complex rather than simpler with exceptions and exceptions to exceptions being introduced at every turn. When was the last time any government introduced a law specifically intended to reduce complexity?

Excel recruitment time bomb makes top trainee doctors 'unappointable'

sgj100

Re: "all GP practices have changed to appointment booking solely via an online portal"

The statement "this is clearly discriminatory against the old" is itself discriminatory. My 91 old father has no problems booking GP and hospital appointments online.

Scared of flying? Good news! Software glitches keep aircraft on the ground

sgj100

Re: NATS crashed.

A problem with this is that the flight plan wasn't submitted directly to NATS. It was submitted to Eurocontrol’s Integrated Initial Flight Plan Processing System (IFPS), which is the central Flight Planning tool for the International Civil Aviation Organization (ICAO) European Region. This accepted the flight plan because it was correctly formatted. IFPS then distributes the plan to all relevant Air Navigation Service Providers (ANSPs) of which NATS is one. Presumably the software used by the other ANSPs were able to deal the duplicated waypoint name!

UK govt Matrix has unenviable task of consolidating several different ERP systems

sgj100

For this to work requires not just the Departments to buy in to it but the political policymakers and legislators. Until they take account of the practical implementability of proposed policies government IT failures are inevitable.

HPE to face lawsuit for allegedly misleading DXC investors

sgj100

but who cares so long as the bonuses are up in the short term?

Royal Mail, cops probe 'cyber incident' that's knackered international mail

sgj100

The web site of International Distributions Services, Royal Mail's parent company, is inaccessible because it's using a TLS certificate that was revoked on 9th August 2022!

VMware refreshes desktop hypervisors, adds Apple Silicon support

sgj100

Differences between Fusion Player and Fusion Pro/

"VM Player – which can only play VMs rather than allow their creation, and is often deployed as a client to run software appliances – can also run the virtual TPM."

Is this correct?

The VMWare Fusion page https://www.vmware.com/products/fusion.html clearly says that both Fusion Player and Fusion Pro can create VMs.

The feature comparsion table indicates that the only differences between the products is that Pro has the ability to customise virtual networks, connect to vSphere / ESXi, and the ability to create clones.

SolarWinds reaches $26m settlement with shareholders, expects SEC action

sgj100

I don't understand the logic of shareholders suing the company they own. Surely the $26m already belongs to the shareholders as owners of the company. It would only make sense if the $26m was paid by the company executives (and that's never going to happen!)

Rust is eating into our systems, and it's a good thing

sgj100

Re: we won't go quietly...

Nice to see another BCPL user! My first post University job was porting a suite of BCPL code from an IBM mainframe to a Motorola 68000 based S100 system running Cromix, Nowadays, for fun, I use Go which I think has something of BCPL about it

Excel's comedy of errors needs a new script, not new scripting

sgj100

Re: Clueless users

The really dangerous users are not those who are clueless as they don't know enough to be dangerous. The really dangerous users are those who know a little (or think they do). Every organisation for which I have managed IT has had users of this type, often in the finance and marketing departments. If I'd had sufficient IT resources to provide database querying/report writing "on demand" to end users I would have banned the use of Excel. However, I was never in this position because the "I can do it in Excel" attitude prevailed.

Businesses should dump Windows for the Linux desktop

sgj100

Re: The entire article studiously ignores the fact

Absolutely! There is more to business software than Office type applications. Every organisation I've worked in has depended on industry specific software that has only been available for Windows. Using Wine or other emulation software would have meant little or no support from the software vendors.

UK govt signs IT contracts 'without understanding' the needs

sgj100

Re: "NAO also sees a lack of digital knowledge"

"Consequently, poorly operating 'non-digital' systems become the model for implementing their digital replacements, ignoring the opportunity to improve the underlying business processes (which are often where the greatest inefficiencies, sources of error etc. are to be found)."

In my experience this is a key point. Digitising an existing process that is overly complex and inefficient without first simplifying it rarely works well. I recall one particular project (not in the public sector) I managed where it took the retirement of the key stakeholder before the full benefits could be realised (cost savings and better customer service).

Saving a loved one from a document disaster

sgj100

Re: Imperrfect

I worked for a council in the South of England in the late eighties. The housing department had a central typing pool using a Wang word processing system which was unlike any other system I'd seen. Sorting out problems was made worse by the typists (all women) being chain smokers!