Posts by OllieJones

Deja vu all over again.

Please, people, please get ahead of this one. If you need executive permission, funding, or time to get it done, just say "Equifax".

Overwhelm them with nonsense

Years ago when I was a kid my dad worked as a consul (a retail-facing diplomat) in a country that was, at the time, a frenemy of his government.

Our home phones were monitored by the local fuzz. So, my dad and a colleague persuaded my mother and the colleague's wife to get on the phone with one another and yak yak yak exchange recipes for, I dunno, Christmas cakes and bean salads and whatever. For hours. Finally they gave up.

Surely with AI voice synthesis we can swamp these phone lines with enough meaningless BS to make surveillance harder. While we rebuild.

And, as for the people saying secure systems need back doors, well, see figure 1.

Another one bites the dust

Gelsinger tried to wreck my startup thirty years ago, and came close by hiring away some good people.

Good riddance to bad rubbish.

Clink?

Hey, we yanks call it the hoosegow, not the clink. :-) The clink is the open cell in the middle of the rural county sherrif's office. :-)

Maybe that would be a good place for some of these cybercreeps and theives.

In all seriousness, the US Justice Department functions in a deliberate and precise manner, such that miscreants are well aware that they can F around and find out.

Travois

Native Americans used a thing dubbed a "travois" by French colonists. https://en.wikipedia.org/wiki/Travois

Poles that drag on the surface at one end, with a way to carry a load between them.

Sturdy telescoping poles might be useful for other things on the lunar surface too.

This gives us coders cover with front office people

Look, the CISA's latest missive on memory safe(r) languages isn't news to people who have worked in our trade for a long time. I've known about it ever since I forgot to do malloc() correctly a half century ago in some student problem-set code. Yeah yeah we know.

But, here's the thing. It IS news to some front-office people. It's not addressed to us. But to them. As such, it's a valuable tool to support the business case for reworking legacy code in memory-safe(r) languages.

People who do, I dunno, control software for municipal water plants, now have another way to pitch security-driven rewrites for their products to executives. And another way to avoid getting all the blame if the execs don't accept their pitches and the cybercreeps break in and make trouble.

They're not "accidents"

Dear Reg.

Please update your style guide to eschew the word "accident" for any incident unless it involves a truly unpredictable event like, I dunno, a meteorite strike.

Automobile crashes aren't random. They have root causes. Driver inattention or cognitive overload. Failures in driver perception. Road rage. Poorly maintained equipment or roads. You get the idea.

Roll out new point of sale system, get petty crime wave?

Didn’t anybody wonder about the scope of this supposed crime wave? Seven hundred some-odd independent and disorganized small business people embezzling from the Royal Mail? Only in some dystopian sci-fi film.

Sure, one or two, or even ten might try that. But, not one judge, or detective, or silk-wearing barrister or auditor stopped to think and to ask the obvious questions when the number of accused started climbing into the hundreds? Impossible to believe. There is an untold story somewhere in this mess about a suppressed whistleblower.

Bold claims

One wishes that absolute claims (like these) about information security were not associated with politicians with a reputation for, well, BS.

The only way for our industry to improve security is through transparency -- responsible disclosure transparancy -- about the root cause of each breach.

What kind of medical record system?

Is this a Cerner shop? EPIC? What vendor do thay use?

Is the type of medical record system a factor in the vulnerability?

One huge advantage to calc over excel

A customer of mine was once totally baffled by trying to import a .csv file into some software we furnished.

It was a user list, and contained a numeric user ID and a name. Trouble was, that cuistomer's user id values looked like 00144616 with leading zeros. When they used Excel to edit the list before importing it, Excel helpfully stripped off the leading zeros. The exported .csv showed ids like 144616 instead of 00144616. Confusion ensued.

Until we advised them to use Calc instead of Excel.

It’s August, Silly Season.

News flash. Public figure said something silly in August.

Film in September.

A Pentium joke from 1994

It's new year's eve at the end of 1994. Andy Grove, Intel's boss, is celebrating. It's been a good year, with the new Pentium product doing well.

So he's in a swanky hotel bar, and orders a dram of top-shelf Scotch.

The bartender puts it in front of him and says, "that'll be twenty dollars, sir".

Grove puts a $20 bill on the bar, looks at it for a moment, and says "keep the change".

What about soldered processors?

I wonder what fraction of these chips that might fail are soldered to their motherboards?

Because obviously those are harder to replace. Unsoldering ball grd arrays etc?

Or is the market for these things limited to socketed motherboards and maybe to gamers etc who overclock their rigs? Dissipating an extra 50W of heat seems like a vast challenge.

Compared to US govt citizen facing IT?

Hey reg, you know what would be cool?

Team up with Jennifer Pahka (https://en.m.wikipedia.org/wiki/Jennifer_Pahlka) author of Recoding America, and do some comparative pieces on what, if anything, the UK and US can do learn from one another.

OpenJDK? Americas Cup Yacht?

Let’s see. Would I be happier seeing Larry Ellison enter the Americas Cup with another yacht we bought him?

Or, use OpenJDK?

Gouging long-time legacy customers seems a harvesting endgame. Like the Broadcom / VMware price increases.

I hope our whole line of work isn’t flipping over into harvest mode.

Stupid high legacy costs from rent-seeking by financialized vendors should figure into the decision whether to maintain legacy stuff or do greenfield restarts.

These medical groups are right!

A few years ago a health care IT place I worked suffered a breach involving 47 patients. (Notice how that number is burned into my soul.) The root cause was a third party vendor that misdelivered, well, 47 fax messages.

Notification was a huge job. For 47 patients. We did it, because the breach happened on our watch. It’s a job that should be done by the agency that suffered the breach, not the case managers and office staff of beleaguered doc offices. United Health may complain this will hit their bottom line. Tough noogies. They’re lucky to have any shareholder equity left after their breach, attributable to sloppy authentication.

What is their strategy with their new, smaller, customer base?

Here I thought KVM was a way to connect keyboards and pointing devices, not a convenient measure of large quantities of lost business.

What are they up to? Who’s the target customer they hope to keep? Or is it simply a wring-out-profit then shut down move?

It’s not like hypervisor tech has any huge barriers to entry or exit other than inertia.

Next: garbage out; garbage in; second-generation garbage out. etc. etc. ad nauseam.

OK, it's happened that top-ranked search results are substandard Ai-generated results.

What happens when LLM training system ingest these top search results and builds them into its models?

I think the AI industry may soon discover its own kind of inbreeding, and will turn into its own equivalent of hare-lipped Hapsburg royalty, with notorious flaws. Especially since LLM training sets are getting close to the point where they've ingested all human generated content.

"Used gazillions of liters of water?" What, did they destroy it?

It would be very helpful if journalism about industrial resource use would say more about water use.

"Polluted a gazillion liters of water with toluene and arsenic and dumped it untreated into the Mersey" is very different from "drew a gazillion liters of cooling water and discharged it 3° warmer. Both have impacts but one is worse.

It's likely that some of this data center work "took a gazillion liters of fossil water from a deep well in the desert and evaporated it in a swamp cooler."

But who knows? Can reporters find out?

Whuuuh? Wait. No. Just no.

I bought a Tesla in 2016. Even then the company's figurehead was notoriously mercurial and prone to megomanaical claims. "Full self-driving by the end of the year', anyone?

But, do I want 2024 Tesla to have access to the computing equipment I bought from them and paid for? No, not under current leadership and not without some serious indemnification.

Why not?

1. Their onboard computers (Linux) log too much s***t into /var/logs/whatever, and therefore wear out their SSDs faster than they need to. They've fixed this they say. But it has caused field failures. This is huge hurting hunk of metal, not a game console. It's drive-by-wire and the wire better freakin' work. Every time. It has one job, keeping my family safe. Please don't use my expendable parts (SSD) without working out a schedule to proactively, and for free, replacing them.

2. The cell network (LTE in my case) rig in the car doesn't have much bandwidth. Certainly not enough for ML tasks. Barely enough to show me maps.

3. Power costs money and releases carbon. Don't use my power without my permission.

4. Cybersecurity? Safety? Presumably they would push native code. If they can push it, so could a cybercreep.

Now, maybe he's just saying provocative things. Hope so. But he needs to be careful not to let his loud mouth damage all his household brands. For the customers of household brands have more power than the most billiony billionaire.

I still don't think National Grid's executives get it.

I'm from New England in the USA. I have earned the privllege of complaining about National Grid's managers because they sell me my electricity too, as they do for you lot in UK.

Here's what the Nat Grid people don't get: Electrical energy distribution is becoming a fine-grain information business. The grid that works in 2050 will be one that can rapidly control a large fraction of its load, as well as deliver the energy.

EVs already have user interfaces where the user can tell the car, "I need you at 0700 tomorrow" and the car can draw power "off peak". All that's left for the smart grid to do is run auctions in real time (the way web sites do when showing me banner ads). And we'll have a grid that can use much less peaking generation capacity than it does now.

Come up witth auction-capable controllers for hot water heaters and other domestic loads, and it gets even better. Those things, at volume, should cost no more than twenty euros / quid / bucks.

Yes, big-system transmission capacity will help. But a smart grid will help a lot more.

As of now, all National Grid can manage is a little pilot program in a small city called Worcester, Massachusetts (we pronounce it in the English way, "wooster") with two rates based on time of day. Unnecessary AND insufficient.

(Ultility economics in the US guarantee a return on capital, so Nat Grid has much more incentive to do big capital buildouts.)

WTF?

Is Ballmer back? This is Ballmer-era bs.

Pride goeth ...

Back in the 1980s a forgotten company called DEC had a company gate at Logan International Airport in Boston.

Thought we were pretty special, we did.

Just serve your customers, Mr. Colliton.

Cerner and Epic together?

Cerner (Oracle now) and Epic are competitors. Seems to me a deployment needing them to interoperate smoothly would be a tall order, requiring highly competent owners' reps who also eat nails for breakfast and don't care for taking prisoners.

Open source stuff is a great alternative to a negotiated agreement.

It has to be said, Libre Office does a decent job of knowledge-worker production tools, with similar things in its suite to Word Excel PowerPoint and most of the other basic tools.

This is why lots of people think "software engineer" and "wise judge" are oxymorons.

You can find all kinds of stuff on the net about NOT opening up port 3306 (MySQL) through firewalls. Enough stuff so you'd think German engineers would have built classy security around credentials if they had a requirement to open it up, WTF? WTF? Embedded plaintext in a downloadable Windows executable? What is this year, 1995?

And you'd think the German justice system would have access to enough expertise to cope with this kind of screwup in a rational way.

Guess not. How do you spell "WTF" auf Deutsch?

IT people are angels, that proves it

The evaporated spirits are sometimes called the angels' share of the cask.

It's good to know the IT angel could partake.

This story is about divestiture/ outsourcing / cost squeezing, not dumbass airplane workers

The CEO had to fly from corp HQ in Arlington, VA, to the airplane factory in Washington for this all-hands meeting.

The real story is that Boeing spun out their Wichita mfg ops not an outfit called Spirit Aero, and so changed the assembly of an airplane from a holistic task to a series of transactions. That's oversimplified, but Boeing's legendary quality standards are really suffering under the current crop of MBAs.