Episode 18 A lesson I learned a long time ago was: never let a user buy a server.
It's not a hard lesson to remember because of the frequent booster-shots for the rule whenever some purchasing person decides to sidestep their purchasing restrictions by "renaming" what they're buying.
So we've got this crappy black-box device which does pretty much nothing but provide random 24-digit numbers (as best as I can tell) to the beancounters as some way of validating transactions and preventing fraud.
It looks like a 1RU server, sounds like a 1RU server, but is in fact a "key-validation-device" – a "device" that didn't require any IT oversight in the purchasing process.
I don't know a hell of a lot about what it does, as it simply has a network port and a power lead out the back and a single USB-C port, a power switch and a multicolour LED out the front.
I'm guessing it has some specialised USB interface for input and output but frankly I'm not overly interested.
It just appeared one day in the arms of a Beancounter, preconfigured with a static IP address on the Beancounter VLAN and instructions on a firewall pinhole it required to operate.
Anyway, back to the device.
The multicolour LED, which is normally blinking orange when it's booting and a solid green when it's up, is now showing a solid red – and the network interface is showing as down on the switch.
APPARENTLY, there's a minor panic at Beancounter Central because all sorts of transactions are being invalidated and/or cancelled a minute after they're initiated.
"But that shouldn't matter," I say, "after all, this is a test device. You know, so you can test a system to see if it's stable enough to put into production."
"That's what you told me. You said it was just a test device and that you wanted to see if it would be something that might be worth implementing in the future, when you had thoroughly tested it."
"I mean, no-one would put a test machine into production without telling us. That would be madness. I mean, for a start we'd recommend buying a machine with redundant power."
"And redundant drives," the PFY adds.
"We might even suggest you got one of those motherboards that lights up an LED next to a faulty RAM bank – even though that's a complete white elephant, hardware-wise."
"So it's not production?" the PFY asks.
"Uh … … no …" the Beancounter lies.
"Well that's lucky. Because if it were production … heads would probably roll," I chip in.
"Not your head though," the PFY says. "Because it's not production. Because you would have told us."
"Shouldn't we call an engineer?" he asks.
"Oh, there's no need to rush," I say, "because it's not production. Anyway, I can still hear the hard drive whirring."
"Still …" the Beancounter hesitates. "Maybe give them a ring. Maybe they're in the area. It comes with a warranty."
"Yes," I say, looking at a small sticker on the top: "A 24x7 3yearr NBD. You know what NBD means?"
"Next Business Day," I say.
"And that's just how long it takes them to answer the phone," the PFY adds.
"See, a hardware warranty has a lot of similarities to an insurance policy and if there's one thing those industries are good at, it's loopholes," he continues.
"So the clock doesn't start ticking on your support contract till they pick up the phone. And it's Friday lunchtime now, so I'm guessing they'll be picking the receiver up some time late Tuesday morning."
"If we call now," I add.
"And THEN they'll send out the dumbest engineer in the crew who's so useless that he only has two tools – a rubber mallet and a Bible – with the instruction that if the Bible doesn't work he's to hit himself with the mallet."
"Yes, but maybe we should still call …"
"Number 85 in the queue isn't bad," the PFY says, listening in to the Beancounter's phone.
"It's only a 40-minute wait time," he says happily.
"Yes," the PFY says darkly. "That's how they get you. Forty minutes now, then two songs, a message about how important your call is and how they have an unprecedented volume of callers at the moment, then your time's extended to 60 minutes, then two more songs, a message about using their web site, then your time's extended to 85 minutes, two more songs, a message, two hours and ten minutes …"
Luckily the PFY pulled out of that particular nose dive as I'd left my Bible at home – but I do have a rubber mallet.
"So what do we do?" the Beancounter asks.
"Would you like us to take a look at it?" I ask.
"Could you?" he asks, gushing with relief.
"No. Because I'm starting to suspect it's a production machine – and I'd need to do a change control."
"IT'S NOT PRODUCTION!" he snaps back with some urgency.
"OK then – well it's a tricky one," I say. "See these? They're security torx screws. For security. I mean they don't just put security torx drivers in EVERY SINGLE COMBINATION SET YOU BUY AT A POUND SHOP. Because they're security screws. Two on the front panel and four in the top."
"Yeah sure," the PFY says, rolling his eyes. "That's just what they'd WANT you to do. This is a financial security device right?"
"So what's the bet that they're not security torx at all, but are tamper switches. You turn them and they Mission-Impossible-Self-Destruct the contents of the server to protect the security."
"I … so … what do you do?"
"You drill a small inspection hole and poke a flexible boroscope down there to take a look."
"Do you have a boroscope?"
"Sure," I respond, "and we have a drill too. How big a hole would be need in the lid for the boroscope?" I ask the PFY.
"16mm, but we don't have one."
"OK, what's the next size we do have?"
"That'll have to do then."
"Honestly, who could have guessed that boron-coated drill would have gone straight through the lid, the hard drive and the bottom of the server," I ask.
"Lucky it wasn't production," the PFY says. "That would have been bad."
"Heads would have rolled," I add.
The only light at the end of that tunnel comes just as the Beancounter's about to pass out. He hears a tiny voice from the phone asking for a service contract number.
I might need that mallet after all.
Science fiction is littered with fantastic visions of computing. One of the more pervasive is the idea that one day computers will run on light. After all, what’s faster than the speed of light?
But it turns out Star Trek’s glowing circuit boards might be closer to reality than you think, Ayar Labs CTO Mark Wade tells The Register. While fiber optic communications have been around for half a century, we’ve only recently started applying the technology at the board level. Despite this, Wade expects, within the next decade, optical waveguides will begin supplanting the copper traces on PCBs as shipments of optical I/O products take off.
Driving this transition are a number of factors and emerging technologies that demand ever-higher bandwidths across longer distances without sacrificing on latency or power.
QNAP is warning users about another wave of DeadBolt ransomware attacks against its network-attached storage (NAS) devices – and urged customers to update their devices' QTS or QuTS hero operating systems to the latest versions.
The latest outbreak – detailed in a Friday advisory – is at least the fourth campaign by the DeadBolt gang against the vendor's users this year. According to QNAP officials, this particular run is encrypting files on NAS devices running outdated versions of Linux-based QTS 4.x, which presumably have some sort of exploitable weakness.
The previous attacks occurred in January, March, and May.
A US task force aims to prevent online harassment and abuse, with a specific focus on protecting women, girls and LGBTQI+ individuals.
In the next 180 days, the White House Task Force to Address Online Harassment and Abuse will, among other things, draft a blueprint on a "whole-of-government approach" to stopping "technology-facilitated, gender-based violence."
A year after submitting the blueprint, the group will provide additional recommendations that federal and state agencies, service providers, technology companies, schools and other organisations should take to prevent online harassment, which VP Kamala Harris noted often spills over into physical violence, including self-harm and suicide for victims of cyberstalking as well mass shootings.
A decentralized autonomous organization (DAO) called Inverse Finance has been robbed of cryptocurrency somehow exchangeable for $1.2 million, just two months after being taken for $15.6 million.
"Inverse Finance’s Frontier money market was subject to an oracle price manipulation incident that resulted in a net loss of $5.83 million in DOLA with the attacker earning a total of $1.2 million," the organization said on Thursday in a post attributed to its Head of Growth "Patb."
And Inverse Finance would like its funds back. Enumerating the steps the DAO intends to take in response to the incident, Patb said, "First, we encourage the person(s) behind this incident to return the funds to the Inverse Finance DAO in return for a generous bounty."
UK Home Secretary Priti Patel today signed an order approving the extradition of Julian Assange to America, where he faces espionage charges for sharing secret government documents.
Assange led WikiLeaks, a website that released classified files including footage of US airstrikes and military documents from the Iraq and Afghanistan war that detailed civilian casualties.
It also distributed secret files revealing the torture of detainees at Guantanamo Bay, and sensitive communications from the Democratic National Committee and Hillary Clinton's campaign manager, John Podesta, during the 2016 US presidential election.
A group of senators wants to make it illegal for data brokers to sell sensitive location and health information of individuals' medical treatment.
A bill filed this week by five senators, led by Senator Elizabeth Warren (D-MA), comes in anticipation the Supreme Court's upcoming ruling that could overturn the 49-year-old Roe v. Wade ruling legalizing access to abortion for women in the US.
The worry is that if the Supreme Court strikes down Roe v. Wade – as is anticipated following the leak in May of a majority draft ruling authored by Justice Samuel Alito – such sensitive data can be used against women.
A Russian operated botnet known as RSOCKS has been shut down by the US Department of Justice acting with law enforcement partners in Germany, the Netherlands and the UK. It is believed to have compromised millions of computers and other devices around the globe.
The RSOCKS botnet functioned as an IP proxy service, but instead of offering legitimate IP addresses leased from internet service providers, it was providing criminals with access to the IP addresses of devices that had been compromised by malware, according to a statement from the US Attorney’s Office in the Southern District of California.
It seems that RSOCKS initially targeted a variety of Internet of Things (IoT) devices, such as industrial control systems, routers, audio/video streaming devices and various internet connected appliances, before expanding into other endpoints such as Android devices and computer systems.
Interview 2023 is shaping up to become a big year for Arm-based server chips, and a significant part of this drive will come from Nvidia, which appears steadfast in its belief in the future of Arm, even if it can't own the company.
Several system vendors are expected to push out servers next year that will use Nvidia's new Arm-based chips. These consist of the Grace Superchip, which combines two of Nvidia's Grace CPUs, and the Grace-Hopper Superchip, which brings together one Grace CPU with one Hopper GPU.
The vendors lining up servers include American companies like Dell Technologies, HPE and Supermicro, as well Lenovo in Hong Kong, Inspur in China, plus ASUS, Foxconn, Gigabyte, and Wiwynn in Taiwan are also on board. The servers will target application areas where high performance is key: AI training and inference, high-performance computing, digital twins, and cloud gaming and graphics.
The US could implement a law similar to the EU's universal charger mandate if a trio of Senate Democrats get their way.
In a letter [PDF] to Commerce secretary Gina Raimondo, two of Massachusetts' senators Ed Markey and Elizabeth Warren, along with Bernie Sanders (I-VT), say a proliferation of charging standards has created a messy situation for consumers, as well as being an environmental risk.
"As specialized chargers become obsolete … or as consumers change the brand of phone or device that they use, their outdated chargers are usually just thrown away," the senators wrote. The three cite statistics from the European Commission, which reported in 2021 that discarded and unused chargers create more than 11,000 tons of e-waste annually.
Microsoft is extending the Defender brand with a version aimed at families and individuals.
"Defender" has been the company's name of choice for its anti-malware platform for years. Microsoft Defender for individuals, available for Microsoft 365 Personal and Family subscribers, is a cross-platform application, encompassing macOS, iOS, and Android devices and extending "the protection already built into Windows Security beyond your PC."
The system comprises a dashboard showing the status of linked devices as well as alerts and suggestions.
Taiwanese chipmaker TSMC has revealed details of its much anticipated 2nm production process node – set to arrive in 2025 – which will use a nanosheet transistor architecture, as well as enhancements to its 3nm technology.
The newer generations of silicon semiconductor chips are expected to bring about increases in speed and will be more energy efficient as process nodes shrink and the tech industry continues to fight to hang onto Moore's Law.
The company is due to go into production with the 3nm node in the second half of this year.
The Register - Independent news and views for the tech community. Part of Situation Publishing
Biting the hand that feeds IT © 1998–2022