VMware's popped out its second update to vSphere 6.0 and addressed a long-time vAdmin gripe by adding a new web interface that doesn't rely on old-school plugins.The new VMware Host Client is an all HTML-5 affair. The new code is derived from a “Fling” VMware posted a few weeks back (Flings are useful-but-unsupported code that VMware suggests vAdmins might want to play with) and has now made it into ESX.It's still no masterpiece of usability – as the illustration at top (or here for those reading our mobile site) attests – but is notable for two reasons. One is that VMware has remained loyal to the ancient Netscape derived NPAPI plugin standard. Moving to HTML 5 does away with that. The second is that vAdmins have often bemoaned the state of the web clients available to them. The new enhancements here will therefore be welcome.The headline feature of the vSphere update is support for 25 G and 50 G ethernet link speeds, handy for obvious reasons.There's also an upgrade to vSphere's VAIO – that's the vSphere APIs for IO Filtering, not a laptop - to better handle all-IPv6 environments.
There's half a dozen security fixes included, none toe-curling, and fixes for the usual range of small problems like “ Hostd randomly stops responding on hosts with 3D acceleration” and “ Unable to perform vMotion with VMs that has two 2TB virtual disks.”AMD's copped a little kick: its Opteron 12xx, 22xx and 82xx series CPUs are no longer supported because they're not on sale so VMware can't be bothered supporting them any more. Wouldn't happen to old Intel kit, we bet.It's a bit like paying a fortune to gain admission to a secret and exclusive members club, only to discover once you're in, that it's run by the bloke who does the pub quiz on a Tuesday night at your local... and all the bar regulars you thought you'd paid to avoid."Oh... hello, Windows. Fancy seeing you here. No, go on, tell me that unfunny story I've heard a hundred times before."Sumptuous and slightly absurd, Microsoft's Surface Book is the most expensive laptop you can get, short of ordering a 24-carat custom gold plated jobbie.
Six months after its bombastic unveiling (during which Surface chief Panos Panay looked like he was going to hit someone), it's finally washed up on these shores. And very nice it is too. As you'd expect for £2,249 including VAT (pen included), which is what the top model will set you back. (Or $3,199 in the US.)Sony never had much trouble shifting £2,000 Vaios and Microsoft has cracked it. Redmond claims to have $4.2bn extra cash in the coffers thanks to the Surface line, which is now widely imitated. You could argue (I won't, but you might) that Apple's oversized iPad Pro is Cupertino's response to the Surface – or a hedge against its continuing success.The Surface Book is a quite different proposition to the Surfaces that have come before it. It's bigger, with a 3200x2000 (267ppi) 13.5-inch display; this beast weighs 3.34lbs or 1.5kg.And its own lavish custom keyboard, which houses an Nvidia graphics unit, and an extra battery. An Nvidia GPU isn't an option for all Surface Book configurations, but it is in all the i7 configurations, and was in the model reviewed here.The inclusion of a GPU means you can't just yank it out – the software you're running might be using the Nvidia card, so there's a strange little dance where you wait for confirmation that it's OK to remove the Surface from its keyboard.
It's the graphics card, a rarity in laptops for years now, that gives it gaming and professional media editing chops. The display itself is dazzling and the sound superb.What gives the Surface Book its distinctive look – the wind blows through when it's closed – is the hinge. The trick here is using a shape memory alloy that can shape and contract. It doesn't fold back flat, which is where the other trick comes in: the machine is reversible. Lift it out, rotate it 180 degrees, and drop it back in. You've got a display tablet with the keyboard still attached. There's a dedicated Eject key for removing it, with an LED that is red if it thinks yanking away the Nvidia GPU will cause the software problems.
Because the keyboard is weighted (the battery takes care of that), it shifts the centre of gravity back, so the hallmark "woah it's going to tip backwards" that characterises all prior Surfaces doesn't apply here.That said, I suspect that the Surface ("the clipboard" in Microsoft's language) will stay docked in the keyboard almost all of the time – coming out only for movies and TV. Or in my case, for the kids to demand Fresh Paint. (Note: if you think I'm opinionated wait 'til you hear my kids' views on the design changes to Fresh Paint between Windows 8.1 and Windows 10. You'll really get an earful.)
The keyboard itself is absolutely stellar for typing. The keys have a deep and firm travel, and bounce right back at you, a little like the famously clacky IBM Model M keyboards used to do. But quieter, obviously – it doesn't sound like a hundred rat traps going off at once. The Surface Book's keyboard has a key for the Context menu and weirdly, an Alt Graph (Alt Gr) key, a throwback to pre-GUI IBM PCs.The keyboard houses its own Mini Display port, an SD card slot, and two USB 3.0 ports. The keyboard is where you charge this critter, although both keyboard and "clipboard" have their own batteries. More of that in a moment.Like the display it hosts, the keyboard is made of a magnesium alloy that feels slightly other worldly. It's like a metal, but is too light to be a metal (it really is a metal, though). My only grumbles with it are that there's no island for a set of Home/End/PgUp/PgDn keys. Microsoft reserves the two brightness keys for dimming the backlit keyboard – you have to use Fn + Delete and Fn + Backspace to control the screen brightness.
Microsoft tells me that the Surface Book should last for 12 hours. And here it gets complicated, because it's very hard to tell. Officially, the Surface Book discharges the capacity of the base-keyboard part first, then only when the base is low, taps into the display battery's power reservoir. Charging, it's the other way around, mostly: it charges the display part first and the base a little bit too. The reality is that based on the instrumentation, it's hard to tell. The Surface Book takes its time giving you a report on how much time you've got left.One factor is that when clipped together, the Nvidia card is in use, which saps more power. Much more so, obviously, if you're gaming. I found the power reporting let things down generally. Not only is it reluctant to give you an estimate, but the estimates vary wildly.The second screenshot is taken a few minutes after the first, with no change in workload or screen brightness.
Surface wouldn't be Surface without a few glitches. The first time I used the Eject button, it released the Display portion with a satisfying click. (Which is actually an audio file). And it worked the second time. But it hasn't worked once since. Infuriatingly, Surface Book wouldn't tell you what was causing it to maintain its Rottweiler grip on the display, the red LED merely indicating that you shouldn't. You can do a Vulcan nerve pinch to reset everything but it requires a reboot.Here's another, something the latest version of Photoshop caught. The Nvidia card actually has 1GB of RAM, but Photoshop is confused.Performance was excellent – which is to say, smooth sailing until stalled by Windows 10's randomness. Pages load incredibly fast but it just isn't as smooth as native code should be, with inexplicable, second-long freezes. (Sometimes several seconds.)This is the top-of-the-range model, but newer Intel chips are now available because it's taken so long for a UK Surface Book to... uh, Surface.I liked my time with the Surface Book, and grew to like it more as I got used to the heft and quirks. But with top performance and outstanding features in convertibles half the price, you really are paying a premium for Surface exclusivity that might make Apple blush.
An attendee at the KubeCon Kubernetes conference in London has exposed a serious lack of network security in the hotel where he was staying.Matthew Garrett, a security researcher for CoreOS and a board member of the Free Software Foundation, was in his hotel when he noticed the establishment had replaced the light switches with little Android pads to control lighting and other room functions.Being of a technical mien, he borrowed a couple of USB Ethernet adapters and set up a transparent bridge between the tablet and the wall so that his laptop could analyse the traffic between the two.Using popular protocol analyzer Wireshark he discovered that the tablet was running the Modbus control protocols, which don't use authentication controls, and after finding the IP address the tablet was using, Garrett was able to control his room's controls."Then I noticed something. My room number is 714. The IP address I was communicating with was 172.16.207.14. They wouldn't, would they? I mean yes obviously they would," he wrote in a blog post.
"It's basically as bad as it could be – once I'd figured out the gateway, I could access the control systems on every floor and query other rooms to figure out whether the lights were on or not, which strongly implies that I could control them as well."It might seem that this isn't too serious. Jokers could wake people up by turning their lights on and off in the middle of the night perhaps, but a thief could also get an idea of whether a room was occupied by checking the status of its room controls.This isn't the first time something like this has come up. In a 2014 presentation at Black Hat, researcher Jesus Molina, a former chair of the Trusted Computing Group, found he could do the same thing to all the rooms in the St Regis hotel in the Chinese city of Shenzhen.
In both cases, neither researcher tried to get into other systems on the hotel network, such as billing or reservations, but given the lamentable state of the control system it's not outside the realm of possibility that some serious damage could be done.Hotel hacking is something that's coming under increasing scrutiny by researchers and some hotel groups. Back in 2012, another Black Hat presentation showed how easy it was to reprogram electronic door keys in hotels. One hotelier then sued the manufacturer of the keys, claiming his guests had been robbed using the technique. In this article I'm going to talk about the second most important aspect of being an IT manager or engineer. “The second?” I hear you cry. Yes, the second, because the most important aspect is terribly dull and doesn't take 800 words to describe: safety. (And if you think I'm mad, ask yourself whether you'd break down the door of your secure data store to rescue the guy inside in the event of a fire).
The second most important aspect, then, is security. And that statement will annoy the hell out of business people (IT systems' purpose is to help them make money), system engineers (their purpose is to keep systems running and reliable), users (they need to be able to do their jobs efficiently and accurately and expect the systems to help them do that), customers (they want the online store to be snappy and deliver their order the same day where possible), … well, pretty much anyone.As we all know, IT is one of those areas that only really gets noticed for its negative aspects. The beancounters see it as a cost centre and want to know why we can't get another year's use from the printers (hey, if they've coped for seven years surely another one won't make a difference).The users only call IT when they can't get in, even if it's their own dumb fault for forgetting their mother's birthday and locking themselves out after three incorrect password attempts (then, given the chance, blaming IT when their mother didn't get a card).
The thing is, though, the same applies to security. And I'm not just talking about IT security – I mean security and corporate governance in general. And as with IT, the tangible benefit of security is generally pretty negligible … so let's look at some examples of how the downsides of security can completely nobble the best efforts of even the most efficient, effective parts of your company and your systems.Politeness is your enemy. There's only one sin greater than swiping yourself into the building with your electronic pass and then holding the door open for a colleague, and that's doing the same but holding the door open for a stranger. I saw someone do that when I worked in the defence industry and the stranger was a security auditor, and it wasn't pretty. Even if you've known your colleague for years, how do you know he or she wasn't fired an hour ago?
Helpfulness is also your enemy. How many times has your Service Desk reset someone's password when the latter has phoned in to say they're locked out? And how many times have the Service Desk guys thought to themselves: “I wonder if that really was John Smith”?