The Register Columnists

Dave Cartwright

Contact Mail Follow Twitter RSS feed
Dave Cartwright has worked in most aspects of IT in his 20-year-or-so career, though the things he claims to be quite good at are strategy, architecture, integration and making broken stuff become unbroken. His main pastime is shouting at people who try to install technology without considering whether it actually fits the business or the requirement. Dave is a Chartered Engineer, Chartered IT Professional and Fellow of the BCS, and lives with his family on a small rock in the English Channel.
Computer worm photo via Shutterstock

Yeah, WannaCry hit Windows, but what about the WannaCry of apps?

WannaCrypt crippled 230,000 Windows PCs internationally, hitting unpatched Windows 7 and Windows Server 2008 and computers still running Microsoft's seriously old Windows XP, though the latter wasn't responsible for its spread. The initial reaction was a predictable rush to patch Microsoft’s legacy desktop operating systems. …
Dave Cartwright, 20 Jul 2017
Surprised man computer photo via Shutterstock

Feelin' safe and snug on Linux while the Windows world burns? Stop that

The ransomware problems reported by The Reg over the past few weeks are enough to make you, er, wanna cry. Yet all that's happened is that known issues with Windows machines – desktop and server – have now come to everyone's attention and the bandwidth out of Microsoft's Windows Update servers has likely increased a bit relative …
Dave Cartwright, 06 Jul 2017

Who's going to dig you out of a security hole when the time comes?

You may have noticed that information security is something of a big deal these days. You’ll also not have missed that the attackers’ capabilities are far ahead of those of us trying to defend our systems against them. For many people, and maybe you, it makes sense to fill that knowledge and skills gap by bringing in a support …
Dave Cartwright, 02 Jun 2017
Cat in a box, image via Shutterstock

Performance anxiety: A different take on 'hybrid infrastructure'

One commonly thinks, when the word "hybrid" is used, of an infrastructure that combines on-premise (or at least private data centre) and public cloud. But "hybrid" also works in the other direction - across the heterogeneous systems within a particular location. It is rare for an organisation to base itself entirely on one …
Dave Cartwright, 01 Jun 2017
petya

Ransomware realities: In your normal life, strangers don't extort you. But here you are

As "trendy" as ransomware is at the moment, it's a sobering thought when you remind yourself that in this case you're literally having to deal with some miscreant holding your data to ransom. In practical terms, when your systems become infected, the malware encodes your files using a strong encryption algorithm, and leaves …
Dave Cartwright, 30 May 2017
Shouting match

'The internet is slow'... How to keep users happy, get more work done

IT services are rubbish. It’s a fact of life – or at least it is in the eyes of the average user. Of course the nature of IT is that you get far more negative feedback than you do positive: you seldom get people calling the IT service desk to say: “Hey, my webmail is superb today”. But people wouldn’t be phoning if everything …
Dave Cartwright, 23 May 2017
Under a blanket photo via Shutterstock

WannaCrypt: Roots, reasons and why scramble patching won't save you now

I became a Solaris system administrator in the 1990s: first proper job out of university. I read a lot about the Morris Worm – believed to be the first of its type, and of interest to me because the Sun-3 kit I looked after was vulnerable. Not long after, I was asked to take part in a radio interview about the "scary" new …
Dave Cartwright, 19 May 2017
Base jumper photo via Shutterstock

Don't stop me! Why Microsoft's inevitable browser irrelevance isn't

May's nearly here, and you know what that means. Yet another round of monthly browser stats articles. If past trends are an indication of future development, we'll see the continued loss of market share by Microsoft’s Internet Explorer and the rise and rise of Google’s Chrome. I’m old enough to remember the browser wars of the …
Dave Cartwright, 26 Apr 2017
Broken cables, photo via Shutterstock

Have we got a new, hip compound IT phrase for you! Enter... UserDev

Users are those strange creatures who break the computer you put on their desks, and for whom software that has worked perfectly in the test lab suddenly decides to crash. I used to share an office with the most amazing user of all, who could slay the most stable code with just a flourish of the mouse: I'd never seen a …
Dave Cartwright, 20 Apr 2017
Skip full of rubbish outside an office building. Photo via SHUTTERSTOCK

How to breathe new life into your legacy kit now you've gone hybrid

Several things change when you decide to move from an in-house technology setup to a hybrid infrastructure. And if part of the move involves relocating services and applications from the on-premises installation into the cloud, one of those changes is that some equipment suddenly becomes underemployed. If you decided to make …
Dave Cartwright, 19 Apr 2017

So, you're 'ISO 27001 accredited', huh? Just saying so doesn't cut it

ISO/IEC 27001:2013 is more commonly known simply as "ISO 27001". It is, as the ISO website puts it, "the best-known standard in the family providing requirements for an information security management system". On the other hand, many businesses think it is a highly complex, unattainable standard – and a pain in the backside – …
Dave Cartwright, 18 Apr 2017
Heartbeat graph

Graphite core? There are other ways to monitor your operation's heart

The BBC and NHS epitomise enterprise: the BBC has 23,000 staff while the NHS is one of the world's largest employers, with 1.4 million. Their IT estate is vast and central to the delivery of their services. The BBC's iPlayer is on the front line in a world of on-demand TV defined by Netflix, and among its layered infrastructure …
Dave Cartwright, 13 Apr 2017
business meeting, debate over data. Photo by shutterstock

The 'data driven enterprise' is actually just the enterprise

Many, many moons ago – OK, more than 25 years ago – I studied computing science at university. Yet there are still many instances in my modern life where I find myself thinking back to something I was taught in the 1980s. One recent example was a flurry of conversations and articles about the “data driven” enterprise. Back in …
Dave Cartwright, 27 Mar 2017
Pop art style illustration of man exclaiming "WHAT?" in shock/horror/bemusement. Illustration via Shutterstock

Surprise! Thanks to the cloud, you've got a hybrid infrastructure

Hybrid IT infrastructures are rapidly becoming the norm. Even if there isn’t a conscious decision to adopt a hybrid of on-premises/cloud networks and servers (for instance, on-premises servers replicating near-real-time to failover partners in the cloud), the adoption of cloud apps is making many setups hybrid by default, even …
Dave Cartwright, 22 Mar 2017
Zombies photo via Shutterstock

Zombie webcams? Pah! It's the really BIG 'Things' that scare me

I have a new name for the abundance of widgets springing up around the world: the Internet of Little Things. I’m playing with an IoLT starter kit in my office right now, and it lets me do things like sense when doors open or close, turn sockets on and off and fiddle with the mood lighting. I can spend a couple of hundred quid …
Dave Cartwright, 15 Mar 2017
Clone army star wars

Clone it? Sure. Beat it? Maybe. Why not build your own AWS?

You can't move without IT companies telling you about the "amazing" new technologies and features they've just launched, how you can't live without them, and what a shock it is that you've managed all these years before they were developed. And of course the bigger the company, the more new stuff they tend to pump out and the …
Dave Cartwright, 22 Feb 2017
This Damn War image via Shutterstock

Fire alarm sparked data centre meltdown emergency

This Damn War Fire alarm tests are a good idea; you generally want the warm feeling that when something decides to combust, you'll be able to tell people about it with a loud ringing or wailing noise. I used to run what you might consider a traditional machine room. We had a pile of ageing Sun kit – socking big CPU units and cabinets full …
Dave Cartwright, 10 Nov 2016

Data integrity and failover in the hybrid cloud

Discussions of information security tend to revolve around keeping confidential information confidential: preventing intruders from compromising the protection of the systems and gaining access to data they're not entitled to see. But there's more to security than just keeping information secret: it's a three-pronged concept. …
Dave Cartwright, 19 Oct 2016
spies_648

Adding trendy tech SIEM to a hybrid computing setup

As I write this, Security Information and Event Monitoring is considered rather hip and cool. Everyone's talking about it, and the vendors of SIEM software are promoting the life out of it. The thought process that prompts consideration of SIEM is: “No matter what I do to protect myself, an attack is possible so I need to pre- …
Dave Cartwright, 14 Oct 2016
Office 365, photo by dennizn via Shutterstock

Securing Office 365? There's always more you can do

Wherever you look there's yet another SME or enterprise migrating to Office 365. This says a lot for the attractiveness of cloud-based office suites, and perhaps it also says something about the attractiveness of letting someone else look after one's SharePoint and Exchange servers rather than having to fight with their …
Dave Cartwright, 06 Oct 2016

How does a hybrid infrastructure fit my accreditations?

Security-related certifications such as ISO 27001 and, more particularly, the Payment Card Industry Data Security Standard (PCI-DSS), have stringent requirements regarding the controls on infrastructure, how data is routed and stored around it, and so on. Particularly in the cloud components of a hybrid setup, the control you …
Dave Cartwright, 06 Oct 2016
Businessman makes A-OK sign. Photo by Shutterstock

Avoid the dreaded auditor's smirk: Smart policies and procedures for the hybrid cloud

When you get to a certain age, and you've been in the IT industry for enough years, you start to get an idea of what auditors are looking for when they descend on you and ask you pointed questions about your systems. And I don't just mean security auditors: if your company has an annual financial audit the team which comes to …
Dave Cartwright, 04 Oct 2016
Man sloppily eats a hamburger... chips and pickle fall out. Photo by Shutterstock

WAN, bam, thank you... oh @£$%. We've gone dead. Drop the burger. RUUUUUN!

This Damn War This Damn War image via Shutterstock Big, global WAN roll-outs have their hazards. Size is one of them, but you can deal with this with effective project planning and management. Complexity is another, but combining design and a team of highly effective and competent engineers can address that one too. And of course there …
Dave Cartwright, 28 Sep 2016

Reg Programming Compo: 22 countries, 137 entries and... wow – loads of Python

Roundup Our latest programming competition was our most popular yet in terms of the number of entries – 137 in all once we'd de-duplicated them. The judges were intrigued to see just how popular Python is these days: nearly half (a smidge over 48 per cent) of the entries used this as the language of choice, with Java the next most …
Dave Cartwright, 21 Sep 2016

Hybrid infrastructure: You did it. You switched over. Now lock it down. Yes, really

Hybrid infrastructures – where you combine on-premise equipment with systems that sit in a public cloud installation – have their own particular foibles when it comes to management. It's really not so hard, though – here are 10 things to think about when you're looking at the security aspects of managing your hybrid world. …
Dave Cartwright, 19 Sep 2016

Biting the hand that feeds IT © 1998–2017