Re: Dear Claire,
1432 posts • joined 14 Nov 2007
"You have to assume that anyone with an agenda already knows the phone numbers of most of your workforce" -- NumptyScrub
Agreed, but I don't think that being aware that serious actors already have this information should cause one to drop one's guard -- I doubt the person who provided the number thought it through and decided, well, all our enemies have the director's personal number anyway, so what's the harm? Giving away a personal detail like this is symptomatic of an organisation inadequately defended against social engineering attacks.
It seems to me that it may not be that big a deal that someone fluked a call through to the PM, as long as he's smart enough not to be social engineered (is he?). But the handing out of a mobile number, whether classified or not, for any employee, let alone a senior one, is a serious security breach. You try phoning my company (a bit of Googling will tell you who it is) and I will be absolutely gobsmacked if they give you my mobile number, job title or even confirm that I work there.
We expect GCHQ to be at least as resistant to social-engineering as major corporations, don't we? What really worries me is if the disclosed number was used to enable the second incident - did DC see a caller ID which initially led him to believe it was the director of GCHQ?
"It would be interesting to hear the author's view of how repressive and intrusive UK legislation and proposals are vs. Thailand."
It would be interesting yes. But I've never been a sucker for the fallacy of relative privation ("it's so much worse in Thailand, so what are we complaining about"), and I think we need to be clear that, inasmuch there are 'nuances', these should not exist at the level of the IT professional, however senior or experienced. Judge says surveillance on those people there, IT professional says OK. Anybody else says surveillance on those people there, IT professional says NO.
"I would have been obligated to spy on and report on my customers, monitoring their communications for “sedition”, and I found the prospect of that intolerable."
... but I wonder if you've been following the UK news whilst you've been away?
"Next: the sphincter-tightening terror of tensor calculus." --- Destroy All Monsters
Ah, yes the method of steepest descent can give one the willies --- especially if one is in a complex plane (like an Airbus a320)
"My laptop does that all the time. It's Linux Mint and it's called a "feature" :D"
It's not Mint, it's GRUB. And it's easy to configure to, amongst other stuff:
1) autostart an entry after n seconds
2) default to the last started entry
3) not show a menu unless requested
Sounds like you need (2) and (3) - a few minutes work with a search engine will tell you what to do.
[Edit: you can use the tool grub-customizer if you don't fancy editing the config file]
Linus says: "Go stick your head in a pig"
... not only in the long term moral sense of 'defending our way of life by throwing it away' but also in the tactical sense of enabling teenage basement-dwelling jihadi-wannabes to entirely paralyse the security services simply by generating false leads --- without having to do anything remotely approaching the level of donning a vest.
... and something is odd in the bar chart. Sure the data looks "logarithmic"*, but that graph ain't. (and if it were, of course, the data would look linear).
*yeah, I know, this way round it's an exponential decay. Although without some curve fitting there's a number of distributions this could be.
[Edit: a closer look at the text suggests the author could have meant that industry bar charts have to be logarithmic or otherwise they'd look like this. I think it could have been a bit clearer - perhaps the inclusion of one of the mentioned logarithmic graphs would have been helpful?]
(actually they were very good, but that's by-the-by)
... most of them were called Nguyen! I think some estimates are one third to forty percent. For comparison the top British surnames (Smith, Jones, Taylor, Brown) together make up about 3% of the total.
I'll take a horrible job for $$$, a moderate job for $$ and a brilliant job for $: so would most people.
However, last time I looked at the contractor market I was offered day rates significantly below what I make as a permie.
Recruiters: if you want a smaller number of people to do what would ordinarily be the work of a larger team, plan to spend 80-90% of what you'd need for the full team. Less than that and your small number of people will create an even bigger problem, very quickly indeed.
"as the gaming community is usually the one that pushes for higher-res stuff, but we're already OK " --- Daniel B.
You forgot the word 'console' :-) The main reason I'm cheering 4k is I can see the horrible drawn out "1080p is good enough" era coming to an end.
"Also, what about the case where someone is maintaining code and has (sensibly) decided to stick to the original coders style?"
-- or copied and pasted a good example from the net?
Something like (politeness adjusted up or down depending on context):
"Sorry, but you've been had - that is a false story from over <N> years ago <link>. If you want to avoid getting had again, check these: <link> <link> <link>" [Usually snopes, hoaxslayer and google].
It also helps to educate people about the 'blue tick' so they don't think it really is Range Rover giving away a brand new Evoque to a random 'liker' that says what colour they want.
The third time I have to send personal messages like these, I block or unfriend. Over time, my feed has cleaned up nicely!
"Given that Facebook has taken 10% of my employee's productivity - then I need to employ an extra 10% of staff to get the same job done. Of course 1% of this would be re-taken by Facebook and so on."
You need to employ an extra ~ 11.1% of staff. It's the same percentage problem you get when sellers have a "no V.A.T." sale and people (often the sellers themselves!) think this means 20% off.
... the upvote article button?
... I'm still on the lookout for a replacement phrase for "chicken and egg", as this particular conundrum hasn't been one since about 1859 :-) Any suggestions?
Apart from expressing the fact that the script writer was a total jerk - I could forgive it if it weren't so clear they realized it was dangerous and couldn't be arsed to do a 10 second google to see how to phrase it - I'm like to know what people recommend here. Removal of backup devices or media is obviously good, but what are the additional strategies here to defend against executables you want to trust, but not completely?
Back up to tar files (preserves permissions and owners), which themselves are owned by 'backup' and/or not writeable? Run such executables as a different user? Chroot them?
"I'm barely able to contain my snickering contemptuous mirth."
Honestly, that's a pretty disgusting thing to say. Are you sure that the implicit superiority expressed in your post is justified? You seem to be a pretty poor kind of a human, to be frank.
Haven't had time to play GT5 but I remember GT4 as a highly moral game. You could do immoral things, sure, but that was up to you. Murdering prostitutes for money is certainly possible, but that arises as a consequence of open-world gaming with detailed supporting logic; I got to 100% without murdering a single prostitute.
As a projector user I already find the currently fashionable habit of cutting to white rather than black; (and minimalist slogans on a bright white background) rather uncomfortable. Looks like watchers of regular TV will soon be joining me in shielding their eyes.
You'd better tell the World Wide Web Consortium they've got their name wrong.
"Colleges, the health industry and athletes seem to have cottoned on quite some time ago." -- Bassey.
In fact, I remember a highly respected nutritionist (one of the WHO senior advisors at that time) at Oxford Brookes telling me that the link between the plasma markers and what one actually ate was embarrassingly weak, and when added to the uncertainty between the markers and the diseases, pretty much left you with nothing more than "eat sensibly and exercise sensibly" - the same advice, as he pointed out, that has served people well for thousands of years. This must have been about 25 years ago.
In addition to many excellent suggestions (thanks) in the article and the preceding comments, perhaps I could just mention Emacs; the UnxUtils collection of native (not cygwin) core utils; the whole of the rest of the suite that ProcessExplorer belongs to (Autoruns, Handles, Sysmon, PSservice etc). Also something for mounting ISOs is nice (I use VirtualCloneDrive), and on the subject of disks, I love WinDirStat and its graphical representation of how storage is used (roughly equivalent to Linux's Baobab). And is it just me that loves Q-Dir as a Windows Explorer replacement?
I also like to have a few extra command-line binaries like sha256sum, base64 etc.
(Probably just me, but I always have GnuPlot, GeoGebra and a free Smalltalk development environment - such as Squeak or Pharo - as well)
And - not an application, but any windows system I use, first thing I do (ok, after installing a Dvorak keyboard YMMV) is to put the task bar up the left hand side, with small icons, so you can actually read what the windows are! And what else are you going to do with all that horizontal space when the vertical resolution doesn't allow 2 A4 sheets side by side?
Some people don't. I was in a TV shop years ago when 100Hz was new and a couple came in asking which where the 100Hz TVs. The salesman went to find out, and I just pointed out the ones I could see. "You know a lot about TVs?" they asked? "No - I can just see which ones aren't flickering" I did wonder why, if they couldn't, they wanted a 100Hz TV.
Judder, audio and video artefacts are similar. They drive some people wild, and others barely notice. But -- it's still completely unacceptable for Google to manufacture an international product that only works properly in the USA. It doesn't cost less in the UK because it is less suitable - you'd have a good argument for taking it back as unfit for purpose (IANALBIPOOTI).
"But imagine that somebody killed your relative ..."
Stupid argument, I'm suprised you're not ashamed to make it. I was going to explain why it's stupid, but I'm sure you're too stupid to understand, so I won't bother. Perhaps I'll just ask whether you would like government/police operated TV throughout your house? No? But what if somebody killed your relative?
I, too, really laughed out loud. So much so, that I drove my Audi into a marked police car.
"Anyone else would have fitted the spare and carried on..."
Since you appear so interested: I attached the tube of Tipp-Ex thoughtfully provided by Audi; attached the 12V inflator as instructed; and it all blew out of the tire all over the road. Obviously there are other circumstances that could have been impossible for a driver to even attempt a repair.
If you are *really* interested, the situation was complicated by the fact that it is a company car, operated by Lex, whose 24 hour line goes straight through to the defunct RAC number. So I can't just call the AA, tell them the RAC are tossers and that I want to change membership. I can't have the car towed by A N Other contractor as I have no authority to do so, and no-one to contact to get that authority. It is a cabriolet, in the middle of nowhere, at 02:00 on a freezing cold winter night. I have two phones on two different networks, a blanket, water, chocolate. I think the idea that I was unprepared is ludicrous - my only mistake was giving the RAC so long to answer the phone before calling a cab, but I knew it was going tobe more than £100, and hard to reclaim (it was -- actually, I still haven't got it back).
I had the misfortune to have a blowout 5 minutes into a 4 hour RAC outage earlier this year. They blamed 'Vodafone'. I told them I thought it was pretty unsatisfactory, given that their entire business model is answering the phone and dispatching patrols that they didn't have a backup.
For instance, I could have tweeted them my location. At least they could have announced their outage on their website and I wouldn't have waited several hours before giving up and calling a taxi. I was also amused that they told me 'coordinates don't work' when I told them my location.
Still, before I ramble off about that, my point is this: what is all this single-point-of-failure nonsense and could it possibly have anything to do with 'corporate cost control' being all the rage rather than an emphasis on achieving the business' publicly stated goals?
"Actually we do need a new filesystem"
Perhaps we just need to use, or allow the use of, the well-established modern ones - like ZFS.
How about Meat Loaf: "Life is a Lemon (and I want my money back)"
"I'm afraid the engineering-a-bridge equivalence argument that people like to cite doesn't apply because the software logic in a large system can be exponentially more complex than the maths involved in making a bridge stay up" -- boltar
Exactly - if bridges could fail because of a submillimetre-sized misalignment, there wouldn't be any still standing. There are essentially no engineering problems in any other discipline that approach the complexity of software engineering problems.
"I'd love to know what they'd gain by imprisoning me"
I still don't get your mindset; you cannot imagine being framed, Colin Stagg style, but you can imagine the very unlikely situation that you are involved in a terrorist incident.
The simple stats are that the police or security services are more likely to kill you than the terrorists are. Now, say they do, would you rather your family eventually get justice and compensation or would you like to live in a world where whatever the police or security services do is right by definition?
"I still can't see it ever happening to me ... either way I'll take my chances." - jon48
So, you're prepared to take the risk of your rights being eroded, but you aren't prepared to take the much smaller risk of being a victim of a terrorist attack?
Here's my get-rich-quick tip for you: instead of paying your household insurance, spend the money on lotto tickets.
"It's now a
very threadbare, cringworthy running in-joke. Like:
1) Hefty Boffinry Mag
2) Yahoo! Headlines! Like! This!
3) Err .... that's it
... in a tank opposite the telly --- they would get fed when the evening's telly was over. When the telly went off, up they all came to the surface; I swear some of them even learned to recognize the tell tale signs of the cast-list going up before I even hit the off button.
Even C. a. auratus are certainly a long way from the "Holy Carp! When did I get a castle?" stereotype.
"Humans have lived for hundreds of thousands, if not millions, of years without this kind of tat" -- jake
For most of those millenia, 35 was old. Whilst I agree with your sentiment in a lot of cases, hard data can be useful. My old GP used to reckon that if every bathroom scale was swapped by the NHS for a blood pressure monitor, several lives would be saved: you know if you're fat when you put on your trousers; you pretty much have no idea what your BP is without measurement.
"There is absolutely nothing in luxury products that guarantees better quality or durability"
Price is one part of the context surrounding the "implied terms" of quality in the UK's Sale of Goods Act (SOGA). A £600 washing machine would usually be expected to last longer than a £150 one, unless the more expensive one was for a specific low volume use (e.g. in a caravan) and the buyer had used it as if it was for normal volumes. But a premium product like a Louis Vuitton bag is not always more expensive because a "reasonable person" has a higher expectation of durability. One might possibly have a case with such an item if it were badly made, however (as 'freedom from minor defects' and 'appearance and finish' are also possible implied terms).
The whole SOGA is based, very reasonably, on what a reasonable person would expect. It is quite possible a judgment would take into account that a reasonable person knows that a Mac will be more expensive than a similar specification PC and that the premium implies qualities other than increased durability (compared to the PC) --- but it is also quite possible that a judgment would say that an expensive computer should last longer in normal use. If it turns out you've been maxing it out 24/7 the judgment may be different again.
"Until every single person on the planet has everything they do recorded and every health issue recorded this kind of statistical "study" is just a waste of money" --- Lusty
If that were true, and every datum needed to be collected, opinion polling, a significant amount of quality control and a huge amount of science would be invalid --- we'd still be unsure as to whether or not cigarettes were harmful.
IS2R that a randomly chosen sample of 1000 from a population of millions would give you a worst case 95% confidence interval of about 3 percentage points on an either/or survey question. This is obviously a more complex case, but if sampling is good enough, it is certainly possible to draw conclusions about the population with a high degree of confidence.
"No, they mean TFLOPS. 16PFLOPS is world top 4 territory and not something the Met Office are buying."
I'm pretty sure they aren't getting ripped off that much. The Cray Titan at Oak Ridge is ~20PF and that was $100m in 2012. It's got to be Peta rather than Tera in this case.
"There's something wrong with your maths."
Ah yes, *wipes egg from face*, looks like I should debug the old mental arithmetic unit again.
But I was interested in the idea that it gets harder and harder to accelerate because the mass of the craft increases - doesn't that just mean the mass of the propellant increases as well, so that the thrust stays constant?