1194 posts • joined 14 Nov 2007
Re: Complexity !
"Complexity is irrelvant in passwords,what's important is length."
What's important is the number of bits of entropy in the password (although I guess you could say that's the length when expressed in binary). I reckon your second password counts as about 60 bits. Written English has only 1-3 bits of entropy per character, so there's a good chance your passwords pretty similar in strength - it's certainly not definitely the case that the password you say is better really is the better one.
Good free advice is always welcome ...
... I don't know where you're based so your pint is virtual.
Any one remember ...
... those single column displays? A single column of rapidly switched, very bright LEDs that worked through persistence of vision. You looked directly at it and saw a single thin column of sparkling red points, but then moved your head or eyes and you could see the word SMIRNOFF spelled out on your retina.
Did I just dream this? Or was it done with lasers?
up to 70 applicants for each job ...
... does not imply that graduates outnumber jobs 70:1, although I'm guessing that's the shock factor they're going for. In the extreme case, with 70 suitable jobs, and 70 suitable applicants, each applicant applies for all 70 jobs, and there's no problem at all.
If they weren't just attention seeking, a figure representing the ratio of graduates to appropriate opportunities would be a much more useful measurement of the problem. And if you provided figures broken down by specialism, that would be a seriously worthwhile thing to do. Unlike this, which is not just a pathetic waste of time and money but a retrograde step in that it can only serve to encourage various forms of discrimination.
Does this really count as BYOD?
To me, BYOD implied a requirement to run a Standard Operating Environment. If you are 'just' allowing network access and possibly web-based applications, surely it's only half the problem?
My company, I think, would expect its employees to have an SOE with Lotus Notes, Microsoft Office, our selection of anti-malware tools, particular VPN clients and so on - including a few options based on role (e.g. Visio). Furthermore, there would be full disk encryption, in the expectation that documents and other assests you create for the company have to stay in corporate controlled storage. Getting that working on a bunch of different devices that the staff might choose is a completely different kettle of fish to just giving them network access and the URLs for a few server-side apps.
Re: staff unfailingly polite, helpful and eager
<sheldon>... I refuse to contribute to the devaluation of the word genius ...</sheldon>
If that were true I'd be insane for correcting this every time I see it, rather than just foolishly optimistic ... but here goes.
Firstly, there's no evidence that Einstein ever said this (best evidence is Rita Mae Brown paraphrasing a NA text which contain the much justifiable Insanity is repeating the same mistakes and expecting different results.. (The line is on p 25/68, end of fourth paragraph). Secondly, without the crucial emphasis on repeating mistakes, the quote makes little sense and could almost be seen as self evidently false: you could argue that significant ability in almost anything difficult - kung fu, piano, running, software development - can only be achieved through a huge amount of repetition.
Phil that sounds like a good idea, although I understand that most fprint readers let you use alternative fingers in case you have, e.g. a sticking plaster on one of them, so you'd need some flexibility for that.
TeeCee, thanks for the info about that - I didn't realise that it had been debunked, I'll look out for that episode.
I absolutely agree about two-factor authentication (I use it for my work VPN) but I'm not sure I agree about password visibility. For instance, when you are in your own office, mounting an encrypted volume, you are fairly sure about having the requisite privacy. But you still want that password to be extremely strong so that your data remains safe if your server is stolen. This is even more true of mobile devices - sometimes you know you are in a safe environment, and mostly you know you will also be frequently taking that device into a less safe environment.
However, if there were a hidden hi-def camera of which you were unaware, I'm pretty sure that a slow-mo replay of you entering the password, even as a ten-finger typist, would yield so much information about the content of the password that it would make it relatively easy to crack. Even if you can only identify the hand and the row you have narrowed each character to about 5 possibilities.
On balance though, I think you have convinced me that it's a dumb idea, and if I value security I should just accept the occasional need to retype a long passphrase. Who knows, maybe it will even improve the accuracy of my typing!
Re: Passphrase vs Masking
Hi Phil, thanks for the answer.
But I think I don't need blobs when typing on my laptop - any sufficiently well positioned observer / camera can see what I'm typing. Blobs make me feel happy about entering my password with other people watching - which I shouldn't.
As for fingerprint readers, they are a nice idea but cheapy laptop built-ins are pretty terrible. I think they can be defeated by someone lifting your prints from a glass with tape and then simply scanning the tape.
Passphrase vs Masking
One of the problems about using a passphrase instead of a password is that once you have become aware you have mistyped, you often have to start again from the beginning. My favoured solution is a a check-to-unmask*, but I was wondering what you guys would think of a compromise where spaces show up as spaces and everything else shows up as * or the standard password blob.
*actually I prefer it to also default to be unmasked.
Re: Any pointers on how I can be a better agnostic?
Stop accepting medieval beliefs dreamt up by a bunch of high-on-mushrooms bronze-age goatherds as certain, or even likely, to be true in the face of all the evidence that this is not the case.
Re: So much for respecting the religious beliefs of other people.
You totally missed the point. What is your interfaith dialog but simple respect of each other? You don't believe in Allah, they don't believe in Jehova. Neither of your religions allow for a dualistic approach where you are both worshipping the same God. You can say you respect their religion but really you are dissembling.
I similarly count people of all beliefs amongst my friends, including the moon hoax and cost-effective off-shoring I mentioned.. Doesn't stop me believing they are completely wrong and that their beliefs are stupid. I'm just honest enough to say that their beliefs don't make any kind of sense when seen against what I know to be true.
It is the monotheistic religions themselves which say "my religion is the only way" - it's just that each religion's shouty bigots are less embarrassed about saying so. Your diplomacy towards believers of other faiths does you credit, but plenty of antitheists like myself have read your holy books and we KNOW what your religions say. They are not mutually compatible beliefs, at least some of you are wrong, and to my mind you all are. And more importantly if you are a Christian who thinks Islam is a valid belief, you are probably breaking your own rules - they are there in black and white, e.g. Commandment 2.
Re: So much for respecting the religious beliefs of other people.
+1 Jake. People deserve respect, beliefs don't.
If they believe my disrespect of their beliefs(e.g. one the Abrahamic religions; the moon landing was faked; offshore coding is cost-effective) is a disrespect of them as a person, then that is just one more belief of theirs that I do not respect, but I will continue to try to respect them as a person.
You lucky git ...
... I look like an infamous Norwegian maniac
^ (Queue new for: 'Smalltalk Jobs') add: 'Mike 102'; add: self.
... the same is sometimes true of Gaming. My kids are Fallout crazy, they were always playing it. But they've spent the last 6 weeks creating their own levels, learning how to script things, editing 3d meshes, etc. Now they want help building a tips&tricks website to host some of their own content. Is this brain-destroying? I doubt it.
You need to let kids be kids. Same with horses - there's a degree of control you need to exert, or everyone gets hurt, but control-freakery will get you nowhere fast - possibly causing lasting damage.
- is this a throwback to earlier spelling mistakes?
True but ...
If I understand it correctly, this would enable you to fix equipment to a car that would stay undetected for an arbitrary period and later allow an attacker to remotely take control of a vehicle on a high speed road, disable the breaking, accelerate to full speed and then deliberately crash. Difficult to do that with a spanner.
Re: So hypothetically
Off topic -- PLEASE do not use 'fx' as an abbreviation for For Example.
A long time ago ...
... my mentor and first manager in IT Consultancy (after I left academia) ... told me that the point of an interview was often misunderstood - it was social, rather than technical. According to him you
1) select CVs that match well (use technical people to read them)
2) interview to find the people you LIKE, and feel you could get on with in a team. His interviews appeared to be no more than a relaxed chat, but you'd be amazed how many loons could rule themselves out with ill-chosen statements or strange behaviour.
3) mention that you have a 1 month probationary period; the last 3 guys got the chop during that period, and that you are really glad to meet someone who does have the skills they claim to have and who can stay the distance. if they are still interested you give them the job.
4) if they are rubbish, you sack them very quickly and call the people you politely rejected last time.
You *cannot* find out what someone knows in an interview for any remotely technical role, and you can't solve this with harder or longer (5 days!) interviews. You can find people you LIKE, and if you find their abilities do not match what they claimed, you can sack them. Because you used step (1) you can sack them on the grounds they lied on their CV, which is pretty much a humdinger, and no tribunals result. It's much harder to sack people because they don't get on with the team - although these people cause a lot of damage, even where they are individually capable.
I don't like generalizations ...
... or people called Bernard.
+1, but you forgot to mention that it appears to have been an armed assault on his residence
Re: couple of years late
You should have bought it and given it back to the owner!
Re: My solution
I beg to differ: there is absolutely no way that 1920x1080 is acceptable for an 14-15" screen. We don't want to watch movies, we want to do work - without getting migraines. In my opinion, we need to be north of 200 dpi, in order to do this properly.
Re: Just what the world needs …
Wanted to upvote 2x, 1 for clear info and 2 for amusing idiom.
Re: Sounds legit
"wasn't allowed due to unhelpful landlords"
As an ex private landlord, I'm pretty sure 'no pets' carries no legal weight whatsoever. It's less hassle to have a clause that says "pets welcome" and to put in a provision for reparations, and it makes you look better too.
"a cache of 2,500 rolls of the stuff"
Wow is that even a container full? Wouldn't keep my family of 5 going for more than a couple of weeks. What the hell do teenagers do with toilet roll? And, funnily enough, I recall my dad asking the same question about 30 years ago.
... I find all that 3D stuff gives me a headache (props to xkcd, of course).
Re: People forget: Icons should be iconic!
Found a 3.5" floppy in the back of a drawer the other day and showed it to my kids. OH! they said, THAT'S why the save icon is that weird little shape!
Re: Can anyone explain ...
Isn't iRadio going to be what Jango already is? I don't understand.
+1. Arithmetic should be completely mastered by age 11 at the latest: there is no place at all for arithmetic in secondary education.
1TB = 1000GB, 1TiB=1024GiB. Unless you are measuring memory, where the context strongly suggests a power of two, there is no reason to assume anything other than a power of 10 is meant by an SI prefix.
Re: Non-problem? Hardly.
The privileges are not granular enough. You don't have the option of installing an app with some privileges, so you either accept full access to SD card, or you do without the app -- No option to chroot an app to subfolder on the SD card, You either accept access to the camera or you do without the app -- no option for "ask me each time". This would also be useful with "services that cost money"
There is also, afaik, no log of which app invoked which privilege and when, so there is no auditing. So, in my experience, although I don't like it, the accept permissions step of most apps I'm interested in is pretty much just one more click you have to make.
Re: heads need to roll
Halfmad: "I wonder how many private firms are involved in running it"
That, in itself, is usually not the problem ... it's who those firms have outsourced it to that is usually the issue.
Re: @ribosome @Chris Miller
Wouldn't Pluto would have to be pretty damn large to perturb the orbit of Venus?
Re: Peril Sensitive Sunglasses? ala HHGTTG
Did you miss the Guardian's April Fools joke this year? http://www.youtube.com/watch?v=EceOlpgJk_c. 100 seconds in.
Re: Internet, video games, movies, music, all just a little bit of history repeating..
Peter Jones 2: "do your damn job."
As a parent and step-parent, I can hardly express how much I endorse this. The main thing that kids need to avoid is - having kids. Parenthood is intensely rewarding but frustrating, onerous and serious. *THAT* is what children need to be taught. By teaching them that sharp things cut; hot things burn; that all drugs - from weed to crack - are (implicitly equally) dangerous; you are really teaching them that it is the school's place to teach this --- and that, years later, school will also shoulder the burden of it when *they* become parents.
Re: Out lawing porn
The story of King Cnut is applicable in either case: either the informal version where a stupid king cannot stop the tide, or the probably more correct version where a wise king demonstrated to obsequious courtiers that even he could not stop the tide. The point is simply that no-one can stop the tide.
Cnut, ironically, appears one of the names likely to be filtered ...
A "mere" 3 million years? The Himalayas were not around until the dinosaurs weren't: Everest is probably only about 60MY old (~20 times older than this) and it is now over 8.8km above sea level (~250 times more movement). Almost all human development has happened in the last 10% of this time, so just because you can say it quickly, don't forget to really think about how long it is.
Re: We're building a volume knob on your radio...
It is not useful to say that there is no such thing as analogue simply because things are, or may be, discrete at the Planck level.
In your example, there is such a scale difference between water as a stream of drops and a stream of molecules (which may have different masseses, due to having different isotopes of H or O), that the fact that the reality may be digital at the very smallest level is essentially irrelevant.
Might be in a tiny minority here, but (despite loathing Murdoch) I've never had a problem with SKY. Broadband often a bit sluggish in peak periods, but never any problem with Customer Service or the Engineers. That may be in part because the house has 3 boxes and everything-but-the-porn subscription, so my monthly bill is substantial, or perhaps I've just been very lucky. I just wish it wasn't part of the Evil Empire.
Just leaving this here for the few who haven't experienced it ...
We might need these weapons...
... to threaten the Caymans, Bermuda etc.
... you foresee uses in healthcare?
@I think so I am? - Is this your Dad?
Re: Don McMillan
One for the collection - along with such gems as:
- Opportunity selfie: Martian winds have given the spunky ol' rover a spring cleaning
- Spanish village called 'Kill the Jews' mulls rebranding exercise
- NASA finds first Earth-sized planet in a habitable zone around star
- New Facebook phone app allows you to stalk your mates
- Battle of the Linux clouds! Linode DOUBLES RAM to take on Digital Ocean