Re: C'mon guys, we should cut Oracle some slack here.
Because you want the body to drop a foot or so before the noose fully tightens...
5156 posts • joined 7 Dec 2007
Because you want the body to drop a foot or so before the noose fully tightens...
SCO vs IBM is STILL rumbling along
Not really. SCO vs. IBM is stayed pending the completion of SCO vs. Novell, but the latter has already proven that SCO never owned any of the rights over which it sued, so IBM cannot possibly have put SCO's property into Linux, because no such property ever existed.
SCO vs. Novell has been adjudicated, and all that is left is for the damages against SCO to be applied. But that is stayed because of SCO filing for bankruptcy. They're never coming out of that, so it really is game over.
 SCO was not bankrupt when it filed - it merely expected to be bankrupted by the judgement against it. IMO, accepting this filing was the first of many mistakes the bankruptcy judge made.
 SCO's only income was the 5% it got from sales of Novell's UNIX software. That wasn't enough to keep it afloat in 2003; the revenue has dropped off since then. Besides that, it is no longer entitled to the 5% it used to get, since it has been adjudged to have pinched the other 95% for quite some time. SCO owns nothing else - what little it had is now gone, with the money from the sale of any assets gone into servicing the bankruptcy. Kevin Gross has a lot of questions to answer...
 I tried to buy one of SCO's assets. The HipCheck product was valued at $5M when SCO entered bankruptcy. Darl ended up buying it for $35K - less than 1% of its previous value. I tried to outbid him - but was told that, as the receiver had spent more than that on filing for the product to be sold, I would have to outbid him by a significant margin. 'Cos that's fair, isn't it?
Couldn't the ISS crew try to re-inflate this once every 90 minutes if necessary?
Mate, when you get to my age, ...
If they're thinking of shoving fraud liability onto the customer, they should at least start by making sure all their sites are A+ at the very least.
They should do a whole load to improve security.
I'm thinking primarily of the "3D Secure" system. The banks are actively promoting putting (fragments of) a password into an iframe on a website that does not come from the bank's server. IIRC, even the iframe does not come from the bank.
This is just asking to be MiTMed...
Do you really think the people at Dropbox are idiots?
I never used to...
not producing growth, while at the same time consuming lots of management attention
Yeah, those two are often strongly-correlated. Can't think why...
"hit me up next time u need hosting or web services, was my prev job, i'm a right geek wen it comes to this"
Someone so clearly challenged when it comes to linguistic accuracy would not be getting my business for something that so clearly requires getting textual settings right...
First post, spamming us a link to a commercial organisation. That smells a bit funny...
The RepRap has been printing its own parts for years.
HP has had one of those reverse premonitions again...
I think the real reason for M$ getting this desperate is their precouses Windows Mobile platform took a heavy knock recently due to the dearth of apps in the App Store
I think it's the other way round...
For years, Microsoft has made a fortune selling software of variable quality because its customers know where they are with Windows, and often fear to try something different - just look at how often we see the "Linux means retraining all my users" canard here.
With the advent of mobile computing, people are already taking their first steps away from Microsoft - and are realising that they no longer need to Redmond Behemonth. Too much of that, and Microsoft's empire will crumble.
Thus we have the Windows Phone play (of whichever recent flavour - the strategy is the same, it's just the implementation that keeps changing); MS is trying to get mobile users to associate thei mobile computers with their desktop/laptop/other computers by giving it the same interface and - largely - the same ability to run software (we'll ignore RT for the time being). This is the mechanism by which Microsoft expects to prop up its desktop monopoly.
But it's all going wrong - Windows Phone is a rounding error, so it isn't going to prop up anything. And by gluing the mobile-style UI on top of the desktop product, MS has alienated a huge number of its long-term customer base. The end result of pursuing this policy will be to cause the MS desktop saturation to decline.
There is a simple way out of this for MS - drop the GWX bollocks, drop the spyware, drop the forced upgrades, put the Win7 UI onto the chassis of Win10. The result will be something that plays much like Win7, but with the improvements of the Win10 OS. And that will involve eating a lot of humble pie; I don't expect them to do this until it is far too late to save the empire...
 I am told - by people who know - that the improvements under the covers are very real indeed. I don't have sufficient eperience with Win10 to be able to prove such claims, but I am happy to acknowledge them.
Ubuntu 16 went on happily enough. ui not very good
Pick another one - you have choices now. Find something you like, rather than something you're required to use...
Because the electronic ones suffered from Braun-outs?
That was a Krupp pun...
They have all this technology and IMHO it's not implemented correctly
That's your opinion. The junction designers will, obviously, disgree.
you will notice a vehicle at the lights say 200 yards ahead and the lights go on green but by the time you get there it's back to red, no vehicle has come onto or through from the junction from either side
This is frequently the case if you are trying to drive between lights above the speed limit. It is deliberate.
can't we have a system that sees say ten cars on the main road and two on the minor road and adjust the lights accordingly?
Yes, you can. And, moreover, you've got it. Junctions have counted cars and measured approach speeds for *decades*. The behaviour you are seeing is almost certainly the behaviour the designer wanted. There might well be a good reason for him wanting something different to what you want.
This road is a particular pain in the bum as the speed limit on parts of it have been reduced to 40 MPH because of a few pedestrian accidents and at least one bicycle death.
If you've got pedestrians and bicycles on the road, that really doesn't sound unreasonable to me. Have a go at walking/cycling along a road with traffic coming past you at 60mph - it's really not pleasant, especially when certain drivers can't estimate the width of their vehicles as well as they think they can.
It's a three lane road in some places FFS the same as most motorways
It's very different from a motorway. A motorway is entirely populated with performance motor vehicles driven by trained and qualified drivers.
If traffic lights were clever and detect that one side of the junction was far busier than the others it could instead of just being on a timer and adjust accordingly, maybe this already exist to a degree but I've never seen it in action
It is probable that every major junction you've seen in the last 40 years or so has done exactly that - you will usually see at least two sets of tar-filled trace cuts in the road (diamond or rhomboid depending on manufacturer) and often IR and doppler sensors on the signal head. That this system gives different control signals to the ones you want might give you pause for thought.
Disclosure: yes, I've worked in this industry.
 I've seen - and made - many claims that the target speed is actually less than the speed limit. I cannot confirm that it is so - but that might be appropriate at highly-congested times, when a small reduction in speed leads to a large increase in throughput.
 I was walking along the road in Lymington a couple of weeks ago, and actually had to jump into the hedge twice to avoid being hit by vans. It is time for motorists (including me) to be held accountable for their actions...
You can do this in the US, when the cops are in the public, can you do this in the UK
With very few exceptions - yes, you can.
Of course, that won't stop them trying to confiscate your equipment and claim you're acting unlawfully...
 e.g. when your use of a camera would inadvertently record images of a secure establishment where photography is not permitted.
I'm reminded of this advice:
Whilst this is all reasonable stuff, be aware that this is very much US-only advice. The UK has different "rights"...
So why are they spending what must be quite a lot of money in advance of those changes that will be required?
I think this works best without changes to the law.
In the event that a police officer is accused of malfeasance of any sort, the camera will usually answer the question immediately - so an innocent officer can be exonerated the same day, and a guilty one shown up for what he is.
Changes in the law to remove the PACE safeguards would be an enormous retrograde step.
 Neglecting any camera fault / flat battery -type excuses (which would probably be grounds for increased scrutiny).
there are also people I know abroad and phone calls are not cheap
Phone call pricing is really quite bizarre.
I phoned my brother in Sydney the other week. A phone call to the other side of the planet - and it was cheaper than ringing my next-door neighbour...
In the case of LinkedIn they could get in touch with your contacts and tell them they're a c**k, that you shagged their mum, that you worked somewhere disreputable, that sort of thing.
...Or they could say somthing that's untrue...
an independent reviewer ... appointed by the government
It's always easier to get the result you want from an independent when you get to choose who he is...
an attacker, upset at the comment could correlate DNS access times and post times to retrieve the posters IP address
No, I don't think so.
When we first come to these fora, the browser loads
forums.theregister.co.uk, which will result in the first DNS lookup. That returns the appropriate record - in this case, a
CNAME to the address of the www server, and potentially a couple of
Eacjh of these records has a "time to live" value associated with it - for these fora, all the records currently seem to be set at 300 seconds (which is a bit short, but there you go). That means that your computer won't even try to look up those records again if you do something within 5 minutes; a visit to the fora is indistinguishable from a post to same if you're quick, and from an upvote/downvote if you're not.
On a sufficiently busy site, with a reasonable TTL, and reasons for interacting with the server (e.g. the voting buttons), correlating DNS lookups with posts is going to be incredibly error-prone. You might be able to find something over a *very* long period of analysis, but I wouldn't consider it realiable.
Use Verify to Authenticate an individual, and it's own internal system to Authorise that individual to do something.
That's a potential minefield when you have firms of accountants; you need to authenticate someone as a member of that firm, and that means having the firm's owner/controller maintain a list of people who are authorised for each potential client.
It gets messy real quick...
I was on one back to LHR from BRU that felt like it had its wheels on the ground the whole way. Bloody bumpy it was.
The most worrying turbulence I've ever had was early on in my flight training.
It was a perfect flying day - plenty of visibility, little wind. I was flying a 360° level turn. As I turned back onto my original heading, there was a pronounced bump - I thought I'd hit something.
I had hit something - my own wake. And it was lumpier than I was expecting...
Thank you for confirming that I am doing my job!
You'd do it better if you arranged a few facility tours. There are quite a few plane geeks on here...
Lockheed SR-71 Blackbird - sexiest plane EVER.
Bit shit for carrying large cargo loads, though...
It reads like marketing fluff.
There have been some changes around here lately. There was a missive about it at the beginning of the year, IIRC.
This is the new El Reg.
After long calls with DVLA I was told to just forge a signature.
Long before SORN, I went in to a DVLA office to pay the back-tax on a car I had that hadn't been taxed for over a year.
They wanted my reference number from the Police. I didn't have one.
The (rather condescending) clerk then explained to me that I would have been gevin a reference number when the Police caught me without road tax, and that was what they wanted.
I then explained that I hadn't been caught, and simply wanted to pay the back tax because it was the right thing to do, and I didn't want to get caught.
They had absolutely no idea what to do with this situation.
In the end, a senior manager had to be brought out to deal with me, and we thrashed out a mutually acceptable solution. But the comedy value was enormous...
You know the paper licences are not longer valid don't you?
No, I don't. Because they are still valid.
What they are not is an acurate record of any endorsements you might have - that now needs to be looked up online, which might confuse car hire companies. But the licence is still valid.
Wait. Once it next expires, they will charge, and it will be a plastic one.
Once it expires. I shall be 70, and probably not safe to drive...
 I've seen how I drive...
but the point of using "the cloud" is that the data becomes available through existing connectivity: it does not require a new bespoke network.
Putting your data in the cloud does cock all good.
Using existing connectivity to pass messages is a good thing.
The latter does not imply the former - indeed, the former is actively harmful to any real-time reporting, whereas the former is a good thing - and has existed for far longer than anyone has been spouting crap about "cloud".
The Internet is not "cloud". The ability to pass messages cross the world is not "cloud". Sending emails, as we have done for some decades now, is not "cloud".
As much as we may get stressed about the possibility of data getting to unwanted parties, it is impossible to ignore the health benefit
Yes, but the benefits arise from having sensors with the ability to send notifications; putting the data in the cloud for processing is a net detriment, since it requires connectivity and availability to be of any use whatsoever.
This is a puff-piece about Cloud. Cloud is the last thing you want in this sort of situation.
I wish somebody in the government would give me a public/private key pair. Then I could encrypt my data in the secure knowledge that only I and people who I authorise could access it.
Well, not really.
If you encrypt with a private key, anyone can decrypt it with a public key. And that's public.
But if you encrypt with your public key, the recipient needs your private key to decrypt it. And then it's not private any more.
What you actually need is to know the recipient's public key, and the encrypt with that. And then we're straight into the usual problems of key verification and making sure that the holder of your data actually follows procedure and encrypts with the right key, rather than just sending it all in plaintext.
TL;DR: the author of this piece made up the bit about sharing health information without really thinking through how it will work. 2/10 must try harder.
 And the rest of the article, really...
IIRC, that's also in the TPD: There are tight restrictions on cross-border sales of e-cigs and related products.
I've heard this a few times.
That would seem to inhibit the free movement of goods, and is thus contrary to the EU's fundamental freedoms. That would appear to be a breach of the Treaty on the Functioning of the European Union.
I wonder if this legislation will end up being struck down for being unlawful?
 Their words, not mine...
Or installs some malware into the machine, or has to install a certificate to connect to a VPN, or ...
None of that is an SSL issue, they''re all trsut compromises.
In summary if your computer belongs to a domain you can assume that the corporate firewall is decrypting your traffic.
This is why I use an invalid certificate on my server - if I *don't* get a warning, I know someone is intercepting my traffic.
sslstrip downgrades the connection
It doesn't. It just replaces https:// links in HTTP with a corresponding http:// link, pushing your browser to use HTTP rather than HTTPS. If you use HTTPS, it does not and cannot downgrade the connection.
Well, the beer is basically breakfast cereal
The "Breakfast Stout" is becoming very popular these days. It's brewed with oatmeal. so it takes the harsh edge of the stout, making it far more palatable to those who aren't normally stout drinkers...
 I think Founders did the first one, but there are a few doing the rounds now.
 And it is very pleasant indeed...
Only if you used an email account with LinkedIn that you used elsewhere
LinkedIn seem to have done a load of email scraping somewhere.
They sent me the email telling me to reset my password - but they sent it to an address I've never given them. The address on my profile has not been notified...
 I thought it was a phish at first - but it checked out.
I'd probably have opted for making the cables myself
Alright, that's three of you now who have downvoted me without bothering to mention why.
So here's a question for you downvoters - how many of you have actually cabled a building before? Because I've done a few now, and whilst the first mile of cable I ran was hard work, it's one of those skills that does come to you. A skilled wireman and his mate can cable a building far more cheaply and far quicker by running cable from a box than by buying pre-built cables. Which is why they do it that way.
 I was employed for that, so I wasn't taking the financial risk. Which was nice.
 I don't consider myself highly-skilled in this area. But I do have sufficient nouse to know when it's worth terminating ends myself...
... /etc/passwd doesn't contain any passwords.
Its disclosure is certainly very embarrassing - and there might be some mileage elsewhere in this exploit - but it isn't the heinous problem that the article implies.
Providing the content incurs costs. One way to finance this is to ask an ad-broker (eg Google) to fill some space
There are other way to pay your costs.
An obvious example would be Groklaw. It was a high-volume, high-quality site for a decade. The reason it shut down wasn't to do with a lack of funding - it was a lack of ensured privacy.
Groklaw had a tip jar. We all put a few quid in - often a *very* few*. But it was enough to pay the bills - and when money was running out, PJ would ask for more money, and more would appear. That's the thing with community - people do their best to support the things that matter to them.
Funding your site by advertising is more like dipping into your users' posckets without their say-so; you'll get away with it for a bit, but no-one really likes it.
 Technically, Groklaw hasn't shut down - it just isn't very active any more. But it was extremely lively for a good decade...
You could use an IP-based system - which would mean you get ads while away from home.
Or you could use a cookie-based system - whic means you get ads if you ever clear your cookies.
Frankly - whatever system is put in place, it's going to upset someone.
So what's really going to happen is people are going to carry on using ad-blockers in the way they are currenly using them.
Police surgeon's job.
Should be. I'm not always sure it works that way.
My mate's girlfirend died suddenly a few years ago. The cops that turned up were convinced he'd killed her.
They made an intimate inspection of her body. They weren't exactly respectful. They weren't exactly sensitive to the grieving family members in the house.
Once the truth of the matterhad come to light, there was, of course, precisely zero action against the perpetrators of that inhumanity.
 He hadn't, of course. She died from natural causes.
 You've seen the over-used snapping of the latex glove thing? They did that right in his face. Bastards.
“Their business looks a lot like ours. Cyber criminals look to maximise their profits and minimise risk,” HPE argues.
The businesses are very different. Cyber criminals don't sack all their best people.
[ I was going to do the "well they would, wouldn't they?" joke, but someone else did something rather similar above...]
Embolden? This guys is a fucking moron so no surprise at his statements.
It seems that "being a fucking moron" is on the job description for FBI mouthpieces at present...
He needs to embiggen his educationing.
As do we all. But in this case, his use of the word "embolden" is correct.
If you suspect that the ransomware group may be funding terrorists and you pay them anyway then you are a criminal too.
...then you might be suspected of being a criminal too.
For you to become a crimnal would require a jury to find you guilty.
Both fully addressable through the use of Standards
No, not completely.
Although standards might describe *how* to build a decoder, that decoder doesn't exist until someone builds it. So someone has to do that engineering to implement the standard; the first manufacturer will have to commit to that development with no possibility of selling any units unless the service takes off. It's a chicken-and-egg thing which is fixable by giving that manufacturer a time-limited monopoly.
And as for the time-critical bit - yes, if every manufacturer implemented the standard correctly, then any box would do. But they simply don't; some kit is sorely deficient. And if you're trying to ioplement a phone system across routers that don't work properly, your phone system is not going to work. It's wrong, IMO, to penalise the operator of a working service for the deficiencies in equipment he neither built, sold, nor specified, but rather was forced to accept.
Our local tv/telco/ISP lets us use a 3rd modem for the broadband only, but not if you go with VOIP or the TV box
I have two small caveats to use of a third-party box.
Firstly, when a new type of service is being rolled out, there is quite a lot of NRE to get the hardware ready. Without new hardware, there is no service. In this situation, I think it is reasonable to have a time-limited monopoly on the new hardware; the alternative is for the service to be priced to cover that NRE with the boxes thrown in "for free", and that doesn't actually help the consumer.
The above clearly does not apply when hardware to do the job is already on the market.
Secondly, isochronous transport - such as TV or VoIP - can be extremely sensitive to hardware; I've seen many phone systems that are sat behind the crappiest router known to man, and the customer bellyaches that his phone doesn't work. Swapping out the router for something of decent quality brings the system up ar expected. So whilst I wouldn't forbid third-party hardware for this sort of job, I would explain to customers that it would be their responsibility to choose something that works, with attendant charges for call-outs that end up being down to inappropriate customer-supplied hardware.
But these are minor quibbles; in general, customers should have the right to choose the kit they use.