Posts by Mark Simon

Do they plan on inviting the FBI? Or would the FBI prefer to keep quiet … ?

The worst part …

is how counter-intuitive it is to disable 3rd party cookies. For Firefox:

1. Preferences

2. Privacy

3. History: Use custom settings for history

4. Accept third-party cookies: Never

… what?

Does that add up?

From the figures presented here, it will take 50-100 years for ARM’s revenue to match the purchase price.

I know that the Japanese have a better sense of long-term investment than Australian investors, but … ?

Dire Consequences

I once did some contract work for a company who were somewhat tardy in payments. When the manager sent an email to the contractors about his cash flow problems, he put us all in the To: header.

This resulted in one of the other contractors emailing the rest of us telling us that we’ll probably never get paid. This in turn led to more emails, and eventually we became an informal action group, each of us sharing tales of woe, as well as snippets of scandal.

The company folded, the manager went bankrupt, and was given a gaol sentence for crimes committed in trying to cover his financial problems.

We never did get paid, but it makes a good story — not using the BCC button can get you in deep trouble.

“Schoolboy Plitics”

“Just you, and your schoolboy politics, and your idiotically conceited faith in your own importance.” — Sir Nigel Irvine in The Fourth Progocol (1987).

He could have been talking about the whole WikiLeaks thing. It doesn’t matter what noble thoughts they had in mind, it doesn’t justify acting like a bunch of children who either don’t know or don’t care about the consequences of their behavior.

Owncloud

I use OwnCloud precisely because I don’t trust any of the others to (a) keep my data intact, (b) keep my data secure and (c) keep their promises.

I know that involves running a (Linux) server at my home office, but that is a lot less of a headache than losing your data or being beholden to a third party who keeps changing the rules.

Not Open Source

“… popular open source database …”

As far as I am aware, SQLite is not open-source, though it is in the public domain.

Among other things, I would guess that has some effect on how bugs are handled.

Not all unused features are useless …

The problem with some of the features is that they are new and not fully implemented in the other browsers. This is true of advances in JavaScript and HTML5 which should make development much easier.

IE is, of course, the key offender, and as long as some developers are worried about Legacy™ support, they will have to forego the new features in favour of older ones with wider support. And it’s no good mentioning that newer versions of IE or Edge support the newer features if you’re after the widest audience.

Another problem is that some popular libraries, such as, say, jQuery, may not take advantages of newer features, and their immense popularity with developers may reflect this.

re ECMA

ECMA changed its official name from the European Computer Manufacturers Association to ECMA International about 20 years ago.

Just so you know …

Grey Areas

I agree with the EU’s stance, but I’m a little unsure where the boundaries are.

Search engines and other services use the IP address to guess the location, and mobile devices already have access to geolocation via JavaScript. Servers and JavaScript have been known to do some browser and OS sniffing. Even screen size sniffing to choose suitable images. Can’t this be regarded as private data in the same sense?

That should work …

I don’t go to the cinema any more because the movies are boring, the food is over-priced, the seats are uncomfortable, the advertising is painful, I’m surrounded by jerks who can’t enjoy am movie in peace and I’m being charged a fortune for the experience.

Now what could entice me to change my mind … ? That’s it! Allow twerps with the attention span of an epileptic rabbit on heat and the intellectual capacity of a sandwich to light up the place with phones on TwitFace or some other loser network. That should round of the experience nicely.

Waste of Bandwidth

How much of this data is due to the ad networks, not only on web pages, but also on add-supported apps? How much more of the data is squandered on loading muscle-bound libraries designed to crack a walnut with a pile driver? And, of course, poor so-called responsive design which serves up oversized images and videos just in case?

I’ve recently switched to Vodafone (in Australia) allowing me to share data allowances on all devices. Until last week I had 19Gb available!

The Happiest Place on Earth

Where does Disneyland fit in all this … ?

There are still bugs in such routine tasks?

The function looks like a pretty hard-coded way of performing what should have been a routine task — concatenating strings.

I though good coding included packaging routine tasks into reusable functions or methods, so that we can move on from debugging the umpteenth incarnation of the same code.

It’s us vs them …

The publishers are assuming a business model which regards consumers as the enemy, and harasses them to toe the line. Not normally a good way to endear them to the customer.

I agree, however, with the description of AdBlock as a protection racket. I also agree with this being naïve & complicated. They just for got to add pointless, antagonistic and suicidal.

Goes without saying …

“Police use of illegally held biometrics broke the law”

Things done illegally often break the law. Funny that …

What a surprise …

Oh look, large company with a vice-like grip on its customers is saving its own money at the expense of its customers. This works as long as customers have no alternative — until they find one.

Plan B

What the Internet needs is a more intelligent revenue stream. Ads are a model that sort of worked in Free TV, but are clearly showing signs of age. On the Internet, we have the technology to block them, and there is an increasing expectation that we should be able to.

I’m lucky. I can live without sites that force ads on me. I’m happy to pay a subscription for the good ones and to abandon the mediocre ones.

But who owns the device?

In general, it’s good that Apple is refusing to break into its own security system, and it’s good that the security appears to be working, too well for some. But surely this is an exceptional case.

The news reports indicate that it is the county itself who owns the phone. Do they not have a legal right to access what is on their system? Although the phone was legally used by an employee, does that employee have a legal right to expect to keep their data private? I thought that this would be similar whether your boss has legal access to emails on your work account.

I’m (obviously) not a lawyer, but I wonder whether the real owner has the legal and moral right ask for help picking the lock. Apple would then have the face-saving option of agreeing on the grounds that they are assisting the owner and not some evil third party, and that this could not possibly set a precedent for government to gain access to everybody else’s phone.

The decent thing …

… is to open-source the app. I always thought that it was a pretty decent app, especially since it was free and cross platform. I only got rid of it because I hate being tethered to Google.

It does see a bit rough to announce its demise with only a month to go. Anybody taking it seriously will need more than that to find an alternative and to transfer everything across.

It makes one wonder what other Google services you can rely on.

Actually, it makes some sense …

Given that it takes many years for some cases to get to court, and many more to finalise the case, it makes logical sense that evidence relating to the case, even in the discovery phase, needs to be available for quite some time. Destroying this evidence after 2 years is inconsistent with the inordinately long periods of time in the judicial process.

The problem here is that there is no facility to keep only the appropriate data, which is, of course a serious design weakness.

Defeating the Purpose

An ad blocker that allows some ads through. The definition of what constitutes an acceptable ad is what caused the problem in the first place. If ads were less inappropriate, less intrusive and less of a strain on users’ resources, they wouldn’t have pissed everyone enough to develop and install ad blockers in the first place.

I’m also a convert to uBlock Origin, and I can see that the philosophical underpinnings AdBlock Plus are clearly up for grabs.

Sorry Register. I love your site, and I know you need the cash, and I’m even willing to pay for a subscription, but ad networks are a total pain in the delicate regions.

Pathetic, isn’t it … ?

Today, the best thing you can say about the Java plugin is that it’s gone.

Java should have been a good idea, providing a cross-browser platform delivered over the Web. The language itself was (is) good (if somewhat dated) and the whole byte-code mechanism promised flexibility and a vendor-neutral environment. Too bad it never really happened and the cost of relying on a buggy insecure plugin that didn’t quite do the job more than outweighed the benefit.

At least maybe now the Australian Government might get the hint and dump Java for its web security. Or maybe not …

Never again …

Worked on one Drupal project which is two too many.

Hopelessly complex PHP & Database structure. Dependence on innumerable plugins which are poorly documented, poorly understood and of unknown security. Cumbersome update process. Even more cumbersome to backup and redeploy.

The problem with most of these CMS packages is that they appeal to the amateur who does not have the advanced skills required to maintain them and to customise them safely.

Deja View

“The real focus of the legal challenge is on copying the design of the Microsoft Office ribbon bar.”

The first time I saw something like the Microsoft Office Ribbon Bar was on DreamWeaver when it was still a MacroMedia product. Unlike MS Office, DreamWeaver’s was useful and not down-your-throat.

They have no idea about security.

These are the same morons who implemented a Java-based “AusKey” security that took weeks to apply for and failed every time there was a Java update. Java plus 1FA. What could possibly go wrong?

The best thing about the Web …

… is that the whole thing is open. HTTP, HTML and all of the protocols that underlie the web are free for everyone to use, to analyse and to be involved in. Even the networking protocols which carry all of the traffic.

It’s worth noting while modern IT companies make truck loads of cash charging fees and suing everybody else how much we have all benefited from a free and open Internet.

This is happening too often …

The real problem is that everybody here knows what’s wrong with the setup but nobody in the Real World seems to know.

Ordinary adults still still naively submit personal details to morons who don’t know how to keep a secret.

Personally I lie about every non-essential detail, and create a unique password for every new online account. Most normal human beings can’t be bothered or don’t understand the risks.

It’s about time that practical standards of security were created and that all vendors collecting personal information be required to adhere to them, or at least to indicate whether they do or not. In Australia, at least, banking, public transport and trades, to name a few, are all regulated. There is no reason that the same consumer protection can’t be applied to privacy & security.