1031 posts • joined 23 Apr 2007
How to deal with phishing scam/spam
You've all seen these too. "Your email box is full, please go to such-and-such site and re-enter your handle and password" being a stripped down version.
The solution is obvious: always, always respond but fill in false information. If the scammers get thousands of replies full of nonsense, they will be hard pressed to figure out which ones are legitimate. Maybe!
They spam us, we reverse-spam them.
Off with their heads!
It wan't "the prison service" that lacked the necessary attentiveness. It was some one or few individuals within that service who didn't, yet were responsible for just such matters.
It might very well be that some upper level management wonk had cancelled the position(s) supposed to handle those responsibilities. But always there is individual failure to do the job correctly that lies behind organizational failures.
The Register has slipped!
"researchers from the University of Cornell in San Francisco"
Clearly, Kelly Fiveash, the author of the Register article, did not read the actual article and has gaps in his knowledge of American institutions of higher education.
First of all, "Cornell" is Cornell University, not "the University of Cornell". This can be easily ascertained by simply looking in the gazetteer at the back of the better American dictionaries or even by using that new-fangled Google thingie. I admit that the nomenclature of American universities is not consistent; some are "University of X", others are "X University", but the proper response to this inconsistency is to look things up and get them right instead of winging it and getting the facts wrong.
Moreover, Cornell University located in Ithaca, New York, not San Francisco. How Mr. Fiveash managed to make such a hash out of the name of a very well known American university is beyond me.
Further: Facebook's "Core Data Science Team" works out of Menlo Park, California (as the PNAS article clearly states), not San Francisco. Important note for Mr. Fiveash: "San Francisco" and "the (San Francisco) Bay area" are not synonymous. I suggest he take a gander at Google maps.
Given the Register's generally high standard of writing, these errors come as an unpleasant surprise.
That's not a map of the radioactive plume
It's a map of the March 2013 tsunami, quite a different thing. As can be verified by simply moving your cursor over it.
Re: Rule No. 1
"The main argument seems to be that 'you shouldn't _have to_ defend yourself"
An elderly medieval historian I know once remarked regarding the feminist slogan "take back the night" that it was a quixotic quest; that historically only during a few decades in the twentieth century had it ever been reasonably safe for unaccompanied women to walk about at night — and even then only in some cities.
One possible response to "but I shouldn't have to defend myself" is "sez who?" aka "where does it say that?" People using that excuse for foolish behavior are indulging in wishful thinking at the possible cost of their health and life.
Re: Barely News. PlusNet and Security are Mutually Exclusive.
"6 alphabetic characters"
Which alphabet? Roman? Cyrillic? Georgian? Armenian? Greek?
Does the word "alphabet" include abjads, abugidas, syllabaries, and logographic writing systems?
If passwords are restricted to the Roman alphabet, can you use letters from the extended forms of it? Like this: ƷǔƲƜƈŷűÈäẪṃ
More generally, can you use Unicode characters in a password?
Given the comments on BT's incompetence in such matters, the answers are probably "Roman only", "no", "no", and "no". Never mind that Unicode has been implemented quite widely for at least ten years now.
No one's paying attention
This is just another example of what happens when no one pays attention.
Some other examples from personal experience, not entirely IT related, of the results of no one paying attention:
1. A weekly e-flyer for a pharmacy chain, in PDF format, but really just a string of jpegs with such low resolution you couldn't read the text. No way to tell just what this week's specials were! No one bothered to actually look at the end result to be sure it was legible. Strangely enough, an email to the president's email address actually got to him, and they cleaned up their act promptly. I imagine somebody got their fingers slapped over such stupidity.
2. A big illuminated sign by the highway saying "For latest road condition information, check http://....." With all the hoopla about the adverse effects on driving of using cell phones, you'd think that a sign that was an open invitation to fire up your browser would be dismissed off hand as counterproductive.
3. An emergency response program that has designated routes for emergency vehicle use only. Problem: all the routes between different parts of the metroplex are so designated: you simply cannot get from part A where people work to part B where they live without using one of these highways. If we have a big earthquake (certain to happen sooner or later), everybody's going to want to rush home to make sure things are okay, that their kids in school are okay, etc. There aren't enough cops to block the resultant flood of traffic; and besides, the cops will have other things to do after a big shake. [The city I live in has very few road links between some sections.] This particular stupidity also involves failure to take into account human nature which, as the old adage teaches us, never changes. Plus the common bureaucratic position that making a rule against something actually stops people from doing it.
In the present case, somebody didn't bother to look at the email address they'd keyed to be sure it was correct, to say nothing of the other criticisms of this fiasco.
How very Dilbertesque!
It could be from a Dilbert cartoon! "Leverage" as a verb, my eye!
The thing that really worries me is that the writers of this bilge are (apparently) unaware how uncommunicative it is, how silly it sounds, how empty of real meaning.
Yet another reason not to use FB.
We get availability b.s. in Canada too
The Asics company makes certain athletic garments in the US. These are readily available in the US from a number of online retailers, but every last one of those retailers' websites states that they will not ship to Canada (among many other countries). Presumably Asics has given exclusive distribution rights to some Canadian company and has done the same elsewhere.
The fly in the ointment is that there is NO online source for these garments in Canada. And they are low demand items, so it's futile to look for them in local brick'n'mortar places. Perhaps they're available retail in the larger cities, but not in the burg I call home, where we are isolated on an island. This is par for the course in Canada; prices are significantly higher and selection is significantly smaller even when you do find a Canadian source for such goods.
Result: Asics does not sell as many of these garments as it might, and its competitive position regarding them in Canada is non-existent. And would-be buyers like myself are forced to use complex, costly workarounds to import them from the US.
I wonder how it responds to other scripts with lots of hard-to-distinguish-by-the-uninitiated characters? E. G. Chinese characters (and the versions used in Japanese and Korean); nearly any South Asian script; Georgian, with it curlicues; the many extra characters added to the Roman alphabet for African languages. (Just browse through Character Map and look at all the wonderful scripts supported by Unicode.)
Sounds to me like Xerox is now rather like MS: too many people running around, nobody actually in charge, obvious design and engineering errors not having the whistle blown on them before they're inflicted on the hapless public. Surely someone should have said "our business is making copies of documents, not free variations on them.".
Re: I use CAPTCHAS
But computers today are fundamentally devices with a visual-tactile interface. If you are blind and fingerless, you really need to find some other hobby than responding to comments on El-Reg (for example).
Re: Let me see now, his "logic" would imply that.........
In some circles, it's generally believed that Fox "commentators" are only in the game for the money, and they'll say whatever they think will improve their cash flow. Facts, logic, and other meritorious aspects of "the news" play no role in this. It's direct appeal to gut emotions that works.
Pretty much the same thing can be said about the American anti-gay industry, which features such bozos as Maggie Gallagher, Brian Brown, Eugene Delgaudio, and a host of other grifters.
> Any business unit that doesn't make money is seen as a "drain on resources" .
The situation is analogous, perhaps very closely so, with the problem of deteriorating infrastructure in the US. The people who control the purse strings don't acknowledge the importance of the highway network, for example, in keeping business running throughout the country. Hence highways, bridges, and all else are allowed to gradually deteriorate to the point of uselessness. [Actually, this isn't entirely true, but it approximates the situation usefully.] Maybe the IT systems of a bank don't make money that's visible as a separate line item, but if you take them away by virtue of flood, earthquake, tsunami, fire, riot, revolution, or even simple human error, the entire bank will suddenly stop making money.
A better motto for the world at large is "if you build it, you have to maintain it, and you will have to replace it entirely by a certain age, even if it's still usable." This applies to web pages as well as physical infrastructure, and it certainly applies to software systems.
A secret known to two people is no secret
Title says it all.
Re: From a historical perspective
Not the researchers of tomorrow, but those of today.
Out of personal interest, I've been cataloging YouTube videos of the March 11, 2011 Tohoku tsunami. The extremes are (a) those videos that have been watched by hundreds of thousands of people and reposted to YouTube by a good many of them; and (b) those that have been watched by very few and exist on YouTube only in one version. The object is to identify the best version of each significant video, best meaning most complete, preferably with a good deshaker applied.
Of course this is a hopeless task, as there are something on the order of 100,000 tsunami videos, far too large a number to catalog by hand. But even disregarding that minor issue, trying to figure out which version is original and complete is like trying to find a needle in a haystack. Today.
Sounds like HP's plans for admin-free networks
At the end of the day, it seems that the only way to truly secure any piece of networked gear boils down to physical security, e.g. no connection to the internet at all, a backdoor-enable switch as suggested by "Ru" above, or some similar measure that no amount of hacking can overcome. There's still the problem of social engineering, so maybe making that switch one operated by a lock and key is necessary. Otherwise, a stupid secretary gets an email "go flip switch J on box A" and does it.
You win the prize. All other so-called random number generators are only pseudo-RNGs.
This is a well-known fact that is unfortunately not as well known as it should be.
On the evils of "making assumptions":
That phrase actually means "I just guessed."
One of my co-workers, before I retired, regularly messed up his programming. When asked "why did you do that?" while looking at some egregiously bad code, his reply was often "I assumed (such and such)."
Of course, his assumptions were usually wrong.
In fact, whenever he hit a tough bit of code to write, he'd often take the lazy way out and "assume" that nobody ever made a mistake, that you didn't need to be wary of user input errors, and other variations on avoiding hard thinking or, horror of horrors, going and asking somebody who knew what they were doing.
The flaw in trying to do users favors
Whenever software attempts to read users' minds, anticipate what they will do next, save them effort (sometimes), or divine the intentions behind user errors, it's all guesswork and it's often wrong.
Give me good old Windows 3.1 software like Lotus 1-2-3 R5 that did what you told it to do, nothing else. If you made a mistake, it simply told you so and made no effort to diagnose the your intentions.
Why pictograms instead of words in menus?
Because pictograms don't require translation when building software versions for other languages.
Sheer laziness, in other words.
Or maybe consideration and foresight in anticipation that today's monolingual speaker of English will be using Haida or Georgian tomorrow.
Re: More adverts, everywhere.
Loyal Commenter: "I'm not going to buy whatever they're touting, so why force them on me if I make the choice that I don't want them?"
I think you just said "the Emperor has no clothes." Selling something on the internet? Forget about ads: they don't work, just as Loyal Commenter says. Instead of trying to lure visitors to your site selling crap, try setting up your site so that Google searches for the goods/services you offer return your pages. And make sure people can navigate to the item they might buy. Example: I buy a fair amount of body jewelry and have noted that some sites have very poor search facilities, while others have excellent ones. The distinction is simple: can a visitor to such a site tell within seconds if (say) you have circular barbells, made of stainless steel, internally threaded, with a 10mm thickness? Sometimes the answer is yes, it's easy to tell, but other times you can't be sure and keep wondering if you overlooked the item you are contemplating purchase of.
Meanwhile a pox on search aggregators that do nothing but clutter up Google results.
The Eckert-Mauchly Computer Corporation did not "later become Unisys". It first became Univac, which underwent various changes in name and ownership, finally merging with Burroughs in 1986 to form Unisys.
We must start from basics!
A good cup of tea is hot, aromatic, and free from the bitterness of tannins from over-steeped leaves. You can get this nectar even from quite cheap tea if you use the right technique, to wit, put the tea in a small conical sieve over the mouth of the tea pot and pour the boiling water through that. Tea is ready immediately; no need to steep. End of discussion.
It was neither deliberate nor a "technical" error. It was a management error, pure and simple. You would think that MS, with the threat of a large fine hanging over it should they commit a specific misdeed, would make very sure that that misdeed did not occur by accident. But no, someone deep in the technical hierarchy in Bellvue was given the authority to okay an update without the point being made "make absolutely certain browser choice is still there for European customers."
My impression of MS is that its management is utterly chaotic, with nobody in particular actually in charge. MS isn't "too big to fail". It's "too big to succeed".
One Million Moms? Hardly!
Joe Jervis regularly features the latest insanity from OMM on his gay-oriented blog, Joe. My. God. (findable via Google). I forget the exact figure, but someone checked Facebook and found that OMM had about forty thousand "likes". The suspicion is often voiced that OMM is just one person with a very dirty mind who sees filth everywhere.
Regular readers of El Reg are likely to get a kick out of Joe. My. God.'s regular features of homophobic nuts, if only for the comedy value. Particularly recommended is a dude who styles himself "Third Eagle of the Apocalypse and Co-prophet of the End Times."
Geoboffins? Good grief, Charlie Brown!
I can see a number of neologisms in the hatching: bioboffins, theoboffins, physioboffins, technoboffins, psychoboffins, socioboffins, anthropoboffins, ecoboffins, archaeoboffins.
When will the madness stop?
The proposal overlooks a well-known fact
Naming and shaming will have no effect. Corporations and those who control them have no shame.
Those cleanup instructions from the EPA tacitly assume a hard surface floor. Wall-to-wall carpeting is very common; just try to scrape up spilled mercury from it!
Re: @Artic Fox: You are surely not suggesting that there are companies out there........
They'd probably be safer running DOS.
Re: They don't even spam well
Canada Post online tracking "works" that way but with the wrinkle that the headers for a plain text version are present but no plain text.
Thus if your email client is set up not to render HTML, you are s.o.l.
OTOH, given the extraordinary slowness of Canada Post and their unreliability (small parcels go missing with no trace), you couldn't really expect anything else.
Re: @Peter Hoare
Does that work on Unicodized email addresses such as
Re: Finally going out to find out what's going on. Fines *not* the answer.
The issue isn't so much dropping a USB stick on the bus as it is the sheer foolishness of putting unencrypted data on the thing in the first place. A close runner-up is the foolishness of anybody from the CEO down taking protected data outside the workplace in any form.
To some extent, the latter is caused by the managers who don't understand that the work day is only eight hours long.
Similar to geo-restrictions on retail sales
Amazon has a nasty little habit of announcing "this product cannot be shipped to your default address." I've seen this with athletic gear from Asics and even with CDs made by Sony. Just like Hollywood installing that infernal region code on DVD's and then discovering that if anything, it impedes sales and encourages piracy.
When you live in a country where online commerce is not particularly well developed (e.g Canada), whether Asics or Sony like it or not, all such restrictions do is lead to creative ordering. As for Asics, I simply had what I wanted sent to a friend in Seattle, who then forwarded them to me. And Sony's silly restriction was easily circumvented by finding a Canadian listing for a used copy of my heart's desire.;
it appears that large corporations have not yet learned that the first two W's in "WWW" mean "world-wide." Time to kiss off geographically restricted distribution contracts.
PS: Canada is not a dead loss when it comes to online sales. I was easily able to find an online source for Blooker cocoa in Ontario.
More Microsoft "doing favors no one asked for"
MS could have prevented this brouhaha by simply including setting DNT during installation, requiring the user to respond one way or the other. Yahoo would then have no gripe because the setting would always be derived from the explicit action of the users.
But, no. Dear Microsoft followed through on their usual bad habit of trying to guess what people want instead of simply asking them. Spare me operating systems that do things for you that way.
Re: "it does not accurately reflect user intent"
The thing that makes me laugh is that the ads aren't very effective, not at all. I use AdBlockPlus, so I don't see many ads, but the ones I do see never entice me to actually visit the web site advertised, much less spend money at it.
I spend a fair amount of money on online purchases, but not because of advertising. I've used Google to find sites that sell the kind of thing I usually look for and simply bookmark those. Looking for a specific item, say 1/2" diameter eyelets for my earlobes made of white jade, always requires investigating one such site after another, by hand. (Some sites make the search very easy, others a pain in the ass.)
Google is hopeless when it comes to exhaustively searching for such a specific item because (a) websites are inconsistent about how they present the information and (b) Google works word by word and isn't very good at finding loose groupings of descriptive words.
Sociopathy at the top
The root problem is that when they depart their homes to go to work, managers leave their humanity behind on the dresser. All they have to do is ask, would I treat my dearly beloved grandmother like this?
Of course the sociopaths would treat their grandmothers badly, which leads to the point that sociopaths are not fit to hold positions of any responsibility. Unfortunately, from all appearances, the upper levels of management in all corporate bodies are primarily sociopaths.
We are doomed.
Re: Worst intentions?
The incompetent lawyers might very well be holdovers from the Bush administration, hired because they declared personal loyalty to Bush. Many of them have law degrees from "Liberty University", the late Jerry Falwell's piss-poor excuse for an institution of higher education.
Until the higher ups responsible lose their jobs, nothing will happen. The higher ups earn the big bucks; let them shoulder big responsibilities, even if they themselves didn't make the key mistake.
@ Dave the Cat:
Just say to your students "Now pay attention because if you don't, you WILL lost your job when you mess this up." Make sure all employees have been put on notice that certain types of email mistakes WILL result in immediate firing.
Until the doofus managers who oversee such fiascoes feel some serious hurt — by preference in their pocketbooks — no tightening up will take place. Indeed, I'd name and shame them, and then put their names on a blacklist "do not employ this person in IT management".
The crazy system of one arm of the Crown fining another is...well...crazy. Which party originally inflicted this insanity on the suffering British people, pray tell?
Paying through a third party
I.e. paying a bill through an ATM: here in BC, the statutes governing "agency" stipulate that a payment to an agent is considered as having been made to the principal immediately. Thus, if a bank tries to say "it takes X days for your payment to be passed on", the correct response is a reference to the law and a suggestion that they'd better get a less sluggish system installed.
Other jurisdictions may have similar provisions in force.
The right hand and the left hand
Here in British Columbia, we have a rather toothless law against cell phone use while driving.
But guess what? On the outskirts of Victoria, there are signs erected by the authorities on the freeway heading north, pointing drivers to a website, drivebc.ca, and to a toll-free telephone number for information on road conditions ahead.
These are clearly invitations to the driver to use his cellphone. The geniuses devoted to highway safety don't seem to realize that they are encouraging dangerous behavior.
In addition, though billboards are forbidden along BC highways (except on Indian reserves), the Dear Government has polluted the roadside with endless dorky little signs pointing to "tourist attractions" and similar detritus that doesn't offer drivers any real information to help them. No one seems to think about the distractions these may cause, entirely aside from the ugly blight they are on the scene. I blame it on quasi-marketers in the tourism ministry who have quite childish ideas about what actually enhances the tourists' experience.
Meanwhile, many roadside rest stops have been closed, along with the toilets at them, leaving weak-bladdered drivers no option but to piss by the side of the road. Some tourist experience! "I visited BC and I couldn't pee"
The Badass Honey Badger
If you want to watch a Youtube video of the honey badger, go to "Badass honey badger", which has a fairly amusing re-do of the narration dubbed in.
Gould's Hallucigenia mistake
Gould later published an article in Natural History in which he owned up to his mistake in "Wonderful LIfe." That article was later put between covers, in "Bully for Brontosaurus" iirc.
The author has used up El Reg's lifetime supply of the word "astro-boffin" and its derivatives.
Shades of the FBI warning on CDs
That big FBI seal and ominous words to the effect "don't you dare pirate this CD!"
Never mind that the only people who see it are the paying customers who actually bought the CD. Talk about insulting one's customers!
WRT Lovefilm dumping flash and thereby shutting out Linux users. Yes, Linux users may only make up a percent or two of their customer base, but in these hard economic times can any business afford to throw away a percent or two of their established customers?
Generally speaking the word "chemical" is reserved for compounds, usually molecular in nature.
It's *elements* that are synthesized in stars, but only up to atomic number 56, iron. Heavier elements are synthesized only in supernovas.
Indeed, "chemical" is a weasel word in this case. "Atoms" would be more suitable and more precise.
Get your nomenclature right, Mr. Chirgwin.
On saving money by moving everything to the internet
Decades ago, a professional librarian and I were discussing the ins and outs of computerizing libraries, for example their card catalogs. She reported that at a convention she'd attended, the point was made that computerization was no cheaper than doing things the Old Way. Its advantage was that it was much faster.
I suspect the same is true of any government IT initiative, even today. If anyone says it's cheaper, they're either lying or grossly misinformed. Far too many government IT projects seem to be pie in the sky, swallowed holus bolus by brain dead pols with stars in their eyes.
Advertising: an enormous con
It amuses me endlessly to see the lengths to which marketers will go in pursuit of maybe, just possibly, once in a very long while, a sale by one of those using their services to advertise.
Only speaking for myself, but I use adblock so I see few ads, and those I do see I pay no attention to.
The con is really that marketers claim that targeted ads improve sales. That's not true. Today I may be interested in ginormous nipple rings, tomorrow in an antiquated book on Latin grammar, and the day after in Dog only knows what.
Or to use a more prosaic example, suppose I'm looking for underwear. I have a very clear idea what I want, I know exactly which brand and model will fill the bill, and any adverts to the contrary are just so much wasted effort. What *will* influence me are the web pages that give full, objective information and are clear about sizing, fabric, country of origin, colors, styles, price, and availability. But once I've bought my gaunch, that's it. Throwing more ads at me does nothing, because I have enough rags to shelter my ever lovin' bod from the lust-filled gaze of onlookers, and need no more.
Then there's ebay: in my pursuit of the perfect undies, I found the brand and model, and set up a moderately complex search string to find ebay listings for those and no others. Ebay then, in its blind pursuit of money, altered their search facility so it returned not just what I was looking for, but all sorts of other brands and models, I s'pose with the subliminal message "Maybe these are what you really want?" An intelligent company would have recognized that the more specific a search, the less likely it is that the searcher has interest in other things, particularly when the search string takes steps to exclude other makes and models.
As ebay, so marketing in general: they think their ads actually work, but it's highly questionable whether they do anything other than annoy netizens.
- Breaking news: Google exec in terrifying SKY PLUNGE DRAMA
- Geek's Guide to Britain Kingston's aviation empire: From industry firsts to Airfix heroes
- Analysis Happy 2nd birthday, Windows 8 and Surface: Anatomy of a disaster
- Google chief Larry Page gives Sundar Pichai keys to the kingdom
- Adobe spies on readers: EVERY DRM page turn leaked to base over SSL