It depends very much on what you want to claim... I'm currently 39 and holding onto "mid 30s" until my birthday. As far as I'm concerned mid life can be interpreted as anything between birth and death.
146 posts • joined 6 Mar 2009
It depends very much on what you want to claim... I'm currently 39 and holding onto "mid 30s" until my birthday. As far as I'm concerned mid life can be interpreted as anything between birth and death.
Given that anyone else would just ditch the booster (and presumably SpaceX are costing/charging on that basis) its not an overly big deal if they keep having these problems for a while.
Also given its a drone barge there isnt any life at risk here - and I'd assume the barge is a relatively low cost item in the context of a launch.
Its not as if their business model requires them to get this stage working in the next couple of attempts - its just that if they do suddenly they can charge a lot less or make a lot more profit.
Naturally it'll be massively cool when it does eventually work, but realistically if it takes them another 20 attempts its probably not financially a big deal as they are already delivering the primary mission.
Wow.... I've never met a business as scale which could give a complete list of systems it relies upon, a network device centered view is vastly more narrow than what you need to consider.
What about developers that reuse a single database server for multiple instances? (that ought to go through change control but might not) What about if they reuse a single database for multiple apps segregated by a table naming convention...
Lets assume you get one top of the "server" type systems - what about the "applications" built in Excel, or Access (you are kidding yourself if you think you don't have any in your business - almost certainly within the Finance team).
What about the cloud solutions which business teams have a tendency to buy via expenses (or use the free versions to avoid that control) - what about the cloud solutions provided by business partners?
none of the above is theoretical I've seen all of those as real world examples - people just want to get their job done and if they think that the central IT options don't fit or are too slow they will go and find their own workaround.
you might want to read up on tax treaties, the US FATCA legislation means that the UK is already committed to reporting on any US relevant tax data in a format requested by the US.
From a legal perspective companies within the UK are required to report these transactions to HMRC who then provides them to the US IRS.
My guess is that from a national security point of view tax data just isn't that important (note that the article talked about information classified as OFFICIAL which I believe is the lowest level of government data - see https://www.gov.uk/government/publications/government-security-classifications)
(I was in the room btw so this is first hand opinion and not based on the article)
It was a little odd given the audience... you are presenting to a room full of infosec professionals either in management or vendors, but essentially everyone was in the industry.
It wasn't particularly linear, and seemed to repeat quite a lot and could essentially be boiled down to "security is important, and don't trust corporations or governments". I don't disagree with any of that, but I don't think it added very much to the understanding that was in the room already - I cant say I left feeling that there was anything new that I ought to be considering.
It would have been a pretty good awareness raising type speech for a room full of non-tech business managers
There was also a chunk of time where he talked about his new business ventures which included something he referred to as social encryption and an app to monitor fetal heartbeats... eclectic to say the least.
Ok so I've used the majority of the software you mention (both the commercial and FOSS elements) (minus the CAD/3D stuff - I tried playing with that once and decided I simply didnt have the mind set for it).
Something I find that is often missed in these conversations is skills/training and consistency. FOSS projects are much better than the 1990's and early 2000's but they still generally lag behind, more over because they tend to have smaller user bases the availability of training (as opposed to online learning materials) is much more limited.
A phrase that I heard once is that an amature practices until they get it right, a professional practices until they dont get it wrong (ok big generalisation as I know that pro/amature is about being paid and that there are big skills variances on both sides - but in aggregate people being paid then to be better than people just doing stuff for fun)
Basically what I'm saying is that the FOSS solutions are good, and certainly helpful for home users who want to stay on the right side of licencing. But the dominant commercial products tend to stay that way and to produce more consistent and better quality output for a whole load of reasons which are much more about users than about products.
The article slipped in without emphasising application white listing as a necissary adjunct to patching (which is much harder at enterprise scale than patching outside of locked down call centre type environments).
For most organisations patching is a horrendous activity, in order of difficulty
a) understanding what applications you have installed
b) understanding what applications are actually run (or are a depenancy)
c) understanding what patches are available
d) understanding which you can apply without breaking compatibility
e) distributing patches
f) tracking when patches have actually applied
then trying to do all of that on a regular cycle, for end user devices (i.e. off network and powered down regularly) when it’s going to be looked at as pure cost and inconvenience by the business.
Its worthy of proper discussion
yep - something of a content free article there
I didnt do anything special - just popped up a couple of weeks back (and then wouldnt shut up about it until I did the update). Have you tried a manual check for updates when on WiFi?
I have a mk1 Moto G on Tesco and it got Lolipop about a month ago. Still a perfectly usable phone and does everything I want - maybe the occassional bit of lag but nothing to get stressed over.
I'm a little disapointed by the latest upgrade to be honest, had been hoping for 2GB or RAM and 16GB of storage at which point I'd probably have got one. As it is I dont see this as much of an improvement over what I've got which as I say is working perfectly well
I very nearly put some cash into this as I'd love a laser trigger but at the time I couldn't quite justify it (right now I'd still buy the product if it was made as per original specs)
I think the main problem here is how they originally represented the project - it was defiantly presented in the early stages as a product which essentially just needed funding for a production run. When I read their original pitch I expected product to ship within a few months of funding.
As I read this, it can be summed up as:
a) Project went badly off tracks - was reset in 2013
b) Project has now slipped 6m on revised timeline (which for Gov projects is barely anything)
c) Project is at the end of pilot stage and about to start rollout
Criticism being levelled:
a) costs are justified by future benefits
b) extrapolation of current pilot claimant count leads to long timescales
Now I'm not an idiot, I don't believe any gov IT project is going to be running smoothly and its always going to cost more than budgeted - but seriously these criticism seem ridiculous. All projects are justified by future benefits and all phased implementations start with small user numbers and then aim to snowball into greater volume.
Think authentication rather than privacy
dont think this is such a big issue for website certificates either as under current CA arrangements its really very easy to get your own root CA if you have some cash to splash in which case you can issue new certs for any website you want to impersonate.
Plus for serious players (APT types) they probably can compromise the client devices of people they are interested in and then HTTPS is utterly irrelevant.
What this is more significant for is if you are using PKI based signing by a fixed key for any kind of validation - that is a big deal. Thats software components (think MS root keys), financial transactions, etc... there is a lot of "infrastructure" that this would completely wreck.
Ulster Bank owned by RBS, outsourced IT operations to RBS - that's a pretty common arrangement.
You could equally take the view that if you're a smallish business owned by a big business it would be bonkers *not* to use their presumed greater capability to operate your IT.
From a strict regulatory point of view Ulster Banks board and approved persons would need to assure themselves that the service was appropriate and therefore could in theory say no, but in practice its very hard to say no to a parent company which wants to consolidate costs across a group and has the compelling argument that they already do the job on a bigger scale.
Or i could work through a proper 3 month introduction to accounting course to understand financial reporting in detail... And yes there are lots of firms which publish non-GAAP numbers with some common conventions in certain industry segments
Its can be useful year on year for a given firm, provided the policy is reasonable and consistent
what you absolutely mustn't do however is treat non-GAAP as if its a single category which your comment implies. GAAP for all its faults is at least an external standard
As a selected industry though are you really wanting to use banks as an example of why its OK to pick your own financial reporting standard? (A better example is genuine property management firms where the difference can be do you treat a property as inventory for sale or not, inventory under GAAP gets marked at cost while investments get marked to market but again the policy differs between firms)
I guess my question here is why does a firm that's essentially a standard manufacturer need to deviate from standard accounting? (cool product yes but from a company perspective its still a company that makes physical things) . what is it in their business model which makes GAAP conventions not suitable for them when in summary they ought to be a very standard business just with a cool product
For example why do they have a non-GAAP revenue that's higher than GAAP? The article talks about excluding interest and stock costs , but neither of those should impact revenue
Just as a note, GAAP stands for "Generally Accepted Accounting Principles" so non-GAAP means a model the company selected itself which shows the results they want. Its not necessarily wrong but its certainly a significant difference.
two sets of GAAP accounts should be reasonably comparable at least line by line (although there can still be some big differences in accounting policies especially relating to inventory and deprecation so the overall P&L or balance sheet figures may differ substantially) but non-GAAP figures are generally only comparable with the company itself year on year assuming no changes to accounting policy.
A less charitable view is that non-GAAP figures are the PR release numbers.
There was some good research a few years ago which found that "balanced" reporting was more likely to leave people without an opinion while more partisan reporting led to readers considering the issue more deeply and either actively agreeing or disagreeing with the piece.
even making a basic black powder isn't that hard (although it is potentially quite dangerous especially if you start wanting to grind it for a faster burn).
That said, even in the UK if you really want to buy a gun outside of the normal checks I suspect its not ridiculously hard - just very illegal.
That's odd - I've had a Moto G for a year and am completely happy with the performance
The standard is reasonable doubt for a jury
In fairness, the article did say that when the house was raided they found him looking at the site! Lack of one particular piece of evidence within the context of a wider set of evidence isn't a water tight defence.
Total lack of images being found on the PC when you are known to have viewed the content at least once is arguably pretty damning - especially if the prosecutor can point to a known secure deletion utility (not sure if that's the case in this one).
Having done a number of IT investigations over the years, gaps or missing information can be pretty damn suspicious within a wider pattern of evidence. Its certainly not supportive of a casual / accidental viewing of a couple of images.
I have a number of Goth friends - several of which I think would dearly love to have a 3d print of their own skull on the mantelpiece.
For presentations, fidelity needs to be 100% - but as others have said there can be issues between versions of powerpoint (and in some cases between the media codecs for embedded video). Frankly for anything more than simple slides at present I only want to use the laptop I authored the presentation on.
Stock splits have nothing at all to do with the rate of growth of a share, their sole purpose is to put the share value at a level where smaller investors can afford to buy a minimum block. In theory a stock split or consolidation should have no impact at all on overall company value (although if you allow more small investors to purchase you may push up demand slightly and therefore slightly increase your overall market cap).
Oh god I've got my compliance geek on here:
a) FCA/PRA (who replaced the FSA) would not have jurisdiction over a travel agent as they are financial services regulators - with the exception that the FCA might have jurisdiction in relation to a credit licence, but that wouldn't be relevant in this case.
b) as others have said, PCI-DSS is a card scheme standard so any fines for non-compliance with that would typically be issued via the merchants acquiring bank.
c) and this actually bugs me a *LOT*, under the DPA financial records are not considered sensitive personal data (this designation being reserved for medical history, political affiliations, union membership and sexual orientation) - as a release from the ICO they really shouldn't be using that phrase incorrectly.
d) I also find it slightly odd that the FCA state that there was no fraud as a result, that would be extremely hard demonstrate and from what I understand it tends to be done by statistical analysis at the card issuers/schemes to identify spikes in fraud where clusters of card numbers all made purchases via a particular merchant within a particular window. The fact that nobody might have felt sure enough to state that there was fraud to the ICO has almost no value here.
Kickstarter isn't what I'd call an investment - its a funding platform where people donate to enable a project to proceed. Typically for larger donations they get something back, but the low level donations this may simply be their name listed on a website.
If one of these projects suddenly becomes a multi-billion dollar success, then the original people who funded it don't get a large return.
At most this is an "investment" in the same way that an ebay purchase is.
There are true investment type sites for start-ups, but they are high risk and require a lot more than a couple of £/$ to participate.
The alleged damage that this sort of thing causes doesn't lead to an immediate terror attack - what it would do is get some intelligence sources killed as their identity gets leaked, it damages diplomatic relations, etc... this damages the infrastructure used by an intelligence service so that its not as effective in the future.
This doesn't translate into "we can directly trace attack X back to the disclosure of this information", you'd never be absolutely certain that you'd have caught it anyway. Plus you'd probably not want to disclose the change in capability if you could prove it.
I personally think that you can choose to argue somewhere on the scale of:
(*) the damage is a good thing as all intelligence services are evil
(*) that its a bad thing which is justified because intelligence is getting too invasive
(*) the damage is a bad thing which isn't justified as security is worth any price.
But I don't think you can argue that it causes no damage at all - after all wasn't the whole point of the disclosure to make some level of impact.
fair point re "low income" - what I actually meant was not on banker salaries.
One of the arguments I've seen which I have quite a bit of sympathy with relates to the surge pricing in Uber (which incidentally I've never used) - i.e. if you want a taxi when its raining its likely to cost more and a *lot* more in more extreme events.
This does mean that should the Uber model cause normal taxis to be a non-viable business then there could be real issues with getting access to transport for those on low incomes at those times. Ultimately that's a social policy question.
its not so much shoulder surfing as Trojan software which is the threat, if I have a Trojan installed on your PC (probably including a browser plug in) that can identify target bank sites and then capture both key strokes and a screenshot of the login page, then at least with the partial characters the attacker needs to observe a number of attempts before they can guarantee access.
I did think it should be filed under rise of the machines in boot notes
There is a big difference between IP and code. While cut and paste code is always going to constitute IP theft, it is possible to infringe IP while writing completely new code.
By the time I was in York (mid 90's) Netrek was the game
In essence this capability already exists and is usually referred to a chipping which impacts both insurance cost, and probably invalidates any warranty. Not unreasonably a car manufacturer expects to design a car as an overall system - brakes, suspension, tyres, gearbox and engine - while they can supply variants they would still need to design within an envelope of performance.
Also, my 1 year old (cheap) car already has an "Eco" button which enables a number of economy related settings (performance wise it mostly seems to reduce the available torque above 2500 rpm)
So I'm not really sure I see this being anything very new commercially (with the possible exception that being able to lock a car to eco mode might be attractive to parents of new drivers for the first year) - although it might well do it better and cheaper from a manufacturer perspective.
First of all - I also don't "get" crypto currencies yet, the big issue to my mind with bitcoin seems to be that its a finite resource (I've seen estimates of when the last coin will be mined), this suggests that there will come a day when the currency simply stops.
That being said, lets assume it does actually work over an extended period and deal purely with the issue of refunds. I think the suggestion of converting to a reference currency is the only practical approach, certainly it used to be the case that you could only submit a credit card settlement file once per day to avoid people gaming the exchange rate of foreign currency transactions.
Lets assume for a second that you have to refund the amount of the currency paid in its original form - this would create a very easy way to game the system. I take my bitcoins and buy something with fairly static value and low transaction costs (golds probably not a good example these days but for the sake of argument lets use that). I then wait. if the value of bitcoins rises then I demand a refund, if it falls I sell the gold in another currency.
Suppose I then buy £100 of this commodity every day (in BC equiv currency) on a rolling 30 day cycle with one purchase and one refund every day - at this point I profit from any rises in the currency but don't take losses from any falls.
The only way you'd get around this is if you required the merchants to hold the BC in that form for the refund period - but then they are in the position of not knowing the effective price at the point of sale.
Hence the need to convert to reference currency - which incidentally I believe is also a tax requirement (i.e. profit/loss must be reported in £GBP)
OK - so how does the software cope with differing resolutions? colour temp? different CPU/GPU specs? differing accelerometer sensitivity? memory limits? differing OS builds with jitter effects from different interrupt handlers?
Moreover, the lack of a clear long lived reference design would be a major issue for any company thinking of using it as a target for a major release (which tend to be years in the making and film level budgets).
I'm not denying that software could provide a functional experience across a variety of form factors - but its certainly not going to be optimised. I'd argue that for most near term applications that is likely to be a pretty fundamental issue.
While it certainly looks like a cheap way to create a 3d system - I suspect it'll struggle to find mass market developer support as there isn't a standard hardware platform. One of the key benefits of consoles (and the iPhone for that matter) has been that developers can properly test (and they know that the platform will exist for a significant time span).
I'm a fan of Andriod, but for an application like this I can see the variety of devices being a huge issue with getting it adopted.
Historically MS made source code available under restricted terms. There have been documented leaks in the past. [http://news.bbc.co.uk/1/hi/technology/3485545.stm]
I think its fair to assume that copies have made their way into some restricted "blackhat" groups (any government agency that *really* wants a copy for example!)
The only difference here is that its a freely available release, but as I say above - the people you'd be worried about having this will already have done so.
<Disclaimer> I've not used GNOME is years so the following comments are purely based on the article and other comments. </Disclaimer>
I've got no problem with the view that some users may want a more complex environment - although personally I do like common operations within my GUI to be fully usable within the "G" context (i.e. without the need to manually edit a config file)
However.... if you want a something within a main stream distribution then you need to accept that being main stream they aren't going to include an interface which is only really useable if you're up to admin grade tech skills.
Well yes they could - if you assume that any back door was setup to be always on, and that it had been implemented in a way that made detection possible. As an example, suppose that a piece of kit had an "error" in its SNMP handling such that a badly formed packet, or perhaps a sequence of "random" community strings caused it to execute a buffer overflow which then happened to run a decrypt option on a block of binary data which just happened to then become a back door.
There is form for attackers trying to insert backdoors into the Linux kernel via deliberately incorrect handling of TCP flags which was caught in code review (https://freedom-to-tinker.com/blog/felten/the-linux-backdoor-attempt-of-2003/) - can you imagine trying to find that sort of logic trap purely from compiled object code? Especially if it had been designed to be hard to find and existed only within a code block which was dynamically modified.
So.... if I was worried about this sort of kit possibly shipping with back doors, I certainly wouldn't want to rely purely upon analysis of the kit as deployed.
Trust is a very hard thing to create and ultimately is never 100% and is dependant upon understanding the process by which something is created, tested, distributed and used.
I'd strongly suggest you read "Reflections on Trusting Trust" and then consider if you still think its possible to achieve a good level of assurance purely from observation of behaviour within a test environment (http://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf)
I don't believe materials are a significant element of the cost of these craft, its the R&D and supporting infrastructure (maintenance, fuelling, air crew training, etc...) which make them expensive.
People often quote a cost of £XX per air craft, but that drops rapidly as you increase the production run and spread the R&D budget more widely.
sorry not buying this -
a) I've heard the search area described in percentage terms of the total globe, if that's the scale you are using then frankly the chance of ever finding your target if its not actively emitting a signal for you to track is going to be extremely low. Going fast over a stripe is still a tiny fraction of that search area so having a couple of high speed long endurance plans would make very little difference to your odds.
b) you've got to consider the cost of such a program vs the benefits it generates - I am not suggesting that the likely loss of the plane and those on board isn't a tragedy - but in a global context it wouldn't justify an annual multi-billion pound/dollar program which might make a fractional difference to the chance to locate them in this extremely odd scenario.
if a repeat of this scenario becomes a serious concern for policy makers going forward then it would be cheaper and simpler to insist that:
1) every aircraft on certain routes had to subscribe to the service which allows them to relay back in flight data in real time and that the on-board hardware be redesigned/moved such that it couldn't be disabled by the pilots
2) aircraft start to carry an inflatable buoy with a homing beacon which could be deployed in the event of a crash (so that you have an active signal above the water).
Alternatively it could be used to justify a standing fleet of airborne patrol radars if a military force was looking for a budget argument (although again I think this would be massively expensive relative to modifying the planes)
Of course the bit of me that's run budgets knows that the equipment budget is likely capital (and thus subject to amortisation over a number of years) and any consultancy would be revenue (which is booked straight to costs).
Therefore typically a £70k reduction in equipment would provide something like a £23.3k consultancy spend within the budget year (and probably creates £23.3k savings in years 2 and 3 which could then go to savings targets in those years without needing to do anything else).
I'd therefore be particularly annoyed about exactly how they'd nicked my budget.
I'd say "not wanting to be picky" but actually I do.... increasing wattage (power) for a short period is exactly what an ultracapacitor will provide, what it doesn't do is increase the number of joules (stored energy capacity) of the device.
It might allow you to withdraw the stored energy in a more efficient profile which might then have the effect of making the hybrid device deliver more energy in real world usage.
In any case, I do think that thin ultracapacitors are likely to start popping up all over the place as they will support form factors which batteries cant.
I've arranged escrow for quite a number of solutions over the years - the agreement is typically for an escrow copy of the source code and a non-exclusive and non-transferable licence to any IP required to maintain the software in the event of a trigger event (typically the insolvency)
The ownership of IP is entirely separate from the licencing of it and access to code.
this is one of those articles where I understand every word on its own... but have real trouble with the whole
you mean like say Yahoo Email, or Gmail, or Hotmail, etc.... these sorts of service only ever work if you have a really large operation and the lifetime or free service is actually a loss leader to sell other products.
Making your central business model a cheap lifetime service isn't sustainable - but maybe the model was something like : get lots of clients onto the platform and make the money from business consultancy and add on recurring services.
Not saying that is the case - just making the point that there are business models which can and do offer long lived free services, but not at a small scale.
If I was Apple, I'd simply bundle a convertor which could plug into the current port and allow charging via micro USB. I'd be amazed if that was particularly hard to do - charging shouldn't be more than two pins and the adapter could do any negotiation necessary (and presumably would negotiate to a low speed charge with some smoothing to account for the fact that they probably wont trust the input voltage to be exactly what they want)
From a design perspective I think its unlikely they'd add a second port within the handset and from what I can see the standard will only apply to chargers not docks (and do you really want a mandated technical interface standard for docking stations set by a political forum?)
Ummm - this model is launching 2014 as an upgrade to an existing, maybe not high spec but there are certainly plenty of similar speced tablets being sold commercially in the UK. I thought vapourware when they announced the first iteration (and was broadly right at least for that model), but this is gen 4.
5-7 years is the rollout time, India has a population of around 1.2B and a life expectancy of about 65, so assuming flat demographics you'd have about 20M people in each year (and in reality more than that at the bottom of the age range). So assuming you want to put one in the hands of all 5-10 year olds that is 100M+ devices, which are being subsidised by their government.
Or to look at it another way, they are aiming to roll out approximately 15-20M devices per year. With (as this article demonstrates) a number of hardware revisions during the rollout.
I don't know enough to have an opinion about if this is a good project or not - but from a pure project management perspective that doesn't seem an unreasonable approach or timescale to me.
The big issue for business is generally the effort involved in the migration - why do it if you aren't getting any benefit?
Getting off XP due to end of life might be an argument, but if that also requires a new Exchange, Office, etc... then the direct cash cost for the desktop OS licence becomes a relatively small part of the overall bill. Its worse for companies with bespoke internal apps who have dev, testing costs and issues.
Also as others have said, I'd have thought any move by MS to offer products for free would get a lot of regulatory scrutiny.
"But we can't help but agree with exasperated folk stranded at airports over the weekend who - quite reasonably - asked why such a failure could have happened in the first place with a critical system. Redundancy, much?"
The fault sounds very much like a configuration problem, if caught at implementation its usually a case of revert to prior state... but once its been in use for a period its the sort of thing that in the middle of a safety critical system can be immensely hard to back out (do you really want them to shut down all phones on the air traffic system???).
Redundancy means having a duplicate system - hardware wise that's easy, software wise do you really mean they should maintain a completely parallel system with distinct config at all times? I appreciate the trite answer to this could be yes - but in a real situation (which has to interact with external parties) that can quickly become utterly pointless.
Frankly I'm quite impressed that they managed 80% throughput in the circumstances - I'd guess the contingency plan became a lot of post-it notes very quickly.