2037 posts • joined 10 Jun 2009
Re: Obscurity for security
> If some project manager is insisting on unnecessary levels of paperwork & meetings, I suspect they're just making work to justify their existence rather than to benefit anyone.
Oh, without a doubt, yes.
But that's the beauty of "best practice", so long as there's always more you can do or ask for, you haven't achieved it. Hence organisations that are addicted to the idea of B/P (because they are so clueless) are so inefficient, slow and expensive.
Obscurity for security
So, a branch of government has a group. That group creates a scheme. That scheme identifies 3 levels of competency (OK, let's pretend they map onto knowing what the hell you're talking about - with some sort of positive correlation). Within those rankings, there are 6 roles. And on top of that, another bunch has another programme for certification, that's different.
Then after 3 years yo have to do it all again.
This seems like an excellent plan for identifting both individuals who value letters, titles and accreditations and also for identifying organisations that are so lacking in real-world direction, experience and judgement that they would value such confused and surreal web of qualifications.
Having seen ITIL (another government initiative, that assumes an infinite amount of manpower, time, meeting-rooms and budget to get anything done) at first hand in a couple of organisations I can only assume that goal behind this announcement is to put a stop, once and for all, to anyone having any hope of matching a competent worker with a security requirement.
Reversing Moore's Law
I guess the answer to "Why do all this?" would be "because we can".
After all, if Linux interfaces just stuck to the basics of running an application in however much (or little) of the user's screen it needed - possibly with a little cut'n'paste, there wouldn't have been the need for any interface development for the past 20 or more years. Though we might have machines that boot in a couple of seconds and will run off batteries for days on end.
But since all the new, wizzy, capabilities we get in desktops - and also appearing in portable devices have the power, memory and graphics ability to do all these things (irrespective of whether anyone will use them), that's what we get.
Personally, I'd much prefer a user interface that contained one simple question and a box for the user to type, write or speak the answer. If all the power and ingenuity that the UI guys have expended on X, Wayland, Mir and all the other stuff had been focused on the average user, that box might just say
Tell me what you want to do?
And it would then go off and (accurately) start up all the stuff necessary to service the user's request.
Wouldn't that be better than all this eye-candy - though it would certainly be duller.
How many hackers does it take to change a lightbulb?
> protect critical infrastructure and data stores were the country to come under electronic attack.
Or in this case, to unplug "critical infrastructure" from the source of all evil?
Seriously, you'd hope - against all common sense and reason - that anything that was actually critical would be a long, long way from being accessible over the internet.
> "cyber weapons" could be used along with regular munitions in future conflicts.
Excellent idea. Collect up all the computers and throw them at the enemy. Especially in an assymetric warfare theatre (the defining type of war in the 21st century), where one side has a great big target painted on its arse and the other is coming at it with a pitchfork.
Defn: Science. A process whereby observations are made, theories are drawn up and tested by means of experiment. The experimental results are then used to gain a consensus regarding the accuracy of the theory in question.
Religion: A belief system where faith and doctrine are formulated, depending on various factors: real or imaginary. That doctrine is then promulgated by an appointed (or self-appointed) leadership. The lack of a testable foundation makes refuting the articles of faith very difficult for the non-beleiver, but acts to strengthen the resolve of the true followers.
Fines are fine
Jail is better.
To a company like Google, slapping a fine for non-compliance (or "law-breaking" as the traditionalists might call it) means very little. Even confiscating the advertising revenue they make in France would only be a minor annoyance.
However, their stance that "your law does not apply to us" needs some serious attention. Flinging a few americans into a french jail until the company makes itself legal would certainly have a direct and personal effect on the decision makers of the company. It would show Google that they cannot take such a patronising position and above all else, it would be wonderful theatre for the rest of us to watch.
You never know, you might even get a few brits saying "Go, Frenchie!"
Stars to stars
> forced a youthful Stephen Hawking out of Physics and into Tap-Dancing classes
You never know, it could have freed up the position of Lucasian Professor of Mathematics thus giving someone otherwise doomed to appearing on X-Factor something to aspire to.
Though we might have ended up with A Brief History of Time being written in txt spk. Would smileys have made it easier to understand?
Sack the lot of them
> Ofcom is ... looking for suggestions about how it might direct its considerable resources
Hmmm, £100 Mil.
Well, they've got all the policies they need to give us an excellent communications structure, they're just absolutely useless at implementing and enforcing them. So how about sacking all of its existing management and replacing them with effective individuals, instead?
I'm sure the redundancy payments (even at the civil service's vastly inflated, self-serving rates) wouldn't consume all the money. Even if it did, it would be money well spent.
With the remainder they could buy a dictionary, so they could look up the real meaning of the word "unlimiited".
Re: Title is too long.
> its saccharine colour scheme
Does that refer to the (yellowish) colour #FBBE18, or the artificial sweetness?
Ask one back
And why can't copier-paper manufacturers create paper that "knows" when you're trying to make a photocopy of something you shouldn't?
To the to the truly ignorant, everything has a simple solution.
> people only spend six minutes a year thinking about their energy bills. Naturally, Brem thought this was a bad sign
So that's why they continually jack up the price of gas & electricity. So that people think about their bills the whole time: worrying about how to pay them.
P.S. No need to crank your heating up with a remote controlled app in order to get out of bed. Just put on a dressing gown, like a normal person does.
The real moral of the story
Tweet away, be as rude to and about airlines as you like.
Just don't make the newby mistake of using an account with your real name. Surely everyone (everyone who uses twitter, or any other social media for that matter) has many, many accounts under different names, guises and personas (wot! it's against the rules? Oh no! what shall I do) so just use one of them, instead.
Blaming the victim?
> If you lose money from your bank account the banks give it back to you.
But is that what really happens?
The way I see it is that a bank has a duty to put in place sufficient security for it to keep our money safe. That's safe from (traditional) theft, safe from internet theft and safe from themselves being unable to give it back to us when we ask for it.
So far, cash machine security measures haven't evolved much beyond the PIN-code systems that were around in the 1970's - though my PIN in those days was 6 digits, instead of the 4 we have today. Is that really progress?
Although for home banking I now have a nice little card reader, courtesy of my bank, that "proves" I am in posession of my card when I log on to their computers, I still feel that the onus is on the banks to make sure their security is up to scratch to protect our money. There will always be some crime, the goal for security measures is to reduce it to a level that we customers are willing to pay: both in terms of losses from theft and the cost of the measures to prevent it.
I suppose it *is* possible
Let's see, Stop sexting and send a love poem instead ...
There was a young man from Cape Horn,
who wished he had never been born,
he wouldn’t have been,
if his father had seen,
that the end of his condom was torn
Yup! 156 characters. It will just fit, as the actress said to the proverbial.
The delivery guy could leave your package, but how do you sign for it?
Re: If you live in a lake, it takes longer to walk to the well
> As living standards rise, birth rate drops
Quite. That's an observation that appears to be universal. However, it just tells us the "what" not the "why". The reason birth rates drop seems to have something to do with city life. The other side of rising living standards is that more and more people live in cities. They / we need to do that, as that is where the jobs are (don't talk about telecommuting, see later) and most people are pressured for living space in cities - as well as not having many child-friendly open spaces, facilities and a fear of letting their kids near strangers.
However, take away the restrictions of cities, whether by letting people work where they live, not having to work at all or doing their job remotely (there's that telecommuting bit) and all those limitations regarding children and wanting a nice environment for them to grow up in, they all go away.
Therefore it's reasonable to assume that once we are free to leave the cities behind, there WILL be an explosion in the birthrate (esp. if we have lots more free time ;) )and the number of children and therefore the population WILL become limited, as Malthus predicted, simply by our ability to feed all those open mouths.
Free time! And then what?
Okaaay, let's wind this scenario forward.
FF to the time when we have all we need in terms of physical stuff. Hungry? press a button and a robotic shopping cart will deliver the hot pizza of your choice. Thirsty? Same cart will bring you whatever carbonated beverage you desire. Repeat from age #1 to age #99, daily. Every day. For your whole life. For ever. All the friggin' time. Just press the button. That's it. All you do is press the button.
Next to "the button" is another button labelled "Kill me now". You can press that one any time you please, too. Maybe that one would just about help us avoid a Malthusian disaster.
The basic problem is human nature. To start with, we only value what we earn. Whether it's the satisfaction of standing back and thinking "I made that", Whether it's the knowledge that you're a "provider" and other people respect and depend on you. Whether it's saving up to go and see that band you like.
We also earn a status from being in work, whether it's productive work or merely IT (which, truth be told hasn't really improved the quality of life much at all. It certainly hasn't done a simgle dam' thing to get the country, or the world, out of its current recession). Meet a stranger and one of the first questions they will ask you is "what do you do?" Hands up anyone who hasn't embellished their answer, even just a little bit.
So, work is necessary. Not just to get us the stuff and the mental state that we value. It also sets our standing in society. Even if work became unnecessary in orer to get us the pizza de choix, we would still wish to fill our time, just to give ourselves something to talk about at all those soirees that our excessive free time would require we attend just to fill the empty void before bed.
Plus work allows us to get away from our children (and them from us).
> The idea of light triggered curtain closing/ lighting activation is pretty cool too.
The Swish AutoGlider has been available for 20 years. We got ours in 1996, still going strong.
it's 3D TV, again
> the impression lurking of it not being 'quite' ready.
The basic problem is that it's *not* home automation. It's (merely) remote controlled switches for electrical goods. And not very good r/c, at that.
Messing about with key fobs and the like was great in the 1970s, but these days you'd need something like EasyVR (speaker independent voice recognition) to get even the slightest twitch from the "that's cool" meter. Even so, who gives a hoot about switching your lights on or off, that's what LIGHT SWITCHES are for.
No. If you want true home automation, it's got to be more. Just like 3D TV failed because it wasn't actually 3D (a necessary prerequisite for all, except the marketing department). So it is with H/A. Until a home automation thing can fill the coffee pot, take out the rubbish and clean the bath - then clean the coffee pot, bring in the cat and fill the bath (and do these things when necessary, not when someone tells it to: the "automation" bit) it's going to be more trouble than its worth.
What IS new
... is that there's been so little innovation from Apple for such a long time.
It does appear that they managed to launch their ballistic [ used as a technical term here ] trajectory with the early products, when there was little or no competition. Since then the curve has been sustained by the F*bois who are still living in 2008/9, the inertia of big business and the lack of anything better from the Android-ers: who are *still* playing catch-up and who's idea of innovation is aping what Apple have done in the past.
However, like all ballistic trajectories, at some point the upwardsness flattens out and gravity starts to exert its influence (as it does on us all!). Sooner or later that "meteoric" rise does what all meteors do and falls to earth in a firey spectacle. The only difference between Apple's ballistics and ordinary ballistics, is that you can usually plot, very accurately, the where and when of the descent and ultimate crash. With Apple half the fun is spectating and wondering when the historians will say "they finally lost the plot". Oh, and try not to be underneath, inside, or invested (financially, or in the products) when it does hit.
Looks up, checks calendar.
Wasn't all this stuff done to death and reached the same conclusions over 10 years ago, when IR35 was a "live" issue. These days there doesn't seem to be anything new, except the Jimmy Carr reference and the inevitable few contractors who still think they can get away with it (or their lawyers, who really should know better by now - surely it's wandering into the realms of professional misconduct for them still to be advising clients that they can avoid their taxes in this way?).
Most contractors of that era just did what I did: go "legit" and bump your rates up to make up the difference. Job done.
Re: France and secure communication
> Verlan is a technique in which the french reverse all of the sylables in a word.
So you're advocating that politicians speak in incomprehensible ways? A fine tradition that already goes back 40 or 50 years. (Though, admittedly, one that american presidents seem to be particularly good at, so maybe they would understand what was meant - even if it boggles the rest of humanity.)
However considering that we're talking about keeping comms safe from american spies, surely all that's needed to confound and confuse them are a few kg's, cm's and the odd è or é scattered through the text.
Re: How can they print money?
> convincing the gully-bird public to buy shares
While hoping that twitterers' memories are as short as their tweets and that they've forgotten what happened with the Facebook floatation.
As for long-term growth: how does 150 characters sound? (100 for you, 50 for the advertisers)
Re: Tell me why I don't like Moon days
... and probably the only BTR hit that most people could name. [ scrabble for Wiki ensues, followed by "what about ...." ]
Although there was the intriguingly titled (I Never Loved) Eva (von???) Braun on Tonic for the Troops. Maybe after this, he will feel better about the family name?
That burning smell
You would hope there would be some sort of regulations about how many of these could be installed within range of each other. While the article talks about 1 "charger", what happens if your premises puts one in, the shop next door installs one, too - as well as a utility device in the shopping centre and possibly another in the offices above the public area.
A few of these, close together could give the Walkie Talkie building a run for its money in the death ray charts if multiple chargers all locked on to your (pocketed) iPhone at the same time.
Quite the opposite
> considering rejecting registrations if they feature keywords linked to criminality
As anyone who's worked with Microchip's PIC processors will know, doing a web search for "pic" throws up millions of pages of garbage [ using the standard internet definition, garbage: anything not related to what I want to see ] and makes the name PIC a positive pain to find stuff for and presumably a liabilty for their marketing department.
So maybe instead of banning words that, at present have an association with dubious activities, but which tomorrow could have changed their meanings completely and been replaced by other "naughty" words - maybe Nominet should be positively encouraging as many people as possible to register sites with those words, close spellings or them, combinations and other possibile dodgy terms. That way the baddies, to some extent, be thwarted in their quest for naughtiness and might accidentally stumble upon something that's pure and good and right and might learn to mend their evil ways.
The only problem might be if you find that your mum has logged on to your honeytrap website ...
Re: The least of its problems
> You're forgetting/ignoring RPi was designed for a specific purpose
Nope, nothing forgotten here. It's important to understand that this is a suggestion for a model C (per. the post) and not as a replacement / substitute for the existing boards.
Since the hardware is open source, there is scope (though nobody has taken it up yet) for any other manufacturer to produce the current board or any future improved Pi - even with their own custom additions. As it is, pretty much all the later hobbyist SBCs have gone for bigger, better, faster processors and beefed up I-O, memory and facitilites. While the Model-B fills a niche, you'd kinda home the original developers weren't resting on their laurels and had some plans for a refresh.
Re: The least of its problems
> You can pry my ethernet port from my cold dead hands.
You could still stick to the model B (superglue is an additional cost)
The least of its problems
> one of the tiny ARM-based computer’s signal limitations: too few USB ports
In my experience, the number of USB ports on the Pi is a small matter. Ther are other design points that are more important to improve.
If anyone was planning on designing a "model C", I'd suggest dumping the Ethernet port, in favour of a Wifi device. Moving the ports around so they don't come out of all sides (possibly start by changing the SD card for a micro-SD), thus making it easier to integrate into other equipment. Adding some onboard flash, to obviate the need for an external card - though keeping the option for one.
It would also be nice if the board had (at least) a reset button, or, better, a header to break one out to a front panel. Do the same for some user addressable LEDs, so that the embedded version of "Hello World" doesn't need any hardware hacking and add an audio input port and you'd get to compete with the current best hobby SBC products like Cubieboard-2 and Olimex's A13
Innocent until ...
> They had no numbers on the number of convictions that arose from those arrests
Which is a shame, as that is the only statistic that matters.
Being arrested is not an indication that you've done anything wrong
Getting charged is no indication of guilt
Going to court doesn't make you a criminal
The only two possibilities for being classed a "baddie" is if you either plead guily (or accept a caution), or if a court finds you guilty and any appeals don't exonerate you.
I realise there is a huge "There's no smoke without fire" contingent who will naturally assume you're a fully paid-up member of the underworld is a police-person (or even the cheap plastic variety) so much as looks at you, but these individuals need to have their biases adjusted.
"Ask and it will be given to you; seek and you will find; knock and the door will be opened to you"
Or: Only open a can of worms if you plan to go fishing.
The "news" here isn't so much that the Beeb has a particular political leaning, it's that the BBC Trust chose to pay an organisation that would find that they had such a bias. I'm sure that if they'd chosen another organisation to review their output they could have obtained a completely different outcome.
The legal profession has a saying: Never ask a question unless you know the answer. I would hope that the BBC Trust has at least that much political nous, and that they got no surprises at all with the results that they paid for.
The only other question that comes to mind is: why would they have done this? Charter renewal coming up in a few years. perhaps?
Re: The code-ring on the golf course
> messages sent between foreign powers and their embassies
Don't *all* governments use one-time-pads for this sort of crypto. Definitely not the commercial quality stuff that you or I ever get to see.
It would be nice to think that the more sensitive commercial stuff was sent that way, too. However I'd be amazed if more than a few multinationals had the ability or security to operate at that level.
Re: The code-ring on the golf course
> The stuff is being archived indefinitely regardless of who you are.
Makes little or no difference. Most intelligence data is time-critical. It has a very short shelf-live. Consequently the spooks will be focussing their attention on intelligence gathering that they can decrypt, analyse (almost certainly by connecting it to other sources) and act on within a short timescale: a few weeks, tops. Anything older than that will be of no interest to them- even if they do keep it forever.
But so what if they *do* keep everything, indefinitely. They'll never get around to looking at it. The very worst case is that in 50 or 100 years some historian will decrypt a packet that contained the pass-code to your bank account. It's the sheer volume of data that is, and has always been, the problem for intelligence agencies - the good news is that almost nobody is important enough for them to take an interest in .
The code-ring on the golf course
> Basically, the NSA is able to decrypt most of the internet
Having the ability to pick a single piece of (encrypted) internet traffic, at will, and decrypt it is a long way from being able to decrypt *every* piece of internet traffic, scan it for content and act on it. In real time.
Havng a piece of encrypted data handed to you and being asked to apply your decoding "magic" to it is one element of the NSA's work. However they still have to be able to isolate that significant piece of encrypted traffic from the billions of others: comparable to finding the one blade of grass on a golf course that has a coded message written on it.
That job of knowing which message to apply their brute force (or "cheating" - how ungentlemanly of them) processes is a monumentally different and much, much bigger problem. Sure: they can find stuff if they know where to look. However that knowing is still dependent on and limited to other more traditional methods of surveillance. There's just too much ordinary stuff, flying around as encryrpted data, or steganographic plain messages concealing sensitive information, for the NSA or any other body to check it all.
In this case, security through obscurity does work.
> an oversized and overpriced digital photo frame
Wouldn't be any use.
A quick calculation shows that a 16:9 "4K" (i.e. 4,000 horizontal pixels) screen would only have a resolution of a piffling 9 MPix. Anyone who's willing to splurge the cost of this on a screen will certainly have a state of the art digital camera (or even phone) that has a far, far higher resolution than this screen could ever display.
Don't judge a book by its cover
In this case the cover is the TV. Whether it is 4K, 3D, 625 lines (yikes!) or even in colour.
The "book", however is the content: the programmes, video games, films and is (hopefully) the reason why we bought the telly, in the first place. To watch them, not to dribble lovingly at the sight of an enormous screen.
Now, it does seem that with every new revision of the "cutting edge", the technology improves but the programmes (and other stuff) do not. So we end up spending £100's or £1000s on spiffy new kit, only to turn it on and watch 40 year-old episodes of Dad's Army.
Unless there's something completely immersive about 4K, and there is sufficient content made available specifically for it then there seems little point in upgrading - at least until the currrent telly has worn out.
There does seem to be one aspect of 4K that would make it a "must buy": the ability to get three or four ordinary TV programmes running as P-i-P at the same time. Then we might stand a chance of finding something decent to watch. Provided the picture quality isn't compressed to hell and back, just to get a number of channels down the satellite link.
Knowing your place
Yes, the blogger does sound like a petulant child. Yes, it doesn't seem (to the unqualified eye) that he's done anything illegal. Yes, it seems like the head has completely over-reacted.
In fact, nobody comes out of this sorry episode looking as if they are a shining example of the role they fill.
However it seems to me that the head teacher has grossly over-stepped his authority, getting involved in events that happened outside the school gates - even if it was all about the school. Schools are not the USA - they don't have a god-given right to interfere in matters that displease them, in areas they have no jurisdiction over.
I am slightly puzzled by the head teacher's reaction, however. Given the obvious animosity between him and this kid (one that smacks of unprofessional behaviour, reacting to the taunt is a newby's mistake), you'd think he'd be throwing a party to celebrate the parting of the ways, rather than stirring things up even more. Maybe with sufficient exposure, teachers do get to be like the children.
Fuel to the flames
> So, those of you who've not yet entered the competition ...
You *know* this is just going to be a platform for the smutsters to take another bite of the cherry ... Hmmm, cherry ... CHERRI
Computerised High-altitude Emergency Rockblock Release Initiator
Does it matter what you do at 15?
Ans: only if you're still doing it at 40, or 50, or 60.
So teenies smoke. It's no big deal - they'll soon grow out of it. 15 years after you stop, almost all of your health risks are the same as someone who's never smoked. In fact there is some evidence that TV campaigns, such as for nicotine patches can INCREASE the number of young and stupid smokers - on the basis that these make it easier to stop later, once they realise how nasty (and costly) it is.
So from a health PoV, stopping in time is as good as never starting. Although during those intervening, all important to social acceptance and getting lurve years, you'll still stink of tobacco smoke.
Re: Why Not. Here's why
Is it really a good move to name a software release after something that breaks so easily?
Or that melts when it gets warm?
I suppose some people will give it the finger (or 4).
A working definition of hell?
> four days of motivational speeches
Apart from being stuck in an enclosed space with 10,000 (other) geeks.
Which would be worse: if the sanitation failed, or if the internet connectivity failed?
and which would be noticed first?
Non technical alternative
One place I was employed was going through the risk-assessment process. The finance guys were (as usual) baulking at the cost of it all and suggested that it would be cheaper to insure against the loss, rather than prevent it through technical / architectural means.
This view gained a lot of traction and would have been a hell of a lot simpler to implement: just sign a larger cheque to the corporate insurance people, than any of the proposed IT solutions (which in truth, nobody really understood - least of all the technical architects who were proposing it). However, that plan fell apart when someone from tthe legal dept. piped up that there was a statutory reqiurement to have archives, backups, DR, plans and provisions in place that could be audited.
It does make you wonder whether this particular phone compmany could / would / did claim any of those losses back off their fire insurance? If so, was it really their loss, at all?
Named as it does
P.S. <gift horse>Does the winner have to pay the £8+VAT/month line rental, or is this thrown in for free?</gift horse>
Lesson: the first
> So what does she train the dogs to do with the iPad?
You'd kinda hope that a high priority would be to teach them not to cock a leg up to it. Everything after that should be considered a bonus.
The report sounds as confused as the existing IT
> tech it believes the police should be using but isn't – such as mobile apps, social media and the cloud. ... national rollout of 41,000 devices between 2008 and 2011 sucked up £71m while achieving very little.
So which is it? The Met should spend a ton of hard-paid community charge and taxes on tens of thousands of hand-held devices, or not do it because they've been shown to be ineffective?
It does appear that there's a total leadership vacuum at the top of the Met, so far as IT is concerned. No ordinary business could ever justify having 70% of it's (obsolete) IT kit as redundant. Assuming their meaning of "redundant" is the same as everybody else's and this isn't just a political football being kicked resolutely towards one's own goal.
As with a lot of these things, the blame lies firmly with the top echelons. The IT management for not spending their budget wisely, and the Met's top brass for keeping them on and allowing this situation to arise. Maybe the time has come to outsource the whole mess to a foreign call centre. Then they'll really learn a thing or two about "having to re-enter the same information in ten different systems"
Re: Not so much
> UPSs? That's why we've got laptops!
But UPSs are for so much more than computers!
They also run LCD/LED TVs, Sky boxes, lights, WiFi+routers and most other things that don't have switch-on surges or excessive power requirements. Plus, they generally have spike/surge protection, so they keep your precious gear safe from the nasties that can happen when the power does come back, or only fails for a second or two.
Not so much
> a freelance technology tart
Any self-respecting technology tart would have UPSs to handle all this (though admittedly not on the cooker or uWave).
Re: Please stop with the "Growing plants" thing
> Last lot who argued with him got turned into a pillar of salt
Actually it was Lot's wife who got turned into a pillar of salt. But in Deuteronomy and other books, people got stoned.
So basically the guy paid $500 to be introduced to a large number of potential clients and given 8 months to cultivate the contacts and relationships he'll need when he gets released, to distribute his crop and grow the business.
And the judge who gave him this opportunity said he wasn't smart.
Honking your horn
> If you don’t toot your own horn, who is going to do it for you
And there we have it! The secret to success: not just in IT, but in any career in any country, for anyone of any gender.
If you want a pay rise, you have to ask for it. If you want a promotion you need to go out and GET IT. Sitting at your desk waiting for muggin's turn to finally favour you gets you nowhere. However, grabbing the bull by the balls is a trait that is more often seen in a certain type of (usually, but not exclusively) man - generally the ones who make a lot of noise, attract (management) attention, are a pain on the arse around the office and let people know (loudly and often) about their successes. If you think that demurely saying "yes, maybe I would be willing to take on a little more responsibility" or "I do think I've grown into the job" at your annual appraisal is all it takes, think again - everyone. It may not appear "seemly" or "feminine" but - if you don't ask, you don't get.
You need to take the initiative (and not as an ex-subordinate did when I gave him his review: [Me] "You don't use your initiative" [Him] "you never asked me to") and be one step ahead. Tell you boss that you think "X" is going to be an opportunity and you'd like to try making it work - don't wait for the honour to be bestowed on someone else.
I have to say that this seems to me, in large lart at least, to explain why women so often get paid less than men and/or don't rise so fast and so high. Simply because they don't ask for pay rises or promotions; they take what is offered. Similarly when applying for a new job, the tendency is to not rock the boat and accept the salary being offered, rather than haggling for an extra grand or two.
So get that horn and start honkin'