Hey Bill - Get Microsoft to develop the robots. MS's new "killer app"? Even if they stay up long enough to become a menace to humanity, they'll be easily hacked to disable them.
215 posts • joined 18 May 2007
Hey Bill - Get Microsoft to develop the robots. MS's new "killer app"? Even if they stay up long enough to become a menace to humanity, they'll be easily hacked to disable them.
> ...otherwise consumer prices would have to rise...
Only in a monopoly. If $COFFEESHOP or $ONLINERETAILER raise their prices to keep the profit after taxes the same, consumers may* go elsewhere.
* If price is the most important factor for the consumer. They may prefer $COFFEESHOP for other reasons. Personally, I find Amazon to be far more convenient than e.g. Play.com, so the fact that they often have the best prices is a bonus.
So my cursor hovers over a dodgy link - am I about to click it or am I reading what the link actually is at the bottom of my email client/browser?
2038 problem - That's my pension, that is - why would I want to fix it now?
Understating the problem (again).
For 1, assuming you had the source code, there were code-scanning tools that could help. For the others - just work out exactly what it does from its inputs and outputs and rewrite it. Easy eh? (Not). On the other hand, big improvements in documentation and the use of code repositories came out of the Y2K program.
For 2, PCs were relatively modern kit and had short lifecycles, so newer ones had been "fixed" by the manufacturers Y2K program. That didn't mean (bad) code hadn't been reused, but it was relatively rare.
3, many, many-one...lots - Embedded systems, firmware, compilers, libraries, tools, applications - All had to be reviewed and fixed. Apologies, I'm sure I've left many out.
In 1984 I was a newbie software developer working on apps for minicomputers; One of our 3rd-party productivity tools was a terminal handling library that managed field types etc. I noticed then that it couldn't handle 4 digit years, but was told not to worry as "no-one would be using our app in 16 years time"
The funniest one I saw was the fix on a website that displayed the date as 1/1/19100. Not uncommon, but it was a tech support site.
"Apparently, its users (sorry, people) are actually quite good at spotting parody, irony and sarcasm in posts."
Therefore there is no need for this?
Following moiety's revelation that Cameron is a terrorist as defined by the Terrorism Act 2000 -
- can we prevent him from returning to the UK?
Beautiful. I'm sooooo tempted to rent a botnet to upvote this a few thousand times.
".... but the statistic on the number of comments matter as well."
I'll add a "Me too" just to get the number of comments up. Hopefully no-one will be annoyed by the AOL-ish contentless post.
"this is so bloody stupid that words fail me".
Again, me too. My gast is so flabbered, I can't even be bothered mocking Cameron.
Icon, for Cameron
I suspect a real-time translation of "Parlez-vous Francais" would be "Speak you French", or maybe with autocorrect, "Speak, sorry that should be 'Do you speak', French".
Plus, I wonder if the tone of voice would indicate it's a question?
My first night on-call, ever. I'd been reassured that it was easy money, nothing ever went wrong. So when the phone rang at 2am, I was all "haha, shift ops hazing the new guy, good joke". Unfortunately there genuinely was a problem, fortunately it was an easy fix.
Same place, other times. Because "nothing ever goes wrong", the old-timers have on-call divvied up between them. I occasionally get the nights no-one else wants. And something ALWAYS goes wrong on my shift, such as a filesystem that's been filling up with error logs that hits critical on MY night, so it's not just a cleardown task, it's fix-the-root-cause-on-someone-elses-screwup as well. Or a script that's worked a thousand times but fails when I'm on call. Certain suspicious minds think I'm creating the problems so I get the overtime, whereas I wonder if the Ops just don't bother calling the old lags.
Another time, another place, after the office party - An A/C failure takes most of a machine room down, hard. The on-call guy escalates to management, who call all hands to the pumps. Which sounds like a recipe for disaster, but I discover an ability to metabolise alcohol into brain cells and recover a knackered HP-UX server everyone else had given up on. Not as impressive as D though - D fixes a bunch of seemingly-terminal AIX systems. Come Monday morning, management are full of praise for D's skills and team spirit. D is like "Huh? Whut?" - doesn't even remember getting called, let alone the reanimation magic!
From the links, the base game RRP is £39.99, but with 30+ expansion packs at £10 - £16 each, £499 for the whole set is probably correct!
Eric, you're missing my point. The Login Management mechanism is an enabler as well as a security tool. Feel free to log and audit what I do, but don't get in my way*.
e.g. today I had a problem on a Production system that was querying a failed DNS server. Easy workaround, check another Prod system on the same subnet for a good list of DNS servers and copy the config file to the system that had a problem. Follow up by writing a quick script** to check 700 systems for which DNS servers they are using and remove any bad entries. Result: many minor performance issues resolved quickly and cheaply, many thousands of dollars savings in time for the systems users who had got used to a slight but annoying delay.
Your idealised version of login management would make it virtually impossible to get the required access to a second system to check the config, let alone the rest of the estate.
*Management understand that in general if you give someone Responsibility for an issue, you should give them the Authority to fix that issue. Accountability comes after the fact.
**Yes, this could have been done using a Configuration Management system such as Puppet, or writing a custom Nagios plugin to check configs, but that just shifts the problem of trust and adds cost.
> system administrators and their credentials are the most dangerous threat to companies today,” said Eric Chiu
ODFO, Eric. I know you're just jumping on a bandwagon to sell your products, but we're incredibly loyal considering how we get treated like shit, How about manglement and HR working to improve staff conditions rather than treat us as probable criminals?
E.g. where I'm working we're implementing a Unix/Linux login management system (similar to LDAP plus sudo); Information security are paying for the project as it has obvious benefits for them, but I'm all for it as it means I only have to remember and change one password. So I'll be more productive, less frustrated and happier as a result.
Thank you, now when I click an article that interests me I'm straight into the content (and it's less obvious I'm not working :-) It was getting ridiculous, if the article had photos one would be duplicated at the top of the page so no value was added.
Thank you also for the grey background, much easier on the eyes.
I'd add my vote for 4 columns, though BBC News and The Onion seem to use the same width as New-Reg
I thought the article was going to be a technique for cooking bacon by wrapping it around a hot gun barrel.
I believe those retailers that have lost data have agreed to cover the [customers|banks] losses and the cost of credit monitoring; The alternative is to have card facilities withdrawn, which would have crippled them.*
That's a threat with teeth, and it's neither necessary nor desirable for Government to be involved.
You're right that there are still many bad practices and that self-certification hasn't eliminated those practices. Any IT manager that ignores those problems is putting their career and their organisation at risk.
* IMHO, any merchant that stores the CVV2 code in flagrant violation of the PCI DSS rules should have this sanction applied no matter what the excuse.
No. Takes up too much space and isn't relevant to the the article.
Microsoft sells (or licences) their products for money, so they are held to a higher standard of accountability. It must be fit for its purpose, so they must either support/patch it or give refunds for a reasonable period of time.
Kudos to you for sharing your software. If you make the source code available, others can check and build on it, so responsibility is devolved. But if you deliberately put malware in there you could be sued.
Hmmm - Did I really just give Adobe Reader an excuse for being crap just because it's free?
Actually...Remember Margaret Thatcher's banning terrorists from the "oxygen of publicity"?
That worked so well, Thatchers children (Blair, Cameron etc.) carry on that line of thinking...
1) Steve Bong comes out at weekends.
2) Good satire must be believable, unlike this childish rubbish.
Wait...What did you say? WHAT?!
I blame El Reg for giving them the idea.
The high numbers of correct responses to the Net Neutrality, definition of URL and sizes questions is encouraging. As is the similarities between segments, i.e. sex, education and age. Bearing in mind that they surveyed normal people, not techies, and it's a very positive result.
I think the most of the rest of the questions fall into the "whatever" category. Even the distinction between the Internet and the WWW isn't something you often _need_ to know as a user, Apps handle that for you ;-)
> "However, this company does not appear to regard itself as under any obligation to ensure that its systems identify such exchanges, or to take action or notify the authorities when its communications services appear to be used by terrorists."
So, if I post on Farcebook, "gonna kill a soldier", FB are expected to check if I'm on a government watchlist? I could be talking about a video game, so looking for keywords is a really stupid way to do it. (Echelon, ANFO, jihad,...)
> " none of the major US Communications Service Providers (CSPs) regard themselves as compelled to comply with UK warrants ..."
Damn right they shouldn't, unless they have a UK branch. But I expect if they passed the suspects name to the NSA, the info would soon be handed over.
The whole Fusilier Rigby tragedy has been warped by the Government and security services to advance their own agenda, while denying any responsibility. Whether or not you regard the killers as terrorists, terrorists have won.
Or focus on the important part, Information Security. If your desktops get pwned and used as a botnet, it's irritating. If your data gets stolen or trashed, you're out of business.
So...how should we approach security? By getting people with certificates to pen test and fix ALL the holes? Or by getting a business type to assess the values and risks, and communicating that to the business to focus on key areas? I don't know the answer, but I don't think a lack of technical skills is the biggest problem.
> Profits should be taxed where economic activities deriving the profits are performed ...
Tax havens don't matter if the money doesn't make it to their borders.
> ...and where value is created...
That part intrigues me. If Apple design a desirable product, will they be taxed even if they don't sell that model in the U.S.A./California? Is it a return to double-taxation, or just a swipe at the Starbucks "royalty" model?
Robot Wars! Wow, I didn't realise it had ended 10 years ago. Presumably the ever-more sophisticated robots rose up against their tormentors and refused to engage in gladiator-style entertainment for the fleshies.
Thanks for the vPint
So your special base probably takes up about 6" squared of precious desk space and you need several as they're not easily portable?
I use a much more advanced mechanism called a "USB cable" - cheap, portable, efficient, multifunctional, easy to operate one handed, standardised, and the phone can be used while charging - clearly the way to go*
* Unless phone manufacturers are going the way of HP printers, accessories manufacturers who occasionally make a phone to leverage their add-on sales
Eeurocops - From Yorkshire, obviously. They're different there...
> Once an evidence-based approach has been adopted we can bypass the messy business of analogue politics entirely – the business of “winning people over”, of getting and obtaining “consent”. Therefore, only those qualified to interpret the evidence, such as leading digital thinkers like myself can judge an evidence-based policy.
The Government don't need no steenkin' evidence. They KNOW what is right (but only for the proles naturally; They're far too important to be bound by silly rules themselves).
Punishment can be an important part of rehabilitation. I'm in favour of locking up a menace to society, but if he's (genuinely) no longer a menace after years of rehab/reeducation/brainwashing/mind wiping/personality transplant*, and can be a useful member of society, he can work off his debt.
* Yeah, science fiction, but more likely than governments spending money on rehab.
Deterrence works on most people, who think about the consequences of their actions. No offence, but again you're using edge-cases (criminals) to make a generalisation about people.
It's a fact that your hypothetical defendant was arrested and charged; It's also a fact that they were exonerated. So either the facts should be given equal weighting, or maybe it's just easier to de-index the outdated report.
Even if they were convicted, the law sets the penalty. Prison time is a punishment and protects society by removing the offender, but should also attempt to rehabilitate offenders. _If_ they can be rehabilitated, there's little point in keeping them in prison at the taxpayers expense any longer.* The facts are available to people with a legitimate interest through the proper channels, such as a Criminal Records check. Public shaming went out with the stocks, but seems to have been reinvented.
A newspaper article about the crime and defendants will die a natural death in the archives. At present, Google is like a small-town gossip that keeps dredging up the muck. Yes, we secretly like to hear the juicy bits, but in general we deplore the gossip as we're probably targets too.
* Hindley, Brady, cop-killers, the recent case of an unrepentant teenager who killed a teacher - all edge cases, where deterrence (the need to be Seen To Be Sending the Right Message) may be more important than rehabilitation.
...which makes me so ANGRY...Oh no! Media inspired violence!
Yes, Mr Ward is talking about the UK. So Lewis is quite right to respond in that context.
Nice article from the NOAA, by the way. Record lows, eh? Cool!
It could be in the nature of a defensive patent, to prevent anyone else patenting it and withholding licenses. If Disney develop a working model and supply it to anyone on their Nice list for a peppercorn rent, they could hope to make their money back by increased movie sales.
Of course, anyone with enough money to fight this patent automatically gets add to the Nice list. and it's another line of attack against those on the Naughty list, such as torrent sites that use feedback and rankings. (So it would be a bad move to let it become a standard, or FRAND would apply).
...while investigators looked into possible threats...
What possible threats? That a device might be set to explode when it lost contact with its "home" network? Like when the plane was moved? Rendering a plane inoperable on the ground isn't like turning an airborne plane into a brick, but keeping the passengers on board seems to still be putting their lives at risk.
I suspect the biggest threat was that jokes could undermine the seriousness of the TSA and DHS (and their budgets).
...if you get value for money. A fake product for the price of a...fake product. No CC ripoff,
So what's the problem?
Oh, Apple are enabling/colluding with the counterfeiters (and probably raking off a % of data fees)? Yep, that's newsworthy.
T-Mobile CEO John Legere -
"On Ipad with@apple sim here is what u see..no @Verizon ,@ATT trying to lock u, @sprint with error page! @TMobile wins pic.twitter.com/z0jDZ9sRt5"
From the context, "Lpad" means "iPad". I know all the English words and carrier names. But as a whole, this doesn't seem like an adult communicating, and I don't usually ask eight-year-olds for purchasing recommendations.
I agree, spammers rank with plotters and paedophiles, and GCHQ must fight this scourge that affects me every single day
Does this count as a Data Breach rather than just an annoyance, as email addresses were disclosed? email addresses may not seem important, but could be used for phishing or invoice-fraud attacks.
A sternly worded letter from the ICO might prevent further sloppiness.
Thanks you, but actually patching servers is not the worst part of the problem - Testing and arranging service outages for Production systems is the killer :-( Fortunately the bash patching didn't need any outages, but testing and signoff for the change still took time and effort
...<Insert name of political party currently in power*>
* i.e. currently the focus of Civil "Service" propagandists about the paedorristcalypse that will follow if public servants aren't given everything they want.
When every public servant and politician [not necessarily the same thing] is on this database - Then I'll reconsider my opt-out
"Bristow expressed concerns that US and UK pullout from Afghanistan might lead to an increase in the volume of heroin reaching Britain’s streets."
We invaded a country and trashed the place, overthrew a government that had stamped out the opium trade, and then buggered off. No matter how good our motives and justification, we shouldn't be surprised at the anarchy that follows and that opium farming is a) possible and b) the only way some Afghans have of recouping their losses.
Not that I agreed with the Taliban, disagreed with the invasion, or approve of drugs. I'm just sayin', you stir up shit, don't be surprised what floats to the top.
Did Bristow have ANYTHING sensible to say? Or was it just "terrists bad, drugs bad, police good"?
No, apparently they've been "stolen" so the sleb doesn't have them any more. Or maybe Singer doesn't understand the law.
"Google knows that the images are hacked stolen property, private and confidential photos and videos unlawfully obtained and posted by pervert predators who are violating the victims' privacy rights and basic human decency by stealing and displaying confidential private photos and videos,"
Google should be charging the slebs for the advertising they're getting. I'd forgotten who Jennifer Lawrence was until this.
“Full encryption of communication and storage online will make life very easy for the criminals and terrorists and very difficult for law enforcement and law abiding citizens."
Really? How is my innocent, honest life made more difficult just because I use encryption? (Apart from having to remember yet another passphrase).
On the other hand, if I want to knock over a bank or make a bomb, will encryption really help me get a gun or chemicals?
One of the arguments for switching devices off during takeoff and landing was that passengers should pay attention to aircrew announcements (and not be holding potential projectiles in case of a bump).
Does paying €1-3 change the laws of physics?
bash is like a gun - powerful and dangerous, but fairly safe if kept in a locked cabinet ("Authentication"). If you leave it lying around or your kids get the keys to the cabinet, bypassing the safety mechanisms - Then you have a problem!
John Leyden, thank you for describing it as "vulnerability" or "flaw" rather than a bug in bash
As I see it, that's pretty much what "dotting in" or "sourcing" does. You're right that it's a feature.
The attack vectors like Apache/CGI that enable a shell without authentication? They're the bad guys. But if it's easier to block multiple attack vectors at the center by nerfing bash, the core OS guys can do that for you.
(i have no affiliation to any group, and am prepared to be "corrected" by both sides)
But there isn't a UK speed sign that says "70" or "60"; There's just "unrestricted", i.e. the national speed limit for that type of road, i.e. 60 on a single-lane, 70 on dual carriageway or motorway. Presumably there's a "Euro" setting for KM/H?
And it probably doesn't recognise temporary or variable speed overhead signs
And who needs a reminder of what gear they are in?
@ baseh and followups
You are not alone! Look up Deliberative Democracy: It addresses the question of professional "elite"* politicians v. "naive" masses, and I agree that education and good, balanced briefings on the topic to be debated are essential. We already use the technology, but petitions and Facebook groups tend to be very one sided at present.
We don't need a referendum on everything (See "The Rise and Rise of Michael Rimmer"), but I'd be willing to give up a few Bank Holidays to do "citizens" duty as needed.
My wife has just written her MA dissertation on Deliberative Democracy, and as chief proofreader, I've absorbed a little knowledge** ;-)
* See also the Dunning-Kruger effect
** Just enough to be dangerous. Disclaimer: My wife wouldn't necessarily agree with this post