189 posts • joined 17 Sep 2010
Who lets SNMP in the firewall?!?
Id or not id
Id parades are not done in person these days. A witness gets to watch a 15 second video of each person looking at the camera and to the left and right. The problem is that the police may not have arrested the right person, but younger and older people are likely to pick someone out even though they are always told beforehand that the suspect may not be present.Perhaps they believe the police wouldn't arrest the wrong person, or just so as not to disappoint an authority figure.
Some research (watch the video from the Open Uni here - http://connections.kmi.open.ac.uk/content/catriona-havard) shows that adding a mystery man video on the end helps people choose 'none of the above' without compromising the stats when the suspect actually is in the line-up. Simple idea.
And if it's miscarriages of justice you're after, this is interesting talk from the same site - http://connections.kmi.open.ac.uk/content/keynote-graham-pike which notes that fingerprint experts can be made to change their minds about a match (you didn't think it was all done by a computer did you?).
Meanwhile the poor Babel fish, by effectively removing all barriers to communication between different cultures and races, has caused more and bloodier wars than anything else in the history of creation.
They Couldn't Be Bothered
I've notified 3 well-known British companies so far their websites were vulnerable.
AND THEY DON'T CARE. THEY HAVEN'T PATCHED. THEY WILL PROBABLY NEVER PATCH.
Re: Your observation is flawed
Incorrect; process separation means you should only be able to dump memory available to that process.
Re: Check your vulnerability here.
WARNING: this site lists the most recently looked up flawed servers.
IF YOUR SITE IS VULNERABLE IT WILL BECOME A LIGHTNING ROD FOR ATTACKS.
Hmm, instead of a tank have a self-driving vehicle? Perhaps Google could do some research into tha....wait a minute!
Re: CompSci graduates...
Summary: you're a CompSci graduate and you're so bitter and hurt and angry that you've been exposed as inferior. Only troll here is you, mate. Now going join the Labour party so you can bitch some more.
I never met a competent programmer that learned programming doing CompSci. They almost always started learning much younger through their own interests.
If you get to university and THEN decide programming is for you it is way too late to be of any real value or skill.
Misread that name as a 4TB Testicle.
Now there's a new development in flash drives...
Re: Oh for a steam roller..
While it may be true that some "developers" like going to these flag waving events - I have never met one of my calibre who made a habit of going along to these things.
Left-wing British are just fuckwits. To say they have a clue about anything is... ridiculous.
Type "proceed" to bypass Chrome's non-bypassable warnings
If there's a certificate problem accessing www.google.com, for example, type "proceed" into the browser and you can bypass the warning.
This is useful if you're performing your own man-in-the-middle SSL attack.
Re: Mythbusters ...
As a bunch of Hollywood special effects specialists I would hardly regard them as the leading experts in the field of radio communications. I sincerely doubt either of them has ever held an amateur radio licence.
Using Mythbusters as your justification is like citing Judge Judy when giving your opinion of the law.
Re: You don't have to turn you phone off
It's like you're shouting "I DON'T HAVE AN ENGINEERING DEGREE" over and over and over.
Get one, then tell me your (more educated) opinion.
Re: full undivided attention of everyone on the plane is required
What is a micro-processor? What frequencies does it run at? 1GHz? 3GHz? These are radio frequencies. With tiny wavelengths. That radiate from the circuit board despite best efforts. And what if you have a Chinese knock-off without any shielding?
Doesn't have to explicitly be a purpose-build radio transmitter to transmit radio signals.
Re: "Or put another way stick a cage round it!"
This is the problem. Complete idiots who can't even see common sense much less have advanced education in electronics or amateur radio think they know more than the CAA or other aviation bodies and aircraft manufacturers.
I'm quite angry that there are no prosecutions for ignoring the clear instructions. On every EasyJet flight I hear them announce VERY CLEARLY no less than THREE separate times "all electronics must be switched off during take off and landing".
Yet every time I request the passenger sitting to my right or in front of me to turn off their phone I get attitude - or a stalker who is determined to lecture me in manners.
Ignorant, selfish, arrogant. That is the modern passenger. And I'm angry about it.
Keep on writing
Your articles are refreshingly honest. Keep them going.
Here's what I want to know: why don't companies recruit contractors directly? Given that most recruiters don't know f@#$ all about tech they continue to pass over talented people and put forward poor quality candidates that have purely fictional CVs.
Their 10 or 20 or 30% cut isn't deserved, is what I think, but what do you think?
This author says it how it is
A lot of people seem to bitch about this author - but the reality of what he says is mostly true and what I've experienced as a contractor.
Hell - anybody who thinks Computer Science graduates are a waste of time if they haven't studied C or C++ is a genius by comparison with most techhies these days (sad to say).
2 HTC Phones, 2 Buggy Phones
I've owned 2 HTC phones - a HTC Chacha and a HTC Desire Z. Both had SHOWSTOPPING bugs (i.e. phone became unusable - the Desire Z would freeze the phone for minutes when sending a SMS, the Chacha would CRASH every time one pressed the call button after a over-the-wire software update).
While I later rooted both phones and put CyanogenMod on to fix the bugs I would think the majority of consumers wouldn't go so far and instead throw out these phones and switch brands.
Embedded with what? ARM processes in thermostats?
This is a ridiculous standard. TCP/IP only? You f@#$ing kidding me?
Sure - you might have space for a full networking stack in your device. But let's be real. That 8 bit microchip isn't going to have space for windowing protocols.
Why oh why don't we have a UDP option. Hell this specification states that delivery might be unreliable yet it specifies TCP for the standard when really they were looking for UDP.
How the f@#$ did this standard get ratified?
I have a Windows 8 laptop
I bought a Windows 8 laptop. And boy did it fuck me off for weeks. Eventually I found an open-source start button to add and now it is only half as shit as before.
One of the problems is that buttons on GUI applications frequently don't respond to mouse clicks and I have to resort to using the keyboard (space bar) to actually "push" the button.
Public Domain Works If We All Play By The Same Rules
But we don't play by the same rules.
Companies like Microsoft and Apple are legal entities fighting legal wars over the very definition of all things. What is "ownership"? Can we bind people to "licences" and never own software (and therefore never re-sell)? Can we prevent others from implementing basic simple ideas? Can we control innovation and design and force legal standards to be followed that result in handsome royalty fees to those who lobbied the government first?
The world is a dirty place. There are crooks everywhere. Companies are organised gangs who will do ANYTHING to get rich. EH-NE-THING.
When you're faced with an enemy prepared and willing to use the law to abuse you and your efforts you must use the law to protect yourself. You can't go into a "fair fight" continuing to aim above the belt when your opponent is throwing sand in your eye and aiming for your groin.
Re: trim the staffing
"they took our jobs" whinging is reserved for your factory workers that could barely learn one job let alone another. I'd like to think most of our IT guys can actually learn more than one skill in their lifetime.
Re: It's a fair cop.
The only people I know that care about or get excited by Heroku use Mac laptops at work. Says it all, doesn't it?!
So what if China is making a copy of every bit going over the cable? What part of financial trading should be done over anything but an encrypted point-to-point virtual connection? Answer: none.
Better you build a cable and treat it with grave suspicion and then utilise it properly: with the highest grade encryption you can muster.
It's so exciting - dynamically scaling websites!!! But so stupid. Why? Because you don't need it now. And if you do need it then you can afford smarter people to plan and scale your web application as appropriate. Smart tech companies are like smart power companies - they plan ahead for peak utilisation periods and slowly, but methodically, bring capacity in and out as required.
If you start small dependent on a custom API then you end up big dependent on that custom API - and a dependent customer is a screwed customer.
Re: Searching for diamonds
I've tried explaining to recruitment agents that Hadoop is a waste of time. I know. I've tried. You can write far more efficient solutions in C or Java.
Besides - if your data set is that big - then the problem you're trying to solve will be well defined - allowing you to spend a little time crafting the right tool to get the answer. This will always execute faster in the long run.
Re; Quite right, too
Just a pair?
I keep a set of 3 disks.
At all times one is off-site.
I have a TrueCrypt container on each disk and use Beyond Compare to synchronise files between any two disks at a time.
The problem with a mere pair is that they have to be physically located in the same place to do the copy. Which means that fire, flood, government agency breaking down your door, or burglary can render your data gone.
Think: physical diversity!
Now if only a damned recruiter would actually READ my profile before deciding whether to spam me.
Vodafone's culture seems rotten - doesn't take long at the headquarters in Newbury to discover this!
There seems a complete lack of regard for employees. The idea of a "hot-desking" culture with mandatory clear tables seems to treat employees like animals in a zoo. Information seems hidden and not shared. It's just seemingly bleh - so many people start working at Vodafone only to seem to turn around and run as fast as they can as far as they can away.
Better Than You Think
I'm a dyed-in-the-wool C developer. I like C++ and dabble in Java, too. But professionally I've been using Perl for most of my tasks since I picked up the language over a decade ago.
Even now things I have come to take for granted from Perl are lacking in modern languages - a WWW::Mechanize for C#? How about truly flexible regular expressions and a means of expressing them over multiple lines? How about specifying string constants over multiple lines?
Perl has curly brace support - something that, for me, puts it so far in front of Python and similar white-space-format-dependent languages. If you need to mash everything up on one line in Perl YOU CAN! If you prefer your well indented forms YOU CAN! Many languages keep telling you "YOU CAN'T" - Perl is an enabler - not a denier!
This idea that Perl is a write-only language is rubbish. I've seen garbage written in every language. Just because Python forces you to indent and Java forces you to wrap everything in exception handlers doesn't mean the code is easier to understand! Good Perl developers write good understandable code - including well thought out variable names, comments, and POD (in-code documentation for Perl).
How about test harnesses? Almost all Perl modules available in the standard build and on CPAN come with test harnesses. I can't think of many projects or languages that are as thoroughly tested - or make testing as easy - as Perl.
Ignorance is aplenty in the Internet world. Perl is pretty easy to pick up - especially if you read Larry Wall's wonderful Camel book (he's a great entertaining author) - and has capabilities that stretch from satisfying the most basic of user to the more experienced. But it allows you to hang yourself and others - so self-discipline really shines in the Perl community!
Give that kid a job
He clearly knows what he is doing. Which puts him in front of 99% of technical professionals I've ever met.
When it crashes can you still boot off the existing hdd?
NO PHONE NUMBERS
I have a serious problem with privacy concerns handing out my phone number to Google.
I really wish they would let me create a private/public key pair for authentication purposes. This would be far more useful than a phone number that a) should be private and b) may not work overseas.
Black Out WillIAm
I'm sick of this talentless **** always in the news. Can we have a news blackout on this idiot?
Re: Re. It could be the end of tailgating Audis
It doesn't matter if YOU tailgate. It matters if the person BEHIND you tailgates.
You can't control the 4x4 on your butt. And rest assured if YOU stop quickly you WILL get hurt. Even though it is NOT your fault.
Tailgating is prolific on UK's motorways. I am cautious with my laser guided cruise control because occasionally it hits the brakes if there's a bright sunset, so I have to keep my finger on the button to switch it off at any moment.
I think auto stop is stupid. Problem is many drivers are even more stupid and there are no police to enforce safety issues on the road.
With Apple you sign away your rights to everything anyway. You're not permitted to use the phone any way you want. You can't root your phone and use the hardware with any software you choose.
What's happened to Woz?
Re: Not Just Radio Amateurs
Ham radio is wonderful for inspiring teenagers at school who may be genuinely curious how their mobile phones work. Most of us built a crystal AM receiver as a child. Some of us take that further and start to learn about Morse Code, inductors, capacitors, amplifiers, and more.
I think it is important to ring fence and preserve this spectrum for the hobbyist and curious. It's like having parks available for children to play in.
I use the Internet prolific ally. Turns out I am a much better programmer than electrical engineer. But I am very thankful for my younger years learning about electronics from articles and ham club members. And I am firmly against power line Internet that uses unshielded wire for transmission. Ethernet is a superior solution.
Oh God I've Waited For This
A cheap upgrade or downgrade from Vista...
Oh wait - let me guess - my OEM laptop Vista won't qualify?
I would never hire any kid that voluntarily took this course.
Re: memcmp! FFS!
Rtfm. It's a casting problem. If the result of the memcmp is outside a signed char then there's a problem. Chances are memcmp returns an int but the MySQL coders erroneously cast the result to a signed char discarding high significant bits.
If you don't understand this, fine, but the article was clear on this. The problem is not with the OS.
STOP CHANGING MY INTERFACE. I'M SICK OF IT.
I'M STILL USING OFFICE 2003.
I'D STILL BE USING XP IF YOU SUPPORTED IT.
STOP MESSING WITH US OLDER GENERATION, YOUNG TARDS AT MICROSOFT.
I, too, want to know when the BBC website will ask before placing a uniquely identifying cookie on your computer.
Poor developers will always ruin anything simple.
I run a nagios check which tells me how many days remain on my SSL certificate on any particular host.
HTC don't do software
I have a chacha. It was fine until I did an over-the-wire upgrade. After that the phone would crash any time I tried to dial a number.
Not the first time I've had utterly shit software from HTC.
Rooted the phone - put on cyanogenmod! It works now! I can dial! Let this be a lesson. HTC phones always work with Cyanogenmod - but are unlikely to work on the stock software that comes with the phone.
If you're willing to invest around 4-8 hours rooting your phone then buy HTC. Otherwise - don't.
- Crawling from the Wreckage Want a more fuel efficient car? Then redesign it – here's how
- Review Xperia Z3: Crikey, Sony – ANOTHER flagship phondleslab?
- Human spaceships dodge ALIEN BODY skimming Mars
- Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
- Downrange Are you a gun owner? Let us in OR ELSE, say Blighty's top cops