You seem to be assuming that it's not possible to just successfully implement a new financial system for a large public organisation without then needing to perform _any_ kind of investigation.
Oh right. I'll get my coat.
Posts by Henry 8
15 publicly visible posts • joined 24 Jan 2013
Mega city council's Oracle ERP system still not legally safe, compliant... 2 years after rollout
AI hallucinates software packages and devs download them – even if potentially poisoned with malware
Sunday 31st March 2024 17:25 GMT
Re: So nobody ever tried the commands before publishing?
Bad guess. The README (which has now been updated) explicltly told users to run the command "pip install $WRONG_PACKAGE". FWIW it looks like the reason for installing the $WRONG_PACKAGE was just to facilitate downloading some data files, and this has now been replaced with a simple "git clone" command.
Attacks on UK fiber networks mount: Operators beg govt to step in
40 years since Elite became the most fun you could have with 22 kilobytes
Thursday 18th January 2024 10:23 GMT
The Google-provided analytics.js that is downloaded with this story (along with pretty much every webpage we all visit...) is 52kB, so over twice as big as Elite. I know which of those two products I think has brought more value to the world.
(yes I know my browser probably caches analytics.js and doesn't redownload it on every page I browse to, but that's not the point)
If your DNS queries LoOk liKE tHIs, it's not a ransom note, it's a security improvement
Thursday 19th January 2023 10:18 GMT
Re: Colour me surprised (in upper case)
The comment about email addresses is not strictly true. The domain part (after the @) is case-insensitive, but the local part (before the @) "MUST be interpreted and assigned semantics only by the host specified in the domain part of the address" (RFC 5321). Whilst in practice many mail servers will handle the local part in a case-insensitive manner, one shouldn't rely on that behaviour.
KCL external review blames whole IT team for mega-outage, leaves managers unshamed
Thursday 23rd February 2017 19:14 GMT
"the core College IT systems and data and file storage were backed up on a different location of the same storage unit"
I'm sorry, but whatever organisational problems might also have been at play in the sorry episode, any sysadmin who thinks that copying data to the "same storage unit" can in any way count as a backup is incompetent.
Adobe preps emergency Flash patch for bug hackers are exploiting
Wednesday 6th April 2016 06:41 GMT
Re: Meanwhile, Adobe plans to make Flash harder to maintain
One just has to register for distribution rights, once, for free. Took me about 2 minutes to fill in the form and get an automatic response. Yes, it's mildly annoying that they're taking away the old enterprise download links, but it's not difficult to use the replacement - I've been doing so for months.
Microsoft whips out PowerApps – now your Pointy Haired Boss can write software, too!
Tuesday 1st December 2015 16:43 GMT
IFTTT
I haven't done a full comparison of the available features, but the "send email when there's a new tweet" thing sounds awfully like what one can already do (totally for free) on ifttt.com ("If this, then that"). That site also has a great many recipes that others have already written if one wants to copy something to get started.
Shingled drives get SpectraLogic archive down to 9 cents/GB
Monday 24th August 2015 11:45 GMT
Independent failures?
The statement "probability of data loss to 1 in over 2 million years when properly monitored and maintained" sounds rather fishy to me. What are the chances that they've taken "failure rate for a single disk" and just multiplied that up N times, assuming that all failures are independent? Even if you declare lightning strikes and earthquakes as outside the calculation, disks that are hosted in the same environment, and which were probably all made in the same production run, don't have independent failure rates.
PINs easily pinched with iPhone-attached thermal imaging kit
Friday 21st August 2015 10:58 GMT
So the article says that this technique doesn't work on keypads with metal keys. Well fair enough, but I've used a far lower-tech solution to bypass keypads (er, obviously, only to get in to areas where I *should* have had access but didn't have the code to hand...). Just look for the keys that have the slightly greasy residue from people's fingers - far easier, cheaper and lower-tech than thermal imaging cameras!
Phone hacking blitz hammers UK.biz's poor VoIP handsets
Tuesday 16th June 2015 17:47 GMT
Thinly-veiled advert?
I agree that sysadmins should remember to include VoIP in their assessment of network security etc. However, I'm afraid I'm always going to be sceptical of a company-produced "study" which essentially ends in an advert where they tell you that the same company just so happens to sell a product which can help solve $problem_covered_in_report
Dell charges £16 TO INSTALL FIREFOX on PCs – Mozilla is miffed
Wednesday 5th March 2014 15:12 GMT
Re: RE: service charge
I would be rather surprised if Dell were actually paying someone to sit for 10 minutes in front of a computer and hit "next". For the Windows machines I look after, I tick a box, and Firefox will automatically install on a computer of my choice. And for the case of the Dell website, the customer has already ticked the box for them!
Biting the hand that feeds IT
