* Posts by Lee D

560 posts • joined 14 Feb 2013

Page:

Apple Pay a haven for 'rampant' credit card fraud, say experts

Lee D
Silver badge

Re: Liability?

As I've had to say to people several times: You are not liable for fraudulent charges on your card. Ever.

When the bank question it, you tell them it was fraudulent.

It is then up to them to prove otherwise. If you're lying, and caught on CCTV buying those goods, or whatever, they can charge you with intentional fraud, etc. as well as theft of the money/goods.

But once you've said "I did not authorise this transaction number 12854738", that's the end of it. Refund me (and all incurred charges because of it) or take me to court and prove otherwise.

Sure, it's hassle. But never pay a charge that you didn't authorise, not even for a second. Doing so could even be taken as an admission of your part in a fraud, or even that you were present at a certain place at a certain time when you weren't.

0
0
Lee D
Silver badge

Re: 2 factor authentication - 'Are you you?', 'Really?'

Or, you know, those Visa and MasterCard SecureCode things where only the cardholder you reasonably can provide the second factor? But ApplePay / Amazon choose not to use them and absorb the liability.

Or, you know, texting you when a transaction occurs on your card like EVERY BANK IN EVERY OTHER EU COUNTRY DOES, for free.

Hell, I was able to tell the woman in B&Q that they'd double-swiped my Italian relative's card because he got two text messages from the bank before we'd even finished bagging up. And that's across international borders.

0
0
Lee D
Silver badge

Re: @Steve I: Well, actually old chap, now that you mention it................

Although the banks are playing their part, Apple Pay is allowing a photo of a credit card to be used indefinitely as a payment option.

The banks shouldn't be allowing it, but Apple Pay isn't being blocked by the banks either - so presumably Apple Pay are doing something in order to allow this situation to occur.

If Apple are relying on the banks to authorise the transaction, they are still storing all that data and - presumably, like Amazon - taking the liability on it to an extent. Notice that Amazon don't put you through the Visa/MasterCard secure schemes where you have to type in codes and verify to the source bank - they are storing your information for 1-click and then taking the hit on fraud themselves.

Presumably, Apple are doing the same here OR have negotiated their way out of liability with the banks.

Seriously, people, all that Chip-and-PIN stuff that the EU fought for for years? It's worthless here. We're still doing transactions with just the card number. Do they even use the CCV code on the back of the card?

If the number is enough (and it appears so for Amazon and Apple Pay) then the Chip & PIN stuff is worthless, even if the liability is shifted from the card issuer to the retailer. If the number isn't enough, Apple Pay wouldn't be able to operate as they are doing - and nor would Amazon. If the number is enough but liability is pushed to Apple, then it's partly Apple's fault for allowing this to happen for the sake of simpler business processes.

4
1

Super SSD tech: Fancy a bonkers 8TB all-flash PC?

Lee D
Silver badge

Get me a reliable 1Tb SSD at a price that isn't a significant fraction of a new laptop, and we'll talk.

More than happy to jump on board, but prices are prohibitive for any serious use at the moment.

That said, there are some cheap junk for £30 each on Amazon that are in the 32-64Gb range which is perfect for client machines for me.... that's the size of the image I put on them and all other storage is network. And £30 per machine is do-able, even factoring in a shed-load of replacements. It'd cost me that for new replacement hard drives of any size.

But for actual STORAGE, I have 2Tb just in my old laptop (two drive bays, essential!) and that's feeling the strain with only a few hundred gig free. Replacing that with SSD is £400-500 of upgrade before I start any kind of expansion.

SSD will kill hard drives, but not before the price per terabyte comes into the same order of magnitude.

2
4

Errant update borks Samsung 850 Pro SSDs

Lee D
Silver badge

Hacking your SSD because you didn't update the firmware?

You have bigger problems than just your SSD then.

0
1
Lee D
Silver badge

Simple IT rules:

1) Don't have automatic updates turned on. Let some other poor sod guinea-pig things for you. Press the button at the end of the week if you absolutely must (and if the drive was working, and the firmware has no release notes affecting yourself, why would you press the button?)

2) Don't update without backups. Because, you know what?, any update can break your machine.

3) Don't update without backups.

4) Don't update without backups.

5) Don't store all your data in one place anyway.

0
4

Visa: One million bonks a month for Europeans from next year

Lee D
Silver badge

Re: Authorised Payments

- How does one access their money if they get caught out with their battery going flat?

RFID coils are self-powered by the RFID reader. Moving them towards the reader moves them through a generated magnetic field which induces a current in a coil in the card / fob / battery (in Samsung RFID-capable phones, for instance). That powers them up enough to send and receive radio messages to the reader for a fraction of a second. Same way that Oyster cards etc. work, you don't have to change the battery in your Oyster card, and your phone battery plays no part in powering the RFID/NFC up (Samsung embed them in the battery, but I'm pretty sure they work even when the battery is dead).

- How does one stop scumbags spending their money after theft of the phone?

Pay-by-bonk has a limit on it (£30 or so?). And you are never liable for any card charges that you didn't personally authorise (you may have to argue and send bits of paper back and forth, but that's the truth of it).

0
1
Lee D
Silver badge

Re: Some of us don't want...

I invested in some RFID/NFC-blocking sleeves for my cards. They were literally pence on Amazon. You can stick them basically inside an NFC coil and nothing happens. It's not hard to stop such instances.

That said, I have them because I hate RFID/NFC etc. for exactly these kinds of reasons.

3
0

Small cells are like DRUNKS. They don't use lamp posts for light, they use 'em for support

Lee D
Silver badge

Question - if you're extending your 4G coverage, say, by using these devices, and they themselves connect back over 4G... isn't there a problem here?

One device fails near the main 4G tower, and the entire street/town all fall over?

And if you already have 4G reception to the streetlights.... why are you adding more 4G?

And if you have to do some other backhaul to get to these 4G cells, couldn't you have just done that anyway - because presumably that backhaul ends up somewhere nearby (a BT cabinet or similar) and you could have just mounted a pole or cell on the back of that, no?

It all seems a bit pointless compared to just slapping into another mobile tower. Maybe relevant in extreme rural areas where you're not allowed to even erect a pole but, then, you were allowed to erect streetlights so presumably a pole of the same height would have the same permissions, no?

It very much seems a solution in need of multiple problems.

0
0

There's more than one way to back up your data

Lee D
Silver badge

Re: Looking forward to the next installment...

Hint: Last time I checked for our ISI-inspected school, Apple had not provided guarantees that data on iCloud would be held within the EU. Google, Microsoft had, but not the other major players.

This is a pretty big roadblock. If you're doing cloud backups at any point, it's a good question to GET IN WRITING, especially with personal liability for some DPA offences now.

2
0

C’mon Lenovo. Superfish hooked, but Pokki Start Menu still roaming free

Lee D
Silver badge

Re: Difficult to remove?

Question:

Do you really trust the "uninstaller" third-party closed-source binary component of a piece of adware to uninstall itself?

Because if you did with Superfish, you'll realise it left a root-CA in your certificate store. And I've seen lots of malware where the uninstaller either goes out of its way to make things difficult and/or will actively reinfect the machine with the same (or sometimes partnered) malware instead!

Sorry, but being required to run a program supplied by the same people who wrote the unwanted program to GET RID of the malicious/unwanted program is... to put it bluntly... stupid.

Even when they are honest and uninstall themselves, they will still mess up. I've had browser toolbars on people's machines that, when uninstalled, will break Chrome or even IE because they don't remove the configuration properly. Because, well, who cares about the uninstall program? As soon as they run it, they are no longer a customer anyway.

15
0
Lee D
Silver badge

Corporate places; You should have an authorised, clean, verified, image. No excuses. Deploying any kind of machine without the corporate image is a nonsense.

Technical users: You should know to do a clean install. Your licence is always valid for that. Hell, it's valid to be a VM too, if you read the blurb. And if you can't do a clean install on day one, how do you expect to fix the machine a year down the line when it's out of warranty? Make sure you have the disks, licences, and drivers enough from day one to do a reinstall, while you can still send it back as "faulty" or "not fit for purpose".

Home users: You get what you're given. If you're given tons of junk, give it to a techy to clean up and cost that into your purchase price. Even your restore disks will be worthless and still have this junk on.

As someone who's just cleaned a Vista-era Fujitsu of adware etc. that was put on it on day one, and shocked the user by how much faster it now is than it's ever been, I know this stuff has been rife for years and it's only making the news now because of reasons unknown.

Lenovo are by no means the worst offender (I sit here with a network full of Lenovo machines, but they were all installed by clean image and I didn't do more than boot the first of them offline to see what they'd come with in terms of drivers, etc. - P.S. Lenovo's have a stupid keyboard driver for their stupid Fn-Key keyboards).

Nowadays, one Windows 7/8 image can be rolled out to a dozen different types of machine and "just work", with the free tools built into Windows Server (no, you don't need SCCM to do PXE boot and WDS) - in a rare instance you might need to build a driver package for its network card to allow it to boot or similar, but I've never needed to do that yet.

The problem hasn't caused a fuss because it only targets the weak - those who don't know how to clean-install, probably don't know how to check their computer for rogue root certificates, or think the adverts are just part of the machine. That's been the same for years.

While we're at it, can we stop such places ever bundling any kind of antivirus except as a separate installable package (the Windows one is perfectly adequate until we can get a "real" one on there, i.e. anything that doesn't bring your machine to a grinding halt like McAffee/Norton), all the photo-management junk, the user surveys, the "I'll help you update" wizards, the sidebars and toolbars, the print wizards and all the other tosh that's bundled in.

My rule to my dad: Give me any new computer first, before you use it. Then whenever something says it needs a driver disk, like a digital camera, plug it in first and see what happens. If you think you need to install ANYTHING to get it working, give me a shout first.

10
0

SSL-busting adware: US cyber-plod open fire on Comodo's PrivDog

Lee D
Silver badge

Re: If I were a layman

I never got why we need a CA anyway.

If I trust Facebook, then I trust Facebook. I don't necessarily trust every website ever created by anyone who's bought a certificate from the supplier that Facebook's bought their certificate from.

The CA is merely convenience in the process so that the first time I go on B&Q.com, I don't have to guess whether or not I can trust the certificate.

But a browser that "accepts" the first certificate it sees for a domain and remembers it forever after, that will flag if the cert changes or expires, more than fulfills most of the issues. We already do this for SSH, for instance.

Tie it in with a DNSSEC system where the authoritative, untamperanle DNS response for a website includes a proof-of-certificate and you pretty much wipe out the CA's function entirely. We already do this for email (DKIM, etc.).

To do this for websites isn't that much more of a push forward, and now we have the impetus.

Key security should be in the DNS, and should be tied - the .uk root should be saying THIS is the cert for the .co.uk TLD and it's the only one I specify. And then when asked, .co.uk will say THIS is the cert for the facebook.co.uk site (and here's the IPv4 and IPv6 addresses). And then Facebook can specify what THEY want under that domain as required. All signed, all authorised, back to the root.

1
0

Why IP telephony is about more than just saving money

Lee D
Silver badge

It's a shame that those VoIP-based call centers can't get their act together though. Many's the time I hung up on them saying "Sorry, but I can't hear a word you're saying, and it's not a problem my end for sure". Some of them were even trying to sell me VoIP products! Sure as hell wasn't going to touch them if they can't sort out their own problems!

VoIP is a good-sell. I'm not sure about the licensing of many things, the hotdesking licences for my Mitel system are stupendous for instance, and to put a simple Wifi-based VoIP wireless handset into my system costs more than my entire system cost in the first place (and I already have blanket wireless coverage, I was just looking to put in a roaming handset for myself).

But VoIP is the only way forward. We knew this ten years ago.

1
0
Lee D
Silver badge

Re: VOIPity VOIP VOIP

"What happens to your phones when your power goes out?"

You put UPS on anything critical. Your average 48-port PoE switch will stay up for a good hour off a run-of-the-mill UPS, and if you have high-end switches they can run off DC sources and even failover/redundant power.

Sure, analog phones do stay up but that's because BT put battery backups / external supplies into their cabinets for you. They are not guaranteed by any means and I imagine they've cut back a lot on them in the modern era. If you want redundant power, supply the system with redundant power. If you want backup power, supply the system with backup power. You're already paying BT to do so, you've just brought it in-house.

The cost savings alone allow you to do this for any serious deployment anyway. And precisely how much business are you going to do if your customers can ring you but you can't make a sale because all the PC's are down too anyway? Nowadays landlines staying up is only a business issue, not a life-critical issue - if you're going to lose business if the phones go down, ask BT what guarantees they will provide you on the external line (hint: few).

At least with VoIP you can move the whole outfit - with phone numbers, softphones, SIP connections, etc. to the other end of the country with one click.

"What about when you loose your PS in your VOIP switch?"

See above.

"When your IOS update for your media gateway goes south?"

You have redundant gateways for that business-critical system, no? And tell me what you'd do if your old phone system went south before?

"Or when a user sets their BYO phone to the gateway's IP?"

Your network switches kick in and deny it? But, hey, what's an unauthenticated user doing being able to tinker with IP settings and then plug in random devices anyway? And if they have, that's what disciplinary procedures and IT acceptable usage policies are for. What if they set their PC to be the main gateway IP? Same thing.

"There are also a lot of hidden yearly costs with licenses and the price differences from one tier to the next can be steep."

Agreed.

"Do you have a team of people always available to reset your users voice-mail pins?"

Did you have that on the alternative systems?

"If you out-source the install and setup, how much are they going to charge you to add one more phone later, for adding a new area-code rule, another telco trunk?"

How much would BT charge you? And adding a phone is more than just buying a phone anyway. You have network capacity to think about, licensing, setup, etc.

There are arguments for and against VoIP, but many of them are just a push from BT doing this stuff for you (or putting it in their exchanges/cabinets and charging you) to you handling it in-house. If you don't want to handle in-house, outsource to a remote softphone provider who'll worry about all this for you.

I work in schools and they are now almost exclusively VoIP. The cost of running all the old junk and the presence of network cabling and leased lines everywhere just means you're paying twice. Literally, in my last school we started with one phone and by the end of the year, we'd moved every extension but one (a confidence-inspiring analog line for 999 calls) to VoIP. Then we looked into SIP for outside connections as we had a leased line already.

The next school I worked in - same. Next-to-no VoIP when I arrived, almost exclusively VoIP now and once our leased line is installed, onto SIP. According to our telephony suppliers, that's a pretty normal path to follow nowadays. Sure, it's not "perfect" but the cost savings alone in not having to pay a guy for running a bit of cheap copper around the walls following the network cable that's already there anyway soon recoups that.

If you want independent systems, have them. But people still move to VoIP because the advantages are all there too. Personally, I'm about to buy a VoIP router for my house - when you consider that I need a new wireless router anyway, the VoIP feature is £50 on the price, I have it all wired, I don't have active BT lines in the house anywhere, but I do have networking everywhere, and I can set up the same in my girlfriend's family home abroad so we can have "free" calls to them, it's a no-brainer. Hell, I can already powerline-network out to the shed - just slap a £20 sip handset out there. It's cheaper and more reliable than DECT! And I don't have to buy some fabulous PBX to do things like put calls on hold, filter them, send them to other handsets, have multiple phone numbers and lines, etc.

4
0

Debian on track to prove binaries' origins

Lee D
Silver badge

Re: You also need to be able to trust the compiler...

And as the same guy - and others - have since described, diverse-double-compilations solves this by detecting any difference produced by the compiler itself.

https://www.schneier.com/blog/archives/2006/01/countering_trus.html

You just get to a point where you have a known-good hash for a compiler that compiles consistently every time, compliant to the word of its source code, detecting if you're even using such a "malicious" compiler.

From that point on, you just make sure you only use that compiler for the rest of the checks.

4
0

Expired router cache sends Google Cloud Engine TITSUP

Lee D
Silver badge

Re: Remind me again

http://uptime.is/99.95

They can be down for 4h a year, on average, and still claim that uptime.

If they play silly beggars about uptime not being 24/7 but usual business hours, or whatever, then it's even worse.

And, remember, that's only a target. They can't "guarantee" that worse won't happen, only that they (might) compensate you some pittance in proportion if it does.

0
0
Lee D
Silver badge

Re: Remind me again

Because local services NEVER go down...

Cloud isn't evil, as such, you just have to know what its limitations are, like everything else. The dependency on your whole work network of simple things like: The clocks being in sync, connectivity being absolute and not overloaded, power being up etc. are all present still. There are few businesses or even home users that can approach the uptime of something like Google Cloud given the number of services it runs for them.

Hell, I have to reset my home router about once a month and if it's out for five minutes at a time, that means in a year, I have an hour's downtime just doing that.

Cloud isn't evil, but neither is it the answer to everything.

Personally, I don't enjoy faffing trying to keep our Exchange server up and exposed to the world compared to my last workplace where we just had Google Mail for Domains. Sure, it can go down, but more likely WE went down as a workplace and that means we can at least check email on phones even with the connectivity and servers off.

It all depends what you want, how you want it, and what you're willing to pay for it. Personally, there's a lot of in-house stuff here and I'd like to keep most of it that way. But a few things, I'd gladly push to the cloud and let someone else worry about it en-masse.

And anyone who believes that ANYTHING is the complete answer on its own is an idiot. Sorry.

9
0

Horrors of murky TrueCrypt to be probed once more

Lee D
Silver badge

TrueCrypt never supported UEFI either. That's the point - rather than reinvent the wheel, if we can add GPT and UEFI to TrueCrypt (which is no small feat), we're more likely to get a working, compatible, secure system than if we rip everything out and restart it from the ground up.

Truecrypt was great - it just needs to be brought into the 21st Century a bit, that's all, and then it will be fabulous.

By comparison, doesn't Bitlocker still encourage you to upload your keys to OneDrive?

4
0

Did NSA, GCHQ steal the secret key in YOUR phone SIM? It's LIKELY

Lee D
Silver badge

Re: If Apple wants to really piss off the feds

Pretty sure I would trust Apple much less than I would trust GCHQ.

And I don't trust GCHQ at all. I mean... they're spies. It's kind of their job. It'd be like trusting James Bond with your secret plan. He's BOUND to act upon it even if he sleeps with you and promises not to tell anyone. (sob).

10
0

Lenovo shipped lappies with man-in-the-middle ad/mal/bloatware

Lee D
Silver badge

Re: Secure boot?

Secure Boot makes sure that you boot securely into the OS you intended.

It has no effect, design or control over what the OS chooses to do. In the same way that you can login as an admin and delete critical registry entries, you can login as the system OEM installation user and install bloatware and junk.

There is no, and never has been, way to stop that in Windows. Windows does not verify that you, the physical user, want to install that Lenovo junk in the same way that it doesn't verify that you, the physical user, want to choose Chrome as your default browser or change the desktop background.

It's ridiculous to suggest so.

To install ANYTHING on Windows or Linux which runs in the way of necessary drivers, you need to be able to slipstream things into the initial install which can be run as an administrator. It's game over. What broke these system was not Windows, or Secure Boot, failures, but having Lenovo install - as an administrator user - malware before it got to you. Whether that was in an automated (slipstream install) or manual (log in as the initial admin user) fashion, there's NOTHING that can stop that but Lenovo not doing it.

The alternative is that MS has to certify and pre-install not only every driver that could possibly work on their system, but every application as well. That's not what you want, I assure you. Want to install that freeware that you downloaded off the net to fix a problem? Sorry, not signed by Microsoft and therefore not in the MS trust chain. You want to put it into the trust chain manually yourself? Lenovo could have done that exact same thing and you'd never have known more than this showed itself.

Secure Boot just ensures that you boot into a valid, authorised bootloader of your choice. At all points past that, you're on your own. Even the OS isn't necessarily dictated - hence why Linux can still boot on Secure Boot systems with (I believe) a Fedora/Microsoft-signed bootloader. Past that point is not the domain of Secure Boot in any way, shape or form, but the OS. And the OS will allow a user with administrative rights (whether inserted as a slipstreamed instruction via unattend.xml or similar or just by virtue of being the first user created during setup) to do whatever they want. This is no different on Windows, Linux, or anything else.

The second you break that, you break every SCCM system in existence. And I'll be damned if I'm going to get MS to "sign-off" on my custom install of Windows that I deploy to several hundred machines every time I change it.

4
0
Lee D
Silver badge

Just one* of the reasons that I image over or reinstall a PC on purchase, business or personal.

But, seriously, how much can Lenovo have earned back from that to justify screwing their customers over? If someone is paying hundreds for your laptops, and then you're screwing over their privacy and security for a handful of pence (after commission), it really shows where your priorities lie.

Don't "get an update" or "review the situation", stop doing business with them and stop bundling that junk at all.

(*) Other reasons include: I don't know who touched it before it got to me, I don't know what other junk is bundled to pop up when I plug a camera or printer in, I want to prove to myself that it CAN be reinstalled from scratch with all the drivers using only the discs given before data goes on it and before it goes out of warranty, etc. and the amount of junk I see bundled on "new" PC's that slow them to a crawl is unbelievable. Just cleaned a PC from the Vista era as a favour and it was STILL popping up things from Fujitsu etc. about restore processes, driver disks, special offers, spyware junk, printer drivers, you name it that HAD COME WITH THE MACHINE ON PURCHASE.

Also, I once found out that brand-new purchased laptops would not work with full disk encryption because of a dodgy BIOS by testing this. Encryption would work, everything would be hunky-dory, but reboot and the BIOS refuses to boot from anything that did not have a zero in a certain hex offset of the hard disk (which corresponded to a zeroed field in an NTFS header). As such, anything non-Windows you ever tried, or any sort of disk encryption, and it rendered the machine unbootable. Actually forced the manufacturer to obtain and issue an updated BIOS for that model, because we'd purchased many of the same model, I'd noticed immediately, had a reproducible test case (involving writing a non-zero to a point on the hard disk), they'd said it was compatible, I work somewhere with a legal requirement to encrypt mobile devices, and they were about to lose the sale because of it.

It's quite possible I'd only have found out about that months or years down the road if I wasn't needing to use and encrypt those computers immediately.

2
0

Samsung's spying smart TVs don't encrypt voice recordings sent over the internet – new claim

Lee D
Silver badge

Re: Dumb, dumb, dumb

I don't get why a TV needs to be smart. My Samsung TV is deliberately dumb - purchased in the height of the flat-screen/smart TV fad to go on the wall of my new house at the time, I fought to get a dumb TV without all the junk.

In fact, half of the dumb features, I don't even use. Give me a TV with power, ten HDMI sockets and a remote to switch between them and change the volume and that's me done on the display front. I just don't need anything else in a TV.

What I connect it TO is another matter, and at least that gives me a choice of devices, and I can pick a suitably dumb device at will. As such, I have connected to my TV:

- a DVB-S box that has no network connection

- a Blu-Ray/DVD player that has no network connection (I'm told some of my Blu-Ray can go online, update, show content from the web etc... why the hell would I want that?)

- a cable box that has a network connection but only because you can't do cable without it (red-button, etc.) and it's part of the cable installation (it gets iPlayer, VoD, etc. over the coaxial cable with an in-built cable modem so I can't really stop that).

- I have a Freeview box but the TV has Freeview built-in and I've never watched either, so I don't bother with the box.

- A Wii that has no network connection.

- A spare HDMI lead to connect a laptop or whatever device a guest might bring.

- A dumb, £5 HDMI switch to connect all of the above as I power a new device up.

None of them can do anything other than what's required for their job, and all of them are replaceable in a heart-beat if I suspect foul play. And many of their functionalities are duplicated among the devices - I can supposedly do iPlayer, YouTube, Skype etc. on the DVD player, the cable box, the Wii and the laptop. So I'm sure I can use the one that's most convenient and least privacy-destroying if I ever wanted to do that (iPlayer, possibly, but YouTube or Skype? Skype on a TV must be like having a conference call while your family are trying to have dinner).

The TV should be dumb. Put the smarts into your content devices, if that's what's required, and keep the TV dumb. There's no need for it, and it can - as demonstrated here - cause problems.

The TV is JUST a display device. The Blu-Ray player JUST takes a disc and outputs the video and audio. I call it the UNIX philosophy, as applied to my home appliances. One thing does one job, and does that job well.

0
0
Lee D
Silver badge

Re: Only Samsung?

I'd be quite impressed if my Samsung TV was doing that. It's not plugged into the network. Not that that would stop COLLECTION, but certainly DISTRIBUTION of my private information.

There is a reason my systems have mics on mute, not connected unless they need to be, voice recognition is switched off wherever I go, etc.

The question really is: How long before some police force subpoena's Samsung for what suspected criminal X might have said in front of their TV?

You know when you all loved Siri, and "OK Google", etc.? Yeah, I was cringing even then. I'm by no means a conspiracy theorist, but just a computer scientist grounded in reality - if you give an app permission to record voice and transmit to the cloud, then you're giving it permission to record your voice and transmit to the cloud. Sure, it's "only so it can translate while I'm abroad" or whatever. But I bet you don't turn it off, revoke permissions or uninstall once you're done with that single legitimate use.

Least privilege principle, people. And your TV really doesn't need the capability to record the sounds of your living room 24/7 and upload them live to a cloud provider.

5
0

Canuck Bitcoin exchange gives up after security SNAFU

Lee D
Silver badge

The insecurity isn't in the design of Bitcoin. It's people passing their Bitcoin to a third-party wallet which holds it in trust and provides equivalent currency in, say, dollars or Euros. It's like giving your cash to a bank without a vault or security on the doors. The cash works just fine (or else the criminals wouldn't want it)... but if you're giving it to third-parties to hold who are unable to secure it and unable to have sufficient funds or insurance available to cover any potential loss, that's a risk.

Your own Bitcoin wallet, that's forever and secure for as long as you keep it secure. Putting those coins into a foreign wallet is an act of trust in that third party and numerous incidents have proven this to be quite a bad idea.

The places hosting these exchanges aren't secure, aren't audited properly, don't have intrusion detection, prevention, insurance against those kinds of intrusions (which would almost certainly demand security procedures and audits as a condition of insurance), etc. Banks are legally required to do that, and hold a certain amount of funds in trust in case of problems, and all sorts of other regulations. BitCoin exchanges don't, maybe the cash-side of their businesses but their BitCoin sides don't.

And that's the problem. Bitcoin are valuable, but the risk is in the exchange for other things of value. As soon as you try to cash them out, you are in the hands of a third-party who has to take your Bitcoin and give you something tangible or cash in return.

3
0

Vodafone didn't have a £6bn tax bill. Sort yourselves out, Lefties

Lee D
Silver badge

Have said all along: If they are doing nothing "wrong" in the eyes of the law, HMRC, etc. then it means that the taxation system is broken, not the companies.

You can't rely on companies to do the "moral thing". That's not in their remit. They have a legally prescribed duty to their shareholders only. If their shareholders would rather have more more from shares than more customers from doing the "moral right", that's what happens. Hate it as much as you like, that's what things say. Go set up a company and you'll see that.

As such, if we can't rely on companies to pay tax out of morality, you have to have laws that make them pay tax out of legal compliance. If the laws don't say that, or aren't enforced, then that's the bigger problem. We can't even MAKE them pay this tax, in a court of law.

So the companies involved are doing what's in their shareholder's best interests (there's a kind-of argument about the moral high ground being better for business, but that doesn't necessarily hold and isn't so obvious or clear-cut as to bind their hands), they aren't breaking the law, and they're still paying no taxes on a multi-million pound income.

That's the problem - that it's possible, without breaking the law, to do so. That stinks of a taxation system so full of holes that you're losing tax hand over fist and there's nothing you can do about it except change the taxation system. And that takes years precisely because a lot of these kinds of companies will flee or become unprofitable in those circumstances and that greatly affects political support (which, let's be honest, is purchased these days - one way or another - either through loss of business, loss of jobs, or just sheer back-handers).

Starbacks et al found a loophole which they are able to exploit without comeback from the legal authorities. That's what needs to be fixed. Punishing Starbacks etc. specifically doesn't solve the problem, doesn't stop the untold number of other companies that aren't as famous doing the exact same thing, doesn't get your tax back. Changing the taxation law... does.

It's like never watching TV live and then people saying that you're not paying your fair share of the TV Licence. You aren't obliged to. You never have been able to. You COULD be made to, but that would involve a change in the law. You are doing nothing "wrong" in the eyes of the law, even if you are freeloading at other's expense. But you don't get dragged through the world's press for doing that.

I think Starbucks et al probably shouldn't have this kind of arrangement. I don't think they should be able to have millions of pounds of INCOME (profit or not) from UK customers and not pay at least a single-digit percentage of tax on it every year to the UK taxation system. But that's not what the law says in this case. So although they can be dragged over the coals of the media and get a bad image, nobody can force them to pay that "missing" tax because it's simply not due.

And that, my friends, is because of over-paid politicians of every party crafting tax laws that can be taken advantage of (deliberately or accidentally). Who should be paying the missing billions? Those guys.

1
0

Win! Classic El Reg tees, plus something special for the weekend

This post has been deleted by a moderator

Are you ready to ditch the switchboard and move to IP telephony?

Lee D
Silver badge

Re: My personal opinion...

Power loss - stick a UPS on, but otherwise - yes, a problem.

But Internet loss? Anyone with a large enough phone deployment will have a leased line. Chances are that your leased line has greater guarantees than any analogue or ISDN that you can get hold on.

I work in schools - they are, almost without exception, going VoIP internally and moving to SIP for the external calls. You can also include it in disaster recovery plans - school burned to the ground? We can set up a new school inside another site and just get an IP connection and we're back in business on the same phone numbers - taking parents calls and organising whatever is required.

IP phones are so much simpler to manage, deploy, update, expand, etc. that analogue and digital tend not to get a look-in once they're deployed. You can pay some guy to extend some manky old copper out to the new outbuildings, or you can just use the data cable you had to put there anyway. Worst that happens is that you have to VLAN it off and that's a one-off (though I have worked in many schools where voice and data share the switches quite happily, too).

Need more phones? Buy them, slap in the licence (hate it, but that's the cost of those kinds of systems), assign the number, done. Need to change your call carrier? Users don't even notice. Need to move everything off-site? Done. Need to integrate with old lines? No problem. Need users to be able to dial in via softphone? Already in place.

There's not much that old phones have over VoIP, and you can do it completely piecemeal so it's even better. However, I spent a long-time trying to find affordable cordless IP phones that use normal wireless with our manufacturer (Mitel) - they claim to sell them but can't get hold of them for love nor money. At other places I've worked, Cisco wireless phones like that are throughout the site. People forget they rely on the IP network.

If you're going to kit out a fresh building, do one deployment - Cat6. Put your phones on it, even if you have to PoE-inject them individually. Then move to PoE switches. Then put your wireless on PoE. Then put your phones on PoE and even on the wireless too. Then make sure the single system is battery-backed enough for an emergency (which isn't that hard or expensive for the PoE power range for an hour or more). Going to out-last that and need to stay up? Move it off-site without a single customer / member of staff ever knowing.

Sorry, but old-fashioned phones are dead. The only place I see them is the one in the IT Offices "just in case".

5
2

Your hard drives were RIDDLED with NSA SPYWARE for YEARS

Lee D
Silver badge

Re: Wait

Sure, so we should all give up and just email our passwords to the NSA / GCHQ, then?

No. Sorry. If the hard drive could be malware, then basic system security and encryption would have prevented it BEFORE we even knew about this attack. So enforce security or stop using hard drives. Same all the way to the metal in every case. Hell, you can use another motherboard/processor, but access to that kind of size of data storage isn't something that's available in every electronics hobbyist shed so you may be forced into using them.

However, biggest thing would probably be - WATCH YOUR CONNECTIONS, because the only sensible way to control these things and have them talk back is to be on the net. And if someone is implanting Win32 malware into drive firmware, then you need to start watching what's going on in your supply chain - particularly because it means you're putting bog-standard Windows machines in areas that you shouldn't be.

This is not "you can stop everyone getting in, ever", it's basic security. I'm sorry but it's embarrassing for you if your nuclear power plant is running on general purpose x86 hardware that loads from SATA and doesn't bother to check integrity of bootloaders, it really is. And it's laughable that NSA etc. are bothering to attack such open machines in so blatant - and recordable - a fashion.

Secure your important stuff as if... well as if were important that others didn't get into it.

0
0
Lee D
Silver badge

Re: Wait

Likely it doesn't "force" anything. It probably intercepts calls to well-known Windows boot files and replaces them with it's own version. Might be behind a blue-screen or two but then you'd realise when you bin the drive it fixes itself (however, by then, the malware is likely inside your core Windows images and backups).

But, yes, you have to start somewhere - you can't make a any-platform malware that'll work for everything, so you likely just write for your most likely target.

More importantly, this will stop source-code access to such things and/or stop foreign entities trusting anything made in the US. And likely they aren't the first. There's never been anything stopping a hard disk firmware literally KNOWING when you are accessing, say, the Windows boot process files and slipping in its own data. It could even interpret the NTFS, check filenames, boot sectors, etc. on-the-fly.

Except... surely... if you're encrypting everything that goes to disk, even the OS (which is the only secure way to encrypt)... this is useless? The hard disk won't be party to the key (because the read sectors will be encrypted data or an encrypted key which is only unlocked in RAM by the user's entered key?), and will never spot that the data going through it is ripe for insertion, nor have the ability to do so undetected.

The only chance to infect is initial boot and, well, wouldn't TPM and/or privately signed bootloaders stop that in its tracks? Again, anyone SERIOUS about not wanting the NSA et al inside their machine (e.g. Iranian nuclear plants, Chinese military, etc.) could probably just encrypt and enforce basic security and they're done?

Sorry, but these are attacks against bog-standard mainstream PC's with no security. Anyone with a brain shouldn't be storing anything of interest in there.

5
0

Windows 10 to give passwords the finger and dangle dongles

Lee D
Silver badge

The fingerprint is your username, not the password.

You can tell everyone on the Internet your username if you like (most forums do), but that does not provide them access. The fingerprint is "this is who I am", and the password is "this is the secret to prove it". Anyone selling anything else DOES NOT UNDERSTAND biometrics. You cannot have a secret fingerprint any more than you can have a public password.

And fingerprints aren't unique*, because they aren't static, because they can be modified by simple actions, because they can actually be virtually identical from the start, and because of the reader sampling problem you describe, and thus can produce "flux" enough between two individuals that they are impossible to tell apart by fingerprint alone. Court cases rest not on "you are unique" but "you fit the pattern that only 1 in so-many people would have and you were also confirmed to be nearby".

[[ (*) Fingerprint uniqueness rests in the "every snowflake is different" area. Because there are a number of random variations, almost every fingerprint will differ from another. But because there are such a huge number of variations, uniqueness isn't guaranteed, merely suggested. And your own fingerprints are different on different fingers. It's this "pattern" that gives the random chance of someone leaving the same fingerprints - in the same order - at the crime scene billions-to-one odds. But there's no guarantee of uniqueness, and in terms of authentication they suck because you don't know if you're sampling the unique bits or not. ]]

The other problem is how easy it is to fake - there's no point them being "unique" if I can make a copy in ten seconds. The last fingerprint reader I used was a tiny 100dpi scanner with a rubberised surface. The surface was supposed to "splay out" your fingerprint, and the scanner merely scanned as any ordinary scanner does (they are mostly webcams etc. now). I got some Linux software and proved it by scanning in a document with it in 1 inch strips. Literally, printing the output of scanning my thumb and then putting it in front of the reader was enough to validate me forever after with a piece of paper. Similar tricks have been used on almost any amount of security measures since put in place in your average fingerprint reader. This is why banks, for example, DO NOT USE fingerprints on your credit cards, etc. They may be daft, but they're not stupid.

Something you have (fingers!), something you know. Otherwise it's not security, it's just convenience of not having to type in your username.

24
0

FOCUS! 7680 x 4320 notebook and fondleslab screens are coming

Lee D
Silver badge

Re: An 8K fondleslab?

Very, very, very tiny writing that you have to then zoom back to bigger sizes in order to be able to read.

11
3

Linux kernel set to get live patching in release 3.20

Lee D
Silver badge

@Anon Re: Useless...

"Windows stops IIS for every .Net update for each version"

And Apache stops every time you update in-built PHP modules. This isn't really much of a problem, the problem is that a simple .NET patch is often 200Mb of MSI's that trawl through all your .NET assemblies before they'll do anything, then change a handful of files, while writing at 30MB/s for 10-15 minutes sometimes (note: Actual figures in front of me as I update a server!)

And Linux updates to Apache DO stop Apache. They have to, or you'll still be running the old version - even if the underlying files are (sometimes) updateable without having to stop Apache to update them. Until you restart the service, you'll still be on the old version. Same for SSH, email servers, etc. on Linux. This isn't an argument.

As far as I can tell, Linux updates are done in series too. Otherwise dependencies are a nightmare to resolve properly. However, application updates do not require a reboot, that's the advantage. And a fresh Linux install from the stable ISO can easily take an hour or more to update to the latest version and slipstreaming isn't something that the average Linux sysadmin would do (though it may be easier to do so, I don't know).

5
0
Lee D
Silver badge

Re: Useless...

If you genuinely believe that anyone with brains ever claimed that Linux never needed a reboot, you're really as bad as the people who claimed it. Every kernel update, unless you wanted to use the early kernel trampoline patches or these patch's predecessor, required a reboot.

However, that said, how many reboots are needed to do simple things like patch office suites, do the initial install, etc? I'd say "less", not none. Windows reboots, is it three times? on every deployment of it that I push out to my network. It seems to be unavoidable after sysprepping. But I can roll out a Linux deployment with a single reboot (i.e. the one to get into Linux from whatever deployment tool I've used).

And now how many reboots do Linux installs need if we have official live patching - something that MS just doesn't offer in their software? That's the point.

Nobody sensible has ever claimed that you don't need to reboot Linux. But it's been disgustingly easy to get 400+ day uptime for years, long before the MS offerings stabilised, if you're that way inclined (Why would you do that? It means 400 days of no kernel update!). However, now, even a kernel update doesn't necessitate a reboot.

However you argue it, I have a few dozen more updates today as part of Microsoft patch Tuesday, which is going to necessitate rebooting every computer, including servers, on-site at least once. However, the VM's I have of Linux-based stuff only reboot when I decide they need a kernel update at the moment, which because they are internal, non-critical and non-privileged, is rare.

15
4

UK boffins DOUBLE distance of fiber data: London to New York WITHOUT a repeater

Lee D
Silver badge

Re: Testing

When you buy fibre, does it come as an 80km long parcel?

No, it comes wrapped up in a coil.

Put coil on floor. Grab both ends. Plug into your equipment half-inch away from each other. Voila! Test circuit.

Hence why a lot of these kinds of things don't work (or are severely reduced) once they are deployed in the real world.

That said, it's an interesting technique and if you think of the amount of SFP in the average business, getting the same speed over twice the distance may eventually equate to twice the speed over the same distance. This is the sort of stuff that ends up being in 100Gb protocols and you never know about it.

3
1

Turing notes found warming Bletchley Park's leaky ceilings

Lee D
Silver badge

Re: Don't go to see The Imitation Game...

Queen Victoria would say the same thing of Mrs Brown.

George VI would say the same thing of The King's Speech.

Tolkien would say the same thing of Lord of The Rings.

Hell, the Mary Poppins author HATES the movie.

It's a movie. It will not be accurate. Ever.

However, it's a great blast for this Turing fan to be in a "Turing-like" historical environment for a couple of hours. And, hell, it's not bad enough to condemn it by any means. I mean, sure, I'd kick Keira Knightley into shape a bit for her performance but other than that, the bits I'd want to add/remove/change would just turn the film into a documentary (and a boring one at that).

(P.S. Studied Computer Science and Mathematics at university, with particular emphasis on Coding Theory, etc. and work in the industry created by those people... I'd be the first to lump onto it if it was actually U-571 bad, as opposed to just a Hollywoodisation).

5
0
Lee D
Silver badge

16 Comments

And nobody has spotted that the wiki link is broken (extra "z" on the end)?

2
0

RM has been schooled: Sales fell by over £69m in fiscal 2014

Lee D
Silver badge

Re: Sassoon Font

Font licences are no different to anything else.

Just because you can download it for free doesn't mean it's licensed.

0
0
Lee D
Silver badge

Re: Hardly surprising

I've spent a good portion of my career as an independent IT guy (I hate the word consultant) going into schools, removing the RM-specific stuff and giving them a group-policy equivalent that's easier to manage and MUCH cheaper. The dirty sods even do things like license a particular font that they put into butchered-versions of MS Word (that talk to you and all sorts of stuff) so when you move on, you either have to pay a fortune for a licence for the font or change all your old documents (and, sorry, but the font is horrid - but teachers love it for reasons I cannot fathom).

CC4 was the death-knell for me. I spent more time pulling schools from it than I ever spent managing it and the timing coincided with me going to full-time stable work in the same sector. I once took down an ENTIRE school network, clients and servers, by deploying an "CC4 package" (a msi with particular paths for particular things) with a space in the filename. I kid you not. No warnings, nothing. They updated the software to stop that happening eventually but that just shouldn't even be possible.

I went full-time for a school that I'd helped abandon RM (first formatting the RM kit and servers to re-use them as proper plain Windows - the speed up was so immense it was embarassing, and zero lost functionality - and then to new / extra servers clients with the money saved over the course of the year, even with my wages). From there, I moved further through primary, secondary, state and independent and ended up where I am now - in a school that stated in interview that they hated RM and would never touch their stuff again. Not the first school I'd heard that, by a long shot.

That RM was losing money on that hardware - well, that was just schools waking up to the fact that they were selling cheap junk for overbloated prices. The official RM support stories I have could turn your mind to jelly. They knew the capacitors suffered rot on a particular model of motherboard. Their solution? Issue you with a network card (the first thing to blow was the on-board networking). When the problem crept to the USB, they gave you a USB PCI card. Then a PCI graphics card. And only THEN did they tell you to scrap the machine because the caps were going to blow the machine up. Their engineers knew the sequence off by heart, they'd dealt with it so much on that model and would have the next card ready for you. Rather than REPLACE the damn motherboard.

Their software and online services are their only saving grace (didn't they buy Ranger years ago?), but even there they're being pushed out of the market. The one piece of software of theirs that I love (as a mathematician) is RM Maths. As an IT guy, I hate it.

I also have had PC's shipped direct from RM with no motherboard jumpers (just beep-beep-beep on turn-on, and not even rattling around inside the case, literally not present at all). One school had sent back three PC's repeatedly over the course of a year and still weren't working. On a pseudo-interview to work for them, I spotted them and asked about them. They have been verifiably back to RM several times for "repair" and each time came back broken. I asked if I could take a look. Turned it on. "CMOS Checksum Error". I kid you not. Sent one of the teachers to the local shop for a pack of CR2025's, those three PC's worked flawlessly (as possible for RM stuff) for four years. I literally got offered the job on the spot.

Let's not even mention the Borough-lock-in that they negotiate so that entire swathes of schools are told they can ONLY be supported on RM equipment and nothing else. Didn't stop me making a career from taking on those schools not willing to play ball with such monopolisation, in fact it just made me more popular.

But RM? Total shower.

(Offtopic: I was talking to a guy the other day who designed the RM Nimbus and, as part of that, the M in the RM logo. Interesting guy, but even he was so disillusioned with RM that he mocked them even though they had paid his pension long ago and he is now making a nice career selling 3D printers to schools and lecturing at a university while the RM pension keeps him in funny hats).

7
0

Wheeee! BT preps for FIVE HUNDRED MEGABIT broadband trial

Lee D
Silver badge

I work for a school.

BT took nearly TWO YEARS to get a leased line to us. They were blocked from completion after we cancelled the contract because they said there was a 20th delay because "there's not enough room in the duct" followed by "there's not enough room at the exchange". You'd have thought someone might notice in two years that you had no room, eh?

We cancelled because, despite wonderful promises, prices and speeds, we never actually managed to get the line into the building.

Now I have the opposite problem. We went with Virgin for their leased line, and they are chewing at the bit trying to get the install finished while the local county council "umms and arrs" about the plan that they've already said they approve of and won't block.

In the meantime, I'm running a school for 400 kids on a VDSL line with ADSL backup which BT promise me can get "45Mbps" and "20Mbps" at best, respectively. Funny. Because my Smoothwall says we've never pushed more than 10Mbps for a fraction of a second and the average over the working day - with 500 users and 600 devices - is somewhere around 4MBps down and 1MBps up..

BT can make all the "maximum" speed promises they want. If you can't get it installed, or the actual download is so much less than the maximum, it's pointless. Absolutely pointless.

Ironically, I get 32Mbps download on 4G when sitting in the IT Office. If only 4G didn't have such pathetic data allowances.

3
1

Microsoft Outlook comes to Android, iOS: MS email now a bit less painful on mobile

Lee D
Silver badge

No thanks.

In all those years it took you to get here, there's been a whole raft of products that do the same, and they wanted my money, gave me the features, "just work" and have done for years (decades) in some cases.

Exchange accounts are pretty standard on all Android phones and if you want deep integration then things like Touchdown, etc. only cost a few quid. Everything else, well, if you can't do IMAP and SMTP with your email, it's not really an email account.

I can't imagine many people CHOOSE Outlook because its workflow is so much better than all the competition. They choose it because their workplace is Exchange and they want to integrate with it. I've survived all my IT career without Outlook on my desktop, yet I still have every email I've ever sent or received, and I can schedule things on calendars, answer votes, attend meetings, etc. alongside everything else on any platform, at any time.

The time to open this sort of thing up and start providing Office, Outlook, IE (yuck!), etc. on other platforms was about the time you got sued for anti-competitive behaviour in the EU. But at the time, you were too busy turning off my Hotmail so I couldn't collect it with POP3 any more and stuff like that.

4
0

How's this for customer service: Comcast calls bloke an A**HOLE – and even puts it in print

Lee D
Silver badge

Retention agents? I don't even talk to them.

My favourite phrase "I just have to ask you these questions, sir, before I can do X".

No. You don't. You just don't want me to say no without getting bored of your rhetoric first. At that point of the phone call, I generally just say "Sorry, no, no, no, no, no, not interested. You know who I am, you know what I'm requesting, I consider this conversation over, this is your notification of termination."

And there's a reason that I record my calls of complaint, and keep all letters of any import for a long time. Last year I had a car insurance company cancel my car insurance (retroactively, according to the postmark!) for non-payment when they never had any record of attempting to take payment whatsoever. They claimed there was a warning letter, but couldn't produce copies. They claimed they sent it out on X date. But a letter dated 2 days later was the only letter I ever received and it quite clearly stated that "No further payment is necessary" at that point and had no mention of any sort of cancellation. They then claimed the bank had refused the charge, which was news to my bank.

They eventually threatened court. I offered to initiate the action for them. After much back and forth where every claim in their letters was refuted with cast-iron physical proof in the letters I'd been given (many of which they had no copies of!) and an offer of a copy of the recordings I had where the woman on the phone TOLD me all these things and said it was a mistake, they offered me £50 "compensation". Given that they'd cost me much more than that already, I told them I'd be using it to initiate a small claims court case. Eventually got them moving when they realised that the court would quite literally tear them to pieces for not having any of the documentation that *I* had, and having their customer service reps admit that.

Luckily, by the time their investigation was completed (where they realised they had no copies of the letters I had been sent), it was many months later but I still had all the letters since the previous year. So I was able to refute every claim with their own paperwork. I kept hold of the postmarked envelope, even, in one case.

Sorry, but some companies you just can't trust and you won't know that until you try to complain or cancel. Invest in a device that can record phone calls with one press. And keep your old bills etc. for a year or so. It doesn't hurt at all, and it can make this sort of stuff go away.

"I've been put through to you, a company representative, after proving who I am, and now I'm telling you that I'm cancelling." That's it. That's the notification you need. If you want, I'll put it in writing instead and give you even less chance of backing out. That's the end of the matter. This WAS your notification. Goodbye.

66
0

Opera Jon weaves a brand new browser

Lee D
Silver badge

Re: Tab handling makes it almost unusable

The old Opera "what's the next tab" choice is in there.

The Ctrl-Click trick works (but middle-click used to do the same thing in Opera and I find that easier - will have to check their hotkey preferences and see if I can make it do that).

0
0
Lee D
Silver badge

Re: no 32-bit download? :(

How old is your computer to not support 64-bit? The CPU's have been around since 2003 in the x86 world, the last two three Microsoft OS have had 64-bit versions (and so did XP but it was poorly supported), the last server OS is 64-bit ONLY, etc.

I get that you might have a 32-bit OS legacy that you're carrying forward, but the underlying hardware should support 64-bit on anything that's still viable to use on the modern web.

And I don't think it'll be long before a 32-bit version appears but, really, you might consider it a first shot at moving to 64-bit systems. Hell, 4Gb RAM is my minimum spec nowadays, and I work in schools who don't need anything past Word and a browser for the majority of the time.

0
2
Lee D
Silver badge

There's not a wealth of options in it at the moment, but Ctrl-T tabs open on top of older tabs.

You can also change tab-cycle order for when you're keyboard navigating to be tab-order or recently-used order (which is INVALUABLE and one of the best bits of old Opera).

He's obviously aiming for a proper Opera clone on a Chromium rendering engine, and the tech preview shows that. There's Windows, Linux, Mac versions available and it allows import of a lot of data from Opera and other browsers (including Opera Notes, passwords, etc.). And it's fast at rendering.

I will continue to try it out, because just the tech demo is impressive enough to a Opera 12.x user that's been hanging on for dear life. Haven't yet found a site it can't render (Acid 3 test is 100/100) but I expect that if they are using other's rendering engines. Opera's rendered used to be the selling point for many years, but now it's actually replaceable and it's the options / setup / configuration that matters and they appear to be working heavily in the Opera direction (e.g. side-panels, etc. are almost the same).

Only thing that's annoying - the window colour changes with the CSS in the tab you have open. I don't WANT a yellow tab bar when I'm viewing some garish site. But I'm sure they'll sort that out or "option it" soon.

1
0
Lee D
Silver badge

Sold.

Jon, I'll pay what you were charging for the old Opera browsers of yore for it.

So long as it is as promised - customisable, practical to browse the modern web with AND has the email client built-in.

I've been waiting for the open-source Opera clone to take off, and it's not there yet.

People who don't use Opera don't understand Opera and it's power. You could do ALL the things that they've been plugging in add-ins to do for the last few years MANY years ago, as part of the standard browser. Just because normal users didn't know of, or use them, doesn't mean they aren't valuable to the people who do.

Honestly, will gladly pay if it's as advertised, which is pretty much where Opera began many years ago.

15
0

'Linus Torvalds is UNFIT for the WORKPLACE!' And you've given the world what, exactly?

Lee D
Silver badge

Re: How bad is Torvalds?

Please hand back all your TomToms and other satnav devices.

All your CCTV DVR's.

Most of your wireless ADSL routers, etc.

Anything with Android written on it anywhere, smartphone or tablet - currently outselling Windows phones by ENORMOUS ratios and even iPhones but people don't like you knowing that.

Most of the in-house networking gear in your workplace that's not purely switching stuff (e.g. Smoothwall boxes, content filters, WatchGuard firewalls, etc.)

All your Raspberry Pi's.

Most of the world's webservers, cloud servers, etc.

Almost all your "smart" devices like GPS trackers, fitness watches, ANPR, etc.

You don't want Linux on your desktop? Fine, but vast amounts of the world collapse without it, and it's actually running your ISP, almost certainly running your webhost, etc. Sure, there are alternatives that you could use instead but that's hardly the point.

This is like saying that Rayleigh have cornered the push-bike market, but Rolls Royce are a disaster because despite being in (and world leaders of) the automobile market, the aircraft market, the shipping market, generator markets, etc. they don't have a Rolls Royce bike that's as popular as Rayleigh.

8
7

Eurovision tellybods: Yes, you heard right – net neutrality

Lee D
Silver badge

"Quick, there's something in it for us now, let's stop being against it for a microsecond until we get our way, then we can forget all about it forever after."

You weren't interested five years ago, then it means that - on balance - you probably won't be interested in five more years.

Project Kangaroo died, you can't force people to pay for your channels individually online, the ISP's won't let you provide your own bias to their content provisions, large content providers like Netflix mean you're either "in" or "out", so you come out for net neutrality now to make sure none of your rivals can do the above successfully after your failed attempts. And then when one of them does anyway, you'll all be vying for your own version of lock-in and bias because THEN you'll be able to get away with it.

It's pretty simple. I don't care who you are. I don't care how you want to sell your stuff. If you have content that's interesting, I want to pick it up wherever I am, whatever I'm doing, whatever device I'm using, whatever ISP I happen to be on, whatever mate's house I'm around. Understand that and you find the value is in your content, not what platform you appear "exclusively" on, or what ISP will agree to bump up your speeds just because you pay them more. What matters is your content, not what bandwagon happens to be heading your way at the moment.

The last ten years should have shown you this. 4od basically give all their content, even historical, away online for nothing. BBC iPlayer only has a time/region restriction because of the way the corporation is forced to operate and that gets recorded/proxied to death even so. Netflix et al are making a viable business just providing your content in a sensible online format. And now places like Amazon are muscling into PRODUCTION, not just distribution.

But some of you fought it all the way to make it as difficult as possible to get your content in reasonable formats and reasonable ways. And now suddenly you want pan-Europe rules to make sure none of your competitors can best you? Maybe if you'd been listening and properly competing on what matters in the first place, they'd be USING THOSE RULES against you instead now.

I don't care who you are. Provide the content I want, for a fair price, without any restrictions (or pseudo-restrictions by giving "advantage" to others). And provide it everywhere - satellite, terrestrial, cable, online, etc. all at the same time.

Sell me content. Just content. Because I'm not interested in "your" preferred ISP, etc. I use Internet companies for my ISP and I use content companies to watch on TV. I use TV companies to sell me a TV in the first place, too. Stick to what your business is supposed to be, and there won't *be* any issues. Try to make your content exclusive or your competitors be at a disadvantage and your lose my content revenue AND I'll change ISP to one that doesn't bias itself. It's not hard.

2
0

Alan Turing's LOST NOTEBOOK goes under the hammer

Lee D
Silver badge

Re: Glad to see Turing had problems with notation!

Notation is everything but one notation for everything isn't the best idea. The idea of notation is that in some cases it's better and in others it's worse but merely CHANGING the notation you use between the two instantly makes a certain class of problems easier.

Think about chess games. You notate in classic co-ordinate systems, but that's no good if you want to record the board position itself (as you have to replay all the moves). So we have Forsyth notation to note the board position. But even in game-record notations, sometimes it's easier and more sensible to talk about particular ranks and to do so from the viewpoint of each player, hence we get into descriptive notation, but for beginners they probably are more comfortable with algebraic, both of which are really just a simplification of much more long-winded notation which notates every square moved from even when it's unnecessary.

But computers have their own notation for games, and there's even odd things like chess notations that side-stepped censorship on coded messages sent through the post office during certain wars, etc.

A different notation of EXACTLY the same problem can make it trivial to solve. But no one notation can do that for ALL problems. This is true of all mathematics, where merely using the notation of a different branch of mathematics to describe the same problem can provide links that nobody ever thought of between the two and make solving complex problems trivial. This is pretty much where a lot of the "universal theory" mathematics is heading towards at the moment, for instance.

1
0
Lee D
Silver badge

Re: "The Imitation Game"

"True story" movies are boring. It's as simple as that.

Hence why every "True story" is "based on", not "this is what actually happened".

You have to go into movies KNOWING this. U-571, however, is a different class of tosh. Imitation Game is merely embellishment and "artistic licence" with the story so that grannies aren't saying "That was boring, what the hell was going on" for everything.

NEVER watch a movie expecting historical re-enactments. You won't get them. Ever. You think Mrs Brown was accurate? Or The Iron Lady? Or Made in Dagenham? Or The Queen? Or The King's Speech? No. Never. Not even close, any of them.

What you can get, having seen the movie, is a fun run-around in a Turing-like world. A homage to the man. Something embellished and polished but fun and interesting and insightful and true to the SPIRIT if not the word of the law. I'm a massive Turing fan. Sorry, I'm a mathematician and, from there, a computer scientist. I'm a programmer. I'm a computer theorist. I'm into coding theory and cryptography. I couldn't help but be anything else. I do not go to watch movies in cinema. I did for this. It was great fun, close enough and good enough that I can point out the problems (and that's half the fun of knowing the subject truly, like half the fun of knowing The Silmarillion and LOTR inside out is pointing out the bad bits of those movies) but my girlfriend can enjoy the movie as much as I do, and we can get some kids in the cinema going "Oh, cool, I never knew about this guy but this looks interesting".

You want factual representations? There is NO VENUE for them whatsoever. Even the "science" channels on TV are a load of tosh, the Royal Institution Christmas Lectures nothing more than QI without the questions, etc. YOU WILL NOT GET IT.

But you can enjoy a good movie that you can poke holes in as an expert in the subject, if you like.

12
0

Page:

Forums