air gap or network peer...
... is, IMHO, a false dichotomy. With a bit of fiddling, XP can copy a file to an NFS share or to an sftp server running a different OS (maybe not even windows) that can be safely on the network.
2533 posts • joined 14 Nov 2007
... is, IMHO, a false dichotomy. With a bit of fiddling, XP can copy a file to an NFS share or to an sftp server running a different OS (maybe not even windows) that can be safely on the network.
I absolutely agree... threats to file storage should be mitigated at the storage level of an enterprise architecture rather than relying solely on the A/V and O/S level to defend against them.
Suitable file systems, such as ZFS, can provide a defence through snapshots, but even just a regular frequent rsync to an administrator-only share would provide some defence.
There's got to be a small market for booby trapped VMs to point these pesky pests at ... I'm sure we could come up with a list of features ... maybe a Linux VM masquerading as a Windows box that coukd infect them with ransomware? Or delete their call lists?
... for tip-offs... all normal Police/Informant stuff. But I fail to see how this material can be consider evidence... it doesn't even meet basic chain-of-custody requirements.
... Finder-Spyder ... !?
If you're puzzled, call me on 555-0126 and I'll explain
My home ZFS server snapshots every minute, with another process tidying snapshots. Only root can delete retained snapshots and root can only log in physically. I cryptolockered the lot from a windows VM and could easily recover every file.
The emphasis on the NHS problem is incorrect in my opinion. You could have the most up-to-date O/S and A/V and still potentially suffer a similar attack. The most effective mitigation is surely at the storage level.
I believe medical, legal and financial documents should be kept in file systems that retain every version indefinitely. Even without ransomware, you've still got to protect from insider attacks and user incompetence. Keep every single version, and remove user access (at least write/Delete) to older versions. Storage is cheap and data loss is expensive!
...is suspect when uttered by someone with a PhD in the relevant field. When said by anyone else it's imbecilic.
Good point but fortunately Gmail is already offering a non-SMS 2FA
This is what one thinks when one knows a bit about genetics but nothing about biochemistry. I remember being in exactly that position (having got a degree in the former, and starting a PhD in the latter) and expressing to my supervisor that I was still amazed that DNA could make a mouse.
I've never forgotten his reply. DNA, for all it's complexity, is just data. You can put a mouse genome on a CD; you can mail (or even email) it to people; you can do all sorts of analysis on it. But the only thing that can turn it into a mouse is the molecular and biochemical machinery in a mouse embryo.
... is not always possible, even with the best intentions.
... with simple statistics, only the STEMmers will understand
... with complex statistics, only statisticians will understand
... with AI, nobody will understand.
Someone can tell you the architecture of their AI, and all the weights of the trained network, but it doesn't tell you why it makes any particular decision. Perhaps we have to wait until AI is conscious enough to explain itself. I'm not hopeful, though: as my late father used to say, 95% of human rationality is used for providing convincing explanations for decisions they have already made on gut feel.
... which is why it is can be so hard to leave it. Maybe we could put together some kind of P2P distributed Facebook where our own content is hosted in our own spaces (our homes or our own clouds according to preference) AND (importantly) a tool for migrating to such a system from FB, replacing all one's content with links to the new system until *snip* we cut Zuck off entirely.
"And it tends towards a normal distribution, not a Gaussian distribution" -- DavCrav
Erm, what do you understand by Gaussian distribution? I always thought it was another name for the Normal.
As for CLT, isn't the whole point that samples taken ("with replacement") at random from any distribution (with finite variance) will have their means approximately normally distributed? I think this is true even if the population being sampled is skewed - or even non-normal - providing it is large enough.
"What about all the youtube videos that would have been deemed fair use in a court, but are now just gone."
Almost everyone I've talked to about this has had at least one harmless home video snippet wiped from social media for "copyright infringement." Latest example was a sub twenty second vid of my weirdo collie-x who loved the Amazon Prime advert where the street vendor buys a pirate outfit for the busker's dog ... I thought it was a funny clip to share with friends and family, FB's bots thought it was an attempt to steal Cat Stevens' "Tea for the Tillerman"
I defiantly [stet] wanted a an espresso martini, the perfect Geek cocktail ... in a Wetherspoons in the Grim North* ...
"Can I have an espresso martini?"
"Sorry, we don't sell those. This is our cocktail menu" *points*
"Ah. OK. Just an espresso please"
*1 minute later* "One espresso love, anything else?"
"Can I have a double vodka? How about Grey Goose?"
"Sure. Anything else?"
"Any chance of a small Kahlua?"
"Sure. Will that be everything?"
"Got any ice?"
"Yep, help yourself from that bucket. Anything else I can help you with, love?"
"Yeah ... Can I borrow your cocktail shaker?"
In the end she offered to shake it for me but I told her I was happy just to get the drink. I got my karmic comeuppance for being a smartarse when, some ten minutes later, my not-quite finished glass was swiped from the table by a member of staff desultorily clearing glasses whilst studiously avoiding eye-contact.
*I'm allowed to say that, I'm sort-of from Middlesbrough
"... local High Street shops and banks no longer have to take them after today."
Logal High Street shops don't have to take any money they don't want to. No Fifties, No Scottish Money, No Coppers --- they could even refuse to serve people who want to pay in cash. Or even Stirling.
Perhaps your local corner shop would have to take it if you were paying your newspaper bill or settling some other account. Legal tender is that which, when offered, must be taken towards settlement of a debt. So perhaps a restaurant like Pizza Express, where you sort-of incur a debt before paying? But not Nandos, where they make you pay up front, to make sure you can't object to the bill.
PS: Handy hint: if you get you and your date a McDonalds Peri-Peri chicken wrap meal each, and set fire to a twenty, it's exactly like eating at Nandos.
"Unless you have a plan to finance it it's [universal income] not even that" -- Doctor Syntax
It's rare that I disagree with you Doctor, but I must. We already (at least in theory) provide a welfare system that (theoretically) prevents the poorest from being homeless, starving, excluded from healthcare and their children being excluded from Education.
It's a massive bureaucratic mess employing thousands and thousands of people in unproductive jobs and the costs, well, the Universal Credit fiasco has been covered in this esteemed organ ad nauseam. It makes the welfare net "sticky" --- you can't get off welfare easily unless you go straight into some kind of job --- there's no legitimate way of doing a few hours work: people avoid work or do cash-under-the-table. And it means that we have to place huge burdens on small employers (proportionally much higher than big employers) to administrate all the various things such as Employers NI, Workplace pension, notice periods, redundancy, etc.
Why would a UI system cost more than an Universal Credit system? A person earning 50k pays 13.5k tax (including NI) every year. The bottom 11.5k of that is tax free, the top 5k is at 40% and the rest at 20%. If UI were set to 11.5k, and tax at a flat rate of 50%, that person would receive almost exactly the same amount of net income. A person earning 10k annually, who currently pays only 220 tax a year would see their income rise to 16.5k and they'd be paying 5k tax. A person earning 150k, on the other hand, currently pays 60k and receives 90k net. They'd be paying 75k and receiving 75+11.5 = 86.5k, so they would face a small drop.
Providing 11.5k annually to 45 million adults would be approaching 500 billion, sure, which is twice our current welfare system. But the overall tax take would go up, the economy would be stimulated, the huge waste in the welfare and taxation systems enormously simplified: for instance, the 50 billion spent on in-work benefits would just be completely unecessary, as would the vast machinery for managing it.
It's ridiculous to say we can't afford basic income: unless we are allowing people to starve, freeze, die unecessarily due to lack of healthcare and preventing their children from accessing free education, we are ALREADY PAYING it, just in the most ridiculous, complex and wasteful way imaginable.
... it's called Universal Income
If people have a basic safety net of shelter, food, healthcare and education for their kids, we can have full-on uber-capitalism, with the market deciding the rate for all work. Employers then only need to ensure they comply with health and safety, and all other red tape can be ditched.
Universal income is often dismissed as a socialist utopia --- but to my mind it is an enabler of a much freer employment market, with just a simple safety net for the sake of common humanity. But this net is not "sticky" -- every hour you work makes you better off.
"... and was subject to the Official Secrets Act"
EVERYONE is subject to the OSA, it's a law not a contract... signing it makes no legal difference whatsoever. It is customary to sign it when performing work where it is more relevant, but this is a reminder of its terms, not a voluntary acceptance of them.
I think it's called paralepsis
If you're going to piss all over the seat, lifting it just means you're going to piss on the porcelain.
... I would have coded the detection not to deny flight but to silently send drone location to the relevant security services when used in these areas
"Future proofing is relatively simple, and by the time I upgrade, will be time for an 85" telly ! Just got to get that one past the wifey first...."
Our 40" broke. I rigged up an ancient SD projector, just onto a white wall. When the 40" was fixed, SWIMBO declared it was too small to be of much use (I was just glad that it was the TV's turn for such criticism) and it became my 2nd monitor. We now have a titchy 24" TV for news / breakfast etc and a screen wall for proper evening TV: No dusting; projector is inconspicuous and maintenance free on ceiling; 120" TV effectively "just not there" when projector is off.
Proj had about 8 hours on the lamp and was 350 quid from Richer Sounds with a 12 month warranty. Even I could mount it on the ceiling and DIY is most certainly not my forte. Worth considering, especially in this context --- projectors are dumb, but very good at displaying pictures!
PS: Labrador apparently cannot even see the TV, even though it is 10' across: big enough for Tyrion Lannister to be actual size when he is full frame. Collie-x weirdo can not only see TV but gets annoyed when it is on pause because nothing is happening; and if Brian from Family Guy comes on she runs round the house rounding up everyone to come and see the talking dog. Just something you may want to consider if you have a dog that wants to put its nose and/or paws on your big screen :-)
There's only one standard a modern TV needs to support ... HDMI
I agree that the trend is, as you say, towards being a tablet with no touch screen. But it's an utterly regrettable trend, as noted by most of the posts above. TVs are for displaying pictures; I wouldn't even trust one to provide audio ... internal speakers on my TVs and projectors stay muted unless i need to do troubleshooting. YMMV but I don't even have a use for multiple HDMI inputs as I prefer to manage source selection on other hardware, and I lack the cognitive power to cope with picture-in-picture, etc.
"What possible GOOD could something like this do? I see lots of downside with this technology, but no real upside. Why do it?"
Would you prefer people with these abilities kept it quiet and used it for personal (illicit) gain? Keeping quiet about this sort of capability when (some) banks are experimenting with voice recognition security would be immoral, in my opinion.
"Bad enough that scammers try to get you recorded saying Yes to anything so they can splice it in as evidence of your confirmation on anything they want."
Mains hum (edit: as mentioned by Number 6 below) and background noise are your friends here. I bought my new bathroom with court winnings shared with me by a friend who relied on my evidence (using Audacity) that the same "yes" had been reused multiple times in a faked recording of her agreeing to a contract.
But I'm not sure faking voices has ever been that hard, many people can quite effectively mimic other people: I'd be interested to now how reliable voiceprints were against talented impersonators.
"Flats in Germany are generally measured by size and the price m2 is important. A "one-bedroomed flat" could be anything from 40 to 70 m2."
True of all sensible countries, even the US (only they use square feet). The UK obsession with measuring property size by number of bedrooms has lead to some of the most cramped property in the world, with many "bedrooms" not big enough for a wardrobe and a single bed --- and a bizarre market in 80%-size furniture for show homes.
"Some may also wonder why the United Kingdom Atomic Energy Authority are piffling around with self driving cars. "
Are they, perchance, electric? I don't think we'll be able to replace ICE vehicles with electric ones without some involvement from the UKAEA. All those spiffing facebook posts "This is the first day we did without coal!" and "UK powered by renewables alone for 24hrs" seem to conveniently forget the amount of hydrocarbons burned daily on the UK road network, and the quantity of electrons that will be required to replace them.
Are you the guy who made Tesco rethink the serving suggestion on their chillies? ("Why not toss into a fresh green salad?")
Me: "Hey, Honey... fancy a weekend trip to Sweden in June?"
She: "Sounds good, why?"
Me: *shows article* "I fancy going to this exhibition"
She: *reading* "That looks interesting, but I'm not coming with you"
Me: "Why not?"
She: "I don't want to be spotted on the way out and accused of stealing an exhibit"
So, it's acceptable for May to change her mind about an election? I agree. I think "u-turn" is one of the most toxic terms in politics. We should welcome politicians who are prepared to change their minds and respond to evolving circumstances.
But then, I'm afraid, I can't see how you can object to Sturgeon saying the very different circumstances that now prevail mean that the previous "once-in-a-generation" promise also has to be revisited.
Or are only politicians you like allowed to change their minds?
"And even by posting this I've probably being microaggressive to some weak minded snowflakes."
By posting that you are mainly looking clever to stupid people and vice versa.
"Targeted court wiretap of a person vs blanket surveillance of the entire population."
I'm encouraged that NL has a relatively high number of wiretaps: it suggests they *need* to do so to monitor the bad guys, which indicates they may not do as much general hoovering up of everything.
I have no problem with targetted surveillance. I'm not even that bothered about whether the Security Services need warrants or not. What I am more bothered about is some unvetted desk-jockey in the Food Standards Agency or other government department being able to examine every single piece of anyone's internet history, any time they feel like it, without auditing or oversight, and perhaps even much in the way of justification. Or some hacker breaking into the barely secured archive of my web history that my ISP is forced to keep. etc.
This isn't nearly the big maths fail. I've spent all morning fighting a frustrating meme where someone has used HYDESim to simulate the MOAB blast over New York without realizing that the yield box is in kt and they should have entered 0.011 instead of 11.
I've even seen people suggest a "21,000 tonne bomb" has been dropped, confusing pounds and tonnes. Who seriously thinks something weighing as much as a passenger ferry can be dropped out of a plane?
"Making negative comments about Islam in the UK could get you arrested and charged with a hate crime" -- Andy Non
As far as I know, things can't be a hate crime unless they are firstly a crime, and I'm pretty sure saying negative things about Islam isn't a crime unless you cross the fairly well defined line to inciting religious hatred.
.... oh, no ... not that electric universe BS again! Weirdest conspiracy theory nutters going!
There are 985824 patterns, very nearly the same as a 6 digit pin. With a 30s delay every 5 wrong attempts, there's no significant difference in guess resistance.
The main problem for oily types like me is smearing, so I tend to use reverses (e.g. middle, left, right) to confuse the issue. But giving the screen good buff is a good option... Increases security and makes it look a bit less gross.
when cyber attacks hurt others (e.g. data breaches) then the required - and long overdue - stick is financial, or even custodial, consequences at C-Level.
"What if one of the bombs hit the ISIS chemical weapons plant and so caused a leak?"
Sarin + Bomb = Debris + no(t much) Sarin.
Sarin is about as viscous as water, has a standard pressure boiling point of 158 degrees C and is not a very stable chemical (that P-F bond will break pretty easily). A leak is going to be a big problem, sure, but *nothing* like an effective CW attack: for that you need aerosols, not splashes.
With chemical and biological weapons its often harder to weaponize the agents than it is to manufacture them. Dirty bombs are the other way round --- it's relatively hard to get the radioactive material, but any old bomb will spread it around and it'll still be radioactive.
Mengele was a doctor
I honestly cannot understand apparently intelligent people appealing to common sense or basic humanity when they talk about brutal regimes and dictators. Remember why there was a Syrian uprising? Wasn't it something to do with torturing teenagers to find the authors of some anti-Regime grafitti? SURELY someone who understood western culture and values wouldn't do that?
Whatever the motives of the Orange One, and a quick glance at my posts will show I'm not a fan, who really doubts that the USA had good intel on aircraft movements that matched the attack?
Really? I challenge you to find me a native speaker who would prefer "twice faster" to "two times faster"
"Royal Mail has been a separate public company since 2013" --- good point
"its numeracy has never been a problem for us" --- anecdote which is, in this context, statistically insignificant.
"my own personal opinion is that there were no chemical weapons"
... it is even less likely that the whole thing was faked than that it was a false flag.
As for "would Assad take the risk" ask yourself why Kim Jong Un took the risk of assassinating his half-brother. There may be reasons to consider that Assad didn't do this, but they aren't "he isn't mad or bad enough"
"I am thinking that you dropped both logic and reason when you left IBM"
He was a visioneer, he probably didn't have those faculties when they hired him.
I'm not sure that report stood up to critical analysis. But the fact so many people remember the sensational announcement that a false flag conspiracy had been uncovered, and few remember that very little evidence was presented does indeed show the power of fake news.
Given that he almost certainly ordered the torture of teenagers who had dated to criticize him it really isn't that infeasible that he gassed "his own people"
The idea that a dictator may consider some of his own people his enemy, or simply expendable, cannot be that much of a shock, surely... They aren't all benevolent patriarchs, indeed, history shows very few total rulers even come close to such a classification.
There has been a comprehension fail, I agree. User quite clearly said he could download (at 1.7Mbps) a film ten times faster than he could watch it. He either likes lo-res or slo-mo. Or maybe compression artefacts? :-)
" I have a 1.7 Mbps download, 0.4 Mbps upload connection.
I can download a film 10x faster than it takes to watch it"
Sorry, but that seems wrong to me. IMHO one needs a solid 2Mbps to watch HD without buffering. Not sure what you're watching at 170Kbps but I wouldn't consider it enough for anything except CCTV, and probably not even that.
"I'll be interested to see if they respond with some tricks designed to put a separation in between their market share and the ISP's."
They are ideally placed to offer budget or even free VPN. They can blind the ISPs within months.
Biting the hand that feeds IT © 1998–2017