Roses are red
Bought from the bazaar
We're gathering your data
354 posts • joined 12 Jan 2009
People are stupid - give them enough of a carrot to run untrusted code and they will. It's pretty easy to get macros enabled, usually only a couple of clicks (I've had to do it on legit documents where I need the macros enabled), so not a huge hurdle to get in. If you spam enough people, you'll find a few marks and the cost/benefit ratio soon makes it worthwhile.
That is at least part of the problem there - here we are, 2.5 years after the referendum and no-one can agree on what leaving the EU actually means. We can't even agree what to do with Northern Ireland, let alone what kind of trade, fisheries or agricultural deals we want to have with the rest of the EU. Parliament is split between remain, hard brexit and some kind of deal in the middle and no-one is budging. The general terms of leaving should have been agreed BEFORE the referendum, not 3 months before the end of the article 50 term.
And there is the problem - the acceptable levels to the public will be zero casualties, even though that's impossible outside of a controlled environment. Every single incident (regardless of fault) will be interpreted as a failure of self driving vehicles, where what we should be setting the bar at is as good as a human driver.
I used to have to do user account creation annually at a university. I'd inherited some (fairly ropy) scripts and an MS Word mail merge template which took a fair bit of manual effort. I reduced it to a couple of Unix scripts which then created a LaTeX file to print out and another output file to create the Novell 4.1 accounts (that probably dates it pretty well). The printouts were handed to the lecturers to distribute to their classes on the first day and get them to log in.
Dejanews was the Google of the 90s - all sorts of useful stuff squirreled away in Usenet forums and generally not tainted with the crap you get now. Google covers a lot of things now, but part of the problem is the 100s of ways Linux implementors do things, so you get some instructions for RHEL 6 which don't work on Debian, Ubuntu or, in some cases, RHEL 7.
You're thinking of trademarks. Patents follow different laws/rules, hence you can have a submarine patent - let something become ubiquitous then sue the world because you have a patent on it. Declaring it too soon means people can find a different solution and work around your patent and you don't get royalties.
From close experience - plugging two ovens into a single extension lead blew the fuse on the extension (by design and quite correctly - note that it was someone else who did this, not me). In contrast, I have two extension bars linked together at home serving up a number of low wattage items (mainly around the PC) quite happily because they don't go near the 13 amps permitted by the fuse. It's all about what you plug in, not just the number of items.
The dislike of multiple extension bars dates back to when most items in the house were high wattage and folk would link 2 or more bar heaters, a toaster and an iron into one socket with rather inevitable results. When the blown fuse gets replaced by tin foil or a bolt, the next inevitable results annoy the fire brigade.
Only real school fire we had was a small one in the woodwork room (I was nowhere near it, so don't know all the details). The rector (head teacher) decided it would be a great opportunity for a fire evacuation test. As we got to the top of the stairs, we could smell the burning smell which had permeated through the corridors - it certainly added a little more urgency to a fire alarm test!
Surely all this needed was some fake status reports on request when the boss wanted updates? By the time he's wondering why nothing has actually been delivered, the next shiny will have appeared on the horizon to take his attention and you can "shut down" the Blockchain project....
Is there anything stopping someone legally buying something like an AR-15 (insert over-powered gun of choice instead) in one state then driving to California to use it? I'm assuming there are a bunch of laws against possession of said weapon in CA, but if they're intending to shoot up people with it, those laws aren't really going to stop them....
Read the article:
But in this case, the charity and local authority seem to have failed to do so in more ways than one, by allegedly declining the opportunity to pick up the docs.
According to the Evening News, Saunders claimed that neither the charity nor the council helped him when he raised the alarm, which he said prompted him to go to the newspaper.
It should still be reported to the ICO, though, as it's lax security of information.
Well - from some of the commentary on Wikipedia (I know it's not a great source, but...):
- Grsecurity distribute patches to the kernel, these are governed by GPLv2
- Grsecurity only sell these (not distribute for free), but as well as the GPLv2 license, they attach use conditions, basically saying "if you distribute these as per GPLv2 you don't get any future releases"
Grsecurity claim this means they're abiding by GPLv2, Perens says it breaks GPLv2. I suspect Perens is right, but the IP lawyers will have a bun fight over it in court.
I think some of the older T-class chips didn't have out of order execution, so they'll probably be safe. They're crap for single threaded workloads, though. I seem to recall POWER 6 didn't have it either, which is how they clocked it so fast (up to 5GHz) without melting.
As for other SPARC/POWER chips? Given that ARM is vulnerable and all of these are based on RISC design concepts, it's entirely plausible they're vulnerable as well. I don't know enough about chips to be able to answer that.
"screenshot in a word document"
Older version of MS Paint would default to saving in bitmap format - for a large monitor and 24/32 bit graphics, that would be a large file to attach to an email. Saving in word would compress it so you'd have a much smaller email. It's a poor solution, but for a non-savvy person, it can be quicker & easier.
Nowadays, paint seems to default to PNG format which is much better, so there shouldn't be any need to revert to Word.
Yup, had one when I was at uni. One of the students reported a PC wasn't working, so I followed her to the room. Sure enough, it wouldn't turn on. Went to check power socket, the plug was slightly out. Pushed it in, powered on the machine gave her a bit of a look as she was looking sheepish and wandered out without saying another word.
It's now cheaper to throw an octo-core 3GHz CPU with 32GB of RAM at a problem than pay a programmer to code it on a single core 1GHz CPU with 2GB of RAM. It's perfectly plausible in many cases to do the latter, but why pay your expensive developer to do that when you can get a bigger server relatively cheaply?
In the "old days", firmwares were much smaller, simpler and less prone to requiring patching. Most of the "brains" was in silicon so there wasn't the need to drop firmware as much. These days, the custom silicon is expensive, coding firmware is cheap so bugs creep out and updates are required.
Add in scaling issues - if all you had was a single large Unix server, flipping the jumper is relatively trivial. With 1000+ servers in VMWare farms/private clouds, flipping all the jumpers becomes time consuming.
To be fair, there probably are jumpers, they're just set to allow updates for the reasons above.
Yup, we need a view on the risks profiles and where the cut-off weight is between "acceptable risk" and "unacceptable risk". Without this study, some random number would be plucked out of the air and made law and argued about for years. With this study, the lawmakers can say "under these rules there is only an x% chance of serious injury".
"Apple always screws up the first iteration" - never use a .0 release of anything is a common mantra in computing, that's not limited to Apple. Of course the new code is going to have bugs and the .1 release will fix most of them (and introduce some new ones, no doubt...). In general, wait a couple of days for the early adopters to find the issues, figure out what they are and figure out if the new features are worth the hassle of the new issues.
Per contract law, advertising a good at price X is considered an "invitation to treat". When you try to buy at that price, it's officially an "offer" which is generally accepted by the vendor. Where something is advertised at the wrong price, they can reject the offer to buy, the trick with online buying is at what point the offer is accepted and what conditions may be applied to the acceptance of that offer. I suspect all online traders now have something in the terms and conditions (which we all accept and never read) giving them the option of cancelling the accepted offer for a variety of reasons, thus giving themselves the weasel room to avoid sending you a 42" TV for £1.
There's a secondary issue around false advertising (bait and switch) if you intentionally advertise at price X but will only sell at price Y, but screwing up your website wouldn't be covered by that.
The military have their own logistics for moving stuff around, including C-130s and Chinooks, so size/weight is less of a limiting factor than a "private" flyer.
Anyway, isn't everything supposed to be in the "cloud" these days? ;)
All the above said, I'm guessing there will be a niche market for these and they'll sell a handful of units, hopefully enough to recoup their R&D costs. Failing that, it'll be some expensive advertising and getting their name out & about.
Yup, neural networks in particular train themselves and developers may not understand how the specific neural pathways have been trained. Neural nets (and other "trained" AIs) are some of the most powerful computing resources available, but transparency isn't their strong point...
"I think you meant "that profit accrues" but that's the problem - you sell some software for 100 Euros in France and the French subsidiary internally pays it's Irish subsidiary 99.99 Euros because the company says the software IP is "owned" by the Irish subsidiary."
That's basically the issue - what is the "fair" reimbursement to the "parent" company. If I, as a UK resident, invented some cool widget which I sold through my UK company and a French subsiduary, it's entirely legitimate that some of the French profits should accrue to the UK company as the owner of the IP rights. In contrast, my accountants would recommend setting up an Irish subsiduary, "sell" the IP rights to it and funnel profits via Ireland, possibly also via some Caribbean tax haven as well. It would be legal (if done right) but doesn't make any logical business sense or reflect the true flow of money or profits and it's frankly taking the piss.
VW Passat entertainment system isn't too bad - it'll remember which song it was on if I remove the USB drive to sync more songs to it and reconnect before starting up. Main issue is that if I try to shuffle, it only picks the first few hundred songs it finds, so I get a lot of AC/DC, Bullet for my Valentine, Black Sabbath etc, not so much ZZ Top, though....
Nope, it's not better than ZFS for data protection if you have mirroring or RAID. Here's why:
While DIF/DIX will tell you at time of writing, it does sod-all after the fact, so if your data is corrupted due to any other reason, it will merely give an error (probably a SCSI read error, I'd assume). It won't even try to correct the fault.
Looking at Redhat's note on it, there are limitations on it (direct IO on XFS only - see https://access.redhat.com/solutions/41548). ZFS doesn't have those restrictions. The Redhat doc mentions it as a "new feature in the SCSI standard", so old disks won't support it. ZFS doesn't care what disks you use as long as they appear as an appropriate block/character device.
If you have ANY data corruption on ZFS, it'll detect it on read and if you have multiple data copies (mirrored, RAID-z or whatever), it'll fix it on the fly. If you only have a single copy, it'll error out and tell you which file(s) are unavailable, prompting you to recover those files.
Oracle do recommend you run a zpool scrub periodically (once a week on standard disks, once a month on enterprise level storage) to capture errors - that will also automatically fix any errors on the checksums.
ZFS does have a number of flaws (performance on a full zpool is pretty awful, for example), but it is very good at data integrity.
Probably due to eugenics as a side effect of the slave trade. The slave traders picked the strongest "specimens" from Africa and shipped them to the Americas as slaves. The weaker of those died off through over-work, so only the strongest survived. This meant that blacks in America were from a hardy, strong stock which is well suited to various sports (basketball, sprinting, etc).
It's benefited them, but it doesn't justify slavery or what was done to them.
While I was working at a university in the computing department, we had a student from the engineering school (which did an MSc in Information systems) come across asking to use the SPARCstations and the Oracle DB for her summer project. I set her up with logins and gave her some minimal help when she'd needed it.
Near the end of the project, I was in the lab reinstalling the servers (we gave them a clean build over summer) she thanked me for the help (which had been minimal) and asked what I liked to drink. I said whisky, half expecting a half bottle of Grants or something to appear and was rather shocked when she came back a few days later with a 70cl bottle of Balvenie :)
Given how little help I'd actually provided, I was rather shocked, but wasn't going to say no :)
Calendar manager has been a security screwup for at least 10 years and I remember switching it off across all our servers many moons ago. I doubt many desktop Solaris users even use CDE these days (Gnome being preferred) so it should have been switched off/uninstalled.
As for Java, yeah, the vast majority relate to "untrusted code" which basically means "code run in the browser" in the majority of cases. Another reason I don't install Java browser extensions and I haven't missed them in ages.
Biting the hand that feeds IT © 1998–2019