* Posts by Michael Wojcik

5551 posts • joined 21 Dec 2007

Equifax IT staff had to rerun hackers' database queries to work out what was nicked – audit

Michael Wojcik
Silver badge

Re: Impressive consequences

I am most impressed by the level of competence of the scumbag(s) that found the flaw and exploited it.

Why? I don't see anything particularly out of the ordinary in this case.

1. A Struts vulnerability is published.

2. Attacker scans for vulnerable systems. No doubt many people did so.

3. Attacker happened to find Equifax was available, and broke in.

4. Monitoring system was down (because of incompetence on someone else's part, but that's irrelevant to this question), so the attack wasn't discovered for a long time.

6. Attacker continued to exploit the hole because it remained open.

The broken monitoring was simply a lucky coincidence. There were probably plenty of sites with the unpatched Struts vulnerability that either didn't monitor properly, or didn't even try; they just weren't as valuable and interesting as Equifax.

As attacks go, this was barely more than script-kiddie work, at least based on what's in the article. Perhaps there's evidence of something more impressive in the full report.

0
0

Google Chrome 69 gives worldwide web a stay of execution in URL box

Michael Wojcik
Silver badge

Re: www.www

Have the server check User-Agent, and if it's Chrome, do a redirect to www.www.example.com. Then you don't annoy users who avoid the Google plague.

1
1
Michael Wojcik
Silver badge

Re: With M$ Windows dead as a dodo

But when I turn on windows 10 it spends 20 minutes displaying a message that it is "making my experience better"!

It's better in the sense that for 20 blissful minutes you are unable to experience Windows 10.

I've been using, and developing for, Windows since Windows 2.0. I've used and developed for dozens of operating systems, from embedded monitors to zOS. Windows 10 is far and away the most obnoxious, contrary disaster of an OS I have ever experienced.

4
1

Article 13 pits Big Tech and bots against European creatives

Michael Wojcik
Silver badge

Re: "I noticed because I tried to factor it. Don't ask..."

the product of a real and an imaginary number, which is of course an imaginary number

Because imaginariness is a dominant trait. Over time we expect to see imaginary numbers supplanting real ones, and the ratio of imaginary to real steadily increasing, except in isolated populations.

Eventually we'll probably have to keep breeding pairs of real numbers in number zoos.

1
0

A boss pinching pennies may have cost his firm many, many pounds

Michael Wojcik
Silver badge

Re: Penny pinching boss

This was over 20 years ago - Laser Printers were new on the market and expensive.

Your time dilation is strong.

Indeed. The first HP LaserJet model came out 35 years ago (which I admit is "over 20"). "Expensive" is subjective, but as a graduate student I bought a Lexmark laser printer in 1992, and I certainly didn't spend thousands of dollars on it.

I no longer have that printer (done in by a failing PSU after about 12 years of service), but I still use my early-1990s HP LaserJet 4.

1
0

It's been 5 years already, let's gawp at Microsoft and Nokia's bloodbath

Michael Wojcik
Silver badge

Activity Theory

I have to admire Andrew's dedication to curmudgeonliness. Often his pieces remind me of a line from Albert the Alligator of Pogo fame: "I don't understand it and it don't mean nothin'".

Vygotsky's ideas certainly have their limitations; like everything else in the social sciences, they've been much critiqued and revised in the nearly 80 years since his death. But he's hardly "obscure" in HCI (certainly not since SSAT started to appear in English-language journals) or real UI/UX design.

And activity theory (which is really a family or category of theoretical frameworks, not a "theory" even in the loose humanities sense) is still used in both theoretical and practical applications. For an example of the former see Spinuzzi's Network. For the latter, I can only note that I've spoken to UI/UX designers who make use of it.

Also, while I admit I have a leg up, since I'm already familiar with activity theory, I must point out that the diagram presented in the article was immediately comprehensible to me. It's not particularly useful, as it's extremely high-level and general; but its meaning is obvious to anyone familiar with the basics of AT.

Not everything you don't understand is "garbage", Andrew.

That said, was AT a good approach for Nokia's UI designers? It doesn't appear so, and indeed I'd never suggest that a UI (or UX; maybe, at a very high level, a UIM) should be "based on" AT, whatever that might mean. AT is a way of describing and analyzing interactions. That's necessary to good UI design, but by no means sufficient.

1
0

Nope, the NSA isn't sitting in front of a supercomputer hooked up to a terrorist’s hard drive

Michael Wojcik
Silver badge

Clipper history

The article is a decent summary of the state of SIGINT and the reasoning behind th epressure for "voluntary" backdoors, but this bit isn't really accurate:

Clipper – an encryption chipset with a US-government-accessible backdoor backed by the US National Security Agency (NSA) – foundered on the stubborn resistance of one man in his spare room, Phil Zimmermann, and a modest home-brew application, PGP

Clipper "foundered" at least as much for two other reasons, one technical and one political. Politically, it was simply unpopular; the proponents did a poor job of marketing it, and sentiment was against it from the start, in both government and business.

On the technical side, while Zimmerman showed that competing, non-backdoored encryption could easily be made available, a more devastating blow came from Matt Blaze's crack of the LEAF checksum. That doomed Clipper's key escrow system, which removed the whole justification for the thing. If you want to lay the death of Clipper at the feet of any single person, I think Blaze is the one.

More broadly, you can lump Zimmerman and Blaze in with the surge of interest in computer-assisted crypto that developed in the '70s, '80s, and '90s, after Diffie-Hellman(-Merkle) and RSA were published (1976 and 1978, respectively) and DES was standardized (1977). By the time the Cypherpunks mailing list was established in 1992, the genie was clearly out of the bottle. The publication of ARCFOUR1 in '94 meant that anyone could have a decent stream cipher - RC4 is so simple you could memorize the algorithm (or print it on a t-shirt, etc).2

When Clipper came out in 1993, it was effectively dead on arrival.

1Alleged RC4, the public reverse-engineered implementation of RC4, which was a trade secret. Everyone was pretty sure ARCFOUR was identical to real RC4, and it certainly did an equivalent job.

2RC4 is considered unsafe now, and there are public attacks against correlations in the key stream that mean it can be broken with ordinary resources unless countermeasures are employed. It's not publicly known how much of that NSA knew in '94, or what resources they could devote to breaking RC4. It's likely that widespread use of RC4 would have significantly restricted their ability to do mass real-time or near-time data inspection for several years, though.

0
0
Michael Wojcik
Silver badge

Re: Don't assume they don't have supercomputers...

I think you've misunderstood the claim in the headline (or the headline is wrong). No one who knows anything about the NSA - e.g. from reading The Puzzle Palace or any of the other well-known treatments of the organization - thinks they don't have supercomputers. The NSA has extensive computing resources of various classes; that's amply documented and uncontroversial.

The point the headline is making is that there's no (credible) evidence that the NSA or other organizations have magical computing capabilities which let them break properly-implemented modern cryptography. It's very likely that they have had certain cryptanalytic capabilities before they were publicly known - differential cryptanalysis, for example, and the ability to break DH when it uses weak, well-known parameters. But not TV-style "it's encrypted - it'll take me a few hours to break it" capabilities.

That's why they're pushing backdoors. Nation-state SIGINT operations will work on all fronts available to them - that's their mandate. So they have cryptanalysts and mathematicians looking for new weaknesses in algorithms and protocols; they have massive computing resources; they develop and use attacks on software vulnerabilities to plant keyloggers and RATs; and so on. They'll also push for backdoors, both voluntarily from manufacturers and by legislation.

0
0

No, no, you're all wrong. That's not a Kremlin agent. It's someone with 'inauthentic behavior'

Michael Wojcik
Silver badge

Most significant user

Twitter – whose most significant user right now is the most powerful man in the world

Hold on - Xi Jinping is on Twitter?

0
0
Michael Wojcik
Silver badge

Re: Sheryl Sandberg was/is considering a run for President

The fact that she is eminently unqualified for that job notwithstanding.

Paradoxically, this appears to be the major qualification for the job, in the minds (such as they are) of much of the electorate. Note the calls for "outsiders", vitriol directed against "career politicians", etc.

(What about those damn career plumbers? Screw those guys - let's get some new blood fitting our pipes! And career engineers, all thinking they're so smart with their mathematics and designs. Career surgeons, too. Give the guy off the street a chance to do some cutting and you'd see the end of surgical corruption pretty quickly. Really, why is anyone allowed to have a career at all? Term limits for every job!)

0
0
Michael Wojcik
Silver badge

Re: Sheryl Sandberg was/is considering a run for President

Reagan was governor of California, so he wasn't coming in cold straight to the White House.

Yes, and as governor he was a serious policy wonk - he wasn't primarily a figurehead, as Bush II was, for example. (In Texas, the Lieutenant Governor does most of the actual head-of-executive-branch work.) And before that he was President of the SAG; anyone who doesn't think that's a political position, and a fraught one at that, doesn't understand Hollywood labor.

Reagan was not my favorite president by any means, and his mental faculties were definitely on the decline in his later years. But he was one of the more-qualified people we've had in that office, at least by job experience.

0
0

Facebook flogs dead horse. By flog, we mean sues. And by horse, we mean BlackBerry

Michael Wojcik
Silver badge

Re: Pot, meet kettle

That's what Facebook said: the innovation of others, not "the innovation of us".

On a more serious note: this is precisely how this game is played. Facebook acquired a portfolio of defensive patents. They don't care whether those patents are meaningful, and they don't especially care whether any of them get overturned, as long as their portfolio doesn't become too slender. They're just there as a club to beat litigants with.

Blackberry gambled that Facebook would rather settle than get into a dragged-out court battle. So far it seems they were wrong. You never know with the deep-pocketed types. Sometimes they're happy to just throw some money at the problem and make it go away (as Cisco did, for example); sometimes they get their hackles up, and decide to make this one pay, possibly as a warning to others or possibly just out of spite.

0
0
Michael Wojcik
Silver badge

Software patents aren't a thing surely? (except in merica)

There are software patents in other jurisdictions, though in my experience they're generally written to emphasize the "hardware and software" aspect of the invention. I know of several UK patents that are essentially software patents, for example.

0
0

AI sucks at stopping online trolls spewing toxic comments

Michael Wojcik
Silver badge

ML adaptation

They can’t readily adapt to new information beyond what’s been spoonfed to them during the training process.

This may be true of the systems examined in this study (I haven't bothered reading the paper, because, frankly, it doesn't look terribly interesting1). It is not, however, true of ML system in general, as Katyanna seems to imply. There are a great many ML systems which can refine their classifiers in production, using unsupervised or semi-supervised learning.

Sometimes that's as simple as kernel augmentation - expanding category features when novel data accompanies a strong match. A more sophisticated approach is having other systems (typically human judges, though they don't always know they're filling this role) label some errors after processing, and feeding those back in as adversarial inputs. For this particular use case, sentiment analysis on replies to a post could be used to build a disagreement graph (basically an inverse reputation network representation) for a conversation and identify hotspots for more in-depth analysis.2

Assuming the Reg's precis is accurate, the authors suggest that the training set is more important than the algorithms. That may well be true for this set of systems (and it agrees with similar studies on, for example, sentiment-analysis systems), but I'm not convinced it's true in general. I suspect a continuous-learning system with heterogeneous feedback channels and a decent world model would eventually do better than any of the systems under discussion, regardless of what training set were used. But building such a system is expensive and goes against the research direction of many of the big players, particularly Google.

1Which is not to say that I don't approve of the work. Much research is not particularly interesting, but still useful, and this is particularly true of research which tempers the claims of inventors.

2Yes, we would not want a system to automatically flag as "bad" a post or contributor simply due to controversy. I'd hope that would be obvious. But it probably is not.

0
0
Michael Wojcik
Silver badge

Re: Not AI

The problem is this is all machine learning that relies on a db to lookup and compare to.

No, it doesn't. Perhaps if you studied current ML research for a while ... ah, forget it. Commentators gonna comment.

0
0
Michael Wojcik
Silver badge

Re: Well we are talking about intellects comparable to...

Well we are talking about intellects comparable to mentaly disabled children.

Sure, if we're looking for an unproductive and inaccurate comparison.

I don't know of a single ML project that can usefully be compared to a human at any stage or condition of intellectual development. None of the developmentally-limited people I've known have exhibited behavior anything like any ML (or "AI") system I've seen; neither have developmentally-normal children at any stage, including infancy. I don't find any correspondence in developmental or child psychology, either.

Convolutional Neural Nets essentially do fuzzy signal filtering and amplification. Recurrent Neural Nets essentially do feature classification. Other NN types, such as LSTMs, fall into one of those two families. Deep nets are just stacked NNs, identifying signals or features at different scales and classifying based on those features. Support Vector Machines are geometric binary classifiers. k-Nearest-Neighbor and Decision Forests are n-ary classifiers. These sorts of functions are almost certainly part of the machinery of human cognition, but at a level far below anything we recognize as any sort of sophisticated qualia.

And then there are ML techniques which don't seem to have any relation to any human mental function, such as natural-language classification built on Latent Semantic Analysis.

So, yes, you can make that comparison. But you shouldn't.

0
0

Congress wants CVE stability, China wants your LinkedIn details, and Adobe wants you to patch Creative Cloud

Michael Wojcik
Silver badge

Re: CVE Funding

There's a difference between getting money now and then and the US Gov owning it

Yes, but it's not the difference that you think it is, and it doesn't apply to MITRE and the CVE system. You clearly have no idea what you're talking about. MITRE has always been a Federal contractor, and CVE funding has always come from the Feds. The only change here is making that "hard" money (a budget line item) rather than "soft" (taken from fixed-term grants and contracts).

In any case, MITRE's role as CVE coordinator is relatively small. They provide a central clearinghouse for the CNA (CVE numbering) function - but it's the actual CNAs who assign the numbers, and they don't work for MITRE. MITRE determines the format of CVEs, but CVEs don't contain much information anyway; all the meat is in the linked document, which the CVE publisher controls, and if MITRE tampered with the link the publisher would take note and announce that through other channels. There's no usable vulnerability there. And MITRE provide the CVE submission and publication mechanism, but it's open-source and could be duplicated in a matter of minutes.

There are multiple, independent repositories of published CVEs and related information. The CVSS scoring isn't done by MITRE; it's done by NIST, as part of the NVD process, and is duplicated by other organizations such as Red Hat (who often publish scores before NIST anyway).

There are a lot of eyes on MITRE's CVE coordination role - not because anyone (who knows what they're talking about) is suspicious that the government has coopted it, but because so many people use it. And the possibilities for attack are extremely limited.

1
0

VMware 'pressured' hotel to shut down tech event close to VMworld, IGEL sues resort giant

Michael Wojcik
Silver badge

Hadn't heard of IGEL before, but I like them already.

Conversely, I've known about Dell for years, and I've disliked them pretty much from the start. Funny about that.

8
0
Michael Wojcik
Silver badge

Hull?

Come for the conference, stay for the phosphorescent waterfowl.

3
0
Michael Wojcik
Silver badge

Re: Useful info

I'm just not going to Vegas at all anymore.

Agreed. I've never liked Las Vegas anyway - I find it loud, ugly, and annoying. Even LA and NYC are more interesting to me. Now thanks to this sort of vile behavior by the hotels, I have a good reason to refuse to go there.

All the interesting presentations end up online anyway.

7
0

Big Baboon ain't gibbon up: SAP, HP accused of aping software squirt's e-commerce patent

Michael Wojcik
Silver badge

Not a compelling patent

Unlike most of the Reg readership, I don't reject software patents out of hand. I've had a quick look at the '275 patent, and it does have a few marginally substantive claims.

However, most of it boils down to "have a website, a database, and automated order / returns processing". It was filed in 1997, so Amazon, for example, has prior art on most of the claims. Amazon was doing that sort of automated processing at least as far back as 1995.

Of the claims BB are specifically claiming infringement on:

- Claim 15 is "do the web/database thing, but with multiple databases and 'modules', which are used as appropriate". Really it's just "have more than one kind of workflow". Shouldn't be hard to show prior art for that.

- Claims 20-34 don't exist, as far as I can tell. The list of claims stops at 19. If there are claims 20-34, they'd be secondary, I'd think, so if infringement can't be proven for #15, I think there's nothing here.

In my view, the problem with this isn't that it's a "software patent", but that it tries to patent a very generic business method: take something that the patent authors themselves admit is already being done manually, and "automate" it, with very little technical detail about what that automation might involve. When a software patent describes a novel algorithm, that's one thing. This is just "do it with a computer".

1
0

Russian volcanoes fingered for Earth's largest mass extinction

Michael Wojcik
Silver badge

Re: Missing Halogen

Other halogens are perfectly capable of killing people too. See bromism, for example.

You pump huge amounts of reactive elements into the environment, and the results probably won't be terribly good for most organisms. Biochemistry is not terribly tolerant of that sort of thing. Even changing the relative proportion of the reactive elements they need in fairly large quantities (e.g. oxygen) by a significant amount will do most in.

3
0
Michael Wojcik
Silver badge

Re: A million years

The first ten thousand years were the worst, and the second ten thousand years, they were the worst too. The third ten thousand I didn't enjoy at all. After that I went into a bit of a decline.

4
1
Michael Wojcik
Silver badge

the Deccan Traps eruption was a result of the crust readjusting to the impact

No, no. The Deccan Traps were the means by which the dinosaurs summoned the meteors.

When it's time to retire, go out in style.

2
0
Michael Wojcik
Silver badge

Re: St. Augustine had told the Catholic Church, [...] that anything in the Bible which was contrary

Galileo wasn't persecuted, that is an Urban myth.

So often the best jokes are the ones that 40% of the audience miss.

4
0
Michael Wojcik
Silver badge

Re: The Ends of the World@ jake

I think you can add at least hens, cattle, sheep, probably horses, cats & dogs to that list.

And numerous species of plants, fungi, protozoans, etc. At least if the metric is something like population size or outlasting niche competitors.

If you want to go maximum Dawkins, you could argue that humans have been very bad for many genes (thanks to the various extinctions we've caused), but great for a lot of others. We've even moved some genes into genomes they never would have gotten into otherwise.

(Not that I'm recommending going maximum Dawkins. Even in an emergency, I can't recommend more than 0.7 Dawkins.)

3
0

Windows 0-day pops up out of nowhere Twitter

Michael Wojcik
Silver badge

I can't imagine there's a secure system in the world (e.g. military, etc.) that thinks it's a good idea to let a user run arbitrary code in any instance.

I don't know about "thinks it's a good idea", but I've seen a lot of supposedly "secure" systems1 - military, financial, medical, whatever - that let users run arbitrary code. Far more than the converse, in fact.

If you think systems that people claim are secure commonly impose these sorts of restrictions, I'm afraid you're being wildly optimistic.

1Which is a meaningless description anyway. Security isn't an absolute, and declarations of relative security mean nothing except in relation to a threat model.

0
0
Michael Wojcik
Silver badge

Why did he just throw it out on Twitter and not report responsibly?

While responsible disclosure is certainly more common than it was, say, a decade ago (and much more common than when Rain Forest Puppy published the original RFPolicy back in, oh, 2000?), it's hardly unknown for people to just throw vulnerabilities out on Twitter or other media. This one just attracted some extra attention because it came with a PoC and is fairly serious.

But subscribe to VULN-DEV, for example, and you'll see plenty of potential 0-days flowing by as people discuss whether there's something exploitable in a failure they've run across.

Responsible disclosure has costs, even if they're mostly cognitive load and opportunity costs; that's one reason why many companies have bug bounties. And working with PSIRTs and other disclosure-handlers can be irritating. I'm on a PSIRT myself, and we put a lot of effort into being polite and receptive. But not everyone does. I've dealt with some PSIRT types who are abrasive and dismissive.

1
0

No do-overs! Appeals court won’t hear $8.8bn Oracle v Google rehash

Michael Wojcik
Silver badge

Re: Oracle vs Google facts

For the matter MS had to cease its own copy of Java because it was violating Sun license, and was not compatible with "standard" Java.

They did not "[have] to cease". They just had to rename it. And that was a trademark violation, not a copyright one.

1
0
Michael Wojcik
Silver badge

Re: *nix is toast

I have no idea if Unix is moving with SUSE.

AFAIK, the UNIX copyright never belonged to the SUSE business unit. I don't see any reason why they'd be transferred with it.

The UNIX copyright is largely of historical (and, possibly, defensive) interest now. When Novell's ownership was confirmed in 2007, Novell said they weren't interested in pursuing infringement claims against anyone; I don't see any signs that ever changed, before or after the Attachmate and then MF acquisitions.

Of course, the UNIX trademark is owned by The Open Group, just to confuse things. (Originally it was licensed to OG, but at some point apparently they acquired it outright.)

2
0
Michael Wojcik
Silver badge

Re: "with one of the usual activist investor"

As for copying APIs, it's a damage only for lazy companies unable to innovate and desperately need to piggyback on someone else's work.

It's a pity you posted anonymously. This is sufficiently ignorant and foolish that we know we could disregard pretty much anything else you post.

Duplicating APIs is necessary for interpolation and emulation, to name but two of the important cases. Many operations take their names and parameterizations from outside sources (mathematical functions, descriptions of relevant algorithms, real-world names...), so corresponding APIs are "natural" and not substantially creative.

The CAFC panel fucked up (or, more cynically, did what they're there for - their record is not encouraging). SCOTUS should reverse.

4
1
Michael Wojcik
Silver badge

Re: "if their strategy had been different in the 80's"

If they had patented and fought to keep what they invented, then the existing market would have worked around them and maybe we'd have a more diverse hardware and OS market.

Indeed. In the early years of the IBM PC, there were a lot of 8- and 16-bit systems available, and some 32-bit ones (like the Fortune 16/32). IBM's marketing power and existing customer base, plus the market for PC clones,1 led to the eventual dominance of the IBM PC.2 But it could have gone much differently.

Even after the IBM PC had caught on, there were certainly moments when it looked like there might be serious competition. Pretty much everything else outperformed it in one way or another. Had Apple come out with a Mac II-style separate-display Mac sooner, or released a cheaper Lisa after the Mac rather than before it... who knows? A cheaper, more open DEC Rainbow might have had a chance. Xerox might not have screwed up marketing the Alto so very, very badly. And so on.

1It's important to remember that the IBM PC was not the only architecture that got cloned. Apple had Franklin, for example; it was Apple v. Franklin that led to the use of clean-room development for cloning the IBM PC BIOS. (And that's apropos this article, since it was a software copyright decision.) And there were open architectures such as S-100, which started as the Altair bus but was widely used by other manufacturers.

2Lynn Wheeler has argued (in alt.folklore.computers, I think, and no, I'm not going to search for a citation) that the PC's ability to serve as a 3270 terminal - first through third-party cards like the DCA IRMA, then with IBM's hybrid 3270 PC, and eventually with 3270 and TN3270 emulators over LAN connections - gave it a big boost for business adoption. Mid-level managers could justify getting a PC to replace their dedicated 3270 terminal as a way to be "more productive", and it became a status symbol. Having made inroads with the 3270 users, it would have become a standard piece of business equipment at the managerial level; that reduced demand for the typing pool, which gradually disappeared, making PCs necessary for all employees who created documents. I don't know of any methodologically-sound research supporting this, but it fits my anecdotal experience of the era.

3
0
Michael Wojcik
Silver badge

Re: "if their strategy had been different in the 80's"

It is the fact that IBM never put a patent on its toy that birthed the computing world we have today.

According to various sources, such as this one, IBM received nine patents for technology in the original IBM PC. It wasn't that much trouble to dig some of them up; see e.g. US4442428 and US4528626.

1
0

Windows 95 roars once more in the Microsoft round-up

Michael Wojcik
Silver badge

Re: 200Mhz

It was a P1 200MHz MMX (an upgrade over the 166)

I have a dual P1 MMX system down in the basement. Don't remember if they're 200 MHz or 166. Haven't powered it up in a dozen or more years; it probably wouldn't come up, now, and I doubt I have a compatible monitor or keyboard.

Destined for the next run to the electronics recycling place, I'm afraid. (I kept thinking I'd reuse the cabinet, but at this point that's clearly wishful thinking. Ditto the fine 1989-vintage AS/400 B-series cabinet I have.)

2
0
Michael Wojcik
Silver badge

Re: Windows 95?

I just can't wait for a port of the Millennium Edition ...

Hey, that piece of junk will make .5 past lightspeed.

5
0

Android data slurping measured and monitored

Michael Wojcik
Silver badge

Re: 'The nature of some data may also surprise. App developers receive your age and gender'

So leverage IS a verb

Of course it is. There are English speakers and writers who use it as one. In English, that's all that's required; English grammar is very flexible.

You'll never convince the prescriptivists of that, though. They live in a fantasy world where the gods hand down immutable rules of English usage that none may question.

1
0
Michael Wojcik
Silver badge

Strip it down to just the top banner and bottom-right square, take off all the tracking and you'll get whitelisted...

I wish the Reg would split the pointless-UI-candy scripts out to a different site, so I could bock just those. As far as I'm concerned, the post / vote / etc buttons are much more palatable as normal HTML than in their scripted versions. They bug me more than the ads, to be honest.

0
0

We can rebuild him, we have the technology: AI will help security teams smack pesky anomalies

Michael Wojcik
Silver badge

Re: "UEBA baselining with machine learning can adjust its worldview of a user's behaviour"

Yes, which is why this sort of thing is one of many components in a defense-in-depth strategy.

As there's no silver bullet, we have to make do with a great many lead ones.

0
0

Muslim American woman sues US border cops: Gimme back my seized iPhone's data!

Michael Wojcik
Silver badge

Re: Entering a country becomes more and more like entering a prison.

It[']s fine to be judgemental when you live in a developed country with a lot of freedoms but if you actually travel it becomes blindingly apparent that many parts of the world are much more stringent, and not necessarily fair.

Good, then we'll continue to be judgemental.

Poor behavior by other governments does not excuse poor behavior by the US. I'm mystified that a few people here seem to think that it does.

24
1
Michael Wojcik
Silver badge

Re: Entering a country becomes more and more like entering a prison.

Try visiting UAE after visiting Israel.

"Try visiting Mordor after visiting Orthanc."

Yes, that's a compelling analogy you have there. Perhaps some people hope for something a bit better? Like, oh, the rule of law, rather than just some abysmally low standard set by a repressive regime.

But by all means keep repeating it. You'll get the hang of arguing eventually.

14
2

Connected car data handover headache: There's no quick fix... and it's NOT just Land Rovers

Michael Wojcik
Silver badge

Re: Those "use restrictions" are often there ...

If someone uses it in a manor not consistent with the labeling

Stately Wayne Manor, for example, since those labels usually say something about not for use by costumed crime-fighters.

0
0
Michael Wojcik
Silver badge

Re: BIG FAT RESET BUTTON

When was the last time you rented a car, that's bluetooth enabled?

I have no idea. I rent cars a few times a year, but there is no way in pluperfect hell I would use the Bluetooth in one.

Ever tried to connect your phone.. and find others still in there?

Good lord, no. What an astoundingly bad idea.

2
0
Michael Wojcik
Silver badge

Re: This needs some input from the DVLR

This is an excellent solution for car manufacturers who only sell cars in the UK.

Those who have to deal with multiple jurisdictions may find it difficult to build a system that accommodates automated interactions with all of them.

1
0

SUSE and Microsoft give enterprise Linux an Azure tune-up

Michael Wojcik
Silver badge

It's doing just fine. You could have easily found that out. The quarterly and annual reports are public, you know, and SUSE is (still) an independent business unit of MF, so its numbers are separated out from the totals.

0
0

Gartner's Great Vanishing: Some of 2017's emerging techs just disappeared

Michael Wojcik
Silver badge

Re: I wish Gartner would Vanish!

Edge Computing is alive and well.

So is Machine Learning, for one. Presumably things can disappear from the Emerging Tech report because they have, in fact, emerged, and are now lounging about comfortably in deck chairs, having decided to skip the other stages.

0
0

Et tu, Brute? Then fail, Caesars: When it's hotel staff, not the hackers, invading folks' privacy

Michael Wojcik
Silver badge

Re: Offer of resignation?

That's not an offer of resignation, that's a threat that things will be worse if you push him out.

The beautiful thing is that it's both. It's a fine bit of rhetorical maneuvering. Beats the Caesar's statement by a few thousand points.

2
0
Michael Wojcik
Silver badge

Re: "Et tu Bruté"

It's "ensured", not "insured".

Are you sure? I think OP was going for "assured".

1
0

The future of humanity: A Bluetooth ball hitting your face – forever

Michael Wojcik
Silver badge

Re: Crikey! This is still a thing?

I've never played it myself (as I find pretend slavery and cockfighting a bit disturbing), but I have quite a few family members and friends who do. There was "community event" here (everywhere? I don't know how these things work) weekend before last, and I wandered about the town square with my kid, her family, and the neighbors for a couple of hours while they did ... whatever it was they did. Everyone but Granddaughter Minor and I participated. (GMinor, at 14 months, is not yet proficient. GMajor, who has recently passed the 5.5y mark, was fully on board with it.)

My vague understanding is Pokemon Go has toned down the gladiatorial aspects of the franchise, and I can attest that many of the players are good people and not all are obnoxious electric-scooter-riding hipsters. So I don't complain. But this ball does indeed sound like a marvelously stupid idea.

3
0

DXC Technology asks field-based techies if they'd like to leave

Michael Wojcik
Silver badge

offshoring every possible role

I suspect (particularly based on that "digital offerings" bit in the memo) that they're also trying very hard to eliminate workers by automating as many roles as possible.

2
0

Facebook Messenger backdoor demand, bail in Bitcoin, and lots more

Michael Wojcik
Silver badge

Re: Animoto

gender is definitely nothing of their concern

Sure it is - it's demographic userbase information for marketing. "Looks like our users are 97% male. Target venues with predominantly male users for upgrade advertising, and female-predominant ones for ads aimed at new users."

True, it's not a technical concern. But that doesn't mean there's no reason for the organization to solicit that information.

You might not like it. I might not like it. We might both feel they could damn well do without it. But there's a reason for it.

2
0

Forums

Biting the hand that feeds IT © 1998–2018