* Posts by Nick Ryan

2202 posts • joined 10 Apr 2007

Scissors cut paper. Paper wraps rock. Lab-made enzyme eats plastic

Nick Ryan
Silver badge

Re: I found out how to "recycle" PET bottles years ago.

The downside of many plastics, and many other packaging materials, and one of the reasons for shorter "best before" ("use by") dates on stuff that one would expect to keep for longer, is that the packaging material may (very) slowly disolve into the what it's holding, and sometimes the other way round as well. While a certain amount of this is expected, too much and the contained product is considered contaminated. This is one of the reasons behind much of the laminated, multi-material packaging which can't be separated and therefore can't be reasonable recycled - the laminated layer protects the content from the packaging.

It is something to beware of if you reuse plastic "disposable" bottles for too long - eventually they will contaminate what you're storing in them.

1
0

Whois is dead as Europe hands DNS overlord ICANN its arse

Nick Ryan
Silver badge

Wow! Erm, you may need a sponge or something equally absorbent to mop up the foaming.

The US invented ARPANET, the forerunner of the Internet in order to create a packet based network that linked cities and other sites and was resilient enough to automatically route safely around failing, or failed, routes - in other words, a multi-link network rather than the usual ring or star topology. ARPANET was developed (funded) by the US military and various US academic institutions. From there the non-military (academic) side developed rapidly into an international collaboration and evolved into what is now the Internet, with many of the underlying technologies and protocols transferred over. DNS, for example, only appeared from 1983 - and DNS and the infrastructure and support around it is why the TLD companies exist. Many of the underlying technologies and protocols that we still use had their origin in international academic collaborations - so while you are correct, to a point, that the US (or America in your terms) built the Internet, they only started the process, not created it all.

Nobody is saying that WHOIS is illegal, what is happening is that the operators of it have to adapt to a changing market. A market, incidentally, where the majority of it exists outside the physical borders of the US. Changes to rules and regulations happen all time, how about a couple of US gems: Sarbanes–Oxley and Dodd-Frank - both far reaching US acts brought in to try and reduce the damage through financial manipulation and corruption. US, and many international, organisations have had to change and adapt their processes to take into account these acts. Are you saying that they shouldn't have to because, in your mind, nothing should ever change? Or that because there wasn't a specific law against it, that it was alright to destroy evidence and falsify information X years ago and therefore is OK to continue doing so now?

Also, ignore the idiotic "American intelligence" information sites... there are very few monarchies left on the planet and having a titular head of state (compared to a corrupt orang utang) does not make a nation a monarchy. Most are considerably more democratic than the US.

6
0

British government to ink deal for yet another immigration database

Nick Ryan
Silver badge

Re: How does one get a slice of this pie?

Is there a secret club that one must be a member of, which allows access to this trough of cash that all these incompetent outsourced companies have their noses in?

The club itself is not a secret. All you need to do is be a member of, or a large donor to, the conservative party. Keeping this secret is advised due to the public disgust that this engenders. Either having no shame, for example through previous experience working as an estate agent or the Daily Mail group, or posessing a severe reality dysfunction, is a strong advantage in case membership becomes public.

0
1

The true victims of Brexit are poor RuneScape players

This post has been deleted by a moderator

Nick Ryan
Silver badge

Re: "Jagex did not say exactly how Brexit will up its costs"

The longer we sit around arguing instead of making proper valid plans for the future, the worse brexit will be due to poor planning

Unfortunately it's rather more complicated than that.

The brexit referendum: was only advisory, omitted a large number of otherwise normal UK voters and was a straight yes/no question where the issues were rather more complicated.

The issue was compounded by some very rich people who felt that the EU's aim for more transparency, higher levels of equality and employer rights were directly impacting their personal finances. These people, through virtue of being very rich, have a lot of influence, effectively controlling mainstream media and therefore, through a long period of sustained lies (no - this is not emotive, this is fact) influenced a large enough number of UK voters to vote their way - usually using the racism card but also spreading lies about the negative impact of EU rules on the UK and the UK's soverignty.

A lot of people were/are dissilusioned with UK politicians and used this as a protest vote, not realising that the EU's incoming and planned rules were to make politicians, EU-wide more accountable and politicis more transparent. How many criminal expense claims and similar events should UK politicians be able to brush over compared to how almost everyone else in the UK would find themselves jobless and in court?

For the normal person, there are absolutely no benefits to be gained from leaving the EU - in fact, there are many, many disadvantages. For the very rich, the benefits are there through reduced employer rights and reduced (safety) regulations - neither of which benefit anyone else.

All of this compounded by various illegal actions that took place and were arranged by prominent UK individuals. Laws around the transparency of the UK political process are there for a reason, bypassing these and influencing results illegally is a real offence against democracy. Unfortunately the perpetrators seem to be able to brush off anything they like, despite all evidence to the contrary.

32
14

Gmail is secure. Netflix is secure. Together they're a phishing threat

Nick Ryan
Silver badge

Re: TL;DR but what is it with ****ing developers

Names are often implemented extremely badly (and this schema promoted through training), where names fields are recorded in the database as "Title", "First Name" and "Last Name". This then introduces a whole word of pointless pain with validation and formatting where what is often really required is "Full Name" and "Salutation". Many non-English(ish) derived cultures don't have a concept of first name and last (family) name, many don't use them in the same order for full names and salutations and the minimum length of either component is often zero.

I haven't come across a situation where my last name is rejected for length reasons though, and mine is four letters long. I am the custodian of a "medium" size database where I have just checked and the reported minimum stored length of the surname component is one letter.

3
0

T-Mobile Austria stores passwords as plain text, Outlook gets message crypto, and more

Nick Ryan
Silver badge

Re: T-Mobile

Very much like banks that are so "secure" that they insist on certain characters out of the extent of your password. In other words, they have the thing in plain text in order to compare individual characters.

There is a good reason that other systems, which are operated by people with a clue about security, do not do the same.

5
3

Spring is all about new beginnings, but it could already be lights out for Windows' Fluent Design

Nick Ryan
Silver badge

Re: Same old, same old...

Microsoft have long form for ignoring their own policies and guidelines. From where the put data files (hint: never in the windows or program files paths) all the way through to ignoring regional settings when it suits them (everyone is American) and of course the user interface guidelines. At one point in time, Microsoft clearly put a lot of thought and work behind their user interface guidelines, only for the rest of Microsoft to utterly ignore them.

Office: The damn thing includes it's own window rendering mechanism, utterly bypassing the Operating System. Seriously, a shitty application (set of) from the same vendor as the Operating System choosing to ignore the Operating System and to render the application how it feels. With some exceptions, an application should adapt the display to fit that if the windowing environment it sits in, however Microsoft's Office applications choose not to do this and instead recreate the damn UI from scratch every time - with the usual inevitable results of inconsistency and inefficiency.

UI design: As a crass generalisation, if the user has to think (or worse, refer to instructions), then the UI is a failure. Unfortunately Microsoft have taken this to heart so much that there is no bloody user interface left to think about because there are no functions remaining that the user can interact with. Microsoft also pioneered moving "mystery meat navigation" into the Operating System, replacing buttons with weird hieroglyphs with hover-over text that may or may not show (and never shows in a touch controlled system) all the while keeping much of the functionality as non-customisable (i.e. unable to be sensibilised or rationalised by default) and removing choice from the user. One of the other key aspects of a good UI is consistency... and Microsoft fail on this in pretty much every place they can - through control order, text use, buttons vs weird non-links, ignoring the user's configuration with regards to which fucking web browser to use (sometimes), window behaviour (the control panel replacement apps are sort of the same application, navigating to one closes another, except when it doesn't), the two start menu search interfaces (not least: no, I do not want to now, nor ever to, user cortana). /rant

Windows XP: An old one (but a fine example of Microsoft stupidity), but rather than extend and enhance the windowing functions in the Operating System, Microsoft chose to overlay a new skin on top. A feat of pure genius that entailed an application's windows being drawn twice: first in the default, underlying (Win2000) look and feel and then to draw over the top the Windows XP look and feel. This stupidity didn't cause problems at all [sarcasm] and was exceptionally daft because there were third party applications available at the time that would intercept and replace the standard windows drawing calls and replace them with different ones all without having to draw the windows twice.

6
4

2001: A Space Odyssey has haunted pop culture with anxiety about rogue AIs for half a century

Nick Ryan
Silver badge

Re: Headline?

Spaceships (well, space stations) are noisy, in the same way that server and air-con rooms are noisy, with the added disadvantage of there being no solid ground to act as a dampner of the vibrations.

https://www.airspacemag.com/ask-astronaut/ask-astronaut-it-quiet-onboard-space-station-180958932/

12
0

For some reason, you lot love 'em. So here are the many ThinkPads of 2018

Nick Ryan
Silver badge

Keyboard?

The arses still have the damn Fn key in the wrong place. Seriously, when going from a normal, standard keyboard to one of these cretinous things the dumb-arse placement of the Fn key in place of the Ctrl key is infuriating. Probably OK if you're a two thumb keyboard poker but for anyone else...

Almost as cretinous as setting the alternative actions of the actual function keys to to be the default. No, turning off laptop WiFi with a single keypress is not a useful feature. None of the other alternative actions are immediately useful either.

They are generally solid, if unglamarous, machines though.

11
0

Wanna work for El Reg? Developers needed for headline-writing AI bots

Nick Ryan
Silver badge

Meh. I'd consider applying however as I'm likely to be up against AManFromMars I really don't see that there is any point in shaming myself.

14
0

Shaking up the Nad Men: Microsoft splits up into 'cloud' and 'edge'

Nick Ryan
Silver badge

Silos...

There's a point here, possibly finally appreciating that all the pathetic silos aren't helping Microsoft's business and products. And then they go create new and different silos.

It would help if Microsoft's products were consistent and they concentrated, for once, on bug fixes, performance improvements, and filling in all the shoddy gaps in functionality and manageability that make (attempting to) manage Microsoft software deployments a right royal PITA. When they can't even get their own (new) PowerShell management modules to act appropriately (i.e. blat our warning messages despite warning messages being suppressed using the commands attributes) then what hope have they even got for actually being remotely consistent or even supporting everything with PowerShell. Currently it's a nice idea, considerably better than it was, but still woefully incomplete and annoying and often just randomly unreliable - especially in the hybrid/cloud stack.

11
1

Take the dashboard too literally and your brains might end up all over it

Nick Ryan
Silver badge

Re: All a dashboard should do

Or the other gem: not show the mispelt "tire", just some hieroglyph that even when you find the arbitrary symbol out of the hundreds in the "manual" still doesn't mean tyre. So the next step is to bring up the in-dash information system, find the correct section and then it will, entirely unhelpfully, tell you that one of the car's tyres has a pressure warning. There is, of course, a separate sensor in each wheel so it knows which bloody tyre has a pressure warning but it won't tell you which one of course, because that would make it easy. Similarly it won't tell you what the expected pressure is alongside the current pressure because that would make life far too easy as well.

0
0

User fired IT support company for a 'typo' that was actually a real word

Nick Ryan
Silver badge

Re: One of my spall chuckers ...

Your first mistake is thinking there is a worthwhile date worth celebrating called "St. Patricia's Day" or "St. Burger's Day". No wonder your Speel Chuckler was trying to change it: Paddy not Patty

30
0

UK smut overlord declares age checks should protect users' privates

Nick Ryan
Silver badge

Re: What have I missed?

The BBC has a slightly more clear page on what is legal and what is not when it comes to under 18s (as of 2007): http://news.bbc.co.uk/1/hi/uk/6598867.stm

1
0

We need to go deeper: Meltdown and Spectre flaws will force security further down the stack

Nick Ryan
Silver badge

Re: Security is not something that can be patched in later

True, if optimisations aren't implemented with security timing exploits in mind then they will affect whatever chipset has them. However I didn't claim the x86 was the only instruction set suffering from these problems, it is the most prevalent and obviously impactful one (especially given cloud and shared host use in general) and my point is that the entire PC (WinTel) execution stack was cobbled together with security only tacked on as a last minute afterthought.

3
0
Nick Ryan
Silver badge

Security is not something that can be patched in later

/sigh

Security is not something that can be patched in later

Read. Then read again.

Either design security in from the start or expect a lifetime of ball-ache problems such as are those now being discovered in x86 (and by extnension AMD64 instruction set) processors, similar to what have been repeatedly cropping up in the higher application layers for years. The techniques used in the Meltdown and Spectore exploits is very similar to those used to attack websites and web applications. The PC has evolved from a standalone system with a single administrative (trusted) user running a single process to a networked system running multiple processes, with different users and different access levels. Unfortunately all of this was bodged on top and not designed in from the start. Expect pain, expect a lot of it and expect a lot more to come until things are rather radically changed to support security from the bottom up.

13
0

Fleeing Facebook app users realise what they agreed to in apps years ago – total slurpage

Nick Ryan
Silver badge

Re: well

Precisely.

The (Android) facebook app was plainly written by fuckwits who had no idea how to write any form of application - which almost certainly explains why they never got HTML5 features working either and the performance of the application sucked every shade of egg. What was especially annoying was that the likes of Samsung pre-installed the PoS and marked it as an unremovable system application.

As for the facebook messenger app - the data slurp was so pathetically ridiculous that I never installed it on a mobile phone. On a WiFi only tablet, yes, but not on a phone. Bloody thing barely works now, of course, because Facebook insist on SMS verifications for nonsense stuff and I am *not* about to give them mobiles numbers voluntarily.

Facebook have also "cleverly" managed to bork their web pages such that it is impossible to write anything or send a message using with them and to instead have to use an app. Use a different browser (with a desktop like UA identifier) and suddenly everything works fine on a mobile device. Who'd have thought eh???

All of which is moot, of course, because conversation is by definition between two parties and all it takes is some real life individual to have my personal details stored and to use one of the facebook apps and my details are now hoovered up regardless of my consent.

The writers of GDPR were (mostly) a wise bunch. Sorry left pondians but your regime, that treats all personal data as the sole property of whatever corporate entity happens to have a copy of it, is going to have a rough time shortly...

15
0

Corking story: Idiotic smart wine bottle idea falls over, passes out

Nick Ryan
Silver badge

Re: "wine still comes in glass bottles after more than 2000 years."

I remember reading something about the colour of the wine bottle making a difference when it comes to keeping the wine. Can't find it now, of course...

0
0

Five things you need to know about Microsoft's looming Windows 10 Spring Creators Update

Nick Ryan
Silver badge

Oh, and while you're at it, stop fucking with my settings

In particular: stop re-installing fucking American as a keyboard/UI language and setting it as the default.

2
0
Nick Ryan
Silver badge

Re: Business as usual

IMHO, more Windows 2000. Windows XP added a huge amount of inefficiency, annoying activitation processes and bloat that wasn't required. Some things were improved in Windows XP, of course, but it was largely a skin and UI inefficiency upgrade to Windows 2000 and not a new version of anything.

3
0

2 + 2 = 4, er, 4.1, no, 4.3... Nvidia's Titan V GPUs spit out 'wrong answers' in scientific simulations

Nick Ryan
Silver badge

Re: Are they using the wrong datatype?

Aside from Horridbloke's point about repeatably, probably not. There are many use cases for floating point datatypes as long as the accuracy level is understood and operated within. For example a certain floating point type may be accurate to 15 decimal places and therefore calculations should be accurate to the same. Although the reality is that if you want accuracy to 15 decimal places then you need to work with accuracy at least an order or two beyond this. The same is true for financial calculations: if you want accuracy to two decimal places then either store and process everything with accuracy to three or four decimal places or perform repeatable rounding in sub-totals and uses these values for grand totals, not separate calculations.

5
0

Windows Server 2019 coming next year and the price is going up

Nick Ryan
Silver badge

A cynical person might suggest that it's another thinly veiled plot from Microsoft to coerce users from purchasing MS server and to instead to move to the rental cloud model instead.

1
0
Nick Ryan
Silver badge

"you cannot switch between them without a wipe/reinstall"

If you install the GUI version to start with you can then remove and re-add it the GUI. But yes Server core doesnt support a GUI.

When did you try this? With the beta release or the RTM version? This was a function that was removed from the RTM version.

2
0
Nick Ryan
Silver badge

Why are you using a GUI on the server anyway. You should be using a golden host and remote admin tools or Powershell.

nb - by default Server 2016 doesn't have a GUI. You have to choose to install it.

Because lots of retarded server applications require that the full desktop bloody experience version of server is installed so they can install and operate. Microsoft applications, not just 3rd party ones.

Also, you don't chose to install the Server 2016 GUI, unlike server 2012 you install either core or the desktop experience version, you cannot switch between them without a wipe/reinstall. The recommended install of Server 2016 is the core install, the required install of Server 2016 is often the desktop experience version.

6
1

CTS who? AMD brushes off chipset security bugs with firmware patches

Nick Ryan
Silver badge

Re: Downgrade attack?

I guess it must be a matter of perspective but once something _is_ potentially a spy tool I don't care whatsoever whether it can or cannot be anything else. I just want it off my system.

That would be pretty much everything then? Pretty much everything is potentially a spy tool.

One has to have a level of trust somewhere, but swivelling eyes and tin foil hats don't do much and it's usually the simpler spy methods that are still in use because they are easy and still work.

Are you so worried about keyloggers that you vet the OS and track what happens to every key press and where the message is relayed, including checking canary network traffic to see if key presses affect it in unexplained ways? That's nice, all it takes is a USB key logger which passes through the USB identification and includes a dirt cheap 3G mobile comms chip in it and all that effort is for nothing - these kind of USB key loggers are disturbingly common and nothing in the OS will be aware of it. This is just one relatively rare tech example and the most likely route of loss of data is still the human factor. i.e. printing the data and not destroying it appropriately, copying the data, just having weak passwords (who needs to hack a system and go to all that trouble when somebody has a weak password or shares it?).

6
0

Windows 10 to force you to use Edge, even if it isn't default browser

Nick Ryan
Silver badge

Re: And from a recent El Reg article...

More Edge users use Bing than other browser users, proportionally. If we increase Edge market share; we increase Bing market share.

Well I guess that is easier and quicker than making Bing a better search engine....

6
0
Nick Ryan
Silver badge

Re: Fucking idiots

Unfortunately the Microsoft marketing drones missed a word in the sentence...

"...Edge is the best, most secure [Microsoft] browser on Windows 10."

This is not aiming high.

25
2

It's Pi day: Care to stuff a brand new Raspberry one in your wallet?

Nick Ryan
Silver badge

Re: Dates

But what is the official definition of a "fuck-ton"?

I believe that it is approximately 11 fuck-loads. I have yet to receive a clarification as to whether or not a fuck-lot is the same as a fuck-load, I suspect not.

0
0
Nick Ryan
Silver badge

Re: Dates

@Cuddles: It doesn't matter what the letters technically stand for, it's a simple naming convention that is well established and easily understood - 12AM is midnight, 12PM is midday.

It does matter because there is no "simple naming convention that is well established and easily understood". Actually, that is a lie: there is and it's called the 24 hour clock and it is was created for almost exactly this reason.

In context it is usually possible to figure out whether 12am or 12pm are referring to midday or midnight (whichever one), however your arguments about the "naming convention" are just wrong, there isn't one. 12pm is arguably as much midday as it is midnight. After all, 12pm is at the end of the rest of the pm times (11:59pm => tick => 12:00pm) therefore it is obviously midnight isn't it? Except that you're claiming that it isn't...

2
0
Nick Ryan
Silver badge

Re: Dates

Don't forget their insistence in using 12Hour clocks on transport along with AM/PM...

Yes, I fell for it once and arrived 12hours early for my flight from Boston to St Louis.

They also write dumb computer systems that output values such as 12:00am and 12:00pm. There is no such time as 12:00am or 12:00pm and when (ab)used it's then a fun game of trying to guess if 12:00am or 12:00pm is midday or midnight.

"am" is before the meridian. "pm" is after the meridian". Midday is the meridian therefore 12:00 midday cannot be recorded as being either before (12:00am) or after (12:00pm) itself. Midnight is exactly the same amount of time before the meridian as it is after the meridian therefore it makes no more sense to try to write 12:00am or 12:00pm meaning midnight either.

For example, "Tuesday 12:00am": is this "Tuesday 00:00", "Tuesday 12:00 (midday)" or even "Wednesday 00:00" (effectively "Tuesday 24:00" even though 24:00 isn't valid). Midnight Tuesday doesn't make much more sense either as it's contextual if you consider this the very start of Tuesday or a sliver of time past the very end of Tuesday.

The same logic works for +0 and -0 which I still see on occasions... although Microsoft did eventually fix this in the windows calculator.

54
4

Office junior had one job: Tearing perforated bits off tractor-feed dot matrix printer paper

Nick Ryan
Silver badge

Re: out of paper!

I had forgotten all about witnessing an almost identical situation... strange how such things are blotted from one's mind!

1
0

Brexit in spaaaace! At T-1 year and counting: UK politicos ponder impact

Nick Ryan
Silver badge
Flame

Who cares? We can make the exceedingly rich even richer, trash society, stamp on the down trodden and even better we get to blame "forrners" for it all. As long as we can still afford to pathetically wave around some (tariff free, made in China) Union Jack flags (amended to exclude NI of course, and let's forget Gibraltar as well) and have blue passports, which we could have had any time we wanted, what does it matter?

Stop thinking of the children! Let's destroy the country for them...

36
6
Nick Ryan
Silver badge

He is absolutely right. Such a pity we have the wrong people in the wrong room with the wrong drivers and the wrong mindset.

What's a real pity is that in the UK we celebrate, every year near the beginning of November, somebody's historical failure (in an appalling way) to fix this.

Yes, I know the comparisons aren't equal, but it's still the wrong people, in the wrong room...

24
1

Windows Mixed Reality: Windows Mobile deja vu?

Nick Ryan
Silver badge

Re: Pointless

Yep, ultimately that "better technology" will come in the form of AR contact lenses or retinal implants. Today's AR/VR hardware is on the level of Babbage's Difference Engine compared to the biggest super computer available today.

I like sci-fi as well, but AR contact lenses just won't happen due to the human eye being unable to focus on something that close particularly with the brain attempting to resolve the spatial distance and detail in conjunction with focus and micro eye movements. This is quite apart from technological problems such as the lenses needing to process the incoming image in real time in order to overlay content onto it. Which is a shame, but it's the way things are. Images being projected onto a len from worn classes is another option however that's barely a step away from just having "smart" glasses in the first place...

Retinal implants may bypass some of these restrictions however would involve some frankly scary level of nanotechnology, power distribution and processing workloads - not scary in the grey-goo nonsense scary.

0
0
Nick Ryan
Silver badge

Re: Pointless

AR/MR are interesting (and fun tech) but in niche only. Forcing this crap onto every instance of Win 10 and making it unremovable except using arcane PowerShell scripts is additionally moronic, and typically Microsoft.

Trying to pitch it at board level just doesn't work either: We are still printing out paper reports for a reason and given the ease with which these can be scribbled on and the flexibility of reading this will continue for quite some time.

7
0

Fun fact of the day: Voice recognition tech is naturally sexist

Nick Ryan
Silver badge

Re: Telephonists

Telephones, i.e. landlines, have a very limited frequency range therefore there may be some truth to this.

3
0

OK, deep breath, relax... Let's have a sober look at these 'ere annoying AMD chip security flaws

Nick Ryan
Silver badge

As a broad genalisation, good security must be place in from the start, attempting to retrofit security almost always fails.

The "WinTel" platform started from a stand alone, single process, single privileged user platform to one that is now networked, has had multiple users and multiple concurrent applications added with security tacked on top almost as an afterthought. I don't really consider these failures malicious, more a symptom of how the platforms (processors, chipsets and operating systems) evolved and what they evolved from.

5
0

UK digi minister Hancock suggests Facebook and pals give your kids a time-out

Nick Ryan
Silver badge

Re: PIcking Holes In This Idea

In this case, and with pretty much anything else Hancock spews out, it is far quicker and easier to highlight parts that are not flaws.

16
0

UK data watchdog's inaugural tech strategy was written with... *drumroll* Word 2010

Nick Ryan
Silver badge

Re: in fairness

I'm defending my Office2010 install against the hoards of IT support - it's the last version of Excel that doesn't do cutesty little fruit machine animations when it updates a cell FFS

Have you tried googling how to turn off Excel animations? There's a registry key that does the trick:

Computer\HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Graphics\

DWORD: DisableAnimations = 1

You may need to create the Graphics Key and you'll almost certainly need to create the DWORD value. Replace the 16.0 with 15.0 for Office/Excel 2013.

4
0

British clockwork radio boffin Trevor Baylis terminally winds down

Nick Ryan
Silver badge
Pint

Re: Men In Sheds

A proper boffin - if ever there was a stereotypical one.

19
0

So the suits swanned off to GDPR events leaving you at the coalface? It's really more IT's problem

Nick Ryan
Silver badge

Clause 15 of the GDPR excludes data that is not stored in a specified structure (reading and re-reading this clause can give you a headache) however the general intent is that just because a document contains personal data does not necessarily mean that it is covered by the GDPR.

Logs are an interesting one as they are a historic record of fact. If you process the data with the intent of filtering by user then in some ways they are covered by the GDPR, however if the logs are not structured in a specifed way (this is where it gets fuzzy) then they are not.

1
0
Nick Ryan
Silver badge

It should be, however this is GDPR and if there aren't idiot consultants running around fleecing companies of their cash and telling them just how hard GDPR should be it, would, well, be sensible. These goits also insist that the "right to erasure" should mean that there is no record whatsoever of the data subject left anywhere and this includes a "delete list" in case of restore from a backup.

4
0
Nick Ryan
Silver badge

So, if you've got a few years of backups and someone requests that data is deleted do we have to go through all of the tapes... even more fun would be if its database backups.. restoring and then extracting the data from every tape would be a nightmare

You will find that many "people" are still hopelessly confused by the unfeasiiblity of removing data from backups. Technically, it is possible, as in restore every backup to a machine environment capable of understanding the data structures (both in database and application terms including all business logic) and then removing the offending data and then rebacking up the data. Vaguely feasible for a single record, however muiltiply this by multiple indepedent executions and many backups and likely changing application environments over time and it rapidly becomes impractical. While there have been some clever-ish work arounds relying on each data row being encrypted independently and therefore all you have to do is to forget the key to lose access to the data, this then relies in separate backup schemes for backing up these therefore it just moves the issue - along with making standard data access impractical.

6
0
Nick Ryan
Silver badge

Re: ITs job but not IT's problem

It was a joy for me to attend a presentation on GDPR by someone at Irwin Mitchell and hear that the IT Manager (me) can't be in overall charge of GDPR :D

That's a typical example of the level of stupid and incompetence that is flying around in the data protection space.

The real situation is that the role of DPO should not be given automatically to the IT Manager - it typically was in the old DPA scheme. The role of the DPO should be given to an individual who has a thorough understanding of how the organisation works and (and this is really important) has a thorough understanding of data protection. If this happens to be the IT Manager, then this is fine. If another individual is more suited then this is fine as well. One very important point is that the DPO must not be involved in the day-to-day processing of the dataset. Unfortunately this is where terminology stupidity comes in, because technically just storing the data, or facililating the storage of the data, means that an IT Manager is often seen as a processor of the data.

5
0

23,000 HTTPS certs will be axed in next 24 hours after private keys leak

Nick Ryan
Silver badge

Re: Wow, glad I had already ditched those certs a while back

I got fed up of the process and scripted the entire damn process using PowerShell and Let's Encrypt ACME interface. It's a pain, largely due to the totally inadequate, usually no, documentation but very easy once in place and I now have a system that can verify the deployment status of every certificate in use.

Now if only Microsoft actually implemented adequate certificate management in PowerShell without having to piss around calling external IIS utilities and arcane dead-chicken-waving context spaces...

3
0
Nick Ryan
Silver badge

Re: It affected me

Precisely. I work on the principle that the lower risk to the organisation is that the fewer people who have access to the private key the better. While it has a certain risk, that boils down to me, with instructions on how to access it if I leave or are otherwise unavailable long-term or permanently. This means that none of our developers, IT support agencies, finance staff or anyone else have access to the private key. If required I may install a copy on a server but that's done by myself and nobody else but does require trust in the server itself which is a weak point in the grand scheme even if relatively low likelihood of risk.

It's not kingdom building or protectionism, it's just a suitable level of paranioa. This way if (and I always work on *when*) the key escapes I have just myself or what I do, how I do it or where I do it, to investigate.

4
0

Desktop PC shipments dip below 100m/year

Nick Ryan
Silver badge

Market Saturation?

Or are the finance monkeys still under the daft delusion that perpetual growth is possible?

7
2

Intel didn't tell CERTS, govs, about Meltdown and Spectre because they couldn't help fix it

Nick Ryan
Silver badge

Re: It makes you wonder ..

If you've had much exposure to vulnerability exploitation at higher levels, e.g. website URLs and query/SQL timing responses, then these chipset exploits are largely an extension of similar processes. This kind of thing is very obvious after the fact, but somebody needed to make the connection and apply very similar techniques to a very different part of the execution stack.

I nearly feel sorry for Intel, however Intel have dominated their market position and have such resources that not considering these factors is pretty unforgivable given the world's reliance on their technology. I'm not a conspiracy nut therefore I don't believe that were any malicious intents in the implementation, just that the chip designers did not know enough and were not exposed to enough security techniques to consider their implemenation. After all, in all normal operations the data is "safely protected", it's just that there are timing side effects due to execution operations and optimisations that while they don't directly expose data, the timing difference between a cache hit and a cache miss can be used to infer the protected data value.

Did Intel engineers cut corners in the name of security? In many ways, they didn't. Their job was to make the chips execute instructions as fast as possible however their failure was in not appreciating that the difference in timing between a cache hit or a cache match which could be used to infer the actual data value. AMD chips generally performed the security check before the data comparison, Intel chips generally performed the security check after the data comparison and it's this execution difference that explains some speed differences between the two vendor's chips and the timing exploits that can be used to derive the content of otherwise protected memory.

Now that these techniques have been exposed, there is focus on exploits at this level and I expect to see many more rear their ugly heads. Meltdown and Spectre are just for a single chip exploit, the checks become even more complicated and, potentially expensive in execution times, to rectity when cross-chip exploits come into play.

The only real, long term fix, is a fundamental reconsideration of processors and processor design taking into account security from the start rather than as an afterthought tacked on at the end - this never works for any system.

2
0

Amateur astronomer strikes it lucky with first glimpse of a Supernova

Nick Ryan
Silver badge

Re: My Precious...

Eeek. In honour of it being a Friday, and just being naturally curious I stupidly googled 16" telescopes. There's some serious range in prices out there with the more motorised versions being £20k but the manual ones being close to £1.5k.

While I had an idea that the bigger the telescope the more important it is that they are manufactured to high specifications (and field correctable) but I didn't appreciate that one also had to be very careful to ensure that the components, eye lenses, camera lenses, etc were all at stable temperatures. Makes sense when you learn this, of course, but not what would have been at the front of my mind.

But it's a wasted day if I don't learn something...

4
0

Forums

Biting the hand that feeds IT © 1998–2018