Re: Get Informed
Giant drop bears. Giant black and white drop bears.
2398 posts • joined 10 Apr 2007
Certainly anything from Samsung anyway. They have corporate amnesia about most of their devices from around six months from first release for many of them... But then I've yet to figure out quite they need so many models.
Case in point: Samsung phone bought last November. Security patch level: 1 November 2018.
Well, apart from the MPs who have been caught with porn on the "work" computers and when challenged either chose to lie about not knowing how it got there or blame it on somebody else having their password. So we have an MP that is either a liar or cares shit all about security and gives their password away? Or, probably both really...
Well, of course:
They will require visitors to prove they are over-18 in order to access a site where adult content makes up more than one-third of the material.
Is total bullshit, but then we should expect nothing less from our vacuous Daily Mail touting lizard-wannabe ruling classes... Various metrics have to be taken into account:
We had to do something similar on a 4GB drive because some bits of software could only cope with up to 2GB free space and anything higher than that wrapped around to become negative space. So we bought a 4GB drive filled it past halfway with empty files and waited until we could remove them...
It's Gartner. The only interesting thing about a Gartner report is trying to guess who paid for the worthless thing. OK, it's not technically entirelly worthless as some mug organisation paid Gartner to "prove" or "demonstrate" how their products are useful therefore it has some value... and some "impressionable" (I'm being nice here) PHBs still believe Gartner reports.
Yes, they are considered Personal Data because they identify an individual. There is a bit of fuzziness around business to business communications particularly as firstname.lastname@example.org would relate to an individual, it's the context and exposure that is important.
...and yes. El'reg should have done the correct thing and obscured the email address.
Try being in the crossover period when students were being lied to about the loans not being, and never going to, replace student grants.
They were touted as a "top up" to allow a student to live between terms during which the grant was meant to provide all the money that a student needed. Except for the slight hitch that due to the disparity between grants and hall fees many a student would have been left with £10 a term for everything else (not at all Uni's of course).
What type of sour dough artisan toast are you having today? :)
A real killer is the infernal WinSxS directory which merrily chews up many GBs of storage of duplicated files. In theory the "disk cleanup" process can tidy this, however this often doesn't clear up much beyond a few GB.
The "disk cleanup" is also not available on servers (Win 2016) without installing the cluster fuck of rubbish that should never be on a server that comes with the "desktop experience" package. However there are workarounds to manually install just the "disk cleanup" application itself.
A photo, or a fingerprint, is an identifier. These are not suitable replacements for a password, they are, however, suitable replacements for a user identifier. By all means use these in addition to a password but they are not replacements for a password; They do not and can not adequately replace something that is secret.
But whatever... hollywood movies and all that can't be wrong can they?
Reminds me of a very similar issie in a previous life / company we supplied AV PCs that went into pubs, clubs and so on. In one of these clubs within a shopping complex the supplied PC just kept failing with disk errors and this problem kept reoccuring even with new replacement systems. We even tested one replacement system in the office for three weeks before deploying it to site at which point it failed with data errors within a couple of days. After too many site visits we lucked out and saw an electrician working on the site. It turned out that the particular innocuous looking pillar, there were others that looked the same, that the DJ console was built around, and the PC was sat next to, had the three phase supply for the complex running through it and with the short distance and inadequate shielding the data on the hard disk was being corrupted. We moved and rewired the PC to a different cupboard and this stopped the problem.
Spec-ex is where the performance gains are. Why? Because OSes like windows and the applications that run on them aren't sufficiently parallel therefore serial processing speed has to be concentrated on even with the burden of context switching.
The difference between, for example, Intel Atom processors without spec-ex and Intel chips with spec-ex is quite phenomenal and a testament to the succes of the technique. Shame that Intel sacrificed security for performance so badly.
Non- x86 chips can also suffer from the same problems, it really depends on where the MMU boundary checks are applied. In Intel's case it's outside of the spec-ex, giving them a serious performance boost, compared to chips where the checks are applied within the spec-ex context. Technically, both are as valid as each other it's just that using timing tricks it's possible to derive data where the checks are applied outside of the spec-ex execution.
Spec-Ex doesn't need to be costly, and the gains are almost always more than 50%. Why? Because most iterations last longer than that and therefore an iteration for even just 10 cycles with one spec-ex clash at the end is considerably faster than 10 cycles without spec-ex.
As noted elsewhere, one of the problems is due to sacrificing security for permance - as in only checking for access levels on presentation of the data rather than during the spec-ex fetch. While this seems reasonable the time difference between the two is noticeable and with caching allows the contents of the request to be derived. Slow, admittedly, but given the speed of modern processors not impossibly so.
So "office" applications or gaming, spec-ex markedly improves performance. Just in the case of Intel, in particular, it's a case of security vs performance.
RISC-V has spec-ex, however the spec-ex fetches go through the same MMU boundary checks as any other fetch. This doesn't that timing based differentials, and therefore data leaks, are impossible, just that they are considerably harder. A properly secure system would exhibit exactly the same outward performance regardless of a cache/security hit or not. Unfortunately that pretty much requires that spec-ex is disabled.
It is a shame because these days utterly fictitious values of cost will be assigned to relatively trivial student "experimentations" where no real harm has been done. Yes, you used account time that wasn't yours but if the institution owned then systems then were was no real cost to them, just time slices and a bit of electricity.
I got banned for a couple of weeks too, and one point I wound up sitting at the student help desk and particularly annoyed the staff there by clearing the queue of students with computer issues quicker than they would have - and genuinely helped them too.
To show the difference, rather more recently I browsed a colleget network and came across a student PC with an open/anonymous share with rather a lot of pornography on it. I could have pretty much cost them their course by reporting them but instead messaged them and advised them that open shares with such was ill advised and they should stop doing it. The fear from them was ridiculous bearing in mind it was just content that anybody with a non-College network could have accessed easily. I think they appreciated the gentle hint rather than a full censure. On the other hand, September was a terrible time for the network... thousands of new, unpatched and utterly vulnernable PCs from (new) students hitting the network made things glacial at best.
My alternative was less hi-tech. At Uni (sorry guys) I wrote a simple program that looked exactly like the login system (custom screen, easy to mimic and logged out the current user, me, after recording login details) and ran around a computer room or two, logged in as myself, ran this application and merrily harvested the login details of countless students and staff. They had a bit of a sense of humour failure (sorry, again) when I presented this list to them - including a sys admin login or two.
Students. We were probably all dicks at some point in time.
Oh, and I also worked out how to get free laser printing.
I'd say that HP have excelled themselves and implemented variants of this system in multiple places just to ensure that what should be a relatively simple process of them replacing (yet another) DOA laptop (with the same faults as the previous ones) winds up involving multiple departments that cannot communicate with each other and many days of delays.
That and not having the cretinous, and cretinously annoying, cortana "assistant" rubbish shout at you on every clean install. It's not necessary, it's never necessary and most of all has no part in being in the clean install process. Every time it involves trying to hit the mute on the keyboard as quick as possible...
Chromium and Chrome are different things - Chromium is an open sourced rendering engine, Chrome is just another web browser that users Chromium to render pages. The browsers that use the Chromium engine have a lot of leeway into how the content is managed, presented and filtered.
I'd rather that a genuine "AI" didn't drive my car thanks. On the other hand, a computer system with outstanding sensors, control and prediction systems... yes.
The problem with the cure for cancer is that most people don't understand that cancer is not a disease as such. It's "just" the body's own cells mutating/malfunctioning, which they do all the time, and getting themselves into a state where they are not shut down automatically (the fate for most mutated cells) and reproduce in an uncontrolled way. If cells never mutated then we would not exist, it's a fine balance. So targettting our own cells which are malfunctioning when our own body's defences against malfunctioning cells have missed them is a tall order.
My Nexus 5X died recently (all round fantastic phone, particularly for the price). I bought a Samsung J3 for about £100 as a very quick purchase because I needed a phone up and running pretty much straight away (and wanted one with the NFC for contactless payments). The camera is a bit crap, and while the performance of the phone itself isn't stellar once I'd removed all the awful Samsung shovelware and hugely sub-par versions of other applications the speed isn't noticeable and it has about 50% more battery life now compared to before. Alternatively I could have spent hundred more on a phone that when it comes to most practical use (for me), isn't much better. I do miss the 5X's camera thouugh...
ActiveX? Again. A ridiculously stupid idea from the outset... as in cobbling together one layer of dangerous instability on top of another layer of dangerous stupidity on top of another layer of dangerous stupidity?
Combine with Flash? Seriously? The most insecure mess since, erm, anything else that came out of Adobe. Or Microsoft. or possibly Sun.
There have always been different classes/categories of shares. It's entirely up to the organisation involved and up to the investor to pay due care. In the UK at least there are various laws around the dissolution(?) of shares as in if you have a particular type of shares these may not be expanded upon and offered to others without being given the opportunity to purchase more at the same effective ratio. Or something similar - in any case the laws are surprisingly fair.
I've often wondered about the exit strategy or just business model of various of these companies. I still don't quite get how FB isn't losing money at a phenomenal rate, on the other hand they have developed, and patented (start argument here) quite a few technologies and they have in their posession a very well profiled database which they can, and are free to, utilise to promote third party services. Even at its most basic level, the hosting, development and support services have to be paid for somehow. If you're ever in doubt, follow the money trail.
Stupidly the UK police tried something similar with the raid on Noel Edmonds. Or was it some other celebrity? I've steadily lost the will to care... Whoever it was, the press should not have been along for the raid as it happened - fine for them to catch up based on public reports of something "interesting" happening but never anything more.
It doesn't matter what the US constitution (and it's many, many amendments that adjust it for various lobby's purposes) reads.
This was in the UK and despite what many US politicians may think, US laws don't apply here, UK laws do. If UK laws, even rather antiquated but occasionally useful ones, are in effect then they are usable and in this case have been. For once, UK politicians, or more likely civil servants, have done something sensible used the appropriate powers that they have in order to deal with an organisation that is treating UK laws/government with contempt. We may be a distinctly third world country (read the UN reports) however at least there is some sense remaining somewhere.
Well it wasn't very honest or helpful anyway:
Title: Can't access email
User Impact: Users may be unable to connect to the Exchange Online service
At least it's been updated a bit now.
Title: Can't access email
User Impact: Users may be unable to connect to the Exchange Online service.
More info: Affected users may be able to able to access the Exchange Online service if they refresh their connection.
Current status: We've determined that availability dropped below acceptable thresholds due to a networking issue. We've restricted some replication and migration requests through the affected infrastructure and while increasing connection points on alternate infrastructure to remediate impact.
Scope of impact: Impact is specific to a subset of users who are served through the affected infrastructure.
Start time: Monday, November 26, 2018, at 10:10 AM UTC
Next update by: Monday, November 26, 2018, at 2:30 PM UTC
I'd be happier if they did admit that they hired an agency to research critics of them. There is nothing wrong with that, and knowing if the critics are genuine (as in not a smear campaign) then it can provide a lot of valuable input to fixing things. Targetting critics as a result is not on at all though.
A good start would be to reclaim and protect the word Engineer for its real meaning, just as the title Doctor denotes a certain level of either academic achievement or medical training.
The person who fixes the photocopier is a technician and not an engineer, no more than the (invaluable and useful) person who takes X-rays is a doctor.
A fine concept let down by semantics. Could you define when someone stops being a technician and becomes an engineer?
Very similar to the discussion regarding what is a scientist and what is an engineer? There is a very large grey area in the middle therefore how and where is the division made?
@ Intractable Potsherd
I agree, it is a very strange situation to be in - wanting the best for your own children while not wanting a society where those that are able to be successful and those that aren't is dicatated by the level of education that they have available, or where they were educated. Because thisn't good for your own children either.
If the state schools were better, would you send your children to them then? Then the solution is there to see...
There's one guaranteed way to have the government improve state schools... Close all non-state schools and make it an offence to pay for education. This way all politicians' children will also have to enjoy a state school education and with this in mind it's likely to be amazing how fast government education spending would improve.
Sensible error handling is so last century. It is much better to not do any error checking and to throw exceptions for relatively expected events and to then process these in the usually unhelpful "an error may have happened" kind of response.
Muppets. While there are near religious flame wars about error handling vs exception handling, they both have their place. Error handling is for the expected failures, exception handling is for the unexpected ones - use both to their advantage in other words.
Meh. It's been impossible to buy a season ticket from Chiltern Railways for the last two weeks due to configuration and deployment issues. Because the incompetent web managers can't grasp that in-house staff accessing the same system may, in fact, be accessing a different system (internal vs external DNS) they have been carefully denying the problem. Only little gems like "pick a station from the list" followed by "station not recognised" and wonders of "modern development" like that and different station lists appearing depending on whether or not the user is in-house or not.
Biting the hand that feeds IT © 1998–2019