* Posts by h4rm0ny

4544 posts • joined 26 Jul 2008

Kotkin on who made Trump and Brexit: Look in the mirror, it's you

h4rm0ny
Silver badge

Re: Much simpler than all that

>>"Labour, pre-Blair, was on a loser."

So it's a bit like that scene in the Lord of the Rings movie where Galadrial has to choose if she should remain herself and fade away. Blair's "New Labour" is basically showing us what would happen if Galadrial chose the ring.

2
0
h4rm0ny
Silver badge
Mushroom

Re: Really?

>>"You do not understand the issue. There is a big difference between a bureaucrat who works for the NHS and a commissioner who works in the EU"

You both shifted my terms and I also addressed the latter in my post as well. Firstly, I referred to appointees. I didn't use anyone who works for the NHS as my example, I used the Chief Executive who is appointed by the Health Secretary (an elected MP). These are the "Unelected Bureaucrats" that we have in both Britain and the EU and it's the only workable system as we can't vote for everybody. Some random manager HIRED by the NHS as an employee is not what is being referred to as an "unelected bureaucrat".

Now if by "unelected bureaucrat" you're trying to refer to EU commissioners as you appear to be, then those are political leaders, no more "bureaucrats" than May, Gove or Corbyn. I covered those in the post you replied so I'll just repeat - the executive body is a second house of the EU parliament much like we have the House of Lords. It exists not to take away power from the member countries, but was created at the insistence of the member countries so that each had the ability to put a direct representative in there for their country, appointed by the elected government of that country. If you like, it's a bulwark to preserve individual national sovereignty rather than throw everything open to pure voting by an undifferentiated European population. That is very far from the impression created by throwing around the phrase "unelected bureaucrats" which implies that the 28 Commissioners are not politicians but faceless bureaucrats and got there without being put there by our own elected governments - one for each country.

And on some remote chance you're trying to refer to the entire commission including its civil service, then I wonder how on Earth you think the UK government functions? Or is it okay for the UK to have a civil service but EU commissioners are supposed to be omniscient and never sleeping?

In short, when you're throwing around Faragisms like "Unelected bureaucrats" you're referring to one of three things:

1. Political appointees - which we have in the UK as well (e.g. Chief Executive of the NHS)

2. The EU commissioners themselves - politicians not bureaucrats and nominated by national government as a measure for sovereignty and have parallels with the two-house system in many countries including our own.

3. The civil service of the EU Commission - which unless you expect the 28 commissioners to do everything themselves is an entirely reasonable and necessary thing.

In short, complaining about "unelected bureaucrats" is at best misinformed, at worst wilful misrepresentation.

7
1
h4rm0ny
Silver badge

Re: "lazy economics ... allow migration to give us economic growth"

"Democracy is a process of trial and error."

Don't worry. With Theresa May as PM, we'll soon be putting a stop to trials in the UK. They wont be needed anymore.

3
0
h4rm0ny
Silver badge

Re: Left-wing ideologues.

>>"I'm not sure that our Commentards personal experiences of debating points amongst both Left and the Right-leaning people is borne out by the UK's more reliable yardsticks of political thought along this single axis: the daily rags."

Well the subject is about methods of debate between people, not newspapers, so you're off-topic. Plus newspapers are primarily read by older people so not the best "yardstick" for active discussion between people today (old people are generally more insular than young people). However, I'll take up your comment and dispute it. The majority of papers sold (The Sun, the Daily Heil) don't construct arguments in the first place - they tell the reader what they should think with the occasional editorial throwing in some soundbite reasons. The standard is extremely low. Of the papers that do attempt to actually argue their points as if to an unconvinced reader, I would pit any of The Times (right-wing), the Telegraph (it's nickname is the Torygraph so...) or the Financial Times (de facto Right-Wing just through correlation of interests) against The Guardian - the pages of which have contained such delightful arguments as how a US judge shouldn't make their decisions based on evidence but on what feels right.

Honestly, I think only the Guardian can pretend to be an intellectual paper on the Left and my impression would be that it is noticeably more likely to descend to label-arguments than The Times or the FT.

2
1
h4rm0ny
Silver badge

Re: Really?

>>"You may be familiar with a phrase from the past... "no taxation without representation"... the very essence of why the EU is a failure; un-elected bureaucrats dictating to people what they can and cannot do."

The rallying cry of the Brexiteer: "Unelected bureaucrats!"

We have those in the UK. Tonnes of them. Did you vote for the director of the NHS? No? How about the chairman of the Bank of England? Or the person who monitors fishing quotas? None of these? It's the same process in the EU. You vote for representatives who appoint these people because direct voting for every "bureaucrat" is neither desirable nor feasible. Of course there is one notable difference with the EU - you have in addition to the elected house, a non-elected house (a bit like the Lords). And they are there because individual nations didn't want to yield total sovereignty and wished to appoint their own national representatives. Which we do.

I'm tired of reading "unelected bureaucrats" from people who think that's some odd, tyrannical system.

20
1
h4rm0ny
Silver badge

Left-wing ideologues.

>>“I can disagree with conservatives. They don’t like it, but they’ll say other things that are interesting. But on the Left, it's almost impossible to disagree. If you don't buy every single part of their agenda, you’re an outcast"

The above is for the most part my experience, too. I argue with people on both the Left and Right (about different things, and occasionally about the same thing ;) ) and as a general rule, the Right-wingers try to refute me based on individual issues. The Left-wingers usually try to refute me by slapping some label on me. The reason being, so far as I can tell, is that they consider the label itself to be the conclusion of the argument. Once you've proven someone is X, they think that this is 'job done'. And if you try to push on whether X is actually wrong, you tend to get a "It's not worth talking to you if you don't understand that X is wrong".

It's not exclusive to the Left Wing but it's a pattern that I recognize in the author's words. I think it's because so much of Left-wing debate is an echo chamber, taking place in particular academic circles or certain forums, that establishing one's intellectual superiority (the primary goal of most in both Academia and online forums), that it becomes this aggressive scramble to who can look down on who and for what. Primarily determined by what labels one can get to stick to the other. When that cyst bursts and those within flood out into the real word, you get this interaction the author speaks of - a refusal to work on an issue by issue basis, but on a camp by camp basis. Right-wing hierarchy is determined mostly by results and turning out to be right. Left-wing hierarchy is determined largely by establishing moral superiority.

A right-winger will usually try to prove you wrong on something. A left-winger will usually try to prove you are a wrong something.

Of course, the more educated they are, the fancier that will be dressed up. ;)

32
5

FBI won't jail future US president over private email server

h4rm0ny
Silver badge

Re: To all defending Clinton

>>"This thread is completely loaded with feminists. Nay, 3rd-wave-female-chauvinists that even feminists disavow. 'Nuff said."

I think you're seeing what you want to see. I'm a feminist (check my posting history here on El Reg if you want to see plenty of evidence) and I'm not defending Hilary's actions.

0
0
h4rm0ny
Silver badge

Re: Interesting downplaying there

Should not the FBI be obliged to prosecute criminal activity in the case of government? Allowing them to just drop charges when it is politically inconvenient (i.e. it's your likely future boss) is just an open invitation to excuse corruption.

Who are the Internal Affairs of government?

4
0

Debian founder Ian Murdock killed himself – SF medical examiner

h4rm0ny
Silver badge

Re: With friends like that ...

>>"From what has been written it sounds like he had a long history of drinking and mental health issues combined with a somewhat fiery temper"

Honestly, based on the experiences of friends, I'd be inclined to extend him some benefit of the doubt. After the police have beaten someone up (and that happens often enough) then any media attention is usually followed by rapid and aggressive character assassination toward the victim. We've seen that many times with numerous citable cases.

8
4

Microsoft's cringey 'Hey bae <3' recruiter email translated by El Reg

h4rm0ny
Silver badge

Re: <3

>>"Surely 'bae' is not a derivative of 'baby' but a truncation thereof? "Contraction" is a less-precise possibility."

Phonetically it is a contraction, but we are in a written forum talking about a term used overwhelmingly in a written form. (I have only ever heard "Bae" used in a real-world conversation once). Therefore neither contraction nor truncation are appropriate, but derivation is correct.

I would add the "</pedant>" closing tags, but to be honest, I never am not in pedant mode.

Also, "waifu" in English means something other than your Japanese definition as it is frequently applied to non-fictional people.

1
1
h4rm0ny
Silver badge

Re: <3

Derivative of "baby" and usually used by male Internet users to refer to women they'd want to date. See also "waifu".

Yeah, having a recruiter call me "their bae" would creep me the Hell out and not end well for said recruiter.

13
0
h4rm0ny
Silver badge

I may just be square and unhip, but the last thing I want with my work environment is to go to an after-party and play beer pong with any of them I have my own circle of friends and I keep my work life professional.

It's my experience of work parties / social that they want you to pretend to be all relaxed and "yourself", but they don't actually want that - the politics carries on. And if you do let yourself be yourself that tends to be remembered in the morning (especially if you're a woman where social and work standards tend to differ even more).

The Internet-phrasing is just silly to be. But the idea that I should be professionally introducing myself to a company I want to work for by playing "beer-pong" is just down-right off-putting.

20
1

Microsoft's equality and diversity: Skimpy schoolgirls dancing for nerds at an Xbox party

h4rm0ny
Silver badge

Re: Sex is a marketing way to sell stuff? What a news!

Some women might not, but it's pretty understandable why others of us don't like this. Turning a tech event into a strip club is not welcoming to women. Strip clubs are about sex and titillation. Not wanting to be forced into such a setting with a group of strange men you don't know and wouldn't necessarily want to be around in a sexual context anyway, that's not good. A few moments thought from a woman's perspective on this should make the reasoning clear as fairly supportable.

0
0

Get ready for mandatory porn site age checks, Brits. You read that right

h4rm0ny
Silver badge

Re: Conspiracy theory?

>>"I'm beginning to believe that, after several Home Secretaries have made the same fundamental error about what can be achieved by legislation w.r.t the Internet, that there must me an underlying reason for this degree of ineptitude."

There are actually four reasons.

Firstly, it gets a slight vote boost from people who are anti-porn and ignorant of technology.

Secondly, it provides the opportunity to funnel cash at mates in business and to lean on ISPs to make them do what you want because you can make things a real hassle for them.

Thirdly and most importantly, it's not about pro-active enforcement, it's about being able to charge people with something when they become inconvenient or annoying. Can't nick them for anything you want to nick them for? That's okay, you can get them for "viewing illegal pornography" and "bypassing the protections that block foreign and often extreme porn". (note the weasel words in there).

Fourth, and not much less important, it's one more backdoor through which intelligence agencies can force through surveillance and tracking of people. One of the (un)holy grails is to ban VPN usage by any non-business. I.e. the public.

4
0
h4rm0ny
Silver badge

Re: Are you 18?

>>"Do you PROMISE on Cameron's grave that you're 18, cross your heart, hope to die."

Maaaaybe.

But show me Blair's grave and I'll promise pretty much anything you want!

7
0
h4rm0ny
Silver badge

Well maybe if this law passes you'll have the "right" to 10Mbps in your village but there's nothing about cost still. So what does that mean? They're forced to offer it but can charge you thousands for a dedicated line? They're not allowed to offer packages less than 10Mbps? Those seem to be the only viable interpretations of this law and neither really makes much sense. Maybe if you're an ISP you're required to offer 10Mbps to anyone who wants it. Which is a great way to keep out new competition as only BT, TalkTalk, et al. could absorb such costs. Again, as a law this makes no sense?

And what the Hell does this have to do with mandatory age checks, too? Another way of putting that is anyone visiting such sites legally must supply personally identifying information. Yes, that's exactly what you should not be putting into a porn site. Nor should the government be snooping on it.

2
0

Judge gives Zuck a US$6 million Brazilian

h4rm0ny
Silver badge

There's metadata. Presumably the company can see who your connections are and when you have sent and received messages from them. They also, as I understand it, gain total access to your address book when you install the app. Neither wholly take away from your point, but both are valuable and sometimes incriminating sets of data.

4
0
h4rm0ny
Silver badge

>>"The sole reason why we are in a position where a service with end-to-end encryption has been provided worldwide is the artificial separation of telecoms and information service providers by the FCC in the USA. USA has allowed the latter to skip a lot of requirements including legal intercept"

There's a difference between how the two are handled, yes. But I don't think it should be resolved in the direction you seem (possibly) to think. With old phone systems, people needed the phone companies to handle the implementation of communication for them. Nobody could whip up a quick communications protocol and implement it independently over the wires. But today data and bandwidth are commoditized. Not only do we not need BT or AT&T controlling how we send messages to each other, they cannot control how we send messages to each other.

Unless Authority declares there shall be no unapproved types of data transfer - that everything must be in pre-approved formats that they can read, then any of us can whip up a communication system in a week which they cannot scan.

So what's the proposal here - companies are to be fined for doing things that members of the public can do for free? Commercial entities are put at a technical disadvantage over free alternatives? Neither seems fair to me.

Along with the other article on El Reg about Facebook being blamed for deaths in Israel because they didn't pro-actively spy on their users enough to satisfy the Israeli authorities, I'm actually, -gasp- finding myself defending Facebook this week! (A bit ;) )

3
1

Here's how police arrested Lauri Love – and what happened next

h4rm0ny
Silver badge

Re: Although the burden of proof lies with Love

>>"I think it's based on the perceived implausibility that someone would take steps to secure something and then forget how to get to it when they wanted"

I've got a dozen old GPG keys, encrypted partitions and what-have-you that I can't remember the passwords for or that I've lost the key for. I could pull any old hard drive out of my filing cabinet and odds are there's something on there I can't access.

This is an unjust law that runs against the principles of innocent until proven guilty and of no self-incrimination.

15
1

Israeli cybersecurity boom 'sustainable', argues industry’s father

h4rm0ny
Silver badge

Sustainable?

As long as Israel continues to pursue the foreign policies that it does, I should think sustainable is assured!

2
5

Forget Game of Thrones as Android ransomware infects TVs

h4rm0ny
Silver badge

Re: Killing TVs, a step too far

>>" What could the manufacturer possibly do to protect you from yourself in that scenario?"

In my case, sell me a TV that is a dumb output device. The lack of one available is why I don't currently own a 4K TV.

As far as I'm concerned the words "Smart TV" translate as "something on my network that I can't patch, can't configure and for which proper support will probably be dropped within a year."

21
1

Now Google backs everyone's favorite trade pact: The TPP

h4rm0ny
Silver badge

Re: TPP is BAD and there's only one solution

You think Donald Trump of all people can't be bought?

Voting third party is the only path to really breaking up the entrenched power base.

5
0

Tinder bans under-18s: Moral panic averted

h4rm0ny
Silver badge

Re: Why is 18 improbably old?

And what about those of us who turned eighteen and WANTED an older and more experienced partner? That's pretty common.

9
1

Why Oracle will win its Java copyright case – and why you'll be glad when it does

h4rm0ny
Silver badge

Re: The code is trivial

>>"The whole point was that header files and declarations were always assumed to be 'functional' rather than 'expressive' and hence not covered by the scope of copyright."

I've certainly never assumed that and I don't even think those terms are well-chosen. What does "expressive" mean in terms of programming, anyway? I've done software design work where I've done nothing but create interfaces. Even for my sins had to provide proof of correctness for them. And it was valuable work that others then built upon to fill out method bodies and other parts. It was creative work requiring effort and the fact that I was designing an interface didn't mean anyone could just come along and copy that work and claim fair use.

2
0
h4rm0ny
Silver badge

Re: Author is Dead Wrong

>>>>We can't go after people for copyright infringement for using "Itanic" or "cloudobile". You can't defend a word.

>>You can if you trademark them or argue that they're slander, libel, or similar

I've bolded the relevant words in the comment you were responding to for edification.

0
0

Microsoft thinks it's fixed Windows Server mess its last fix 'fixed'

h4rm0ny
Silver badge

>>Config files arent confusing though and can be backed up easily before tinkering making rolling back easier. [...] For nginx I can just copy /etc/nginx/nginx.conf and my /etc/nginx/vhosts directory then embark on my changes. If I fuck it up I can copy the old configs back. Problem solved. How do I do that with IIS?

You can back up modules and settings in Windows easily too. For example:

Backup-WebConfiguration -Name SharePoint_IIS_Backup

And you can iterate through the above for each module backing up its configuration settings individually as you wish.

It's different from copying a config file but not worse. Having your settings as attributes of configurable objects accessible by different callers is more flexible for programmers than parsing an infinite number of varying config file formats.

>>I have no particular beef with MS products but the registry in Windows is far more obscure and opaque than a config file.

Yes, but there's a flexibility and benefit to having all your configurations be part of a programmatically accessible object structure. It makes control of settings based on ACLs very elegant without having to create and maintain some layer of text file parsing for example.

Plus I've found enterprise level management of Windows to be quite effective these days with Powershell and AD. It's not my area of expertise but comparing it to the nightmares of user management and Puppet spider-webs I've come across, I think Windows has the edge these days in terms of system administration.

Also, you seem to have missed the OP's joke alert.

2
1
h4rm0ny
Silver badge
Facepalm

Re: Dear Microsoft

>>"Try actually TESTING. It works wonders for your reputation. (Or at least it USED TO)."

What a daft statement. MS USED (to borrow your caps) to sell Vista and XP and Windows ME and 2000 and all the previous versions of Windows Server. Do you remember the old MS Exchange? Access and Hotmail? IE/7 / IE8? ActiveX? To say nothing of their security! MS products are staggeringly better tested these days than they ever have been before. Are you really so desperate to attack MS that you're trying to invent some better golden age for them?

4
5

Winston Churchill glowers from Blighty's plastic fiver

h4rm0ny
Silver badge

Re: It is safe in the washing machine - how about the dryer?

Well it already has Churchill on it.

0
3

Gillian Anderson: The next James Jane Bond?

h4rm0ny
Silver badge

>>"Sean Connery was less English than Idris Elba"

But he was playing English. Just very badly!

I meant the character has to be English, not the actor.

1
4
h4rm0ny
Silver badge

There're only two requirements. Firstly, Bond has to be English and posh. (S)he can be gritty and rough as they like but they have to know their way a bottle of wine and be able to pick out the Saville Row suit from the others.

Secondly, they need to be something of a brute. I see this as where the danger with a female bond. I think they will be tempted to make Bond a slinky femme fatale a lá Cameron Diaz in Charlie's Angels or Scarlett Johansen in those Avengers films. They'll want Bond to suddenly be this ninja cat type spy just because he's now female. I would prefer a male bond (I'm female, I like to look Danial Craig - that's half the appeal), but I could stand to see a take on it with a female Bond. But if she doesn't beat someone half to death in a nasty manner and a dollop of sneering contempt for the victim's horribly violent death, it's not Bond.

If they keep the character the same, I might be okay with it. But I suspect they'll want to change it. Bond is a psychopath. That will stand out a lot more to people if he becomes a she and I think most male directors would shy away from that and soften Bond.

16
1
h4rm0ny
Silver badge

Re: " will have to to beat off stiff competition"

Well it's still better than Pierce Brosnan's "I thought Christmas only came once per year". I mean if there's any article where you're going to insert an extra entendre, it's going to be one on Bond.

10
0

Art heist 'pranksters' sent down for six months

h4rm0ny
Silver badge

Re: "it seems a little imbalanced to me to bang them up"

I would have thought one of the biggest dangers was to themselves. They were lucky no members of the public decided to intervene violently.

1
0

Big Pharma wrote EU anti-vaping diktat, claims Tory ex-MEP

h4rm0ny
Silver badge

Re: Have to ask...

If all you want is the flavour, why don't you try a sweet you can suck on or a carton of fruit-juice, both of which are a lot more considerate to those about you than puffing out clouds of sickly scents that others may not want?

1
2
h4rm0ny
Silver badge
Mushroom

Re: Hurrah!

Not so Hurrah in my opinion. Nothing in this article gives any voice or consideration to the argument in favour of these laws. It's a hit-piece. For example, the comment that it forbids nicotine levels of the degree that a "heavy smoker", "might" need to quit. Vaping isn't by itself a cure for smoking. So what does that statement even mean? It would hold even if the vaping solution provided more nicotine than you got from a cigarette. After all, if you get MORE of a hit from a vape than a cig, that would increase the chance of you getting off cigarettes. So anything less than that makes Orlowski's statement factually true. But would it sound as rabble-rousing to state: "EU law prevents vaping from providing more nicotine than a cigarette"? Obviously not. But let's not just look at hypotheticals, lets see if the loophole in Orlowski's article is actually exploited in practice. Turns out the answer is yes. The regulations limit the maximum threshold for e-cigarettes without prescription to 20mg/ml. How much nicotine do you typically get from a cigarette? From 12mg - 20mg.

So when Orlowski says "less than the amount a heavy smoker might need to quit" that's factually true as statements containing "might" often are, but actually means that the EU is limiting e-cigarettes to containing no more nicotine than cigarettes. And there's a further omission in Orlowski's article which is that such things aren't illegal, they're simply restricted to prescription so if you are Orlowski's "heavy smoker" trying to quit, the EU doesn't stop you, it just means you need to get them as part of a structured quit-smoking program which is the best way to quit anyway. Furthermore, the figure isn't just pulled out of the air. The 20mg figure is show to be suitable for the majority of smokers which is why Orlowski snuck his "heavy smoker" qualifier in there. No, if you have a three pack a day habit then e-cigs with a normal dose might not stop you smoking, which is why you'd go to the prescription ones that can have more.

What else? Well, the stuff about harmonization. Orlowski's view seems to be that law can only be reactive. Heaven forbid that for once in our lifetime regulations are actually laid out in a timely fashion rather than waiting a decade for everyone to build utterly unrelated standards and then stick a patch on top. Yes, Orlowski, this IS in fact about harmonization. It sets out a framework for all countries even though some of those countries still haven't fully fleshed out rules on this themselves. That's a GOOD thing.

Finally, the general outrage that motivates this article. Well, the jury is still out on vaping help vs. harm but lets at least accept that the simplistic idea that because they're less harmful individually than cigarettes they're an intrinsic good. They're still addictive and harmful things. But there is a perception spread about that they're not. In fact, the companies behind these are doing their best to make vaping trendy. I mean, have you seen the range of stylish vapers you can buy? The range of flavours and mixes you can get that would put the average homepath store to shame? It's a very hipster thing to be vaping. But that is causing some people who don't smoke to take it up. And that's not anecdotal, it's based on studies. People are picking up vaping who don't smoke. Vaping is becoming normalized in situations where cigarette smoking would be frowned upon. I've had people start vaping inside a hotel lobby where it's a no smoking zone and the sign even explicitly stated "this includes vaping", but it was ignored because the person said "vaping isn't smoking" and carried on. I even had one person try to start vaping in a restaurant where we were eating and got very unpleasant when asked to stop and the poor waiter had to ask them twice to stop and endure being lectured on how they were an idiot because "it isn't a cigarette". In both cases, there was a very smug righteousness about the person.

So yes, it's important that there are regulations on these and Orlowski's objections in this article to the regulations that have been brought in are fallacious and one-sided. Here's the study that was done prior to the changes being brought in.

http://ec.europa.eu/health/tobacco/docs/tobacco_ia_rand_en.pdf

Of course it's 345 pages so I don't expect many to read it. But at least recognize a biased hit piece when you see it. Loaded vagueries like "how much a heavy smoker might need to quit" are a clear give-away.

1
3

A cracked window on the International Space Station? That's not good

h4rm0ny
Silver badge
Unhappy

Re: Transparent ALUMINUM?

Sadly El Reg now uses American English. I sent a correction to them on an unrelated issue a while back and mentioned in passing that they'd used an American spelling. Got told that as they now have more readers in the USA, that's what they're using.

Lewis Page gone, American English and other sordid changes... El Reg is British no longer.

9
0

Walmart sues Visa for being too lax with protecting chip cards

h4rm0ny
Silver badge

Re: Zip code for non-US cards

Well that explains why one of my cards didn't work over there.

But using a ZIP code as a PIN is a terrible, terrible idea. Can we have an Edvard Munch icon, please?

1
0
h4rm0ny
Silver badge

Re: and therein lies the problem for Aussies

Functionally it is little different from having cash stolen. They set the limit at X as a parallel to how much money you might be carrying in a non-card world. £100 probably isn't that bad they think as you'll get it back eventually.

However, the system needs two things. One, the availability of cards without NFC payment enabled, and two - the ability to configure your own limits. (These can actually be the same thing given you could configure a limit of zero).

6
0

Can ad biz’s LEAN avert ADPOCALYPSE?

h4rm0ny
Silver badge

Missing the point.

Sure, I don't like intrusive ads but most websites I'd visit are smart enough not to show those to me anyway.

It's the tracking I despise.

8
0

Server-jacking exploits for ImageMagick are so trivial, you'll scream

h4rm0ny
Silver badge

Re: I hate to defend H4rm0ny, but

If it helps, you can consider yourself simply defending the original AC by proxy. They made the valid criticism and got voted down heavily for it. That way you don't have to feel troubled by defending me for whatever reason that it is problematic. Instead you would merely be agreeing with me on an isolated point.

Hope that's of use.

0
0
h4rm0ny
Silver badge

Re: That's the unix way of doing things..

>>"qrencode -t PNG -o - "${1:-Empty data!}" | display &"

>>Joining two applications without having to do anything special is part of how Unix stuff works.

We're talking about calling this from another program or a web script, so tell me why building your command line above is less "having to do anything special" than using an API like the following:

Imagick imageTool = new Imagick();

imageTool->grencode('png',outputFile);

Etc. Is building a command line and sending it to the shell inherently simpler? I think the opposite. It's certainly more prone to vulnerabilities which was the OP's point.

Text is a terrible way of joining programs together.

1
1
h4rm0ny
Silver badge

Re: @AC ...That's the unix way of doing things..

>>"Before you bash Linux/Unix... Looking at the exploit, unless you run ImageMagick as root, you're limiting the potential damage."

Something that runs as the webserver (ImageMagick is a library compiled into PHP amongst other things), then that's quite enough damage, thanks. Being able to connect to the sites database and run arbitrary commands, scan the entire webroot, and even (though this should normally be blocked by other measures) potentially write to it is not something that should be described as "Limited" without context.

1
1
h4rm0ny
Silver badge

Re: That's the unix way of doing things..

>>"The moral of the story is not that there's anything wrong with interpreters (like your diatribe against shells) but the context that they're allowed to be used from. ImageMagick evolved from being a command-line tool and now it's being used in an unsafe context. That is all"

I disagree. Your argument is to the effect of "it doesn't matter if there are sufficient protections in place", but that's a statement that's always true and always misses the point. The point the OP made was that command-line text to join up different programs is inherently more vulnerable as an approach than calling the APIs of other objects because it is inherently more open to malicious input. If in this case, ImageMagick was written to call the "imageconvert()" method of an object, even if you could provide a variety of such objects that implemented it in different ways, that would be inherently safer than having it exec to the command line "jpegtool --convert myImage.jpg" where the command line is, by necessity, assembled from different parts and thus needs the kind of "jail" that you talk about in your anecdote.

OP is correct.

1
1

Brits who live in 'smart cities' don't really know or care

h4rm0ny
Silver badge

There's not really any community presence online, that's the real issue. E.g. there's no online "hub" for Glasgow or York or London that anyone visiting or living in those places would naturally connect to. Sure, there might be council websites or something, there are some geographic apps that swing in and out of popularity, but that's it.

If they want to get their message out, if they want to do things like engage cyclists to log their routes, they need to build up some sort of community presence in a standard way that people will want to connect to.

That doesn't seem to exist, yet.

5
0

UK govt admits it pulled 10-year file-sharing jail sentence out of its arse

h4rm0ny
Silver badge

Re: So is anyone going to be held to account?

>>They made stuff up and tried to tell us it was based on something tangible.

The problem is that the author's definition of "made stuff up" appears to include "reached a decision". You're quoting the article and I consider this article biased, click-bait and grossly misleading. And I have supported that.

>>If this doesn't concern you, keep an eye out on my soon-to-be-released proof that the earth is indeed flat. It's based on the Flammarion engraving, 'unpublished research' and some tweets by the rapper B.o.B, so pretty much irrefutable

Facetious analogy is facetious, I'm afraid. We're not talking about being unaware of some objectively provable fact. We're talking about people putting together some proposed laws. And the proposal is based on harmonising existing laws which allow a difference between sentencing for the same crime depending on if it's committed online or offline. Which is plainly a bad state of affairs. People complain about the law not keeping up with technology. This is an instance of it doing so.

1
7
h4rm0ny
Silver badge

Re: So is anyone going to be held to account?

>>"@h4rm0ny - so you missed the stuff about parliament saying no, 10 years is too long, we need an independent review, and the review saying no, it's too long, and more than 2/3rds of all the responses for comment saying that it was too long also?"

No, I didn't miss that the public response was overwhelmingly against it. But then I look at vast upvoting for things here that I know are factually wrong and I recognize that in all probability much of the public feedback was similarly misguided. If you do a public consultation about rationalizing penalties for the same crime between online and offline methods, and 70% of the feedback is people who plainly haven't understood the proposal that doesn't mean throwing out the law is a good response. And in fact, I've read the response. It comments on the concerns people raised and provides citations that explain the misconception if people bothered to read it. But instead we get articles like Kieran's here which scan through it looking for something to attack, find a phrase like "Such information was derived from our analysis of the evidence and opinion provided to us by a wide spectrum of interested parties, over the consultation period." and translate that as "they admit they pulled it out of their arse".

That's just bad reading. So no, I haven't missed it, I've responded with facts and reason. Truth isn't determined by popularity as voting here demonstrates.

2
9
h4rm0ny
Silver badge

Re: Facepalm

It's unlikely to appear in mainstream media because the author of this piece has massively misrepresented things in both their recent articles on this.

0
6
h4rm0ny
Silver badge

Re: Fiscal Responsibility

Well previous recipients of multi-year prison sentences in the UK for piracy have included people who traded over twenty-million in pirated software so probably the ratio is pretty high. Conversely, find me domestic file-sharers who received multi-year prison sentences in the UK courts over just getting a fine. Found any...? No? So maybe you shouldn't be upvoting spurious posts about imprisonment costs because you can't back it up with this actually happening in the UK.

1
6
h4rm0ny
Silver badge
Mushroom

Re: So is anyone going to be held to account?

Why? On the basis of a misrepresentative article by a biased journalist?

We just had an article on this which was equally misleading. Now we get another which describes analysing and reaching a conclusion as "made up" and "pulled from its arse". By this author's criteria you can include pretty much every decision as "made up".

As this article is pretty much the same re-tread as the last, I feel entitled to re-tread my response from last time. So here's my view on it minus hyperbole about making things up and implications that domestic file sharers are going to be sentenced to ten years in jail. Note the use of things such as reference to actual past sentences in the UK, etc. So...

Presumably everyone outraged by this also thinks that when an ISP promises "up to 100Mbps" that's what they'll get. Or that because you can get up to two years for dangerous driving, you'll get two years for accidentally going through a red light.

This is about harmonizing offline and online penalties so that someone producing knock-off DVDs gets treated the same as someone transferring ISOs online. It's not about upping the penalties.

Let's look at actual prosecutions resulting in multi-year sentences in the UK. To recall two, we had a guy who traded in $20million of pirated software and made a very handsome profit on that. He got seven years, iirc. The other multi-year sentence I can recall was someone running a piracy site and he was channelling about £50,000 advertising revenue per month through Latvian banks to South American-registered companies. I don't recall how long that person got, but it was less than ten years.

If you're someone at home distributing some movies via BitTorrent, you're not going to get a decade inside, you're going to get a fine, in all but the most exceptional cases.

Discretion in sentencing is a thing and exists for a very good reason. Meanwhile El Reg. and Ars Technica go into a feeding frenzy of click-bait profits whilst freetards go into moral outrage and complain about comparisons to manslaughter. Well home torrenters aren't going to be sentenced the same way as people committing manslaughter and if you throw out all historical evidence from this country to the contrary, and refuse to acknowledge that maximum sentences are not the be all and end all of how you assess a law, then you're wilfully trying to be outraged because you enjoy it. As the author of this article does. Got to get those clicks!

So why should we harmonise penalties between online and offline behaviour? The silly argument I've seen arguing against this is that if you steal a warehouse full of DVDs, you're depriving someone of something but if you copy the data you're not. This is silly.

Both are methods of depriving the content producer of payment for their product. Unless for some incalculable reason you think the primary cost of producing a movie or album is the plastic that goes into the DVD, then it really makes no difference how you take it without paying for it. This is a fact.

The other is the perennial "I wouldn't have bought it anyway". This too is flawed.

This is you deciding unilaterally the worth of someone's work and depriving them of a say in it. You declare it's not worth £10 but is worth £0, so it's therefore okay for you to take it for £0. Trade depends on both parties being able to negotiate on a price. If the seller prices it too highly, you choose not to buy. If you find it worth the price they demand, you do choose to. Taking it at a price that the seller does not agree to is theft, even if (especially if) that price is £0. The customer always wants everything cheaper, that's why they don't get to set the prices of it unilaterally.

Also, utterly absurd to argue from a position that piracy doesn't cost sales. Whilst the comments sections of IT news sites seem to be filled with people who pirate nothing that they would ever buy, the real world contains people I know who absolutely use piracy as an alternative to buying, renting or cinema.

And before I get the utterly predictable retort that this doesn't mean that every pirated good is a lost sale, let me point out I haven't made such an argument.

Some people take what they read by this author at face value. Either through trust or because they like being outraged. The article is misleading people. They don't want to imprison domestic file sharers for ten years as supported by our own UK history on this. What they want is to slap a fine on you and say "don't do it again." Unless you happen to be engaging in large-scale software piracy for profit which is more what this is about despite the frothing rant that has just attempted to pass itself off as journalism without so much as pretending to consider the opposing view.

As this is the second such rabble-rousing, context ignoring article, I can only presume that the author loves their status as official angry mob spokesperson more than they prefer actually taking an objective view on the context of this law.

3
25

Engineer uses binary on voting bumpf to flag up Cali election flaws

h4rm0ny
Silver badge
Paris Hilton

Re: He's wrong, of course. The system would fall apart within minutes..

Oh it might fall apart. Probably would... But I think it would be really fun to try democracy for a bit and see how it went.

9
0

I am Craig Wright, inventor of Craig Wright

h4rm0ny
Silver badge
Black Helicopters

Maybe amanfrommars is Satoshi Nakamoto?

39
1

Forums

Biting the hand that feeds IT © 1998–2018