* Posts by Tom Paine

2255 publicly visible posts • joined 19 Aug 2008

Can you ethically suggest a woman pursue a career in tech?

Tom Paine

Re: The facts: 2-1 Bias in STEM jobs. For women.

What has academic tenure got to do with the subject of the article?

(Hint: "nothing whatsoever".)

Tom Paine

Re: passed over for promotion by men half their age

I always wonder if the complaints of sexism come from women who are just not that good at their job...

Let me help you out. The reason that you have this entirely fallacious and delusional idea about the world you live in is that you are what we call "a sexist dickhead". You are part of the problem. Oh look, and you're a racist as well; quelle surprise.

Tom Paine

Re: "We need to promote women disproportionately, pay them equally or better..."

Currently there is a rhetoric that women are paid less, one that has been debunked many times

coughBOLLOCKScough

http://www.equalpayportal.co.uk/statistics/

Tom Paine

Re: "We need to promote women disproportionately, pay them equally or better..."

I'm sure the US fraternity / sorority systems doesn't help, but it's fatuous to suggest that's the only cause; uif it was, there wouldn't be problems for women in tech in countries with sane educational systems. And there are.

Tom Paine

Re: "We need to promote women disproportionately, pay them equally or better..."

Perhaps IT should treat employees decently, the same way as other industries, rather than expecting tired, error-prone and unproductive employees to work a couple of extra hours for free every day? (Work out your hourly rate, and consider that that's how much free money you're handing your CEO for every hour of unpaid overtime you do -- just so he can buy a new Bentley. Why do it?)

MAC randomization: A massive failure that leaves iPhones, Android mobes open to tracking

Tom Paine
Alien

Let's face it....

We all know how this came to pass.

ALIENS!

Zero-days? Sexy, sure, but crap passwords and phishing are probably more pressing

Tom Paine

That is literally what the RAND report is about. Read it, maybe?

Devs bashing out crappy code is making banks insecure – report

Tom Paine

Re: Agile Payoff

there is never any time to 'clean up' or remove Technical Debt in an Agile process.

It is always the next bit of Shiny-shiny to be delivered.

Nonsense. I worked in a shop that took Agile and Devops very seriously, with the KANBAN board and story cards and everything, and thought there was a goodly stack of tech debt, those cards were up on the wall and regularly revisited and, where merited, moved over to the work-in-progress board.

If you've seen agile done as a means of ignoring tech debt, you've seen it done wrong.

Royal Navy's newest ship formally named in Glasgow yard

Tom Paine

Re: OMFG

You might find this piece food for thought.

http://exiledonline.com/the-war-nerd-this-is-how-the-carriers-will-die/all/1/

I've often vaguely thought that carriers were a massive single point of failure. The entire Falklands campaign was one Exocet away from being an utter catastrophe with thousands dead. It was nice to find that people who actually know what they're talking about think the same thing.

Tom Paine

Re: 30mm gun

The bigger the ship, teh bigger a deathtrap it is if there's ever a proper war.

http://exiledonline.com/the-war-nerd-this-is-how-the-carriers-will-die/all/1/

America's Marine Corp steamy selfies scandal, a Senate probe – and El Reg to the rescue

Tom Paine

Given these women are willing to risk their lives in the service of their country, it's a pretty poor state of affairs that a few rogue soldiers can cause them such grief and besmirch the reputation of the Corps.

Can't disagree with that, but "a few rogue soldiers"? Firstly it appears to be soldiers, marines, airforce, er, personnel and also the Navy. Secondly there are clearly a lot more than "a few" -- the US reporting on this by Thomas Brennan and others suggests there are hundreds of active participants, at least.

'Nigerian princes' snatch billions from Western biz via fake email – Interpol

Tom Paine

$3Bn would be just under 0.3% of the GDP of Nigeria alone, according to the CIA anyway:

https://www.cia.gov/library/publications/the-world-factbook/geos/ni.html

"West Africa" depends which countries you include, there are others that are relatively developed as well as the traditional post-colonial basket cases. Which, being translated, means I can't be arsed to add it all up.

Tom Paine

A BEC crook sends authentic-looking invoices and internal memos to businesses and their finance staff, tricking the employees into paying money into the thieves' accounts.

Er. No. That's an ancient scam called Fake Invoices - it was going back in the days of faxes (invoices for listings in non-existent business directories was a favoured tactic.)

http://www.actionfraud.police.uk/fraud-az-invoice-scams

BEC, as the C (compromise) implies, is where the Finance Director's own email account has been compromised and the "Quick, pay $5m to this Swiss bank account, it's for an urgent secret merger deal which you mustn't discuss with anyone until we announce it" email really HAS come from the real Finance Director's* email account. In Outlook it'll have the little mugshot from the internal phone directory and all the other indicators that this is trustworthy, internal email rather than something coming from the great unwashed internets.

YVW.

*( or the CEO, CFO, Treasury Manager,.. etc)

BOAR-ZILLA stalks Fukushima's dead zone

Tom Paine

Boar

Tangentially, I happened to encounter the wild boar someone released in the Forest of Dean back in 2004 very soon after they'd first been spotted, over a decade ago: a sow with 8 or 10 piglets. I watched them very carefully and cautiously as they foraged about in Forestry Commission land. They were drifting down a fairly steep wooded slope, and I was cautiously and quietly (I thought) following perhaps 10 yards downwind, enjoying a delusional sense that I was the new David Attenborough. They passed behind a tangle of undergrowth, piglets first, then the sow. When the sow emerged she stopped, turned, started me straight in the eyes and... well, you know that Dr Doolittle song about talking to the animals? This creature didn't know English but it communicated "if you don't push off, I'm gonna gut you like a fish with my tusks" pretty unmistakably. I took the hint and retreated!

Really cool to see them in the wild, though, and in some places they're semi-habituated to humans (the Forest isn't all that unpopulated) so you can safely watch them from a distance as long as you don't startle them. (Keep dogs on a lead or, preferably, away from the woods altogether.) A charging boar is extremely dangerous and quite capable of killing a small dog and fucking up humans good and proper if you got a big one on a bad day.

(In summary, visit the lovely Forest of Dean, we need to tourist money!)

http://www.bbc.co.uk/news/uk-england-gloucestershire-38755729

Vodafone gets less flexible on flexible working Ts&Cs for own staff

Tom Paine

Re: Vodafone app privacy

the Vodafone UK iOS app

Sorry, I don't understand your comment because you don't explain what this app does. I assume it's not just a wrapper for their website where you can read self-help tech support rather than engaging and expensive human, or buy data allowance top-ups and such?

Tom Paine

The telco sells the Better Way of Working (BWOW) “solution” to customers - a mix of tabs, remote access and device management systems. This is supposed to make staff more productive, use office space more efficiently, and cut CO2 emissions.

I'd've thought smoking tabs would be BAD for CO2 emissions, on account of all that oxidisation of organic matter.

Unless they're tabs of acid?

Brit ISP TalkTalk blocks control tool TeamViewer

Tom Paine

Re: genuine question

its very quick and easy for the customer to install.

RDP comes with Windows, no install needed

they dont need a static ip / dynamic dns name , and they dont have to mess around with port forwards on their router.

oh of COURSE, yes -- that makes sense -- how dopey of me to have forgotten the NAT-infested nature of IPv4. ta :)

Tom Paine

Re: Seriously...

BT have a monopoly on the telephone cables

Jesus crispy fried Christ with stuffed crust and extra anchovies... for god's sake, IF YOU KNOW NOTHING ABOUT THE TOPIC, DON'T COMMENT ON IT.

* sits back and waits for the upvotes**

** reverse psychology! Clever stuff, 'eh?

Tom Paine

The problem with that approach is that the SP would end up with an enormous list of 1.2.3.4/32 DROP ACLs on their border routers, which doesn't scale.

And no, you can't just block all Indian netblocks, for reasons I trust are obvious.

Tom Paine

Re: Well thats my family screwed

Srs question, what's wrong with native RDP?

Tom Paine

"TeamViewer has previously said it takes the security and privacy of its customers "extremely seriously" and "condemns the use of TeamViewer to subvert systems and gain unauthorised access to private data."

Well after three hacks I should hope so, but it is a little too late don't you think Talk Talk?

If you were to try reading the quotation you just pasted into your comment, you'll see that you're berating TalkTalk for what TeamViewer said. It's a little bit unfair, dear heart. One are evidently a shower of turdbrains, the other make remote access software.

Tom Paine

Which way?

Spoke to TeamViewer who are in no doubt regardiing the legalities of TalkTalk block.

TV know that it's legal under UK law? Or illegal?

Personally if I was paying for Internet access and then found I was getting Internet access minus one particular TCP port I'd be pretty fucked off, but then again I'm not Aunty Doris and I wouldn't fall for a scam call in the first place. Seems reasonable to segregate the Dorises onto one SP who's set up to deal with purely non-tech users. And then rest of us can stick with A&A :)

Tom Paine

genuine question

What does TeamViewer do that native RDP remote desktop doesn't?

CIA hacking dossier leak reignites debate over vulnerability disclosure

Tom Paine

"If the CIA knows of the specific exploit, chances are that the MI6, FSB, MSS, and Mossad are aware of it as well,

That's trivially falsified by looking at how many disclosed vulnerabilities turn out to have already been discovered and reported by another researcher. It happens, but rarely. The Rand report published today says about 5%.

So.

FBI boss: 'Memories are not absolutely private in America'

Tom Paine

Re: Proportional response and Biggest Active Threat

drug dealers, terrorists, pedophiles. Granted that these are nasty folks and we would like to curtail their nefarious activities. But how many of us or our families have been affected by such people

More than you think, evidently.

https://www.nspcc.org.uk/preventing-abuse/child-abuse-and-neglect/child-sexual-abuse/sexual-abuse-facts-statistics/

Tom Paine
Mushroom

Re: Fucking Hypocrite

Fucking Hypocrite

--he issued a stern warning against companies hacking back against attackers.

"Don't do it, it's a crime,"--

Only the CIA are allowed to do this without it being considered a crime apparently.

That's an interesting point of view. I've just the one question: what the fuck are you about? Are you objecting to the existence of police, LEA and intelligence services that are allowed to do things that are illegal for ordinary citizens? If so, give me a moment to strap in and then ... OK.... let me have it.

WHY??

Tom Paine

Re: "any communications – be it with your spouse, your priest, or your lawyer"

Nonsense.

As the CIA dump demonstrates, the move to PFS and end-to-end, properly implemented strong crypto has forced LEA and spooks to focus on pwning the endpoints (in the CIA case, with the assistance of physical access, which is /extremely/ expensive and dangerous to carry out and can obviously only be carried out against individual named targets and their immediate associates.

If there was a break in AES, say, there'd be no market for 0day among spooks and LEA, would there.

Kapish?

Tom Paine
Mushroom

That's certainly true, thanks to Trump and the nazis in the BCP, but if you you've got any more right to privacy in a European country or any other developed country anywhere in the world, you're either extremely ignorant or extremely stupid.

Tom Paine

How is this news?

(1) how can this be news to anyone? (Has no-one heard of Scott McNealy?)

(2) How and why can/does anyone think it's a bad idea that law enforcement and spooks have the ability to carry out covert surveillance? Do you actually WANT to be blown up or taken over by the next aggressive nationalist dictatorship or have major organised criminals acting with complete impunity? (Sure, tehre are plenty of crooks who should be in jail who aren't. Throwing away tools that enable the conviction of some of them isn't going to help, though, it's only going to make things worse.)

*toc *toc *toc.

Anti-TV Licensing petition gets May date for Parliament debate

Tom Paine

Re: Good going cobber

Yep, motorbikes are terrifying alright. I'd a colleague who commuted 60 miles to London and back every day -0 took safety very seriously. After his second cuold-easily-have-been-fatal accident caused by someone else, his missus put her foot down and insisted he commute by train from then on. (Turns out that when a bunch of psychopathic scrotes deliberately rams you from behind at 50mph there's not much you can do about it... he reported having a memory of sliding across the opposite carriageway (in the face of oncoming traffic) and the next thing was waking up in a ditch having his clothing cut off by paramedics. No permanent damage fortunately but he was in traction for a couple of months.

Tom Paine

Re: Good going cobber

Eh? Last time I got done by a speed camera I got three points on my license too, surely that hasn't chenged in a decade? (i can't afford / justify a car any more :( )

Tom Paine

Re: Good going cobber

Murdoch has people to do that for him.

Yeah, they're called the readership.

President Trump-themed escort services may soon open in China

Tom Paine

Re: Of course, if the most controversy-friendly president of the millennium

Nope. Clinton, B was President until 20th January *2001*.

Self-employed bear the brunt of Spring Budget with additional National Insurance contributions

Tom Paine

Re: I'm a bit pissed off ......

I'm a bit pissed off ......

So ... the government happily increase National Insurance for Self Employed to raise £145m (and reduce LTD company dividend threshold from 5k to 2k) but still manage to find new funding totalling £20m to support the campaign against violence against women and girls and a further £5m committed to a project to celebrate the centenary of women having the vote, and to educate young people about its significance.

Why does that piss you off?

*steps back, reaches for popcorn

Tom Paine

Re: Here's a thought

Yes. People don't seem to be able to distinguish between wealthy (high net worth) and highly paid people. I'm highly paid by UK standards, probably in the top 5%, but my net worth is under £5k because I've never been able to afford to buy a house (so never bothered trying to save a deposit), a car, or even a decent telly or whatever the kids call "a stereo" these days (I'm out of touch...) After 75% of my working life my pension savings are, what, £25k? £30k? Enough to provide an annual income that'd just about cover a month's rent.

So by some standards I'm "rich", but in reality there are plenty of, say, builders or electricians who're much wealthier than I am, though I wear a suit and work in an office in the city.

Tom Paine

Re: Here's a thought

Very few MPs get cushy Directorships after being sacked; that's civil servants and ministers you're thinking of. (See Private Eye's excellent coverage of the disgaceful scandal of ACOBA.)

Tom Paine
Mushroom

Re: Here's a thought

"We seem a long way away from getting our money back out of RBS."

Come again?

RBS set to pay back last of £163bn loan from taxpayer

Royal Bank of Scotland will on Friday confirm it has all but repaid the £163bn in emergency loans it received from British and US taxpayers during the financial crisis.

http://www.telegraph.co.uk/finance/newsbysector/banksandfinance/9244389/RBS-set-to-pay-back-last-of-163bn-loan-from-taxpayer.html

Tom Paine

Re: Here's a thought

Illness and disease doesn't discriminate. Cancer isn't something that's attracted to wealthy people. Strokes aren't the soul preserve of the poor.

Sorry, you're fundamentally mistaken there. There are massive health inequalities across different income ranges. See for instance https://www.ncbi.nlm.nih.gov/pmc/articles/PMC1070713/figure/fig1/

(your favourite search engine has much more)

Tom Paine

Re: Here's a thought

Altogether, now:

SOURCE??

(To be clear, I'm not suggesting your figures are wrong -- just pointing out that without a source, they're worthless :) )

Tom Paine

Re: Here's a thought

If you're living on the interest from an ISA you must have a couple of million in cash savings. Sorry but that makes you pretty unusual.

Tom Paine

Re: Here's a thought

What is it with intelligent Reg readers that they don't bother to fact check their own assumptions?

"We've had 7 years of this bullshit in one form or another. 7 years of "tackling the deficit". That deficit continues to sit there, it doesn't go down."

http://www.ukpublicspending.co.uk/uk_national_deficit_analysis

Now to watch the downvotes accumulate for posting objective, checkable facts....

That CIA exploit list in full: The good, the bad, and the very ugly

Tom Paine

Of course Country B's laws won't allow Country A to spy on it, but Country A's laws certainly allow them to spy on Country B, and vice versa. Not sure what point you're trying to make here. Espionage and intelligence are a Bad Thing and unsporting, and gentlemen should never do it? If so, I'm sorry but that ship sailed many centuries ago.

Tom Paine

Re: "Nothing to see here, folks, move along..."

So there's nothing to see here, move along people, nothing to worry about. Just your government doing its job as usual.

Of course, dirty lousy Russian fink spying is a rotten trick that we should all abhor. But good ol' American spying is, well, just what you should expect.

Yes, that's right, except that you should expect Russia to hack in pursuit of intelligence as well. Nothing controversial in that. What the US and EU are getting upset about are active information warfare operations designed to influence domestic politics. I can see both sides on that; the US, I'm sure, would love to be rid of Putin and might well be doing things to try to hasten that day, but Putin's Russia is (1) an adversary and (2) not a liberal democracy. If there was evidence the CIA were trying to influence, say, domestic UK politics in a significant way, there'd be an uproar, and rightly so.

Tom Paine

Re: That CIA exploit list in full?

You are mistaken. For a start, there are mentions of Linux exploits.

Tom Paine

Re: WhatsApp / Signal

SGX is an attempt to implement privacy from root:

https://en.wikipedia.org/wiki/Software_Guard_Extensions

Can't see it working in the real world, myself, and it's already had some flaws discovered:

https://arxiv.org/abs/1702.08719

Apologies to whoever/wherever I picked those links up from, I can't remember where it was. El Reg, possibly.

Tom Paine

Re: Who...

Relax. You are not a CIA target.

Tom Paine

Re: Who...

Us grumpy old men (and women) don't need any of that crap. If we want to iPlayer something we can do it on a mobile device or Bt it to the telly if a bigger screen's absolutely essential; Netflix is crap TV you pay for, who on earth has time and money to waste on something like that?; Amazon Prime... IDK what that's got to do with your telly, it's just a higher charges / quicker delivery thing isn't it?

"Browsing and playing media on the home NAS" - the very few progs I'd like towatch again are get_iplayer'd and watched on a computer. I'll be buying myself a large hi-res display a long time before I buy a telly, if I really have to watch something again on a big screen. (Hmmm actually it's a while since I last watched Micro Men... better start saving for a telly!)

Tom Paine

Re: Where's Linux?

Yes, Linux is on the available targets list for some of the exploits, as is FreeBSD. (Haven't noticed OpenBSD yes though... )

Tom Paine

Re: Hmm, wikileaks

WL supports Trump because Putin tells them to.

Tom Paine

criminal laws are just another form of imposing conformism on the population.

Yes, and well done you for managing to smuggle your message out of the camp for political prisoners.

*rolls eyes*