* Posts by Number6

2163 posts • joined 10 Jun 2009

Chrome ad, content blockers beg Google: Don't execute our code! Wait, no, do execute our code – just don't kill us!


I mix and match between Chrome and Firefox already, and I can see dropping Chrome completely if the adblocker stops working. I occasionally get to see pages bristling with ads and it reminds me why I don't want that to be my regular browsing experience. Plus there's the security issue too, with the occasionally dodgy scripts that plant malware. I've said it before, the ad industry needs to come up with a server-side model so that all that gets served is hosted on a single server rather than finding that a page is loading scripts from a couple of dozen different sites. If they did it that way, most ad blockers would be defeated but user security would be maintained.

We did Nazi see this coming... Internet will welcome Earth's newest nation with, sigh, a brand new .SS TLD


I've seen social services abbreviated as SS before now, as a deliberate reference to the behaviour of some of those who work for the service.


The trouble is that .gb excludes Northern Ireland. Given the huge efforts currently being made not to exclude it in other ways, this is an important point. The full title is the United Kingdom of Great Britain and Northern Ireland, so using .uk is reasonable. One could argue that ISO got it wrong, but it as probably discussed at great length and the UK probably agreed to it.

UK.gov plans £2,500 fines for kids flying toy drones within 3 MILES of airports


Larger drones in testing cannot cause an uncontained engine failure.

I think they'd prefer to avoid engine failures even if contained. Jet engines aren't cheap.

I suspect a toy drone wouldn't even be noticed as it got disintegrated by the engine though. They're designed to withstand hailstones, some of which may well be bigger and tougher than a flimsy bit of plastic and fibreglass.


Sadly, the way to fix this is for parents to do exactly that, call ATC and ask for permission to fly their drone in the garden. Pressure will soon mount for the government to stop the complete waste of everyone's time and re-introduce the exemption.

Three quarters of US Facebook users unaware their online behavior gets tracked


Re: Most what?

How do you know it's not a British person living in the US?

Slack to fend off the collaboration competition with... a new logo


Given that I'm not the one paying for it, the product isn't bad, better than Teams because it's truly cross-platform. As for the logo, I'll refer people to Dogbert's Brown Ring of Quality. https://dilbert.com/strip/1996-06-11

Wow, over 22 years ago.

Google Play Store spews malware onto 9 million 'Droids


Re: "Trend Micro has found"

...is a good sign that the app is about to be uninstalled pronto.

This July, Google will weep for there are no more worlds to banhammer: 'Bad ads' to be blocked globally


I would add "any sort of ad that requires a script to run on my machine" as bad because it's a security hazard. On the other hand, it does make it easy to clobber ads by blocking scripts from known ad sites.

If they want to run a script-based system then they can do it server-side. There's also the point that such ads would be way harder to block if done carefully.

Um, I'm not that Gary, American man tells Ryanair after being sent other Gary's flight itinerary


Re: It'll never happen...

I get lots of emails to my own domain that are clearly for other people. Usually people who've signed up to receive information about medication, or are clearly interested in places to use said medication.

What happens when a Royal Navy warship sees a NATO task force headed straight for it? A crash course in Morse


Re: After you. No, after you!

This is what immediately sprang to mind for me too. Stand firm and make like a lighthouse. The flashing light probably helped.

I think the RN expects officers to manage 5wpm Morse, so a bit easier than the old amateur radio Morse test where 12wpm was required.

Millennium Buggery: When things that shouldn't be shut down, shut down


Yes, a remote reboot assumes that there's nothing wrong with the hardware that might prevent a reboot. For a simple router box that was reasonable, the only hardware concerned was required to be working to be able to talk to it in the first place. I guess if the system disk was well and truly fscked then it might decide it couldn't find critical files after reboot though, having trampled through the inodes with the CPU equivalent of hobnail boots.


Fortunately I learned the lesson of not messing with remote routers and firewalls by screwing up my home one from the outside. That was at least fixable by a phone call to my wife to tell her to power it off and on again. I hit the enter key, everything stopped and I immediately saw what I'd done. Oops.

Now I know to (1) never do that and (2) if it really must be done, schedule a reboot for five minutes' time before entering the command, on the basis that if I can still talk to the router I can cancel the reboot, and if I can't talk to it, hopefully it'll be back in five minutes.

Mark Zuckerberg did everything in his power to avoid Facebook becoming the next MySpace – but forgot one crucial detail…


I have managed to avoid putting the FB app on my phone, and when the news broke that they had bought WhatsApp I deleted that too. they don't have my true birthday, and I try to avoid putting anything but trivia on my timeline, although granted they can probably learn a lot from that.

Sticking with one mobile provider gets you... Oh. Price rises, big exit fees, and lovely, lovely lock-in


I figured out the rip-off of contract phones many years ago, plus the fact that they were always locked to the provider and often had a bunch of customisations that were irritating. I have vague memories of having to switch provider to get a SIM-only deal and keep my number too. In the US it's now possible to have a phone on a payment plan (essentially what the contract phone was) except it has a specific end date and a provision that you're liable to cough up the balance if you change providers before you've paid for it. Even the concept of 'contract' is nebulous for service, T-Mobile USA lets you cancel at any time and I think other providers now offer a similar option.

Privacy, security fears about ID cards? UK.gov's digital bod has one simple solution: 'Get over it'



Having an official bit of plastic that says the government is happy that the person pictured has the name on the card is not in itself harmful, and is useful when you do need to prove your ID, such as at the bank when you want to do something to your account that you'd prefer others not be allowed to do. If you've got a UK photo-ID driver's licence then you already have such an ID card. In the US, such things are officially recognised as ID, and it's possible to get a similar card to act as a state ID that is not a driver's licence.

The line is crossed when the bank, or other entity is required to report your use of that ID to a central tracking system, which is pretty much what the last UK attempt at ID cards was all about and why we all kicked up a stink about it. It's the difference between the ID card being a tool for you to use, and it being a tool for the state to keep track of everyone.

The problem arises that once the first one is introduced, where you have an ID card with no requirements imposed on carrying it or its use, it's easy for a future government to suddenly declare that you're supposed to carry it at all times, or introduce a reporting requirement on its use, or to require it to be presented for certain transaction types. Far easier to hold the line at "no government ID card" than give them that bit of ground and then hold back on the rest.

It's a, it's a, it's a SYN flood: Quick, ditch that packet


So the DDOS crew mod their end to send each SYN packet twice. Back to the same problem as before.

BOFH: State of a job, eh? Roll the Endless Requests for Further Information protocol


Re: Speaking of confusion.....

Ah, the equivalent of releasing four piglets in a Walmart store with the numbers 1, 2, 3 and 5 painted on them, then watching as the security team frantically try to locate #4.

£10k offer to leave firm ASAP is not blackmail, Capita told by judge


Re: Accountants

The tax system files it under "compensation for loss of office", at which point it becomes a tax-free payment up to certain limits (used to be £30k, but may well have increased since then).

Yes, there are advantages to both sides because of this. Neither side has to pay NI contributions on the sum, and if you're a higher-rate taxpayer, that can effectively double the effective take-home money. I got three months' pay in lieu of notice when being made redundant and it was effectively enough to fund me for six months.

Microsoft gets ready to kill Skype Classic once again: 'This time we mean it'


I wish they'd fix the new version before dumping the old one. I get plagued with "network problems" despite nothing else having issues. My father's machine won't send video, despite him being able to see it locally.

Still using Skype? Good news! After HOURS of meetings, Microsoft reckons it knows when you're Not Active


I wish they'd fix the Linux version. It was fine until they forced everyone off the older stuff and made us all use the new one, which I guess proves that progress is a vector. Now I have 'network problems' that only seem to affect Skype and nothing else on my system.

I think they've used the same code as in Skype 4 Business, which I have the misfortune to use at work and also seems to suffer such issues.

Python joins movement to dump 'offensive' master, slave terms


What a stupid debate, I echo the comments from Lee D somewhere up the comment stream. Anyone who finds it offensive please explain why, given that master-slave describes the relationship quite well.

I'd like to see your alternatives, just in case I find any of them offensive.

Space station springs a leak while astronauts are asleep (but don't panic)


Re: Then they're hurt or killed

No, in California it only might kill you.

Big Tech turns saboteur to cripple new California privacy law in private



There's always next year's ballot if the tech companies manage to water things down. Find out what they dislike most and make sure that's on the public ballot next year.

IPv6 growth is slowing and no one knows why. Let's see if El Reg can address what's going on


Re: What are they measuring here?

I think the way both Windows and Linux work, if they auto-configure IPv6 and you try to connect to something that has both IPv4 and IPv6 addresses, it will choose the IPv6 by default.

This often gives a clue as to a problem with the IPv6 configuration somewhere, if there's a long delay and then it connects. This is because your end starts by attempting IPv6 and eventually times out when it doesn't actually work because something's eating packets and falls back to the IPv4.


Re: Software

In theory it shouldn't need anything in the router apart from understanding IPv6, broadcasting the relevant magic to the local network and establishing a default route to the outside. The equivalent of the NAT 'firewall' that you get for free with IPv4 is the fact that the router firewall should be configured to drop any packets not associated with a connection set up by the local network. That stops all bad stuff coming in unless the user explicitly configures a rule. It's on a par with doing port forwarding under NAT with no other restrictions in place (so internal users can talk to any external address and port).

I find OpenWRT to be just fine for this stuff, although admittedly it's not consumer software (but that style of port-opening interface could be).


I run a few low-traffic sites and find that the bots that visit are invariably IPv4. I do get traffic from what appears to be phones on IPv6, and a sprinkling of others. Because I have IPv6 set up on the home network here, I find that it will often access the rest of the world using IPv6 if the far end offers it.

That's the other side of the coin of course, your average punter just connects his router to the cable modem (or uses a smart cable modem that does both jobs). If that magically broadcasts the IPv6 magic on the local network then most modern devices will set up and use it and said punter will be none the wiser for it. If he's got to go into a configuration menu and tick a box somewhere then all bets are off.

GitHub goes off the Rails as Microsoft closes in


Re: Great more automated non-perfomant code

I remember complaining about this with Windows 3. As an exercise, we wrote a program (not an app in those days) using all the Windows classes and it was something over 100k in size by the time it had linked in all the bloat. Then we wrote it without all of that as a DOS program and it was a couple of KB.

Frameworks are nice but be aware of the side effects. This also goes for those who put the frameworks together - don't build in mega dependencies so that using one function brings in War and Peace as a side effect.

By Jove! Astroboffins spot 12 new spanking moons around Jupiter


It sounds like they need to adopt a Plutonian solution and declare that any moon smaller than a certain percentage of the largest one should be declared to be a Jovian Pet Rock and have its moon status revoked.

ICANN't get no respect: Europe throws Whois privacy plan in the trash


Re: SImples

That's sort of what has happened. Have you tried a whois query recently? The generic one gives a lot less information than it used to, and if you go to a registrar's site you get this in the notes:

IMPORTANT: Port43 will provide the ICANN-required minimum data set per

ICANN Temporary Specification, adopted 17 May 2018.

Visit https://whois.godaddy.com to look up contact data for domains

not covered by GDPR policy.

Of course, if you're happy to go to their website then all is revealed if it's not a registration covered by GDPR because they have better control over it. Hopefully they'll add California residents to the same list as those covered by GDPR.


Re: Slippery slope

I see you've been influenced by the BRexit bullshit.

The "EU bureaucrats" are no more unlecected as they are in any government.

I thought he was talking about the ICANN board. In this instance the EU are the good guys.

Google weeps as its home state of California passes its own GDPR


Re: Legitimate business interests

Although it's very much worth bearing in mind that the whole point of pushing it through was specifically to make it easier to change later, unlike a ballot version which, as the article states, would be much harder to change once passed. That should be concerning to everyone. If the politicians were really up for this type of privacy legislation, why didn't they just let it go to a ballot? Let's hope that Mactaggart & co are keeping a close eye on the legislation as written and any future modifications (which may be hidden in other bills as riders etc.) and are ready to act again.

I can see some merit in having it easily changed in case there is an issue where someone got something wrong. If the only way to fix it was another ballot initiative then fixing errors might turn out to be hard. On the whole though, I'd prefer the ballot version because it's harder to subvert as I see that as more likely than incremental improvements through the normal legislative process. I agree, I hope that they keep the ballot stuff in a safe place, ready to haul it out if someone offers the legislators enough money to change the existing version to something weaker.

No one wants new phones – it's chips that keep Samsung chugging


I had an S4, which I've just retired, but looking at the latest Samsung offerings, they're too big, cost too much and have way too much bloat on them. I went for something lower down the market, which is more than enough for what I want. I get to fill it with things I want, rather than figure out which of the pre-installed crap I can safely disable. My new phone lasts several days on a single charge, to the point where I can keep it topped up merely by having it charge on my daily commute. All at less than a third of the price of the latest flagship thousand dollar (or equivalent in local currency) phones.

I would like a dual-SIM phone though, or a way to allow two phone numbers on the same SIM with the ability to disable/mute/divert one of them during evenings and weekends.

GDPR forgive us, it's been one month since you were enforced…


Re: How difficult is it to disable slurp?

I'm not sure how I've done it but I have a browser config set up so I don't see ads on Forbes and it still lets me in. Not that I go there that often but occasionally I click on something that turns out to be one of their links.

US Supreme Court blocks internet's escape from state sales taxes


Re: Yo! Yank ... Er ....

The only way you can accurately determine the proper tax jurisdiction is by geolocation using the street address. This assumes the address used is the location of the buyer. Another wrinkle is if one buys something online while away from home, what is the taxing jurisdiction and how is it determined? Depending on how it is done, a VPN service might cause all sorts of fun (honest I was in Finland when placed the order).

The address to which the product is shipped determines the taxes. If you're a hundred feet the wrong side of a tax boundary and you've got a friendly neighbour the other side, see if they'll accept delivery of your packages.

This is where the UK VAT (admittedly with a simpler system) and South Dakota have it right - if you're under a financial limit then you don't have to pay but you can't reclaim anything either. Otherwise a retailer is going to require you to have a shipping address in their state so they can ship to that, and then it's your problem moving it from there to your home state.

Another option would be for the retailer to state at time of sale that the buyer is responsible for paying the sales tax direct to their state and that details of the transaction amount would be forwarded to the state to assist them in recovering it. That way, a small retailer could send a data dump every month or quarter to each state with all the transactions and then the state could ask people for their money. I think the California income tax forms already have a section where you can declare stuff where you should pay tax but haven't.

First A380 flown in anger to be broken up for parts


This is nonsense, according to the Boeing website the 777x has a two seat configuration capacity of 375 whereas Emirates run the A380 with a two class capacity of 615. Nowhere near comparable.

They are comparable if you figure it as passengers per engine. In fact, the 777x comes out better.


The big reason no one wants it is because the first few A380s built are less fuel-efficient than later ones, as various tweaks and improvements have occurred.

Think how many soft drink cans it'll make.

The Rocky Planet Picture Show: NASA Mars InSight ready for launch


Re: Return ticket?

Ask YouTube about the NASA Sample Recovery Robot Challenge. Some of us had fun trying to do phase 2 a couple of years ago. It's surprisingly difficult, although I think technology will make great leaps before they have to do it for real.


It was indeed shrouded in fog. We heard it at the official viewing site but not a glimmer of light. It was as cold as a British Bank Holiday at 4am in Lompoc.

The best outsourcers fire themselves


Re: Citation needed....

Outsourcing works well when you've got a well-defined package of work that needs doing, you haven't got internal staff available to do it and you won't need those staff once the work is done. Or it's a longer-term thing but only for a day or so a week and it's easier than trying to recruit a part-time employee to fill the gap.

Most of the horror stories are missing one of those requirements, usually the 'well-defined package of work'.

Windows 10 to force you to use Edge, even if it isn't default browser


Saved by the mail app

I'm not sure I've ever fired up the Windows mail app, so I guess it's a change I wouldn't even be aware of if not for articles such as this. I locked down Windows apps by default, restricting what they could do on the machine in an attempt to impose some level of security.

Shock poll finds £999 X too expensive for happy iPhone owners


I had a Galaxy 4, I just bought a Moto E4+ for work use and it's a step-up after four years for less money. It's also a bit too big but I'm getting used to the bulk. I don't use the fingerprint sensor, I much prefer a password even if it's a bit less convenient because it's more secure and more immune to US law enforcement. I don't know of anything on the newer Galaxy or iPhones that would tempt me to part with $1000 instead of $129.


Re: Poor decisions

My cattle class seats tend to take about a week to wear off, especially if it's long-haul.

Billionaire's Babylon beach ban battle barrels toward Supreme Court


How many people know how long a chain is though? It's a bit like an acre, a unit often used but ask people how big it is and most won't know (my answer is 'one chain by one furlong'). Perhaps the good citizens of New Zealand are more clued up about old imperial units than others.

Iran: We have defeated evil nuclear-sensing Western lizards!


Re: Chameleons ?

I've heard that there's a chamelephant in the room but I can't see it and people are reluctant to talk about it.

UK ICO, USCourts.gov... Thousands of websites hijacked by hidden crypto-mining code after popular plugin pwned


Another good demonstration of why ad blockers and script blockers are essential.

I see the ICO site is down for maintenance at the moment, I guess someone's pulled the plug on it until they can fix it properly.

BOFH: We want you to know you have our full support


Website Guide to IVR

What would be ideal is for companies to have a web page with the entire script to their IVR on it, so you could go browse it in advance and then when you hit the voice prompt just key 14235 and get immediately to your chosen point. If there wasn't a suitable endpoint for your query then you'd know in advance and instead of wasting time on the phone, could try writing a letter, wrapping it round a brick and delivering it to their offices in person via a suitable window.


Re: Simon will look back on this

He doesn't usually retaliate in the next episode. Revenge is a dish best served cold.

Bruce Perens wants to anti-SLAPP Grsecurity's Brad Spengler with $670,000 in legal bills


Re: You mess with the GNU ...

Look at it this way. I downloaded the source code. I've made changes, and given them to my mate Bill. I've now made more changes, but I don't want to give those to Bill. Bill is asking for them, wondering why I've now spurned him, but I'm not going to give them to him and I'm keeping my reasons to myself (basically, I think Bill is a plonker, and I don't want to hurt his feelings). Instead I've given these new changes to Alice. Where's the GPL2 breach in that?

If you've given Bill the binaries then he's entitled to the source required to build those binaries. GPL2 does not require you to give him updates to what he's already got. If you gave the updated source and binaries to Alice then she is within her rights to give the binaries to Bill, and if he asks, the source code too. Yes there was a high degree of daftness in putting stuff in writing.

US politicos wake up to danger of black-box algorithms shaping all corners of American life

Big Brother

The US credit scoring system is not fit for purpose anyway. I don't care what algorithms they're using, I consider them to be wrong because they fail to account for all relevant factors. Worse, the credit system has wormed its way into almost everything - want a phone contract? Unless you're paying up-front they'll go check your credit score. Want a job? Yes, some employers want to know too.

They seem to give greater weight to short-term things such as your current credit card balance, yet ignore the fact that this is a cyclical thing and that it's paid off in full every month, so you get a better rating just after you've paid off the card than just before, even though your overall spending/paying behaviour is the same (obviously if you don't pay it off then that's a different matter).

Minority Report, anyone?

Biting the hand that feeds IT © 1998–2019