* Posts by Number6

1894 posts • joined 10 Jun 2009

Programmer finds way to liberate ransomware'd Google Smart TVs

Number6
Silver badge

It seems that these days, if you want to buy some known brand TV you just can't avoid getting a "smart" one.

It's getting a lot harder. I managed to get a dumb 50" TV on a clearance sale for $200. It's hooked up to a Linux media centre so the smart element is there, but it's under my control, no microphone and no camera.

1
1

Strong non-backdoored encryption is vital – but the Feds should totally be able to crack it, say House committees

Number6
Silver badge

Re: Because we're all guilty of something, right?

You're thinking of the old rules. Now you can have trial by media, where you're assumed guilty regardless of the evidence, or the government will engage Rent-A-Clue to provide the evidence required to stitch you up.

Sorry, is my cynicism showing?

0
0
Number6
Silver badge

I guess they could copy the UK and give you the option of providing keys and going to jail once they've decrypted your dodgy information, or not giving them the keys and going directly to jail having saved them the bother of the decryption exercise.

Because we're all guilty of something, right?

31
0

Sayonara North America: Insurance guy got your back when Office 365 doesn't?

Number6
Silver badge

Just make sure you keep a copy of the insurance information locally, don't save it to the cloud...

5
0

Oi! Linux users! Want some really insecure closed-source software?

Number6
Silver badge
Coat

Re: Bigger jumps in Version numbers

Can we play a new game? Several programs jumped to low-digits to 2000 because everybody was doing it too -- Word, Wordstar, can you list others?

You mean they didn't all do it to avoid the Millennium Bug?

1
0
Number6
Silver badge

At this point I'd rather they stopped bothering with Flash at all, and produced a modern version of the Acrobat Reader that handled forms and all the other features present in the Windows version.

7
0

Stupid law of the week: South Carolina wants anti-porno chips in PCs that cost $20 to disable

Number6
Silver badge

Re: If I was a PC seller

Deliver to a spot just over the border for collection by the buyer or his nominated agent. Ownership to transfer at that point so you're not selling in the state. They'd not be able to ding you for sales tax, either because the sale would be completed elsewhere.

9
0

US Supreme Court to hear case that may ruin Lone Star patent trolls

Number6
Silver badge

Re: So if this goes through, everyone has to be sued in their state of incorporation

The problem with the patent system in the US at the moment is that it no longer rewards innovation, it rewards those with the deepest pockets. The USPTO appears to have forgotten that patents are supposed to be novel - too often it's a small and obvious incremental improvement. The fact that they seem inclined (and even incentivised) to grant patents and let the courts sort it out is a big part of this problem. USPTO should be doing plenty of groundwork and challenging applicants to minimise the subsequent litigation.

I remember once being presented with a problem, proposed the obvious solution to that problem immediately, only to find that some large corporation had patented it. If it's obvious to those skilled in the art then it shouldn't be patentable unless it can be shown that the thought process needed to get to that point is novel.

10
0

ESA to try tank-to-tank fuel switch on sat that wasn't designed to do it

Number6
Silver badge

It's cheaper to launch a new spacecraft than to port all the analysis stuff from VMS to Ultrix, to Solaris, to Linux to Windows10

Having got it working on Linux, why would you need to move it again? Especially to Windows 10.

2
0

US think-tank wants IoT device design regulated, because security

Number6
Silver badge

Accredited Standards Body

One way to do it is to put together a suitable standard against which manufacturers can test their products. At the moment I think half the problem is that startups don't understand the problem, whereas if they've got a real standard to test against then they might at least make an effort, if only to be able to claim compliance.

Of course, trying to get a useful standard defined may take years.

4
0

Who killed Pebble? Easy: The vulture capitalists

Number6
Silver badge

Re: "made by Real People for Real People"

I've met Real People. Some of them are right jerks and I wouldn't want to buy their products.

6
0
Number6
Silver badge

I still have an early Pebble watch. I haven't worn it for over a year, the strap broke (as is the fate of plastic straps) and I've yet to get around to replacing it. It sits there attached to its charger, just whiling away the time. Hopefully it will keep working, it doesn't appear to need to interact with the outside world except to exchange a few electrons. It might even be a collector's item in a few years.

3
0

Take that, creationists: Boffins witness birth of new species in the lab

Number6
Silver badge

Annoying the Powerful

The best argument to put to a creationist for believing in evolution is:

If there's an all-powerful being out there who made the Earth in six days about six thousand years ago, and yet went to all the trouble of making all the dinosaur skeletons and setting up the firmament to look like it was several billion years old, do you really want to piss him off and claim it's all fake?

2
1

If your smart home gear hasn't updated recently, throw it in the trash

Number6
Silver badge

The way to do IoT properly is to have a single server inside the firewall for all the devices to talk to, so that they're never directly accessible to the outside world. Then, if the owner wishes, he can open an access port in his firewall to that server from outside and hope that the server is not vulnerable. Having a bunch of different devices, all phoning home to different numbers, is a security nightmare but it's what we're stuck with until IoT people come up with a standard that allows someone to write a (preferably open-source) server to which they can all hook up.

I have a bunch of IP cameras but they're actively blocked from talking outside the firewall here. At the moment I only have one device that talks out and at some point I'm going to see if I can reverse-engineer the protocol and roll my own server.

7
1

Cheap virtual box hosters – Amazon's Lightsail is out to destroy you (yes, you, Digital Ocean)

Number6
Silver badge

Re: What is the point ?

I find it useful because it's got a static IP address, I can use it for VPN services and as an endpoint for my mail server (which redirects to my home system via other means where the ISP blocks port 25). It's a convenient remote web host, too, and a useful launch point for when I want to poke my own system from the outside. I used to host my websites with a provider who gave me an ssh shell as part of the package. With the VPS I get the whole machine to do what I want and host as many websites and back-end databases as I want.

However, it does mean you're responsible for your own security, so a bit of care in setting it up is required.

1
0

Jersey sore: Anchor rips into island's undersea cables, sinks net access

Number6
Silver badge

The King Arthur

Was it captained by a J Arthur?

1
0

Soon only Ticketmaster will rip you off: Concert scalper bots face US ban

Number6
Silver badge

My solution is to avoid buying tickets through Ticket Master (or a tout). If that means I don't go then think of all the money I've saved. These people can only get away with what they do because the tickets get bought despite the gouging.

In the US you get companies trying it on offering the chance to pay on-line by credit or debit card but imposing a convenience fee of several dollars. I always wonder whose convenience they're thinking about, because to me, writing a cheque and putting it in an envelope is far cheaper and more convenient than paying the fee. I wonder which one costs them more to process?

6
0

Renewed calls for Tesla to scrap Autopilot after number of crashes

Number6
Silver badge

Darwin

Why does this remind me of the old Darwin Awards myth about the Winnebago and cruise control?

5
1

Congrats America, you can now safely slag off who you like online

Number6
Silver badge

I'm sure Trump will try to revoke it next year if enough people give him and his businesses bad reviews.

2
3

Loyalty card? Really? Why data-slurping store cards need a reboot

Number6
Silver badge

The best way to use loyalty cards is simply to take advantage of the offers. Not every store has everything we like so we have no brand loyalty as such, general groceries come from whichever one happens to be visited next for their few unique items.

As for using an app on the phone, given the way apps seem to try to grab as many permissions as possible, usually including your phone address book, I'd refuse to have the app on my phone (I am very picky about this sort of thing now) and would much prefer a separate card. In the US they will often key the data to your phone number - I have no problem with giving them the house phone number for that, can't spam it with texts and the answering machine deals with calls from unknown numbers (many of which then get blocked).

1
0

BOFH: The Hypochondriac Boss and the non-random sample

Number6
Silver badge

Re: "IT skillset of a potato"

There wouldn't be IT if it wasn't for chips. Which are made from potatoes.

9
0

Reg man 0: Japanese electronic toilet 1

Number6
Silver badge

Re: We have one

We bought a house that had one fitted (the pump recently failed, without which it won't even flush, $500 later...) There's a pressure sensor in the seat somewhere so that getting up seems to cut off all water spraying activity so it's clearly better behaved than some models.

It can be very useful the day after a really good curry.

2
0

LAKE OF frozen WATER THE SIZE OF NEW MEXICO FOUND ON MARS – NASA

Number6
Silver badge

I hope they are careful when filtering that water for human consumption, ask the Doctor what happens if they don't...

2
0

Inside our three-month effort to attend Apple's iPhone 7 launch party

Number6
Silver badge

More Entertaining

I find Kieran's trolling of the Apple PR team to be far more entertaining than any Apple news conference. Unless someone can come up with the equivalent of the Gates W98 BSOD of course, just to show that even the mighty can trip over their shoelaces occasionally.

Mind you, they get several tech points deducted for having their email software configured to send read receipts, one would have thought they'd be a bit more secure than that.

0
0

Barnet Council: Outsourcing deal with Capita has 'performance issues'

Number6
Silver badge

Re: It's Barnet council that has "performnace issues"

If you ask questions that can't be answered (it'd require someone to do work) you'll be regarded as an awkward bastard and the contract will go elsewhere.

This is where a lot of the problem lies, it needs someone to ask those questions and have them answered. Perhaps if someone actually had to do the work up-front then the magnitude of the screw-up would be significantly reduced.

1
0
Number6
Silver badge

Re: translation of strategy into delivery

By definition, what the customer wants is what it states in the contract. However, that may not be what the customer needs. This is why sometimes it's well worth paying for a study contract to properly define the requirements so that what's in the contract is closer to the actual needs.

There's still plenty of scope for an awesome fuck-up though.

2
0
Number6
Silver badge

Re: It's Barnet council that has "performnace issues"

Why is it only government customers of Crapita who see to think this is normal? Have Crapita ever successfully completed a project on time and to budget?

You're not looking at it like a consultant. Chances are they were given a spec full of holes and ambiguities and quoted a reasonable price and timescale based on that. Then someone on the government side says "Oops! We forgot this, please add it in" so the cost goes up to pay for the extra work, which of course takes longer.

There are two sides to any large IT cock-up and while Crapita get most of the blame, it's not entirely their fault - someone needs to point a finger at the government procurement people too. As a responsible consultant, you should be looking at the RFQ and highlighting areas where you think they may be deficient, and clarifying anything you think is ambiguous so that both sides agree what it means, all before providing the price and timescale quote. Of course, this takes up more of your time and probably results in a more expensive quote than the competitor who didn't do due diligence, but I'm sure if it was done properly the overall outcome would be cheaper, or at least generate less bad publicity.

2
0

British banks chuck smartphone apps out of Windows

Number6
Silver badge

I wouldn't touch WP even if I had a bargepole, but then I choose not to use my phone for banking anyway. That is preferably done on the home machine which is unlikely to be dropped out of my pocket or otherwise lost or stolen. There's always a tradeoff between security and convenience and for me the line in this case favours security.

3
1

Microsoft just got its Linux Foundation platinum card, becomes top level member

Number6
Silver badge

Re: Linux Desktops

Have you tried Windows 10? I put it on a VM here and after trying it out, only fire it up when I really have to. The Win7 VM gets way more use, and the Linux host way more than that.

The only thing stopping Linux from really making inroads is the poor support from providers of commercial software (and hardware - lack of decent drivers). If they produced Linux versions of their products then I suspect quite a few people would switch from Win7 to Linux once they'd experienced Win10.

0
1

Post-outage King's College London orders staff to never make their own backups

Number6
Silver badge

Re: Backup on 'New Technology'

I meant in addition to the regular backups. Most backup tapes get cycled through multiple erase/write operations, so something from a year ago might not exist in the current backup set, but an archive of what the system was like at regular intervals can be useful if something is deleted as 'not needed' but some months later it suddenly is required. Of course, with the penchant in the US to demand data dumps for litigation purposes, perhaps it's less desirable to maintain history if it might be incriminating.

1
0
Number6
Silver badge

Re: My company has axed all backups...

The way to demonstrate cloud storage as a bad idea is a common-mode JCB fault on the internet feed to the site. All of a sudden, none of it is accessible unless people have taken copies. If they're shared files, you then get the chaos as multiple people work on it and there's merge conflicts when they all try to sync back to the cloud when the fault is fixed.

How about the example where someone quit his job and, like a good ex-employee, wiped all of the company content from the Dropbox folder on his personal machine... Except he'd forgotten to disable the work account first so it deleted the cloud stuff too. Oops.

3
0
Number6
Silver badge

Re: Levels of backup

Yes, I'm thinking in the context of "proper backups are also being done". You'd be really unlucky if you managed to lose all your lab machines and the IT backup at the same time, although it could happen. I have been in the situation where the backup really is the only copy in existence and that's a bit nerve-wracking until it's fully restored.

In the days when my data would fit on a DAT tape, I kept one in a locked drawer at the office that got swapped out every couple of weeks and also had one at my parents' house (a couple of hundred miles away) that I swapped out when I went to visit. Not 100% coverage but better than losing it all. I managed that once, along with probably many readers here, and am doing my best not to do it again.

3
0
Number6
Silver badge

Levels of backup

I'm afraid if I worked there I'd be backing up my own data. It might just be sharing it between a couple of machines in the lab/office but I'd have more than one copy I could get my hands on without having to deal with the IT department. It also avoids embarrassment when you've accidentally deleted a file and would otherwise have to go ask them to restore it from the last backup (always a fun exercise, especially if it turns out they can't).

5
0
Number6
Silver badge

Re: Backup on 'New Technology'

In a place like that I would be using both. The purpose of the RAID array is to try to avoid any downtime due to hardware failures, the purpose of the tape is to provide an archive (chuck a tape set in the fire safe every so often) and a last-resort to recover as much of the data as possible should the RAID array go down irretrievably. I run a lot of my home stuff on a basic RAID1 system but I still rsync important stuff to a separate drive on another machine every night. I'd like to be able to afford a tape backup to go with it, but that's too much £££ to get a useful capacity now for home use so I rely on multiple hard drives on different machines. In the days of DAT tape capacities being bigger than hard drives I had a very good backup scheme that even managed a successful restore a couple of times after hard drive failures.

3
0

McDonald's sues Italian city for $20m after being burger-blocked

Number6
Silver badge

Re: I don't get it!

In the same way that there are certain types of Brit who, on arriving in a foreign city, will immediately search out a fish & chip shop and an "English", or at least "Irish" pub...

I wouldn't say "immediately", but if I'm in the area for several days, it's always interesting to see what the locals think fish and chips should be, and whether they manage to capture the pub atmosphere. That in itself is instructive, we're there looking at them, it gives some insight into what they think of us.

4
0

No spin zone: Samsung recalls 3M EXPLODING washing machines

Number6
Silver badge
Devil

In Other News

Samsung sales to the Middle East have picked up recently.

7
0

Run a JSON file through multiple parsers and you'll get different results every time

Number6
Silver badge
Happy

Re: not parse JSON documents that I hadn't created myself

... a single JSON document gets parsed by two different engines. For example the JSON parses correctly in the bank's deposit-into-my-current-account function, but throws an exception in the corresponding deduct-from-my-savings-account function

Can I have a copy of that document please? I might have a use for it...

0
0

Smart Meter rollout delayed again. Cost us £11bn, eh?

Number6
Silver badge

Not Late Yet

The text suggests that BEIS said it would be ready by the end of September, but did they say which September?

2
0

Boffins predict web scams with domain registration data

Number6
Silver badge

Depending on what sort of hosting service you are, you might be able to aggregate a bunch of new customers into such a thing, where you charge them the 'standard' rate for their individual domains but make a profit because you're being charged the discount rate.

2
0
Number6
Silver badge

We need something similar to the RBL lookups used for IP addresses. Something that would tell you how long a domain has been registered, even if it's just <30, <60, <90, <180, <365 or older, so that when my scanner looks through an email, it can quickly and easily do a lookup and score shiny new domains accordingly. Doing a whois on all domains and parsing for the creation date is not trivial and probably violates the terms of service of the whois providers, given the volume of lookups.

4
0

Today the web was broken by countless hacked devices – your 60-second summary

Number6
Silver badge

What would help is for ISPs to cooperate and shut down customers who are clearly participating in the attack. Route 'harmless' http requests to a default web page explaining why they've been taken offline and what to do about it.

I know such a feature could be abused, but I'm sure there would be a way round that with checks and balances and a proper procedure (yeah, right...)

5
3

Donald Trump running insecure email servers

Number6
Silver badge

Re: Thar she blows!

He's much more of a mundane Republican than he's made out to be.

In which case he needs to fire his entire PR team because they have failed to get that image across.

4
0

Red Hat eye from the Ubuntu guy: Fedora – how you doin'?

Number6
Silver badge

I used to use Fedora, but then got fed up of having to upgrade a bunch of machines at regular intervals, back in the day when an in-place upgrade wasn't advised. Then I discovered Mint and switched to that instead of installing the latest Fedora. Now I stick to the LTS versions, currently a mix of Mint 13 and 17. It took a bit of getting used to the slightly different way of configuring stuff, the files aren't in the same directories, but it was useful because now I can cope with either. I'm not a fan of Mate and Cinnamon, it's either KDE or LXDE/XFCE depending on the grunt rating of the machine in question.

1
0
Number6
Silver badge

Re: Why oh why would you use Ubuntu

unfornately it's decided to upgrade itself without warning and informs me not to power off.

When that happens to me, I accidentally lean on the power button for too long and it stops the upgrade somewhat abruptly. Probably not recommended, but I've gotten away with it so far.

3
0

US reactor breaks fusion record – then runs out of cash and shuts down

Number6
Silver badge
Joke

Good job they managed to shut it down before the money ran out, otherwise it would still be running.

0
0

BOFH: The Idiot-ware Project and the Meaningless Acronym

Number6
Silver badge

No, I think he left them together in the box with the drum of calcium chloride.

0
0

Google 'screwed over' its non-millennials – now they can all fight back

Number6
Silver badge

The balance is being steadily redressed (I see quite a few younger female engineers now), but in the group of engineers with lots of visible grey hair, women are still a small minority.

0
0
Number6
Silver badge

You need at least one grey-haired engineer on the staff, it's cheaper than gaining the equivalent experience by making the same mistakes he did when he was your age. He might not have all the answers, but you can be sure he knows a lot of the right questions to ask.

41
0

Citizens don't trust UK.GOV with their data

Number6
Silver badge

Re: Freedom

Isn't that the difference between external control and self-control?

1
0

Psst. Need some spy-on-employees tech? Ask Oriium

Number6
Silver badge

Re: The usual "credit card" string

No idea how well the security measures work against it, but the VM with the VPN works quite nicely. It also helps that if you want to go browsing patents or competition websites, it's not immediately obviously your employer's IP address, which can be enough to trigger a lawsuit if they've got a trigger-happy lawyer in need of a new yacht.

0
0

Forums