* Posts by Mike007

192 posts • joined 11 Jun 2009


No one wants new phones – it's chips that keep Samsung chugging


The easiest way to have multiple numbers is to set up a SIP client and use data.

ICO seeks views on how tween-friendly websites should be designed


Psychology 101.

We must prevent them knowing it exists, to protect them.

If only there was some way of communicating with these things and getting them to comply with our concerns!

Do these "tweens" have the physical ability to use language? If so, we might be able to train them to somehow communicate their confusing behaviour to us. I believe that a better understanding will allow us to design more advanced weapons to defeat them with.

UK Foreign Office offers Assange a doctor if he leaves Ecuador embassy


Re: Doctor

Paranoid person has no contact with reality and 24/7 security detail for years. Walks in to normal world, and sees a CCTV camera.

I assume the correct answer to your riddle is "Psychiatric"?

USB-C for Surface owners arrives in form of a massive dongle


Re: Eh?

I want MY data accessible. Even if I forgot to bring my laptop and hard drive stack.

The silver lining on a NAS.

So what does EE's 5G test really signal?


Re: Fantastic

When a single speed test can use >10% of your monthly limit, the problem isn't technical.

Have you heard the one about IoT network tech that uses SIM cards?


What is the advantage over SMS/GPRS? I get the feeling they are taking advantage of the fact that these sorts of messages are normally used internally by carriers, so aren't billed.

Correction: Weren't billed prior to this story being published.

Keep your voice down in the data centre, the HDDs have ears! I SAID, KEEP...


Today I fired up some old disk shelves that made me adjust the labs noise-rating. Previously we were at "bloody loud", but after accounting for the extra equipment we now have a new designation of "DID YOU SAY SOMETHING?".

Are you telling me the slow performance is due to the noise? I thought it was because of the 10 year old disks...

Google isn't saying Microsoft security sucks but Chrome for Windows has its own antivirus


Re: Feature creep?

Non-technical people only care about google collecting data in terms of how great it is that "google knows what they want" without them having to "learn how to use a search engine properly".

Australian senator Pauline Hanson wants devilish scam calls to flash '666'


All calls enter the telco's network from somewhere. Whitelist providers who guarantee valid credentials, and strip the caller ID from the rest. If the other telco passes calls from third parties who do not guarantee valid credentials then it needs to do the same - strip the ID before passing it to you.

"Market forces" will ensure that a telco wanting to deliver calls to a destination will fall in to compliance, as they will lose all ability to terminate "legitimate calls" properly if they don't.

Source network reputation works pretty well for email. You can still set up a server with a "reputable provider" and spam from it, but see how long it stays up for... The ones who will let you spam from their network are probably already on every spam list.

Whose drone is that? DJI unveils UAV traffic tracking system


Re: Pointless

If this were mandated in all drones, then I would argue that people willing to solder wires etc to re-flash with modified firmware or whatever is required are not the "target audience". You can build a drone yourself without this "feature" if you have the time.

The major problem at the moment is that people can walk in to a shop, buy a drone for £40 and just start flying it. I will admit that when I got a £40 one stuck in a tree, my response was to head back to the shop I got it from and purchase a replacement + a spare "in case it happened again". (I did recover the original, and now have 3 identical ones as I haven't lost one since... but I can see how that thought process could apply to others - don't downvote my honesty!)

If this functionality were standardised then it would be reasonably easy to establish a strict-liability offence of flying a drone without a compliant beacon containing valid contact details.

More and more websites are mining crypto-coins in your browser to pay their bills, line pockets


As with others, I wouldn't mind permitting ads on responsible websites. It's the heavy graphics, the auto-play videos, the full volume sounds etc that make me install an ad blocker.

If there was an option on install for "block annoying ads" vs "block all ads" then it would encourage websites to use less annoying ads. The problem is the whole economic model of ad blockers being free and therefore having a huge incentive to take payments to reduce their thresholds for what is an "annoying ad".

I had no problem with googles text based ads. I wasn't too bothered by animated GIFs.

The very first time I installed an ad blocker was after The Pirate Bay sold advertising space to a company that thought a full volume buzzing sound and consuming all your CPU with flashy videos was a way to "get attention". After install I noticed that my computer was able to open >10 tabs on The Register without grinding to a hault, which it hadn't been able to do prior to this.

I installed an ad blocker because of TPB. I kept the ad blocker because of The Register.

Do you Word2Vec? Google's neural-network bookworm


Imagine a baby. Before it opens its eyes for the first time it is connected to some machine that can completely control sensory input, similar to The Matrix.

Instead of feeding in images of a physical world, the only input it gets is plain white text displayed in front of its "eyes" on a black background. This is the only "external input" it will have for its entire life. It can respond and interact somehow through muscle actions, no need to get hung up on the details.

Words represent social concepts/ideas. How does it understand "Christmas"?

There is a major difference between being able to calculate the statistically correct reply to a question and being able to understand a question.

We might already have all of the "technology" required for sentient AI, it just needs quite a bit more processing power, which will come in time. The problem is, our way of "teaching AIs" means that we are potentially training the next-in-line-for-the-throne to interact with the world without any understanding of it.

Imagine the difference between an entity in charge of all "law enforcement drones" learning "conflict resolution" from Facebook posts vs court rulings vs Life. You might argue that court rulings are a better training set than interacting with the typical person, but how do you understand the basis for some ruling on torture if you've never felt pain?

Essex drone snapper dealt with by police for steamy train photos


Re: Fair cop?

He was not operating under the rules for non-commercial drone operators. He was selling the photos, that means he was flying a commercial aircraft without a license. That's the law he probably wouldn't be confident arguing about in court.

Beardy Branson chucks cash at His Muskiness' Hyperloop idea


The biggest comparison with MagLev is that the reason we don't have MagLev is because a pair of iron rails is a hell of a lot cheaper. How many people will the cost of this line be spread over? (Construction Costs + Operating Costs / Capacity = a ticket price that makes Concorde look like a budget flight?)

Prejudiced humans = prejudiced algorithms, and it's not an easy fix


Cause and effect?

I raised what I considered an interesting legal point with my University. I queried how lecturers advertising scholarships containing restrictions on gender was consistent with the Equality Act.

The university administration initially claimed not to understand why there would be an issue. I pointed out that technically speaking as there were 5 female-only scholarships offered to a group containing 4 female students this would mean they would need to offer over 300 male-only scholarships in order to ensure they weren't financially discriminating against those students based on gender. They referenced what appeared to be generic legal advice about promoting under-represented groups, which was based on a section of legislation that had been overturned by the EU courts and repealed due to its discriminatory nature. They didn't reply to my email pointing this out.

To bring it back on topic: What would an AI learn from that data?

It might for example find a bias whereby the group of students who got scholarships have a higher minimum competence than those that didn't. An AI would be completely oblivious to something like social factors making a female student who doesn't know how to use a command prompt less likely to take a university level IT course than a male student of the same ability level.

The AI might instead learn that students who get scholarships perform less well than their non-scholarship-receiving cohorts. There could be a bias whereby scholarships encourage people who are less knowledgable about the subject to "give it a go".

Would the AI be more or less biased by including gender in the training set? This is a training set whereby the "top performers" will pretty much all be male, yet the females are all being paid more money.

Bloke takes over every .io domain by snapping up crucial name servers


Re: put a NS of a domain

You seem to misunderstand the concept of redundancy with regards to DNS. Adding additional failure points is not "redundancy".

If you have all the servers for example.com under example.net then this should be a well considered decision because a failure of EITHER example.com or example.net will cause problems. However if you are talking about dedicated DNS servers then putting them all under example.com is the most optimal configuration in terms of both performance and reliability. Queries will go directly instead of resolvers having to do an entire extra DNS traversal, and the only thing you rely on is the parent servers for .com - if they go down then example.com isn't resolving, is it?

A TLD should not be dependent on anything except the root zone, using another TLD will either involve delays in resolving your TLD or will require that you get authority to add glue records to the root under someone elses zone. If you do the latter it would be functionally equivalent to using your own TLD, with added paperwork and failure points.

In short, "Using the same TLD" is only a silly idea if that TLD is a different one to the one the domain is under. Putting your name servers under your own domain, on the other hand, is the correct and best way to do it.

Of course the question then becomes what the root referrals looked like - correct IPs, or his IPs?

Brit unis bunged £16m in gov cash for 5G test


I can easily get 30Mbit/15Mbit on my 4G connection from all the locations I have tried it in. This appears to be capped as it is very consistent. There seems to be plenty of bandwidth on the 4G networks. (Obviously I'm not in London!)

The reason there might be so much bandwidth spare, however, is that said speed test used 53MB of data. At "standard data rates" if I were outside my massive 2GB/month limit it would have cost about £5 to run that speed test. If they claimed you had a Gbit link, how much would the speed test cost to check it?

Texas cops lose evidence going back eight years in ransomware attack


Re: It's 2017 and you can still be pwned by a forged email header

Actually there is a way to validate the From header. If you try to spoof an email from a @paypal.com address to a gmail user it will not only put it in spam, but if you open it there will be a notice on the top telling you it is not the real paypal.com.

This is not some special agreement between gmail and paypal but is based entirely on open industry standards - I have implemented the same anti-spoof protection for some of my own domains. SPF validates the envelope address (allowing a server to "take responsibility" if it wants), but DMARC validates the From address (meaning it validates the claim about who sent it).

The only case where you can't validate an email sender is if users are allowed to use unrelated third party SMTP servers (so some public email providers can't require it), which I certainly hope does not apply to an official police email address.

Google launches root certificate authority


If you can't be bothered with all that procedural stuff and the auditing nonsense, just buy an existing cert and you can skip it all and just start issuing your own certs straight away!

Bookmakers William Hill under siege from DDoS internet flood


Re: Just a DDOS?

The packets are using a spoofed source, your servers replies are the attack.


There is a thread about it on NANOG

A back-of-the-envelope calculation of traffic seen at ISPs comes out as this being quite a massive attack.

Future Snowden hunt starts with audit of NSA spooks' privileges


If the CIA wanted him dead, he would be dead. Russia or not.

TCP is a wire-centric protocol being forced to cut the cord, painfully


Re: Surprise?

"One thing that appears to be missing from the IP protocol is a concrete way to indicate network congestion to endpoints by signals originating at the affected point in the intervening infrastructure."

There's always ECN, although there's the problem that some NAT routers discard every TCP packet that has that "unknown option" of "I support ECN". Apparently apple are going ECN enabled by default which might be interesting.

"It is achieved by ramping up the packet rate until the round trip time starts to increase, as that is when the packets start to fill the queues in the routers along the route."

Detecting congestion has nothing to do with monitoring latency. Increased latency will not cause TCP to slow down - it will assume there is still more bandwidth and keep increasing the data rate until the buffers completely fill and start dropping packets. Oversized buffers in networking equipment is a serious problem.

Broadband powered by home gateways? Whose bright idea was THIS?


Re: The 48V is needed in case of emergency

You begin by commenting "when you lose power to your house, you can't use internet anyway", then admit you have your gear on a UPS and therefore you yourself are an example of where this is not the case.

I have my modem and one of my wireless access points on UPS power and my main computers and home servers are all laptops with internal batteries. I haven't actually had a power cut since getting VDSL so have no idea what would happen to my internet connection in an outage, but in theory if BT are doing their job properly and putting batteries in the cabinets I should stay up. My main systems and hosting infrastructure is tested to remain fully functional for at least 4 hours, and things will degrade to 1 access point with emergency internet access for the next 48 hours - although I doubt they have 48 hours worth of battery in the cabinet.

ICANN descends into farce as bigwigs try to cling to power


Because their official role is what I would call a technical role. While they have limited enforcement powers their role is basically to ensure the continued operational stability of the internet by maintaining the registries that everyone else uses to enforce "law and order".

When they decided to release the piles of new TLDs for financial reasons, the entire technical community opposed it because of the huge risks to the stability and proper functioning of a very critical piece of Internet infrastructure. There were numerous concerns including potentially very serious implications that ICANN hadn't even considered, all were dismissed without discussion.

It's a bit like having a police force who respond to a video of someone being murdering with "I am not aware of anyone being murdered, and I'm too busy to watch your stupid little home videos, go away and stop wasting our time".

That is why it needs fixing.

That's not an Ofcom email about your radio licence – it's a TROJAN


Re: I got one at work

If you don’t mind spending <£5/year for a "professional email address" then you can have anything@youremail.co.uk instead of needing a "special character".

As an example a few years back I had to add a rule to auto-delete all email addressed to beatthatquote@mydomain (apparently they have now been acquired by google, who at least dont sell client lists as far as I know).

be warned, if I ever start receiving spam directed to elreg@mydomain I will know who has been naughty!

Cause of Parliamentary downtime on Microsoft Office 364½ revealed


Re: Email Continuity Services

Their "backup MX" service won't help if the primary provider is still receiving email but then deletes it from their infrastructure. A backup MX is also not needed for a 13 hour outage, as the origin mail servers should spool the messages for several days before considering them undeliverable and notifying the sender to try again.

Bitcoin can't be owned, says Japanese court, as Karpeles sweats in cell


"because transactions between users are structured in such a way that calls for the involvement of a third party".

If he wants to try and rule based on technicalities of how the system works, he should probably get several people experienced in understanding complex network protocols to analyse both the banking system and the bitcoin transaction mechanisms and come to a consensus on the similarities and differences first.

For example is this is a reference to the fact that a transfer is verified by publishing a cryptographic verification to a distributed log as it reads to me then I think he'll find that bank transfers are verified by publishing them to a third party "clearing house" database. A fraudulent bank transfer is actionable in court last I checked.

Let kids delete their online rants, demand campaigners


defend your statements?

If your "defence" for your actions is "I was an idiot and spoke without checking if I knew what I was talking about and acted without thinking of the consequences", I am going to judge you as an idiot who speaks and acts without thinking, and I am not going to assume that what you are telling me today is any better researched than the previous nonsense you admit you were making up. It's called a reputation.

I "grew up on the internet" when it was full of professionals and academics before facebook and such. If I made a fool of myself I was respectfully mocked and took note to do my research before "acting like an expert" so I would say something more intelligent next time.

I have scrapped my "teenage identity", however if someone did find my old activities I am happy to defend anything I said. The way I said some things might come across as immature, however I can explain that the nature of the interactions and the way the person was treating me lead to an emotional reaction and can generally point out their messages were far more offensive than mine. I then alter the conversation on to the intellectual content of the messages, which was always well reasoned and researched before posting.

Unfortunately the Internet is not the same place as it was then - If whenever you post factual information that someone doesn't like you get bombarded with "you dunt know what ur talkin bout if you fink that, shut up", you aren't ever going to learn the art of constructive conversation, you are just going to learn to "ignore idiots", including "idiots" who have a valid point.

Hacked US Census Bureau staff to take anti-phishing classes


Re: training and support portal? REALLY!?

"And there will be organisations that tell their users "don't click on suspicous attachments" and then email important pay/pensions forms as word doc named PDQQ-6756-BHG.docx"

My bank sends me monthly emails saying my statement is now available online, with a "convenient" link to the login page to check it. Fucking idiots.

Are smart safes secure? Not after we've USB'd them, say infosec bods


Re: A safe with a USB port?

A safe should "fail secure". If a failure causes the safe to fly open then all I have to do is trigger a failure and I get your cash. If your safe fails secure then if I can trigger a failure all it means is you need to waste a few hours with a drill to get at your cash, which will also encourage you to replace the now-broken safe with a better model.

Hey, bacteria: Resistance is FUTILE – boffins grow new super-antibiotic



The only reason we're still abusing antibiotics is because they are expensive...

German minister photo fingerprint 'theft' seemed far too EASY, wail securobods


Re: Hey dude, hand me the finger cutter......

If you have trouble remembering your own name, how are you going to remember that you even work for XYZ corp? and then when you've logged in, what is your job? what are you meant to be doing? and how do you do it? what do you click?

If you can't remember a password, you are very unlikely to be compitent enough to actually need a password for anything.

Internet Explorer 12 to shed legacy cruft in bid to BEAT Chrome


Re: Chrome is getting bloated too

When chroms came out I switched from firefox to chrome to get the huge speed improvements. I have recently converted back to firefox in order to take advantages of the superior speed and performance of firefox... i kid you not, chrome got to the point where a clean install you'd type "google.com" and press enter and it would freeze, start hammering the hard drive for 5 seconds, then start resolving the domain... yes START resolving the domain, as in the very first thing that it needs to do and the thing it should have started doing before you've even released the enter key.

At university the profile directory is stored on a slow file server... meaning chrome basically doesn't work at all there. It used to when they first installed it, but it has updated itself since then.

They went from being the fastest to being totally unusable. And they didn't add a single useful feature in the process, just fucked around with things for the sake of it.

European data law: UK.gov TRASHES 'unambiguous consent' plans


Re: Consent

how is data processing by companies in any way shape or form even slightly related to police persuing an escaped criminal?

How was your week? Was it as bad as Uber's? Here's what happened


wrong target

why are the authorities going after uber? they aren't actually in those countries violating their taxi laws, their drivers are... if the police order a taxi from uber then arrest the driver for operating an illegal taxi service and national media start reporting that uber drivers are going to goto prison... they don't need to arrest a second driver, because uber won't have any left...

TalkTalk email goes titsup FOR DAYS. Cheapo telco warns: Changing password WON'T fix it


ISP Email

Who seriously uses ISP supplied email? you're stuck with that ISP, if you change you have to re-register accounts all over the place with your new email address. Just use gmail!

UK.gov set to burn £500m on one-dole-to-rule-em-all IT, claims PAC chair


Here's an idea

Some out of the box thinking here, but they hire incompetent people who are motivated to do a crap job (the longer it takes, the more updates, etc the more they get paid)... you can also get loads of inexperienced people who are motivated to do a good job for free - students!

approach a university, they have software development courses where they make their students create software projects purely for the experience of making it - give them your system requirements and let them set that as an assignment.

the students will have to make a system as part of their course so it's no extra work for them, but at the end of it you get 200 students with 200 versions of the software you require - so then you just have a look at them all, out of 200 attempts you are bound to get at least a few decent examples... offer to buy the system off them for £100,000, loads of money to a fresh graduate, peanuts to the government!

Migrate to the cloud and watch your business take flight


If a business can afford a leased line, perhaps they can spend that money on multiple low grade ADSL/Cable links instead, combined reliability should be better...

US broadband providers holding last-mile traffic ransom, ISP alleges


Re: Very short memories at L3

"All very true: Netflix and the like provide the majority of eyeball bound traffic in the US. Why shouldn't they pay carriers for the massive amount of traffic that they are dumping on them?"

should my ISP be paying me for the massive amounts of data I request/they dump on me, or would that be silly?

Oracle spins-up public sector 'Cloud'


Re: Yawn

It's worth noting that they expect government customers, and nobody else.

Mastercard and Visa block payments to Swedish VPN firms



Then they can go after them for money laundering or some other serious criminal charge because they falsified their paperwork... (unless you think visa have no way to know which company asked them to charge the credit card they signed up to the VPN service with?)

Spotify spews 'unencrypted' FREE MP3s all over creation


Re: Am I missing something?

From the 'adobe' reference in the article i'd guess about the same time flash became part of HTML5? oh...

IBM Australia on the stand over $1bn blowout


I can never understand how these companies end up getting paid. Which civil servant was authorised to pay out $6mil but was able to spend over 100 times the amount? Whose signature is on the payments, and who gave them the authority to make the payments? I'm sure you can tell where i'm going with this if it turns out someone was taking money without authorisation, and if it was actually authorised then that raises even bigger questions...

ICANN under fire as Verisign warns of rushed domain-name expansion


Re: Can someone enlighten me

Except in this case the files directly in the my documents folder are mostly inaccessible and you can only use subdirectories, but companies still want to put their files there...

A lightbulb that does IPv6: You know you want it


Re: @David

If you dont want them globally addressable, use local addresses instead. This isn't IPv4 - all v6 devices get dedicated local IP addresses that can't be accessed remotely, as well as the optional globally routable one(s).

Prepare for 'post-crypto world', warns godfather of encryption


What would you rather have, an agent who can read some of the messages and maybe send a summary, possibly a copy of some of the messages? How about a copy of all of the messages, without worrying about your source getting caught and turned/shot?

WTF is... IEEE 1905.1?


Re: Channel Bonding

Lack of standards isn't the reason your ISP doesn't offer that service, it's because you are using an ISP for low bandwidth users. If you select an ISP that caters for heavy users then you'll find most of them offer line bonding options of some kind (some will even bond VDSL lines), of course they also expect you to use the extra bandwidth so it's not going to be as cheap as an ISP offering you a "check your facebooks" connection.

Funny you should mention PPP, as that's the most obvious (although not only) way to do it - PPP has built in support for multiple connections creating a single logical pipe, works with bog standard PPP equipment that is already deployed and doesn't require any new standards or new devices. Used to be quite popular for bonding dialup connections together.

Stricken 2e2 threatens data centres: Your money or your lights


Re: Sounds fair to me ...

Call it a "stupid tax" and it sounds fine to me. If keeping your servers up is that critical that you'll throw £40,000 for a possible extra week or so (nothing stopping them taking the cash and shutting it off anyway), why don't you have a backup you can switch to?


Biting the hand that feeds IT © 1998–2019