* Posts by Tom 38

3551 posts • joined 21 Jul 2009

Microsoft's Jet crash: Zero-day flaw drops after deadline passes

Tom 38
Silver badge
WTF?

it's a remote-code execution vulnerability, specifically, an out-of-bounds memory write. The good news is that an attacker can only trigger the bug by tricking the victim into opening a specially crafted Jet file

So this "remote code vulnerability" can only be exploited by tricking the victim into opening a local file? How the fuck is that "remote"?

1
1

Redis does a Python, crushes 'offensive' master, slave code terms

Tom 38
Silver badge

Re: Fascist

Get with the program, they make replicas of people who disagree with them.

3
0

Dust off that old Pentium, Linux fans: It's Elive

Tom 38
Silver badge

Pretty sure he meant Pentium 2, because at least then the architecture, clock rate and RAM size all come from the same era at least.

0
0

Microsoft gives Windows 10 a name, throws folks a bone

Tom 38
Silver badge

No, you get up to six Office subscriptions, all you need is someone to give them too, children, spouses, significant others etc.

Would be nicer if they cut the price to $16.67 per user per year and then let us decide how many licenses we need. How does that conversation go anyway, "Great news Timmy, MS have given us an extra license so you no longer have to feel like we love the other 3 more than you any more (but we do.)"

12
3

Anon man suing Google wants crim conviction to be forgotten

Tom 38
Silver badge

Re: Yeah, well . . .

It's how most VC works though isn't it, people invest in a VC fund, they get a part-ownership of the venture, and consequently of the things the venture invests in.

2
0

Huawei's Alexa-powered AI Cube wants to squat in your living room too

Tom 38
Silver badge

Re: A bit disengenuous...

Thanks, now I don't need to write that too :)

3
1

‘Very fine people’ rename New York as ‘Jewtropolis’ on Snapchat, Zillow

Tom 38
Silver badge

Re: "Working to track down the culprit"

I don't look at images, I look at changesets:

https://www.openstreetmap.org/changeset/61555047

Pretty fucking simple - why are so many otherwise sensible people so quick to dismiss antisemitism.

6
1
Tom 38
Silver badge
Joke

Re: "Working to track down the culprit"

...and is currently banned until 2038.

Until the end of time(_t)!

31
1

Hello 'WOS': Windows on Arm now has a price

Tom 38
Silver badge
Headmaster

The proof is not in the pudding, the proof of the pudding is in the eating.

32
0

No do-overs! Appeals court won’t hear $8.8bn Oracle v Google rehash

Tom 38
Silver badge
Joke

Re: This is a perfect example

now go ahead and try to stop them talking to each other, especially if they have children

IMHO, that does stop a lot of the talking to each other.

1
0

Toshiba crams 14TB into another helium drive, this time with SAS boost

Tom 38
Silver badge

In terms of data rate of a single drive it doesn't, SAS offers many advantages over SATA when dealing with many disks, particularly multipath, better data recovery, talking the same protocol from controller to enclosure to disk and not having to use Serial ATA Tunnelling Protocol.

1
0
Tom 38
Silver badge

Re: Bah!

If you're interested in those attributes, this probably isn't what you're looking for...

9
0

Redis has a license to kill: Open-source database maker takes some code proprietary

Tom 38
Silver badge

Google gets way more from OSS than they give back. They also don't open source a great deal of their innovations, which has lead to the industry standard version of those innovations being not from google, but clean room re-implementations - prime example Hadoop, derived from descriptions of GFS and MapReduce. Its hypocritical to criticise another company for doing what they want with their code when you do precisely the same thing.

4
4
Tom 38
Silver badge

No, it's not bad behavior, it's a fundamental misunderstanding of open source economic models, and a desire to have your cake and eat it too.

Google open source economic models: Google gets all the cake. Be happy with the crumbs, and if you eat the crumbs, fuck off bitching about our cake.

6
6

Brit Railcard buyers face lengthy, unexplained delays. Sound familiar?

Tom 38
Silver badge

Re: Britain's ticketing is antiquated

I don't know why the British trains hold on to such old and nasty systems for most of the country.

Virtually everything you said about Swiss trains is true of British trains. When I buy a ticket on my phone, its immediately there as an eticket, scannable at the gates. My travelcard, if I have one, is linked in to that system, so when I purchase the ticket it is the discount fare and the photocard ID is linked to the ticket.

This is about buying the travelcard though, not the tickets. From a quick perusal of SBB's website, looks like I can apply for that online or in-person. Oh shit, the same old and nasty systems as Britain...

Our rolling stock is much shitter however. And their websites work..

1
0

Connected car data handover headache: There's no quick fix... and it's NOT just Land Rovers

Tom 38
Silver badge

Re: This needs some input from the DVLR

I find the DVLA driver license verification tool* effective and modern, and when I renewed my driving license, it was literally 5 minutes of point n click, with a photo from my smartphone; it couldn't have been simpler.

* When you rent a car; you go on the DVLA website, enter a few details from your license and get a 6 digit code to give to the rental agency to verify your license.

6
1

As it turns out, no, you can't just run an unlicensed Bitcoin money exchange

Tom 38
Silver badge

Re: Why not use a Mexican Bank?

Well, they used Grupo Financiero Bital, which after 2004 was bought and rebranded as HSBC Mexico, under the direction of HSBC US, so I'd imagine the reasons were "We know where you live" and "Here's a big bag of money if you just shut up and help".

It still amuses me that people think of the Hong Kong and Shanghai as a British bank - may be HQ'd here, its not a British bank.

8
0

Prenda lawyer pleads guilty to moneyshot honeypot scheme

Tom 38
Silver badge

Re: The Prisoner of Prenda?

Once I tried to unblock my own toilet instead of paying for a plumber, and I got covered in shit. It doesn't mean there is a toilet-plumber boys club, it just means I don't know what I'm doing.

20
1

GitHub goes off the Rails as Microsoft closes in

Tom 38
Silver badge

To be fair, they give a lot to OSS in return.

4
1

Rejoice! Thousands more kids flock to computing A-level

Tom 38
Silver badge

I was thinking similar thoughts

So (helped by the El Reg hacks who linked to it) read some of the syllabus. This is a pretty decent course; it is not "Do shit in Office/Windows", its an intro to software engineering. For instance:

Understand and use the following appropriately:

• integer

• real/float

• Boolean

• character

• string

• date/time

• pointer/reference

Damn, I work with people who don't understand and use pointers properly.

As for the science, this is the difference between school and university. School is about learning how to do things. In A level maths, you learn how to apply techniques like integration/differentiation, statistical methods, vector equations for motion, etc. In university level maths, you learn how to prove those techniques. This computing course is about the techniques of programming; its not supposed to be about the theory of computing.

Computer science is not about programming. One of the most famous computer scientists said "Computer science is no more about computers than astronomy is about telescopes", and barely ever touched a computer.

6
0

Linux 4.18 arrives fashionably late while Zorin OS shines up its Windows

Tom 38
Silver badge
Thumb Up

Re: Zorin OS

Even that's a bit of a tortured analogy, to be honest.

You do yourself a disservice, that's the best damn analogy I've heard! Zorin is to Ubuntu like a 2008 Tesla Roadster is to a Lotus Elise.

1
0
Tom 38
Silver badge

Re: Zorin OS

It's named after the two Zorin brothers' surname (Russian-Ukrainian) who live in the Republic of Ireland

Obvs they aren't allowed anywhere near Silicon Valley

7
0

Ad watchdog: Amazon 'misleading' over Prime next-day delivery ads

Tom 38
Silver badge

Re: Tax

Lets have it then; in what way are they taxed improperly or not according to the law?

2
2

Julia 0.7 arrives but let's call it 1.0: Data science code language hits milestone on birthday

Tom 38
Silver badge

Re: Still,

You don't really have an option to change it in Julia, you can simply create custom array types that are zero based, which will be a lot of fun when you aren't sure what kind of array you are being passed, or if one person likes 0-based and another likes 1-based..

PS: All whitespace is meaningful. If the language itself doesn't take any meaning from it, the developers reading the code do.

9
0

Make Facebook, Twitter, Google et al liable for daft garbage netizens post online – US Senator

Tom 38
Silver badge
Joke

Re: C'mon!

I believe you.

1
0
Tom 38
Silver badge

Re: It's the easy way out...

Because lets ask ourselves this simple question: what about the people who committed the 'crime' in the first place? Wouldn't it make more sense to hold them accountable for their own actions?

I would argue there are two sets of people committing a crime; the people who posted the illegal content, and those who host it and profit from it. All the social networks use algorithms to choose what content is displayed to you, it is not straight up UGC as they keep claiming.

If a photographer takes a privacy invading photo*, then they are/maybe committing a crime. If that photo is then chosen to be published by a newspaper, the newspaper is then also liable.

Certainly in EU/UK, the free lunch of claiming "Hey, we have nothing to do with what is there, its just user generated content" is almost over. They choose what gets displayed to you, and they profit from the ads shown alongside it; they will soon be listed as publishers** of that content.

* In jurisdictions where that matters

** perhaps an intermediate stage between "UGC" and "Publisher", but claiming "UGC! Safe Harbor!" is going going gone

3
0

The internet's very own Muslim ban continues: DNS overlord insists it can freeze dot-words

Tom 38
Silver badge

Re: shia.islam

Imagine if someone wanted to create a .christianity TLD.

Well, they had no problem approving .church, .bible, .catholic, .faith and .kosher ...

6
0

Microsoft devises new way of making you feel old: Windows NT is 25

Tom 38
Silver badge

Hmm

NT 4 was great compared to 95/98, but 2000 (NT5) was a pretty decent upgrade to NT 4, like somewhat better driver support.

18
0

Early experiment in mass email ends with mad dash across office to unplug mail gateway

Tom 38
Silver badge

Re: Firetruck?

s/(f)iretr(uck)/\1\2/gi

6
0

Indictment bombshell: 'Kremlin intel agents' hacked, leaked Hillary's emails same day Trump asked Russia for help

Tom 38
Silver badge

Re: Society Seems To Be Fragmeting or Declining in Standards

On other conduct, it appears fine for Khan the Mayor of London to lead calls for a derogatory blimp of Trump to be used

Khan did nothing of the sort, the protesters applied for permission to fly the blimp over Parliament Square, as have hundreds of other people this year. Their application was in order, the safety certificates were correct, and Khan quite rightly said that his role is not to decide whether it is a tasteful protest, just whether it is a legal one.

Of course that means Khan is fair game to be shown being fucked in the ass by an inflatable pig, that's not at all religious hate speech....

6
1

Clean up this hot sticky facial-recog mess for us, Microsoft begs politicos

Tom 38
Silver badge

Does anyone believe that Congress can define anything that is actually bipartisan?

1
0

ZTE sends 400 million hostages, gets back in business stateside

Tom 38
Silver badge

Re: Hmmmm

Please feel free to pick apart my rational and include what he's done for Russia

He has alienated the rest of the world against America, reducing its soft and hard power. A weak America means a stronger Russia.

6
1

Python creator Guido van Rossum sys.exit()s as language overlord

Tom 38
Silver badge

Ahem

result = (f(x) for x in input)

result = [x for x in result if x]

No point in having that extra list around wasting memory!

3
1
Tom 38
Silver badge

Re: Reinventing a more limited wheel

[(x, y, x/y) for x, y in ((x, f(x)) for x in input_data) if y > 0]

The new syntax is using less characters. This appeals to many programmers but I thought Python was not such a language.

At $JOB, that would immediately fail code review. Nested list comprehensions are hard to comprehend, particularly compared to assignment expressions, and disguise their purpose. Lets run through how many PEP-20 violations that is - its ugly, its complex, its nested, its dense and it has poor readability.

26
1
Tom 38
Silver badge

Re: Reinventing a more limited wheel

I would be fascinated to hear how you would do the following in one line of idiomatic C using commas.

Well newlines are optional, and there is no limit on the number of statements per line, so pretty easy.

11
1

Crime epidemic or never had it so good? Drilling into statistics is murder

Tom 38
Silver badge

Re: The law is wrong

We could easily allow being at home as a defence to the charge. If someones breaking into your home and you grab a knife,

Even in your home and against a burglar, the circumstances in which you arm yourself can matter. For self defence to be a valid defence, you have to be in fear and not seeking retribution. A while ago, a man broke in to a house, tied up all the family members and started torturing them to "tell them where the gold and the safe was" - there was no gold. Eventually the dad got free, and the thief ran off, however the dad then armed himself (with a bat I think), chased after the thief and beat him senseless.

Because he wasn't in fear of his life, and at that point wasn't acting in self defence, he got a fairly stiff GBH sentence.

Can't find the story now, pretty sure it was in Birmingham...

2
1

Smyte users not smitten with Twitter: APIs killed minutes after biz gobble

Tom 38
Silver badge

They then "made the difficult decision to wind things down right away” which included giving zero shits about the people with whom there were preexisting contracts and obligations

I think you've misunderstood why the decision is difficult. If they cut off their clients in breach of contract, they will be liable for a certain amount of compensation. If they don't cut off the clients and collect the data, they'll be liable for a much larger amount of fines.

The decision is difficult because they both cost money.

0
0

Yubico snatched my login token vulnerability to claim a $5k Google bug bounty, says bloke

Tom 38
Silver badge

Re: Donate

The pressure to, "be a man," comes from society, which is primarily male driven. Each man has the ability to define themselves on their own terms, rather than try to live up to what society tells them to be (other men, usually, through workplace banter, etc.)

This "mens problems are mens fault, and so are everything else" attitude is not helping your argument, and then followed by this hideously sexist paragraph:

I'm a full supporter of men being part of the family, playing a proper part in their children's upbringing... I smile to myself whenever I see a man pushing a trolley around the supermarket, exchanging funny faces with their kids in the trolley...

GTFO. That's called parenting. It's as condescending to men as saying this about female developers:

"I'm a full supporter of women being part of the IT development team, playing a full role in the development of software... I smile to myself when I see a women submitting a code review on github, exchanging comments with their peers...."

It's sexist when you take something that either gender can do, and make some aspect of it out of the ordinary for one of the sexes. The solution to sexism in the workplace is not more sexism.

So if you see a woman being bullied, do everyone a favour and support her.

If you see someone being bullied, do everyone a favour and support them.

17
0

Microsoft says Windows 10 April update is fit for business rollout

Tom 38
Silver badge

Re: In the time it takes to update win-10-nic...

As per /usr/src/UPDATING, you shouldn't run installworld prior to booting your new kernel. The recommended process is:

1) make buildkernel buildworld installkernel

2) Reboot to single user mode with new kernel and old world

3) "mergemaster -Fp" to prepare /etc changes

4) make installworld

5) "mergemaster -Fi" to apply /etc/ changes

6) "make delete-old" to remove old files

7) Reboot to your fully updated system

Also, since this isn't 2008 any more, you could also just run freebsd-update(8)

4
2

Docker Hub security dissed, dodgy container image data damned

Tom 38
Silver badge

For instance, if you want to build a python -manylinux wheel (a binary package that will work on, wait for it, many versions of linux), the current specifications say you need to do it on a CentOS 5 image.

There's lots of shit like that out there.

5
0

Citation needed: Europe claims Kaspersky wares 'confirmed as malicious'

Tom 38
Silver badge

Re: You do not need evidence against Russians

We didn't steal it from the Palestinians, we stole it from the Turks.

How's California?

15
2

Brit drone biz Sensat notches up 29km remote-control flight

Tom 38
Silver badge
Thumb Up

Love the sub title

Personally I don't like the idea of Amazon Paveway!

1
0

Dems push Ryan to vote to help save America's net neutrality measures

Tom 38
Silver badge

Re: 86% of Americans agree with *THEM*? Since *WHEN*?

ISPs should get out of the way. They should not insert themselves between us and the world.

Inserting themselves between me and the rest of the world is what I pay my ISP to do. If they stopped doing that, I would be very unhappy.

0
0
Tom 38
Silver badge

Re: 86% of Americans agree with *THEM*? Since *WHEN*?

I think the Demo[c,n][r,R]ats need to stop it with the DISHONESTY.

I downvoted you for your RE. Are the "Demo,,ats" really that dishonest?

0
0

Nominet throws out US corp's attempt to seize Brit domain names

Tom 38
Silver badge

Re: Tucows One Goat?

and a big naan, all the salad, no onion, garlic sauce.

5
0

Microsoft will ‘lose developers for a generation’ if it stuffs up GitHub, says future CEO

Tom 38
Silver badge

Re: Be smart

Be smart, host the repository yourself

It's far easier to use managed services than to manage them yourselves. We used to manage everything ourselves, it was a nightmare as the infrastructure team could not keep up with the number of systems they have to maintain and update.

I know what you will say - well why didn't you hire 3 more sysadmins? Suddenly all those free things cost you $250k a year in staff costs and $50k every 3 years in capex. When you balance it up, getting a better quality system that also replaces JIRA, Fisheye and Jenkins for 200 users for $48k a year is compelling.

12
2

HostingUK drops offline after losing Farmer vs Fibre competition

Tom 38
Silver badge

Re: DR

A data centre is not a cloud. Putting things in a hosted server in a data centre is not putting things in the cloud.

7
1

Don't read this, Oracle... It's the rise of the open-source data strategies

Tom 38
Silver badge

Re: 'Nuff Said

In June 2012, he wrote this puff piece on MongoDB. 3 months later he was hired by 10gen (now called MongoDB Inc), where he had "several areas of responsibility while at MongoDB, including corporate strategy, business development and corporate marketing" and "Added marketing leadership in December 2013, covering web, corporate marketing, community and communications. Shifted business development in May 2014 so as to focus full-time on marketing. Helped to cement MongoDB as the second-most discussed (and top-4 most popular) database"

Make your own minds up whether this article has any bias in it.

4
0

Internet engineers tear into United Nations' plan to move us all to IPv6

Tom 38
Silver badge

Re: Mapping plan

1.4 million routes doesn't really sound like much to me for 2022.

It's the exponential part of it that is the issue, 1.4 million in 2022, 2 million the next year. The more we squeeze IPv4, the more fragmented IPv4 space becomes, and more routes are required.

As an example of an affected router, 3 years ago the thick end of $20k bought you a Cisco 7600 series, which has a hard limit of 1 million IPv4 routes/512k IPv6 routes (IPv6 routes takes twice as much space, your choice on how you split it), and 512k IPv4 FIBs and 256k IPv6 FIBs - ruh-roh.

That router is EOL/EOS, but still supported by Cisco until 2022 (assuming you keep paying).

17
2
Tom 38
Silver badge

Re: Mapping plan

In my naive mind I would think that a 32-bit address for IPv4 need only take 1/2^96 of the 128 bit IPv6 addresses to work, or around 1.3e-29 of addresses. What have I missed?

Its to do with how they map them, and how the routing to those mappings absorb or make unusable other addresses.

The point of IPv6 is not simply more IP addresses, it is designed to make routing and routing decisions easier and more logical. Current IPv4 routing requires a global routing table of ~800k BGP routes, which is expected to grow to ~1.4 million routes by 2022, as the fragmentation of ranges requires even more routes.

IPv6 on the other hand is intended to be given much larger allocations initially, which drastically reduce the number of routes required. IPv6 is expected to have no more than 130k routes by 2022 (not because it isn't used!).

That follows on to FIB table size. IPv4 FIB tables are expected to grow above exponentially, reaching 1M entries by the middle of next year, which is the magic number of entries that many routers will go "pfffft" at, and start dropping traffic or using excess CPU.

IPv6 isn't a magic bullet, but it is designed to fix these routing issues that affect the core internet, and this proposal aims to piss all over those designs in order to simplify migration - in effect making IPv6 just IPv4 with more addresses, but still with all the complexity that IPv6 needed to solve these routing issues (but not solving them).

88
0

Forums

Biting the hand that feeds IT © 1998–2018