* Posts by andy 103

125 posts • joined 18 Aug 2009

Page:

Moneysupermarket fined £80,000 for spamming seven million customers

andy 103
Meh

If you'd like to opt-out of this...

...untick the ticked tick box to not not receive emails that you will not recieve if you don't untick the ticked tick box that's currently unticked but will be ticked if you don't untick it.

0
0

The life and times of Surface, Microsoft's odds-defying fondleslab

andy 103
FAIL

Stick to a given set of hardware, and software that works

Things most people (particularly non-geeks) want:

1. Reliable hardware - i.e. they don't have to return it because the hard drive or some component died after 2 months.

2. Reliable software - if it shows any bootup or error messages, forget it.

3. Something which looks aesthetically pleasing.

They want the whole package. Not to have to know about different vendors or manufacturers offerings.

And everyone acts surprised about why MacBooks have sold so well!

Instead of letting world + dog put together a bunch of random components in different cases, use the same set of hardware to produce a given model. Make sure the software is free of errors or incompatibility with said hardware (easier when you know exactly what the hardware is).

Microsoft have finally started to grasp the concept of you cannot just throw any old shit into a plastic case, install a buggy OS and expect people to put up with it. The trouble is, they have a reputation for doing just that, especially with all the Surface crap that came before this.

You can bash Apple all you want, but nobody else has come close to giving people what they really want in terms of a laptop, or tablet + keyboard combo. And when I say "people" I don't mean just people who read The Reg. I mean ordinary, every day people.

2
3

Male escort says he gave up IT to do something more meaningful

andy 103
Happy

"I get to make a genuine difference to people's lives"

"I get to make a genuine difference to people's lives - a small number to be sure, but it's something that IT never allowed me to do,"

On a serious note, that's why a lot of people give up when they're working in I.T. Because they are rarely thanked for what they do, and it's often hard for them to see how what they do impacts in a positive (or negative!) way for their clients. This is especially true of developers in large organisations. I know some amazing developers who have gone on to do other things - albeit not escorting - for this very reason. I'm lucky because I'm finally working in an organisation where they really appreciate and value what you do. It makes a world of difference and I've never worked anywhere with such low staff turnover. I'm sure other people will have had experiences both ways (no escorting-based pun intended).

61
0

Ex-NASA bod on Gwyneth Paltrow site's 'healing' stickers: 'Wow. What a load of BS'

andy 103
WTF?

@45RPM

Sorry but whenever anyone starts talking about their home audio/HIFI setup - you're really no better than Paltrow et al.

There's never been so much bullshit talked especially when it comes to cables and interconnects with HIFI enthusiast twats. Essentially all that matters is this - if it sounds good to you, great. Nobody else needs to know, or gives a shit, what set up you use. In fact this applies to most other things people discuss on this site - if you're happy using your custom made Linux PC then great for you, if you use a Mac and it works for you, that's fine. What does it matter to anyone else, and why do you think they care what you specifically use or do?

It's the amount of BS that's talked by such people (including Paltrow) that really gets on peoples tits. If she said I'm selling these stickers and they are a blatant rip off and have no real magical properties, I'd actually have more respect for her and be more likely to buy them!

26
2

Brit uni blabs students' confidential information to 298 undergrads

andy 103

Re: 3. Someone - with access - exports data, and emails it to 2

"The problem is not being able to send the data - the problem is the usual lack of attention to context and detail that makes this kind of mistake possible."

True. But it largely comes down to convenience for either the sender or recipient. Imagine if the recipient was sent a link to the secure system and they didn't have a login. They reply to the sender telling them they can't access it. Even if the sender can set them a login up, the sender doesn't want to deal with that "problem". So they just send the data in a format they know the recipient can open with no problem. In a similar way, people with legitimate access might say, oh I cba logging in to that, just send it me in something I can open directly. it happens ALL the time in business, trust me, I've seen it first hand in many different organisations - especially ones where it should not.

Even if people are aware of what they're doing is wrong or against protocol, they will still do it, because they don't want (short term) hassle - usually from the recipient(s).

2
0
andy 103

And so it continues

Who's seen a scenario like this before:

1. Company invests in a system where its staff have to login to access certain data. The point being, anyone who should be able to access the data has access to the system, and nobody else.

2. Someone (who may or may not have access to the system) requests some data.

3. Someone - with access - exports data, and emails it to 2.

4. You've completely negated the point of 1.

Unfortunately people will always choose "convenience" over policy, or what's right. Until they personally get in trouble. But you know, they rarely do. And so it continues.

And as for all that "this email is confidential so don't open it if it's not really for you" bullshit at the bottom. Yeah, good luck with that. That's a bit like saying if you find my PIN number written on the back of my card, please don't type it into an ATM. Too late at that point I'm afraid.

11
0

Samsung releases 49-inch desktop monitor with 32:9 aspect ratio

andy 103

Retina Display still wins

27" iMac with Retina Display.... 5120 x 2880

Second monitor running in whatever resolution I want. Useful for testing for users with shit resolution screens, for example.

Width is useless unless you have the height to match so no idea what Samsung are thinking.

My iMac is a refurb model and the second monitor wasn't much. The entire thing didn't cost that much more than this Samsung monitor alone!

0
1

Banking websites are 'littered with trackers' ogling your credit risk

andy 103

Re: Are there any legitimate uses for client side scripts on a banking website?

"jumping from field to field when filling in a form"

tabindex in the HTML?

"calendar to select a date"

http://www.html5tutorial.info/html5-date.php - although this won't work in older browsers. Maybe degrade it back to using a series of dropdowns (day, month, year)?

7
2
andy 103

Re: Are there any legitimate uses for client side scripts on a banking website?

"when someone enters "100/23" they may try to transfer 10023.00 instead of 100.23"

Oh dear. That's exactly why I mentioned server side validation in the original post. You can still post the value "100/23" from the form but the validation on the server should check that's a legitimate monetary value (which it isn't, as it contains a /). I take the point that you might stop them posting it *at all* by using client side validation, but the principle still applies that the server should sanitize then validate all user input from forms anyway, so it's kind of redundant.

14
1
andy 103

Are there any legitimate uses for client side scripts on a banking website?

Just wondering - and may well be wrong - but what would be a legitimate use for any client side scripting on a banking web application?

Validation? Hell no. It may be used to enhance the UI, but should obviously be being done server-side.

Ajax? I'd rather have a slower experience with full page reloads and everything done server-side.

UI / UX enhancements? I don't need the developers to give Chrome a boner. Just serve the plain HTML and style it with CSS. We don't need any fading and transition bullshit thanks.

Erm, can't think of many other uses for client side js... Please can someone expand on this? I honestly don't see why you'd have to use any client side scripting. If you're showing people their balance, or they are submitting (posting) a form, why not just let the server side application take care of it all? Modern web developers will cite UX no doubt, but I'm pretty sure you can still build a full application with absolutely no client side scripting... Unless anyone has 2 cents (no pun intended) otherwise?

If this were the case you should be able to use every banking app with js completely disabled...but you can't.

23
1
andy 103

Yeah but...

... as with most things, all of this is stated in the small print. It's just that nobody bothers to read it and then complains and acts shocked when this sort of thing happens.

You know when you get one of this "annoying" Cookie Policy notices and just dismiss it? Well that's where they're telling you more about what they're doing, but you're too annoyed to bother reading it.

*cough* https://www.theregister.co.uk/Profile/cookies/ *cough*

6
6

BA IT systems failure: Uninterruptible Power Supply was interrupted

andy 103

Re: A data or application problem most likely

"Do you know something we don't? There are a thousand ways and more this could have started with a power failure."

No, I don't. However consider all of this....

1. Assume there was a power failure at the primary DC.

2. The primary DC has backup/UPS power - why doesn't that work? The article suggests *maybe* the main power and backup were applied simultaneously causing the servers to use 480V. Fair enough.

3. How does (2) affect what happens at the secondary DC? Why does exactly the same thing happen on a redundant system which is designed to mitigate against such problems occurring at one DC?

If the power management is also controlled via software, that is a data/application problem, which hasn't been tested - if you are sending the "wrong" data to the secondary DC it will only have the same results, and replicate the problem there!

I can't see how this would just come down to a "freak" power incident (nobody else in the area has reported it either) that knocked out two physically separate data centres, whereby the UPS also failed to work. It's just too coincidental and convenient.

It's more a case of whatever happened at DC1 was mirrored at DC2 - either by humans - or by data sent from one site to the other.

7
4
andy 103

A data or application problem most likely

This is the biggest load of BS ever. There's no way this started with a power failure at all.

What's more likely is there was a data/application error that they'd never encountered (planned for, or tested) and someone decided to kill the power ("have you tried turning it off and on again"). Because the systems at the other sites mirror the one that had the problem, they will then have wondered why killing the power did absolutely nothing to fix the problem. So then they'll have killed the power at the other sites and tried to power it back up. As the applications came back online they may have been faced with loads of data corruption which were possibly fixed either manually and/or with a combination of tools built into their applications.

The article quotes someone as saying a data problem is easier to fix than a hardware one. No idea where you got that total bullshit from. It depends on the circumstances. Even if you had to replace some hardware, that can generally be done faster than trying to fix a set of applications with corrupt or otherwise invalid files that are all trying to talk to one another.

And as for "this all happened in the UK and isn't outsourced" - who developed and tested the applications? Oh yeah, outsourced Indian workers. *Slow clap*

15
6

Massive scale, tight security – what's not to love about Kubernetes 1.6? Well...

andy 103

Can someone explain Kubernetes in simple terms?

It seems to be a buzz-name that's being banded about, but never explains what real world "problem" it actually addresses. The Kubernetes website is piss poor at explaining what it does, as are various other articles.

There was an article about DevOps hype on here the other week, and it seems very much to fit into that category of bullshit people use when they want to pretend they're very clever or using something which fails to address any real life problem in a significant way.

(No, this isn't a sarcastic post)

2
0

DevOps hype? Sometimes a pizza really is just a pizza

andy 103

Re: Unfographic

I think it's very much an intended way of spelling it, and you have worked out the meaning all by yourself. Well done have a cookie.

1
0

New iPad revealed. Big price cut is main feature

andy 103

Missing the point

I've said this before, and I'll say it again. Apple could charge 2 grand for a tablet, or even a phone, and still sell them.

It's to do with the brand perception and the fact that for the average person using their technology, it does "just work". Nothing to do with how good the technology is, as such, or whether they're pushing any boundaries.

That's why when you get people coming out saying oh well I could build you a Linux tablet and you'd have thousands of pounds left to spend on a charity of your choice, and there's no dodgy tax avoidance company attitude involved... nobody cares.

Apple's best asset is the fact they know how to *sell* products - it's never been about whether they're groundbreaking! Selling and making money is what they do. This is called "a successful business" :D

3
0

Today's WWW is built on pillars of sand: Buggy, exploitable JavaScript libs are everywhere

andy 103

Re: Stop obsessing over JavaScript

"The only think I can think of is timing-sensitivity"

I understand what you mean, but I think there's this perception of a need to mollycoddle end-users. For example if you're booking tickets and it says "you have 10 mins to complete this transaction", does a serious buyer really need a countdown? Most people know roughly how long 10 mins is, and if they're prepared to go ahead and complete a transaction (a serious buyer) they will find a way. Why do they need a countdown timer for that? And conversely if it's someone who isn't a serious buyer, they just get an error message if they submit the page, say 20 mins later. But they've been informed at a prior step that that would happen :)

I build web applications for a living and I'm really against all this js bullshittery, even though it's "the thing to do". If end-users need so much hand holding, they're possibly not the kind of people you want to do business with anyway. Although I accept that's very much a web developer's way of looking at things!

1
0
andy 103

Stop obsessing over JavaScript

About 10 years ago I worked at a web development agency. They were building an application and some of the developers wanted to try and go down the ajax, js-heavy route, because it was trendy.

I had a long conversation with them about how the particular application could use absolutely no Javascript at all, and all be done in server side languages. The only caveat was they'd have to have the page reload rather than use ajax to get a "smoother" experience.

I firmly believe that there's nothing wrong with doing full page reloads and writing sites/applications that use no js at all. It's become relied on for everything from validation (which you can obviously disable, by disabling javascript) to ajax requests (not needed as you can just reload the page) and transitions/effects (which few people actually care about). I honestly don't know why so many people are obsessed with javascript.

7
0

Linus Torvalds explains how to Pull without jerking his chain

andy 103

git shit

I think what he's moaning about is the fact that pretty much anyone who uses git - myself included - finds it incredibly tedious. But of course Lord Torvalds won't have that, because it's another one of his creations.

If you search for "git man pages generator" there's a web page which generates random gibberish, however, it's so similar to the *real* documentation that you can't really tell it's satire.

Maybe the tools you've come up with are a load of bullshit, and that's why people are going against your particular way of working, Linus?

5
19

Java? Nah, I do JavaScript, man. Wise up, hipster, to the money

andy 103

Re: Java is absolutely crap for web applications

"Since when did someones salary equate to the suitability of the product they were using?"

I'm not even going to carry this on because clearly you have no idea about modern application development in a web-based environment. To answer your last question though, this particular article is about careers and employment.

You've already acknowledged an advantage of PHP in terms of rapid development. In terms of PHP's suitability, I beg to differ, but as it's what I've done professionally for years and also used Java for web apps, I'm pretty well versed in making that call.

The end result is that you have a language which - if used properly - is great for web application development, and I've confirmed I get a significant salary for making applications with it. In terms of my career then, why would I want to use a language which makes things more difficult?! PHP's simple and get's the job done, whilst also getting paid a lot to use it? Yes, I'm fine with this!

Maybe you like pissing into the wind and get a boner over reading about data types... but some of us have a career AND time to have a life outside what we do professionally.

4
12
andy 103

Re: Java is absolutely crap for web applications

@boltar - You might want to consider some of the applications and services which are based on PHP before you go mouthing off. Seriously, go and have a look, it's not 2000 anymore and things have moved on somewhat. A "toy language" indeed... utter rubbish. They certainly don't pay me toy money to develop using it! And as for "making pretty pages"... that's front-end development, not PHP. Idiot.

10
20
andy 103

@wolfetone

As someone who has been in your position I've got an alternative that involves no Java at all...

In PHP roles you are correct that there is a ceiling salary which is lower than in other areas of development. These types of jobs are typically advertised by web agencies, and the market is frankly a little flooded, hence the lower than expected salaries.

Look into web based Software Engineering roles. Make sure you know more than just PHP - look particularly at frontend development frameworks (Bootstrap, jquery), database management, and web server administration (Apache, etc). If you have all of those skills combined you will get a lot further than just being "a PHP developer".

There is a bright future in web based application development, and Java-based technology is absolutely awful when it comes to web apps, IMO.

8
11
andy 103
WTF?

Java is absolutely crap for web applications

I don't know why Java even gets a mention when it comes to web applications. To any competent web developer (i.e. those of us who have used other non-Java technologies) it's an absolute joke.

The article mentions developing a mortgage application. Whatever the requirements of that, I guarantee, a Java-based web framework would yield absolutely appalling results - in terms of bloat, time taken to develop, maintanence costs, etc - even than using the simplest of PHP frameworks.

The only people who disagree with this are people who don't know any better, people who think Java is the shit because that's what they've spent their career working with.

If you're a developer or software engineer, you really need to realise what year it is, where things are going (i.e. web-based applications and software) and learn some new skills.

Java for web applications? Think I'd rather cut my balls off with a rusty knife.

13
27

Samsung phones, Apple's iPhones are 'overpriced', says top Huawei exec

andy 103

WhoAreWe?

It's all about business.

It's hard to take the piss out of Samsung and Apple when you work for a company that sounds, aptly, like "who are we".

It doesn't matter if Apple charged 2 grand for a phone, they'd still sell them. Same for Samsung.

People don't seem to understand that there's not an exact correlation between how technically good/bad something is, and how popular it is, or how well it sells.

Once you understand that mindset, you might be more profitable than those you are taking the piss out of. See also - people who slate Microsoft. Well, they've done pretty well financially, so maybe they have some idea of how to run a business.

Maybe some companies understand marketing and branding better than others. You can ignore this if you want, but nobody's even going to know that much about you to care, if you ever come up with something "good".

2
0

Google devs try to create new global namespace

andy 103
FAIL

Absolute load of bullshit

As usual, this is a conceptual idea, which they haven't really thought through.

Let's say you have a web application and it allows you to upload files, and then share them with other users, in the application. Like, you know, a large number of apps at the moment. If the files resided on this system they've invented, all of the application software now has to be re-written, such that when you grant (or deny) access, it writes the permission data (and the files themselves) somewhere outside the application. The application itself then has no idea of the permissions...unless you duplicate that data elsewhere, or use some sort of API to feed the permissions data in from their service...again requiring a rewrite of your app. If the permissions change, you have to update it both in the application and on their system. This does not "cut down" anything, it's making more fecking work.

So, sorry, but that's absolutely fucking useless, to 99% of people.

By the way: If you want a photo to appear on both Facebook and Twitter, just set the permissions in either to make that asset public. So it's, you know, shareable.

1
0

GitLab invokes the startup defence to explain data loss woes

andy 103

Maybe backup your own stuff?!

If YOU are not backing up your own data, then any problems and consequences are your own fault.

This is the problem with the whole "it's in the cloud" bullshit people are coming out with left right and centre.

People think that because they host their projects on third party services, everything is just backed up automatically and there'll never be any problems.

What's to stop you, for example, downloading copies to a local hard drive? Oh yeah, you can't be bothered because you're paying for a "cloud service".

What happened in this incident, and the response from Giblab, is pretty awful. But people who think they themselves have no responsibility over securing their work and data get all they deserve.

3
0

Virgin Media swallows 215,000 new fibre customers in Blighty

andy 103

Sort out your pricing and customer service, Virgin

I got Virgin Fibre on an 18 month contract. It was one of those where the first 12 months were considerably cheaper than the last 6.

I have no qualms about the broadband itself - it's incredibly fast and their router seems to work well with loads of devices connected in my house which is very old - and has thick walls where some other WIFI hasn't always worked too well. So no complaints about the broadband.

But, I faced a few issues in the first 3 months whereby they never billed me correctly (using the "last 6 months" rate instead of the first 12). When I phoned them they were apologetic and credited my account. But it was the fact I had to keep telling them. Their customer service leaves a lot to be desired. Making calls - if you use their phone service on their basic fibre package - is incredibly expensive. To the point where it makes you think of the olden days of phoning abroad, or mobile to mobile 20+ years ago.

They've written to me once during the contract with a price increase - with no real justification - and a load of BS about "benefits" which are things you already got anyway.

So, as a product, it's great and I can see why people use it. But you do feel a bit shafted particularly in terms of the customer service and overall cost. I'm still debating whether or not to renew at the end of the 18 months, that's how "meh" I consider it overall.

9
0

MEEELLIONs of Brits stick with current broadband provider rather than risk no Netflix

andy 103

Stick to what works

I've got Virgin fibre and it was one of those "first 12 months is a damn sight cheaper than the last 6" on an 18 month contract.

I resent paying so much for it because on the few occasions I've phoned them the customer service has been appalling. For my use, a slower connection would not be too much of an issue.

But here lies the problem. If I switch to ADSL the monthly cost might be lower... but there will no doubt be fees here and there from Virgin, and certainly some downtime, and the question of reliability.

If someone works from home (I don't) and charges 50 quid per hour for their work, they'd only need to be offline a few hours before any potential savings went down the pan.

Sometimes sticking with what you've got, because it just works, is the most practical option - even if not the cheapest.

0
0

UK.gov tells freelance techies to slap 20 per cent on fees as IR35 tax hike looms

andy 103

Re: How to remain competetive

I'm talking about companies doing it in B2C situations. It happens. A lot of car garages and trades people have been doing it for a good few years.

1
0
andy 103

How to remain competetive

Simply do what all other companies these days seem to be doing and just quote your prices without VAT.

Then when you send them the invoice, just say, "oh yeah well you've got to pay VAT, that's just the rules, nothing we can do about it".

I once saw this done on a 20k development project. But you know, what's 4 grand between friends? They were fuming.

7
0

Stallman's Free Software Foundation says we need a free phone OS

andy 103

The problem with anything free and open...

The mindset of people who use free (in either sense) software simply goes against how real life actually works.

The mindset seems to be "if we built it, they will come" and seems to try and use value propositions which the vast majority of people neither care - or in some cases - are not even aware about. A good example of when people say their code is open for others to review and scrutinise... do you really think most end users give a shit? Hint: they don't.

The whole Linux vs Windows debates are a classic example of this. Why was Windows so successful? Because it was a commercial product which was being marketed by a company with boat loads of cash. The fact it cost money to buy and was seen as being backed by a professional company, that's a GOOD THING as far as the majority are usually concerned. You can go on about all the benefits of open source software, but at the end of the day, nobody really cares in the big, real world. Most people just want to get their stuff done - using the same software all their colleagues and friends use - without issue. And when there are issues, it's a paid product backed by a company, so surely they'll offer support (right?).

Even if these projects produced The Best Thing Ever(tm) they would never get off the ground - because nobody is there to push them forward and advertise them. And nobody really cares about things being "open to scrutinty" and all the other BS open source people come out with. They care within their own tinnie tiny little communities - but they are the 1% and do not appeal to the other 99. Until they fix that literally nobody in the big wide world will even notice these projects exist.

4
7

Fired Ofcom Remainer bod sues UK gov for withholding his payoff

andy 103

Don't mix your political views and your career

Including if you're a politician.

Enough said.

13
2

Dodgy Dutch developer built backdoors into thousands of sites

andy 103

Re: If a developer has access to a site's code, this is trivial

"But couldn't/shouldn't you hash it in JS using your algorithm of choice on the client side"

No. You should never rely on anything client side for security. Anything client side can be manipulated - or disabled (e.g. turn off javascript in a browser) - by the end user. Any security measures must be done server side.

Any type of "validation" you see being done in Javascript is purely for cosmetic purposes. If you disable js in your browser and submit a form that's only being validated with Javascript you can submit anything to the server - and if no checking is done there - the consequences can be severe.

0
0
andy 103

If a developer has access to a site's code, this is trivial

There are many people who are (incorrectly) suggesting that by using a platform such as Wordpress or Joomla there is somehow a greater risk of this sort of thing happening.

Absolute nonsense.

Both of those systems are written in PHP. If you have access to the source files for a website, you can easily capture (and log, or do whatever you want) with any form data that the user submits. All that's required here is for the rouge developer to add code to things like registration or login forms, and store it somewhere for use later on. All it requires is access to the POST data, which is trivial in any language.

And before some idiot suggests SSL or encryption - no, that doesn't make any difference here. When the form is submitted to the server all of the information entered is readable within the scripting language. Things like password hashing happen AFTER the data is posted to the server. So if you capture it before, it's readable, in plain text.

Basically if someone has access to the source files of a website where users are inputting information, they can do essentially anything with that data.

This is not specific to PHP and could be done in any server side language.

10
0

BBC surrenders 'linear' exclusivity to compete with binge-watch Netflix

andy 103

Content is king

There's all these articles about TV services - Netflix, iPlayer, Prime etc, and they all seem to focus on the delivery of content... but never the content itself.

Here's my issue with the BBC - they produce content which is, at best, mediocre.

Netflix don't really produce anything, but they buy decent content. And they're winning with it, up to this point.

A novel idea may be to get people together who have good ideas for shows/programmes, that are entertaining, and that people actually like. How do you know they like things which haven't yet been produced? Well, that's something else which the platform could seek to help out with.

The point being, the technology and delivery are really a moot point, if the content is crap.

It's like people going on about 4k TV's - totally useless unless you've got something good to put on that screen IMO.

3
11

3... 2...1... and 123-Reg hit by DDoSers. Again

andy 103

Your card details have expired? Good

Against my better judgment I registered a domain name through them about 6 months ago. About 8 - 9 years ago I'd have various horrible experiences with them but thought, surely - SURELY - they must have got their act together. The order process was horrible, and their own website looks like it was designed by a blind monkey.

So I registered the domain (which is "parked" as I haven't finished the web application for it yet) and for the last few months have been bombarded with emails about my card expiring at the end of the year and that I should update the details so they can auto-renew my services. Erm, when I ordered the domain, I chose to have it for a period of 1 year and paid for it in full. I have no intention of auto-renewing it, as I may indeed never use it (subject to what happens to the application). Of course they'll just pass this off as them being "helpful" but they just seem as annoying/bad as they were nearly a decade ago. Maybe a good sign I should never purchase anything through them again.

6
0

Busted Oracle finance cloud leaves Rutgers Uni unable to foot bills

andy 103
FAIL

Don't put all your eggs in one basket

No really, don't.

That's all.

1
0

Hate 'contact us' forms? This PHPmailer zero day will drop shell in sender

andy 103

Re: Am I just having a bad day

The article - and most of the comments - are not actually addressing where the exact issue lies. If you go to https://github.com/PHPMailer/PHPMailer and search for addReplyTo I believe the issue is using un-sanitised POST (or form) data there. Not sure exactly how it works but it looks as though you can pass a malicious string to it and then it does its dirty work.

But then of course why would anyone be passing un-sanitised user form input to *any* PHP function??

Please clarify if you know better because I - and I guess many others - use this.

1
0

Sysadmin told to spend 20+ hours changing user names, for no reason

andy 103

One persons point of view is more important than anothers

Ultimately all it comes down to is one person thinking their point of view is more important - and therefore overriding - anothers. Everyone wants their own way and will do what they feel necessary to justify that.

This happens in all aspects of life when you're a grown up.

Document the issues as you see them, then get on with your job. If a situation arsies where you're being blamed for someone elses fuck up then show them the dated documentation to show that you foresaw the issue(s) and warned them about them. Collect your pay check and get on with it. If it becomes terrible to the point you can handle it, consider moving jobs. But it would have to be pretty drastic (or you're in a low paid/crap job) for that to be a real option.

1
1

UK.gov was warned of smart meter debacle by Cabinet Office in 2012

andy 103

There's nothing good in this for consumers

So, a few months ago I got a letter about why I should have a smart meter installed.

There was absolutely nothing worthwhile about having one. Things like being able to monitor my energy online, save money etc. That's really nobodys business other than my own. I use the amount of energy I want, and pay for it, on time and in full. Nobody else needs to be concerned about that.

The only reason for installing them is so energy companies can:

1. Do away with meter reading staff.

2. Bill people immediately - no waiting for you to submit your meter reading etc. They have the data.

So far things were looking pretty shite. I don't need or want a meter, but they're going to be compulsory eventually, right? So I arranged for the installation.

The installation team couldn't fit it due to some problem "wi't fuse neutral" (or some other electrical mumbo jumbo that means f-all to end users).

They had to send a team out to do an investigation, before they could do some work, before they could do some other work to fit the sodding thing.

In the end I told them where to stick it. They aren't (at the time of writing) compulsory and these energy companies can stick them up their smart arses.

5
0

More than half of punters reckon they can't get superfast broadband

andy 103

Re: Copper cabling, crap service

"Some of us can also remember"

Yes, this was called the past. Times have moved on. And other countries have been using fibre for a bloody lot longer than us, with amazing results. See Sweden or Finland, for example.

5
1
andy 103

Copper cabling, crap service

The UK should have invested in fibre, years ago. There is an absolute ton of copper wiring that is simply the wrong material to do the job when it comes to super fast broadband. Fibre has always been the way to go.

The second thing is, this is only something I give a shit about if it affects me personally. At the moment I have fibre, and it's fast enough to the point where I don't even care about measuring the speed.

So 2 outcomes - the UK has relied on using a sub-standard product (copper cabling) and organisations (such as BT) whilst countries a few hundred miles from us were laughing 10 years ago with significantly faster networks. Not really a shocker, is it? Secondly, unless it affects you directly, does anyone care enough to "take action" over it? Thought not. So as usual, we'll put up with whatever crap we're given, and have a moan.

5
3

Vodafone rapped with RECORD £4.6m fine for failing customers

andy 103
Meh

They're all as bad as each other.

I remember in the late 90s when Vodafone were seen as the best - almost the de facto choice for any business users.

Fast forward 15 years and we're at a point where every provider is as bad as each other.

My "solution" - which is definitely a step backwards but works for me - was to take out a cheap EE contract a few years ago. It's now expired which means I could terminate it without being locked into months and months of payments. But it (just about) meets my needs and is cheap (about 12 quid a month). For me, the "winning" company is the one who I never have to speak to. With EE I've been lucky in that I haven't had to call their customer services at all this year, and that to me is really the selling point - that I don't have to interact with them. As I said, feels very backwards, but that's what I want.

I use WiFi wherever possible to conserve a relatively small data allowance and make full use of the call limit. I buy a new handset SIM-free whenever I want. Currently got a Lumia, which isn't great, but again does the job.

To me, a mobile service I'd consider worthwhile would be one which:

1. Doesn't lock you in to ridiculous length contracts (anything over 12 months = piss off).

2. I never have to speak to your customer service team (because there should never be any problems which warrants this).

3. Costs a sensible price, e.g. 20 - 30 quid a month, with a relatively decent handset.

That's it. Is it really that hard???

The bottom line is that there is no real alternative or competition since all of the major players are as bad as each other.

Being a mobile user in the UK, is pretty depressing at the moment! No innovation, no competition, crap service.

Rant over.

PS - This fine Vodafone have recieved is about the equivalent of 10 pence for you or I. Absolute joke.

2
0

Dirty COW explained: Get a moooo-ve on and patch Linux root hole

andy 103

But I thought Linux was the height of security

*laughs*

Yeah, clearly.

And with Linus swearing about people writing crappy code, then this happens... Oh the irony.

3
4

Smell burning? Samsung’s 'Death Note 7' could still cause a contagion

andy 103

How to damage a brand in one easy step

It's hard to quantify how much damage this will do to Samsung.

The bottom line is this - nobody should be scared of their mobile phone/tablet exploding or catching fire. Given the proximity in which we use these things (and possibly charge them next to our heads whilst asleep), that's just a totally unacceptable position.

It doesn't matter what they try and blame it on. At the end of the day, it's a product with their name on it. It's not a budget/cheapo device and has come from a manufacturer that has tried to sell itself on the quality of it's hardware.

It'll be interesting to see what the results from this actually are, but my suspicion is that they've raced too fast to try and bring something out and checks have slipped through the net that might have presented this. If that does turn out to be the case then I'm looking forward to seeing them lose lots of business. Sky News reported they've lost $10 billion off their stock valuation already, so they'd better give an explanation soon.

4
0

The Great British domain name rip-off: Overcharged .uk customers help pay for cheaper .vodka

andy 103

Overhaul the entire domain purchase/renewal system

The whole business of domain ownership and registration needs a massive overhaul.

One thing that really needs addressing is domain squatting - i.e. registering domains you have no use for, in order to try and sell them to the highest bidder. In my view you shouldn't be allowed to register domains and then just sit on them. It should be a first come, first served basis. If you own a domain name, you should either be using it, or not have it - simple.

So what if you want to register a domain for your new product/service that you just haven't quite got round to finishing yet? Well, tough. If you haven't got said product/service ready, why should you be allowed to hold a domain from someone who might?

Same goes with renewals and domain hijacking. If it's up for renewal, there should be a system (with redundancy) which reminds owners well in advance. If they don't re-register them, go back to step 1...first come, first served.

You also shouldn't be seeing massive profits from any regulator involved in this, since it is inherently an "at cost" type of venture, unless something dodgy is going on.

1
3

Smelly toilets, smokers and the Kardashians. Virgin Media staff grill top brass

andy 103

Virgin = Sheer incompetence

I use Virgin fibre. The "product" (i.e. fibre internet access) is great, but their customer service is crap. Overall I dislike them.

Here are just a few examples of where they've annoyed me less than 12 months into using their service:

1. Gave me one of those deals where the first 12 months are cheaper than the last 6 (18 month contract). Fine. But then they screw up the billing every month and are charging me at the higher rate, i.e. the last 6 months rate. So I have to phone them up - every month - and get some weird (dodgy) adjustments made to retrospectively correct my bill.

2. The service went down (to be fair, the first and only time in 10 months). I checked the support site on 4g and it said there was a local issue. 2 days later not fixed. So I phoned them up and all they did was read out what was on the support site with no further details.

3. The calls are fecking expensive, if you've got a landline and don't use one of their "bundles". Like -"phoning Australia in the 1970s" - kind of expensive.

4. They sent a letter about a random price increase. There was no justification given in the letter as to why. Instead they put 6 bullet points OF THINGS I ALREADY HAD before the price went up.

Their product is ok. But their customer service and pricing structure needs a serious re-think.

0
0

British unis mull offshore EU campuses in post-Brexit vote panic

andy 103

Degrees are worth less now everyone has one

More people with degrees = less value of a degree.

I graduated from a top 10 UK university in the mid 2000's and as far as I'm concerned that was about the last time that a degree had any kind of meaning.

Everywhere I've worked since has been full of other people with degrees to the point where it wasn't seen as anything special if you had one. Conversley, if you didn't have one, well most I.T. companies only care if you can get the job done on time and within budget anyway, so why would a degree matter?

If I was 10 years younger there's no way I'd entertain doing a degree now. As a software developer, I'd focus on learning and improving my skillset (development tools, languages, testing procedures, etc) and go to the highest bidder. If a degree costs 50k, it's going to take quite a while for that to be repaid, especially given you could be on the same - or potentially higher earnings - without one.

Incidentally, if you have time and inclination to learn another (spoken) language, I'd say you could progress faster than someone with a degree with isn't mutli-lingual.

Global I.T. relies on people being able to speak multiple languages (I've witnessed several very highly paid technology translators who do just that in my career so far). The notion that it's "all in English" is only partly true; being able to speak someone elses language is not a bad thing.

Just my opinion, but the times have changed.

9
0

Naughty Zuck: Facebook fudged its video ad numbers

andy 103

We recently discovered an error in the way we've valued our entire business to the outside world.

We recently discovered an error in the way we've valued our entire business to the outside world.

It's actually worth next to nothing - since we have no real assets other than some hardware.

The only value is in our ability to reach people, i.e. as an advertising network. And since we clearly inflate the stats on the number of people using the site (which is dropping by the way), the advertising value is starting to dwindle.

--

Classic example of a tech company who is using the "perceived value" approach to justify any investment.

See also: The Lad Bible, and other such companies run by spotty twattish little oiks

23
1

Forgive me, father, for I have used an ad-blocker on news websites...

andy 103

Re: stop being annoying

Exactly. I'd feel far more guilty if I was one of the morons who worked in actually producing the ads and putting them on otherwise useful websites in the first place!

(As I write this, there is an ad to my right. Thanks, El Reg).

14
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017