* Posts by malfeasance

43 posts • joined 1 Sep 2009

Female-free speaker list causes PHP show to collapse when diversity-oriented devs jump ship

malfeasance

Isn't this just the market deciding?

I have no idea how good PHP.CE was/is as a conference; but they've organised speakers; and some of those speakers have pulled out.

As a result of those speakers pulling out, ticket sales dried up (which obviously tells us something); and it's no longer viable as an entity.

Thus the market hath spoken... (and the market might be wrong, but it hath spoken).

Bordeaux-no! Wine guzzling at UK.gov events rises 20%

malfeasance

Re: Canada?

Yes, Ice Wine. Might not be your bag if you don't like dessert wine, but it's a wine; some think it's fine.

Perfect timing for a two-bank TITSUP: Totally Inexcusable They've Stuffed Up Payday

malfeasance

The last friday of the month

Is generally payday; so yeah, this is aggravating on a lot of levels for a lot of people

Now, I am not trying to defend HSBC; but isn't this the "first" that HSBC mobile/web banking has gone away for an extended amount of time, which if you regard the time difference between the twitter post 0749 and the first PR response 0830; let's give it at least a couple of hours before PR spin is actually true; then a reasonable expectation is that by 1100 we're in a vaguely working state That isn't awful...

I know that collectively we are impatient and we want to know what we want to know right now; but it's a bit like the "looking at the finger pointing at the moon".

I have accounts with most of the high street operators; HSBC isn't the even close to the most unreliable of them; mind you, I am not of the ilk that wants to manage all my accounts on my phone whenever the whim takes me (seriously, why have the temptation to make a payment when you're down the boozer setting sail for shores unknown). Set a IFTTT to remind you to pay the man, when you walk within 50metres of your house...

Linux kernel's 'seat warmer' drops 4.19-rc5 with – wow – little drama

malfeasance

The road to hell...

is paved with good intentions is probably the epithet that springs to mind; or if we can go straight for a godwin-esque reference, that poem by that pastor niemuller?

The western world is quite male, pale and stale (I only fit 2 of that criteria); and from a purely objective and rational standpoint, what some of the code-of-conduct stuffs tries to do is quite worthy. But then as soon as people get involved it gets into a right old mess of prejudice and bias and we end up giving airtime/attention to the loudest shoutiest peopl.

If the GPLv2 developer consent killswitch does apply; then surely the answer is to fork RC4 *right now* (however that needs to be done); and then you have a copy that you're free to have "people who are now persona-non-grata" contribute to it. You can probably even merge the mainline kernel yourself w/o too much trouble[1].

[1] - If you can't then should you even be worrying about the CoC; there's not an awful lot you can do. You'll just have to trust that the kernel remains "good enough" even with the thought police on every corner.

Extract, transform, load? More like extremely tough to load, amirite?

malfeasance

Re: Eh?

Sure, but the software provided by one of the data integration vendors could work in both an ETL way, and an app integration way. You're then using the same piece of software to achieve 2 very different end-goals with presumably some level of improved supportability/providing more business value. If that's good enough; then excellent. If not, then that's fine too.

Saying that ETL/App integration are instrisnically a different class of problem to each other doesn't seem right, but then I'm just a programmer.

malfeasance

Re: Eh?

I think the point that Trevor is making that whether it's ETL, or API integration, it's just data integration (though I liked the repurposing of the EDI acronym).

You configure Jira to push its updates to a URL, the listener on that URL takes the Jira JSON data and turns it into a MS Teams MessageCard, and posts it to one or more MS Teams endpoint; what is happening behind the scenes, an extract, a transform, and a load. In this case sure, the extract is a push, but it's not beyond the wit of man to change that listening so that it polls a URL on a schedule etc. etc.

Apple, if you want to win in education, look at what sucks about iPads

malfeasance

@Ralph76 - Surface Pro is a domain aware tablet...

Erm, it's called a surface pro; it is exactly what you asked for, a domain aware tablet with a keyboard... It's just very pricey and thus not an option for the state system sadly.

The school (It's an fee-paying school, goes from 5-18; Surface Pro use starts at Yr 5 (~9/10) my daughter goes to has mandated surface pros; along with the whole Office 365 buy-in. Having seen how they're using OneNote and all of that to distribute homework it is a big step forward in terms of managing that aspect of schoolwork.

They use the stylus to annotate the notes / material, and to do the homework; homework is auto-synced, and just "done". The STEM subjects all use the technology quite well I think. The artsy subjects not so much but submission for homework can always be electronic at least.

Installed Python for CS - I did ask the CS teacher if we could just use the ubuntu WSL but she specifically wanted Python 3.6 (I know I can get it on the ubuntu WSL, but there is probably no point being that annoying for the sake of it).

I have issues with how the IT guys have set it up (badly); but overall the decision on surfaces is a darn sight better than the previously announced (but never followed through) mandate to use ipads. The expected lifetime of the surface pro is ~4 yrs.

Stack Overflow + Salary Calculator = your worth

malfeasance

Unrealistic. Of course.

What are your motivations for doing Dev. If it's money then I would venture to suggest youre in the wrong job.

If it's to work on interesting problems with the people who think like you and make it fun. Then rock on youre in my team (My corporate will burn you but I still want to work with you).

Five ways Apple can fix the iPhone, but won't

malfeasance

iOS

How about stopping apps/javascript from pausing/muting the music / podcasts app.

Commuting and listening to some 'weird shit jazz'; happen to goto the guardian home page. Oh look the tunes are paused cos you have some shitty video you might want to play.

At least a pop-up to say. You know what, this website has media. Yes/no? Searched thru safari settings and nothing obvious.

Continuous integration platforms are broken – here's what needs fixing

malfeasance

CI is just software development in disguise

CI accrues technical debt just like any software development exercise; you made a choice to do things one way, it turns out less optimal than you wanted, so you either gaffer tape it or you rewrite...

We have a situation where we're building our application + modules as rpms; base.rpm + opt-a.rpm + opt-b.rpm and so on. So you can just install all the stuffs with our custom yum repos via puppet etc.

It's working quite well with their initial use case; and it's a hell of a lot better than what they had before (i.e. no CI at all)...

However, what the CI people haven't quite grasped is that opt-a.rpm might have conflicting dependencies with opt-b.rpm; it's entirely possible that if we need to install base + opt-a + opt-b, it might not work because we're in still in package dependency hell (and thus was it ever like this, with DLLs, jar files etc).

The pragmatist in me wanted the CI to happen, what we have is better than what went before; but now they have got their toes wet, we all need to revisit the solution and sort out the technical debt.

Fat chance of that and so the story goes on...

Anti-TV Licensing petition gets May date for Parliament debate

malfeasance

For the public good

The question is really : is a public broadcaster like the BBC considered a public good. If it is then we should pay for it. Much like we pay for schools, the NHS etc. Plenty of people have no kids and still pay for schools because they know it serves a greater good.

Do I think that the BBC is worth paying for absolutely yes. The Aussie state broadcaster is fucking awful as is the Irish one.

What do I get from something like 'In our time'. Nothing; but something like it needs to exist.

Two words, Mozilla: SPEED! NOW! Quit fiddling and get serious

malfeasance

Re: Firefox unloved by mozilla

@Dan55,

Printing - when everything else can do it, and FF can't; rightly or wrongly; I'm going to blame FF. Life is too short to try and investigate that kind of misbehaviour, I'll just use another browser, login to a.n. site, and print my order conf.

Proxy networking : If I lock things down so that nothing is allowed to make 80/443 connections bar the proxy, FF *cannot browse the web*. Edge can, as can Chrome (as this also has use system-proxy settings checked).

I have to physically check the "auto-detect proxy settings for this network"; at which point it goes through the wpad resolution chain - I can see this from the DNS logs...

The configuration of my dhcpd instance appears correct; after all everything else works correctly; it's just FF.

malfeasance

Firefox unloved by mozilla

Firefox is still my main browser out of habit rather than anything else if I'm being honest. I swap between all three browsers (edge/chrome/ff) depending on what I'm doing.

I'd agree with others that firefox is unloved by mozilla. The two most common gotchas that I'm hitting constantly are :

1) FF cannot print on Windows 10 x64 pro. Chrome can, Edge can. That's all 3 printers that I have configured, 'a real printer', 'MS print to PDF', 'MS print to OneNote'. Just WTF!

2) FF cannot use "system proxy settings" : I have a proxy that is defined by the dhcp server using the wpad directive. Does FF use it ? nooo, I have to switch to "auto-discover proxy" or some shit which is just plain daft when everything else manages to find "http://proxy.malfeasance.towers/proxy.pac" correctly.

Admittedly all the mobile devices suck with proxy detection; windows phones just "work" surprisingly without any wifi network settings modifications.

New PayPal T&Cs prevents sellers trash-talking PayPal

malfeasance

Re: Ummmm...

The Mrs suggests go cardless or stripe as your payment processor. Anything is better than the foetid pile of ordure that is PayPal

Android Wear: The bloatware that turned into gloatware

malfeasance

Vector smartwatch

Fitbit bought vector in Jan sadly. These guys would have been your new smartwatch provider. 30 day battery at least. Notifications. Music. Activity tracker of sorts.

Nice looking timepiece; as in looks like a watch not some plastic tat.

Even windows mobile compatible for the 10 people still with lumias.

'F*cking crap' aside, Linus Torvalds says Linux 4.9 is coming along nicely

malfeasance

overlayfs

Isn't that primarily the Docker union FS thing?

Which given Docker's exemplary support for backwards compatibility; I'm not entirely surprised that Linus has gone off on one.

Microsoft Surface Book: Shiny slab with a Rottweiler grip on itself

malfeasance

Re: The Dance while you wait to get permission to remove a drive/device

Hey,

I suspect you have some kind of indexing / search turned on for your USB drives; so windows probably isn't wrong, just you have no idea what is using the drive.

My boss gets this whenever he doesn't turn off spotlight (mac) for USB keys; he's made a few of mine "not well" even though he says he always clicks the eject button.

Kaspersky says air-gap industrial systems: why not baby monitors, too?

malfeasance

Re: Connection nagging

Happens all the time. I have "mobile data" turned off for all non-essential apps on my iPhone (it's enabled for the web-browser, mail and probably the Maps app).

So, if I'm not connected to WIFI then often this kind of thing happens :

1) Start the music app (the built in apple one; nothing fancy).

2) A big notification that you have to OK / CANCEL : Mobile data is not enabled for this application (you can't use the app until you dismiss the notification)

3) Spot of name calling as to why a fucking music app needs access to the intertubes (yes I know it's to encourage me to buy tunes from the store; who in their right mind would do that over 3G ???).

Microsoft's Surface 3 is sweet – but I wouldn't tickle my nads with it

malfeasance

Re: Why Why I always asked myself for Surface

I have a surface 3 pro; and while I don't love it, it is a tool I use most days (I'm a dev by trade). I probably could have bought a surface 3 given my use-case.

1) It's lighter than my laptop (so going to visit customers is generally easier).

2) It is a duplicate of my laptop when it comes to source code / git / mercurial etc. My whole build environment is available.

3) It works adequately on my lap (in front of the TV style; if I need to do work, then yes, I'm the type that goes and sits at a desk). The type cover is pretty good to type on.

4) Wireless Display Adapter (though this isn't necessarily limited to having to use a Surface) for presentations...

5) The pen is excellent for taking notes, and (if you have trained it) then converting handwriting into text.

6) "Signing PDF NDA" without having to print the damn thing (yeah, this is a marginal use case).

7) While not exactly cheap; it's comparable to the price of a decent ultrabook (I spec'd out a 8gb/256SSD at the time)

The furore over the Win7 interface vs Windows 8 does bemuse me; The difference between the interface has never bothered me; I find the start menu navigate to "programs" the slowest way to start a program; I've used launchy since ~2011 so I just use that, I haven't touched a start button since then. Metro has it's uses as well; though I tend to end up on the desktop because cygwin / putty.

Brute force box lets researchers, Cops, pop iDevice locks

malfeasance

@Phildude Re: So just switch to a strong password that's just numbers?

iOS devices only mentioned. But if we were to consider Android; if I enable "a passphrase" and I only use a numeric password; what does it present you with. If it's a full keyboard, then in this regard, iOS has it "correct for my usage model" (got fat fingers see, and a numeric keypad is better for that...).

Also, the article mentions that the brute force flaw bypasses the rate limiting and wipe device settings; I have my iPhone set to "wipe" after 10 attempts... By the time I got to the 7th or 8th failed attempt I was waiting ~2hrs for the next attempt (I tested this myself); so the back off delay you mention is already there and has been bypassed through use of this flaw.

malfeasance

So just switch to a strong password that's just numbers?

I've never understood why people go for a simple "PIN" unlock when it's just easy to have a strong password that's just numbers.

You still get a number pad; but there's no restriction on length. It's just as easy to use as the PIN unlock.

It can still be 4 characters if you want (but the 17hour brute force means you should reconsider that).

The BBC wants to slap a TAX on EVERYONE in BLIGHTY

malfeasance

Everyone in the UK consumes BBC output.

Everyone partakes of BBC output; those of you that say "i'll just watch it on catchup/another channel" are missing the point; if we didn't pay for the BBC, then in all likelihood that program would never have been commissioned. In some respects, the BBC license fee is worth it just for the David Attenborough stuff, or perhaps In Our Time.

By having a stable income stream, the BBC should be able to take risks and make TV might be worth watching and serve a public good. Yes, I wish that they wouldn't put so much stuff I don't like like Eastenders, Strictly and all that other tired nonsense; we can argue that it isn't taking risks and creating worthwhile TV, but that would be to conflate 2 separate arguments.

If you go down the road of "I don't use it, so I don't want to pay for it", then you'll end up with the situation where a 22-50yr old doesn't have to pay for the NHS (because they're very unlikely to use it); ditto the childless with the NHS / Education and all that other stuff that we all know we should contribute to; and besides have you seen the crap that's on ABC (aussie)...

Think of it like the James Webb Space Telescope; it's been in "development" for about 20 years now, and isn't going to get launched for another 3-5... If NASA didn't have a steady income it would never have been able to plan and execute on a 25 year schedule.

UPGRADE your CHILDREN with KANO: All you need in one box

malfeasance

Re: I thought this was going to come with

Also kickstarter; with a t-shirt. It is self assembly, in the sense that my 6 year old snapped together all the parts; lego style.

When we opened the box, I had to tell her how to hold the mobo, and how to plug in all the bits (picture instructions in the book). It was all her though.

The OS that's shipped auto-boots into a desktop that is geared towards the young'uns, you get pong (http://pong.kano.me), snake, a minecraft learning game (this appeared to cause a reboot on our PI, suspect overheating), and a couple of other bits and bobs that we haven't got round to.

It's a bit overwhelming plugged into our living room TV, so I may have to plug it into one of the spare monitors (this is just a distance from screen/size of text thing).

Scottish independence debate: STV player flops under weight of viewers

malfeasance

Re: Std Dirty tricks by tory boys of the westminster clan

Right... If in doubt suspect a conspiracy. Isn't it always the case that for these new-fangled-debate things each of the broadcasters gets a bite of the cherry? Last night was ITV (STV as the franchise owner), in a couple of weeks BBC will have a go.

Given that the current bunch of numpties can't do anything very well; a conspiracy wouldn't be my first choice.

If you're a so-called cybernat, then do kindly go away.

Top Ten 802.11ac routers: Time for a Wi-Fi makeover?

malfeasance

ADSL, VDSL built in / requires modem

More info required; it's all well and good you're testing the wireless speeds, but surely one of the other considerations is if the model is an ADSL / VDSL / Requires a cable/vdsl modem.

Hard to tell without going to each and every manufacturer page, (fritzbox, buffalo, tp-link excepted).

Perhaps just a quick comparison table at the end rather than showing us the somewhat pointless "user-interface" screenshots.

Personally I don't care much about the snazziness of the UI, but maybe I'd like to know know if I can have more than 1 wireless LAN with different network settings hosted on the same unit.

ARG! A GHOST SHIP! Pirates sunk by UK cops return from watery grave

malfeasance

Pointless DNS removal

We all know that there are are other torrentz TLDs; why did they even bother?

Try the switzerland or the montenegro tld; both work instead of the .eu TLD

Yeah, I know it's largely a rhetorical question, they must be seen to do something, anything, to appease their copyright masters.

Good news: 'password' is no longer the #1 sesame opener, now it's '123456'

malfeasance

echo -n $1 | md5sum | xxd -r -p | base64 | cut -c1-10

Choose a celebrity that's died recently, a song lyric, favourite poem. Done.

For non-important websites (like this one), forums, twitter, whatnot. My password is a dictionary word, with this applied. Easy to remember; I don't check websites unless I'm on a trusted machine...

Rotten hackers feast on mouldy Java flaws

malfeasance

Java isn't secure, but then nothing ever is.

Let's be honest now, the only vulnerable system with java installed is one that has the public JRE runtime (which I think will install the browser plugin) installed.

I have java installed (after all i am a java developer); and with *just the JDK* installed, and no browser plugins, there isn't an attack vector other than programs that I explicitly download and run (there will be no getting around my stupidity).

So the question isn't that java is "insecure"; it is, but then so's every complex computer program that's even been written; the problem is the *shit* that Oracle chooses to bundle with it and how Oracle chooses to deal with that...

Bill Gates offends Koreans after sticking hand down trousers

malfeasance

Re: Quite

Hmm, it's not really that apparent you know, cultural and social norms will have an impact on how the language is used.

If you want to take a transaction in a coffee shop as an example, all the Americans that I know and socialise with would say something like "Coffee thanks", whereas the Brits would say "Coffee please"; in cantonese I would say: "Coffee, thank you".

So, it may seem to a Brit, the yank isn't being polite, but he is, he just doesn't use the word please; nor do the cantonese (I've personally never used "please" when I speak cantonese, I'm not even sure there is a word that fits that concept).

From the point of view of transactional efficiency, it's actually far more efficient for you to say thank-you beforehand, rather than to say please, and then waste time saying thank-you afterwards...

Streetfighter 2: The World Warrior

malfeasance

Street fighter ordinary?

I remember the original street fighter at the arcade just on the edge of Chinatown (London). There were two pressure sensitive pads for punch and kick respectively... Depending on how hard you hit the pad affected which move was triggered. Fun times.

I suspect that after (not too long, I remember it being there for about 3 months) a while it got damaged enough that they made the 6 button version because it was cheaper to maintain.

Still, Ken for the win. It was downloadable on the xbox360 a while ago it does bring back the memories.

Salman Rushdie hissy-fit forces Facebook name U-turn

malfeasance

Why the fatwa

The I'm a member of the worlds smallest minority group. It's been a while since I read it but IIRC the section that resulted in the fatwa was a dream sequence-esque thing whereby the prophet Mohammed was imagined to be human and to have human foibles.

That was pretty much it. It was about 1/2 way through.

Facebook doesn't allow you to compartmentalise your social relationships so I have to have more than 1 account. One for me and another for my evil twin skippy.

Gas bill climbed £13,000 after correct online reading given

malfeasance

Meter Readings

Yeah, I get an email through the webs (from Scottish Power) saying it's time for me to give my electricity meter readings...

So as per my built-in priority system; this was shunted off to long term storage and ignored.

Then about a month later, I get a phone call on my home phone (I was in a the time) by an auto-dialler asking for a meter reading. Funny thing was, the automated system just put me through to customer services which then couldn't work out that I'd been forwarded their by their own auto-dialler.

Don't bother with that degree, say IT pros

malfeasance

Hiring Developers

I've been in the (un)lucky position of hiring a few developers in my time; I was a drop-out (still am as I suppose I never graduated) so I don't bitch and moan at HR to only give me degree holding candidates.

This is a Java shop, and Java certified programmers are 10 a penny so I have a programming test that they can download and take away, based on that I ask back for 2nd interviews. It's wholly unstructured; it will take about 1/2 a day. It's not even that hard; I could google or bing all the "programmatic answers" in about an hour.

What they send back can tell you a lot of things the applicant; you just have to find your system that lets you make the best decision.

Degrees vs No-Degree isn't just about whether or not having that piece of paper improves your job prospects (it might do, but *only at the start of your career* IMO). Even though I dropped out, attending university gave me the "best years of my life"; I've made good friends and contacts, but I probably shouldn't have gone when I did at 18.

Top-secret US lab infiltrated by spear phishers – again

malfeasance

Blame is only partly ms

Stupid is as stupid does. The problem here is probably one of user education. There are always going to vulnerabilities insoftware. Blaming ms makes us feel better doesn't it but it isn't helpful; Perhaps these researchers need windows to do their job? Some archaic nuclear fission modelling software that still only runs with a particular version of visual c++.

The vuln was made public in pwn2own. The booby trap was injected into the system on April 7 a week before patch tuesday. Pretty hard-core don't you think?

Gawker rooted by anonymous hackers

malfeasance

MD5 Hash

MD5 has a flaw in the design. It's broken you shouldn't be using it.

So, if you're going to bang on about security, do your research. Any site that proclaims its use of MD5 as the hashing algorithm may as well have used crypt().

We aren't having the final round of SHA-3 just for fun you know.

Amazon Kindle 3 e-book reader

malfeasance
Thumb Up

DRM / ePub

Of course, ePub is used quite widely by those libraries that support ebooks, which has DRM to delete the file after the lending period is up. This isn't mentioned in the review as a downside of the Kindle, as you can't borrow from your local library.

but of course DRM being DRM it is already..., let's just say I suggest you goto the i (heart) cabbages blog.

Calibre is a good shout for the ePub conversion; it does make a number of assumptions I don't like, but it's not a deal-breaker.

I have the Wifi version delivered last Friday. I have issues with PDF rendering, but then the PDFs that I'm reading aren't rendered by any e-reader particularly well; the only device I've seen it render well on is the iPad and I'm not about to stump up that kind of money.

Ten Essential... iPhone Accessories

malfeasance

£25 for a stand for a phone?

Indeed. Cable conduit? surely you can build one out of a business card. Works perfectly acceptably with an iphone w/o any case.

(yeah, and I always have a business card + a knife of some description).

http://www.instructables.com/id/Simple-business-card-iPhone--iPod-stand/

Most resistance to 'Aurora' hack attacks futile, says report

malfeasance

Linux shops

Well, linux based shops would be affected if the malware is customised for your company; it's pretty irrelevant what the platform is.

They've spent the time to target your company, you're connected to the internet; you're vulnerable.

It doesn't matter if you run as a privileged user or not; the problem, as they say, exists between chair and keyboard.

Industry groups leap to Chip and PIN's defence

malfeasance

4 digit PIN is just rubbish

How many of us use a 4 digit PIN?

Now, how many of us can't change our PIN to anything longer than 4 digits because the bank's ATMs/back-end systems/whatnot don't allow it

This attack is amusing, and yet appears non-trivial to implement. What is trivial to implement (as AC posted previously) is to shoulder surf and to lighten the victims wallet.

So, how about giving us the option of a PIN of any arbitary length; those of you who can't remember more than 4 digits can carry on using a 4 digit PIN, those of us that can use planck's constant.

Anti-filesharing laws revive crypto fears for spooks

malfeasance

Mmmm VPN

Until Sweden passed the Predator? law, relakks, though not especially reliable, was good for these sorts of things.

Now, who knows of a country whereby your IP address is not disclosed unless there's a prison sentence at the end of it; and there are ISP's offering you VPN tunnels to the internet...

If you are concerned about this sort of thing you should already be using them. The going rate is about 50 euros a year. It's like buying contents insursance isn't it.

Samsung N110

malfeasance
Go

Know what you want to use it for; then make your decision!

I bought one of these when they were first released from dixons online (of all places, it was the only place I could find it). I think it's worth the extra coin. I use it for taking to customer sites, and being productive w/o having to lug the backbreaker around.

The trackpad (for me) is much better than the NC10 (which may no longer be the case, given the re-issues of the NC10).

The battery life can't be faulted; full day of work*; it went from about 80% charge to 30%.

Performance is good enough (comparatively) for a spot of fly-by-night seat-of-your-pants hotfixes; java compilation was only 2-3x the time on the laptop.

Personally, I've never liked glossy screens, but they do seem to be all the rage, I haven't been bothered by the gloss or not; my matte laptop isn't necessarily better in bright light, it's just different.

*work in this instance was note taking during meetings; demo's using the external VGA, putty ssh/sftp, cygwin (ant +javac).

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2019