Don't pressure them - they need time to make up something that sounds plausible.
3411 posts • joined 26 Nov 2009
Awkward... Revealed Facebook emails show plans for data slurping, selling access to addicts' info, crafty PR spinning
FYI: NASA has sent a snatch-and-grab spacecraft to an asteroid to seize some rock and send it back to Earth
Re: Giant wombats in space?
"I'm worried - it looks like a Borg cube."
Perhaps it's the one from the documentary "Star Trek - First Contact" but the documentary makers got it wrong. They had it as a sphere, when it was really a normal cube. When the Borg cube actually travelled back in time, it went a bit too far, right back to the formation of the solar system, and as a result of waiting around since then it has accreted so much matter that it now looks like an oddly cuboid asteroid. The plan might be for the Borg to arouse when they receive any indication that we are about to achieve warp capability, shed the matter, and carry on as per the documentary.
In order to ascertain if this is so, we need to study other asteroids more closely and see if we can identify one that vaguely resembles NCC1701-E.
Re: Careful with that TAGSAM Eugene
Especially if we bring back something we shouldn't, and the Bennuans* want it back. Or they might just send a battle fleet, instead of risking their entire world.
* Who, judging by the size of Bennu, are probably very, very small. After what to them might seem like thousands of years tearing across the empty wastes of space, they'd finally dive screaming onto Earth - and due to their terrible miscalculation of scale, all we'd need to defend ourselves is a small dog.**
** With apologies to Douglas Adams for rewriting that to fit the set up.
Re: Can't we just use...
I'm sure there must be a way we can use sharks with frikin' lasers.
According to the quoted email, that's what she described it as - she described a perceived threat to get rid of her if she didn't take it as blackmail.
"Simon Mayall stated that he "couldn't have me escalating issues to you", and if I didn't take the £10k offer then I would be managed [presumably out] via my sick records.
Is that not bribery to keep my mouth shut and blackmail to take the offer?"
The two things seem to have become confuzzled by the time it reached the court, AFAICS.
Re: Grimes against humanity
I've never heard of Grimes before - and TBH I quite liked it on first listen.
[still from] "DeepEye promotional Video Click to enlarge"
Are you sure that's not a still from the opening titles of Person of Interest?
As for getting the all-important security code for internet banking, the spokesperson told us that "customers can opt to login with their memorable word and password". How delightfully retro.
Memorable word and password? Surely they mean memorable word and second factor security device? They got rid of the password yonks ago, didn't they? And then, IIRC, they suggested people get rid of the security device and use the app instead - but I'm still using the security device. (I guess I'll lose that option when the battery dies).
Was there a change between that I've blissfully ignored?
It has not been a great few months for HSBC. An outage at the end of September presented users with errors on their smartphones. Still, at least customers can pop into a local branch if needs be, right? Oh, wait. Never mind.
It's worse than that - I'm pretty sure I saw comments on their Twitter feed a week or two back (i.e. a bit more recently than the end of September) to the effect that there were problems with both online banking and the app.
Working backwards, then...
2018-11-23: The tweet in the article appears to be missing.
2018-11-18: Reported mobile problems at 4:53pm, saying they were fixed at 6:56pm.
2018-11-16: Reported mobile problems at 6:58pm, saying they were fixed at 11:34pm.
2018-11-06: Online problems reported at 11:10pm, and fixed by 12:34am.
2018-10-27: Online problems reported at 1:24pm, reported fixed at 5:14pm.
2018-10-16: Reported online problems at 11:25am, and that they were solved at 6:13pm.
2018-10-08: 9:49pm - mobile problems. Fixed as at 11:20pm.
2018-09-28: Mobile problems reported 8:30am, fixed by 12:05pm. I guess that one is the end of September one referred to. Glancing back further, the next one working backwards is this one:
2018-08-29: Online and mobile problems reported at 9:25pm, and said they were fixed at 9:38pm.
After that the next one I can see is all the way back on May 26th.
So over the last month and a half the problems look worryingly frequent.
"As I understand it (from a brief conversation with my accountant) you are having to submit a lot more than boxes 1-9. He said all transactions involving a VAT element will need submission so presumably they can match the claimed refunds for one business against the sales for the other."
I suspect that was sort of what they were originally thinking - and when it was still at the planning stages some time back, I read stuff (on HMRC's site, I think) that suggested that during the submission process, the server could request more background data from the submission client. i.e. they could interrogate your software for the full data.
However, even that's been scaled right back - to the extent some people have told me I was imagining it; I'm sure I wasn't. If you look at the API (I've linked to it in comments on El Reg before, and someone else has done so further upthread) it does indicate only the main VAT return boxes.
There is supposedly a requirement that the figures be built up digitally (because that was supposed to be the point) - but AFAICS you could still keep manual records, and just key the VAT return figures into something that will then submit them, and they would be none the wiser at this stage*. It's all a big exercise in wasting lots of money.
* Things might change in future, of course.
Not necessarily. You can still buy Sage on a perpetual licence, and if you want to make MTD submissions directly from the software you'll just have to subscribe to the MTD module. Still an annoying cost, but nowhere near £850/annum.
And if you do go down the route of updating Sage and using it to submit, try SJ Software as a supplier instead of Sage. They're cheaper. :)
Re: Sage are pushing customers
"Sage have always been aggressive with marketing, but they have pushed the boat out for subscriptions and tried to use making tax digital to force everyone into some sort of subscription."
Exactly what I've been saying all along. I would jump ship (I already use VT for some clients), but the problem is, I've found no software that is as good as Sage for those whose accounts I keep in it. If I have to upgrade from my five year old version for something, I will - and I'll be looking at non-subscription options - but if I can avoid doing so I'll stick with what I have for as long as I can.
"Those who held out against the sales pressure may reap the rewards because there are now multiple companies offering bridges to submit VAT returns."
Indeed - both the sales pressure and FUD whereby some cloud-first companies were at one point trying to make people believe that making tax digital means you need to use cloud software.
An ex-client called me a dinosaur for my position on stuff like this. I think we therefore need a dinosaur icon!
Re: Windows Mail gets worse and worse
"And MS will promote that as a feature to keep you safe from spam."
Well, spam other than their adverts, anyway.
Thank $deity that week's over. Look, here's some trippy music generated from pixels of a Martian sunrise to play us out
"I like it, when are they releasing the album?"
Early 1980s, IIRC.
By which I mean it sounds like it would fit nicely in amongst some of the tracks on Brian Eno's Apollo Atmospheres and Soundtracks album. At least, based on my recollection of it - I haven't listened to it in many years, but I think some of the tracks had that sort of sound to them.
Obviously, that was Moon/Apollo inspired rather than Mars/Opportunity derived (!), but still!
"Antiquarian Booksellers: almost as badass as Librarians."
I know you say that as a joke, but there's this documentary about librarians that I haven't seen yet, but does make it sound like there may be something in the idea that Librarians are indeed a bit bad-ass.
Payroll does change every year, yes - but I was talking about VAT, which doesn't.
To illustrate how much it doesn't, as I said I've been using Sage 50 Accounts Plus 2013 since it came out - which was probably in 2012 - and using it to submit VAT returns. It was only at the end of the first quarter this year that I could no longer do that, because HMRC changed the log-in process. So that's five years at least with no change.
Indeed; I have a multi-company Sage 50 (2013 version IIRC - wrong machine to check) which I use for a few companies. One (my own) I could do in something else, but nothing I've looked at comes close to being good enough for my clients' data, in some cases due to mickey mouse inputting methods, or in others lack of adequate reports.
Sage are fairly determined to get people onto a subscription model for their software, because they like the "pay and keep paying" model, over the one preferred by people like me, which is to pay once and then just keep using it until it actually *needs* to be upgraded. And you can still get Sage's main products on a perpetual licence - but for one thing.
For day to day work accounts and bookkeeping work, tax law changes are irrelevant - it's down to the person using the software. There is one change coming RSN, however, that does force an upgrade: Making Tax Digital.
If you're using a Sage product that you have on a perpetual licence, unless Sage have changed their minds since I last commented on this, if you want to be able to submit VAT returns under MTD, you have to *subscribe* to the MTD module.
HMRC don't charge for access to the API.
The API, once finalised (and I believe it now is), shouldn't be a constantly changing, moving target. It's possible that it might change occasionally, but as a general rule it should remain fixed.
Therefore, in my opinion, there is no justification for a subscription model for the module. Sure, they may update and improve the software over time, but if people want a version with a better bloody UI or whatever, they can buy an upgrade - and similar if and when the API does change.
But to insist on only selling it on a subscription model is, in effect, to tax businesses for being able to pay a tax.
Re: the best-ever source-code editor StrongEd
Nope. StrongED all the way. :p
Re: A bit too old now.
"I think the best route would be to build a RISC OS desktop on top of a Linux kernel, rewriting the RISC OS modules and applications in Rust (or C), and use Linux drivers etc. to make it exploit modern hardware."
Although this isn't what you meant, take a look at this.
Re: I see butt plug, i upvote...
Nonsense - that's clearly Weebl after he's eaten a bit too much pie.
On the seventh anniversary of Steve Jobs' death, we give you 7 times he served humanity and acted as an example to others
Re: "oh boy"
"or Microsoft could've possibly introduced Windows Mobile to the consumer market."
They already had done IIRC.
Re: It's not April 1st, is it?
"I guess the satire was a little too obscure for some people."
I thought it was hard to miss - the article was dripping with it. So much so that some has dripped out of my computer and I've had to wipe it off my desk.
Re: 2000 AU in context
And the fact that I've somehow replied to the wrong post just goes to prove my point. My brain is not to be trusted today.
Re: 2000 AU in context
Yes, it's an incredible orbit - a perihelion of just under 65AU to an aphelion of just under 2040AU.
That gives it a semi-major axis of just over 1050AU, which I *think* means it doesn't fit my Titius-Bode (re)workings, but my brain doesn't seem to want to work it out properly at the moment. It's been a long week. I want to say the closest point on the sequence at that distance would be 1200AU, but I don't trust my brain right now.
NASA to celebrate 55th anniversary of first Moon landing by, er, deciding how to land humans on the Moon again
Re: How to land humans on the Moon again ...
"It's all about doing more with less. So this will send daily missions to the moon at £5/capsule."
Yeah, but those are Ryanspace prices, so don't forget to add several million for your luggage, being able to pre-book your seat, and for priority boarding.
Re: "tucked away in the Privacy and Security settings"
Just tried that in Palemoon and it brought up a "Clear recent history" dialogue, with the option to select what you want to delete (Cookies, browsing history, cache, etc) and to choose "how recent" (last hour, last two hours, last four hours, today, or everything).
I have it set to wipe cookies, history, etc, when I close the browser - but this could be a useful shortcut sometimes.
Re: "Are you affected by the outage? Leave us a comment and let us know."
I so want to be outraged by the loss of service, I am tempted to buy one RIGHT NOW! But I fear that by the time it arrives, the problem will be rectified and I'll have a creepy snooping device on my hands that I don't really want!
Oh, the dilemma!
Again, Google's new slogan should be something like "We're Google. We don't take no for an answer."
Re: after a powerful collision event
Tut, you're just having a stamping your feet event.
And it's prompted me to have a reply to your post event!
Re: Google, oh how we loved you
New slogan for Google:
"We're Google. We won't take 'no' for an answer."
Retain the picture of Farage, and use the caption "This is what happens when you don't use protection!"
Re: "People's Vote"
"I'm all for that. The only problem is what the choices will be?"
That is the question. (Or was it "to be or not to be?" I forget.)
But being serious, you are quite right - do it wrong, and it's likely to get us in an even bigger mess. It has to be thought out carefully, and worded correctly, with no bias and in such a way that it is fair. No hint of "based on what we now know" or any reference to the 2016 outcome and whether it was "overwhelming" or "marginal", etc.
The problem is, the longer things go on as now, the less time there is to prepare for such a vote - and (should it happen) the more rushed that vote becomes. And I think we're more likely to see another snap election first (which there are now murmurings about) - and that'll just mess things up further.
I think what I'm saying here is: Bottom line, we're fucked.
Re: Non-binding it may be, but we're still doomed.
As you say, there's a good chance we'll see civil unrest in the two main opposing scenarios: If the government just turns around and says "No, we've decided we're not leaving after all" or if they end up taking us out and people become worse off and unable to afford basic necessities due to job losses and rising prices. (And ironically, I think the people most likely to be involved would largely be in the intersection of a Venn diagram of both).
That's why I honestly believe that the so-called "People's Vote" option is probably the best way forward now. It isn't back-pedalling to say to the voting public "Look, we've listened to you, and we're going to listen to you again - this is what's on the table, so what do you think?"
There's still a possibility of civil unrest in that scenario, but it's the least likely to lead to it, and if it does it would probably be the least amount.
But since our PM is more interested in trying to keep her party healthy, rather than the country she and it serves, I might have to learn about gardening, and growing my own veg.
""The referendum was supposed to be non binding"
I'm perfectly well aware that David Cameron did a stupid by saying it would be honoured, and quite a big one knowing that there are an awful lot of people out there that don't understand the due process behind which such things are brought about. But I was talking about that due process, and the legal status of the referendum as debated in and brought into being through an act of parliament, to answer the question that was asked about what the term meant.
The bottom line is that the referendum was legally only advisory. The government did not have to act upon it, but chose to do so - with too much haste and too little planning.
"Cameron changed that with his big mouth."
Don't forget how the law is made in this country. The PM doesn't make or change laws by opening his (or her) big mouth. If they could, we'd probably all be in an even worse situation than we are now.
Re: Don’t know much biology but…
"How much risk is there that they’d get their hand pregnant? Coz I can’t see much chance of the young UKIPer being allowed to put it anywhere else…"
I asked the same question twice yesterday in response to seeing comments/pictures - although I was a touch more blunt. I simply asked: "Why do wankers need condoms?"
'What was that with the "not a binding referendum"?'
The referendum was supposed to be non binding in that it was supposed to be advisory only - which (oversimplified) means the result would be looked upon as the advice or suggestion of the people. On that basis, the result should have led the government to start looking at the possibility of leaving the EU, all the possible methods and degrees of doing so, before deciding whether to go ahead (or returning to the public to say "these are our options... what do you think?")
Perhaps more importantly, because it was supposed to be only advisory, it was argued in Parliament that there doesn't need to be a super majority result. The point of a super majority is to ensure there is absolutely no doubt - including a greatly reduced margin for error when taking into account the number of people who didn't bother to vote. A win for either side that is as marginal as that of our EU referendum, when 28% of the people didn't vote, is one that shouldn't be considered a clear win either way - and certainly not one that will change this country in such a fundamental way.
Re: No need
I thought that was Boris - isn't that why he's now separated; because his wife found out?
Re: Lack of maintance
"The site is with a hosting company. We hope they know what they are doing in relation to the problems this article reports."
That depends. When you say "a hosting company" do you mean a company that specifically handles (and in your case handled) the installation, set up, and maintenance of WordPress, or do (did) they simply provide all the tools necessary for you to do it all yourself? If the latter, you need to look after it. (You = the group, obvs.)
Did they know in advance there was a crashed Tie Fighter on the asteroid?
Re: Technology that doesn't exist
"Anyway there can always be a transition period and then a post-transition period transition to the new technology period, and then a post final transition deadline transition to accommodate the timetable slippage of the post-transition transition period...
Speaking as someone firmly in the remainer camp, and who therefore thinks Brexit will be bad, you've just made it sound a whole lot worse.
You've just conflated it in my mind with the confirmation prompts in Windows Vista.
"What we have is either a nation of already-retired millionaires splashing their money on tat and pizza and enjoying sitting in a London street in a queue, or a nation of people who really have nothing else better to do spending money they don't actually have or should be spending on other things.
I'm not entirely sure which one I find more disturbing."
The latter possibility is worsened by the fact that:
Apple customers will presumably be lining up to buy the latest iGadgets on Friday, though they will only be able to purchase the most expensive iPhones first - the XS and XS Max - with the other models due to hit the streets next month.
The nature of fanboyism (and this doesn't just apply to Applytes) is that sufferers are more likely to try to get something sooner, even if it's the more expensive option, rather than wait. Companies like Apple know this, and they're exploiting it.
"If you read TFA, you'll see that the neweggstats domain was specifically created to exfiltrate data in this hack. "
I did read TFA. And I've just read it again - while the phrasing says the dodgy domain was used for newegg, it doesn't say it in a way that firmly leads me to infer exclusivity. There's enough ambiguity there to make me question it based on my recollections.
That said, however, on my drive today I realised that what I was actually remembering was the name newrelic, not newegg.
So, all you have to do is check every single site that you might input your credit card into and make sure that none of them are connecting to an unauthorised third party site, bearing in mind that many websites uses scripts on different domains to function, and that you probably won't be able to guess which are legit and which are bogus without at least checking the whois records for every single one.
Can I assume from that helpful explanation that you didn't notice the mention of NoScript in my original post? I would imagine most people who use NoScript are perfectly well aware that "many websites uses scripts on different domains to function". That's a large factor in why we use it, not to mention why I'm able to vaguely remember seeing (albeit incorrectly in this case) a particular domain name in play on other sites - a result of looking at what scripts sites are trying to load.
The article says it was created on 13th August by the crooks. The article says Newegg's customers were affected. I'm questioning whether there's a possibility there may be a wider problem, based on my (possibly dodgy) recollection of what I've seen via NoScript.
I've never purchased anything from an outfit called 'Newegg' - and I don't remember ever specifically visiting a website with that name. However, I am familiar with the name, and I'm pretty sure that's in the context of NoScript - its list of scripts on a given page.
This leads to the question: Are there sites using services provided by (scripts from...) Newegg - or is what I'm remembering Neweggstats? i.e. are there potentially other sites out there that were also running the dodgy Neweggstats script?
"Have them ask for a refund ?"
The deadline for claiming back PPI is getting nearer - so there does need to be a new thing people can claim back in order for the PPI claim companies to stay in business.
Well, I was thinking of additional steps - but your reply makes me think they may be a step too far:
I was considering have the user appoint their preferred T-shirt printing company. When I send them the code for the card, I would also send a checksum to the company; they would print it on a T-shirt and despatch that to the user to wear in the same picture. You've heard of 2FA - this would be 3PA (third party authentication).
If they don't want to go to the cost of having T-shirts printed, another option would be to appoint a trusted third party who would write the checksum on the user's forehead using permanent marker.
Options I considered but discarded include having the user have tattoos of any codes (or imagery to make it harder) - but I realised they'd run out of space.
Another option would be biometric - fingerprints. In this case, though, I was thinking that they'd have to cut off their finger and use a same day courier to get it to me for verification. So I'd know it's not just someone using a gummy bear. The flaws in this were twofold, however: First of all it would limit the number of possible log-ins because they'd run out of fingers to type with (and worse, it would be fewer than ten, because as the number of fingers is reduced, their typing would diminish - long before they actually run out). The second issue is that I wouldn't be able to be certain if the fingers were cut off by themselves as part of the log-in, or by criminals trying to defeat my system.
I've got this cracked.
When a user wants to log-in, they input their user name and password.
Then there's the second factor authorisation - they get sent a code they must input.
Then they enter digits x and y from their existing authorisation code.
I am then sent an alert. I look them up on a old fashioned rolladex.
I then ring them using their number on that rolladex and see if I recognise their voice.
If I do, I give them another code to input into the next stage of the log-in.
I manually check this, and if it matches I email them a new code.
They must write that code on a piece of card, and email me back a selfie with them holding it in shot.
If the code in the picture matches, and their face in the picture matches the one in the rolladex, they are finally granted entry.
Re: “Beautiful accounting software”
A line that effectively highlights form ("beautiful") before function ("accounting software").
I use it for a client, and I hate it.
"Let's see it pick up a cup of tea by the saucer."
Well, unless I blinked, we didn't even see it pick up the mug - only look at it briefly before the video cut to it (initially) failing to pick up a cuddly toy.