* Posts by Ben Liddicott

237 posts • joined 24 Mar 2010

Page:

FBI boss: 'Memories are not absolutely private in America'

Ben Liddicott

Not quite.

Not quite: You cannot be compelled to testify *against yourself*.

If you are given immunity from prosecution you can be compelled to give any and all testimony and punished if you refuse.

1
0

IBM staff petition for right not to work on Trump's pet projects

Ben Liddicott

Re: Citizens United

A "corporation" is the correct term. Corporate personality is what protects our right to form trades unions and charities, not just to form businesses.

It's a consequence of free association: Not only can I campaign in person and lobby the government in person, I can club together with like-minded people, and hire someone to do it for me. Not only can I say what I like (short of libel), I can club together with like minded people and make a film about it that says it better than I could.

The rule that allows people to club together to make a documentary critical of Hillary Clinton, is the same rule which allows Greenpeace to lobby the government, and the same rule which allows trades unions to donate to political campaigns, and the same rule that protects charities and businesses from having their property arbitrarily confiscated.

"Corporate personality encompasses the capacity of a corporation to have a name of its own, to sue and be sued, and to have the right to purchase, sell, lease, and mortgage its property in its own name. In addition, property cannot be taken away from a corporation without Due Process of Law."

0
0

The sharks of AI will attack expensive and scarce workers faster than they eat drivers

Ben Liddicott

Re: WebMD

Of course doctors did that even before the internet - they just called it a Medical Dictionary.

9
1

Leaked paper suggests EM Drive tested by NASA actually works

Ben Liddicott

Physical possibilities

Outgassing or ablation of the materials, e.g. glue solvent evaporating, plasticisers in electrical conductors evaporating and so on.

Interaction between electrical currents and earth's magnetic field.

Solar wind

Microwaves or other EM radiation leaking out of the end. They have momentum, after all.

4
0

Democralypse Now? US election first battle in new age of cyberwarfare

Ben Liddicott

Re: "delivered selectively, out-of-order. and out-of-context..."

Correct. There is no such thing as unbiased. Media cannot report everything so must always choose what is important, which is a value judgement, which is to say irreducibly ideological.

Candidate A's lies are vital to report because Candidate A represents an existential threat to democracy, so every plausible story which undermines him is important. Candidate B's lies are just the usual peccadilloes of politicians no more worthy of reporting than Obama's breakfast choices.

To the extent there is any solution it is to read competing accounts, to see what other people pushing different angles believe are the important facts. This is the same reason trials have prosecution and defence. It's the same reason scientists try to tear each other's theories to shreds - though this usually takes at least a generation.

If you only hear one side you'll easily be convinced the other side cannot possibly have any merit. If you then conclude it's not worth hearing, there is no way back for you.

0
0

Leap second scheduled for New Year's Eve 2016

Ben Liddicott

Re: How to handle leap seconds

Typical crystal oscillators are accurate to about 1-10 seconds in the day.

Most servers only update time via NTP a few times a day, and many only weekly or less or not at all.

The leap second is of the same order as the normal time skew which occurs on commodity hardware.

Nobody is suggesting you should allow the leap second to simply be added to the preceding second.

The proposition is that it is gradually adjusted over the subsequent hour or so, resulting in around 0.05% inaccuracy in duration during the period of adjustment, additional transactions, error comparing time elapsed to wall-clock time and so forth.

0
0
Ben Liddicott

How to handle leap seconds

http://www.theregister.co.uk/2011/09/19/google_has_to_lie_to_computers_about_time/

Windows does essentially the same thing: Ignores the leap second an treats the updated time after the event as clock skew, adjusting over an hour or so.

Your junior devs will never be good enough to handle leap seconds correctly.

Your server clock is not that accurate anyway.

It doesn't matter for most applications.

If you are not sure whether it matters for your application, it doesn't. If it did you would know because you would have an atomic time source in your lab.

5
1

Oh, ALL RIGHT, says Facebook, we'll let Windows admins run osquery

Ben Liddicott

So like WMIC then?

Ships with windows since 2002.

> wmic process where "Name='explorer.exe'" get Name,ProcessID,ParentPRocessID,ExecutablePath,CommandLine

> wmic process where "processID=9112" call terminate

> wmic process where "processID=9112" call AttachDebugger

7
0

Microsoft snubs alert over Exchange hole

Ben Liddicott

Re: it only takes only four lines of code and a local config file

If they can run code as your login they can get your password in approximately a gazillion different easy ways.

Adding a more complicated and difficult method to the list does not make your position worse because your position is already "completely owned".

0
4
Ben Liddicott

Re: it only takes only four lines of code and a local config file

Or just read your credentials from where Outlook stores them, or read them by logging keypresses or...

1
4
Ben Liddicott

it only takes only four lines of code and a local config file

So it's not a vulnerability as it already requires you to have access in order to take advantage of it.

This is like saying "From the inside of the house I can open the window then go outside and climb in". Sure, but why bother if you are already in?

6
4

Remote hacker nabs Win10 logins in 'won't-fix' Safe Mode* attack

Ben Liddicott

Requires local admin = not a vulnerability

If you have local admin you can install a keylogger into the regular mode, you don't need safe mode.

You can also read password hashes straight out of the registry. Because you own the SAM. This includes cached hashes[*[ from recent logins

Seriously who vets these stories?

[*] that's what enables you to log in using your domain credentials while not connected to the network

4
1

Great British Block-Off: GCHQ floats plan to share its DNS filters

Ben Liddicott

Don't be daft. They want you to use Tor.

Tor is a honeypot and always has been. The point is to provide a false sense of security while simultaneously identifying people with something to hide.

For example: http://www.theregister.co.uk/2007/09/10/misuse_of_tor_led_to_embassy_password_breach/

TBB bugs are for the FBI. The NSA can de-anonymise any Tor user just based on their overall view of global network traffic.

Why would you think a project planned, founded, and paid for by the US government - the Navy[*] specifically - would protect you from the US government? That's some seriously wishful thinking there.

The question of legitimacy is all about what they do with the information. As long as the culture within the organisation does not permit it to be used except for national security, the ordinary person is safe. That ship has sailed in the UK - this is used for Serious Crime, which includes child prostitution. And fraud. And pot dealing. And copyright violation. And tax evasion. Pretty much everything which isn't a driving offence actually.

[*] The head of the NSA is an admiral of the USN. Possibly coincidentally.

8
1

Having offended everyone else in the world, Linus Torvalds calls own lawyers a 'nasty festering disease'

Ben Liddicott

Re: Lawyers

The way scientists do it is also adversarial.

Scientists are not disinterested, they have an enormous amount riding on their theories, far more than mere money. As such they can't be relied upon to find the holes in their own evidence.

That's why you need other scientists with competing theories to pick holes.

Darwinian processes are the only known processes to produce knowledge.

0
0

Das ist empörend: Microsoft slams umlaut for email depth charge

Ben Liddicott

Wild guess: Unicode normalisation fail

Possibly doesn't normalise the password when changing it, meaning that it can't be entered subsequently. Or vice-versa. Since we are talking about IMAP it may just be that certain clients don't normalize passwords on entry.

They're not just sequences of bytes, you know.

0
0

UK Home Office is creating mega database by stitching together ALL its gov records

Ben Liddicott

Re: Modus Operandi

Not any more. The puritans will leave no loophole unplugged.

3
0

US nuke arsenal runs on 1970s IBM 'puter waving 8-inch floppies

Ben Liddicott

Good. Simple is best.

What should they use? USB flash drives? Why not floppies?

4
0

Microsoft sets date for SQL Server on Linux

Ben Liddicott

Re: This is actually largely irrelevant

Except.... that if you pay for large scale enterprise support it costs nigh on as much as an MSSQL licence for the same feature set. Just like if you pay for Red Hat Enterprise it costs about as much as Windows Server.

And if you don't buy support you need staff who can support it, which also costs money. If you operate at IBM/Google/Facebook scale it's a saving to support it yourself, but otherwise even for large blue-chips it doesn't make sense.

Products are priced the way they are because that's the most they can charge without making their customers switch. Ergo, at any price point, everything is usually approximately equal value for money..

1
0

Google asks the public to name the forthcoming Android N operating system

Ben Liddicott

Nutty Nougat

Obviously.

0
0

Magnetic memory boffins unveil six-state storage design

Ben Liddicott

Re: A bit off

Works for me on both Windows 7 and Window 10 calculator, both of which use an arbitrary precision arithmetic engine. I believe that's been the case since Vista.

What are you using? XP?

3
0

Destroying ransomware business models is not your job, so just pay up

Ben Liddicott

Re: It is our job to uphold the law

If I'm mugged at gunpoint, that's a crime in progress, but I'll be handing over my wallet all the same. If a child is kidnapped in practice you find that often people do what the criminals want first, then go to the police only afterwards.

Comparing on the one hand, paying an extortionist to retrieve irreplaceable property, and on the other, being too idle to shout "Oi!" at a casual thief, is just silly. They are different.

1
0
Ben Liddicott

Re: It is our job to uphold the law

I've upvoted you for the sentiment, but you asked "how is this different"?

If I saw someone breaking into a car and stealing a hard-drive or a camera, I wouldn't ignore that, of course. As you say it is our duty to intervene.

But if someone stole a hard-drive containing my family photographs, or the only copy of (encrypted) customer data, or unencrypted sensitive information, or a camera whose card contains the only copy of someone's wedding photographs, I would pay the thief to get it back.

What's the difference? One is a crime in progress, the other is mitigating the damage from a crime which has already occurred. They are different.

7
0
Ben Liddicott

Re: Price of an education...

Snapshots - a feature provided out of the box on Windows Vista and beyond - can be programmatically deleted, because the ability to delete data is a fundamental security requirement.

4
0

Sexism isn't getting better in Silicon Valley, it's getting worse

Ben Liddicott

Law vs. real life

If you ask women out when you know they are not interested and find it annoying, that's harassment. Continuing to ask after the second clear "no" for example would generally count. Once, you are probably legally in the clear.

But in real life, you are expected to know whether a woman is interested before you ask her.

This is a social convention to prevent women having to bat away a hundred foolish questions every day. You should be able to pick this up from body language and facial expressions. However if you are poor at body language or you are still not sure, ask mutual friends their opinion before asking her.

If you get a lot of "no" answers, you should learn from that you are poor at interpreting facial expressions and body language, and stick to asking mutual friends first.

1
1

Yelp-for-people app Peeple is back – so we rated Julia, its cofounder

Ben Liddicott

Re: UK libel law

No, the Mosley case was breach of confidence not libel.

0
0

Hardcoded god-mode code found in RSA 2016 badge-scanning app

Ben Liddicott

We have to stop thinking these things are accidents

Really, why does anyone think this is not on purpose?

2
0

Science contest to get girls interested in STEM awards first prize to ... a boy

Ben Liddicott

Re: The question remains ...

This!

This!

This!

Serious, now. This!! FFS! THIS!!!!

"we'll harvest energy from people walking on floors!"

You know how walking on soft sand is harder work than walking on a hard pavement?

WHICH IS WHAT THAT WILL BE LIKE.

Because thermodynamics.

4
0
Ben Liddicott

Re: runner up - prior art

Most modern smartphones have a planar surface as the front of the camera, so no adjustment for RI is necessary.

0
1
Ben Liddicott

Re: Orwell said it (more or less) ...

What if women want to vote for a man? Will they be forced to vote for a woman?

Or will both men and women have both a male and female representative? What if they would rather have a transgender representative?

Why not just let them vote and let the chips fall as they may?

9
0

Windows 10 will now automatically download and install on PCs

Ben Liddicott

Re: It's like a fish taken out of the water...

DCOM not found in current versions of windows? What?

Nonsense.

1
0
Ben Liddicott

Re: What's all fuss is about ?

For the benefit of your friend, you do know that IE11 is installed as well? And still has compatibility mode?

5
0

Women account for just one fifth of the EU’s 8m IT jobs

Ben Liddicott

Also sewage worker and bin person

Only discrimination can account for the dreadful underrepresentation of women in these vital industries!

Meanwhile 70% of PR are women, and that's fine.

19
0

Jenkins issues code of conduct to keep rowdy automation fans in line

Ben Liddicott

Re: Let's impose a political litmus test before people can do their jobs...

If that's the kind of world you want to live in, the worst I wish you is that you should do so.

0
0
Ben Liddicott

Let's impose a political litmus test before people can do their jobs...

See "opal gate" for how this works.

If you don't mouth the SJW Catechism to the satisfaction of the Political Officer then your options for professional development are to be severely constrained. It's unlawful for employers to do this in the EU.

But Open Source has become important, therefore Open Source becomes a power base, therefore Open Source will be colonised by party apparatchiks..

1
2

Linus Torvalds targeted by honeytraps, claims Eric S. Raymond

Ben Liddicott

Re: Bwahahahaha

I want to vote down and up. ESR does gpsd and works on the time service, and repository conversion as well.

But well said on Linus.

1
0
Ben Liddicott

Re: Seems sensible for anyone with a high profile.

"People will do this shit without any rational motivation beyond fame so give them a real reason and there are no limits."

This. Times 1000.

3
0

TPP: 'Scary' US-Pacific trade deal published – you're going to freak out when you read it

Ben Liddicott

Re: Source code

No. Parties are governments. Persons of parties are individuals or companies. So this says:

No government shall require .. source code owned by an individual or government, as a condition of import, sale, use or distribution.

It just means they can't refuse to allow it to be sold, they can't refuse to allow it to be imported, distributed or used. It doesn't mean they can't make it a condition of buying it themselves. Nor does it mean that vendors can't make it a condition of selling it.

So governments can mandate open source for their own internal use. Companies and individuals can mandate open source for their own use, and enforce open source licences. But governments cannot mandate open source for companies or individuals in their country, except for critical infrastructure.

It doesn't ban open source. it prevents governments from banning non-open-source.

1
0

KeePass looter: Password plunderer rinses pwned sysadmins

Ben Liddicott

Arrows go in quivers, bows have extra strings

Also, this requires the attacker to be already running code at the user's current level of privilege - in which case they can install a key-logger and swipe the file.

Nothing to see here.

2
1

The only GOOD DRONE is a DEAD DRONE. Y'hear me, scumbags?!

Ben Liddicott

Re: "The only GOOD DRONE is a DEAD DRONE. Y'hear me, scumbags?!"

When every second counts, the police are only minutes away.

Or up to an hour, in rural areas. Or they may misclassify your call and not come at all.

Shotgun ownership is quite high in rural areas, and with good reason. A family man living in a rural area who owns a shotgun is probably just being a responsible parent protecting his children.

Contrary to what many believe, firearms are not banned in England. You don't need to give - or have - a reason of any kind to own a shotgun, you just need to be of good character.

http://www.theguardian.com/news/datablog/2011/mar/25/gun-ownership-firearms-certificates

Police rural response times: Norfolk: 20 minutes

5
1

Bacon as deadly as cigarettes and asbestos

Ben Liddicott

Re: Wouldn't be worth it...

Most intestinal tract cancer is caused by HPV or H.Pylori, not bacon.

12
3
Ben Liddicott

Re: Make up your minds boffins

It's the false certainty which is the problem.

"This is the best available scientific knowledge"... OK but that doesn't mean that it isn't still poor quality knowledge with weak evidence. Best does not mean good, it may just mean least bad.

2
0
Ben Liddicott

There is also a well established link between eating lots of dietary fibre and not getting various nasty lower-colon diseases.

Sorry, that's not true any more. It's gone along with the risk from saturated fat, eggs, and salt.

Won't stop the doctor telling you to eat more fibre though. Lots of GPs still think stress causes ulcers. One told me so in about 2010, in spite of it being known to be false since the mid nineties. And I saw a poster telling me to eat less saturated fat in the hospital only yesterday.

It takes ten years for the bullshit to go mainstream, then when it's disproved, twenty for it to disappear again.

4
0
Ben Liddicott

Intestinal tract cancers are mostly caused by viruses and bacteria

Most cancers have unknown cause. All digestive tract cancers, whose cause is known, are caused by bacteria or viruses.

Of course that doesn't give the prohibitionists the ammunition they need to ban anything fun.

Reference for "bowel probably cancer caused by viruses":

http://www.ncbi.nlm.nih.gov/pubmed/11456365

Reference for "most digestive tract cancers". 60%-70% of of mouth, throat and anal cancer caused by HPV virus:

http://www.cancer.org/cancer/cancercauses/othercarcinogens/infectiousagents/hpv/hpv-and-cancer-info

That's only accounting for 60%-80% of bowel cancers. What about the rest? Well some warts are caused by non-papilloma virus types... maybe they account for some of the rest. Also some digestive tract cancers are associated with Helicobacter Pylori infection. I would bet anyone £10,000 that in twenty years over 80% of bowel cancers will have been proven to be caused by infectious disease. In all likelihood many will be vaccinated against.

4
0

Laid-off IT workers: You want free on-demand service for what now?

Ben Liddicott

Re: Non story

You can't make anybody work, full stop. The court won't order specific performance except under very restricted circumstances, which don't include employment.

However if you have *contracted* to work, you may have to pay actual damages if you then refuse to do so. This will certainly include repaying any additional element of severance pay you received, and may well be more.

2
0

EU justice ministers agree on police data-sharing law

Ben Liddicott

2014: Corruption across EU 'breathtaking' - EU Commission

http://www.bbc.co.uk/news/world-europe-26014387

Ask yourself: Do you trust European police?

Do you trust Italian, Greek or Spanish police? Or Latvian? Or Bulgarian?

I have a hard enough time trusting our own police, and they are probably the best of the lot. The Dutch probably number two, then the French and Irish and dropping off rapidly thereafter.

1
1

Outlook.com had classic security blunder in authentication engine

Ben Liddicott

Re: Other than Devs......

Writing secure code is hard.

Someone who thinks only "dumb" developers produce security bugs is overconfident, and is not the right person for the job.

6
0
Ben Liddicott

Re: Here's a question:

Well I'm really only talking about the EU and the UK in particular, since that's where I live and work. What are you talking about?

For example in the UK it's DPA Schedule 1, s7:

Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

In other words, confidentiality and integrity must be protected, which requires protections against rogue employees stealing data.

1
0
Ben Liddicott

Re: Here's a question:

Yes, we allow HTTP/S, but we (I hope) forbid anyone from using a personal email account or file-sharing site without a valid work reason. GMail from HTTPS should be blocked, so there is no reason to allow GMail IMAP.

It's called data protection law - we have to take measures to prevent rogue employees stealing data. That's why your work web proxy has content filtering.

Don't use work computers for personal use, people.

0
0
Ben Liddicott

"Since fixed" => Past tense needs to be used

allows -> allowed

means -> meant

can -> could

0
0

What is money? A rabid free marketeer puts his foot in lots of notes

Ben Liddicott

No, supply of labour is limited.

If the government confiscates wages, and spends to hire staff, this does not bid up the price of labour because the spending is offset by the confiscation (workers have less spending power). If they print money to spend, this bids up the price of labour. You can do a little of this but you cannot do a lot and certainly not nearly enough to cover the amount of spending a modern government likes to do. It will still mostly have to be financed by taxation.

1
2

Page:

Forums

Biting the hand that feeds IT © 1998–2017