* Posts by Justicesays

556 posts • joined 15 Jun 2010

Page:

Linus Torvalds on security: 'Do no harm, don't break users'

Justicesays
Silver badge

Re: fairly sensible explanation ...

>It's nonsense. The argument is "that's broken and exploitable, so leave it like that until both things are fixed."

Ok, so hypothetically, the person who is upgrading discovers, upon upgrading , that their stuff no longer works in some way.

do they:

a) go, oh well, must have been insecure, lets try and fix forward while everything is down.

b) Roll back the upgrade immediately (and delay updates to production if they discovered this in test).

99.999% of people will do b).

Thus not only that one bug that was "fixed" will still be present, so will loads of other bugs that the upgrade would have fixed. If you are very unlucky, the impact of the failed upgrade will include some kind of risk exception so that the software is not updated again (at least until the failed upgrade is investigated, the root cause discovered and the upgrade retested/rescheduled).

Making security fixes not break everything is pretty important, because if they do, people will not install them in a timely fashion

13
0

Car tax evasion has soared since paper discs scrapped

Justicesays
Silver badge

Moving house...

Is one of the issues here.

Previously you would move house, see that your tax disc was about to expire, then realize you had to update your vehicle registration document with the new address in order to get a new tax disc sent.

Now it's the wrong way around, if you move house, your tax reminder is sent to your old address, and you have no reminder that the tax is due. Not surprising that people miss it, and I expect getting fines/tickets to people is also more problematic as addresses are less likely to be up-to-date.

9
1

Those IT gadget freebies you picked up this year? They make AWFUL Christmas presents

Justicesays
Silver badge

Re: Cheap-ass freebies.

Obviously Prayer Fans

0
0

Robocall crackdown, choked Lifelines, and pole-climbing: Your new FCC rules roundup

Justicesays
Silver badge

Just wondering

What were the "twice as many" old regulations he got rid of to allow these new ones to be created?

2
0

Boss put chocolate cake on aircon controller, to stop people using it

Justicesays
Silver badge

Re: Ah yes, the AirCon adjustments

Something like this I guess

https://www.youtube.com/watch?v=T2Y7oo3iB40

0
1

NSA bloke used backdoored MS Office key-gen, exposed secret exploits – Kaspersky

Justicesays
Silver badge

Re: Oooooh, really?!?!?

Pretty much all the anti-virus vendors do this now, unless you untick the option.

Microsoft also like copies of any files that crash any of their software, along with the memory dumps. Microsoft Security essentials has a "send file samples automatically when further analysis is required" setting for instance. It's probably ticked by default.

Obviously the archive would have been full of virus code, so presumably of interest to an anti-virus vendor.

In any case this is pretty much entirely the NSA's fault. You have to wonder how someone can take *all of your hacking tools* home with them and drops them on their personal computer. You would think a tool kit full of zero days would be a pretty valuable asset and you would ration this stuff out rather than handing it out like candy. And of course the motives of the unnamed NSA operative (who cant even afford an office license apparently) might well be pretty shady.

69
0

Humble civil servant: Name public electric car chargers after me

Justicesays
Silver badge

Obviously it's government-ese. so hard to say, but reading the act it looks like

If it's insured, then the insurer is liable.

If it's not insured, then the owner is liable (unless it's excluded from needing insurance due to being in some government vehicles category, like military vehicles I guess.).

The owner or insurance company is not liable if someone (who isn't the owner) switched the vehicle to "autonomous mode" inappropriately . In that case that person is liable (unless they are a minor/diminished responsibility etc. then blame the parents/legal guardian).

If the manufacture is at fault due to making a faulty vehicle/software, they can still be liable/negligent/sued/arrested, but by the insurer / owner /police, not by the victim(s) of the accident.

It's not clear if the government can just not pay anything in the case of an automated government vehicle running someone down. It seems that way as there is no liability assignment in section 2 for that case, so presumably the manufacture gets directly sued by the victim in that case?

There are no mention of changes to the driving license system.

9
0

It's time to rebuild the world for robots

Justicesays
Silver badge

yes

"Does that mean humans are smart and robots are stupid? "

Yes it does.

And we already have autonomous vehicles we redesigned the world around.

The London DLR for example.

Avoid collisions with elevated track for its sole use, uses automated switching of prelaid track to ensure it stays on the route, only has limited , but dedicated, stopping places to ensure it doesn't have to worry about parking etc.

19
0

Magic hash maths: Dedupe does not have to mean high compute. Wait, what?

Justicesays
Silver badge

Re: Hashes and duplicates

"Because of this a dedupe tool has to compare the data blocks when there is a hash match to avoid losing or corrupting data. "

Sadly most methods do not bother doing a actual block comparison.

This is because the math shows the odds of a block collision due to them having the same hash is less likely than the disk being corrupted by multiple simultaneous bit flips that bypass parity/checksum checks.

There is also the fact that dedupe systems are limited in the size of the data set they can dedupe, due to the ever-increasing hash lookup table.

This less computational expensive method might be one that does less exact/expensive hashing and full block comparisons when it gets a possible match.

3
1

'There has never been a right to absolute privacy' – US Deputy AG slams 'warrant-proof' crypto

Justicesays
Silver badge

"You can still break it by recovering the key, which is normally too complex to commit to memory, meaning there WILL be a trace."

As it's a one time pad, once you have used it to encrypt or decrypt the message, you would delete (the segment used) using whatever method will make it unrecoverable, along with the plaintext if necessary.

3
0

What does Elon Musk really need? A personal theme tune, of course!

Justicesays
Silver badge

The way things are going it will be released in large glass balls from his orbital space station... Assuming Bond doesn't stop him first.

13
0

Legacy clearout? Not all at once, surely. Keeping tech up to snuff in an SMB

Justicesays
Silver badge
Angel

Consultant inception

"I’m absolutely convinced that not enough SMBs take good advice when making investments in technology. Spend money with consultants to get it right at the beginning, and you’ll save in the long run: and shop around for a consultant because you can get good ones for non-ridiculous money"

So you don't advocate shipping around yourself for technology as you wont understand it enough or do the research, but do shop around for a consultant. Is there a consultant consultant we can consult to pick the right consultant?

9
0

Congress battles Silicon Valley over upcoming US sex trafficking law

Justicesays
Silver badge

Re: Out in the open

Part of the issue is that Backpage apparently go out of their way to assist/advise their advertisers on how to stay anonymous, what terms to use to discreetly advertise their illegal services, steps to take for safe contact with potential customers etc.

Despite this they still have managed to wriggle out of any responsibility for what is happening on their site.

2
0

Ofcom to crack down on telcos' handling of nuisance callers

Justicesays
Silver badge
Unhappy

Do you think that these companies are somehow making phone calls for free?

No, they are billed like anyone else, and somehow that billing information is tracked back well enough to make the charges but it's somehow "impossible" to track them back when it comes to blocking/banning them.

Not sure that relying on the telco's, who make money from these calls, to somehow fix this is going to work, it clearly hasn't so far, the telco's just make money from both sides by charging for nuisance call blocking services and caller ID.

Seems to be a pattern emerging, anti-virus firm distributes virus ridden software then recommends installing anti-virus software to recover.

Company offering ID theft monitoring services leaks ID information, then recommends ID monitoring services to recover.

Telco's enable fake/scan calls, then recommend call blocking services to prevent them.

20
0

Cops' use of biometric images 'gone far beyond custody purposes'

Justicesays
Silver badge

Napolionic

"automatic deletion on proof of innocence."

Great, lets get right on proving that we are not criminals.

How about a campaign for automatic deletion unless proof of a conviction is provided..?

39
0

UK not as keen on mobile wallets as mainland Europe and US

Justicesays
Silver badge

Re: So?

"Do you keep yours in a NFC/RFID blocking wallet? I'll bet you don't.

If you don't then it is vunerable to being scanned and then cloned. ID Theft at it's most basic.

"

Two points.

1) "NFC blocking wallets" don't work unless you earth your wallet. They might mitigate the signal from a regular reader enough to stop it, but a up-powered nfc reader would get through no problem.

2) You cant clone an NFC's secure information store unless you can break public/private key encryption, as that's what the exchange is based on. Cheap door access systems might just use the public element, but payment systems don't (some.might use crap encryption.like that dutch tram company though)

0
3
Justicesays
Silver badge

Re: Trading security for convenience

" there was the POC where someone wandered around a railway station with a bag containing a battery powered card reader and harvested hundreds of pounds in minutes."

The difficult part is actually getting the money out of your merchant account (which you have to have to get the money using card systems in the first place) before the fraud reports shut it down and refund all the cash. Turns out that isn't easy to do , which is why this isn't happening all the time right now...

1
0

Cybersecurity world faces 'chronic shortage' of qualified staff

Justicesays
Silver badge
IT Angle

In my experience

The chronic shortage of qualified staff extends to those currently *in* the roles.

5
0

Science fiction great Brian Aldiss, 92, dies at his Oxford home

Justicesays
Silver badge

Re: The Greats have gone

There are a lot of great authors out there.

The problem when comparing old authors to new ones is that only the most popular books survive to be published 30 years on. That makes it easy to identify old masters, but not so much the current ones.

There is also so much more out there, with smaller publishers/self published books/translations etc.

And more people of course.

Hard to find the jewels in the dross.

but for a start try

Peter F Hamilton (apart from night's dawn, mostly due to the ending).

Charles Stross

Alastair Reynolds

Stephen Baxter (early stuff mostly)

26
1

Russia's answer to Buckminster Fuller has a buttload of CGI and he's not afraid to use it

Justicesays
Silver badge
WTF?

The picture that states "Making use of the roads unused median"

Has two examples of cars in that "unused" space, the brown car in the top right, and the silver car in the bottom right.

People occasionally do need to change lanes, join/leave roundabouts , go across junctions etc.

And I'm sure they would prefer to do that without having to worry about smacking into some mobile pillars.

Or being crushed after a failure of whatever active stabilization these things are using.

7
0

Web-enabled vibrator class action put to bed

Justicesays
Silver badge
Trollface

Re: It's a law enforecement issue

I was not aware in fact. Dangerous to your phone perhaps? unless its one of those waterproof models...

1
0

She's arrived! HMS Queen Lizzie enters Portsmouth Naval Base

Justicesays
Silver badge
Devil

Re: Genuine question

I figured out a solution. We have two problems

1) We bought two ships are barely have enough stuff to run one of them

2) the ships are not long enough normal planes to take off from, and cannot be retrofitted with cat and trap for any reasonable cost (for some reason the contract didn't specify a "reasonable cost" when requiring retrofitting as an option..).

The solution is simple. Just dock the two ships together to provide one, longer runway!

Edit: For reference, the combined length would be 560m,

Specification and Dimensions Eurofighter Typhoon

Service ceiling 18290 m (60,000 ft)

Time to 10600m/Mach 1.5 < 2,5 min

Runway length 500 m (take off under 8 seconds)

24
0

At last, a kosher cryptocurrency: BitCoen

Justicesays
Silver badge

Re: I would prefer a more enlightened option

If you have no Bits I will take them from you, if you have Bits I will give them to you.

It is a BitKōan

2
0
Justicesays
Silver badge
Joke

I would prefer a more enlightened option

BitKōan

16
0

Lauri Love and Gary McKinnon's lawyer, UK supporters rally around Marcus Hutchins

Justicesays
Silver badge
Facepalm

Re: The ignorant run amok

"This should let you know, 98% take a plea deal because they are guilty. Likely of something a lot worse than what the plea is."

Care to show the evidence of this? Oh, there wouldn't be any because a plea deal means the bit where the evidence is shown is skipped.

You cant see any reason why someone would take a plea deal? Like maybe being trapped in a foreign country, unable to work or have a normal life, possibly for years, after which they have to go through an expensive trial , the legal fees for which would bankrupt any normal person, in the hope that "justice" is served.

When just the wait for trial is longer than the plea bargain sentence, people will take it.

Especially as being convicted under the US justice system is starting to appear to be as much evidence as wrongdoing as publicly confessing to attempting to overthrow the North Korean government before being thrown out of the country.

19
0

Brit military scolded for being too selfish with sexy high-end tech

Justicesays
Silver badge
Trollface

Just thought I would preempt alot of posts

by mentioning the short story "superiority", by Arthur C Clark.

YW

11
1

Astroboffins spot tiniest star yet – we guess you could call it... small fry

Justicesays
Silver badge

Re: habitability of tidally-locked planets

I'm thinking that its down to this:

Odd of spotting Small planet transiting Small star > Odds of spotting Small planet transiting Large star.

As a larger percentage of the star's output would be blocked.

0
0

When can real-world laws invade augmented reality fantasies? A trial in Milwaukee will decide

Justicesays
Silver badge

Re: Actually seems reasonable to me

On the other hand, a manufacturer of Frisbees, Skateboards or Bikes has no requirement to pay off any park that might or might not allow the use of those articles. Instead it's the user of those items that have to pay attention to the laws in place, and/or request any exceptions for events etc. that they might want to organize.

Nor are the manufacturers required to modify their equipment with "geofences" that would prevent them being used in certain locations.

In addition, the people using these apps and visiting these parks are almost certainly residents of the areas the parks are in, and therefore paying for these facilities through their taxes.

Augmented reality apps normally require people to walk around looking at a smart-phone, generally no different than anyone else who visits a park these days!

20
6

IBM: ALL travel must be approved now, and shut up about the copter

Justicesays
Silver badge
Black Helicopters

Re: IBM said staff will be covered by IBM Life Assurance if they are on "approved" travel.

"Unapproved" travel is covered by IBM Death Assurance, where you are tracked down by blue helicopters and terminated.

24
0

America's drone owner database grounded: FAA rules blown out of sky

Justicesays
Silver badge

Re: How to tell if they're "evil" drones or "good" ones

http://www.popularmechanics.com/flight/drones/a24467/drone-plane-collision/

0
0

IBM CEO Ginni flouts £75 travel crackdown, rides Big Blue chopper

Justicesays
Silver badge
Devil

Of course it's easy to justify this!

If you are paid $31,000 an hour, it makes sense to spend a few $1000's to save an hour travelling into Hursley, right?

Don't ask me to justify the $31,000 an hour though....

23
0

So your client's under-spent on IT for decades and lives in fear of an audit

Justicesays
Silver badge
Devil

And this helps guys underspending on IT for 15 years pass an audit how exactly?

I mean, all they have to do is re-architect their 15 year old solutions into containers, adopt new technologies capable of being "lightweight" , discover and store and centralize all their application, switch, firewall etc. configs into their puppet/chef/ansible. In 4 days.

Way to pose a problem , then say, "well, if you had just set things up in a modern fashion 15 years ago , you wouldn't be in such a mess".

Of course they would also be super rich, being able to both see the future and use tech before it was invented.

12
0

Uber is a taxi company, not internet, European Court of Justice advised

Justicesays
Silver badge

Re: But

Well, no, they are cakes, in the UK at least, under the LON/91/0160 decision of the VAT tribunal.

22
1

Agile consultant behind UK's disastrous Common Platform Programme steps down

Justicesays
Silver badge
Devil

Re: Management Repeat after me

Agile , A Tanned Lemon Spoon!

Not what you were looking for?

Oh well.

6
0

Oracle fires Java warning at IBM and Red Hat

Justicesays
Silver badge
WTF?

One party state model?

"A vote against the JSR, Reinhold warned here, would delay completion of the next version of Java and be a “vote against the Java Community Process itself.”"

Can someone explain this Community Process? As it seems like Oracles idea of this process is that they propose stuff, and people have to "vote" to agree with them (or else).

27
0

What's driving people out of tech biz? Unfair treatment, harassment, funnily enough – study

Justicesays
Silver badge

Re: "I'm being treated unfairly... Means..."

Most likely means "Didn't get a pay rise of even inflation, despite getting a good or better performance review".

As that has basically been my experience at every tech place I have worked (apart from my current one funnily enough).

Sometimes it works out due to other stuff like stock options ofc, but generally people move jobs to actually get the pay rises they didn't get for the last x years.

Amazing how all employers use some "formula" that is supposedly based on "industry averages" that magically reveals that no pay rises are needed.

Yet your new job pays lots more.

26
0

Just delete the internet – pr0n-blocking legislation receives Royal Assent

Justicesays
Silver badge

Re: Well, looking forward to the data breach

"I fail to see how that can be possible."

It's as possible as every other fucking clueless desire that comes out of their empty heads.

They decided it would happen, therefore it will.

If we are lucky they will pass the "no gravity for MPs" bill in the next session...

3
0
Justicesays
Silver badge
Devil

Well, looking forward to the data breach

That reveals which MP's and MP's family members are looking at pr0n.

And I guess you could cross reference that with the ICR database leak to see exactly what sites they are looking at.

In fact, maybe that legislation itself is some kind submissive/exhibitionist self abuse by conservative MP's!

In which case we should ban that filth.

26
1

Just how screwed is IT at the Home Office?

Justicesays
Silver badge
IT Angle

So how are these aging systems going to handle

the at least 10x uptick in British citizenship applications by all the long term EU citizens that have married UK citizens, lived here for 20+ years etc but never bothered applying for citizenship as they didn't previously have to?

Year to March 2016 Applications: 148,497 Grants: 134,659 On basis of residence:68,415 On basis of marriage: 28,323

I see the latest figures are so far from before the Brexit vote, and even then were up 139%.

5
1

UK drops in World Press Freedom Index following surveillance and anti-espionage threats

Justicesays
Silver badge

"laws passed by well-meaning people are being misused"

If you think the people passing those laws are "well-meaning" then I'm afraid things are worse than you think!

Normally, the obvious flaws and ways in which those laws can be abused are brought up well before they are passed.

Those concerns are ignored , or dismissed with something about "guidelines" or "intent".

Subsequently, the law is abused exactly as predicted.

Turns out they don't poll the MP's who voted on it for the "intent" of a law when it's being applied, I mean, it's pretty black and white. If they didn't "intend" it to be used in a certain way they could have put it in the law.

And guidelines are only guidelines after all, I mean, if they were actual rules then the law would have included them , right?

So either voting politicians are somehow surprisingly naive for a profession known for it's infighting, backstabbing and flexible application of both rules and morals. Or they know exactly what they are doing.

21
0

CompSci boffins find Reddit is ideal source for sarcasm database

Justicesays
Silver badge
Facepalm

Ok....

Training systems to detect sarcasm by looking at examples of sarcasm that have to be in tags to be obvious to the reader.

Seems smart to me.

Sorry

<sarcasm> Seems smart to me </sarcasm>

8
3

(You can't) buy one now! The flying car makes its perennial return

Justicesays
Silver badge

Sadly requires

A (short) airstrip to get airborne, and land, so this isn't a VTOL helipad job.

1
0

Mastercard launches card that replaces PIN with fingerprint sensor

Justicesays
Silver badge

Maybe I'm not as smart as these card tech guys...

But I'm pretty sure the card will have copies of your fingerprints on it somewhere! Much like your (touch screen) mobile phone that also features a fingerprint sensor.

Make sure to only handle the card with one hand, and use a fingerprint from the other...

Or have a special "wipe-down" wallet with fingerprint removal slots.

Hey, something to take over from the "tin foil" wallet to (not) block NFC.

1
0

Zuckerberg's absolutely mental: Brain sensors that read YOUR MIND at 100 words a minute

Justicesays
Silver badge

Bunch of mealy mouthed morons

What they really think:

"Give everyone us the power to share get anything with from anyone."

"That will require AR glasses and those will be much more technologically challenging than VR headsets. In fact, the set of technologies needed to build them doesn't yet exist."

I'm sure Hololens and Google Glass are fascinated to discover that they don't exist in the FB world.

And their idea of an alternative sound feed is haptic sound translation done via skin and intensive training?

Sure, that might have, perhaps, medical applications for the seriously disabled (or military applications...).

But really most people just want subtitles or a dub (subtitles would work for deaf people as well) ...or some way of injecting the entire language directly into their brains without all that tedious learning!

0
0

How to breathe new life into your legacy kit now you've gone hybrid

Justicesays
Silver badge
Mushroom

"You could even decide that now you have several terabytes of slow storage, it's time to throw away the old tape backup system and move to disk-to-disk."

Yeah, switching your backups to a bunch of ageing disks in an array approaching EOL , with no offsite/duplicate/archive option, is definitely the best idea.

Just ask KCL.

2
0

30,000 London gun owners hit by Met Police 'data breach'

Justicesays
Silver badge

If any crims want to know if someone has a firearm in your area...

Ask someone at the (undoubtedly morally upright and well protected ) YDM agency.

Or maybe just pay someone over at the Met, looks like they are in the business of providing that info for cash.

Or you could just check the local recycling bins for leaflets.

16
0

Chap 'fixes' Microsoft's Windows 7 and 8 update block on new CPUs

Justicesays
Silver badge

Re: So? - Addendum

Maybe the key thing to having an OS that "people recognize" is having your new OS actually being recognizable as the same OS?

And making an OS "easy to use" might involve having, I dunno, a single place for settings, a single application style , obvious icons for performing tasks rather than expecting people to click and prod the edges of the desktop.

Linux window managers now bear much more resemblance to windows 7 than windows 10 does at this point.

But in any case, ChromeOS is apparently what is being given to kids in US schools now, so presumably that will be what the future spenders there are familiar with...unfortunately this means Google will also be familiar with them.

31
1

Oh snap! UK Prime Minister Theresa May calls June election

Justicesays
Silver badge
WTF?

Re: Crooks caught in a RAT* trap?

"It did burst their little bubble didn't it. I smiled a lot after watching that"

So you think that Ad hominem attacks are fine, and a good way to negotiate or win arguments?

Fine.

You twat.

"Unfortunately some of our politicians seem to be as petty as the ones over there"

And Farage has the distinction of being petty both here *and* over there. His action was the fucking *definition* of petty.

2
1
Justicesays
Silver badge
Facepalm

Re: Crooks caught in a RAT* trap?

"He would be one of the better people to negotiate with the EU "

Sure, I find that calling the people you are about to negotiate with a bunch of lazy tossers is definitely the best way to begin important negotiations.

3
1

Why Firefox? Because not everybody is a web designer, silly

Justicesays
Silver badge

Re: chrome is google spyware, and I've seen a lot of crappy software that tries to install it

Case in point, my fathers laptop got malware that ran a version of Chrome in the background in some kind of sandbox , browsing (presumably) click to pay sites automatically.

Became obvious when it's dodgy programming meant it filled the disk with literally millions of files.

14
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017