* Posts by Justicesays

596 posts • joined 15 Jun 2010

Page:

No, seriously, why are you holding your phone like that?

Justicesays
Headmaster

Re: ...why are you holding your phone like that?

"Part of me wants to correct that to "Friends have a lot to answer for", but I recognise that in this case that would be wrong."

The correct correction(?) should be

Friends has a lot to answer for.

9
0

For €10k, Fujitsu will tell you if your blockchain project is a load of bull

Justicesays

Now I just want to register a website a bit like

http://hasthelargehadroncolliderdestroyedtheworldyet.com/

something like

https://ismyblockchainprojectaloadofbullshit.com

But with the opposite answer obvs.

10
0

California lawmakers: We swear on our avocados we'll pass 'strongest net neutrality protections' in America

Justicesays

"This is going to be a fight. The telecoms and cable companies fight hard and they are effective. We have our work cut out for us."

Well, lacking any law to the contrary , the telcos and cable companies can block access to pro-net neutrality websites, redirect customers to websites promoting negative stories about network neutrality supporting politicians, replace all your adverts with adverts for how much better things would be without net-neutrality.

Also bin any emails to your representatives that support net-neutrality of course.

3
0
Justicesays

Re: Another View

"Threatened with a ballot initiative democracy, lawmakers pass a ruinous data-privacy law. act to minimize the damage to their corporate masters while covering their own asses"

FTFY, but pretty sure this is an entirely different story around net neutrality , not privacy.

2
1

NetApp system zips past IBM monolith in all-flash array benchmark scrap

Justicesays

Re: Cheating the numbers?

"I wonder if anyone hasn't "VW-ed" their array"

FTFY

The SPC benchmarks are massively gamed and always have been.

Commercially nonsensical hardware optimized specifically to the benchmark.

Loads of controllers with tiny amounts of disk each to maximise the cache memory available.

Volumes made from just the fastest part of traditional disks , while still quoting the full capacity in the $/GB.

Specialized firmware setups are just the tip of the iceberg.

5
3

IBM wins five-year whole-of-government deal with Australia

Justicesays

"gig that later went very pear-shaped indeed (although the client was to blame)"

I wonder how IBM got that previous contract?

"“The only finding possible is that IBM should not have been appointed” to the contract in the first place in part because of “ethical transgressions” on the part of some of its employees, including “the obligation not to use the State’s confidential [bid and proposal] information” that it had somehow couldn't explain came into its possession from a restricted government database along with the apparent privileged insider information from a government consultant to the project who happened to be a former-IBM employee."

Any former IBM employees involved with this new bid?

8
0

IBM memo to staff: Our CEO Ginni is visiting so please 'act normally!'

Justicesays

Re: Not the CEO

The leeches already firmly attached to Gini's ass are trying to ensure a minimum separation is maintained so no-one else can attach themselves.

8
0

SUSE Linux Enterprise turns 15: Look, Ma! A common code base

Justicesays
Meh

Re: Cultural cloning and diminishing returns

Ancient wise man 1: so, that's counting sorted out then

one, two three, death, five, six ...

Ancient wise man 2: I'm sorry, three, what?

AW1: Death.

AW2: Why is it one two three, then death?

AW1: It's just what we came up with. Of course, probably people will try to avoid having "Death" amounts of things I suppose, maybe a little creepy, but what can you do eh? Anyway.,

Seven, eight, nine, ten, eleven, twelve, thirteen, deathteen, fifteen.

AW2: Erm, deathteen?

AW1: Well, we have to be consistent, otherwise people would get confused. We also have twenty-death, thirty-death and my favourite, deathty-death.

.....

Try to imagine it in a Mitchell and web style.

7
0

Cops: Autonomous Uber driver may have been streaming The Voice before death crash

Justicesays

Re: Simples. Charge both Uber and the driver

"did she have the training and education to be doing this?"

There are people who have roughly the training and skill set to do this job, they are called "Driving instructors". Not hiring someone with equivalent skills means that Uber doesn't give a crap about the effectiveness of the person in the seat, it's just a cost they have to pay to meet the minimum legal requirement.

Their immediate response, drop all blame on driver, and run away to another state.

The problem is that although they should be equally liable (for bad software, lack of supervision, insufficiently skilled employees), they will likely get away with it as the legal status of experimental self driving cars isn't being given sufficient attention.

15
0

Internet engineers tear into United Nations' plan to move us all to IPv6

Justicesays

"address allocation optimization requirements for IPv4 bear no relation to sensible and relevant optimization strategies for IPv6."

https://tools.ietf.org/html/rfc6177#section-2

Hence, this document still recommends giving home sites significantly more than a single /64 , but does not recommend that every home site be given a /48 either.

/64 1 IPv6 subnet 18,446,744,073,709,551,616 IPv6 addresses

Now, I'm not sure how much IoT shit I'm supposed to put in my house, but 4 billion ipv4 internets worth seems like a lot? Maybe they could have increased the lifespan of ipv6 by only giving homes 1 ipv4 internets worth.

If the minimum subnet size is 2^64 , and the complaint is "the routers will fill up if we have millions of routes". how exactly are switches going to cope if you put millions quintillions of hosts on one subnet? It's all just wasted address space at the cost of much longer addresses.

Of course, ipv6 may give you quintillions of routable ip addresses but only has one loopback address.

3
5

'Incomprehensible failure' – Canada's $1bn Phoenix payroll IT fiasco torched by auditors

Justicesays

Irony

Just before I left IBM there was a big push at the management level towards "devops/agile"

So they were all reading this book:

https://www.amazon.com/Phoenix-Project-DevOps-Helping-Business/dp/0988262592

I guess it turns out real life is harder than fiction

1
0

IPv6 growth is slowing and no one knows why. Let's see if El Reg can address what's going on

Justicesays

Re: Unintentional benefits

Maybe the issue isn't "Congestion", but "throttling".

Probably find the reason IPv6 isn't supported is that they can't control the data rate on IPv6, unlike IPv4, due to their software being ipv4 only.

5
0

Make masses carry their mobes, suggests wig in not-at-all-creepy speech

Justicesays

You'll be arrested and fitted with a GPS tracking collar.

And of course if you go more than 1 mile away from the other person your collar is linked to your collar will explode.

That last bit might be from a different dystopian future.

18
0

Javid's in, Rudd's out: UK Home Sec quits over immigration targets scandal

Justicesays

Re: Either a liar or incompent

Yet Gove describes her as "a huge asset - brave, principled, thoughtful, humane, considerate and always thinking of the impact of policy on the vulnerable".

To be fair, Gove is partly right on this point. The first 10 letters.

About up to here:

"a huge ass"

4
0

Turn that bachelor pad into a touch pad: Now you can paint buttons, sensors on your walls

Justicesays

you'll start seeing adverts for hammers, nails and wall mounted artwork.

15
0

Shhh! Don’t tell KillBots the UN’s about to debate which ones to ban

Justicesays
Coat

which "Sarah Conner"

Would find her...

So long as she is executable, and in your current path!

(SPOILER: turns out she wasn't executable after all, someone from the future changed her security)

4
0

Tantalising Tabby's Star teases watchers with big dimming event

Justicesays

They already decoded the message and it says

"Buy alien cola"

They concluded it wasn't sent by intelligent life after all.

8
0

UK.gov: Here's £8.8m to plough into hydrogen-powered car tech

Justicesays

Re: why subsidise private car development with public money

"people must look after themselves first. It is our duty to look after ourselves and then, also, to look after our neighbours."...

And what's wrong with that?

"

Sure sounds like a good excuse to fill your boots at the expense of others.

Nose to the trough politicians agree.

3
4

British Level 4 driverless pods are whizzing along ... er, a London path

Justicesays
Devil

Re: So those kids with back to front hats...

It just runs them over.

Turns out the software thought they were going the other way....due to the hats.

13
0

Fermi famously asked: 'Where is everybody?' Probably dead, says renewed Drake equation

Justicesays

Re: Hiding

Come on, clearly

https://twitter.com/bjornborg

vs

https://twitter.com/bjork

Who is the alien?

You decide...

3
0
Justicesays
Alien

Re: Hiding

What is it with people conflating all the Nordic countries?

It's Björk , and she's Icelandic

5
2

Keep Calm and Carillion: Outsourcers seek image rebrand after UK construction firm crash

Justicesays

It's incalculable because

they don't employ anyone with basic arithmetic skills.

4
0

Former Google X bloke's startup unveils 'self flying' electric air taxi

Justicesays
Black Helicopters

I can see a number of issues

1) I'm sorry, our emergency pilot take over service is experiencing high volumes of calls at the moment. Please hold, your plane is important to us and someone will be with you as soon as possible.

2) Who wants the job of doing nothing for extended periods, then suddenly being thrown into an emergency situation you have no prior knowledge of, and where the live of several people depend on your decisions.

3) Unlike a normal pilot, where if you screw up enough you are generally not in a position to be questioned, if some remote takeover pilot screws up they will always be available for their performance to be critiqued by the CAA/FAA etc. This might put off "real" commercial pilots who could lose their licenses over some bad decision made in 2) above.

4) I prefer to fly in vehicles where the person controlling it also has a high vested interest in the airworthiness, design and safety of the vehicle. i.e. is also in the fragile vehicle, 1000's of feet above the ground.

11
0

Half the world warned 'Chinese space station will fall on you'

Justicesays

Overextended is not "extra success"

"Tiangong-1 was a successful mission, given that it was operational for three years longer than its planned 2013 re-entry date."

I don't call it successful when you leave it up there until you lose control and are unable to do a controlled de-orbit.

13
0

We should pass laws to make Google's life hard! Oh no, sorry, did we say that out loud? asks IBM

Justicesays

Well, lack of responsibility is why these companies are so profitable

Denying all responsibility with a claim that it's "impossible" to moderate, check or otherwise examine the volume of data these companies deal with is how Google etc. are making such profits.

They get all of the benefits (e.g. sales from app store) without any of the responsibility (e,g. not their problem if malware apps get posted, unless they are told about it).

Their business strategy is to make their users/data sources their unpaid moderators/testers etc. on top of selling them out to advertisers ofc.

Uncurated content is the bane of the internet and it's just getting worse, with things like Steam jumping on the bandwagon.

1
1

Woe Canada: Rather than rise from the ashes, IBM-built C$1bn Phoenix payroll system is going down in flames

Justicesays
Devil

Re: Payroll no go

I Blame Morons

4
1

Coinbase, Worldpay, Visa play blame game after dosh vanishes from crypto-fans' pockets

Justicesays

Re: Unfortunately...

Ok, sure , you cannot claim it was an authorized transaction. On the other hand you are entitled to receive the goods and services you pay for. In the UK, at least, the credit card company is jointly liable for providing that good or service, and if you dispute the transaction on the basis that the good or service was not provided, then they either have to prove it was, or return the money. With the small claims court as the backup if they muck you about too much.

This is why ebay like to use PayPal and other prepay wallets, they are not credit providers and thus don't have to pay you back and reverse the payment to ebay when the goods are not delivered or as described.

6
0

Yorkshire cops have begun using on-the-spot fingerprint scanners

Justicesays

Re: Am I missing something?

Automatic cross referencing the fingerprints of anyone questioned by the police against a national scale database of every criminal , illegal immigrant and unsolved crime, on the spot, with no suspicion of the person being questioned of being involved in a particular crime.

What could go wrong?

Lets see, your fingerprint is a false positive match for 40 unsolved burglaries two counties over.

The police arrest you on suspicion of being "light fingered Bob" (police nickname for uncaught criminal).

You can prove where you are for some of the burglaries and have an alibi , but some of them you were alone at home watching telly.

Police report just the ones where you don't have an alibi to the CPS, who are down on their quota for cases this month.

Trial eventually collapses (if you are lucky) without additional evidence being provided.

You get pulled over again later - this time you are light fingered Bob with previous arrest and trial against your record.

repeat ad nauseum.

8
1

Tech giants' payouts go to everyone but affected citizens. US Supremes now urged to sort it out

Justicesays

3. Hold a lottery of all the class members and distribute a larger minimum amount to the winners of that lottery (total/winners).

The cost of organizing the lottery cant be taken against the settlement amount.

9
0

DevOps: Bloody hell, we've got to think about security too! Sigh. Who wants coffee?

Justicesays

Good luck securing your app...

Lets take a couple of examples from the article:

https://www.cvedetails.com/product/19117/Oracle-JRE.html?vendor_id=93

https://www.cvedetails.com/product/128/PHP-PHP.html?vendor_id=74

Oracle JRE, 564 reported vulnerabilities over 8 years, ~6 per month

PHP, 558 reported vulnerabilities over 17 years, ~ 3 per month.

And that's just the main framework , never mind any libraries or other components you might be sticking together.

By the time your release candidate app gets to the tests, it's probably already got at least one (known) security flaw, even if you built it for release weekly. (And obviously loads of undiscovered ones).

This is why 99.97 % of apps are vulnerable when scanned, and are probably shipped with known security flaws.

4
0

The blockchain era is here but big biz, like most folk, hasn't a clue what to do with it

Justicesays

Re: Who?

"but the dispute resolution process could have been streamlined pretty substantially if my bank and the cell provider had a shared database that they both trusted."

Currently the database they both trust is called a clearing house, and it's where your cheque transaction actually happened.

https://en.wikipedia.org/wiki/Cheque_and_Credit_Clearing_Company

in the UK for instance.

The fact your cellphone company is a bunch of incompetent wankers won't change if they use blockchain.

9
0

Intel alerted computer makers to chip flaws on Nov 29 – new claim

Justicesays

And how is the other way looking

"The date of the disclosure to OEMs is likely to raise eyebrows as it happened on the same day Intel chief exec Brian Krzanich sold stocks and shares worth $25m before tax.

Intel has denied any impropriety, saying Krzanich's decision to sell was part of a standard stock sale plan."

Maybe he has some dated, signed , lawyered up stock sale plan to show, made well in advanced.

But can he also prove that he as Intel CEO had no control over the date at which the disclosure was made? Bearing in mind that Intel knew about it for 5-6 months prior to this initial OEM disclosure.

And it seems convenient that these two dates happen to coincide.

46
0

Worst-case Brexit could kill 92,000 science, tech jobs across UK – report

Justicesays

Re: meh

"The leavers are far to busy working to waste time & money pissing around with propaganda showing why they're right. Unlike the remainers, who seem to have nothing better to do than whinge."

You mean the actual Brexit department of the Government, who's entire 1.5 years of "effort" accomplished less than two over-dinner sessions by the PM?

I guess it doesn't help not having any idea what the economic impact any of the decisions being made during the negotiations would have, due to the lack of any studies on various scenarios.

That's the price to pay for pursuing populist policies, inability to make any decisions based on facts or logic, as your mandate doesn't have any basis on those two things.

4
0
Justicesays

Re: meh

"It would be nice to think that they did so, but I have my doubts. Faced with a request from a remainer to come up with a report that show show bad leaving is, for which he is paying them, would you really expect a "well, actually, it won't be so bad" result?"

Well, we just have to compare them with the best case scenario reports created by requests from (and paid for by) brexiteers to get a sense of balance.

Oh, hang on...

I understand the EU has had brexit impact reports published as well, so I guess that just leaves the people in charge of our actual brexit strategy to commission and publish some reports.

Strange that they haven't really, but I guess evidenced based policy has never been particularly popular with the Tories.

14
3

Carphone Warehouse cops £400k fine after hack exposed 3 MEEELLION folks’ data

Justicesays

The issue here is not the plaintext credentials, but credentials being on an internet facing server at all.

Looks like a shitty design decision to just establish a full database connection to the backend with full access to service the front end requests.

Whereas the front end provided authentication should be piped through to the backend to establish a data access session in the context on the front-end user that wants to look up data.

This would limit any data loss specifically to users that logged in during the breached period, as well as giving the opportunity to limit or redact data (like full credit card numbers in stored transactions) when presenting it to the frontend.

1
1

Open-source civil war: Olive branch offered in trademark spat... with live grenade attached

Justicesays

Re: "Freedom"

"It's been long observed that the more people brag about things in the title, the less they reflect the reality of the entity."

United Kingdom (of Great Britain and Northern Island)

Yep, looks like your statement holds true.

3
0

Missed opportunity bingo: IBM's wasted years and the $92bn cash splurge

Justicesays

Re: Big assumption with that theory

The standard IBM acquisition way was to pick pick small targets that they hoped they could massively expand the customer base for by marketing them across all existing IBM clients.

Of course , they would also "bluewash" any incoming products, and often forcibly merge them with some existing (unsuccessful) IBM product in order to minimize their success chances. As well as crushing the spirits of any incoming acquired employees under the weight of IBM process and policy.

31
0

Mozilla's creepy Mr Robot stunt in Firefox flops in touching tribute to TV show's 2nd season

Justicesays

Re: Have to laugh at the outrage

"Studies was not enabled by default "

"I opted out of studies when it appeared last week"

So which was it, not enabled by default, or it was enabled by default and you opted out when it appeared?

https://mail.mozilla.org/pipermail/dev-shield/2017-May/000216.html

Looks like this might have been in planning for some time, had to get it ready in time for Season 2...

0
0

Facebook confesses: Facebook is bad for you

Justicesays
Devil

Hans...Are we the Baddies?

Going for the indirect godwin award but wth.

16
0

Don't shame idiots about their idiotically weak passwords

Justicesays
Devil

"Gameify" it

Your password scored 57 password points today.

You need another 47 points to unlock 12 character passwords *and* two new login images!

29
0

Linus Torvalds on security: 'Do no harm, don't break users'

Justicesays

Re: fairly sensible explanation ...

>It's nonsense. The argument is "that's broken and exploitable, so leave it like that until both things are fixed."

Ok, so hypothetically, the person who is upgrading discovers, upon upgrading , that their stuff no longer works in some way.

do they:

a) go, oh well, must have been insecure, lets try and fix forward while everything is down.

b) Roll back the upgrade immediately (and delay updates to production if they discovered this in test).

99.999% of people will do b).

Thus not only that one bug that was "fixed" will still be present, so will loads of other bugs that the upgrade would have fixed. If you are very unlucky, the impact of the failed upgrade will include some kind of risk exception so that the software is not updated again (at least until the failed upgrade is investigated, the root cause discovered and the upgrade retested/rescheduled).

Making security fixes not break everything is pretty important, because if they do, people will not install them in a timely fashion

69
0

Car tax evasion has soared since paper discs scrapped

Justicesays

Moving house...

Is one of the issues here.

Previously you would move house, see that your tax disc was about to expire, then realize you had to update your vehicle registration document with the new address in order to get a new tax disc sent.

Now it's the wrong way around, if you move house, your tax reminder is sent to your old address, and you have no reminder that the tax is due. Not surprising that people miss it, and I expect getting fines/tickets to people is also more problematic as addresses are less likely to be up-to-date.

9
1

Those IT gadget freebies you picked up this year? They make AWFUL Christmas presents

Justicesays

Re: Cheap-ass freebies.

Obviously Prayer Fans

0
0

Robocall crackdown, choked Lifelines, and pole-climbing: Your new FCC rules roundup

Justicesays

Just wondering

What were the "twice as many" old regulations he got rid of to allow these new ones to be created?

3
0

Boss put chocolate cake on aircon controller, to stop people using it

Justicesays

Re: Ah yes, the AirCon adjustments

Something like this I guess

https://www.youtube.com/watch?v=T2Y7oo3iB40

0
1

NSA bloke used backdoored MS Office key-gen, exposed secret exploits – Kaspersky

Justicesays

Re: Oooooh, really?!?!?

Pretty much all the anti-virus vendors do this now, unless you untick the option.

Microsoft also like copies of any files that crash any of their software, along with the memory dumps. Microsoft Security essentials has a "send file samples automatically when further analysis is required" setting for instance. It's probably ticked by default.

Obviously the archive would have been full of virus code, so presumably of interest to an anti-virus vendor.

In any case this is pretty much entirely the NSA's fault. You have to wonder how someone can take *all of your hacking tools* home with them and drops them on their personal computer. You would think a tool kit full of zero days would be a pretty valuable asset and you would ration this stuff out rather than handing it out like candy. And of course the motives of the unnamed NSA operative (who cant even afford an office license apparently) might well be pretty shady.

69
0

Humble civil servant: Name public electric car chargers after me

Justicesays

Obviously it's government-ese. so hard to say, but reading the act it looks like

If it's insured, then the insurer is liable.

If it's not insured, then the owner is liable (unless it's excluded from needing insurance due to being in some government vehicles category, like military vehicles I guess.).

The owner or insurance company is not liable if someone (who isn't the owner) switched the vehicle to "autonomous mode" inappropriately . In that case that person is liable (unless they are a minor/diminished responsibility etc. then blame the parents/legal guardian).

If the manufacture is at fault due to making a faulty vehicle/software, they can still be liable/negligent/sued/arrested, but by the insurer / owner /police, not by the victim(s) of the accident.

It's not clear if the government can just not pay anything in the case of an automated government vehicle running someone down. It seems that way as there is no liability assignment in section 2 for that case, so presumably the manufacture gets directly sued by the victim in that case?

There are no mention of changes to the driving license system.

9
0

It's time to rebuild the world for robots

Justicesays

yes

"Does that mean humans are smart and robots are stupid? "

Yes it does.

And we already have autonomous vehicles we redesigned the world around.

The London DLR for example.

Avoid collisions with elevated track for its sole use, uses automated switching of prelaid track to ensure it stays on the route, only has limited , but dedicated, stopping places to ensure it doesn't have to worry about parking etc.

19
0

Magic hash maths: Dedupe does not have to mean high compute. Wait, what?

Justicesays

Re: Hashes and duplicates

"Because of this a dedupe tool has to compare the data blocks when there is a hash match to avoid losing or corrupting data. "

Sadly most methods do not bother doing a actual block comparison.

This is because the math shows the odds of a block collision due to them having the same hash is less likely than the disk being corrupted by multiple simultaneous bit flips that bypass parity/checksum checks.

There is also the fact that dedupe systems are limited in the size of the data set they can dedupe, due to the ever-increasing hash lookup table.

This less computational expensive method might be one that does less exact/expensive hashing and full block comparisons when it gets a possible match.

3
1

'There has never been a right to absolute privacy' – US Deputy AG slams 'warrant-proof' crypto

Justicesays

"You can still break it by recovering the key, which is normally too complex to commit to memory, meaning there WILL be a trace."

As it's a one time pad, once you have used it to encrypt or decrypt the message, you would delete (the segment used) using whatever method will make it unrecoverable, along with the plaintext if necessary.

3
0

Page:

Forums

Biting the hand that feeds IT © 1998–2018