* Posts by eldakka

988 posts • joined 23 Feb 2011

Page:

IBM is trying to throttle my age-discrimination lawsuit – axed ace cloud salesman

eldakka Silver badge
Coat

Re: American companies...

Not too sure of the source of this or how it becomes '2nd hand' ..... don't want to know really !!!

If you do decide you want to know, look up 2 girls 1 cup (if you look it up on wikipedia it should be ok, but random search engine internet links are most likely NSFW), that will educate you on second hand shit.

OSIRIS-REx space probe catches a whiff of water on asteroid Bennu

eldakka Silver badge
Angel

Re: Still a mystery?

Nah, FSM choose Earth as one of it's spa worlds, so put water here so that when it wants to rest and re-hydrate it's divine noodely appendages it had somewhere to do so in this part of the universe.

UK Supreme Court considers whether spy court should be immune to legal probes

eldakka Silver badge
WTF?

If all it needs to take activities covered under legislation out of the courts jurisdiction is to just put such a clause in an act, why doesn't the parliament put such restrictions in all legislation?

Every act, tax law, criminal law, and so on should have a section "No decisions made under this law are subject to review by the courts".

I mean, if they can do it for RIPA, they can do it for any legislation.

That way, we can render the courts entirely redundant, and have all determinations of guilt, innocence, sentencing, done in secret star-chambers overseen by whoever has sucked the ministers cock (or genitalia, we are an equal opportunity dictatorship) the best this week.

In fact, why don't amend the acts around voting and government appointments to guarantee the current government remains in power forever, and to include the magic "this act is not subject to judicial review" words in it.

The curious tale of ICANN, Verisign, claims of subterfuge, and the $135m .Web dot-word

eldakka Silver badge

Re: Follow the money?

So where will the money go?

I think ICANN needs some private jets to fly its board members around in.

Oh, and each director will need their own chauffeur-driven Mercedes-Maybach to get to and from the airports where those private planes are, and to and from home, and, well, available to them 24x7x365 for whatever other purpose they need them for. And they'll need sets of these cars at all the major cities around the world where they hold ICANN meetings/conferences. Hmm, and maybe some helicopters too, for shorter jaunts from airports to the ICANN-owned ski chalets errm conference facilities in Switzerland.

Early to embed and early to rise? Western Digital drops veil on SweRVy RISC-V based designs

eldakka Silver badge

Re: 28mm CMOS process technology

Maybe it's a DYI-style project? They supply the design, a stack of breadboards, wires and basic logic chips (NAND gates etc.), and you have to make it yourself?

Accenture in doghouse after NHSmail mass outage cuts off 1m+ UK health staff

eldakka Silver badge

but NHS Digital pitches NHSmail as a more secure option

It was certainly very secure for about 6 hours on December 1 2018.

Windows 10 or Cisco Advanced Malware Protection: Pick one

eldakka Silver badge
Coat

Windows 10 or Cisco Advanced Malware Protection: Pick one

How about neither?

Canuck couple returns home after night on tiles to gaggle of randomers hanging out in their flat

eldakka Silver badge

Re: It always pays to carry a Micro-Uzi in a shoulder holster

What kind of insurance is it that pays for your home becoming a hippie center unannounced?

I imagine it would come under such areas as repairs to damage incurred due to criminal break-and-enter, burglary and trespass.

OneDrive is broken: Microsoft's cloudy storage drops from the sky for EU users

eldakka Silver badge

Re: time to fess up...

and of course the phone designers (BT, or at least the phones were branded as such) hadn't thought to include a back-up battery or capacitor cell in the base station for such eventualities.

Adding such a feature would increase the cost of the phone to the 90% of people who don't need this feature.

For anyone who does need/want that feature, there is an decades-old (possibly even century+ old) industry standard for that facility, an external battery/UPS/generator backup (pick whichever is suitable for your use case) that anyone is able to install and use across multiple devices, not limited to just the phone.

eldakka Silver badge

yes, but said user will more often than not be some poor sod who's had it decreed upon them by some overinflated CIO that their company has gone cloud, and therefore they now have to keep all their files in the cloud, and that it has to be the MS flavour of it. Because cloud is good.

Poor user ;(

In which case it wouldn't be "poor user", as it is no longer the individual user's problem, nothing for them to worry about. It is the corporations problem, and the individual user is perfectly entitled to sit at their desk twiddling their thumbs, reading the paper, browsing the web stress free, at their bosses expense, until the issue is sorted.

eldakka Silver badge

Backpfeifengesicht.

What a meth: Woman held for 3 months after cops mistake candy floss for hard drugs

eldakka Silver badge
Thumb Up

Re: What?

Not "secret recipe" or "storing"... more like lazy housekeeping. I see lots of cars everyday piled high inside with trash. Many times (not most) the stuff is up to the windows in the back seat.

I resemble that remark!

Boeing 737 pilots battled confused safety system that plunged aircraft to their deaths – black box

eldakka Silver badge
WTF?

Re: Hey software, get the fuck out of the way!

Look at the two lines for the Angle of Attack (AoA) sensors. One is for the left and one is for the right. Notice that the lines are separated? At any given time, the AoA sensors should never be separate. They're meant to be redundant so the readings are meant to be the same.

You can't really have an effective redundant system with only 2 lines, you need 3. If one sensor fails with 2 lines, then which one is the faulty one? You can't reliably identify a single-sensor failure if you only have 2 sensors. With 3, you can detect a single-sensor failure. Of course, 2 sensor failures are then possible, but the chances of that are orders of magnitude less than single-sensor failures, and the sort of thing that'd make 2 (or more), widely-dispersed sensors fail is likely to be fatal to the aircraft anyway.

Any critical sensor systems should be triply redundant, not dual, at least in larger (bigger than dash-8's) passenger aircraft. After all, we are talking about more than a hundred lives (more than 500 in the largest aircraft models) per aircraft in these cases.

eldakka Silver badge

Re: Hey software, get the fuck out of the way!

The Airbus philosophy is that since pilot error is a/the cause of most crashes, it's going to overrule the pilot if it thinks he is in error.

In the case cited above, the Airbus aircraft recognised it had no idea what was happening, so it gave full control to the pilots, it did not overrule the pilots. Therefore Airbus does recognise that it may, at times, be best to leave it to the pilots. It's default mode is to stop the pilots from doing anything stupid (too tight a turn, to steep a climb/dive, etc.) but that can be disabled by either circumstances where the aircraft recognises that it's got NFI, or by manually switching to alternate law 2.

I believe (from memory, could be wrong) the issue was multi-fold:

1) confusing and contradictory indicators;

2) issues with cockpit layout and information feed to pilots (e.g. alarms being set off by angle-of-attack sensors, but that information, the angle-of-attack, not being available on pilot instrumentation);

3) that each sidestick was independent of the other, so that one pilot doesn't know what position the other pilot has their sidestick in, resulting in the 2 pilots providing conflicting control input, but neither of them knowing what the other was doing to know that there was conflicting control input.

4) management issues, whereby clear, concise instructions weren't being given and/or followed by all pilots, e.g. why wasn't it made clear that the pilot in the right-hand seat was now in control and the pilot in the left-hand seat must remove their hands from the flight controls (sidestick) to prevent contradictory control input (tho the fact that this was happening should have been reported by the aircraft, e.g. mechanically (or electrically/haptic-feedback-type) link the 2 sticks).

It really had nothing to do with the software overruling the pilots. There were many other issues with Airbus's software and cockpit layout/information feed to the pilots, but overruling the pilots wasn't one of them in this case.

Linux lobby org joins with RISC-V bods to promote open chip spec

eldakka Silver badge
Thumb Up

Re: There is Another Open Source CPU...

@Bruce Hoult

Thanks for the info and links, appreciated!

eldakka Silver badge

Re: There is Another Open Source CPU...

> MIPS too; Or is MIPS part of the Power family. Also SPARC is open hardware these days too no?

SPARC has been open since the early 90's.

I am curious as to what particularly makes RISC-V more attractive to other open, royalty-free architectures such as SPARC and OpenPOWER.

Euro consumer groups: We think Android tracking is illegal

eldakka Silver badge

Re: Also consider Bluetooth

Requiring this permission for such a wide array of things renders the permission a bit pointless, as users will rapidly learn they have to just accept it in order to do most of what they want to do.

Exactly the point of it methinks.

They are training you to press the 'accept' button on location tracking, so that you will just automatically accept it when a popup that matters prompts for it.

Excuses, excuses: Furious MPs probe banking TITSUPs*

eldakka Silver badge

Re: Motes and beams

And they are not interested in making things better: I have been told, in so many words, not to raise awkward questions about security (unfortunately the person who did this was clever enough to do it verbally).

If they aren't someone who has authority to give you such an instruction - someone in your chain of command, i.e. you manager, you managers manager, or your managers mangers manager (and so on until the ultimate authority which for a government agency would be the civil servant that leads the organisation (e.g. secretary, permanent secretary, etc) or the relevant minister responsible for that organisation - then it didn't happen and you are under no obligation to listen to them. If they are in your chain of command, if the instruction wasn't given in writing, then again, it didn't happen and you are under no obligation to go along with it. Tell them to either give you an explicit direction, in writing, or to kindly fuck off.

Black Friday? Yes, tech vendors might be feeling a bit glum looking at numbers for the UK

eldakka Silver badge

Re: It's because

We're not stupid, well, some of us arent.

27.79% of Britons are stupid. That is the percentage of voters who didn't vote in the brexit poll.

The other 72.21% aren't stupid, as they actually voted, whether they were right or wrong depends on your personal point of view, but at least they weren't stupid and not vote at all.

eldakka Silver badge
Pint

Re: November 23 is Buy Nothing Day

If you think I'm not buying booze on a Friday after work, then you've severely underestimated my alcoholism.

If you were truly dedicated, there'd be no "after work" in "buying booze on a Friday..."

eldakka Silver badge
Coat

But I did get a new shower tidy for £20 less. Struggling on the IT angle with that.

IT angle: Isn't that used as phone/tablet holder and charging rack for use while in the shower?

Australia's 'snoop minister' wants crypto-busting law probe wound up, proposals back into parliament

eldakka Silver badge

Stop lying to us.

The only way that's gonna happen is if countries introduce involuntary euthanasia of politicians...

eldakka Silver badge

Re: Encryption - Point-to-Point - Clearly Australians Don't Understand!

4. Book Ciphers. I hear lots of chatter about "forcing the bad guy" to hand over the encryption key or keys. This is another assumption that something like PGP is being used. But (for example) book ciphers don't have a "key". Even worse, if the bad guys have an agreed set of one time pads ahead of time, there is NO KEY.

A one-time-pad that I believe you are referring to does have a key. The pad itself is the key. A key doesn't have to be a subset of the message, an element less than the size of the message:

Wikipedia:

requires the use of a one-time pre-shared key the same size as, or longer than, the message being sent. In this technique, a plaintext is paired with a random secret key (also referred to as a one-time pad).

Net neutrality is heading to the courts (again): So will the current rules stand or be overturned (again)?

eldakka Silver badge

The other option

is to let it remain with the states, as it effectively is now, and let the ISPs have to navigate the 50 different sets of regulations they will now have to navigate, since that is the fruit of their labours.

Merry Christmas, you filthy directors: ICO granted powers to fine bosses for spam calls

eldakka Silver badge

Bankruptcy law?

This is one thing I've never understood about Bankruptcy/liquidation law, that secured creditors and then unsecured creditors are paid first before anyone else.

Surely one of the better ways to handle companies liquidating to avoid fines and/or legal judgments would be to elevate court-ordered payouts above that of creditors or anyone else?

As well as the government and/or civil litigants getting their money first, it'd also make creditors perform more due-diligence into companies they are offering credit to, as their risk of not getting paid back due to dodgy corporations would be increased. Therefore many of these dodgy fly-by-night companies may be nipped in the bud before they even get off the ground in the first place.

Big data at sea: How the Royal Navy charts the world's oceans

eldakka Silver badge
Coat

You may think of a warship as a vessel that sails the Seven Seas, bristling with missiles and guns, ready to deal out death and destruction to Her Majesty's enemies.

If the vessel's name starts with HMS - given recent purchasing/acceptance history of the MoD - then the chances of anything bigger than a .50 cal being operational are pretty low...

Big Falcon Namechange for Musk's rocket: BFR becomes Starship

eldakka Silver badge

Re: Starship

Shoulda called it:

Insert Name Here

eldakka Silver badge

Starship 420?

A 5G day may come when the courage of cable and DSL fails ... but it is not this day

eldakka Silver badge

Radio waves have limited bandwidth and unless you use beam shaping that bandwidth is shared by the entire catchment area.

Beamforming is a requirement of 5G, as is Massive-MIMO.

Do you have any idea how many discrete beams can be created and/or how big an area they cover?

In a 2017 article, Everything You Need to Know About 5G, from the IEEE (which answers a lot of your questions), they say 100 ports, where each port can be an antenna for either Tx or Rx. However, they are working on full-duplex for 5G, where each port is simultaneously both Tx and Rx (instead of either). Since the article is from 2017, it's likely the port-estimate has gone up.

eldakka Silver badge

Re: 46.2Mbps fiber?

Crappy BT "superfast fibre", which is not FTTP, but "Fibre To The Green Box Somewhere Else And Then Copper For The Last Mile Because We Don't Invest In Infrastructure", or FTTGBSEATCFTLMBWDIII for short (BT call it "FTTC", but I think mine's snappier)

<pedant>

FTTC (Fibre to the Curb) is where the fibre goes past the premises in the street out front, and only the last 10-50 meters is copper.

A green cabinet in the street and a mile of copper is Fibre to the Node (FTTN), not FTTC.

</pedant>

eldakka Silver badge

Given that the article mentions:

For example, there's no need for £240-a-year line rental. Overall Ovum estimates it's almost 50 per cent cheaper to deploy.

The article only mentions installation costs and line rental costs and deployment costs for the telco.

It does not mention data allowance costs or in fact whether there are tiered speed costs.

For example, swapping your current land line for a £20/mo LTE contract can currently get you a usage of 20GB/mo with EE, or even up to 100GB with Three.

20GB/month? For £20/mo? Seriously? That's better than or equivalent to landline? Even 100GB/mo?

Rubbish.

For my landline I pay about £60/month and get around 500GB/month. Note that is how much I use per month, the plan is actually unlimited, but I thought giving actual usage numbers versus hypothetical was more useful.

Unless they can match or better £60/month for 500GB/mo today, not in 2 years time when it'd probably have to be 750GB/mo or more likely 1TB/mo, then not interested.

Behold, the world's most popular programming language – and it is...wait, er, YAML?!?

eldakka Silver badge
WTF?

If YAML is a programming language, then so is my httpd.conf, or my .csv I use to script installations of middleware software. Or the .ini-like file I use to dynamically build the runtime environment of all the various Java appservers my organisation runs.

Azure, Office 365 go super-secure: Multi-factor auth borked in Europe, Asia, USA

eldakka Silver badge

Re: Can we petition MS to rename it?

Cloudy McBackpfeifengesicht.

eldakka Silver badge
Facepalm

Re: Workaround for all users

Excellent, let me log in with my admin account to do this, oh, wait.

eldakka Silver badge

Re: What is this "MFA" of which you speak?

I think the "M" stands for "My"

The "A" stands for "Access".

Not sure about the "F", any ideas?

I'll give it a try.

My Access Fucked

My Access Fubar'ed

My Access Floundering

My Access Fading

My Access Failed

My Access Fleeting

Microsoft slips ads into Windows 10 Mail client – then U-turns so hard, it warps fabric of reality

eldakka Silver badge

Re: Why would anyone tolerate this?

Back in the old days, I was astounded at the number of blatantly obvious scams that people fell for in email.

But that is the method they use. They are after the unsophisticated people.

If you know to look at your mail headers when you get an email from Bill.Gates@microsoft.com, to see that none of the "Received:" headers include any routing through any microsoft.com domains, and can see the "Return-Path" header is to a completely different email address than From, well, they don't want you. In fact, they make it easy to see because they are actively trying to avoid you.

This, of course, doesn't apply to spear-phishing attacks, that is a different class entirely.

Court doc typo 'reveals' Julian Assange may have been charged in US

eldakka Silver badge

Why the thumbs down?

Maybe because no-one knows what, if any, crime he has committed?

He is not American, therefore there can't be any treason/traitor-type crimes.

He hasn't entered the US during the times (AFAIK, could be wrong) of any alleged spying, therefore he hasn't committed espionage.

As far as I'm aware, the only thing he has done is publish classified documents that were given to him by 3rd parties, you know, the sort of thing news outlets like NYT, Reuters, etc. do all the time.

Japanese cyber security minister 'doesn't know what a USB stick is'

eldakka Silver badge

Re: "the mod queue seems a trifle arbitrary"

If you find yourself in the queue, it may be because you posted a correction as a comment,

So if you don't follow the formal whistleblower process and privately inform of errors, you get sent to the sin bin?

eldakka Silver badge

Re: Imagine a world...

Imagine a world where leaders of a "field" are actually required to have a solid understanding of the stuff they are in charge of...

I think even vague knowledge would be a step up from what we seem to have.

Alexa, cough up those always-on Echo audio recordings, says double-murder trial judge

eldakka Silver badge

From various articles I've read of people doing these network sniffing tests, over an entire day, an Echo that hasn't had any keyword activations sends approximately 2MB for the heartbeats, checking for updates, etc.

And that is a consistent 2MB/day, no matter how much background conversation occur around it.

Since I'll never have one of these, no matter what Amazon or security experts say, I can't test it myself.

Also note that, since the point of any theoretical recording of the conversations would be to use it to assist voice-recognition training and AI training, such a low quality stream for that general training probably wouldn't be very useful. Sure, some low quality stuff you'd want to test that your training can work with low quality audio as well would be wanted, but this'd be a pretty small subset of the overall training data you'd want to collect.

eldakka Silver badge

There is no wake word, everything is transmitted back to the server & used for future ad revenue.

The Echo isn't magical, it can't send data back to Amazon by osmosis or something. It has to send data via network connections, whether wireless or hardline.

Many people have put network sniffers on the networks with these devices and done packet captures. These have all shown a distinct lack of data transmission from the device while holding conversations next to the device unless it is activated with a keyword/manual activation.

Some of these tests have run for days - just in case it was batching up several hours/days worth of data and sending it out at a later time. And these have also shown no large data communications that could have transmitted environmental recordings to Amazon.

Of course, this doesn't mean that couldn't happen, or that there isn't some facility to specifically enable/disable environmental recording on targeted devices to use them like a bug, or that specific devices won't get hacked by third parties who use it as a bug.

eldakka Silver badge

Re: Sounds about right

Amazon does - because it is refusing to say exactly how much is being recorded

No, Amazon has repeatedly said what is being recorded, it's outlined in various documents on using the device (Ts&Cs etc.).

What you are saying that you don't believe what Amazon has said. There is a difference.

Amazon has stated multiple times, and in their documentation that (paraphrased), a correctly working device sends nothing to Amazon until the device is activated with its activation word or by pressing the button on the device itself. The Echo has enough processing power to identify the specific keywords, this is why the allowed list is so short, so it doesn't require much local processing to recognise it. Once it has been activated by the keyword/button press, it transmits a certain amount of following audio (10 seconds I think it is? I forget) to Amazon to then be parsed for the request, and this recording is saved for a certain period of time.

I personally believe that is how the device works and is intended to function. But I will not have one, because while that might be how Amazon operates now, it's quite possible for them to change how they operate, or to unintentionally introduce a bug that records more than it's supposed to (I think this has happened before? It might not have been Echo, but could have been a competing product), or it could be susceptible to being hacked - whether from criminals or the government. Therefore whether you trust the vendor or not, I think it is ridiculous for anyone to have an always-on mic (or video) sitting in a private place that could be a vector for an un-related, un-trusted body to exploit.

eldakka Silver badge

Fair enough on the proper legal subpoenas being served. But how can they contest the requirements being overbroad, the scope is not unreasonable.

You are taking the quote from Amazon out of context.

Amazon, at time of writing, has not been formally served the court order, therefore they are making general statements, not statements specific to this court order.

They are making the general statement "Amazon objects to overbroad or otherwise inappropriate demands as a matter of course." Therefore once they have been formally served with the court order, then they will make a determination of whether they think it is overly broad, and then they will act on that determination (hand over the data or lodge an appeal).

eldakka Silver badge

Re: Sounds about right

When a judge gives a court order, Amazon can't refuse. They can fight a subpoena, but not a court order.

Of course you can fight a court order, it's called lodging an appeal. That's what courts of appeals are for.

The process is usually something along the lines of:

1) Amazon will lodge an appeal with the appropriate appeals court (e.g. the federal circuit appeals court for the circuit if it's in a federal district court);

2) Amazon will notify the court who made the order of the appeal, and request a stay of the court order until the appeal can be heard;

3) if the Judge denies the stay, then Amazon can lodge an emergency appeal with the appeals court over the denial of the stay.

Microsoft lobs Windows 10, Server Oct 2018 update at world (minus file-nuking 'feature') after actually doing some testing

eldakka Silver badge

Re: Quick everyone download it...

Certain? No.

But since I've managed to avoid every other update to windows 10 until I've decided I'm ready for it, reasonably comfortable that is the case ;)

eldakka Silver badge
Trollface

Quick everyone download it...

...so you can all test it before I re-enable updates and get it.

eldakka Silver badge

@gerritv

None of that is relevant.

They are a commercial operation who are paid to provide their products. No matter how hard it is, that is their job.

They have been making commercial decisions to save money, even though they made ~$16.5billion profit their last financial year, by cutting their test teams. They choose where to allocate their resources, and they could choose to allocate more resources to their testing and validation process. They could also choose to change their release cycle to yearly to more thoroughly test and validate their work.

If it's too hard, they are free to choose to exit that market entirely.

Hands up who isn't p!*$ed off about Amazon's new HQ in New York and Virginia?

eldakka Silver badge

Elaborate?

turns out instead to have been an elaborate scheme to drag the very best incentives out of cities where Amazon may have wanted to move from day one.

Doesn't seem particularly elaborate to me. Perfectly straightforward and simple. Cunning would seem more like it.

Western Digital: And when I pull the covers off, behold as NAND becomes virtual DRAM

eldakka Silver badge

That's a lot of complexity for a single feature.

But not for a marketing gimmick!

Huawei Mate 20 Pro: If you can stomach the nagware and price, it may be Droid of the Year

eldakka Silver badge

Re: millions of times more complex.

So replace "pixels" with "3d dots". In fact, as said, with some IR reflective paint, and a TV remote control (IR light source) you could spoof an IR dot matrix. As shown in the other Reg reports, these things can be "spoofed" so a single paint blotch on a gun makes it look like a turtle, and a well painted turtle looks like a gun.
And several other posts along these lines.

You choose the unlock method that suits the level of security you are seeking.

1) Just stop kids/friends screwing around with your phone (changing ringtones, etc), probably the most common use case - faceid, pattern, perfectly fine.

2) stopping an opportunistic thief stealing your phone to sell on from accessing your data again faceid and pattern unlock are perfectly fine - probably the 2nd most frequent use-case.

3) Has some business stuff or private stuff on it you don't want getting out, - fingerprint or passcode.

4) keeping an affair or financial information in case of a divorce secret from your significant other - passcode (nothing that they could access while you slept in the bed beside them) - probably 3rd most common use-case.

5) Has some highly sensitive stuff on it that many people might specifically target you for (financial secrets that could allow billion dollar insider trading/stock manipulation, or research on stuff you haven't patented yet - industrial espionage), professional thieves or government agencies that have the resources to - and care factor - to build a 3-d model of your face or steal fingerprints and make impressions of them - passcode.

6) Has really sensitive stuff on it - kiddie porn, national security type stuff that foreign espionage would extraordinary rendition you for - where they might just beat you with a rubber hose or pull your teeth out before they turn you into a corpse and feed it to the pigs - just don't put it on a phone at all.

Page:

Biting the hand that feeds IT © 1998–2018