* Posts by dajames

945 posts • joined 20 Mar 2011

Page:

New phishing campaign uses 20-year-old Microsoft mess as bait

dajames
Silver badge

Re: Outlook/Lookout

At one place I worked, Outlook was referred to as "Lookout" by some in IT.

It's known as "Outhouse", around here.

3
1

Google slides text message 2FA a little closer to the door

dajames
Silver badge

Re: Slight problem?

... SMS where the thief can move the sim card to another phone to receive the 2FA code.

Unless, of course, the SIM card is PIN-locked ... which is probably a good idea in any case.

0
0

Dev writes Ethereum code for insecure SHA-1 crypto hash function

dajames
Silver badge

There's a difference ...

... between enabling verification of SHA-1 hashes and supporting generation of new ones.

The argument, I guess, is that SHA-1 is so insecure, now, that even old SHA-1 hashes, computed back when SHA-1 was considered safe, can not be relied upon; that allowing people to check the validity of a SHA-1 hash might tempt them to assume that the hash still means something.

That's a good argument for encouraging people to treat anything signed using SHA-1 with a pinch of salt, but it's not an argument for preventing them from checking the hash at all. SHA-1 collisions can now be engineered, but they still can't be engineered easily -- a hash has to be protecting something of appreciable value before it becomes worth anyone's effort to look for a collision.

However, blockchain applications such as those used by Etherium -- in which the entire value of the chain depends on its validity back to the first transaction being verifiable -- are among the applications most at risk. If you can fake a signature early in the chain that used a weak hash then you can cast doubt on the entire history of the chain and everything it is supposed to secure. I can see why people are concerned.

1
0

Your data will get hacked anyway so you might as well give up protecting it

dajames
Silver badge

Re: Strontium Dog

Proly because the Judge Dredd ones weren't massive hits....

The more recent one -- with Karl Urban and Olivia Thirlby -- deserved to be ... apart from being scarily reminiscent of a shopping trip the local Arndale centre on an Saturday afternoon ...

10
0
dajames
Silver badge
Boffin

Re: Strontium Dog

Someone explain why there isn't a blockbuster movie?

Maybe because the government is still trying to pretend that Milton Keynes isn't a mutant ghetto?

Hmm ... The Johnny Alpha icon doesn't look quite right to me ...

12
0

So the 'Year of Linux' never happened. When is it Chrome OS's turn?

dajames
Silver badge

Re: Widespread Linux on the desktop remains elusive.

Don't say LibreOffice. It looks like a 1998 shareware application.

You say that like it's a bad thing!

Microsoft used to publish some guidelines on application GUI development that encouraged the use of common GUI designs and metaphors in an attempt to achieve consistency across all applications on their platform in the interests of ease of use. Because of this the better shareware applications back in 1998 had very similar look and feel to Microsoft's own applications.

Along with that came helpful features like, for example, the F1 key bringing up context-sensitive help from any part of any application. I miss that.

I really don't hold with this strange notion that an application's GUI should look "modern". What's important is that it should work well and enable the user to be productive. The appearance is secondary. An awful lot of time is wasted in our industry changing UIs for cosmetic reasons that bring absolutely no benefit other than making this year's version of the software immediately distinguishable from last year's. If only that effort could be spent on making the applications more useful, less buggy, and more secure!

4
0

Xperia XZ1: Sony spies with its MotionEye something beginning...

dajames
Silver badge

Re: Built-in obsolescence

I have the same phone, none of the same problems with battery.

I'd be rather weary to extrapolate a sample size of 1 of a particular model to the whole manufacturer's portfolio.

I did find some discussion online between other users who were experiencing the same problem with the Z1 Compact, so the sample size was at least a little more than 1. There was some disagreement as to whether simply replacing the battery would fix the problem, but it worked for me.

However, my intention was not so much to grumble about this problem with this particular phone, as to point out that it is a real pain in the proverbials not to be able to change the battery when it needs to be done.

I do understand that waterproofing an IP68 phone isn't trivial, but other manufacturers have managed it so it's not exactly rocket science. (See the Samsung Xcover for example (link to gsmarena).)

0
0
dajames
Silver badge

Built-in obsolescence

I have a Sony Xperia Z1 Compact. Nice phone.

It runs Android 5 (Lollipop). I'd had it a little over a year (the phone had been out for nearly two years by then) when Android 6 (Marshmallow) was released, but the Z1 series didn't get the upgrade. The latest kernel is dated November 2015.

OK, I understand that a manufacturer can't support old hardware for ever, but a less-than-two-years-old phone is not "old" hardware. I had expected I'd get to at least Android 6 and hoped to get to 7 before updates stopped. Bad Sony.

When the phone was a little over two years old it developed the nasty habit of suddenly claiming that the battery had reached 0% charge, when a moment or two before it had been at around 50%. The battery is sealed in, so hard to replace -- it also turned out to be quite hard to source.

I managed to get a battery which was said to be new (with "zero charge cycles") but may not have been. I had to heat the back of the phone to soften the glue and prise it open to put the new battery in. This, of course, wrecked the waterproofing, which had been one of my reasons for buying the Sony in the first place (I walk a lot, and sometimes it rains). Nonetheless I carried on using the phone with its old OS until the replacement battery started to display the same sudden discharge behaviour*.

I'd love to buy another Xperia phone, but I won't do so until they make the battery officially user-replaceable, and give some commitment to supporting Android updates for at least (say) three years from the release of the phone. Oh, I'd like it to be dual-SIM, too ... is that too much to ask?

* I suspect that the battery isn't really dropping from 50% to 0% in a couple of seconds, but that the battery monitoring circuit in the phone is uselessly optimistic until the voltage drops a little under load (because the user has, say, turned the screen on) and then it panics and turns the phone off. Maybe later Xperias have fixed this?

1
0

WPA2 security in trouble as KRACK Belgian boffins tease key reinstallation bug

dajames
Silver badge

Re: ...the attacker would have to be on the same base station as the victim...

If that's the case then it is somewhat analogous to a locksmith demonstrating the ability to come round to your house and pick the front door lock.

A better analogy might be a locksmith demonstrating that he can open all the internal doors in your house when what's important is that he can't open the front door from the outside.

Of course, if you let him in he has the run of the place.

2
0
dajames
Silver badge

Re: Uncorrectable Horse Staple Battery

If you just work on the assumption that all media are vulnerable, then encrypt with known-good encryption (not RC5 or TKIP, and yes you MUST keep up to date with what's safe!), it really doesn't matter what happens or who can send you packets.

Up to a point, Lord Copper.

The new study seems to be attacking the key set-up using some sort of man-in-the-middle approach reusing nonces, so it looks very much as though it does depend precisely on the problem of knowing (or not knowing) who is sending you packets.

We shall have to wait and see ...

1
0

Dumb bug of the week: Outlook staples your encrypted emails to, er, plaintext copies when sending messages

dajames
Silver badge

Re: Unlikely

Microsoft claimed the exploitation of this bug was "unlikely" in the wild.

Mostly because S/MIME is an essentially dead protocol, that only a handful of people have ever bothered with....

S/MIME isn't dead. It's the standard protocol to use when encrypting internet mail within a PKI. The other common mail encryption protocol is PGP, but that isn't used within a PKI. If S/MIME is not much used it's because most people don't actually bother to encrypt their mail.

I would think that Microsoft regard exploitation of this bug as "unlikely" because they don't think anyone sends mail in plain text, nowadays.

5
0

'All-screen display'? But surely every display is all-screen... or is a screen not a display?

dajames
Silver badge

Re: Why do we need bezels ?

I do not understand why it is not possible to remove bezels completely ?

I can see some attraction in the idea of a screen with no bezel ...

... but when it is a touch screen on a mobile device, I find myself wondering how the hell one picks the damn thing up without causing input.

Surely the bezel is there to give you somewhere safe to hold it?

11
0

'Don't Google Google, Googling Google is wrong', says Google

dajames
Silver badge

Re: OC

I can't think of an intransitive use of the verb "display".

Methinks I have heard it said that some species of wildlife are known to display (intransitive) in order to attract a mate.

0
0
dajames
Silver badge

Google are wanting people to say 'Search on Google' rather than to google or googling because if to google becomes a verb in common use they can loose the ability to trademark the name as it become generic.

Right, ... let's all Alphabet it then!

(I don't know what that means, but if it costs them a trademark the joke's on them.)

3
0
dajames
Silver badge

"I dedicate this book to my parents, Ayn Rand and God."

So Ayn Rand and God are your parents, and you dedicate the book to them.

Methinks I'd have used a colon, rather than a comma, in that particular case.

1
1

Google to kill its Drive file locker in two confusing ways

dajames
Silver badge
Headmaster

Re: English? Simon Sharwood has heard of it

Actually this one is fine. It's a contraction of "Data is" ...

Fine unless, of course, you believe that "data" is a plural.

4
0

It's official: Users navigate flat UI designs 22 per cent slower

dajames
Silver badge

Re: Not What It Was Intended For

Really it is Microsoft's fault for the ridiculous assertion that what works on a tiny touch screen for a smart phone should be extended in both form and principle to the design of a workspace that is intended for expansive, professional use rather than limited, social consumer use.

Microsoft have never managed to understand that desktop devices and mobile devices are used in different ways, at different times, and for different things. There is nothing to suggest that a single UI can be appropriate for both kinds of device, and everything to suggest that different UIs are required.

If you cast your mind's eye back to about the year 2000, and look at the UI of Windows for Pocket PC (for PDA devices -- smartphones without phones in them) you will see that it looks very like a cut-down version of Windows 2000. Those "Windows" PDAs failed because they tried to look as though they were running desktop Windows (rather than Windows CE) which (a) was unsuitable for the device format, and (b) led to the expectation that they could run desktop windows applications.

It wasn't until Windows Mobile and its Metro UI that Microsoft started to make any traction in the PDA/smartphone sector because they finally had a UI that was appropriate for handheld devices.

One might have hoped, at the time, that Microsoft had finally learnt the lesson that desktop and mobile are not the same ... but no, they saw the success of the new mobile UI and failed to understand it. They failed to understand why it was successful and that its success depended on the fit between hardware and software -- and promptly tried to move the new UI to the desktop.

Idiots.

4
0
dajames
Silver badge

Re: Semi visible text

... the absurd contrast theft which plagues "modern" websites.

The designers of those web pages seem to have learnt at the school of theatre programme designers, who have been delighting us for ages by printing the synopsis, cast list, etc., in (say) pale blue on top of a sepia half-tone photograph. Just what you need for good legibility in the low lighting in the auditorium!

1
0
dajames
Silver badge
Facepalm

Re: Personally

A user friendly EPG would establish the user's channel preference by frequency of use and order by that, or at least put the most frequently used few first and the rest in alpha order.

Oh, wonderful! An EPG whose ordering changes over time because one's watching habits change according to what's being shown on each channel.

That's not going to be confusing or annoying, not at all!

2
0
dajames
Silver badge

Re: Personally

A tap with the letter 'C' on it, in a country with a mix of English and French speakers. Do you feel lucky? Chaud or cold?

So ... you want them labelled 'H' (for hot) and 'F' (for froid)? It would be unambiguous, but nevertheless confusing.

0
0

It's happening! Official retro Thinkpad lappy spotted in the wild

dajames
Silver badge

Shame it'll be let down by the operating system they'll almost certainly include with it.

Windows 98?

... or you can always install Slackware 3.4 to keep that authentic 25-year-old feel, or maybe Debian 2.0 (Hamm).

10
1

SanDisk's little microSD card sucks up 400GB

dajames
Silver badge

Re: And that's why you need to lock down ports..

A credit card number is 19 bytes. You could steal every credit card number in the world on the 32GB USB stick that you picked up free at a trade show.

You might have to remove some of the malware first ...

3
0

Forget trigonometry, 'cos Babylonians did it better 3,700 years ago – by counting in base 60!

dajames
Silver badge

Re: We use base 10 for a reason

And isn't it funny that everyone wrote out half-crowns as 2s 6d (2 and 6) rather than as, well, half a crown.

Is it? Did they?

I used to write 2/6, just as I'd have written 4/9 for four shillings and ninepence ... it's quicker than "half a crown" and more consistent ... and "1/2 crown" might have been confused with one and tuppence.

I never wrote "one florin" when I meant 2/-, either.

1
0

IT reseller Misco UK shutters warehouse and distie centre

dajames
Silver badge
Headmaster

No, I thought not.

Then I'm afraid you thought wrong.

According to my rather long-in-the-tooth Concise Oxford English Dictionary "Shutter" is a transitive verb meaning "to close with a shutter" and a reflexive verb meaning "to shut oneself in (or off) with shutters". The word is established and not particularly new.

This is English, though; you can form a verb from almost any noun (even "verb" itself) and - as long as the meaning is clear in the context in which you use it - it makes a perfectly acceptable word.

That said: unless Misco's warehouse has shutters that will be in some way symbolic in the closing of the warehouse, the use of the term seems an unnecessary stretch of artistic licence.

1
0

Science fiction great Brian Aldiss, 92, dies at his Oxford home

dajames
Silver badge

Re: The Greats have gone

And who is to replace them?

There's still a lot of good stuff being written. In addition to those that have been mentioned by other commentards I might add Jack McDevitt who can be relied upon for a well-told yarn incorporating plausible protagonists, Walter John Williams who writes well in a surprisingly broad range of SF sub-genres, Neal Stephenson, Justina Robson whose early work reminds me of John Brunner (in a good way), Liz Williams ...

Whether any of these will be deemed by future readers to be "Greats" I can't say, but there's a lot of potential out there.

3
0

Google's Android 8.0 Oreo has been served

dajames
Silver badge

Re: Next Gen

Continuing the choc' and lollies theme and needing one starting with 'P'; may I suggest 'Penguin', the well-known chocolate bar.

Good idea! ...

... but I would almost bet money that they go for "Popcorn". You read it here first!

7
0

Firmware update blunder bricks hundreds of home 'smart' locks

dajames
Silver badge

Re: Why an update?

how complicated can the software be?

In this case, not complicated enough to check to see whether it's about to overwrite itself with software for an incompatible device, apparently.

3
0

Hell desk to user: 'I know you're wrong. I wrote the software. And the protocol it runs on'

dajames
Silver badge

Re: OTOH there is the case

Just like punching an extra hole in a 1.44 disk to change it from DD to HD

... or cutting a notch in the sleeve of a 5.25" disk so that you could use both sides in a single-sided drive (a 'flippy disk').

9
0

systemd'oh! DNS lib underscore bug bites everyone's favorite init tool, blanks Netflix

dajames
Silver badge

Re: @AC "have to live in a box"

That's why I'd never use Google's DNS. I'd choose to use one from Microsoft, Amazon, maybe even Facebook, before I'd use Google because they have less personal information about me and it is easier to avoid them being able to correlate my DNS lookups with other personal information they collect on me.

If you really believe that, good luck to you!

I don't believe that any of those companies would hesitate for an instant before gathering, correlating, and monetizing every bit of information about you that they can get their hands on -- indeed, they'd be mad not to, considering that the others do it and it's apparently not illegal.

At least Google gives me free stuff that is occasionally useful, and for that I forgive them -- just a little -- for ravaging my privacy. The others can go swing.

1
1

Q. What's today's top language? A. Python... no, wait, Java... no, C

dajames
Silver badge

Re: "You can spot a Java programmer even when they write in any other language."

In my experience, most people can make PERL look like chicken scratchings.

I find it more remarkable that some people can make PERL not look like chicken scratchings ... and, indeed, can write useful, constructive, and efficient programs in that unlovely language.

Why they don't apply their undeniable talents to something, instead, else remains a mystery, though.

1
1

This is why old Windows Phones won't run PC apps

dajames
Silver badge

Re: "What Win10 on ARM is, is a desktop-type experience,"

Apple got this one right, I think... ARM is touch and runs iOS; x86 is mouse & keyboard and runs MacOS.

Mostly agree ... but ... it has nothing to do with the CPU. You could build an iPhone or an iPad with an x86 CPU and you'd still want touch and still want it to run IOS; you could build a MacBook or an iMac with an ARM CPU and you'd still want a keyboard and a mouse, and to run MacOS.

... there's no point in trying to make one OS that does it all ...

If you did, you'd have to make a single OS with two very different presentation layers for the two different usage cases: mobile/touch and desktop/keyboard. There might be some point in that -- it would depend how much code you could make common to the two environments without screwing either of them up, and how much development/maintenance cost it saved you to do so.

Windows 8 (and to a lesser degree Windows 10) shows how easy it is to get wrong.

1
0

Jodie Who-ttaker? The Doctor is in

dajames
Silver badge

Re: This is the BBC making a quota

... Idris Alba for James Bond

(I hope that was deliberate, "alba" meaning "white")

Idris Elba is a fine actor, and I think he'd make a splendid "00" agent, but he's not Bond. James Bond is a specific (albeit fictional) person who happens to be male and white, and there's no reason to cast him as anything else.

Doctor Who is different. The Doctor has always (Joanna Lumley and Lenny Henry notwithstanding) been played as a character who is male and white, but is an alien whose appearance occasionally changes, sometimes quite dramatically. There's no reason for the Doctor not to be played by someone who is non-male or non-white. There is nothing in the canon that says that this can't happen (and some things that suggest it can) -- only audience expectation.

0
0
dajames
Silver badge

Re: Er ... Dr. Who canon ?????

Like he suddenly decided the TARDIS was like any other spaceship you can see flying past, rather than dematerialising and materialising ?

That was a very poor idea indeed, I agree. Robs the TARDIS of some of its magic and mystery, seeing flit past in exactly the same way that bricks don't.

0
0

Sleuths unearth 'Panic Mode' in Android, set off by mashing back button

dajames
Silver badge

Re: @Lee D

And, it should be added that, absolutely NO program should pop itself to the front and take focus away from whatever the user is currently doing!

True ... but, conversely, when the user explicitly clicks on something in one application that causes another application (or, "Activity", in Android parlance) to open, that second application is part of the user's current workflow, and it is extremely annoying if that second application does not take the focus.

It's not always straightforward.

1
0

UK spookhaus GCHQ can crack end-to-end encryption, claims Australian A-G

dajames
Silver badge

Or you could go back to the 1790's where their county Postmaster predecessors were employed to open the mail to look for seditious scribes.

Ah, yes ... we have sixty of those ... from Caesarea.

0
0

Fancy fixing your own mobile devices? Just take the display off carefu...CRUNCH !£$%!

dajames
Silver badge

Re: It's the way things are going

Time perhaps for a mandatory 5 year warranty including battery replacement at advertised rate/costs given with the initial sales price?

I'd support that -- especially if it included mandatory software upgrade support for five years.

I'd also support a lower rate -- possibly 0% -- of VAT for spare parts and repairs (including service charges) than for new goods, to try to break the "it's bust, I'll replace it" attitude that seems to be becoming the norm.

2
0

Hot news! Combustible Galaxy Note 7 to return as 'Galaxy Note FE'

dajames
Silver badge

It must be me ...

I read Galaxy Note FE and thought: 254?

4
0

Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide

dajames
Silver badge

Conspiracy theory ...

... states that this malware is the work of storage vendors!

Run around encrypting stuff, offer to decrypt it for cash, then ensure that nobody can contact you to ask for the decryption key. Brilliant way to discredit malware writers!

No more will the lazy and stingey say "I'll worry about ransomware when it strikes -- I can always pay the ransom!" because it is now clear that this is not a productive strategy and the only the only way to preserve one's data is to have a sound backup regime. Sales of drives and tapes go through the roof!

Of course, once it is accepted that nobody is ever going to pay the ransom, the malware writers will move on from ransomware to some other means of profiting from their misbegotten endeavours.

5
0
dajames
Silver badge

Re: Decrypting?

As I understand it, the shorter keys are susceptible to brute force crunching these days, with enough processor oomph. But can the process be shortened if you have an encrypted file but also have a copy of the original un-encrypted file?

I'm sure I've fundamentally misunderstood how AES works, but I'm curious.

It can certainly help to have plaintext as well as ciperhtext ... but modern ciphers are designed to minimize the amount of help that that gives. So, in essence: No, not much.

And is it possible/likely that they use the same 2048 bit key for every case?

Possible: yes. Likely: No. They seem to have done their job reasonably well in other respects, so I doubt they would make such a basic error with the key.

And another idiot question (I just code, I don't do deep-level BIOS surgery) if the MBR has been overwritten, obviously the machine won't boot, but can the HDD be mounted as a secondary drive on something else and have the MBR re-written?

Yes, of course. As I understand it, though, it is not just the MBR (a single disk sector) but the MFT (Master File Table - something like 0.1% of the size of the disk) that is encrypted, and data files are encrypted as well. The MFT can be regenerated by analysis of the contents of the files on the disk -- it's not easy and it's not foolproof, but partial recovery may be possible in this way if the files all have well-understood formats and the disk is not too fragmented -- but that won't help with encrypted data files.

6
0
dajames
Silver badge

Re: Lots of covfefe here.

... just xhoosibg the juciest targets is quicker and easier.

You are Donald Trump, and I claim the fiver!

11
0

Google hit with record antitrust fine of €2.4bn by Europe

dajames
Silver badge

Re: How have I been harmed, exactly?

But, for the life of me, I still can't figures out exactly how I've been harmed.

You haven't, not directly anyway. The harm that has been suffered has been suffered by the price comparison and shopping sites that might have appeared higher up in the lists on Google's search results had Google not put their own selection at the top.

Those price comparison and shopping sites would claim that as punters went to the Google-preferred sites at the top of the list it was those sites whose adverts got all the clicks, and that the sites that were not preferred therefore suffered a loss of advertising revenue. Without that revenue, they would say, they were unable to compete effectively with Google's preferred sites and offer you, the punter, an effective choice of price comparison and shopping sites.

Google might counter that by saying that the preferred sites, because they get more clicks and so more advertising revenue, are better able to invest in the development of truly superlative .... price comparison and shopping sites.

You, on the other hand, might think that they're all parasites, anyway and should go and get a real job rather than preying on online shoppers with their annoying adverts.

4
0

PC rebooted every time user flushed the toilet

dajames
Silver badge

Re: You want toast!

Why do they fit these stupid anti-tamper screws?

So people won't try to fix stuff, and will have to replace it.

SWMBO bought a "juicer" (an electric version of what my mum used to call a "lemon squeezer") for about £60, to make her morning orange juice (out of actual oranges, fancy that! Anyone would think she'd never heard of cartons).

After just enough time for the warranty to expire, the clever mechanism whereby the motor starts automatically when the half-orange is pressed down onto the clear plastic thing that it apparently called a "ream cap" ceased to work. I had to drill through three plastic screw covers to get to the three screws that held the top on the motorized base to expose the internal workings. The repair involved replacing a simple microswitch with a spare I got from Maplin for a couple of quid (which would probably have been 5p if I'd gone somewhere else and bought a hundred). A satisfying saving of about £58, though.

Strangely, the microswitch is supposed to be good for 5 million operations ... that's an awful lot of orange juice!

5
0

Genoans flout terror ban with bumper basil hand baggage policy

dajames
Silver badge

Re: I'm confident I will regret this

... a sauce containing Irn-Bru is perfectly feasible and does exist.

Hmm ... It calls itself "Iron Brew" sauce, so presumably isn't sanctioned by Barrs, who produce the Irn-Bru drink, and possibly has nothing to do with the drink at all. It's a bit hard to tell as the website of the makers of the sauce (www.necessaucery.com) seems to be a dead link and it seems the company may be defunct.

I did have a (strange, bright orange, but actually fairly palatable) Irn-Bru flavoured cheesecake in Fort William, recently, though.

0
0

BOFH: Putting the commitment into committee

dajames
Silver badge

Re: 80 columns

On a line of more than around 72 characters your eyes have difficulty tracking back to the start of the next line. Add in the 6 columns at the start used by Fortran for label and continuation fields and two for luck and you get 80.

Don't forget that columns 73-80 were sometimes used for card sequence numbers, so you actually only have 66 columns of actual code after the label and continuation at the start.

Card sequence numbers? If you'd ever dropped a deck of a couple of thousand cards and watched them tumble chaotically floorwards you wouldn't ask!

8
0

Microsoft's new Surface laptop defeats teardown – with glue

dajames
Silver badge

Re: Nonsense

I believe you have created a strawman here. I don't recall anyone saying that no one should be allowed to buy glued-together, expensive, disposable devices. I'd go as far to say that anyone with any sense wouldn't want one, but never that it shouldn't even be allowed.

Methinks the point is that one should be allowed to buy a device that is not glued-together and disposable -- that is, that there should be manufacturers who actually produce devices that are easy to dismantle and service, using standard parts that can be exchanged and upgraded without difficulty.

At present, manufacturers seem to prefer to offer only overpriced and unmaintainable landfill, despite the fact that -- as you say -- nobody with any common sense would want to buy it; the only reason that anyone does is that there are no alternatives. I can only regard this as a conspiracy by the manufacturers to prevent people from prudently buying maintainable devices that will have long and fruitful lives.

We need some legislation along the lines of the RoHS and WEEE Directives requiring manufacturers to make disassembly easy and to use standard parts (or at least to offer easily-obtainable spares at reasonable prices for (say) ten years after a device is first offered for sale).

0
0

Ailing Brit chip designer Imagination Technologies up for sale

dajames
Silver badge

How soon before Samsung buys it, and uses the patents to go after Apple?

9
1

Research suggests UK consumers find 'fibre' advertising misleading

dajames
Silver badge

The confusion comes from BT Openreach using the phone lines for the last network to premises connection.

The difference between FTTC (Fibre To The Cabinet) and FTTP (Fibre To The Premises) needs little or no explanation. Methinks the main failing here is that the retailers don't use those terms because they might confuse people ... and instead use other, more confusing, terms.

10
0

Microsoft admits to disabling third-party antivirus code if Win 10 doesn't like it

dajames
Silver badge

Re: Microsoft: from vindictive to cack-handed...

In its now usual cack-handed fashion Microsoft is possibly attempting to do the right thing here. We know AV software digs deep into Windows, patching hardened APIs and pulling all sorts of nefarious tricks to get itself embedded. To me, that is now an unacceptable risk. If Microsoft is spending time adding parameter validation and hardening the Windows kernel only to have that undermined by an AV tool patching and hacking it all away, then that AV tool needs to be blocked. If an AV tool can patch its way in to intercept whole families of calls, so can a virus.

Quite.

If third-party AV products are capable of burrowing deeply enough into Windows to carry out their function, without Windows detecting and preventing this, then third-party malware can do the same.

Which leaves us with a quandry -- we'd like Windows to be hardened to the point at which the malware cannot run, but we'd also like to able to run third-party AV tools. The two are not compatible goals.

The answer may be for Microsoft to produce an official AV Tool API that the third-party AV vendors can use, with some validity checking (code-signing, etc) so that only approved AV Tool vendors can use the API ... but that would need to be done very carefully, as errors in the API validation could lead to a very bad exploit.

(Oh, but I make it sound so simple! In reality each vendor would want a different API with a different set of functions, and Microsoft would end up providing an API that had not quite all the functionality that any of them wanted ... probably with an unforeseen exploit arising from a combination of features requested by different vendors. It is software, after all.)

3
2

Lockheed, USAF hold breath as F-35 pilots report hypoxia

dajames
Silver badge

Re: "A lot of software is complicated. But this has gone on so long to be this sick...?"

Lockheed Martin said they couldn't get enough Ada programmers and could not deliver the software on time so they asked the DoD if they could use C/C++ ...

I don't know the background here, but from what you say this sounds like the age-old recruitment problem -- they asked for Ada programmers, when they should have asked for programmers (possibly with aerospace experience) and taught them Ada. Good programmers should be able to pick up a new language without too much trouble.

(Yes, I have used Ada, it's not the easiest language to learn, but it's not beyond the wit of mankind.)

Then again, it could just be that they asked for Ada programmers, and the available Ada programmers decided they weren't paying enough. If that's the case then I doubt the use of C++ was the cause of the problem so much as the use of mediocre staff.

2
0

Raspberry Pi sours thanks to mining malware

dajames
Silver badge

Re: "Raspberry Pi sours"

Raspberries are already sour ("sauer" being the German for "acid[ic]")

Indeed, that's why they're red. Raspberry juice is an indicator, and turns blue when made less acidic (you can sometimes see this happen as the juice is diluted with water when washing crockery that has contained raspberries).

0
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017