Re: Yo get the fly boys back on the job
> "American Airlines- Up with the Aircraft, Down with the cool kids"
"Up with the aircraft" remains to be seen AFAICT
(but I laughed, so have a +1)
254 posts • joined 8 Jun 2007
> "American Airlines- Up with the Aircraft, Down with the cool kids"
"Up with the aircraft" remains to be seen AFAICT
(but I laughed, so have a +1)
> If you need to hypothesize a number in a cell and then follow a chain that's 7-8 cells long, is that an acceptable logical way of solving things, or does this count as trial and error and therefore not such a logical way of getting to the solution?
Having been there and done that myself, I find it necessary to follow one *or more* such chains and seeing if the consequences a) rule out all the candidates from some cell, b) force more than one of a particular digit into row/column/other group, c) contradict the implications of another such chain, or d) force the puzzle to have multiple solutions with what the article suggests this algorithm would conclude has "equal" "probability".
After much thought, I have concluded these are reasonable steps based on the puzzle and its description and do not think they're trial and error at all (but in line with earlier commentary [Dave Cartwright article] I can see why you'd use such phrase/s for simplicity).
"How do you create a really secure password?"
> Database normalization warnings, their a killer they are.
My first thought was that if you were getting such warnings you could differentiate between incidents by putting the date in the field.
Then I remembered this was the BOFH, and realised that might still not be sufficient...
> The first rule of robotic fight club is that robots do not talk about fight club.
Do not talk in human language about fight club?
Might explain https://www.theregister.co.uk/2017/03/21/ai_bots_can_invent_their_own_language/
> A fiver says you don't simply try every possible permutation of digits in each box until you get to the right answer – the number of Sudoku solution grids has been calculated as 6,670,903,752,021,072,936,960. No, you apply logic and deduction to identify which numbers go where, and it takes just a few minutes to solve the puzzle.
Strictly speaking having that many solution grids doesn't relate to the complexity of solving any given puzzle, it's the reason you don't attempt to store all the possible puzzles and do straightforward lookup.
...Perhaps pedantically (humour me, from here on in I'm addressing fellow puzzle fanatics and not the direction of the article), hoping to find it obvious "where the numbers go" throughout doesn't suffice technically either; only when you have in effect determined a search tree, pruned it until [relatively] sparse, and then walked it can you argue you have properly iterated and eliminated all impossible situations (thereby including "where the number's *don't* go") as per Occam's razor at every step from start to finish.
One solution -and only one- always results for me for solving by hand, as required. I've written some of my methods as code, but not all ... however at this point I am suspicious of the possibility that typical "brute force" solvers may be at risk of (mis)identifying a puzzle as having multiple solutions when it's not necessarily the case...
> I don't think Linux repositories are 100% immune from malware. People used to pontificate about how Linux was open source and therefore inherently secure because of the 'many eyeballs on the code' principle. Well in the last few years that idea has been demonstrably blown out of the water after vulnerabilities have been found in critical open source libs.
It doesn't help that you're adding to the polemic. According to The Cathedral and the Bazaar, at the time "given many eyeballs, all bugs become shallow" was coined the principle Linus was following was "release early, release often" and "...many eyeballs..." the justification for exposing potential bugs in the code to public scrutiny. It isn't an attempt to claim people will look, it isn't an attempt to claim people who are looking will focus where you need, and it isn't a claim there won't be bugs in the first place ... yet it turns out people do want to get involved at all stages of the submission/release process, and in all areas of the code; the existence of vulnerability fixes serves as proof that the overall process serves its purpose (and it does this a lot better than it implies Linux as a project was due to have crashed and burned). That fixes arrived later rather than sooner on occasion is neither here nor there.
(...and of course the existence of vulnerability fixes for both open and closed source software of various types tells us neither has the upper hand on advice for best practice. Sadly).
> Oh, what if the arguer happens to be the guy who wrote the RFC that REVISED the original RFC? IOW, the v1.0 man trying to talk to the v1.1 man.
Been there. I had a request to give help on an old-system problem at a previous job; another engineer, hovering over our shoulders, takes great pleasure in stating "your explanation is wrong".
"Not according to the specification document we wrote to get the work approved"
"It hasn't worked like that since I've been on the project"
*stifles anger at evident lack of prior communication* "in which case, this question was clearly meant for you" *exits hastily*
> Why is it always a green door?
"Green door/What's that secret you're keeping"?
> I would also disable all the telemetics.
Me too. My travel sickness is bad enough without having hackers bring it on remotely.
> The original Speccy does not output composite without soldering. I think the +2/+3 had R/G/B in some fashion on a DIN plug (which tells you its age!).
The updated ULA in Sinclair's (Plus style) ZX Spectrum 128 brought in the alternative RGB output, which had composite and TTL signals available through it. I never used it, although I did find a PC with a Cub monitor and promise myself I'd get a round tuit.
> I once found a pendrive wafer which had been run over, files recovered!
* recalls Gadget Show episode where they did more than that... *
* +1s video *
(Recently at work we had "SD card vs microwave", in which a whole load of standing back goes on, only for nothing at all to happen ... *grin*)
> "a wallet-flattening (not) $10."
It's wallet-flattening if you pay with coins because it's such a small amount...
Automated generation of tasting notes, anyone? And if you need help calibrating, I'm available.
// recalls whisky tour of Scotland in which we devised a challenge to learn the ingredients list of our favoured breakfast cereal and claim to taste those things in one of the sessions*. If any of us was sufficiently disrespectful to any of the distilleries to actually go ahead with it, they were very subtle...
* Fruit'n'Fibre in my case, easy to learn :) but would have been easy to spot too!
> I can't see any reason why they should be among the top 20 passwords.
That stumped me too, so I googled each. The suggestion: https://www.tripwire.com/state-of-security/featured/so-just-why-is-18atcskd2w-such-a-popular-password/
T'old Speccy's screen RAM being around 6.75K is enough to rule out having enough space on its own, although maybe something is possible once you've got the bank switching of the 128K models.
*starts wondering idly about some of the Unix clones for Z80*
> > My router used to have the network name of 'EffOff' just to make it different.
> In the next street to mine there's an SSID of "Get your own fucking WiFi!"
Lately I've been fine-tuning the settings on our wireless devices, and noticed the appearance of the ESSID "WiFiDetectorVan".
> Ah, that takes me back. I got a 1200 in 1993 and started mucking around with OctaMED and 8-bit samples.
I ended up with an A500 (and A1200 eventually) for the same reason. These days I have all my "albums" on my phone as mp3s, courtesy of uade. At various stages in my career I have done audio-related work and converted/ported the original data and a simple hand-coded sample dump/playback tool for testing purposes.
// ...and just have again, coincidentally :)
> Anyway, I think I'll look into this. I'm pretty sure I must be eligible for a badge proclaiming my expertise at Minesweeper.
s/Minesweeper/Minesweeper and Solitaire/
(Fixed that for y^Hme)
I recently found myself needing additional containers, and the ones I bought were branded Whitefurze.
It wasn't until later that I realised that's perhaps not the wisest of names to have used in connection with food storage...
Apparently the game has already been sending players into interesting places to collect things - http://www.standard.co.uk/news/uk/pok-mon-go-players-lured-into-sex-shop-a3294426.html
...or maybe *that* version already exists, and this is it. "Pog Mo Thoin Go", anyone?
> Domestic and international news headlines, followed by a radio-friendly, middle-of-the-road rock anthem, sports, and weather.
"Motorway sun coming up with the morning light" ... travel and weather with Tom Robinson, next.
> "Boaty McBoatface was fun, but enough is enough. Or after this story. surely it is?"
> No. 'Nuff said.
Maybe? I was reading about the Moly PcPhone the other day and had an irritating feeling for some time that I'd hadn't taken in all the syllables in the headline properly :(
That said, I quite enjoyed the story about Warwick Farm naming a gelding Horsey McHorseface (and pictured it walking *straight* into the nearest bar...).
> Each line was 256 pixels long, the Spectrum sent the bitmap for the first row of pixels (32 bytes), then the second row of pixels, and so on down to the eighth
Indeed. And while those 32 bytes got you 32 characters per line of normal characters, if you had the Tasword editor you could edit and print at 64 characters per line. One of the enthusiast magazines had a set of pokes with a more readable version of the font with the default.
If memory serves, the buffer was 8*32 bytes - suitable for one row of normal height characters. I frequently had small code routines there (mentioned previously).
One of my friends worked for an ISP and was given responsibility for testing their latest smut filter implementation (with similar consequences), and one of our conversations went:
Him: *reveals being put in charge of white/black lists etc*
Friend #2: Could you send the decent URLs to me?
Friend #3: ...and the indecent ones to me?
> People still use it in enough numbers for this to be a problem?
I don't think end users owning archives is the problem here ... although depending on the payload I suppose it might also be. lhasa isn't on the machine I take on my commute for example, but critically its associated library *might* be on a server which deals with spam filtering/analysis of email attachments.
[Background: 'lhasa' has been the recommended extractor in Debian for some time, and while Ubuntu also offers 'lha' it's long in the tooth (on that front, there's also a sourceforge.jp version that I last chased up around 2005) and you might not need the latter unless you specifically want to create archives]
> Lemmings on the Speccy? Oh no! :)
Heh. I bought it for the Speccy and don't mind admitting I enjoyed playing it.
The level selection was very limited due to support for a maximum 20 lemmings, and having to load each level from tape was a bind ... but the monochrome nature of the visuals didn't distract that much from the gameplay and the "target and track" method of control with a joystick was odd compared to mousing but ultimately sensible for the set of levels that were ported. The same algorithm for level codes on the Amiga was used, so if you had a walkthrough with them you could cheat :)
[icon choice: tribute to Skool Daze]
// I imagine both my ascii art and my complete walkthrough for the Amiga version are still out there thanks to other fans of the game, but I haven't checked in a long time.
> I think rather than using an updated POSIX subsystem (or a new subsystem), this is trapping Linux syscalls and implementing them using equivalent Windows syscalls (and additional code as needed.) This should work pretty well actually.
I imagined a combination of both, given that enhancing the former would improve your ability to do the latter.
Next stop ... low-level container support with minimal bloat, perhaps? Minimal bloat with future everything, even?
> Interesting times indeed.
> at work on a work server [...] We would never think of doing it today, obviously
Because these days it would be hosted on the printer?
// true of one place I've previously worked at, according to former colleagues
I remember hearing that paperless office quote in a Professional Development lecture, followed shortly by the revelation that the Japanese had since developed a paperless toilet (in 1980, according to http://paperlesstoilet.com/).
I turned to the chap beside me and quipped "...well, that turned out to have been a cack-handed argument".
> We three kings of orient are,
> Selling ladies underwear,
> So fantastic,
> No elastic,
"...falling down everywhere", in the version with which I was familiar
> Only a penny a pair.
But I quite like that :)
> "once we dot the i's and cross the t's"
> Isn't there a key combination for that...?
> gets mail a shoeing?
Act of sabotage?
// ...finding "the malicious creative had been disabled" a bit sinister
> Nominal determinism is alive and well
Nominative determinism ... strikes again
...we're getting marquee text back?
// hopes not
Ah, so "first they came for our pornography".
// ...eww - and already going
> A gun that shoots the shooter in the face
"I got the chance to 3d-print a gun the other day. It came out portrait rather than landscape ... talk about shooting yourself in the foot!"
(heard on radio recently)
> needs to get itself a trendy logo like Heartbleed
Not that I approve, but I've seen at least two:
https://openclipart.org/image/800px/svg_to_png/202367/shellshock-bug.png (at http://51sec.blogspot.co.uk/2014/09/shellshock-bash-computer-bug-exploited.html)
http://www.symantec.com/connect/sites/default/files/users/user-2967561/shellshock-vulnerability-logo.png (at http://www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bug-vulnerability)
// thinks the first one could do with the ">" in the appropriate direction
> If so, 55% yes, 55% no.
I'm impressed you got close ... http://www.freerepublic.com/focus/f-bloggers/3205477/posts
Personally, I'd heard the turnout was good ... but not that it was *that* good!
Best reason to support the yes vote*:
"If Scotland votes yes, the average annual rainfall in the UK will decrease by 20cm"
* noticeable results not guaranteed
> Is it just me, or is the promised Vulture slideshow missing in action for everybody?
YMMV I think, but it's not visible in Wheezy's iceweasel at least. At time of writing, View Source shows a div tag [with class="bingwidget"] in which the terminating slash appears not to be separated by whitespace from the close quote of the preceeding attribute.
> Usually, when high energy physicists try to do optical measurements, it ends with erroneous results.
Doesn't have to be high energy physicists. Or optical measurements.
// "...if it doesn't work... etc etc" (and yes, I did study physics)
> I noticed that, however as of late last night some programmes from after the outage (e.g. Monday's I'm Sorry I Haven't a Clue) still weren't available so I dispute that the system is back to normal.
The system is still returning to normal service, evidently; further to my previous post, Pick of the Pops [Saturday] became available mid-week, as has the third episode of "It's a Fair Cop" ... which is roughly on schedule however the bbc.co.uk availability data says ep1: three weeks; ep2: four weeks; ep5: five days.
Clue fans will be happy to read, from a get-iplayer search earlier (Fri AM):
11473: I'm Sorry I Haven't A Clue: Series 61 - Episode 3, BBC Radio 4, Comedy,Highlights,Popular,Radio, 3 days 20 hours ago - Harry Hill joins regular panellists Tim, Graeme and Barry. Jack Dee hosts.
11474: I'm Sorry I Haven't A Clue: Series 61 - Episode 4, BBC Radio 4, Comedy,Highlights,Popular,Radio, 0 days 1 hours ago - Harry Hill joins regular panellists Tim, Graeme and Barry. Jack Dee hosts.
> @Tom Chiverton 1 sure it's not just you? Was working for others in Manchester yesterday.
I've heard that, but was getting an uninformatively black screen from the app on our STB on Sunday.
Access to radio programmes has been most notably bad, with some shows "not currently available on BBC iPlayer radio" (normal service mostly resumed for Radio 4* but "Pick of the Pops" on 2 still affected), some that could be started but bombed out (Ross Noble Goes Global wouldn't play for me last night, presently back at "will be available shortly after broadcast"), and some available but not especially promptly ("Laura Solon: Talking and Not Talking").
* prioritising, perhaps ... although as a devotee I'm biased as to what I'd notice ;)
> I don't understand why password systems *insist* on capitals, numbers, non-alphas, etc instead of just *allowing* them - it reduces the possibilities, I think
While announcing a policy decision such as this *does* inform an attacker they don't need to start with a simple dictionary attack, it has benefits with regard to intrusion detection: a) where an intruder has not seen an announcement of the policy, they will make themselves more obvious by repeatedly trying more and more invalid patterns; and b) where an attacker does know the policy the time taken to compromise all accounts remains significantly large because the proportion of the search space removed through denial of some passwords is relatively small.
Remember that the system should be storing a hashed and salted version of the password which means that a) finding another string with the right hash is hard, and b) that precomputed lists of hashed passwords are useless. This gives the assurance that the uneven distribution of password strings can lead to uneven distribution of digests post-hashing without this having a negative impact on overall security (AFAICT ... I was hoping this might be expanded on in the article)
+1: also thoroughly enjoyed that
...actually, "in 1983 Cosgrove Hall Films' Danger Mouse topped the TV ratings with 21 million viewers - beating Coronation Street[...]" from the show description (at http://www.bbc.co.uk/programmes/b03ccz0r)
> Wow! How the last 10 years have flown by....
In the space of half a sentence, no less :/
...I used to think I liked the Spectrum version most but after lots and lots of time on the Gameboy in two-player mode I found it odd to go back to. These days, I find Hell Tetris (see above) oddly calming whether taking it seriously as a game or just exercising the physics engine for a giggle.
> That the proposed migration path was Bitlocker doesn't exactly make it commendable.
That's not in contention; it's the decision of the developers to not leave end users with data that cannot be transferred (or otherwise recovered) that I'm commending above.
Going back to the line I originally quoted, I don't think it's necessary to finger point code quality in Windows (whatever one thinks of it) although obviously it does drive those concerns I listed to an extent (as it would for any other end-of-line OS).
...and since you've brought up Bitlocker I'm not blaming the team for wanting to not compete against the evolving market -whether any strong-arming has taken place or not- and having spoken highly of the TrueCrypt effort to people recently am pleased there is news of an effort to continue it ;)
Biting the hand that feeds IT © 1998–2017