* Posts by Cuddles

1254 posts • joined 3 Nov 2011


Where's Zero Cool when you need him? Loose chips sink ships: How hackers could wreck container vessels

Cuddles Silver badge

Re: Serious infrastructure carnage

"Never mind sinking a ship (rat's arse) -- how about overriding the controls near docking and driving into the port facilities at a rate of knots."

Great, as if life imitating Hackers wasn't bad enough, now we're going for Speed 2 as well?

Samsung pulls sheets off costly phone-cum-fondleslab Galaxy Fold – and a hefty 5G monster

Cuddles Silver badge

Only five cameras?

Forget Samsung vs. Apple, it's Samsung vs. Gillette now. I won't be happy until my phone has at least as many cameras as my razor has blades.

How do you solve a problem like Galileo? With a strap-on L-band payload, of course!

Cuddles Silver badge

Repeating nonsense doesn't make it true

"it does attempt to address concerns that the loss of access to the PRS could lead to lower accuracy"

I'm sure I've said this before, but no such concerns exist. The Commercial Navigation signal provides exactly the same accuracy as the Public Regulated Service signal. The only difference between the two is that the Commerical signal could in theory be switched off. Despite this nonsense being constantly brought up by Brexiters to try to portray the EU as totally unreasonable and cutting us off from vital security services, the fact is that even if we're unwilling to negotiate a sensible deal, we can simply pay for normal commercial access. As long as the French don't decide to invade, the difference between Commerical and PRS is non-existent.

It's also worth noting that accuracy is a fairly pointless thing to be worrying about in the first place. The normal, unencrypted signals for both Galileo and GPS give accuracy of about 1m. There are very few applications where improving that down to 1cm makes any meaningful difference. In particular, things like steering warships and targetting missiles absolutely do not depend on cm level accuracy. Even if we were cut off from everything and stuck using the open access signal, there would be precisely zero impact anything related to military or national security. Those might be great buzzwords to shout about to get people riled up, but they have nothing whatsoever to do with the Galileo Brexit shenanigans.

Help us sniff out 50 neutron star collisions so we can calculate universe expansion, cosmoboffins plead

Cuddles Silver badge

Re: Plea?

"I erroneously assumed these astro-boffins were going to start up some type of "SETI@Home" processing farm-out project to look for wiggles in large data sets, buuuut perhaps not."

That was my first assumption too. However, on second reading I think they're asking us all to go out and start banging neutron stars together so there's something for them to detect.

Amazon triples profit to $11.2bn, pays ZERO DOLLARS in corp tax – instead we pay it $129m

Cuddles Silver badge

Quite an important bootnote

"Eagle-eyed readers will notice that Amazon pegged its net income for 2018 at $10.1bn, though the ITEP reckons it was $11.2bn. That's because the latter figure is the pre-tax total."

In other words, Amazon actually paid $400 million in taxes in the US, and $1.1 billion in total worldwide. Still a tax rate of <10%, but rather more than the pretend negative number claimed by the article. Just because they didn't pay federal taxes doesn't mean they didn't pay tax, it just happens that the US devolves a lot of things like taxes to a lower level, mostly state but even down to county and city. There are plenty of very real issues regarding taxes and how to handle them with multinational companies, especially once the internet starts getting involved. Making up nonsense about the likes of Amazon paying negative tax when they actually pay hundreds of millions isn't going to achieve anything other than obfuscating any sensible attempts to discuss the matter.

Bloke thrown in the cooler for eight years after 3D-printing gun to dodge weapon ban

Cuddles Silver badge

Re: There's a lot more heat than light in this thread, mostly from gun owners of the USA.

"I can do the math later, but multiple 375 watt video camera batteries is enough to discharge at least 10 shots at 35 watts each of energy transfer within a few milliseconds which SHOULD get me to at least 2000 MPH (3000 KPH) projectile velocities."

Arguing about politics and gun control seems to be a fairly fruitless exercise, so it's nice to be able to address a post that relies solely on fact. Watts are not a unit of energy, they are a unit of power. 35W for a few milliseconds will give you about 0.1J of energy transferred to your projectile. That's enough to accelerate an adult fruit fly to 40mph. While slightly faster than they normally fly, shooting someone with your railgun would be able equivalent to the impact when swatting said fly.

It would of course still be possible to get 2000mph projectile velocities, but you'd need something with a mass on the order of 0.3 ug. You could manage that with something like a small snowflake, for example.

Use an 8-char Windows NTLM password? Don't. Every single one can be cracked in under 2.5hrs

Cuddles Silver badge

Re: The Usual Response...

"If it is commonly used words that you are likely to remember, then isn't it a lot less than that."

Or it might be a lot more. Merriam-Webster lists nearly 500,000 words, and apparently some counts put it at over 1 million. Even that 171k is only those listed as in common usage, the OED actually contains around 230k. Plus dictionaries generally don't include proper nouns, so there's a huge additional pool as soon as you start using names. The thing is, the exact number really doesn't matter. All that's important is that there are a lot more words than there are characters (that is the entire point of an alphabet after all) and that it's generally easier to remember longer combinations of them. Even if you assume people only use their own vocabulary and don't look anything up or use a generator, that's around 30,000 common words, and a random selection of four of them provides about the same number of possible combinations as 10 random characters.

Essentially, there are two main factors involved in creating a strong password - length and character set. If you consider your character set to be actual single characters, you're limiting yourself to a few tens - basic alphanumeric gets you 36, adding cases and punctuation can push you up to maybe 100 at most. That means in order to get a strong password you need to make it long, and as this article shows the traditional 8 characters that still serves as a limit in many places simply isn't adequate.

If you instead you use whole words as your character set, you're looking at orders of magnitude larger - around 30,000 for the average person's working vocabulary, potentially into the millions using dictionaries, names, slang, and other languages. With your working character set orders of magnitude larger, a password doesn't need to be as long - four words being about equivalent to a reasonable strength password made of random characters. Quibbling over exactly how much bigger the character set is just doesn't matter. Maybe it's only 20,000, maybe it's a million. Maybe you need 5 words instead of just 4, maybe even 3 is good enough. It's the qualitative difference that's matters; as long as your working character set is orders of magnitude larger, exactly how many orders of magnitude just isn't that important.

Cuddles Silver badge

Re: The Usual Response...

"Throw some punctuation and grammar in"

Decent advice up to this point, but despite being all too common this is a terrible idea. Unless you're using a password vault (which as Baldrickk notes makes any rules about passwords basically irrelevant), a password needs to serve two equally important purposes - it needs to be secure, and you need to be able to remember it. Throwing in even fairly simple obfuscation like punctuation, odd grammar, replacing o with 0, and so on, does very little to increase security but makes things virtually impossible to remember.

The trick is to remember that there are far more words than there are characters. A random jumble of 10 alphanumeric characters has ~10^17 possible combinations*. Throw in a variety of punctuation and that goes up to ~10^19. The OED contains 171,476 English words currently in use (and a whole bunch more of obsolete, derivatives, and so on). A random selection of 4 words gives ~10^20 combinations. That's why the whole correcthorsebatterystable thing exists - just four words is better password than 10 random characters even if an attacker knows it's four words and attacks that rather than by character. 10 random words puts the possible combinations over 10^52, and is still easier to remember than a jumble of punctuation.

Using meaningful sentences reduces that quite a bit, but greatly improves the ability to remember it while still leaving far more combinations than even the kind of longer random passwords generated by password managers.You just have to look at how many hundreds of songs, film quotes, famous sayings, and so on, the average person can remember. Admittedly that approach can make things a little more vulnerable to social engineering, but given that by far the biggest threat these days comes from mass leaks of credentials where an attacker has no idea what a given username/password combination's favourite song might be, that's a pretty small tradeoff for a massive boost to both password security and memorability.

* Assuming no repetition, so essentially just n!/(n-m)!. Allowing repetition and variation in the exact character set might make an order of magnitude or two difference, but isn't really significant.

US man and Brit teen convict indicted over school bomb threat spree

Cuddles Silver badge

Grand jury

I can't help getting a bit of a northern feel whenever I hear that term.

"Eee, this jury's just grand Gromit. Pass the Wensleydale lad."

Pandas so useless they just look at delicious kid who fell into enclosure

Cuddles Silver badge

Re: Bamboo and pandas

"One of these common pieces of trivia one always hear but never bothers to confirm, was that the panda is more closely related to raccoons than to bears... but it seems this useless sack of bamboo is firmly located within the Ursidae family."

The problem is that people confuse two very different animals that share the name "panda". Giant pandas are bears, and there's never really been any question about that. Red pandas, on the other hand, probably aren't. But only probably, because their actual classification has been moved around all over the place and even DNA analysis hasn't really nailed it down. They're probably more closely related to raccoons than bears, but in the past they were put in Ursidae along with giant pandas. At the moment they're generally put in their own family that's closer to raccoons and weasels than anything else, but is different enough to be its own separate thing with just them in it.

People just seem to get confused by all the shenanigans regarding whether it's a bear or a raccoon or something else, and miss the fact that whatever the red panda might be, it has absolutely nothing to do with giant pandas. Although it probably doesn't help that it's another idiot carnivore that insists on eating bamboo and desperately trying to go extinct.

Leaky child-tracking smartwatch maker hits back at bad PR

Cuddles Silver badge

Re: "But, at this stage, this security is not 100 per cent available"

"I think that if the vulnerability was in something that allowed to find expensive cars and drive away with them easily, much more people would be much more worried than about children..."

And yet you can find plenty of articles here pointing out that it is, in fact, possible to find and drive away with expensive cars very easily, and no-one either selling or buying them seems to care in the slightest.

Holy planetesimal formation, Batman! Ultima Thule's no snowman – it's a friggin' pancake

Cuddles Silver badge


"2014 MU69 is a relic from the formation of the solar system."

I really wish people would stop saying things like this every time there's a report on asteroids or whatever. Everything in the solar system is a relic from the formation of the solar system. Stuff like this is interesting enough without having to devolve into meaningless nonsense in efforts to big it up.

Only plebs use Office 2019 over Office 365, says Microsoft's weird new ad campaign

Cuddles Silver badge

Re: Nothing like having your work day extended a few more hours because 'The Cloud' is unavailable.

"Office 365 has client applications for most of the suite (depending on licence) which work fine without the cloud. You just might not be able to get at your files if you store them all in the cloud but you could just as easily elect to save them locally or on your network."

If you're going to install a local client and work on local files, why would you want to pay for a subscription cloud service instead of just paying once for the actual local client? The only reason to use Office 360ish is if you actually want the cloudiness; if the only way to make it work reliably is to ignore all the cloudiness, there's simply no reason for it to exist at all.

Website programming? Pffft, so 2011. Python's main squeeze is now data science, apparently

Cuddles Silver badge

Re: Do it. Never look back!

"She can just work on the Python half, wherever she is, even without a connection..."

You can do all that very easily with Matlab as well.

"And, if she copies some Python snippets off the web (StackOverflow, reddit, GitHub or Kaggle, for example), the license doesn't belong to MathWorks. Read the terms of MatLab's community forums; all code posted becomes property of MathWorks automatically!"

Can you provide evidence for this? According to the actual Matlab Central terms and conditions, anything you post falls under Creative Commons Attribution Share Alike 3.0 license, except for the answers section which falls under BSD. Far from trying to claim ownership of your code, there are several parts in the terms explicitly denying any and all responsibility for anything. Last updated over 2 years ago, so this isn't a new thing.


We're also moving away from Matlab, mainly to Python, but that's simply down to the one big problem Matlab has - cost. That used to be justified since there were a lot of features in Matlab that just weren't easily available in any non-proprietary platform. But there are now Python libraries to replicated pretty much any feature you might want, so paying hundreds of thousands per year for software licenses just doesn't make sense any more. The price keeps increasing, but the gap between their feature set and free Python features is smaller than ever before.

Original WWII German message decrypts to go on display at National Museum of Computing

Cuddles Silver badge

Re: Terminology

"Better question: Why aren't 1000kg. called a megagram?"

It is.

Year after being blasted for dodgy security, GPS kid tracker biz takes heat again for leaving families' private info lying around for crims

Cuddles Silver badge

Re: I'm not sure which is worse

"That may well be true for those who bought after the vulns were found and reported. But how long were they on the market before the reports made the mainstream press and rose to the top of search results?"

That's a fair point, and I have sympathy for people who actually did do at least some minimal research when there wasn't anything for them to find. But these things have been on sale for 18 months since then, and despite all the warnings they were only looked at in this paper because they're still very popular.

"And not forgetting that most people have short memories and are likely to believe the marketing, especially on impulse buys."

Which is exactly the problem. There's no point complaining that companies are at fault for making shoddy products when the only reason they do so is because people blindly buy said products and strap them onto their children without a moment's thought.

Cuddles Silver badge

Re: I'm not sure which is worse

"You don't need to be an automotive mechanic to able to choose a decent car, you just need to know how to drive it."

You don't need to be a mechanic in order to choose a car, but you're a fool if you just blindly buy one without doing some basic research on the matter. While it seems to have become sadly fashionable these days, refusing to learn anything at all while giggling about how terrible you are with technology really isn't acceptable behaviour. These watches are a perfect example - two seconds on Google throws up multiple articles including Which, the BBC and the Telegraph reporting how hilariously insecure they are to the point that major retailers withdrew them from sale. You don't need to be an infosec pro to recognise there might be a problem, you merely have to care enough about your children to consider them worth maybe 10 seconds of your time.

As Malcolm said, there's plenty of blame to go around and manufacturers obviously don't get off scot free when they're the ones making this shit. But neither do parents get to deny all responsibility while laughing about how complicated computers are. It doesn't take an infosec pro to read the very first Google search result from a well respected media outlet saying "Absolutely do not buy one of these, and if you already have one throw it out immediately". Seriously, when a Which review goes so far beyond not recommending a product that they actively advocate destroying your possessions, it really shouldn't take a genius to wonder if just maybe you shouldn't be strapping the thing to your kids.

Musk shows off the latest power plant for Starship, replaces Tesla CFO with a millennial

Cuddles Silver badge

"Is millenial that clearly defined ?"

Fairly clearly, yes. It refers to the generation that came of age around the turn of the millennium, specifically the term was coined to refer to those who would graduate high school in 2000. It generally covers birth dates of around 1980-1995, although sometimes it can include the late '70s and as late as 2000. It's very specifically not "born in or after 2000", despite that being an oddly common misconception.

Bug-hunter faces jail for vulnerability reports, DuckDuckPwn (almost), family spied on via Nest gizmo, and more

Cuddles Silver badge

Re: Pretty soon, you won't be able to turn them off

"New build properties, on the other hand, will be the reverse: just as car manufacturers are currently obsessed with adding 'connectivity' to their cars, so house builders will soon decide that building a smart house will be a selling point."

Not a chance. Have you ever seen the state of new builds? Try having a quick search for complaints about new estates not having access to the internet, for example. For the most part you can count yourself lucky if you get four watertight walls (roof optional), minor details like working electrics and plumbing are well down the list. New builds are very firmly in the "do slightly less than the legal minimum" area, knowing that few enough people will complain so that cost of fixing and fines will be less than the cost of doing it properly. There's absolutely no chance that any of the big developers will start installing IoT crap in houses unless it's made a legal requirement, and even then it won't actually work until you've ripped it all out and redone it yourself.

Good news! Only half of Internet of Crap apps fumble encryption

Cuddles Silver badge

Even worse than it sounds

Having looked at the paper, things appear to be even worse that the summary in the article suggests. For example, having hardcoded encryption keys implies that there is actual encryption involved, and even the introduction in the paper makes some comments on how it might be possible to use clever techniques to try to figure out where a key might be held and how to reverse engineer it. They then go on to give a detailed analysis for the one app out of the four chosen for analysis that actually had any encryption at all... only to reveal that the "encryption" in question is actually just a Caesar shift and the "key" is simply the "x" in "ROT-x". Yes, a modern app with all the power of modern mathematics and computers to do encryption actually uses a technique that could be trivially broken by hand over 2000 years ago. With that level of cryptography in play, the fact that the key is hardcoded is far from the biggest problem.

So sure, this research could be seen in a good light as showing that 50% of IoC devices are actually somewhat secure. But don't count on them remaining secure if anyone born between Ancient Rome and now is able to look at them. Just because cryptography is technically present does not mean an app is in any way secure.

OK, it's early 2019. Has Leeds Hospital finally managed to 'axe the fax'? Um, yes and no

Cuddles Silver badge

Electronic fax

Because the existing fax machines aren't electronic?

You got a smart speaker but you're worried about privacy. First off, why'd you buy one? Secondly, check out Project Alias

Cuddles Silver badge

"So, the solution for people who are worried that Alexa et al might be eavesdropping on their homes via their built in microphones is to provide them with a device with a built in microphone which is always listening for an activate phrase."

The solution for people worried an always connected internet device with unknown internals and workings might be eavesdropping on them is to provide them with a local, entirely disconnected device with fully open internals.

"Better solution is the more basic Alexa enabled smart speakers where you have to push a button to speak to it."

So the solution for people who want to replace button pushing with voice commands is to force them to use both?

Europe taps Facebook, Google, Twitter on the shoulder. So about those promises to stamp out lies, bots, dodgy ads?

Cuddles Silver badge

Re: took down 800m and 754m fake accounts in Q2 and Q3

"Without data on the age of the accounts these could include new accounts spawned by scammers who've just had their previous account taken down. It doesn't necessarily tell much about the proportion of fake accounts existing at the start of Q2 which have been removed."

Fortunately we don't need to worry about not having that data, because it's all presented in the report linked at the start of the article. 99.6% of the accounts removed were done so automatically within minutes of registration. Fake accounts make up 3-4% of active accounts.

While US fires criminal charges at Huawei, UK tells legislators not to worry, everything's fine

Cuddles Silver badge

Legacy equipment

"BT subsequently began uninstalling Huawei equipment from its 3G and 4G mobile network cores in December, publicly insisting that this was simply because it was legacy equipment inherited from EE when the mobile operator was bought out by BT in 2016."

All their equipment is legacy equipment inherited from EE. The whole reason they bought EE is because they didn't have a mobile network of their own.

Ouch, Apple! Plenty of iPhones stuck in tech channel. How many? That's a 'wild card'

Cuddles Silver badge

Re: Apple boredom

"We've seen the same ole crap for the last 3 years"

The first smartphone I had was an HTC Hero, released in 2009. It had a capacitive multitouch screen, camera, 3G data connection, wifi, bluetooth, GPS, accelerometer, compass, USB, headphone socket, SD card, removable battery. It could even make phonecalls if you really wanted. Compared to a brand new £1000+ flagship phone today, the only things missing are NFC and possibly some level of waterproofing, but you may also note that at least a couple of significant things have gone missing as well.

So no, we haven't seen the same ole crap for the last 3 years, we've seen the same crap pretty much since the first smartphones were sold. The only thing that's changed is that the incremental improvements to the various parts have reached the point where even the most bling obsessed no longer see the benefit of regular upgrades; most of us were at that point a lot more than 3 years ago.

Crispest image yet of Ultima Thule arrives on Earth, but grab a coffee while the rest downloads

Cuddles Silver badge

Re: Look very hard!

"Also remember those Voyagers are using valve amplifiers."

I didn't even know they played guitar!

Nationwide UK court IT failure farce 'not the result of a cyber attack' – Justice Ministry

Cuddles Silver badge

Re: wtf does not "freeing prisoners unlawfully" mean ?

"Such characteristics not only demonstrate the intellectrual dwarfism of such a poster, but are the reason we have mems"

I find myself confused by the terms "intellectrual" and "mems". Could you explain them please?

You heard the latest Chinese CRISPRs? They are real: Renegade bio-boffin did genetically modify baby twins

Cuddles Silver badge

But that's not how it works

"eight couples, where the men had HIV but the women did not, and genetically modified embryos with CRISPR before implanting them into the wombs of the women. The goal was, as you can imagine, to make babies that were not HIV positive despite their parentage."

HIV can be passed from a mother to a fetus during pregnancy. The HIV status of the father is irrelevant; the only way a father can infect a fetus is by passing the infection to the mother first. According to the description given, He took uninfected embryos and implanted them in uninfected women. In that situation, no-one was ever going to end up infected with HIV, whether they were genetically modified or not. Ethics aside, the whole thing appears to have been a complete waste of time that could never have proved anything.

Ginni, you may have to get out and push: IBM sales, profit stuck in the mud. $13bn is $13bn, tho

Cuddles Silver badge

Wait, what?

"the company's traditional mainframe business, declined 21 per cent

"This is the most successful mainframe product cycle in quite some time"

I'll happily admit I'm not too familiar with management-speak, but it really feels like something doesn't quite add up here.

Holy crappuccino. There's a latte trouble brewing... Bio-boffins reckon 60%+ of coffee species may be doomed

Cuddles Silver badge

Re: Umm... nope.

"Even if the area covering the current (already hot and tropical) coffee belt gets TOO hot, then won't that merely shift the crop areas further into higher latitudes?"

The vast majority of the species in question are not crops. Grapes can grow in areas they couldn't previously because humans decided to plant them there. Absent such human intervention, most species that suddenly find the climate unsuitable simply die, especially plants which obviously are less able to migrate.

"Once upon a time during the minor warming period in the dark ages, England grew some acceptable varietals for a short time."

There's been wine produced in the UK pretty much continuously since the Romans arrived, it certainly didn't require the Medieval Warm Period to make it viable.

Top GP: Medical app Your.MD's data security wasn't my remit

Cuddles Silver badge

"So I must admit to being a little puzzled abut what Sidhu is in court for and the line of questioning."

You certainly are puzzled if you think Sidhu is in court for anything. As the article says, Randeep Sidhu is the former employee who is taking Your.MD to court for unfair dismissal. Professor Maureen Baker is the one being questioned. She is in court because it is suggested that as Chief Medical Officer of the company, it was at least partially her responsibility to ensure confidential medical information was, in fact, confidential and not open to be viewed and edited by literally anyone with an internet connection.

To be honest, I'm not sure why so many people seem to be having trouble understanding the article, it all seems to be very clear and well explained. The only part that is at all confusing is the fact that Professor Baker's replies appear to bear very little relation to the actual questions, but I suspect that's rather par for the course in a situation like this.

Brit comms regulator Ofcom: Disabled left behind by tech

Cuddles Silver badge

Self reporting

"Ofcom also found that around half of those with a disability were confident that they understand the language and terminology used by providers, compared to the 75 per cent average."

It might be more useful to find out how many people actually understand the terminology rather than just asking them how confident they are about it. The Dunning-Kruger effect says that the real percentage is a lot lower, although admittedly it would affect everyone equally regardless of disabilities.

World's first robot hotel massacres half of its robot staff

Cuddles Silver badge

Re: Well, yes

"That's probably more because this campaign is obviously nonsense"

Since when has that ever stopped a crowdfunding effort from being successful?

Outlook Mobile heads to the White House, passes infosec clearance for federal sector

Cuddles Silver badge

Bing location services don’t work

Of course, that's not anything to do with the secure environment, it's just a standard feature across all versions.

Cops told: No, you can't have a warrant to force a big bunch of people to unlock their phones by fingerprint, face scans

Cuddles Silver badge

"digital documents should be viewed as physical, if there is a reasonable way to do it and working safety mechanisms to protect from abuse then there should be ways for law enforcement to search devices."

If you'd read the article, you might have noticed this is the entire point of the ruling. Physical things already are protected - police need a warrant to search specific things, they can't just blindly demand everyone in an area open everything and let them search it. Yet that's exactly what they wanted to do in this case, and so the judge said exactly what you claim to want them to say - it's fine for the police to get a warrant to access specific, relevant devices, but not for them to demand blanket access to every device owned by anyone who happens to be nearby.

What's the fate of our Solar System? Boffins peer into giant crystal ball – ah, no, wait, that's our Sun in 10bn years

Cuddles Silver badge

Re: Boom!

"No, far too hot"

To begin with. They're going to cool down eventually though. Indeed, it's actually an interesting question which crops up in many places - at what point do you have to stop doing particle physics and start doing physical chemistry instead?

Fake news? More like ache news. Grandma, grampa 'more likely' to share made-up articles during US election

Cuddles Silver badge

Re: Where did they get these people?

"One would think that the longer you live the wiser you get to being conned"

Why would one think that? Certainly there doesn't appear to be any evidence that the aphorism "older and wiser" is anything other than propaganda put about by Big Age. Old people have a well established history of being at least as gullible as everyone else, if not more so. Personally I'm of the opinion that wisdom peaks somewhere in the 30s. Younger whipersnappers are clearly all idiots, but it's all too soon after that point that things like combovers, socks with sandles, and tight lycra to match the shiny new road bike start seeming like good ideas, and it's only downhill from there.

Google Play Store spews malware onto 9 million 'Droids

Cuddles Silver badge

Re: Do phones still have an IR port?

"It's a flaw in the review systems. They should all have separate ratings for not only the quality of the item purchased but also the customer service. This would allow someone to grade it as "1" for the item, but give a "5" for the way the seller responded to the problem."

That's exactly what Amazon do have. Ratings and reviews for goods and vendors are completely separate. The problem is that far too many idiots are apparently unable to understand the difference between the two and insist on putting the wrong reviews in the wrong places. Presumably these are the same people who have the bizarre habit of responding to random questions people have asked about products with the very helpful "I don't know".

Low-power chips are secret sauce behind long-life wearables

Cuddles Silver badge

The elusive mass market

The trouble with the mass market for smart/fitness/watches is that it's elusive in the same sense as bigfoot - the problem is not simply that no-one can find it, but that there's no evidence it actually exists in the first place. There's certainly a relatively small market for real Garmin-style sports trackers. And there seems to be at least some market for stripped-down phones that can be strapped to your wrist. But in terms of people wanting a watch that isn't great at being a watch, isn't smart enough to do useful things, and is just barely competent at counting steps? It's a gimmick that people occasionally decide it's worth chucking 20 quid at. People who actually care about fitness either get a useful tool or, all too commonly, simply don't worry about needing a fancy watch in order to go running. People who don't care about fitness... don't care about fitness, and a £100 watch that occasionally tells them they've been walking or whatever isn't going to change that.

There simply isn't a mass market place for "relatively expensive but not actually very useful watch cum step counter". It either needs to be more useful or less expensive, and both of those markets are already covered and doing about as well as they're ever likely to. In the absence of some killer new feature, continuing to throw the same crap out and expecting it to fare any differently isn't exactly sensible. Especially when their "long life" wearables are still only boasting 30 days use as a basic watch or 3 days of actually doing anything, which somehow manages to be worse than an actual GPS watch.

Cuddles Silver badge

Re: Engineering query

"How many Wh can you generate using such technologies in a watch? And how many Wh does a more conventional smart-watch use? Never mind how you store the energy in your battery, I just wonder how far apart these numbers are that we could ever conceivably see a self-'winding' smart watch? A fitbit that relied on the owner to exercise to keep it charged"

You can order one powered by your body heat right now - https://www.powerwatch.com/collections/products

I have no idea how good they actually are, but apparently we've reached the point where it's a commercially viable idea (as long as you don't live somewhere hot). I expect the mechanical self-winding idea would be rather more difficult to implement. The traditional type relied pretty much literally on self-winding, using your motion to put energy into the mechanical system that was already there to make the watch work. A digital watch with no such mechanical system would have to add the whole thing from scratch. It might still be possible from a power needs point of view, but I suspect it would have to be quite bulky.

FYI: Twitter's API still spews enough metadata to reveal exactly where you lived, worked

Cuddles Silver badge

Re: That data is useless anyway, why keep it?

"So many people move, change jobs, change doctors, this wouldn't be terribly practical to advertisers trying direct targeting."

In the UK, the average person moves house every 23 years (and are unlikely to change doctors except when moving). They change jobs every 4-5 years. So 5 or 10 year old location data has a very high chance of showing your current home, doctor, lawyer, shops, and so on, and still a decent chance of knowing where you work. Given that Twitter only stopped attaching all this information 3 years ago, you have well over a 50% chance of it still being correct about pretty much everything.

"So, why does Twitter keep it around?"

It was attached to tweets when they were posted. Twitter aren't deliberately keeping it around, they just haven't bothered to make the effort to remove metadata from old tweets.

It'll soon be even more illegal to fly drones near UK airports

Cuddles Silver badge

99 luftdrones

Could be worse, at least we didn't get a nuclear war. This time.

Attention all British .eu owners: Buy dotcom domains and prepare to sue, says UK govt

Cuddles Silver badge

Re: Wow, it's almost...

"BUT ignoring the referendum result because you don't like it isn't how things work in a democracy."

Of course it is. Some people seem to have a very odd idea of what democracy actually means. Every single democratic country in the world is a representative democracy, in which a small number of people are chosen to actually make decisions. Direct democracy, in which the people as a whole vote on all decisions, is essentially non-existent. Even Switzerland, which is well known as having a lot of binding referendums, actually still runs on representative democracy most of the time, and the few other examples around the world are mostly for minor local matters not for entire countries.

In systems like the one we use in the UK, referendums are rarely binding. They're essentially little more than an opinion poll that happens to be run by the government rather than a polling company. The whole point of having elected representatives is that they are supposed to make a considered decision based on all the facts available; a public referendum might help inform that decision, but it is far from the only relevant factor. To claim that a non-binding opinion poll being overridden by an elected government is undemocratic is just plain nonsense.

Dark matter's such a pushover: Baby stars can shove weird stuff around dwarf galaxies

Cuddles Silver badge

Re: Alternate theory

"All we actually know - the only believable observations are:

1. angular velocity vs diameter of a spinning galaxy doesn't quite add up right.

2. something gravitationally lenses light from very far away - space is more warped than we thought.

That's it."

And yet even a cursory glance at Wikipedia would show at least 11 separate, independent lines of evidence all supporting it. Calling actual scientists idiots while demonstrating less understanding than that of an uneducated layman with a few spare minutes on their hands is probably not the best way to convince everyone you're worth paying attention to.

Happy new year, readers. Yes, we have threaded comments, an image-lite mode, and more...

Cuddles Silver badge

Not even close

"Our website is now mobile-desktop responsive, meaning whether you visit us on a phone, laptop, workstation, tablet, telly, holographic love dungeon, whatever it may be, it should automatically display in a layout appropriate to your screen size. "

And yet you've been aware since you first launched this crap that it absolutely does not do any such thing. Use a normal browser on a normal PC and it remains always stuck at no more than 4 articles to a row on the front page, with the text in an actual article restricted to about 10-12 words, in both cases taking up at most maybe 1/4 of the available space and leaving the rest of the screen completely blank. And yes, I've seen the excuses about people not wanting more than that and so on. The problem isn't just that it's such a crap design, but that you insist on lying about it. It is not in any way a "responsive" site, it's simply a mobile site that you happen to able to view on a real computer if you're willing to put up with a shit layout and huge amounts of wasted space.

Also, there's clearly an image in that screenshot. I do love the idea of insisting on cramming hideous adverts down the throat of people who have specifically asked not to have pictures shown.

More nodding dogs green-light terrible UK.gov pr0n age verification plans

Cuddles Silver badge

Re: All you need is......

"Soon the hedgerows will be alive again with naked ladies and men, although video is a bit harder."

Looks like it's time to rediscover the lost art of flip-books.

Full frontal vulnerability: Photos can still trick, unlock Android mobes via facial recognition

Cuddles Silver badge

What is security for?

This isn't particularly new or surprising, and as others have already mentioned biometrics are just not a replacement for something like a decent password. What the complaints tend to miss, however, is that that's not really what they're intended for in many situations. I don't need my phone to be locked up well enough to keep out TLAs with the full resources of a large country behind them. I don't even need it to be locked up well enough to keep out someone with the time and dedication to specifically target me for fingerprinting. If someone swipes my phone in a pub or wherever, I just want it locked up well enough that it's not any use to them, or ideally to avoid having it swiped in the first place because they know that will be the case.

That's the situation the vast majority of people are in. Sure, my phone might be vulnerable to anyone with a decent photo of my face, but a casual thief doesn't even know whose phone it is so that simply doesn't matter. Trying to keep out specifically targetted attacks is certainly not something a cheap fingerprint sensor is good for, but that's just not something most people need to worry about. If all you want to do is stop your mate getting on your Facebook page while you're in the toilet, security on the average phone is more than good enough. If you're worried about more serious attacks than that, you'd be a fool to expect cheap consumer goods to have that level of security off the shelf. It's no different from noting that the front door of my house is not as secure as a bank vault; as long as you understand what job it's there to do the fact that some things are less secure than others is not inherently a problem.

FCC tosses aside rules, treats Google to a happy ending following request for handy tech

Cuddles Silver badge

Re: So what ?

"The power level is tiny - +10dBm peak transmitter power is 0.01watt (10 milliwatts) - 2.4GHz WiFi allows 10 times the power 0.1 watts (100 milliwatts), 5GHz WiFi allows up 4 watts (4000 milliwatts) and 802.11ad (depending on use) allows 10 watts or more (at the same frequencies as the Soli equipment)."

I guess the question is how much power is needed to interfere with a signal, as opposed to simply drowning it out? Scatter a few of these sensors in an area and they can easily be putting out 1% or more of the maximum allowed power for a router. Is that irrelevant, or is it actually enough to cause potential issues? Perhaps more importantly, the maximum power isn't generally where you want to operate all the time, so even if all these things do is force routers in the area to crank up their power output a bit to compensate that's a potential issue, if only due to increased power consumption.

"This seems to be a reasonable technical increase"

Which brings up the other important question others have already mentioned - if it really is not a problem at all and is all perfectly reasonable from a technical standpoint, why keep the old rules in place for everyone else? Presumably the existing figures were calculated somehow based on some assumptions. If those assumptions and/or calculations are no longer valid, the rules as a whole need updating. If they are still valid, why don't they apply to Google? Maybe it's all perfectly above board, but it's always going to look suspicious when a hilariously incompetent and corrupt body gives individual approval to the biggest* briber lobbyist in the US.

* They were second in 2017. Final figures for 2018 aren't around yet, but Google were on course to be number one based on data from a few months ago.

No not THAT kind of Office Wizard! Roll a diplomacy check to win the election: Vote tie resolved by a D20

Cuddles Silver badge

Re: Statistically speaking

"I completely agree with that. AD&D 2nd Edition (where I started with the hobby) was the current edition for 20 years under TSR. And then we had 4 new editions (counting 3.5 as seperate) in 15 years."

2nd edition was the current edition for less than 11 years (1989 - 2000). The first version of OD&D was current for between 3 and 5 years depending on exactly how you count it, and the game was effectively rewritten at least three times in 20 years, so complaining about new editions not lasting doesn't make a lot of sense. Even 2nd Ed AD&D was heavily revised halfway through its time, so the only edition that actually stands out as lasting a long time is 1st Ed AD&D which lasted for 12 years with no changes.

Spending watchdog points finger at Capita for 1,300 shortfall in British Army rookies

Cuddles Silver badge

That's not how penalties work

"The cost of the 10-year Capita contract rose from £495m to £677m partly because of the automated online recruitment platform, which, when combined with costs for keeping the legacy system running longer than planned, cost the Army £113m.

As a result of the missed recruitment targets over the years, the Army shaved some 6 per cent off Capita's contract payments, applying financial service credit deductions of £26m."

Not counting the extra costs to the army, that looks like Crapita got paid an extra £69m. After applying penalties, that means they were paid about 10% more than the original contract price. So of course this nonsense keeps happening. Supply a broken system several years late, and the only "penalty" you get is a hefty pay rise.


Biting the hand that feeds IT © 1998–2019