* Posts by Phil Endecott

635 posts • joined 29 Nov 2006

Page:

Millions of scraped public social net profiles left in open AWS S3 box

Phil Endecott
Bronze badge

Re: Default access

> maybe that [no public access] is the default

Yes, it’s the default.

Trouble is when you want to share a file on S3 with someone else, your choice is either

(a) do some fancy thing to make a single-use time-limitted URL that you can share, or

(b) make the content public temporarily - with the danger of forgetting to change it back to private afterwards.

I think this must explain many of the S3 screwups we’ve heard about.

2
0

OK, this time it's for real: The last available IPv4 address block has gone

Phil Endecott
Bronze badge

Re: BT

> BT completed its ipv6 rollout in November 2016.

Nonsense. Only people with the latest generation of “home hub” have it.

Mine is about 5 years old and is two generations too old (IIRC) to run IPv6.

0
0

Go away, kid, you bother me: Apple, Google, Microsoft, Mozilla kick W3C nerds to the curb

Phil Endecott
Bronze badge

Anyone know what the central technical difference between the two DOM forks is?

16
0

What most people think it looks like when you change router's admin password, apparently

Phil Endecott
Bronze badge

BT routers come with randomised passwords and I see no reason to change them to something user-selected and likely less random. That must make up a large fraction of the 82%.

24
1

'Disappearing' data under ZFS on Linux sparks small swift tweak

Phil Endecott
Bronze badge

Re: Goto Jail, go directly to jail.

> Underneath the hood, goto is literally just a jmp instruction. But

> a loop has all kinds of setups, stack motions and side-effects.

Nonsense.

0
0
Phil Endecott
Bronze badge

Re: Goto Jail, go directly to jail.

> If (err == 0) goto retry;

Yes 0 does mean ‘no error’. This is an errno-like status code; errno does not define a symbol for ‘OK’ and using raw 0 or an implicit boolean conversion ( if (!err) ... ) is standard.

The logic is something like this:

1. Try to do something.

2. If it worked, all finished. Stop now.

3. Do some other special action that should help resolve why step 1 didn’t work.

4. If step 3 works, go back to step 1 to retry the original thing.

‘if (err==0) goto retry;’ is saying my step 3 completed with no error, so it can go back to step 1 to retry the original thing.

“Goto considered evil” would suggest that it should be a while loop, ‘until no error’. But there are other schools of thought.

5
0

Application publishing gets the WebAssembly treatment

Phil Endecott
Bronze badge

It’s unfortunate that they’ve chosen the same word, “droplet”, that Digital Ocean use to describe their virtual machines.

1
0

Modern life is rubbish – so why not take a trip down memory lane with Windows File Manager?

Phil Endecott
Bronze badge

>> over 700kB when compiled with modern tools

> Ah, progress…

Anyone know how large the original executable was?

4
0

£12k fine slapped on Postman Pat and his 300,000 spam emails

Phil Endecott
Bronze badge

> it goes unread straight into the recycling bin anyway

So do they recycle envelopes where you are? Here envelopes aren’t allowed in the paper recycling, so junk mail has to go to landfill.

0
0

AWSome, S3 storage literally costs pennies

Phil Endecott
Bronze badge

AWS already had a “reduced redundancy” product, though last time I looked it was basically the same price as normal storage.

And the “S-IA” thing in your table looks odd as it actually costs more than normal storage.

And doesn’t “IA” stand for “infrequent access”, which is a different dimension?

Some clarification would be good.

edit: it seems this new offering has reduced availability but the same durability as regular storage, while the reduced redundancy product (which has uncompetitive pricing, so seems deprecated) has reduced durability.)

1
0

Block blocked: Google to banish cryptominers from Chrome Web Store

Phil Endecott
Bronze badge

“1 in 9 plugin submissions broke the rules”

vs.

“90 per cent of all extensions with mining scripts that developers have attempted to upload to Chrome Web Store have failed to comply with these policies”

Someone not good at percentages?

9
0

Magic Leap ships headsets at last, but you'll need a safe

Phil Endecott
Bronze badge

I don’t think “keep it in a safe” is unusual for pre-release gaming hardware and similar.

15
0

10Mbps for world+dog, hoots UK.gov, and here is how we're doing it

Phil Endecott
Bronze badge

> it's not reasonable that people subsidise rural broadband

It’s not only rural areas; I’m in the middle of a major city and only get 9 Mbit/s because I’m almost 2 miles from thr exchange and it’s “not economic” to upgrade the cabinet to FTTC.

2
0

You must be yolking: English pub to launch eggstravagent Yorkshire pudding

Phil Endecott
Bronze badge

N or S of the river Trent, isn’t it?

Or pray facing Canterbury or York?

2
0

Brit retailer Currys PC World says sorry for Know How scam

Phil Endecott
Bronze badge

Re: Sharp Practice

> "I've just said NO!", at which point they immediately move to take the

> payment part of our "relationship"

I haven’t mastered the right tone yet. Too soft and they keep trying; too firm and they accuse me of being rude.

I am thinking in particular of “heritage” organisations trying to get me to join for a year, rather than just paying this one entry fee.

9
0
Phil Endecott
Bronze badge

Re: Sharp Practice

> My response to the 'would you like extended warranty' question is

Mine is, “no I don’t need it, I’m only buying it for the components, I’m going to take it to bits as soon as I get home. Do you know if these are Philips or posidrive screws on the back? I chose this one because all the others have torx screws”.

Usually works.

10
0

VPN tests reveal privacy-leaking bugs

Phil Endecott
Bronze badge

Why are they whitelisting amazonaws.com?

6
0

Europe is living in the past (by nearly six minutes) thanks to Serbia and Kosovo

Phil Endecott
Bronze badge

> For some reason I assumed the UK was 60Hz.

You probably also think we use inches.

19
0

Your entire ID is worth £820 to crooks on dark web black market

Phil Endecott
Bronze badge

Re: This starts to makes sense...

> They have no mechanism for third parties to report account hacking

> fraud, you can only report your own a/c.

It might actually be possible to phone your own bank. Tell them that you weren't taken in by the fraud but you want to report the account number anyway. Banks DO have methods to report this to other banks. Yours might invoke that without you having made a transfer. Or they might not.

2
0

Oculus Rift whiffed, VR fanbois miffed

Phil Endecott
Bronze badge

Re: here we go again...

If I've understood correctly, the advice in this case is more like "don't embed a certificate with finite validity in a product. If for whatever reason you do, have plans for replacing it starting maybe 6 months in advance."

17
0

Fender's 'smart' guitar amp has no Bluetooth pairing controls

Phil Endecott
Bronze badge

Re: As a practicing[0] guitarist ...

> iPad sound mixing desks are now common, and allow for on-the-fly

> sound mixing *from amongst the audience*

Or, as I have seen, *from the bar*, with the band trying hard to get the attention of the soundman because the vocalist's mic is totally off. He is too distracted by the barmaid (or a website) to realise.

2
0

Intellisense was off and developer learned you can't code in Canadian

Phil Endecott
Bronze badge

Re: Can you C it?

> pow(n,2)

What's wrong with n*n ?

With pow(), if you're lucky your compiler will spot that the 2 is a constant and generate a multiply anyway. If you're unlucky it will do something horrible involving exp(). Less typing, works in every language, and better result to just write n*n.

1
0
Phil Endecott
Bronze badge

Re: Delights of spelling

> #define colour color /*sic*/

Sadly this doesn't work when the things you want to change are e.g. background_color, getColor() etc.

2
0

Perusing pr0nz at work? Here's a protip: Save it in a file marked 'private'

Phil Endecott
Bronze badge

Re: The real story

>"France consistently has a slightly higher productivity of labour than the UK."

>The graph on that page you link is GDP growth normalized to 2010,

Productivity is not the same as GDP, normalised or otherwise.

2
0

Does my boom look big in this? New universe measurements bewilder boffins

Phil Endecott
Bronze badge

Re: Something's not right here.

> How can it be accelerating? That implies a force pushing on it.

That is certainly how Newton would have thought about it.

2
0

RIP, Swype: Thanks for all the sor--speec--speedy texting

Phil Endecott
Bronze badge

Re: Preductive Sex

Please may I borrow your predictive training data?

12
0

Apple to devs: Code for the iPhone X or nothing from April onwards

Phil Endecott
Bronze badge

> Can apps built using the 11 SDK still run on iOS 10?

Generally yes.

2
0
Phil Endecott
Bronze badge

Re: Old iPhones ?

> So developers can not produce apps for the old iphones or ipads

> (iphone 5 and earlier can not run ios 11)

Not true. The app specifies its minimum and maximum(*) supported iOS versions. The minimum can certainly go back to iOS 8, and possibly a bit earlier. All that has been announced is that the max supported version soon has to be 11.

(*) The max version is not a strict limit; if you try to install an app that e.g. doesn't support iOS 11 on an iOS 11 device it will run, but iOS will provide an iOS-10-like compatibility environment for it. This might involve, for example, pretending that the screen is a different size and scaling the content.

2
0

It's official: .corp, .home, .mail will never be top-level domains on the 'net

Phil Endecott
Bronze badge

We had a story about ".dev'" a few weeks ago.

It's not difficult - don't try to use domain names you don't own. If you do, at some point in the future something bad will happen.

3
5

UK ICO, USCourts.gov... Thousands of websites hijacked by hidden crypto-mining code after popular plugin pwned

Phil Endecott
Bronze badge

> Just about every non-trivial website on the planet loads in

> resources provided by other companies and organizations

Really? OK, adverts. But other than that? Surely at least many of them are self-contained. I hope.

If you are going to use 3rd-party code, you've got a difficult decision to make: import it from the 3rd party when the page loads and you're vulnerable to the 3rd party going down, getting hacked etc. But on the other hand, if a security issue is found then they may be able to fix it without you having to take any action. Copy the code to your own server and you'll find you've not kept up with updates and you get hacked....

8
0

Morrisons launches bizarre Yorkshire Pudding pizza thing

Phil Endecott
Bronze badge

Re: They're copying Greggs, that's all

> Here in the states, we'd call that a Chicago-style deep dish pizza. Been around for ages.

I get the impression you son't know what Yorkshire Pudding is.

Hint: it's not remotely bread-like.

19
0

GitHub shrugs off drone maker DJI's crypto key DMCA takedown effort

Phil Endecott
Bronze badge

Re: shortsighed on Github's end too

> crypto stuff usually has recognizable extensions and contents

The actual key is in the screenshot in the article, have a look at it.

Maybe you could detect that a string of 64? random hex characters could be a key, but it would surely have plenty of false positives. It might work if the hook could interactively say "are you sure y/n?" but the hooks I've seen have not had that level of interaction.

5
0

TalkTalk starts offering punters choice to shift-shift to O2

Phil Endecott
Bronze badge

Re: The beginning of the end .....

Better than ANY conversation I've ever had with a telco. Honestly.

2
0

I thought there'd be more Instagram: ICT apprenticeships down 20% in five years

Phil Endecott
Bronze badge

What is "ICT"?

0
0

Facebook invents new unit of time to measure modern attention spans: 1/705,600,000 of a sec

Phil Endecott
Bronze badge

Just use rational arithmetic for fractions of a second.

0
0

Nominations open for comp restoration gong, the Tony Sale Award

Phil Endecott
Bronze badge

How about that lovely company who are making a replica of that 1980s classic the Sinclair Spectrum?

:-)

2
0

HMRC dev support team cc blurtfest: Over 1,400 email addresses blabbed

Phil Endecott
Bronze badge

Re: Irregular verbs

> Do you normally take trains from the bus station?

No, I take them from the Railway Station.

6
0
Phil Endecott
Bronze badge

Irregular verbs

"Please note the HMRC Developer Hub will remain shuttered over the weekend..."

To shut has always been an irregular verb, but its conjugation seems to have changed recently.

It used to be that the present, "I shut", was the same as the simple past, "I shut". Like "I put" or "I cut". And the corresponding adjective was also "shut". "The door is shut".

At some point in the last couple of years, usage has changed. Now people say "shuttered" for the past tense and the adjective. "I shuttered it yesterday", "it is shuttered".

Is this an import from the U.S.? Like "train station"?

8
3

UK watchdog dishes out fines totaling £600k to four spam-spewers

Phil Endecott
Bronze badge

> All will into administration within a month of the fine.

Dear El Reg, please can we have a followup article tracking whether anything grts paid, whether the businesses close down, and what the directors do next? Thanks.

23
0

Carphone Warehouse cops £400k fine after hack exposed 3 MEEELLION folks’ data

Phil Endecott
Bronze badge

£320,000

if they pay by 7th Feb.

0
0

How to hack Wi-Fi for fun and imprisonment with crypto-mining inject

Phil Endecott
Bronze badge

Re: Alternatively -

> You could offer "free" wifi with the cryptomining levy openly

> disclosed as the cost of using the wifi.

For some fraction of those customers, you're also paying for their electricity...

According to this: http://www.wired.co.uk/article/how-much-energy-does-bitcoin-mining-really-use

Bitcoin mining might cost of the order of 50kWhr per $ mined. But that might include custom hardware, and certainly has vast margins of error. Anyone have better numbers? Is Monero significantly different?

1
0

US border cops told to stop copying people's files just for the hell of it

Phil Endecott
Bronze badge

Re: Goosey, gossey gander....

> US constitutional rights apply to everyone in the US according to the supreme court

Yes, hence the need for Guantanamo, Diego Garcia and other places outside the US where constiutional rights do no apply.

29
0

UK drone collision study didn't show airliner window penetration

Phil Endecott
Bronze badge

Re: Plus Ça Change

> Insert almost anything you like for "XXX":

My current favourite value for XXX is DIY home electrics.

14
0

UK.gov pushes ahead with legal right to 10Mbps

Phil Endecott
Bronze badge

> The 10M-30M range only applies to properties on copper lengths

> of 1 to 2.5km. If you're sticking a new cabinet somewhere that

> remote, then it will likely be prohibitively expensive to get power to it.

"That remote" ?!!! I'm on a cabinet that's about 2km from the exchange, in the middle of a major city. Max speed about 9 Mb/s. No fiber installed or planned, no alternative providers.

0
0
Phil Endecott
Bronze badge

I get about 9 Mb/s; I bet it's magically 10.01 when THEY measure it...

3
0

Ubuntu 17.10 pulled: Linux OS knackers laptop BIOSes, Intel kernel driver fingered

Phil Endecott
Bronze badge

> Why is this [a kernel driver for the SPI flash] even a thing?

Imagine that you wanted to write a Linux utility to reflash the BIOS. This would require some way for a user-mode program to access the BIOS flash. A kernel driver to do that is the obvious method.

See posts anove for why a Linux utility to reflash the BIOS is desirable...

13
0

Microsoft emergency update: Malware Engine needs, erm, malware protection

Phil Endecott
Bronze badge

Re: Wider issue

> Otherwise how does it get even near executing files that it is checking?

Typically it could be something like: it was trying to copy N bytes from the file to memory, but N is misinterpretted as 255 instead of -1, so the bytes overwrite a location on the stack that contained a return address. So when the function returns it starts executing code from that address, which could also be from the malicious file.

3
0

Lap-slabtop-mobes with Snapdragon Arm CPUs running Windows 10: We had a quick gander

Phil Endecott
Bronze badge

Re: Linux?

Does anyone know if the UEFI (or whatever) boot system is sufficiently relaxed that alternative operating systems can be installed?

4
0

French activists storm Paris Apple Store over EU tax dispute

Phil Endecott
Bronze badge

You can buy iPhones from other outlets than Apple stores - e.g. John Lewis here in the UK. While I'm sure the wholesale price that they pay, and hence the markup, are commercially sensitive and not publicly known, someone in the industry could make a good guess.

That wholesale price is what the transfer-price for iPhones between Apple (China) (Manufacturing) Ltd and Apple (UK) (Retail) Ltd should be. Then Apple UK's accounts should show profit = sales minus VAT minus transfer price minus staff, buildings etc. They can also legitimately show payments to Apple (US) for o-erating the web site and licensing the Apple Store branding, which is harder to quantify. Then there's the tricky question of ongoing costs, i.e. providing iCloud services to iPhone purchasers in future years.

Presumably HMRC have people who spend their time doing back-of-the-envelope calculations like this and judging whether companies' accounts look reasonable.

IMO, Apple, as a company who sell physical goods, are much easier to study in this way than Facebook, Google and even Microsoft.

0
0

Linux laptop-flinger says bye-bye to buggy Intel Management Engine

Phil Endecott
Bronze badge

Re: Alternative?

> ARM is probably going to be your best bet for a system

> without a crap management sub-system running on it.

My 8-core Thunder-X ARM motherboard (MP30-AR1) has an additional processor to provide remote management. Since it also provides the main VGA video output, disabling it might not be a great idea.

2
0

Page:

Forums

Biting the hand that feeds IT © 1998–2018