Re: So the news is ..... ?
But when your mangled facts make your exec look stupid to the competition, you can bet there will be a rapidly resolved witch-hunt going on as we speak.
56 posts • joined 3 Aug 2012
But when your mangled facts make your exec look stupid to the competition, you can bet there will be a rapidly resolved witch-hunt going on as we speak.
They still want to dump cookies all over your computer, and a lot of ads actually require the site to physically be there to load. I guess you could load two tabs, and ad-free and a ad-loaded one, but it seems like something that will be slow and unpleasant in the long run.
Most of these things detect wireshark or similar by performing tests to see what does and doesn't get through, and if some things are missing, you assume there is a block somewhere and what exactly is missing can indicate the type of block.
There is an in-depth analysis by the Washington Post here - https://www.washingtonpost.com/news/volokh-conspiracy/wp/2017/08/03/the-kronos-indictment-it-a-crime-to-create-and-sell-malware/?utm_term=.9b4ed7645cea
tldr version; possible, but they have to prove a lot of things that are hard to prove, i.e was Krono a 'device' capable of 'wiretapping', and a bunch of 'intent' type things.
I actually had this happen to me while I was a student - although this is pre-webcam era stuff. We knew because my girlfriend discovered a pair of women’s underwear in my bed, and a bunch of blonde hairs. Thankfully I did manage to talk my way out of it and was believed (mainly because we had spent the entire day together). Guy was a repulsive little cretin too - only landlord I've ever met who had to take a bodyguard with him when he went to pick up the rent.
> Have to disagree there: companies will pay for good, reliable VoIP and conferencing which is why there is Skype for Business (previously called Lync)
Reliable? Good? As someone who uses Skype for Business on a daily basis I would very much disagree with both of those. It doesn't often take the whole OS down, but we frequently have people who can't connect, stupid issues (the ringtone keeps going over the call for instance), video failing completely and various other quality issues. Cross OS support is pretty spotty as well (it never installed on my linux box and I had to run it in a VM, although others did not have issues)
Once Slack video chat starts scaling well enough (the quality is higher than Skype, and the simplicity is already there, but it starts falling apart a bit once you have 6+ people in the chat) we will probably switch to that, since we already use it preference to Skype for all text based chat between departments and offices.
Personally I used Pre-MS Skype very extensively when I worked with companies in Africa and the US, and it was great - slim and lightweight, got the job done. The first thing that MS did was bloat the UI to 3x the previous size. I even had a Skype phone (that lived for about 6 months before MS changed everything and basically bricked the phone).
I did this after 19 years and it was a pretty good decision - less stress, better hours, far less paperwork - the pay is lower but I don't have to deal with mystery fluctuations when someone decides to query my invoices (how can you charge that much for migrating our legacy PERL systems to a new server, the bosses nephew reckons he could have done it in a day!) and you don't get paid for a few months. But yeah, I'm a touch bored too,
When I first started at my current company, access to all the live environments was firewalled from my IP with the message 'f**k off tom, don't you f**king dare'. I guess my predecessor Tom did some damage at some point.
Medical hardware often only gets 'end of lifed' about 10 years after it stops production - and they are rarely on cutting-edge software platforms to start with. There is too much disparity between the lifecycle of the very, very expensive MRI machines, and the software/OS side of things - one of the reasons these machines are so expensive is that the hospital expect to have support and updates for the lifetime of the hardware. If a company goes titsup, then your probably stuffed. Having said that, isolating anything that can't be patched from your main network would be a good idea, but once again - budget restrictions don't allow that kind of undertaking, so the risk will always remain.
Speaking to a friend of a friend who works in a relevant department in the NHS, the estimate for patching legacy systems was £15m, and the budget given to them was £750k. There are also a lot of million quid bits of equipment out there with software from bankrupt or disappeared companies that requires XP or similar, and YES they shouldn't be connecting these machines to SMB shares at all, but it's never just been as straightforwards as just patching some computers.
I once (a very long time ago, COBOL era code) had a contract conducting third-party QA on a major banks systems. I was handed a long long list of boxes to tick as a spreadsheet. The problem was I couldn't even tick half those boxes because the entire thing was so buggy and unstable - I couldn't even get to the stage where 'Do X changes Y and displays Z' because even going near X caused series of unexpected results. After a couple of weeks I submitted a report detailing how to reproduce the 'pre-bugs' that needed fixing and likely causes. Suggested they try to at least reach alpha stage before paying expensive contractors to conduct beta testing. Nope, contract cancelled immediately, sod off, project was already over-budget and almost complete. They just wanted someone to tick the boxes.
My own experience of Sennheisers is that the earpads will disintegrate in short order, shedding little black dandruffy flakes everywhere for the next 8 years (which is how long my sennheiser PCX headphones have lasted for).
As for the sturdiest pair I own, AKG 271 headphones seem pretty indestructible - in 10 years owning my pair I've had a little bit of plastic break off (which I fixed in 2 seconds with a paperclip) and they've been bulletproof through plenty of dropping on the ground and heavy usage. Mine came with spare earpads and cables in different styles as well, although I've not needed to swap.
We've trialled using Slack video conferencing since we have people on linux (via web), osx and windows spread out over the country, but it's expensive for larger teams, and it doesn't seem to scale quite as well right now - for up to 8 people it's workable, but if enough people are working from home we get a noticeable drop in quality and stability. Skype for Business causes us endless problems however (crashes to desktop, weird missing audio issues, clunky invitation system in outlook that sometimes doesn't work).
Our devops guys are moving legacy systems (from a variety of external teams) to a virtualised, centralised data centre at the moment, and I've never heard such a volume of terrible language (and our devops/sysadmin team of bitter, hateful linux guys are not renowned for being polite at the best of times). 'Which c**t thought this was a good idea?', 'Hey guess how many processes this sh*tty f**king script generates? It only doesn't take the machine down because there is another f**king bug on this mailserver!', 'Why are the comments in this script in Hungarian, how do I say c**t in Hungarian??'
And actually doesn't look like anyone has managed to pwn it yet, at least it's not been defaced yet.
Oh, they also painted over everything in magnolia. Yes that includes cables if they were up against a wall, colour coded ducts etc.
I should post a photo of our newly 'renovated' server room. As part of ongoing upgrading of our 'internal spaces' they fitted a brand new suspended ceiling over the existing 60's woodchip and asbestos ceiling. Unfortunately some of the cabinets reach right up to the ceiling so they actually built the ceiling round the cabinets. In each case they actually blocked the cabinet doors from opening. Not only that, but the fire suppression was also boxed in, as were the aircon vents. Not that blocking the fire suppression would matter because although they moved the alarms onto the new ceiling, they didn't bother to actually wire them up. Not that THAT matters because it turns out they also managed to drill through some part of the roof guttering system, and about a week after putting the new ceiling up, the entire thing came straight back down the first time it rained heavily. No hardware was harmed thankfully.
The system only ever activates in the case of a crash with airbags going off - on my own car it sends out an SMS to a call center (location, direction travelling etc.), and then tries to phone them if the signal is strong enough. If I am unresponsive then emergency services are called. The system is not even powered up for external signals except in a crash or if I press the emergency button. The one in my car also has a 'breakdown' button which will connect me to a breakdown service even if I don't have a mobile phone with me - all pretty useful. Reducing the human error in horrendous accidents is definitely going to save lives, the system does not seem open to abuse, and europe has a pretty big thing about privacy, so I'm not terrified that the data will be released to a 3rd party without a good legal reason for doing so (for instance lying about the speed you were going in a crash to avoid liability)
The problem is that some versions of IE varied SO much from the standard. Basic stuff like IE not interpreting the box model properly (standard created in 1996, Microsoft only partially implemented the correct behaviour in 2001). This required very, very serious CSS-invalidating hacks to fix. And I won't even get started on such CSS horrors as 'progid:DXImageTransform.Microsoft.Alpha(Opacity=50)' or horrendous omissions that prevented people from broadly using alpha channeled PNG for over 8 years (supported Mozilla 2000, IE not until 2008).
I seem to remember some point around IE 8(?), Microsoft announcing they would be ceasing development, which never happened, now this (we're going to use OUR OWN interpretation of the standards again because open standards are for people who aren't a monopoly). The nightmare will never end will it? Even when you think it's over it's like the end of a horror movie where the rubber-masked slasher you thought was dead leaps out from behind the sofa and repeatedly stabs some poor web developer in the face. *fade to black*
My experience from living and working in australia is that the main blocker to people pirating stuff was stupidly expensive bandwidth fees - it the first time I've seen people (ok, nerds) going to a party with a hard drive and copying media from each other because your 20Gb a month didn't go that far. Last time I saw that in the UK was 10+ years ago.
The second, most important thing media producers can do to help stop piracy is just do simultaneous releases with the rest of the world. There were plenty of times that australian releases in the cinema were taking place the same time that DVD releases were happening in the rest of the world, TV is somewhat worse.
Do they even have Netflix yet? I heard some rumblings a few weeks ago about that.
Slightly off subject - but what are people using for free business chat/video conference these days. I work with a widely dispersed lot of people (Australia, Africa, one hardy lady up in the Scottish highlands on a hill) with very variable connections and we've commonly used Skype, but Microsoft seems determined to make each new version less usable than the previous one (and the Windows 8 versions are about the final straw for a lot of us - phone based versions are getting worse as well). Hangouts actually seemed pretty useful when I last used it a few months ago, but I've only ever used the browser based version, and I've not tried it with the more far-flung folk in Africa who are stuck on satellite internet.
My company uses what one could describe as 'move fast and break things', but it comes with a few very important provisos including;
* Not for mission critical applications
* Very robust plans and technology in place for fast rollout and rollback
* A very solid automated test procedure so minimal user testing is required for each release
* A very good change documentation procedure (linking client requests, project management and code versioning together into something that makes some semblance of sense).
It works very well in certain markets - we provide technical solutions for very non-technical (marketing and design) clients, and they are guaranteed to change their minds 20 times before the end of the project, demand things go live at a moments notice and generally ignore our advice whenever possible, so we have a development lifecycle that deals with this very well, and we manage their expectations with regards to bugs appropriately.
I can see the point in scrum, but I don't think I've ever seen a situation where it couldn't be handled in a more flexible, slightly less smug/self-satisfied manner. Scrum Master...
For the last 10 years or so we've been using Mac Minis as development servers, and iMacs as desktops - and I kind of have a soft spot for the Mini. While we're hard pressed to get more than 4 years service out of an iMac (indeed we have a cupboard full of broken ones - mostly overheating issues), the Mac Minis just seem to keep on going. We still have a PowerPC version, and while the plastic is now yellowed and starting to crack a little, it's still gives a solid 24 hours a day, happily running batch tasks and database duty.
The plan going forwards is to transition entirely to Minis with non-apple 27" screens attached - much the same functionality for far less money.
It seems the current best guess for the source of the images is not a single hack or security breach, but a ring of people who have been privately trading hacked images for many many years, probably using a variety of methods (brute force iCloud would have probably been involved, but I imagine most of them would have been via social engineering methods considering these people have a lot of public information to enable this kind of thing). There have been rumours around for ages regarding a 'buy in with new photos only' private ring.
This is backed up by a few accidental leaks of partial photos in various forums in the past, the fact that some of the leaked photos have been confirmed as deleted ages ago, and the wildly varying quality, naming and sources of the various images.
The person/people responsible for the actual leak has probably not been involved in the actual hacking of most of the images released, although I imagine he'll be mercilessly tracked down either by 4channers doing it 'for lulz', or the FBI.
We made the mistake of picking up YUI2 back in the day as the main user interface for various projects; it was Yahoo and backed by a genuine company and looked pretty good compared to the open source competition at the time. Terrible mistake, YUI2 was a horrible library, migration to YUI3 was a pain (and wasn't much better). Regretted it ever since. The very last major project in YUI2 is currently being migrated to jQueryUI (after hobbling along patching the ancient code), and hopefully that will be it for a few more years.
When I lived in Sydney, these things were mainly a threat when staggering drunkenly home, not looking where you were going, and all of a sudden you walk into a giant web and have a pissed-off spider the size of a large grape in your hair. Fond memories. Thankfully their bite is painful rather than deadly.
Except stocks are tied to something tangible, with physical presence that means even penny stocks usually have some kind of actual 'worth'. Bitcoin value is based on nothing - even the cryptographic proofs are utterly pointless and a massive waste of electricity. They should be treated like what they are, an academic white paper that was somehow picked up by scam artists, junkies, money launderers and libertarians and turned into the worlds most annoying currency.
Now if only the various browser companies could stop having slappy-fights over HTML5 web video & audio formats and DRM and we can give silverlight etc the boot as well, and live happily ever after.
There's currently investment approaching billions of $ to get africa fibred up - although it's mostly on the coasts right now - while inland areas still rely heavily on mobile, microwave and satellite internet (which of course can be NAT'ed). I can certainly forsee IP requirements shooting up shortly though.
I have a friend who has worked for 2 or 3 different shale companies as a planner, and all these steps;
> a) get permissions for exploratory wells in geologically suitable areas,
> b) drill exploratory wells,
> c) get sample data and analyse it,
> d) if viable economically, attempt to get permissions and agreements for production wells,
Are already in place for a huge number of sites. All they need is for someone at a large drilling company to push ahead and start piling the real money in and start drilling. This is something they are not willing to do in the current environment when the media and large parts of the government are against the concept, and they could have their licenses to frack revoked for political reasons.
Having just reviewed all my servers, almost all of the RHEL ones are running 0.9ish versions and one running 1.0.0 . In fact the only box running a vulnerable versions was an internal PowerPC development box for some reason (and it's firewalled off from the general public)
As far as I can tell, licensing music (and movies) to streaming outfits and actually making the content easy to stream is going to make far more of an impact than making Google stop indexing the content. I know people who have access to invite-only piracy sites who don't bother torrenting content any more because it's simpler to just type it into spotify or watch something on netflix. Problem is, they need to make it easier. For instance if I want to watch 'Game of Thrones' on my tablet I can't do it, because the Sky Go won't install on rooted devices (presumably for anti-piracy reasons), and HBO don't license it to anyone else. Because of anti-piracy measures the only way I could watch it on the train to work would be to pirate it, despite having paid for the content via a Sky subscription.
I've worked on a similar project in Zambia (iSchool & ZEduPad); cheap tablets pre-loaded with flash-based lessons built around the curriculum and requirements of rural communities - localised into various local languages as well. Complaining about 'Not changing the world'; educating children about subjects like malaria, nutrition, farming as well as mathematics absolutely does make a massive difference on a local level. The sorts of children these projects are aimed towards simply don't care about transferrable IT skills, they care about leaving school with the best, broadest education they can have that can allow them to make better decisions in the real world, not necessarily 'Move the the big city and get a job'.
Tablets offer a lot more than just 'cheap', since they don't have moving parts, are easily secured, easily shipped (because PC's don't like being in the back of a pickup on a desert road for 2 days to get to the school) and are relatively dust/moisture proof they are far more useful in rural and remote communities than the equivalent cheap desktop - I've seen humid conditions in a classroom kill a cheap laptop in under 6 months - the fan pulled in so much mould and moisture the thing looked like a petri dish inside. Ditto with desert dust - PC's don't cope to well with sand, dust & 40c temperatures all day long. On the other hand my tablet tends to work just fine under those circumstances (although I think my model is held together with superglue now, and the battery only holds a minimal charge, but it's had three years of daily use). They can be charged off a car, generator or via solar power. They are fairly 'instinctual' for children of all ages.
I used to go to a pub quiz every thursday just round the corner from here when I lived in Sydney, and this is in no way the weirdest thing you'll see in Newtown
Yes, it's uninsurable - because there is no way to differentiate between 'I got my bitcoins stolen by someone guessing my password' and 'I transferred my bitcoins to a new wallet and lied to you'. You could insure the exchanges against failure or theft, but then the risk is such that you'd have to charge a pretty monster fee to cover it, since virtually every exchange out there is fly-by-night, coded by a self-taught nerd, running from a PO box office, and sometimes virtually indistinguishable from a ponzi scheme.
Having seen some (alleged - http://pastebin.com/W8B3CGiN) source code from MTGox, I'm starting to lean more towards a hack of their pretty dodgy code as the source of the leak (structurally it's not bad, but lacks any manner of sensible error logging, or indeed much logging at all, and it's somewhat inconsistent, oh, and coding bank/exchange-lite software using PHP(!)), rather than any issue in the bitcoin source code. There have been accusations that Mark Karpeles vanity may have been to blame. At least they are using transactional SQL, lack of which was blamed for another exchange hack this week.
When was the last time you heard of a bank giving away half their money because they didn't do proper accounting and only hired blind tellers who would give away £20s instead of £10 by accident, then lose the keys to the vault, effectively sealing away the rest? Then closes down the bank for withdrawals for months, while still accepting deposits, all the while saying 'just technical problems'.
Insider trading, bad investments, insane payouts to bosses, mis-selling yes, but I'm willing to bet we've never seen ineptitude (or criminality) on this level.
I've been watching this one for a while, and other interesting tidbits to come out over the last few days;
* A guy claiming to have interviewed for a website UI position with them says that MtGOX up until recently had no development environment at all - all changes were made to the live site
* A large sum of coins directly owned by MtGox have not moved since some time in 2011, yet are have been claimed to be 'hacked', 'lost' or 'inaccessible', opening up the possibility that this isn't a complete theft (although some level of theft is also probable), but involves losing the keys to the virtual safe in a stunning display of further ineptitude.
I wonder if they can go back to trading Magic the Gathering: Online cards after this...
My understanding the the 'hack' relied on the fact that MtGOX had a number of automated scripts for resending failed transactions, and for transferring money from their cold storage wallet to their internet attached wallet, and absolutely no internal audit procedures to check balances. It's like someone asking their bank for £100, then phoning someone at the branch, saying 'I didn't get my money' using a different funny accent each time, and the bank gives them another £100 because there are no checks in place and it SOUNDS like a different person - repeat over several years until the vaults are bare.
Absolutely smacks of bad internal procedures, no consulting with beancounters, and s**tty coding practice. One would hope that at least one or two of the other exchanges would have more competence that Magic the Gathering Online Exchange.
Not that it makes bitcoin any less of a electricity wasting global ponzi scheme.
I can see an iCar working if they are willing to throw some of their stacks of surplus cash at it and take some risks. The Tesla is a niche product, but so were mp3 players back in the day - if someone can bring it to the mainstream and throw in some innovation, it will be a hell of a lot better than the current market of poorly thought out ugly 'hybrids' and massively expensive, sometimes on fire electric cars.
'Backed by maths' - not really, backed by a large network of nerds running custom hardware and graphics cards consuming (and wasting) vast amounts of electricity, validated by a 13Gb blockchain you have to download before dealing with bitcoins, exchanged by unregulated, mostly unqualified and definitely insecure online exchanges, easily stolen or lost, massively volatile, unscaleable and with a price propped up primarily between people with large amounts of sunk costs, and speculators.
(most of those points are arguable to a certain extent, but noone can argue against volatility and the massive amount of exchanges that have closed or had their bitcoins 'stolen')
Ditto on raising the issue with the vendor. I once (many years ago) used a very popular bit of accounting software that was written for the US market for my business in europe - it supported multiple currencies, but there were a couple of reports where '$' was hard coded. There isn't any software on the planet that doesn't have bugs, so don't act so surprised - it sounds like they are (erroneously) rounding some numbers too early in the calculation.
I lived in Aus for ages, and I although I used to squish redbacks when I saw them round the house, I had no fear of them - there are plenty of toxic spiders out there, and I had a few aussie friends get bit and it was no major issue. Things like Golden Orbweavers were more scary to me since they wove webs at face height in the middle of the night even in heavily built up areas and could give you a painful wasplike bite. Nothing like walking home in the middle of the night and suddenly finding you have an irritated, grape-sized toxic insect crawling on your face.
Huntsmen are fantastic despite their size. We left the one who lived in our roof space alone because their favourite prey was cockroaches, and cockroaches are assholes.
I think I came face to face with about 10 or so different animals in the wild there who could have done me some very serious harm (wasps nests, giant ants, very dangerous snakes). Little non-aggressive spiders really are the least of issues for people in Aus.
As far as I've been able to tell, the various Skype teams did their own thing with little in common other than the protocols and a general corporate look. I've used Skype across almost all platforms almost since the start and the UI is actually more consistant than it used to be, but still confusing, odd and subject to changing without warning.
In all honesty anything that forces people away from non-standards-compliant, buggy browsers is a plus for those of us who develop web applications. Older versions of IE (7&8 especially, thankfully we dropped support for 6) cause a massive testing and fine-tuning overhead that we could really do without. Chrome sending all our browsing habits to Google is a small crime compared to the horrors that are the mass of workarounds, hacks, extra code and hair-tearing that is required for IE compatibility.
Actually, CPU mining (even with a large botnet) is inefficient. Even GPU mining is no longer vaguely profitable due to ASICs (application specific integrated circuits) dedicated to bitcoin mining that only do one thing - mine bitcoins at speeds approaching hundreds of giga-hashes per second while using comparatively less electricity.
Unfortunately ASICs are being delivered by companies with less than stellar engineering abilities - companies like Butterfly Labs delivering products months late and massively under-spec; with bitcoin the bigger the network is, the less profit you realise - so much so that even ASICs will probably never break even once you take into consideration the massive initial investment and high electricity costs.
The punchline to the whole bitcoin joke is that is now virtually impossible to cash bitcoins out - the major exchanges are under investigation by various banks and regulatory authorities, MTGOX and others are estimating it will take years for them to give you your cash and the current 'best advice' for turning bitcoins into actual spendable money is to meet up with someone IRL and give them your bitcoins in return for paper money. The main market for actually spending bitcoin on physical product was the now defunct Silk Road, and the only other places accepting the cyber-currency online are experimental, dubious, or prone to disappearing overnight.
It varies considerably - the main cost is the satellite/microwave connection because the infrastructure (power and security mainly) varies massively from area to area, and different levels of work are required for each school. I'm mainly involved in content delivery rather than the actual installation, but I do know that it's done on massively tight margins and even a donation basis with costs being offset in the poorer schools by turning the school building into an internet cafe after-hours, and costs to the school can be a low as $1/pupil/month.
I actually work with a company that provides connectivity (internet and mobile) to rural parts of various third world African countries, and connectivity absolutely does help improve the lives of people there, especially through education. I've worked on projects that provide market prices to farmers (via website, WAP, SMS etc.) to allow them to maximise their profit, educational websites for AIDS & malaria, educational cartoons aimed towards illiterate farmers children teaching basic irrigation, crop rotation, animal care.
For the price of a handful of low-spec PC's (and low cost tablets that the company have just launched), a satellite connection and a few days on a bumpy road with an engineer or two you can transform the ability of a school to educate their pupils for years to come. Some of these schools were running on a handful of ancient textbooks - now they have access to courses specifically designed for rural african markets, in addition to the educational resources of the entire internet.
It's also likely that a fair number of companies still on XP have limited IT budgets to maintain their hardware & software. I mostly see XP in charities and organisations that buy in IT support and consultancy three or four times a year when something goes wrong, and whose IT security policy involves locking the front door when they leave for the day. I migrated a small NGO with around 12 computers from a mix of XP and Vista machines (and one Ubuntu box that noone could explain the existence of) to Windows 7 a couple of years ago, and they didn't even have a password on their WiFi (which explained the number of tourists sitting outside their very centrally placed office with their laptops).
Biting the hand that feeds IT © 1998–2017