* Posts by DaLo

640 posts • joined 30 Aug 2012

Page:

Another UAV licence price hike? Commercial drone fliers rage over consultation

DaLo
Silver badge

Re: Logic?

"But I don't have to pay the DVLA to renew my driving licence every year."

But you do pay them £0~£2000 to tax your car.

2
0

OnePlus 5T is like the little sister you always feared was the favourite

DaLo
Silver badge

Re: Fingerprint sensor on the rear

Voice Unlock?

NFC (on car dock) Unlock?

0
0

Jet packs are REAL – and inventor just broke world speed record in it

DaLo
Silver badge

Re: Flying is the easy bit...

He did take a dive straight into the lake on this outing as well!

6
0

Self-driving bus in crash just 2 hours after entering public service

DaLo
Silver badge

Re: German Efficiency

"Germany has already decreed that robot vehicles must be programmed to kill animals and destroy property before thinking of harming humans"

But a small collision where the other party is to blame (truck reverses into you) and their insurance coughs up in full, including hire car costs etc turns into your car reversing back and hitting a house meaning that your insurance now has to foot the bill, you have to pay the excess, you have to hire a car out of your own pocket and you premiums go up, meanwhile mr truck drives off without a problem.

0
3

Not even ordering pizza is safe from the browser crypto-mining scourge

DaLo
Silver badge

Oh come on guys, that's really cheesy!

9
0

VMware open sources VR overlay for vSphere

DaLo
Silver badge

That CA Unicentre demo is pretty impressive for 1997.

Pointless but impressive.

2
0

Humble civil servant: Name public electric car chargers after me

DaLo
Silver badge

Re: Because these electric cars won't be internet enabled

But you would surely have a charger at home? 14 miles to the next hop doesn't seem too bad. Even the worst EVs can do 14 (0r 21) miles without needing their next top up.

As many workplaces are also starting to install chargers, for many people covers most of their commuting needs.

1
0
DaLo
Silver badge

Re: Because these electric cars won't be internet enabled

"Still - this is of limited use here in rural Somerset. I wonder how many chargers will be seen here?"

Already quite a lot: https://www.zap-map.com/live

0
0

WhatsApp? You still don't get EU privacy laws, that's WhatsApp

DaLo
Silver badge

Re: Interesting

"The EU privacy law as it's currently drafted does not permit it."

Yes it does. If you give clear unambiguous consent to users with an opt-in rather than opt-out and clearly detail the processing you will be using then you can do what facebook/whatsapp require.

The problem is, that if they followed the law then most people would not opt-in and so they wouldn't get that data, so they don't. They rely on ignorance not informed consent.

11
0
DaLo
Silver badge

Re: Interesting

"Is it though? It's end to end encrypted so surely they have meta data but not message contents?"

If they own the app they could have access to your messages. End-to-end encryption stops a middle-man or their comms servers, but it doesn't stop a back-channel directly from the app. I'm not suggesting they do use this capability, I very much doubt they do but they could.

12
0

Xperia XZ1: Sony spies with its MotionEye something beginning...

DaLo
Silver badge
0
0

WPA2 security in trouble as KRACK Belgian boffins tease key reinstallation bug

DaLo
Silver badge

Re: So in theory

It's equivalent to being as secure as you would be on a public WiFi network. Anything you wouldn't do on a public WiFi network you wouldn't want to do if you thought your WPA2 network may be compromised.

4
0

Concerns raised about privacy, GDPR as Lords peer over Data Protection Bill

DaLo
Silver badge

Re: What?

Also covers someone using a subject access request to ask for their personal details and you then quickly remove all the notes on file or emails of customer service saying what a 'pain'* this person or what a stupid name they've got before passing it on.

* or replace with an appropriate expletive

1
0

'There has never been a right to absolute privacy' – US Deputy AG slams 'warrant-proof' crypto

DaLo
Silver badge

"Result was the same, except for someone in Europe having sore typing fingers for a day or two."

Actually published it as a book with an OCRable font to save the fingers of the intern (although it was 'accidentally' published to usenet before then anyway)

20
0

Is that a bulge in your pocket or... do you have an iPhone 8+? Apple's batteries look swell

DaLo
Silver badge

Re: Wrong Swelling

Do I win £5?

No, because you didn't use proper formatting to create a link in your comment (e.g.https://static5.arrow.com/.../lt1389_0699_mag_fig.1.jpg), therefore your link did not work.

2
0

BBC Telly Tax petition given new Parliament debate date

DaLo
Silver badge

"To be honest, I'd be quite happy to scrap TV licensing and actually just tax TV purchases. Literally put a 10% import / sales tax on new TV's. Problem solved. "

Most TVs are around the £300 mark. So that's a tax of £30 for a TV that will last say 5 years.

Your Tax will raise £6 per year leaving a shortfall of about £141.

The Licence fee brings in £3.7billion per year.

There are about 27m TVs in the UK. If they last 5 years then the Tax per TV would have to be £685 per set. This could be a tax of 200% on the average TV. Combine that with the fact that people wouldn't then replace their TVs until they were kaput, and they'd also be a massive repair and secondhand market and you could easily see the 5 year renewal become 10 year or more.

You're now looking at a tax of perhaps £1,500 which would exacerbate the problem more and no-one could ever afford a new TV and everyone would just use a PC or buy them form Europe (While still in the free market).

So do you then Tax every PC as well? That'll go down well.

21
0

Microsoft gives all staff a marked-up 'Employee Edition' of Satya Nadella's new book

DaLo
Silver badge

@Updraft102 Re: FN+F5

@Updraft102

You've got the wrong end of the stick. The OP was talking about how the F1,F2,F3... keys can only be used by holding down the function key first as without holding it down it just activates the keyboard provider's own non-standardised shortcut. That is the reverse of a normal mode where you can press the F1,F2,F3... keys with one press and you need to use the Fn button to access the shortcuts.

The OP deduced this by the fact that to 'Hit Refresh' normally just requires hitting the F5 key, but if you have to hit Fn+F5 then it is one of those reversed mode keyboards (and a ridiculous design).

11
0

UK Home Office re-bans cheap call gateways because 'terrorism'

DaLo
Silver badge

"So people who are single and live in the middle of nowhere are on their own then?"

Yes, by definition.

23
2

Tick, tock motherf... erm, we mean, don't panic over GDPR

DaLo
Silver badge

Re: Up to €20m includes the figure zero

There has to be room for willfulness. So Talk Talk were heavily fined but it seemed to be for sheer incompetence.

The £500K fine would be for a company who made a decision to act recklessly or even criminally with data and were found out.

With the new fines I think there will be more emphasis on hurting the company's bottom line and will be relative to the size of the company but will still have a major element of whether it was premeditated or not.

2
0
DaLo
Silver badge

Sure, but until you see where the grey areas are you can't tell whether you are sitting in them or not. Most companies can't afford to be the one who is party to the proceedings that create the case law.

2
0
DaLo
Silver badge

So, does anyone know when the first draft will be published (or is it accessible somewhere now)? BBC were saying it would be published today but it now seems that it was just a proposal that was published today. It had also been stated that it was due in September.

There are important nuances and ambiguities with the current EU GDPR wording that might be a bit clearer in the published Bill so it would be useful to get some idea of the actual wording before too long.

0
0

Missed patch caused Equifax data breach

DaLo
Silver badge

Re: Typical problem of many large organizations

"This release addresses one potential security vulnerability:

Possible Remote Code Execution when performing file upload based on Jakarta Multipart parser"

"Namely, no explicit mention of the CVE fixed in the release, making it relatively easy for a busy admin - with several dozen packages status monitor, to downgrade the update from must do to 'pending'."

Hmm, Remote Code Execution would make any sysadmin's ears prick up. Anything that has a possibility of remote code execution needs to be investigated for risk asap and should get it straight into the "must do" pile.

4
0

UK Data Protection Bill lands: Oh dear, security researchers – where's your exemption?

DaLo
Silver badge

It also seems that Direct Marketing and Data Sharing have no clarity. The Bill states that the ICO must come up with a code of practice for each at some point and then have it approved by parliament, but failure to follow those guidelines does not make the company liable to prosecution.

Almost sounds like - "we're running out of time for this complex part where everyone is lobbying us and threatening to withhold their party contributions, we'll just pass the buck and deal with it later".

2
0
DaLo
Silver badge

Re: [an offense of] altering personal data in a way to prevent it being disclosed.

"I think that's it"

Nope. It is section 163

"It is an offence for a person listed in subsection (4) to alter, deface, block, erase, destroy or conceal information with the intention of preventing disclosure of all or part of the information that the person making the request would have been entitled to receive."

i.e if you get a valid data subject access request you must not change or withhold any of that data before giving it to the data subject.

4
0

Apple’s facial recognition: Well, it is more secure for the, er, sleeping user

DaLo
Silver badge

"...it would actually just be pronounced "Windows Neun" by any German speaker."

Yeah, I can see why that would really annoy Apple.

1
0

UK's new Data Protection Bill will be 'liberal' not 'libertarian', says digi minister

DaLo
Silver badge

I just hope they provide a bit less ambiguity to the 'Legitimate Interests' clause. Some commentators are taking that to mean - as long as I have (our company has) a legitimate interest (our interest) in doing it we don't need consent.

other commentators are saying that this is extremely narrow and only when explicit consent would have been impossible. I suspect the meaning should be the latter and very narrow. However it was also muddied by recital 47 which stated "The processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest." which has caused major confusion. Everything seems so clear and quite black and white and then they throw this curve ball.

I can only think this was included as a lobbying measure. There's been a lot of commentary about it but the most informed seem to suggest that direct marketing when the is no explicit consent is not allowed as a rule.

Hopefully the DPB will clear all this up - I doubt it and looking at the IP/Cookie thing could cause even more confusion.

3
0

El Reg is hiring an intern. Apply now before it closes

DaLo
Silver badge

Re: If I were 30yrs younger

But surely if you have sufficient experience and skills, you could just apply for a real job with them?

7
0

'Don't Google Google, Googling Google is wrong', says Google

DaLo
Silver badge

Re: September 13, 2017

True but at least it is unambiguous. It is ridiculous that it still isn't standardised to use yyyymmdd with or without hyphens or colons. The amount of times I've either been struggling to find a log entry only to realise the date format hasn't been localised or I have to scroll down out of the single digit dates to see what format they are using [fragmentation, consider re-writing]

Similar for times when using a cloudy service.[don't use nouns as adjectives] Are they local to the cloud, are they local are they UTC?[Rhetorical, avoid]

23
0

ICO slaps cab app chaps for 10-day spam crap

DaLo
Silver badge

Not the greatest business move?

Why would a cab company give details of its customers to a firm that will then use them to get them to use a service to recommend a cheaper cab company.

Not just a bad move from a privacy point of view but also a bad move in understanding the value of your own customer base.

6
0

Equifax mega-leak: Security wonks smack firm over breach notification plan

DaLo
Silver badge

Re: Go to the organ grinder..

However this shouldn't be allowed after 25th May 2018 as the UK version of GDPR will be in place. You can refuse to have your data shared with Equifax and the company involved cannot withhold a product from you unless they can prove it is required for the purposes of fulfilling a contract.

they may be able to claim justification for the contract bit in gaining your credit profile but them creating extra information beyond that on your profile or the credit reference agency utilising it for marketing or selling it would not be allowed.

8
0

SpaceX X-37B launch

DaLo
Silver badge

SpaceX X-37B launch

Just watching that live launch. Pretty amazing, it looks so routine. Even with a hurricane bearing down in the next couple of days, it just seemed a case of popping it up before things get a bit too windy.

Oh, we'll just land the first stage perfectly back on land again.

Impressive stuff, looks like a lot more government and military contracts might head Elon's way.

0
0

It's official: Users navigate flat UI designs 22 per cent slower

DaLo
Silver badge

"Microsoft MUST have ..."

You've not used Visual Studio have you?

16
0
DaLo
Silver badge

UX testing can be performed on 71 users and give very good correlation.

It depends on the tests, the question/task set etc and the diversity of the pool of users (e.g. you couldn't ask 100 people in a pensioner home to carry out a task and think it applies to the whole population). This is very different from a statistical survey based upon opinion.

UX testing with a pool of just 5 users can provide sufficient result for your own apps to be clear about consensus if you have a clear problem you are trying to address. It may not suffice for a general subjective or opinion based question about your website or app.

Heatmap testing general requires around 40~50 participants.

82
2

Asterisk RTP bug worse than first thought: Think intercepted streams

DaLo
Silver badge

Re: Alternatives?

Every piece of modern software is insecure - the only difference is the vulnerabilities haven't been found yet.

3
1

Rolling in personally identifiable data? It's a bit of a minefield if you don't keep your feet

DaLo
Silver badge

Re: Just wondering

Chapter 3 of the GDPR asserts your rights as a data subject. There is very little, as with all regulations, saying exactly what you can and cannot do. So having a 'no reply' e-mail address would not in itself be forbidden.

However easy access to your data, to rectify your data and to erase your data is required. In the best case this would be via a control panel that the user can access to do all this and for companies with a significant number of requests this may also become a necessity. Other than that the data subject would need another way of easily completing this, that doesn't require jumping through hoop sor fees.

The issue will be companies from outside the EU - trying to find the source of the data transfer, which may have happened many years ago will be hard. If they aren't trying to sell you an EU product or Service you will still get the same amount of spam as before.

After the 25th May 2018 I would suggest a good use of the + email extension to allow you to tag every e-mail address given out with a unique reference or the company name. Even better your own mail domain with a different e-mail address for every company you deal with. That way the source of any data transfers will be obvious and you can ask the ICO to fine them 2% (maybe even 4%) of their turnover. Or maybe even just threaten them with the ICO unless they give you substantial compensation.

0
0
DaLo
Silver badge

Re: Just wondering

Oh and it can't just be part of the terms and conditions, it must be more explicit about what you are consenting and also a service can't usually be limited if you choose to decline.

2
0
DaLo
Silver badge

Article doesn't clear much up but muddies it further.

If anyone is using this article for their own research then I would recommend a lot of extra reading. For instance

"This said, though, explicit consent isn't always required. According to Article 6 of GDPR processing, PII is legitimate (albeit with a couple of caveats) if: "processing is necessary for the purposes of the legitimate interests pursued by the controller". If you want to buy something from my online store it would be daft if I was obliged to ask you explicitly for permission to use your card number to take payment and your address to post you the goods."

However the legitimate interests is a sub section 6(1)(f) and states ...

“processing is necessary for the purposes of the legitimate

interests pursued by the controller or by a third party, except

where such interests are overridden by the interests or

fundamental rights and freedoms of the data subject which

require protection of personal data, in particular where the data

subject is a child.”

The caveats are key as anything as absolutely necessary to function (e.g. not marketing) would not be in the interests of the data subject. The data collected and processed would need to be the absolute minimum with a clear assessment of why data was included. This section also does not apply to public bodies.

The actual sub section for dealing with a shop customer is 6(1)(b)

" processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;"

Which covers the minimum needed to capture customer data to make a sale. This may well stop shops asking for your address when buying over the counter for instance - also it should stop shops in airports requiring your boarding pass when you aren't buying duty free goods.

There are some critical issues relating to the GDPR that may make significant changes to the way companies operate. WIth the ruling that IP addresses can be PII, this can affect everything from weblogs, analytics and intrusion detection systems. It may be hard to justify intrusion detection as a legitimate interest if you have never had an attack but have been merrily hoovering up IP addresses of everyone who visits your website. Also call centres would no longer be able to automatically record calls apart from some industries which may have a legal obligation. They will have to give the caller an option at the beginning of the call, which will have to be auditable.

Also remember the actual bill has not yet been published so we only know the minimum that will be in the bill not all the clauses it will contain.

6
0
DaLo
Silver badge

Re: Just wondering

Unless you explicitly asked to have them anyway then they would no longer be able to send them in the first place after 25th May 2018. Only subjects who have given consent equivalent to GDPR can have their data processed for those purposes. So unless you ticked a box to say that you wanted to receive those, they would not be able to be sent to you.

4
0

Japanese sat tech sinks Sea Shepherd anti-whaling activists' hopes

DaLo
Silver badge

@gandalfcn

You seem like you could bring some useful information to the thread but being so aggressive in tone just makes you out to be a tetchy idiot.

Calm down, it's just an IT forum.

17
0

Vodafone customers moan about sluggish data abroad

DaLo
Silver badge

Re: Blame placement

Three did the same thing a while back. Three's 'At Home' service worked great for a while but then it slowed to a crawl. Even loading a page of Google search results was unusable.

After quite I did quite a bit of testing - 6 different countries, hundreds of different cell towers, multiple foreign telcos the results were the same. A local SIM had no problem and a roaming SIM from a different network had no problem. It was HTTPS page that were being crippled along with high-bandwidth pages like streaming video. So bing.com worked fine but as Google defaulted to HTTPS it didn't.

Even with this 'evidence' Three stated it was the local providers who may have poor data throughput but Three weren't doing any throttling. They obviously were - due to not being able to see the traffic in SSL secured streams they must have taken the decision to throttle it to unusable levels. So transferring money from your bank account when you realised you needed some more while abroad wasn't possible until you got onto WiFi. It eventually resolved itself!

I suspect a similar problem.

6
0

Kremlin's hackers 'wield stolen NSA exploit to spy on hotel guests in Europe, Mid East'

DaLo
Silver badge

Re: WordPad

You seem to be confusing a number of topics. CMYK splitting isn't a feature of PDFs - they can hold any number of image and colour formats formats. Neither is more compatible or less compatible. RGB works better for screen, CMYK can work better with some printing (but not necessarily). As most images will start their life as RGB then who does the conversion to CMYK can be have pros and cons. Almost everything will 'automagically' eventually convert to CMYK. Whether you leave it up to your printer, your print driver or do it in pre-process is up to you. A decent print shop will be using the colour space and profiles of the actual proofer and final print machine so it may be beneficial to leave the splitting to an experienced print shop who will be able to match your RGB colour space to CMYK far better than you can using standard sRGB color profiles.

The fact that you state that InDesign creates 'fully compliant' PDFs shows that you don't need to use Acrobat or Adobe Reader as you stated.

A PDF is also very easy to edit you can load it into something like Indesign or Inkscape and edit away.

If you believe that your print shop will use your original files as they want to commit nefarious acts with your files and edit them to insert messages in them then you should find a better print shop. Most people who do printing will have a long and good relationship with their print shop and will not have such paranoia. Also if you do have a trusted print shop who have the original files they can often fix composition errors, bleeds trims and print marks and cater for issues with paperweights or types that even some of the best graphic designers get confused about.

However the fact still remains that you can get exact PDF reproduction for passing documents around using any number of PDF readers, none of which are relevant to print shop work. They don't need to touch Adobe software, let alone Acrobat or Adobe Reader, for creation or viewing and the result can be exactly the same if not better. Once you have created a PDF you also have no say in what is used to view it.

0
0
DaLo
Silver badge

Re: WordPad

But who would create print ready proofs in Acrobat? Surely you would use your DTP or graphics software (InDesign etc) and choose your export format based upon your printer's requirements. If that was PDF then your software would create a pdf from that. You would send it as a PDF and they would use whatever tool they wanted to import the PDF and set it up for printing. You wouldn't know what tool they were going to use to open the PDF for printing.

More often than not they would ask for the original binary file, such as an indesign file and set printing up directly from that.

Generally, other than font issues a PDF is a PDF and will display the same. It is an open ISO standard and the extensions are just that, extensions. They won't affect layout, they are used mainly for forms, annotations and for 'insecure stuff', javascript/attachments etc. (Acrobat is often used for creating PDF forms)

If it is stored as PDF/A then there is unlikely to be any incompatibilities.

1
0
DaLo
Silver badge

Re: WordPad

"The solution for circulating "complex" documents is usually Adobe Reader and that's a security nightmare too."

Shome mishtake, shurely? They might be circulated using PDF, the tool used to read the PDF is up to the end user but definitely does not have to be Adobe Reader and many safer alternatives can readily be found.

1
0

South London: Rats! The rodents have killed the internet

DaLo
Silver badge

Re: It doesn't matter.

It may be the case that they can, but I've never had a rodent eat through armoured fibre but I have lost loads of Copper Twisted Pair cabling due to various animals eating through them.

At a difference of a few pennies per metre for armoured fibre it is used for most outdoor runs that we do.

In fact I would be interested in some citations about rats being able to chew through steel, aluminium possibly but steel seems a stretch.

6
0
DaLo
Silver badge

Hmm, I thought it was standard practice to run armoured for all outdoor runs. The price difference has never been much for the runs we do.

5
0
DaLo
Silver badge

Oh damn, we've only ever had issues with various rodents chewing through ethernet twisted pair cable. The fibre has always seemed to be immune. If they are getting a taste for fibre as well then it makes life a lot more difficult.

I wonder what armour they had on these cables?

4
0

What's your point, caller? Oracle fiddles with major database release cycle numbers

DaLo
Silver badge

"The shift between 12.1.0.1 to 12.1.0.2 introduced 13,000 fixes as well as “huge and important new features such as Oracle In-Memory”, he said..."

Ah yes, the small point release that could have cost you tens of thousands of dollars.

https://www.theregister.co.uk/2014/07/24/oracle_in_memory_database_feature/>https://www.theregister.co.uk/2014/07/24/oracle_in_memory_database_feature/

3
0

Horsemen of the disk-drive apocalypse will ride upon 256TB SSDs

DaLo
Silver badge

Re: Confused editor?

SSD ≠ Disk. The author stated that 100TB HDD have little chance of reaching us in the next few years whereas SSD with >100TB have already been announced.

The author has now corrected higher to lower WRT rack space, power and cooling.

3
0
DaLo
Silver badge

Re: SSD is fine - while it works

SSDs also have early warning of failure. Similar to the SMART disk failure prediction. However, if you have a NAS just back up to it regularly anyway and then you would be covered in the event of a failure (even a continuous sync with versioning - in case of 'ransomware').

It's quite reasonable with the price and size of SSDs to run them in RAID1 even for the home user - even laptops can generally take two drives from my experience. If you are clever you can also use one drive for a year before adding a second to ensure that the MTBF will not coincide on the two devices (or swap the second drive out to a new machine after a year or two)

6
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017