* Posts by Nick Kew

1974 posts • joined 16 Jan 2007

A flash of inspiration sees techie get dirty to fix hospital's woes

Nick Kew Silver badge

Crossover Columns?

Shouldn't Jason have been one for Monday's column?

Could you hack your bosses without hesitation, repetition or deviation? AI says: No

Nick Kew Silver badge

Isn't this just application of the principle of googling "how to kill your wife"? The kind of thing the Thought Police have been doing since ... I was going to say Orwell's time, but it goes back much further than that: God has been policing thoughts for millennia before that, as the totalitarian tendencies of His servants has waxed and waned.

Bug bounty alert: Musk lets pro hackers torpedo Tesla firmware risk free

Nick Kew Silver badge

Fine wheeze

The cynical view may or may not apply here. Even if it wasn't Musk's intention, the idea is now out there.

If you come out and say some security researchers are licensed to hack without fear of reprisals, you implicitly threaten other researchers with a tonne-of-bricks treatment, and the argument in court that IF not on our approved programme THEN black hat.

How to nab a HTTPS cert for a stranger's website: Step one, shatter those DNS queries...

Nick Kew Silver badge

Re: Compromised CA

Nope. If one part of a DTA is compromised, the whole verification fails and the site flags as Not Verified.

Oh, and btw, what's "Trent" in this context?

Nick Kew Silver badge

Compromised CA

Once again, the finger points at CAs as unreliable. What we need is to dispense with this single point of failure. For instance, replace the CA model with Distributed Trust Authorities, so an attacker would have to compromise every authority rather than just a single point of failure.

No, no, you're all wrong. That's not a Kremlin agent. It's someone with 'inauthentic behavior'

Nick Kew Silver badge

Identical timestamp? Quite a coincidence there.

View empty of other people? No crowds????

Methinks the question is not whether they're doctored, but by whom? Those whose Agenda is to incriminate the Russians, or those looking to incriminate the UK authorities? Do those pictures appear somewhere on regular news channels where the latter hypothesis can be discounted?

Nick Kew Silver badge

Re: Sheryl Sandberg was/is considering a run for President

I know far too little about Ms Sandberg to comment on her suitability for president.

But your post begs the question: what makes anyone suitable for president, and how many past holders of that post (never mind the present one) have been qualified?

Neutron star crash in a galaxy far, far... far away spews 'faster than light' radio signal jets at Earth

Nick Kew Silver badge

Re: theory

Yes, it is a theory - an explanation that has been repeatedly tested and so far not falsified.

What do we do if and when it is falsified?

Or, more to the point, if an observation appears to falsify it, and cannot be explained away?

What we should do: rigorously analyse and test the observation and the theory, without prejudice to either.

What we do tend to do (and get funding for): test only the hypothesis that the observation is somehow wrong. And sometimes get into very dodgy science by proposing - say - a whole new particle to explain it.

Nick Kew Silver badge

Relativity is just that: a mathematical model of the physical world. It works - as did Newton's laws before it - because it fits a lot of observational data. It also has problematic aspects: one might, for example, look at some of the problems "solved" by Dark Matter and antimatter, and compare those to past generations' elaborate explanations of planetary orbits in a geocentric universe.

As with any mathematical model, a key point is that it's not unique. As Euclid observed of parallel lines, we can't see if something different happens at infinity, and whatever happens doesn't invalidate what we can see in the known universe. An alternative model in which the speed of light is neither a constant nor a limit could undoubtedly be posited. The hard bit is matching a model with the real world, but that's something we've never more than partially accomplished with any model.

Google skewered in ad sting after Oracle-backed bods turn troll

Nick Kew Silver badge

Identity Theft

A week ago it was the Democrats in Michigan. Now it's a private US group linked to Oracle. Who next?

Russia must be guilty of something - any state does bad things. But when they're the world's prime bogeyman, it becomes impossible to pick out the true stories from the fake news, and those who stand accused from those who have stolen their identity.

And we already knew that western TLAs routinely frame those nations on which they want to put pressure.

UK.gov: NHS should be compensated by firms using its data goldmine

Nick Kew Silver badge

Re: Is the data not ours? Do NI payments mean we paid for the care and have data protection?

NI means nothing.

But whatever the NHS has is funded by the taxpayer. That includes data. So now we're saying we have to pay (again) for data we already paid for. I remember this battle over map data: it seriously held back developing geographic information systems when you had to pay a King's ransom to the OS for anything.

Oh, and to those commentards speaking of data in the first person, I hear a whooshing as the point goes over your heads. That is to say, I presume we're talking statistical data, not personal data here.

Archive.org's Wayback Machine is legit legal evidence, US appeals court judges rule

Nick Kew Silver badge

Re: Venn Diagram

Not everyone wants to vandalise the past.

What matters here is the intersection of those who do want to do that with those who know about this case and can inform themselves how to wipe history. How many criminals or iconoclasts are also Reg readers?

Even TLAs are unlikely to be competent to think of most cases they might want to wipe on their own behalf. And an untargeted mass-attack would destroy precisely what the TLAs value.

So while I can see there might be an effect, I suspect it'll be tiny. The bigger risk will remain that of regular defacement as per any site.

Trainer regrets giving straight answer to staffer's odd question

Nick Kew Silver badge

Re: has anyone else

That's an expensive wife. Can you afford such indulgences?

Anon man suing Google wants crim conviction to be forgotten

Nick Kew Silver badge

Re: Yeah, well . . .

It's how most VC works though isn't it, people invest in a VC fund, they get a part-ownership

That applies to any investment fund - VC or otherwise.

I have quite a lot of my net worth invested in VC. Naturally some investments are doing better than others.

I can shrug off a good-faith investment that loses money, but losing it to a scam is a whole nother story.

If google will tell me that someone's last venture was storage pods or airport parking that were never going to make a return for suckers investors, then google has done me good service by warning me off.

Lyon for speed, San Francisco for money, Amsterdam for fun: the best cities to be a techie

Nick Kew Silver badge

Re: I've been all over this muddy rock ...

Well, I've lived in places that made me happy, and places that made me miserable. There really is a difference.

The worst of all was London. Renting there was worse than my later stint of several months homeless and sleeping out. Though I think it could've made all the difference if I'd had either more money or an accommodation grapevine like students or nurses.

DraftKings rides to court, asks to unmask 10 DDoS suspects

Nick Kew Silver badge

Re: SHOULD they be allowed to ?

so far as I can see, this appears to be the classic open and shut case, Co was DDOS'ed, they have IP's of those involved,

That's what they claim. They'll have to convince a court of it if they want a court order.

so surely the ISP should just hand over details,

ISPs should respect their users' privacy until and unless ordered by a court to do otherwise. It's the same story as, for example, allegations of DMCA violations. Of course, the ISP might itself have evidence of abuse on which to act, in which case reports from victims feed into that action, but that's a separate question.

so how are they SO certain that these addresses are THE addresses they are looking for?

They are addresses that need to be investigated. Let's not pre-judge the outcome of that investigation. This is a legal matter, not a politicised one where it suits someone's Agenda to point the finger at [villain-of-the-day].

Fruit flies use the power of the sun to help them fly in straight lines

Nick Kew Silver badge

Re: Time flies...

IME they prefer an orange.

AI sucks at stopping online trolls spewing toxic comments

Nick Kew Silver badge

I don't know why anybody places any importance on what people comment on online comments.

Did someone say something?

People say nasty things. Sometimes even gratuitously nasty.

But it seems to me that much more time and effort goes into taking offence where nothing unpleasant was ever in the mind of the poster nor anyone else in the original discussion.

Nick Kew Silver badge

... as if we didn't have 20 years of spam/antispam history to tell us pretty clearly what AI can and can't do against human opponents.

Mozilla changes Firefox policy from ‘do not track’ to ‘will not track’

Nick Kew Silver badge

Re: Definitions, please

Charles, of course that's precisely the kind of thing that starts us into a grey area. Next step up from that would be a different domain owned by dailymail. Or a third-party contracted by them not for advertising but for, say, content syndication (the kind of thing Reuters do for news), or for distribution (like Akamai). Or an interaction service like disqus.

Blocking third-party cookies by rule is easy. Defining the ruleset - drawing lines in grey areas - is the hard bit.

Nick Kew Silver badge

Definitions, please

Can a report like this please tell us what it's actually talking about?

Third-party cookies? OK, we used to have that as standard many years ago, then it vanished. But would that be all third-party cookies, or just those that conform to some pattern? Do they distinguish session cookies from persistent ones?

And what counts as a third-party cookie? One set by secondary content, such as an image, from a different domain to the page it's in? Hmm, would that be *all* secondary content, or is a line being drawn somewhere? And why don't you make it much easier to avoid loading secondary contents from third-party domains in the first place? Well-implemented control of that could beat any ad-blocking list!

What about user tracking that the user generally opts in to? OpenID being an obvious case in point? I'd guess that's not what they're talking about.

‘Very fine people’ rename New York as ‘Jewtropolis’ on Snapchat, Zillow

Nick Kew Silver badge

Re: Trump bashing inaccurate here

Who's Trump-bashing? I see only Corbyn-bashing, which has been a popular sport in Blighty ever since he got his current job.

Didn't one of New York's most famous Jews (Woody Allen) once make a similar joke about his city's name?

No D'oh! DNS-over-HTTPS passes Mozilla performance test

Nick Kew Silver badge

DNS over layers of bloat

This is horrible bloat.

Like the bloatware on PCs, that has forced continual upgrades of RAM/etc? Well, up to a point.

But then, if you still have a 30-year-old PC with a 286 processor and half a meg of RAM, you can still run old apps on it. A perfectly good word processor and home/small biz spreadsheet. Email and most of the useful parts of the web - so long as you cut down on the fluff.

Whereas if you're on a net of even just half that age - the information dirt-track - you're going to be struggling. You really need the efficiency designed into the early 'net, not today's money-and-resources-no-object bloat.

Do we know how many people will be locked out in practice if we foist DNS-over-HTTP (let alone HTTPS) on them? I think not: they're the invisible excluded.

I remember my time on the information dirt track. I was effectively locked out of more online resources in 1998 than in 1988, because of the bloat that started with the modern Web in the mid-90s. It won't be me this time, but others out there will suffer.

If you have to simulate a phishing attack on your org, at least try to get something useful from it

Nick Kew Silver badge

Russian Hackers

So they discovered it within 30 minutes, and of course blamed Russian hackers.

If they're sufficiently alert to flag an attack within 30 minutes, doesn't that make the whole thing a Red (under the bed) Herring? If Putin really does have a team seeking to "hack" US politics, they must be laughing at the enemy's focus on an area where it's already so strong.

Microsoft's recent announcement about taking down similar phishing sites looks like another indication that such sites are a deeply ineffective approach to *acking the US. At best, yesterday's attack.

UK getting ready to go it alone on Galileo

Nick Kew Silver badge

Re: Cooperation

The hardest part to understand - as someone from neither the EU nor the UK - is how the UK government, politicians and parts of the popular press can be so impervious to understanding any of the fundamental realities of the situation.

It's because they can't agree among themselves.

The referendum presented two options: the status quo (remain) vs a blank canvas (leave). Those who campaigned and voted for leave had wildly differing and mutually incompatible expectations of what they were voting for. To take just one question, the traditional nationalists like BNP/UKIP are firmly anti-immigration, whereas Tim Martin (who campaigned for "leave" through his chain of hundreds of big pubs) told the world he expected leave to lead to more immigration, to the benefit of businesses like his.

The equivalent in a general election would be to lump together all votes for parties other than the incumbent Conservatives, and hand the government to whoever shouts loudest. It's no wonder they're all screaming now.

Nick Kew Silver badge

Re: Cooperation

@Old Tom

I find it difficult to understand that the EU aren't happy to agree a simple treaty

Who says they aren't?

It's the UK that's walking out of both the existing treaty (as per Cameron's stunt) and the legal framework underlying it (completely separate to any question that was voted on). Do we know how the EU would react if the UK were to propose some alternative treaty reinstating the necessary foundations? Of course, they'd be up against a whole new raft of red tape, and who could blame them for raising an eyebrow at the cost and complexity of reinventing legal and contractual wheels?

Nick Kew Silver badge

@Phil O'Sophist

So tell me again why it's better to have a central political government like the EU controlling R&D? Apart from a large unaccountable taxpayer-funded budget, I suppose.

Compared to what? The total EU budget for 28 countries - including all that agricultural nonsense, as well as waste[1] - is a drop in the ocean of Sir Humphrey's empire, and it's focussed. Science being one of those focuses.

[1] Both real waste and the product of 30+ years of often-false news from Murdoch et al.

Voting machine maker claims vote machine hack-fests a 'green light' for foreign hackers

Nick Kew Silver badge

No do-overs! Appeals court won’t hear $8.8bn Oracle v Google rehash

Nick Kew Silver badge

Um, wouldn't being a "patent troll" imply use of patents somewhere in the case?

And since both parties here are actual technology companies with actual technology businesses, they don't fit the definition of "patent troll", however much you may want them to.

EU tosses Nokia a small loan of €500m, tells it to go crazy with 5G R&D

Nick Kew Silver badge


Government picking winners again? Will they never learn?

In terms of mobile phones, Nokia is the past. In terms of 5G and IoT, it might be the future, but if so that'll be more by chance (if it happens) and employing good people and supporting their ideas (if that happens) than anything government might do.

Meanwhile in the real world, whatever presence Europe may have in 5G and the IoT will come from innovative companies we haven't heard of yet. A €500m pot to provide matching funds to investments from the big telcos in innovative startups could bring some real results.

Lawyers sued for impersonating rival firm online to steal clients

Nick Kew Silver badge

@Mark 85

Nope. If the vortex generates more work, that in turn will feed more lawyers.

If it were the UK, they'd get themselves a ruling that the taxpayer should fund the extra work through one of those feed-the-beast systems like legal aid. AIUI though the system is different, the US parasite has no shortage of hosts, either.

Experimental 'insult bot' gets out of hand during unsupervised weekend

Nick Kew Silver badge

Re: Where is that window?

D*** you tim, I remember being on the wrong end of that wheeze.

Can't remember what revenge I took. It may have been sending some mail from "you" to people less techie than ourselves.

Nick Kew Silver badge

Re: When I was eighteen...

Bit later than that (and at a "should've known better" age), but I still recollect with mild regret the time when things like "cat fart.wav >> remote:/dev/audio" got tightened up. Not so far off the time xhost ceased to be permissive by default.

Intel rips up microcode security fix license that banned benchmarking

Nick Kew Silver badge


the problem is that the clause was unenforceable

No. That would be for lawyers (ultimately a court) to determine, and will inevitably vary between jurisdictions.

This actually means that anyone who distributes the updated microcode can only do so if they are in a position to enforce

"Enforce" in this instance meaning that you alert your users, by distributing Intel's notice. Putting it in an abandoned cellar behind a "beware of the leopard" sign (or perhaps something like in /etc/legalese/notices/intel/CVE-whatever-2018) should be fine, so long as they have it.

Use Debian? Want Intel's latest CPU patch? Small print sparks big problem

Nick Kew Silver badge

Brilliant response

From a Debian team member on his blog.

Nick Kew Silver badge

Re: Section 3

There may be a reason for that: namely, benchmark tests are often propaganda and spin. Nevertheless, it should be obvious that a clause like that can only make things worse.

Perhaps governments could pick up on that. Declaring such clauses unenforceable would have limited effect, but banning the sale of goods with such onerous restrictions - or requiring such sales to be approved by a licensing authority through an onerous process including public consultation - would surely cause vendors to stop and think what's reasonable.

Redis has a license to kill: Open-source database maker takes some code proprietary

Nick Kew Silver badge

The naming of names

We may argue over what kind of a case Redis has here.

But one thing seems to me pure evil. Their new licence has some serious potential to confuse, and to p*** all over two valuable trademarks:

(1) It's already been spotted "out there" referred to as "Apache Common Clause". If Redis themselves sanction such use it's a clear violation of the Apache trademark.

(2) "Common Clause" and the inevitable abbreviation CC have obvious potential for confusion with Creative Commons.

I honestly don't know what we who value those trademarks can do about it. Any lawyers lurking here?

Nick Kew Silver badge

Apologies if you're already well-versed in the dynamics of forking an open-source project ...

If your "I" there really means a potentially-viable developer community interested in working together on it, then that could be an interesting effort. Go ahead and see how much momentum you can build. And trawl github et al for folks already doing related work.

On the other hand, if it's just you scratching your own concurrency itch in isolation, you'll soon end up with something that falls behind redis and may become ever harder to maintain.

Somerset boozer prepares to declare its inn-dependence from UK

Nick Kew Silver badge

Re: The Republic of Whangamomana

Are you sure the wild boar wasn't just a scapegoat? Siegfried would be a fine precedent for a hero whose murderer tried to blame his death on a wild boar.

Apple web design violates law, claims blind person

Nick Kew Silver badge

Since when is a private firm producing goods and services for the commercial market required to produce items for disabled people?

You could reformulate that in a more historic context. For example, "No blacks, no dogs, no irish". Or if you're not familiar with British history of about the 1950s, substitute your own example, perhaps involving another group like Jews or Mexicans.

This is just one of many anti-discrimination laws. We may argue at length over details, but I think most of us firmly support at least the basic principle, don't we?

(Besides, this isn't about Apple's products, it's their website that's the issue).

Nick Kew Silver badge

2000 Sydney Olympics

Is this universally known, or should the article have mentioned it?

A famous precedent here is Bruce Maguire, the blind man who successfully sued the Sydney Olympics and IBM over the inaccessibility of the Olympics website and was awarded $20k compensation.

Nick Kew Silver badge

@Charles 9 - Dynamic content is inherently easy. You build accessibility into the content generation software.

@Various commentards - Accessibility is designed right in to HTML, and is much cheaper and easier to get right than to screw up 1998-deezyner or modern-deezyner style. The situation is not remotely comparable to the compromises that sometimes have to be made in the physical world.

Techie's test lab lands him in hot water with top tech news site

Nick Kew Silver badge

Has elReg bought a 3rd server yet?

No, but they've upgraded from the original 640K RAM.

Self-driving cars will be safe, we're testing them in a massive AI Sim

Nick Kew Silver badge

Re: Does it include

If you can enumerate those things then I expect so can someone paid to do so. So yes, it will include them, and many more. It needs to learn principles, not situations. Principles such as "people, animals and vehicles all have the capacity to do something silly, so anticipate". And "where there is no clear line of sight, something might emerge".

Having worked with and on simulations for UK government clients, I would see this as largely an irrelevance. It won't damage the AI, but neither will it do much to help it that the Industry hasn't been doing much better for years already. Though it might become a box to tick in the red tape.

I guess the most positive precedents are things like the simulators used in pilot training. The pilot doesn't go straight from the simulator to being in charge of something critical: it's just one stage of training.

I wish I could quit you, but cookies find a way: How to sidestep browser tracking protections

Nick Kew Silver badge

Third-party cookies and El Reg

Debating point: does El Reg not implicitly preach what it manifestly fails to practice?

Anecdote: I recently ordered a "big-ticket" item of furniture, from a big-shed retailer on a big retail park. As part of that, I checked online, including a visit to the retailer's website from my 'phone.

That was using plain ol' Chrome. Given my very limited use of the web from the 'phone, and the fact I don't expose anything of value on it, I've never been arsed to fine-tune it against ads and such nonsense.

Sometime after, I visited El Reg from the phone. And found that every bloomin' ad on the Reg pages is now that same furniture retailer! If I visit the Reg front page, more than one ad. will appear as I scroll down, and it's always the same: the retailer whose page I visited! Click to another page, it's the same ad. OK, enough, this is just annoying: delete effing cookie!

Brit banks must disclose outages via API, decrees finance watchdog

Nick Kew Silver badge

"uncharitable techies ... yes you Reg readers"

Now there's a phrase to remember. And to remind you of, next time the Reg urges its readers into any kind of charity.

Arm debuts CPU roadmap for the first time, sort of

Nick Kew Silver badge

Re: ARM not Arm

We already have it. A full-fledged Barmy Army of commentards.

Kids are more likely than adults to submit to peer pressure from robots

Nick Kew Silver badge

U wot?

Come on now, El Reg. I know we get inadequately-presented studies here, but talking "critical" vs "neutral" tests without even a hint at your terms really is pushing it!

Nick Kew Silver badge

Re: RTM is well on its way, but not here yet

Robot Team Member?

Robots *are* useful around the house, and if you're old enough to have lived without use of a washing machine you really know it!

Mozilla-endorsed security plug-in accused of tracking users

Nick Kew Silver badge

How big is the global blacklist? Could add long delays for users on slower connections, and perhaps overload the server's pipe.

Biting the hand that feeds IT © 1998–2019