University of Portsmouth?
I guess they have a tradition to maintain. If it's good enough for the sailors and tarts, why not the fish?
1974 posts • joined 16 Jan 2007
This looks like classic deprecation warnings. And yes, warnings are a useful tool: don't you always use at least -Wall with gcc and insist it builds cleanly? A policy that can make life more difficult when faced with a third-party or legacy codebase that generates reams of warnings, especially when combined with a PHB who insists you treat it as a 'black box'.
But it's a narrow focus. And when it makes a programmer's life more difficult, it risks being counterproductive, by causing the programmer to take his eye off the ball and risk introducing other errors that should be obvious. Perhaps the next experiment should test whether the warnings are productive when the programmers are presented with a legacy codebase that generates a gigabyte of them?
Actually orthogonal to the legislation (as I read the article).
It'll mean you can't sell gnupg in Oz. And if you sell a tool that implements PGP, you'll have to be prepared to cooperate with the stasi.
Basically what it seeks to prevent is not unbreakable encryption, but rather making unbreakable encryption available to the Great Unwashed.
Those of us who can use gnupg are the tech equivalent of people capable of manufacturing drugs or weapons. You don't wipe us out, but you come down heavily on a person who supplies them to anyone else.
Ironic that it was an Aussie (Eric Young) who originally wrote the software that later became OpenSSL, back in the days when that would've been illegal in the US.
The security hole isn't really what's claimed: ability to forge a From: address is baked in to SMTP, and it relied on Damian having sysop privileges.
It's the mail system that first accepted the message then bounced it. Anyone who's suffered a Joe Job knows the hard way how inexcusably broken that is - and has been for the last 20 years or so (since mail abuse went from prank to spam). Either reject it or accept it; don't bounce!
Looks to me like a perfectly routine use of AI. The expensive Quack will do the high-level stuff, while the AI takes the technician role.
Experiments with AI in such roles help determine whether it's competent, either in an absolute sense or compared to human workers. Hopefully the AI can do a good job of avoiding some traditional problems, such as mistakes of boredom.
The paragraph quoted in the article doesn't imply breaking crypto (nor of course does it imply the contrary). It *could be* a perfectly realistic bill dealing with situations like the FBI-Iphone row.
Flat-earth George has now moved on: wikipedia tells us he's now Aussie High Commissioner to Blighty. Damn, he should be a Barry Humphries character!
They cannot move the conference to the UK because the visa issuing department will reject most of the applications.
... which would be a big improvement for unfortunate victims like Sklyarov or Hutchins.
Not sure where to suggest. There are a few countries with more liberal track records re: the 'net, but such things are subject to change (e.g. Oz, Germany). Perhaps a venue with a well-developed hospitality industry but busted government might suit. Greece, for instance?
Erm, different markets there. People who need help with wheelchairs or luggage are orthogonal to the question of who drives them.
My infirmity is my eyesight. I think I'd be reasonably safe (though not legal - despite holding a full, clean licence) driving in good conditions, but lethal in the dark and wet. No problem lugging a heavy load. The fact that self-driving doesn't solve every problem doesn't mean it's not a potentially-excellent solution for some disabilities.
Doesn't rather depend on what the VPN product claims for itself? The app store page you link isn't specific enough to tell that.
When I've used a VPN Client, it has nothing to do with hiding my identity. It's just a means to connect to an employer's or client's network. A higher-level (and much more scary) alternative to ssh, and providing less privacy than ssh, in that it gives the relevant BOFH a lot of audit trail if I do anything so frivolous as read El Reg on $work time.
In a product aimed at the employers and clients for whom I've used one, DNS lookups outside the VPN would not be an issue at all.
OK, quoting your actual words from the opening paragraph:
today's facial recognition technology is not safe for making serious decisions.
Is anyone seriously trying to claim otherwise? There's a world of difference between making a serious decision and flagging something for human attention.
A couple of years back, I had a nasty incident with police, who thought I was someone else (who I've never met, let alone know why they wanted to arrest him) and wouldn't accept I'm me. Facial recognition technology might have helped there, and - crucially - couldn't have made things worse!
 Their evidence? I opened the door at my home, where the man they wanted had previously lived. I had never thought an estate agent could be so useful as the one who manages this place and eventually was contacted to confirm my identity - and when the occupant had changed - in a manner they'd accept!
If they told the government, then within hours they'd be exploiting it themselves, for who knows what nefarious purposes!
Speaking from ignorance here. But I'd've thought that, as with any big organisation, there's both good and bad. Not everyone in the US government would have a clue what you were talking about, let alone exploit it.
I'm sure there's someone they could've told who would just have filed it.
I get VERY grumpy at etailers that try to introduce 3rd party scripts at the final stage of a payment process
If that's the abomination called "verified by visa" you have in mind, these days my transaction seems to go through just fine if I just back out of it. I presume that's Just One More inexplicable aspect of its brokenness.
Last time this came up, I was told I would need 2 ID cards, with different names and genders on them.
So you're ideally set up for a life of crime and depravity as Mr Hyde, while maintaining Dr Cresswell's status as an entirely upright and respectable member of society.
Any time we get one of these "look at the hate" articles, it leaves one crucial question unanswered.
Are the "victims" themselves (or researchers, in the case of those whose funding depends on Outrage) Making an Issue of their "group identity"?
Person: "I'm a straight white male and proud of it"
Person: "I'M A STRAIGHT WHITE MALE AND PROUD OF IT!"
World: "Shut up, idiot. We heard you the first time."
--- vs ---
Person: "I'm a black lesbian and proud of it"
Person: "I'M A BLACK LESBIAN AND PROUD OF IT!"
World: "Shut up, idiot. We heard you the first time."
SJW Army: "WAH WAH HATE SPEECH"
A quick google finds as a data point our entire GDP was around £52.7bn in 1970. A phone (let alone a phone call) may have been a somewhat-expensive luxury back then, but I doubt they consumed more than 100% of the entire economy!
I'm not even being pedantic when I say claims like "all-time low" need to be qualified! There is genuinely no clue in the article WTF the claim is supposed to mean!
 Or rather two data points: GDP $130.672bn, and exchange rate 0.4033.
I get uneasy when someone pushes for tight integration of secure comms: it's such a high-value target. This is potentially someone for NSA&friends to terrify the s**t out of until he smuggles in a backdoor for them.
Anyone know the chap in question? How would he react if someone were to suggest to him what a shame it would be if his nearest-and-dearest were blind and crippled?
If it was protectionism, they would ban all non-US sources rather than just two countries.
It's all done in small stages. First Kaspersky (um, surely a globally leading Good Guy). Then various Chinese bigcos on varying pretexts. Now a little more.
For non-US western companies there's a different approach, and it's outsourced. Use bogus patents to cripple Blackberry, leaving it a Suit-dominated company which can no longer innovate and dies a natural death. Lend a helping hand to Nokia's self-immolation.
Tariffs didn't happen all at once either. Divide and rule. If they'd hit their friends and allies (Canada, Mexico, the EU) at the same time as they hit China, the world might've got together and stood more united.
Why not just counter with Turing's Halting Problem disproof?
All you need is a super-Turing computer. Like, for instance, an Analogue X Machine.
Turning your intended analogy on its head, I guess politicians and spooks can dream of an entirely new crypto framework. Then un-inventing our existing framework can be the next thing after brexit to keep them away from reality.
When I've been on a peaceful protest, I've always done so fully expecting to be identified - and that's based on last century's technology (and police on horseback in big events). Not going to let that bother me.
The big psychological hurdle was going on an event associated with the loony left. That put me off for years, before I felt strongly enough about something to overcome natural revulsion.
CCTV is old news. In widespread use, and seemingly accepted by most.
What does facial recognition really add to CCTV? If evidence from a camera is ever going to be used against someone in court or elsewhere, it's going to be based on human analysis, and cops have been doing that for as long as there's been CCTV. Patterns of behaviour? What cop is going to stand up and face such obvious ridicule as M'lud, my client's alleged appearance in all that footage is part of the 98%.
GPS was a known future technology as far back as the 1980s.
I did some work in the late '80s on a system that was presumably prior art to the patent in question. It used a pre-GPS positioning system (non-global) and pre-GSM data network to monitor and track vehicles. Originally for security (we were part-owned by Securicor, whose business was secure transport of very-high-value loads), the system was expanding to include users like utility companies, who would use it to identify and call a nearby van when Mrs Miggins called to say she smelled gas. From distant memory, taxi companies were another target market, but I'm not sure whether any were signed up in my time.
I left that job in 1989. I'm pretty sure the company migrated to GPS sometime in the 1990s.
@GnuTzu - the problem with bug bounties is that they attract a lot of hopeful junk. A rather poor signal-to-noise ratio among the reports. That puts a burden on the developer community. Fair enough for a company paying its developers, but not good in the case of volunteer developers in an open source project.
This is mitigated if whoever offers the bounty also takes it on themselves to pre-filter submissions and forward only those that look real. But not every hopeful is capable of reading TFM and submitting their "bug" to the right place. And a rejected wannabe might submit directly to us, with the hope that we accept it and they then turn round to the bounty sponsor and say "look, it was real".
Good to see a bug bounty that isn't going to attract loads of wannabes to submit contrived nonsense reports in the hope of getting paid.
But this too could have unintended effects. If someone claims the full monty, who has been pwned? The sysop who perhaps misconfigured the software? Canonical @ubuntu? Upstream packager @debian? Or the software's original dev team? Or all of the above? Lots of scope for uncertainty there, and that's without even mentioning third-party Usual Suspects like PHP in a web server.
HTTPS isn't just about hiding the content. It's also about proving that the content is intact, as it left the source server, and that the source server is who they claim to be.
Sometimes that matters. Other times it really doesn't: who cares if it was some anonymous MITM who inserted your comment? And there are much-lower-overhead ways to achieve such goals: for example, the rarely-used Content-MD5 HTTP header offers a way to verify intactness of content against accidental damage, and similar use of a cryptographic signature such as PGP could protect where it really matters.
There are also legitimate reasons to rewrite content on the fly. My own involvement with such go back to about 2002 when I was working on accessibility tools, and provided a proxy that would rewrite elements of HTML on-the-fly to make it more readable to someone with a linear or text-only browser. Remove some of hurdles faced by blind users, or by Granny Arthritic who stands no chance chasing script-driven menus with a mouse.
So you Brits were running your economy off of LSD for years? That explains a bit...
That goes back to the Romans. And we're not the only country to do it in modern times, though some (like Italy and Turkey) saw their £ fall so far as to eliminate any purpose for the S or D subdivisions.
This has to be one of the best Monday mea culpas to date: a protagonist who is absolutely to blame and in circumstances I (and I expect many of us) can identify with. Did Simon leave you this story lined up, or are you just better at it?
I'm sure the only reason I've never done similar is that I've never been in charge of a mainframe. Though it brings to mind a few 1980s-vintage pranks, from when Unix machines trusted each other and would happily share screens (xhost + was a default setting). Or the one on VMS that had the company go into panic mode for a major security breach 'cos I altered my logout to display a logout screen for "SYSTEM".
Here's a thought. These days when bored like that, one can turn to the 'net and browse something - like the day's crop of Reg stories. I wonder if that's substantially reduced the rate of "bored" pranks, and accidents like this?
NI is a hard one to judge from outside. But insofar as a pragmatic centre ground exists in NI politics, I'd expect brexit to increase support among them for unification with Ireland. Particularly a Rees-Mogg brexit that sweeps away food standards in Blighty and so necessitates a hard border.
Project Fear was evident on all those Conservative election leaflets last year.
It was the mugshot of Corbyn, and the prospect of his getting any whiff of power. It worked, to the extent that the Tories didn't get annihilated, as would've happened if they'd faced a credible opposition. It just didn't work as well as May expected.
The brexit risk comes in two parts. One is the logistics of importing enough food to feed us all: we can expect the likes of Tesco, Sainsburys, Lidl, etc to be on top of all the new Red Tape they'll face, but that doesn't help if their trucks are stuck in 100-mile tailbacks. Then add to that our government's inability to agree among themselves what they're trying to do, and no matter how much the EU bend over backwards to accommodate us, nor how well-organised our logistics businesses may be, they'll be up against undefined rules and no fine manual.
As for WTO, the UK may have to get its act together rather more than our government can agree on just to qualify for membership. And then ... will the WTO itself survive if Trump goes to war with it? What will he do if and when WTO rule against him and in favour of any of the countries he's attacked, such as China, the EU, or Canada and Mexico?
The acid test will be whether Simon cares enough to stay on as a commentard. I hope he will: to disappear completely would seem a bit dismissive both to his successor and his community.
Raise a glass to Simon as I see his future self: a scurrilous backseat driver as Rebecca takes the column on to new excitements.
Methinks a fair few Reg commentards are among those who take offence at a product that phones home. Will you now be inviting Firefox to do so? And supplying it with more personal data (the address for any bounties) than any normal 'phone-home product would dream of?
(Yes, I know, there's shades of phoning home, and this passes one important test of being opt-in. At least for one browser user).
Biting the hand that feeds IT © 1998–2019