* Posts by Matthew Brasier

22 posts • joined 7 Jan 2014

Windows Subsystem for Linux distro gets a preening, updated version waddles into Microsoft's app store

Matthew Brasier

Re: Debian on WSL

As a software developer, I generally try and pay other software developers for their work whenever I get an opportunity. I have used Ubuntu on WSL for quite some time now, it is significantly more convenient than firing up a whole virtual machine when all I want to do is fire off a few commands using SSH or the AWS CLI. However distros running on WSL often have a few bugs, and a distro specifically targeting WSL sounds like something I am happy to pay for, especially given its the cost of two beers.

Fun fact: GPS uses 10 bits to store the week. That means it runs out... oh heck – April 6, 2019

Matthew Brasier

Re: Does anyone still use them?

I don't like having "The device that stops be getting lost if the weather gets really bad" and "The device I would use to communicate with emergency services if I become lost" being the same device.

I can see how for navigating towns or driving, a phone can do the job (although I still use a dedicated GPS for driving) but for walking, a dedicated GPS is a very sensible investment.

Who had ICANN suing a German registrar over GDPR and Whois? Congrats, it's happening

Matthew Brasier

Re: "The vast majority"...

Its not really the collecting of the technical and admin contacts that is the issue, it is the publishing of them in the whois database. If they were collected by the registrar, and kept private by the registrar except in the case of a court order or other legal mechanism (as nominet is doing with .co.uk addresses) there isn't an issue - the registrar has the data that it needs to perform its contract, and can provide that information where there is a legal basis to do so.

The issue is that while ICANN claims to operate in the interests of the domain registrars, its main objective here is to ensure that IP lawyers can continue to use the whois database to identify where domains may sound vaguely similar to a well-known brand, and then charge the well-known band thousands of pounds to hound the owner of the domain until they give it up.

Activists hate them! One weird trick Facebook uses to fool people into accepting GDPR terms

Matthew Brasier

Re: Facebook Income

It is true that their income comes from selling advertising space, but the value of that advertising space is created because it targets individuals based on their gathered personal information. If I am an advertiser, I am going to pay considerably more for an advert on a page of someone who fits my target demographic and has had conversations about my products with their friends, than for an advert on a page of a random individual.

How 'parasitic' Google's 'We're journalists!' court defence was stamped into oblivion

Matthew Brasier

Re: I may be misunderstanding the process but...

It isn't different to Bing etc, all the major search engines do it, because when someone searches for a topic then often a well written (if such a thing exists) wikipedia article on the subject is a great place for them to start.

Your code is RUBBISH, says GitHub. Good thing we're here to save you

Matthew Brasier

Vulnerabilities in libraries are not vulnerabilities in applications

We have a number of customers that do their own dependency scans for CVE vulnerabilities using the OWASP dependency checker plugin, it finds vulnerabilities all the time, but having a vulnerability in a library does not mean the application is subject the that vulnerability. It may be in part of a library that is not used, or it may only be exploitable under a specific set of circumstances which will never occur in the application.

Even if you are exposed to a vulnerability, it is often in a 2nd or 3rd tier dependency and you are dependent on the frameworks you are using updating their dependencies, rather than it being anything you can fix yourself.

The key thing is to be aware of what vulnerabilities you are exposed to, and have mitigations in place (or be prepared to accept the risk), it is not feasible to aim for zero reported CVE vulnerabilities.

Uber saddles up for a new cycle of controversy

Matthew Brasier

Locking to railings?

How long before people start locking the bikes across peoples gates or to other peoples property, forcing the property owner to pay to unlock the bike and get access to their property?

Serverless: Should we be scared? Maybe. Is it a silly name? Possibly

Matthew Brasier

Re: Problematic

It isn't completely out of your control, there are a number of things you can do to control costs in a cloud environment, from picking the right technologies in the right places, applying limits etc. This is broadly what "cloud architecture" is about (the drawing a cloud on a bit of paper with arrows going in and out of it is to real cloud architecture, what "Enterprise architecture" was to real systems architecture). Most cloud vendor architecture certifications recognize this, and focus on cost control (along with security) as one of the key pillars of architecting a system.

Baywatch hero drone saves silly struggling swimmers Down Under from going down under

Matthew Brasier

Re: Walks like a duck?

Its unlikely to be part of a demo - those swimmers are in some pretty rough water. It would be pretty silly for lifeguards to put swimmers (even well trained ones) in actual danger to demonstrate a new toy.

It's a decade since DevOps became a 'thing' – and people still don't know what it means

Matthew Brasier

Every time a customer of mine says they do devops I ask the developers how they are getting on with being paged at 4am to support the system. They always look horrified and tell me they don't have pagers because the operations team do that. They aren't happy when I say they aren't doing DevOps then - a key feedback look of DevOps is that developers feel the pain of operational support, resulting in them putting in more effort to make sure that issues are properly resolved and the system is reliable and stable.

Let's make the coppers wear cameras! That'll make the ba... Oh. No sodding difference

Matthew Brasier

Rational vs irrational behaviour

I agree with the poster above that the key issue is that the camera can provide a record of what happens. If we make the assumption that the majority of police are not outright psychopaths, we can probably assume that the situations in which they use force are ones that they believe at the time it is justified. There are quite a few reasons (from psychological "tunnel vision" syndromes through to plain racist beliefs) that can cause a police officers interpretation of the situation to be incorrect, but it is unlikely that in the kinds of events being considered, for the majority of officers, that wearing a camera is going to change their interpretation of the situation (they feel that they or the public are in imminent serious danger).

What a camera can do, when reviewed in hindsight, is provide information as to what kinds of situations are often mis-understood, which could be essential in having targeted training and assistance to ensure that officers better interpret similar situations in the future.

'Screaming' man fined $149 for singing 'Everybody Dance Now'

Matthew Brasier

RE: I'd like "furious cycling"

You probably wouldn't, it is only ever used when a cyclist kills someone.

Europe-wide BitTorrent indexer blockade looms after Pirate Bay blow

Matthew Brasier

That's different, purchasing from Amazon US when you are in the UK is not the same as purchasing from Amazon EU when you are in the EU (independent of which EU nation you are in).

NASA agent faces heat for 'degrading' moon rock sting during which grandmother wet herself

Matthew Brasier

Some facts

My father, who was a pretty well respected geologist, was one of the few non-americans to work with NASA moon rocks. They are indeed very protective of them, mostly because the cost of obtaining them was very high, and they are one of the few sources of "uncontaminated" geological samples from the moon. There are plenty of "moon rocks" in the form of lunar meteorites (parts of the moon that got smashed off in impacts and found their way to earth) but these have been lying around on earth for many years, and so are contaminated.

Part of the value comes from the fact that geological experiments are often destructive - they involve dissolving bits of rock in acid etc - so the rock gets used up over time, and there are no current plans to realistically obtain any more.

NASA also definately do have "agents" of various types. Having attended the launch of the curiosity rover, they also had what could be described as a small military, who were responsible for enforcing the exclusion zone around the rocket before and during take-off.

Web-app devs note: Google wants to banish JavaScript dialogues

Matthew Brasier

Re: What about applications

That should be fine though, the proposal isn't talking about getting rid of the ability to create dialogues, its talking about getting rid of the ability to create dialogues that you must interact with before you can do anything else.

You can still pop up a dialogue asking if the user wants to save what they were working on, you just can't force the user to interact with it.

Headphone batteries flame out mid-flight, ignite new Li-Ion fears

Matthew Brasier

Water

They poured a bucket of water on what was suspected to be a lithium fire?

Java? Nah, I do JavaScript, man. Wise up, hipster, to the money

Matthew Brasier

Re: @wolfetone

Actually, Java was designed to be a language to program set top boxes, it was never designed to replace C/C++ etc. That just kind of happened along the way.

I guess your younger than you think.

Oracle crushes Apiary's hope in slightly awkward email to customers

Matthew Brasier

Standard safe harbour

The stuff about not making purchasing decisionso etc is oracles standard legal disclaimer they put on any product or slide that talks about roadmaps or future versions. It's not really slapping them down in an addendum, it's boilerplate text.

That being said the future of products acquired by oracle is never very clear.

Sainsbury's Bank web pages stuck on crappy 20th century crypto

Matthew Brasier

My wife raised this with their customer support desk last year, who eventually got back to her with "Our site uses industry standard encryption" - She replied that it was industry standard in 1999, but got no reply,

EA Games rubbishes Pastebin breach claim

Matthew Brasier

Re: Ea are well practiced for something that never happens.

The fact that EA accounts are regularly compromised does not indicate that EA have been hacked, it indicates that people who play EA games have weak security.

My experience is that often people set weak passwords on accounts that aren't thought to be important (it's just a game) and then forget to update them when they later add payment details to the account for in-game purchases etc.

Larry Ellison's yacht isn't threatened by NoSQL – yet

Matthew Brasier

I don't think that sales of big data products shows that companies have big data problems they are trying to solve. In my experience what it shows is that they have relational data problems they are trying to solve, and they want to pretend they are as big and unique as google.

Bay Area plots Googlebus tax after local residents riot

Matthew Brasier

Re: Fair's fair

"It's completely different. They could stop their private buses anywhere that it is legal to stop a private vehicle, and do pick ups there"

Correct - however one of the places where it is not legal to stop a private vehicle in the state of California is at a public bus stop.

Biting the hand that feeds IT © 1998–2019