Two-week Inability To Summons Unrepentent Perps
1032 posts • joined 21 Jan 2014
> I can't stop looking at the gobs of silicone adhesive squirted into a lunar scientific experiment with a shaky hand.
The bluey-white splodge? I think
you'll we'll all find out soon enough that that is The Thing, emerging from the result of a cosmic-ray induced cross-mutation. Soon it will learn how to reverse the polarity of the lander's rockets and launch itself to Earth.
I've always been highly sceptical that blockchain had viable applications outside crypto-currencies but I recently read an article giving examples where trustless (or decentralised) trading would be enabled by blockchain. Fair enough, I'm convinced. But that article didn't explain how these non-crypto-currency applications replaced the Proof of Work concept to provide something like access-control. Is that why the article says "It added that blockchain solutions required a dedicated network."? Anyone? Sorry - I'm intrigued... but not enough to go and actually read the damned report.
I'm quickly coming to love blockchain - it serves two purposes - given the right rules around it, it can offer a trustless immutable ledger. It also draws snake-oil sales-persons like moths to a flame.
Almost everyone uses the word 'blockchain' as synonym for 'immutable ledger'. It isn't. So when you search to find some article explaining 'blockchain', what you get is an explanation of Bitcoin. And then everybody gets confused. So, ignore the proof of work stuff - that is Bitcoin specific.
What is a viable use for an immutable ledger?
Well, a music scenario might be that each record sale (or stream etc) has to be 'signed' by the buyer, the distributor and the artist. That way the artist knows for sure how many sales there have been and so knows whether they are being rewarded as per their contract or not. The buyer knows the artist is being rewarded because the buyer can see that the artist is a signatory to their transaction. The distributor is incentivised to take part because they can promote themselves as fairly rewarding the artists etc. A win-win-win situation.
(Note that the artist doesn't have to do this personally - a performing rights agency could represent them on their behalf as they do at the moment for traditional sales.)
Heathrow has a fairly hardcore bunch of plane spotters. I would have thought that they would have the photographic skills and equipment to initially wide-angle video (to prove location) and then zoom in (to prove a drone) if they had seen a drone. So I suggest just another false alarm.
[Sherlock icon as he is usually caricatured using enhanced optics, aka a magnifying glass.]
Yes but what has research to do with engineering? You have to actually formulate all that over hyped guff into something that looks like principles and it's all just too early right now. Either that or the researchers are rubbish at communicating to the engineering class. Not an unheard of problem.
To pick just one example: what programming language do you develop in and what approach do you use? Do you write monolithic assembler or do you write modular, object-oriented something?
Where do you think OO came from? Basic research, followed by lots of development, is the answer.
It's not "just too early right now" - if anything it is too late - software engineering principles have been forgotten by the teachers and their poor students don't stand a chance, which is why you get programmers downloading a library to left pad a string.
> For one thing, there is very little actual core information about software other than descriptions of programming languages and some discussion of algorithms. With a few exceptions -- cryptography, what else?
You're having a laugh surely? There's a *vast* body of theoretical and empirical research into every aspect of software, let alone the wider topics of computers and computing.
You give cryptography as an example. A few more just off the top of my head: virtual reality; augmented reality; machine learning; speech recognition; face recognition; processor emulation; JIT compilation; scalable DBs and distributed processing such as Hadoop. All of these were research lab stuff at one time and are now mainstream. But the research that went with them is still available.
> Artificial pets may have some therapeutic benefit for certain conditions like autism
A robot dog, with the lead attached to the wrist of a person with dementia, could allow that person to wander wherever they like for as long as they like, but make sure they cross the road safely and bring them back home when it's dinner time / gets too cold / starts to rain etc.
> Not quite correct. If your Alexa initiates a 'contractual' agreement on your behalf (ie "Alexa, buy me a new toy Yoda") then the record must be kept for as long you can refute the contract.
True, but you have to confirm the order. So Amazon knows which Alexa recordings relate to orders and which don't. So no reason to retain the non-order recordings.
How can someone at STC authorise a transfer of near $1m without there being an existing project or programme that the charity has previously done its due diligence on and agreed to fund?
And if this transfer request was disguised as part of an existing project then the criminals must have near insider levels of information in order to time the request just right, know that solar panels were a necessary part of the project, know that disbursement approval had already been granted and that it was just a matter of requesting the funds etc.
Icon: nearest thing to me holding my nose because something stinks.
 The insider could be a part of the receiving organisation of course, not STC.
Multiple choice on this one:
1) NHS Minimum PC specs will be changed to require a fax modem?
2) Lots of stand-alone scanners and printers will be bought as fax machine replacements (but at least the image will be sent by email!)?
3) Royal Mail will receive a welcome boost in the number of letters sent!?
As a valued mobile customer we'd like to inform you of some small changes to your contract terms and conditions relating to text messages, following a change approved by the FCC.
The free, text Tsunami Warning service which we were previously required to supply to you, whether you wanted it or not, has been replaced by a paid-for service costing just $250 per annum. Good news! - you have been automatically subscribed to the new service so you can continue to sleep soundly, knowing that you are protected.
More good news! The free Forest Fire text alert service has been replaced by...
> That was...until I found that each useful database had a different administrator, and needed a separate sign on and login for each and every one.
Your lack of initiative is quite disappointing. You should have used your newly acquired skills to create a password manager database, in Notes.
“In order to prevent people from reusing their passwords, Windows stores hashes of the old passwords. They’re stored under AES in the registry. If you have access to the registry, it’s not that hard to read them. You can use an undocumented API and reinstate the hash that was active just before you changed it.
Sounds useful - when my employer insists I change my password I can then immediately revert it back and carrying on using the old one indefinitely!
> I'm sure we'll be improving hardware organization for decades to come, but once you're down to electron spin, I doubt that you go any further.
Encode data as a vibration on a near infinitely long super string. Just like delay memory but halfway across the universe. :-)
How does the EU expect the UK to take part in NATO exercises (or indeed real battles) if the secret bit of Galileo is denied to us?
Does NATO think it will never need to use Galileo? Not even for a just-in-case training exercise?
Or can the secret bit be provided (to the UK) temporarily and then denied again afterwards without impacting the rest of the EU countries?
> That is for you to decide. You write the interface. You have to give them access on demand.
Ah, so if I write my app in two parts, one part is sold to the public and the other part is delivered to GCHQ to run so that they can eavesdrop. Wouldn't it be awful if the GCHQ part did coin mining at the same time. :-)
> It is the most reasonable attempt yet, but I still see too many unanswered questions about security of the connection
I have some unanswered questions too.
o How do I test the GCHQ interface? If I write a shiny new chat app, that is peer-to-peer, how do I test against an interface that doesn't yet exist? And if GCHQ intend to provide 'standard' interfaces, what happens if my app's design doesn't quite align with their standard interface?
o Assuming GCHQ do eventually produce an interface that is dedicated to my app, or aligns with my app's modus operandi, then how do I retro-fit the changes back to existing sold copies without alerting users to a new version that they may choose not to install?
o How will I prevent the users detecting a third data connection out of their device (cos it's peer-to-peer)?
These can't be the only practical objections. Some more clarity on how GCHQ expect these issues to go away would be welcome.
> "AMD failed at meeting all the performance milestones Amazon set out."
I notice that no one actually says that Annapurna managed to meet the same performance requirements. So this might have been a very expensive way of discovering that AMD weren't actually that bad after all.
 Apart from a salesman over-claiming on the performance they hoped to achieve.
 Citation required. :-)
> do we have to remind them again, they singed up to the UDHR that guarnetees privacy of communications?
Article 12: No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence...
And their response is: we aren't interfering with your ability to send correspondence to anyone you like, anywhere in the world (as long as you send it unencrypted). We only want to read it, not interfere with it.
[Warning, this comment is not to be taken seriously, but may accurately reflect the views of the Oz Government nonetheless]
> What's that ? You don't test things any more ? Well .. you're screwed, then.
As a general rule you are exactly right. But, in this case regression testing wouldn't have highlighted the malware because it was so specific to one environment.
What might help is code coverage testing - but I don't develop in JS so have no idea if the tools exist or not. The idea being that maintainers run a code coverage test after the regression tests have run, with a view to getting a report on lines of code that weren't executed during the regression tests. This would show up additional 'lurking' code and, possibly, be configurable to show code that previously wasn't executed (e.g. functionality available in a library but not used) now being executed unexpectedly.
This requires code coverage tools to exist and a degree of skill in using them. Something that repository owners should work towards automating as much as possible, rather than relying on maintainers, I feel.
> Lewis has, during his relatively brief time at the company, sold off a bunch of businesses, and wants Capita to concentrate on doing fewer things better
There must be, I suppose, in a company the size of Capita, some things that it does better than the competition. Good to see that he's on a mission to eliminate even these.
I would love to hear a comment on the state of the game from an actual AI researcher
Um: Andrew Fentem has worked in human-computer interaction research and hardware development for over 30 years
Not good enough for you?
No, you misunderstand. He wants to hear from an 'AI researcher' not a 'researcher in the field of AI'.
I haven't done the maths but i doubt that would cover the "Increase in pay, and pensions" that the teachers DO actually get but often state that they don't get?
What snide point are you trying to make here?
Teachers do get pensions - they've never claimed otherwise. They no longer get final salary pensions - they were stopped years ago. Those still teaching who started on final salary schemes have been changed onto lifetime average salary schemes. New teachers are on defined contribution like most private sector employees.
British Intelligence is the only such service in Europe not tarnished by association with the Gestapo or KGB.
British Intelligence's association with the KGB is so close that when their people want to retire or fancy a change, we offer them a job. Oleg Gordievsky, for example.
> The US Customs people will soon start opening up all the bits of kit suppsedly made in say Mexico or Germany and if they find one component with a 'Made in China' sticker on it, then they'll impose the 10% or whatever the tariff is on the whole thing and not just on one component.
I knew that one day the whole confusion over the 'China Export' / CE standards mark business would turn out to have a silver lining: just say the kit was all made in Europe - look it's even CE marked.
> It's the opposite of all your eggs in one basket. Instead, we've shared our secrets with so many organizations that eventually your data will be stolen.
Yep. I'm surprised they didn't just say: "It's okay, all those affected had their personal data exposed in the Experian leak at the end of last year so nothing more to worry about - their data was out there anyway. Please fly with us again. Please."
> Where I am we deal with some sensitive data and locking PCs amongst other stuff is a given.
Not your company but in general... one of my bugbears is that if locking screens is a necessity because of access to sensitive data, or whatever, then the company should be providing some of sort of proximity based authentication/login system so that you can't forget.
Either it's important or it isn't.
(And now that Windows 10 supports Bluetooth dynamic lock there is no excuse really.)
> and things created by machines go straight into the public domain
That's an interesting take. In the physical world the owner of a machine that makes widgets owns the widgets produced. Why shouldn't code be any different?
Biting the hand that feeds IT © 1998–2019