* Posts by Doctor Syntax

16426 posts • joined 16 Jun 2014

Boss made dirt list of minions' mistakes, kept his own rampage off it

Doctor Syntax Silver badge

Re: Fragile. Very fragile.

"Someone came in at that point and stopped him before he fried himself."

There's always a spoilsport.

A certain millennial turned 30 recently: Welcome to middle age, Microsoft Excel v2

Doctor Syntax Silver badge

Re: Excel drives me nuts

"pretty counter-intuitive considering how copy-paste usually behaves."

But not how you'd want it to behave in a spreadsheet. OO & LO also have dynamic pasting.

Doctor Syntax Silver badge

"The million-row excel file that should have been moved into Access fifteen years ago"

And to a proper database server 14 years and 11 months ago.

Doctor Syntax Silver badge

Re: Smartware

"It included a database application"

The company was bought by Informix for no good reason except that their (Informix's) then management suffered from a lack of BOFH and openable windows in their offices. They did some work to use Informix as a back end. But only as a back end to the spreadsheet.

Doctor Syntax Silver badge

Back when Excel was introduced Smartware was the king, at leas for the PC users where I worked back then. It was an integrated office suite in the same way that MS Office, OO and LO are but for DOS. It never made it into the Windows era, at least not in any timely fashion.

Another toothless wonder? Why the UK.gov's data ethics centre needs clout

Doctor Syntax Silver badge

Re: We need something better than utilitarianism

"'Data Science Ethical Framework' [1], a document which betrays not the slightest understanding of ethics, is ethics-free and provides no framework whatever, ethical or otherwise."

The difficult bit was got rid of in the title. It sounds like a very competent piece of work.

Doctor Syntax Silver badge

At least it's from the Ministry of Fun and not the Home Office. That's a start.

UK spy court ruled immune from judicial review – for now

Doctor Syntax Silver badge

This trick of replacing the legislation as soon as it receives what looks like a serious challenge seems to be a source of endless wriggle room.

Activist investor rages at Mellanox for dismissing Marvell's advances

Doctor Syntax Silver badge

"Peter Field is a principal at Starboard Value and also a director of Marvell Technology Group"

That's good. I'd be upset to hear that he had a conflict of interest.

Plans to thwack Official Secrets Acts smacked: Journo-gagging reform postponed

Doctor Syntax Silver badge

The postponement might simply be intended to kick it down the road until May can, as she hopes, wriggle out of the ECHR and the jurisdiction of the ECJ.

156K spam text-sending firm to ICO: It wasn't us, Commissioner

Doctor Syntax Silver badge

"The ICO needs to get real about the size of it's fines and should pursue criminal trials against the directors of the companies too."

The ICO has to operate within the limits that the law allows. One aspect of fines is how cooperative the company is - a company that admits the offence will be fined less for example. In the case of this company it sounds as if there might be scope for increasing the fine. With any luck they'll take their appeal to court.

Doctor Syntax Silver badge

"Its legal team then mounted a defence on the grounds that Hamilton had not been the instigator of the messages (despite stating previously that they had ordered them)"

Shifting your ground like that is soooo convincing.

Forget Sesame Street, scientists pretty much watched Big Bird evolve on Galápagos island

Doctor Syntax Silver badge

"in order to be considered a different species, the most important factor was cross-fertility, not mating habits."

What TFA didn't say is that the different song is a factor in mating habits. The two lots of finches don't recognise each other as being the same species. If the Big Bird species survives there'll eventually be sufficient genetic drift to break cross-fertility even if it technically exists at present.

Hybridisation has been recorded as a factor in speciation before, e.g. Spartina anglica.

Deciding whether two things are a separate species are not is a black art. Taxonomists can be regarded as two separate species, lumpers and splitters or as two sub-species of Homo sapiens.

Dark fibre arts: Ofcom is determined to open up BT's network

Doctor Syntax Silver badge

Re: The consumer would like some of Ofcom's attention too

"Consumers are still being forced to pay for old-style land lines"

No problem. Just get your land line discontinued. I'm sure your ISP will find some other way of connecting you.

Doctor Syntax Silver badge

AFAICS the situation is this:

For reasons of promoting competition BT was shut out of cable provision for years. When it became clear that the competitive situation wasn't going to deliver anything like a nationwide service once the cherry-picking was done BT was allowed in and started the much bigger investment of building a much wider FTTC network. Being an experienced telecoms company they laid capacity for expansion; much of the cost is in all the field operations so including the spare capacity now is a relatively small investment compared to what it would cost to do it later.

Now everyone who didn't make such investments in the past and don't want to do so now or in the future want to be able to leech off BT's investment. And if that happens then at some future point when BT needs the capacity that they laid but no longer have and thus fails to provide some service whose fault will it be? BT's!

Doctor Syntax Silver badge

But infrastructure builders, such as Virgin Media and CityFibre, are less keen on the idea. "They have invested heavily in fibre, and concerned that opening up dark fibre would send the wrong message as it undermines the investment case for rolling out more fibre. It is also arguably at odds with Ofcom's position that it wants to incentivise more fibre investment,"

Maybe. But maybe their objection is that what's source for the goose is source for the gander. If BT's fibre is to be opened up for all comers the same argument can be applied to theirs.

Linus Torvalds on security: 'Do no harm, don't break users'

Doctor Syntax Silver badge

"The problem, though, is how do you KNOW the bug isn't already known elsewhere?"

As you like posing hypotheticals here's one for you: There's a bug in the OS that runs your intensive care monitoring system which could lead to it being pwned. Shall we shut it down, just to be safe?

Doctor Syntax Silver badge

"The problem here is the delay between it being actively exploited and KNOWING it's being actively exploited"

No, the problem is submitters providing code to treat the possible symptoms rather than cure the disease - or, if they don't know how, telling someone who does.

Doctor Syntax Silver badge

"temporarily disabling something to ensure that it can't be exploited, while a full fix is being developed, is a perfectly acceptable security approach"

Disabling in instead of fixing it isn't. What was stopping the submitters of sending in patch to fix the problem instead of hiding it?

Doctor Syntax Silver badge

"they're unlikely to be reported if no-one can run the affected code."

Except they could be reported by security researchers who think it better to cure the symptoms instead.

Doctor Syntax Silver badge

"Which would you rather have: a system that doesn't work or can't be trusted?"

It's a false dichotomy. The effort that goes into the break it now fix should go into the fix it properly fix. What I want, and which I expect Linus to provide, because of this approach, is a system that works and can be trusted.

Doctor Syntax Silver badge

"So why is it right when Linus says effectively the same thing?"

Linus isn't saying the same thing. What he's saying is fix the problem instead of hiding it.

AFAICS what's happening is that the security researchers are sending in patches which will throw an error if a dubious bit of code is hit even if it wouldn't cause a problem in that instance. They're then expecting him to incorporate that code in the kernel tree for the next release.

What he wants is that the code itself is fixed. That can then be backported into older kernel versions* (that, of course, could also be done with the just kill it fix). However the effort that goes into the just kill it patch could either be put into a proper fix by the researcher or, if that's too difficult, into a proper bug report so it can be fixed. Either fix is likely to go into the same kernel release cycle anyway and it's vastly preferable that it's a real fix. If he allowed just kill it fixes in the real fixes are likely to be delayed.

* Linux distributions don't always run the same kernel version. These appeal to different types of user.

Production systems tend to be very conservative with LTS vernel versions and only security fixes made available as kernel updates. Consistency of operation is highly valued.

More adventurous distros exist for those who must have the latest, greatest, coolest toys. These value novelty over consistency and can expect breakages from one release to the next. A release will have the latest kernel available at the time of packaging.

Users who want to test new stuff - equivalent to the Windows Insider Fast Ring can either go for a bleeding edge distro or install RC kernels in other distros.

Doctor Syntax Silver badge

"But even so; any user who cares about the sanctity of their data probably agrees."

What if the crash the system approach leaves the user with corrupt data?

The effort should go into fixing the root problem.

Doctor Syntax Silver badge

"What do you do when you biggest issue is PEBCAK?"

The kernel hardening approach would seem to be switching off the computer and removing the keyboard. And maybe the chair.

Doctor Syntax Silver badge

"I'm not sure what you take from the article but maybe you should read the previous article as well to get some understanding."

Even better, go and read the actual post.

Seek 'passion' and tech skills will follow, say recruiting security chiefs

Doctor Syntax Silver badge

Re: entrants should "demonstrate their passion"

Maybe a qualification in music is good enough if you have the passion. Or maybe it isn't.

In the meantime I suppose readers who are currently looking for an infosec consultancy will have been able to whittle down their short-list a little.

'Treat infosec fails like plane crashes' – but hopefully with less death and twisted metal

Doctor Syntax Silver badge

Re: "get it working, fix it later"

You've seen the article? Good. Now read it. Even better, when you get to the link to the original post click that and read what he actually wrote.

Doctor Syntax Silver badge

"there are no lessons to learn."

There's one: it can happen to us.

Fujitsu imagines adjusting your rear view mirror for better hearing

Doctor Syntax Silver badge

Re: Neat technology, but...

"If there are other people in the car, they *should* be making/receiving the phone call instead of the driver."

If use of the hands-free distracts the driver then listening to one end of the call, telling the passenger what to say or even conversing with the passenger when not on a call is likely to be at least as distracting.

Doctor Syntax Silver badge

Are they going to turn the interior of the car into an anechoic chamber? The sound is going to bounce round and the passenger will hear it anyway. Or is this intended for extremely noisy cars?

Stick to the script, kiddies: Some dos and don'ts for the workplace

Doctor Syntax Silver badge

Re: Issue with Scripts

"The real issue is not scripts but a lack of a proper life cycle including a rudimentary spec (why are you doing this), peer review, testing, version control, and documentation."

You say that as if they're good things - which they are, of course, as is repeatability. Because, as you say, scripts are small programs these can be applied and more easily than into manual operations; even if the latter are written down in your ops manual as an - errrm - script you still rely on the operator following them.

Doctor Syntax Silver badge

Re: I'm technically under a NDA

"It's not Friday....I don't need mental images like that in my head!"

You do on Fridays?

Doctor Syntax Silver badge

Re: Really useful article.

"Haven't you been following the whole systemd debate?"

What did you think my comment was about?

Doctor Syntax Silver badge

Re: Do not run with scissors

"Scripts can be useful, but be careful with them."

Be even more careful just going in there and hacking it by hand.

Doctor Syntax Silver badge

You should not be relying on them for everyday tasks, or even "every year" tasks, because you're just opening yourself up to problems.

This is just what you should be using them for. As you say, you can get them ratified, check into the source code revision system of your choice or whatever in order to have a repeatable set of operations on which you can rely. For rarely performed operations this is even more important than daily ones.

Effectively you are then doing software development, whether you're a tiny one-man operation or a huge multi-national, and the same standards as you'd expect a software developer to use should apply - testing, verification, dummy-runs, early bail-outs, stop on every error, etc.

Yes. Why would you fly by the seat of your pants doing operations manually when you have this option?

Doctor Syntax Silver badge

Re: Something missing?

I would also suggest that the differences between scripting an operation and performing it manually is little different from performing it "manually" (on a computer) and actually doing the operations in person.

1. It can be reviewed by yourself and others. That way it can be checked for errors, including typos such as rm -rf ~fred /*

2. It's repeatable. If you have a saved script that was successfully yesterday you know it will perform exactly the same operations today and tomorrow which you might not do yourself if sitting there thinking "Now what did I do next?".

Doctor Syntax Silver badge

Re: Really useful article.

"For the rest of us, I suspect this is bread and butter stuff."

That's what I thought until I realised it was aimed at Windows admins. However I suspect Linux could be going that way; how else does one explain init scripts as being too difficult?

Sci-Hub domains inactive following court order

Doctor Syntax Silver badge

Re: re: I think the advantage is supposed to be ...

"That's no different to saying that thieves operate a better service than the original manufacturers."

The journals get their material written for free, edited for free and refereed for free. Then they sell it back to the sorts of people who wrote, edited and refereed it and, they hope, will write, edit and referee the next issue.

I'm finding it difficult to decide just where to place the idea of theft here, especially when I see JStor charging for access to stuff I wrote for a very cheaply produced and distributed publication.

'Data is the new oil': F-Secure man on cartels, disinformation and IoT

Doctor Syntax Silver badge

"IoT is not about users wanting internet access on appliances," Hypponen said, "it's about vendors wanting to connect them to the internet so that they can collect data."

Now tell us something we didn't know.

Mythical broadband speeds to plummet in crackdown on ISP ads

Doctor Syntax Silver badge

"traffic shaping at peak times"

And that their peak times extend from something like 2am to 1am?

Doctor Syntax Silver badge

Re: About time....

"have shared storage"

Genuine question...what's that got to do with a router?

It's something a lot of routers offer these days - stick a USB socket on the side of the router and let the punters plug a thumb drive into it and it appears on the network. The good news is you don't have to use it.

Doctor Syntax Silver badge

Re: Well...

"A better guide would be a table"

Too complicated for those who just want to look at a single number. How would the likes of Amber choose their ISP?

Doctor Syntax Silver badge

Re: Use median speeds instead

Silly idea of course, because the adslingers would have to understand what "median" means in the first place

And so would prospective customers.

'Gimme Gimme Gimme' Easter egg in man breaks automated tests at 00:30

Doctor Syntax Silver badge

Re: Obviously "gimme gimme gimme" refers to the Swedish pop band ABBA's hit

"Thanks for explaining the reference - I wouldn't have had a clue."

Even with the explanation I still don't find my life enriched by it.

Permissionless data slurping: Why Google's latest bombshell matters

Doctor Syntax Silver badge

Re: So, if I want the benefits of a smartphone, without the (opaque) slurping....

"My Google Nexus 5X is pretty much everything. It''s my plane ticket, train ticket, bus ticket, tram ticket, taxi ride and method of paying for most transactions < £30 (and many other things)."

Looks on with sympathy - but not much.

Doctor Syntax Silver badge

Re: Not GDPR relevent

"it's not about data protection."

It looks very much like a data protection issue to me.

To fix Intel's firmware fiasco, wait for Christmas Eve or 2018

Doctor Syntax Silver badge

Re: I wonder about motherboards

"You looked at a software licence recently?"

But the CPU is sold as hardware.

Microsoft scoops Search UI out from the gaping black maw of Cortana

Doctor Syntax Silver badge

Re: Bring Back Windows XP Search

"select whether you want to search inside files or not, and where to start searching from etc., with a very good UI."

Like this: https://www.kde.org/applications/utilities/kfind/ ?

Possible cut to British F-35 order considered before Parliament

Doctor Syntax Silver badge

Please sir, can we have our Harriers back?

Apple quietly wheels out 'Voxelnet' driverless car tech paper

Doctor Syntax Silver badge

"A voxel is a point on a 3D grid."

It's actually a small volume, not an actual point, just as a pixel is an area on your screen. https://en.wikipedia.org/wiki/Voxel

Hence the description: "a group of points within each voxel" (my emphasis).

OTOH what's a "trainable deep architecture"? It sounds like a ventilation shaft above a railway tunnel.

Biting the hand that feeds IT © 1998–2019