* Posts by Doctor Syntax

16426 posts • joined 16 Jun 2014

Microsoft silently fixes security holes in Windows 10 – dumps Win 7, 8 out in the cold

Doctor Syntax Silver badge

Re: Perhaps money will talk louder:

"They have over 2 decades worth of experiences of dodging that one. That's why they have these exabyte-sized conditions you have to agree to."

Whether these EULAs are worth the paper they're not written on depends on your jurisdiction and status (consumer vs professional).

Leicestershire teen admits attempting to hack director of the CIA

Doctor Syntax Silver badge

Re: causing risk of serious damage to human welfare/national security

Rest assured, the government is undoubtedly mad as a box of frogs so maybe the spell worked.

Online criminal records checks to take a punt on troubled Verify system

Doctor Syntax Silver badge

"One problem is that the identity providers, mainly Experian at this point, fail to recognise anyone without a digital footprint "

Experian was involved in this role in the original CRB checking system about 15 years ago.

Russia, America dig into tug-of-war over Bitcoin laundering suspect

Doctor Syntax Silver badge

Re: I bet he’s FSB

"Why else would the Russians be so desperate to get him back?"

For the $4b?

Is that a bulge in your pocket or... do you have an iPhone 8+? Apple's batteries look swell

Doctor Syntax Silver badge

People keep saying Apple copies others. Is this what they mean?

Beach, please... Billionaire VC finally opens way to waves

Doctor Syntax Silver badge

Re: B E A C H P A R T Y ! ! ! !

Try to remember, this Khosla dude will be just as upset at a lone jogger on "his" beach at sunset as he would a major twelve-dozen keg barn burner with The Who's sound system cranking multi-genre, multi-decade rock&roll for three days

Not saying you're wrong but it sounds like a statement that could be tested.

Doctor Syntax Silver badge

Just impose the fines and back-date them to the moment the legislation was passed. With interest, of course.

Support team discovers 'official' vendor paper doesn't rob you blind

Doctor Syntax Silver badge

Re: As the old, old saying goes...

"then what do you use for a PHB that is rapidly killing the company ?"

Duct tape would be fine. It just takes more work than carpet.

Doctor Syntax Silver badge

Re: Common English words with very different meanings.....

"It is correctly pronounced "rowter"."

How do you pronounce "route". If you pronounce it "rowt" I can see how you got to your rowter pronunciation but we've had routes in the UK way before the router was invented to allocate them.

Doctor Syntax Silver badge

Re: Million to one chances occur nine times out of ten*

"OnCall really is just an interesting repository of anecdotes, not a manual of best practice"

It's a pretty good manual of worst practice.

Doctor Syntax Silver badge

Re: The story is ...

"The assistant knows there is a bar code - so persists by presenting it repeatedly. "

And is utterly convinced that a barcode has to be in motion in order to be read, just like a mag stripe.

Doctor Syntax Silver badge

surely it would of become very obvious once the robot went to retrieve the tape from the drive, and failed because 'I can't find the tape!'

The article describes exactly this except that the tapes were missed on the shelves and didn't get as far as the drives.

Even tapes that the team put on shelves by hand weren't being detected.

“The robot sometimes even tried to place other tapes in those 'empty' slots,”

How bad can the new spying legislation be? Exhibit 1: it's called the USA Liberty Act

Doctor Syntax Silver badge

Getting rid of the difficult bit in the title

Remember, folks, Yes Minister is your guide to administrations everywhere.

Avast urges devs to secure toolchains after hacked build box led to CCleaner disaster

Doctor Syntax Silver badge

Re: XcodeGhost again, cmon people!

"Requiring a 'pristine' build environment is software engineering 101."

Putting 'pristine' in quotes says it all, really. You may think your build environment is pristine but if it's been got at you end up in exactly the situation Piriform found themselves in.

Doctor Syntax Silver badge

Re: CC Cleaner is an enterprise tool?

"Handy little tool, not 'optimisation'."

Surely cleaning vendors' bloatware is optimisation.

Hipster disruptor? Never trust a well-groomed caveman with your clams

Doctor Syntax Silver badge

Re: Something I've always wondered ...

"The really great invention was actually the axle."

The really great invention was the roller (not Roller). Everything else was refinement.

Russian spies used Kaspersky AV to hack NSA staffer, swipe exploit code – new claim

Doctor Syntax Silver badge

I complained to "bitdefender" because with their new enforced fucking "cloud" system, not only can they "snag" files. (never used to happen with the standalone version, which they discontinued)

I believe Bitdefender are a UK company. Assuming you're also in the UK invoke your rights under the DPA or, better still, wait till next June & hit them with the new, GPDR-enabled Act. And in the meantime, don't use them. "Cloud" should have been a warning to stop right there.

Doctor Syntax Silver badge

Re: "no self respecting spook would be caught using Microsoft Windows to do their spying"

"For the thousandth time, counting CVEs does not indicate relative security levels."

Doug, there's no point in trying to explain things to A/Cs spouting the MS party line. They're only doing what they're told. You don't expect them to actually understand any of it do you?

Doctor Syntax Silver badge

Re: "no self respecting spook would be caught using Microsoft Windows to do their spying"

"the very probable fact that, spook or no, management will be using Windows and management wants their time sheets, planning, expense reports etc done on time. I haven't heard of a lot of Linux versions of the products that handle that, so you'll be most likely using Windows for all that stuff."

Management should be using what the organisation's security bods specify which, you'd hope, would be something more like Open BSD. LibreOffice will run quite nicely on BSDs so I can't see any problems with the sorts of management stuff you mention.

Doctor Syntax Silver badge

"The Washington Post says the contractor ... worked for the NSA's ace hacking team"

As I posted in another thread, it just shows that the attackers aren't good at defending. If you want good advice about defence don't take it from your attack team. What do the attack team advise? Back doors.

Hey, IoT vendors. When a paediatric nurse tells you to fix security, you definitely screwed up

Doctor Syntax Silver badge

"From the article it looks like she's been a security professional for the past three years"

Given that IoT vendors seem to place children in charge of security maybe a paediatric nurse has exactly the qualifications for dealing with them.

Doctor Syntax Silver badge

Re: But then comes the big problem: the bill.

"t'll probably cost less to deal with the fallout than to actually do things right."

Pay and cost, at least monetary cost, are two different things. It may cost the vendor money to do things right but if they don't you may pay - with your life.

Of course, there's always the other aspect of it: if the market is properly regulated you, as a vendor, don't get to sell your product if you're not doing things right so you don't get any money at all. And as it's the same for your competitors you're not at a disadvantage by doing things right. The only way to disadvantage yourself would be not to spend the money in the first place.

Spy vs spy vs hacker vs... who is THAT? Everyone's hacking each other

Doctor Syntax Silver badge

The moral of the story seems to be that attackers aren't very good at defending. So, if you want to defend your infrastructure, don't take your attack team's advice. What was it attackers advised? Oh, yes; backdoors.

Ex-Harrods IT man cleared of stealing company issued laptop

Doctor Syntax Silver badge

Re: This is one of those stories

"I got this feeling there is a wee bit more to this story than has been told."

It's a given of court cases that (a) there's more then you're being told and (b) you're being told more than there is, at least by one side.

Doctor Syntax Silver badge

"Which means Herrod's has a procedure when an employee separates, and they follow it."

Herrod? Think of the children.

Doctor Syntax Silver badge

"It would be possible for someone to have their personal credit card details accessible on a company PC for booking hotels etc on company business."

That's one category of information I don't have to keep on a PC. It lives in my wallet.

If, however, there's stuff that I think should be kept private it can go into something like Keepass. Even if the disk is encrypted on a company laptop having a separate encrypted file to which the company has no access would have solved the problem. It would also solve the problem of the company backing up the laptop onto their own servers.

Doctor Syntax Silver badge

Re: Eh?

"In normal conditions, he could have talked to a friendly Harrods IT guy"

He'd been fired. That opportunity might not have been open to him short of threatening to take it up with the ICO.

Doctor Syntax Silver badge

"He should really have asked Harrods to erase the personal data for him "

Or he could simply have taken the hard disk out, overwritten the partition with random data, replaced it, restored the OS (I assume there was a recovery partition) and then handed the machine back..

Splunk hits Oracle's Larry where it hurts: His failure to win America's Cup boat race

Doctor Syntax Silver badge

Oracle is becoming the largest "meeee toooo!" vendor in the world.

Becoming? You didn't think they invented the relational database did you?

US Senate stamps the gas pedal on law to flood America's streets with self-driving cars

Doctor Syntax Silver badge

Re: It's those evil lawyers

"But the fear of multi-million or even billion dollar jury verdicts will help keep them in line. Even with government regulation, such threats are the only reason they even obey the law any ways."

Proper says that the vehicle model has to meet safety standards to be offered for sale. Failure to take the money in the first place is an even more effective reason to obey they law than fearing it being taken away again.

Doctor Syntax Silver badge

Re: A dangerous hands-off approach to hands-free driving

"A hands-free is not as distracting, but still is to a point."

Not half as distracting as something one sees from time to time: turning to face a passenger whilst talking to them.

Doctor Syntax Silver badge

"This is why:"

Hmmm. And you think an autonomous car will do better? I think the real reason why is lobbying by companies that want to sell autonomous cars. There'll be an awful lot of profit sales to be made before there's a real handle on whether they really are safer and if the final decision is that they aren't then the companies still get to keep the money.

Doctor Syntax Silver badge

"One is the reduction in accidents as most accidents are really due to some form of operator error/stupidity."

As human drivers generally drive very safely (I don't know about US figures but as far as I can make out the fatalities in the UK must be of the order of one per 100 million* miles). This is a pretty tough target to set for an autonomous vehicle. In fact, the figure suggests that accidents are corner cases, the driver failing to cope with an out of the ordinary situation. Experience suggests that dealing with corner cases is something S/W isn't particularly good at. In addition inexperienced drivers are more likely to have accidents than experienced drivers. One should reasonably expect experienced and sober drivers to be somewhat better than the average. If I were to trust my life to an autonomous vehicle I'd want it to be at least as good as an experienced and sober driver; I have no confidence that this will be achieved for a long time if ever. Meanwhile I'm quite happy for an experiment like this to take place somewhere where I have no intention of ever being so the US fits that quite nicely.

*I base this on there being c 30 million vehicles in the UK and c 3,000 accidents and assuming 10,000 as the average mileage to get an order of magnitude figure.

Legacy clearout? Not all at once, surely. Keeping tech up to snuff in an SMB

Doctor Syntax Silver badge

Re: Madness indeed

I'm not clear as to exactly what Dave was recommending here. If he's suggesting - or it gets interpreted as suggesting - that the business just sign up for a bunch of gmail or outlook or (let's really go for it) TalkTalk or Yahoo addresses then it's not particularly a good idea. Because that looks so professional. At the very least go with a mail provider who can provide you with email addresses on your own domain.

Isn't it amazing that all these allegedly net-savvy SEO specialists don't have their own company domain but spam from gamail.

FreeBSD gains eMMC support so … errr … watch out, Android

Doctor Syntax Silver badge

I'd like to think that anyone who has the - shall we say good taste? - to use BSD in an IoT thing will also be inclined to do better than to let the user operate it with a default password.

Oath-my-God: THREE! BILLION! Yahoo! accounts! hacked! in! 2013! – not! 'just!' 1bn!

Doctor Syntax Silver badge

"The thing with the exclamation marks was never funny."

Funny, no; scornful, yes.

Doctor Syntax Silver badge

Re: Marissa Meyer laughed all the way to the bank

"Hewlett Packard Enterprises"

Fails on "in right mind".

Life began after meteorites splashed into warm ponds of water, say astronomers

Doctor Syntax Silver badge

" I'm satisfied that we're here based on an incredible string of random chances over an insanely long period of time."

No we're just a simulation - sorry, wrong thread.

Home Sec Amber Rudd: Yeah, I don't understand encryption. So what?

Doctor Syntax Silver badge

Re: But this isn't a new area for legislation

"I don't need to understand how encryption works to understand how it's helping – end-to-end encryption – the criminals."

What needs to be fed back against this is that it's simply a tool and like any other tool, has its good and bad uses. In this case its good use is the securing of everyday commercial transactions. In trying to destroy it you are helping criminals Home Secretary.

Doctor Syntax Silver badge

"Theresa May, who excelled at these two things as Home Secretary, to the point hat no-one noticed that she has literally no other recognizable skills whatsoever."

Wrong. Lots of us noticed.

Doctor Syntax Silver badge

Re: Fashionanle Ignorance

"Westminster House of Commons still has a formal separation between the benches of the opposing parties that inhibits sword fights."

The pegs in the cloakrooms also have loops for hanging up members' swords.

Doctor Syntax Silver badge

Re: Fashionanle Ignorance

"Another key to success is building mutual respect with the technical experts so they give you good advice and information."

That's only half of it. The other half is that management should heed that advice and information. Not just listen to it, heed it.

Doctor Syntax Silver badge

Re: From the BBC article

"I am not suggesting you give us the code,"

Which only adds to her display of ignorance. Some encryption code is readily available if you want it and even for proprietary code either it will use publicly available algorithms or the TLAs will be with home-grown alternatives. It's the keys that matter and for real end-to-end not even the vendor will have those. But the thing that matters most of all is the extent to which encryption is essential to the security of everyday commercial life and that the damage she can wreak there vastly exceeds what terrorists are attempting to do. It is she that is trying to help the criminals and everyone else who is trying to stop her.

Doctor Syntax Silver badge

"Otherwise, you end up in the Canute-like position of trying to repeal maths by force of law, which doesn't work."

Sorry to go all Bob but JUST GO AND READ UP ABOUT CANUTE.

Doctor Syntax Silver badge

Re: Rudd

"She's just banned the sale of acid to under 18s."

Presumably bleach is still OK.

Doctor Syntax Silver badge

Re: Rudd

"Has she remembered hydroxic acid? That should definitely be banned too."

Ooh, look! You've got exactly its pH in upvotes.

Doctor Syntax Silver badge

Re: Techies will continue to sneer. I think I get her. She simply does not care

"She simply does not care."

The odd thing is she seems to care that she's sneered at - and still doesn't try to work out why.

ISIS and Jack Daniel's: One of these things is not like the other

Doctor Syntax Silver badge

Re: Ignorance knows no borders

"It is frequently mixed with Coca-Cola, many times with Diet Coke!"

Seems reasonably. If they didn't do that they might mix one or other of them with something that could be harmed by such treatment.

BBC Telly Tax petition given new Parliament debate date

Doctor Syntax Silver badge

Don't call it a tax

You'll only give the Treasury ideas. They'll call it a hypothecated tax. Who would want such a tax with such a nasty name? So much nicer to just take it into general taxation and then HMG can fund the Beeb directly....

The licence may not be an ideal way of funding the Beeb, especially when operated by Crapita, but the alternatives - ads or direct government control - are much, much worse.

MH370 final report: Aussies still don’t know where it crashed or why

Doctor Syntax Silver badge

Re: If you found the plane it wouldn't bring the people back.

"So, what doubt are you trying to resolve?"

The doubt as to the cause and, not knowing that, we thus don't know if it was something which could be corrected on other aircraft to make them a little safer.

Biting the hand that feeds IT © 1998–2019