* Posts by Doctor Syntax

16426 posts • joined 16 Jun 2014

WannaCry vanquisher Marcus Hutchins pleads not guilty to flogging banking trojan Kronos

Doctor Syntax Silver badge

Re: Mystery

"What still puzzles me is what evidence they have against him."

One thing we do know is that he wrote a blog post explaining some coding technique. His example code then got incorporated into Kronos. I think there's a US saying about finding a button and sewing a vest on it. That would be what the FBI are doing if that code fragment is what they claim is his writing Kronos is based on.

Doctor Syntax Silver badge

Re: Framed?

"However, the spookhauses have been embarrassed and they want blood."

Maybe. But if so I doubt it would be the NSA. He's the one person whose appearance in court could double down on their embarrassment.

Doctor Syntax Silver badge

Re: The Wannacry server domain?

"I think they're referring to the killswitch domain that Marcus himself bought to stop the vulnerable variants of WannaCrypt from propagating."

Could it be that that's because the NSA are using it for some purpose? C&C server?

A storage giant wants to give you 46,763...

Doctor Syntax Silver badge
Pint

Re: This is what is known as...

Nice one, Ken.

Waymo fleshes out self-driving car tech with hardware that goes soft at first sign of trouble

Doctor Syntax Silver badge

Re: Cost of repairs?

"Makes you wonder though, why they can't just use a permanently soft or resilient material anyway"

Or external air-bags.

Brit firms warned over hidden costs of wiping data squeaky clean before privacy rules hit

Doctor Syntax Silver badge

Re: Data retention for 6 six years?

"they have no intention of removing it even though some facts are clearly wrong such as my death 27 years ago (I share an usual name with my father who has passed on)."

Well, there's an offence under the Mark 1 DPA let alone GDPR.

Doctor Syntax Silver badge

Re: How does it work for historical orders?

"Read some of the comments further down where people have highlighted how it doesn't even begin to cover what's actually required."

I have.

Numerous comments about legal requirements to keep data for which there are exceptions, both in the passage from the statement of intent paper I quoted and from the GDPR which was also quoted.

Numerous other comments about removing from backups and Nick Ryan has quoted the GDPR on this:

2. Where the controller has made the personal data public and is obliged pursuant to paragraph 1 to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data. The section I've highlighted seems to deal with this.

Doctor Syntax Silver badge

Re: 6 years of data

"May require recording whose data you need to remove on a restore."

If you don't have surrogate keys in your database now might be a good time to think about adding them. A cascading delete of record 0e32b622-814a-11e7-8d87-78acc0c6193c is a bit less personal than one for Fred Bloggs. Even without GDPR requirements its also a much better database key.

Doctor Syntax Silver badge

Re: How does it work for historical orders?

"But if the customer asks to have all their personal details removed then how are you supposed to verify that the customer ever bought the product in the first place if they come back and say its faulty?"

Much the same as now: "Have you got the receipt?".

Doctor Syntax Silver badge

Re: More GDPR FUD

"Until (if ever) a test case reaches the courts, or the law if changed to be clearer, then there will be no clear definition of what exactly this phrase means, and what level of cost or technical difficulty will be a threshold."

This is fairly standard procedure for a lot of legislation. It's actually a means of future-proofing - the courts can redefine the interpretation when circumstances change.

Doctor Syntax Silver badge

Re: Once we leave the EU, this silly nonsense can be binned!

@ Phil O'Sophical

Careful, now. The Little Englanders get confused if you start telling them facts.

Doctor Syntax Silver badge

Re: It is just not going to happen

"Fines will be treated as a cost of business and passed on to customers."

Maybe, but it will then have a bearing on competitiveness. Those who are fined for failure to comply will be competing with those who aren't.

Doctor Syntax Silver badge

Re: It is just not going to happen

"Up to" 4% of turnover.

It's still a much higher starting point for calculations than at present.

Doctor Syntax Silver badge

Re: How does it work for historical orders?

"Sounds like it's not been thought through. At all."

Sounds like you haven't read the comments where this has been dealt with a number of times. No, I'm not going to explain it to you now. All you have to do is go back up thread and read the several quotations given from official sources.

Doctor Syntax Silver badge

Re: 6 years of data

Short memories. A week ago we had this article: https://www.theregister.co.uk/2017/08/07/data_protection_bill_draft/

In that there's a link to https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/635900/2017-08-07_DP_Bill_-_Statement_of_Intent.pdf

In there is a brief description of what's proposed which includes the following qualification: as long as it is no longer necessary or legally required for the grounds on which it was originally collected, or there are no overriding legitimate grounds for processing. (p13 for those who want the entire paragraph).

That should cover the requirement to retain data for HMRC. It's a basis for at least arguing that the difficulty of removing from backups is an overriding legitimate ground for not doing so but you'd then need to have a plan for removing the data after a restore - retain the script for doing the original removal might be a start. It might be a good idea to look at just how many generations of backup you really need.

OTOH is you're retaining data about previous customers to sell on or pester them you have my complete lack of sympathy.

Doctor Syntax Silver badge

Re: It is just not going to happen

"My conclusion was that it was never going to happen and it hasn't."

It's probably just a matter of accumulating enough fines for them to realise that it's a way to save money.

Surfacegate: Microsoft execs 'misled Nadella', claims report

Doctor Syntax Silver badge

Re: Yup drivers

"Microsoft is entirely responsible for the hardware design."

Except for the bits they can contrive to blame someone else for.

Doctor Syntax Silver badge

Re: @DJO Not surprised...

"As SSDs become cheaper, you'll start to see this because it will reduce the cost of the component."

Looking at the SSD as a component might be the wrong way of looking at it. Consider a personal computer as a data store with some access components wrapped round it.

Hell desk to user: 'I know you're wrong. I wrote the software. And the protocol it runs on'

Doctor Syntax Silver badge

"The point of this story is to reinforce the idea that women programmers are lesser beings than males"

No, it's to reinforce the idea fact that managers are lesser beings than programmers.

Doctor Syntax Silver badge

"Did he feel stupid"

Probably asked "Who's David Korn?".

UK industry mouthpiece wants 'near-universal' broadband speeds of 30Mbps by 2020

Doctor Syntax Silver badge

Near universal

Define "near".

Firmware update blunder bricks hundreds of home 'smart' locks

Doctor Syntax Silver badge

Re: Juvenile Technology

"Just remember burglars are more agile than developers."

Not always. A few have got stuck in the windows they were trying to climb through (splendid recent example http://www.independent.co.uk/news/uk/home-news/burglar-jailed-after-getting-stuck-in-bathroom-window-a7562221.html ) and a few have fallen through roofs or roof-lights.

Doctor Syntax Silver badge

"Ever gone away and not been sure if you remembered to lock it?"

1. What Roland6 said.

2. The door has a glass panel on either side. Therefore with a cylinder lock (AKA Yale* lock) latch it can never be locked at all. If the back of the door is accessible from outside then it can't be locked without a key or combination on the inside as well as the outside. A glass panel in or beside the door combined with a cylinder lock is a gift to B&E merchants.

Some of the comments in this thread reveal a worrying naivety about keys. Does nobody change the door lock when they move into new premises? A few years ago my daughter moved into a new house having received "all" the keys from the previous owner. As she was moving in a neighbour rolled up with another front door key that she'd had for some time that the previous owner had forgotten about. I'd have changed her lock anyway but it moved things on a bit.

* Yale don't just make cylinder locks. In fact my mortice lock was made by Yale.

Doctor Syntax Silver badge

Re: Why an update?

"Yes, they messed up during an update, but at least they were updating"

The purpose of an update is to improve that which is being updated If the attempt leaves it in a worse condition there's at least a basis for arguing that it wasn't really an update.

Doctor Syntax Silver badge

Re: Lovely

"it's risky enought that company providing the service and "cloud" server might go bust"

Or even just TITSUP* for a while.

*Total Inability To Secure Users' Premises

Doctor Syntax Silver badge

"So why is a locksmith needed as this is exactly what the smart lock became after it was bricked by the bad firmware?"

The whole selling point of this (apart from being a cool IoT cloud thingy) is that the property owners don't want to give out the physical key. Unless a temporary lock is fitted, for which the key can be considered disposable when the original is refitted, then this is just what they have to do. If the repaired lock doesn't also have a change of physical key, their $469 has been wasted.

Doctor Syntax Silver badge

Re: Lcal locksmith

"a temporary replacement would therefore likely be just some common conventional lock. The lock is still functioning as a conventional lock anyway"

One if the issues cited was giving the physical key to the AirBNB customer. If a conventional lock is fitted once the repaired original is in place the conventional lock can be removed and the physical key for that ceases to be of concern to the owner.

"With only a short window"

That's 5 to 7 working days. Add in up to 4 calendar days to cover weekends, i.e. up to 11 days elapsed time. If you think that's short then you have a point but maybe their customers wouldn't agree with you.

Doctor Syntax Silver badge

Re: IoT - where the S really is for Security

And the H stands for Hubris.

Doctor Syntax Silver badge

"Ever shut the front door and realised the keys were in your other jacket."

Not a problem. My front door has a lever lock that requires me to turn a key to lock it.

Doctor Syntax Silver badge

"That points to a seriously well-organized company that is probably intent on keeping its customers and showing how professional it can be in handling issues."

No. If it really cared it wouldn't leave the lock unusable for days or even weeks. It would have paid for a local locksmith to provide a same-day service to replace each customer's lock with some temporary arrangement and then replace that it in due course with the official replacement - if the customer still wanted the official replacement.

Owning up to the mistake is not customer service. Even fixing it in the way they have is not customer service. Customer service is ensuring that the inconvenience to the customer is minimised.

Top repo managers clone, then close, a nasty SSH vector

Doctor Syntax Silver badge

CVS

I started reading the article whilst a couple of updates, one of them being for CVS were being installed. Maybe the article's already out of date.

UK.gov cloud fave Amazon comes under fire for tax bill

Doctor Syntax Silver badge

"Microsoft started making gobs of profit by the late 80s when everyone was buying DOS licenses, then Windows, then Office, then Windows Server."

ISTR that it was a long time before MS started paying dividends. In fact, a quick search suggests it was as late as 2003.

Doctor Syntax Silver badge

These UK-based AWS data centres that HMG are so keen on using - when do they get built? In advance of being used, obviously (I trust MPs can work that out for themselves without expert help).

Does that need money? Yes (same proviso).

If, instead of borrowing money Amazon pay it out of existing sales on other business what does it do to the profits on which tax is paid?

What seems to be suggested in TFA is that rather than expand their business with money taken from their own sales Amazon should build up a big debt mountain in order to pay UK taxes. The distressing thing is that this probably makes sense to Hodge. After all when she was in govt. her party proved pretty adept at encouraging the building of debt mountains. Maybe she forgets that it didn't work out well.

Doctor Syntax Silver badge

Re: Profit

"Rip up that tax book and start again - Maggie ballooned it and Blair (being a good Socialist) expanded it even further"

I get a bit forgetful in my old age. Could you remind me of the dates when these were Chancellors of the Exchequer?

Doctor Syntax Silver badge

Re: Legislation, Boycotts and Real Change

"MPs and journalists really should know this stuff."

It's optional. They do know it until it suits them not to.

Doctor Syntax Silver badge

"Where did I suggest that?"

Maybe he assumed you must have defined it. Given that the scheme made no sense to the rest of us it we couldn't even begin to work out how it could have been fair.

I think you may have mis-remembered what you read. Turnover isn't a company's equivalent to salary. As a taxable figure it means nothing until you know what it cost to produce that turnover.

Doctor Syntax Silver badge

"Presumably they're hoping that it'll get to some point and stop re-cycling its profits into investment, and suddenly cash ahoy! But that may never happen."

Didn't Microsoft also run like this for a long, long time?

Google and its terrible, horrible, no good, very bad week in full

Doctor Syntax Silver badge

Re: Kieren, thank you for avoiding profanity this time

"Sorry to correct you, group traits are one thing, however they are totally useless for finding the specific profile(s) you might need to perform specific roles."

Which is what you said first time round and with which I agreed.

The point is that when you've made a series of such individual selections for similar roles you shouldn't be surprised to find your group skewed on some criterion or other as, in fact, you found in the example which you went on to quote.

Having obtained your result would you then have felt there was something wrong by having a predominantly female programming team?

Doctor Syntax Silver badge

" If certain people don't want to enter certain fields then so be it."

Not good enough. Must have diversity at any cost.

Doctor Syntax Silver badge

"Well, he did it in his own time."

I thought the Silicon Valley work ethic was that you didn't have your own time. Maybe that's why he was fired.

Doctor Syntax Silver badge

Re: Out of Date Discussion

"These days you look around and see a lot of bright people from all sorts of backgrounds, and if they're choosing not to work for your company, or worse still not even choosing to specialise in your field of business, learn it at school, etc, that's probably because your corporate culture is unattractive."

Maybe you should go back and reconsider this paragraph. You're saying that some people will actually avoid a field of study because a particular employer in that field has a corporate culture that they find unattractive. Do you really believe that school children not only have a concept of corporate culture but that they know the corporate culture of a particular employer in that field and take that as a basis for choosing what they study?

I studied what interested me and what I thought I was good at. There are a number of things I'd like to have done but which I'm comfortable acknowledging I'd be useless at. These are the factors that guide educational choices, assuming choices are available.

Even as one gets older and comes to grasp the concept of corporate culture why on Earth would one avoid an entire field on the basis of the corporate culture of a single employer within it?

Doctor Syntax Silver badge

Re: Kieren, thank you for avoiding profanity this time

"One thing I have learned to reject is the simple minded belief that individuals can be assessed by looking at a group and guessing."

You are quite correct in this. That's because individuals vary quite a lot, one to another.

However this does not stop you being able to look at groups and discerning that individuals in one group are more likely to display some traits rather than those in others. Your group assessment will be better than your individual assessment.

That's what statistics is all about; ask your scientifically inclined daughter. BTW she will also explain to you what's wrong with the phrase "science and genetics".

Doctor Syntax Silver badge

Re: Just to clarify

"Or did they do the standard corporate weaseling and hope the problem would go away?"

Not quite They hoped that firing him would have sped it on its way.

Kremlin's hackers 'wield stolen NSA exploit to spy on hotel guests in Europe, Mid East'

Doctor Syntax Silver badge

Re: Curious to know

"How do you patch a Windows system so that it's safe to click on a .doc file"

Remove Word.

Good Lord: Former UK spy boss backs crypto

Doctor Syntax Silver badge

Re: Security

"Don't tell me there are no back-doors in open source and open standards"

Can you give us a few examples. If you're right it shouldn't be difficult as it's all out there in the open. If you find them the maintainers will quickly close them.

Real talk: Machine learning is not there yet. Some assembly required

Doctor Syntax Silver badge

"we use it to predict future values of key business metrics"

And how did reality match prediction? Or are those still future values and hence untested? Or are the circumstances such that it becomes a self-fulfilling prophecy because the business works towards those targets in which case there's no evidence that that was the best use of the effort dedicated to it.

TalkTalk fined £100k for exposing personal sensitive info

Doctor Syntax Silver badge

Re: No surprise

"Why?"

So that potential customers get to hear.

"If you want to have it out with Talk Talk, then do it on their official Twitter and Facebook feeds, and then everybody else can enjoy it, and it'll be in Talk Talk's face."

Tempting, but not tempting enough for me to sign up to either Twitter or Facebook.

'Adversarial DNA' breeds buffer overflow bugs in PCs

Doctor Syntax Silver badge

Is that you Bobby?

Doctor Syntax Silver badge

Re: Bah!

"They created synthetic DNA which, when sequenced, produced dataset"

Which is an unnecessarily long winded way to produce a dataset.

Official: Windows for Workstations returns in Fall Creators Update

Doctor Syntax Silver badge

Re: What about auto-updates?

"Trying to restart a nuclear rector"

Isn't that a vicarious experience?

Biting the hand that feeds IT © 1998–2019