* Posts by Doctor Syntax

16449 posts • joined 16 Jun 2014

Firmware update blunder bricks hundreds of home 'smart' locks

Doctor Syntax Silver badge

"Ever gone away and not been sure if you remembered to lock it?"

1. What Roland6 said.

2. The door has a glass panel on either side. Therefore with a cylinder lock (AKA Yale* lock) latch it can never be locked at all. If the back of the door is accessible from outside then it can't be locked without a key or combination on the inside as well as the outside. A glass panel in or beside the door combined with a cylinder lock is a gift to B&E merchants.

Some of the comments in this thread reveal a worrying naivety about keys. Does nobody change the door lock when they move into new premises? A few years ago my daughter moved into a new house having received "all" the keys from the previous owner. As she was moving in a neighbour rolled up with another front door key that she'd had for some time that the previous owner had forgotten about. I'd have changed her lock anyway but it moved things on a bit.

* Yale don't just make cylinder locks. In fact my mortice lock was made by Yale.

Doctor Syntax Silver badge

Re: Why an update?

"Yes, they messed up during an update, but at least they were updating"

The purpose of an update is to improve that which is being updated If the attempt leaves it in a worse condition there's at least a basis for arguing that it wasn't really an update.

Doctor Syntax Silver badge

Re: Lovely

"it's risky enought that company providing the service and "cloud" server might go bust"

Or even just TITSUP* for a while.

*Total Inability To Secure Users' Premises

Doctor Syntax Silver badge

"So why is a locksmith needed as this is exactly what the smart lock became after it was bricked by the bad firmware?"

The whole selling point of this (apart from being a cool IoT cloud thingy) is that the property owners don't want to give out the physical key. Unless a temporary lock is fitted, for which the key can be considered disposable when the original is refitted, then this is just what they have to do. If the repaired lock doesn't also have a change of physical key, their $469 has been wasted.

Doctor Syntax Silver badge

Re: Lcal locksmith

"a temporary replacement would therefore likely be just some common conventional lock. The lock is still functioning as a conventional lock anyway"

One if the issues cited was giving the physical key to the AirBNB customer. If a conventional lock is fitted once the repaired original is in place the conventional lock can be removed and the physical key for that ceases to be of concern to the owner.

"With only a short window"

That's 5 to 7 working days. Add in up to 4 calendar days to cover weekends, i.e. up to 11 days elapsed time. If you think that's short then you have a point but maybe their customers wouldn't agree with you.

Doctor Syntax Silver badge

Re: IoT - where the S really is for Security

And the H stands for Hubris.

Doctor Syntax Silver badge

"Ever shut the front door and realised the keys were in your other jacket."

Not a problem. My front door has a lever lock that requires me to turn a key to lock it.

Doctor Syntax Silver badge

"That points to a seriously well-organized company that is probably intent on keeping its customers and showing how professional it can be in handling issues."

No. If it really cared it wouldn't leave the lock unusable for days or even weeks. It would have paid for a local locksmith to provide a same-day service to replace each customer's lock with some temporary arrangement and then replace that it in due course with the official replacement - if the customer still wanted the official replacement.

Owning up to the mistake is not customer service. Even fixing it in the way they have is not customer service. Customer service is ensuring that the inconvenience to the customer is minimised.

Kremlin's hackers 'wield stolen NSA exploit to spy on hotel guests in Europe, Mid East'

Doctor Syntax Silver badge

Re: Curious to know

"How do you patch a Windows system so that it's safe to click on a .doc file"

Remove Word.

Good Lord: Former UK spy boss backs crypto

Doctor Syntax Silver badge

Re: Security

"Don't tell me there are no back-doors in open source and open standards"

Can you give us a few examples. If you're right it shouldn't be difficult as it's all out there in the open. If you find them the maintainers will quickly close them.

Google and its terrible, horrible, no good, very bad week in full

Doctor Syntax Silver badge

Re: Out of Date Discussion

"These days you look around and see a lot of bright people from all sorts of backgrounds, and if they're choosing not to work for your company, or worse still not even choosing to specialise in your field of business, learn it at school, etc, that's probably because your corporate culture is unattractive."

Maybe you should go back and reconsider this paragraph. You're saying that some people will actually avoid a field of study because a particular employer in that field has a corporate culture that they find unattractive. Do you really believe that school children not only have a concept of corporate culture but that they know the corporate culture of a particular employer in that field and take that as a basis for choosing what they study?

I studied what interested me and what I thought I was good at. There are a number of things I'd like to have done but which I'm comfortable acknowledging I'd be useless at. These are the factors that guide educational choices, assuming choices are available.

Even as one gets older and comes to grasp the concept of corporate culture why on Earth would one avoid an entire field on the basis of the corporate culture of a single employer within it?

Doctor Syntax Silver badge

Re: Kieren, thank you for avoiding profanity this time

"One thing I have learned to reject is the simple minded belief that individuals can be assessed by looking at a group and guessing."

You are quite correct in this. That's because individuals vary quite a lot, one to another.

However this does not stop you being able to look at groups and discerning that individuals in one group are more likely to display some traits rather than those in others. Your group assessment will be better than your individual assessment.

That's what statistics is all about; ask your scientifically inclined daughter. BTW she will also explain to you what's wrong with the phrase "science and genetics".

Doctor Syntax Silver badge

Re: Just to clarify

"Or did they do the standard corporate weaseling and hope the problem would go away?"

Not quite They hoped that firing him would have sped it on its way.

Real talk: Machine learning is not there yet. Some assembly required

Doctor Syntax Silver badge

"we use it to predict future values of key business metrics"

And how did reality match prediction? Or are those still future values and hence untested? Or are the circumstances such that it becomes a self-fulfilling prophecy because the business works towards those targets in which case there's no evidence that that was the best use of the effort dedicated to it.

TalkTalk fined £100k for exposing personal sensitive info

Doctor Syntax Silver badge

Re: No surprise


So that potential customers get to hear.

"If you want to have it out with Talk Talk, then do it on their official Twitter and Facebook feeds, and then everybody else can enjoy it, and it'll be in Talk Talk's face."

Tempting, but not tempting enough for me to sign up to either Twitter or Facebook.

Doctor Syntax Silver badge

Re: No surprise

"Within the week, they'll have marketing saps* camped outside many major Shopping Centres"

And if they appear at mine I'll explain loudly and at length why I changed a previous ISP after they took it over and why they're a laughing stock in the entire IT industry for their ineptitude.

Doctor Syntax Silver badge

News from next month, "TalkTalk anounces unavoidable price increase of £1 per month per customer due operational cost increases"

Given that their ?only selling point is price there's a limit to the fines they can pass on.

Doctor Syntax Silver badge

Re: Role based access control

"They were fined £100,000 of a possible £500,000. 1/5th the maximum fine. The 4% fine would not be applied under the GDPR. "

Let's look at it another way. From their 2016 annual report let's take the headline income before various deductions as the turnover. That's £1,838m. 4% is £73.52m. Now apply a 1/5 maximum and that comes out to £14.7m. So taking the same % of the new maximum fine should be enough to get the board's attention.

Doctor Syntax Silver badge

"No organisation will be hit with anywhere near the maximum fines. We will see fines around the same levels we are seeing at the moment."

Citation needed

UK.gov cloud fave Amazon comes under fire for tax bill

Doctor Syntax Silver badge

These UK-based AWS data centres that HMG are so keen on using - when do they get built? In advance of being used, obviously (I trust MPs can work that out for themselves without expert help).

Does that need money? Yes (same proviso).

If, instead of borrowing money Amazon pay it out of existing sales on other business what does it do to the profits on which tax is paid?

What seems to be suggested in TFA is that rather than expand their business with money taken from their own sales Amazon should build up a big debt mountain in order to pay UK taxes. The distressing thing is that this probably makes sense to Hodge. After all when she was in govt. her party proved pretty adept at encouraging the building of debt mountains. Maybe she forgets that it didn't work out well.

Doctor Syntax Silver badge

Re: Profit

"Rip up that tax book and start again - Maggie ballooned it and Blair (being a good Socialist) expanded it even further"

I get a bit forgetful in my old age. Could you remind me of the dates when these were Chancellors of the Exchequer?

Doctor Syntax Silver badge

Re: Legislation, Boycotts and Real Change

"MPs and journalists really should know this stuff."

It's optional. They do know it until it suits them not to.

Doctor Syntax Silver badge

"Where did I suggest that?"

Maybe he assumed you must have defined it. Given that the scheme made no sense to the rest of us it we couldn't even begin to work out how it could have been fair.

I think you may have mis-remembered what you read. Turnover isn't a company's equivalent to salary. As a taxable figure it means nothing until you know what it cost to produce that turnover.

Doctor Syntax Silver badge

"Presumably they're hoping that it'll get to some point and stop re-cycling its profits into investment, and suddenly cash ahoy! But that may never happen."

Didn't Microsoft also run like this for a long, long time?

'Adversarial DNA' breeds buffer overflow bugs in PCs

Doctor Syntax Silver badge

Is that you Bobby?

Doctor Syntax Silver badge

Re: Bah!

"They created synthetic DNA which, when sequenced, produced dataset"

Which is an unnecessarily long winded way to produce a dataset.

Official: Windows for Workstations returns in Fall Creators Update

Doctor Syntax Silver badge

Re: What about auto-updates?

"Trying to restart a nuclear rector"

Isn't that a vicarious experience?

Doctor Syntax Silver badge

Re: What about auto-updates?

"Is that what you see or what you're told happens?"

I was told it happened by the OP who saw it. Does that answer your question?

Alien 'lava lamp' with dying magnetic field orbited Earth a billion years ago – science

Doctor Syntax Silver badge

"prehistoric lunar rocks"

Just ordinary lunar rocks, then. An historic lunar rock would really get my attention.

Revealed: The naughty tricks used by web ads to bypass blockers

Doctor Syntax Silver badge

Re: I work in this industry

"At the end of the day people who use ad blockers don't generate us money, and we don't give a shit about your user experience."

I think you've got that back to front. You don't give a shit about our experience so that's why we use ad-blockers. If you want to know why we make it more difficult for you to take your punters' money, go find a mirror.

Doctor Syntax Silver badge

Re: I ask three things before I allow ads

"maybe an animated GIF"

You're too generous. It was one particular animated GIF that was the final straw for me.

Doctor Syntax Silver badge

Re: The Solution is Simple

"When they'd businesses clean up their act and take responsibility for the crapware they peddle, then things will improve."

There's a risk that even if they cleaned up people wouldn't notice because the ad-blockers will hide that. The big question is whether we've already reached that tipping point. I'm surprised that Google haven't put their foot down some time ago. If online advertising implodes they have more to lose than anyone else and a greater ability than anyone else to strangle the crap slingers to stop it imploding.

Doctor Syntax Silver badge

If they could comprehensively and honestly answer that, then they might find a solution mirror.

Doctor Syntax Silver badge

Re: Gotta be honest here...

"Im open to suggestions on how to earn circa £150-200 a month without anyone having to pay a bean."

TL;DR beyond this point.

Presumably every page on your site has useful content other than, maybe, navigational pages. So there's nothing difficult about working out what those reading the page are interested in: they're interested in whatever that page content is. So what you need is a way to get businesses who are in a relevant line of business pay a small amount per month for a static ad to take an interested viewer to their own web site. You could try approaching such businesses directly. It could save them money - at the cost to you of some effort - because it cuts out all the middlemen making and distributing the often irrelevant, punter pissing off, bandwidth hugging crap.

Doctor Syntax Silver badge

"I'm not sure how the business is going to continue."

That's easy to understand. The advertising industry keeps selling advertising to the advertisers. The fact that everybody hates it making it counter-productive is kept well hidden. The advertising industry is very effective at selling. But what it sells is its own product, advertising. Nothing else.

Doctor Syntax Silver badge

"Do all the fancy stuff to select which image at the server end"

It doesn't even need to be fancy. You know what page the user's browsing. You know what's on the page because it's your page. So you know what he's interested in. After that it becomes easy to add the relevant ad to the page. So easy, in fact, that the advertiser and publisher need very little in the way of middlemen to take a profit from. Now why do you think the advertising industry doesn't try to sell that solution instead?

Doctor Syntax Silver badge

Re: Hey Instart

"If someone has gone to the trouble of blocking ads and they find a way to get round it, then they are likely to be pissing people off and losing all goodwill, so there is not really any benefit to doing it surely?"

You need to distinguish between the advertisers, those with products or services they want to sell and the advertising industry that delivers advertising to potential customers.

The latter want to push the adverts at you regardless of whether or not it injures the reputation of their clients because they're not selling their clients' products, they're selling their own which is advertising. For them it's profitable to get round ad-blockers. For their mugs clients it's money spent on alienating existing and potential customers but don't expect the advertising industry to tell them that.

John Wanamaker, one of the pioneers of marketing is reputed to have said “Half the money I spend on advertising is wasted; the trouble is I don't know which half”. Presumably he'd have welcomed ad-blockers because they'd have instantly cut out a lot of his wasted - and very likely counter-productive - spending.

Hell desk to user: 'I know you're wrong. I wrote the software. And the protocol it runs on'

Doctor Syntax Silver badge

The other side of this is spending an afternoon working through the vendor's source code (they'd supplied most of it) to discover why their invoicing program was causing the RDBMS engine to eat memory until it had crashed two weeks running.

Doctor Syntax Silver badge

Re: Possible or easy?

"There could well be a full-featured 3D CAD - potentially fully documented - in systemd, and you might just not know."

Hey, how did you find it? It was supposed to be secret.

Doctor Syntax Silver badge

Re: Possible or easy?

"But it could easily be a failure of the accompanying documentation."

Documentation? Who reads that?

Can GCHQ order techies to work as govt snoops? Experts fear: 'Yes'

Doctor Syntax Silver badge

OK, to lighten up this debate - assuming a warrant comes with a gag order how do TPTB prosecute someone who refuses to obey the warrant?

Doctor Syntax Silver badge

Re: What if...

I am not a lawyer, but if I were defending an employee who had been fired...then said employee would be extremely unlucky.

Doctor Syntax Silver badge

Re: Off the leash

"or rather, the ones that are vague alluded to as being telco-ish which IMHO a lot of horse manure without a formal license, but we'll leave that aside for the moment"

Why would we leave it aside? If the definition doesn't specify a telecoms operator as conforming to your personal definition, i.e. being a licensed operator, then your argument collapses. The Act says what it says, not what you think it should say.

Doctor Syntax Silver badge

"What do you reckon?"

I reckon over-broadly worded legislation straying well beyond centuries-old legal limits parading ministerial authority as due process of law and under-scrutinised by Parliament is a dangerous thing.

I also reckon that possibly the notion that a warrant could be served on an individual and binding on a telecoms provider may have been intended to allow someone to collar a bloke driving an Openreach van and tell him, as a representative of a telecoms provider to put a tap on a given line without going through too much paperwork. I further reckon that even if that's the case it's open to misuse far beyond that.

Doctor Syntax Silver badge

Re: What a load of complete cobblers!

"The UK courts do not give out warrants compelling people to provide services for anyone"

Well, they certainly don't in these cases. It's the Sec of State (a certain Amber Rudd of proven keen intellect) or someone wielding her rubber stamp.

That's one of the concerns.

Warning: this post may contain traces of sarcasm.

Doctor Syntax Silver badge

"And you know that how?"

Have you heard of a Mr Snowden?

Doctor Syntax Silver badge

Re: Does that mean

"and what about coffee shops / pubs that provide Wi-Fi for customers? are they operators under this?"

If the summary given in the article is correct then it would appear that they are. Whether that's by intent or by carelessness is a matter for conjecture. It's an aspect that should have received scrutiny in Parliament If my ex-MP's attitude was anything to go by I doubt there was much enthusiasm for such scrutiny, at least on the govt. side.

In a way I'm a little sorry he isn't still my MP, if he were I could keep asking him to clarify such issues that he voted for so unthinkingly.

Manchester firm shut down for pretending to be Google

Doctor Syntax Silver badge

Re: Fake invoice scam (been around forever)

"Some gullible accounts payable droid dutifully pays the invoice"

An accounts droid who pays out without a PO is more than gullible but downright incompetent. Hence the first response to a phone demand should be for the PO number.

Doctor Syntax Silver badge

Re: The lads from Lagos..

"They will just start again under a new name"

TFA states plainly that they are disbarred from acting as directors and breaking that will be a criminal offence Not a company criminal offence but a personal one.

Why this sanction isn't more often used I don't know.

Doctor Syntax Silver badge

Me (reading from counter-script script): "Fuck off and get a proper job." *slam*

There you are, then. No public spirit. No effort to waste time they could spend looking for someone more vulnerable.

Biting the hand that feeds IT © 1998–2019