Nest Cam: A compelling piece of hardware-software

Re: What would be really nice...

Something happened yesterday which started me thinking on these lines. The doorbell was rung by some dodgy looking character asking for scrap. Ideally I'd have got the camera out and got a photo of his van just in case but didn't get chance.

What would be an automated alternative? There's already a porch light controlled by a separate PIR detector. That provides a power source from mains and maybe, with a bit of surgery and an opto-isolator, a trigger signal. Combine that with a Pi, a camera and wifi - and the current Pi B already has wifi - I'd have a camera that could be paired with another Pi indoors recording onto an SD card snippets of anyone approaching the door. That would be so inconspicuous it's very unlikely to be taken in a burglary. No dependency on an external IoT service. In fact, if one of the Pis were set up as an access point they could have their own SSID and not need to be connected to my home network at all.

Microsoft sweet-talks EC antitrust bods over LinkedIn buy

Re: Business benefit?

"Given that Microsoft are spending money and other resources on this acquisition, there must, in Microsoft's view, be a pretty good reason."

You could have said the same thing in relation to Nokia.

"by gaining ownership of LinkedIn's unique dataset of over 450 million professionals in more than 200 countries, Microsoft will be able to deny competitors access to that data, and in doing so obtain an unfair competitive advantage."

I'm sure everyone who gave away their data to LinkedIn could be persuaded to give it to any other site that might be set up, either by Salesforce or anyone else. "Unique" need only be a temporary description.

"Let them buy it but only if they fully opensource Windows."

No way. It'd be like a cancer finding its way into other code.

PoisonTap fools your PC into thinking the whole internet lives in an rPi

Re: To lock a Linux system down

"disabled ALL the USB ports, which is impractical for, say, a laptop, where things are expected to be connected."

And eve more so desktops. These days mice and keyboards are expected to be USB.

"Thunderbird port."

Only handles mail protocols.

Re: This is exactly how things are designed to work

"regarding Linux you are wrong, wrong and wrong"

Only up to a point. As you say it's DHCP rather than the desktop cruft but the final point of convenience vs security is the significant one. Ignore at least one of those wrongs.

Re: Physical Access...

Physical access plus social engineering? If you can persuade the user to plug this memory stick into his computer... It's not like it's never happened before.

Experts to Congress: You must act on IoT security. Congress: Encourage industry to develop best practices, you say?

At some point a DDoS attack will hit something politicians care about. Then they'll start insisting on action.

Re: How do you deal with China?

"Most of the Chinese tat is sold direct form China, usually through the gray markets."

You keep rabbiting on about gray markets. What do you mean by them? Presumably you don't mean someone sidling up to folk in the street saying "If you want to buy some IoTat stuff I can order it from China for you.".

Gray markets have to advertise, otherwise customers couldn't find them. And the big advertising routes such as eBay do usually have legal presences in the US, EU etc, where they can be leaned on.

Microsoft just got its Linux Foundation platinum card, becomes top level member

"If they have the level of humility and practicality to join the Linux Foundation"

Humility? Linux Foundation? Look at the names of the other members and tell me who's humble in there. OK, Samsung might have been humbled a bit recently, but the others?

Re: Microsoft is a Business

"I heard that HP, IBM, Fujitsu, Oracle, Samsung, Qualcomm, et al were also businesses, and also members of the Linux Foundation."

All of those offer or depend on Linux in some way. Samsung & Qualcomm? What do you think all those Android gadgets run as their kernel.

Microsoft also offers Linux on Azure. Not, I suspect, because they particularly want to but because they have to. The market tells them to.

The Linux Foundation is a vendor's club. It may fund development but it doesn't do it.

Brit smart streetlight bods Telensa named 'global market leader'

Re: speeding fines

"i don't understand why people are so pissed off about the law being enforced ?"

A driver has a lot of sources of information which should receive his attention. Most of them are outside the vehicle. Forcing him, by draconian enforcement, to concentrate on one particular one inside the vehicle does not seem to me the best way to improve road safety.

Re: Is there a reason why...

"There have been many attempts to turn off, remove or turn down streetlighting, but the vast majority of these have met with public objection - if you can turn them off when nobody is around, nobody complains, but if it is YOUR daughter trying to walk home at 02:00 in absolute pitch black because some eco-twat has turned the lights off, you might be unhappy."

What would be the feasibility of control by PIR? LEDs don't take time to come to full brightness like sodium lights. There could actually be a use for smart features - if a pedestrian is heading towards the next light in the sequence it could be turned on remotely to light the area ahead of them. The downside would be the distraction caused to residents by lights flicking on and off but if the light spill is controlled this would be minimised - unlike the average security light.

"Actually, LED units are a lot better for sky watchers."

As far as astronomers are concerned the old sodium lights shouldn't be a problem. A narrow band filter can block that wavelength.

Dirty code? If it works, leave it says Thoughtworks CTO

Re: Rules of Code Club

Development is the process by which software enters the longest part of its life cycle, the maintenance phase.

"The myth that we all subscribe to is that you can sit down with <user> and apply <methodology of the month> and you will produce a complete new shiny system that will cover all those cases."

An alternative approach is to sit down and ask what's the general problem of which this current requirement is an example. It's the basis of the most widely used software, otherwise you'd have compilers only capable of compiling helloworld.c and operating systems only capable of running them.

' If you don't understand the customer's needs thoroughly - then you can paint yourself into corner with a "precisely engineered" design.'

This, a thousand times. At my last client one of the internal bods - who should never have been let loose on a database let alone design one - came up with a schema closely tailored to the initial requirements. When I retired they were still having to amend that schema and the supporting code every time there was an amendment to the contract.

Re: Dirty code?!

It sounds as if neither the original nor the maintenance developer believed in self-documenting code: comments and meaningful names.

Re: Dirty code?!

"But because that screen doesn't look great (it's only used internally so nobody cared about making it look good)"

That's not a good excuse if it leads to errors on data entry.

Re: Clean vs Dirty code

"One application was written with no line breaks."


Re: What?

D) You'll have changed jobs and it'll be someone else's problem.

Back in reality - that big hairball you were hoping to replace instead of fix is still needed and you've just been sent a requirement to make a little change in it. Just a little change. Nothing to worry about...

Mac book, whoa! Apple unveils $300 design tome

"printed ...using eight color separations"

Colour printed? How down-market. For that money I'd expect hand-tinting.

a USB-A cable that only goes in its socket 50% 33% of the time


TalkTalk teen hacker pleads guilty as firm reveals £22m profit jump

Re: It was...

"*an? That's how I would have done it."

When you pronounce it "sequel" "an" doesn't work.


Re: There is more than enough blame to go around

"Perhaps the experience will push him towards more positive application of whatever skills he has in future."

He's skiddie. What skills? Is there a market for cutting and pasting and a little typing?

Re: What info was given about the hack itself

""I didn't think of the consequences at the time."

Lets hope he gets time to think about them now. Probably won't happen, though.

New Ransoc extortionists hunt for actual child abuse material

"But it must be a fairly small target. One would hope."

It can be made larger. Just upload some "evidence".

UK warships to have less firepower than 19th century equivalents as missiles withdrawn

Re: Right decision

"Ship killing has been performed by aircraft and submarines ever since Task Force Z in 1941"

Doesn't that assume that the ship you're trying to kill can defend itself against other ships?

Re: Ancient Greek option.

"Couldn't they just put a big bronze ram on the front?"

When I saw your headline I thought you were going to suggest a really big concave mirror. It works is the sun's shining.

Analysts apply Occam's razor to Tesco Bank breach

Re: It's a good read...

" I got halfway through and thought I was actually reading an advertising puff piece for a particular security intelligence firm."

Telepathy! So did I.

Re: Credit where credit's due

"So, not only do law enforcement not know *who* did it, they don't even know *how* they did it."

That doesn't follow. They're just not telling outsiders what they know which is reasonable. This is some external analyst trying to work it out/guessing on the basis of what is public knowledge. Just like the rest of us.

"I would hazard a guess that they have changed a procedure with regards to processing so they can stop payments or withdrawals."

Why would they stop payments? Maybe they had a means of making transfers from one Tesco A/C to another so they were routing payments through one they controlled to an external bank.

Post-outage King's College London orders staff to never make their own backups

Re: My company has axed all backups...

Show them the stories about this and Lee's post.

elReg, promote Lee to a gold badge for that post.

Re: Enterprise Endpoint Backup

The same questions have to be answered.

Where does the data end up?

How distant is it from the system it's backing up? (A copy of the data sitting next to the server protects against a disk crash, it doesn't protect against a fire.)

How secure is it against unauthorised access?

How quickly can it be brought back to site if needed?

Above all, how often is restoration tested and with what results?

Re: Backup on 'New Technology'

"every so often"

i.e. at least daily.

Re: Let them use 7-Zip

"Just don't ask me to write it down, or it will be one-way encryption."

Me too. Almost my first action after getting my grant cheque is-it-really-that-many years ago was to walk down the Strand to a typewriter shop & spend a whole tenner on a >2nd hand portable. I still have it somewhere but I think it's got woodworm - it has a wooden cover.

Re: What to do, what to do?

"read/write access to the C drive is blocked too"

Screwdriver access.

Re: You are slightly missing the point

And do you harbour such strong feelings against [the French]?

Of course. It's a point of principle. Never heard of Brexit?

Re: You are slightly missing the point

'The college's policy is probably due to a desire for a "one-size-fits-all" approach where esoteric chemistry files are treated the same way as payroll files.'

This is the point. One size does not fit all and trying to lay down the law on the basis that it does it just plain wrong.

Another aspect of this is that if you're going to insist on running the backups for the payroll you whould be able to demonstrate to the payroll management that your claimed backups are actually viable. As I've written in other threads the main requirement of a sysadmin or DBA is paranoia. You'd think that after such an incident the KCL team should be thoroughly paranoid now, even if they weren't before. From what's reported here there's no evidence of that.

Re: You are slightly missing the point

"What about faculty who keep patient information for clinical research?"

Come to that, to what extent was KCH affected by this?

Re: You are slightly missing the point

"Hackers will steal chest X-rays of healthy people to pass screening tests that they might otherwise fail."

Darwin award candidates.

Firefox hits version 50

Re: I like GUIs to be obvious

"Stop fiddling with cosmetics and GUI."

It sounds as if what you really need is Seamonkey - browser and Thunderbird in a single package with a plain vanilla interface.

Re: This being an IT site

"Perhaps it is worth noting that we have version 50.0 on FreeBSD as well."

And given a more normal numbering scheme it would probably be somewhere around 6.8.5 on all platforms.

IT outsourcing is soooo passé, says outsourcing giant Fujitsu

"We don't use the word restructuring, we use the word transformation. This is not a euphemism for us."

No, it's hyperbole.

Forget razors and blades, APIs are the new gotcha

"Your not seeing it."

And you're not spelling it properly.

Security bods find Android phoning home. Home being China

Re: I don't see espionage

"show me pictures of Percy" and see pictures of my black moggy

It doesn't do slang, then.

Navy STEALS? US sailors dispute piracy claim

Re: Lawyer normal

"neither (b) nor (c) is considered in any way an admission that (a) is untrue."

That's accepted. But falling back on "We're the Gubbinment, we don't have to pay" as your (c) is tantamount to saying "Remove my credit rating for all future deals".

