* Posts by Doctor Syntax

16426 posts • joined 16 Jun 2014

KCL out(r)age continues: Two weeks TITSUP, two weeks to go

Doctor Syntax Silver badge

A few simple lessons:

RAID is not backup.

Incremental backups only bridge the gaps between full backups.

Fully backup before you do even the most routine maintenance to your RAID.

A good sysadmin/DBA is paranoid. Technical competence comes a close second but paranoia comes first.

WordPress daddy Matt Mullenweg says Wix.com 'explicitly contravenes the GPL'

Doctor Syntax Silver badge

"Now that Mullenweg has blown the whistle on them, MAYBE the overlords of the GPL will do an investigation and lawyer up if/when they see fit."

Why? They'd have no standing. The GPL is only a legal boilerplate to use as an agreement between the copyright owner and anyone using the code to make derivatives. In this case Wordpress are the copyright owners. They're the ones who have standing in this unless Wix are also making derivatives of the GPL.

Boffin's anti-worm bot could silence epic Mirai DDoS attack army

Doctor Syntax Silver badge

Re: Bright idea

"and next off, the Mirai code gets updated with the nematode code, so that it locks the administrator out"

AIUI it already does that, otherwise it would be easy for someone to log in and de-worm the device. It sounds like the nematode is the worm without the nasty payload.

Doctor Syntax Silver badge

"any anti-Mirai worm could disrupt inexperienced users who would be locked out of remote device access."

According to previous articles (a) vulnerable devices are attacked within minutes of going online and (b) the attacks usually close the telnet door behind them. If that's so most vulnerable devices must already have their users locked out. A nematode that would, say, prompt the user to reboot and change the password would be somewhat more helpful to the user than leaving the device to be infected. However it's obviously going to be a race to get against the existing botnet to get to new or newly rebooted devices first. Maybe it needs to crash and reboot a device that's already infected first.

Researchers expose Mirai vuln that could be used to hack back against botnet

Doctor Syntax Silver badge

"If this flaw allows for a more active defence by crashing or otherwise disabling attacking endpoints, it sounds like a reasonable use of force in self-defence."

If I follow the article correctly it's not actually the device itself that's being crashed, just a process that's been placed there by a previous attack. All that's happening is that the device is being returned to its original estate. The only person with a standing to make a complaint is the original attacker - who can't complain without incriminating themselves.

Let's praise Surface, not bury it

Doctor Syntax Silver badge

Re: Bah! 4 Doctor Syntax (again)

"Plug USB disk drive into said laptop"

See my comments to TangoDelta72, or just read my original posting for why this "solution" isn't one.

See also my comment that I agreed with your points 1 & 2. OTOH my particular requirement was for a compact piece of kit to be used in libraries and archives where excess consumption of desk space would be an issue. That doesn't leave room for an optical drive, a large screen or even a full-sized keyboard. It's not a piece of kit you'd choose for your application. You'd want something more like the HP laptop I'm typing on now but which was a bit of a pain when trying to share a small library desk with other stuff.

There is - or should be - room for a variety of specifications for different purposes.

Doctor Syntax Silver badge

Re: 2 days of editing interface

"Might as well go Linux with all that buggering about."

I had much the same sentiments after spending a few days getting a newly bought W7 laptop up to current whilst avoiding W10 a few weeks ago. But my granddaughter's school expect MS stuff.

Doctor Syntax Silver badge

Re: "Richer apps"

Richer mugs to flog stuff to.

Doctor Syntax Silver badge

Re: Bah!

"I enjoy living vicariously through others' experience of installing Linux on laptops."

So, here's my little MSI laptop, bought a few years ago for the express use of doing things, namely being taken into libraries and archives for doing research. Download Mint, burn onto disk. Plug USB disk drive into said laptop, insert disk into drive. Start computer, press function key for boot menu and select boot from USB. Mint disk fires up. Select options appropriate to language and time zone. Wait for installer to do its thing. Remove USB drive and reboot.

I hope you enjoyed that vicarious experience.

"I don't enjoy the litany of all the things that won't work properly without hours of fucking about under the bonnet."

Neither do I which is a good reason for not doing them as in the above.

"I need a computer as a tool for helping me do other things, interesting things, not as an end in itself."

And so do I. That little device is still doing exactly that research recording task. It's also a nice little laptop to take when going on holiday - although it works better when I don't do what I did this week: forget to pack the charger!

Doctor Syntax Silver badge

Re: Bah!

"And to that same foetus who will whine at me about Linux: If I could buy an off-the-shelf machine with the features I want and Linux installed I would have done so twelve months ago."

You youngsters* seem to need someone to wipe your noses all the time.

Buy your favoured drive-less laptop. Download an install image of a Linux distro and copy it to a USB thumb-drive Plug thumb-drive into laptop, blow away the eyeturd (you will find no disagreement from me on your points 1 & 2) and install Linux for yourself. Unless you consider a laptop and a USB stick to be "parts" (you bought such parts in 1993?) no buying of parts is required.

*You claim to be still commuting. That implies you're of working age therefore you're a youngster from my PoV.

Doctor Syntax Silver badge

"The PC is dying, but better, richer apps might just save it"

Translation:

PCs are failing to die at anything like the required rate so we're not able to sell as many replacements as we used to. We need some massively inefficiently coded applications that can't be run on existing kit to force users to upgrade.

Web devs want to make the Internet of S**t worse. Much worse

Doctor Syntax Silver badge

"No, gray markets go AROUND regulations by cutting out the middlemen like customs."

Actually they can't treat customs as middlemen. You buy something from eBay from an overseas vendor customs may open it, apply duty forward it by an agent who collects the duty (assuming it was a legitimate item) and then charges you for the duty and their services. I've had it happen.

Roll this forward. Regulation comes into play.

Customs peruse eBay/Amazon/whoever for stuff that looks as if it might not comply and make a few trial purchases. If it's a vendor with a UK address, even if the stuff is posted direct from China the UK vendor gets prosecuted. For the rest eBay/Amazon/whoever get an offer they can't refuse and simply stop advertising the stuff.

Regulation enables enforcement. Enforcement might never be 100% but between direct enforcement and deterrence it can provide a good enough control.

Doctor Syntax Silver badge

Re: If this takes off

One, "If there are those who will learn by no other, what happens when a situation requires prior knowledge to live through it?"

Two, "What about those who don't get it even WITH experience?"

They become examples for others to learn from.

"Those who don't learn from history are condemned to repeat it."

Doctor Syntax Silver badge

"life expectancies under 50"

Increased profits by mixing foodstuffs with non-nutritive and sometimes toxic adulterants was a desired result of Victorian grocers.

Ready access to water was a desired result of a public pump in the middle of Soho.

Brightly coloured walls were the desired result of arsenic-based pigments in wall-paper.

Eliminating these and other desired results during the course of over a century and a half is what's lifted life expectancies over 50.

Doctor Syntax Silver badge

"China has sovereignty"

Yes it does. In China. UK, the EU, the US, the UNameit aren't China. Our own governments have their own sovereignty to set regulations on what can be legally sold in their own jurisdictions. Regulation is the first step to actually dealing with gray markets.

Doctor Syntax Silver badge

Re: Security First

"Security first can ONLY come if a Machiavellian Prince with some scruples takes over the world and demands it with extreme penalties for noncompliance. Otherwise, sovereignty, competition, and overall human stupidity will ensure it'll never happen."

Nope. There's nothing Machiavellian about all the existing regulation that ensures that it's illegal to sell vehicles that fail adequate safety standards, children's toys with lead paint, electrical items without adequate insulation etc.

It simply required legislators to see the need for them and use their sovereignty to require stuff sold in their own market places to be safe. They'll get the message here as well. It might take them longer because the TLAs have vested interests. Also it won't stop the Del-boys trying to get round regulation but that's what Trading Standards are there fore. Eventually the mainstream market will supply devices with adequate security.

You might reasonably reply that the rise of market places such as eBay makes it possible for the Del-boys to sell non-conforming items. Yes it will; it also makes it possible for other safety regulation to be by-passed. It's another thing for legislation to catch up with. It's not an entirely separate issue but it's one which will get tackled in due course.

Doctor Syntax Silver badge

Re: Of course Mozilla will implement it

"They have a tack record of implementing and backing every bad idea."

Nice Freudian slip there, Christian. Tack as in tacky. Spot on.

Doctor Syntax Silver badge

Re: Wrong

"Straight away you assume that Bluetooth is being used for applications"

I did nothing alike. Not that assuming it would have been wrong. Just sayin'.

"Ok...so with all the current insecurities doing the rounds, opening up an attack vector that crosses strewn with malware web"

Over your head. My whole point was that with some or most Bluetooth access potentially moved to the browser the overall attack surface will be reduced, because now you won't need to download and install native apps permanently anymore for a lot of Bluetooth-related stuff, but can simply run them on-demand from the much safer browser environment.

So the second bit I've emphasised is saying that with Bluetooth in the browser you won't need to download the apps that, in the first bit I've emphasised, you're denying were being used without Bluetooth in the browser? Somehow I don't think you've got your own head round your own arguments. Maybe that's why the rest of us have problems with them.

Doctor Syntax Silver badge

Re: If this takes off

"I genuinely think they have been trained by companies and the world around them that this is the new normal, and us older buggers are just paranoid."

It's simply the old "experience is a dear teacher but there are those who will learn by no other". They'll learn. They'll also discover the truth of the complementary saying: "experience is something you need just before you get it".

'Hacker' accused of idiotic plan to defraud bank out of $1.5 million

Doctor Syntax Silver badge

Re: Cybercriminals?

It's only "with impunity" if you don't get caught and convicted. You'd have thought a US attorney would have known that.

Doctor Syntax Silver badge

"The arrest sends all would-be cyber criminals a message – we will find you, and we will bring you to justice."...however dumb you are.

Lenovo downward dogs with Yoga BIOS update supporting Linux installs

Doctor Syntax Silver badge

Re: Not Likely

"Windows consumer licensing itself has been pitiful for a long time."

I think they know exactly what they're doing and it's not pitiful for them. This one's free, once you're hooked, however...

Doctor Syntax Silver badge

"If they did do this deliberately then they should be condemned, but IMO it's far more likely no one thought it was an issue."

So if it was just sloppily written software they were shipping that would be OK?

Doctor Syntax Silver badge

Re: Microsoft..

"UK's Equality Act 2010...seen as illegal under UK disability law, but for some reason Microsoft have got off Scot-free."

I'm not sure how this particular law is enforced but I'd expect that either a complaint has to be made to some official body or a complainant has to raise it in court themselves. If nobody did so that might be the reason.

Doctor Syntax Silver badge

" -100 points for trying to pull the stunt in the first place."

It's not as if this was the first time they've faced public criticism for pulling firmware/crapware stunts. I wonder how long it's going to take for the penny to drop. They're certainly not on my list of people I'll buy from.

Doctor Syntax Silver badge

"as soon as money was involved"

Money often has effects like that. Nice one.

Uber drivers entitled to UK minimum wage, London tribunal rules

Doctor Syntax Silver badge

Re: How to classify workers

"most d[r]ivers are sole operators, which is a surprise"

Why should it be? Were you expecting them to register companies?

My worry about this, academic given that I'm retired, is that HMRC will find stuff in here to tighten the IR35 screw tighter. Most case law regarding employment seems to arise from instances where individuals were trying to claim employment rights and consequently is loaded against those trying to claim that they're not employed. There is a rightful place in the UK economy for the flexibility that freelance provides but if that's to continue there needs to be a clear definition of that status which protects those using it but which defends lower paid workers against exploitation.

Doctor Syntax Silver badge

Re: Next on the list: VAT

"The driver pays the parent company and consequently there is no VAT in that transaction either."

If by "parent company" you mean Uber which, as you say elsewhere, is big enough to be VAT registered why would that payment not incur VAT? And if that's the case then either the driver can't reclaim VAT or would have to be VAT registered and hence would have to charge VAT to the passengers.

Cynical Apple gouges UK with 20 per cent price hike

Doctor Syntax Silver badge

Re: US prices?

"Apple's revenue and profit dropped on few products being sold."

True, They've got to make up the shortfall on sales of those watches.

Doctor Syntax Silver badge

Re: All according to plan

"Adam Smith's invisible hand of awesomeness"

Which seems to have developed arthritis these last few years.

Lad cuffed after iOS call exploit knocks out Arizona 911 center

Doctor Syntax Silver badge

"Desai describes himself as an iOS developer and a jailbreak theme tweaker."

I think the word he was looking for was "muppet". But let's see how he gets on with breaking out of a real jail.

Self-driving cars doomed to be bullied by pedestrians

Doctor Syntax Silver badge

Re: Hailing a self driving car?

'Newflash - there are already these things called "taxis" (maybe you've heard of them?) that you can hail that have been around since before the internal combustion engine was invented.'

Actually they existed before the internal combustion engine was invented.

But one of the problems is that most people want to travel at fairly restricted times of the morning and evening. If you provided enough taxis to meet these peak demands you'd find them underused for the rest of the day and, given the need for them to make a profit, most of their operators would go out of business over time. The number of taxis reduced to something like present day levels, namely, unable to provide an adequate service to most people at the times they want to travel.

The consequence is that most people who need to commute, at normal commuting times, between endpoints where public transport doesn't make much sense, find they need to make their own provision. They buy a car.

Doctor Syntax Silver badge

Re: Non-issue.

"the tourist wait for the green man, the local cross if there is no traffic."

SWMBO waits anyway, even in the face of evidence that the green man cycle has been omitted.

Doctor Syntax Silver badge

Re: meek cars and commuting

"This raises another question: will these cars stop for dogs? cats? squirrels?"

What about pheasants? They operate in two modes, dumb and equally dumb. First mode is to wander along the road ignoring anything that moves. The other is to whiz across in flight but at low altitude, equally oblivious.

Doctor Syntax Silver badge

Re: Warning! Warning!

'Um, the more correct term would be "Meat-space Driver."'

No, the meat space going to be out there. Dead meat.

Doctor Syntax Silver badge

Re: Hoodies playing chicken...?

"kept moving slowly forward"

Stop a few yards clear. Put evil grin on face. Ostentatiously check seatbelt's tightness. Rev engine....

Doctor Syntax Silver badge

Re: Wait a minute...

"it will be fun to see how many driverless cars you can collect on a country road."

Round here, where the country roads are steep, part of the cyclists' idea of fun seems to be charging at top speed down twisting lanes in the middle of the road. And no amount of braking by autonomous cars is going to avoid a collision with a cyclist who's already contributing most of the closing speed.

Hell desk thought PC fire report was a first-day-on-the-job prank

Doctor Syntax Silver badge

Re: Tossing water at electric fire

"Presumably this is to keep someone in a job whose sole ability is being able to recognise a fire extinguisher."

It might be a good idea if that someone has the additional ability to recognise the correct fire extinguisher for the situation.

Topless in-car selfie attempt climaxes with rear-end bonking

Doctor Syntax Silver badge

Re: Police posting her picture online is an infamy

"actually my mom once backed into a police car."

A policeman once reversed into the side of my car once. Windows covered in frost, reversing out of drive...

Search engine results increasingly poisoned with malicious links

Doctor Syntax Silver badge

"It could be the ads on the website that have been flagged as suspicious by us and that changes every time you access the site," Morgenstern explained. "Or the website is delivering different content randomly or it does so by checking the user agent or location of the user.

Having found a suspicious link they didn't test further?

Doctor Syntax Silver badge

Re: If I visited dodgy sites...

"Then you find out that the malware is capable of infecting hardware, persisting across reboots, infecting other machines on your network AND escaping VMs to attack machines there."

Do you?

Citation needed. Citation should specifically address BSD as the live OS as that was specified by the OP.

Irish activists fight EU-US privacy pact as tech giants flock to sign up

Doctor Syntax Silver badge

"a widely-expected moved"

The only surprise is that it took so long.

Dan Kaminsky calls for a few good hackers to secure the web

Doctor Syntax Silver badge

"And if we can make it so that you have to prove ownership of the private key (by signing some kind of nonce value) for the domain you CLAIM to be sending FROM"

I'm not sure about claiming a private key for the domain but a private key for the actual user ID is a different matter. That would be right here on my own device*.

Oh dear. That makes webmail a bit of a problem doesn't it; yet another example of security being sacrificed to convenience. That sacrifice is, of course, one of the main sources of our problems. As insecurity brings inconvenience we should gradually see a rebalancing act sometime.

*Yes I know. The device might be pwned. But the pwning is so often by faked emails that there's a vicious circle that needs to be broken. Do you have any alternative suggestions? Standing there just pissing on everyone else's ideas without having any of your own is such an unattractive pose.

HMRC to create new compliance team focused on 'gig economy' workers

Doctor Syntax Silver badge

If services are being provided on a business footing the business should, if being well-run, aim to build up a buffer to continue paying the staff, be it one worker or many, for a period when there's no custom. It should also be able to cover NI, pensions and other costs - including transport, phones etc where appropriate. It should be paying at least the statutory minimum levels. In order to make this a viable business the rate paid by the client should be larger than the statutory minimum level by some factor.

That factor might depend on the additional facilities required, such as a cycle and phone for a courier, but in principle that factor could be determined for a particular type of service. There's then a very simple test to apply: you pay less than that, you've got an employee and you handle PAYE, NI, accept that you are responsible for employment rights etc.

There's no reason why the gig economy terms shouldn't be available for businesses that require that flexibility of labour but it should be clearly recognised that the gig worker is taking on the business risk that the engager wants to avoid but should be paid accordingly and taxed as a business.

Doctor Syntax Silver badge

Re: Nationalise the lot of 'em

You have to extend that to redundancy etc as well. Depending on the party ruling at the time the state might be very keen on handling all the pensions (not that they've been brilliant at that), parental leave of course. But they're not going to handle the costs of companies adjusting the size of the workforce to changing requirements.

Doctor Syntax Silver badge

"It's a company whose sole business consists of selling somebody's personal services."

Which, of course, is exactly what the big consultancies do. The difference is scale and hence the ability to fund lawyers against HMRC.

Doctor Syntax Silver badge

Re: IR35, is currently costing the taxpayer around £440m a year

"But if HMRC really have ignored how the contract "actually works", you'll be able to convince a judge and he'll chuck it out. Been there; done that. Although I only won on appeal."

You may have been lucky. Back in the day when i had to take an interest in such things there were some perverse decisions reported.

Divide the internet into compartments to save us from the IoT fail whale

Doctor Syntax Silver badge

Re: There's a germ of an idea here...

"Just a thought, please feel free to tear it to shreds."

How does the ISP know which request came from an IoThingy and which from a user? Assuming, here, an IPv4 network with everything arriving at the ISP bearing just the router's address.

Doctor Syntax Silver badge

These edge connectors. Where does he propose to put them? At the interface between the individual customer sites and the ISP? If so we already have such things there, they're the customer routers and in some cases they are the bots in the botnets. So his first problem is to produce a more secure router/edge connector that can be safely put in that place. And when the security holes start to become apparent in those, then maybe we need a more secure edge connector in from of them.

HMRC IT boss quit £185k job for more cash

Doctor Syntax Silver badge

Re: Golden Handcuffs ??

"no competition clauses to avoid anyone jumping ship to other companies competing in the same space"

Governments tend to treat taxation as a monopoly*. There are no companies competing with HMRC, at least not within the UK.

*Note that they don't achieve this when it comes to taxation of multi-national companies.

Biting the hand that feeds IT © 1998–2019