Re: Analysts strike again...
"2019 will be warmer etc"
A down vote? Maybe someone can't read properly.
An alternative forecast for 2019: 2019 will have weather.
16427 posts • joined 16 Jun 2014
"One day I will retire,"
Welcome to the club.
"and I acknowledge that I may need a Windows system occasionally. In fact, I acknowledge the unfortunate fact that Outlook is a great PIM"
If you need a PIM after you've retired you're doing it wrong ;)
Most of the distros these days come up in a usable manner with little or no custom config. Some such as Zorin set out specifically to be as Windows-like as possible. I installed that on a couple of PCs for a cousin but it's some time ago & I can't remember off the top of my head whether it included Wine so Windows stuff would run automagically. [Quick Google - yes it does but best to check your programs' compatibilities at https://appdb.winehq.org/ ]. Mint is also a good bet.
If you install a Linux distro alongside Windows you should be able to open the Windows partitions to see your existing files. LibreOffice will be installed with practically any distro & will open your MS Office files. There'll be some gui-based text editor, probably such as gedit, kwrite or mousepad which will open your notepad files and a PDF viewer.
"Everything else in that list is collected so that apps can be written to make use of the data, and so that the data can be synchronised across devices."
And that would be pretty reasonable. But as you say "Microsoft have published what they do and don't collect at https://www.microsoft.com/en-us/privacystatement/default.aspx and http://windows.microsoft.com/en-us/windows-10/windows-privacy-faq"
I have to wonder if you've actually read that or, if you have read it, whether you understand that. Yes, the tone seems reasonable & gentle but you have to work out what they actually say.
First of all the categories of information listed there go a lot, lot further than enabling you to log in or synchronise data. Categories such as "We collect data about your interests and favorites, such as the teams you follow in a sports app, the stocks you track in a finance app, or the favorite cities you add to a weather app. In addition to those you explicitly provide, your interests and favorites may also be inferred or derived from other data we collect." That alone should worry you - it should be nothing to do with them.
But go back to what looks like innocuous stuff. All that data which is quite reasonable for logging in and so on. Go back and read it carefully. Did you notice something a little strange about it? Did you notice that they don't limit themselves to collecting information which refers to themselves? Go back again and find out where they exclude themselves from collecting your online banking credentials, your credentials for any AWS services you may use, your eBay, PayPal or Amazon credentials or purchases, your logins to your ISP, non-Microsoft email, your remote login to your work.
Maybe you can excuse this on the basis that they don't really intend to do that but they were a bit sloppy writing their T&Cs. Do you really think they lack the legal resource to make their T&Cs say something they didn't intend?
About the most benign interpretation that could be put on this is that they really don't intend to collect any of this but they're just covering their backsides if some sloppy coding accidentally does that. And that really may be the intention. But wouldn't it be better and more honest, to limit their T&Cs to what they intend to collect and be prepared to take the consequences for not living up to it? As things stand the best that a victim could hope for in the event of something going wrong is that a court would throw the T&Cs out as being unenforceable.
As things stand ISTM that any business that uses Microsoft should get those T&Cs reviewed by their legal advisors.
"What's to stop this from polluting the Linux (or other alternative OS) world?"
A more informed user base and the availability of alternatives. Canonical tried something along those lines. They quickly discovered it was unpopular & pulled back*. But Mint came to prominence largely as a result of that. Nevertheless, it's worrying that when the big H/W vendors, the ones who tend to add a few unwelcome extras to Windows, offer a Linux version that seems to be Ubuntu.
* I'm not sure to what extent they did pull back as I haven't used Ubuntu for years so I haven't followed at all closely.
First time they call tell them that you don't want any more calls and that if they do call again you'll make an appointment for the sole purpose of expressing your displeasure to the rep. Preferably record the call. Then if they call back arrange an appointment. When the rep comes tell him to tell the company to stop calling. The rep, who's probably mostly if not entirely on commission, isn't going to be pleased but make it clear that it's entirely the company's fault because they were specifically warned and he should direct is complaints to them. Even better, have it written out, hand it to him & shut the door so he can't argue.
Just how is Nominet regulated, if at all?
It describes itself as a Public Benefit Company. It's not a charity so the Charity Commissioners don't regulate it. Its web site says that it doesn't have shareholders, it has members who can only elect non-exec directors, not executives. In the absence of an external regulator or a membership able to elect executives then ISTM the providing that the essentials of financial reports to Companies House are met there is very little that anyone can do to restrain the execs.
Or have a missed something?
"Only if bias means interpreting the law correctly.
Do read the EFF brief it is totally hysterical."
Be that as it may, the judge's mode of expression is not what I was used to hearing in courts on this side of the pond*, let alone introducing an additional party, his teenage son. Is the son to be called as a witness?
*Well, maybe in a magistrate's court but would a court deciding on the admissibility of an amicus brief be the US equivalent of a magistrate?
"Cameron's speeches have traditionally been dreadful: one-sentence paragraphs full of assertions rather than rational argument. They look good on an autocue but not in print."
Sadly they were good enough to get him elected party leader rather than David Davies. Or maybe it was because they were so mesmerised by Blair that the looked for the closest match they'd got.
""So only people with advanced tech knowledge are allowed to write about technology? Even though it's pretty important these days?"
Of course not, but in the absence of such knowledge they have to realise that what they write might be complete bollocks. Might be? Almost certainly will be!
And as for "adversarial", start looking closer to home.
'Honestly all of this seems less about cloud and more about tech companies failure to understand the implications of the term "unlimited" (again)'
I suspect the thinking was that "as H/W gets cheaper all the time we'll be able to add capacity faster than the customers can use it".
Spot the flaw in that.
"Anyone who has the resources to hire a full-time research team and a pair of decent developers can build credible offensive hacking capabilities. This means that most 50-individual companies on the planet theoretically have the resources to build both malware and network-based deployment capabilities.
Someone who has actually spent time penetrating other systems and had to think about these things just might. These people are not cheap, and there aren't many of them."
Well, which is it?
"Under USA law there's a right to not self-incriminate"
Rules of evidence in England, Wales & N Ireland (I don't know about Scotland) amount to much the same thing. The police caution starts "You have the right ot remain silent".
There could be an interesting situation here. If a suspect gives up his key under a judicial instruction could the phone's contents then be used in evidence against him? ISTM that this is an issue that could go right up the court hierarchy.
"SystemV has been always regarded as a blunder by people in the know"
I take it that you think the folks in Bell Labs weren't in the know. Hmmm.
"Systemd while not perfect allows one to write a service init script or custom action in minutes rather than hours."
One of my worries about systemd is not that it doesn't allow the use of init scripts but that that use could disappear at whim.
" BSD is just different enough that it's actually quite frustrating to use. It looks like Linux. It feels like Linux."
We're approaching things from a different point of view. Mine was that Linux looked like Unix, felt like Unix. Now it doesn't. It's maybe time to start referring to it as GNU/Linux as the purists insist and remember that Gnu's Not Unix.
Nevertheless I agree that BSD can be frustrating but that's because it lacks the polishing that Linux has received over the last few years, the polish that turned it into a product in the sense that Brookes uses in TMMM.
'I will keep your post in my reference list for all those who incessantly spout off about how "easy" Linux is.'
I'm afraid that while "is" still applies to a few surviving long term support distros, Linux is becoming Windowsified. Free BSD looks encouraging but in some aspects is where Linux was about 10-12 years ago. I haven't tried OpenBSD yet.
"They notice that all the people complaining have used their card at one particular place - Heathrow Express was one example from a few years back."
What they need to do is go a step further & require compensation from the merchant. It would give them an incentive to tighten up. As things are, if it doesn't cost them anything to do nothing then nothing is what they'll do.
"Of course, you could just nuke it all from orbit and start over fresh..."
Good idea. Except maybe the last bit.
But to take your analogy further: I suppose what you're really saying is that sites that depend on advertising would be damaged along with the advertisers.
The advertisers themselves, as they currently operate, are no great loss. In fact, they're really no loss at all; their MO is to poke their fingers into user's eyeballs and maybe also ears. The rest of us would be better off without them. They may be doing themselves more harm than good in any case so they might actually be better off if their advertising channels were nuked.
So let's look at the sites. Under your Darwinian notion they have choices, adapt or die. They could adapt by allowing adverts in page and exercising direct control over what goes there. If they succeed in that they survive, if they allow the usual slow-loading, animated, screaming crud they die & if they allow malware they get sued to oblivion. But yes, they can survive.
'Often, the advertisers involved in a malvertising incident may not be the malicious actor themselves. Segura stated: "They may simply have resold to a third-party that abused their trust. For this reason, it would be unfair to terminate the top level advertiser because they did not 'knowingly' participate in the malvertising"'
Point taken. So suspend them for negligence. The entire chain, website & all. Even better, make them all jointly and severally liable for damages by reason of negligence. Then we'll find out just how quickly they can either track down the bad actors or put a trustable chain in place. PDQ I suspect.
"This is why bulk data theft is so much rarer than simple compromises to ... pump out spam ... Getting in is easy. Getting out is hard."
It could be that the "spam" isn't. Set up a batch of email accounts on gmail, outlook etc & fire up the spam bot. Rinse & repeat.
Plus the regular spammers seem to be quite good at burying URLs deep in other people's web sites. If the target is sufficiently pwned that could be an exfiltration portal. Just stuff going out of the normal webserver provided it could be made to look innocuous in the logs.
"Given this last year has seen Heartbleed AND shellshock in far more frequently used codebases - my personal preference is to go with the actively maintained stuff, but YMMV."
"Frequently used" doesn't necessarily mean heavily scrutinised, at least, not until those bugs emerged. It was active maintenance that introduced the Debian ssl bug.
Biting the hand that feeds IT © 1998–2019