* Posts by Doctor Syntax

16426 posts • joined 16 Jun 2014

Anything AWS can do: Microsoft announces UK data centre region for Azure cloud

Doctor Syntax Silver badge

Re: Not worth a penny until MS Dublin is sorted out...

It depends on the legal small print. Can they have a legally air-gapped company set up to own and run it?

NHS IT must spend a fortune to save a fortune, says McKinsey

Doctor Syntax Silver badge

Re: own the software

"Unfortunately that usually means that controlling software HAS to be what the manufacturer supplied and has to run on the manufacturers choice of platform and will never be updated."

This is a case for source escrow. TPP anybody?

Doctor Syntax Silver badge

Re: Delivery...

"Smart guys, but on another planet."

With a business model like that, smartest guys on this planet.

Doctor Syntax Silver badge

Re: own the software

"they could easily have bought the tiny backstreet company."

But that would have involved headcount, HR and whatnot. HR would then probably end up making the only people who understand the code redundant because they don't fit into NHS pay scales - or pissing them off so much the just leave.

GCHQ director blasts free market, says UK must be 'sovereign cryptographic nation'

Doctor Syntax Silver badge

One thing that needs to be clarified. If a password is demanded and given then any attempt to use the data obtained via that password should be counted as self-incrimination and not usable as evidence against whoever gave it.

How Twitter can see the financial future – and change it

Doctor Syntax Silver badge

TheConverstation?

Suddenly we're getting all these items republished from this other site. Is this because the regular columnists have been shoved out? Maybe we should just go there in future instead of el Reg. After all, they have https.

Facebook conjures up a trap for the unwary: scanning your camera for your friends

Doctor Syntax Silver badge

Re: well done!

"Couldn't devise a better pro-privacy campaign."

I doubt it. AFAICS the mentality of the Facebook generation is such that they'll lap it up.

Untamed pledge() aims to improve OpenBSD security

Doctor Syntax Silver badge

"most applications with FreeBSD compatibility"

This is OpenBSD. Either FreeBSD would have to (a) add it to their kernel (preferred option), (b) add a dummy call or (c) expect their users to #ifdef round it.

Touchnote breach: Wrote a postcard with us? Thieves have your pal's name, address

Doctor Syntax Silver badge

Re: Is there actually any business need

"To keep a name and address and in particular payment details once the transaction is completed?"

No. Earlier today I wanted to buy a book advertised on Abe books. To do that it wants me to set up an account. That would mean either giving them the current odds & ends email address that gets zapped after a few weeks in which case I wouldn't be able to reuse the account anyway or log into my email provider and set up another special address for them. As the shop isn't too far away I just rang them up, asked them to put the book to one side & I'll collect it later. The only downside is that SWMBO will probably come with me and letting her loose in a bookshop will cost several hours of time if no actual money. In the mean time Abe books lose their commission.

Doctor Syntax Silver badge

Re: This news really made my Friday afternoon...

"rarely or never use any more... and time to start closing them."

Which will have no effect as they'll not remove your data.

Let's get to the bottom of in-app purchases that go titsup

Doctor Syntax Silver badge

Re: Old TVs

"the numbering wasn't sequential either now I come to think of it"

That's because they were designed to put the BBC & ITV settings next to each other. As they were on different bands there were a good few channels between them. So ours had 2 & 10 next to each other.

Doctor Syntax Silver badge

Re: Content and delivery

"big media is run by dinosaurs and advised by lawyers"

Or vice versa

ProtonMail DDoS wipeout: Day 6. Yes, we're still under attack

Doctor Syntax Silver badge

"our doctors, our judiciary, our journalists and politicians need a simple 'tick box to encrypt' solution from a trusted provider."

No they don't. If you give them a box to tick they'll not do it. It just needs to be encrypted end-to-end AS STANDARD.

Doctor Syntax Silver badge

Re: It's time to update SMTP to make end to end encryption default

"You can use pgp with enigmail. It takes all of five minutes to set up. However, people at heart don't really care."

That is why it needs to be the default. Encrypted and signed.

Signed email? Even Microsoft's email spam filters might be able to spot "click here or we'll suspend your account" spam.

Doctor Syntax Silver badge

It's time to update SMTP to make end to end encryption default

That way there would be no point in NSA or the like hitting anybody. To some extent it would take away part of ProtonMail's advantage but there would still be value being based in one of the few places that takes confidentiality so seriously.

Here's the little-known legal loophole that permitted mass surveillance in the UK

Doctor Syntax Silver badge

Re: Nah

"No such law exists, or has ever existed."

True, it's Hereford, not Chester. Or so I'm told.

Cryptowall 4.0: Update makes world's worst ransomware worse still

Doctor Syntax Silver badge

Re: Straw poll...

Tackle it at OS level.

Store data in a drive or partition only accessible to specific servers. Applications request read/write through these services, similar to a database engine. ID is extended to include application as well as user so the service can be set up to limit write access to the correct application & maybe grant read access to other specified applications e.g. you can only update your contacts via the contact app but your email client can ask for an email address.

The server would need a mechanism for verifying the ID of the request and the application installation mechanism would have to be fairly closely guarded to ensure substitutions weren't made.

One tricky aspect would be having storage that out of bounds to the kernel - or maybe some sort of micro-kernel arrangement. I'm not sure Windows could manage this but maybe OpenBSD could.

Coding with dad on the Dragon 32

Doctor Syntax Silver badge

‘Made in England’

Wasn't the Dragon made in Wales?

ProtonMail pays ransom to end web tsunami – still gets washed offline

Doctor Syntax Silver badge

"I guess they've never heard of the Danegeld"

And that is called paying the Dane-geld;/But we've proved it again and again,/That if once you have paid him the Dane-geld/You never get rid of the Dane.

Doctor Syntax Silver badge

The ransom was probably just one of the NSA guys looking to make a bit of pocket money. No reason why they should stop their attacks.

Drones are dropping drugs into prisons and the US govt just doesn't know what to do

Doctor Syntax Silver badge

Re: Kaboom

"You start by making some laws restricting drone use in sensitive areas."

OTOH you don't stop people who are already breaking laws by giving them more laws to break.

Doctor Syntax Silver badge

Train up top gun drone pilots? Or there's always that bloke with the shotgun...

Read the Economist last weekend? You may have fetched more than just articles (yup, malware)

Doctor Syntax Silver badge

"Team Economist advises that anyone who received what appeared to be a Flash update from the website should change all of their passwords on their computer, and notify their banks and other financial institutions to check for suspicious activity."

I hope they told their readers to get rid of the nasty before they changed their passwords, otherwise it's a bit pointless. Of course I could go to the Economist site & see for myaself exactly what they said but I think I'll give that a miss.

If any of their readers sustains damage from this who's going to be liable, the Economist or PlayFair?

AMD sued: Number of Bulldozer cores in its chips is a lie, allegedly

Doctor Syntax Silver badge

Re: He's a dickhead

"You could say maybe he's a dickhead for suing but not visiting those web sites etc"

Fair enough comment for that. But did he download and read the spec sheet from AMD before he bought. If the manufacturer's spec matches what he's bought then how can he complain? I bought the 1.6 turbo - why wasn't I given the 2.6 V6 4-wheel drive? Should I sue?

TPP: 'Scary' US-Pacific trade deal published – you're going to freak out when you read it

Doctor Syntax Silver badge

Re: Source code

"It says nothing about open source whatsoever. If you *want* to circulate open source code, then nothing in this text prevents you."

I thought that at first. After a few seconds consideration I'm not so sure. The principle of the GPL is that if you distribute an executable you must provide the source. There have been a few instances of companies building products around GPLed code, modifying it & then distributing binaries without source. Although it doesn't stop you circulating code if you want to it seems to give a hiding place for companies who don't want to but should under the terms of the licence.

Doctor Syntax Silver badge

'From a purely US perspective, the best pitch for the deal comes from President Obama who summed it up thus: "The TPP means that America will write the rules of the road in the 21st century.'

From a US perspective it might sound like a pitch. From everyone else's it just sounds like pitch.

Exam board in 'send all' fail: Hands up who knows what the BCC button is for?

Doctor Syntax Silver badge

Re: I can one-up this.

"obviously did not get the BOFH to handle the severance package."

Obviously didn't get the BOFH to handle the mail server - preferably at the same time. Danger, falling mail servers can seriously damage your health.

Doctor Syntax Silver badge

Re: CC and BCC

"surely it should be EC (Email/Electronic - take your pick) Copy ?"

EC & Dummy's EC

Doctor Syntax Silver badge

Re: Does anyone else wince when they see this phrase?

"We take the protection of personal data very seriously."

And no doubt your phone call is important to them.

Doctor Syntax Silver badge

A while ago I had an email like that from someone I'd corresponded with a year or two earlier. Apparently some people from her address book had been spammed with one of those "help I'm stranded in foreign parts" scams. She wasn't sure who'd been spammed so she sent the email out to everyone on her list, about 200 addresses IIRC. I wrote back to her to advise her how to do it properly next time.

Oh dear, I've just remembered, I forgot to include her in my change of address emails earlier this year. What a shame.

Facebook CTO: Clear legal grounds needed for EU-US data exports

Doctor Syntax Silver badge

"I don't think the US would change at the behest of anyone external"

That leaves internal..There's an election pending (there usually is). Campaign contributions anyone?

Doctor Syntax Silver badge

As far as I can make out the situation was that Schrems was accusing Facebook of playing fast and loose with data beyond what it was provided for, i.e. beyond Schroepfe's "clear legal grounds to make sure that your feed isn’t limited to only the people who are also in the EU". His Austrian legal system had punted him to the Irish authorities who tried a "nothing to do with us, squire" on the basis that it was an EU Commission matter because of Safe Harbour, which was their baby. The ECJ kicked it back to them taking out Safe Harbour as collateral damage.

It's up to the Irish to investigate Shrems' complaint to see if it has merit. That could limit FB's use of the data beyond its nominal intended purpose but assuming that intended purpose was to enable FB's customers to blurt out whatever they choose to whoever they choose wherever they may be it's difficult to see that Safe Harbour could ever have been involved with that.

OTOH if a company based in the EU is shovelling customers' or, worse still, employees'* personal data to the US they have a real problem.

*They might stand a chance of defending a model clause as part of a customer contract but I can't see anybody getting away with making it condition of employment; "constructive dismissal" is the phrase that comes to mind.

UK government looks to harness the potential of open data through APIs

Doctor Syntax Silver badge

'data services need to be "built around the needs of users".'

s/users/data subjects/

Brussels flings out Safe Harbour guidelines, demands 'safer' new framework ASAP

Doctor Syntax Silver badge

"Enforcement against non-compliance with the Safe Harbour court ruling kicks in early next year."

So expect another trip to the ECJ next year if this is the best they can do.

Somebody in another thread mentioned groupthink in connection with TalkTalk. Clearly something similar is happening here if they think there's a way of rebuilding it short of a blinding revelation in the US govt.

TalkTalk claims 157,000 customers were victims of security breach

Doctor Syntax Silver badge

Re: Jump on the sinking ship now!

"But in the UK class actions don't exist, and the burden of proof will be quite difficult for individuals to claim compensation"

However a host of customers wanting to leave & claiming in the small claims court against any attempt to extract fees could be a different matter.

Would they try to defend? If they tried and failed would they keep trying? If they overlooked one or two and ignored the judgements they might have a procession of bailiffs rolling up to the front door to seize bits & pieces such as the recepionists' PC. If a couple of well presented cases defeated them they could look forward to haemorrhaging customers.

Fake IT admin tricked Cox rep into handing over customer database – cableco fined $600k

Doctor Syntax Silver badge

So a fine of nearly £400k for token amounts of damage. Come on ICO, what's 1.2million worth?

TalkTalk offers customer £30.20 'final settlement' after crims nick £3,500

Doctor Syntax Silver badge

Re: What does Dido know

'She's a ppe grad. If she says the security wasn't "up-to-scratch" how the F**k would she know?'

I'm sure even she's noticed by now.

Doctor Syntax Silver badge

"With 4m customers what is the probability that in any one given week someone will be subject to credit card fraud?"

You are correct in this, there's no evidence that TT were responsible. However:

"What is with the witch hunt by The Register?"

The response he got from TT deserves condemnation on its own (de)merits. They have failed abominably in their duty of care to their customers and yet are still trying to hold them to contracts. It's probably not going to do them much good in the long run. At the very least it keeps bad publicity in the media for longer. At the most they'll die the death of a thousand cuts in the small claims court and multiple Trading Standards investigators climbing all over them. The contrast between the way they've handled this and the way VW are handling their problems couldn't be greater.

Doctor Syntax Silver badge

Re: Tokenised?

"You then keep the token and throw away the card details."

Except they kept partial details because that's what was listed as part of the data that was leaked. And those card details might be enough to persuade the recipient of a call that they're dealing with a genuine trader.

Doctor Syntax Silver badge

Re: Well....

@ Commswonk

You may well be right about groupthink. This is why the CEO of any company in this position should be expected to walk without compensation (VW got the first bit right). It provides them with a big incentive to keep a close watch on what;s going on in the company and to have that little worry that the person who's "being negative" might actually be the one between you and the one way exit.

The spy in your pocket: Researchers name data-slurping mobe apps

Doctor Syntax Silver badge

Why should the OS maker be considered primary unless they're the app-maker? If I run, say a mail client under Debian Linux there's no good reason why it should require any interaction with either the Debian project or the Linux kernel team. The OS maker is as much a 3rd party as any other.

Cops' IT too complex for quick and dirty revamp – Police ICT boss

Doctor Syntax Silver badge

Bedfordshire should be able to finance their share. http://www.bbc.co.uk/news/uk-england-beds-bucks-herts-34719997

Doctor Syntax Silver badge

"The Police ICT company was finally set up this year after years in the planning."

So it'll be able to get on top of the problem quite quickly. Almost certainly by the end of the century.

iPhone, Windows 10, lonely nights – sound like you? Dump Siri and have a date with Cortana

Doctor Syntax Silver badge

Intelligence, artificial or otherwise?

If Microsoft are so good at this AI stuff why is it that they can't trap "click here or your Hotmail/Live/Outlook/Whatever account will be closed" spam when sent to their Hotmail/Live/Outlook/Whatever customers? The number of these that get through would be good evidence that they're not defending their trademarks if they ever tried to get a passing off case into court.

A bubble? No way, we're in a bust, says rich VC living in alternate reality

Doctor Syntax Silver badge

Perhaps one of the reasons big companies aren't innovating is that there's only a limited scope for profitable innovation at any particular time.

The legitimate options for making money from innovations seem to be providing a new service that can be charged for at a profitable level or advertising. If a business like Uber can't turn a profit the first of those seems to offer very little. So is this what the internet has come down to - conning advertisers that its worth paying good money to piss off potential customers? Or as a medium for criminal activity?

Microsoft's OneDrive price hike has wrecked its cloud strategy

Doctor Syntax Silver badge

Re: Trust, indeed

'I like to use my PC to "do stuff"; I don't want to spend hours "playing" with the operating system.....'

Same here. In particular I don't want to spend those long hours each month while Windows Update hogs everything. So I don't use Windows.

Doctor Syntax Silver badge

Re: (patronising) "choice"

"but what good is it when it's all shit?"

It depends what's all shit. As it happens I spent the greater part of the afternoon trying to work out a problem with a Windows 7 laptop owned by a friend of my wife's. It had been OK until a few days ago, when it was working all morning & not since. Neither IE nor Firefox worked - the former came up blank with "not responding"on the title bar, the latter displayed nothing, just a busy cursor for a few seconds. Internet connection was there - ping to Google worked and my Mint laptop had no problems. Ran virus scan. Ran Windows diagnostics which couldn't identify a problem. Disabled firewall. Re-enabled firewall. Nothing. Eventually I removed the adaptor for a wireless mouse, rebooted and got a major hang - nothing responding but the fan working overtime. Cut the power, replaced the dongle, rebooted & got the screen offering safe mode, went for a normal reboot & the thing started working properly for no obvious reason.

Yup. All shit.

Ransomware scammers: Won’t pay? We'll put your data on the internet

Doctor Syntax Silver badge

Re: interesting new twist

Obviously the ability to perpetrate this stuff is moving down the IQ scale

UK's super-cyber-snoop shopping list: Internet data, bulk spying, covert equipment tapping

Doctor Syntax Silver badge

Re: I personally have no problem with this at all

"She and all the other MP's who vote in favour of it and anyone who can access it have all their data recorded and posted openly on the internet for us all to see."

That would, of course, include any communication you might have with your MP about this or any other topic.

Doctor Syntax Silver badge

Re: A Request

'since when is many eyeballs critically reading proposed legislation "duplicated effort" ?'

It depends on your skill at reading lawerese. A single pair with good skills is probably worth a good deal more than a few thousand average pairs.

Biting the hand that feeds IT © 1998–2019