* Posts by Doctor Syntax

16426 posts • joined 16 Jun 2014

A developer always pays their technical debts – oh, every penny... but never a groat more

Doctor Syntax Silver badge

Re: If it was hard to write, it should be hard to understand!

"And as well as describing the method that works it would be kinda handy to know what other approaches were tried and rejected."

Probably from Dr Dobbs or the like, the rubric went something like this:

Apprentices' comments say what the code does.

Journeymens' comments say why it does it this way.

Masters' comments say why it doesn't do it some other way.

Schrems' Facebook case edges closer to ruling over EU-US data flows

Doctor Syntax Silver badge

By the time the ruling comes along the legislation applying at the time will be obsolete and the whole thing will presumably have to start up again under GDPR although it probably would have done anyway.

In the meantime recent events should have concentrated the ECJ's minds. Perhaps Zuck & Co will be wishing they'd got it settled earlier. Sometimes dragging cases out doesn't pay.

'Dear Mr F*ckingjoking': UK PM Theresa May's mass marketing missive misses mark

Doctor Syntax Silver badge

"They have an office in town, I sometimes wonder what nastiness I could post through their door and stay on the right side of the law."

We used to get mailings for a former tenant from a college he attended. As he was studying for the church it should have been fairly straightforward for them to check the relevant directories for an up-to-date address. When I got fed up with returning them I rang them up and told them that in future I'd keep returning them but there would be a £10 handling charge each time and I'd go to the small claims court if it wasn't paid. They stopped.

Doctor Syntax Silver badge

"I wouldn't mind, but I've never voted"

So don't complain about what those who got voted in do or don't do.

Rudd-y hell, dark web! Amber alert! UK Home Sec is on the war path for stealthy cyber-crims

Doctor Syntax Silver badge

"history isn't about regurgitating a sequence of events and dates, but the reasoning as to why event A led to event B (or the circumstances and events that led to something happening) - it's primarily critical reasoning."

I agree. So how do you explain Amber Rudd?

Doctor Syntax Silver badge

Re: Kingpin or strike.

Lack of education for those that fall out of the "easy to teach" category.

Lack of career prospects for those that have fallen out of the above.

There seem to be career prospects in such fields as politics. The last few Home Secretaries provide examples.

Doctor Syntax Silver badge

Re: Kingpin or strike.

"My only and last word on the matter. We either tackle the cause of wealth and opportunity disparity or we attempt to remedy the symptoms."

I can see why you say it's your only word on the matter. You want to leave the hard bit to somebody else.

Boffins pull off quantum leap in true random number generation

Doctor Syntax Silver badge

Re: Just a random idea

"That is because they are all arts graduates."

Worse. They're PPE graduates.

Mark Duckerberg: Second Congressional grilling sees boss dodge questions like a pro

Doctor Syntax Silver badge

Re: Liar

"And if data are truly physically deleted is something that should require an independent audit. EU laws requires it - but is FB compliant?"

I'm not sure of the exact EU laws on this but what's needed, and needed to be used, is legislation that allows regulators to be able to pro-actively audit businesses. They need teams entitled to and capable of turning up at reception with not prior appointment able to go through systems to account for all the storage in use, reconcile it with schemas, samples of data and not leave until either they've satisfied themselves that there's nothing underhand or that they're in a position to bring charges.

A code injection to stop code injection could solve serverless security

Doctor Syntax Silver badge

"apart from the cloud service provider's bill"

Remind me again - who's pushing this?

Google's not-Linux OS documentation cracks box open at last

Doctor Syntax Silver badge

"Surely anything that replaces Android would have to be able to run the millions of Android Apps or else it will become another Windows mobile, Firefox OS, Blackberry etc."

That's an instantiation of a generic class of comment. You could replace the names with CP/M, MS-DOS and any other formerly popular OS you care to think of.

Right now we need a mobile OS that doesn't allow apps to poach each others' data. Will Google deliver that?

PCs were more and less expensive in Q1 as shipments stalled

Doctor Syntax Silver badge

" Slipping shipments therefore indicate slower replacement cycles and the fact that buyers now have a choice of smartphones, phablets, tablets and detachables for their computing needs."

And all the losses at the margins through refusal to produce what some purchasers are looking for because "there's no demand".

Hey, so Europe's GDPR privacy deadline for Whois? We're going to miss it ... by a year or so

Doctor Syntax Silver badge

"I for one would like to see ICANN themselves being used as an example by the EU."

It's a nice thought but I doubt it would fly. The data subject's arrangements are with the registrar. It would take a court case to determine how the law applied.

Doctor Syntax Silver badge

Re: private registation

"Seems there has been a solution available for a long time already called private registration... But of course registrars like to charge a premium for that service."

With my registrar it's just a tick box. My name is shown on whois but address is withheld. No charge - or if there is I've never noticed it in my payments.

Doctor Syntax Silver badge

Re: Not sure I see the problem

"Registrars can no longer pass on the data until ICANN has Model Data Clauses in place"

Model clauses are an artefact of the Privacy Figleaf which is looking pretty shrivelled in these days of CLOUD and GDPR. It's only a matter of time before everyone realises it's meaningless.

Doctor Syntax Silver badge

Re: If roles were reversed, would USA give EU more time?

"the Irish government needs to be involved in the process if the data doesn’t clearly belong to a US citizen."

GDPR protects EU residents so a US citizen resident in the EU would still come under its protection. Presumably US corporations who are potentially vulnerable will be making plans for arm's length operations for EU data.

Doctor Syntax Silver badge

A year or more? It depends on how quickly the cases work through the regulators' systems. Once the fines start rolling in it will take a lot less than a year after that.

Gemini: Vulture gives PDA some Linux lovin'

Doctor Syntax Silver badge

"Making a call is a tedious process, requiring opening the clamshell to dial the number."

I think the solution to making a clamshell smartphone is to emulate the old Nokia Communicators and put a basic keypad/display on the outside of the lid.

https://en.wikipedia.org/wiki/File:Nokia-9210i-9500-e90.jpg

Gmail is secure. Netflix is secure. Together they're a phishing threat

Doctor Syntax Silver badge

Re: We'll be using Ivp6 as name s next

"phone number as their unique user identifier, since they are pretty much universal and unique now."

Something must have gone wrong with with the allocation. My phone number and SWMBO's are identical.

Doctor Syntax Silver badge

"Nobody will EVER take an email address as a unique ID"

Maybe I've missed the irony in your post but if not what's the ID you use to sign in on el Reg?

I've got a login at IBM which uses an email address based on an ISP I left probably a decade ago.

Doctor Syntax Silver badge

Re: Don't click links in email....

"only for banks to 'modernise' by delivering their instructions by email."

Banks really should know better. Training their customers to be phished is just stupid beyond belief but is there one that doesn't do it?

Doctor Syntax Silver badge

“It's an example of two systems without a security vulnerability coming together to create a security vulnerability.”

Disregarding valid characters in an address looks like a security vulnerability to me if it allows scams like this.

Facebook: Look at our latest bug bounty that proves we're serious!

Doctor Syntax Silver badge

"The biz went on to say that it had deleted the raw data from its file server"

That doesn't account for any data in a processed form or any raw data on someone else's server.

Doctor Syntax Silver badge

"I interpret that as, they are willing to interfere in any election for anyone."

I'm sure they're more selective than that. You've got to be able to afford to pay them.

Azure needs extra security controls before it's fit for government use, says Australia

Doctor Syntax Silver badge

Re: "additional configuration and security controls"

and with the regular, can-changeread-at-MUS's-whim EULACLOUD Act

FTFY

Company insiders behind 1 in 4 data breaches – study

Doctor Syntax Silver badge

Re: Well of course...

"Um, like having the company details of my customers so that I can send them an invoice?"

Or like collecting and keeping your customers credit card details so they don't have to enter them again? Unencrypted?

IBM swings shrink ray from workforce to mainframes

Doctor Syntax Silver badge

"Yet if the machines are as advanced and secure and generally wonderful as IBM insists, surely more buyers would already find them compelling?"

Price? Worry that as the vendor keeps shrinking there may be nobody left to support the kit?

They're back! 'Feds only' encryption backdoors prepped in US by Dems

Doctor Syntax Silver badge

It's perfectly simple. All they have to do is put it out to tender with the proviso that any proposed solution be critically examined for cryptographic flaws and flaws which would allow the system to be hacked. The project tender should be in two stages. The first would be given to a number of contractors, each to perform a feasibility study and proposal, the second would be awarded to the best proposal.

They can be seen to be doing something which will keep them happy. As the rest of us know the tender will be on a hiding to nothing the rest of us can be happy. The latter includes the contractors because they know they can be paid for doing a lot of work on the feasibility study and still get paid for saying it can't be done. One bright spark, of course, will probably come up with an idea which will eventually fail on critical assessment but they'll still be paid.

This is not, unlike many government IT projects, a waste of public money. It will be an excellent investment on keeping the idiots off everyone's backs, possibly for years with the additional advantage that as it will fail in their own terms they can still eventually be vilified for wasting public money.

Doctor Syntax Silver badge

Re: As I've said before...

"I'm suggesting every legislator should be forcibly memorialized on their eventual tombstone by reference to their stupidest act of public legislation."

Maybe you've just explained Stonehenge.

Modern life is rubbish – so why not take a trip down memory lane with Windows File Manager?

Doctor Syntax Silver badge

Re: File Manager supports MDI, Win10 theme doesn't

"Win10 lacks any polishment at all"

The problem is that the designers of all this modern stuff think it's more polished.

Doctor Syntax Silver badge

Re: Ribbonless

"I dream of days without a ribbon in my interface."

https://www.libreoffice.org/download/download/

https://www.kde.org/applications/system/dolphin/

Doctor Syntax Silver badge

Re: Bring back DOSEDIT

"I have no idea if vi can be set up to do that. "

Neither have I but seeing as I've been using it since the days before keyboards had such fripperies there's no need for me to even check. The dreadful vim might well have that. My first encounter with that load was with a setup that had been configured to hide the ^Ms from then end of lines and as I wanted to use it to delete those I wasn't impressed. I was left wondering what else it might be set up to hide. So as far as possible vi and its relatives are links to /usr/bin/nvi.

Doctor Syntax Silver badge

Re: OMG can I say SQUEE?

"What is the impulse to break established UI conventions?"

Tinkering. Somebody wants to "do something" but the functionality is either (a) what's needed or (b)hard work but the interface can always be made more "modern".

Doctor Syntax Silver badge

Re: OMG can I say SQUEE?

"I must be the only one who hates win 10 flat everything and prefers 3D widgets."

Oh no you're not. And that doesn't only go for W10 flatness. It applies everywhere although in other places there are options for fighting back.

Doctor Syntax Silver badge

Re: Surprising Comeback on Windows 10

"No one ever sat down at the computer with the express intent of playing with Word or Excel itself."

Well, that pair, never. The LibreOffice equivalents are a different matter. If the program icons are sitting on the panel waiting to be clicked it can be the quicker way to bring up a recent document. On the whole I agree with your sentiment, however; the idiocy of UX designers who seem to think forbidding data icons on the desktop is beyond belief.

Lib Dems, UKIP's websites go TITSUP* on UK local election launch day

Doctor Syntax Silver badge

Re: What's so special about this NationBuilder thing?

"Didn't Tomcat, IIS or SharePoint suffice?"

You need to explain it in terms your potential market will understand. Good luck trying to sell any of those and many others -PHP, Drupal etc - outside of the IT department. Someone going to political parties and explaining their services in terms that politicians understand ("winning votes" will be a good one but "communicating with voters" will probably be enough) stands a chance of making a sale.

Doctor Syntax Silver badge

Re: NationBuilder, eh?

a crisis in the charity sector due a severe drop in income as a result of their inability to write to supporters who didn't return the "yes you can contact me" forms.

That'll be the National Trust in my case. Their effort has a very nastily misleading header on the top of the letter. It's a picture of a very large ticked box beside a headline "Stay in" clearly intended to give the impression that you'd lose your membership if you failed to tick the boxes on the form. Of course it only refers to their mailing attempting to flog me cruises, holiday cottages and all sorts of other stuff I've no interest in so they'll actually save money by my not opting in. I'm considering a complaint to the ICO as it clearly gives the impression that membership is tied to accepting their marketing guff which is contrary to the GDPR. Whilst I'd not like the NT to be fined a public caution might be a warning shot to others.

Sysadmin shut down the wrong server, and with it all European operations

Doctor Syntax Silver badge

Re: Fullscreen RDP sessions

"unscheduled data resilience testing - AND YOU FAILED!"

That's for everyone to add to their list of things to say.

Police chief wants citizens to bring 'net oligarchs to heel

Doctor Syntax Silver badge

Re: Civil laws

"The performance targets are badly flawed."

This is almost always the case with performance targets.

Firstly, they have a great tendency to be inappropriate. Measuring things properly is hard. That means looking for something easy to measure even if it's not a big issue and ignoring the hard to measure relevant target.

Secondly, it sets up a system just asking to be gamed.

Doctor Syntax Silver badge

Re: Civil laws

"Obviously there's the easy go to of the Robin Hood Airport Case. What everyone wrote off as a joke, South Yorkshire Police thought was worth pursuing"

And yes, every bomb threat can be written off as a joke. Right up to the time when one isn't and then everyone from the Grauniad to the Fail will come down on the police like a ton of bricks for not taking it seriously.

Doctor Syntax Silver badge

Re: UK Laws are the problem

"Create a limited company, transfer the subject of the lawsuit to the company in lieu of shares and order as a director the company to sue."

Doesn't this then have the disadvantage of losing the protection of consumer legislation which might have applied otherwise?

Doctor Syntax Silver badge

Re: UK Laws are the problem

"Where, if you lose then you may well find that YOU are having to pay the other sides legal fees as well as your own."

Not if the damages fall within the small claims limits. BigCo then has to decide whether to throw lawyers at the case or pay the claim which is probably going to be the cheaper option. They may, of course, choose the former to avoid opening the floodgates.

Linux Beep bug joke backfires as branded fix falls short

Doctor Syntax Silver badge

Re: A stand-alone program to ...

"One could ask the same of the vast majority of software packages and features, and never receive a satisfactory answer,"

It depends who you ask. Ask most people who thought, say QGIS (what's that, you've never heard of it?) was for and you'd receive blank looks. But there are enough people who need a GIS (never heard of that either?) to develop it originally and to continue with that.

My PC makes ‘negative energy waves’, said user, then demanded fix

Doctor Syntax Silver badge

Re: "And bluetooth with Win10 is an iffy affair"

Another good book pass on to the youngster is O'Reilly's "UNIX Power Tools".

Got that one somewhere as well. Coherent brings back memories albeit only of reading about it in Byte. However, there's a limit to what one can present a 10 year old with.

However, mention of Byte reminds me it might be a good idea to find my copy of the issue on RDBMS from which I learned pretty well everything I know about database design* apart, of course, from what I picked up by actually doing it for a few decades.

*I've encountered at least one CS graduate who knew less than that Byte covered.

Doctor Syntax Silver badge

Re: "The Waves"

"that huge source of waves hanging in the sky during daylight."

If you think that's a problem what about night. The Earth is now between you and all those waves. What's it doing to them as they pass through it to get to you? It doesn't bear thinking about.

Doctor Syntax Silver badge

"the two mice ... kept interfering with each other."

And that, folks, is how you get baby mice.

Doctor Syntax Silver badge

the "clutter free desk"

They'll tell you "a clear desk is the sign of a clear mind". What it really means is that an empty desk is the sign of an empty head.

Doctor Syntax Silver badge

"I know one person who trained themselves to use a mouse with their left hand (it took them a week, they tell me) so they could swap every hour."

What? Have to clear two patches of desktop to use a mouse on?

T-Mobile Austria stores passwords as plain text, Outlook gets message crypto, and more

Doctor Syntax Silver badge

Re: as plain text

"The popular salt/hash method demands that the password is transmitted plain"

It demands that the password be made available to be hashed for comparison with the stored has. How it gets from keyboard to hashing algorithm is not addressed. It can be encrypted in transit and decrypted to be hashed.

Doctor Syntax Silver badge

Re: T-Mobile

Very much like banks that are so "secure" that they insist on certain characters out of the extent of your password. In other words, they have the thing in plain text in order to compare individual characters.

They ask for a combination of several characters. Let's try this one for size:

- You enter a new password.

- The bank extracts combinations of N characters. Perhaps all possible combinations, perhaps a subset of a long password.

- Each combination is hashed and the hashes stored together with a note of the positions of the characters of that combination.

- When you log on the system chooses one particular combination, asks you for the relevant characters, hashes what you enter and compares the result to the stored hash.

Not only can this be achieved without storing plain text, the system doesn't even store your password as a single entity, not even when hashed.

Biting the hand that feeds IT © 1998–2019