* Posts by Doctor Syntax

16426 posts • joined 16 Jun 2014

Oh good, half of Defra's Brexit projects involve IT

Doctor Syntax Silver badge

Remember the howls of anger when it took a few weeks to go to court to establish the correct legal process to pull the trigger and how this was delaying "the will of the people"? It's becoming increasingly clear that the lead time to accomplish this is stupidity should have been years just to work out what's needed.

Doctor Syntax Silver badge

Re: with a small exception

"just to patch the date handling on stuff already there."

In some cases it was also a good time to refresh systems. Some commercial products didn't provide updates for older kit. But yes, basically straightforward, required only time and money.

Doctor Syntax Silver badge

Re: Who cares

"It will be like the millennium bug all over again, nice pay, good bonuses, resulting in tax revenue."

Except that the Millennium bug was fixed. Apart, that is, from the odd numpty business who insisted on running their old system into January because "year end"; that was - interesting. I reckon this is going to be a lot more interesting.

Doctor Syntax Silver badge

Our Defra strategy for brexit will be taking the cow to the EU market and getting magic beans. It worked for Jack.

FTFY

Doctor Syntax Silver badge

Re: Standard systems...

"going by the Price2 method they worship"

The official name is Prince 2 but Price squared sounds closer to reality.

US senators rail against effort to sneak through creepy mass spying bill

Doctor Syntax Silver badge

"I simple don't understand why the rules should allow tacking one (or more) distinct, unrelated items onto a bill."

It's got a long and not entirely shining reputation. In Westminster, back in the days when divorce required an Act of Parliament one way to do that was to tack on a clause to some other Act.

Doctor Syntax Silver badge

Paul noted that "the information on foreigners is gathered in a less-than-Constitutional manner – and most of us are okay with that

And still it's claimed the Privacy Figleaf is "satisfactory".

TalkTalk banbans TeamTeamviewerviewer againagain

Doctor Syntax Silver badge

Being generous - it's Christmas - let's suppose for a moment that the TT management realise that they need to provide customers with a safe, reliable service, allowing for the fact that the bulk of their customers aren't going to be anywhere near the upper quartile of IT-savvy.

Given their starting point of having had their customer data breached multiple times, how do they do that?

Doctor Syntax Silver badge

Re: Hmmmm

"As much use as a chocolate Dido."

Much less useful. Chocolate can be eaten.

Your palms are sweaty, knees weak, arms are heavy – you forgot about Europe's GDPR already

Doctor Syntax Silver badge

Re: I may have missed something...

Won't this mean that even more businesses will put customer data directly onto the Internet so that requests for what is held can be automated and sent to the applicant?

Only if they're stupid. For the reason's you mentioned, of course. There's a primary requirement to take care of the data. Putting it "directly onto the internet" would be the opposite of that. That doesn't, of course, mean that stupidity in business management doesn't exist. Some people only learn the hard way. The increased fines just raise the cost of being stupid.

Isn't it just a tax without any benefits to the end user?

Tax? Complying - which is what they should always have been doing, is just a cost of doing business. And "end user" of what? What you should be thinking about is "data subject". And the data subject could be a customer, a supplier, a patient, an employee ... Everyone about whom you want to hold data. If doing things right is too expensive don't do it at all. Don't hold data that you don't need. That is and always has been one of the principles of data protection.

Data Protection was the same, seemed like a good idea

What do you mean "was"? It still is Data Protection. That's what the DP in GDPR stand for.

world plus dog used it as an excuse for "I can't tell you that because of data protection laws" and it became a barrier for getting hold of useful information.

I'm not sure if it's specifically dealt with but wrongful invocation ought to be an occasion for judicial remedies. A good reply to anyone trying would be "I've got the entire text of the Regulation on the computer in front of me. Could you please refer me to the passage to which you refer? If it helps I'll read the entire thing out and you can tell me when I get to the relevant passage".

Doctor Syntax Silver badge

"If it's possible to access private date of multiples in clear text from an employees email system, you're already doing it wrong and nothing will save you. That's not designed for safety, that's designed for disaster."

For high value targets the object of spear phishing isn't to grab the employee's email. It's to subvert that employee's machine as a beach-head to work their way into the system. If you don't allow for that you're doing it wrong.

Doctor Syntax Silver badge

Re: Red herrings

"but am I acting legally by leaving the data that I now know (or have good reason to believe) relates to mrs smith available to mr bloggs?"

Like the man said, get proper legal advice. Like you should have done before setting up your business.

Doctor Syntax Silver badge

Re: I have already registered a company

" Instead or working to fix the problem"

Whoooosshhh!

Doctor Syntax Silver badge

What nobody's managed to say: you can have all the policies in the world but if one eejit clicks on the wrong thing in a booby-trapped email which leads to a breach it's all for nothing.

So what do I make of a bank that causes an email to be sent out that looks exactly like a phishing email* with 12 clickable links in it and claims to be advice to say safe online? Clearly this was devised by a team** of numpties none of whom would see anything wrong with clicking links in spam let alone recognise a phishing email when it arrives in their in-box. Apart from training their customers to be phished they are imminent dangers to their employers because unless they have been safely firewalled off from the rest of the business they are liable to let any passing scam artist into the building.

* It pretends to come from a bank but actually is from a 3rd party digital communications business spammer and the links also resolve to the same 3rd party.

** Nobody gets to spend the budget on their own, do they?

How Google's black box Knowledge Graph can kill you

Doctor Syntax Silver badge

Google is a mere beginner at confusing people. Genealogists have been at it for centuries resulting in people allegedly becoming parents after they'd died - and probably before they were born as well. It's not easy matching names to construct profiles of people. Perhaps they should have tried it out on historical data first and then rolled it out slowly - and stopped when they discovered what a pig's ear they were making.

UK.gov needs help getting folk to splurge on full fibre and 5G

Doctor Syntax Silver badge

Raising taxes is PROVEN to increase local investment in tax avoidance.

Doctor Syntax Silver badge

Re: End Openreach, BT, Monopoly

"AND THEN I MAY FINALLY BE ABLE TO MOVE OFF ADSL!"

Let's say OpenReach drops roll-out of FTTC and concentrates instead of extending FTTP to those areas where it already has fibre in place, namely those which already have FTTC. Does this shorten or extend the time needed for you to get off ADSL?

Hot chips crashed servers, but were still delicious

Doctor Syntax Silver badge

"if a user requests something , hardware , software , or merely how to do something"

The first response is almost always "What are you actually trying to do?".

Doctor Syntax Silver badge

"Nah, eroding workers rights should be easier, so they're going to do that first."

Or all those tight banking regulations.

Doctor Syntax Silver badge

Re: The first question you ALWAYS ask...

"I can't dispense"

With thinking like that it might have been for the best.

SCOLD WAR: Kaspersky drags Uncle Sam into court to battle AV ban

Doctor Syntax Silver badge

Meanwhile, over on the Beeb I see the US is blaming the Norks for Wannacry. http://www.bbc.co.uk/news/world-us-canada-42407488

Here's a quote from them: "The tool kits of totalitarian regimes are too threatening to ignore." Just how much brass neck does the US have?

Ace reporting from the Beeb: as far as I can see there's no mention of the basic toolkit having come from the NSA.

Doctor Syntax Silver badge

Re: Well, that was obvious.

Well done that second person. You've caught up with the teo downvotes. So presumably that's two people who still believe that it wouldn't be obvious for Kaspersky to sue even in the face of reports that they've just done that very thing.

Doctor Syntax Silver badge

Re: Interesting legal theory

"Just what part of the Constitution does Kaspersky's legal team believe this software ban is violating?"

The great US belief in competition in the market place. Free trade and all that.

Doctor Syntax Silver badge

Re: Interesting legal theory

"So Kaspersky's theory is that the US Government is somehow required to have Kaspersky AV software installed on their computers?"

Where does it say that? The complaint is about not even being allowed to sell in competition with other suppliers.

Competition. The great American principle of free trade. Remember that this is the country that goes after its corporations' foreign competitors on any suspicion of state aid. This one stinks of state aid (OK, anti-aid but it amounts to the same thing).

Doctor Syntax Silver badge

Re: Sure

"New government in charge"

Making America grate again.

Doctor Syntax Silver badge

Re: Best of luck with that

"Not sure in this sort of situation they need to conclusively prove you operate at the behest of a foreign spy agency, or potentially provide any proof at all."

What they should have done was depersonalise it - just say US suppliers only. It's calling out a specific supplier that can cause them problems.

Doctor Syntax Silver badge

Re: Well, that was obvious.

Only one downvote? Somebody's slacking. When I pointed out the obvious a week ago I got 2!

Doctor Syntax Silver badge

Well, that was obvious.

If they'd just specified USian-only that would probably have been OK but to call out one specific company was just asking to be sued.

Seagate's lightbulb moment: Make read-write heads operate independently

Doctor Syntax Silver badge

Re: Old tech solved this decades ago

Isn't that what disk drives handle themselves these days? https://en.wikipedia.org/wiki/Elevator_algorithm

Doctor Syntax Silver badge

Re: I cant be the only one..

Followed rapidly by "Wouldn't it be better to have them both read/write?" heads. And that followed by "That's what they've done". Followed in turn by "But they've only addressed half a cylinder at a time. Why didn't they make two separate arm sets and make them full height?".

Doctor Syntax Silver badge

Wouldn't an 8 platter drive need 16 heads or are they just using single sides these days?

In effect this splits the drive into two logical drives. There needs to be a prize for someone who has the bright idea of using these as a mirror pair. A wooden spoon?

PHWOAR, those noughty inks: '0.1%' named Stat of The Year

Doctor Syntax Silver badge

Re: The UK has much more in the way of peat bogs (9.4 per cent).

"Is it just the raised ones that are scarce?"

Blanket peat probably accounts for most of it from Dartmoor, through Wales & the Pennines into NW Scotland and not forgetting the Antrim Plateau and Sperrins.

No hack needed: Anonymisation beaten with a dash of SQL

Doctor Syntax Silver badge

Re: 'Make a law'

"outside of the immediate jurisdiction where the law applies"

Except, of course for the US which believes its law applies everywhere.

'I knew the company was doomed after managers brawled in a biker bar'

Doctor Syntax Silver badge

Re: RE Gearbox

"Makes sense, I don't know anyone who'd willingly admit they owned a Corsa."

Even less to admit to being a Mastercare engineer.

Doctor Syntax Silver badge

Re: It's all fun and games until someone's toes freeze solid and shatter,

"Hydrogen baloons with lit fuses floating at the ceiling - you name it."

Beginners! We had a means of inflating balloons with town gas (coal gas). Blotting paper impregnated with sodium chlorate as fuses and several match heads as dets. There were launched outdoors from the bottom of a deep, narrow valley after dark. The bang echoed nicely and the burning match heads arced across the sky.

Doctor Syntax Silver badge

" the AI lady's LN2. (She keeps her semen in it.)"

There's a warning about 2 letter abbreviations!

Doctor Syntax Silver badge

"Think I'm showing either my age or my university's lax attitude to the welfare of its students, but at the time the only requirement was to make sure the room was ventilated and gloves were forbidden (the risk being, apparently"

I'm with you on this one. In the late '60s - early '70s we had no particular precautions. The supply was a large flask on a tilt stand and was dispensed carefully into the smaller flasks used to chill down some of the cold traps on the carbon dating system. IIRC the University porters brought filled flasks from a larger supply in the Physics Dept. I can't remember about gloves but we probably had them for handling the dry ice which was used for some of the other cold traps.

Engineer named Jason told to re-write the calendar

Doctor Syntax Silver badge

Re: "Can't we get rid of May?"

"We tried that in June, but we were foiled by the Orange March."

Orange Marches are usually in July.

Doctor Syntax Silver badge

Re: Can't we get rid of May?

"Literally just before one of the biggest busts in memory."

Not just before. He'd been saying that for years whilst engineering a long boom by having the BoE base interest rates on the principle that a house price bubble wasn't inflation, ignoring runaway borrowing and taxing the future by killing the pension funds' tax relief on dividends. By keeping the cycle going longer and further than normal he just ensured that a bigger boom was followed by a bigger bust.

Doctor Syntax Silver badge

Re: Can't we get rid of May?

"Imagine the media coverage if that was being spent on any other industry."

Imagine the media coverage if they hadn't bailed out the banks. Although there might have been rather less media to provide the coverage - a collapsing bank is likely to take most of its customers down with it.

Doctor Syntax Silver badge

"ah the good old days. Cant do that anymore"

You still can if you own the company. Calling themselves Mythic Beasts gave the company the ability to name their servers after mythical beasts.

Doctor Syntax Silver badge

Re: Can't we get rid of May?

"When Blair left office in 2007, the National Debt was ~36% of GDP. Its now well over double that."

He sidestepped the crash. Things were well on the route to getting a lot worse.

Doctor Syntax Silver badge

Re: Can't we get rid of May?

"Blair might have dragged us into an illegal war, but at least he didn't completely stuff the country"

Not on his own. He had his side-kick Brown to help with that. Then neatly stepped aside just in time to avoid the inevitable result.

Oi, force Microsoft to cough up emails on Irish servers to the Feds, US states urge Supremes

Doctor Syntax Silver badge

Re: UK not much better (in the quality of its arguments)

"The article clearly states that MS can access the data from within the US"

Where do you see this in the article?

Do you mean this: The prosectors argued Microsoft is an American corporation and therefore should obey an order from an American judge; where the data sought existed was immaterial – it could be accessed from Redmond's US offices.?

Or this: “The court reached this conclusion even though Microsoft could easily access the stored data from its United States offices,” the group said, echoing a key argument in the DoJ’s case against Microsoft.?

In the first case note that this is an argument by the prosecution and in the other the group referred to is the not entirely disinterested group of state attorneys general in it's a claim in an amicus brief.

Neither of these constitutes evidence. Neither is clearly stating fact.

"I have no interest pro or anti any of the parties in this case, but surely where the information is accessible from, and by whom, is just as important as where it's physically stored? Otherwise, all reasonable law enforcement in the digital realm could quickly become impossible"

How many times does it have to be pointed out that if the authorities have a case to justify a warrant there is an existing process whereby they present it to a court in Ireland in whose jurisdiction the data resides? So reasonable law enforcement is not impossible. The fact that they have not done so gives rise to grave suspicions that something else lies behind it - anything from initial ignorance of the due process backed up by pig-headedness or a severe case of willy-waving to embarking of a fishing trip with no case at all. It doesn't need any interest in the outcome of the underlying case to be deeply concerned about due process in accessing it. Due process of law should be of interest to us all.

Doctor Syntax Silver badge

The next step?

The EU should test the US's attitude on the reciprocal of this. Start a tax investigation into Trump's EU property and apply for a warrant in an EU court to get his tax returns.

Doctor Syntax Silver badge

"What numpty wasted taxpayers money coming up with this one?"

On reflection this could be much more than a waste of money. It could cost British business dear. When, post-Brexit, the UK is looking for adequacy under GDPR this cavalier attitude could be held against us.

Doctor Syntax Silver badge

Re: Yeah, but common sense, too...

"Well in the case of the EU it would be because personal data stored in the EU is protected under the GDPR regulations"

Not quite yet. GDPR doesn't apply until May 2018. But GDPR only tightens up on an existing directive.

Doctor Syntax Silver badge

Re: Change "email" with "money"...

"Don't get me wrong, I'm all for the courts being in Microsoft's favour. It's just, rationally, I find it hard to support"

Rationally it's not at all hard to support. There's an established procedure for this, one which involves going to the Irish courts. They should have used it. There's no indication that they tried. Supporting due process of law vs taking short cuts isn't at all irrational.

Doctor Syntax Silver badge

"Because of such storage policies, and due to technological change and the global nature of the communications environment, the U.K. does not believe that the geographic storage location of data should be the determining factor for whether or not a nation may gain access to such communications."

Does HMG really believe that if the Feds won this one that the US would reciprocate and grant access to US servers on the basis of a warrant in a UK court? What numpty wasted taxpayers money coming up with this one?

Doctor Syntax Silver badge

Re: Yeah, but common sense, too...

" why in the hell should the police have to involve the government of another country just because the emails are located on some server there?"

They don't have to so why are they doing it?

There's no need to involve the government of another country. All they have to do is involve the courts of that country by following existing agreed procedures. So why do they try to go barging in heavy handed in a way that gets governments involved in defending their sovereignty?

"This whole situation highlights the serious need for more and better international agreements regulating this sort of thing."

ROFLMAO. The international agreements of which you write already exist. This entire episode is the result of the authorities in this case choosing not to use them.

All they have to do, assuming they have a case, is to present that case to the relevant court and get a warrant. Microsoft Ireland would be bound to abide by that warrant. The Irish government would not be involved. (Technically, I suppose, it would have already been involved in negotiating with the US the relevant treaty which the US authorities are now ignoring.)

So why are they getting themselves in this position. Is it that they don't have a case? Do they have a case but can't be bothered to get off their arses and present it to the relevant court? Are they trying to establish a precedent whereby they can go to a complaisant US court for fishing expeditions when they really don't have a case and know they'd be laughed out of an Irish court? Did the read the word 'foreign' and think they'd have to present the case in a non-English language? If it's that I can assure them that they speak excellent English in Ireland. Do they just fancy throwing their weight about internationally to bully smaller countries, given they're not doing very well with Russia or the Norks?

If they get their way with this things will not go very well with a large swathe of the US tech industry in the future. The Privacy Figleaf can be expected to shrivel up and die and it will be very difficult to persuade anyone in the EU to have another shot at replacing it. Any US business that depends on the Figleaf this will find EU business drying up. Other markets might follow. You might find yourself reminiscing about the halcyon days when the US had an international tech industry.

Biting the hand that feeds IT © 1998–2019