* Posts by Hawkeye Pierce

47 posts • joined 30 Jun 2015

Mozilla returns crypto-signed website packaging spec to sender – yes, it's Google

Hawkeye Pierce

Re: Can we get Web caching back, please?

> Then HTTPS-everywhere mania kicked in, and now every single load has to go back to the origin!

Absolute 100% codswallop. Your local browser is more than capable of caching HTTPS resources and will be doing so on every HTTPS site you visit unless that site is explicitly instructing the browser not to.

And to pick up on one other comments made here... Using HTTPS does not prevent a man-in-the-middle from seeing what DOMAINS you're accessing but does prevent them seeing what PAGES within that domain you're reading. That anti-government Facebook page you read - no the MITM can't see that you're accessing that.

We've read the Mueller report. Here's what you need to know: ██ ██ ███ ███████ █████ ███ ██ █████ ████████ █████

Hawkeye Pierce

Re: The Mueller report was one big nothingburger

Oh for goodness sake.

First off, there were were more 14 lawyers on the team so stop selectively referring just to the 14 whose political registrations are known. Secondly being a registered Democrat alone does not make you a "rabid Clinton supporter". Thirdly, going with your 14, I note you "forget" to mention who the non-"rabid Clinton supporter" is known to be... the registered Republican... I'll give you a clue... Mu*ll*r.

But most importantly, so bloody what? Way to go as an example of "if you don't like the message, shoot the messenger"! There is plenty of stuff in the report that is extremely alarming even if it doesn't pass a determination of criminal activity. Or would you like to try and justify every one of the acts in the report?

Or are you saying that the investigators were biased? In which case perhaps you'd like to share with us the bits in the report that are false? Or exaggerated? Or what evidence was overlooked?

No, you can't actually do any of that, can you? So you just parrot the "it's all fake", "it's all a conspiracy" statements as loud as you can to try and drown out what you don't like hearing.

Happy Thursday! 770 MEEELLLION email addresses and passwords found in yuge data breach

Hawkeye Pierce

@Sotarr Re: Interesting, but. . .

I don't know what site you've entered your password on to find out it was compromised but it can't have been Troy Hunt's Have I Been Pwned if you think there's a pay service to get more details.

Facebook to appeal against ICO fine – says it's a matter of principle not to pay 18 mins' profit

Hawkeye Pierce

@ratfox: Re: "it's a matter of principle"

No it's not. If you don't keep data secure you can expect a fine if you get caught. Doesn't matter if you didn't actually leak data, although you might reasonably expect a fine more towards the lower end of the range depending on how negligent you were. They quite clearly had a practice which broke UK data protection laws irrespective of whether they did or didn't share UK data.

After all, how ridiculous it would be if everyone was allowed to keep data completely insecure but you ONLY got fined if someone did actually get hold of it. The fine is there (or at least should be there) to ensure people take the correct steps, not as some money-making, after-the-incident, activity on the part of the authorities.

Your RSS is grass: Mozilla euthanizes feed reader, Atom code in Firefox browser, claims it's old and unloved

Hawkeye Pierce

@Sam Adams: Re: I've always liked RSS

ElReg does still allow you to get an RSS feed by querying the author, for example:

http://feed.theregister.co.uk/rss?q=alistair%20dabbs

Equifax IT staff had to rerun hackers' database queries to work out what was nicked – audit

Hawkeye Pierce

Monitoring isn't monitoring...

Just as a backup isn't a backup if you don't (albeit periodically) prove you can restore it, neither is a monitoring system monitoring if you don't periodically test that it's working as desired.

Put another way, if a software system test doesn't throw up any bugs, my first instinct is to question how thorough the testing was. Likewise if I don't get any alerts from a system designed to raise alerts, in any given period, I need to question whether it's working!

Princely five years in US big house for Nigerian biz email scammer

Hawkeye Pierce

Unclear

I've read the article but it's unclear... am I going to get my $10 million or not now?

Intel hands first Optane DIMM to Google, where it'll collect dust until a supporting CPU arrives

Hawkeye Pierce

Re: Purley Microarchitecture?

Reminds me of the story that back in the early days, IBM used to name their internal and highly-secretive projects by picking the name of a road around their research establishments. Cue journalists also selecting road names at random and asking some IBMer "How''s project XYZ" going, to much consternation about how said journalist knew about that project!

Amazon meets the incredible SHRINKING UK taxman

Hawkeye Pierce

Re: Dividends/Tax/Profit/Revenue/Van Drivers & Box Packers?

Not true - assuming the shares are in an approved incentive plan. Up to £3.6K in shares can be given per year and if kept for five years, they are tax, NIC and CGT free.

See https://www.gov.uk/tax-employee-share-schemes/share-incentive-plans-sips

Hawkeye Pierce

@Thoguht: Re: Just say No to Amazon

The paragraph you quote is not "a duty" and there is no such requirement under UK law. The word "prosperity" does not feature at all in the in the Companies Act 2006 which codifies a director's responsibilities.

The closest requirement is as follows and clearly involves more that simply "maximising the company's profits":

"A duty to promote the success of the company (including considering the interests of the company’s employees, the community and environment, the company’s reputation, and the company’s members)."

Hawkeye Pierce

Re: How it works:-

No employees won't "have to pay personal tax on the value of the shares they receive". Depending on how long they hold them, they will be tax free.

TSB boss: We know everything's working, you just can't see that

Hawkeye Pierce

Banks == IT Companies

I read an article some time back (Cringley perhaps?), the premise of which was that there are many companies around who are IT companies but don't realise it.

This particularly applies to banks and quite frankly if you view them as being an IT company and they screw up on the IT, you wouldn't look to use them again.

GoDaddy told off for reeling in punters with 'misleading' prices

Hawkeye Pierce

@Donn Bly - Re: Maybe we should raise a petiton

Sure, but if when you go to rent your $100 per day vehicle, they ask you for $365,000 because the minimal rental term is one year, you'd be a bit p*ssed off - which is equivalent to what happened here.

From July, Chrome will name and shame insecure HTTP websites

Hawkeye Pierce

Re: Dumb move

>> It's plain out nonsense that a website which doesn't ask for any user input would be more secure if it uses HTTPS vs. HTTP.

No it's not nonsense at all. A website that doesn't use HTTPS can have its pages, as displayed in the browser, modified in any way by simple MITM efforts. That's trivial to do and therefore it is most certainly less secure than if it used HTTP.

(NOTE: That's not to say it IS secure if it uses HTTPS just that it's more secure as there are less attack vectors).

I'll torpedo Tor weirdos, US AG storms: Feds have 'already infiltrated' darknet drug souks

Hawkeye Pierce

Always suspicious...

Maybe I'm being naive, but whenever I hear such a statement as "We have already infiltrated their networks, and we are determined to bring them to justice", I have to think "then why have you just announced that in public?"

Surely if you are determined to bring them to justice, you'd keep quiet about it whilst you go about bringing them to justice, rather than give everyone the heads-up, giving them a chance to disperse to other mediums and/or use better encryption/safeguards/etc.

Public statements such as that are either false, or are predominantly being made to appeal to some section of the voting population or to the person's boss... (or indeed all three).

We translated Intel's crap attempt to spin its way out of CPU security bug PR nightmare

Hawkeye Pierce

Re: Handbrake

But that's what I'd expect for something like Handbrake which is not going to be hitting the kernel much. Written efficiently, it will load a chunk of video in from the disk, work through that, spit it out and then load another block. In the broad scheme of things, only that disk access is going to suffer, and that's (simplistically) once per block read or block write. It's not going to be hitting the disk on a frame-by-frame basis, and the kernel's not going to be used for converting the frames.

Shazam! Apple chucks £300m at Brit what's-that-song app – report

Hawkeye Pierce

Re: The financial world is crazy...

Sloppy reporting I'm afraid...

Latest accounts (available via Companies House website) show a TURNOVER of £40m, Gross Profit of £37m, but Administrative Expenses of some £41m leading to a operating loss of around £4m. So "making £40m" a year should not be equated to "making £40m PROFIT" by any stretch.

UK.gov not quite done with e-cigs, announces launch of new inquiry

Hawkeye Pierce

@FrogsAndChips Re: Smokers are net contributors to the welfare state

This is a reasonably sourced article:

https://fullfact.org/economy/does-smoking-cost-much-it-makes-treasury/

Teen who texted boyfriend to kill himself gets 15 months jail

Hawkeye Pierce

@DA: "Committed Suicide"

Indeed, I thought everyone knew not to use that phrase, especially journalists.

See point 5: https://www.samaritans.org/media-centre/media-guidelines-reporting-suicide/advice-journalists-suicide-reporting-dos-and-donts amongst other places.

US voter info stored on wide-open cloud box, thanks to bungling Republican contractor

Hawkeye Pierce

Re: Voter Fraud

Wow you must have some significant inside information given that the state audit into the discrepancy found no evidence of persuasive voter fraud and that human error and possibly machine error was the main cause.

So no, common sense does not tell us that foul play was involved.

Who will save us from voice recog foolery from scumbags? Magnetometer!

Hawkeye Pierce

Re: Quad

> Oh, come on, even the president can remember 12345 as his code.

Hang on, I thought it was "covfefe"

UK biz: Oh (yawn) GDPR? Was that *next* May? – survey

Hawkeye Pierce

Re: Brexit?

It's also going to apply to anyone wanting to do business with, or in, an EU country regardless of where you are based. So whether or not a future UK government "changes it", you'll need to comply if you want to do business in the EU (and if you believe that any penalties under GDPR will be enforceable).

'Password rules are bullsh*t!' Stackoverflow Jeff's rage overflows

Hawkeye Pierce

Re: It only makes it easier to crack...

Increasing the delay between attempts can be done in one of two ways. The first is to only track by IP address (i.e. if the username + IP address is the same then delay on each failed attempt) in which case a bot farm can be used easily enough to circumvent that. If you don't factor in the IP address and delay on EACH failed attempt then you're opening yourself up for DoS attacks, preventing people from being able to log in.

Happy Friday: Busted Barracuda update borks corporate firewalls

Hawkeye Pierce

Re: PR people have no soul or conscience

Furthermore:

>> "The problem was quickly resolved and we are working with impacted customers to ensure all firewalls are updated with the correction."

No, the problem was that you pushed out an update that knocked out a number of your client's boxes. The CAUSE of the problem may have been quickly resolved, but the fact that you are working with impacted customers shows that the problem was not quickly resolved.

Apple eats itself as iPhone fatigue spreads

Hawkeye Pierce

Re: The timing of this 'release'

@John 104

Stock hit around $700 at one point but that was prior to Apple splitting the shares 7-1. The adjusted high is a bit over $130 I believe.

Sysadmin flees asbestos scare with disk drive, blank pay cheques, angry builders in pursuit

Hawkeye Pierce

Re: Die Hard VII: Sysadmin

Obligatory... you know the rest:

https://xkcd.com/705/

US reactor breaks fusion record – then runs out of cash and shuts down

Hawkeye Pierce

Money

>> "The MIT reactor used 1.4 million amps of electrical current"

And I'm guessing they ran out of money just after the electricity bill arrived?

New Microsoft Bug Bounty

Hawkeye Pierce

Re: Not eating enough carrots

The story about carrots being responsible for the RAF success being put out to hide the use of radar from the Germans is widely held but demonstrably false.

By 1939, the Germans not only knew about radar, but had good technology themselves. Moreover, the switch early on in the Battle of Britain from bombing airfields to bombing the radar stations is further evidence that they knew exactly what they were for.

Instead, the story was put out by the Government to persuade the British public to eat more carrots - being a good source of nutrition and readily grown in a time of rationing. Some of that was helped by putting it out that they would help the public see in the blackout.

So rather than a deception (albeit partially unknowingly true) on the Germans, it was actually a deception on the British public.

Worried by VMware's executive exodus? Dell should be

Hawkeye Pierce

OT: Oscar Wilde

May be off-topic, but you started it..

Oscar Wilde can hardly be "reputed to have said" that "To lose one parent may be regarded as a misfortune; to lose both looks like carelessness.” when it's one of the most famous quotes from his play The Importance of Being Earnest.

Tsk, youngsters today...

Ex-TalkTalker TalkTalks: Records portal had shared password. It was 4 years old

Hawkeye Pierce

Re: Not Surprised @Brewster

>> I speculate the cost of doing this right will exceed their losses.

I disagree with that. The cost of doing this right IN THE FIRST PLACE would have been less than they will lose from the incident. By the time you factor in the lost customers, the help desk costs to handle the increased calls, the incentives they've made to those customers to encourage them to stay plus the significant costs they've had in hiring in security consultants to bolt the stable door, that's going to be far in excess of the relatively low costs to do things right in the first place by employing competent staff (devs + managers) and to pen test the system.

25 years ago: Sir Tim Berners-Lee builds world's first website

Hawkeye Pierce

Over 4 billion web pages?

Well yes, there are over 4 billion web pages...

... but as Google index over 40 billion and they only index a small percentage of the Internet, I'm not sure what you were actually trying to say?

Oracle ordered to admit on its website that it lost the plot on Java security

Hawkeye Pierce

To much use of the word "alleged"

>> The FTC alleged that, in the past, when you installed or updated Java SE, it didn’t replace the version already on your computer.

Well technically, the FTC did indeed "allege" that. But it's rather disingenuous to use that word given that it's 100% true as evidenced by the fact that in the very next sentence Oracle admit to changing that behaviour at a later date!

At least 10 major loyalty card schemes compromised in industry-wide scam

Hawkeye Pierce

Indeed. In the same way that if I buy something from an online retailer and the delivery company fouls up then it's the retailer that has to put it right, then it should also be Subway's problem if the data I've given it is leaked. Doesn't matter who leaked it, I gave it to Subway and from that moment on, it should be their problem to ensure it's safe.

FastMail falls over as web service extortionists widen attacks and up their prices

Hawkeye Pierce

Or alternatively...

... rather than pay them the ransom fee to make them go away, pay them to attack one of the other DDoS groups. Then they can merrily wage war amongst themselves whilst the rest of us get on with our lives.

ARM floats power-sipping Mali-470 GPU for Internet of Things things

Hawkeye Pierce

Ummm, ignoring the wisdom/benefit of internetifying (yes I know,..) these things, off the top of my head, I would imagine all of the following could/would benefit from a display of some sort:

- thermostat

- entrance system

- burglar alarm

- video phone

- media controller

- various health devices

Let's check out Dell, doom and the competition

Hawkeye Pierce

Re: How can one article get so much wrong?!

How can one comment on an article get so much wrong?

Your first gripe is completely misplaced. The author was quite clearly talking about techies not the general "public" youth (who wouldn't know who Cisco are) that you refer to. I completely agree with Trevor's point - the young techies have lived their working lives largely in an API driven world, with services available for much of what they need.

As to your second point - you seem to be focused on front-ends completely missing the bigger picture. But let's talk about the front-end for a moment. People are becoming less concerned by arguments of Windows over Mac (over Linux), iOS over Android (over Windows) etc. Once upon a time, one learned particular applications which ran on particular platforms. Nowdays, usability and maturity (both of the user and the software) mean that the focus is on the tool, not the platform, and the tools are much more interchangeable on any platform. As to the bigger picture, following on from the first point, services are becoming the norm. I can access various services from a development point of view (from database or email, to higher level services) without a care as to what the platform is - it's simply irrelevant to me because all I care about is the service that I'm consuming not the underlying nuts and bolts.

Your last point is a complete non-sequitur to me. "Consolidation" says to me that everyone ends up producing the same thing - hence as Trevor says, no differentiation. If you have differentiation then it's not a consolidated market!

Why are Google and 'VW group' having a 'global summit' in San Francisco today?

Hawkeye Pierce
Stop

Re: Google is gonna buy HERE Maps

Ummm, except VW weren't in the consortium of German car manufacturers that bought HERE just a few months ago to the best of my knowledge - which perhaps adds credence to the suggestion that the meeting is about getting Android, or more specifically mapping technology from Google, into VW cars to compete.

Feeling sweary? Don't tell Google Docs

Hawkeye Pierce

To be fair though...

I suspect it's not so much that they heard you say a swearword and asterisk it out accordingly , it's more the fear that you said something that they misheard as a swearword.

I think I'd prefer it to put in "f***ing" if I said something else, that to put in a misheard curse. Hopefully I'd spot "f***ing" more readily, although anyone not proofing any speech-to-text is just asking for trouble,

The Ashley Madison files – are people really this stupid?

Hawkeye Pierce
FAIL

Re: Stupidity statistic alert

>> Half the population if of below average intelligence...

Actually that's not necessarily the case. Half the population is of below the MEDIAN intelligence. But for example, the vast majority of humans have more than the average number of legs (for humans).

Adulterers antsy as 'entire' Ashley Madison databases leak online

Hawkeye Pierce

Re: Security Flack

Um no, it was shoddy (well OK, technically you may still be right in saying it was "way better" but that shouldn't be taken to mean it was anything approaching good). For instance you could determine whether ANY email address was a registered member (i.e. in their database) at any point in time.

See http://www.troyhunt.com/2015/07/your-affairs-were-never-discrete-ashley.html

Has anyone lost 37 dope plants, Bolton cops nonchalantly ask on Facebook

Hawkeye Pierce

Re: The Facebook Generation

Will never forget the "Not the Nine O'Clock News" sketch with Pamela Stephenson as the newsreader reporting that police had recovered a certain amount of drugs with a street value of £1m... "which means they're paying more than twice what the rest of us are".

Popping the Tesla S bonnet – to reveal SIX NEW FLAWS

Hawkeye Pierce

Good that they found problems

Much as it pains me to say, if a security review fails to find any problems, my first thought is to query the thoroughness of the review. If problems are found, but they are at the lower end of the spectrum, then whoever the developers are deserve a moment or two of self-congratulary adoration before chastising themselves for those problems that did exist.

Contractors who used Employee Beneficiary Trusts are in HMRC's sights

Hawkeye Pierce

"Extra" Beneficiary Trust??

I think you mean Employee Beneficiary Trust don't you?

Adobe: We REALLY are taking Flash security seriously – honest

Hawkeye Pierce

There's the problem...

Said the Adobe drone: "There are extensive efforts underway internally, in addition to our work with the security community and our counterparts in other organizations, to help KEEP our products and our users safe."

There's the problem right there... spot the word "keep"? They think their products are already good, that the flaws that get announced on a constant basis are things that have just recently crept in, or didn't exist for goodness knows how many years beforehand.

Seriously, Adobe, you should have recognised there was a major problem three years ago and done something about it then. Not work on the basis that the just announced flaw was the last there would ever be, fix that one and then stick your head in the sand... until the next announced flaw... rinse and repeat...

Uber to drivers: You make a ton of dosh for us – but that doesn't make you employees

Hawkeye Pierce

Re: Uber v's Addisson Lee

Er no, Addison Lee most certainly do NOT have the right to drive in bus lanes in London, as per the ruling upheld by the European Court of Justice. See http://www.bbc.co.uk/news/uk-england-london-30811886

Chromecast gains wired Ethernet dongle

Hawkeye Pierce

Re: Pile of smelly dung.

Well I'm going to downvote you since all the people I know, myself included, who bought an Amazon Fire stick have given up using it due to lousy (buggy?) network. When you've got a WiFi gizmo a few feet away, when your Chromecast works flawlessly, when multiple people complain about the same thing, when multiple apps on the same device have the same problem, it's a shoddy product who's primary goal is to stream content but can't maintain a reliable network connection.

Crowdfunded beg-a-thon to bail out Greece raises 0.003% of target

Hawkeye Pierce
Joke

They should at least check whether, when they took out the loan, they took out PPI*. That would sort them out if they did.

(*) Joke copyright Hugh Dennis, Mock the Week

Biting the hand that feeds IT © 1998–2019