Re: Domquark Kaltern Proportionality? - FAIL! Fail again.
I think you need to pop out and clean your "Kill 'em all let God sort 'em out" and "God is a member of the NRA" bumper stickers........
48 posts • joined 10 Jul 2015
I think you need to pop out and clean your "Kill 'em all let God sort 'em out" and "God is a member of the NRA" bumper stickers........
@ Matt Bryant
Though that's a bit like claiming "hey, I taught that guy how to rape, but I never actually thought he'd do it"
So a gun manufacturer could say "Hey, I mass produced millions of guns (a device designed to kill, maim or injure), sold them to millions of people, but never thought anyone use one to kill/maim/injure someone".*
No, sorry, your argument doesn't work.
The problem is that sharing such code is standard practice. What is done with it after sharing is beyond the original creators control. While I agree that we should wait for all the evidence, there are some serious issues with the case already.
Firstly the mystery co-defendant.
Secondly, his admission of guilt (without legal representation present) - although if all he did was share the code, he probably though he wouldn't need representation. So [the most likely secinario is that] he was honest and admitted that the code was originally his (before being used by someone else in Kronos).
Thirdly the timing of his detention. If he was of such interest for so long, the FBI would have arrested him on entry, not exit. He would have been too much of a flight risk not to detain him on entry. Why do you think the FBI asked for him [in court at his indictment] to be detained without bail because they considered him to be a flight risk?
Fourthly, the lack of evidence presented at his indictment. While not all evidence needs to be presented by the prosecution, enough evidence must be shown for detention. All that was presented were accusations, not evidence (so not following standard legal procedure).
Fifthly, the extremely low level of bail set by the Judge. This is perhaps the most compelling, as it suggests that the total amount of evidence and it's quality (as seen by the Judge) is actually quite low (otherwise the bail would have been set in the millions, not tens of thousands).
I'm (and many others here) are not saying that he is innocent. But there is a lot about this case that smells fishy.
* US weapons manufacturers are all but immune from prosecution in such cases.
Has someone informed the NRA that all their members are under threat from the FBI after this comment - "US Department of Justice prosecutors cited Hutchins' recent trip to a gun range as proof that he should be denied bail and kept in jail"
All they have to do is change the name and this could apply to anyone and everyone who visits a range.
Kálmán Dabóczi is getting PR lies - oops, I mean lessons - from Alex Cruz?
I was trying to make the point that Linux can be just as vulnerable. And not only that, but it was something that wasn't realised for years. But, as we know now, Linus Torvalds knew about the issue 11 years ago and did very little.
Yes, Linux is more secure than Windows. But assuming that you are and always will be secure on Linux (especially because I only used one example) is also a logical fallacy.
"Actually, it was noticed 11 years earlier. See the commits messages here:
Why do people insist on shooting off their mouths about things they clearly don't understand?"
Thanks for pointing out that "Dirty Cow" is actually a WORSE situation than anybody thought - Linus Torvalds knew about it for 11 years, but did nothing to correct the issue. And you are right - I clearly didn't understand that it was so bad.
Hell, even M$ try to fix things when they discover them........
"Open Source products such as Linux and most of its apps get heavily scrutinised"
Sorry, but the "Dirty Cow" privilege escalation bug (or CVE–2016–5195) had been around for 9 (yes 9!) years before someone noticed it.
Their cloud melted in the heatwave?
I'll get my coat......
"These days though pretty much every building in Oslo has a fibre connection, and I even have a couple into my house in a village 50km outside of the city."
Population of Oslo (2016) 1.7 Million
Population of London (2015) 8.7 Million
Population of Norway (2015) 5 Million
Population of the UK (2015) 65 Million
Oslo may have loads of fancy connections, but the UK is not really comparable, due to a much higher population. This means more connections and more (read: older and obsolete) infrastructure to modernise, in more densely populated areas. This increases costs (to both Telecoms companies and customers) and slows the rate of uptake in higher speed connections.
To: Al fazed
You Sir, are full of shite!
If you had been around in Germany in the 1930's, you might have a different perspective. Nazism was about eugenics and the extermination of all bar "the Master Race" (which included Germans, Scandanvians, Scots, English, Irish and Dutch) - EVERYONE else was included in "the Final Solution" so became candidates for the gas chamber/firing squad.
Maybe you should read a history book or two, before coming out with comments that are nothing short of insulting to the memory of the people who secured the continuation of freedoms; freedoms that include the opportunity for you to write your misinformed drivel here. I doubt if Londoners (or any other major UK city) stopped to consider "a whole heap of democraticmonopolisticbullshite" when German bombs were dropping on them.
And as someone said, your comment "if they didn't pick up arms and charge over the top" would have been the First World War, not the Second. That would make it your Great Grandfathers. This shows your ignorance to a conflict which cost the lives of 50 million people.
Just looked through the downloads at M$ for legacy systems - they appear to have forgotten Server 2003R2.
And no, the 2003 version doesn't work!
If it has come in on an email, then it says a lot for Trend Micro's cloud-based email scanning service they provide for the NHS.......
I had a KH400. The front disc wasn't too bad, but the back drum brake had as much effect as a slug in KY jelly. What I found more concerning was the "Hinge in the middle" frame coupled to weak spindley forks, making handling - err... interesting. This was amplified on the larger versions - KH500, H1 and H2, which gained the collective nickname of "The Widowmaker".
But the noise from the two stroke triple engine made you forgive it's faults. And they are worth a fortune now - especially the ultra rare H2R.
One major - if not THE - reason for VHS winning the battle was that Sony refused to let porn be put on the Betamax format. This gave away a massive market which VHS took full advantage of. Interestingly, Sony subsequently let the porn industry use Blu-Ray, which killed HD-DVD.
I know there are other factors, but the porn connection is a major one.
Remember the Adobe farce of 2014? Their Worldwide operation was offline for over 24 hours. Many EU users were left swinging in the breeze for almost a week! Adobe had multiple sites and still everything failed.
My point is that the cloud CAN fail, just like any in-house tin. And, as I pointed out, cloud-based systems have more potential points of failure. Like someone taking out the local exchange and trashing everyone's broadband. Or power failure. Or someone hacking the cloud provider. It's all happened before.
"The same thing can happen with tin. Indeed, tin could have a better chance of a Failsafe Failure."
No, not necessarily. I have tin out there which can (and has) better(ed) any cloud solution for uptime. I have one client with 2 custom built servers which have logged 2 hours downtime in the last 7 years - and that includes 1.5 hours for moving the servers from one room to another! We all see the stories (some here), where something has happened that has taken out the cloud provider. Whilst the in-house tin just keeps chugging along, enabling the workforce to continue working. There are many more "potential points of failure" with the cloud compared to in-house tin.
One simple Group Policy to prevent users from running executables in the Temp folder and you instantly stop 90% of ransomware - Simples!
For the other 10%, regular backups, decent A/V and educating users.
I have to do this to SMB's - why don't larger organisations do this?
Sorry, not too much sympathy when there are ways to prevent this sort of thing..........
A customer of mine has Talk Talk. He had a very specific issue with Talk Talk TV, which was resolved with a phone call to the Indian-based help desk. 10 minutes later, he received a call from someone claiming to be from Talk Talk. As proof that he was who he claimed to be, the person described (in detail) my customers [previous] specific issue that he had had with his TV. You can probably guess the rest, turn on your PC, go to this website, let me take control etc. etc.
Needless to say, when I got there it took me an hour to remove all the rootkits/malware that the "Talk Talk Representative" had installed.
Of course the question is, how did the second (dodgy) rep know about the first phone call? They must have been in the same call centre, with reps giving the details of customers to the dodgy ones. So, if you ever wonder how they get your details, that's how... After all, how can the supplier (Talk Talk) properly regulate the quality and privacy of a service that they buy from a third party 10,000 miles away?
Where do I start?
To answer your points:
If a country, business or individual wants a certain level of data protection then simply get your data centre to sign a contract to that level of security, if they break the contract, move your data and sue them.
This is addressed [very] comprehensively in GDPR. It goes further, to include (read: require) risk assessments, conducted by both the data owner and the data centre.
If your worried about government snooping, then another lay of bureaucrats isnt going to fix anything.
It will if GDPR trumps the Data Retention and Investigatory Powers Act. GDPR not only ensures that any company that has your details are responsible for your details, but those details are private and should not be shared with anyone without your express permission.
Governments need to provide reasonable cause before getting a court order and grabbing the data under current laws which they generally if not ignore are simply rubber stamp over.
This is a major argument against the Data Retention and Investigatory Powers Act, as it does not require ANY judicial oversight to government "data grabbing". So no court order (or reasonable cause) needed.
And when it comes to the UK & US, they have listening stations all over the planet and they grab your data out of the air.. so yeah a lay of bureaucracy really going to help there...
That may be, but the evidence gathered is not (generally) admissible as evidence in a UK/US court of law. Nor would any government admit to "grabbing your data out of the air" from a listening post in a public court of law.
Agreed, there may be people out there willing to risk it, but the attitude of many Eurocrats is "We want to make it as hard as possible [on the UK], to set an example to dissuade any other [member] states from following the UK and leaving the EU". I am sure that any UK company found to be non-compliant would be have their cases rushed through the EU courts to ensure they are hung, drawn and quartered before the terminal point of Article 50, don't you think?
"There's the additional complication that whatever businesses do about compliance the effect of investigative powers legislation might be to undermine any chance to be seen as compliant from the EU perspective."
I'm sure that there are many people on here that feel that the Data Retention and Investigatory Powers Act goes too far. GDPR could be the saving grace, to temper what is basically a Bill which legalises state sponsored spying on it's people (usually under the scaremongering banner of terrorism). Furthermore, non-compliance [of GDPR], combined with Data Retention and Investigatory Powers Act, may make the UK a pariah state (in Europe's eyes), forcing many businesses to mainland Europe after Brexit, potentially causing considerable job losses.
What we really need to know for definite (from the UK Government), is whether or not the UK will retain GDPR post-Brexit.
UK companies and organisations must comply with GDPR. Even if Article 50 was triggered tomorrow, the end point would be Sept 2018. GDPR compliance must be made [for all European nations] by May 2018, so there would still be a 4 month period where the UK would have to be compliant (until the 2 year period after triggering Article 50 is up, the UK would legally still be a part of the EU and subject to it's laws). As it stands, it's doubtful that the UK will initiate Article 50 until early 2017, meaning the UK would have to be compliant for at least 8 months.
Additionally, it would be crazy not to be GDPR compliant after Brexit.
Firstly, why waste all that hard work becoming compliant? After all, GDPR is going to generate many new jobs in the IT industry (for example the DPO role that many companies will need) and increasing security for people's data can only be a good thing.
Secondly, I'm sure many UK companies would still continue to do business with European companies and individuals. Showing that the UK/UK Companies are GDPR compliant would also go a long way to help exit/future relationship negotiations with the EU.
"Usually there isn't a (coherent) answer, as the higher ups don't want to say we read it online and it sounded good."
Moreover, their "cloud research" didn't involve costs. When the financial implications start to become apparent, I find the Boss's enthusiasm [about the cloud] tends to wane - especially if you are an EU-based company with GDPR looming on the horizon, when all IT costs (especially cloud costs) will start to rise.
My cloud analogy was:
"It's like getting all your companies documents/bank accounts/secrets, putting them into a big box, running up to a stranger in the street and asking him/her to look after them (with the added bonus that you'll pay them loads of money to do it).
But your "Bosses Wife" version made me cry with laughter, so I might have to change!
I have a couple of friends serving, both hate the SA80 with a passion! OK, it is possible to drop a target at 300m+ with the SA80, but you are at the range limits of the weapon. My point about the irons though, was to emphasise the reduced range compared to it's predecessor (the excellent SLR).
Yes, the 5.56 round is smaller and lighter, but with vastly lower penetration capabilities - especially when over 300m. If I was given the choice, I'd prefer to carry less ammo and use a more accurate longer range weapon. As for fragmentation, the steel rounds in the article will have no fragmentation whatsoever against a "soft" target, so the 5.56 round (up to 300m) would behave more like a standard 7.62 round and punch straight through. Agreed though, at less than 100m, fragmentation would be preferable.
I thought the Susat was being replaced with the Elcan LDS?
While I applaud British design and ingenuity, what's the point, when you are putting it in the piece of crap that is the SA80 (L85A1 or L85A2)? For a start, the SA80 only has an effective range of 300m. I used to train regularly at 300m (with open sights) on the SLR (L1A1) and that is rated at 800m!
GDPR is intended to address this issue, with both the cloud supplier and the customer being required to perform risk assessments of the data being stored (Article 30 section 1 and 2). Trouble is, this means that the cloud provider will need to know what data is being stored - after all, how can you perform a risk assessment without knowing what it is you are performing the risk assessment on?
If the cloud provider now knows what your data is (whether or not it is encrypted), surely the customer's data is more at risk from internal attack than before? This also puts a very large target on a cloud providers internal [customer] records from the outside too. The more people/companies put data into the cloud, the more people will try to hack the datacentres.
As people have said, keeping the most important data in-house will always be the safest option. Trouble is, that solution won't work for the determined boss who actually believes the snake-oil salesmen!
"Should sharpen his sword then"
Alas, that won't work. The gap between the (read: any) governing party (the government) and the opposition is a specific distance, which conforms to the ancient law of being "two swords and one inch apart". This serves as a reminder to solve issues by peaceful means.
So, no sword play between Boris and Corbyn! Lightsabres outside anybody???
It's hilarious that the French are getting upset with the English over English. Why? What's the point? In Latin based languages, the grammar and constructs are very strict, therefore Latins (French, Italian, Spanish and Portuguese) "grow very little" (the exception to the rule being English with at least 1000 new words every year). In other words, it's very difficult for the [Latin-based] language to expand and evolve with new words. I have seen in Europe, first hand, that most (if not all) "tech talk" is done in English, as other Latins simply don't [and probably never will] have the vocabulary to describe the problem/issue/equipment etc! If you have ever heard a conversation in French/Italian/Spanish/Portuguese about IT, you will notice that it's littered with English words, for which there is no local equivalent!
"And, before you say, 'just raise the wages' - are you prepared to actually pay 3x or 4x what you do now for basic things?"
Well, it happens. I, like many on here, have worked as a contractor through an agency. That agency charges the company a damn sight more for my time, than they do for my fully employed colleague.
Look at the Nation Health Service. How many nurses are agency staff? Those agencies charge a lot more than a normal wage.
So yes, companies and institutions will, do and can pay over the top wages.
The joys of the Cloud! All your eggs in one basket......
"Many people already go to the supermarket, or workplace, or retail park, anyway."
Yes, but how many places have charging points? And two out of three examples you have given are shopping areas - how are they going to pay for the installation? Oh, of course, they aren't - YOU, the customer are! Expensive retrofits of high current charging points will ultimately be paid for by the shopper.
As a point, my local Costco has electric charging points. I have NEVER seen these being used.
"That'll really go down well with people that "don't want to be restricted". Especially those not on a usable public transport route, but who already drive to supermarket, workplace, retail park, etc."
And the moral is - don't get an electric car!
The car is a personal transportation device. The idea of which, is that you can use it whenever you want. Going backwards, and being restricted by charging times and places, and you are now removing that freedom. Given that, you might as well save yourself a fortune and get public transport instead.
"Also, electric vehicles can be charged at home, which (for most of us, anyway) can't be said of petrol-powered ones."
That's great - IF you have your own off-street parking area. If you don't, and are forced to park on a public road, then you're pretty screwed, aren't you? I often have to park my car more than 100 meters from my house, so that makes charging at home impossible. At least if my petrol car runs out of fuel, I can walk to the nearest petrol station and return with a can of go-juice. What am I supposed to do with an electric vehicle? Run back and forth with rechargeable AA batteries?
If you live in a flat, and are lucky enough to have allocated parking, there would be a significant disruption and huge costs involved to get 3-phase 63A power points to every parking spot. For comparison, the average UK home only has a 60-100A single phase supply, so the electricity company is looking at effectively doubling the potential supply current to each and every house, plus retrofitting each house with 3-phase instead of single phase.
So any kind of vehicle that requires home charging, would require the right kind of house to go with it!
"Except that it will be a world where any atrocity affecting you personally will be nearly impossible to investigate and harder to prevent."
AC, you are a twat!
In 1996, the IRA bombed Docklands (for all of you who don't know, it's a business district in London). Two people where killed. I knew those people, so that atrocity DID affect me personally. The bomber was caught, not by breaking into his iPhone (they weren't invented yet), but good old-fashioned Police detective work.
You may have grown up in a nice safe environment, but believing that cuddly place will remain forever by giving security agencies carte blanche is nothing short of delusional.
You may remember this in 20 years time, when jack-booted storm troopers are kicking down your door (enforcing your new world order of things) because you farted in the wrong direction.
"Power tends to corrupt, and absolute power corrupts absolutely" - John Emerich Acton
"It is better that ten guilty persons escape than that one innocent suffer" - William Blackstone
EDPR/GDPR is due to come into force in April 2016.
"The whole thing unravelled, leaving companies less certain about where they stood than before."
Safe Harbour my be dead, but what about EDPR or European Data Protection Regulation (also known as GDPR)? This is due to come into force any day now, with full compliance by the end of 2017. This regulation is compulsory and Europe-wide, so ANY company storing data "off-site" or in "the cloud" within European borders has a specific set of rules that they MUST abide by. And judging by the [new] rules, the cloud is about to become a very expensive place in Europe.
See EDPR, Article 26 and 30.
At least in the UK, I have come across 2 PCI companies which charge customers for each day that they are not compliant.
I recall back in the '80's, motorcycle manufacturers starting to deliberately programming a "flat spot" into the ignition map, to get around noise emissions.
So VW fudging things is not surprising.
Forcing me to sit through the full advert just makes me (and I am sure others) to hit the back button very quickly. I can't be bothered to sit through a boring advert (life's too short) and I am quite willing to forgo watching whatever I wanted to watch originally because it can't be that important. And the more people who can't be bothered to watch, because they are being forced to watch adverts, the less Youtube will be the main place to go to watch videos.
No, because we can tell the difference between a clock and a bomb.
Bombs have detonators and explosives attached to them.
I would be extremely worried that not only could the Teachers could not tell the difference between a clock and a bomb (the lack of detonator and explosive might have been a clue), but they want to expel him for [what is] showing creativity and initiative as well!
What do they teach in American schools?! More to the point what standard of Teachers are they hiring?!
The EF-S lens is a very basic "consumer" product.
If you want quality, go for one of Canon's "L" series lenses. The objective on any/all L-Series is one huge piece of glass, twice the size of a comparable EF-S lens. These are designed with the EOS-1Dnn cameras in mind - with sensors up to 21MP (1DS Mk3).
The EF-S series were/are always designed to a price.
No, no tin-foil hat!
Article 30 of the new EDPR states that any company storing data in the cloud will have to [in conjunction with the cloud provider] perform risk assessments on any [cloud] stored data. So both your company AND the cloud provider will have to do this on your companies data.
This can only significantly increase the workload (and therefore cost) on both the client and the storage provider. I doubt that people like Google, MS and Dropbox will offer free or at least very cheap storage to businesses when they have to perform risk assessments on everything that a [business] client stores on their system. If they do, that "loss leader" is about to become a huge loss leader, taking into consideration all the extra man hours necessary. Encryption is irrelevant as far as EDPR is concerned, as the Article 30 requirement is there regardless of encryption.
I'm not saying you are wrong - I'm just suggesting that with EDPR on the horizon this may be the first of many storage providers who will not have the funds or the manpower to be able to fulfil the upcoming legal requirements for business customers storing data in the cloud.
So is Wuala the first "big" victim of the new EDPR law? Wuala's business model relied on online sales, with very little interaction between it's staff and customers - EDPR forces [businesses] into much greater integration between the two. This would mean that Wuala would have to take on a LOT more staff - something Seagate/LaCie probably didn't want to pay for.
No, that's not what people are saying. There are many IT pros out there, doing their best to look out for their employing company, keeping their best interests at heart (myself included).
What's being said is that the cloud has its place - it is not the solution for everyone.
At the moment, the costs of using the cloud are reasonable and competitive when comparing it to in-house servers. But that's changing with EDPR, which will see significant price rises for cloud users (the cloud salesmen aren't mentioning that one).
Security is also an issue, with a lot of trust being placed (by companies) into the hands of complete strangers or faceless and unaccountable corporations.
It's not that we hate the cloud, we just don't trust it enough to risk everything.
Why? Because the cloud provider says so. Because the Boss has heard that everyone is doing it, so they should too. Because its sooo much cheaper. And so on.......
Sorry, but it's all crap spouted by snake-oil salesmen. Yes, the cloud has its place, but handing your entire companies data to someone you don't know AND get charged for it? Would you run up to a stranger in the street and hand your company books to him/her and ask that person to look after them? Oh, and by the way, give them loads of money for their trouble?
The security of the cloud will always be an issue. A company that has everything in-house is much less of a target for hackers than, say, Microsoft's O365 or Amazon's servers.
Downtime. I build and install systems for SMB's. With one customer, for example, their data and mail servers have had less than 12 hours downtime in 6+ years (and 9 hours of that was due to a relocation). Compare that with Adobe last year - http://www.theregister.co.uk/2014/05/15/graphics_pros_left_hanging_as_adobe_creative_cloud_outage_nears_24_hours/.
The new European Data Protection Regulation. Have you read it? Before you sing the praises of cloud providers, why not ask them just how much their prices are going to have to go up by, when they (and your company) are legally forced to be compliant. Remember, if your company is processing more than 3000 records in the cloud, hiring of Data Protection Officer is mandatory (which has just added at least £30,000 to your wages bill). Plus all the new risk assessments that your company (and the cloud provider) are going to have to do to be compliant (how many man hours are going to be consumed with that one?). The cloud is about to become one very expensive place. As it is, the cost crossover between an in-house server and the cloud is around 3.5 to 4 years (where the in-house server starts to become cost-effective). I doubt that after EDPR compliance, any cloud provider (except the very largest) could compete with a in-house system from day one, let alone for 4 years. This will force may smaller cloud providers out of business, so where will your data go, if you have been using one of these?
Data links. If someone puts a jack hammer through a cable (it's happened), lightning strike, cable theft etc, you lose your broadband. Ah. Huston we have a problem. At least in-house you only lose (new) email and people unable to update their Facebook profiles.
So why should people go into the cloud?
And what's going to happen when the European Data Protection Regulation kicks in? When the rules on using the cloud for business become very tight? The EDPR sets out very specific requirements, that can only force prices [for cloud services] up, not down. The amount of extra time that each cloud customer is going to have to spend on compliance is going to be huge - which will incur costs for both the provider and the customer.
I am amazed by the amount of people who obviously believe that these where victimless crimes!
I doubt you will be laughing when the effect of his hoax bomb threat has caused you to pay twice as much for that plane ticket to your holiday destination due to extra security.
Or how about the SWAT team being elsewhere when it's your family that needs them.
As for the 50,000 systems he compromised, just because you can, it doesn't mean you should. He could have compromised a database containing your family members medical test results, meaning the early stage cancer (insert any other nasty illness here) won't get spotted in time.
Yes, all very funny and victimless.........
Biting the hand that feeds IT © 1998–2017