* Posts by quattroprorocked

99 posts • joined 21 Aug 2015


Apple heading for Supreme Court showdown over iOS App Store 'monopoly' gripe



Apple should allow other app stores to work with iphones, albeit with a warning that "this app you are about to install has not been through the Apple QA process, and, if it is malicious or badly designed, may break your phone."

Users can then decide to get the App from Apple instead, if they wish.

My prediction - most users will stick with Apple.

I want to buy a coffee with an app – how hard can it be?


Retro does it better

Not only does cash mean you get to tip more easily, but the actual card, with stamps, loyalty cards meant you bought MORE coffee - "oh, one coffee to my free one? Wasn't planning to, but why not". Now I have plastic card and it's "oh, my coffee is free today. Nice". The difference is maybe a cup a month. £20 a year. Per customer. That's a serious bottom line blunder.

No, I don't have time to monitor my coffee loyalty app. Look at your logs. ZERO accesses since I got it. You chain managing muppets.

That said, if you have a Coffee #1 or Bill's (yes, restaurant but, secret info, you can get a take out coffee) they do top coffee.

Somerset boozer prepares to declare its inn-dependence from UK


an o-lager-chy

sry guys, I must get more, possibly to Somerset :-)

BlackBerry unveils bold new strategy: Suing the c**p out of Facebook



I rest my case, in most of these cases.

$10,000 bucks if you want to use it :-)

US watchdog just gave up trying to get Google to explain YouTube's huge financial figures


SEC have them where they want them

They now have a paper trail in which Larry denies getting specific info that they, you me and anyone else running a business would expect him to get.

Larry is one law suit discovery process away from internal documents showing just how accurate these statements have been. And the SEC will be waiting to read them as well.

He's a CEO in the USA, how far away is that lawsuit?

Bitcoin price soars amid technical troubles for exchanges


Today I went looking to see if I could buy a retail PUT on bitcoin. Sadly I can't. Def would have been worth a punt.

MPs draft bill to close loopholes used by 'sharing economy' employers


I run a business that competes

with these "gig economy/zero hours" types.

They are shafting cowboys. It makes it very difficult for us more ethical types to treat people properly.

Any competently managed organisation should be able to plan and schedule their staff and pay them properly. End of.

Bitcoin Foundation wants US Department of Justice investigated


If it looks like a duck....

Money is anything that enough people agree to use as money to make it usable as money.

For Governments, money is anything that enough people use as money where the numbers are such that it's worth sticking their legal/tax beak in.

My unlaunched DodgyCoin isn't money.

Your small scale e-money is money, but if it isn't widely enough used for the government to care, it's like a Local Currency.

BitCoin wasn't money, then it was but unimportant, and now folks, it's got enough traction to be money.

Virgin Media's profanity warning triggered by chief exec's name


My surname name comprises in part a diminutive for Richard

Many years ago it was rejected as obscene when I wanted to use it as a forum handle.

My alternate suggestion of NaziOverlord was deemed absolutely fine :-)

Reg reader turns Geek's Guides to Britain into Geek's Map of Britain



Near Gloucester. We built the first jet aircraft - Gloster Meteor.

OK, First Allied jet aircraft.

If you visit on the right day in spring, you can also go to Coopers Hill and watch people trying to fly down a hill in pursuit of cheese. And also Witcombe Roman Villa, for anyone who thinks "location, location, location" is a new thing when it comes to siting quality digs.

Virtual reality audiences stare straight ahead 75% of the time


It's called story telling

I am shooting VR, and have shot community video for years.

Rule one - treat it as real life. People face front UNLESS they know they need to look elsewhere.

If you want someone to turn round just in time to see the axe swinging down on their head, give them a hint, e.g. have the killer (who is behind them) let out a yell as he lifts the axe. So the viewer spins round just in time to see it come down on them....

But in general, yes, put the action in front of people most of the time.

And, FWIW, we're still a few years away from "proper" and widespread VR. But if you are interested in making it, now is the time to learn.

Facebook loves virtual reality so much it just axed its VR film studio


I'm actually shooting VR

The know nothings did all the usual PR crap - hanging cameras from drones and flying over Iceland, putting you on stage in Blue Man group etc, which is a 1 minute wow, but not a long term connect.

VR phone goggle shows the potential but simply isn't good enough until screen resolutions go up 5fold from current top end.

VR will hit either via games (which I don't do) or when film makers (and actors) work out how to tell stories in VR, a system that kills all the usual tricks based on shot and camera placement.


It's a modestly priced add on to your existing PC, NOT something that needs a high end machine that you don't own yet.

I'm playing with VR filming not because there is a market today, but because it's interesting. No one knows anything, and that's always fun.

FB are probably right to bail from production because they have enabled the WOW and now they need to wait for makers to develop the craft, and that can't be hurried. They should focus on next gen kit - trying to hit that quality/price.

If I was FB I'd even see some commercial logic in doing "A Container" - invest in the work and make available to all mfrs, on the grounds that successful VR equals more, better, eyeballs. Much like the guy who invented container shipping.

Unpaid tech contractor: 'I have to support my family. I have no money for medicines'


Bankrupt them?

Got a "can pay won't pay" thing going on, and they owe enough, for long enough, to make bankruptcy and option? Write in explaining that "yes, it IS personal" and then the steps required to make them bankrupt and the costs and that you will spend the money.

If they can pay, in my experience, they then do, IF they think you are serious. Because, for example, it's a point of principle not to get done over.

The extra twist in the old days was to send this to a main office fax, so the staff knew before the bosses.

And when ignored, follow all the steps, in order.

HOWEVER, if they can't pay then this all a waste of money, so choose wisely.

FWIW I always make sure I bill clients direct.

My fortnight eating Blighty's own human fart-powder


It use the COOL model (Cook Once Eat Lots) tm Me:-)

Buy meat, bottle red, various veg. Stock cube.

Big pot.

Brown the meat. Bung everything else in.

Heat to boiling.

Bung in oven for a few hours medium.

Allow to cool.

Eat one portion, divvy the remainder into 8-12 portions, freeze.

Masterful malvertisers pwn Channel 9, Sky, MSN in stealth attacks


The News sites ARE at fault

If they choose not to care about how their space is used, then they are responsible.

The solution is simple - they should sell their own ad space and control what ads they accept.

And still they wonder why people like adblockers

Eugene Kaspersky is now personally defending your feet


Just what I need

For my kids Christmas Sock Puppet Show :-)

Internet of Things security? Start with who owns the data


Ah, accounting

A bug that costs 5K to fix in dev and 30K in the wild is actually a bug with an upfront cost of 5k and a later cost of "we won't fix it. Buy another Thing", which isn't zero but is in fact added profit. Or just zero (for products that tanked and so aren't very many Things anyway).

I suggest IOT Bug Tax. Mandate product liability insurance far anything that includes any code. Make insurers liable to pay out LARGE bug bountys. Say 100K for a 30k fix.

Watch in amazement as those dev budgets suddenly expand to catch more 5K bugs.

Sex is bad for older men, and even worse when it's good


Re: Correlation does not imply causation

It doesn't. Or rather, if it does, you're doing it wrong :-)

Arthur C Clarke award won by Adrian Tchaikovsky


I have just read this

and a fine traditional "hard" SF it is.

If you want something stranger, https://en.wikipedia.org/wiki/Light_(novel) and two sequels are recent good reads of mine.

Forensics tool nabs data from Signal, Telegram, WhatsApp


Re: Is this hard? Or are people lazy?

Thanks for that.

In my case it's to "prevent casual abuse by staff members or people who find a lost device" rather than keep out the FBI or Black Hat Wizards so moderate paranoia should suffice :-)


Is this hard? Or are people lazy?

I'm not an expert (can't code) but am working on a demo of a CMS project and, to protect user data, very high in my spec for the app part is :-

"App must scrub data once the user does something else".

Are people lazy or is scrubbing data harder than I might think?

"Encrypt everything everywhere with strong encryption" is also in there, which when I started I figured was another "of course". Until I started to read El Reg and all about hackers.....

Perlan 2: The glider that will slip the surly bonds of Earth – and touch the edge of space


Re: This makes me wonder . .

Space is up, Orbit is sideways.

It's the going sideways at speed that is the hard part.


FTC lets Nest off the hook over Revolv IoT hub bricking shame



1) Companies must support products for five years after last sale. OR refund all those who purchased less than 5 years ago.

Support need only cover fixes to bugs that break the product or are a security issue.

2) Watch as the insurance industry gears up to offer this as part of Product Liability cover

Holy kittens! YouTube screens go blank


Re: second person plural

yourn (though to be fair, in a geographically smaller place than "The South") :-)

T-Mobile Czech ad man steals, sells, 1.5 million customer records


Re: forgive me correcting your correction

because the english language is gloriously messy. In fact in this case the decision to use is or are would be defined by the extent to which the word data is being considered a plural, or a singular.

"Your data is safe", referring to a singular you, where data is a group but singular object - like "flock" of birds. "The flock is safe" vs "the birds are safe"

"Don't worry, the data are safe" is using data to either be a plural of datum OR possibly, given that each customer record is a data item, and many have been affected, using data as the plural of data (items).

There is also scope to discuss the emphasis difference between IS and ARE, but that's getting into the realms of poetry :-)

Actually it's probably a non native speaker writing a release in their second or third language and we shouldn't be so picky unless we can do better in Czech :-)

Yes, I'm procrastinating and must get back to work.

Workers rejoice! Marx’s vision will become reality, argues SAP veep


And in other lessons from history...

"Let them eat cake".

I suspect that if the blinkered 1% don't wake up fast they will soon find out that there is nothing quite as dangerous to their wealth as a middle class scorned.

And I'm a bloody Tory.

Bank in the UK? Plans afoot to make YOU liable for bank fraud


I don't do internet banking

and they keep asking me why not.

"Do you know what a trojan is?"


"That's why".

I'm not a security guy or even a geek. I just know enough to know that no matter how good I think my security is, it probably isn't. And I certainly not minded to listen to people who know even less than me.

I used to be in finance (many years ago) and I found critical errors in several companies systems - they couldn't even compute their own contract charges properly, and were stunned when a one man band outsider with no access not only told them they had errors, but also where they were and how to fix them. If they won't even build spreadsheets with quality control as standard, I really don't trust them for anything else.

Apple hires crypto-wizard Jon Callas to beef up security


Employee Canary?

If he's no longer an employee and not talking, assume iphone backdoored?

Gillian Anderson: The next James Jane Bond?


For my money, Gillian or Idris. Lewis looks wrong to me and while Hiddlestone is great, I think he's too obvious.

OMG, an on topic comment.

I'll get my coat.

Oculus backtracks on open software promise


Come on guys

Small guy grossly underestimates retail cost of final product? Not unusual. Most people have no idea just how much the margins in the chain amount to.

Guy backtracks on promise made when he realises that said promise could seriously fuck up the brand? An Oculus game run on cheap vomit inducing kit would be very bad for Oculus and VR in general

Oculus succeeding is really about VR succeeding. Oculus failing because people run Oculus games on crap kit and VR fails. I tried early (i.e. crap) VR and motion sickness is totally a thing, and if Oculus is good enough to avoid that, and the cheap ones don't, Oculus does NOT want their stuff on that kit.

My take - as soon as that got pointed out to Luckey it's a no brainer which way to go.

I'm old enough not to criticize someone for realising that life can require back peddling on idealism.

Is uBeam the new Theranos?


Do the maths

So if you think in terms of loud noises and the amount of energy in the sound wave, even allowing for 100% efficiency at the receiving end some basic number crunching suggests that to be taken seriously this claim requires extraordinary proof.

Methinks someone mistyped something by a power of ten or several.

While it behoves scientists to do VC maths in order to enter into things eyes open, ditto VC should be able to do science math for ditto reasons.

UAE InvestBank 'hack' looks like stale, recycled data from last year


Why is this stuff not encrypted?

I am not a programmer, just someone who can build easy stuff in Drupal, and at the weekend I looked at encrypting the DB, and files. It was simples. So either it only looks encrypted, or DB encryption should be doable by anyone actually employed as IT.

Are all these big banks etc just idiots?

UK.biz is still clueless at fending off malware attacks, says survey


The rest still haven't noticed

that they've been attacked?

'Bitcoin creator' Craig Yeah Wright in meltdown


I'd l;ove to think

Hmmm. Is this how you manage to recover your anonymity in the digital age?

You invent Bitcoin, then when everyone is breathing down your neck, (not least the tax man), instead of issuing denials, taking out injunctions etc, you do a high profile FAIL to prove that you invented Bitcoin, and thus go back to quiet life that you wanted from the start, (which is why you were anon in the first place, and didn't spend any of the hoard).

A bold move, genius even :-) Esp if tax planning is an issue best dealt with by being able to say "prove I own it" to the taxman. Lovely reverse ferret there Sir, well done!

Tax law note - depending on the law and the way the tax point is calculated there can be situations, esp re volatile assets currently below peak where a tax bill could exceed the asset value, esp if paying it required selling big chunks of said asset into a thin market.

Ad-blocker blocking websites face legal peril at hands of privacy bods


It doesn't beggar belief at all.

I pay Wired. I ad block. I don't get ads. I do get content.

In my business I charge for my expertise. I turned down an invitation to write for Motley Fool back in the day because they didn't offer me any money, AND they thought that I'd view it as an honour to write for them, for no money.

I don't know how much money Wired needs to make to continue to write the kind of stuff that I've enjoyed since it was an import (91? or was that Mondo 2000) but today a coffee and cake cost me nearly TWO MONTHS of a Wired online subscription. A Indian take away for the family would pay for Wired for a WHOLE YEAR.

I suspect that a few hundred K subscribers would allow Wired to continue.

I ad block El Reg too. I'd also pay them a $1 a week if they asked nicely. And XKCD, if didn't involve ordering t-shirts I don't really want, (yes, bit Green, me).

I value good content. I'm willing to pay for it from 5-10 sites a month that provide it and make a good case.

Micropayments? Give me strength. People have been talking about that since Digicash. It's not really any closer now.


I do not have a problem with publishers blocking me if I block their ads AND I'm unwilling to pay a modest subscription. I do think it would stupid beyond belief to take my subscription and still throw unsafe/annoying ads at me. I'd bye bye that site pdq.

The problem I have with publishers is that they expect me to take the risk of malware and disruption because they can't get their house in order. Free content simply isn't worth the risk. They should listen to what their readers want, and tell advertisers to comply.

Publishers should have the confidence to take control.


Re: Ad blocking is no win situation for everyone - both publishers and users.

For the record I was a publisher and this is tosh.

For as long as the "hard work" fails to include "runs a safe ads system", publishers ain't working hard enough to get paid for ad views. It's like a garage saying, "well we fixed most of the problems with your car, but we haven't checked the brakes. We don't check the brakes. Checking the brakes is too much like hard work. What do you mean you don't want to pay us until we've checked the brakes?".

Just fix the ads FFS and be done with it.


Re: Publishers could simply

FWIW, I would not have video pop under blow up jump out ads on any site I ran, and back then, I didn't. Static image and text is all I allowed. It's all I'd allow now.

I think disruptive ads are a pain that pisses off the audience, and any site that used them would have a hard time keeping me as a reader even if they were safe.


Publishers could simply

"Hi, we only grant free access to people who actually appreciate what we do

May we check your browser for ad blocking?

Yes - we check and if no ad blocking, (or you ad block but we're whitelisted) you see the site.

Yes - and if you have ad blocking and we're NOT whitelisted we drop a cookie that allows you to see the page you wanted now, plus X pages per month for free, and hope you like us enough to become a regular reader at $1pw.

No - you don't value our work? Find someone else to give you the info you want.

GOOD NEWS - all our ads are safe to view. We host them on our servers and they do not get to use any of your information, and there is no external code called, and the only links are ones you can click to go to the advertisers site."

This model would allow potential new subscribers to taste, help those just dropping in for something on the fly, persuade those who really appreciate the site to pay for it, and deep six the whole ad flinging biz.

I pay WIRED $1 a week. I'd happily pay El Reg the same. Vice I read but could live without.

I used to be a publisher (with a safe ads policy) and frankly, if you won't pay, and won't allow safe ads, you can fuck off. But safe ads are the key. Until publishers can promise that, ad blocks will stay.

Sysadmin given Licence To Perve shows why you always get it in writing


Sounds like the first manager was a good one - alert to an issue and back peddling with good grace when shown that everything was OK.

GitLab offers Digital Ocean to soak up customers' CI burden


What happened to the Microsoft Ireland case

Isn't that the one that will clarify if US companies have to hand over EU located data?

Cybercrooks turn away from banks. Your health records are far juicier


Re: Another NHS Win

But in the good news https://www.wired.com/2016/03/john-mininno-medicare/ fraudsters get greedy, get caught :-)

Web backup biz Monster Cloud monstered after monster price hike


It's a breach of the law

Your T&C can say what they like, but if your ADVERTISING made a clear offer then that advertising overrides your T&C, unless you engaged the Big Red Hand. Contracts, esp consumer ones, are based on total package of communications.

So, yes, they can change their prices at any time, for those that joined before the offer or after it, but NOT for those who had a reasonable expectation of a year of unlimited storage. (Note, while the word unlimited might be held to be puff, anyone in the target market backing up target market type stuff should be fine).

If Monster is consumer oriented, how about a Your and Yours story, (and at the same time educate some journos on tech).

US bus passenger cracks one off for three hours


It's the USA of A, maybe he had a gun in his pocket

He was clearly nuts, and she didn't want to do anything to escalate it. A valid approach in the circumstances.

Costa Rica launches investigation after reports hackers ‘rigged’ 2014 election


Crazy name crazy guy


That, at least is a proper baddies name, a great combo of sepulture and veda (homonym for vader)

'Panama papers' came from email server hack at Mossack Fonseca


Would not have been but

Information exposed in an email is ALWAYS older than the email, (think about it). Sometimes much older.

A 1978 NewCo is set up on paper. This becomes a matter of record on the public register in Panama, (but is basically just micky mouse data), and, for some reason, can't be reached today :-)

2015 - a Partner sends an email to BigWig saying "great news Sir, NewCo is worth X and it's all yours, latest accounts attached, you'll be amazed how savvy you are at gold dealing".

Now you have an email leak covering stuff going back 40 years. Because NewCo was EITHER set up to be sold as an established company OR by/for BigWig at that time. Both are dubious.

Your pointy-haired boss 'bought a cloud' with his credit card. Now what?


PHB has FULL access

That's what the CC did, whether or not you liked it.

I've been playing with Digital Ocean myself, as a teach myself building servers thing and it is awesome just how fast you can get something that works.

The problem is that the PHB thought that the "one click" install, where he did everything as root and didn't SSL is safe enough for the dangerous data he then puts on it.

Woman scales Ben Nevis wielding selfie stick instead of ice axe


Re: Fucking moron

1) It's not the height, it's the fact that you're pretty much at sea level when you start that makes it a proper climb.

2) You're on the coast. Facing the ocean, with wet air hitting it and going straight up. It's more changeable than, something very changeable indeed.

3) It's spring. Lovely at the bottom. Suddenly lethal at the top.

British mountains are more dangerous than they look, and spring is the most dangerous time because inexperienced people get tempted up, and it all goes hypothermia.

I used to bounce around on mountains, on my own, all year long. Loved it. But I had the gear, the knowledge and fitness. Sadly my knees are shot now - I can go up OK, but coming down became agony.

Ransomware scum sling PowerShell, Word macro nasty at healthcare biz


My local Council loves to send me bid docs that I'm supposed to fill in. They have macros. So far I've been able to fill them in and place bids, and every time I tell them that they really shouldn't be sending out macros.

Just think, they have all those staff who are used to opening docs and running macro laced docs from external sources.

10, 9, 8, 7.....

A 'hundred million' Truecaller users vulnerable to privacy bug, security bod says


Just emailed datainspektionen@datainspektionen.se


It has come to my attention that when someone puts Truecaller on their mobile phone, they are supplying Truecaller with ALL the phone number and name data in their phones database.

Truecaller then uses that information to tell other users who it thinks any particular phone number belongs to.

My point being that this is a breach of personal privacy, and Truecaller seems to be Swedish.

"Copyright © 2009-2016 True Software Scandinavia AB. All rights reserved. Truecaller™ is a registred trademark.

Responsible publisher: Alan Mamedi appointed by True Software Scandinavia AB. Database name: Truecaller.com "

Example - John uses Truecaller.

John has a friend called Mike, who does NOT use Truecaller.

John's Truecaller uploads Mike's number to the Truecaller system.

Then, when Mike calls another Truecaller user, Truecaller tells that user "Mike" is calling.

At no point has Mike granted permission for his number to be used by Truecaller.

1) Is this legal under Swedish law?

Data Subjects - Mike - are NOT being provided with any information.

12. What information should be provided to data subjects at the point of collection of the personal data?

The general rule is that a data controller must voluntarily provide information to a data subject at the point of collecting personal data. This information includes:

The name, address, telephone number, company registration number and e-mail address (to the extent applicable) of the data controller.

Information concerning the purpose of the processing.

Any other information necessary for the data subject to be able to exercise his rights in connection with the processing.

This means that the information provided by the data controller must include information about the recipients of the information, and that the data subject is entitled to request information from the data controller concerning the processing and that the data controller is obliged to rectify any information about the data subject that has been erroneously processed.

There are exceptions to a data subject's right to receive information. Information does not need to be provided in relation to matters of which the data subject is already aware. Where the personal data is collected from a third party and not from the data subject himself, it is not necessary to provide information to the data subject if:

It is impossible.

It would involve a disproportionate effort.

SO... I think TC are in breach, because they do not notify the people whose numbers they collect and tag with names. John is aware, but Mike is not, and Mike has not given permission.

Perhaps they suggest that to do is impossible or would require disproportionate effort. So what, they don't have permission, and if they are not willing to seek it (e.g. by sending an SMS saying "your number has been put forward for adding to the Truecaller DB under the name "Girlfriend 3". If you agree, text back YES. If you do not want your number recorded, do nothing. If you want the number listed but under a different name, use our website".

What TC should do (if not willing to get proper consent) is ONLY retain the numbers of TC users. They should scrub the DB of all other names and numbers and stop collecting them in the future.

Do I need to make a formal compliant or does this email suffice to raise the issue?


SportPursuit coughs to being hacked. When? What got nicked? They ain't saying


"A limited number"

Every time a journalist sees this in a press release they should automatically follow up with "and of course, by limited number they might well mean limited to EVERYONE".


Biting the hand that feeds IT © 1998–2019