* Posts by bobdylan123

6 posts • joined 3 Dec 2019

Apple drops a bomb on long-life HTTPS certificates: Safari to snub new security certs valid for more than 13 months


But most browsers have a more rigid CA system now. e.g. look at the fallout from the google cert error with diginotar https://en.wikipedia.org/wiki/DigiNotar

There's not a valid reason for this expiry - provided the list of CA's are appropriately secured and the mechanisms are robust. If either of these aren't true, then the expiry limit being 1 day or 1000 days will make no difference.

The winners and losers of infrastructure clouds revealed: AWS, Microsoft, Google and Alibaba get fatter


Re: Welcome to the new mainframe.

Absolutely no-one is going to be bringing their cloud test environments to an on-prem solution. The ONLY time that might be viable would be if they have kit sat idle which is already using money however the additional engineering costs would almost always outweigh the expenditure recuperation and it wouldn't be 'live-like' and wouldn't be a suitable fit.

A fine host for a Raspberry Pi: The Register rakes a talon over the NexDock 2


Re: Why some people keep on reinventing the ill-fated Palm Foleo?

By that logic why not just shell out for another pi and transport the microsd between home and work?

The use case seems to be to run a 3 year+ old laptop, in a nicer case. Unfortunately you can actually buy a 3 year old laptop for around that price point without the extra effort. A 1080p screen just isn't good enough either. You'd may as well buy a portable monitor and a wireless keyboard, a decent power bank etc. and have a higher quality build for the same price (or less).

WhatsApp chaps rapped for crap app group chat zap: Infosec bods find a way to nuke messages, fix issued


Re: Why?

Leaving Las Vegas

I thought he played the role well in Snake Eyes, 8mm, con air etc. too. Yes some of these were over-the-top / dramatic etc. but I think that's how they were written so therefore he did the job well.

I think you're judging his acting ability against the quality of the films, which is unfair - to an extent.

Revealed: NHS England bosses meet with tech and pharmaceutical giants to discuss price list of millions of Brits' medical data


Re: Once again. It is not *their* data to sell.

I think as GDPR is an EU law affecting EU citizens - what the NHS does with British (non-EU post brexit) data is up to them.

You'd think they'd at least try and spin this as a 'greater bringing together of data to get a cure for cancer / childhood illness' etc. as opposed to the fact they're likely to spot trends and forecast drug use / requirements better and therefore up prices. Additionally this can be used to bury other trends such as drug A is less effective. or Drug B works but is less profitable etc.

AWS has new tool for those leaky S3 buckets so, yeah, you might need to reconfigure a few things


Re: Customers can enable Access Analyzer

Yes it's free.

"Access Analyzer for S3 is available at no additional cost in the S3 Management Console in all commercial AWS Regions, excluding the AWS China (Beijing) Region and the AWS China (Ningxia) Region. Access Analyzer for S3 is also available through APIs in the AWS GovCloud (US) Regions."

I think this is just a response to the high-profile 'blunders' which have been down to human error (but looks bad on AWS unfairly). This will be just another resource which AWS can say 'look - we have this easy to use, free tool for them, yet the user is still an idiot and ignored it or any of the other best practice advice we have given'.

For example when you make a bucket public it alerts you and is very visible on the console afterwards. A person also will need to deliberately attach an open resource policy to the bucket, yet this still isn't enough.


Biting the hand that feeds IT © 1998–2020