Self-immolation, OTOH, might just do...
(obvious choice of icon)
741 posts • joined 10 Oct 2007
Indeed, if I get a call from my bank (to my mobile number), the first thing they do is ask me to answer security questions (something their own advice says is bad).
I always say no, and explain why (the explanation is for the benefit of the staff person calling *and* their trainers [who use the recordings of those calls :p]).
As I understand it, publishers receive ongoing payments for works lent by libraries, not just the normal purchase price of the work (using some fancy formulae).
Assuming the former is accurate, then while the IA is probably pushing the envelope somewhat, as long as they're paying the lending fees apropos for the vastly increased lending, the publishers aren't actually losing out. Indeed, arguably, they're likely to benefit from the increased awareness of their product (more readers means more sales [ultimately]).
Of course, it would probably have been better if the IA and publishers could have come to a negotiated agreement before all this kicked off.
If both are available, and working, why not just leave visitors on whichever one they chose to use? (especially when you've previously received negative feedback about forced redirection)
Even worse are those sites that then drop you on some sort of "pick your region" landing page, when the URL you typed expressly contained the relevant region in the first place!
This isn't the first time Stelios has forced an EGM to be held, as he does like to throw tantrums from time to time. He basically thinks he always knows better than the EasyJet board - sometimes he might be right, but trying to throw his weight [vis his large shareholding] around like this just makes him look petty and vindictive.
"You're missing the point of the attack."
No, I'm not. The point of the attack is to persuade one innocent DNS server to overload another innocent DNS server, thereby creating two victims, one of whom is misled into thinking the other is a culprit.
"The resolver at badguy.com is "misconfigured" on purpose--that is the attack."
I'm not talking about what the bad actor is doing at all. I'm talking about what the good actors can do.
Authoritative isn't the issue. Recursion is.
It's a recursive DNS server that's vulnerable, because it can be used to cause problems for other authoritative DNS servers (by generating multiple queries to resolve the one it received).
Best practice says that authoritative servers should be configured to only respond for their domains, and not to resolve other domains at all. Like that, they can't be used to propagate this attack.
Perhaps it's time for developers to ensure that they provide the installation APKs on their own website as well as via the Google Store, so that there's a way for users to obtain the latest versions even when Google muck things up^Hfail to scale again.
This has the useful benefit of allowing their software to be sourced by those who either don't have access to the Google Store (eg Huawei users) or who wish to avoid it (eg privacy advocates).
The current "punishment" regime is useless - forbidding advertisers from running an advert that they aren't using/showing any more is a waste of time.
What might work is forbidding them from advertising at all for a while - perhaps on similar lines to the coronavirus fines, where the ban duration starts modest, but rapidly ratchets up for repeat offences (within defined limits and with a slow decay [like speeding points]).
Or maybe we should just go the whole hog and ban advertising entirely! (launch the "B" ark)
Of course, it was created by a bridge player (or official), who used Word because it's what they had available to them at the time, and they weren't a "computer expert" (and probably were someone's grandmother!).
And either they weren't clever enough to be able to do booklet printing of a simple paged document, or possibly the automatic booklet printing options we take for granted now might not have been there in the combination of Win95/Me + Word 95/97 that was probably around when it was first created (it might just have been in the WinXP + OfficeXP era - certainly that's what I was using when I first got my hands on a copy of the document in the mid-noughties), so they created a multi-column layout to achieve the same end.
I mentioned its name earlier - it's called an EBU 20B (EBU is the English Bridge Union).
You can find it here:
It's been about a decade since I had to work with their version, and they might have cleaned it up somewhat since then (I did grumble at them about it a few times).
The compatibility issues aren't helped when the source document was poorly constructed in the first place. Back when I was playing bridge with regular partners, I spent some considerable effort on cleaning up the document so that I could reliably work on it with less of the sort of nonsense you've encountered. And that was just in Word itself.
ITYM the registration page, as that's where passwords are created.
But also make sure that pages that deal with passwords (principally the login page, the registration page and the self-service reset page) and the supporting backend processes all implement the exact same policy!
I came across a site recently where this was not the case, so I could reset with a new password that was accepted by the reset page (and it reported success), but would then not work on the login page.
Cue multiple rounds of resets until I found something that both elements were happy with.
For those who have virtualisation capability or spare hardware, Apache Guacamole is an excellent open-source remote access gateway (supporting VNC, RDP, and even terminal options).
It does take a little bit of work to build (on a Linux base), or can be downloaded as a virtual machine appliance (if you're prepared to trust VMWare's Bitnami tentacle).
It means no reliance on a 3rd-party intermediary (like MS or TeamViewer), and the client is sandboxed within a browser at the remote endpoint. Oh, and it can optionally do 2FA (Duo or TOTP).
I don't think the definition given on that page makes any sense at all in the context of the commentard's statement.
My suspicion (given the recent vintage of the page, and that's it's not an entirely trustworthy source) is that this is an attempt to retrospectively define the word after it's appeared as a corruption of "au fait", in similar vein to other ongoing online (particularly Twitter) corruption of existing English phrases (cf. Dave Gorman's Modern Life is Goodish "catphrase" and others).
Their 2018 figures don't detail all the administrative expenses (published accounts rarely do), but they do show that payroll costs alone were just under £0.8bn. That's a lot of staff (~22000, according to the figures).
It also lists their property lease commitments - almost £1.3bn in total (not all payable/charged against one year, of course), and more than £0.4bn on finance leases (again, multi-year).
As for transferring costs to other bits of their organisation, there are rules and limits around what companies can do in this regard set out both in domestic legislation and international treaties.
(https://www.gov.uk/guidance/transfer-pricing-transactions-between-connected-companies would be the starting point if one wanted to dig further into that)
The standard UK rate of corporation tax is 19%, and that is levied on pretax profit.
19% of £75m is £14.25m, so it sounds like Amazon did indeed pay their due share, according to the current method of taxing companies that we operate in the UK.
Biting the hand that feeds IT © 1998–2020