* Posts by John H Woods

3235 posts • joined 14 Nov 2007

Software engineer jailed for 2 years after using RATs and crypters to steal underage victims' intimate pics

John H Woods

or compost

Fired credit union employee admits: I wiped 21GB of files from company's shared drive in retaliation

John H Woods

Is this not the perfect use case ...

... for a ZFS* snapshot?

* other copy-on-write Filesystems with snapshot functionality are available.

Adding AI to everything won't make sense until we can use it for anything

John H Woods

25 years in IT has made me increasingly cynical about AI ...

... but being a biologist before that certainly doesn't help. For all her vocabulary and uncanny valley sex appeal, Hanson Robotic's Sophia appears vastly less intelligent and engaging than all but the dumbest of canines, let alone primates. In thinking per watt, we still seem just as far from the intelligence of the Corvids (crow family) as we were when I started in IT.

Machines that can outperform humans in highly specific fields are not, in my opinion, doing it in a manner that we would normally recognise as 'more intelligent'. A lot of stuff that was almost impossible in the 80s and 90s, such as image recognition, moving object tracking etc. has vastly improved but I still don't believe there's anything yet going on in the silicon that could be justifiably regarded as thought.

Think you can solve the UK's electric vehicle charging point puzzle? The Ordnance Survey wants to hear about it

John H Woods

"All of its premium data"

... which was collected at the Taxpayer's expense, AMIRITE?

30 years of Linux: OS was successful because of how it was licensed, says Red Hat

John H Woods

Re: people understanding

"So YMMV with the idea of Linux being a personal solution."

Whilst that is undoubtedly true, you have already acknowledged that, for the vast majority of users, Linux is a satisfactory personal solution. Of course, for you, switching is out of the question. Although, in the unlikely event that enough of the developers who supplied your software tools switched, then not switching with them sounds like it would also be out of the question.

Google's newest cloud region taken out by 'transient voltage' that rebooted network kit

John H Woods

Re: My personal computer could survive this

"You've never had the high voltage wire fall onto the low voltage wire outside your house"

USA, I'm guessing? Opportunities for high tension wires to touch domestic voltage in the UK are extremely specific and accidents are rare. Even in rural areas I have never seen the final stepdown on a pole anywhere a road-going vehicle could hit it. Infrastructure in the USA looks almost Third World by comparison.

Bumble fumble: Dude divines definitive location of dating app users despite disguised distances

John H Woods

Math-heavy pages on Wikipedia are way out of whack (technical term) with the tone and level of other technical content. All my attempts to contribute simplifications and explanations have been rejected.

John H Woods

Optional ize

Trilateration, surely, otherwise we would use the term triangularization?

GitHub's Copilot may steer you into dangerous waters about 40% of the time – study

John H Woods

Maybe if we didn't use inappropriate languages?

Anyone who knows me even slightly will know which language is coming, but there are plenty of alternatives that would be vastly superior to C as target languages for AI code generation.

"generate 3 random floats"

rng := Random new useClockBasedSeed.

a:= rng next.

b := rng next.

c := rng next.

"convert to string"

a := a asString.

b := b asString.

c := c asString.

This isn't an attack on C - but it's not the language for Artificial Intelligence to mess around; or even, in most cases, natural intelligence ;-) let's leave it to the geniuses.

Oh the humanity: McDonald's out of milkshakes across Great Britain

John H Woods

Re: A number of sound decisions?

"Same reaction as remainers when they spout dim nonsense."

I dunno, I usually laugh when Leavers call me dim, whether I'm spouting nonsense or not ...

"The EU is behind again and so dont have the demand yet where the US and UK get vaccinated and got on with the job."

Especially when they are spouting nonsense, e.g.:

How the EU tortoise caught the UK hare in the Covid vaccination race and some easy stats

Covid19 is probably the VERY LAST THING you'd want to mention in support of UK or US exceptionalism.

John H Woods

Re: A number of sound decisions?

"Also, you did spot that word 'just' in my original post? ... Was that too subtle a use of language for you?"

No, I think I know what 'just' means; I'm 'just' at a loss to what you're trying to say.

For instance: there's children in food poverty all over the world, the UK's problems aren't *just* due to failures of UK governance. Or there's always been climate disasters, so they aren't *just* due to climate change. Or hackers are attacking systems everywhere, so it's not *just* down to people running systems that haven't been updated for ages. Or, Covid19 and driver attrition have affected supply chains everywhere so the problems in the UK aren't *just* due to Brexit.

Nobody, AFAICS, claimed it is 'only Brexit' - the suggestion is that the situation is worse in the UK because of Brexit. In fact your discovery that there a shortages all over the world does rather suggest that it IS just because of Brexit, unless you can come up with something else that is UK but not NI specific. Can't think of anything ...

John H Woods

Re: A number of sound decisions?

"have you a proper argument as to why those who are might be dumb?"

As you missed it the first time round, my objection was that the OP's argument relied on an entirely unjustified underlying assumption that all shortages are of the same magnitude. I see similarly dim thinking from a lot of Brexiteers. There's a lot of dim thinking from Remainers, too, but I'm not usually arguing with them *about Brexit*

The key thing about Brexiteers, and a lot of people on the Right, is they are very sensitive to the idea that they aren't that smart, but they do tend to say a lot of stuff that isn't that smart. This was a case in point.

John H Woods

Re: My milkshake

Your Brexit keeps all the trucks in the yard

John H Woods

Re: A number of sound decisions?

"A very quick internet search just brought up articles referring to truck driver shortages in the EU and also in the USA."

I think you may be assuming that all shortages are equally acute.

"So no, it's quite clearly not just Brexit."

Look, Brexit supporters and apologists get really quite annoyed if we suggest they are a bit dim so can I please suggest they stop saying things that are ... a bit dim?

Judge dismisses objections to spaceport in Scotland from billionaire who also wants to build spaceport in Scotland

John H Woods

Re: Pray tell

Exactly: I'm sure half the problem is the use of the word 'spaceport' for something that would more accurately be described as a launch (and possibly landing) pad.

More Boots on Moon delays: NASA stops work on SpaceX human landing system as Blue Origin lawsuit rolls on

John H Woods

Re: Meanwhile

"At this rate, the Chinese will have a city on the moon by the time Americans get to land there."

It's almost like post-1980s Reagan/Thatcher/IMF neo-liberal monetarist trickle-down bollocks is actually bollocks, isn't it? We'd have had a base on the Moon and boots on Mars already if it hadn't been, for some reason, more important to ensure the fabulously wealthy became even more fabulously wealthy.

Microsoft, flush with cash, raises cloud office suite prices for businesses

John H Woods

Re: As the great scholar said...

friatur?. Or does it crumble something else?

Tired: What3Words. Wired: A clone location-tracking service based on FOUR words – and they are all extremely rude

John H Woods

Re: Irrelevant re-invention

OS coordinates are two letters followed by 4 to 10 digits. An error in the first letter (which is S, T, H, N or very rarely O) will be in the wrong 500km x 500km area of the country; an error in the second (any letter except I) will put you in the wrong 100km x 100km subsquare. In the rare case a 10 digit O/S reference is supplied (to a 1m x 1m square) errors in the 5th or 10th digits will yield a result close enough for most purposes, though perhaps not for parcel deliveries. On the other hand, small errors in the first or (n/2+1)th digit or large errors in the other digits will give you a reference that is hundreds to tens of thousands of metres wrong: easily enough to put you in the wrong place but not far enough out to be obviously wrong before you set off.

This is a* claimed, and - AFAICS - so far not disproved, strength of W3W, that most small errors in reference give (contextually) wildly improbably locations and you are far more likely to know on receipt of the reference (and even if you are offline) that an error has been made.

This is not the case with OS refs, or Lat / Long, either, where errors in the 1st to 3rd decimal places of degrees have similar 'bad but not mad' results. If I were a helicopter pilot looking for, e.g., an injured walker, I'm pretty sure that fruitlessly looking a few km away from my target, mistakenly fairly certain that I were in the right place, would be vastly less preferable to being in a position to say "that reference is in Vietnam, so I think unless you can get us the correct reference, we'll fly round and use the old Mk I eyeball"

* other claims that 3 arbitrary words are easier to remember, or easier to communicate, may well be regarded with more scepticism.

John H Woods

Re: Not my kind of humor, but

IP Switch?

John H Woods

Re: 999... What is your location?

My son called in an emergency "at the junction of the Wolves stadium and the ASDA" and they said they "needed a postcode" - he replied "I'm sorry I don't have the postcode". When they said "we can't dispatch an ambulance without a postcode" he replied "you don't need a fucking postcode, anybody in the world can nail that description to a single point on the globe. If you are refusing to dispatch an ambulance, please just identify yourself and confirm the official reason is 'caller does not know postcode'"

The ambulance was duly dispatched, which was fortunate because the 'fainting' turned out to be a cardiac arrest.

John H Woods

Re: Reg Fail w3w fail

"The problem sometimes is that the 999 operator is relaying the w3w code to the emergency service that will be responding."

This is a problem with lack of caller - operator - service join-up, not with W3W. Chinese whispers doesn't work well with grid references, as they don't have checksums. W3W does at least have an implicit checksum as small changes in the reference nearly always yield locations that are contextually impossible. Every single one of the W3W cases given as an example of "when it is confusing" is actually an example of when it is working, as not a single one was a valid location for a call to UK emergency services.

I do think W3W missed a trick concentrating on simple words that are perhaps more easily distinguished in text rather than in speech over a noisy channel (trailing 's' is a case in point - maybe they should have generally avoided plurals). However, where a borked W3W address is in the wrong continent that is simply achieving its stated aim: you know the reference is wrong before you even start out, and hopefully within seconds of receiving it, even if you have no internet connection.

In contrast, where there's an error in the first three decimal places of degrees longitude or latitude, you've got a target which is hundreds, thousands or tens of thousands of metres away from where you should be: and you won't realise you have the wrong location until you get there (and, perhaps, depending on the terrain, not even until some time after you've arrived).

John H Woods

Reg Fail

"even though there are a number of examples of it not working as well as established technologies such as Ordnance Survey or GPS coordinates."

I really didn't expect El Reg, of all organs, to quote that article with nary a raised eyebrow. Here are those examples:

jump.legend.warblers which was in Vietnam

duties.factory.person was located in China

dignitary.fake.view turned out to be in India

refuse.housework.housebound was in Australia

middle.plugged.nourished was in the US

demand.heave.surprise was actually in Canada

flesh.unzip.whirlwind was in Russia

Now, what I deduce from this is that Mark Lewis, provider of these examples and head of ICT at Mountain Rescue England and Wales is being, hopefully uncharacteristically, a fucking moron. Every single example here is of W3W working as advertised* --- get it wrong and the implicit checksum "is it in remotely the right place" doesn't match. Did he dispatch a fucking crew on the Mountain Rescue Heli and after several hours they said, oh, hold on, why are we going to Vietnam? Of course not. Mangle a number (which people, in my experience, do more often than they mangle words) in a grid reference and you can easily be, depending on the decimal position of the error, between 100s of metres and 10s of kms out. This is the danger zone for search and rescue: it's only if you mangle the first few digits that it would be obvious numerical coords were wrong. W3W is explicitly designed to give you an impossibly distant location if you cock it up, whichever of the three words you bork, and that is precisely what these examples show!

Andrew TIerney, also referenced in that abysmal BBC report (which - did I say? - I'd have expected El Reg to approach in somewhat more sceptical mindset) has at least got the right idea but is also, IMNSHO, really pushing his luck in terms of not coming across as a numpty.

"for example, circle.goal.leader and circle.goals.leader are less than 1.2 miles (2km) apart along the River Thames."

This is apparently the best example he has got and 2km is well in the danger zone, so obviously a bit of a W3W failure. But hold on, one of these is in the fucking river! So if, as an emergency operator, I looked up the location, I'm pretty sure I could tell, depending on the nature of the emergency, if I'd got the wrong one.

So, I've been a bit rude about two people, apologies. I should be clear --- I'm not casting aspersions on their general character. They might be very sensible people who are just being a bit spectacularly dim at the moment. We've all done it, me more than most (my first attempt at posting this rant somehow saw it on the Starliner article!). But the person who really needs to hang their head in shame here is the El Reg journo who just parsed and absorbed the BBC article without remembering that almost any sci/tech story in the BBC is wrong, almost by definition.

* I, too, have concerns about its proprietary nature, etc., but let's just deal with their claims for the moment.

US watchdog opens probe into Tesla's Autopilot driver assist system after spate of crashes

John H Woods

Re: Also: why?

"THe trouble with ‘driver assist’ systems is that the more automated you make the task of driving, the less attention the driver actually pays."

I thought this too until I started using a car with adaptive cruise and active lane control. But I've noticed that as driving is now somewhat less tiring, I am more alert at the end of long journeys. I've also noticed that with the ACC managing the distance between me and the vehicle in front, I can pay more attention to other hazards. So I'm no longer convinced that it is self-evidently true that assistance systems always lessen driver attention.

FBI paid renegade developer $180k for backdoored AN0M chat app that brought down drug underworld

John H Woods

Re: War on drugs

For clarification, I don't personally use drugs - I'm old enough that 'standing up really fast' usually suffices for a head trip.

John H Woods

War on drugs

We're all against drugs destroying people's lives, including those of us who believe in legalization and decriminalization, so it would be good to avoid comments like "sure, legalise all drugs and see what happens"

Surely those who support the War on Drugs either:

a) are making money out of it

b) believe it can eventually be won

c) ... I can't think of anything else but am open to suggestions

I used to believe (b) and now I don't. It's taken me a couple of decades or so, so I'm not demanding anyone changes their mind immediately! But I'd like those people here who believe (b) to tell me how much longer we should give it and perhaps any indications at all that we are making progress towards an eventual victory.

Australian cops, FBI created backdoored chat app, told crims it was secure – then snooped on 9,000 users' plots

John H Woods

re: "percentage-wise half-past fuck-all"

At under 10 man years of Australian law enforcement effort I reckon you and your upvoters must belong to the 'how hard can it be?' school of IT sales and project management :-D Intelligence gathering isn't done by some little algorithm on your "VM server" you know, spitting out a list of "go get these guys and lock them up, job done"

Also, if the arrests involved only 'very brief involvement of ordinary police' they haven't nicked anyone remotely senior/dangerous in the entire operation. And even police work doesn't stop with the arrest, let alone the rest of the cost to the justice system, where the work only just starts up on arrest.

You don't need to have worked in or with the police or other investigative bodies to see that your thumb-in-the-air estimate is nonsense - you don't even need to have watched Line of Duty or the Wire --- you just need to be comfortable with back-of-the-envelope estimation work.

Indulge me whilst I explain why this annoys me: I am a great believer in back-of-the-envelope calculation - but it has to have reasonable inputs and not be a thoughtless hand-wave to shut someone down.

I clearly remember some of the scorn from those to whom I used to report when I told them (a) the paperwork they were proposing to scan was about 5,000 tonnes and (b) no it could not be stored in an unused second floor office space.

One of the twats seriously asked me whether I "thought I was some sort of building expert" when I told him there was no way a second floor office would take 10kPa loading --- laughing with his public-school 'educated' friends "John's got carried away because his job description says architect!"

Yes, I do know that systems and enterprise architect is no sort of architect - and I hate the term for that reason - but I do know how to: (a) make sensible estimates; (b) multiply numbers together; and (c) the value of the 'engineering eye' to oversee the whole process and judge whether it's reasonable.

OP might well be wrong in the implication that a 1% dent in the AUS drug market wasn't worth it because it cost at least 1% in the law enforcement budget. But I suspect they are wrong because it isn't nearly a 1% dent in the drug market. Yes it's 1% of the product. But drugs are cheap. That 1% will be easily made up by (a) importing or manufacturing more drugs and (b) by dealers increasing their prices (which, guess what, makes users commit more crime to pay for it).

TL;DR: what is approximately "percentage-wise half-past fuck-all" in this situation is what the bust has achieved in the "War on Drugs" (even in AUS, let alone globally) and it has been achieved at a cost of somewhat more than that amount.

John H Woods

Re: Results:

I don't think there's "every chance" it was self funding, let alone turned a profit. Remember, you've only just started the spend with the arrests.

The war on drugs is hideously stupid and counterproductive. These big flashy busts always turn out to have near zero impact on the supply --- example) It's a great tech story, and awesome cyber security work, but the global annual trade in illicit drugs is well into 12 digits USD and the ”war” is just making criminals richer and more violent. Not the same criminals, perhaps, but to ordinary law-abiding folk the effect is the same (or temporarily worse as the inevitable turf war breaks out).

In the UK the police have effectively recruited loads of children into drugs gangs ... dealers have got so used to undercover cops infiltrating their networks that they have now have a deliberate policy of using minors, the only people who can't be cops.

In short, 50 years after their stupid moral panic about alcohol elevated Cosa Nostra to a global organized crime power, the USA started an entirely new moral panic over drugs, repeating exactly the same mistake, and this time spreading their apparently inadvertent sponsorship of international crime all over the world. And 50 years after that, a century after prohibition, just how well is this strategy working?

How much longer are we going to give it?

Big Tech has a big problem with Florida passing a law that protects politicians from web moderation

John H Woods

Re: "uncritical parroting"

I'm not arguing that trans women are women, I'm telling you :-) just like I might tell you there isn't a largest prime number. It's not "uncritical parotting" or "commonsense facts" but based on a genetics BSc, a biochemistry PhD, and an atypical sex chromosome makeup. There's a few biologists and ex-biologists on here, let's see how many of them rush to your defence...

However, we can leave the "biological truth" of the matter to one side: it doesn't even matter what the OP thinks --- there are statements that it is completely unreasonable to publish, probably to say out loud in any polite company (and possibly in any company whatsoever).

For instance, David Lammy recently had to deal with a caller who asserted, several times, with no embarrassment, that "You can't be British and Afro-Carribean." This is not a reasonable thing to say whatever one thinks. By the same token "Trans women are not women" is not, in this instance, just some academic idea being dealt with in an essay with some degree of sensitivity, it is a pointless and inflammatory social media post. Nothing reasonable about it at all.

We don't have to say everything we think. The measure of "should I say it" isn't "can I get away with it" or even "is it objectionable" - it is "how will it make other people feel." I spoke to both a beautiful young girl in the super market today, and an enormously fat man (on reflection, this might have been my reflection). I didn't feel the need to point out to either of them the visual impression they had made upon me.

You say " it's a statement about the definition of a word, and English is not a prescriptive language" But in that case, why say something hurtful that is not even (according to your own argument) an objective statement, let alone one which can be proved?

TL;DR: as it is never appropriate to say "trans women are not women" it must indeed be a fact that "trans women are women"

John H Woods

Re: "drowning out the rest of us"

Well, Trans women are women, so your post was factually inaccurate, and I'm not sure there was that much that was reasonable about it (it certainly doesn't contain a reason for the claim).

However, I just received a 30 day FB ban for the following:

[OP: Labour would have performed even worse with Covid19]

My comment: "The only way Labour could have done worse is if the British are a uniquely stupid people. There are only about a dozen countries that have done worse than us, and they didn't start as rich countries with a state healthcare system, a headstart, and a largely sea border"

Am I being drowned out? Or have I just tripped an algorithm, like you did? I see plenty of comments suggesting trans women aren't real women, or that all muggers are black, etc. These voices are not being "drowned out" (not nearly enough, if you ask me) any more than I am being censored for being anti-Boris. It's just imperfect automatic content moderation.

It's annoying, but Facebook doesn't have any obligation to publish my musings. Their space, their rules. I might think their rules are stupid (actually I think they are largely ok) and I might think their algorithms are stupid (I feel I am stronger ground here) but you know, that's just how it is.

John H Woods

"elReg's US office be moved out of SF"

Well yes it would be so much more sensible for a Tech journal's office to be deep in farming country, wouldn't it?

The "spell checker on the comments section" is the one in your browser, selected by your own settings. Nothing to do with El Reg.

Now, I know you guys are particularly sensitive to being thought of as thick so can I suggest a handy hint: think for a second before posting. Because otherwise ... hey, do I have to spell it out? (in English spelling of course)

John H Woods

Re: Undemocratic group think

Using a platform to instigate a coup on an entirely false basis that democracy has been denied is criminal activity, old chap. Nobody is suggesting that "holding an opinion" is criminal activity, no matter how distasteful, but in many countries expressing certain opinions certainly may be. In the USA it isn't, but that doesn't mean that pointing a gun at somebody and saying "I believe that is my money" is protected by the 1A.

John H Woods

Re: Undemocratic group think

It's not about "free speech of politicians." If I used my phone line to fraudulently sell bogus financial products I'd probably find myself without a phone line. That isn't a deprivation of my free speech. If I were to libel you I'd possibly find myself in court. That isn't a deprivation of my free speech. It's just consequences.

My free speech (such as it is, because it's not that straightforward in the UK) is that I the state may not punish me for expressing an opinion just because they don't like it. It has got almost nothing to do with "deplatforming' because no-one is obliged to give one a platform.

John H Woods

Re: Health Warning?

I'm glad you posted it twice, because I wanted to upvote it at least twice

*yes I know the commenting backend was poorly, I double posted a few times as a result.

** Kudos to the editor Chris Williams replying to my query about this at 2015 on Sunday on a Bank Holiday Weekend. Now that is above and beyond SLA!

Ganja believe it? Police make hash of suspected weed farm raid, pot Bitcoin mine instead

John H Woods

Re: Switching off?

One would hope that, unless there were imminent danger, nobody would touch anything at all until the forensic bods arrive. The bio team don't want any plod prints or DNA on the kit, and the IT team would probably like to preserve the contents of the RAM or at the very least, maintain access to unlocked encrypted disk volumes. Good luck recovering what's been mined if you need the passwords again.

John H Woods

As a local ...

... I shall be scouring the police auctions for preloved graphics cards

It's odd that there wasn't even a finger-in-the-air estimate of what HW has been confiscated, in £, kg, or even just 'van-fulls.' All the grows busted round here usually result in pics on the cops' social media pages with approx numbers of plants and street value - I had to wait until the story turned up here to see the figure of '100 computer units'

US nuclear weapon bunker security secrets spill from online flashcards since 2013

John H Woods

And we wonder why ...

... the Russians are kicking our arses in "cyberspace"

Days Gone PC: Melting pot of open-world influences makes for one of the more immersive zombie slayers out there

John H Woods

"It ran silky smooth from launch ...

... on my RTX 3070, Ryzen 9 3900X rig"

Yes I should jolly well hope it did! How does it manage on more plebeian hardware? :-D

NASA to return to the Moon by 2024. One problem with that, says watchdog: All of it

John H Woods

Re: I thought they were just going to buy a Chinese one and slap their own label on it....

The Chinese are doing so well - and we is the West doing so badly - that maybe it's time to ask whether Thatcher/Reagan trickledown neoliberalism is actually all that great. Oops, sorry, did I say that out loud ...

Nobody expects the borkish bank-wisition: When I said I wanted some notes from the ATM, I never thought I'd see...

John H Woods


is quite an amazing tool. Best uses I've seen so far are as a quick wget (just type a url instead of a file to be loaded) or as a weird assembly code editor for hacking cmd.exe to nop out the privilege check so that you (actually the pen tester I was watching) could launch a console even though he wasn't allowed to.

AWS Free Tier, where's your spending limit? 'I thought I deleted everything but I have been charged $200'

John H Woods

Re: downhill

That sounds mad - unless one's computational demand is ridiculously lumpy, a 5 digit dollar monthly cloud bill is hard to justify. There comes a point that buying some kit, maybe leasing some DC space, and hiring some staff is a no brainer.

Cloud is useful for SMEs with the emphasis on S. By the time you get to M, you need to start cutting costs. Why on earth anyone thinks that is moving their stuff to the cloud, rather than moving stuff out of it, is a mystery to me. You end up with ridiculous situations like NASA outsourcing data storage when they have the experts, the facilities, the funds and the physical space to do it themselves and then getting (deservedly) rinsed.

Russian gang behind SolarWinds hack returns with phishing attack disguised as mail from US aid agency

John H Woods

Re: Wonderful Suggestion....

"However the first time a (legitimate) customer sends a link to an urgent order they want to place that is not on a whitelist (their Sharepoint or Google drive for example) and you as the one person who can send it through happens to be off for the day"

Is it? An order is going to be late. Or someone needs a phone call? Or maybe the company shouldn't have had a single point of failure with an important client. I think we may be in 'hard cases make bad law territory here,' anyway - I'd certainly a bit suspicious of a customer that could only place an order by sending me a link at the last minute, because if that doesn't stink of Phish, what does? If the person who sent it can't be reached on the phone for confirmation, is the order even that important?

I agree that security and usability don't always share the same end of the see-saw, but I don't see them as fundamentally diametrically opposite if the appropriate resources are deployed. If I really want to open a link of unknown provenance, I just paste it into a browser in VM I use for that sort of stuff. A typical end user might not be so comfortable doing that but surely it's not impossible for a mail system to replace an external links with ones that connect the user to, for instance, a disposable VM in the DMZ, with a browser pointing to that link? Or maybe just not have all the mail and web clients on exactly the same network as all the company's crown jewels?

John H Woods

Users: stop clicking links

Admins: give your users plaintext email.

Or filter out all links that don't point at local intranet, eg. your sharepoint etc or other whitelisted stuff.

Or just have sacrificial mailhosts in the DMZ.

Come on, who's actually working on this shit? And why aren't they actually working on it? Our shared family photo archive is more secure than this bollocks.

This is not going to change until the heads at the top start to roll. That is literally all that needs to happen. If you are in charge of one of these colander like organisations the holes are your fault. Even if you don't know how to fix them yourself, you know how to get others to fix them. It's your responsibility. Step TF up.

Dominic Cummings: Health secretary's 'stupid' targets delayed building UK test and trace system to combat COVID

John H Woods

I don't know what Cummings motives are:

they could be anything between cynicism and moral epiphany and I'm not sure even his friends know.

What I do know is that absolutely nothing he said was surprising despite the "Domshell" headlines. The only thing that was remotely surprising is that it was getting said out loud and on the record. I think pretty much anybody with more than half a brain strongly suspected, if not knew, that it was going down exactly like this.

I hear a lot of comment that he's out for revenge or even that what he is saying is 'unsubstantiated' but I'm hearing precious few people claiming it's actually false. Meanwhile the government are banging on about the success of the vaccine roll out which is a remarkable success for the UK but not really that much to do with HMG: the most credit they can take, AFAICS is the gamble with stretching the intradose interval which, luckily for them, paid off.

Meanwhile Matt Hancock says he didn't watch the testimony because he was "too busy saving lives" - I mean does he really believe this? Does he really believe anybody else does? I suspect he'd have saved more lives if he'd gone off sick and left it to the detested bureaucrats and experts to handle.

John H Woods

Re: Hindsight

economy vs health is not even a graded choice, it's a completely false dichotomy. The economy is not some mystical deity but an emergent behaviour of society. That is why societies that did most to protected their citizens automatically protected their economies without even trying whereas those who thought that the economy was the most important thing managed to trash their economies and kill people.

Who gave dusty Soviet-era spacecraft that unwanted lick of paint? It was an idiot, with a spraycan, in Baikonur

John H Woods

Re: Shame

Bob, Bletchley Park is good, but you'll enjoy the National Museum of Computing next door even more. HMU if you ever come to the UK - I'll buy you a warm beer.

John H Woods

Re: Soviet tech.. @CrackedNoggin

yep - remember those sorts of things - grew up in JHQ Rheindahlen - those were the days ...

Unfixable Apple M1 chip bug enables cross-process chatter, breaking OS security model

John H Woods

Re: Major security risk

National population density is only tangentially related to virus transmission. Anyone to whom this is not immediately obvious should probably refrain from volunteering their views about how and why Covid19 response has varied from one country to another.


Biting the hand that feeds IT © 1998–2022