Posts by John H Woods

Banana law stupidity

Why the hell can people only see the banana regs in terms of what Mr(s) Consumer can buy from Supermarket corp? FFS If you are a buyer for Supermarket corp and you buy a container of Class I bananas that has to mean something specific. The reason there are banana regulations is that they are traded: it has very little to do with protecting consumers from the wrong shape bananas.

You know what? In a Brexit world where we decide to trade goods with e.g. Canada, there will be regulations affecting the classification of every single type of thing that we trade with them.

Earworm

Brain surgery not required, simply hum a few bars of the Neighbours theme tune to yourself ...

500 atoms on a side.

^hydrogen^... big atoms can be 5x bigger.

Re: One of the problems with quantum encryption ...

"A brother and sister have either 50% or 0% matching genes" -- AC

Not sure where you got that from but it is totally wrong. On average full sibs share 50% of their DNA, half sibs share 25%, full cousins share 12.5%. How on earth could full cousins have more genetic homology than full siblings?

Re: SMS?

Even if the content is effectively information free (and you might be surprised how much can be deduced by pattern analysis) you have the problem, without decent encryption, that you cannot be sure of the source of a message or that it is untampered.

If you want to attack a critical worker (or get to them by attacking their family) you could do worse than sending a bleary-eyed recipient a message demanding they attend location X immediately.

Re: Security Engineer?

Please... Tell us how you replied to that extraordinary piece of wibble

"Moore's Law ensures that what is classed as "secure enough" today will not be secure enough in the future" -- Velv

I hear what you're saying, but the universe is finite and, more significantly, the time period for which cipher text has to remain safe is actually pretty short. I cannot see any conceivable way that a 256 bit keyspace can be exhaustively searched in a reasonable time (say, under a century) by conventional (non-quantum) computers. NB: I am absolutely not saying 256 bit ciphers cannot be broken.

Missed premise

I don't think anybody is arguing that certain crimes should go unpunished because of some circumstance of the perpetrator.

It is, however, very well established that sensitivity to such circumstances is an important part of sentencing. Given the lack of reassurance from the USA but they will adopt a similar approach, we need to assert the primacy of British law when it comes to British citizens. It is a little more of than an extension of the principle that we will not extradite to States where British citizens may be subjected to capital punishment... we should also resist extradition of our subject to legislatures where we do not have confidence that either the standard of the prosecution and/or the proportionality of the punishment match UK standards.

Re: Surely this is almost the definition of insider trading?

@pdh et al. I agree with what you are saying about having to normally establish the "insidership" of traders by virtue of direct relationships but there is a broader definition of insider trading under the heading of "misappropriation" e.g. Rule 10b5-1. I think it might be possible to make an argument that a penetration tester has, by virtue of testing products from a vendor, established an indirect or derivative duty to the corporation or its shareholders, even when it has no direct relationship with that vendor.

Furthermore, as it seems that MedSec approached a hedge fund, rather than simply individual MedSec employees doing their own private little shorts, they may have made it harder to prove that no-one acted "on the basis of material non-public information"

the problem

Surely we would have more insight into this problem (if indeed it is a problem) by establishing why the gender imbalance exists. If it is because females don't want to do these sorts of careers, it doesn't matter --- not even if IT would be improved by having more females.

If there is inequality, real or perceived, let's address it. But simply analysing the numbers, even the trends in the numbers, is not going to give us the answers we need.

Re: I'm not paid a lot

This is absolutely right. Opponents of the basic income seem to believe that people won't work at all. To me that's ridiculous: if that were true, capitalism wouldn't really work at all. People want more even poor people they are not some non-aspirational subspecies. I'm highly suspicious of highly paid people who say "pah, what's to stop me sitting on the sofa all day?" How about not being able to afford your Jaguar XKR?

Automation....

... is usually a good thing but we should always bear in mind that it often works better for the bulk processor than the individual. Given that it is now perfectly possible to have a county court judgement entered against you without your knowledge (there is no requirement on the applicant to make any reasonable effort to find your current address or to send letters by recorded mail etc) for any amount over £1; that the Mere existence of such a CCJ may prevent you not just from getting a mortgage but even from renting a property; and that, according to a episode of Money Box (I think) on Radio 4 I heard recently, there may be tens or even hundreds of thousands of people affected by unknown CCJs, I think we ought to exercise some caution in welcoming these measures.

Fragile evidence...

IANALBIPOOTI and think that evidence obtained by cracking my client's device is clearly proof that its security can be bypassed. And, therefore, there must be at least the possibility that material could have been placed on the device (before it became protected evidence) by someone other than my client...

Re: "It's an ongoing dialogue", say anti-terror bods...

Indeed. There are two type of people who demand safe backdoored encryption: people who don't understand encryption and people who are dishonest. There may be some overlap

Re: To do anything else would be dishonest

Violas irritate everybody.

Why does a viola burn longer than a violin?

It's still in the case

But surely viola can be excused as a typographic transposition, the truly objectionable is "Wah Lah" and similar.

Re: Mansfield bars

"I'm pretty sure that there are engineers in the USA that could solve the problem of the side protection bars on trucks grounding on rail crossings." --- werdsmith

Even hinged bars that could be manually swung up for crossing large humps would do the trick. The use of Mansfield bars is much wider than might be expected --- in multiple collisions vehicles can be pinged in all sorts of trajectories: it's usually better for nobody to end up underneath trailers.

Mine too:

"Hi, I've got some electronics to dispose of"

"Just chuck it in the skip marked scrap metal"

As far as WEEE goes, this seems to be more like taking it than complying with it.

Re: Bah!

"Why is it that the more "smarts" that are built into working devices, the less reliable they become?" --- Stevie

Well, we know the answer to that --- the more code you have, the more bugs you have. What I don't understand is why the switch from test to armed has to be in software. Seems to me to be crying out for a hardware solution. It's not like a grenade pin --- the force / speed combination required to trigger a deployment is fairly substantial --- I'm not sure how realistic it is to subject a vehicle to a non-destructive test that would deploy the airbag once it is assembled.

Further info from someone who has a clue very welcome, I'm clearly missing something.

Re: Haters gonna hate...

@Killing Time

I'm sure you are right that "accurate consumption information permits informed decisions and potentially, monetary savings" but you also say "I have far better uses for my money than to give it away when I don't have to"

Given the latter, you will have to make a net saving. A 20B project for 30M households is about 600-700 quid per meter. Most of the information to which you refer would be available from a cheap induction loop device.

Re: Internal sites

"What about all the internal home based web enabled things we have"

AFAIUI, you'll still be able to do that. You'll get a warning, that's all, which presumably you can override so it does not subsequently appear.

Re: Stephen Fry?

Hugh Laurie?

Re: Teleporting trucks

"If you are a person you can see far enough into it to make a decision that the lane is currently empty "

The number of places you can safely swerve is VERY limited: most drivers could only safely perform that manouvre if they were already preparing to safely overtake the vehicle in front.

Swerving to avoid hitting a pedestrian, cyclist or horse is probably acceptable. But you have to remember that most modern cars will keep you safe in a front-on impact at considerable speed. Even if your swerve is not endangering other road users, you may pose a greater risk to yourself by virtue of the fact that you are more likely to lose control of the car.

I swerved a 7.5 tonne horsebox to avoid hitting a lorry that had attempted to cross a main road in front of me and had stalled. This was firstly a defensive driving failure. I had seen the lorry stop at the junction to the road I was travelling down, and I assumed it would stay stopped. Then when I saw it moving I assumed it would safely cross in front of me. When it stalled, I braked as hard as I could given that there were valuable horses on board and was at about 20mph when I would have crashed; I swerved round at low speed, mounting the verge, and we were all safe. A self driving car would never have made this mistake as it would have assumed (as I now do) that a vehicle on the side of the road may pull in front of you at any time. And without horses on board, I could have easily stopped the vehicle in the distance I had. And, even if the distance had been a lot shorter, without horses on board, I wouldn't have swerved, either: I would hae just driven it into the side of the lorry at 20mph.

Re: Some prick is shining lasers at teenagers playing a computer game?

Maybe he was downvoted by the manager to whom he referred?

Re: Security? What security?

"they go in different rooms, one of them preferably RF screened" -- AC

And I think there's probably a good argument for making sure they are on different power supplies. I haven't heard of any malware manipulating the power consumption of a server but I would think that you could probably transmit a low bit rate signal on this channel if you tried hard enough.

Re: Trust!

"Frankly, the greatest threat to modern civilization are a mob of stupid people with the vote." -- AC

Ochlocracy, a word I discovered listening to this interesting discussion about Xenophon

Re: Why only IT?

Interesting point re: "because IT"... a quick noodle in Private Eye soon reveals very highly paid people earning money through single person companies by providing various consultancy services to national and local government. Maybe one should describe oneself "merely" as a professional services consultant and only discuss one's IT knowledge in the interview?