* Posts by Donn Bly

434 publicly visible posts • joined 10 Jan 2008


If you like to play along with the illusion of privacy, smart devices are a dumb idea

Donn Bly

Android Location Permission

From my understanding of the permission structure, access to Bluetooth and WiFi under Andriod version 8 thru 11 and is lumped into the location permission - something that was changed under Android 12 and later. Of course it should never have been put there in the first place, but that isn't the fault of the app developer. For these researchers to state that they have "no idea" why an app that has to use Bluetooth or WiFi to search for devices might request or require location permissions shows a lack of understanding profound enough that it undermines the credibility of the rest of their research.

Bombshell biography: Fearing nuclear war, Musk blocked Starlink to stymie Ukraine attack on Russia

Donn Bly

I am still trying to figure out how a starlink signal would even REACH a submersible drone traveling underwater. It isn't as though 11 or 40 GHz have much penetration in water.

Beware the techie who takes things literally

Donn Bly

Re: RS232 and DOS

But it couldn't handle the FIFO buffer of the 16550 UART unless you used a FOSSIL driver, and if you used a FOSSIL driver you could use BASIC, or Pascal, or C, or whatever you wanted.... Ah the amount of things that we went through in the old days - back then I ran a FidoNet Node, and I still shudder on how much I spent on hardware.

Tesla to disable 'self-driving' feature that allowed vehicles to roll past stop signs at junctions

Donn Bly

Re: Not a "bug"

This kind of "feature" is when you use machine learning to analyze the actions of human drivers and emulate them. If they want to make the car behave more like a human driver, then it is going to mimic the bad behaviors as well as the good.

I am waiting for the "feature" when the car starts telling off any police officer that pulls it over that "I pay your salary with my taxes"

In a first, FTC extracts millions of dollars from online store accused of blocking bad reviews on its website

Donn Bly

Re: Settle

People and companies do it (settle without admitting liability) all of the time because it often costs more to prove that you are in the right than it is to defend yourself against the accusation.

Have you ever had a traffic ticket and entered into a ticket deferment program, even though you felt that you weren't guilty? I know that I have, because if you use the ticket deferment program you don't end up with points against your license AND you don't have to take days off of work, hire a lawyer, etc. It is cheaper to pay the ticket than it is to defend yourself against it.

On the civil side, you see it all of the time in copyright and trademark infringement cases. In employment law or consumer liability, it is often cheaper just to pay them to go away than it is to pay lawyers to fight it - because you have to pay your own legal fees even if you win.

I have been on the receiving side of this kind of thing too, where their lawyer walks in and asks "what will it take to make this go away, he has $50K in E & O insurance." I told my lawyer to take the money and walk away, because I was made whole even if they didn't admit that they did wrong.

4 Million sounds like a lot of money, but a lot of it depends on how much insurance they have.

Electrocution? All part of the service, sir!

Donn Bly

Re: "The power lead approached the PC..."

From my research for a client, there is at least ONE country that has BOTH 120 and 240 and uses different plugs to differentiate.

It surprises me that it isn't more common, as having both 120 and 240 in the same room is quite common in about every residential kitchen and most laundry rooms in the USA and Canada. However, while we have both voltages the plugs for each are significantly different in design and not likely to be confused -- other than the NEMA 6-15 but that plug/outlet style is not common at all outside of industrial applications and I have NEVER seen one in a residence or office setting.

Ohio Attorney General asks courts to declare Google a public utility

Donn Bly

Re: Google does have problems....

I have NEVER seen google open anything in a new window from a search result. The behavior you describe sound more like you have adware or malware on your computer that is intercepting your search queries. I highly suggest running a scan with a reputable scanner, disabling unused plugins, etc.

Supreme Court narrows Computer Fraud and Abuse Act: Misusing access not quite the same as breaking in

Donn Bly

While it is great that the court narrowed the law, and it is great that members of Congress are talking about it and praising it -- both we and congress need to remember that it is the responsibility of CONGRESS to fix this, not the courts, and that it was CONGRESS that created the problem.

Help wanted, work from anywhere ... except if you're located in Colorado

Donn Bly

Re: I want to know the salary rang

You have made the faulty assumption that you are paid, or should be paid, according to your worth to the company.

Lets turn this around and you are doing the hiring, looking for someone to do work for you (paint your house, fix your driveway, whatever). You put together the requirements and you have a general idea what you are willing to pay, but you don't necessarily tell the prospective bidders what that amount would be.

You may interview multiple people or companies, and receive several bids. In the end, you accept the lowest bid that covers all of your requirements, or you adjust your requirements in order to get something that falls within your budget.

Nobody thinks that doing this is "unfair", they see it as getting the best value for the money and not overpaying -- yet somehow when those roles are reversed they complain.

The reality is that the job is only worth what the lowest bidder is willing to take. It is the same process whether you are the job applicant, the company hiring for a new position, or the company selling its services to another.

Cisco intros desktop switches, one with USB-C to power your laptop

Donn Bly

New product? Hardly.

Years (decades) ago 3Com had small POE-powered switches that you could duct mount. Nobody bought them because it was cheaper and better just to run more cable.

Feature-wise, how are these products any better than the small switches that I currently use that have SFP ports as well as RJ45? Now, if it had SFP+ ports then I could see it, for those use cases I currently use some Ubiquiti switches like the Pro 24 and would love to have smaller, quieter options.

Compsci guru wants 'right to be forgotten' for old email, urges Google and friends to expire, reveal crypto-keys

Donn Bly



If Google were to publish its DKIM keys after a certain period of time, then messages signed with those decommissioned keys could no longer be convincingly tied to a given author.


If the keys were published, then I could forge a DKIM-signed message. Somehow, I don't think that criminals having the new ability to perfectly forge messages that they didn't have before is going to seriously DECREASE crime.

What Green wants to do is reduce or eliminate accountability. We need to increase accountability in communications, and society in general, not reduce it.

HP: That print-free-for-life deal we promised you? Well, now it's pay-per-month to continue using your printer ink

Donn Bly

Re: Lawyers not allowed in small claims court

In the vast majority of jurisdictions in the United States lawyers are allowed in small claims court, but the winning party cannot claim legal fees so it often is not cost-effective to do so.

You have a constitutional right to legal representation in a criminal case, but not a civil case - but that does not mean that you can be denied access to legal resources if you are willing to pay for it on your own.

From what I can tell, only California, Michigan, and Nebraska can require you to appear on your own, everywhere else your lawyer can handle it. I can tell you that here in Indiana every time I have had to sue a company in small claims court they showed up with their own attorney.

Right to repair? At least you still have the right to despair: Camera modules cannot be swapped on the iPhone 12

Donn Bly

Re: That's what you get

However, the lens and the image sensor are a single module on the iPhone and just about every other smartphone, and have previously been user-replaceable. I've replaced them in the past because of scratches on the lens, etc. With this model, the camera continues to be PHYSICALLY replaceable, but they have locked it up electronically.

The fact that they are making such things non-replaceable is just to enforce their monopoly over service parts and repair, to make it so that you have to buy a new phone instead of repairing an existing one.

It is no different than buying a car and then being told you can never replace the headlamps or windshield, and if one breaks you have to recycle the car and buy a new one, or take it to a factory-authorized repair center and then they can decide whether they want to bother repairing it or not.

The engineer lurking behind the curtain: Musical monitors on a meagre IT budget

Donn Bly

Re: All Hail.....

Because some applications were timing dependent on the 4.77 Mhz and literally ran too fast to function properly on the faster machines, especially a lot of early games.

IT Marie Kondo asks: Does this noisy PC spark joy? Alas, no. So under the desk it goes

Donn Bly

Re: Location location location

In case anyone forgets https://www.youtube.com/watch?v=5IlI2Myf1J8

Selling hardware on a pay-per-use or subscription model is a 'lie' created by marketing bods

Donn Bly

CapEx vs OpEx

I personally prefer to reduce operational expenses through strategic capital expenditures, however, there are often very good reasons for the reverse - at least in the eyes of the beancounters (and shareholders) - and it comes down to taxes.

If I buy a machine as a capital expense I have to pay property taxes on it every year until it is amortized off of the books, and often it is on the books longer than it has a useful life.

If I expense the equipment as a service, not only do I avoid property taxes on it but I can use pre-tax money to pay the bill. Couple that with not having to pay taxes on it after its useful life and the total cost of ownership may actually be lower.

The loser is the local government in the form of property tax income (since the company "servicing" me pays the property tax in their jurisdiction and not mine) but the government is the one who makes the rules, the rest of us just have to play by them.

There ain't no problem that can't be solved with the help of American horsepower – even yanking on a coax cable

Donn Bly

Re: Never work with children or animals?

I used to use a practice rubber baseball that had a hole drilled through it with an eyebolt to which I would tie a pull string. It was the PERFECT size and weight to throw somewhat accurately.

She was praised by the CEO and promoted. After her brother and mom died, she returned from compassionate leave. IBM laid her off

Donn Bly

Capitalism hasn't existed that much longer than 200 years

Someone REALLY doesn't know their history very well.


Although the continuous development of capitalism as a system dates only from the 16th century, antecedents of capitalist institutions existed in the ancient world, and flourishing pockets of capitalism were present during the later European Middle Ages.


source: https://www.britannica.com/topic/capitalism

Techie studied ancient ways of iSeries machine, saved day when user unleashed eldritch powers, got £50 gift voucher

Donn Bly

Re: However, he also got a reputation...

Only after the entitled parents leave

Donn Bly

Re: What do you get given .....

In my experience they take away your shovel, give it to someone else, and expect you to use your hands.

Oh what a feeling: New Toyotas will upload data to AWS to help create custom insurance premiums based on driver behaviour

Donn Bly

Re: It communicates the vehicle's exact location to emergency services

In order to know exact location in order to be able to transmit immediately when there is an accident, it must be active BEFORE the accident. Not every location has unobstructed views of positioning satellites, and even there were who is to say that the antennas wouldn't be damaged in a collision?

No, in order for the system to work it has to be active all of the time, updating location inside of a physically hardened "black box" type of container, so that it can be immediately retrieved and transmitted on demand.

Ever wonder how a pentest turns into felony charges? Coalfire duo explain Iowa courthouse arrest debacle

Donn Bly

Re: Authority to hire services

The powers granted to the counties were (and remain) whatever the state says, and the states can change that at any time

Actually, you will find that once authority is delegated it is not so easily withdrawn, and states CANNOT just change it at any time. The same principle exists between the states and the Federal government.

In the United States the power trickles from the bottom up, not from the top down, and the power of county officials over certain things, such as county buildings and infrastructure, is almost absolute. The State's control in those areas is pretty limited, and then usually by controlling how much in the way of tax dollars flows back into the county. It would usually require a subpoena for the state to reassert control.

Wrap it before you tap it? No, say Linux developers: 'GPL condom' for Nvidia driver is laughed out of the kernel

Donn Bly

Re: NVidia has the money and manpower

Anyone selling to the Linux market is making use of the labors of the kernel devs, the distribution maintainers, and everyone who is going to the effort of maintaining a Linux box. There is a price to be paid for the use of these efforts. Pay it, or stay away.

No, the END-USER is making use of those labors, not the person selling into that market.

To compare this to another common industry -- If I develop a new accessory for an automobile I'm not "making use of the labors" of the engineers and companies that made those automobiles as much as I am making something that compliments them. There is no reason why I should be forced to pay a licensing fee to Ford or Chrysler just so that the end-user can plug something into the cigarette lighter.

You call Verizon. A Google bot answers. You demand a human. The human is told what to say by the bot

Donn Bly

Robotic Overlords?

Is this one of the first documented and verifiable accounts of our robotic overlords in action? If we don't bow them, they just put us through to a human slave that does their bidding, taking their instructions in real-time?

You've accused Apple of patent infringement. You want to probe the iOS source in a closed-room environment. What to do in a pandemic?

Donn Bly

Why not use a screen and wireless keyboard?

1) It is trivial for me to install an HDMI recorder between a PC and a monitor

2) I can monitor wireless communications, including keystrokes, outside of the viewing area

ServiceNow slammed for 'tone deaf' letter telling customers contracts can't be tweaked as COVID-19 batters businesses

Donn Bly

A contract is a contract, not a suggestion

The problem we have here is that a contract is just that, a CONTRACT. A legally binding agreement, jointly entered, voluntarily, for the benefit of both parties. You don't just get to go in and change the terms whenever you like, no matter what the outside situation. You wouldn't like it if a service on which you depended said "Nope, I know we agreed to that price but we can't make enough profit at that price so we aren't going to honor the agreement". It goes both ways.

Most contracts have a "Force Majure" clause, and Covid should be enough to trigger it. If you signed the agreement without one, well, the onus is on you. (And, from the sounds of it, anybody who signed with them apparently deserves what they got. You signed a contract for crap service, you got the crap service for which you signed)

It is right to take up contract modifications on a case-by-case basis, it is not right to unilaterally change the contracts across the board unless every contract is canceled using an existing provision and then a new one signed with different conditions. Hopefully, all of this makes people more cognizant of the contracts that they sign and hold their future vendors to a higher standard.

No Wiggle room: Two weeks after angry bike shop customers report mystery orders on their accounts, firm confirms payment cards delinked

Donn Bly

Password Reuse? How about defense-in-depth?

All indications are that this was a "password re-use attack". It would be very interesting to see if a post-mortem can tie a high percentage of these accounts to one or more of the recent password dumps -- or even an old one such as Linked In.

However, we need to start demanding more defense-in-depth when it comes to e-commerce sites. Banning the storage of credit card details would be the most secure, but would not be consumer-friendly (think monthly subscriptions or sites where orders are placed frequently) so we need to find a middle ground.

I would start by requiring informed consent from the cardholder before allowing card information to retained for future purchases - something like a totally separate opt-in page and not just an opt-in or out-out checkbox on a shopping cart. This should be followed up with requiring multi-factor authentication before using any retained credit card information and/or requiring that any orders placed with a stored credit card are only shipped to the billing address.

The technology is already there, and multi-factor doesn't mean you have to use an authenticator app -- it could be something as simple as sending an email to a pre-registered email address with instructions and a pin # to release the order.

This doesn't even require legislation - all the payment processing companies have to do is put it in their contracts and ENFORCE it, holding the store owners financially responsible for any suspected fraud that occurs without following the contracted requirements. That way at least consumers have protection, and the protections would be consistent across government jurisdictions.

It is unclear why something designed to pump fuel into a car needs an ad-spewing computer strapped to it, but here we are

Donn Bly

The typical high school or college kid won't voluntarily read a chapter book, but will stay glued to any digital screen within viewing range. As such, the screens are more effective than paper and cardboard.

Add in that the signage can be updated remotely so that you don't pay someone to drive around and deliver and set up signage, and that the ad agency can sell more, different ads into the same space, and the cost-return probably isn't too hard to justify.

Does a .com suffix make a trademark? The US Supreme Court will decide as Booking marks its legal spot

Donn Bly

Trademarking an address

I would take issue with the PTO explanation on a trademarking an address in "that a street address really only conveys a physical address and nothing bigger". "1 Park Lane" may be part of an identification of a physical location, but every city could have a "1 Park Lane" and only one of them should be able to get a trademark. Domain names aren't like that.

While I can understand Booking.com wanting a trademark so that they could go after people who are using their name in trade and implying endorsement without their permission - what happens when someone trademarks a domain but then lets the domain expire. Should the next person who registers it be unable to use it because the previous owner trademarked it, even though the mark holder no longer owns it?

I'm doing this to stop humans ripping off brilliant ideas by computers and aliens, says guy unsuccessfully filing patents 'invented' by his AI

Donn Bly

Re: Plus ca change

"it's an interesting topic to discuss over a pint or six"

Sure, you buying?

A paper clip, a spool of phone wire and a recalcitrant RS-232 line: Going MacGyver in the wonderful world of hotel IT

Donn Bly

Re: Proper lash up

Nothing is more permanent than a temporary solution THAT WORKS

Google tests hiding Chrome extension icons by default, developers definitely not amused by the change

Donn Bly

Re: When will they learn?

Where are the greener pastures you ask? Well, Edge has now overtaken Firefox in market share, and runs the same rendering engine as Chrome. Right now that field is looking pretty attractive.

Instagram, YouTube 'iron man' marketer first to be nabbed by Feds cracking down on fake coronavirus web cures

Donn Bly

He should be given the opportunity to demonstrate it

He should be given the opportunity to demonstrate the immunity effects of his "cure". I propose washing him down in the spittle of the critically ill patients, then placed in public observation in a glass box where he and his vital signs are live-streamed to the world. Immagine the deterrent effects, especially if there are empty glass holding cells right next to him visible on the stream.

Surge in home working highlights Microsoft licensing issue: If you are not on subscription, working remotely is a premium feature

Donn Bly

Re: For a minute...

I just thought that someone forgot to switch over to their sock puppet account....

Yelp finally gets its chance to tell US Congress how Google screws its listings service every minute of every day

Donn Bly

Re: Yelp

Yelp is trying to compete with Google, not in level service but in the level of evil. People should watch the documentary "Billion Dollar Bully" for a better understanding.

I have personally documented them engage in deceptive practices in order to get my business to put in a credit card. I have watched positive reviews disappear from friend's businesses when they refused to pay for ads, and I have watched negative reviews disappear when they did.

Louis Rossman has also done a series of youtube videos documenting his experiences. Very enlightening if you are considering doing business with them.

It says a lot if Google is the LESSER of two evils.

Never thought we'd write this headline: Under Siege Steven Seagal is not Above The Law, must fork out $314,000 after boosting crypto-coin biz

Donn Bly

Celebrity Endorsements

While I don't have a problem with the fine (do the crime - do the time) my problem is with the premise that disclosure in a case like this would have made any difference.

Any individual who invests in something like this who DOESN'T assume that a celebrity endorsing it is receiving compensation is already too stupid for the lack of disclosure to have an impact on their decision process. It doesn't matter whether the amount of compensation is $100 or $1 Million.

Steve Jobs, executives shot down top Apple engineers' plea to design their own server CPU – latest twist in legal battle over chip upstart Nuvia

Donn Bly

Re: CPUs? Apple stopped making servers even though there was a demand

There probably isn't a huge benefit to using their own CPUs for their cloud - sure they would be cheaper but now that AMD is competitive Intel is being forced to drop their server CPU pricing so the delta is smaller than it was a couple years ago.

Given current server CPU chip shortages, I wouldn't be so sure about that. Once burned, Apple likes to own their supply chain.

You'll never select all and mark as read again after this tale of peril... Oh, who are we kidding? Of course you will

Donn Bly

Re: and it was said to rip the keys from your trousers.

The keys generally aren't, but the key RINGS often are.

Windows 7 will not go gentle into that good night: Ageing OS refuses to shut down

Donn Bly

Re: This sort of issue is not thought about

The point is that they can't upgrade the distribution because the newer distributions don't support their software. They are just as locked in as anybody else who is using old, unsupported software for business-critical applications, and as such are in the same boat as anybody else using proprietary software. Linux doesn't fix that.

Until they "discover" the budget to fix the problem, the systems will remain in production and they will rely on the archival backups to get them back up and running should the entire house of cards fall down around them. At least in this case the backups and recovery procedures have been tested, most companies in this situation can't even say that.

Donn Bly

Re: This sort of issue is not thought about

They can still run it for as long as they want, just that it becomes more dangerous to do so. Much like the Internet-facing Ubuntu 12 servers running Tomcat that one of my former clients still hasn't found the budget to replace.

Xerox ups bid in hostile takeover of HP Ink to more than $36.5bn

Donn Bly

Re: "best-in-class human capital"

I am sure that there are still some "best of class" staff at HP, especially those who have honed their BOFH skills over the years of those who have documented where the bodies are buried.

Who needs the A-Team or MacGyver when there's a techie with an SCSI cable?

Donn Bly


Secondly, you could attach all manner of devices to it. Indeed almost all peripherals (except printers) were available with SCSI ports that could be plugged into the computer.

Actually, printers were available too, especially lasers. On the low end you had the LaserWriter SC but on the high end there were a number of large lasers printers.

You know the President is able to shut down all US comms, yeah? An FCC commish wants to stop him from doing that

Donn Bly

Re: "the Register can do much better than this"

FYI, it's "He" -- or at least he refers to himself as such and that's good enough for me. Keiren has great credentials and has written and done a lot, but this article was definitely NOT one of his best. He can do better (and often does).

Donn Bly

Re: "the Register can do much better than this"

It isn't a matter of whether or not I agree with the conclusions of the editorial writer, it is the blatant disregard of facts, inventing of your own "alternative" facts, and reporting it as truth with which I disagree - and now you defending of the falsehoods. This is published "Data Centre", not "Boot Notes".

The Register can do better. The fact that you don't seem to think so makes me wonder whether you are fit for the position or have had a bit too much to drink before posting.

Donn Bly

Trump Derangement Syndrome

If the polls swing against Donald Trump, if he feels his presidency is under threat, does anyone seriously imagine that he wouldn’t do anything and everything within his power to retain his position?

The only people who think that a US President is going to shut down the Internet for the entire country just because he doesn't like the polls, and that use a statement made as an answer from a question about a hypothetical situation where the US is at war, are both illiterate and deranged.

The US routinely shuts down communications in when it feels it has the need, and the practice long pre-dates this president. For example, after the world trade center was attacked the government shut down the cell towers in that area.

The Register and Kieren McCarthy are right to report about FCC Commissioner Jessica Rosenworcel's keynote speech and the issues it raises, but much of this article EDITORIAL reads as though it was written by a left-wing propagandist and makes affirmative statements which have no basis in fact.

I get the Kieren doesn't like Trump. I don't like Trump either, but the Register can do much better than this.

Google Chrome to block file downloads – from .exe to .txt – over HTTP by default this year. And we're OK with this

Donn Bly

Legacy Documents

I wonder if the blocking will affect redirects? It would be trivial for me to throw together a proxy that ran under HTTP that would do a 301 redirect to the HTTP target. I could then use that as a shim if I have to link to any legacy files or documents.

In fact, I could do it in less time than it takes The Register to release comments since I seem to have PO'd a couple of people there and my comments are now manually moderated.

BOFH: Darn Windows 7. It's totally why we need a £1k graphics card for a business computer

Donn Bly

Re: Keyboards

I'm not quite sure how many years my once-beige and silver Intellimouse has on it, as both it and the Microsoft media keyboard I'm typing on are definitely older than the 13 years I've lived in this apartment.

My office setup has the identical keyboard (just as old) but a slightly newer mouse with a blue laser instead of a red one. Sure, the paint has rubbed off here and there and you have to be a touch typist in order to use the keyboard, but while I've looked I've never found a better keyboard.

I latched on to a new-old-stock keyboard still in the box a couple of years ago just so that I will have another should one of these somehow die.

What are those Windows 10 PCs running? Several flavours from 2019, by the looks of things

Donn Bly

Old Windows 10

My Surface Pro is running an old, now-unsupported version of Windows 10 because the upgrade says that my VMWare Workstation software (which runs and functions under 10 just fine) is incompatible with 10 and wants me to uninstall it. However, I use that software as a remote KVM over VPN to manage servers in an emergency, and I'm not quite ready to uninstall it, do the upgrade, and hope that the reinstall works.

Microsoft: 14 January patch was the last for Windows 7. Also Microsoft: Actually...

Donn Bly

Re: it's all curable, and worth it

It is very clear that he was speaking of the GWX ads that Microsoft placed on every windows 7 machine that used Windows Update, not your Windows 10. If you never got them then you never applied Microsoft's so-called security fixes (or you never ran Windows 7)

However, I would question your claim of no advertisements on your Windows 10 machines. By default, Windows 10 displays advertisements when you click the start menu. Perhaps the ads are regionalized, but even on this machine right now it is displaying ads for the games "Candy Crush Friends", "Township", and "Royal Revolt". At least with 1909 they are significantly smaller and less intrusive than with previous versions.

Because Monday mornings just aren't annoying enough: Google Drive takes a dive and knocks out G Suite

Donn Bly

Re: Hands up...

I may trust Google Drive with a copy of my non-critical data out of convenience, but my private NextCloud VM is my preferred cloudy storage.