Posts by Pascal Monett 18239 publicly visible posts • joined 10 Apr 2007
Now that seems to be a name worthy of being put on my personal whitelist of people to pay attention to.
Encryption is a complicated affair and my own pathetic dabbling in that area has taught me that you need a solid mathematical mind to go about it properly - which I sorely lack. That's one good point for him, but an even better one is that he seems to have principles and is not afraid of standing up for them.
And for us at the same time.
Thanks for that, Moxie.
"Agile development makes the idea of rapid failure much more acceptable because you’re looking at continuous improvement as a way to fail fast and fix it"
I can't help but think that this sentence contradicts the one later on that says that devs should say what they need from day one.
That said, I have worked on a few large projects myself, and no amount of planning can cover all the bumps you encounter during development. So, in a way, I concur with both statements in as much as you plan all you can beforhand, then you fix whatever potholes you encounter during development.
Still, all the articles I read about DevOps, this one included, make a lot more noise about developing, fixing, developing and fixing fast, rather than writing proper specs and having an execution plan that doesn't involve regular week-end marathon sessions.
If all you need was a phone number, then there is no other information to tie a number to an account.
So duh, give any phone number and you're in. Yup, sounds obvious.
Ah, hindsight.
The point is, when cooking up a security mechanism, always check that simply replacing one element does not entail logging into another account. All elements must be present to log into the specific account they point to - if one is absent or wrong, you shouldn't be able to log into anything at all.
Finding out, bit by bit, another new failure point that does not act as we thought it would due to error conditions that were visibly not expected.
And it's pretty hard to expect that an automated process shutdown should not shut down the process - unless you use Windows and experience a process not shutting down even manually until you go to the Task Manager to kill it off. Once I had to power down the computer at the PSU in order to get rid of a pesky thingamabob that just wouldn't go away.
In other words, these things do happen, and the consequence here was a lot more important than could have been foreseen.
Makes me wonder if we ever will get a truly reliable cloud.
Um, I don't get it. How can they get a proper escape velocity measure if they've gotten the mass wrong in the first place ? Seems to me that those two things are related in a specific way. It's like throwing a ball four feet and then saying it was a bowling ball.
Doesn't make sense.
With logic like that, I would definitely not give that man my money until cold, hard product is available.
Promises are nice, but when you start making too many, you undermine your credibility. And he has hit rock and is still digging.
That is not an excuse for hooking up work PCs and servers to the Internet without proper protection in the first place.
Nor is it a cop-out for not training personnel properly.
Finally, it is a wake-up call : organizations have no reason to allow the use of USB ports or CD players. In more and more companies where I consult, I find that the USB ports have been disabled and the desktops/towers do not even have a CD tray any more.
Couple that with the threat of firing the person who clicks on a bloody link/attachment without thinking, and we have the start of proper on-site protection.
On the contrary, Apple is just about to announce the HomePod Base, a $150 wireless charger that the HomePod fits perfectly into. Entirely innocuous to all types of surfaces (*), the HomePod Base is the must-have purchase for this Spring.
Don't miss your chance, order now !
*) Doctors recommend not posing the HomePod Base on children of any age.
That is exactly the problem. Those in charge are never held responsible for the goofs. I don't care who you are or how well you've been working for the past 30 years, if your department or company negatively impacts the lives of millions, you're talking the fall and it should not be to land on a cushion full of money.
Except, of course, that in a country where the laws are written by corporations, that has a snowball's chance of happening.
If I recall correctly, there's an issue in the USA between the police and black people. This is certainly not going to help.
It is a curious result, though. One would think that the color of the people who wrote the facial recog code doesn't matter, a process was thought of, agreed upon and implemented and there isn't any reason why code examining a face should have a harder time detecting skin tone variations in dark pixels than in light pixels. I think that this might be a sign that the cameras taking the pics are having a bit of trouble properly capturing dark tones. If the data in is insufficient, the data out will be flawed.
Maybe the coding teams can find a way around that, but it looks like it's going to be difficult.
Um, looking at my Windows 7 install, that effing Autoplay is still there - even with all the options turned off.
So no, stuff like this is not thoroughly tested just because MSFT.
Generally, though, I have to agree that because Windows is still everywhere for the moment, whatever goes wrong on it is generally found pretty quickly. As for problems being corrected, that will depend on whether or not Microsoft decides to declare that it is a feature.
Absolutely agreed. Software is like the medical profession : beyond the common cold, you need a specialist to get a reliable diagnostic.
Creating an OS is not making a fart app for a mobile phone. Even making games has become a very complex undertaking, what with the predictive network code, world mapping and multiplayer handling, not to mention graphics and object interaction (with or without physics involved). There is no way a single human being can assimilate the particularities of each domain in what is commonly called a triple-A title.
You want code that a single person can understand ? Go for the 2D platformers in Early Access on Steam. That is likely to not be too complicated to understand because a lot of them are written by a small group of people. But if you get the code to Call of Duty, I'll wager you'll never get through it all.
So don't knock Open Source on such arguments. That simply doesn't hold up to reality.
You had to drag Ukraine into this discussion, didn't you ? I see, Russia is pure as driven snow, it is the rest of them that are evil.
Of course.
Go tell that to Anna Politkovskaya. Or would you prefer some of her friends instead ?
Closed source code has a legitimate place in the market. As a developer, if I manage to code an application that has a market to sell to, I do not see any interest for me in posting the code on GitHub or anywhere else because that would remove any incentive to pay me for the application.
If, however, I want to create an application with the firm intention of giving away the code to ensure maximum adoption, I have the freedom of doing so.
On the other hand, I firmly believe that closed source is not the way to go in future for creating operating systems. Our computing platforms must be managed by things we can trust, and the only way to trust them is to have them based on open-source platforms.
Open-source platforms that will run the applications we need or want, whatever source the code is.
As for giving the owner root, on a PC I totally agree because I've been using one since the first IBM PC 8086. On a consumer item though, I can totally understand that no manufacturer wants to do that because customer complaints are already hard enough without allowing the clueless lusers the ability to royally fuck their hardware up and them come back complaining - which we all know they will do.
I think you have a rather nebulous grasp of what the Communist block is, and of how elections are held in those kinds of countries.
You might want to research that, for educational purposes, of course.
For example, are you going to maintain that Putin got elected for the people ? Did you actually follow his political career ?
I think not.
And you're not going to want to be in their shoes for quite a while, I reckon.
I don't think Russian prisons and methods have been upgraded much since the Soviet era, and these guys were fooling around in a top-secret, military-style location. The consequences will most certainly not be pleasant.
No. What we are seeing is the beginning of what correlating and evaluating massive amounts of data can achieve with a bespoke program.
We are nowhere near AI and talking about improvements in translation, although impressive indeed, has nothing to do with AI and everything to do with better coding (meaning code that does the job better).
Besides, translation still needs a ways to go before you feed a text to Google Translate in English and get a proper German/French/Spanish/your choice version that does not need to be almost completely rewritten by a competent linguist to be up to par with the original version.
Yeah, it has learned it has to get better at hiding its activities.
I'm sorry but I do not, for one second, believe that an Uber exec can be "contrite". Just looking at the picture I am convinced that he just went through the motions, mouthed the words and scurried back to HQ to harass a secretary in order to wind down.
The fact that the guy looks like a creep is hardly surprising, he's CTO at Uber, the creepiest Internet scam outfit there is.
The only lawful overseas use of data possible is respecting the laws that are in effect overseas. Yes, it is a nightmare for police in New York. It's supposed to be.
The fact that this bill handily disregards not only the above but also the framework that is already in place to grant access to personal data via diplomatic channels is simply the US being its usual bullying self. The fact that the title of the bill is actually the complete opposite of what the bill actually proposes is just normal US politics., par for the course.
Extraordinary Rendition got a bad rap and was put to pasture. Now we have Ordinary Data Rendition, and nobody gives a flying one.
I need a whiskey.
Oh really ? Nice to know. So all those Nigerian Prince mails are going to stop as well ?
I'm glad the law put an end to some criminal activity, but don't get carried away. You only got the guys because they got big enough to warrant however much money was spent on catching them. In multiple countries at that.
If that is what it takes to catch an Internet crook, I think the Internet is plenty safe for the small-time criminals who only bother a few thousand people with cryptomalware. And since that is being shelved in favor of virtual currency mining, there will be even less incentive to go after scum like that. After all, it'll be difficult to indict them for an hour of illicit CPU use. On the other hand, that's all they took, so . . .
Are they going to use lasers to keep things in line with that as well ?
Humanity is truly a thing of wonder. On the one hand, we have people capable of thinking of, designing and creating wondrous things like LISA, and on the other hand we have . . . let's not go there.
Thumbs up for boffins, once again !
. . that was either not (sufficiently) tested, or not specced properly, or badly configured, or all of the above, but one thing is for sure : somebody did not do their job correctly.
I have the feeling that that botched job may have been right from the beginning, in not telling Aviva that what they thought they wanted would not work and needed beefing up.
In any case, this appears to be yet another project that was handled by high-level marketing people (ie shysters) who sold a dream to a bunch of clueless suits who were obviously eager to drink the kool-aid, before foisting the baby and the bathwater onto the techs and hightailing out of there with their bonuses.
And now everybody suffers except the marketing yoiks.
Here's an idea : marketing gets its bonuses when the customer is happy with the product. That might focus a few minds.
So one guy in a startup nobody's heard of got caught cheating. And ?
It's going to take a lot more than catching one little pig to stop the likes of the board at Uber or other startups who claim great things and deliver nothing.
Spring Cleaning is long overdue in Sillycon Valley. I'm not taking this as a sign that winter is over.
But only if you forget the one big difference : people give their personal details to social media sites, the government takes that information without consent (unless you think they ask you to please stay for your mugshot) and does not give it up even when confronted with express demands in that sense.
For all their faults, social media are becoming experts in generating sympathy, something the government is totally clueless about.
I wonder what law there is on copper data bandwidth increase ? In any case, kudos to the boffins on this one, I imagine there will be rejoicing in many telecoms data centers.
In response to the initial poster : currently people on cable in my area have, at best, 12Mbps for the household. Every phone in the house is capable of WiFi speeds exceeding that, which means that everyone in fighting for a piece of that bandwidth. Let us say that WiFi is capped at 30Mbps (don't know if that is case, just speculating). If you have 3 phones, that's a potential 90Mbps. And if you're streaming YouTube, you're likely to use a fair part of that. Add a torrent client on that and your Internet will be slow as molasses and everyone will be complaining.
Get a 100Mbps connection and all of your phones have their 30Mbps available - no more fighting for bandwidth. That is why there is no problem having a connection that is greatly more capable than the things that are attached to it.
Because let's be serious, even if overnight, by magic, all copper cables were replaced with fiber optics and everything was magically able to continue operating, ISPs will not be handing out gigabit connections to households. It'll be a looong time before Joe Schmoe can sign up for anything better than 100Mbps.
It's like Star Trek : why use ball bearings when magnetic confinement is soo more high-tech ?
If I ever was stupid enough to splash dough on one of these pseudo-locks, there is one scenario in which I could find a use for it - but that would require more dough. Indeed, I would not replace my trusty mechanical security lock with that piece of tat for protecting my house and belongings, no. I would build a small shack good enough for housing a few Amazon boxes and put the tat lock on that. Delivery guy can put the box(es) in there, and if shitty lock does get hacked, well the only thing to take is the boxes.
Meanwhile, my house remains properly protected by an actual, honest-to-goodness, proven security lock. One that even works if there is no power for a week. Can you imagine ? A week !
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
