Posts by Pascal Monett 19067 publicly visible posts • joined 10 Apr 2007
Yeah. Shame that apparently none of those layers include not publishing passwords in unsecured repositories (cloud or not).
I don't give a damn about your security model. What just happened is a clear breach of security and if I were a customer I would be raising holy hell right now.
to get your location details. Apparently it's for restaurant suggestions. Yeah, sure, 90% of Skype interaction is obviously just people wondering where to go to eat.
Here's a suggestion, Cortana : it's the 3rd Millennium - how's about you make location data an option and let people add it when they feel like getting restaurant suggestions ? It's not like that kind of data is not already available on Google Maps anyway.
I remember when that game came out all the BF2 fans were up in arms about it (aka torches and pitchforks). The amount of discussion was really impressive in the forums.
I didn't like the idea at all, but BF2142 was just too interesting to pass on. Then the interesting thing happened : I cannot for the life of me remember any of the billboards. When you're in that game, you don't have time to check them out, you're looking for targets or trying to avoid being one.
So, all in all, if they do adgaming like in BF2142, I say bring it on, I can easily ignore them.
However, the day they make an ad mandatory viewing for whatever reason is the day I stop playing that game. In-game awards ala TF2* ? Please. I'm past 50, I know what grinding is. If you have skewed your game so that awards are the only way to progress, I'm out anyway.
* that said, the awards in TF2 are cosmetic only, so I quickly ignored all that because the game is fun.
AI is Artificial Intelligence.
Just because journalists insist on continuing to abuse the term does not mean that AI has lost its meaning.
Journalists need to learn to not spaff headlines with "AI" as soon as some new computer tech shows the end of its nose. Of course, "New Tech Might Help Sub-Process Which Could Result In Getting Closer To AI" does not sell as well as "New Tech Set To Bring Us AI Next Year".
And that is the whole problem with AI.
I'd heard that HDD heads are about as close to the disk as a Boeing 747 flying a few inches above the runway. And I second the gliding on turbulence bit.
I wish these guys all the luck, but I'm a wee bit skeptical on their chances of success.
That said, whatever they try can just as well bring benefits down the line, so go for it !
As stated in the article, we already have two lock-in vendors who remain steadfastly incompatible with each other. The difference with Microsoft is that Apple and Android are actually useful and, generally speaking, perform adequately.
If a new ecosystem is to rise, it will have to be open. Not necessarily open-source, but open. That is the strength of Linux, and the reason why it endures. If another closed-source OS maker tried to enter the market today, it would be a doomed effort from the start.
Microsoft, with its many, many billions in the bank, could have been the sugar daddy for this kind of phone, but it couldn't imagine not locking people in and Windows-ing the whole thing. Microsoft has the money, but not the intelligence. On this, Nadella was right to scrap the whole thing.
I beg to differ. Either one allows us to have members of the human species elsewhere than on a single planet, which has the long term interest of keeping our species alive in case Earth gets wiped out by a major asteroid strike.
As for the Lagrange points, they only cover Earth access. When we finally become a space-faring species, that will have zero effect on colonies situated in the Outer Planet area. Assuming we get some people over there, of course.
"The startup I'm waiting to see is the specialist Law Firm dedicated to locating, debunking and financially eviscerating these farcical scams and the credulous VCs who fuel them."
Never going to happen because this is private capital and you have the right to piss off your money any way you feel like it. It's up to the VCs to not get taken in by bogus claims or overbearing personalities.
Given that almost 90% of all desktops these days are still under Redmond's rule, I don't see how you can realistically avoid using Windows all the time.
Now, a spook should know better than to use a Windows machine for work, I'd think, but the real problem here stems from the very probable fact that, spook or no, management will be using Windows and management wants their time sheets, planning, expense reports etc done on time. I haven't heard of a lot of Linux versions of the products that handle that, so you'll be most likely using Windows for all that stuff.
Compound that with the natural human tendency to be lazy - especially in the geek arena - and you have a contractor bringing work from a secure environment to an environment where security is an afterthought because who wants National Security-level hassle on one's private network ? To go on Youtube ? Nah, no need.
Add a zest of overconfidence (I got a super strong password on my wifi router) and willful ignorance (hey, it's me, nobody's interested in what I'm doing anyway) and here we are today, learning that Russia can read stuff on your PC via an anti-virus program.
The basic mistake here is a contractor leaving the NSA building with confidential documents and no oversight. I work regularly at various client sites (banks, insurance companies, ...) as a contractor ; do you have any idea how many places I can slip a USB key in the slot and copy files onto it ? Zero. I have complete access to server files, sometimes I even have admin access to the server itself, but USB ? Forget it.
Why is this even possible at a site that is practically the brain of National Security ?
I don't get it.
Because there's not enough money to develop anything for the benefit of people who won't be paying for the service.
The real question is why does NHS not have the expertise to do this in-house, to which the answer is obvious : not enough budget to retain staff that are competent enough.
The day NHS has the budget to advertise for a Big Data technician with top qualifications that pays more than private industry is the day you are loudly complaining to your MP that healthcare is costing you way too much on your monthly salary.
There's really no way out of this.
Well duh. What an indispensable statement. Really, I was on the verge of thinking that Amazon thought it didn't pay enough tax and was forced by Luxembourg to reduce the amount. Thank you for the clarification, Amazon.
This PR bullshit is really starting to get on my nerves. The fact that the state of Luxembourg says they believe Amazon did not benefit is actually news. The fact that Amazon thinks so is just obvious because they'd say so even if they knew it was not the case.
Given that an atmosphere would likely have slowed down the ejecta by a significant margin, would that mean that, at that time, Mars already had no atmosphere ?
We know that it lost its magnetic field billions of years ago, could that not help determine when ?
Wasn't aware that beer could have that kind of effect.
So I have to amend my position on alcohol in the morning, since it could simply mean that you had "too much" the night before. I'm okay with that, although I will be encouraging you to drink lots of water during the day.
"It assumes [..] that an employee is coming in with alcohol in their system (drunk) 12 times in a working year."
If you have one glass of wine with your noon meal, you do have alcohol in your system. You are not necessarily drunk, though.
What this means is that it is apparently considered that 0% is the only acceptable percentage of alcohol in the blood in a working environment. Seems a tad draconian to me, but I'm French, so . .
On the other hand, any level of alcohol when coming in to work in the morning is obviously unacceptable because it means that the person has been drinking on the way to work, which is a clear sign that they need professional help and cannot function normally.
I'm almost of an opinion that we should do something about creating a backdoored encryption scheme and, of course, make it mandatory to use with all government officials and communications.
That to see just how fast they backpedal when the inevitable cracked account spills horrendous details on their personal lives that they would have preferred kept secret.
Either that or to see how they squirm to avoid having such a scheme applied to them because they full well know that they could get hacked in the first place. Cue endless arguments about how it is "not needed" at high levels and somesuch, which would just demonstrate their hypocrisy to the world.
But it can't happen and that's a good thing. I'll just have to fantasize about them getting ridiculed that way. Or I could just wait for them to ridicule themselves. Won't be long.
Never is.
He's a Tom Clancy fan, then ?
Seriously though, although I am ready to believe that CIA agents are perfectly capable of killing a high-profile, wanted individual of any nationality if there is a need, if he was in such danger from US spymasters he might have wanted to avoid going to a US-extradition-friendly country in the first place ?
When you play the game, you play it all the way. If you are aware that you have information that is so badly wanted by a given country, you plan your life around avoiding getting caught by that country.
The fact that he did not do so signifies that his claims are rather on the bogus side, or at least that he is not the professional spy he thinks he is.
Sorry, looks all blue to me. And I don't know their logo well enough to remember any difference with the previous version.
As for bold, unexpected ways, I would expect piss-yellow next to turd-brown, with some lime green on top. That would certainly be unexpected and quite bold. Maybe not very successful, though.
His argument, apparently, is because of the number of thingys that run it, essentially. Number which is respectable indeed, except that I will never forgive whoever thought it was a good idea to put Java in a Blu-Ray player.
But if he can use his metrics to justify his position, then I can propose another number one programming language as well : COBOL. Because without COBOL, VISA, MasterCard and American Express, not to mention PayPal, all grind to a sudden halt and the world's economy collapses in the hour.
Java, with all its faults, doesn't hold a candle to that.
So, let's countdown the failures :
-VMs were axed
- Backup vaults were not available
- Azure Site Recovery lost failover ability
- Azure Scheduler and Functions dropped jobs
- Azure Monitor and Data Factory experienced pipeline errors
- Azure Stream Analytics went on the fritz
- Azure Stream Analytics had a stroke
Apart from that, the Cloud is marvelous, never fails you and you can always access your data.
Except when it FUBARs and no backup is working any more, but the salespeople will never tell you that.
If the management cannot stick to the plan, all your points are moot.
So basically the success of any complex project is based on whether not management can cope with not interfering all the time. The rest is par for the course, but you can have the most brilliant team in the world and the project can still fail if manglement can't stay away long enough for stuff to get done.
Let me get this straight : a private company responsible for National-Security-level software actually let a foreign power (who is actually irrelevant) view the source code for that software and nobody is in jail for treason ?!?
So the rules only apply for lone sysadmins, then ?
Sheesh.
So, updates and backups are being automated, now it's employee pay.
Hey, Larry, why don't you just automate the CEO ? Then you can go off and play in your jet or your yacht.
Because automating employee pay is in no way ever going to come back and bite your ass. Sure.
Okay, I know I'm the village idiot next to these guys and I'm sure they know what they're talking about, but that sentence really bugs me. It is probably due to the sentence further down that says that adding another particle doubles the size of the model, so they just did an exponential of 2 to the 100th power and yeah, for sure that's big, but is that really how the simulator would work ?
What if it was a quantum simulator and each particle was thus analyzed by a quantum dot that considered all of its possible positions simultaneously ? Isn't that how it should work ?
I don't know. It's way too early for this anyway. I'm quitting this before the headaches start.
You might say that it is science, and science needs to quantify everything. As such, they are basically highlighting the fact that meteorites are, in their scenario, an almost insignificant factor in the accumulation of carbon compounds on Earth. They just don't say so explicitly.
1.12.2 now. I totally agree and understand your point of view.
it is the very reason why I have abandoned adding mods and community upgrades to my Minecraft server. It's useless, mods are never updated as fast as the core game changes. My little group sticks to vanilla Minecraft and things work out fine like that.
Going back to the original subject though, I can hardly believe that programmers these days still don't know that MD5 and SHA-1 are not reliable. I'm a Notes developer and don't use either of those functionalities but even I have heard about SHA-1 and how badly it has held up to modern hacking techniques. With all the news that we are bombarded with describing how major companies and been pwned because they did not update their tech to SHA-3. Who am I kidding ? Most of them need to simply stop storing passwords in plaintext and start hashing and salting them in the first place.
and "automatically backup".
That in itself sounds like a bold claim to make. Backups need to be managed, if only to ensure that someone can find out when the backup crapped itself and failed.
Humans are not just there to make mistakes, they also serve as monitoring equipment and pick-up-the-pieces equipment. Automating everyone away is not going to do much good when you need to restore from yesterday's backup only to find out that the backup has failed for the past week and no one knew anything about it.
You never hear of automated restores, now do you ?
Don't forget that BYOD was a Silicon Valley invention, and in typical Sillycon Valley mentality they only thought of what it could theoretically bring in cost reduction, not what it could actually cause in terms of trouble. The fact that Gartner was totally incapable of properly analyzing the situation and didn't even ask any question about the legality issues alone is just typical of an organization that whores itself out to whoever is paying at that time.
I always hated the notion that, as an employee, I was supposed to provide the hardware I was supposed to work with. I have not seen very many employees embrace the idea either. Where I have seen BYOD implemented was with manager-level types who were initially overjoyed that they could get the latest iThing and bully IT into supporting it. On the other hand, let's not get confused : management will always get their way in the end. BYOD was just a new excuse for it.
I never said it was impossible. I specifically stated that with a major overhaul of battery capacity, it would be doable.
So we agree.
Except for the fact that an A300 is not even going to get to lift-off on batteries at this point in time.
But one day, it might. Say 50 years from now. Like when we have AI.
No, it is not.
Batteries are heavy, and they store way less energy than petrol for the same volume.
Getting a plane off the ground, especially a commercial transport, costs a huge amount of energy. Without discussing any figures, lets just take this page as a reference. It concerns the A300-600. That plane has a range of 7500km and a maximum fuel load of 68150 litres.
The energy contained in 68150 litres of fuel is apparently in the order of 48MJ * 68150 = 3 271 200 MJ.
This page indicates that the best battery (as far as energy density is concerned) is the Lithium-Ion battery with 460000 J/Kg. So 0.46MJ/kg.
That means that we'd need 3271200 * 0.46 = 1 504 752 kg of Li-Io batteries to achieve the same energy availability. That's 1500 tons of battery and you don't have the plane, the passengers or the suitcases.
Oh, just FYI, the max takeoff load of the A300-600 is 171 tons.
P.S. : I'm sure I've made calculation mistakes, but I'm also pretty sure that I'm still right. Batteries are not going to be used to power planes any time soon. At least not until those famous carbon nanotube thingies with 80% solar panel efficiency wings are invented. And they won't fly at night.
It was during a handover on a client site, I was there to recover essential admin information from the previous company handling network administration.
During talks with the soon-to-be-ex admin, we agreed that he would give me the list of passwords for administering the network - you know, as per normal.
He handed me a USB stick. I plugged it in and had it scanned, as per normal. Then I asked him which file I was supposed to copy. Under his instructions, I copied an xlsx file that he stated had the relevant data.
We parted ways not long after that and I went back to the office. While writing up my report, I looked at the file.
Now, just to be clear, this was a file given to me by a senior admin from a major local consultancy firm that has scores of big companies on its customer list, not a beginner. It just so happened that, yes, the file was an xlsx file, and it just so happens that he had a filter on his formatted table.
Guess what happened when I removed the filter ?
Yes, all the passwords for all the clients he was responsible for.
This is the level of intelligence we are dealing with these days. I blame Facebook.
Price is a bit steep for individuals at the moment. Actually, in 2015 I bought some 3TB HDDs for €130, so the price has eked up a bit, but is still reasonable.
Oh well, with these new 10TB beauties coming on the market, it means that I will be able to buy a few 8TBs in a few years when I need them for less than the €370 they are currently going for.
You really don't get it, Ledswinger. It's not about being spoon-fed, it's about checking that the source justifies what the article mentions.
If I google it on my own, I can very well find an article on the subject, but I have no guarantee that it is the same article the author is referencing.
This article is not a forum post made by a clueless Netizen, it is written by a professional and posted in a professional business online publication.
Therefor, as per Internet Protocol since the dawn of professional publication arose, you source your articles with links so as to provide fact-checking to your readers.
As such, I maintain that it is a shame that this was overlooked here, especially since it is not the usual practice in these hallowed pages. Oh well, mistakes can be made.
Here we are at the apex of money and IT, and they still don't put in the money to ensure things are secure.
I'm guessing it's because time is money, so it is better to risk being hacked rather than take longer to get an app that can get your entire portfolio hacked ? Um, somehow that doesn't sound so good at second reading.
No, things will carry on until some golden boys get ruined because of poor security. That will be the call to 1) have a few class-action lawsuits (hey, the lawyers aren't going to miss a golden opportunity like that, now will they ?) and 2) have other golden boys invest serious money in doing it right.
Because there's never enough money to do it right the first time, but always enough to do it over again.
Well that there is a performance, especially when you remember that there have been experts paid $80,000 that couldn't tell between an Android and an iPhone !
Seriously though, I'm no more comfortable having Baidu hoard all my data than Google. I don't the like the idea of any government listening in to my life, not China any more than the NSA.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
