* Posts by h4rm0ny

4560 publicly visible posts • joined 26 Jul 2008

Want a cheap Office-er-riffic tablet? Microsoft Windows takes on Android

h4rm0ny

Re: Hmmm so what could we get....

Sadly I think the marketers realize there is a willingness to jump between the low-end and the high-end. Those who just want cheap will only buy based on that. Those who want better quality have generally been willing to leap up two price categories to get there, hence you don't see a smooth gradient of improvement across price points. It's geared towards different market segments baselines, instead.

h4rm0ny

I would imagine it is unlikely as this is a permanent sale of the OS. They usually do discounted upgrades to a new version for those that bought near enough to the new version coming out so probably you'll be able to get it for not too much. But one of the big things about Windows 10 that people seem to be excited about (don't know why) is that it's supposed to bring more focus back to traditional form-factors and as this is a tablet, Windows 8.1 seems fine on it to me (not that I don't think 8.1 is fine on Desktop, too). The other thing is that I think Windows 10 is going to be available under a rental model too, so I don't see the appeal of that for a cheap tablet, tbh.

Anyway, cheap upgrade probably. Free, unlikely.

h4rm0ny

Re: It's good to have choice

>>"Android is also opensource, Google are the maintainers, but anyone can (and does) contribute."

Google have been turning more and more of the Android ecosystem closed source over time. It is harder and harder to contribute to Android without Google's approval every year. Have a read..

Google are the Microsoft of today. Remember when MS came up with that crappy .dat attachment for emails so that rival email clients would appear broken and when challenged always provided the excuse that they were simply providing a better and more secure system that others should comply with? Oh, and that it wasn't a problem because you could always turn it off (despite the fact that the point was that it caused problems for their competitors, not you). What does that remind you of? Oh yes, Google blocking Outlook (as per this article) because their system is "more secure", but you can always turn it off (as with .dat attachments) so it's fine. Oh, and it breaks Thunderbird, too.

Your naivety and trust in giant corporations is terrible.

h4rm0ny
Linux

Re: Linux?

>>"Does Linux brick things? And if you're a real "Linux hacker" you shouldn't be afraid of bricking things - and installing an OS "

When fiddling around with trying to install an OS on a device designed for something else, yes, there is a risk of bricking something. And that's not because of GNU/Linux. It's a tablet! You wipe the existing contents of the "drive" and fiddle with the boot partition you could well brick it long before you even get to the bit where you choose a new OS to install. That's why you want to do it on something cheap like this and not a Surface Pro 3 or something.

More helpfully, to the OP - it's an x86 device with full Windows (well the cheapo Bing version, anyway) so you should be able to disable Secure Boot (being able to do so is a requirement) and as an x86 device there's a strong chance you'll be able to get GNU/Linux installed and running so I say go for it. Touch screens are now supported in several of the modern OSs. Anything with Gnome 3.6.3 and up has a good chance of working. Much as I prefer KDE for desktop use, Gnome might be a better choice for touch screens unless KDE has improved on this recently. Hope that helps. Remember to post about your attempt so others can learn from it! Good luck!

Drinking to forget? OK. But first, eat a curry... QUICK!

h4rm0ny

Re: Hmmm...

I remember some research being done by the US army on drugs that would help dampen memory formation or emotive context. So if you've just bombed a village in Iraq, the pills help you feel less traumatized afterwards. Not sure whatever happened to that research but I can see something like this being picked up by the military. Especially if they can say it's for the good of soldiers which in the USA is pretty much an Advance Directly to Go ticket.

EE data network goes TITSUP* after mystery firewall problem

h4rm0ny

Re: Oh, dear...

I've so far gone through Orange (now EE), Three and Vodafone. None have been satisfactory. Orange probably had the best coverage in my area but messed up everything else and were pricier. Three's coverage wasn't great and nor was Vodafone's.

What we really need is a reliable set of metrics, publically and independent, so that we can more easily see who is best on service. If the government wanted to do something useful with the networks, gathering and publishing official statistics would be the single best thing they could do. Give people the ability to look and see that Vodafone is worst for coverage in the North West or whatever, and you would immediately see more investment by the companies.

Market competition fails when the customers cannot see which product is better because everything is anecdotal and geographically situational.

Video nasty: Two big bugs in VLC media player's core library

h4rm0ny

>>"And why was it impossible to him to keep quiet until Version 2.2.0-rc2 went live?"

I suspect because then they wouldn't get the "prestige" of having found two dangerous zero-day exploits. Probably saw it in the upcoming developer release, thought their chance of some press was going away, and announced it. Sad.

Scientific consensus that 2014 was record hottest year? No

h4rm0ny

Re: warmists or sceptics

>>"For instance every single national scientific member delegate of the UN from every state - EVERY SINGLE ONE - acknowledges that global warming is happening and the humans are at least partially to blame. That's pretty conclusive to me."

Many of those you term "deniers" believe the same. Generally critics of AGW agree that the climate changes (of course it does!) and agree that humanity is bound to have some effect on that (again - of course it does). But they don't necessarily agree that human activity is the primary driver of climate change. Saying that people acknowledge that warming has happened and that humans are a factor is meaningless. Worse, it's a strawman that ignores what AGW-critics actually say.

h4rm0ny

Re: Well

>>"Science is never 100% sure. Even Newton has been proven to be wrong - however his equations are still good enough to get us to the moon and planets. That is the same kind of certainty that we have with global warming."

There are several people here who are making good and supported arguments for AGW. And then there's you who will cheerfully spout any hyperbolic rubbish because you think it's right to do so. No, AGW does not have the level of certainty that F=ma does. Not even the boldest of climatologists would make such ridiculous claims. Aside from the ad hominems and the dismissal of people who are skeptical as paid by the fossil fuels lobby, this is complete nonsense and you clearly just say whatever pops into your head that you think sounds good.

>>" As I say, even if global warming is wrong (and we all hope it is), the effect of getting more efficient (read cheaper) less polluting (read expensive that polluters don't pay for) energy that is available to many more people, is a good thing."

The thing is, I even agree that we should move away from fossil fuels - I am extremely pro-nuclear and nuclear is cleaner and doesn't result in us supporting nasty Middle Eastern regimes. But your reasoning is absurd. Things like wind turbines (the current darling of the "environmental" lobby (1)) are far more expensive than coal and gas and are demanding large subsidies from us to be viable. Nor are other energy sources inherently available to more people. Your argument that it is best to take costly measures just in case is flawed - as other people have pointed out. We could plough trillions into an asteroid defence system and maybe we should so we don't go the way of the dinosaurs. But then again maybe we shouldn't. There is a spectrum of cost vs. risk. Where does a cataclysmic meteor strike lie on that spectrum? Where do AGW counter-measures lie? Reasoned arguments can be made but all you do is argue that because there is a risk, counter-measures are necessary. That is flawed. Though I suppose if you believe that climate science is as certain as 9.8m/s/s you probably wont see that.

>>So irrespective of whether AGW is correct, it looks like a win-win situation and at worst a lose-win.

I know what you're saying, and have argued similar myself - we should be moving off fossil fuels but there are right ways and wrong ways to do it and panicked hyperbolic reactions such as yours lead to the wrong-way.

(1) I put environmentalist in quotes because there are many of us who consider ourselves environmentalists but are excluded from having a voice because whenever we try to protest or vote for the Green party, Friends of the Earth or similar is ready to use our voice to push an anti-nuclear agenda. Every environmental cause gets co-opted by these groups.

h4rm0ny

Re: warmists or sceptics

>>"I think what you are describing is arguments on the denialists side of straw men, ad hominem attacks, cherry picking, false petitions, etc, etc."

Sadly not. In any online debate on this I find countless accusations of being in the pay of the fossil fuels industry (such as you have done here yourself), endless people trying to show skeptics wrong by showing the climate has changed which misses the point that they're criticising AGW, not saying climate never changes and of course denouncing people as "denialists" which is a name that assumes a priori that someone is wrong. Very occasionally I see a post that accuses pro-AGW people of having a financial interest in pushing it but that is vanishingly rare and I've never seen it used to try and refute a factual argument. IME, I find far more aggression and base tactics directed at skeptics - sorry, I should have said "denialists" than the other way around.

As to "cherry-picking", there is so much data out there and so much variation, that "cherry-picking" is pretty much inevitable by any lay-arguer and is a trap either side falls into. You'd need a full-time career in the field to not cherry-pick data, to be honest. Of course sadly, even some who do have full-time careers in the field have been caught doing this so it seems that it is universal. :(

>>"However, we should not be affected by the bad arguments on one side or the other. Truth is separate from the aggressive arguments of some."

As I remarked, the bad arguments from the AGW-proponents have not made me believe that there is no AGW, they have made me lose my confidence that there is. An important difference.

h4rm0ny

Re: the only way is down

And either way, unless we have accurate models for how much global temperature lags behind the effect of the Sun's varying output we can't simply relate Sun to temperature by year. After all, if I turn a heater on or off, my room doesn't immediately become warm or cold!

h4rm0ny

Re: Wait Whaaa?

>>"So is the debate here that global land (sea temp isn't part of the debate because its a losing argument) temperatures havent really changed in the past ten years, thus climate change doesnt exist or isnt as bad as thought?"

No, you should have read more. It's about if there is a hiatus. If global warming has paused but the alleged causes of global warming are continuing to build, then it suggests those alleged causes may not be as significant as claimed / not the primary driver.

Also, apostrophes are good.

h4rm0ny

Re: warmists or sceptics

>>"Surely you mean scientists vs deniers?"

I expect a few downvotes for this, but it is the truth that I started out as someone who just accepted what I was hearing about AGW and believed it, and have since become a skeptic largely because of the attitude of so many AGW proponents. Over the years I have seen such continuous dismissal of legitimate questions with accusations of bias or deflections or simple strawmen (the attempt to prove that the world is warming as a refutation that humans are the primary cause of it, is eternal), that I have now taken up a neutral position of not being certain, tending towards not believing it in my more emotive moments.

The climate is extremely complex. No-one has ever shown to me that it isn't being affected by human activity, but endless aggression and strawmen and bad science in AGW-proponents posts has nullified most of my belief that it is. Your post pretty much epitomizes this with the use of "deniers" and its unscientific assumption that one must prove something isn't so.

Prez Obama snubs UK PM's tough anti-encryption crusade at White House meet

h4rm0ny

Re: The problem is...

>>"Well look at the track record. Skype has end to end encryption, but they happily share the encryption keys with everyone claiming to have something like a warrant."

They're less keen to share their own internal business data and executive's emails. Talking about a willingness to give up their non-paying customer's communications in a select business sector is hardly supporting a case that "the industry" doesn't care about encryption. We care very much and we don't want weak or backdoor'ed security for our company data. Let's take your other example:

>>"Look at the Clipper Chip, a deliberately broken encryption device which many companies wanted to build into their systems."

Rubbish. Practically no-one wants the government to come along and start telling them how to run their business. The Clipper Chip was formally dead within about three years of announcement which is probably some kind of record for cancelling stupid government IT projects. It was widely criticised by business as flawed both because no-one could really verify if it would keep their data safe, few wanted the US government poking around inside their company without their knowledge and it was unenforceable outside the USA putting American business at a MAJOR disadvantage to their European customers. The industry doesn't care about much except for money. When it comes to a choice between money and dancing to whatever silly tune the government is playing today, even that long-term government buddy Microsoft will go to court to try and fend it off.

Stop trying to re-write history to support your weird Eighties view of "the industry" as being some hostile Other. I've no doubt you could find some companies that publically acceded to the Clipper Chip idea but painting it as something businesses were happy about or didn't resist is not honest at all.

>>"Industry espionage is just an argument to use against governments."

I don't even understand what point you're trying to make here. You seem to be saying - and your following paragraphs backs this up - that you think industrial espionage is some sort of false front / excuse. In which case you have NO idea what you are talking about. None.

>>"In reality even the companies that do use e-mail encryption use it on deeply flawed systems. This isn't a problem as the really important internal information is usually not leaving the building."

Important information is usually not leaving the building??? I have almost nothing to say to this because anyone with any experience simply knows that this is wrong. "The building"? I'm staggered that someone can even think of some single business site for even a medium-sized business, let alone that important information is never taken outside of it.

>>"Companies tend to broadly overestimate the benefit of their work falling into a competitors hand. Few companies have much knowledge that isn't also known by their competitors."

This is beyond stupid. If our salespeople knew how much our competitors were about to bid, if they knew our release schedule or planned new features or corporate strategy, if someone had access to our internal vulnerability reports... You do not know at all what you are talking about and are making things up to support your worldview. Do you have ANY idea how much corporate espionage has taken place between China and the USA over the last decade? Obviously not.

Quite simply: if you don't know what you're talking about, don't pretend to.

h4rm0ny

Re: I can't explain....

But if you got rid of all the politicians and party one-upmanship what would you replace it with? Reason and informed debate? Madness!

h4rm0ny

Re: The problem is...

>>"The industry doesn't need crypto and it won't give us proper crypto in a time when selling the data of your users, or even mining it for yourself is seen as something acceptable"

Not sure what you consider "The industry" to be, but big business absolutely needs strong encryption. It is vital to ours and other companies. Not just banking, etc., but any respectable large corporation. Google et al. may not have a vital need for it when they're giving you free email, but the professional world absolutely needs and wants this.

I could, but can't, give you numerous examples of industrial espionage. And don't think that companies are happy about having to let the government have access, either. I know personally of two large contracts that US firms have lost recently due to not being able to provide assurance to European customers that the US government wont have access to their data. The Microsoft Ireland case is merely the most well-known of the current crop. Government access is also sometimes subverted - either complicity or otherwise meaning that even were a company happy to allow the governments to monitor for purposes of national security, one cannot trust that this will only be used for such purposes. An example of complicit subversion is when Raytheon used information acquired by US intelligence to out-bid a European rival. An example of uncomplicit subversion would be when the tools used for monitoring phone calls were hijacked by foreign parties without the operators' knowledge in the case of the Vodafone network being compromised to listen in on the phone calls of the Greek prime-minister and others for over a year. The hackers simply made use of the existing spying technology and turned it on their targets of choice.

So I honestly have no idea what you're talking about when you say "the industry has no need of encryption" or that "they will not give it to us". It honestly sounds like paranoid ravings of someone who sees "Us" the people vs. "Them" big business and just thinks of Gmail et al. Strong Encryption without government backdoors is very much wanted by "the industry" for anything other than a very small subset of businesses. And even Google want it for their own use, even if not to deploy with your email account.

That's why what Cameron wants is nonsense. (Well, that and human rights, I guess).

DAMN YOU! Microsoft blasts Google over zero-day blabgasm

h4rm0ny

Re: What's Google afraid of?

>>"I ran win8 long enough on my machine to get to a setting on the "charms" bar to make a change so I could install Linux. To get to that point, I had to accept the EULA, even though I never intended to use win8.See the problem there?"

Actually, no. If you want to wipe Windows off and install GNU/Linux, why do you need to enter Windows and change settings to do that? You can do anything you need from UEFI.

h4rm0ny

Re: Sorry, but Google were uttely wrong.

>>"So the problem is providing a deadline, and sticking to it?"

Sticking to a deadline reflects very well on you. When it's one you impose on yourself. Imposing a deadline on someone else... not so much. I think the word you are looking for is actually "ultimatum". Or maybe "threat".

h4rm0ny

Re: What's Google afraid of?

>>"The problem with Android is that Google are not as strict as Microsoft are with Windows, regarding updates"

Google don't control updates on Android and they cannot. Google's business model is to give Android away for free and make money from its use. They have no power over the OEMs and they can't push directly to end user's phones because they don't have a path to those devices. Nor would they really want one as pushing updates to a huge array of different hardware each running software that a third party (the phone OEM) has installed and which Google don't manage, is a recipe for disaster. All that Google can do is facilitate the OEMs updating the code as and when fixes come out. Which they do by releasing updates to the Android codebase.

I don't think updates to Windows and Android is comparing like for like, tbh.

h4rm0ny

Re: @Big_D

>>"I would just like you, and the other "IT Experts" of this forum to take away one thing: Full responsible disclosure is a good thing, and it's something that the security industry has been fighting for years over. The vendors don't like it, because it gives them more work with little in return (for them) and it makes them look silly when it's proven that they've ignored a security problem."

Speaking as someone who isn't the vendor in question but rather a customer, I don't like it either. It increases my risk.

And as you're suggesting that I "ask to go on a course" to learn about security, here's a little information for you about the general patterns with security disclosures. Only a small minority of privately disclosed vulnerabilities are exploited prior to a patch being released and after the patch is released it remains low. Think it through from the attacker's perspective - this is all simple enough. But when an exploit is publically disclosed or becomes so, without at patch, active exploits in the wild skyrocket. Those are the actual facts of the matter. Public disclosure only increases security in the cases where there would be no patch without the vendor being forced. And as we can see - that was not the case here nor was ever likely to be.

h4rm0ny

Re: @Big_D

>>"h4rm0ny, the Microsoft apologist. I bet if this had nothing to do with Microsoft you (and others) wouldn't even be commenting"

Ignoring that this is just an ad hominem reply, as a general rule I defend technology and argue against FUD. That's because I appreciate that making perfect technology is hard (having worked in the industry for a long time) and because I dislike FUD on general principles. And I see such attacks against Microsoft on these forums more often than any other company so you find me speaking out in defence of that quite often. What I seldom do is attack products. You'll find a vigorous debate by me on UNIX vs. Windows security models last year, but even there I wasn't claiming that GNU/Linux was especially vulnerable. I was a UNIX programmer for years. Of course to someone partisan, I look biased if I argue against their attacks, but I'm almost universally defensive in my posts. Which is a stark contrast to all those who will leap on any supposed problem as an opportunity to tear down and say how rubbish something is.

About the only negative thing I have ever said about Android is how much of it is being taken closed source by Google, rather than any attacks on the software itself. I think I made some criticisms of Dart one time as well.

So basically, yes - I do comment on things other than Microsoft which you're welcome to check. Now can we stop the ad hominems and return to discussing what rather than who?

h4rm0ny

Re: @Big_D

You make a jump between step 1 and 2 which I do not think is supported. You argue in point 1 that some groups may exploit this even without assistance by Google. You then argue in point 2 that this means there is no reason for Google not to make it easier for all. This, to me, is an error of absolutes: a bad thing is possible so it doesn't matter if it becomes more common / probable / easier to achieve.

In point 3, there is another issue. You propose that the release of the exploit code helps us protect ourselves. I disagree - I can look at the exploit code but there's nothing I can do to patch Windows myself. To the overwhelming majority of people the only use that can be made of the exploit code is to write malware. The only people who can use it in a beneficial way are Microsoft and that does not require a general release.

h4rm0ny

Re: Sorry, but Google were uttely wrong.

>>"It's naive to think that Google's team is the only one that may have discovered this bug. It's just that others may not have condescended to report it."

I think it's pretty clear to all that the problem isn't that Google reported the vulnerability to MS. On it's own, that's a good thing. But it's not on its own.

h4rm0ny

Re: Sorry, but Google were uttely wrong.

>>"This is standard practice, regardless of it being Google or Microsoft. In fact, 90 days is quite generous."

No it isn't. Symantec and all those other security companies don't generally release proof of concept code to help black hats build their exploits. They also work constructively with the affected projects or companies. And 90 days is not "quite generous". We're talking systems programming here, not a web app where you can just drop in a quick patch on deploy on your servers. When I did this sort of work we had a team of people in another building who did nothing all week but work through formal tests to check each release of software. It took a long time to do that and it was necessary. If we wanted to push out a change, that went into the process. If we stopped the process to account for a new bug, that would be holding up fixes for others - which may be more important - because it means restarting the whole release pipeline.

That's what a lot of people who only work on web apps and on non-safety critical software don't understand. And the armchair developers are worse. Stopping everything to put in a fix for the latest discovered problem can actually make your software more vulnerable because it can delay the release of fixes for more dangerous bugs. This bug basically causes the UAC notice to not pop up. So if a user with administrative rights is persuaded to run your malware, they don't get a "Do you want to allow this program to make changes..." message when they double click the email attachment, etc. That's bad, but who is to say it should have delayed some other fix?

Probably none of us here have seen the code and none of us therefore know whether 90 days is "generous" or not. And certainly Google don't know.

h4rm0ny

Re: Sorry, but Google were uttely wrong.

I might as well pretty much post the same thing I posted last time as the response is the same: This is a PR move by Google.

Does Google have a competitive interest in Windows being a better OS? No, they don't. So do they therefore benefit from silently and constructively helping fix bugs in a non-destructive manner? No they don't. This is all basic logic so far. Loudly pointing out vulnerabilities in a competitor's products (to the detriment of its users)? Yes, they clearly do have a benefit because it makes their competitor look bad.

But there is a problem that endangering those users would make Google look bad as well. So clearly what is needed is a way of pointing out those vulnerabilities but making it look like they're not the ones endangering users. Ergo, decide on an entirely arbitrary time scale and say you have given notice and it's your competitor's fault the users are harmed by your publishing this information because they could have fixed it.

Of course the time scale is arbitrary so sometimes your competitor will be able to fix the issue in time and sometimes they wont - hits and misses. But it's necessary so that you appear to be the responsible one.

And releasing proof on concept code publically, instead of just to the vendor so that they can more easily fix it, is a further step wrong again.

This is PR. If it doesn't look like PR, that's because it's well done PR.

Google crashes supposedly secure Aviator browser

h4rm0ny

Perhaps. But someone creating an Open Source version of Chrome is a unique threat in a way that Firefox aren't. Whitehat aren't just trying to do this as a solo project. They're trying to re-ignite a community effort on this and get it going as a successful Open Source project. It is never preferable to fight a war on two fronts rather than just one, so Firefox are undoubtedly their big rival, but don't downplay motivations against Aviator, either.

h4rm0ny

Re: Own goal by Google...

>>"You must be a fairly atypical Reg reader if you can't work out how to replicate the kind of blocking this product provides (what with the ready availability of extensions like Ghostery and Disconnect), "

There's a whole world of people out there who aren't El Reg. readers but who still care about browsers. And to be honest, I think there are plenty of El Reg. readers who don't readily know how to replicate what Aviator does. And that's not because they're stupid. Aviator, for example, blocks HTTP referral values across different sites. According to their website you can't do that with Disconnect. And indeed, I had never heard of Disconnect before today.

Besides, one of the good things about Open Source is multiple ways to do things.

h4rm0ny

I remember when Open Source was a community of people helping each other and it was about sharing all your innovations and helping others improve their code as well. Well, I suppose aggressively grilling your rivals in public might help them improve in a Darwinian dog-eat-dog sort of way. But it's not what I had in mind.

Saudi Arabia to flog man 1,000 times for insulting religion on Facebook

h4rm0ny

Re: "right to freedom of expression" @Doug S

>>"Break into a home, you get shot. Break into a vehicle, you get shot. Harass someone, you could get shot. So, let's mind our manners shall we...."

This all seems to assume that the proportionate response for any of these things - such as not minding your manners, apparently - is to die.

h4rm0ny

Re: In a few decades...

>>"... when their oil finally runs out or gets replaced by better and cheaper energy sources, these countries will revert to their natural status"

Much of the London property market has been bought up by Middle Eastern rich people. The London Stock Exchange is also part owned (to a pretty significant degree) by Qatar and the NYSE was similarly bought out by a Dubai, iirc. We have been selling the family silver to these countries for several years, now. If and when the oil runs out or is replaced by nuclear power, they just need to charge us more rent to live in our own capital and they'll be fine.

h4rm0ny
Paris Hilton

Re: What do you expect

>>"Far fewer accidents. Much better parking. More confident driving leading to better traffic flow."

Riiiiggght. Because insurance companies give us lower prices out of the goodness of their hearts... ;)

Paris because she's the only female icon vs. 7 males ones! Boo! Patriarchal El. Reg! ;)

h4rm0ny

Re: And religeous fanatics of all forms wonder...

>>"Your credibility just hit zero and I stopped reading there."

I'm actually surprised you made it past "Secular".

h4rm0ny

"accuses him of corrupting faith, criticizing the religious authorities in Saudi Arabia, and spreading sedition"

I don't actually see these as a problem and I'd be proud to be accused of the latter two.

US kills EU watchdog's probe into EU cops sharing EU citizens' data

h4rm0ny

Re: “Our inquiry has now been closed. We have been unable to exercise our democratic powers.”

Hey, if they have nothing to hide, they have nothing to fear. I mean that's what they've been telling us for the last five years, right?

Right?

Untangling .NET Core: Open source for Windows, Mac, Linux

h4rm0ny

"Which is exactly why I abandoned MS platform development when they decided to change VB to .NET. By that point I was properly fed up with their constant changes in direction"

In abstract, what you say is true, but think about what you're saying - we're talking about moving away from Visual Basic 6. In what universe is that not a good thing?

Hang on a second – Time Lords have added one to 2015

h4rm0ny

Re: Gissa job

North Pole. It was the only sensible location for such an organization.

NHS refused to pull 'unfit for purpose' Care.data leaflet

h4rm0ny
Mushroom

Re: Same old arrogance

>>"thus the data can be deanonymised by anyone with access to the NHS demographics"

You'll find the reply given on this one is that here are confidentiality agreements in place. I used to work for the NHS and back when they were rolling out the "Spine" and Connecting for Health (is CfH still a thing?), we raised Hell over access. The response was a very official sounding "only those bound by strict data confidentiality agreements will have access to the data". By which they meant every receptionist or medical secretary at any GP practice in the country could look up your records. I know - I tested it by looking up records that I had no right to access (they were MY OWN but I had no right to look them up in that role and the system did not know they were my own). The DoH people actually outright lied to us also. We were told that there was a system in place to track who had accessed which records. Not going to be, was. Under heavy questioning they finally admitted there wasn't any such monitoring and they had no time frame when it would be added (wasn't when I left the NHS).

Thee are a lot of hard-working people in the NHS from around middle PCT level down. Above that, career-minded liars, mostly. Do NOT trust the government integration programmes for the NHS whatever they are called this month. I have direct experience of working with these people. They can and will lie when they can get away with it and their interests are NOT your interests.

It would not in the least surprise me if the leaflet was deliberately sent to be printed prior to approval so that it would be "too late" to change. Incompetence is perfectly possible, but this is exactly the sort of sly shit I have seen from them in my time in the NHS.

Nuclear, because that's what should happen to everyone above middle management level in the NHS and everyone in the DoH.

Yes, we need two million licences - DEFRA

h4rm0ny

For people with more money than God, there's Oracle. For everyone else, there's Postgres.

Elite:Dangerous goes TITSUP

h4rm0ny

Re: I'm not a programmer.

"Its quite funny that some of you think its easy to have a database containing 400,000,000,000 star systems and their associated celestial bodies on a home PC. If each system contains 10Kb of data, that's potentially 372.5TB of data. Yeah, SQLite can handle that. Add in market data etc... and your game database is gonna be pretty huge!"

I guarantee you that ED is not using a 370TB+ database for its backend. Both financial cost of storage and searches on such a monstrosity would be prohibitive. I think you go wrong right at the start with plucking a figure per system from nowhere and using it to extrapolate. Whatever they are doing, the conclusion to the argument is unrealistic so there must be a flaw in it somewhere.

Now if I were implementing such a thing client-side, which is what we're discussing the feasibility of, I would generate the systems procedurally as needed and only store those that had been discovered as and when the player reached them. Unless the player is going to explore all 400,000,000 systems, I'll be fine.

Note, because there is an argument going on here and it's easy to read my post as being on one side of this, I think it would actually be quite a lot of work to port it to run on a PC. But for reasons other than what you give above, which I posted earlier. What would be feasible would be to allow people to set up their own smaller groups. Maybe forty people club together and get a small server on Azure or whatever and install the Elite package - now that would be a lot more realistic at this late stage in the development process.

h4rm0ny

Re: I'm not a programmer.

>>"Really? You can get quite fancy open source implementations of SQLite these days. It's much harder to do the graphics, at least from my point of view."

SQLite is great. At what it does. However, we're talking not just a simple database here (conceivably it could handle what was necessary for ED's universe, *just* possibly), but a lot of code built on it and around it. How would you port all the stored procedures and advanced features that were being made use of. Swapping a back-end from something like Postgres or SQL Server (I don't know what they actually use or how they do it) to SQLite isn't going to work.

The graphics is actually the least problematic part of moving ED to being a complete client-side game because the graphics are already generated on the client side (unless they're doing some lightmaps server side which is possible but I think highly unlikely with them). The server isn't sending a picture of a ship down the wire to client which would both be unusably slow and send bandwidth requirements through the roof. It instead sends a small bit of data saying "draw ship X here at angle Y" and the client loads the appropriate textures et al. which it already has from the game install, and draws as instructed. Graphics is actually the easy part of porting it.

h4rm0ny

Re: I'm not a programmer.

>>"As I said I don't programme but how difficult could it be to 'snapshot' the initial starting conditions and let players fly around in their own private universe? They managed to squeeze the original game into a BBC micro so I can't understand the reluctance of Frontier to offer an 'arcade' version."

Potentially pretty difficult. If they've coded it with a lot of server side stuff then whilst it would be easier than starting from scratch to put that code in the client-side code, it could still be difficult. Suppose they had everything based on SQL Server or Postgres at the back-end. Now you need to either re-write it or the customer needs to install and run this database on their PC. Possible but problematic with Postgres, difficult with SQL server due to licences (though there's a free version, so maybe). But you see the problem. Something like this really needs to be decided on in the design phase. (That's what has angered many - because they must have decided to abandon single-player quite a while ago but tried to sneak the announcement out quietly late in the process).

However, it could be possible. You'd probably have fairly high hardware requirements because realistically, to port this to single player with a "snapshot" as you say, would mean changing as little code as possible and getting the client PC to be the "server" as well and keep the PC talking to itself the same way it would talk to the server. Playing both halves of the conversation if you will. And I suspect that means running a full database on the client PC amongst other things.

Talking from a position of not knowing how they implemented this, the best one can say is that it might be possible to do this within an acceptable amount of work, but it would not be trivial and would likely put some significant demands on the client's PC both hardware and software-wise (imagine if you had to enable IIS on the customer's PC to run the game! That's actually possible but would you want the security nightmare you'd be inflicting on customers who didn't know anything about administering IIS?).

TL;DR: Possible - probably. Small amount of work - probably not. Could have unexpected restrictions that make this very difficult: might do.

h4rm0ny

Re: not standing up for the game but

>>"There is clearly a single player mode - it is called "Solo" what there is not is an always offline single player mode."

It's only named "Solo" though, in fact the differences between it and actual single-player are quite long and surprising. You're still affected by other player's actions, you just can't see those players. So they take missions you might take, they affect prices, the unknown systems around you suddenly become known because other players have explored them... and more significantly there are a lot of design decisions based around it being online that are different with true single-player - there's no true pause, missions expire in real time making it very difficult for many to play that aspect of the game, you're locked to a single commander so no trying out different ways of playing with different characters, you can never really restart a game because you can never get back to the starting conditions of the galaxy, never save a position and go back to it. Six months from now it's going to be a very different galaxy with much more explored - and exploration is one part of the game (you gather and sell map data). The impact is actually pretty big and "Solo" really isn't the same as actual single-player.

h4rm0ny

Re: A very poor article

>>"This is typical of the Reg these days. This article is just trying to sensationalize a mundane server outage and create a story out of nothing."

I think it's highlighted in the case of ED because so many people were so unhappy that offline mode was removed after being offered (and had signed on because of that) and such complainants were continually met with a barrage of people telling them to quit whining and it wasn't a real problem.

h4rm0ny

Re: Did this also affect...

Yes. Solo play is really not a substitute for offline. It's basically just a flag that makes you and other PC ships invisible to each other. You're still affected by their actions (such changing trade prices, taking missions) and in all other ways is the same as "online" play.

Google unveils Windows 8.1 zero-day vuln – complete with exploit code

h4rm0ny

>>"Presumably Microsoft can return the favour in the future against Google products like Android and Chrome that have both had vast number of security holes to date. Many Android devices have yet to receive security fixes for issues known years ago..."

This is true, but Google are not responsible (nor able) to patch most of those phones. It's in the hands of OEMs.

h4rm0ny

>>"Good for you - but it's not how everyone operates. If you haven't broken your strict procedures because they don't account for unforseen circumstances (ie, bugs & design problems) because you're such a brilliant developer, then I have one thing to say: Please work for me!"

This just reinforces my point that you don't have familiarity with projects like this. I didn't have the power to break procedures. If I made a change to a library that library goes through its testing again. If it passed that, it went into general build and was admitted to the wider testing procedure. We had an entire testing team in a different building who did nothing all day but work through the documented testing procedures. If there were a critical incident report that required higher-priority, then the procedures accounted for that and things would be held back so that this could go out - nothing didn't go through testing. The key point is - as I already explained - things would have to be held back because of it. What you're arguing is that it is okay to hold back all these other things to fix this one thing, you just don't understand that this is what you're arguing. And neither you nor the rest of us are in a position to say whether this bug is important enough to hold back other things for.

As to "design problems", the specifications team was again, a different team to the programmers. We didn't get part way through something and then realize we actually wanted something else - we were coding to very tight requirements. You're just emphasizing again that you haven't worked on this sort of project.

>>"Yes you did. You name called people who suggested "it's not complex" or "90 days is plenty of time" - so, unless you're also an "armchair developer", you must therefore think that it is complex, and 90 days isn't enough time."

I have indeed called people armchair developers. However, you claimed that I was saying that Microsoft "have hence ignored the report with the hope it would go away" which is not the case. Also, I haven't said that 90 days isn't enough time. I've said that it might be, might not be and that in any case a fixed deadline like that clearly is going to be enough some of the time and not the rest of the time. What I actually wrote is that people here don't know. If you can't distinguish between someone saying something is unknown and saying something isn't the case, then no wonder you're commiting logical fallacies all over the place.

>>"You know they're factual, and I only said it was already posted so I didn't need to type it again."

Saying that people with no familiarity with the code base or procedures are right when they assert that an arbitrary time period is "enough", doesn't carry any weight. Not even if you say it twice.

>>"You can't discount something just because it was mentioned on here; it doesn't mean it's untrue - otherwise, what you've just said would also be untrue."

I'm realizing that you are rather limited. Saying that something isn't true just because someone claims it online, is not the same thing as saying something must therefore be untrue because it was said online. Your logic is shoddy and biased.

Hey look! Microsoft's workforce isn't all white men

h4rm0ny

Re: Global and local, black and white.

>>"I do remember seeing a similar report in our local paper last year, in regards to staff levels in teaching & nursing... surprise, skewed to 80%+ white female. Do we want those numbers to follow statistical #'s as well?"

If there isn't some particular reason why men are worse at these jobs (and I can think of none for nurses and for teachers I think having both represented is important as we're talking about providing role-models), then the answer is "yes."

There are always going to be variations in what an individual person is suited to. For both the sake of an efficient society and that individual's own happiness, we want them to be able to go toward the career that best fits them, not the one that is more common for their sex.

h4rm0ny

Re: Mythical

>>"Are you sure there is anything telling girls they "don't do STEM"?"

Yes. Speaking from personal experience. There is a *lot* of cultural weight and peer-pressure against going science and engineering route as a young girl. For many, it starts even before school and a girl who is into tech is seen as an oddity. Hopefully this is changing but we need to keep the pressure on to truly change this.

>>"And why does nobody care about fields where men are underrepresented? "

Anyone here saying we don't? It is a problem. The reason it gets less attention as an issue is because the fields where men are under-represented are generally lower-paid than the fields where women are under-represented so it seems more "unfair". But of all the people here arguing that women should be more represented in science and engineering I don't think you'll find a single one who doesn't feel the same way about men in teaching, et al. You're basically attributing a false position to people in order to try and claim some sort of inequality. If you feel you're not, then ask people here if they feel men shouldn't be better represented in other fields as well. The answer you'll get is "yes."

>>"What we need to accept is that boys and girls are different."

IIRC, you trot this one out anytime there is a story like this on El Reg,. despite obvious flaws in it being pointed out. Firstly, if culture wasn't a HUGE factor in career choice for men and women then you wouldn't see large differences in adoption of careers by gender proportion in different countries or historically. Unless you think that the people of India or of the eighteenth century are deeply different genetically (which obviously isn't the case), then culture is the only explanation for wild swings in the proportion of female engineers / scientists, male teachers, etc. So if culture is a huge factor in this, let's remove barriers to entry.

Secondly, your understanding of statistics is awful. Suppose there were a difference in general ability between the genders in particular areas. The difference would have to be enormous to make generalizations a worthwhile basis to discriminate on or to show up in these sorts of proportions. Suppose (and this is for the sake of argument) that women were 5% worse at maths by nature than men on average. And that is a pretty fucking big percentage in biology terms, actually. It would still be much, much less than the standard deviation of the population. That is to say that if you took 50 men and 50 women, nearly half of the women would be better at maths than half of the men. I.e. it could not account for this gender discrepancies you see. To account for the level of gender discrepancies we see, the average difference in raw ability between the sexes would have to be enormous. And that plainly isn't the case to anyone who mixes with the other sex on occasion.

Two fairly basic and obvious refutations of your "we need to accept this" position. Though I think you've posted this stuff before, iirc, so clearly you are reluctant to accept a change to your worldview even when supported by facts.

h4rm0ny

Re: Strange Minority

>>"How many women want to work in the Testosterone filles IT Industry? My guess is a lot less than the percentage of women in the community."

I hadn't realized that testosterone was a contributing factor to intelligence. In fact, excessive amounts seem to have the reverse effect! And in answer to your question - plenty, until guided away from it at school age toward more "feminine" subjects. There's the real issue.

h4rm0ny

In Europe people of Spanish descent are White. In America, the exact same genetics / appearance is not "White". Basically because they have Mexico next door and a lot of immigrants from there. It makes no great sense generally and even less from a scientific point of view. But that's America for you - got to have a racial classification. : /

As for gender disparity, it starts in the schools. Young girls are culturally encouraged from a very early age to go toward non-scientific and non-engineering roles. It is not much fun to be the only girl in your Physics class (well, one of three iirc).