Posts by Graham Cobb 1581 publicly visible posts • joined 13 May 2009
Exactly. There is nothing illegal about making up and writing down a story containing all sorts of copyrighted material. That is clear "fair use" (other terms are used in various jurisdictions, but they all allow that, as far as I know). The legal issue is about publishing the material you created for yourself.
And following that, I traveled to Greece. Where a local SIM required my passport number (or other ID).
Last year, on holiday in Italy, I bought a prepaid SIM (for cheap data in my Android tablet) in a random High Street phone shop. I didn't have my passport with me (yes, I know I should have) but the guy was perfectly happy to make the sale and I never provided him, or the network, a passport number or any ID. He did do various stuff to activate it so maybe he made up a passport number or something. I don't know.
While certainly true, dependence on US, and other Western countries, is well known. The planners may well be over optimistic, but the risk is, at least, understood and accepted. To be honest, I don't think any country considers it could survive if all its major partners turned against it.
A dependence on China for keeping the country running is, however, rather more serious. While there is no reason to assume China is going to turn against us, there is certainly a higher risk of that happening than many other partners. And that is only considering government actions: there are also criminal elements to be considered.
Anyone have a recommendation of something we could use on my wife's laptop which doesn't make Windows look/behave differently in normal use but which allows me to get a sensible interface, with sensible controls, tools and privileges, good reporting and a good shell, when I am maintaining her PC for her. Like setting up automatic backups to my Linux servers, file-sharing with our home cloud, regular virus scans, scripting things so some things are done at home but not tried when we are away on holiday, etc.
I am thinking about doing this. Not that I believe I am smart enough to know when it will stop - just that I think I am sensible enough to be able to make more money than the people who fervently believe.
It is the same approach I did with Bitcoin a few years ago. I bought an amount of "bitcoin growth" stocks. About $2K.
Each time the stocks doubled in value, I sold half of them - getting my $2K back. I was able to do that three times, IIRC, before they stopped doubling. I still own the last lot - they are basically flat.
I always knew it was a bubble. Once I had managed to do it once, it was free money. I feel a bit sorry for the people who provided the money for me - but not too much.
The interesting thing is that, for Trump, he probably has no conception of how you could be surprised, let alone contemptuous of that argument.
To him (and how many other major US politicians? I don't know) there is nothing surprising or unusual, let alone corrupt, in choosing supporters who have fought for, and funded, him and his party colleagues. I don't think he even imagines anyone else feels differently. That is what making campaign contributions is for: getting your views incorporated into government.
I knew that Trump gave power to people who funded him. But what I hadn't realised is that he doesn't even conceive of that being suprising, let alone corrupt - it is just what politics is about, in his view.
Actually, the corporate guys (Baxi and Raajah) have done little harm to their reputation, and probably increased their value to their employers (and future employers). It is a few years now since I did corporate technical marketing but companies are always looking for ways to get external validation of the benefits of their product. Even if you do have a great product it is has hard to let the world know; and if you don't you still need to highlight what it can do. This support from MIT Sloan authors was quite a feather in their cap!
Respected institutions (including various publications, universities, research groups, analysts, etc) are always underfunded and are looking for corporate sponsorships or sponsored gigs (speaking at conferences, tradeshows, user group meetings, etc). Their views often carry a lot of weight with customers so they can charge a lot of money for endorsing suppliers. Of course, they don't normally go as far as saying one supplier is better than another but they are often willing to endorse or promote a particular talking point which highlights something which happens to be a competitive strength of one supplier.
But it is a very difficult tightrope to walk. Even while avoiding direct endorsement of a product, they have to be careful not to just endorse the marketing talking points of the supplier. I had many difficult calls and negotiations with various experts we were sponsoring in various ways in order to arrive at words they would use which supported our talking points and strengths, without endorsing or recommending our products. Some of them were very good at getting to a reasonable and fair compromise protecting their position, reputation and institution while saying enough to support our claims that we would pay them (and come back again for another article or speaking gig). I understood their position and they understood mine, and we negotiated like adults.
I suspect that Siegel and Zeijlemaker have had a roasting from MIT and will be much more careful next time.
It used to be that relying on the US was a safe proposition for HMG - after all , US weapons were protecting us and other considerations seemed small in comparison.
But, in a post-Trump world, who knows what US policy might be (from one day to the next, even)? If the UK did something Trump didn't like (say, supporting Ukraine, or sending RAF planes from Cyprus to protect a relief convoy going to Gaza, or something), the US could decide that AWS could no longer do business with HMG and, poof!!, all of a sudden no tax can be collected!
That's par for the course now. I've been to a couple of major EU capitals in the last few weeks. Both times the queue for non-citizen arrival border processing was an hour. Basically a whole plane load of people from the UK, with 2 people handling non-Schengen processing, and having been given instructions to do the full questioning thing. [Actually, in both cases, after queuing for an hour a more senior border control person came and gave the 2 officers an instruction which resulted in each entry going back to taking less than 30 seconds, presumably to clear the queue]
What I don't have visibility of is whether the same long waits are happening for EU visitors entering the UK.
I can't say I agree with Mr Eel very often but I suspect he is correct this time. I actually think they should run AOC - force people to make a real choice: Trump-lite or a european-style liberal who might actually improve things.
Unfortunately, it doesn't really work like that. The services the cloud vendors are offering, and the competances need to drive them, are really not the same as building your own. And driving the Amazon cloud to spin up new instances, or create new services (let alone buy the right amount of capacity to handle workloads and allow for failures) is not the same as doing the same thing in Google, for example.
However, it could be made much simpler if the (big) commercial cloud users forced cloud vendors to standardise. Then we could see real competition (and even workload mobility) between clouds, and even see the hardware vendors offering the same tools and APIs for on-prem deployments.
The power is in the wrong place at the moment - it is with the big 3 cloud vendors, not their customers.
I don't know if its a coincidence, but this week a bunch of patches have hit the BTRFS developer list regarding suspend/hibernate. Mostly about cancelling long running stuff (like disk scrubs) so suspend can go ahead, but also discussing the things that can go wrong! Horrible!!
I'm glad my last (and only) kernel contribution was in 2002!
Yes.
Smart people know that - and still use AWS because the tradeoff is worth it. After all, if your own datacenter has no redundancy, AWS can be a major step up even though it has this failure mode.
It is unlikely to be worthwhile for most commercial enterprises to get "better than AWS" reliability. Which is fine.
What is not fine is that the people who do need to keep running (like banks) don't realise AWS is not good enough.
In regard to the COVID question, I think there's room for reasoned debate on the topic; unfortunately, reasoned debate is a resource which remains in short supply when it comes to COVID-19.
Only in the US. The rest of the world seems to have no debate on the issue. The science of Covid is very clear to everyone else, and the origins also pretty much so.
b) offer that position to whoever best fits the role, regardless of their demographic? (Equality of Opportunity)
No, that isn't Equality of Opportunity. Equality of Opportunity takes into account the history of the applicant, and how they have dealt with the various challenges that have faced them, including previous opportunities, or lack of them.
Equality of Opportunity is bloody hard. It is not a tick-box exercise, nor is it about applying the same process to all candidates. Equality of Opportunity is about the hiring manager giving each candidate the opportunity to demonstrate why they are one of the best candidates for the job. That may include finding out how the candidate has dealt with challenges, what they have achieved against the odds, why they will be a great choice to do the job, etc. In your example, it is as important to question how the hearing candidate would make a difference to the company's success as it is to understand how the deaf candidate can contribute.
Hiring is never easy: you need to assess potential. What they have done before is part of that, but only a part. You need to assess what they will contribute in the future.
Many of the problems Digital Identity is (supposedly) useful for can be solved by allowing people to have multiple identities!
The shopkeeper selling me a bottle of wine doesn't need to know who I am. He needs to know I am a member of the authorised to buy wine club.
The polling station staff don't need to know who I am. They need to know I am a person who holds one vote in this constituency and has not used the vote yet.
In my real life today, my friends know me by one name, and my work by another name. And every web site I use knows me by a different name and email address I create exclusively for them.
That is how Digital ID needs to work - let me create as many digital IDs as I like for different purposes.
I have thought, on and off, that all the legitimate needs for ID cards could be met, in the modern world, by a different approach.
Imagine a smart ID card, with your photo on it but no identifying information at all. When required to provide ID, it would not produce a name or address, or date of birth, or even a number with any meaning. It would actually display a QR code (effectively a long number), which could be used to validate information you provide. If the circumstances require that you prove you are old enough to buy alcohol, the retailer would scan the QR code and their terminal would report that the owner of that card is authorized to buy alcohol (or vote, or whatever).
The idea is that the long number changes every time it is used - and cannot be converted back to any actual identifying information (name, address) except by an extremely limited number of people (e.g. police). Essentially, the card is using public key cryptography to prove it is valid and authorizes the carrier to do various things (buy alcohol, travel on a train, enter the country or whatever). It also provides enough information for the retailer's terminal to be able to prove, later, that they checked the card and it said it was OK.
It could even prove that it was the same card as was used on an earlier occasion, if necessary (so it could be used to collect things later). All without the retailer knowing anything about the user.
A little ironic that you chose to go AC when posting that.
I'm not particularly worried about GCHQ, or even really about the police, if they want to track me. What I am worried about is the concept that it matters who I am for 99% of things I do!
I certainly don't want commercial entities knowing anything about me, or having an easy or "normalised" way to track me or target me. I don't want it to be normalised that people carry (or have) ID and it could be asked for by anyone. How long before you have to show ID to go to a concert? Or into an expensive shop?
And most importantly, I (and, I am sure, you) are in the luxurious position that it wouldn't matter if I had my name and ID number in flashing lights on my hat. However, many other people are not in that position: some are socially excluded, some are just poor, some are hiding from an ex or a former employer, some just like to keep themselves really private, some may be delusional. Whatever the reason, the normality must be that people are private and not required to identify themselves except in very exceptional conditions.
We have managed for thousands of years with no ID cards and we don't want them now.
it's the "modern digital systems" that are the most easily attacked, as in this case
That's not quite fair... Yes, the "modern digital systems" are shared by many (often thousands) of customers. So when they fail they affect many, many more people than the old analogue systems which effectively served one customer.
On the other hand, the old, non-shared systems didn't scale. Most of the people affected by the failure of the modern systems wouldn't have been able to have service at all, at any time, however reliable that service was. Modern airports didn't get to handling the volumes of flights, passengers, luggage and cargo that they do today without the scalability provided by those shared systems.
In the 90's I was working on (the network management of) the new wide-area "ring" technologies which BT and their competitors were rapidly deploying. Those technologies (SONET, etc) mostly predated ATM and IP backhaul and really opened up reliable, flexible, high speed wide area networking. They were shared infrastructure, supporting thousands of users at any one time, so were affordable (to the big businesses who were the target at the time). They were well designed and engineered and had redundancy (self-healing rings), all at a reasonable cost - a fraction of a dedicated resource.
However, they were not designed to deal with actual adversaries. None of the systems I worked on were designed with military requirements. The military had their own systems, and no one had thought of criminals scaling protection rackets up to the levels of today's ransomware attacks.
I have no idea what happened here, but it is easy to imagine scenarios. Modern phone networks use protocols where the signalling tells the network what sort of call it is - not the actual number. Signalling is provided by end user equipment (dumb phones, mobile phones, VoIP, etc) in many different forms and using different protocols, and is validated and heavily firewalled on entry to the telco network (for example, so that people can't pretend to be another operator delivering a call to avoid being charged or traced). Pretending your call is an emergency call might be used by hackers to avoid charges or to cause a denial of service attack, for example. So equipment and firewalls apply all sorts of validations.
I could easily imagine that if a link had been incorrectly marked as "emergency calls are never carried on this link" a firewall might reject the call. Or if a software upgrade to a firewall broke the configuration somehow I could easily imagine this failure.
Of course, with hindsight, there should have been (i) proper testing, (ii) high priority alarms generated when rejecting validation for calls claiming to be emergency calls, (iii) proper capture and very rapid escalation of the call centre reports of emergency calls failing.
I didn't even bother with a case (I hate them). I just put the best Blue Peter sticky-backed-plastic on the back and keep it as my second phone (mostly as a small Internet device when travelling). I bought an identical small, thin iPhone (is it a 13? I don't know) and continue to treat it exactly the same way. It falls out of my shirt pocket often but this one hasn't broken so far.
Does this announcement mean I won't be able to get small thin iPhones any more? I had better stock up.
Sexton is confused... He said: "If children are using VPNs to bypass, then that's bad because that hasn't worked and they're accessing pornography. But if it stops half the children, that's half the children that were viewing pornography that are now not, and that's good."
If we even assume what he says is correct, he has missed the other half of the children. He should have added "But, unfortunately, the other half the children are now looking for, and finding, sites which are (by definition) illegal and unregulated and being exposed to violence, murder, sex abuse, drugs and terrorism. We wish them luck in managing that."
This is about power and money.
Specifically money.
Trump is beholden to the large telcos (through campaign funding, etc) and is on a path specifically to undo all the telecoms reforms the FCC made - such as increasing competition, improving services, encouraging investment by public bodies and local governments, providing access for poorer people such as immigrants (legal or otherwise), etc
This has nothing to do with children, really.
And, particularly if they crack down on VPNs, we are raising a generation who all know how to use Tor and use it routinely!
So they won't just be seeing legal pornography but the most vile, illegal and hateful sites. And from there... how to earn or steal bitcoin (including sex work, selling pics of family members, buying and selling drugs, ...) and maybe even knives, guns and violence.
Wonderful
Of course it isn't an insult. As I understood it, the police action claimed to be on the basis that the signs could provoke violence from people who disagreed. I would have thought that in that case the police should be providing protection to the sign-bearers and/or arresting anyone who looked like a violent skinhead who might have attacked them!
I wrote to Chris Philp (then policing minister, now shadow Home Secretary of all things!) suggesting that he instructs the police make a very visible public apology for the misuse of their powers, thus making up somewhat for the loss of public visibility and on-going debate which would have occurred if the signs had been seen on TV. I also suggested that the Prime Minister may like to make a humble suggestion to the King that he makes a personal statement that while he (obviously) has every confidence in the role he performs, he deeply recognises the right of others to disagree and regrets the heavy handed behaviour of his Police and so will permit the campaigners to post their Not My King sign outside the palace for a week (and maybe even privately sending them a small cash donation himself - I certainly sent them one).
I never got a reply - surprise, surprise.
Yes, and that is the biggest reason this is so stupid. In 5 years, when every 20-year-old has been using Tor for all their browsing for several years because of this law, there will be no chance to monitor even run-of-the-mill dumb criminals' traffic!
At the moment, Tor use is exceptional. Next year every teen boy will be using it.
Market dominance is certainly relevant. Much more so for social media than for newspapers, in fact.
Social media relies on, and builds, network effects. Market dominance in social media means that a lot of people have no choice but to use your site. Using a competitor doesn't let you contact the people who have chosen the market leader. That is completely different from, for example, being the market leading newspaper - that doesn't stop people being able to access news using competitors.
little kids go to school libraries
Yes. Little kids go to schools. There is no difference between the responsibility of deciding what and how to teach, and deciding what books to put in the school library. In both cases, it is the decision of the people who run the school. US states should stay out of both decisions and leave them to the schools.
Personally, I tend to open different windows for doing different tasks - often multitasking - and often wanting to see how each one is progressing in the background of whatever I am doing in the window with focus.
Some of those tasks are terminal-based, and some tasks involve multiple terminal sessions (often logged into different users or different remote systems). For those tasks I find screen convenient for switching between the terminals involved in that task. I never really use screen to split a window.
But different people have different workflows, and have trained their brain and fingers to work differently from mine.
Yes, it is tedious. And my Samsung tablet running /e/ still warns me on every boot that the bootloader has been unlocked and insists I press a button before it even tries to boot the OS.
I understand why (to protect people who hand their device over to someone else for a bit who then replaces the OS with something that looks similar but captures passwords and personal info). But maybe after a year it could have stopped asking?
Thanks Liam. My main tablet is still on /e/ OS 2.1 - time to try 3.0 now.
In the olden days I was heavily involved in Maemo and Meego (Nokia). It was a great environment but eventually just not viable commercially to compete with Apple and Google. But all involved learnt a LOT about what worked and what didn't in mobile app development - and the early days of smartphones were very exciting.
After Nokia died, I moved to the Jolla/Sailfish community in the hope that the many good people there could build the technology base for a viable 3rd player. But, not to be.
/e/ OS 1.0 was clunky but at least its limited goals (basically to make LineageOS a viable end-user off-the-shelf Android) seem to be just about achievable. However, I have to admit that, although my tablets are /e/, my phone is an iPhone nowadays!
According to All Tabs Helper, I have over 6000 tabs currently open in the Firefox instance I am typing this in. I routinely kill Firefox and it happily restores all the tabs when I restart it. Many of these tabs have been around for years. This is 115.15.0esr - from Debian.
I am guessing you don't have enough memory (maybe virtual memory size?) - or aren't using Linux.
I think politicians (and doorstep canvassers) have been well aware of this. Telling the people what they want to hear has long been the favourite strategy for politics. And the same politician telling different audiences different (even contradictory!) things is common.
A more interesting question is whether we can use social media and LLMs in some way to get evidence of the lying b******s! I guess it wouldn't really matter - everyone can see them doing it today and it still seems to be working!!
Sure. But I'm with MMcF: that is an important lesson and this experience needs to be highlighted in the training of future flight controllers. With hindsight, it is obvious that that was the right process. But nothing wrong with reminding people of the obvious on occasion!
I mostly use SearXNG nowadays (I used to use SearX).
I run my own instance in a Docker at home but often just use https://priv.au/ directly. I have other instances set up as browser search engine options as well, in case some are down.
If the "community" had asked for some kind of comments that could have led to machine-generated documentation, it woudl have been far, far better.
Unfortunately I can't agree with this. My real-world experience with comment-based machine-generated documentation was that the only thing you could assume about the documentation was that it would be completely unrelated to the code. Even the best programmers often forgot to update the documentation comments so the resulting documentation was the worst of both worlds: it was neither up to date, nor did it correctly document any earlier version of the system!
That was supposed to be one of the main reasons for the OO approach in the first place: the code would be "self-documenting" because many relationships would be explicitly defined in the object hierarchies and declarations. Of course, it didn't work as hoped but it was probably still an advance on documentation based on text comments completely unverified by the compiler.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
