* Posts by Graham Cobb

1351 publicly visible posts • joined 13 May 2009


Menacing marketeers fined by ICO for 1.9M cold calls

Graham Cobb Silver badge

Re: Let me guess

I don't know the rules about political calls but I can tell you I (in the UK) have never received one as far as I know (but I don't generally answer unknown callers from numbers outside the village).

Graham Cobb Silver badge

Re: Spam calls

3 in a week? Luxury! I get about that every day - although I never answer calls from numbers I don't recognise and, guess what, none of them ever bother to leave voicemail. Yes, I am on TPS. No I am not going to waste my time engaging with them to get evidence.

It should be illegal for any commercial caller not to leave a voicemail with their company name, company registration number and a valid callback number. Yeah, I know, not going to happen but I can dream...

Graham Cobb Silver badge

Re: Gum them to death.

That's good to hear. But we need a culture change:

ICO, in every press release, must make it clear how much of the fines have been collected. If not possible for the particular incidents in the release (because it is too early) then tell us how much has been issued in fines in the previous 12 months and how much of that has been collected.

Journalists, reporting on these press releases, should insist on getting the answers above before being willing to report on it, and should also demand names and addresses (from the Companies House register) of the individuals, or directors of the companies, fined and then include the names and home towns in their reports, like they do for other criminals.

UK Online Safety Bill to become law – and encryption busting clause is still there

Graham Cobb Silver badge

Re: Nice analogy I came across

That's OK - the PM has just announced shelving net zero commitments (sorry "bringing people with us") so they are well on the way to curing the drowning problem as well.

Pulitzer Prize winning author Michael Chabon and others sue OpenAI

Graham Cobb Silver badge

Re: Fair Use? I Think Not

Glad we are in agreement: the OPs suggestion that doing any analysis, or processing, of a copyrighted work is a copyright violation is a complete load of bull. Copyright violations require making copies, not just processing (and even then may still be fair use, in the US at least).

Graham Cobb Silver badge

Re: Fair Use? I Think Not

No. Learning from a book is not a derivative work covered by copyright. Summarising a book covered by copyright is not a derivative work. Doing statistical analysis of a writer's style is not a derivative work.

If I go to Amazon Mechanical Turk and ask for someone to tell me every 15th word of a Harry Potter book, I don't believe that would be covered by copyright either. Why should we assume that if ChatGPT can do that it is breaching copyright?

Graham Cobb Silver badge

Re: IP land grab

Nope. It is clear fair use to borrow someone else's copy of a book and read it, without any payment to the publisher. It only becomes a copyright violation if you copy the book while you have borrowed it. Reading it, understanding it, and learning from it are all completely fair use.

Graham Cobb Silver badge

Re: Guess who copied that line...

No, I don't think his claim can really be that the AI was trained by reading the actual text. That, of itself, is not a copyright violation, as far as I know. For it to be a copyright violation he has to demonstrate that the model has not just read but has stored an infringing amount of the actual text. One notable phrase does not amount to an infringing amount of text as it is clearly fair use to quote notable phrases.

For example, the AI could have ingested a review, or an academic study, of the book, including several fair-use-eligible notable phrases. That may or may not be a violation of the copyright of the review, but clearly not of the book itself.

As I said in an earlier comment on these ridiculous copyright claims... consider an AI answering two different questions about a book: "Does Great Aunt Agatha actually ever meet the Magician in person at any time in the novel?" vs. "What does the Magician say to Great Aunt Agatha the first time they meet?". Do either of these provide any evidence of copyright violation?

How to snoop on passwords with this one weird trick (involving public Wi-Fi signals)

Graham Cobb Silver badge

And most of the time, you don't actually type them in, you load them in from your keychain / password manager?

My first thought as well. If I am actually typing a password in an airport I am likely to be taking a lot more precautions. I will add "waving my phone about and moving around while doing it" to the list.

I guess that it does apply to the password for the password manager, though. Although that would require the hacker to then steal the phone as well in order to be able to use it.

How's this for X-ray specs? Wi-Fi can read through walls... if the letters are solid objects

Graham Cobb Silver badge


There goes my idea of posting my password on my bedroom wall using Etsy letters in case I forget it.

Next you'll be telling me I should change it from "IFeelSparkly".

Friends don't let friends use AI to chat

Graham Cobb Silver badge

Re: Would it not be simpler ...

Nah - it's been University vacation time. What's the betting it is back once the researchers are back from holiday.

Scared of flying? Good news! Software glitches keep aircraft on the ground

Graham Cobb Silver badge

Yes - but has someone been trying to generate just such a flight plan, knowing there is no "have a look at this" queue and that the system will crash?

Graham Cobb Silver badge

Is that what happened here? There is a lot of deliberately very vague talk about an "unusual" flight plan. How "unusual" was it? Was it a deliberate attack (with or without knowing whether it would cause an actual problem)? Have there been lots of other flight plans failing sanity checks recently?

I am sure we won't get an answer - if it is an attack no one will want to comment, of course.

UK admits 'spy clause' can't be used for scanning encrypted chat – it's not 'feasible'

Graham Cobb Silver badge

Yes. It needs to be removed from the law altogether. After all, when the technology unicorns arrive and solve the minor technical issues, they will be able to add it in a new bill.

As it stands, it is still up to Ofcom to issue the regulation. By leaving it in the law, they just need to appoint a compliant head for Ofcom and have them issue the instruction. If it all falls apart they blame their stooge at Ofcom and try again 1 year later with a new stooge. There are plenty of people willing to be such a stooge for enough money (and the contacts & favours owed by even running Ofcom just for 1 year).

Largest local government body in Europe goes under amid Oracle disaster

Graham Cobb Silver badge

Re: Great job!

It is the "..and their mates" which I think is the main problem today.

The Tories have been reduced to complete and total corruption - doing whatever they can to release money out of the national coffers to give to their extremely rich (and almost entirely really foreign) donors. Sure, Labour also have a bunch of mates to feed but I, for one, would welcome a different set of corruption, to see how it goes. At least a higher proportion is likely to end up in British pockets, maybe even spread around more pockets.

It used to be that Labour was the idealistic choice but was so incompetent no one with any sense could vote for them. Now the Tories have levelled the playing field by showing even greater incompetence!

What happens when What3Words gets lost in translation?

Graham Cobb Silver badge

The issue is that W3W is completely closed and proprietary. It is obvious that it isn't perfect and could be improved by some additional curating of the words and combinations allowed. Removing more ambiguities. Following up on any ambiguities that actually caused issues (for example, by spending money to reward emergency services who report all failures/confusion) and making sure they are removed from the system, etc.

Before anyone contracts with W3W for anything important (let alone life and death) they should (i) improve it, and (ii) more importantly, demonstrate their commitment to, and actual demonstration of, their improvement learning process.

Germany's wild boars still too radioactive to eat largely due to Cold War nuke tests

Graham Cobb Silver badge

Re: Care?

If the OP had changed "we are in a new geological era " to "we might be in a new geological era", I'd have no problems with that.

No. Eras don't exist as such - they have no definitions. They are just convenient ways to divide up the geological timeline, and they make it easier to group together various events and processes which dominated at different times. We are "in a new geological era " if, and only if, geologists say we are. And they will say we are if it gives some convenience to them in the way they talk about the processes. I am not a geologist but I believe there is rough consensus that calling this a new era is useful and that they expect that to be borne out by future geologists (who will give the names that matter in the future).

But whether or not we are "in a new era" has no actual meaning or effect. What matters is the undeniable fact that a lot of plastics and other man-made materials are being deposited into the currently-building layers. That is true, whether or not later geologists decide to give that a name and decide to define its start as around now.

As VMware says goodbye, leadership thinks Broadcom buy is a win

Graham Cobb Silver badge

Re: Reading between the lines...

you can’t trust anything VMware any company seeking regulatory approval says

When will regulators start enforcing the promises companies make to get approval? Oh, sorry, I forgot... it isn't in the national interest (or, at least, the interests of the regulators with their revolving doors) to prevent these acquisitions being successful.

Dropbox limits ‘all the storage you need’ unlimited plan, blames abusive users

Graham Cobb Silver badge

Re: The limit on M365 OneDrive is 25TB these days

Exactly. See yesterday's article about CloudNordic and all the people asking where their data has gone! I will quote my comment from that discussion:

For that reason, it is essential that if you use a cloud service, you have a disaster recovery plan which handles the cloud provider effectively disappearing into a wisp without warning.

Want tech cred? Learn how to email like a pro

Graham Cobb Silver badge

Re: Wrapping at column 78

I am fairly sure it predates Fortran IV, although I never used an earlier version. I did write my first programs, in Fortran IV, using a manual card punch (no keyboard - just 12 buttons to punch the individual holes and the user having to know the right combination of holes), and with columns 73-80 ignored. It took about 20 minutes to create a short program - say 15 lines - including the time taken on throwing away cards where you pressed the wrong key combination on the last character of the line!

Those last 8 columns were supposed to be used for sequence numbers so that if the operator dropped the deck while loading it someone (else) could sort them back into order. Actually I think there were machines which would sort punchcards based on columns 72-80. As far as I know it was a convention created in the early days of using punched cards for data.

Criminals go full Viking on CloudNordic, wipe all servers and customer data

Graham Cobb Silver badge

Re: Where are the backups?

It''s not just about backups because of hardware faults, fat-fingers, etc. In the case where you are using any cloud services, that provider could stop working at any second, without warning, for no apparent reason!

This case is one way that could happen but there are many others. The most likely, in my opinion, is a commercial issue: the company collapses, without warning to any customers, and ceases trading instantly. All data instantly inacessible - including any backups they hold.

For that reason, it is essential that if you use a cloud service, you have a disaster recovery plan which handles the cloud provider effectively disappearing into a wisp without warning.

Most importantly, if you contract with company A to run a service for you, make sure that you contract with a different company for the DR backups.

30 years on, Debian is at the heart of the world's most successful Linux distros

Graham Cobb Silver badge

Re: We should distinguish between server and desktop

I use Thunderbird as my main mail program (and Claws on my laptops). Thunderbird is the best FOSS mail program in my experience but it is a long way from the combination of Outlook and Exchange in terms of daily usability.

Before I retired, I virtually lived in Outlook (with Exchange behind it). I relied heavily on rules, on things like archiving, on flexible tagging and prioritisation, and on many other capabilities. It is just a much better power-tool than any of the Linux mail programs. And it is even scriptable in some ways from PowerShell.

I have never really used Outlook on the web so I don't know how well that compares.

I am a Linux user through and through - my first kernel patch was submitted 20 years ago. I have no Microsoft software at all now that I have retired. But I am still willing to acknowledge that Outlook & Exchange are the best mail system I have ever used.

Graham Cobb Silver badge

Re: We should distinguish between server and desktop

I used to believe this, but from watching my non-geek family and friends, the big problem is Mail.

Online mail apps (even including Gmail) are CRAP! And Linux ones are EVEN WORSE.

Sure, people mostly use their phones. But from mid-teens onwards (when they start using computers as well as phones) they expect a good Mail experience on their PC - particularly for dealing with important email, and long-term storage and finding. Microsoft's mail programs are still way ahead of everyone else for "serious" mail (work-related, keeping important documents and receipts, searching, etc).

Mail is the main reason most of the Microsoft users I know don't switch to just an online experience. Or stick with Microsoft if they do.

South Korea's biggest mobile telco says 5G has failed to deliver on its promise

Graham Cobb Silver badge

.... old man reminisces ... was that really 20 years ago? ... remember it like it was yesterday ... actually, don't remember yesterday but you know what I mean ...

... walking along the Croisette at 7AM, from the apartment we rented about 1 km away ... it was actually sunny, not raining for a change, but cold - it was always cold in February of course ...

... and at lunchtime, stepping out into the square - was it the Place Charles de Gaulle? - to grab a quick Pan Bagnat to quickly eat watching the old men playing petanque before going back to stand up all day in our booth ... still it was better than when I went in the late 90's - I was working for a larger company now so we had a booth outside instead of that horrible basement exhibition area with the low ceilings only just high enough to get the server racks in.

Somehow I miss Cannes more than Barcelona, even though I did more years in Barcelona, across the 2 different venues.

Graham Cobb Silver badge

The focus of the target user has changed.

For those who weren't in Cannes in 2003 for 3GSM World Congress (the event now known as MWC and now held in Barcelona), you may not known that 3G really stands for "Girls, Games and Gambling" - at least according to those of us who were there. It pretty much achieved its goal of enabling mobile access to internet gaming and porn websites. 4G has also pretty much achieved its goal of making mobile the primary device of choice for consumer access to internet-based services even, now, at some pretty tough locations.

5G was different. It was always intended, by the engineers who developed it, to be for new business services. Of course it had to do consumer stuff at least as well as 4G, and a bit faster (to enable some higher def video) - which it achieved but which is not a game changer for consumer services. Consumers expect each phone to last a few years, and when they change it to get better video - it's just par for the course.

The problem here wasn't the engineers or the suppliers. It was the networks. They wanted to justify all this spending - and to justify their acquisition of valuable radio spectrum to stop their competitors getting it - so they promised stuff that 5G was never designed to achieve! Mobile network innovation continues at a very rapid pace. It just isn't really anything affecting the consumer experience.

Moscow makes a mess on the Moon as Luna 25 probe misses orbit, lands with a thud

Graham Cobb Silver badge

Re: Fly me to the moon

Is there some reason that link is indirected through google? It is disappointing enough when an ElReg poster doesn't remove the Youtube tracking from links - but to include Google tracking as well???

The sane link is: https://www.youtube.com/watch?v=BNLZntSdyKE

Last rites for the UK's Online Safety Bill, an idea too stupid to notice it's dead

Graham Cobb Silver badge

Re: "Nothing to Hide, Nothing to Fear."

You are right about the US, but the UK is not quite so far - at least yet.

The government is certainly "of the right" - probably about as much as the Democrats in the US. The Daily Mail, and some Tory MPs, are much further to the right, and there are also corporatist elements (particularly in the aspirations of donors, many of whom would like to move the party almost as far-right as the Republicans).

I am hopeful, however, that the experiences of the 1930s (in Germany, Italy and also Russia) are still remembered as lessons. But as we head to 100 years after, maybe you are right.

Graham Cobb Silver badge

Re: Last rites ... hope not

It is no more the duty of Facebook etc to police messages than it is the duty of BT to police the content of phone calls, many of which have included "Common or garden criminality - online fraud, scams, threatening behaviour, criminal damage etc. etc." for over 100 years. Society copes with those and can cope with social media.

The solution is for there to be a choice of social media, which can compete on their choice of the level of moderation they apply (i) automatically, and (ii) through notification.

Graham Cobb Silver badge

Re: Companies which don't deliberately compromise user security will be fined

Yes, and although that means there is some hope of delaying some of the most stupid ideas until after the election, I have little confidence their replacements are any smarter. My guess is that Sunak and Starmer are both very smart people - it is their chained dogs on the back benches we have to worry about in both cases.

Some of the more stupid ideas look like just the sort of thing the next government will find useful to distract people from the chaos that is provoked while power settles down (just how will Labour resolve its serious internal splits, very sensibly being kept largely in hiding for now?).

Graham Cobb Silver badge

Re: This is government.

And they're not already taxed by the people supplying them?

It's not clear the prices would change (competition, in a larger market, may even bring them down) - but the tax recipients would change.

80% of execs regret calling employees back to the office

Graham Cobb Silver badge

Re: We have expensive real estate.

I disagree somewhat. In most of our industry, staff are generally competent (although I accept that an important part of managers' jobs is to maintain that). The biggest job of managers are to make decisions. Often very hard decisions (which of the 5 "top priority" things not to do because there isn't enough time/money/equipment/people, which of the 3 different ways the company could collapse based on this decision to treat as the most important, etc).

They need to listen to input. Judge for themselves which of the (contradictory) input is the best. Make the bloody decision, communicate it, don't change it except in exceptional cases, and let people get on with implementing it - providing the escalation route for all the people trying to interfere by telling staff to do something else.

Graham Cobb Silver badge

Re: Idiocracy

The other problem with Oxford (not picking on Oxford - other cities are the same - but my experience is with Oxford) is that the city is not (and should not be) there just for the residents of Oxford. It is a major regional hub, serving many times the number of people who live or work in the city. Unless you want to depopulate the countryside completely you have to provide resources for the rural population as well.

Banning cars from a city and then not providing efficient public transport from the hinterland (including when venues close) just makes it impossible for people in the surrounding area to use the city. And then the city-dwellers wonder what happened to their theatres, concert halls and restaurants and why their kids can't find performance venues to start their careers.

Florida Man and associates indicted for conspiracy to steal data, software

Graham Cobb Silver badge

Re: Election Integrity

Most of the developed and developing world does not have fascists owning guns.

Chinese media teases imminent exposé of seismic US spying scheme

Graham Cobb Silver badge

Re: I'm very dubious about this


Oracle, SUSE and others caught up in RHEL drama hit back with OpenELA

Graham Cobb Silver badge

Re: "withholding"

I am sure what you say is true. However, it is the principle that matters. If you are distributing software including GPL-licensed code then you should be freely providing the source code to anyone who wants it, for whatever reason they might want it. And not just "what changes you have made" but "exactly which lines of code went into exactly this binary".

That is the basis on which I have GPL-licensed my code, and made it available to you to use if you wish. Just as the GPL does not allow me to state that "everyone except RedHat" can use my code, you cannot say "trust us - we haven't changed your code".

The right of everyone to see what you have done to my code is the price for you being able to use my code.

Orkney islands look to drones to streamline mail deliveries

Graham Cobb Silver badge

Re: Yeah, bad weather is a problem

Although I don't know why, I suspect that drone deliveries may be faster, and you can afford to operate more at the same time. Both would help with the big problem with ferries: it is a lot of boat to move and you need to be sure it can land when it arrives. So you need reasonably big gaps of good weather - drones may be able to work in shorter gaps.

What would sustainable security even look like?

Graham Cobb Silver badge

Re: Nobody is legally responsible, oops

That's easy: the CTO. They need to have the legal responsibility so that they are incentivised to make sure their employee cannot violate the rules.

That is how company regulation works.

Satnav for the Moon could benefit from Fibonacci’s expertise

Graham Cobb Silver badge

Re: Satnav for the Moon

"I've been telling you for the last 3 hours... let's just stop and ask one of those nice Clangers. Why won't you stop and ask for directions?"

FBI boss: Congress must renew Section 702 spy powers – that's how we get nearly all our cyber intel

Graham Cobb Silver badge

Re: Abuse it, you lose it

Renew it for 6 months, with notice that it will be taken away at that time if they can't come back with evidence of actual and effective changes to reduce queries by at least 90% and eliminate the use for domestic crime-fighting.

Exceptional powers must be used exceptionally.

TETRA radio comms used by emergency heroes easily cracked, say experts

Graham Cobb Silver badge

Re: Modest proposal.

We should probably assume no digital service to be genuinely secure.

Probably true. At least for a service. And maybe for off-the-shelf commercial software.

That goes for every operating system and telephony protocol.

I don't think that is true. I may be hopelessly deluded, but I do think that open source software like gpg is as good as we can make it. There are bugs, of course, and some of them may even be bugs inserted by careful undercover agents to deliberately weaken the implementation. But I am optimistic that the software is pretty damn secure and that any such insertions are difficult to use and are probably reserved for the highest level targets (governments, terror groups, militaries, etc) to avoid burning them on catching mere 'criminals'.

VirusTotal: We're sorry someone fat-fingered and exposed 5,600 users

Graham Cobb Silver badge

Re: Yummy !

These were employees of customers of VirusTotal who had accounts on it relating to their work. It would be against employer policies to provide anything other than their official email addresses.

The issue is completely with VirusTotal - and I hope these important customers reconsider whether a company that can't keep their customer data confidential is a suitable provider of security-related services to customers like military and government.

RIP Kevin Mitnick: Former most-wanted hacker dies at 59

Graham Cobb Silver badge

Re: RIP Kevin

Indeed. His "social engineering" and Morris's "worm" are the two defining moments which really created computer security as a topic, in the 1980's. I remember both very clearly, and both had massive impacts on the way we worked in DEC's Engineering group. It is unimaginable today how lax even big IT companies were before Mitnick and then Morris.

'There has never been a realistic plan' for UK's £11B Emergency Services Network

Graham Cobb Silver badge

Re: modern world

Actually, "robustness" and "reliability" are probably pretty similar - failure modes are very different from analogue but I suspect they even out.

"maintainability" is different -- cellular is much more complex, so it won't be any use when centralised facilities are destroyed (wartime, for example), but that is not what the emergency services are really designed for. The benefits of data comms in real-life, day-to-day emergency services vastly outweigh the maintainability disadvantage.

Graham Cobb Silver badge

There are reasons that cellular mobile comms was invented and we aren't all carrying walkie-talkies. Cellular is much, much, MUCH more efficient in how many users can be conducting simultaneous conversations (and using data comms) at the same time over a particular channel allocation.

It goes obsolete quickly so that new technologies (way beyond voice) can be provided over the same chunks of spectrum allocation.

That brings big advantages to modern emergency services, but also some significant disadvantages. Welcome to the modern world.

Graham Cobb Silver badge

Re: An heir and a spare (or two)

What the world needs is good, reliable, and interoperable push-to-talk implementations. It is a few years since I was at all close to this but I don't think much progress has been made... mumble, mumble... kodiak...

Civil servants decided they couldn't afford the risks of interoperability problems (and the finger pointing that would result) so went with single supplier. Would have been a great idea if it had worked. But...

Google toys with internet air-gap for some staff PCs

Graham Cobb Silver badge

Re: Only middle managers, presumably?

I am sure there are a lot of people who do clerical and administrative jobs. Some of whom probably don't need internet access from the screen they use which is connected to corporate systems (HR, accounts payable, etc) - particularly if they are provided with separate phones or laptops to use when they do need to access the Internet.

Just be very careful not to upset the secretaries - even Google could not withstand such wrath!

Linus Torvalds calls for calm as bcachefs filesystem doesn't make Linux 6.5

Graham Cobb Silver badge

Re: Rights and Wrongs

Of course, but NILFS2 is not a mainstream filesystem. Sorry, but the choice for 95% of people is between XFS, Btrfs or or ZFS.

Graham Cobb Silver badge

Re: Rights and Wrongs

I'm not trying to sell it. Just provide useful information. And correct the perception that it is "nearly there". It is as stable and complete as XFS and ZFS: all of them have been in production use for over a decade, all work reliably, all have new development happening all the time, and all of them are missing some features that others have.

Btrfs is a very good, very useful, very stable and reliable filesystem. As are XFS and ZFS. It has been in production use in Linux distributions for over a decade. They each have different strengths and weaknesses so selecting which to use depends on comparing individual needs to the particular filesystems strengths and weaknesses. If you want COW & Snapshots in a Linux filesystem then Btrfs is the right choice.

You're too dumb to use click-to-cancel, Big Biz says with straight face

Graham Cobb Silver badge

Re: As an example of how easy things are currently....

Any company which offers me a discount to stay automatically goes on my "never deal with them again" list. Make me your best offer - if it is good I will go with it, if it is not, I won't and if you improve it you will never get a penny from me again.

Graham Cobb Silver badge

Re: How hard can it be? Ask Comcast

Yep. I never, ever accept any deal offered to me after I decide to cancel or not buy. And, I add them to the list of companies that I will not do business with ever again, even if it costs me money in the future.

It is just the principle: make me your best offer - you get one try only.