* Posts by Richard 12

3888 posts • joined 16 Jun 2009

Alphabet promises to no longer bung tens of millions of dollars to alleged sex pest execs who quit mid-probe

Richard 12 Silver badge
Unhappy

Re: not always like this

If said dev had been highly effective and done the same or worse misconduct, do you think they would still have been fired?

Richard 12 Silver badge
Unhappy

Not if it's company policy

As that forms part of the employment contract.

The point of such policies is to ensure they actually complete the investigation, instead of grabbing the money and running before their reputation is affected.

That said, internal investigations like these almost always fail because the managers usually scare any witnesses into silence.

I know three people who told me they suffered sexual misconduct at work. One pushed for an investigation... Which said there wasn't enough evidence to even give the perpetrator a written warning - so she resigned.

The other two resigned to escape it, they didn't think there was any point in even formally reporting it as it was clear the company would not censure him.

I think he is still a top manager there, and I would not be surprised if he has other victims.

There is a general problem, common to most, possibly all companies that underlings tend not to be believed.

Not Particularly Mortifying: IEEE eggheads probe npm registry, say JavaScript libs not as insecure as feared

Richard 12 Silver badge

So how exactly does one check?

Upgrading a library surely means doing an audit of the changes, and it seems that it is a deep tree of dependencies, often with hundreds of referenced packages.

The reason these cryptocurrency miners and other worse things appear in real applications is because devs aren't able to properly audit updates.

So what is the IEEE really suggesting? That devs should just update without any audits?

Ethernet failure on Swiss business jet prompted emergency descent, say aviation safety bods

Richard 12 Silver badge

Re: It's the default response to cabin pressure

It hasn't. You may wish to RTFA.

Richard 12 Silver badge

Re: ARINC664/AFDX vs COTS

So the physical layer is indeed Ethernet, but the switch fabric is special.

That makes sense. Ethernet physical layer hardware has had billions of hours of testing, so the failure modes should be well understood by now.

Richard 12 Silver badge
Stop

It's the default response to cabin pressure

If something happens that either does or is likely to result in the loss of cabin pressure, you dive to 10k feet (unless terrain).

This is because the emergency oxygen supply doesn't last very long, and you need to be in breathable outside air before it runs out.

So it's basically an automatic pilot response to their oxygen masks deploying.

If your mask pops out of the ceiling, you put it on and start the emergency descent. You don't ask why it happened until you're down at a safe flight level.

Second lockdown? Perfect time to unveil Teams Breakout rooms and another ginormitor – the 85-inch Surface Hub 2S

Richard 12 Silver badge

Re: $21,999 85-inch jumped-up whiteboard

Digital whiteboards are big in education.

Weirdly, the school ones are far cheaper, far bigger, and work far better than the ones aimed at corporate bigheads.

Plus you can clean off the vomit much easier.

iOS 14 suffers app preference amnesia: Rebooting an iThing resets browser, email client defaults back to Safari, Mail

Richard 12 Silver badge
FAIL

Re: Ha ha ha...

Android explicitly asks you which app you'd like to use to open anything the first time you try, with "always" and "just once" options.

It's even better than Windows 10, because it defaults to "just this once".

Some phone vendors might make that initial choice for you, but it's easily changed and in my experience has always stuck.

How do you solve 'disruption' at the UK border after Brexit? Let's call Peter Thiel! AI biz Palantir – you're hired

Richard 12 Silver badge

Re: GDPR?

Which the USA does not have, by law.

(Ours and theirs)

Apple takes another swing at Epic, says Unreal Engine could be a 'trojan horse' threatening security

Richard 12 Silver badge

Re: Premeditated Software Development?

Would you pay lots of money for an SDK that the supplier hasn't even been compiled for your target operating system?

If so, I have a bridge for sale.

Apple regularly break macOS and iOS APIs. A lot of the work of 3rd party developers is spent fixing these unnecessary regressions and deliberate breakages.

Safety driver at the wheel of self-driving Uber car that killed a pedestrian is charged with negligent homicide

Richard 12 Silver badge
Boffin

However

That "one job" is impossible, and made so by Uber.

Humans cannot maintain a high level of concentration for long periods when not actually doing anything.

On top of that, grabbing the steering and/or moving your foot onto the brake may not be physically possible within the available time.

Mostly-autonomous is probably the most dangerous stage and needs very careful human factors analysis, which Uber didn't do.

It also might have helped if Uber hadn't disabled the built-in driving aids.

Another week, another dual-screen phone, this time a T-shaped LG thingamy

Richard 12 Silver badge
Happy

I actually like this idea

Well, sort of. Aside from the mechanical fragility of the moving parts. I guess we won't know how tough it is until a toddler gets their hands on it.

It's finally paying attention to what people actually do - people like to watch X while chatting to friends on whatsfaceinstatoktwit.

Personal data from Experian on 40% of South Africa's population has been bundled onto a file-sharing website

Richard 12 Silver badge

The $128 million dollar question

What is South Africa going to do about it?

As they don't have a GDPR-style data protection act they probably can't fine them enough for them to notice.

I guess it's now contempt, which might let them imprison the top brass. That might make them sit up and pay attention.

Climb every mountain, wsl --mount every Linux disk in latest Windows Preview

Richard 12 Silver badge
Thumb Up

Re: Dual boot is so 1991

Exactly.

My PC doesn't need to be running overnight unless I've decided to set it actively doing something that takes ages, like compiling a new kernel or rendering something.

It's now fast enough that there's nothing I do that takes longer than a couple of hours, so now I run those "long" tasks over lunch or dinner, and always shut it down overnight.

My NAS is powered 24x7 of course, but that's a tiny ARM - and sleeps a lot, too.

Don't pay the ransom, mate. Don't even fix a price, say Australia's cyber security bods

Richard 12 Silver badge

Re: I agree with every word

So you trust them to put it back and not steal everything they missed first time around?

And you also trust that they won't dig a tunnel so they can come and go as they please in the future?

Are you really that stupid?

Richard 12 Silver badge

Re: Unsolicited is the key word

JPEGs have been used as an attack vector in the past too.

It is however much easier to defend against the remaining 5% of attacks when 95% of them have already been blackholed automatically.

Richard 12 Silver badge
WTF?

Re: I agree with every word

Paying a ransom does two things:

1) It marks you as an organisation that criminals should attack again. You paid last time, so you'll probably pay again.

2) It requires you to run unknown software, provided by the criminals, on your computers, with access to all your data.

Any smart criminal will use that unfettered access to make sure they can easily attack you again and again and again, and will sell that unfettered access to your computer systems to other criminals.

To put it another way:

You got burgled.

The burglar says they'll put your stuff back if you pay them and leave them alone inside your house for a few hours.

Do you pay the burglar?

Of course you bloody don't, because that would be insane!

Richard 12 Silver badge
Facepalm

Unsolicited is the key word

If you are not expecting the attachment from that particular sender, then DO NOT OPEN IT.

If you aren't expecting a link from that sender, then DO NOT CLICK IT.

If some random person sends an unexpected invoice, do you pay it?

Of course not. You don't pay invoices unless you actually engaged the supplier, and it matches the PO. If you never engaged them, you don't open the attachment.

On top of that, invoices are in a defined format, usually PDF. A company can specify that format. Thus anything that isn't a PDF is not an invoice, and so must not be opened.

That does make think that perhaps all non-pdf attachments and cloudy links should be removed from all external incoming beancounter emails?

You're all wet: Drippy chips to help slash data centre power consumption and carbon costs

Richard 12 Silver badge

Re: No physics again.

As far as I recall, they do a lot of "run hot" and passive environmental cooling, only using radiators instead of chillers.

Presumably they do have the chillers available if needed though.

Paragon 'optimistic' that its NTFS driver will be accepted into the Linux Kernel

Richard 12 Silver badge

Re: My suspicion

I mean it defeats the entire claimed reason for the commercial version - they can't magically un-GPL any code coming from the gnu/Linux project, and thus commercial licensors will be bound by the GPL for that portion.

Richard 12 Silver badge

My suspicion

Is that it's become a maintenance nightmare for them, and the reason for the code dump is that they want "the community" to maintain it for them.

And then they intend to pull the gnu/Linux GPL changes into their code and sell that frankenbeast under a commercial licence.

I'm not a lawyer, but I'm reasonably sure that the GPL prohibits doing that.

The Honor MagicBook Pro looks nice, runs like a dream, and isn't too expensive either. What more could you want?

Richard 12 Silver badge
FAIL

Re: Decimated

To whoever reported my comment, and whichever moderator removed it without thinking:

Beware the Ides of March. Et tu, Brute?

Learn your history - and Shakespeare.

Julius Caesar created the months that turned October into the tenth month.

This post has been deleted by a moderator

Why cloud costs get out of control: Too much lift and shift, and pricing that is 'screwy and broken'

Richard 12 Silver badge
Unhappy

Re: The problem isn't the Cloud, but poor monitoring

They don't provide decent cost monitoring.

You don't get cost breakdowns, which means the beancounters can't assign the consumed budget to each project, or even business unit.

And thus there is no incentive for each individual project to spend any effort trying to account for their usage.

Thus, they do not. They spin it up and leave it going.

And thus costs spiral out of control, until someone screams that the entire business risks failing unless Something Is Done.

That wasn't an issue when only one or two projects were "cloudy" (eg CDN), but as soon as it's tens...

Google declares Maps COVID-19-ready after retraining it on pandemic traffic – or the lack of it in some areas

Richard 12 Silver badge

Country lanes and side streets are shorter, but motorways and bypasses are faster.

Even ignoring traffic, roads have different safe speeds, and junctions different time costs.

The trick is to somehow get a sufficiently accurate estimate of those costs into the graph. Quite why that's AI or even "machine learning" is beyond me though. Measuring real data from real events and inserting that into a rolling average wasn't called that when I was learning about such things.

In the frame with the Great MS Bakeoff: Microsoft sets out plans for Windows windows

Richard 12 Silver badge
Facepalm

We dropped XP support this week

We're not going to drop Windows 7 support for a long time, nor 8.1.

Nobody is going to even consider something that's "Windows 10 2109* only", because users don't even know which version of Windows 10 they have.

A new windowing API is dead before it even arrives because Microsoft chose this "only one version forever" approach.

* To pick a random future version

Critical vuln that lets miscreants hijack computers via Slack? *Sucks in air* We'll give you $1,750 for it

Richard 12 Silver badge

Devs don't choose it

Electrons entire existence is based on it being a framework any monkey can use.

So managers choose it, and hire the cheapest monkeys possible.

Richard 12 Silver badge

"Run arbitrary code"

In an Electron "app" that also means "replace the entire Electron binary with one that does whatever the miscreant so desires".

Thus leaving a fun timebomb that will explode next time the user starts the thing.

Electron drives a coach and horses through the OS security model, so your only defence is Electron itself.

Which apparently has no defences by default. Joy.

Amazon spies on staff, fires them by text for not hitting secretive targets, workers 'feel forced to work through pain, injuries' – report

Richard 12 Silver badge

On the way to/from work.

Would you be happy to leave your cash in the "locker" at a workplace like that?

Sounds like the black helicopters have come for us. Oh, just another swarm of FAA-approved Amazon delivery drones

Richard 12 Silver badge

I've ordered Amazon same-day exactly once

It was some shoes for a friend who was being discharged from hospital the other side of the country, and unfortunately his original ones had been destroyed due to how he ended up there.

It was very useful, and I gladly paid for the privilege of having a bike courier do the drop.

A drone couldn't have done this, as the courier had to go inside and ask the receptionist where my friend was.

Dell: 60% of our people won't be going back into an office regularly after COVID-19

Richard 12 Silver badge
Flame

Heat destroys the virus

So setting fire to the desk each evening sounds like an excellent idea.

Richard 12 Silver badge

Extroverts hate it

Remember that extroverts recover from stress and get their energy by interacting with people face to face.

WFH is basically their idea of Hell.

Check in on your extrovert friends, they are not ok.

On top of that, anyone who has to work in their kitchen or similar has no way to "switch off". Work and home life need to be kept separate.

IBM ordered to pay £22k to whistleblower and told by judges: Teach your managers what discrimination means

Richard 12 Silver badge
Headmaster

Re: You want Equality? You get Equality.

Back in your hole, troglodyte.

There's plenty of actual legal precedent. She was simply warning IBM that they would be likely (in fact, certain) to lose in court, and maybe obeying the law might be a good idea.

Utes gotta be kidding me... University of Utah handed $457K to ransomware creeps

Richard 12 Silver badge

Re: Utah Retard School

Depends on who the hackers are selling the data to, really.

Paying up just means they probably won't post it publicly, they'll be charging other miscreants for access instead.

After all, if the mark paid half a million for them to keep schtum, the data must be worth a fair bit to the right buyers.

Apple hits back at Epic, says Fortnite crew wants a 'free ride' on fees: Let the app store death match commence

Richard 12 Silver badge

Re: A good time to be a lawyer...

If you are a consumer or developer, you should be siding with Epic.

Apple are a full and total monopoly in the context of iOS, and are trying to become one in the context of macOS.

Operating systems are not easily exchanged, as if they were then Linux would have killed Windows a decade ago. Oddly enough, it hasn't.

Leveraging their app store monopoly into an in-app purchase monopoly with such high fees (the Play store charges less) certainly looks like an abusive practice.

If the current situation becomes formally approved, then everybody else loses.

The only question is whether Epic have deep enough pockets.

Richard 12 Silver badge

Re: Serve at the pleasure of King Jobs

It is not possible to place an app on an iOS device without Apple's permission.

Apple explicitly prevent all other app stores and sideloading, and every method of doing so is a critical security flaw that they fix as quickly as possible.

Aw, Snap! But you should see the other guy – they're in dire need of a good file system consistency check

Richard 12 Silver badge

Re: Look at all this new-fangled nonsense

BBC micros don't crash, they just BAAH without the Bip!

Epic Games gets itself epically banned, launches epic Fortnite death match with Apple over App Store's epic 30% cut

Richard 12 Silver badge
Mushroom

Re: Unfortunately, Apple will win

Epic simply have to prove that the context is iOS. If they can win that argument then Apple lose.

It will take a decade as they'll appeal all the way - Apple can afford to drag it out, so they will.

Whether Epic have deep enough pockets remains to be seen.

Google are likely safe from this argument because the Play store is not a monopoly in the context of Android. Other Android app stores are available - just discouraged.

Ink tanks park themselves all over the lawns of Western Europe as orders flood in

Richard 12 Silver badge

Odd. Never had that problem.

My previous HP photo inkjet was absolutely wonderful for about 15 years, the last five of which it was doing a print run every two or three months. Never dried out, just moaned that the ink was out of date. Really cheap ink too, as it was so old!

Then the gears for the paper pickup broke and I couldn't figure out how to swap them.

My new inkjet has a reasonable scanner with stupid missing features - it won't do multi-page PDF (WTF?), but again is perfectly happy to do a print run every couple of months. Sadly its ink is very expensive.

Intel NDA blueprints – 20GB of source code, schematics, specs, docs – spill onto web from partners-only vault

Richard 12 Silver badge
Holmes

AMD will be very carefully avoiding looking

While Intel will be going through their customer database, trying to match the set of leaked files with what each customer has access to.

Someone has probably breached their NDA, and that someone will be in deep doo doo if Intel work out who - even if they can't prove it sufficiently for the civil case, if they're pretty sure they may revoke future access.

Search for 'things of value' in a bank: Iowa cops allege this bloke broke into one and decided on ... hand sanitiser

Richard 12 Silver badge

Re: By the way:

Means you can't rinse it off.

Ever.

Aviation regulator outlines fixes that will get the 737 MAX flying again

Richard 12 Silver badge

Re: the plane may find eager customers

Everyone, their dog and their hamster now knows that the 737-MAX is a deathtrap.

Which is why they will rebrand it, and try to keep the new name 'clean' and as confusingly similar to other 737 airframes as possible.

Richard 12 Silver badge
Unhappy

Re: It's a Boeing

Pilots can always decide to crash their aircraft.

Air France screwed up their training, not Airbus.

A pilot who thinks "take-off go-around" is a sane mindset at cruising altitude should never have been put in control of an aircraft.

Let alone one who can't even follow the core "decide who is flying this thing" protocol.

The saddest part of that crash is that the aircraft would have been absolutely fine if the pilots had left well alone :(

Doctor, doctor, got some sad news, there's been a bad case of hacking you: UK govt investigates email fail

Richard 12 Silver badge
Facepalm

Re: Confused about Brexit...

The Russians simply want to spread disorder and division.

Classic, ancient divide and conquer. The tactic is thousands of years old.

Splitting the UK from the EU hurts the EU and severely damages the UK. Proving that Tory ministers can't be arsed to follow basic security damages other nations confidence in negotiations, resulting in worse economic damage to the UK. Showing that Corbyn would use Russian-provided intel damages confidence in the Opposition.

By refusing to think, you're playing into Putin's hands.

US drugstore chain installed anti-shoplifter facial-recognition cameras in 200 locations – for eight years

Richard 12 Silver badge

Re: Casinos ...

You mean the cost of "vaguely appearing a little bit like someone else at certain angles to an unknowable algorithm".

Facial matching algorithms are poor to terrible, and get worse the more "targets" and angles they're supposed to match against.

'We stopped ransomware' boasts Blackbaud CEO. And by 'stopped' he means 'got insurance to pay off crooks'

Richard 12 Silver badge
FAIL

Re: "don't anticipate any material financial impact" and "do have insurance coverage"

100% of their EEA and UK customers are now in breach of the local data protection laws due to failure to notify in a timely manner.

That is rather likely to become expensive, and as it wasn't mentioned in their earnings call it could be considered misleading the shareholders.

Which is also rather expensive.

Microsoft confirms pursuit of TikTok after Satya Nadella chats to Donald Trump

Richard 12 Silver badge
Alert

Re: LMFTFY

White ones, with dimples.

He tries to hit them every few days at taxpayer expense.

Linus Torvalds pines for header file fix but releases Linux 5.8 anyway

Richard 12 Silver badge
Unhappy

Macros are the problem

Well, abuse of macros.

There is a "fake header-only" programming style where you have to include the header (at least) twice, one of which has to be with a special macro defined, and the rest must not. Popularised by the STB libraries I think.

It's now mostly used by people who think they're very smart but are actually very foolish, as it's basically impossible for IDEs to highlight and the worst possible case for the toolchain.

A compiler that tried to work out this ridiculous mess would never be able to compile it at all.

IT giant CSC coughs up $2m after helping New York City bill Medicaid for child therapy rather than insurance cos

Richard 12 Silver badge
Angel

Time to close down the insurers

If they won't pay up within 90 days, then end them and move their customers to a state-run insurance scheme under the same terms.

You'll only have to terminate one or two insurers before the rest play ball. And if they don't, well, it won't be long before you've got a single-payer system and bingo, problem solved.

Burn baby burn, plastic inferno! Infosec researchers turn 3D printers into self-immolating suicide machines

Richard 12 Silver badge

Required physical access

So it's a non-story.

If someone can physically get to the printer, they could do literally anything. That's why we have locks on our doors.

Though quite why they would install dangerous firmware as opposed to stealing all my stuff is beyond me.

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020