Re: Holy fuck
I'm utterly stunned.
Our users pay more attention to machine and network security, and the worst that could happen if they screw up is that somebody has an epileptic fit!
Or it goes very, very dark.
6102 publicly visible posts • joined 16 Jun 2009
Windows 7 doesn't have an administration account. (That can be logged into locally)
It has accounts that can elevate applications to admin - similar to sudoers.
By default, every user except the Guest account is able to elevate - unless you know how to turn that off.
So why be surprised that almost everyone uses the default configuration?
In order to comply with disability legislation, you need to cover the worst plausible case.
Color deficiency is indeed a sliding scale, from 2 macadam problems up to a total lack of one or all types of cone.
While full colour blindness is rare, it does exist and must be allowed for by public design. You can't make it impossible for someone to drive just because they can't distinguish the colours.
I'm glad that two of you just decided to assume I'm an idiot rather than read the actual words I used, or pay attention to the relevant legislation.
I had rather expected better here. Truly, DevOps melts your brain.
Given other warrants and court orders the FBI have gained, I suspect that they asked this particular magistrate because they knew that one would say yes.
And didn't ask the correct judges because they were unsure of which answer they would give.
Otherwise we're expected to assume outright stupidity on the part of the FBI.
Go on FBI, are you lawbreakers or idiots?
Oh, the fun of timed events.
Whenever a client asks for them, I have to remind them that a timed event happens at the time they designated and will always happen, unless they manually tell it not wait/cancel that day.
Then I ask exactly how they want to do the wait/cancel.
It's important to get that in writing, especially the "We don't need that" comments...
If you sell an internet-connected device, you are liable to provide security updates for the reasonable lifetime of the product.
Any published vulnerabilities must be corrected in a reasonable period of time, not exceeding six months of their publication.
Withdrawal of Internet servers required for significant operation of the connected device within its reasonable lifetime shall require a full refund of the original purchase price and payment for the disposal and recycling of the device, as the device is no longer fit for purpose.
This shall be reduced if the complete source code, build tools and special update hardware required are provided under a free open licence to everyone who has ever and will ever own the device, so they can modify it to work with an alternate server.
I think that should kill the industry pretty dead.
The non-Embedded versions of Windows need to talk to an authentication server to "activate".
So if those central servers went down, then it would very quickly become impossible to bring up a new Windows computer.
Or fix one that decided it had been changed "too much".
Not going to happen in semiconductors.
The ~4 GHz limit is due to the physics of how the clock is distributed around the chip.
As process size shrinks, the smaller physical distance between gates reduces latency (linearly), however interference increases (inverse square law) and thus Bad Things happen.
If your workload really can't be done in parallel then you're stuck.
However, it is very unlikely to be genuinely true. Very few workloads are totally serial, and so you can usually find some sections that are independent.
If you find it runs noticeably slower when running in parallel then your architecture for doing it is almost certainly incorrect, and is blocking threads way too often.
At worst it should be slightly slower due to thread context switch.
Processor design hit a MHz barrier years ago, at approx. 4GHz.
If you can't make your workload multicore then you are never going to go faster on electronic semiconductor hardware.
Put your effort into finding ways to use those extra cores, because otherwise you will not get more work done per unit time until there is an all-new type of hardware in town.
Having rotation as a driver thing was useful in WinXP, but not since then as the rotation became an OS option in Vista.
But Intel, in their eternal stupidity, not only kept the driver option but also the keyboard shortcut to do it.
One of several reasons why I hate Intel Integrated Graphics.
The reason is that the product pre-release life cycle is incredibly long.
Medical products go through a very lengthy period of pre-release certification, and so it can easily be five years after development began before it even ships.
So even if you start at the bleeding edge, it's way behind by the time it first ships.
you may have a system where root needs to administer the actual computer, but you wouldn't want the root user to have full control over the system; for example you may have sensative information on there, which the systems administrator may not be authorised to read.
Permissions cannot solve that, ever.
If a user has full control over the computer, then that user can always look at the content of any file they want - worst case, they can go look at the raw bytes on the disk.
The only way to secure data against unauthorised access is to encrypt it and keep the decryption key secret - and not on the computer.
That has no bearing on what "root" or "admin" privileges mean.
The four places that are really easy to hit with a mouse are the screen corners as they're infinitely deep, so let's put the "lose everything" button in one of them.
- and the "Start" button inexplicably a couple of pixels away from the corner in one Windows OS, I forget which. Snatched crushing defeat from the very jaws of victory.
The more recent removal of title bars is actually a pretty decent idea as it makes the toolbar buttons infinitely tall.
W8/10 further complicated it as the corners are quite hard to hit on a touchscreen.
As presumably the Trojan is inside something the user expected to find on the stick - otherwise they would not run it.
Perhaps part of a "System Restore" function for the particular air-gapped system that's either being repaired or being wiped for sale?
The theory behind the 'night shift' is sound and has been tested quite extensively.
"Warmer" colours are soothing (fire, candlelight, sunset), while bluer colours like the D50 and higher colour temp used in LED backlights cause a waking response, resetting the body clock.
Mamy people suffering SAD are helped by a bright high colour temp light during the day to keep their body clock in sync during the dark winter months.
There have been Android apps to do this for years.
It's odd that Apple are so far behind though, this is the kind of thing I would have expected them to jump at it years ago.
Apple know how their phone backup system works, and clearly the FBI do not.
Changing the password was an obviously stupid thing to do - when I change my backup password, my phone suddenly can't make backups! Shocking, I know.
The remote wipe is a command sent from an Apple server, and is thus quite easy for Apple to block.
I'm sure that Apple have done so several times after receiving a lawful court order.
Apple have also already handed the FBI the content of this person's iCloud backup.
The case really looks like it's either the FBI trying to cover up their incompetence and then ending up in really hot constituiinal water by mistake, or a deliberate attempt to subvert the rule of law.
Personally I think it's both.
The C and C++ standards don't require it to be, and so you cannot assume that all compilers will actually do that.
Char also isn't signed or unsigned. The compiler can choose!
MAX_CHAR and CHAR_BIT exist because the compiler can make char (and int and long) as big as it likes. As does CHAR_BIT.
C89 was a mess. If you actually need the size to be right then you needed compiler checks to confirm the size of char etc.
At least C99 fixed that nonsense by adding int8_t and friends.
Shame that VS2008 didn't support them!
Most "create installers" tools are pretty awful, and a lot do the wrong thing by default.
It doesn't help that most of the documentation is obtuse, and some is wrong.
That's before running into "virus scanner decided part X was a virus and silently removed it" problems.
Software installation is insane. Why is it still so hard?
People's email is on their phone.
Including internal corporate "email" that normally only resides in corporate servers and has never been transmitted unencrypted.
Including information about private systems, that may include passwords.
Including access to password reset facilities.
That's before you consider the social engineering promise of being able to call someone from the CEO's actual phone.
And the general phishing opportunities if you have the entire contents of their phone.