* Posts by Gordon 10

3618 posts • joined 22 Jun 2009

BMA and Royal College of GPs refuse to endorse NHS Digital's data grab from surgeries in England

Gordon 10 Silver badge

Re: Let's call it the "GPDPR"

That’s the bit I don’t get. How can it be informed consent when it’s auto-opt-in?

Ofcom gets new CTO as UK regulator welcomes Amazon Alexa Smart Home exec

Gordon 10 Silver badge
WTF?

Hmm.

A long standing career as a product manager seems a slightly odd choice for a CTO but maybe Im expecting too much for the T to stand for Technical.

https://www.linkedin.com/in/sjogia/

Ubuntu, Wikimedia jump ship to the Libera Chat IRC network after Freenode channel confiscations

Gordon 10 Silver badge
Joke

And Business Development lessons from Chemical Ali.

Gordon 10 Silver badge
Big Brother

By their actions you will know them

The dude seemed quite reasonable in his original press release to El Reg a couple of weeks ago and made it sound just like another internet spat.

However his actions since pretty much underline who’s the bad guy here. What a toerag.

AWS Free Tier, where's your spending limit? 'I thought I deleted everything but I have been charged $200'

Gordon 10 Silver badge

Re: AWS - Automated Wallet Slimming?

Siphoning.

Gordon 10 Silver badge
Thumb Up

spending limit cannot be applied to pay as you go ...in production,

For the above I think this is reasonable of MS here.

By definition the act of releasing your code into Production should include impact analysis of the changes which should include a pretty robust assessment of the charging/scaling expectations, followed up by a period of aftercare where things like resource utlliization are monitored more closely than usual.

TL:DR. - Dont use the production tier if you dont use/understand SDLC.

SDLC along with real robust test plans are what separates software professionals from gifted* amateurs imo. Just because you have the job title and the pay grade don't mean you are, and lets face it we've all met even some very senior people who fall in this bucket - and take their colleagues/teams down with them.

* I leave it the reader to define what this means.

Snowden was right, rules human rights court as it declares UK spy laws broke ECHR

Gordon 10 Silver badge
WTF?

So basically

TL:DR

A moral victory but essentially pyrrhic?

They'll carry on what they are doing and they are very sorry, but business as usual Guvnor?

All seems to be making a point but without any actual useful outcome.

Let us Play: Smartphone brand Honor lets slip it has gained access to Google Mobile Services licences

Gordon 10 Silver badge

Hmmm

Presumably Pres. Biden will be involved in any decision whether Honor is a freed hostage or a dangerous gangster on the run from US regulatory justice. (In corporate terms of course).

If the former expect the GMS licenses to be revoked forthwith.

UK data watchdog fines 'pandemic partner' biz £8k: It sent 84,000 marketing emails to people who'd given info for track and trace

Gordon 10 Silver badge

Re: "it had faced technical difficulties"

Whilst I dont disagree with your point I came here full of the same piss and vinegar only to discover reading between the lines that these guys had effectively set themselves up as a MITM generating QR codes to be passed along to the NHS.

So this was essentially a MITMA *on* NHS Track and Trace not *by* Track and Trace. I leave it to the reader to decide if the enabling of a MITM is a deliberate action by the Govt to enable some arms length Pork Barrelling.

Parliament demands to know the score with Fujitsu as Post Office Horizon scandal gets inquiry with legal teeth

Gordon 10 Silver badge
Flame

Re: At last!

I hope some of the Discovery work for these cases leaks to the public domain. I'd love to see some "smoking gun" emails pointing at Venells and others...

Unit4 handed police ERP deal after 'significant deficiency' found in Oracle Fusion system

Gordon 10 Silver badge

Re: Something in the water?

Not unique to the UK, but unhappily frequent anywhere near a Govt pork barrel.

It does lead you to wonder if outright bribes like in certain other parts of the world are ironically more honest.

Gordon 10 Silver badge

Re: system or config?

Unless they were looking for an excuse.

Or that Crap Gemini bolted on some kind of extension with a b0rk3d permissioning framework.

Are you ready to take a stand? Flexispot E7 motorised desk should handle whatever you dump on it – but it's not cheap

Gordon 10 Silver badge
Childcatcher

Am I the only one

Whose OCD is twitching because of the mismatched monitors?

Mammoth grab of GP patient data in the UK set to benefit private-sector market access as rules remain unchanged

Gordon 10 Silver badge
Thumb Up

Re: I assume it is this!!

Thanks for this. You can also use it to check what you set it to last time you read about an NHS data grab on The Register. FWIW mine was opted out

Gordon 10 Silver badge
Joke

Re: Concerning...

But... but .... that would be illegal.

NHS-backed org reacted to GitHub leak disclosure with legal threats and police call, complains IT pro

Gordon 10 Silver badge

AND so what if they do? If you are worried about that you send a parallel disclosure to the relevant authorities.

Gordon 10 Silver badge
Facepalm

Im still unclear on why he needed to keep ANY data other than a couple of screenshots.

Using the leaked creds once is technically unauthorised access even if just checking they work. Using them to exfiltrate data (which is what appears to have happened) goes way beyond the pale regardless of how well intentioned he might have been.

I do think from a technie point of view the company over-reacted but that just human nature and security "researchers" should be aware and prepared for this.

FWIW I think the guy went from White Hat to Grey Hat when he stopped confining his work to disclosing the hole, and instead appears to have appropriated the data as "evidence" either to avoid the company covering it up, or for academic curiosity. It wasnt his job to investigate the extent of the breach.

Regardless of how egregious the hole discovered making moral judgements about a companies response or potential response is out of the scope of White Hattery and emotionally and corporately naive. You shouldn't be doing this activity for anything more your own satisfaction, and should not be expecting anything more than a grudging acknowledgement and cover up, and if such a thing occurs - unless that breaks a local disclosure law - you dont get to judge.

Man paralyzed from neck down uses AI brain implants to write out text messages

Gordon 10 Silver badge

Re: Getting there!

Indeed. It almost sounded like the medical types were at risk at applying the same standards to the software as to the hardware which might be overkill in a read only application like this.

Get the hardware right (and safe and certified!) and the software will come along behind it. I'm guessing there would be plenty of people willing to spend an hour a day retraining the ML if it lets them communicate well for the rest of the day if they knew the implant is safe.

App Tracking: Apps plead for users to press allow, but 85% of Apple iOS consumers are not opting in

Gordon 10 Silver badge
FAIL

Brave? Are you insane?

The browser which silently inserts affiliate links as it goes along? And still does according to the twittersphere.

Another week, another issue: Virgin Galactic mulls test flight restart as VSS Unity fixed – but VMS Eve might be borked

Gordon 10 Silver badge
Joke

Re: Sending the wealthy to space

They can (space)walk back.

UK's Department for Work and Pensions continues to move off Oracle Enterprise Data Warehouse in pursuit of a single version of the truth

Gordon 10 Silver badge
FAIL

Re: So a recuction of privacy then ?

Thats a rather naive and blanket statement.

On prem is fractionally safer if done well in your own wholly owned DC or Cupboard (are you checking the minimum wage cleaners access?) - but how many companies actually do that? Let alone a Public requirement contracted out to the lowest bidder or an MP's bestie.

However by default a lot more effort has gone into making the the Cloud DC's and their services secure by design, and they are unlikely to be addressable to a random Googler.

With a State actor all bets are off anyway - I would go out on a limb and say they are equally at risk as the compromise is probably at the network/infratstructure/factory level.

UK government resists pressure to hold statutory inquiry into Post Office Horizon scandal

Gordon 10 Silver badge
Unhappy

Re: Who needs an inquiry?

I was surprised to see that PE appears to have no easy way to contact its journo's. Contrast that with the Grauniad which has Signal addresses coming out of the wazoo.

Gordon 10 Silver badge

Re: postofficeretrial web site

This is a surprising factual, punchy document from the Justice Parliamentary Committee. Worth an end to end read. It covers the recommendation for prosecuting Fujitsu staff.

https://publications.parliament.uk/pa/cm5801/cmselect/cmjust/497/49702.htm

Gordon 10 Silver badge

Re: It's not just an IT scandal

You need to be clearer on where to direct your ire. Which is on the current Government who are failing to enact a series of recommendations to clean up Private Prosecutions made by the relevant Parliamentary Committee 6 months ago. I encourage you to Google for it - makes good reading.

Gordon 10 Silver badge

Re: Statutory inquiry

I think you are misunderstanding the role of the judge in the proceedings. The question you should be asking is how the PO was able to deny/bury material that should have been available to the defence team.

I suspect but don’t know that a number of cases did not proceed when a savvy defense solicitor or barrister was involved and it was dependent on luck of the draw and financial resources for the SPO’s involved.

NASA comes up with COVID-19 infection detector that's out of this world – E-Nose built from space station gear

Gordon 10 Silver badge

Re: Deployment?

If blowing into a device - will it be self cleaning before the next subject blows?

Gordon 10 Silver badge
FAIL

BBBZZZTTT WRONG!

Complete fail.

Manufacturing beats breeding & training.

Once you come up with a way of mechanising something you can scale up kit as quickly as you can get the raw materials and equipment to make it.

Breeding & training a new sniffer dog takes over a year and if similar to guide dogs has a high washout rate.

Unless you are suggesting mass scale puppy farms and industrialised training? That would go down well with the public.

Its one of the reasons we are driving cars rather than still riding horses. That and the vast quantities of poop. Which come to think of it is an issue with this idea too.:D

39 Post Office convictions quashed after Fujitsu evidence about Horizon IT platform called into question

Gordon 10 Silver badge

Re: and

AFAIK you are incorrect in conflating Private Prosecutions with what the PO and RSPCA do. Im 90% their ability in law to do so is either explicit in the relevant legislation or implicity part of the Criminal justice system.

Starlink creates risk of internet investment doom cycle, says APNIC researcher

Gordon 10 Silver badge

Utter cobblers

Headline grabbing cobblers.

My academic attention whore alarm is going off.

The same can be said for any broadband service, which is why they have lots of ways of dealing with it, most of which will be applicable to Starlink.

I would also note that the solution for Starlink is to throw more birds in the air and on a per user basis it’s probably cheaper than digging holes in the ground.

Capgemini scores £150m contract to help Student Loan Company overcome its IT problems 5 years after £50m superfail

Gordon 10 Silver badge
Flame

WTAF

AFAIK The SLC has one job to do. Finance and recover student loans over a generational period.

How the actual f*ck does it have an IT estate in the £100's m cost range?

University duo thought it would be cool to sneak bad code into Linux as an experiment. Of course, it absolutely backfired

Gordon 10 Silver badge
FAIL

Re: Place your bets...

Thats a naive statement. Its possible to get quiet co-operation for these sort of activities if the approach is right. It happens all the time in corporate environments.

This was lazy unethical behaviour - I suspect because they couldn't be bothered to get co-operation or were frightened of being told no.

Satellite collision anticipated by EU space agency fails to materialize... for now at least

Gordon 10 Silver badge
Meh

Re: Looking forward to full reusability & refueling

Hmm.

Given that SpaceX is also throwing up entire satellite constellations in volumes few others can match, I think this is a score-draw at best.

I'm no rocket scientist but if a couple of Starlink birds collide I reckon we are right royally f*cked.

How do we stamp out the ransomware business model? Ban insurance payouts for one, says ex-GCHQ director

Gordon 10 Silver badge
FAIL

Dumb and Dumberer

Since when have GCHQ been good at anything other than electronic eavesdropping or lobbying for encryption backdoors? Its a disingenuous statement from a former member of an organisation who has contributed to the problem by hoarding and not reporting zero days and the like. The intelligence agencies are a large part of the problem.

Banning coverage or payouts is a dumb suggestion. Its no surprise to see technocrats trying to avoid the problem (partially of the industries own making) and ignore fundamental human and business realities that are much much harder to fix.

If this starts hurting insurances companies bottom lines then they will start taking action - such as setting minimum standards for coverage - but that wont address the core of the problem.

Its predicated on the false assumption that people buy the insurance rather than fix their legacy software and hardware estates, and its also predicated that IT is the fundamental reason a business exists rather than a useful tool like accounting or sales people.

There will always ransomware vulnerabilities just as there will always be fire risk in a physical premises. Suggesting that tackling a consequence rather than the multiple causes (human nature, Government behaviour, Vendor software development practises, designed in obsolesce etc etc) is just lazy and clickbait-ish.

Airline software super-bug: Flight loads miscalculated because women using 'Miss' were treated as children

Gordon 10 Silver badge

Re: Not necessarily.

Im not convinced its beyond the whit of man to measure passenger mass automatically.

Strain gauges on load bearing components for example.

Ex-Geeks staff lose legal bid to claw back withheld training costs from final paycheques

Gordon 10 Silver badge
WTF?

Re: I have seen this before

Not entirely sure what your point is. They got a substantial payrise post year 2, maybe not as much as they might have got on the open market, going from the one sample we know about, but they only had to stick it out for a few more months to get off the debt scott free.

They got a career jump start thanks to employer A, and Employer A doesn't appear to have put them into serfdom to do it. They may not like it but it appears the judge also thought the company had been pretty even handed.

I suspect they jumped ship before realising how much they would be clobbered then attempted a tribunal as a way of getting back.

My sympathy for these 2 guys is limited tbh.

Gordon 10 Silver badge

Re: What about the quality of the training?

Presumably the complainants could have documented this lack of quality prior to the Tribunal. Either they didn't or the Judge wasn't convinced.

Not sure I have much sympathy for them tbh. It was well documented in their initial contracts and they knew what they were getting into, especially as they only had to stick it out another year to get the debt written off. I definitely have no sympathy for the guy who got a £10+ payrise upon leaving.

Privacy activist Max Schrems claims Google Advertising ID on Android is unlawful, files complaint in France

Gordon 10 Silver badge
FAIL

Re: That's what you get when software has to cost nothing

Errr. Nice try but no.

How do you explain almost the exact same feature in iOS?

To be clear all your points are valid on their own merits but conflating them with free software is dubious at best.

Post Office awards Fujitsu a £42.5m contract extension for the IT system behind wrongful subpostmaster prosecutions

Gordon 10 Silver badge
FAIL

Hmmm

Whats the betting the planning to get off of Horizon in the next 2 (now 3 years) hasn't even started yet?

Mullet over: Aussie boys' school tells kids 'business in the front, party in the back' hairstyle is 'not acceptable'

Gordon 10 Silver badge

Re: It's the 1950s again (or is it?)

I for one don’t want to see anyone’s down under mullet.

Director, deputy director, CTO of Free Software Foundation quit after Stallman installation

Gordon 10 Silver badge

Give some evidence of these false pretences you refer to?

There is plenty of RMS douchebaggy stuff in the public record.

Gordon 10 Silver badge

Re: I met...

@Jake. I dont think Occam's Razor says what you think it says. The simplest explanation, with plenty of "prior art" to back it up, is that Stallman is/was has some douchebag opinions towards women - particularly young ones. It takes very little to assume that attitude bleeds over into actions.

Gordon 10 Silver badge

Re: what's the upside?

Agreed. The FSF appears to have confused their mission with the establishment and perpetuation of a cult of personality around RMS. No one person should be bigger than the cause.

They never end well for all the cult touches.

Under threat of judicial review, UK.gov agrees to consultation before extending Palantir's NHS role beyond pandemic

Gordon 10 Silver badge

How precisely

Does getting 54 people to be consulted make up for not putting it out to tender in the first place. Its a fig leaf.

The only proper way to do it is to put the contract out to tender with explicit access and re-use clauses that can be reviewed and challenged for over-reach.

Deloitte settled HPE's Autonomy lawsuit for $45m back in 2016 and agreed to cooperate with US DoJ

Gordon 10 Silver badge

Re: When?

Since the US has form for trying to extradite Bankers and Accountants on very dubious grounds, I think you're safer staying in IT. Unless you a hacker with ASD. Then you're screwed when the Patelenfuhrer takes power.

Gordon 10 Silver badge

You got that wrong-ish

Deloitte didn't assure HP of anything specifically, other than assuring *the world* the books of Autonomy had passed their yearly IFRS audit. A bad audit doesn't necessarily follow that a valuation for an acquisition was wrong.

HP hired KMPG to do due diligence on the acquisition of Autonomy, then their CEO failed to read the preliminary report (the CFO appears to have been fired for reading it and advising against the acquisition), then failed to wait for KPMG to complete their due diligence before signing on the dotted line with Autonomy.

The rest of your supposition seems plausible though. With one extra - if HP were hurt so badly by Deloitte's alleged dodgy auditing - why did they settle for $45m?

Mac OS X at 20: A rocky start, but it got the fundamentals right for a macOS future

Gordon 10 Silver badge

Its still a bit marmitey though

Finder in particular feels like it needs to be taken around to the back of the barn and shot. Examples:

Fundamental inability to use breadcrumds to navigate up and down a deep folder structure.

Search needs a major overhaul.

Launch Pad needs to die

Everything you need to know about the HPE v Mike Lynch High Court case

Gordon 10 Silver badge
FAIL

Re: Why so pro-Autonomy?

0. Anyone who was anyone knew HP overpaid. If you look at the comments section of the Reg stories at the time they are either OMFG or PMSL about HP.

1. Funnily enough the UK Fraud authorities declined to prosecute in this this case which suggests that a) at worst there wasn't enough evidence to prove fraud or b) at best everything was above board.

2. Auditors - see above. Plus the value of the deals highlighted is some tiny fraction of Autonomy revenues at the time. From memory it was essentially immaterial in a financial sense, a couple of % of sales but nothing that was justified

3. GAAP <> IFRS. HPE appear to have had very little understanding of the differences.

4. The due diligence wasn't even completed AND the preliminary report never read. HPE had literally no idea wether they were buying a Tesla or a Model T.

Anyone of these points alone puts HPE on dodgy ground, all 4 would make me very surprised if they succeed.

Also some nuance for the USians. This is a civil case - where judgement is made on the balance of probabilities of something alleged being true, the burden of proof is lower than a criminal trial. If this goes against HPE, Lynch will have a mega strong argument against extradition, as it begins to look like Uncle Sam the bully again.

Chairman, CEO of Nominet ousted as member rebellion drives .uk registry back to non-commercial roots

Gordon 10 Silver badge

Tighten AGM influencing rules.

And get the articles of association changed to stop the Board and Management using company resources to promote EGM/AGM topics in an unbalanced way. Either both proposer and opposer should be able to use company resources to lobby or neither.

Richard Stallman says he has returned to the Free Software Foundation board of directors and won't be resigning again

Gordon 10 Silver badge

The Stallman Effect

Is pretty much why 50% of Emeritus Professorships exist.

Respect the duffers achievements but keep him away from the impressionable kids when he starts rambling. (metaphorically speaking in this case).

Being asked to rate fake news may help stop social media users sharing it, study finds

Gordon 10 Silver badge
FAIL

Gaming

What happens when the reviewing process starts getting gamed? Either by Bots or by some faction who manages to pile a load of reviewers in under the radar.

A sticky plaster at best....

This is all the result of the friction of sharing communication being reduced to near zero. Our social and intellectual models haven't evolved to cope yet. Metaphorically we are still at the point of pointing and grunting on the plains of Africa as far as our ability to handle electronic communications is concerned.

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021