Posts by Gordon 10 4013 publicly visible posts • joined 22 Jun 2009
They (Apple, Google) should be landed with a flat fee approach. The app stores costs are fixed and have no relation to the price of the app. In app payment via alternative channels should be explicitly protected by law, and contractual ways of working around them explicitly made unenforceable.
Define mission critical in this case. If you mean grey/black hat stuff needs to spread between clouds I agree with you. OR if you mean borderline illegal content I agree with you.
If you mean run of the mill corporate business I don't in this context - which is Vendor takedowns. If you mean for true-cost-no-object resiliencey I agree but that's besides the point of this article.
Errr except AWS now. Did you even read the article? Azure or GCP werent mentioned either.
And how do you expect them to assess their clients morals proactively?
Do you really want AWS pro-actively blocking usage ala Apples App Store if it doesn't comply to their self selected prudery?
So apart from everything you say being wrong I agree with you.
Since this is at least the second in a few short years, I'm wondering if there is either something wrong with the physical design or their processes - maybe they hesitate to hit the sprinklers too long?
Since they only have 5 of these centres (quick google could be wrong) 40% of them catching fire seems a bit worrying.
I think the more interesting question is given a 3 month lead time whether the number of available Falcon stacks of either type would exceed the number of available launch sites (including turnaround time).
Edit : Interestingly enough SpaceX "only" appears to have ~23 Falcon Block5 boosters due to their high refurbishment rates. One booster has had 10 launches! Still I guess even in the low teens they have more active boosters than anyone outside of US and Russian military ICBM's.
Unfortunately this lady appears to have made several schoolgirl errors in bringing her case which Im guessing will make it doomed to failure, albeit its not clear what elements of her case remain from quick skim of the judgement.
It looks like the initial judgement for "interim relief" was for a stay execution.
2 obvious errors :
1. She is confusing or attempting to conflate "worked for" with "employed by"
2. You never ever send 116 "stream of consciousness" emails to a tribunal, you make limited and deliberate updates of material evidence.
3. Those 116 mails suggest she is taking it personally. No matter how personal it is losing your objectivity is a recipe for disaster. By all means be angry - but dont let that stop you acting with a clear head with the tribunal.
I dont hold out much hope for her no matter how justified or not her case might be.
She might be better off researching her agency employer who is using the mini-umbrella's and dobbing them into HMRC. She may not get much satisfaction from that route either but it would have been worth a punt at less cost and effort to her.
I doubt it. The simple matter is that if you have mission critical or simply important brown field Oracle workloads then Oracle Cloud is by far the simplest and cheapest migration path. It’s not even particularly expensive compared to a huge migration to another DB. Also their cloud charges are pretty low (for now).
Stop using whataboutery to justify a data monetisation grab.
Firstly your chance of actually being unconscious in A&E are small, secondly they already have protocols to deal with those scenarios. Thirdly if that was actually what they are doing with it it would probably get broad support.
What they are actually doing is a vast data grab with assumed opt-in and no right to delete at a later date and some questionable pseudo-anonymisation and then letting the fucking Nazgul to name just one grey actor at it. Each one of those is a red flag in its own right. All together it’s riskier than Matt Hancock discharging your granny to a care home in early 2020.
The chances of it ending in disaster are approximately equal to those of Matt Hancock hooking up with one of his Aides.
I know Iran is under US and other sanctions but under what authority were these websites taken down - apart from Might makes Right of course.? Were they US hosted? Or is the US abusing its control/influence over TLD's, and applying their own censorship rules?
To be clear I could care less about the Iranians - more about whether this is a potentially illegal act by the USA.
"How are they going to differentiate classic pump and dump schemes from a legitimate company that is doing well?"
Its part of the design that they are not. Their cronies will pump and leave innocent investors with the dump. Just another way of politicians shitting over their electorate.
Well said sir!
This is just the usual bunch of overly opinionated ideologically inflexible fuckwits on a charge to see what else they can fuck up whilst the consequences from Brexit still play out like a slow motion car crash.
What galls me is these wankers always refuse to take responsibility for their actions and refuse to act consistently in their actions, then act fake surprised when the world calls them on it. The current sausage war being a prime example of them being hoist on their own petard. See also the DUP.
No surprise when they are led by the adulterer in chief and one of the biggest liars ever to hold office.
Davis may be a brexit supporting prick but at least on data he had some sane opinions.
For the above I think this is reasonable of MS here.
By definition the act of releasing your code into Production should include impact analysis of the changes which should include a pretty robust assessment of the charging/scaling expectations, followed up by a period of aftercare where things like resource utlliization are monitored more closely than usual.
TL:DR. - Dont use the production tier if you dont use/understand SDLC.
SDLC along with real robust test plans are what separates software professionals from gifted* amateurs imo. Just because you have the job title and the pay grade don't mean you are, and lets face it we've all met even some very senior people who fall in this bucket - and take their colleagues/teams down with them.
* I leave it the reader to define what this means.
Whilst I dont disagree with your point I came here full of the same piss and vinegar only to discover reading between the lines that these guys had effectively set themselves up as a MITM generating QR codes to be passed along to the NHS.
So this was essentially a MITMA *on* NHS Track and Trace not *by* Track and Trace. I leave it to the reader to decide if the enabling of a MITM is a deliberate action by the Govt to enable some arms length Pork Barrelling.
Im still unclear on why he needed to keep ANY data other than a couple of screenshots.
Using the leaked creds once is technically unauthorised access even if just checking they work. Using them to exfiltrate data (which is what appears to have happened) goes way beyond the pale regardless of how well intentioned he might have been.
I do think from a technie point of view the company over-reacted but that just human nature and security "researchers" should be aware and prepared for this.
FWIW I think the guy went from White Hat to Grey Hat when he stopped confining his work to disclosing the hole, and instead appears to have appropriated the data as "evidence" either to avoid the company covering it up, or for academic curiosity. It wasnt his job to investigate the extent of the breach.
Regardless of how egregious the hole discovered making moral judgements about a companies response or potential response is out of the scope of White Hattery and emotionally and corporately naive. You shouldn't be doing this activity for anything more your own satisfaction, and should not be expecting anything more than a grudging acknowledgement and cover up, and if such a thing occurs - unless that breaks a local disclosure law - you dont get to judge.
Indeed. It almost sounded like the medical types were at risk at applying the same standards to the software as to the hardware which might be overkill in a read only application like this.
Get the hardware right (and safe and certified!) and the software will come along behind it. I'm guessing there would be plenty of people willing to spend an hour a day retraining the ML if it lets them communicate well for the rest of the day if they knew the implant is safe.
Thats a rather naive and blanket statement.
On prem is fractionally safer if done well in your own wholly owned DC or Cupboard (are you checking the minimum wage cleaners access?) - but how many companies actually do that? Let alone a Public requirement contracted out to the lowest bidder or an MP's bestie.
However by default a lot more effort has gone into making the the Cloud DC's and their services secure by design, and they are unlikely to be addressable to a random Googler.
With a State actor all bets are off anyway - I would go out on a limb and say they are equally at risk as the compromise is probably at the network/infratstructure/factory level.
You need to be clearer on where to direct your ire. Which is on the current Government who are failing to enact a series of recommendations to clean up Private Prosecutions made by the relevant Parliamentary Committee 6 months ago. I encourage you to Google for it - makes good reading.
I think you are misunderstanding the role of the judge in the proceedings. The question you should be asking is how the PO was able to deny/bury material that should have been available to the defence team.
I suspect but don’t know that a number of cases did not proceed when a savvy defense solicitor or barrister was involved and it was dependent on luck of the draw and financial resources for the SPO’s involved.
Complete fail.
Manufacturing beats breeding & training.
Once you come up with a way of mechanising something you can scale up kit as quickly as you can get the raw materials and equipment to make it.
Breeding & training a new sniffer dog takes over a year and if similar to guide dogs has a high washout rate.
Unless you are suggesting mass scale puppy farms and industrialised training? That would go down well with the public.
Its one of the reasons we are driving cars rather than still riding horses. That and the vast quantities of poop. Which come to think of it is an issue with this idea too.:D
Headline grabbing cobblers.
My academic attention whore alarm is going off.
The same can be said for any broadband service, which is why they have lots of ways of dealing with it, most of which will be applicable to Starlink.
I would also note that the solution for Starlink is to throw more birds in the air and on a per user basis it’s probably cheaper than digging holes in the ground.
Thats a naive statement. Its possible to get quiet co-operation for these sort of activities if the approach is right. It happens all the time in corporate environments.
This was lazy unethical behaviour - I suspect because they couldn't be bothered to get co-operation or were frightened of being told no.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
