Posts by sysconfig 305 publicly visible posts • joined 5 Jan 2010
It was built "just because" or "because he can". We're talking about a 14yr old boy here. He probably brought it to school to show it off to his friends.
If he brought it into the chemistry lab and started tinkering there, you might want to ask questions and take that device away from him. Until then... for christ's sake, be happy that you still have pupils that get all geeky in their spare time rather than playing video games whole day.
As soon as law enforcement *think* they are dealing with anything remotely attributable to terrorism, they'll generously waive due process and fair trials, keep proceedings secret from the public, or just lock you away for extended periods of time until they find something that they can make stick (too bad if that doesn't happen)...
Wonder what happens if a shoplifter wears a "I have friends in Syria" t-shirt...
"This person, who has obviously been recruited by ISIS, was caught stealing chewing gum to finalise a makeshift weapon of mass destruction..."
I got my hands on one of those when I was 11 years old. It was sitting on my mum's desk and when she wasn't typing letters on it, I could use it to write little programs on it. Since we had a very ambitious maths teacher who wanted to teach us programming at that time, it was perfect. Had it not been for the Schneider Joyce (as it was called in Germany), I may not have ended up in IT. Who knows.
They may not have been great quality, but as an 11 year old I wouldn't know or care. Had a lot of fun with it! (Saddening to be reminded so clearly how fast time went by since...)
Does that particular law really mean that any personal data of Russian nationals needs to be stored exclusively on servers located in Russia? How about Russians living abroad? How do sites do that where no nationality needs to be entered (or cannot reasonably be verified, which would be true for the vast majority)?
While I welcome any way governments can leverage to piss on Facebook and in particular its attitude to privacy, this law doesn't seem to be thought through.
The result for Facebook -and even more so for smaller sites who can't be bothered or afford to set up Russia-based servers- might be: "Sorry, since you are Russian, we cannot currently offer our service to you."
That's neither feasible nor enforceable. We all know how easy it is to bypass GeoIP based checks when we watch telly channels which are "not available in your country". ;-)
None of the information they want to collect is relevant to my music taste (and generated playlists).
Subscription cancelled straight away. Thanks El Reg for the heads-up. (I haven't seen a prompt for the new T&C yet, but I might have done what most of us do when confronted with lengthy legalese...)
"The usual waffle about announcing a breach and then saying your security is important to us."
I have a lot of important things on my To-Do list as well... doesn't mean that I will tackle them any time soon, since there are different shades of importance, and then there's priorities, and meetings about priorities and backlogs with lots of important things... Sounds familiar, Carphone Warehouse?
"Except all the evidence is that they're not actually as stupid as you seem to think,"
No idea why you interpreted my post the way you did. We don't need evidence to prove that they are not stupid, because I certainly did not say they were. Less specialised roles don't mean they are stupid people. They just have less to bargain with because there are more employees to choose from.
Let's look at my own wife for a minute, who I certainly wouldn't call stupid at all. She used to work in a big hotel chain in London at the front desk. (Receptionist in other words.) The wage was meagre even after she had been working there for years and was made supervisor. The shifts, sometimes back-to-back double shifts, were long and often unpredictable. She's kind of a tough cookie and put up with it, but she has outlived a lot of others during her time, who didn't. If people quit, it took less than a week to have somebody new on the rota -- on minimum wage. If people moaned too much, they were shown the door and replaced just as fast.
She got by with her salary, but she couldn't make any savings, and therefore she couldn't risk losing the job and possibly spending a few weeks without any income. It's not a situation you want to be in. And while hotel/gastronomy is a tough area to work in, it's a piece of cake in comparison to other jobs, where people could be replaced even quicker.
Now take away sick pay, any holiday and pay, maternity leave and pay, minimum wage, and turn this into contract-based work... and sure enough that hotel will find plenty people willing to work longer for less. Extend that to other areas, and it's soon (even) more lucrative to claim benefits than to work your arse off. (And the employers will still find people willing to work for even less, because -believe it or not- some are not entitled to claim benefits and have no other choice. Those people, strangely enough, are also those seen to come here and "steal" jobs from Brits... but I digress)
Anyhow, my wife only managed to get out of there, because I encouraged her (and would have been able to support her, if she hadn't managed to better her situation). That's what *she* said, not what *I* think. No, she isn't stupid. (She had a bachelor degree to begin with, which turned out useless; and she has now managed to become an accountant doing weekend classes for several years. A "luxury" that she wouldn't have been able to achieve while working in that hotel -- not least because she'd have to work on weekends)
I wouldn't dare call people in low-skilled or low-income jobs stupid. The situation that they are in is often much harder and more complicated than we -privileged- contractors can imagine. Talk of politicians losing touch with reality...
If my original post came across like I'd consider myself somewhat better than others, I do apologise. I don't. I have worked my arse off to get where I am now, and that hasn't been an easy feat. But I have also had a fair bit of luck along the way, which not everybody is fortunate enough to have.
@Tim: If you want to call me a Marxist, fair enough. I think there's a lot of grey between black and white, but you're known to write in a provocative fashion, which we all appreciate and like.
A skilled contractor can of course negotiate terms with the employer (or client rather). Looking at it from the perspective of a contractor myself, I completely agree with you, Tim.
However, if you look at the wider picture, and especially jobs which pay very little as it is, jobs where little skill is required, you absolutely do need some protection for employees. They are in no position to negotiate anything. They will be ruthlessly exploited in the quest to make bigger profits, if the laws and regulations allow it, because employees at that level can often be replaced on the same day, if they don't fully agree to the employer's terms.
"Before they start adding more pointless electronic complexity to their cars, Chrysler/GM/Ford should study German cars that are safe and durable, Japanese cars for reliability, Italians for style and performance."
Recent German cars are equally packed with a lot of electronic complexity. I wouldn't be too surprised if my 2012 Audi A6 suffered vulnerabilities similar to Chrysler's, to be honest. Mechanical faults are much rarer than electronic failures in recent cars. It's far from perfect, and due to price pressure all major car manufacturers, including the Germans, offload more and more QA to the customer.
In fact, features like Audi Connect scare the shit out of me. (It offers a pile of internet service integrations, such as Google Maps, Facebook and others, which may or may not make the car less secure; Most definitely it allows for more accurate tracking of the car, less privacy, and might eventually be used by forensics/insurances -- most definitely against you.)
Internet connectivity of any car system paired with a single CANBUS that trusts all connected devices makes a lot of alarm bells ring simultaneously!
"For an non Windows server reboots are pretty rare these days. It always irks me that reviewers seem to take great store by the boot time for a server. IMHO this is one of the most useless measurements I can think of."
Indeed. If a reboot (or downtime) of a single server causes a problem, the people in charge ain't doing it right [1]. The narrative that a single server's downtime would result in downtime for a site or application belongs into the last century.
[1] or their bosses try to save money in the wrong place, in which case we want reboot times to be significantly longer to highlight the problem!
"Why do they not tell us that this tool is producing these results ?"
Because they were busy with the different stages of:-
- denying its existence
- legalising it retrospectively
- handing out D-notices on the way so that the media doesn't spread too much criticism
And: Once they tout it as being hugely successful, people will -rightly- ask how exactly it helped. Especially at the moment, where we are very sceptical about anything the government and GCHQ say about surveillance.
They will surely be in the process of preparing a nice PR campaign, cherry pick some cases which they can disclose more details about, and wait for the right time to seed it to the media.
"While the attackers accessed parts of the computer network that contain personal and medical information, UCLA Health has no evidence at this time that the cyber attacker actually accessed or acquired any individual’s personal or medical information," the group said in a statement.
Meaning unless somebody posts it on pastebin or holds the UCLA ransom to avoid such disclosure, they just assume everything's dandy, and hackers made their way into the system just for fun but couldn't be bothered to lift any data? Who came up with that ridiculous stance?
"This is the opposite of progress [...] a machine can do much better "
Yes, it is, and a step back in time. It goes back to the roots and *wonderfully* demonstrates how computers work. I can see that being a fantastic educational tool for those who want to learn about it, before they go off and build machines which produce the next generation of Raspberry Pi.
You didn't think that this 14x2m project was going to go into mass production for you to buy and use, did you?
Anybody can stick some code into a blog or wiki and call it a tutorial. And sure enough, the internet being what it is, someone even less knowledgeable will copy and paste it, and use it on production sites. Q.E.D.
So you can't really mandate what a tutorial must or must not include, unfortunately. You'd think that any respectable company which depends on the internet to generate business would hire knowledgeable people who do not need random tutorial code and certainly wouldn't just paste it. Oh well...
- batch processing of all sorts
- auto-scaling (just launch two at a time when you only need one, so that it doesn't hurt if one goes down, and still pay less), obviously much more efficient and feasible at larger scale
- automated testing
- etc etc
The problem with Google's offer in comparison to AWS's Spot Instances is that it's too expensive and limited to 24 hours max.
In AWS you regularly get spot instances for below 20% of the normal price (just tested with a m3.large instance for $0.03 per hour, instead of the normal $0.154 per hour; became available within the normal time frame... two minutes).
That said, prices usually spike dramatically when there's high demand, which means it almost doesn't matter how much you bid. If the spike kicks in, your instance goes down.(Spike prices are often higher than the regular instance price, so unless you bid insanely high amounts, your instance is going to go away.) That's fine though, because you get serious compute power for very low prices, and you know it's not going to last. Design your application to cope with it and you can actually save quite a bit.
You're right, Average Joe most definitely doesn't need it. It's interesting though that a small ISP shows BT that it can be done. Question is how profitable that is, because if it's not generating any money for the ISP, this new shiny super-fast broadband service might be a very temporary offering.
"I don't think it would lead to a "heightened risk of terrorist and espionage attacks" as suggested"
I don't think so either. After all Germany has not actively participated in a combatant role in any of the "wars on terror". All they do is offer humanitarian support.
Actually I hope that Germany does show some hospitality towards Snowden and won't extradite him, should he choose to move there. It's time that one of the more important economies in the world man up and show the US that they can't always have it their way.
"do they really think a bunch of european MEP's will make any difference"
So should we (and the MEPs included) just accept US dominance and ignorance and bend over?
I don't think so. Even though it may seem hopeless, I think privacy matters. Giving in is not really an option.
It's like big corporations: Nothing changes over night. You sometimes need constant nagging of different players over extended periods of time to finally be heard.
Budgets (political and commercial) work on a "use it or lose it" principle, They WILL be spending tax payers money anyway as it's already allocated. I'd much rather see it used for their trip in the name of privacy than wasted elsewhere.
"teachers will be using these as coasters and ash trays"
I think that's way out of line. Sure, as with every profession, there'll be teachers who can pick these things up easier, and some that will find it harder (or can't be bothered).
You mustn't forget though, that a teacher is not supposed to compete with Linus Torvalds and the like. (If you disagree with this example, substitute with any brilliant mind of your choice)
If they know enough basics to spark the kids' interest, that's all that is required. That's the whole intention anyway. Nobody would reasonably expect *every single* child to become a programmer or coder. You want to give them options, so that you can figure out what your child is good at. It's your job as a parent -not the teachers'- to foster that interest and talent far beyond what school could possibly offer.
The interested kids will figure stuff out on their own, once they are shown the basics. And I'm sure teachers will be able to learn just a bit more than the basics to make that happen.
"... our prime minister and education secertary both decline to try and answer questions that are only ever so slightly harder.
Not that I'm keen on outsourcing to india but the issues are not to do with the employees abilities, or if they are that's a mangement issue employing the wrong people."
Outsourcing the Prime Minister might not be such a bad idea. He doesn't speak common Joe's language, doesn't understand the world we live in, won't show for TV debates (a concept he strongly pushed forward for the last general election), and hasn't achieved anything useful in 5 years.
How much more harm could be done by outsourcing him, really? Think about the savings for the tax payer, if we do that with a number of ministers and MPs! Most of the time they don't show up in Parliament either, so can as well set up a conference call instead!
"David" has paved the way for an outstanding legal career!
I hope he is successful with this case, but I've got the feeling that the big machinery will eventually wear him out and too many megacorps with lots of money to share have too much interest in keeping Safe Harbour alive.
"That the US uses it to fight terrorist etc."
And you really believe that?
I have yet to see a single example with a chain of evidence which undoubtedly proves that a terrorist plot could not have been avoided without mass snooping/surveillance.
And I mean a real terrorist plot, not one of those fabricated by the intelligence community to justify yet more powers.
Obama will certainly give Cameron all his support as far as implementing such nonsensical laws *in the UK* are concerned. Why? Makes it easier for him to snoop in areas where the UK don't grant the US of A pretty much unhindered access already. The UK could render itself into a gigantic wiretap for all things concerning the EU. Everybody, except from the US of A, loses.
You really have to wonder where Cameron got this idea from that encryption is a bad thing worth banning. You'd think that a Prime Minister would have several industry experts as advisers, or spend some tax funds on getting expert advice to validate ideas before blurting them out to world & dog and making himself look like a Norbert.
Either he thinks he knows better, or he didn't understand what the advisers were saying, or he is so desperate and grasping for straws because his campaign advisers see a very gloomy future for his political career in general and the next general election in particular.
Either way, it contributes sod all to national security. $TERRORIST doesn't exactly abide by the law and is unlikely to communicate online in the UK while plotting. It's wrong (and dangerous!) to assume that $TERRORIST is stupid. Otherwise you'd have to assume that all politicians, police, three-or-four-letter agencies are even more stupid, since they haven't been able to prevent any terrorist attacks, even with extended snooping powers introduced since 9/11.
$TERRORIST wins. They managed to send politicians in the western world into a frenzy which led to a huge impact on privacy over the last decade. (Although the number of terrorism victims is likely much lower than the number of fatal car accidents, road safety has not received much attention. If you want to win votes, fix the bloody potholes in the country already!)
Any online comms outside of the UK would still be able to use encryption legally, anyway. There's absolutely no single reason why outlawing encryption would be a good idea. (But maybe the US of A have initially planted that idea within Tory ranks... because they win.)
"The U.S. Federal Bureau of Investigation has claimed to have uncovered evidence linking North Korea to the harmful hack on struggling film studio Sony Pictures late last year."
Let's see the evidence then. Most if not all security researchers seem to disagree.
Why does this remind me of the "evidence" for the existence of Weapons of Mass Destruction in Iraq?
It's sickening that the US of A can make things up as they go... and get away with both making up evidence and -worse- taking action based on those tales.
"That would send a message to CEOs and CIOs to take this stuff more serious."
Only if they (C-level execs) are personally held responsible and accountable. If they can shift the blame to one of their employees, they will. I'd be curious to hear who gets a bonus at SPE this year...
Exactly. You don't know if your driver has a road-worthy car (or at least MOT), insurance, or even a driving license for that matter. Sure you can ask them to produce these documents, but by the time they arrive you already have a "contract" for the ride with Uber.
There's virtually no screening at all for Uber drivers or their vehicles (wait, maybe it's not even their vehicle they come to pick you up with...)
I wouldn't want my children or my wife to hitchhike. How is Uber any different, except that they pay for it?
...not too long ago got repeated heads-ups from security researchers about their gaping security holes? Didn't they then talk it down just to get bitten by it big time just a couple of days later, revealing information that wasn't meant to be seen by those who lifted it? And then, shortly after, they were still talking the issue down?
Yeah, sure, let me give you my credit card details right now!
Pint of beer icon, because I'm looking forward to the headlines already...
"That's not regulation, that's your supplier refusing to sell you a product."
Not entirely correct, at least not for the previous poster's example.
In some countries, like Germany, you have to be resident to get a phone number assigned. Even Skype tells you that when you try to order a German phone number. The UK do not have such a regulatory requirement, and the majority of other countries don't either.
"The fact remains that had there not been a lot of time and money spent behind the scenes, the Y2k bug would have been a disaster, but it was averted by a lot of hard work."
That's how it always works if beancounters meet IT people... It's apparently a lot easier to justify big spends on disasters that have actually happened rather than preventing them.
For that reason many companies have poorly maintained sites and code and infrastructure in production use, and any attempt by eager developers, system and network admins to get some cash for long overdue (disaster prevention) maintenance is rejected ("no budget for that")... until a big disaster happens, and then management suddenly asks "what can we do to prevent this from happening in the future"? But nothing ever changes, although the answer is bloody obvious.
Precisely. Solaris Zones (and now SmartOS) and FreeBSD Jails are probably the most solid container options and have been for a number of years. But anyway, there has been a whole bunch of options for well over a decade, indeed.
Colbert's claim is a little bit far fetched. But I suppose when it comes to getting yourself into the spotlight in order to sell something, facts are irrelevant.
"Regrettably, competing companies on both sides of this issue refused to come to agreement on how to achieve that goal."
It was always obvious that in the US lobbies make the laws and politicians are nothing but muppets, but it's still shocking to have that confirmed so clearly.
And now the white flag is being waved, because politicians are so bloody dependent on the money from lobbyists that they can't act at all any more without their approval? WTF!
Alternative to, say, a Lenovo X1 Carbon? Hardly. I'll stick with mine. Runs Linux splendidly (and Windows, if you have to), has built in 3G, last 8 hours on battery. Don't want an overpriced we-want-to-compete-with-everything-and-give-you-Win8-on-top-of-that device.
It's always the same argument: legacy applications not supporting a newer OS version. A part of me wants to say "fair enough". But with an EOL heads-up in 2008, and legacy applications which must have been legacy since then, what have their IT departments been doing with taxpayer's money in the meantime?
5+ years isn't too short of a notice for any number of software or hardware products to be replaced. Probably the actual IT guys have been told by management to not be drama queens since they first mentioned it, repeatedly. And now, with custom contracts (presumably not exactly cheap), more money is going to be wasted. In many companies heads would be chopped off for this; not so in the public sector, where they can spend money which isn't theirs anyway...
Yeah I know, some big corporate entities are no better, but at least they are not spending my money.
NoSQL is probably one of the biggest hypes of the last few years and certainly makes sense for many applications. But it's not a one-size-fits-it-all for everything, contrary to how it's sometimes being advertised.
Great to see a company stepping up and saying: "we've tried it, but didn't work. SQL is not so bad after all, depending on what you ACTUALLY need"
Use what makes sense for your application, not what everybody else is raving about!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
