Re: Fraud Detection
I had a call from my bank
"Are you in India?"
"Err, no. Deepest Surrey"
"Have you just used your debit card?"
"Nope. Been at home for hours" (it was about 10.30pm)
That was also fraud prevention.
111 publicly visible posts • joined 6 Jan 2010
Firstly, no one mentioned timestamps. You don't need them. Only the last 14 days worth of encountered tokens.
Secondly, location & cell data is already happily donated free-of-charge to Google/Apple anyway. If the spooks were that minded, there are much easier ways of gathering it.
> As an alternative to all of this, the NHS proposes using a centralized approach, in which everyone's whereabouts and any other information is simply uploaded to a government-owned database and analyzed there.
The NHS system doesn't upload your "whereabouts". They were going to use GPS but that was discounted pretty quickly. It uses a very similar system to the Apple/Google (actually D3PT) system, and, in its basic operation, it uploads only the random tokens to the central servers when you get ill. The difference is that searches by other handsets for matching tokens happens on the central servers, not on the handsets. The advanced operation, which is opt-in, also uploads other medical & PII data & (AIUI) location, when you get ill, which is where the privacy worries are.
But the basic operation is really no less safe than normal smartphone operation.
> They should remove it, but they didn't know it was coming.
What's wrong with content moderation? Post your videos/comments but it will only go live when we've checked it out.
Yes, it takes time & resources and cuts into FB's/Google's profits, but the world doesn't owe them an exorbitant revenue stream. They'll have to bloody well earn it by showing they're responsible hosters (which long-term may well be a good business model anyway.)
Similar position, me.
Problem I have is that my chosen sport sub is overrun with US high schoolers with their 'coach was mean to me and dropped me' posts. *Sigh* Fortunately I have other sources.
I do think that the general level of discussion is very good in the more scientific subs, esp r/askscience which is a great read.
Overall Reddit is about the best you can get while allowing anyone to post anything anonymously.
You've been reading too much Reddit. Those criticising Java in 2016 tend to be the ones who left it behind at Java 6 and early JEE, or hate static typing in general.
Modern Java doesn't compare. The new closure syntax and streaming API is enough to satisfy 90% of use cases where FP is needed. There are a ton of Sinatra-like libraries for writing small lightweight microservices, and the ecosystem, which was already vast, has only got bigger since v6.
I've had to move to Node/JS. I'd move back to Java in a flash if I could.
> Whether each layer adds their approval into a blockchain, sends an email, signs a piece of paper or sends up smoke signals won't change that.
It will if the blockchain is of the "smart" variety proposed by IBM et al. Approvals like that become part of the transaction handling, with all communication between the parties and the blockchain, rather than each other.
"A shell script is bunch of interacting "micro services". This is just the latest attempt to spray fairy dust on the mundane and get the PHBs swooning."
Well, except that your shell script was (probably) only written by one person.
The principal benefit of microservices IME is that it fits naturally with Conway's Law  by design, which is generally A Good Thing. Not saying it is all sweetness and light, and yes, conceptually it is very similar to the long list of modularisation techniques that have gone before, but there are certain key technologies in the limelight now (eg Docker, REST, CD) that make it worth pursuing IMHO.
 - https://en.wikipedia.org/wiki/Conway%27s_law
> There is increasing demand for voicecall encryption. Unlike instant messaging, which effectively allowed companies to start from scratch and so has resulted in a number of highly secure products, phonecalls run over older infrastructure and almost always pass through telecom companies, usually in an unencrypted form (although the information may be encrypted while in transit).
As I'm sure you're all aware, Signal from OpenWhisper Systems  is the best answer ATM, folks.
Uses ZRTP which the table shows as ticking all the boxes. Integrates with existing phone/text functionality on your phone, but switches to secure version automatically if the other user is also using Signal.
IME, it just works.
 - https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms&hl=en_GB
> Also ... if everything can be controlled through an API on your infrastructure, then the first person to happen along who can pwn some app with administrative rights to your infrastructure can tear it all apart.
Then there's this:
> For all the derision of the old guard, Amazon has changed IT forever.
I was under the impression that Amazon originally required all internal infrastructure to be managable via APIs, and then realised the commercial potential of those APIs, turning itself into a $bn business as a result.
Is the argument against APIs? Because having them (or at least properly managed ones) seems to me to be an absolute fundamental requirement for survival if you're going to take your infrastructure management seriously.
Here we go. Top 20 based on weighted average CVSS score:
9.6 Air Sdk
9.6 Air Sdk & Compiler
9.4 Flash Player
9.3 Internet Explorer
9.2 Acrobat Reader
8.3 Firefox Esr
8.1 Windows Server 2003
8 Windows Server 2008
8 Windows Vista
7.9 Windows Xp
7.9 Windows 7
7.9 Windows 2003 Server
Edit: Full list at https://kitd.github.io/CVEAnalysis.html
I was speaking to an ex-Lotus engineer recently.
With a regular churn of engineers among the main car manufacturers, it is apparently common knowledge on the inside that all makes adjust their emissions according to whether they are being tested. It is part of what their engine management systems do anyway (adjust to the conditions). A bit like MPs expenses, there is some bewildement that this has created such a storm when it was just considered "one of those things that everyone else does, so we should too".
I think the main issue for me is how far out of kilter the VW test and real-world emissions were, not that it was being done at all. You can bet your life they all do it to some extent.
This is what happens when your society becomes more and more litigious. Concepts of law and national borders have absolutely no impact on connected bits and bytes. And yet it is the legislators & lawyers that hold sway. They legislate and litigate away and then wash their hands of the consequences. Everyone has to comply, but in an internet-connected world, the gaping holes are so obvious as to make the whole charade ridiculous.
Sophos only care that they comply with some regulation (see comments about CNET and download.com). So long as they avoid litigation, all is well.
> The cross-platform stuff was then, and still largely is, marketing. Sun was a single platform hardware company.
I disagree. When I moved from "cross-platform" C++ to Java in the late 1990s, all of a sudden the sun shone every day and the birds began to sing again.
You also forgot that the ecosystem was developed precisely to run on a variety on consumer devices.
I realise going against the Reg hivemind is risky, but there's a whole world outside the home & kitchen.
Where I used to live, we had new streetlights installed that could be dimmed remotely and report back to base if it failed. That's what's really meant by the Internet of Things, not fridges and toasters which have constant human proximity.
Oil pipelines that actually tell their operators when they start leaking, river sluices that notify of changes in water levels, traffic lights that tell the road authorities when they have stopped working, animal feed troughs that need refilling. It's all the remote stuff that nobody can police 24/7. Management by exception, etc, etc needs the "Things" to be "Internetted".
Not surprising since avoiding central financial control is one of Bitcoin's principal raisons d'etre. See the very first sentence in:
"A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution"
"Perhaps he means "world's best site for tidal power where plans for tidal power have not yet been formally scrapped"."
I was under the impression that it was only the full plan for the Severn (ie crossing the whole Bristol Channel) that had been scrapped, and that the smaller options (enclosing smaller areas) were still on the table.
Oh, and good point about why no direct link from the article. Maybe it's because they get a bit worried now when Lewis Page puts out anything about the environment.
He sounds a bit different here:
In brief, the Linux world is too disjointed to coordinate their negotiations with vendors. Fedora took a highly ethical approach and decided not to go it alone because of their power in comparison to other distros. So the result is that the MS approach was not only the most cost effective, but also apparently accepted (albeit reluctantly) by Torvalds.
Has he changed his tune?
> Technically you also have the right to shout 'fire' without any evidence of a conflagration being present
This neatly demonstrates the utter pointlessness of 'rights' without 'responsibilities'. To defend and demand the right to shout 'Fire' unnecessarily is to turn ones rights into such a weak and vapid abstraction that it is an insult to those who fight for the right to speak out against REAL oppression.
Really, why demand the right to offend for no other reason than 'because I can'?
Actually, PHP has its origins in Perl, being originally some Perl scripts to preprocess HTML before serving.
I think PHP is one of those technologies that is being asked to do far more than it was originally designed to do. It was the first server-side language to use HTML templates which IMHO deserves some credit, but the original language was designed to do not much more than that. Now people want to write full-blown enterprise apps in it :rollseyes:
Talent ID for the elite programs and encouraging grassroots sport are really 2 completely unrelated topics. If we are to maintain a healthy position in the medal table, then we must continue the elite talent spotting that is only starting to bring rewards.
Independently, if sport is considered worthwhile, then we need input for all sports at the grassroots. I agree with the poster saying that there should be opportunities for kids to try many sports at school. This requires more funding for local clubs because schools cannot provide the specialist knowledge and equipment needed over many sports. The other change I would like to see is schools not being allowed to make demands on a pupil's time between say 4 - 6pm, freeing them up for other activities.
However the one change that is almost impossible to engineer is the one that values the activities of kids' on the sports field (or any other worthwhile pastime) far above than those of pointless celebs on TV. Then we might actually get people off the sofa and doing something valuable.