* Posts by James 139

191 posts • joined 21 Jan 2010

Page:

Remember when we warned in February Apple will crack down on long-life HTTPS certs? It's happening: Chrome, Firefox ready to join in, too

James 139

Re: Some sense for the web, disaster for internal

I feel your pain on the last point. It's like people never heard of "mitigating factors" or "it's entirely unnecessary", they just see a "red mark" on some automated scanner and start frothing.

More often than not they have also over paid someone to run the report, and who is conveniently offering to offer paid advice on it.

Section 230 authors despair of Trump, Barr, Biden, US Congress’ aggressive ignorance of critical tech law

James 139

There has long been a misconception over what "free speech" entitles you to.

A fair few people believe it means "what ever, where ever, when ever", without limits or restrictions.

Which is fine, and mostly true, in public owned places or when directed at Governments.

In private places, which includes publically accessible, the private owner is entitled to set limits, including denying you the ability to speak.

Machine-learning models trained on pre-COVID data are now completely out of whack, says Gartner

James 139

Re: But...

If suffiently unqualified people call it an AI often enough, it becomes the "mass market" term for it.

Like "information superhighway" to describe what, is now, very slow internets.

Facebook accused of trying to bypass GDPR, slurp domain owners' personal Whois info via an obscure process

James 139

"Why bother to sue when you can use the UDRP which is a lot cheaper (about $1,500 per claim and can include multiple domains) and it's a lot quicker too (takes about a month from start to finish)?"

Because they gain nothing financially nor is it as intimidating, it costs the defender a lot less too, so they might actually be able to fight it and not run at the mention of litigation.

But isn't the normal list of proceedures as follows?

- Hosting provider take down request

- UDRP request

- Done.

Big Tech on the hook for billions in back taxes after US Supreme Court rejects Altera stock options case hearing

James 139

Re: It's a scam

But you can sell stock you own at any price you like, off market.

I can give you stock I own for nothing, if I so wished, or even in exchange for other services worth more or less than the current stock market value.

Market price is just what open trading thinks its worth to someone else willing to pay for it.

James 139

Funny that, it seems to be the way many groups do it these days.

Why improve and reform when they can find ways to dodge the problem?

Consider the US police departments that have union leaders, and probably members, complaining about how they are being stopped from doing their job or being made to look like the "bad guys", would it not be easier for them to change their behaviour rather than try and defend it?

Trump then offers grants to police forces that do certain things, and you can almost guarantee that some of the people who will be involved in that are immediately thinking of ways to make it look like they are taking the steps, whilst actively not.

They have already found ways to be able to retaliate against "beligerant suspects" by provoking them or otherwise causing them to "bump" an officer.

Legitimising bad or poor practices does not make them good practices.

James 139

Re: "the amount of money at stake is enormous"

That is how it works for the rich, no?

Things arent fines or penalties, its the cost of doing something, because its low in comparison to their wealth.

No Wiggle room: Two weeks after angry bike shop customers report mystery orders on their accounts, firm confirms payment cards delinked

James 139

Re: There is no breach

Most places, that I can recall, at least request you provide the CVV number.

Before long, we will be having to deal with online shops just like banks, where an automated system phones/texts to confirm it really is us adding a new address, using a pre-approved phone number that requires access to the existing number to change.

James 139

Re: There is no breach

So they do, but in the UK I'd have to pay £6.99 a month for the priveledge, not worth it for the times I don't use paypal.

I know the fee includes a whole bunch of other "benefits", but I don't have a use for those.

James 139

Re: There is no breach

This is the same problem I had.

I opened a Cahoot account, now defunct, because it offered a virtual card, which eventually got withdrawn.

I then found Neteller, who also eventually stopped providing virtual card services.

Other banks have "promised" them over the years, but its never come to anything signficant enough for me to notice.

California bigwigs rule Uber, Lyft dial-a-ride drivers are employees, not contractors

James 139

Re: I know many people who work so-called "gig economy" jobs here in California.

That's one of the things I've always found confusing over the "gig economy" and the contractor vs employee "debate". This is mostly rhetorical, and I could have entirely misunderstood something about it.

To me, the two roles are different, and, probably incorrectly, clearly defined in my mind.

Contractors : Take jobs as they see fit, have to cover themselves in terms of medical coverage etc, can accept or decline jobs on a whim, hence flexible.

Employees : Get assigned jobs they can not refuse, under normal circumstances, without consequence, employer pays for medical coverage etc, required to work as directed by employer, hence rigid.

So, where someone wants to do a few hours here and there, why would they not want to be contractors?

Conversely, those that want to do it as a full time job, why wouldn't they want to be employees?

And, importantly, why do officials, and possibly the companies, not want to offer both?

Repair store faces hefty legal bill after losing David and Goliath fight with Apple over replacement iPhone screens

James 139

Re: The law would appear to be an ass ...

This is my "argument" with counterfeit goods.

If its fake and says "Apple" or "Rolex", thats one thing, generally because people are stupid and don't question why they're paying so little for something, "its a bargain!!"

If its fake and says "Bpple" or "Bolex", then, as long as someone isnt trying to claim its a 'mistake at the factory', you know its a fake and the price reflects that.

Podcast Addict Play Store ban: Android chief says soz for incorrect removal, developers aren't impressed

James 139

What about split screen, slow motion and Quantel?

Tales from the crypt-oh: Nvidia accused of concealing $1bn in coin-mining GPU sales as gaming revenue

James 139

Re: Traders deserve what they get

This is entirely one of the reasons why I dont get why stock price is, in general every day terms, equated to a businesses ability to function normally.

Unless the business needs to issue more stock to raise funds, it is, surely, no different to owning a house in negative equity, in such that it only matters if you are trying to sell the house, it is no reflection on your ability to pay the mortgage and other bills.

Baby, I swear it's déjà vu: TalkTalk customers unable to opt out of ISP's ad-jacking DNS – just like six years ago

James 139

The first..

..rule of Internet Club is to use your own router.

The second rule is Dont Use TalkTalk.

Atlassian issues advice on how to keep your IT service desk secure... after hundreds of portals found facing the internet amid virus lockdown

James 139
Facepalm

Re: Rather inevitable wasn't it ?

We had a customer who deployed, what was basically software intended for LAN use, directly on the internet.

We pointed this out and said it most definitely wasnt advisible.

Our recommendation was that he lock it away behind even basic HTTP password protection.

His response? "Oh yea, we're going to use SSL".

I'm fairly sure that, after a year, it was still exposed, SSL-less and no sign of any additional password protection.

Just a case of convenience over sense.

Drones must be constantly connected to the internet to give Feds real-time location data – new US govt proposal

James 139

Re: Useless

Indeed, because security costs and, somehow, the car makers arent held liable for the insecurity.

At least not until it becomes a serious problem, class action lawsuit or government chew out.

Ring in the changes: Mandatory two-factor authentication, login alerts, targeted ads opt-out after punters voice privacy gripes

James 139

Re: "personalized advertising can deliver a better customer experience."

I effing hate that!

Go to website for company I work for, BAM! adverts for software I already don't pay for.

Go to website to check for software updates, BAM! adverts for something already in use.

Oracle tells Supremes: Fair use? Pah! There's nothing fair about 'Google's copying'

James 139

Re: A plague on both of them

"It could become impossible to write anything more than 'Hello World' without employing a lawyer to sort though all the licensing and rights issues."

I am not sure it goes quite that far though.

Oracles argument is that Google has taken their APIs and re-implmented them in a way that prevents Oracle from monetizing it, ie they have taken Oracles "work" and provided an alternative that is a copy, a bit like the difference between a genuine Rolex and a knock off "Bolex".

Writing software that uses an API would be unaffected, however an alternative version of the API would, think "printf" in GCC libC and Win32 C runtime libraries.

The people that should be really worried by an Oracle win are projects like WINE or ReactOS, where they are directly providing the same APIs but with their own implementations.

James 139

Re: A plague on both of them

Broadly resembled? Isn't Oracles argument basically "if it looks like a duck.."?

Such that having an API with the same name and declaration means its identical, even if said functions did two totally different things.

Next you know they will be claiming that source code file names are copyrightable.

UK government review of IR35 tax reforms? Like a broken pencil, say contractors groups – it'll be utterly pointless

James 139

Re: I am a genuine business, yet I'm now getting hassled by my clients!!

This seems to be exactly the kind of work most people envisage when you say "contractor", yet the Government conveniently ignores it and assumes "contractor" means "high paid permanent staff with tax avoidance".

Also, can HMRC not some how manage to make MPs all fall within IR35, after all, they are all fixed term contractors, no doubt with some on the fiddle.

No horrific butterfly keys on this keyboard, just you and your big, dumb fingers

James 139

Re: They may have sucked

Laser keyboards are easy mode though, this is when you set your virtual keyboard to INSANE! mode.

Having trouble finding a job in your 40s? Study shows some bosses like job applicants... up until they see dates of birth

James 139

Re: What jobs did they try to get?

I get the impression HR always believes that entry level positions, with entry level wages, are only wanted by those without experience, which they mostly view as the young.

I mean, why would a 50+ year old want to work in a job that pays them £20k, or less, a year? Surely that is their choice.

What's that? Encryption's OK now? UK politicos Brexit from Whatsapp to Signal

James 139

Surely the answer is watermarking.

Whilst you may have difficulty preventing people doing something, you can, more easily, do things that expose the individual responsible.

GlaxoSmithKline ditches IR35 contractors: Go PAYE or go home

James 139

But training courses dont bring experience, they just bring knowledge, and sometimes not even that.

High-resolution display output or Wi-Fi: It seems you can only choose one on Raspberry Pi 4

James 139

> Computer has an even older established meaning - It means a person that performs calculations.

Performs computations, not calculations, that would be a Calculator.

And, being more specific, also a male person, a female being a Computress.

Walmart sues Visa for being too lax with protecting chip cards

James 139

Re: and therein lies the problem for Aussies

This has always been my view too, the banks make it sound like theyre doing the customers a favour and making things more secure, but really theyre just providing extra ways for them to say "customers fault".

Sure, we made your Wi-Fi routers phone home with telemetry, says Ubiquiti. What of it?

James 139

Re: Once more, with feeling

Exactly, its the horse meat lasagna again.

It was only a problem because it didn't say "horse meat" on the list of ingredients.

Republican senators shoot down a triple whammy of proposed election security laws

James 139

That's certainly how it's supposed to work, yes.

Reality is that people vote for parties, often blindly, at all levels.

The worst part is that the party policies aren't always the candidates, and vice versa, but if you are 51% Conservative/Labour/Other, then it seems to be close enough for many.

Google lashes out at DoJ, Oracle as it asks US Supremes to sniff Java suit one last time

James 139

Re: Java was supposed to be a platform agnostic programming language.....

The very nature of APIs is that they are meaningless interfaces to the actual code underneath.

If you have a function called "get_value" in more than 1 language that does not make them the same.

Equally so, to common sense at least, the same declaration with 2 completely different implementations underneath is also not the same.

A, probably bad, analogy is the existence of 2 different houses with the same design and colour front door does not mean you can go in to the one you don't own and claim it is yours.

Obviously Google chose to use the same function names so that Java would just work in their JVM without Android devs having to rewrite anything, but they should have written the actual code behind the APIs blindly.

UK culture sec hints at replacing TV licence fee, defends encryption ban proposals and her boss in Hacker House inquiry

James 139

Re: replacing tv licence

Your claim seems incomplete:

"I am appalled at their hypocrisy and patronizing attitude towards the unwashed masses who MUST be preached what's good for them, because they're too stupid to make up their minds"

That can only be true if you also say "whilst claiming to be unbiased", otherwise they are doing nothing more than anyone else that is trying to convince you of a particular argument.

After all, the popular papers, websites and organisations of the "unwashed masses" are only doing the same thing, but from the other side of the argument, and that should be no less appalling.

Criminalise British drone fliers, snarl MPs amid crackdown demands

James 139

Re: Make it like owning a vehicle

With the proper sized spoon, you can remove an eyeball.

Not a death spiral, I'm trapped in a closed loop of customer experience

James 139

Re: Bureaucracy: Infocom text adventure

I thought changing my address with my bank was easy.

Until it turned out they had ballsed things up, for no reason that anyone can explain nor has any rational reason.

Went into the branch, Lloyds, because doing it online requires you to print out a form and post it off, changed address, got given printed acknowledgement, sorted.

Wait a bit.

Get new credit card, due to expiry, and I had gained an extra middle name!

Some how, some random buffoon had managed to duplicate my existing middle name, so I had it twice!

This change had proceeded to replicate to one of the other banks in the group, Halifax, incidentally the one that had sent me a new card.

Couldn't change the details with Halifax because "i wasn't set up for phone banking".

Went back into Lloyds who fixed it, which was the point I discovered it was duplicated, everything until now just had an initial. Gave up on Halifax and just left the card to expire.

Some months after it was fixed, Lloyds sent me a replacement card STILL with the extra initial on it.

Let that one expire too.

Problem now gone, apparently the credit card departments dont get updates from the banking department except when its to propagate mistakes.

Microsoft has made an Android phone. Repeat, Microsoft has made an Android phone. A dual-screen foldable mobe not due until late 2020

James 139

Re: No thanks

Still using my 950XL, it currently still does what I need it to.

How to lose a UK contractor in 10 days: Make them commit after upcoming IR35 tax upheaval, apparently

James 139

Re: Good.

And there in lies the problem.

For all possible combinations, its only 3, one of them is viewed as exploiting the system, even if unintentionally.

True freelancers and "freelance contractors", i.e. short term contractors, would seem to be the ones being punished, no matter what they do, where as "permanent" contractors, are seen as basically employees.

Take MPs for example, they look exactly like contractors to me, but probably consider themselves freelancers at best, or IR35-exempt at worst.

It's like the "gig economy" workers, some want to be employees with all it entails and some want to be free agents, yet also with full benefits as if they were employed.

Margin mugs: A bank paid how much for a 2m Ethernet cable? WTF!

James 139

CPC £1.25 2m cable IS CCA, so not CAT5/5e/6, just junk.

However, for £1.26 they do sell a 2m CAT5e cable, albeit with right angle connectors.

Its a whopping £1.39 if you want one with straight connectors.

Ex. VAT that is.

Careful now, UK court ruling says email signature blocks can sign binding contracts

James 139

Re: Signature versus signature block

But the question is, what does count as a legal signature?

Putting your name at the end of an email? "Yours, Joe Bloggs"

Putting an image of your actual signature?

Using a 3rd party like DocuSign?

Putting your name and not disclaiming it? As in this email example.

Can you avoid signing anything by not putting your name at the end?

Do people then argue that, because you sent it and your name is in the From field, then you have effectively signed it anyway?

It is one thing to set out to deliberately sign something, but something quite different to accidentally do so without intending it.

I'm not advocating for or against either, it just makes me wonder.

Are you who you say you are, sir? You are? That's all fine then

James 139

Re: Scripted

My father had similar issues when phoning people after his mother died, but I think his mistake was telling them she was deceased, I am not convinced they understood the word.

Wunderlist creator asks Microsoft to sell him back his biz as Redmond updates To Do

James 139

It's just 0.1-0.2billion.

Huge to someone earning a tiny tiny fraction of a billion a year, but tiny in comparison to the likes of Bill Gates and his 100billion fortune.

So its all relative.

Allowlist, not whitelist. Blocklist, not blacklist. Goodbye, wtf. Microsoft scans Chromium code, lops off offensive words

James 139

Re: This is stupid

But that's ok, THEY are allowed to use it without it being offensive.

It's only offensive if someone from a different racial/social/economic group uses words they don't like.

Oh dear, my eyes just rolled out of their sockets....

James 139

Re: This is stupid

But invalid and invalid are two different words, with different distinct meanings.

People need to stop being homographist.

'Deeply concerned' UK privacy watchdog thrusts probe into King's Cross face-recognizing snoop cam brouhaha

James 139

Re: Why?

You're reading too much into what I said.

I am simply talking about when something HAS happened, such as a person has gone missing, and plod comes along with a photo and currently someone has to manually watch the CCTV footage.

Recognizing a FACE is different to recognizing a IDENTITY.

One sees and understands it is a face, it can follow said face and knows where said anonymous face went.

The other sees a face, knows who it is and can be used to know who is where and what they are doing.

Yes, it could still be used to track where a person went, if someone manually uses the system that way, hell a mobile phone does that all on its own, giving away bluetooth and wifi information as you walk around.

James 139

Re: Why?

Question is, is it identifying people, as in getting name etc, or just recognizing and tracking?

You can use facial recognition to monitor where everyone goes without trying to identify or look them up in any way.

Being able to automatically see where someone has gone, say a child kidnapper or just someone with dementia, is a lot quicker than having to manually sit there and trawl through CCTV footage, and in neither case have you identified the person by name.

Chap uncovers privilege escalation vuln in Steam only to be told by Valve that bug 'not applicable'

James 139

Re: forbid? right

Not entirely sure what they could do to forbid it anyway, stop him submitting any more vulnerabilities, so he just discloses them immediately?

Brexit: Digital border possible for Irish backstop woes, UK MPs told

James 139

Re: This is the same 'think tank'

They told him he had to give up the booze and bacon.

This Free software ain't free to make, pal, it's expensive: Mozilla to bankroll Firefox with paid-for premium extras

James 139

Re: OSS isn't Free Software

Ah ok, I stand corrected.

However, your explanation is still flawed.

Open Source and Free, as in speech, Software do not concern themselves with the complexities of the code, nor of your ability to modify or build it.

An Open Source project could be simple and easy to understand and build, and a Free Software project might be very complex, but both COULD be built by people with the correct skill set. Neither is necessarily expected to be shipped for self-building, nor is either required to be.

You might not want, or need, to build Firefox, but equally, you probably wouldnt want to try building LibreOffice, a Free as in speech, project either.

Can is not the same as should.

James 139

Re: OSS isn't Free Software

You made my brain hurt.

I think you have your definitions backwards and too distinct.

Free software is software that is free of cost to the end user. It can be closed or open source.

Open source software is software that has its source code openly published so that anyone can take it, modify it if they wish, add new features and publish it back or just build their own copy.

Cool story, brew: Utah karaoke crooners receive cold, refreshing shock as alcohol authority refuses beer licence

James 139

Which then makes me wonder, exactly what falls into the "recreational amenities" category if it requires "physical activity"? And, for that matter, exactly who has to perform the activity?

Do they grant such licenses to "football" or baseball arenas?

What about a popup bar in a park, most of those being active are kids, whilst the adults sit around drinking, hardly physical activity there either.

Maybe they all qualify by selling enough food.

HMRC accused of not understanding its own IR35 tax reforms ahead of private sector rollout

James 139

Re: It's time for a re-write ...

Just change enough to make IR35 include the most obvious fixed term contractors, MPs.

Each and every single MP is on a fixed 5 year contract after all, with absolutely no guarantee of being retained.

Clock blocker: Woman sues bosses over fingerprint clock-in tech

James 139

Exactly. Identification not Authentication.

Just like at an ATM, the card is the identity, the PIN the authentication.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020