* Posts by Roland6

6398 posts • joined 23 Apr 2010

UK.gov dangles £100m for service slingers for back office 'transformation' that'll kill off bespoke systems

Roland6 Silver badge

>"expertise required to transform back-office functions from bespoke systems to efficient, industry-standard processes..."

And the industry-standard process for doing something like housing benefit?

Over 20 years back I helped to move a local authority off their proprietary mainframe onto a COTS imaging and workflow system. Yes the platform was Unix/Windows (ie. commodity), yes the imaging and workflow software and associated DBMS were commodity. However, once it was configured to support the processing of such things as housing benefit, council tax etc. it was effectively bespoke as there was no way the council was going to easily move off the resulting commodity platform without a full rewrite of the applications to another commodity platform. So I would assume "industry-standard processes" actually means one supplier for all of government.

Contact-tracer spoofing is already happening – and it's dangerously simple to do

Roland6 Silver badge

>1) my phone blocks numbers not in my contact list

A few weeks back my home phone received a call, the CLI indicated the caller was my home phone...

80-characters-per-line limits should be terminal, says Linux kernel chief Linus Torvalds

Roland6 Silver badge

Re: None of this is a new problem

>132 column devices

Years back we used 80 column devices and switched to 132 column line printers. Most of the ASM programmers continued to use the first 80 columns as before, but used the additional 52 columns for a more informated commentary on the code.

For new programs, the pseudo code was simply tabbed to the right and the actual code inserted on the left.

It is notable that Linus is asking for up to 100 columns rather than going with the historical 132.

Roland6 Silver badge

Re: The real reason for fairly small line lengths

>Isn't that the exact crux of Linus's argument?

No!

Linus is having a problem with lines that are 80~100 characters long. So only a few characters need to be wrapped around.

I suspect his problem is that if you have a lot of these lines - with only a few characters over 80, it gets time consuming to reformat to do a neat word wrap. Since many programmers only produce write-only code they see the effort necessary to improve readability as a waste of time.

So basically, Linus's problem is the tool he is using: source code-editors need to incorporate some basic word-processor functionality so that they can intelligently wrap code.

Roland6 Silver badge

>green on black

Those who wish to do different, DEC (and others) did offer amber screens, so amber on black and vice-versa are also options.

Roland6 Silver badge

The limit is convention and portability across devices and output formats, remember most people like to use fixed spaced fonts like Courier, 80 characters at 10 or 11 point fits nicely across an A4 portrait page.

Looking at what Linus is saying it seems that he is saying, it is okay for some lines to be slightly over 80 characters, but he isn't encouraging the usage of lines of over 100 characters.

Basically the problem we have is the verbose nature of many system calls making it hard at times to put much on a single line.

Other than older card-based languages such as Cobol, languages such as Algol-60 and its derivatives and successors don't actually care about line length - the preprocessor strips out the characters inserted to make the programme human readable.

Roland6 Silver badge

> Unless your text background has alternating green and white lines like old school line printer paper.

Seem to remember there was an editor that did use alternating line colours - made things a lot easier to read, particularly when the lines contained a lot of whitespaces - so the eye could more easily match the code on the left with the comment on the right.

There are times when this would be useful in office programs - the number of times I've had to highlight a line, just so that I can follow it across repeated horizontal screen scrolls.

After 30 years of searching, astroboffins finally detect the universe's 'missing matter' – using fast radio bursts

Roland6 Silver badge

Re: average office

Don't know what the size of an average office is, however it does confirm, DA's observation: “Space is big. You just won't believe how vastly, hugely, mind-bogglingly big it is. I mean, you may think it's a long way down the road to the chemist's, but that's just peanuts to space.”

China's Tencent to order ONE MILLION SERVERS as part of $70bn digital infrastructure splurge

Roland6 Silver badge

Re: How many orders for US chips?

But all those ARM designs might come in handy, perhaps this is an opportunity to establish a Chinese Intel...

Laughing UK health secretary launches COVID-19 Test and Trace programme with glitchy website and no phone app

Roland6 Silver badge

Re: Oh No Surely Not...

>I wonder if this will ever be used as a stitch up...

Given the general expectations around this (contact tracing), I was reminded of this 1975 Idi Amin parody:

"kindly get out, put your hands in the air and await further instructions"

You're not getting Huawei that easily: Canadian judge rules CFO's extradition proceedings to US can continue

Roland6 Silver badge

Re: Here's the thing...

>The CCP may send spies and other covert agents to either break her out of jail and whisk her out of the country, or kidnap/bribe/extort or otherwise leverage one or more jurors on her trial to get a favorable outcome.

Nice fantasy, however, reality says such action would be much easier whilst she is in Canada than once she is in the USA. The fact she is still in Canada says much...

Surprise! That £339 world's first 'anti-5G' protection device is just a £5 USB drive with a nice sticker on it

Roland6 Silver badge

Do you think Daniela was able to plug the device in or had to have help...

5G mast set aflame in leafy Liverpool district, half an hour's walk from Penny Lane

Roland6 Silver badge
Joke

Re: CCTV: gotta love 'em!

Surely, this is a very reasonable use of the data being collected by the NHS app...

Just need to send them a appointment for CoVid19 test at their local police station text message to all phones recorded as having been near the relevant mast...

'I wrote Task Manager': Ex-Microsoft programmer Dave Plummer spills the beans

Roland6 Silver badge

Re: Ctrl-Shift-Esc

>Why would you make something functionally useful a secret?

MS effectively made all keyboard shortcuts 'secret' when they stop publishing manuals and downgraded the status of keyboard shortcuts - encouraging users to simply point and click.

Funny, how they have now downgraded point-and-click and hidden/got rid of menus, by encouraging the use of search - user needs to both point-and-click and type - which even on the latest edition of W10 still fails to find some of the tools listed on the XP/W7 accessories, system tools and administrator tools menus, effectively making some of these tools 'secret' as either you have to know their name or know where to find them via explorer.

Roland6 Silver badge

Re: unix

>Windows NT was POSIX-compliant from the get-go. To be clear: any (grownup) Unix app could be cross-compiled with only compiler-driven porting. AKA tweaking microscopies, no restructuring.

Yes, lip service/bare minimum compliance.

The POSIX-compliance was to allow Unix app's to be cross-comiled to run on Windows using the cygwin 'shell'. However, POSIX-compliant Windows applications...

Hence the POSIX-compliance enabled Windows to tick the procurement POSIX requirement which was placed on the OS and not on the applications that ran on the OS. Thus enabling government to procure Windows PC's complete with MS Office - a proprietary solution using proprietary OS interfaces, whilst satisfying the Open Systems requirement...

Roland6 Silver badge

Re: It hasn't been able to kill lots of stuff

There was and still is one 'big' defincency in Task Manager, you can only kill one process at a time. I seem to remember to kill some rootkits and some other pernicious malware, it was necessary to kill 2~3 processes at pretty much the same time to prevent resurrection.

I forget which third-party TM replacement(s) did permit this - I just pop over to Bleeping Computer as and when I have need of such tools.

Microsoft blocks Trend Micro code at center of driver 'cheatware' storm from Windows 10, rootkit detector product pulled from site

Roland6 Silver badge

Re: Got an update today

>I wonder if crash telemetry from people like me caused MS to detect this memory abuse.

Well given the timing of the public diclosure from a third-party and the subsequent action taken by MS, I suggest not.

Although, thanks to the third-party, it would not surprise me if MS can now make sense of some the crashdumps it received.

Roland6 Silver badge

Re: Hanlon's Razor does not apply today...

>This was put in deliberately. The question is why?

I can understand that the original driver could have been written to use the executable non-paged pool and thus be in need of revision to use the non-executable non-paged pool.

But then having revised and tested the code there would be no need to maintain continued support for both memory pool models - necessary because it seems the driver can happily run with either memory pools.

The only possible reason is to do with compatibility with pre-Win10 systems, but then why have an intelligent runtime switch and not an install time switch.

I wonder if Trend will tell MS why their driver was implemented the way it was...

ALGOL 60 at 60: The greatest computer language you've never used and grandaddy of the programming family tree

Roland6 Silver badge

Re: Algol 68 is not ALGOL 60

>I remember attempting a C compiler ... Did enough to pass the course but never finished it. It was hard!

Don't be to hard on yourself, there was a valid (technical) reason why Borland didn't release Turbo-C :)

BTW it took a full-time team of 3 a year or so to produce a halfway decent C compiler and code generator that was marketable.

Roland6 Silver badge

Re: Algol 68 is not ALGOL 60

>Defining procedures inside procedures was already in Algol 60 and in most languages descended from it.

In the 1990's I used the ability of Algol 68 to handle recursion and pass functions as parameters as an interview question. It quickly weeded out those whose only experience of programming was MS VB et al. as these people just didn't know what you were talking about.

Roland6 Silver badge

Re: Algol 68 is not ALGOL 60

>I never got to use Algol 68 because it was difficult to write a compiler for

Yes, the really powerful and useful languages are a bugger to write a compiler for.

Aho and Ullman's "Principles of Compiler Design" was the must have text book on the subject (still got my first edition) and explains why , although it was very helpful in writing a Pascal compiler, in writing compilers for languages requiring bottom-up LR parsing, such as C and Ada, there was much left to the reader...

BoJo buckles: UK govt to cut Huawei 5G kit use 'to zero by 2023' after pressure from Tory MPs, Uncle Sam

Roland6 Silver badge

Re: Anone surpised?

The Trade Bill going through Parliament at the moment removes the role of Parliament in the negotiation and review of trade deals... Not the sort of taking back control envisaged by many of those who voted Leave...

Wanna force granny to take down that family photo from the internet? No problem. Europe's GDPR to the rescue

Roland6 Silver badge

Re: Rough summary of the court's decision

>From that argument it might be Facebook that is acting against GDPR, not the grandmother

Suspect much depends on the agreement between Facebook and its users over Facebook's "non-exclusive, transferable, sub-licensable, royalty-free and worldwide license". [ https://www.facebook.com/terms ]

This could be taken to be a commercial agreement, ie. you the Facebook user are granting Facebook, a commercial entity the right to use your images however they deem fit. Thus because of this condition in the Facebook Terms, it can be argued all content uploaded to Facebook fails the GDPR "purely personal activity" exemption...

Roland6 Silver badge

Re: Seven years

> Leaving the photo online for the whole world to see is a whole different level of 'sharing'.

Missed the nuance of the judgement:

"the case summary says that while GDPR exempts purely personal activity, it's not clear that postings to Facebook, with possible exposure to internet searches, qualify for that exemption."

Basically, the judgement says, post any image to the "Internet", because of the possible exposure to internet searches and you need to have explicit consent...

The only question is what level of precedence this case has set.

Railway cables overpowered errant drone's compass and flung it back to terra firma

Roland6 Silver badge

Re: low voltage

Talking of 'ancient' Signalling Systems, I see Network Rail has got around to replacing the 1970's London Bridge system with a "more reliable" modern system.

[ https://www.railengineer.co.uk/2020/05/20/south-east-london-lines-to-close-for-9-days-over-the-summer/ ]

Does any one know when (or if) the London Bridge Digico Micro16's were replaced.

Roland6 Silver badge

Re: low voltage

>"It's also true that modern railway signaling systems are chock-full of electronics, and tend to be sited Really Quite Close (TM) to the rails.

So while you wouldn't want to, you find that if required, solutions are available."

I would hope by now the solutions are pretty much either off-the-shelf or "you just do it that way", but back in the late 1970s when the first microcomputer-controlled systems were being put in place (on Liverpool St. we were pulling out Victorian mechanical and early electro-mechanical block signaling systems...), our understanding of such matters was significantly less - with even thyristor switches caused 'interesting' effects on sensitive electronics that happened to be on the same power infrastructure.

Roland6 Silver badge

Re: low voltage

>You really don't want to have any electronics anywhere near active overhead railway lines.

Actually, you don't want electronics anywhere near an active electric railway line - overhead or third-rail.

Whilst the arcing between the power and train is one problem, another is the fluctuations in the earth the passing of a train causes.

From memory these were particularly bad on the Liverpool St. lines, where they were known to cause the signalling system to reset.

Zoom continues its catch-up security sprint with new training, bug bounty tweaks and promise of crypto playbook

Roland6 Silver badge

"All of which is grand until one remembers ..."

Whilst it is unfortunate that lots of meetings have taken place without decent security, Zoom are now in a place where they can probably afford to take security seriously and do it properly. From the engagement of Secure Code Warrior, it seems they are taking this seriously.

Mind you both Zoom's and Secure Code Warrior's reputation is now on the line.

Apple, Google begin to spread pro-privacy, batt-friendly coronavirus contact-tracing API for phone apps

Roland6 Silver badge

Re: re: should be self-isolating

The specification paper for DP-3T on GitHub, isn't totally clear on this.

it is clear that once someone declares they are infected, their app will forward their current id to the central system/DB and then generate a new id.

What is not clear is whether this new id is temporary ie. valid for 3 weeks of self-isolation. or what. and whether other devices can on seeing this id. immediately identify it as being a live CoViD19 carrier and thus avoid immediately.

I would hope that some more detail does exist on this important aspect of the app.

Google rolls out pro-privacy DNS-over-HTTPS support in Chrome 83... with a handy kill switch for corporate IT

Roland6 Silver badge

Re: Who do you want to hide from ?

> DoH when it is the default in two widely used browsers, including now the most widely used.

Given New Edge is Chromium-based, expect MS to join the club later this year (or is it there already? - as not specifically looked for it).

Roland6 Silver badge

Re: Nanny statism strikes again

>"Chrome will disable DoH in managed environments that declare relevant enterprise policies"

And has any one found a reference that explains just what exactly these policies are - a quick Google fails to return anything.

Personally, the out-of-the-box action (for Windows) should be to simply detect active domain membership and network type (Public/Work) and play nicely with the Domain provided DNS server. Obviously, the user is free - until Chrome Group Policy settings prevent it - to change the settings for themselves.

Microsoft promises big things for Edge... and they'll be ready for folks some time before universe's heat death

Roland6 Silver badge

Re: "what Edge really needs is more users"

Just run updates on a bunch of Win10 PC's today, after installing "New Microsoft Edge" as the default browser, I was surprised by the number of other applications that still defaulted to using IE (eg. Teamviewer) to access their support pages.

Aside: I love the fact that whilst Win7 might have gone end of life a few months back, you can download new Edge for Win7.

SAP proves, yet again, that Excel is utterly unkillable

Roland6 Silver badge

Re: Not affiliated in any way, but ...

Need an enlightened employer... Quantrix Modeller - "the successor to Improv" is only 2,450 USD pa per user.

I find where vendors put a "Request a Free Trial" form rather than permit the download of a 30-day trial version, off-putting in the extreme.

Roland6 Silver badge

Re: The Wheel of History

>And Lotus Improv was out of this world at that time too....

Still is, Excel 2019/365 still can't do 3D spreadsheets as simply as Improv did.

Roland6 Silver badge

Re: In my experience

>Yes, but the users aren't always doing this out of blind stupidity.

Particularly, as once you've learnt how to do pivot tables, charts etc. in Excel, you can use that knowledge for any other package, whereas knowledge of SAP Analytics pivot tables is only applicable to SAP...

Fancy watching 'Bake Off' together with mates and alone at the same time? The BBC's built a tool to do that

Roland6 Silver badge

Re: "together even when they are physically apart"

>If I want to be with someone, then I am with someone. ...

In the current lockdown, you can only do this (and some of the other things you list) with someone who is a member of your immediate household...

I did a variation of what the BBC is offering (same time different place) with a movie for my teenage daughter's birthday recently, she and her friends watched the same film, whilst in a 'meeting' (*), so whilst not as good as being in the same place at the same time, did permit some real-time interaction and viewing control (pause, rewind).

(*) Need to be careful about sound feedback. I would hope that someone will implement some form of noise-canceling (on the movie) which would enhance the meeting experience ie. would permit audio/spoken word conversation.

>Still, the Beeb idea is bizarre.

Given the omission in your comment, I suspect you also don't see the point of multi-player gaming and in game chat - something my teenage son does a lot with his friends.

Podcast Addict banned from Google Play Store because heaven forbid app somehow references COVID-19

Roland6 Silver badge

Re: Publish Elsewhere?

>Perhaps it's time for developers to ensure ...there's a way for users to obtain the latest versions

Its more than just the latest versions.

Do a factory reset and you may find that many apps can't be installed because the latest version doesn't run on your particular version of Android.

However, with a little digging around you can often find a site - of unknown repute - that has a few old versions, which you can try and find one you can install and then update.

If you're appy and you know it: The Huawei P40 Pro conclusively proves that top-notch specs aren't everything

Roland6 Silver badge

Re: Consequences

>It seems you may have finally come to realise the outsized role Google has in your everyday life, yes?

I suspect it hit them like a brick...

It has taken the Huawei P40 to make the reviewer realise that what they thought was "Android" isn't Android at all, but Google services.

A few years back people talked about walled gardens - mostly with respect to Apple and Microsoft, it seems Google has quietly over the years turned "Android" into a walled garden without people noticing too much.

NHS contact tracing app isn't really anonymous, is riddled with bugs, and is open to abuse. Good thing we're not in the middle of a pandemic, eh?

Roland6 Silver badge

Re: "Design it to be secure from the start."

>That's an old-world view that's at the source of many of our current challenges.

err no...

Design of an system application such as the NHS app, starts before anyone has even thought of designing software. When I pass a system design to the Software Engineers (to contribute their component of the solution), I've already solved the real-world problem and identified many of the key security hurdles the design of the software elements need to get over...

So you are correct in that Software Engineers on being given a brief can start to think of security from the start of their involvement.

Roland6 Silver badge

Re: symptoms of covid-19 compared to common cold, flu and asthma

>Will the app ask if the user has a cold or is asthmatic?

There is already an app for that.

My partner signed the family up, we report on a daily basis on a range of questions - she had a migraine earlier in the week and ticked four symptoms from the long list, that evening she received an email offering her a test slot.

Roland6 Silver badge

Re: Just say no

>I therefore suspect that their offering will be pretty much gold-standard.

you are forgetting they also control the platform OS, so you need to assess things in the context of what can be extracted via the OS reporting (remember Apple have already said they are making some of the app functionality OS functionality...) rather than the app itself does dodgy stuff...

Roland6 Silver badge

Re: Just say no

> Its major advantages are no central database of identifiable information and clean iOS/android interaction.

Big assumptions there:

1) It's okay for Apple and Google to limit what others can do with their platform - and actively take measures to prevent rooting...

2) Whilst the approach places different requirements on the central/distributed DB, you are assuming that their approaches don't upload any of: phone number, Google unique device id., icloud/google account details, usage of other app's etc...

3) In using an iPhone/Android you've already given Apple and Google permission to upload usage information to them, so no legal recourse...

Roland6 Silver badge

>it took less than 30 minutes looking at the code the day it was released for me to spot multiple issues ranging from the basic to the severe, including many day one rookie mistakes.

Expect the Apple and Google apps to be similar, only expect the data to be replicated to an offshore DB to allow non-GDPR compliant processing...

As the first commenter said, for the app to work, information that identifies a phone/person needs to be retained and exchanged with other identifiable phones/persons. All solutions require the information to be shared via a 'trusted' broker...

Roland6 Silver badge

>"...and how long did we have to wait for the first data breach? A week after launch of the Beta!"

Puts the entire Huawei b*llocks into perspective; if the UK government can't secure a relatively trivial DB then it has already lost the security battle with other nation-states. Ie. we should assume the Chinese, Russians and the US via the Israeli's all have full and unhindered access to UK government systems...

Roland6 Silver badge

Re: "Design it to be secure from the start."

>"Design it to be secure from the start."

The laugh is that you can't design something to be secure from the start!

You first have to solve the real problem then you can evaluate how that solution can be made secure, this may take several iterations before you arrive at a solution that hopefully satisfies most of the requirements.

Roland6 Silver badge

Re: One would have throught...

You do realize both the Apple and Google app also has a "central" DB - remember a 'central' database is just a distributed DB with a single instance; alternatively, a distributed DB is just one implementation approach to a central DB...

Once you start looking at the Google and Apple app's and appreciate what they already know about your phone, you start to appreciate they are not that much different to the NHS app from a personal privacy point-of-view. At least with the NHS app we stand a reasonable chance of not getting spammed with adware for: fake cures, will writing, funeral plans, etc.

Roland6 Silver badge

Re: One would have throught...

>Because of the complexity, I think it's where a centralized approach has more value.

Also, the centralized approach permits the government to utilize its privileged access to mobile network location data. Cross-matching this to the data from the app and there is the opportunity for some real scientific insights to be gained.

The more I assess the app, the more I see it's real value is in providing metrics to input to NHS admissions forecasts. Yes it should help to reduce the rate of infection, by alerting people to the need for them to self-isolate before they actually develop symptoms themselves.

Roland6 Silver badge

Re: One would have throught...

>"Make no mistake, they have every intention of retaining and using that data"

Where "they" in the above includes: both the backers of the NHS app and the backers of the Google and Apple apps.

Vint Cerf suggests GDPR could hurt coronavirus vaccine development

Roland6 Silver badge

Re: His opinion, or his employer's?

>Not sure GDPR specifies lengths of time, but you aren't allowed to keep the data for years after it is useful.

Well given the extent to which modern medical research uses historic (personally identifiable) medical records, it would be relatively easy to justify the "useful" retention life of CoVid19 data to be at least 100 years.

>Not sure if GDPR allows personal data to be transferred elsewhere without express consent

You get express consent to permit you to "share data with selected third parties".

Multi-part Android spyware lurked on Google Play Store for 4 years, posing as a bunch of legit-looking apps

Roland6 Silver badge

Re: re: factory reset

I think there are also article(s) on el reg that describes how malware can survive a factory image flashing (PC and phone) - due to much hardware having its functions defined by software which has its own memory that isn't touched by an OS reimage...

In undating a bunch of PC's recently, I found one device family required a Bios downgrade (to a specific version) followed by an upgrade to the new patched version to ensure UEFI disk and memory areas were overwritten and thus erased.

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020