Posts by alain williams

A better way of effecting change

Rather than suing BA for about 1/3 of last year's profit, something that will be regarded as a business cost and forgotten in a few years -- the individuals responsible for failing to ensure secure systems (eg BA board & top level Web managers) should be fined; something like 80% of their assets (ie house) and their pension pot. This will be noticed by directors, etc, in other companies who will then ensure that the same thing cannot happen to them.

I assume that customers who suffered losses will have those repaid by BA; something for the inconvenience would also be good.

Oh dear, a fan

pity because it is something that moves & so may fail, especially in a dusty environment, where otherwise it might be expected to just work for years.

If CNIL wins would it mean ...

that Barbra could force Wikipedia to remove this page: https://en.wikipedia.org/wiki/Streisand_effect ?

Is porn that damaging ?

Yes: some of it is 'meat market, wham bang thank you marm' stuff that disrespects both sexes**; it does little to help kids build good relationships as adults. However I would rather that they looked at porn than some of the blood & guts stuff where people are killed with little thought. What does that do to build a respect for others' lives ? Then don't get me started on the religious stuff that encourages people to believe in whatever nonsense that they see just because it sounds good - without any checking for reality.

Is this really the right target ?

** BTW: I gather that female porn stars are paid more than the men that the f**k, should there not be a move to pay them both the same ?

How long before the Gov't backdoor ...

is for sale on the dark web ? Probably at a hefty price, but available ?

Russia's GRU, and other state spooks, will probably have it before then.

Lots of lovely fines sent out all round ...

by HMRC to companies who have not been able to make their accounting systems compliant by March 2019 to the rules that will have been modified (again) in February 2019.

There are many who run accounting systems that have been developed in-house to deliver what the organisation needs.

This is on top of MTD (Making Tax Difficult) that everyone, including your house-to-house window cleaner) is supposed to do from next year.

Muppets.

ISP or DOH end points; who do you trust least ?

If you wanted to see globally who was visiting where it would be easier to compromise the 8 DOH end points than to get into the thousands of ISPs all around the world. NSA, GCHQ, ... must be rubbing their hands in anticipation.

However if you live under a repressive regime having the NSA/... spying on you might be preferable to your own government. But expect $REPRESSIVE_REGIME to force their Mozilla users to use their own DOH end points.

Who do you trust least ?

Extended validation certificates

What is the point of them ?

OK: I know that they are supposed to give the visitor extra confidence that they are going to somewhere trustworthy & all that, but how many even have a clue what the green padlock means ?

That is the problem: most neither know nor care. So why pay for something that few notice ?

ARM not Arm

Please get the capitalisation right.

Open justice should mean open decisions

which means that for such decision aids the code (and the data that it 'learns' from) should be open source.

If we really need this to protect places ...

then why not start where some of the most (self) important people hang out. Please install this kit to monitor everyone in & out of Downing Street and the Palace of Westminster.

Surely the MPs would feel grateful knowing that Big Brother is viewing all the comings and goings and thus keep them safe!

This could be a hit in the NHS ...

or other places that have (embedded) kit running ancient versions of MS Windows - which, apparently, was the worry about the wannacry outbreak.

I don't know if they could make something that supports the Windows XP ABI; presumably - but when?

If they can then support it - they might have a viable business supporting free s/ware, much as does RedHat. OK: embedded kit vendors will still have to jump through certification hoops - but it might be cheaper than porting their stuff to the latest MS Windows, with the new hardware requirements. They will also get the added benefit of no spy-ware (sorry: telemetry, I'll get that right one day).

What to do about it ?

we can't change the past, but we can change the future. Make it so that the spooks and Home Secretary do what they are supposed to.

Impose penalties on the spook heads & Home Secs who ignored the law, removal of pensions would be about right. Then any of these in the future who think about ignoring the law will decide that their own financial security is more important than some illegal request.

It won't happen of course but it is measures such as this, rather than well intentioned hand-wringing, that will stop repeats of violations of human rights.

Outsourcing some of it to India

which will:

* kill English jobs. It might save the HMCTS some ££ but, overall, it will be bad for the UK economy. Why can't we have joined up a government thinking which tries to award its contracts within the UK (and EU, until Brexit). This would have created employment in the UK, which would help offset the 5,000 redundancies.

* be a security nightmare. Highly personal and sensitive data being sent somewhere and viewable by people who we have no control over. How long before a major leak ?

Muppets.

What is a moon ?

Just as they demoted Pluto from planet status (because it is too small) I wonder if they might demote some of these new moons from 'moon' status to become 'satellites'. Is a rock 1 km is diameter large enough to be considered a moon ?

This could be interesting.

50MB over what time ?

50MB over a 1/2 hour journey might be parsimonious but doable for webmail email checking; but on a long 4 hour cross country intercity ... not at all.

Oh - 50MB would do me fine for several hours: ssh and mutt don't use much.

Please can we stop comparing CPU speeds by clock speeds

It is bad enough when we are talking about CPUs that implement the same instruction set, but with something different the numbers are largely meaningless. This is why we have SPEC, and even that is not simple.

IBM asked me for a password

In about 1987 we borrowed a 6150 from IBM for use at a trade show. The 6150 was IBM's first AIX (their Unix) machine. It did not have a lot of disk so I removed about 1/2 the operating system so that we could make a decent demo of our application.

After the event we returned the machine.

A fortnight later I had a call from someone in Warwick. They wanted to know what I had changed the root password to. I told them, but was astounded that IBM were not going to just completely wipe/re-install the whole operating system - I would not trust a machine that had been loaned out to someone like me!

Also: did they not know how to break into their own machine at the hardware level ?

The clue is in the name

Name*cheap*

Sometimes you get what you pay for.

Halted machine on other side of the planet

Some 25 years ago: a small amount of inattention and it was a machine in California, not the machine in Blighty that I powered down. Whoops! I sent a grovelling email & had to wait until they arrived the following morning.

Fortunately: a development machine so my only penalty was to be the butt of jokes for a while.

Barnier bombastic bullshit

Michel Barnier is using any scare tactic that he can think of to try and hurt England in the Brexit negotiations, even if it ends up hurting the rest of the EU as well.

He claims that he is not trying to punish England, but this is exactly what he is doing. He does not display the desire to get something that is best for everyone but seems to want to make it as painful as possible - I suspect to discourage others leaving, eg Spexit or Grexit.

Still, we can't expect honesty from a politician.

.

The above is not a comment about Brexit being a good or a bad thing.

If I was several months late paying taxes ...

I shudder to think of the fines that I would need to pay.

UC is late paying 20% of claimants. What compensation is being paid ? I suspect zilch.

Two main hurdles

The two hurdles will be:

* device drivers: the GPL that the Linux kernel is under will help

* the ability to root the device & install another OS. Some vendors will make this hard.

Much as I approve ...

of what this new will do (if it survives), I do not approve of laws being sneaked in under the radar by being hidden in something else - that is not how democracy is supposed to work.

This case is by no means unique - unfortunately.

Missing from review

I would like to see in reviews:

* what apps are non-removable, eg facebook

* how easy is it to replace the OS with something a bit more trusted, eg: Tizen or LineageOS

So will telemetry be switched off ?

I doubt it.

MS did release a tool that it claims decodes what is being sent, but since the tool is closed source ... who knows ? I'm OK with MS keeping much of its stuff closed source, but things like this absolutely demand open source. Fully specifying the byte-stream format would be another way of doing it.

Is this the answer to the Fermi paradox ?

Other civilisations have blasted themselves to eternity as we now look likely to do - it only takes a few ''rogue'' AIs, either through bugs, by design at the behest of an Ernst Blofeld character or ISIS type group.

'Weasel words and wilfully blind'

Well,of course MPs would recognise that -- it is what they frequently do when they do not want to answer questions put to them by journalists & similar.

I suppose that it is too much to hope for a universal epiphany amongst MPs that we do not like it when they dodge questions.

GDPR violation ?

Your phone is *your* phone so it is personal information. Grabbing location/... data is taking personal information. Did you consent to this ? If not then it is illegal.

There need to be prosecutions.

Congress has screwed up

They did it better in 1998 when they extended copyright by 20 years. This meant that 20 years later they were showered with yet more mouse gold. This time, extending by 50 years, means that they will not get any more bribes ^w research contributions for a looong time.

They should, at least, make the mouse pay!

PS: 20 years in 1998, actually a bit more complicated, but still.

As long as they run a 3G service ...

I don't really care what new 'phones they sell - I don't buy my 'phone through my network supplier. Hell, there are still parts of the UK where 3G does not work and the 'phone has to use 2G.

Hashing does not stop something identifying someone

"Device Co-op is not on personal identifiers. It is hashed," she said.

If you take a hash of a personal identifier that yields a unique hash, then it is a personal identifier. Just because you cannot (easily) reverse it to get the PI does not mean that it is not a PI. If push came to shove just look through the entire database hashing each ID.

Adobe is squirming, trying to evade the law; but they will still be breaking it.

The Mate spin

Gnome has long been unuseable. I'll download the spin that uses the Mate desktop over the weekend.