* Posts by HMcG

160 publicly visible posts • joined 8 Nov 2010

Page:

Britain's cyber agents and industry clash over how to tackle shoddy software

HMcG

Re: Software Vendors Are The Tip Of The Iceberg!

> some of that does have repercussions elsewhere in the world. .

Not much longer. The USA is becoming more irrelevant every day.

HMcG

Re: Grift

Picking locks is ‘easy’ if you are intelligent enough to to understand the principles, and you put in some time and effect to learning the skills required, and are prepared to take instruction from some who knows more that you about a subject.

That pretty much excludes the criminal population.

Microsoft moved the goalposts once. Will Windows 12 bring another shift?

HMcG

> have gine agead

Not if that was an example, they haven’t…

British govt agents step in as Harrods becomes third mega retailer under cyberattack

HMcG

Did the proprietor wear a Fez, and was there a magic door at the back of the changing room?

30 percent of some Microsoft code now written by AI - especially the new stuff

HMcG

LLM inference training is by its very nature lossy, and as a result LLM generated code quality is significantly poorer than the average quality of the code used to train it.

This would normally be a concern , however for Microsoft, below average probably represents a huge increase in code quality, going by the number of critical flaws patched every single month. I can see why they are so keen on it.

AI training license will allow LLM builders to pay for content they consume

HMcG

Re: Utter tosh

> A single licensing charge

Why would it be a single licensing charge? An ongoing monthly royalty payment for any creator whose works have been used for training would be a far fairer method. And the creator should be able to set whatever fee they wish, or have their works removed from the training data.

This would obviously require some independent compliance monitoring, the first step in which is for a list of all the LLM training data used to train a model to be made public. The fact that Open AI and others are desperate to advise such scrutiny tells us all we need to know about the legitimacy of their use of data.

Devs sound alarm after Microsoft subtracts C/C++ extension from VS Code forks

HMcG

Duh!

That’s not the sound of an alarm, it’s just the “Duh!” sound of Captain Obvious landing.

M&S stops online orders as 'cyber incident' issues worsen

HMcG

Re: No cash here

> cash payment wouldn't be any faster, the whole system was slow

Cash is still faster for the customer - you just give them the money then go and eat your meal, and they can process the payment at their leisure. I don’t need to hang around while they do so.

NTT creates a drone that triggers and catches lightning – then keeps flying

HMcG

Re: Thunder*storm*?

Hardly even worth calling it a thunderstorm if it doesn’t involve hailstones the size of golfballs.

ChatGPT burns tens of millions of Softbank dollars listening to you thanking it

HMcG

Re: "millions of dollars in operational expenses" i.e. power consumption

Not really. As surmised clearly in the post titled "It's the LLM training", you get better responses from being polite to AI because statistically, data scraped from polite, intelligent queries and replies are much more likely to be helpful and correct than rude and curt replies.

Therefore polite queries will weigh stochastic AI responses towards better, more accurate answers. A single query with a useful response from the AI is less wasteful than multiple attempts that do not get a useful response. So being polite is environmentally friendly, in so far as any use of AI can be.

CVE fallout: The splintering of the standard vulnerability tracking system has begun

HMcG

Re: China

It wasn't a troll post, you are just genuinely ignorant about many, many things. Little point in trying to cover that up now.

Europe's cloud customers eyeing exit from US hyperscalers

HMcG

Re: "I think this is a realistic fear nowadays"

Very few EU citizens or companies keep their money in American banks. So that’s an entirely strawman argument.

This one weird trick can make online publishing faster, safer, more attractive, and richer

HMcG

Re: No backups

A backup that hadn’t been successfully tested isn’t a backup, it’s just something to make you feel better about not having any backups.

HMcG

No backups

> There were backups. They did not work.

You mean they didn’t have any backups.

Microsoft wouldn't look at a bug report without a video. Researcher maliciously complied

HMcG

Re: May I recommend...

15 minutes of video with less than a minute’s worth of actually useful content is more of a YouTube thing.

Google says it's rolling out fix for stricken Chromecasts

HMcG

Re: Too Bad

Given how frequeny Google drop side-line services and products without any consideration whatsoever for the users, I suspect this is not being fixed out of the goodness of their hearts, but because it runs afoul of deliberate obsolescence laws. The device may be out of warranty, but it's still illegal to have a kill-switch deliberately break your device after a certain period, which is exactly what this amounts to.

British Museum says ex-contractor 'shut down' IT systems, wreaked havoc

HMcG

The guy was caught red-handed, so the physical security wasn’t all that bad. If he had legitimate physical access before, there are a lot of ways he could have disabled locks or copied keys he wasn’t supposed to have. So firing the head of security is a bit pointless, as any replacement may well be worse. At least the current security team have learned a valuable lesson about the dangers of inside sabotage.

Hide the keyboard – it's the only way to keep this software running

HMcG

Re: Extremely bad design

And get the infamous “Keyboard not detected -press F1 to continue” error message.

JPMorgan Chase sues scammers following viral 'infinite money glitch'

HMcG

"Chase takes its responsibility to combat fraud seriously and prioritises protecting the firm and its customers to make the banking system safer," the bank said in the court filings.

Well that’s clearly not true, they obviously don’t take fraud seriously or this would not have been allowed to happen.

Linus Torvalds affirms expulsion of Russian maintainers

HMcG

Re: Economic Sanctions are War Crimes

>Does anyone expect Russia to allow NATO nukes to be installed along its border?

Yet somehow it was perfectly ok for Russia to install nukes in Ukraine when it had a Russian-aligned government? Right on Europes border?

Your protestations are nonsense if you cannot acknowledge the sheer hypocrisy this stance.

Japan to put a small red Swedish house on the Moon

HMcG

Stolen from a Not the 9 o’clock News sketch. Rowan and Griff, if I remember correctly.

Jetpack fixes 8-year-old flaw affecting millions of WordPress sites

HMcG

A great deal of cybersecurity training on phishing emails is outdated. They still warn about poor spelling/ grammar / punctuation, which is no longer the case, as ChatGDP and other LLM’s are used either to create or edit the contents.

Smart homes may be a bright idea, just not for the dim bulbs who live in 'em

HMcG

Re: "Ask me how I know."

You get remote controlled bulbs now that do the trick very nicely. Can change the hue as well as the brightness. No internet connection required, just an IR remote control, and no flickering. Very handy if you don’t have a wired in dimmer.

Moscow-adjacent GoldenJackal gang strikes air-gapped systems with custom malware

HMcG

Re: Air-gapped

If your air-gapped PC has USB sticks being transferred back and forth to other machines, it’s not an air-gapped PC. It’s just another network, one with very high latency and packet size.

AI godfather-turned-doomer shares Nobel with neural network pioneer

HMcG

> Unlike todays NN's the Hopfield Net simulations remember extact patterns - in other words perfect memory without hallucinations (but also without flexibility).

More importantly, without plausible deniability when it comes to outrageous breach of copyright…

If Dell's Qualcomm-powered Copilot+ PC is typical of the genre, other PCs are toast

HMcG

Re: Don't give them ideas

An insecure robot vacuum? What does it do, hide under the dining table refusing to come out?

The force is strong in Iceberg: Are the table format wars entering the final chapter?

HMcG

And on a completely unrelated topic, does anyone remember HP paying $11.7 billion for Autonomy?

That went well.

Ryanair faces GDPR turbulence over customer ID checks

HMcG

Re: SqueezyJet tips

> If only I could understand why 23kg of 'luggage' costs half the price of 15kg of 'sporting equipment' (aka my paraglider)…

Essentially, because Ryanair figure that if you are a paraglider, then you have a bit more dosh than the average punter, and they can wring you for a bit extra profit. Squeezing customers until the pips squeak for ‘extras’ like using the toilet is Ryanair’s whole business model.

HMcG

I know someone who flew Ryanair once. nuff said.

Google says replacing C/C++ in firmware with Rust is easy

HMcG

> The US government lately has been hammering on this theme, with support from leading tech firms and non-profit initiatives to rewrite critical open source projects and components in Rust.

No, they haven’t. They have been hammering on the theme of using memory-safe languages in general, one of which they mentioned is Rust.

This kind of Rust-hype is likely to cause resistance to Rust, not promote it.

Ex-ASML worker accused of stealing chipmaking secrets for China is Huawei to a new job

HMcG

Re: It won't make any real difference

If China were capable of developing better systems, they wouldn’t be so desperate to steal ASML’s proprietary secrets.

WordPress.org denies service to WP Engine, potentially putting sites at risk

HMcG

> It doesn't have the massive ecosystem of plugins that Drupal and WordPress do,

That sounds like a positive, not a negative…

HMcG

There are also no legal obligations to continue to allow WP Engine to profit off of WordPress’s services.

Victims lose $70K to one single wallet-draining app on Google's Play Store

HMcG

Re: Exploiting the mechanics of smart contracts allowed the attackers to authorize transfers

A smart contract can’t protect a wallet belonging to a stupid crypto-bro.

Feds urge 3D printing industry to end DIY machine guns

HMcG

> If anything the availability of cheap semi-auto pistols in the US makes crime less dangerous

It only makes it less dangerous to the intended target, it makes it much more dangerous to the innocent bystanders.

Rust for Linux maintainer steps down in frustration with 'nontechnical nonsense'

HMcG

Re: Living this dream in my workplace right now...

I would imagine that it’s not an unwillingness to learn something new , just a judgement on the effort vs value of learning Rust in particular. Rust is new, not widely adopted, and as a kernel language unproven. Compared to applying that time and effort into improving the current C++ code, it’s not a given that learning Rust is of value ton Linux kernel dev.

The push for incorporating Rust code into the Linux kernel seems to be as much ( if not more) about promoting Rust as it is about improving the Linux kernel.

If a cheesy '80s flick is a good metaphor for how you run projects, something is wrong

HMcG

Re: Cheesy flick ?

Highlander is still the best music video ever made.

Deadbeat dad faked his own death by hacking government databases

HMcG

Re: Yeahbut

> If you hack the school mainframe and give yourself all A’s, are you really still a dummy?

You are if you then try to sell your “all A’s” hacking services to everyone else in your class.

CrowdStrike hires outside security outfits to review troubled Falcon code

HMcG

Re: what happened

Beyond that, what really horrified me is what seems to be a complete lack of any crash log checking and safe rollback.

If you are messing around with your customers critical systems at a privileged kernel level, there’s an absolute duty to have a watchdog monitor that’ checks your drivers crash logs and safety rolls back any updates, before any such updates are loaded again.

There seems to have been a complete lack of any such function. At the very least, I hope that Microsoft revoke their boot-driver flag privilege, as Crowdstrike have not taken their duty to do no harm seriously enough.

Keir Starmer says facial recognition tech is the answer to far-right riots

HMcG

Re: Buy Shares In Hoodies.....ASAP......

“ it's a bit harder to change"

Not that hard, just put on a pair of high-heeled shoes.

Might make the rioting a bit tricky, though….

Is AI going to pay its way? Wall Street wants tech world to show it the money

HMcG

Re: It's the journey, not the destination

LLMs, by the very nature of them, only output average quality and extremely derivative works, so that would be a big fat 0 on any of the liberal arts,

EU AI Act still in infancy, but those with 'intelligent' HR apps better watch out

HMcG

“ Last year, Meta's chief AI scientist, Yann LeCun, said regulating foundation models was effectively regulating research and development. "

This would be the same Meta that just settled with the Texas legislature for a billion dollars, for using AI to illegally scape biometric data to name-tags photos without permission? I think we can do without that guys opinion on AI regulation.

Oracle's Java pricing brews bitter taste, subscribers spill over to OpenJDK

HMcG

Re: FALSE

> an application running on Oracle Java will run just as well on Java from a different vendor.

Whilst that’s true, it would probably be better worded “just as poorly”. This is Java, after all.

London council accuses watchdog of 'exaggerating' danger of 2020 raid on residents' data

HMcG

It depends on how the fine is applied. A fine that is effectively transferred into earmarked funding for the IT improvements that the ICO determines are required would be a better option than just a rebuke, as show by the councils unwillingness to accept that the rebuke is justified.

A thump with the pointy end of a screwdriver will fix this server! What could possibly go wrong?

HMcG

Re: Worst for who?

"the second worst was to the person they were working with."

Many an adage based on this principle.

Never tempt fate, always cut towards your mate.

Never cut towards your thumb, always cut towards your chum.

etc etc.

Scarlett Johansson voices anger at OpenAI's unauthorized soundalike

HMcG

It's certainly interesting that they have refused to name the voice actor in question "to protect their privacy".

Most any voice actor loves any promotion they can get, as they are all to often treated as a commodity, and actors as a group aren't known for being shy and introverted...

HR expert says biz leaders scared RTO mandates lead to staff attrition

HMcG

As an interviewee, that's actually a very useful method for weeding out potential employers whose management exhibit the kind of stupidity that crashes companies. If your colleagues are being hired because they can polish shoes nicely rather than their ability to do their job*, that's not a company you want to work for.

* Unless your job is polishing shoes, obvs.

US Air Force says AI-controlled F-16 fighter jet has been dogfighting with humans

HMcG

Re: Oh, no. Just think about all those poor F-16 pilots that will need to find a new job!

What on earth makes you think AI's are going to be sane?

Page: