* Posts by paj

11 posts • joined 27 Apr 2011

The police are WRONG: Watching YouTube videos is NOT illegal

paj

A new use of "may"

So if the Police say it "may" be a crime, that means it isn't a crime... if it was a crime they would say it "is". That's a new use of the word to me... wonder if it will get in the dictionary as quick as amazeballs.

EE network whacked by 'PDP authentication failure' blunder

paj

EE improving for me

I've had an Orange/EE work phone for the past few years. The rural reception was really poor at first, much worse than Voda that I used previously, or O2 that my partner used.

The signal has gradually improved over the past couple of years. In fact I often find I have a better signal than my partner, who is now on Voda.

And in urban areas the 4G signal tends to be good.

So these days I'm actually a happy EE customer... and lets hope it stays this way. I'm in Lancashire, YMMV elsewhere.

New design flaw found in crypto's TLS: Pretend to be a victim online

paj

Actually, for those using a username and password, if you connect to a malicious website then you are completely vulnerable to this. The site just collects your login details and uses them. That's exactly what phishing is.

Mail Migration

paj

Migration and JUST the migration...

Focus on the migration.

Many times I see people (project managers for the main) say "well, this would be a great time to have a tidy up, remove inactive accounts, etc."

DON'T

Invariably the tidy ups cause far more issues than the migration itself. And when you get problem reports, you'll spend ages trying to work out what the problem was with the migration - only to realise the account in question got "tidied".

New Development. Where do we go?

paj

Re: Look at your use cases!

I agree that looking at use cases is good - build what your users need, not what you think is cool.

But with HTML5 and some good libraries you can build better UIs than desktop for many applications. With something like JQueryUI you have all the same widgets you'd use in a desktop app plus a whole bunch of extras, like animations. And then AngularJS takes this to another level and you can build responsiveness rarely seen in desktop apps.

paj

We're all web apps now

It sounds like you currently have a "Fat client" app that talks directly to the database. The trend is to have the client talk to a mid-tier that implements the business logic, and the database sits behind this.

One benefit of this architecture is that it's easier to have a variety of clients - Win32, GTK, iOS, Android, etc. And HTML5 is a very capable client, especially if you use an advanced JavaScript framework like Angular or Backbone. And it avoids a lot of deployment issues, like needing to create an update system.

There are various protocols for client to mid-tier communication (SOAP, XMLRPC, Thrift), but HTTP with REST and JSON seems to be a winner.

Also many choices for implementing your mid-tier. Java and .Net are the mature ones, while Python and Ruby have innovative new features. And there's many more. Personally, I like Python.

Another benefit of introducing a mid-tier is that it's easier to change your database technology. Traditional RDBMS (Oracle, SQL Server, Postgres, etc.) are a fine choice - although there's growing use of NoSQL databases (Mongo, Couch, Neo4J, etc.) Personally, I like Postgres.

Under the microscope: The bug that caught PayPal with its pants down

paj

Paypal's policies allow this

On most web sites you would have to break the law to discover this. However, Paypal have a particular policy, whereby if a researcher follows their rules, they will not be prosecuted. They were the first web site to have such a policy. It was warmly received by the security community, and has since been copied by other web sites.

http://jeremiahgrossman.blogspot.co.uk/2007/11/paypals-vulnerability-disclosure-policy.html

63 TRILLION maths ops a second - in 5 inches? Mm, show me

paj

Can't wait for the software!

This box takes up another step towards commodity HPC. A lot of businesses could afford to put a box like this under their analysts desks, giving them serious compute firepower. The question of course, is what do you do with that? At the minute you need advanced programmers to make use of this kind of hardware, at least if you're doing a task custom to your business, as opposed to, say, running Folding @Home.

You can imagine a kind of high-end spreadsheet, that puts all this compute firepower in an easy to use package. When someone invents that, all these data analysts will be able to really use the HPC boxes. This would greatly benefit all kinds of financial analysis. And can you take it further? Retail sales data? Industrial sensor data?

Amazon, eBay, banks snub anti-fraud DNS tech, sniff securo bods

paj

Understandable apathy

I think the apathy is quite understandable - DNSSEC won't help these kinds of sites all that much. Cache poisoning attacks are not widespread, presumably because the criminals would have to target a lot of caches to make a difference - and that's a lot of work.

Knowledgeable users already know to type https:// in the URL for sensitive sites, which provides more protection than DNSSEC. And those less in the know are likely to fall for simpler phishing attacks anyway.

Door creaks and girl farts: computing in the real world

paj

For occasional use, you can always buy a USB CD drive - and in the past I expect you could have bought a USB infrared port. I think they're doing exactly the right thing stripping out components that are only used occasionally. It's not just the cost - they're saving you carrying around deadweight too.

ARM jingling with cash as its chips get everywhere

paj
FAIL

Big pie, little slice

That's not much cash for so many CPUs. We often hear of technically strong companies being a commercial failure. Usually that's because they can't sell enough. But in this case I feel it's because they've not managed to negotiate a big enough slice of the pie for themselves.

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021