* Posts by pmb00cs

97 posts • joined 18 Aug 2011


What is your greatest weakness? The definitive list of the many kinds of interviewer you will meet in Hell


I was once turned down for a job because the interviewer didn't feel I wanted the job enough.

A recruiter contacted me on linkedin, asked if I would like a good job, I said that I would be a fool not to consider the right offer, but I was happy in my current job. I went through a phone interview, then the face to face interview. I don't think the face to face interviewer got the memo that they were selling me the job, not that I was selling them my skills. So I didn't get an offer, instead I got a polite "thanks but no thanks" response.

Two weeks later they got back in touch and asked if I was still interested. I wasn't. I guess no one else was either.

Tax check tool CEST is the pits, say UK contractor consultancies as latest HMRC usage stats are published


Re: HMRC is getting a bigger slice of the pie, but has made the pie smaller.

IR35 is actually quite an old rule. It's just that HMRC have changed who is liable to pay the tax owed on people found to be operating inside the IR35 rules recently.

It was, since the inception of IR35 till recently, that the employee/contractor was liable for the taxes, and the employer/client was not. Given that when the rules were introduced they were ostensibly to root out "hidden employment" where a person was doing the work of an employee without paying the right taxes, or getting the right benefits, this was the wrong way round (in my head anyway) but companies with large contractor bases objected to being held liable for the dodgy tax practices of their contractors, and as the rules are entirely about tax (and NI I know, but that is essentially a form of tax) and not about employment rules in general it made sense to HMRC to apply it that way.

HMRC have recently changed the rules to make the employer/client jointly liable for the taxes owed, largely because they weren't collecting enough taxes, unscrupulous contractors built up all sorts of dodges for the IR35 rules, some legal, some less so, but chasing all the contractors individually wasn't scalable.

Part of the issue is that if you are found to be within IR35 HMRC expects tax to be paid as if you are an employee, a lot of tax deductible expenses (that may be genuine expenses) are not allowable under IR35 but, crucially, IR35 *ONLY* covers tax rules, and says nothing else about the workers employment status.

IR35 has, for decades, failed to deal with the problem of hidden employment, because it is built only to deal with the harms of hidden employment to the exchequer. It is now targeting the pockets of companies that may be inclined to take advantage of hidden employment, but in doing so it is harming people who may already be being harmed by being forced into hidden employment, and also people who are genuinely trying to work more flexibly. It is a blunt instrument by design, and it has been misapplied for so long that just turning the screws tighter, as HMRC are trying to do, is doing more harm than good.

For context, I am a full time employee, in part because early on in my career IR35 was simply too onerous to contemplate risking being a contractor, quite apart from the financial risks that are inherent to insecure work from contracting.

Cloudflare network outage disrupts Discord, Shopify


Re: CDN useless

That's a nieve view of how networking attacks work in the real world. A CDN that doesn't handle TLS termination can prevent, or aliviate, a number of low level DoS attacks.

Such a CDN wouldn't be able to protect against higher level attacks, but allowing a CDN to handle TLS termination is reasonably standard practice (as has already been pointed out).

Debian devs decide best response to Richard Stallman controversy is … nothing


Re: Not very accurate

"I look forward to reading your definition of decency which clears up when people can and can not hook up without needing your special permission."

They don't need my permission. That's why I characterised it as "questionable" instead of "wrong". However the society in which I have been brought up does look unfavourably upon extreme age difference between sexual partners. Denying that this is the case doesn't change the way society views these things, and attempting to attack me for a minor part of my larger point doesn't change my larger point. Stallman isn't being victimised for defending an innocent man, he is being attacked for airing several questionable opinions and for displaying a pattern of behaviour that many deem to be unacceptable.

"I've yet to see any substantial accusation from a woman about Stallman that doesn't amount to "he had the temerity to ask me out even though he has a beard", despite a great deal of effort going into whipping this storm up as far as humanly possible."

And that would go some way to explaining why you feel that Stallman is being unfairly victimised. I however have seen accusations that I feel, if true, would justify the removal of Stallman from public positions of influence.

Is Stallman suffering from an unjustified witch hunt? Possibly, I'm not personally in possession of all the evidence.

Has Stallman publicly expressed opinions I personally find abhorrent and unforgivable? Yes. Absolutely. To his credit he has renounced some of the worst of those opinions, but not all of them.

Are the attacks on Stallman's character all based on his defence of Minsky? No, and trying to defend him by acting as if they are is disingenuous.


Re: Not very accurate

But Stallman didn't defend Minsky by pointing out Minsky did not in fact have sex with Giuffre. Which would, under the circumstances, have been the best defence. He defended Minsky by saying Minsky would have done nothing wrong if he had had sex with Giuffre. An opinion that based on their age difference at the time would be questionable, and under the circumstances (Giuffe was being coerced, even though not by Minsky) is even more questionable.

This "Defence" of Minsky drew attention to a number of other questionable opinions that Stallman published on his personal website.

That attention resulted in a number of women coming forward to make accusations against Stallman of inappropriate behaviour over most of his career.

The characterisation of this as "Stallman defended an innocent man, and is being hounded because of it" is a massive injustice to those people who he has behaved inappropriately toward, and misses a number of opinions Stallman has aired that are at best deeply questionable, some of which he has since renounced, but not all.

Yes, there's nothing quite like braving the M4 into London on the eve of a bank holiday just to eject a non-bootable floppy


Re: HR's Disappearing Data

There's no I in team, but there are four in "platitude quoting idiot"

Doesn't normally go down well when said to someone important, so use with caution.

EncroChat hack case: RAM, bam... what? Data in transit is data at rest, rules UK Court of Appeal


Re: Filth

Except the envelope in this instance is the encryption. So the message has been read outside the envelope.

The question here is did the message get read before it went in the envelope, after the recipient opened the envelope (both perfectly legal under the warrant obtained), or was the envelope opened en-route by the authorities (illegal under the warrant obtained).

The court has ruled that as the authorities are incapable of opening the envelope en-route arguing over the nature of the information storage mechanism used prior to the message being put in the envelope is moot, and the message isn't in transit until it is in the envelope.

The defence position appears to be akin to the sender didn't put the message in the envelope until they were stood at the postbox, and the recipient took the envelope off the postie outside their home, therefore there is a period where the message is both outside the envelope, and still in transit. If this were the case it would be possible for the interception to be illegal under the warrant used and thus they need to know exactly how the message was intercepted so they can know if it was intercepted legally or not. The court has ruled this is not a valid analogy of E2E encrypted services, so they don't need to dig any further, thus the warrant was appropriate.

Parler games: Social network for internet rejects sues Amazon Web Services for pulling plug on hosting


I was not pro the shutting down of Parler previously. I am however enjoying their misfortune immensely.

Do I know what free speech is, and why it matters? Why yes I do. But do Parler's defenders understand what consequences are?

I strongly believe that you should be able to say what you like. But when you say something abhorrent I'm not going to have much sympathy when you get hurt by those you've pissed off. The same applies here, Parler's users said some abhorrent things, and AWS was unwilling to continue to host that content, so turned their services off. Freedom of speech does not mean freedom from consequences.

Windows might have frozen – but at least my feet are toasty


Re: Reminds me of my college days

Same thing that happened to the very expensive Cisco Catalyst 6509 Chassis' at the end of a row of newly built out data hall where the installers of the racks couldn't be bothered to fit the dividing panels between the racks as it clearly wasn't important. Most rack mount servers, and top of rack switches, of the time took cold air in the front, and output the now rather warmer air out the back. The larger switches however, were designed to fit in wider racks to accommodate the cabling and thus were designed to take cold air in one side, and exhaust it out the other (the rack was meant to have baffles to direct the air up from underneath to the intake side, and up out the top from the exhaust side, but these were also not fitted).

But that one wasn't my fault.

Court orders encrypted email biz Tutanota to build a backdoor in user's mailbox, founder says 'this is absurd'


Re: Dear Courts. No. Go away.

The problem with that legal defence is that it requires you to prove a negative. Now I'm not a laywer, but in the real world proving a negative is *very* difficult.


Re: Dear Courts. No. Go away.

You failed to provide the key on being lawfully asked for it.

You may not be able to do so, but that just means it sucks to be you right now.

I don't agree with this particular law, but you were in possession of the key, and the unencrypted message, upon being lawfully asked for the unencrypted message you are required to provide it. The cutout would at least have the defence that they never had access to the key or unencrypted message.

Pure frustration: What happens when someone uses your email address to sign up for PayPal, car hire, doctors, security systems and more


Re: Accounts with HSBC

I believe this is because under UK law your name is whatever you say it is. Yes there are official documents, and getting the name on those changed requires things like deed polls and other official looking documents. But actually they do not represent your name, only your official identity as recognised by some government department or other. So If I said my name was Eclectic Man, then my name is legally Eclectic Man, as long as I am not doing so to defraud someone (fraud is definitely a crime) then I have done nothing illegal.

But not being a lawyer this is not sound legal advice on the matter, and before you do anything with this that may need legal advice do consult a proper legal representative!

When even a power-cycle fandango cannot save your Windows desktop


Was once called to help recover a failed server from backup. Asked the receptionist who had been tasked with maintaining the backup tape rotation to fetch in the previous nights backup tape. The tape was there on my arrival, still in the cellophane wrapper in it's carry box. A label with the previous day had been stuck on the box, but the tape had clearly never seen the inside of a tape drive.

The poor woman had been taking a tape offsite everyday, and bringing that day's tape from the previous week back into the office for the better part of two years. Ten mint condition tapes with labels stuck on the carry boxes. Clearly no one had properly explained the relationship between the tapes and the tape drive to her, to start the backup she had been pushing the same demonstration tape back into the tape drive each morning, where the backup routine was happily overwriting the previous days backup, until the tape had completely worn out. Fortunately the hard drive wasn't completely fried, and I managed to recover most of their data.

Tax working from home, says Deutsche Bank, because the economy needs that lunch money you’re not spending


Re: Tax failure to consume

There is also the fact (which I skated over) that National Insurance contributions are a regressive tax with the highest marginal rates at lower incomes, and lower marginal rates at higher incomes.

Tax is complicated.


Re: Tax failure to consume

You have consistently used the argument to absurdity against me, and continued to do so even after I have pointed out that this is what you are doing. You have done so again. You are either not entering into this debate in good faith, or are so heavily indoctrinated into a toxic philosophy that does not accept the reality of the value or affordability of taxation that I cannot change your mind. In either case there is little point in trying to discuss this further with you.

One minor point however that I would like to make, we do not now in the UK have the highest Income tax rate since the 70s, and this is before you account for the fact that Margaret Thatcher's Government reduced income tax rates by a significant margin during the 70s.


Re: Tax failure to consume

1. Above what figure should be taxed extremely high?

This is the misrepresentation of my argument. I said more, I said nothing about "extremely high". You are using my argument "more" and misrepresenting it to an extreme to suggest "more" is also invalid. That is a logical fallacy. Stop trying to twist my argument.

You talk of taking the money but why? Is it to punish the success (remove what they dont need) or for a purpose?

All I talk of is the affordability of taxes. I personally have made no representation as to what I think should be done about that fact. That was an argument made earlier. However, yes the money should be taken for a purpose, that purpose being to support the needs of society. Funding things society deems nessacary. Health care, education, law enforcement, etc. The things that the very wealthy will absolutely HAVE to pay for one way or another. Either we have a society that imposes taxes, or society does not and the very wealthy have to fund these things in order to avoid full scale revolt, as used to be the case under feudalism. Either way the Rich are paying something. I find taxes to be more amicable than feudalism. How about you?

I am not invalidating your point, as I keep saying I look forward to you guys giving away voluntarily such amounts to the governments of poor people globally. That you think it absurd that you are the rich is stunning as either blind unwillingness to accept the fact or you wish to redefine rich to people other than you.

This is extending my argument far beyond itself to a fundamentally absurd place. It's a logical fallacy. I never argued everything should be redistributed from rich to poor, on any scale. Stop trying to suggest that is the only possible conclusion from my argument. It is not, and it doesn't invalidate my argument.

Actually poorer not poor (in absolute terms. Relatively they could be made poor). You cannot take what people earn without making them poorer.

Yes taxes make people poorer than they would be without taxes, if you entirely ignore the benefits those taxes fund. But you are suggesting that my argument isn't just that the rich should be made poorer than they would otherwise be without taxes, but that they would be reduced to the same level as the poorest in society. That is again, not my argument.

And why would we want to dumb everyone down to low pay in the name of equality instead of having everyones wages rising?

I don't argue to dumb everyone down to low pay. This is a misrepresentation of my argument. I don't argue everyone should be equal. That is also a misrepresentation of my argument.

The outcome of that being more tax money collected from actual growth instead of robbery.

Except if we refuse to take tax from those that can afford to pay it we either have to tax those who can't afford to pay it, or the exchequer gets no tax. So which do you prefer? Taxing those who can't afford the tax burden (in the name of fairness of course), or not taxing anyone?

Sorry if you feel that way, it was not my intention. You talk about people having more than they need (from your perspective) should be taxed more because they can afford it.

They can afford it. I can afford it. It is a fact. It may not be a nice fact, it may not be fair, but it remains a fact.

You might think it is misrepresenting your argument to point out that you are that very person and if we are to tax highly the top wealthiest then we in the developed world would be made poor to do so.

I Never said "highly". I said "more". I also never said how much more. I haven't expressed an opinion on if the current system is too onerous on the wealthy, or not onerous enough. I have simply stated the fact that the wealthy can afford more taxes than the less wealthy. I have certainly never argued that taxes should make the taxed poor.

You may wish to keep your view to only a national limit, but by applying it globally I am pointing out the problems in your argument-

> Your perspective of wealthy is different to others (as we are all different in our view of wealthy)

My perspective of wealthy is, in my opinion, quite healthy. I know how lucky I am simply to live in a first world country, with a system of social welfare, universal healthcare, law enforcement, and justice, among other things I get that are unavailable in poorer countries.

> You cannot tax the more off people without making them poorer

True, but "poorer" does not mean "poor" as you have consistently represented my position to be.

> Disposable income isnt money doing nothing, but in fact what makes everyones lives better (globally)

I never said it was doing nothing. My initial argument includes the point that survival without any luxuries is undesirable. And I have never said that all disposable income should be forfeit, I have simply stated that those with more of it can afford to give more of it away while still having more left over than those with less of it

> Taking that money and giving it to government doesnt improve lives

Yes, it demonstrably does, at the very least in more developed countries with advanced systems of government, in more corrupt regimes certainly less so, but that is a problem that is far more complex than taxation.

> The way out of poverty (globally and nationally) is for people to earn more not less

I have never suggested otherwise.

> What you see as a national problem has global impact

I don't deny it's a global problem. But international politics are outside the scope of my argument, and far more complex than simple taxation, and still don't change the relative affordability of taxation in relation to relative income.


Re: Tax failure to consume

You ARE misrepresenting my argument and you know it. My argument doesn't apply internationally on the scale you suggest, and even if it did my argument isn't that the rich should be brought low to make us all equal. My argument is that people who earn more can afford higher taxes. That you choose to make an argument to absurdity (a logical fallacy I pointed out elsewhere) doesn't make my argument suddenly invalid.

Yes the world would be a better one if our standards of welfare support were exported to the poorer nations of the world, but that is a problem that is far more complex than deciding how progressive a tax system should be.

I have never stated where I think that balance should lay, you (and one other in this topic) have suggested that I want the rich made poor in the name of equality, which is absolutely not my argument. All I have said is those with more money can afford to pay more taxes than those with less money.

And having grossly misrepresented my arguments you have now also suggested I don't know my place in the world. I assure you that I know how wealthy I am. I can afford to pay more taxes than many. I'm under no illusions as to how lucky I am.


Re: Tax failure to consume

If you're going to extremes.

Shanks's pony for travel

Sorry that's a capital holding. You either have to rent it (a cost) or do with out.

cobbled together mud and mess for a home

Also a capital holding, rent or do with out

food grown in the field

That field is a capital holding too, can you see where this is going yet?

Yes there are parts of the world that still largely live like this. We don't currently live there, we all live somewhere that has at least developed to the point of having an internet connection.

So tax the education and health system hard

I didn't say that education or health care are luxuries. Indeed for a functional modern society they are essential. That's why they're paid for out of taxation (for most of us anyway).

Its amazing how low this bar can be set too!

Yes the "essential to survival" bar can be set extremely low. In fact there is already a school of thought that suggests it is already set too low for many. But that doesn't change the fact that people who earn more can afford to pay more tax, and still live more comfortably than those who pay less tax.

Your entire argument here is misrepresenting my argument. I'm not proposing taxing the rich into oblivion, but the argument that the rich can't pay more tax unless we're all made destitute through taxation is entirely absurd.


Re: Tax failure to consume

Entirely true, and largely how the system works, but still doesn't answer the question. If I have twice as much disposable income as you then it's reasonable that I pay twice the tax. Why should I be expected to pay more than twice the tax just because I can afford to do so?

Because that's how the system works now in the UK. If you earn up to £12500 in England or Wales you pay no income tax (you still pay NI contributions that are essentially a tax now, and this complicates things, but for illustrative purposes I'm glossing over that). If you earn twice that figure you would therefore pay more than twice the income tax. Indeed you'd pay £2500 in income tax. Earn £50000 (four times the initial earnings, twice the amount paying £2500 in income tax) and you would pay $7500, three times what the previous example paid.

Our income tax system is a progressive tax system. It is fairer to charge those who are better able to bare the cost more than those who can't. There are debates to be had about where those thresholds should be, and how progressive the tax system should be. But the idea that tax rates should be even for all is daft, and contrary to the system we have. Earn more and you can afford to support society to a higher level than those who earn less.

Take that to its logical conclusion and everybody should be taxed to the point where they all end up with the same disposable income after essentials.

That's the logical fallacy of "Argument to Absurdity" https://en.wikipedia.org/wiki/Reductio_ad_absurdum at no point did I suggest that those who earn more should have everything extra that they earn taxed to the point that all people have the same post tax income. I simply pointed out the undeniable fact that those with more disposable income have more that they can afford to lose. They is still plenty of room for a debate about where the balance should lie.


Re: Tax failure to consume

Because you can afford too.

There exists a basic subsistence cost to survival, typically rent (or mortgage), a minimum on food, basic necessary clothing, and transport. Each of these factors has some variance, and some of them can be effected by capital holdings. However there is still a minimum cost to survival in a modern capitalist society. Everything you earn over this amount affords you luxuries. Basic survival is unpalatable, so basic luxuries are desirable, but they are still luxuries. The more you earn the more you can afford to spend on these luxuries (including for example spending on capital holdings that may reduce your basic cost of survival). This is called disposable income, because you can dispose of it and still survive. Earn more, get more disposable income, and you can afford higher taxes and still live with more disposable income than someone who earns less than you.

Also who says you work twice as hard as people who earn half as much as you? I earn a lot more now than I did working behind the bar, and bar work is hard work. My skills are more in demand now, so I command a higher salary, but that doesn't mean I work harder.

QUIC! IETF sets November deadline for last comments on TCP-killer spawned by Google and Cloudflare


Another solution to a problem that shouldn't exist.

As I understand it QUIC uses TLS over UDP so that the TCP overheads can be reduced to speed up the delivery of web pages. But that is only part of the story, because by using UDP you can send data in any order, ignoring the ordered nature of TCP, and have the application re-request any missing data, rather than having to wait for TCP stalling all data in the connection while it waits for the retransmission of a missing packet. Why is this an issue on the modern web? Because HTTP/2 multiplexes data streams within a single TCP connection, to speed up the sending of loads of separate files that are "needed" to make a modern web page. Why was that needed? Because some web pages are constructed using so many different js, css, html, and other files to construct that browsers were starting to hit limits in terms of the maximum number of TCP connections they could have open at a time in order to show one website. And after all this, the fastest websites to load, are still the ones that loaded fastest over HTTP/1.1, that consist of a html file and css file, maybe a small js file, and a handful of embedded images if necessary. We've managed to turn a method of sharing predominantly text into such a bloated mess, that it not only needs fixing, but the fix needs fixing.

Five Eyes nations plus Japan, India call for Big Tech to bake backdoors into everything


Re: It's not so easy...

Except, the Governments haven't had the access they are asking for for that long. Phone Lines used to be analogue, to tap a line you needed to tap that line, and get someone to listen to the call in real time, or record it and play it back. Text was by post, and you needed to intercept the individual letters, and read them. The process of "intelligence" gathering was personnel intensive, and expensive. This led to it's use being targeted by necessity. As more and more communication became digital it became easier to gather vast amounts of communications data without really having to commit personnel to reviewing it. This made the "intelligence" gathering cheap and easy. The "intelligence" processing however was still expensive and personnel intensive, but as long as they have the "intelligence" they can do that processing at their leisure. This has only really been the case with the internet, and only then with the increase in the popularity and utility of the internet. It is a myth that these agencies are only asking to maintain capabilities that they have always had, they haven't. It is also a myth that they would only use these capabilities in responsible ways, unfortunately for them that myth was blown wide open by Snowden, and other whistle blowers. These agencies are adicted to gathering ALL the information they can, but are unable to point to any substantive reasons why them having voyeuristic access to the entire world's communications is of any value to them. Let them do the hard work of actually doing targeted intelligence gathering again. That actually works.

Aussie telco Telstra says soz after accidentally diverting traffic meant for encrypted email biz through its servers


Re: It's an encrypted email service

Having run my own email servers, with opportunistic encryption enabled for both sending and receiving, you appear to have more faith in the state of the global email system than I.

Apple to Epic: Sue me? No, sue you, pal!


Re: Anti-Trust

The available evidence would suggest that Epic can claim that iOS is a specific market. The fact that they appear to be doing just that would support the idea that they can make that claim. The claim has yet to be fully tested in court. The claim may fail, or it may succeed. I don't know, I'm not a legal expert.

And your analogy is pretty close, but it's more like the owner of a large chain of popular malls putting up those restrictions and McDonalds crying foul, than one single mall. But otherwise it holds rather well. And until a Court decides the issue either side may prevail.

It is worth noting that although Epic is making the headlines they are not the only entity upset with Apple's practices regarding the iOS app store. If the decision goes against Apple they stand to lose a lot of control. If the decision goes against Epic they stand to lose access to iOS users. Apple have more to lose in this case, but neither side can be complacent.

I can still see this issue going either way, neither side's argument is particularly concrete to my mind.


Re: Anti-Trust

It's an argument, and one that Apple themselves have made, that the market is "smartphones". However epic don't make smartphones, they make apps. So the market is "apps for $thing". Now Apple will certainly argue that $thing is "smartphones" and therefore the market is "apps for smartphones". But this argument, as strong as it may be, ignores a couple of important points.

First: The apps for Android and iOS are mutually incompatible. There are frameworks and languages that allow you to write once and compile for either, but that compilation step results in different apps for each OS. This may constrain the market, it may not, I don't know.

Second: Few users move between iOS and Android, sure some do, but as both are closed ecosystems users invest in one or the other and switching becomes a significant investment, in time effort, and money. Again this may constrain the market or it may not.

Now if I were fighting an antitrust case against a highly litigious company with very deep pockets I'd want to get some very good legal advice first. As these points haven't yet, to my knowledge, been tested in US courts I reckon it could go either way. But epic are presumably confident enough in their case to not only sue Apple, but to goad Apple into triggering that case by flagrantly breaching their contract. I suspect Apple will want to settle before the market is clearly defined by the courts.

We've come to wish you an unhappy birthday: Microsoft to yank services from Internet Explorer, kill off Legacy Edge by 2021


Re: good riddance

IE6 was the default in XP when it was released. IE in XP suffers from the fact that XP does not support TLSv1.1 or higher (other browsers do not use the same SSL engine) and as TLSv1 and lower have been deprecated for some time it's no surprise that IE in XP could not connect to a reasonably secure website. It doesn't matter which version of IE you upgraded to in XP it would have suffered the same problem.

University of Cambridge to decommission its homegrown email service Hermes in favour of Microsoft Exchange Online


Re: Modern

Yes the Uni will have to spend thousands of pounds on the in house system. Wages for technical and support staff, electricity costs, hardware replacement cycles. It soon adds up. According to the article to approximately £10 per user per year. Somewhat less than the £35 per user per year also stated in the article as the cost for the Microsoft 365 subscription the university is apparently stumping up for. Interestingly some of the £10 per user per year will not be saved, as at least some technical staff will need to be retained by the university.

Hopefully the decision isn't as simple as spend £35 per user per year to not quite save £10 per user per year. Because if it is that's a really fucking stupid decision.

Your industry needs you: Database engineers, sysadmins and developer vacancies revealed


"We offer a competitive package/annual contract based on your experience"

If it's so competitive why not tell us the approximate salary bands?

Salary on offer informs a lot about the expectations. Is it a job that might stretch me? Or is it a job I can relax into?

It's crap like this that allows uneven salary's to persist. Tell us what you're offering, and we can decide if it's worth our time to apply.

Remember when we warned in February Apple will crack down on long-life HTTPS certs? It's happening: Chrome, Firefox ready to join in, too


Re: Shake down time

Well Actually.....

So a Cert Issued five years ago with a secure algorithm is theoretically less secure than a cert issued yesterday, not because the certificate itself is more vulnerable, but because the private key has had more time to leak, or be compromised. If you never rotate the private key, then absolutely, renewing the certificate isn't actually more secure, and your statement holds. And I know that it is easy to renew a certificate with the same private key using some of the comercial certificate providers (I've done it more than once in the past).

Of course generating new keys is also fraught with caveats and gotchas, so in theory generating a new private key every time you get a new certificate is more secure, in practise there are circumstances where that may not be true.

Or in other words, it's complicated.

In general automating certificate renewal in a process that generates a new key each time is more secure, and less error prone, than having manually generated csr's and certificate rotations.

Finally, a wafer-thin server... Only a tiny little thin one. Oh all right. Just the one...


Not a UPS, but quite a loud BANG

Working a Data Centre some years ago as a remote hands and eyes jobby, one of the clients were redesigning their network, and one of their big Cisco switches had a power supply trip, and in doing so it also tripped the circuit breaker. The switch was dual fed, so the other power supply kept things running.

The facilities team were called about the 32 amp single phase circuit being tripped, and asked to turn it back on. Oddly they rather insisted that something bad must have happened and they wanted the tripped power supply to be replaced before turning the breaker back on. The Client's Cisco certified engineer (CCIE I believe, but may have been CCNP) insisted that this Cisco equipment was top of the line, and could not be the cause of the issue. Their was some management back and forth about who was responsible, and how it should be fixed. After many hours of arguments above my pay grade the facilities team tested that the circuit was wired up correctly, and turned the breaker back on. Then we all, facilities, management, and us went to the data hall to watch the client's engineer turn the power supply back on. 32 amps at 240 volts makes a very loud bang at dead short.

The replacement power supply arrived within a day or two, and the, now very nervous, engineer watched as we replaced the power supply for him, and under the watchful eye of us, management, and facilities, he very gingerly turned the power supply on again. There was less drama this time, although the client did enjoy the bill for wasting facilities time, and for the increased risk they put the site's power distribution under by not following the previously agreed process for dealing with tripped circuits under their contract, but the precise details of that were also above my pay grade.

After huffing and puffing for years, US senators unveil law to blow the encryption house down with police backdoors


Re: OpenPGP

That's why the PGP source was published as a book.

Software was covered under ITAR, but the printed word was protected speech under the first amendment.

I'm not confident such loopholes still exist, but most of the best cryptography is developed internationally these days, and a significant proportion of it is developed entirely outside the USA, so ITAR wouldn't apply.

So you really didn't touch the settings at all, huh? Well, this print-out from my secret backup says otherwise


Re: Ah, customers.

The best response I have found to an unreasonable "just do what I say" type order from an unknowing boss, or higher up, is "Can I have that in writing please?" either they suddenly start listening to why that order is a bad idea, or you have a paper trail to point to when it does go wrong.

Never underestimate the power of properly applied bureaucracy.

Node.js creator delivers Deno 1.0, a new runtime that fixes 'design mistakes in Node'


Re: Wonder how long it will take…

The software written now, regardless of language used, is not old and tested. All programming languages have their merits, and their flaws.

A skilled artisan with a chisel can make a great chair, where an idiot with a power saw can make one that's crap. That doesn't mean the power saw is crap, or that the chisel is great.


Re: Wonder how long it will take…

Firstly, C does have a steeper learning curve than JavaScript, it's a lower level language and so you need a better understanding of how a computer functions in order to make use of it. Also I was replying to a point about how that steeper learning curve specifically reduced the dross written in C.

The only reason there is more written in C is entirely down to the age of the language. It's been around longer than I have.

I'm not saying either C or JavaScript are or are not crap. I'm saying that the comparison based on the steepness of the learning curve is an unhelpful one, and has no real merit.

There are lots of people who would argue the merits of JavaScript, personally I'd suggest that crap or not it's here to stay, and getting grumpy with that fact isn't going to change anything. I don't particularly like JavaScript, but that doesn't mean it can not be used by skilled people to make useful software.


Re: Wonder how long it will take…

You still get crap written in C. The idea that a steep learning curve automatically filters out idiots is not supported by the evidence.

Yes it is easier to learn JavaScript, and so lots of idiots learnt it, and then wrote terrible JavaScript. But When people gave up on C because it was too hard to learn not all of them were idiots, and not everyone who persevered were not idiots. So fewer idiots learnt C, but so did fewer people who are competent. There's less crap written in C because there's less written in C, relative to it's age anyway. C has the advantage of age, but crap doesn't age well. Old C that's still around makes C look better not because it is, but because time has filtered out the crap.

It's like furniture, you see 100+ year old chairs and say "They don't make chairs like that any more, modern chairs are crap" and mostly modern chairs are crap, but mostly 100+ years ago chairs were crap too, but the crap didn't survive 100+ years to be held up as an example.

Proof-of-concept open-source app can cut'n'paste from reality straight into Photoshop using a neural network


Re: OK, I'll bite.

It's open source, and the code is linked to in the article. You know you could always raise a pull request to allow it to support your image editor of choice if it doesn't already.

IBM age discrimination lawsuit suddenly ends, suggests Big Blue was willing to pay to avoid discovery process


Re: Not "risky"

It would appear IBM's lawyer's agree with you.

AI startup accuses Facebook of stealing code designed to speed up machine learning models on ordinary CPUs


Re: "nifty software tricks to achieve similar speeds on CPUs"

I've worked on Rack mount servers with up to 8 CPUs. Larger Kit has always been capable of having many CPUs, and IBM's mainframe systems have used proprietary interconnects to solve the scaling issues inherent in many CPU systems for as long as I have worked in IT.

Google's second stab at preserving both privacy and ad revenue draws fire


Why not target the ADs based upon the site they're appearing on?

I don't get the "people prefer targeted ads" schtick, what with the targeting being so rubbish (as already mentioned). But why do we need to target the user directly? We know they are interested in the topics of the page they are viewing (or at least they should be) so why can't the Ad be based on that? It worked in print and broadcast advertising for decades.

Linux in 2020: 27.8 million lines of code in the kernel, 1.3 million in systemd


Re: "Everybody who has ever worked at that level in the operating system ..."

Preaching to choir there.

I'm no fan of systemd, and am well aware of it's many, many, flaws. Not least of all the most important aspect of server startup isn't speed, which systemd isnt actually all that good at, despite being one of it's early selling points, it's stable, repeatable, consistent, debugable, startup. Which systemd does not do.

But denying it's advantages is also not helpful.


"Everybody who has ever worked at that level in the operating system ..."

Yes, but for everybody that has to actually use Linux in the real world systemd is often worse than what came before it.

As an experienced Linux SysAdmin I've had to come to terms with the fact that systemd is here to stay, and have had to learn to use it, and it does have some very good attributes. But, it also has it's flaws, and often those flaws are ignored by it's proponents, homed being a prime example. It solves a problem with security, and portability, of home directories. But it also breaks ssh keys, and rather than acknowledge and accept this state, and offer any concessions or work arounds the answer is "well don't use it then" ignoring the fact that systemd is being deliberately developed in a way that makes it difficult to not use. New features are added, and tied closely to systemd, then downstream products are encouraged to use these features making it difficult to use alternatives.

I want to be happy using systemd, I like the ease of creating new services over having to write init scripts (which can sometimes be tricky), and holding onto the past is often counter productive. But I run Linux Servers, and systemd isn't appreciably faster than sysvinit for booting, and parallel service startup creates problems that never existed in the slower sequential start up of sysvinit.

This would be easier to take if there was any indication that the developers or proponents of systemd gave a shit about these issues, but hey, if it solves problems it has to be good right?

Dell slathers on factor XPS 13 to reveal new shiny with... ooh... a 0.1 inch bigger screen


Re: @pmb00cs - That price..?

The OP got upset about price, complaining about the fact that a laptop with Linux pre installed cost more than a laptop with Windows pre installed, despite the "MS idiot tax".

So yes I am aware that FOSS isn't about paying for software. I'm also aware, as was the point of my reply, that not all costs are monetary.


Re: That price..?

Possibly because the "MS idiot tax" includes significant development of tools that make supporting it (from a device manufacturer point of view at least) easier, where as Linux has a less polished volume licensing and support solution. Meaning Dell must expend engineering effort to be able to fully support Linux on it's products.

Free Software does not mean that it has no costs associated with it, just that the software itself is Free (and there are some debates as to if "Free" should be "free as in beer" or "free as in speech" but that is a whole other can of worms)

As someone who works with Linux, I'm not so blinkered by ideology to be unable to accept that sometimes you have to pay for "Free Software" somehow.

Doogee Wowser: The S40's a terrible smartphone, but a passable projectile


Re: There was a time....

I don't think anyone ever dared ask why the kitchen. We all just assumed because that's where the hob was to heat everything up to the required temperature.


Re: There was a time....

Yes. I know. That was explained in the same speech. From the front of the classroom. Along with the explanation as to why TNT and not TNB is used as an explosive, what with TNB being basically impossible to make. DNB also goes boom, but is less powerful and less clean as an explosive than TNT. The methyl group on the toluene lowers the energy needed to add the third nitrate group to the benzene ring to the point that you can do so without it going boom first.

She was also quite a good chemistry teacher.


Re: There was a time....

Scariest teacher I ever had was a quiet, kind, unassuming A-Level Chemistry teacher. She never threw anything at any of us. She did however explain, in painful detail, as if from personal experience, why it is much easier to make nitroglycerine than TNT, and not just because Toluene is toxic, and hard to come by, and that the former can easily be made in most kitchens if you know what you are doing.

Astroboffins peeved as SpaceX's Starlink sats block meteor spotting – and could make us miss a killer asteroid


Re: How many such exposures are going to be messed up like that?

They don't use photographic plates, they use cmos (and other related) electronic sensors. But that doesn't change the physics of how focusing optics function. Over exposure will bleed out into neighbouring pixels. Preventing that takes more than clever post processing. There's a reason DSLR camera's still have physical shutters. Too much light for the exposure still ruins the exposure. Especially on exposures measured in minutes.

UK political parties fall over themselves to win tech contractor vote by pledging to review IR35


Re: More nonsense

"Roll all NI into income tax and charge it on everything."

That's another strike against IR35 in my mind. Contractors have to pay Employer's NI contributions, employees don't. After a finding of being inside IR35 not only does the contractors tax bill go up (a lot) their NI bill doesn't go down (unless they can find some of the ways to reduce Employer's NI contributions, it's a complicated area, and one of the reasons I'm not a contractor, but essentially they'd need to limit their income)


Re: More nonsense

Not all employers like hiring staff proper, and will insist that potential recruits are "contractors". IR35 is sold as stripping these "contractors" of several tax dodges they could take to reduce their tax burden. As it stands for doing this it is probably quite effective. However for those (often underpaid) "contractors" it is very hard to get the employer to treat them fairly, and give them the benefits they rightly deserve, and HMRC don't give a toss about that, so IR35 isn't written to enforce that the person paying taxes is automatically, under employment law, an employee proper. As such the people it rightly targets cannot afford the consequences of the law.

On top of this, as written, IR35 impacts on contractors who knowingly, and by choice, are in positions where they don't get employee benefits, and for various reasons are happy to take that risk. As such these people often get paid a higher fee. That higher fee then under IR35 attracts higher tax rates. It is worth noting that a large number of cases that fall into this bracket have been found, in court, to not actually constitute hidden employment, and so IR35 shouldn't apply. But fighting this is expensive, particularly given cuts to legal aid.

The solution to my mind would be to change IR35 so that the tax burden is there, but the employer owes the hidden employee all the benefits they have previously denied them, and that hidden employee is automatically granted employee status. But the issue is more complex than a simple solution like this can fully cover, so there needs to be significant work put into dealing with it, and I'm sure there are edge cases that would need handling with more nuance.



Biting the hand that feeds IT © 1998–2021