Posts by pig

Re: "I would like to feel safe in my home."

And you are so confident in your opinion you posted it anonymously.

Re: 0.64 pence a month rip off…. Ohhh the scandal

"If Which’s understanding of what Apple’s cloud service is this shallow, I look forward to them being laughed out of court."

You may be overestimating the understanding that our judges have.........

Re: Good start Natwest

Especially as MPs only started to use it as they thought it was not auditable.....

(Though, maybe fire them as MPs as opposed to full on charge of Treason )

Re: Oracle, seems I've heard that name before

I can tell you 100% that if they had oracle consultants in it would have been a lot better.

Oracle consultants won't say 'Hey, we have these features developed, tested and stable. Why don't you ignore them and try to write your own, using Council devs on £40k a year?'

Re: Did the system do this on its own?

Having seen first hand a different council's ERP cock up...I would bet real money that the default allocations in Oracle would work, but the implementation team wrote their own instead, and that went wrong.

It is all in the timing.

Last year they may have released anyway, but with Intel facing calls to recall it's 'faulty' hardware it makes sense for them to take the higher ground this time.

Re: Dave Plummer has a different take on this

"bypassing staging" I might fire myself if I did this, or ordered it, in my job.

To do it for this software, at this scale..... someone ether had big balls, or a criminal lack of understanding of the risk.

The saddest thing is the hack was far worse than explained here.

They sat in Hackney for months, widening their access, before they started to encrypt.

Everyone I spoke to at the time who was involved were very clear, that it is was worse than they will ever publicly let on.

They should have the book thrown at them. But of course, public sector fining the public sector is very.... urgh.

The ERP recently developed for Northampton, Milton Keynes and Cambridge cost £9.7m* to build.

And that is 3 councils (Well, now 4 after Northampton was split up).

A standardised 1, or even 3, would work better.

Give councils the choice of Oracle, SAP, or Agresso - just don't let them build and maintain their own.

*Officially the £9.7m was 'under budget' and it was.

I mean, it was once they tripled the budget to be £9.8m, so they could then declare it 'under budget'

Re: a bank or another official authority will ask you to share personal information

Ah yes, landlines.

They would play the 'dial tone' back at you so you thought you had hung up and were initialising a new call.

I remember thinking that was clever.

As is this new scam.

It is a shame scammers can be talented too.

Re: 3rd attack in a year on Synlab

Everything is feasible at a cost.

You can have any two of price, quality and time.

What, you want it now, and want it to be good?

Hope you have deep pockets.

I worked at a place where the head of IT Security would do this.

He even took 5 laptops from a meeting room, when the people meeting in the room went on a walk around the office.

While he had a point, to a degree, he was ultimately a twat.

When he left his laptop unlocked, and I send around the usual 'I'll be buying doughnuts tomorrow' email, he threatened me with all sorts of disciplinary action.

His duality did not go unnoticed, and his contract was not renewed.

Re: Monopoly

Probably the same as me.

Although after working on one gov IT project, I never NEVER! will again.

Re: Plus ça change

"The only Annabelle I knew at the time was about six, cute, and perpetually clumsy. Hardly a criminal mastermind."

And that is exactly what she wants you to think.

Re: "the new ERP software – which replaced an SAP system"

Because Unit 4 ERP / Agresso / U4BW - however you call it - is cheaper on paper.

And then you start the implementation, and here you should expect 2-3x your estimated costs.

But they don't.

So once they get passed 2x cost the pressure to 'just go live with something' becomes too much for them.

Also, they tend to have bad staff, being a public sector big project that is locally managed.

I was hired to a public sector implementation of Unit 4 (not this one) but you will know which one (if you worked on it) when I say the sentence:

"The Programme Manager hired ALL of her friends as Project Managers, despite none of them having experience or qualifications".

It went as well as you would expect.

And no, I did not stay long!

Re: Throw me in that briar patch!

Same here, autistic - diagnosed mid forties.

I actually aspired to run a department once, and being great at what I did I soon was given the job.

A big pay rise, and more important for me at the time, 37 people under me and a £1million pound annual budget.

It soon became apparent to me that my skill set was not people!

After a couple of months I switched my 'internal targets' to training up the best of my deputies and having her succeed me when I resigned.

She did great. Honestly, they should have given her the job in the first place to be honest.

Thing is, since that day I have done much better.

I now earn more, work from home, and given my setup cuts out the things I deal with less well (People, Commuting) I thrive.

That is a bloody good point.

Re: decriminalisation

It was class B, then Class C, then Class B again.

But in 2018 they made it so you can get it legally prescribed.

I have a prescription for 20-25% THC medicine.

It is amazing.

It is also odd that most coppers don't seem to have been told it can be legally prescribed now.

I had to reread this before my mouse moved over from downvote to upvote.

(And I assume those 3 downvotes just didn't read it twice).

A very true point.

It is strange, As I have got older in IT and implemented 'if you do X, I don't work for you' rules my work life has got far smoother, and the companies I work for are better.

Re: Real life example

There is a great deal of difference between what auditors should know and do and what they do know and do.

Now now, let's not get silly.

Re: Measuring standards pedant alert!

So you would be allowed a square one? 100x100yards?

That would be interesting.

Re: The bad news

"What's unclear? Many, maybe most, of the vulnerable devices won't be fixed -- ever."

Yeah, but it is also clear most handsets wont also be pwned, and most users wont care or know either way.

I know us lot like to think that everyone should be super security savvy and fully alert about their data, but most people just don't care - unless it has an explicit and noticeable effect upon them.

Certainly, I don't think your solution is the right one. Shutting yourself off from the world is not the answer, and neither is overplaying the threat.

Are the risks of someone getting some/all of your data proportional to your actions?

I don't think so personally. But hey, each to their own.

The Pro wouldn't crash the van in the first place.

Re: Huawei

They specialise in the cloud though.

Securing clouds is HARD and there are groups that take advantage of that. Some of those groups are state backed, some are - essentially - private enterprise.

In the early days of 'the cloud' I remember seeing a great example of lateral thinking for a 'hack'

The provider was pretty good with the security on the live servers.

If you hired a box in the same data centre as your target though, and then purchased backup services you could, given the right skills, follow that route to a backup box shared with your target...

The security on that box was not as good as live.

Re: Why is Christmas so far away?

LEGO sets will usually have a few extra bits, almost always the smallest parts.

It is due to the way they pack the sets and that they decide a while ago it was better (and cheaper) to have extra bits in then have people upset they are missing a bit. (As happened during the dark days of LEGO when the company was struggling)

Over time they add up to a lot of pieces.

I know I have a bag full of 'extra bits' that is scarily large!

"Just for good measure, HPE also claims that as time went on, Lynch became “less and less focused and grounded in reality,"

Sounds like he was nearly perfect material for a HP Chief Exec, except he must have remained a bit too grounded in reality for their liking.

Is it just me though or does most of the evidence HP have brought work against them?

This is a most odd case.

Re: a refund to be paid into a prepaid debit card

I'm sure there are people without bank accounts, but doubt they would be filing a tax return at all, let alone online.

Allowing the refunds to be paid on to pre-paid debit cards is bonkers.

Part of my brain screams 'inside help' but then the other, larger, part just says 'stupidity'.

Re: Auditors?

This.

What I heard at the time was this:

Autonomy: We are for sale for $6billion

HP: We'll give you $11billion

Autonomy: Errrrrrr. OK! :D

If you put your car up for sale for £600 and someone tries to buy it, but for £1100 and forces the cash in to your hand, are you really liable for overcharging them?

Autonomy didn't think they were worth that.

HP finance people didn't think they were.

But Leo and his adviser decided $11bill was a snip as they could make it worth $17bill!

In reality they made it worth about $3.5 bill.

Autonomy should point out prior behaviour to the court too.

They are far, far, far, from the only company HP have bought and messed up.

Re: waste

I once supported a 4 person departmental HR team that had 3 colour laser printers.

When colour laser printers cost around £20k.

They did like to keep their budget.

Re: "Young students, for example, cannot be expected to remember and enter a password. "

My 3 year old Nephew knows the passcodes of all the iPads in his house.

Why my sister has pass codes when all her kids know them I don't know. If I am there and I want to use one I just ask my nephew for the code.

The problem with school IT is usually more with the teachers than the students, especially in infant and primary school.

My wife is an early years teacher. She has a passion for it. She does not have a passion for IT security, and neither has she been taught how to deal with it. And neither have her bosses.

As such they bumble along finding practical ways to get things done. If, and it always does, this involves unencrypted pen drives rather then secure storage they will use it.

Can we really blame them when they haven't been taught why this might be wrong?

Re: Massive-

True Story.

The only way Chequered Flag ever loaded for me was if I stopped the tape half way through the loading, rewound it a bit, then hit play again.

I don't know how I discovered this, but I do find it amusing to this day that I didn't find it odd at all.

That's just how it was having a Speccy. You learned to be creative to get things working.

(Like my level skip cheat for Operation Wolf. It involved rubbing my socked feet across the keyboard until it gave the message it was skipping to the next level).

That's what I was wondering.

The Interpol boss didn't make sense until I saw this.

Tit for tat.

It's like the 80s again.

Re: Really?

Errrrr.... Think about it folks.

I'm pretty sure scanning the QR code isn't the *only* way to get the performance info.

You could bring it up in a browser instead of making such an onerous trip.

Re: More than NICE to have

"But I couldn't find guidance for infosec (looking under several relevant terms) on the NICE website. If it's there, it's not obvious. Does it need a disaster first?"

Yes.

The NHS is, sadly, anything but proactive.

It requires a Wannacry that doesn't suddenly stop, but instead spreads more and destroys/costs more.

Sense wont get change, only public outcry after a disaster.

it's bloody sad it like that, but that's how it is.