Posts by Dave

a balanced response by Intel

This seems sensible and pragmatic, just wish I was as clever as KK and could earn squillions by promising not to reveal flaws / exploits that I had discovered ;-)

PH is flawed and has revealed, did she earn squillions?

oh dear! Gerhardt mentioned the Belgians

and the comment got published

I thought it was Vulture Central policy never to mention the Belgians

...

ever

@AJS

indeedy, these conventions apply

point being: a tiny public address presence

real point being: irrelevant & ignorant hype by spokesperson in the actual debate about corporation X getting all litigious about competitor Y 'screen scraping' (alliterative euphemism for 'thieving?)

@ The Other Steve

There are a number of 'white hats' or 'ethical hackers' already in existence. DV clearance is not a pre-requisite. The clearance a person needs is driven by the sensitivity of the data that they are required to work with. DV is only necessary to access TOP SECRET. A v v small proportion of all Gumment data is TS.

The extant 'white hats' or 'ethical hackers' are called Health Check penetration testers.

It is ALREADY HMG POLICY TODAY that ALL Infomation Systems for 'official purposes' are subjected to a Health Check penetration test.

This guff from O'Donnel is just ignorant polictician twaddle as noted by so many previous commenters on this story

As I have previously opined, the problem is four-fold and the technical aspect of the "four pillars of stupidty" is actually the easiest to solve. HC pen testing does not and cannot change the culture in HMG departments. Hence the "where's the IT?" logo.

full disclosure is axiomatically not the politician's way

No politician will EVER get their head around telling it strictly like it is.

N.B. this is only a UK problem since Oyster is a copy of the MIFARE first touted for Rotterdam.

Philips subsidiary that developed the technology took a gamble (a trade of cost versus correctness) they KNEW the flaw would be present in the product as released. Full disclosure is the sort of public slap-down these kind of people deserve.

Paris revels in full and frank disclosure (can't believe I am the 1st with that gag in this thread)

eggs and baskets

Good Friday fun! From biiter personal experience, it was really scary having to prowl the aisles of my local Somerfield in person ;-)

Where Joe wrote: "some observers scratching their heads about what exactly had gone wrong", I though surely Sainsbury's know all about eggs and wouldn't put all of theirs in one basket. I certainly, from a business continuity perspective, would counsel separate data centres for 'warehousing' and 'customer records'.

what does "standard" mean?

It seems to me that "standards" are for the most part codifications of accepted "best practice". Back in the day, Whitworth & British Association screw threads were "standards" - in the British Empire! Now nuts & bolts made to those specifications would be pieces in a (tedious) museum.

Standards do NOT say "you MUST adopt", standards DO say "you can achieve interoperability if you adhere"

The choice of with whom you desire interoperability seems to be yours to make, or at least debate with people over. Clearly, that two standards compete on a given topic of technology is merely a recognition of (open!) competition.

I have examined my options on document formats and I ask people with whom I wish to be interoperable to do so without locking ourselves into a closed and opaque implementation.

seems a bit of a waste of 3M3 bucks

to design a thing that can remember how to fold itself back into shape; I wanna see magneto-rheo-memeo-squashatrons for that sort of money.

Oh! pink ones, please!

"If you think that this is the worst HMG can do" - reply

You seem to have misread my rant about the 4 pillars of ignorance. My imagination runs riot when I try to think if the worst HMG can do; especially as they work to blur the crucial distinction between security and liberty.

I am not discounting possibilities that this 'theft' and the recent abandonment of paperwork are drip feed to sensitize the proles into believing that restrictions on our liberty are the only countermeasure in this Information Age. Back to the abandoned paperwork: marked TOP SECRET yet Mark Urban at the Beeb read them and said "not much to see here"

A) Mark Urban has been 'got at' & was told to say that - OR

B) Yet another aspect of procedural failing in HMG, 'everything in this department is TS'. Applying inappropriate markings is as bad as applying no markings.

I am an optimist & I will prefer B)

Meanwhile, back to work designing thin client security architectures for HMG that look after the data by design on the server no matter how good the user was in stupidity class (loving the Citrix over 3G idea)

Has LP missed this? Nah! not LP!

I am sure LP is aware of EuroMALE and that it is probably way more cheap than Watchkeeper. It will be for PRECISELY this reason that the beloved MoD will continue to buy Watchkeeper. They truly believe that as long as they throw more of our money at projects "they thought of" the country gets a "better" solution.

The DPA 98 works like this.

You are not aware of just how many different bits of gumment have information about you

This is good (in gumment eyes)

Should you get uppity and ask a bit of gumment to show you what they think they know about you, the revelation is not free

A civil servant who is angling for early retirement in any case is given a piece of paper with the information about you on it and given strict instructions about which train upon which to abandon the paper

The "breach" is timed to occur on a really bad news day for the gumment as oil goes to 160 bucks a barrel

The civil servant gets his early retirement and a golden goodbye that helps to buy that cottage near Llandudno

You are not aware of just how many different bits of gumment have information about you

The status quo has been maintained; this is good

anyway, back to the KC-135Q

the Q shows that some of these Merkin airborne filling stations had to be modified to refuel the Blackbird; the fuel was so waxy it needed preheating in order to get it down the spout to the receiving spy plane.

Only saw a Blackbird live once - for about 10 seconds - landed at St Mawgan (Newquay airport as the grockles now call it) and taxied into a hangar sharpish - breathtakingly wonderfully gorgeous

open gumment in action ;-)

as opposed to open gumment inaction

Clearly, HMG have taken underwear exposure lessons from dear Paris

Stu stu stupid rant...

... ooh dear!

think b4 u leap, there, Stu:

"take a normal unencrypted NTFS volume with some files on it and set some heavy user access permissions to prevent users seeing them. Take it out of the PC and install it into another one, then..."

kinda depends on just exactly HOW those heavy, heavy user permissions are deployed in your forest, don't it?

try that stunt at my place, Stu - then gasp in awe as precisely the same permissions are applied ;-)

how low can you go?

When the man from DARPA dazzled by the glint in the eye of the boffins prattles on about exploiting low Reynolds number motion, how low is he thinking? Paris Hilton swimming (purity of water not stated) exhibits Re of approx 4 x 10^6, whereas a spermatozoon (location of swimming not specified) notches up approx 1x10^-2

drying out?

Nevada is drying out? I thought it was Arizona that's drying out.

Funny about the "how the ONLY articles I've found about this company link back ..." as previously noted

technology versus administrative cleanliness

Seems to me that technology of allowing IPv6 to grow organically provides the path of lesser resistance.

Although the notion of asking all the 'big' IP users (in both senses!) to hand back all their numbers and NAT at the boundary (as they surely do already) has some sort of emotional appeal (just the idea that ALL_OF_IBM having only, say, 32 IP numbers by which it is publicly known would be neat), the concommitant administrative repercussions would be endless. So, clearly, this is the solution the (b)ureaucrats should be pursuing! Jobs for life!! They are biting off their noses to spite their faces in making plans to impose v6

trite analysis - poor work

I usually praise, but Lewis P has let himself down on this one; his anti-escort bias is clear.

I do not agree with the contention that the correct aircraft is all that is needed for the new carriers to provide organic self-defence. The purpose of an a/c is to take the aeroplanes somewhere else in order to do something else, not to carry aeroplanes around to defend itself! As far as I am aware, the Joint Combat Aircraft (UK name for JSF, we cannot - by doctrine! - call it the same name, the aeroplanes that these new floating airfields will bear around the place) has no look-down-shoot-down capability against a supersonic sea-skimming missile; whereas the highly-capable PAAMS on T45 (including somewhat North of two thirds by contract value UK content - btw) of course can despatch such a menace as SSSM.

OBTW: wtf is FCS?

LP confusing his US and UK (again)?

FCS is the US 'network-centric warfare' Future Combat System. I think our Defence correspondent might have been trying to refer to FRES, which is the UK Future Rapid Effects System (which will exhibit network enabled capability, but not NCW).

Now THERE is the REAL money-wasting pork-barrel defence procurement story, Lewis!!

Go look at competitions, with no rules, between 3 different off-the-shlef vehicles with no published result - all overseen by a 'procurement consultancy' with 0 track record in defence - there's THE story, Lewis!!!

I, for one, welcome...

the introduction of "univalent nanoscale wedding accoutrements" into our lifestyles (laughed so hard and loud I upset some colleagues still actually doing work at this time of the week)

not much of an article to get excited about - but 1 CLASSIC phrase!

"scantily-clad practitioners in the field of negotiable companionship" resulted in spattered spam sandwich in this office, going to take ages to clean this keyboard now...

PH 'cos I wonder about her negotiating skills

regulator name??

The regulator now calls itself 'PhonepayPlus'!??!?!?!?!?!?

WTF in the name of all that is halfways sensible is that all about????

TWFKAI* would have made more sense than this

The state of the country become more than somewhat dismal when a regulator (intent: to hold to account the activities of profiteering corporations on behalf of the people) truly believes that changing its name to a misleading collection of letters is more important than fulfilling its function

* The Watchdog Formerly Known As ICSTIS

I'm emigrating to somewhere with minimal gumment - any suggestions?

on 'googol'

are there yet one googol (or more) web sites?

has the most-used web searcher collected that quantity?

As to other brand names entering common parlance, I think but am not sure, that use with the initial letter in lower case is permitted and not an offence, use of the capital initial is inferred as intent to mean the original enterprise

When I altavista for GOOGLE all the results I get seem to be about Google

So any website that uses an url of the form <whatever>google should not be asked to cease and desist, but <whatever>Google could be so asked...

I, for one,

welcome our new crazed political intelligentsia overlords

ratiometric measure

Units are not really required when the report uses a ratio to express the relationship.

deciBels are ratiomeric and work both up and down, the article could have geekily stated:

"roughly 12dB quieter than conventional" or even:

"-12dB quieter than ~"

but given that the indicated reduction is only an estimate, a resort to deciBels seems ludicrous.

death knell for ISO

this is just utterly abysmal and horrific

the only legitimate word in the expansion of OOXML is 'office'

it is bif12 (binary interchange format, 12th attempt to get it right)

it is proprietary

it is closed

it is NOT XML

adoption of a proprieatry, closed, not XML data format as an 'open', 'XML' *standard* is just SO WRONG wrong wrong

If you agree, please, please register your complaint with BSI by email at cservices@bsi-global.com - TODAY!!!

pedantry reprise

<pedantry> I thought a Googlewhack needed to consist of two words; originally predicted on the idea that "surely there is no document that anyone could have produced that includes both 'boson' and 'hilton' or if it did, it would surely be unique" </pedantry>

Winner "Phrase Of the Week" is:

"vibration-harvesting ornithopter gargoyle bat-bot"

U Mich only doing the electronics, though

No bats

Nothing to see here

Move along, please

it's a culture thing (like growing bacteria is a culture thing)

"serious cultural issues in failing to deal with private data properly"

From the bureaucrat POV it is "official" data - because they have it in their control, ergo the DPA does not apply to them.

The DPA "only" applies to us - the plebs - who, for some ridiculous reason beyond the wit of the bureaucrats to comprehend, actually think we have a "right" to peek at "official" information - how very dare we!

PH avatar cos we don't need to apply to anybody to sneak a peak at her private things.

@ TrishaD

eh??

I am not sure that you can equate <involved the introduction of a new process of "checking out" temporary IDs and passwords> with <part of the hack was conducted by hijacking an unsecured 'Temp' account>

There will be many 'realname' accounts on the 0wnd system. So there need to be many 'pseudo name' accounts (as secured as was, or better) on the recovered system. Essentially, the user community has been provided with new (albeit short-lived) credentials.

<isnt that what a decent proxy firewall is designed to prevent? >

erm, yes and no

a decent, well-configured and managed proxy fw is indicated

?IT stamp as I am not sure there is any IT competence displayed by the Merkins on this one

Von Neumann??

Pah! HARVARD partitioned data side from program side.

"Harvard architecture is a computer architecture with physically separate storage and signal pathways for instructions and data. The term originated from the Harvard Mark I relay-based computer, which stored instructions on punched tape (24 bits wide) and data in electro-mechanical counters (23 digits wide). These early machines had limited data storage, entirely contained within the data processing unit, and provided no access to the instruction storage as data, making loading and modifying programs an entirely offline process."

"The von Neumann architecture is a computer design model that uses a processing unit and a single separate storage structure to hold both instructions and data."

Harvard architecture processors are available, e.g. SHARC - they are somewhat optimised for hard-real-time numerical calculations (e.g. SONAR and RADAR signal processing) rather than general purpose computing. There is no port of Vista to a Harvard processor in the offing AFAIK.

1) Bunsford 2) cell size 10 or fewer

1) that oil storage depot did go off rather large and only a teeny proportion of the of the oil stored there had made an optimum stoichiometric mix

2) my informal studies of group dynamics over the years (not those in terror nutter groupings) lead me to think that two opinions start to form in any group larger than 5 or 6; likelyhood that one-of-ten is an informer seems quite good to me

"only money they're really paying is for utilities, cleaning costs, etc"

so...

they should have easily been able to stump up a couple of bucks for a woman of pragmatic virtues

IT? becoz, really - this article is pure prurience

boo hiss! spelling in questionnaire

very last question: defense

icky

a grudging 'well done' to the Yanquees

would love to know if the hittile smacked dead centre on the Union Flag!

mine's the Abercrombie cashmere, thanks

well done, me noble lords!

clear evidence that retaining a bicameral legislature is an absolute necessity