Posts by Doctor Syntax

"Be honest, do you know how to type?"

I bought my typewriter over half a century ago. I think I've got the hang of it by now although the onset of arthritis in my fingers isn't helping.

"People who know how to type don't need to see what they are typing, helps proof check, but it's not required."

The whole point if this is that when you're entering a password you can't see what you're typing

It matters not whether you can type or not. The only feedback you might get is that you entered a character by having an asterisk or a blob appear. If you're logging in at a standard Unix command line you don't get anything back at all (and if, as in a previous comment, a key isn't working, you're SOL).

Because you can't rely on visual feedback to tell if you're entering upper or lower case the only sure way to be sure is to hold down the shift key or not. The only way.

As someone has pointed out, if someone enters a different password than they thought they were entering when encrypting a disk in the first place there's no way back. It's not like getting an ordinary password wrong when setting it up; you can't go to the help desk for a password reset. Your options are limited to reformatting the disk.

"Isn't that what the Caps Lock LED is for?"

The moral of the original story was watch the screen, not the keyboard.

Re: Password?

"The number of times someone is looking over my shoulder is tiny. The number of times I make a typing mistake is comparably huge. Please write for the common scenario, rather than assuming the worst case."

So do you just open any enclosure in a spam email rather than assuming the worst case?

"So by disabling the capslock you can guarantee that the user can't tell if caps lock is on or not."

No it means the user can guarantee that it isn't on.

" Surely every single password entry should disable capslock?"

An excellent idea.

"If you actually know how to type, caps lock throws a flag in your mind when you see consecutive capitals. Seems like the aystem is designed for people who can't type"

Read this very carefully.

We're talking about entering passwords where the letters aren't echoed back.

You can't see consecutive capitals when you type them.

It makes no difference whether you can type or not.

"why? because fsck you that's why"

No, because it's the sensible thing to do.

With the characters not being echoed back to you you can't see whether the caps lock is on or off. It's all too easy to repeatedly fail at entering a password because the caps lock is on and you didn't know it. Requiring the shift key for upper case means that the user knows when they're typing upper case and when they're not. It should be foolproof - with the usual proviso.

Re: Bless....

"but I may need to break out the letraset transfers"

Can you still get them?

Re: We have also a Google time now?

"Google could well have added its servers to the NTP time pool

No, no, and thrice no! Because Googles NTP servers will be telling the wrong time for about a day after every leap second."

I think the assumption in this is that Google could have done that and then implemented the leap second along with everyone else instead of having the Google Second.

Re: Relevant to the story

"I've actually read Article 50"

Well done. It seems a great number of Brexiteers have never even read the start of it and wondered what might be the appropriate constitutional process for deciding to invoke it.

Re: Goldsmith lost in Richmond because of it. Apparently.

"She epitomises the Mummy-knows-best attitude of EU politicians that led to the leave vote winning."

ISTM that she is asserting the sovereignty of Parliament which has been established, sometimes with a great deal of bloodshed, over the course of the last 1/3rd of a millennium. Some of us think that's worth keeping.

Re: Goldsmith lost in Richmond because of it. Apparently.

"Labour and the Conservatives didn't put up a candidate"

Half right. From the results as tabulated by Wikipedia

Labour Christian Wolmar 1,515 votes 3.67%

Re: Goldsmith lost in Richmond because of it. Apparently.

"And caused by an MP who resigned on principle (far too uncommon these days) over the Heathrow expansion, so nothing to do with Brexit."

Credit to him on resigning on a matter of principle. However he found himself fighting against opposition who were also against the Heathrow expansion but differed from him on Brexit so it appears that the latter was the main issue.

Considering the previous election result the outcome was a massive swing.

Re: Goldsmith lost in Richmond because of it. Apparently.

"No matter what happens, though, I'm fairly certain a majority will be unhappy with the result."

Printing stickers saying Don't blame me, I voted Remain could be a nice little earner in a few years time.

Re: Brexit means ONLY MORE POWER FOR TORIES

Not necessarily. It will have lost them the electoral support of many who voted for them in the past but no longer. Brownomics and then Corbyn have seriously damaged Labour. UKIP will get their comeuppance when the economic costs of Brexit start to bite. This could be the start of a Lib-Dem revival.

Re: Codification of existing practice?

"There is an argument that the Snoopers' Charter is 'simply' codification of an existing practice that the UK authorities ... have been carrying out covertly for some time"

Such practices ignored the presumption of innocence which was part of Common Law. The Act now says, in effect, that innocence need no longer be assumed. It's a major step. Unfortunately the petition didn't say this. It should have concentrated on that single point and left the govt. no room for the anodyne reply it came out with.

Re: Codification of existing practice?

"I see no justification whatsoever for the rest to have access, especially without a warrant."

I can see no justification for any of them having access without a warrant. This law simply assumes guilt until proven innocent.

Re: How about domestic software?

'PS. where is here in "as long as I have been here".'

PPS How long is "as long"?

"Perhaps we just need to point out that the RIPA contains traces of beef."

And huge amounts of bullshit.

Re: Forward planning?

"It's very embarassing to raise prices every three months."

Embarrassed about taking money? This is Microsoft we're talking about.

"said equipment and service management, excluding local employees and datacenter location costs are in USD"

You omitted the most important $ factor: PROFIT.

Re: 98%

"Uhm, so 2% of users do NOT understand that they are supposed to maintain control of the vehicle at all times?"

I wonder how that compares with the percentage who think it's OK to drive singlehanded whilst holding a phone to the ear. Or zero handed whilst texting and checking emails, Facebook & tweeting "I think I just hit something".

Re: Walked from one, stayed with another.

"I on the other hand moved to TalkTalk as they were investing in security"

Is that something you know of your own knowledge or what they told you?

"Transnational companies have more power than most sovereign nations in that regard. Unlike the countries, they can jump ship."

It's not always that easy to jump ship. If they want to trade on any substantial scale in a particular country they'll have to consider have some footprint even if it's only a local sales office. These days regulators are starting to think in terms of fines based on global turnover so the days of being able to shrug off responsibilities might be coming to an end.

Re: No they won't

"Because once you are using a service, it costs time, effort and money to change."

The thing which is most difficult to change is email. You can gain independence from an ISP by using a non-ISP supplier instead of relying on the ISP's email. In the long run it's easier to have a private domain. The domain hoster of the moment can also host the email service but, as it's your own domain, you can switch to another service provider and keep the domain. Sadly it's not a solution for everyone.

"What if the ONLY provider suffers a data breach"

It depends on how important the provider is. There's no shortage of ISP, email providers etc. Banks are rather fewer but there are still choices. Facebook might be considered an only provider but in that case it can be easily done without.

Re: Gut reaction

"the breached provider now has a thorough understanding of the issue and should be able to prevent further breaches in future"

Unfortunately the list of "respectable businesses" in the article includes at least two serial breachees.

I think there are at least 3 categories here:

Those that never learn

Those that learn from their own mistakes

Those that learn from the mistakes of others

Re: "on the UK island of Jersey"

"From the English or from the Saxons, who weren't English either, AFAIK?"

Pretty well the same thing - Anglo Saxons. They weren't Britons, however.

And, of course the Normans were Vikings who'd nicked a bit of France from the French.