Posts by gnarlymarley 260 publicly visible posts • joined 2 Jul 2014
There is no technology advanced enough that can't be screwed up by a user vendor.
Just need to look at BGP. The idea of automatic repair works most of the time, but there is part of the time where it is not capable to repairing itself and needs some external intervention. That failover is where the AI always defaults to humans.
If customer is complaining about a broken computer, and speaking, they're lying.]
This is what my Service Provider would always say when I tell them their server or router was down. Then they figure out that the problem is actually on their end and they "quietly" go fix it. Alas, this idea of me calling them and they think I am lying is the reason why I moved on to another company.
"The customer is always right" has nothing to do with customer honesty, but has everything to do with the idea that customer support is "willing to listen to a possible issue. When you brick over your customer and call them an immediate liar, you push them away as a customer.
It is not acceptable to me that a supplier artificially limits updating hardware to less than the hardware's expected lifespan.
I suspect this has ties to the spector/meltdown problem, where manufacturers build some electronics and they don't want to support it for life because they don't think they charge enough. Probably that their updates match what they think is the hardware's expected lifespan. It is certainly not my expected lifespan. I think a computer should be usable until it dies, say after about 20 or 30 years. A lot of manufacturers think it should last or three years. There sure is a huge difference between my thoughts and their thoughts.
Even if they checked the serial number they can only tell if it is one of the affected ones, not whether it has been fixed.
So, does this mean you have to take the invoice with you to prove it was replaced? Or is this one where they will make you boot it up and they can see the repair history in the logs?
"Rapidly reducing certificate lifetimes to one year, or even less, has significant costs to many companies which rely on digital certificates to protect their systems," Hollebeek said.
This also introduces the possibility of human error and the actions need to take place more often then it previous would. Human error appears to be a large part of the problem too.
everyone's ID is tied to their smartphone
Intesting theory, but lacks security. Everyone knows that data is shared these days, so my identity could technically be on more than one cell phone. This is especially true since my cell phone is shared with other people, it could have more than one person's identity.
Now the real question. Who is going to stop someone else from using my digital identity? The answer to that might surprise you, because I am the person that is going to stop them from using my identity. The government or companies do not care if it matches the individual, just that it is valid.
Still see the same amounts of spam to my hotmail account.
Fortunately, All items that use the hotmail account are spam by definition. I use it for those that require a valid email address, and example@example.com or abuse@theirdomain.whatever doesn't work for them.
People still use hotmail? I had just about abandoned my hotmail account almost as soon as microsoft bought it. For more than two decades, I found it easier to just use my hotmail account as a spamtrap. What they have that others do not is the exclusive spam rules that require the email to be on the accept list or else it is considered spam.
"putting a cookie on a browser doesn't constitute a monetary damage to the owner or user of the iphone."
They're trespassing on the phone. If someone were to trespass on your land by parking their car on your drive you'd probably feel you had cause to sue them for trespass.
Ummm, trespassing? The cookie as designed more than 20 years ago, was setup as per RFC2109 to maintain HTTP sessions. It was understood at the time, if you didn't want to accept the "cookie" then you didn't go to that site.
Fast forward to today, and people insist on trespassing on some company's servers and don't want to accept a "cookie" in exchange. Since your phone is being used to travel to someone else's land. That is not trespassing onto your since your phone is being used to trespass.
This is more like "Doctor Syntax" has parked their car on on google's property and is trying to refuse to accept the "take-a-number" for standing in line. Though, not necessarily okay on Google's behalf, you might want to get your analogies straight.
(The reason why I can say this is the browser is moving from page to page, but the server is stationary.)
Well, I suspect the answer to your question has to do with how NAT was shunned from the IPv6 community from the start. IPv6 was originally branded as not compatable with NAT and I think that turned off a lot of people. I have been using NAT6 since January of 2011, so I know it is possible. My ISP declared that they will never deploy IPv6 because they have a class B IPv4 range. There are still a lot of home routers that do not support IPv6 (which is probably the biggest divider). The home routers that do support it use NAT6.
Li-Fi might work great in England, but not so much in the USA. England has the cloudy thing going on. In the USA, there is much sunlight (which makes solar panels a better option) that leaks through the windows. A lot of people use the windows instead of a light bulb. It would work great at night, but not so much during the daytime.
"As a result, around 50 per cent of its new hires have been hired in the past five years, and now half of its total workforce are millennials, according to Big Blue’s CEO Ginni Rometty."
That's fairly confusing. If I were hired five years ago, I somehow don't think I'd be a new hire. They must have outsourced the quotes and it lost a bit in the translation.
But the real elephant in the room is where they are hiring and where they are firing. So they fired 100K people making an average of 80K and hire the same number making 20k in Malaysia, India, Costa Rica etc.
I'm sure that should the verdict go against IBM they will keep keep appealing or come to a confidential settlement.
Most companies that I have been employed with do not do layoffs at the same time they are hiring. These companies realized that if they hire, they have to train, so why not offer the job internally first as it would be less training. From my experience, I would gather that it does not bode well for IBM.
I’d want to know why the ‘backup’ service account had enough permissions to start messing with the Administrator user accounts inside Active Directory. It should not have been able to go near any of these accounts.
Ummmmm, How do you expect Active Directory to be written to tape and read back from tape again? To do that it needs full read/write capability with active directory. Oh, I guess you don't care about backing up the actual user accounts.
The mercury is rising, expected to hit a sizzling 32°C (89.6°F) this afternoon at Vulture Central, and The Register's elite unit of pasty basement-dwellers, otherwise known as editorial, have scurried into the office to make the most of its semi-functioning air conditioning.
Well, in Utah, USA it is currently 33°C. I think I am more surprised about the cold temp.
Speaking of Florida, where 22°C is considered cold, they're probably laughing at us
We usually go from around 38°C to as low as -12°C, but I am not laughing. It has cooled off for me this week. We were much higher last week. Thanks for (well kind of) taking one for the team.
I think the real question is should encryption be strong. Should encryption be weak enough that the government can go in and transfer money out of your bank account? Anything that a government can do online, so can the terrorists. And that means that weaker encryption is actually enabling the terrorists to get into us honest people's bank accounts. Why do I want to enable a terrorist to be able to access my honest and lawabiding money?
BT taking money out of their employee's pockets...
I guess I don't fully understand as the USA doesn't have "car allowances", but we do have a fuel coverage where we have to submit our driven miles. It makes sense for the company not to pay for driven miles if the employee is on leave. (AKA, not driving for the company.) Good to hear the company is correcting their mistake. Hopefully, there are not too many people that are going to be bitter about BT paying too much in the past and now BT is really going to pay them what it should have been.
At work, I have a few applications that require regular full browser restarts. (This means I have to close all windows as the programmer idiots have put in some hidden javascript that takes over all windows.) Because of this "desired feature", I always run separate browsers (whether it be one in private mode or it be different vendors). Anyone here can cry all they want for me to use a single browser, but I never will. Go cry to your mommies, you suckers.
The tricky part is remembering that when your tired and under pressure.
This is my problem. Management as my work want to bring costs down, so they try to get their salary folks to work the overtime. Obviously, this causes mistakes. Once we hit a mistakes threshold, they switch over to hourly people working the overtime. If we go below the threshold, they switch back to salary people. (Maybe I should make more mistakes on overtime, so my time is less.......)
Google's reCAPTCHA v3 system, designed to separate people from bots during website interactions, is more likely to give you the benefit of the doubt as a human if you happen to be signed in to your Google Account – and is more likely to deem you dubious if you're trying to protect your privacy, recent research suggests.
Like the title, I fail to see how this will even work. More than a decade ago, I saw someone using an automated computer to test our internal web pages. The "robotic functions" simulated the mouse and keyboard. It used actual real web browsers (such as FireFox, Internet Explorer, and has been updated to use the latest version of Chrome and Edge) that would login and test for functionality. This means that someone really wants to defeat a bot, then have to permanently prevent users from getting into their system, and that defeats the true purpose.
We coded the bots to have human like randomized delays in them to show authenticity. So, I would say that stopping a bot is impossible. If you really want to try, then you have already lost by more than 12 years.
The bot was coded at the time to be completely capable of reading doctors handwriting, so the humans already have lost.
Spoiler alert: there really aren't any good ones.
Well, there used to be some good ones until microsoft used a court order to shut them down. Well, maybe not shutdown, but sure did damage their reputation. I spent the following many months trying to convince my registrar to allow me to get rid of the glue from the botched microsoft court order. Using a NoIP entry as glue was a bad idea.
I have been on both sides of the equation. My first experience was with someone who refused to give any information or a call back number so I could find out anything. My second is one that took six years until they would finally accept my screen shots. Once they saw the screen shots, they closed the issue as "too costly to fix."
One common misconception is that the last mile is the bottleneck.
I always have to ask, which last mile? The consumers have a last mile, but also the business hosting the servers have their own last mile. Some businesses cannot afford a terabyte per second connection, so they find someone like akamai to so that for them. It becomes cost effective if they don't need it for the 24/7.
We were too poor to travel in the 1990's, so the only reason for us to show up physically at the server was if we crashed it. If we could remote into it, the 38Kbps was good enough to remotely mount a file system and run our installations. (And yes, it could take hours...) Though it was weird mounting a CD the first few times back then. Could be there was some sort of DRM that didn't let those CDs to be mounted.
could be ecrypted and compared to the stored cipher text in the same way that typed passwords are hashed then compared to the stored hash, i e no need to decrypt the stored password.
Which means an intruder does not need the original password! They just need something that can produce the correct hash.
No matter what domain they pick, it will be blocked on my computer. Currently my http/cache and email servers allow com, net, org, and gov. So if you do not use one of those, you are blocked. So if they move to a .amazon, they are the ones doing the blocking. I had the block before they did the move.
If I were preparing a defence, and there were several reasons why I was innocent, why should I be required to pick just the one?
There was a court case about a substitute school teacher a few years ago who didn't submit all at the time of the case. The courts had blocked new evidence in the case, so it is a good reminder to submit all possible for when the courts may limit any new evidence. If the courts didn't block it maybe I could submit later findings, but I am not sure I would take the chance about having some key evidence being blocked.
If you are looking for links to free filing, try https://www.irs.gov/filing/free-file-do-your-federal-taxes-for-free
I have been filing for free (minus the cost of a stamp) for many years now. If the IRS wants me to stop filing on paper (where they have to type it into their computer for me), then they will offer a direct free replacement. I will not use alternate scammy companies to file for "free".
An untruthful statement is considered a lie by the reg folks.
Contrary to public tweets from the president, tariffs don't only hurt the country whose goods they are imposed on, they also impact domestic companies who are forced to pay significantly more for products and materials they ordered months or years ago.
This statement is not entirely true. I know someone who walked into the local wallmart and bought something USA made that was cheaper their their China made stuff. If there is no alternative, then the consumer could be paying more. Most likely there is an alternative, which does not include the high cost of "shipping" of a production from another country, that is found cheaper in the USA. Wallmart (for reasons unknown) tends to hide those products over to the side so they are not easily noticed or seen. Yes a consumer (private or corporate) "could" pay more for something, but if it helps out my neighbor even for a few pence I don't consider me being hurt.
Come on elreg. Don't forget the "can" or "might" in your statements next time! Leaving these words out leads folks to believe, it is one way street. This kind of negligence has lead to wars in the past.
How do I know the spoofing is happening? It is because I get real people that refuse to listen to the voicemail but call me back (so I know my number has been used in the scams) and also I get my own callerID showing up on my display. The FCC does have a part of their reporting form that wants a verification of the callerID actually being spoofed from my own number. However, they do not care about others that I believe are spoofed. Get a call enough times from a number and you stop picking it up and they stop calling.
make the minimum penalty DEATH for anyone who:
a) spoofs a caller ID
b) violates the 'do not call list'
c) cold-calls *MY* phone.
I get to be executioner.
Please be my guest, but if I cannot track down the individual then you might not be able too. The person doing this knows exactly what they are doing and have convince your local telco to be in with them on it. When I brought up the do not call list, they laughed at me and said they are out of the country and do not need to abide by the laws of the FCC. Probably what we need to do is to stop the outsourcing of call centers.
but please leave an option to use the older UIs. Some of us hate tiles.
Hence why some of us moved on from firefux. If I really wanted to use IE or edge, I would have changed to those applications. Using alternates such as opera or seamonkey can allow one to keep their old UI look. (Well until firefox convinces those to change their looks "and functionality" too.)
Do terrorists still use GSM?
Much of the governments of the world think that terrorists have a belief about god (that includes atheists), and breathe oxygen. So, I guess yeah, they probably do still use GSM. The goverment's broad use of the word terrorism has made it difficult to catch the actual "wrong doers".
If they truely have a good reason to scan then why are they not asking permission first?
Now hang on, this is how I have been working with respect to my local network for over two decades. Malicious is the person not asking, and friendly is the person asking. It is really not that hard people!
@JohnFen: Every so often my public-facing IP gets on the Spamhaus blacklist (admittedly, this hasn't happened in a few years) for no discernible reason.
Perhaps you have an open wireless access point that is allowing someone (maybe neighbors or some random person) to do attempted hacking. I have *never* had a public IP show up on any Spamhaus blacklist.
and I understand if you do, but it's not as bad as your analogy implies.
I am off the beaten path so anyone counting my doors or windows that is not the local government is most likely doing so with intent to break in. You have to trespass in order to count my windows. SYN scanning while might not be as bad as you think, I do firewall security work and someone checking just to see how many windows I have have and will get the cops called on them.
If you accidentally start up a port scan, then stop it as soon as you realize. If it continues, then it IS malicious. If you look at it from the firewall's point of view, there is no way to tell a difference between a SYN can and a hacker who is trying to use that same SYN scan to see what I have.
Looking at the list, after seven years my midrange 3750K is still in the top tier.
I think the real question should be why should I be buying what I did ten years ago for nearly the same price today as when I bought it? If what I bought is still good, then there is no need to change. When microsoft made the change to a subscription OS, it became obvious that they were not planning on changing it to require faster speeds.
Unless someone can figure out how to double the CPU speed again, there can only be lateral moves (AKA, adding more cores). And if I don't move to new games, then there is no reason that I would need more cores. (This is the reason why to not "upgrade".)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
