* Posts by JulieM

610 posts • joined 27 Nov 2014

Page:

Cool IT support drones never look at explosions: Time to resolution for misbehaving mouse? Three seconds

JulieM Silver badge

Re: Mondarin?

How the Muddy Mildred do you counterfeit freaking gold? It's really not difficult to tell what a sample of some mystery metal is made of. Nobody with O-level chemistry and physics could fall for the "scam" described in that article; which, I suppose, tells you something about the intended audience.

Ex-barrister reckons he has a privacy-preserving solution to Britain's smut ban plans

JulieM Silver badge
Boffin

Even easier

I have an even simpler idea:

Just ban minors from the Internet altogether.

If there was no expectation for the Internet to be family-friendly in the first place, there would not be any reason to complain about adult content.

Faxing hell: The cops say they would very much like us to stop calling them all the time

JulieM Silver badge

Re: I called the cops

Or (in a German accent) nul-nul-eins, acht-nul-neun, funf-sechs-drei, nul-nul, nul-nul .....

Spaghetti Junction! Brum hospitals on hunt for new ERP and finance supplier to untangle current systems

JulieM Silver badge

The £6M Question

Why are they not using the existing resources of the university to develop a solution, based on mostly-already-existing Open Source software, that can be shared as Open Source with the rest of the NHS?

From unmovable boot screens to dead certs, neither are what you want to see in a hospital

JulieM Silver badge

Re: i don't know why...

What were the procurement people smoking, buying software without demanding Source Code (and the relevant Modification Rights to go with it)? Those are your guarantee, and you never let go of them!

Now, you personally might not know what to do with Source Code, and you might even take a perverse pride in that ignorance (which, as the sort of person who knows exactly what to do with it, actually suits me fine); but if the worst ever happens and the original supplier goes out of business, access to the Source Code at least ensures any competent programmer will be able to maintain it for you. (In fact, the original vendor needn't even go out of business; if they get a bit too big for their boots with ongoing costs, a customer with the Source Code can up sticks and go their own way, like a motorist going to an independent garage instead of a brand-tied dealership.)

If I was ever to break the habit of a lifetime and pay money for a piece of software, you can bet I would be insisting for at least the same Source Code and Modification Rights I would have got if I had downloaded a different piece of software instead that I would not have to pay for. "Pay more, get less" doesn't sit with my brand.

JulieM Silver badge

Re: Signed Certificates are only as good as...

What is wrong with a system where the certificate never automatically expires, but can be revoked if & when necessary, is that you end up with certificates that are valid in perpetuity by default unless revoked. And it is a lot easier to block a "do not use this certificate anymore" message, than it is to create a plausible fake certificate.

What you are proposing is equivalent to a lock that can be opened using any tool, unless it has been specifically told that that tool is not the key that opens it.

Ooo, a mystery bit of script! Seems legit. Let's see what happens when we run it

JulieM Silver badge
Boffin

Re: "fan-fold paper"

The "perforations not lining up" issue with toilet paper is caused by having torn off just one of the two plies for a full turn (so you are now tearing between the two plies). Each row of perforations is the same number of mm from the last, but each millimetre of paper occupies a different number of degrees around the roll. So the perforations in adjacent layers cannot be expected to align.

The problem can be fixed the same way it was caused.

Publishers sue to shut down books-for-all Internet Archive for 'willful digital piracy on an industrial scale'

JulieM Silver badge
FAIL

Theft

Theft is dishonestly taking something that belongs to somebody else, with intent to permanently deprive them of it.

So what is the thing that you used to have before someone made a copy of a book you wrote, that you don't have afterwards and will never have again?

JulieM Silver badge

A Parable

Once upon a time, a street merchant caught a young boy trying to light a candle stump from his brazier.

"You, lad!" roared the trader, "What do you think you are playing at?"

"I'm just getting a light, sir," replied the boy.

"Then you can buy a box of matches for a penny!"

"If I had a penny," said the boy, "I would buy some matches. But I have no money!"

"That does not give you the right to steal!", thundered the merchant.

"Stealing?" The boy was shocked. "If I light this candle from your brazier, your brazier will still be alight!"

"Ah," said the merchant, "But I will be a penny the poorer!"

The boy was perplexed. "How so, sir? Even if I don't take a light with me, you still won't have a penny!"

The merchant laughed. "Aha, child. The knowledge that you have no light is well worth a penny to me!"

Contact-tracer spoofing is already happening – and it's dangerously simple to do

JulieM Silver badge
Boffin

Colour me surprised -- NOT

If you have access to the right services (a wholesale telecomms provider), equipment and knowledge (which you will definitely have, if you are using wholesale comms) then it would be trivial to make a fake COVID alert call. And it will be hard to notice, just due to sheer weight of numbers.

But that's boring, and it also is giving the (false) impression that you might need to have access to things that are out of the reach of "normal people" in order to pull off such a stunt.

I do not think it is entirely unfeasible for two bored young punks with brains and attitude to lay hands on a scrap PC, a hardware card available from the usual places online, an inverter and battery and one of those red and white tent things that Openreach engineers use to cover up wiring cabinets while working on them.

Thus equipped, all they would need to do is find a suitable cabinet, deploy the tent and enjoy as much mischief as the battery permits. They could disconnect anyone's landline running through that cabinet and patch it to an FXS port on their own "sky blue pink box with yellow spots on" instead of the BT line; and then ring the unwitting victim's phone, laying any caller ID they liked on the call.

The greatest risk is of getting caught setting up or clearing away. (Once the tent is in place, it's very obviously Somebody Else's Problem.) Mucking about with phone lines like this will break the person's Internet connection (barring the kind of coil-winding skills that went out of fashion when kids stopped building radios, while there was still anything to listen to on MW and LW), but most householders are not going to correlate the two events even if they notice the 'net going off. And most importantly, once the miscreants have packed up and gone, the only record of anything happening at all is on the HDD of the portable exchange.

Got $50k spare? Then you can crack SHA-1 – so OpenSSH is deprecating flawed hashing algo in a 'near-future release'

JulieM Silver badge

Re: Two hashes are better than one

It's now feasible to create a file having the same MD5sum as another file using readily-available equipment, so an MD5 match can't be relied on as proof that a file downloaded from some random website has not been altered from the original version.

It still takes a deliberate effort to force a clash, so MD5 probably is still good enough for determining if or not a file has been edited *by you*.

A double collision is at least as hard to engineer as the harder collision, and *might* be actually impossible; but that depends on the algorithms used.

JulieM Silver badge

Re: Old devices

If you really need SHA-1 support for legacy kit with non-upgradeable firmware, you can always put that equipment on a separate VLAN that can't see the Internet; and then either have a simple proxy translating requests, or just reencapsulate the traffic in a more secure transport.

The code isn't going anywhere, except behind an ifdef and some dire warnings. You will still be able to build an OpenSSH with SHA-1 support. You'll just have to prove you really, really want it, is all.

UK finds itself almost alone with centralized virus contact-tracing app that probably won't work well, asks for your location, may be illegal

JulieM Silver badge

Re: @JulieM Of course, being centrally controlled

Which part of the Apache Licence 2.0 obliges the copyright holder to make the Source Code available?

My reading suggests that you can release just the compiled binary, or the Source Code in a form which is effectively unbuildable, and still be in compliance. All it says is you could not stop anyone from releasing the Source Code if they were able successfully to reverse-engineer it.

JulieM Silver badge

Re: The elephant in the room (or should I say home?).

Yes, but Apple, Google and friends are beholden to laws, restricting what use they can make of their ill-gotten information.

Laws created by the Government.

Surely I'm not the only one who sees this as meaning it's ever so slightly less terrible to entrust your data to private corporations than the government?

JulieM Silver badge

Re: Of course, being centrally controlled

Ah, but, there is Open Source, and there is Open Source. On the one hand you have a very popular Web server, supported by a passionate team who genuinely believe everyone should benefit forever from everything anyone ever does. And then on the other hand you have cynical corporations hiding binary blobs behind a licence that says you are allowed to distribute the Source Code, but good luck with finding it and everything else you need to build it.

They can release compiled binaries (and nothing else) under the Apache licence, or a BSD or MIT licence, and still call it Open Source. "Just exercising their freedom not to share" meets the letter of the law, just not the spirit.

It's why I don't mind the GPL at all. Having a rule obliging you to distribute Source Code sounds like an admission of impurity -- as though one would ever dream of not doing so! -- but it's a defence against those who would do more than just dream of it, if they thought they could get away with it.

Florida man might just stick it to HP for injecting sneaky DRM update into his printers that rejected non-HP ink

JulieM Silver badge

Re: I expect I'll get a ton of downvotes BUT

The entire business model of selling a product for less than it cost to manufacture, then recouping the loss and eventually making a profit on necessary consumables by artificially excluding third parties from supplying pattern parts should be illegal.

Of course, properly enforcing the second part would make the first part redundant anyway .....

JulieM Silver badge

Re: I expect I'll get a ton of downvotes BUT

This is victim-blaming.

Yes, some people who fall for scams are just greedy and don't attract a great deal of sympathy for their plight. But many innocent people also fall for scams. Naïvety is not something that should be reprehensible.

Years ago, this sort of practice was deemed unacceptable. Vehicle manufacturers cannot legally require you to use only their approved spare parts -- to the extent that certain features are specifically excluded from copyright or registered design protection, for the protection of third-party vendors' ability to make pattern parts. For some reason, common sense seems to have gone out of the window as soon as computers became involved.

HP's actions amount to nothing short of deception, criminal damage and extortion.

JulieM Silver badge
Unhappy

Re: And yet...

But it probably won't even scan documents unless it has manufacturer-approved ink cartridges fitted, and with some ink remaining in them; this functionality being enforced through proprietary drivers and computationally-expensive protocols to prevent the development of alternative, Open Source drivers.

Linux fans thrown a bone in one Windows 10 build while Peppa Pig may fly if another is ready in time for this year

JulieM Silver badge

Re: Windows awoke to discover it had metamorphosed into...

Well, yes.

Isn't it blindingly obvious that Microsoft are seeking to replace the Windows kernel with a Linux kernel?

French pensioner ejected from fighter jet after accidentally grabbing bang seat* handle

JulieM Silver badge

The fact of the camera not even being running at the time absolutely does not surprise me.....

TeamViewer is going to turn around and ignore what you're doing with its freebie licence to help new remote workers

JulieM Silver badge

You have to pay for it?

It sounds a bit like ssh -X ..... Only with a hefty price tag and without the customary Source Code or modification rights.

They might have chosen temporarily not to prosecute people for taking Freedoms Zero and Two by force, but they are still actively denying you Freedoms One and Three. These people are not your friends.

Mercury, the closest planet to the Sun, surely has no frozen water, right? Guess again: Solar winds form ice

JulieM Silver badge

Temperatures can soar over 400C

Temperatures can soar over 400C, and yet somebody will inevitably moan that they are too cold.

(Coat? I don't need no stinkin' coat! It's double figures out!)

The Tell-Tale Heart! Boffins build an AI that can tell your sex using just your heartbeat

JulieM Silver badge

Re: The black box nature of convolutional neural networks

Well, we could always create another Artificial Intelligence to reverse-engineer the first one .....

Firefox 74 slams Facebook in solitary confinement: Browser add-on stops social network stalking users across the web

JulieM Silver badge

Good start

This is a good start. Maybe it can be enabled by default in Firefox 75?

The next thing we need to start doing is deliberately messing with tracking cookies.

Borklays soz for the ailing ATMs but won't say if fix involved a Microsoft invoice

JulieM Silver badge

Lose and Loose

Around these parts, in the local accent, "Lose" (opposite of "win") is pronounced to rhyme with "Nose" (smelling organ), and thus next to impossible to confuse with "Loose" (opposite of tight).

"Orraight youth? Did Forest lose* Satdy?"

"Aye, 14-nowt** Accrington Stanley. Astetten***? Cos I'm gunna guttut' chippy forra peas mix****!"

* Rhymes with "nose"

** Sounds like "note" = Nothing.

*** = "Have you eaten?"

**** = a local delicacy

Not exactly the kind of housekeeping you want when it means the hotel's server uptime is scrubbed clean

JulieM Silver badge

I wrote a text adventure once with a large red "Emergency Reset Button" in it, which -- rather unsurprisingly, at least in hindsight -- transported you right back to the beginning of the game and wiped out all your progress.

If you spent too many moves in a row in that room without typing IGNORE BUTTON, your character pressed it anyway .....

JulieM Silver badge

I of reluctantly decided if I can't beat them, I'm going to of some fun joining them.

Disk stuck in the drive? Don't dilly-Dali – get IT on the case!

JulieM Silver badge
Headmaster

Re: Dwarfs or dwarves?

"S" at the end of a word was always shaped like the "modern" S. The "f without a stroke" only ever appeared at the beginning or in the middle of a word.

Sadly, the web has brought a whole new meaning to the phrase 'nothing is true; everything is permitted'

JulieM Silver badge
Boffin

Re: Penny for a cup of tea, guv?

Personal Protective Equipment is the employer's responsibility to provide. Ordinary street shoes don't actually offer any more protection, in the eyes of Health and Safety, than bare feet. If falling knives, spilled hot liquids &c. are deemed hazardous enough to require special safety footwear, that's the employer's business to sort out.

JulieM Silver badge

Re: Penny for a cup of tea, guv?

Better than that, even: Act as though you're going to make up the shortfall, wait for the bus to pull in, get on it with them -- and then tell the driver to let them know when they get to [the last fare stage they can afford with the money they told you they have] so they can get off and walk the rest of the way.

If you're wondering how Brit cops' live suspect-hunting facial-recog is going, it's cruising at 88% false positives

JulieM Silver badge

This needs to be stopped at once

This is a dangerous experiment which needs to be terminated at once.

The exact same mathematics underlying the problems of facial recognition -- which is just an especially-complicated form of shape recognition -- also underlie the problem of decompilation of binary executable code to human-readable Source Code. "What shape does this vertex belong to?" is isomorphic with "What high-level program structure does this machine instruction belong to?"

If boffins wish to research the mathematics underlying face recognition in a way that has a negligible human cost, they could do worse than research decompilation. And when you have something that can reliably take a compiled binary and spit out some Source Code that compiles to a bitwise-identical binary when fed into the same compiler, then you might be ready to undertake a limited trial with fully-informed volunteers.

And even if the face recognition does not work, you will potentially have put a fix in place for thousands of legacy systems where software whose Source code has long been lost is having to be run on increasingly-scarce hardware because nothing newer can run it; as well as enabling programmers across the world to collaborate on a project, without even a language in common.

Though for my part, if I achieved that much, I'd be content to leave facial recognition as a problem for someone else to solve .....

We regret to inform you there are severe delays on the token ring due to IT nerds blasting each other to bloody chunks

JulieM Silver badge

Token Ring

Isn't Token Ring similar to "Nobody may speak unless they are holding the conch" whereas Ethernet is more like "If two people happen to be talking over one another, both shut up for a random amount of time before trying to speak again" and switched Ethernet is a special case where groups of people who are just talking to each other can huddle together and whisper so as not to disturb anyone other group?

Ethernet is much closer to how people behave in real life (mostly because there is less overhead in waiting for someone to take a breath between sentences than there is in waiting for a conch to come around), but I can clearly see why "some people" might prefer the Token Ring concept.

Talk about making a rod for your own back: Pot dealer's seized €54m Bitcoins up in smoke after keys thrown out with fishing gear

JulieM Silver badge

Re: Daft or smart?

I think this is just a new variant on an old urban legend: the criminal serves their sentence quietly, believing they have enough loot stashed safely away beyond the reach of the Authorities to set themself up a new life after prison; only to find that it has been destroyed, become inaccessible or otherwise rendered worthless in the meantime by circumstances beyond their control.

Cash being thrown away with someone's personal effects is the usual story; but other variants include buried treasure being dug up by the local wildlife or covered by a new housing estate, and currencies losing value when the issuing country gets involved in a war.

The important things all these stories have in common are, a not-thoroughly-despicable criminal who was smart enough to amass a fortune but not smart enough to avoid getting caught; and their assets being lost in a supremely unlikely way which prevents the Authorities from being unable to seize them.

And it hardly even matters whether it's true or not about the €50M. Pot-smoking is a social activity, and a story like that ought to be good for a free meal anytime it gets told in company. Or at least it would, if not for the fact that most weed smokers I've met haven't two ha'pennies to rub together .....

JulieM Silver badge

From the article

"Garda officers said they were hopeful advances in technology would one day enable them to access the Bitcoin so it could be sold."
Surely if there was an advance in technology that would let the forces of Law and Order access other people's cryptocurrency wallets, then by definition that advance would let anyone access other people's cryptocurrency wallets?

I'm not sure that's really what they want .....

I suppose this shows cryptocurrencies are secure after a certain fashion: you can make your own money worthless to anyone else, with much less effort than shredding banknotes, melting down coins or even just buying something expensive that depreciates rapidly.

And being fifty meg down but the Old Bill not getting their hands on a penny of it -- that's got to be worth a few free dinners.

Get in the C: Raspberry Pi 4 can handle a wider range of USB adapters thanks to revised design's silent arrival

JulieM Silver badge
Boffin

Re: "silk screen tweaks to reduce solder bridging in manufacture"

It's all the fault of these modern photoplotters, supporting more than 24 apertures in a single design!

And they said IoT was trash: Sheffield 'smart' bins to start screaming when they haven't been emptied for a fortnight

JulieM Silver badge

A fortnight?

I put my rubbish bin out perhaps every other month, my recycling about once a month.

Crazy idea but hear us out... With robots taking people's jobs, can we rethink this whole working to survive thing?

JulieM Silver badge

Re: The Future

Houses are too expensive is the problem. Houses have become so expensive, mortgages have had to get cheaper!

In 1996, I bought a two-up, two-down terraced house for £30 000 -- the equivalent of 40 months' paycheques from the job I was working at the time. (Ten years earlier, prices for that type of house in that area had been in 4 digits -- but still more than my parents paid in the 1970s for their three-bedroom detached house).

In 2010, I paid the last instalment on my mortgage. In the meantime, I had switched jobs and my monthly salary had approximately doubled; meanwhile, the value of my house had more than trebled. And that's the problem.

There is no good reason why a three-bedroom semi-detached house should cost more than £50 000. Somebody is being greedy.

JulieM Silver badge

The Future

We'll all be waiting for a beep from our mobile phones, letting us know that there is a bicycle available for hire to do a delivery job. Whichever of us wins the scuffle that inevitably breaks out hopes to earn enough to cover the bike hire fee, a visit to a toilet and maybe have some left over to put towards a sleeping pod for the night. We will listen incredulously to stories of the days when people owned their own homes and their own vehicles.

HPE's orders to expert accountant in Autonomy trial revealed

JulieM Silver badge

Double Jeopardy ∴ No Extradition

If Lynch is cleared, then by the doctrine of Autrefois acquit he can't be extradited to the USA to be tried for the same crime as he has already been found not guilty of. (Bliar's hatchet job on Magna Carta doesn't appear to apply here; it was a murderer he was after. In any case, it's way too soon for any "new and compelling" evidence to turn up.)

If he is convicted, then by the doctrine of Autrefois convict he can't be extradited to the USA to be tried for the same crime as he has already been found guilty of and (partially; remember time already spent on remand) punished for.

Either way, HPE have shot themselves in the foot.

Beware, Tesla might take away your car's autopilot if you buy its vehicles from third party dealerships – plus more news

JulieM Silver badge

Re: Mercedes-Benz has copied the Tesla design

Why has the Tesla got a clutch?

I thought an intrinsic part of the idea of electric vehicles was, the necessary matching of effort to load was done electrically (by changing the effective number of turns in the coils, and hence the strength of the magnetic fields they generate) as opposed to mechanically (by changing the ratios of gear teeth)?

Ah, night shift in the 1970s. Ciggies, hipflasks, ADVENT... and fault-prone disk drives the size of washing machines

JulieM Silver badge

Doesn't everyone already know this?

I don't think I have ever actually changed one of those disc packs; but even I know from somewhere that a faulty one can damage the drive that's trying to read it.

In any case, how many very expensive pieces of equipment that definitely used to work up until a few moments ago need you try a removable thing in and find none of them work, before formulating the hypothesis that the removable thing -- which has been a common factor in all the failures -- might have been what's been killing them all?

Take DOS, stir in some Netware, add a bit of Windows and... it's ALIIIIVE!

JulieM Silver badge

Re: apps ?

So, does the knob on a British washing machine select a programme or a program?

Need 32-bit Linux to run past 2038? When version 5.6 of the kernel pops, you're in for a treat

JulieM Silver badge

What will actually happen?

What will actually happen when the timestamp wraps around?

I can see individual packets in transit as the wraparound happens getting lost, if a router thinks it has already dealt with them; and after the wraparound, human-readable timestamps will appear incorrect until the C library is recompiled with a new "zero" date (which will be in the future, now timestamps are "negative"). But missed packets just get automatically retried. It's conceivable a bad protocol implementation could require a whole file to be retried, if the fragments can't be reassembled properly; but really, it's just an extreme case of packets arriving out-of-order (with the first batch apparently coming about 140 years after the second batch) which happens all the time anyway, every time a packet gets corrupt along the way and has to be retried (that's why we split things into packets in the first place). In fact, it probably used to happen a lot more in the early days, when networking was all highly experimental and hardware was more temperamental and less reliable. The first three layers have already been pretty thoroughly tested, under harsher conditions than generally prevail today.

It's not as though you can't download a copy of the software and test it on a scrap machine with a deliberately wrong system time .....

JulieM Silver badge

Re: Can someone...

And sinxe most Linux Apps are Open Source a ot of them haven't switched to 64 bits yet.
You have that exactly the wrong way around. Since most Linux apps are Open Source, they will acquire the word length of the compiler with which they are built. If you never stray beyond your distribution's pre-compiled packages, they will already have the same word length.

It's proprietary apps on Linux that used to be compiled 32-bit only, and now sometimes are compiled 64-bit only.

Windows takes a tumble in the land of the Big Mac and Bacon Double Cheeseburger

JulieM Silver badge
Coat

Re: Possible use of audio

Do they?

The last time I actually went into one of those places, there were customer-facing signs saying "McDonald's Cola -- the only cola at McDonalds!" and reminders behind the tills that they sold McDonald's Cola.

JulieM Silver badge

Possible use of audio

Perhaps it was used for reminding people that they sell McDonald's Cola, anytime anyone asked for a different branded beverage? If someone asks for a "Coke" and you don't tell them they are getting something else, you have violated the Coca-Cola Company's trademark and deceived the customer.

Side note: Would any third party even be allowed to sell their own cola-flavoured soft drinks, if Coca-Cola was a new invention under today's IP régime?

Windows 7 back in black as holdouts report wallpaper-stripping shenanigans

JulieM Silver badge

Just because you've been forced off Windows 7, does not mean you have been forced onto Windows 10.

A fine host for a Raspberry Pi: The Register rakes a talon over the NexDock 2

JulieM Silver badge
Coat

US keyboards

If you try to configure a US keyboard with a non-US layout and rely on touch-typing, it will sort of work ..... More or less!

IBM, Microsoft, a medley of others sing support for Google against Oracle in Supremes' Java API copyright case

JulieM Silver badge

Re: Why not let idiotic orgs let their APIs slide into obscurity via failing to license freely?

No. Let me give you an analogy.

Oracle run a dog training school. They teach dogs to sit, come, walk to heel, fetch, and so forth.

Google have set up their own dog training school. They also teach dogs to sit, come, play dead, walk to heel, fetch, offer a paw in expectation of a treat and so forth.

Google have shown that their actual training methods are substantively different from Oracle's, but Oracle are now trying to claim that the words "Sit", "Stay", "Come", "Heel", "Fetch", "Say Please" and so forth, used by owners to communicate with their dogs, belong to Oracle.

If Oracle get their way on this, it potentially means that anybody creating a programming language cannot use the word "print" to send some output to the screen, or a file, or a device, without a licence from Oracle.

There's something fishy going down in the computer lab

JulieM Silver badge

He had been making a rod for his own back.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020