* Posts by Hawkeye Pierce

61 posts • joined 30 Jun 2015

Page:

Transport for London asks Capita to fling Congestion Charge system into the cloud

Hawkeye Pierce

Re: To be honest...

I agree, but I'll also add that whilst not problem-free, the Oyster system (contactless card for TfL public transport) seems to have held up well over the many years it's been in place. It has had its crashes but I believe the last significant one was more than four years ago and the one (or two as it happened) was eight years before that one.

I imagine the Oyster system must be way more complicated than the CC system. Don't know about the volume of data (guessing more people travel on public transport in any one day than enter the CC zone?) but the complexity and nature of the Oyster data must be way more.

Remember when we warned in February Apple will crack down on long-life HTTPS certs? It's happening: Chrome, Firefox ready to join in, too

Hawkeye Pierce

Re: Will this be a problem for embedded device certs?

Well you either had a mechanism already in place for updating the certificate every 27 months, so you just need to do this twice as frequently as you previously did, or you've spun up your own CA/certificate in which case as the article states, the new lifetime doesn't apply.

Health Sec Hancock says UK will use Apple-Google API for virus contact-tracing app after all (even though Apple were right rotters)

Hawkeye Pierce

Re: NHSX devs apparently superior to Google devs

I do hope you meant X PLUS 0.00000000001 because what you've stated makes a pretty huge change to the parameter. That is likely to completely screw up the app and make it useless... oh hang on, nope, as you were...

Play stupid games, win stupid prizes: UK man gets 3 years for torching 4G phone mast over 5G fears

Hawkeye Pierce

Re: 3 years for a terrorist offence ?

No need to post where this information came from regarding his large number of convictions for a larger number of offences including assault of a police officer and possession of a firearm...

... As The Register had kindly done it for you in a link to the local paper's reporting on the case right there at the top of the article.

You know it's almost as if you have an instant knee-jerk reaction to anything that anyone posts which you disagree with and rather than question yourself and maybe do all of ten seconds research, you just immediately discount it with no reason other than you don't want to believe it.

And on a different topic to those commenting on the length of his sentence, I would imagine his past convictions would have had a large part to play on this.

It could be 'five to ten years' before the world finally drags itself away from IPv4

Hawkeye Pierce

Re: Doomed to eternal limbo

No people didn't "go to those lengths... in order to avoid IPv6". They went to those lengths because - at the time - very few people were on IPv6 and so the problem had to be solved for IPv4. And not too much has changed since.

NAT is horrible. The fact that various things work at the IPv4 level doesn't change that.

Papa don't breach: Contracts, personal info on Madonna, Lady Gaga, Elton John, others swiped in celeb law firm 'hack'

Hawkeye Pierce

You must have been dealing with some pretty unusual lawyers.

All the lawyers I know would have found ample opportunity to bill multiple clients for the time they spent attending free seminars...

Eclipse boss claims Visual Studio Code is an open-source poseur – though he would say that, wouldn't he?

Hawkeye Pierce

"Respect for a global telemetry setting" could be a requirement as you say, but even if it were, without full audit of every component and on each update, I will bet you anything you like that the lawyers would take one look at the fact that Microsoft were facilitating third-party add-ins and would still require that exact same wording. Yes, in that scenario, the components shouldn't be collecting telemetry otherwise they'd be sent to the naughty step, but that still doesn't mean that they're not.

... just as the Eclipse Foundation can't guarantee that none of the Theia add-ins collect telemetry.

Now we know what the P really stands for in PwC: X-rated ads plastered over derelict corner of accountants' website

Hawkeye Pierce

Re: I don’t understand...

My guess is you're all wrong (as is the article).

If you go and host something on Azure (or AWS or...) you'll have some resource running on an IP address. When you've then finished with your Azure resource and you stop paying Azure for that resource, that IP address is now freed up and can be assigned to someone else.

If you don't change/take down your DNS entry, then that entry is now pointing to an IP address that you now don't control. So when someone else spins up an Azure VM and it randomly gets assigned the IP address you were using, then that VM can now be referenced by your redundant-but-still-defined DNS entry. Simple enough for that person to then spin up a web server responding to your (sub) domain name or to redirect to another server.

Unlikely to happen? Perhaps. But with free resources available from the cloud providers, easy enough to keep spinning up a VM and see if you "get lucky" with someone else's domain (although it's unlike IMHO to actually gain you any real benefit other than for the lolz).

So no, sub-domains don't get deregistered and they don't need to be "hijacked" for the circumstances described here to happen. And from the article I see no indication that is was anything more than the above - and sloppy adminstration on the part of PWC.

NASA to launch 247 petabytes of data into AWS – but forgot about eye-watering cloudy egress costs before lift-off

Hawkeye Pierce

Re: Just charge the users

Assuming that we're talking about data held in AWS S3 buckets then that already supports "Requester Pays" buckets. Yes it means that the requester has to have an AWS account but that's not unreasonable.

Is technology undermining democracy? It's complicated, says heavyweight thinktank

Hawkeye Pierce

Sceptics?

I don't think most people "are extremely sceptical about everything".

I think there is a significant proportion of people who fall into that category - those with the knowledge/education/learning/intelligence (delete as you see fit) to question what they read but in my experience there is a large proportion of people who simply believe what they read.

People are reading newspapers less and watching the news less whilst spending more and more time on social media platforms. Their "news" comes from the likes of what they see on Facebook (et al) and so their views are formed by whoever has the biggest marketing budget. I bet you that more people "learned" about the £350m we'd get back following Brexit from social media platforms than from newspapers or news websites.

Google says its latest chatbot is the most human-like ever – trained on our species' best works: 341GB of social media

Hawkeye Pierce

Re: Don't understand...

That's a good point about the Kardashians...

If you go to a Wikipedia page of your choice, and click on the first link in the main body of text for that page, and keep doing that, more often than not you end up on the Philosophy page (pro-gamers: count how many clicks it takes you...).

So yes, I wonder if you engage the chatbot for long enough, do all conversations lead to the Kardashians?

Hawkeye Pierce
FAIL

Don't understand...

Sorry, they're aiming for realistic intelligence and yet they trained it using social media posts????

Is this some new definition of intelligence that I'm not aware of?

Cool 'joke', bro, you could have killed someone: Epilepsy Foundation sics cops on sick flashing-light Twitter trolls

Hawkeye Pierce

@Anonymous Coward (aka moron/troll)

I downvoted you for your idiotic comment but didn't feel the need to add a "you're a moron" post so left that to everyone else. But given that you've come back for more, let me directly respond to your two main points:

1) Yes there are legal grounds. I don't know if you're in the UK but you'd find similar in every country to the Malicious Communications Act 1988 which details the offence of "sending letters etc. with intent to cause distress or anxiety". Other cases in the UK have resulted in successful prosecutions under the offence of causing Actual Bodily Harm which includes psychological injuries.

2) People also have to take responsibilities for their own actions if they deliberately and with intent, cause or may reasonably cause, harm to others. It is completely unreasonable to expect someone to avoid using the internet for fear of what they might see. It is NOT completely unreasonable to expect someone to avoid intending to cause harm to another person.

Escobar Fold 1 snort all it's cracked up to be: Readers finger similarity to slated Chinese mobe

Hawkeye Pierce

That is some website

Rather concerning imagery on the home page and an unflattering photo of the founder with the words underneath saying:

"Former accountant and chief of assassinations of the Medellín Cartel."

Wow, just wow.

Mozilla returns crypto-signed website packaging spec to sender – yes, it's Google

Hawkeye Pierce

Re: Can we get Web caching back, please?

> Then HTTPS-everywhere mania kicked in, and now every single load has to go back to the origin!

Absolute 100% codswallop. Your local browser is more than capable of caching HTTPS resources and will be doing so on every HTTPS site you visit unless that site is explicitly instructing the browser not to.

And to pick up on one other comments made here... Using HTTPS does not prevent a man-in-the-middle from seeing what DOMAINS you're accessing but does prevent them seeing what PAGES within that domain you're reading. That anti-government Facebook page you read - no the MITM can't see that you're accessing that.

We've read the Mueller report. Here's what you need to know: ██ ██ ███ ███████ █████ ███ ██ █████ ████████ █████

Hawkeye Pierce

Re: The Mueller report was one big nothingburger

Oh for goodness sake.

First off, there were were more 14 lawyers on the team so stop selectively referring just to the 14 whose political registrations are known. Secondly being a registered Democrat alone does not make you a "rabid Clinton supporter". Thirdly, going with your 14, I note you "forget" to mention who the non-"rabid Clinton supporter" is known to be... the registered Republican... I'll give you a clue... Mu*ll*r.

But most importantly, so bloody what? Way to go as an example of "if you don't like the message, shoot the messenger"! There is plenty of stuff in the report that is extremely alarming even if it doesn't pass a determination of criminal activity. Or would you like to try and justify every one of the acts in the report?

Or are you saying that the investigators were biased? In which case perhaps you'd like to share with us the bits in the report that are false? Or exaggerated? Or what evidence was overlooked?

No, you can't actually do any of that, can you? So you just parrot the "it's all fake", "it's all a conspiracy" statements as loud as you can to try and drown out what you don't like hearing.

Happy Thursday! 770 MEEELLLION email addresses and passwords found in yuge data breach

Hawkeye Pierce

@Sotarr Re: Interesting, but. . .

I don't know what site you've entered your password on to find out it was compromised but it can't have been Troy Hunt's Have I Been Pwned if you think there's a pay service to get more details.

Facebook to appeal against ICO fine – says it's a matter of principle not to pay 18 mins' profit

Hawkeye Pierce

@ratfox: Re: "it's a matter of principle"

No it's not. If you don't keep data secure you can expect a fine if you get caught. Doesn't matter if you didn't actually leak data, although you might reasonably expect a fine more towards the lower end of the range depending on how negligent you were. They quite clearly had a practice which broke UK data protection laws irrespective of whether they did or didn't share UK data.

After all, how ridiculous it would be if everyone was allowed to keep data completely insecure but you ONLY got fined if someone did actually get hold of it. The fine is there (or at least should be there) to ensure people take the correct steps, not as some money-making, after-the-incident, activity on the part of the authorities.

Your RSS is grass: Mozilla euthanizes feed reader, Atom code in Firefox browser, claims it's old and unloved

Hawkeye Pierce

@Sam Adams: Re: I've always liked RSS

ElReg does still allow you to get an RSS feed by querying the author, for example:

http://feed.theregister.co.uk/rss?q=alistair%20dabbs

Equifax IT staff had to rerun hackers' database queries to work out what was nicked – audit

Hawkeye Pierce

Monitoring isn't monitoring...

Just as a backup isn't a backup if you don't (albeit periodically) prove you can restore it, neither is a monitoring system monitoring if you don't periodically test that it's working as desired.

Put another way, if a software system test doesn't throw up any bugs, my first instinct is to question how thorough the testing was. Likewise if I don't get any alerts from a system designed to raise alerts, in any given period, I need to question whether it's working!

Princely five years in US big house for Nigerian biz email scammer

Hawkeye Pierce

Unclear

I've read the article but it's unclear... am I going to get my $10 million or not now?

Intel hands first Optane DIMM to Google, where it'll collect dust until a supporting CPU arrives

Hawkeye Pierce

Re: Purley Microarchitecture?

Reminds me of the story that back in the early days, IBM used to name their internal and highly-secretive projects by picking the name of a road around their research establishments. Cue journalists also selecting road names at random and asking some IBMer "How''s project XYZ" going, to much consternation about how said journalist knew about that project!

Amazon meets the incredible SHRINKING UK taxman

Hawkeye Pierce

Re: Dividends/Tax/Profit/Revenue/Van Drivers & Box Packers?

Not true - assuming the shares are in an approved incentive plan. Up to £3.6K in shares can be given per year and if kept for five years, they are tax, NIC and CGT free.

See https://www.gov.uk/tax-employee-share-schemes/share-incentive-plans-sips

Hawkeye Pierce

@Thoguht: Re: Just say No to Amazon

The paragraph you quote is not "a duty" and there is no such requirement under UK law. The word "prosperity" does not feature at all in the in the Companies Act 2006 which codifies a director's responsibilities.

The closest requirement is as follows and clearly involves more that simply "maximising the company's profits":

"A duty to promote the success of the company (including considering the interests of the company’s employees, the community and environment, the company’s reputation, and the company’s members)."

Hawkeye Pierce

Re: How it works:-

No employees won't "have to pay personal tax on the value of the shares they receive". Depending on how long they hold them, they will be tax free.

TSB boss: We know everything's working, you just can't see that

Hawkeye Pierce

Banks == IT Companies

I read an article some time back (Cringley perhaps?), the premise of which was that there are many companies around who are IT companies but don't realise it.

This particularly applies to banks and quite frankly if you view them as being an IT company and they screw up on the IT, you wouldn't look to use them again.

GoDaddy told off for reeling in punters with 'misleading' prices

Hawkeye Pierce

@Donn Bly - Re: Maybe we should raise a petiton

Sure, but if when you go to rent your $100 per day vehicle, they ask you for $365,000 because the minimal rental term is one year, you'd be a bit p*ssed off - which is equivalent to what happened here.

From July, Chrome will name and shame insecure HTTP websites

Hawkeye Pierce

Re: Dumb move

>> It's plain out nonsense that a website which doesn't ask for any user input would be more secure if it uses HTTPS vs. HTTP.

No it's not nonsense at all. A website that doesn't use HTTPS can have its pages, as displayed in the browser, modified in any way by simple MITM efforts. That's trivial to do and therefore it is most certainly less secure than if it used HTTP.

(NOTE: That's not to say it IS secure if it uses HTTPS just that it's more secure as there are less attack vectors).

I'll torpedo Tor weirdos, US AG storms: Feds have 'already infiltrated' darknet drug souks

Hawkeye Pierce

Always suspicious...

Maybe I'm being naive, but whenever I hear such a statement as "We have already infiltrated their networks, and we are determined to bring them to justice", I have to think "then why have you just announced that in public?"

Surely if you are determined to bring them to justice, you'd keep quiet about it whilst you go about bringing them to justice, rather than give everyone the heads-up, giving them a chance to disperse to other mediums and/or use better encryption/safeguards/etc.

Public statements such as that are either false, or are predominantly being made to appeal to some section of the voting population or to the person's boss... (or indeed all three).

We translated Intel's crap attempt to spin its way out of CPU security bug PR nightmare

Hawkeye Pierce

Re: Handbrake

But that's what I'd expect for something like Handbrake which is not going to be hitting the kernel much. Written efficiently, it will load a chunk of video in from the disk, work through that, spit it out and then load another block. In the broad scheme of things, only that disk access is going to suffer, and that's (simplistically) once per block read or block write. It's not going to be hitting the disk on a frame-by-frame basis, and the kernel's not going to be used for converting the frames.

Shazam! Apple chucks £300m at Brit what's-that-song app – report

Hawkeye Pierce

Re: The financial world is crazy...

Sloppy reporting I'm afraid...

Latest accounts (available via Companies House website) show a TURNOVER of £40m, Gross Profit of £37m, but Administrative Expenses of some £41m leading to a operating loss of around £4m. So "making £40m" a year should not be equated to "making £40m PROFIT" by any stretch.

UK.gov not quite done with e-cigs, announces launch of new inquiry

Hawkeye Pierce

@FrogsAndChips Re: Smokers are net contributors to the welfare state

This is a reasonably sourced article:

https://fullfact.org/economy/does-smoking-cost-much-it-makes-treasury/

Teen who texted boyfriend to kill himself gets 15 months jail

Hawkeye Pierce

@DA: "Committed Suicide"

Indeed, I thought everyone knew not to use that phrase, especially journalists.

See point 5: https://www.samaritans.org/media-centre/media-guidelines-reporting-suicide/advice-journalists-suicide-reporting-dos-and-donts amongst other places.

US voter info stored on wide-open cloud box, thanks to bungling Republican contractor

Hawkeye Pierce

Re: Voter Fraud

Wow you must have some significant inside information given that the state audit into the discrepancy found no evidence of persuasive voter fraud and that human error and possibly machine error was the main cause.

So no, common sense does not tell us that foul play was involved.

Who will save us from voice recog foolery from scumbags? Magnetometer!

Hawkeye Pierce

Re: Quad

> Oh, come on, even the president can remember 12345 as his code.

Hang on, I thought it was "covfefe"

UK biz: Oh (yawn) GDPR? Was that *next* May? – survey

Hawkeye Pierce

Re: Brexit?

It's also going to apply to anyone wanting to do business with, or in, an EU country regardless of where you are based. So whether or not a future UK government "changes it", you'll need to comply if you want to do business in the EU (and if you believe that any penalties under GDPR will be enforceable).

'Password rules are bullsh*t!' Stackoverflow Jeff's rage overflows

Hawkeye Pierce

Re: It only makes it easier to crack...

Increasing the delay between attempts can be done in one of two ways. The first is to only track by IP address (i.e. if the username + IP address is the same then delay on each failed attempt) in which case a bot farm can be used easily enough to circumvent that. If you don't factor in the IP address and delay on EACH failed attempt then you're opening yourself up for DoS attacks, preventing people from being able to log in.

Happy Friday: Busted Barracuda update borks corporate firewalls

Hawkeye Pierce

Re: PR people have no soul or conscience

Furthermore:

>> "The problem was quickly resolved and we are working with impacted customers to ensure all firewalls are updated with the correction."

No, the problem was that you pushed out an update that knocked out a number of your client's boxes. The CAUSE of the problem may have been quickly resolved, but the fact that you are working with impacted customers shows that the problem was not quickly resolved.

Apple eats itself as iPhone fatigue spreads

Hawkeye Pierce

Re: The timing of this 'release'

@John 104

Stock hit around $700 at one point but that was prior to Apple splitting the shares 7-1. The adjusted high is a bit over $130 I believe.

Sysadmin flees asbestos scare with disk drive, blank pay cheques, angry builders in pursuit

Hawkeye Pierce

Re: Die Hard VII: Sysadmin

Obligatory... you know the rest:

https://xkcd.com/705/

US reactor breaks fusion record – then runs out of cash and shuts down

Hawkeye Pierce

Money

>> "The MIT reactor used 1.4 million amps of electrical current"

And I'm guessing they ran out of money just after the electricity bill arrived?

New Microsoft Bug Bounty

Hawkeye Pierce

Re: Not eating enough carrots

The story about carrots being responsible for the RAF success being put out to hide the use of radar from the Germans is widely held but demonstrably false.

By 1939, the Germans not only knew about radar, but had good technology themselves. Moreover, the switch early on in the Battle of Britain from bombing airfields to bombing the radar stations is further evidence that they knew exactly what they were for.

Instead, the story was put out by the Government to persuade the British public to eat more carrots - being a good source of nutrition and readily grown in a time of rationing. Some of that was helped by putting it out that they would help the public see in the blackout.

So rather than a deception (albeit partially unknowingly true) on the Germans, it was actually a deception on the British public.

Worried by VMware's executive exodus? Dell should be

Hawkeye Pierce

OT: Oscar Wilde

May be off-topic, but you started it..

Oscar Wilde can hardly be "reputed to have said" that "To lose one parent may be regarded as a misfortune; to lose both looks like carelessness.” when it's one of the most famous quotes from his play The Importance of Being Earnest.

Tsk, youngsters today...

Ex-TalkTalker TalkTalks: Records portal had shared password. It was 4 years old

Hawkeye Pierce

Re: Not Surprised @Brewster

>> I speculate the cost of doing this right will exceed their losses.

I disagree with that. The cost of doing this right IN THE FIRST PLACE would have been less than they will lose from the incident. By the time you factor in the lost customers, the help desk costs to handle the increased calls, the incentives they've made to those customers to encourage them to stay plus the significant costs they've had in hiring in security consultants to bolt the stable door, that's going to be far in excess of the relatively low costs to do things right in the first place by employing competent staff (devs + managers) and to pen test the system.

25 years ago: Sir Tim Berners-Lee builds world's first website

Hawkeye Pierce

Over 4 billion web pages?

Well yes, there are over 4 billion web pages...

... but as Google index over 40 billion and they only index a small percentage of the Internet, I'm not sure what you were actually trying to say?

Oracle ordered to admit on its website that it lost the plot on Java security

Hawkeye Pierce

To much use of the word "alleged"

>> The FTC alleged that, in the past, when you installed or updated Java SE, it didn’t replace the version already on your computer.

Well technically, the FTC did indeed "allege" that. But it's rather disingenuous to use that word given that it's 100% true as evidenced by the fact that in the very next sentence Oracle admit to changing that behaviour at a later date!

At least 10 major loyalty card schemes compromised in industry-wide scam

Hawkeye Pierce

Indeed. In the same way that if I buy something from an online retailer and the delivery company fouls up then it's the retailer that has to put it right, then it should also be Subway's problem if the data I've given it is leaked. Doesn't matter who leaked it, I gave it to Subway and from that moment on, it should be their problem to ensure it's safe.

FastMail falls over as web service extortionists widen attacks and up their prices

Hawkeye Pierce

Or alternatively...

... rather than pay them the ransom fee to make them go away, pay them to attack one of the other DDoS groups. Then they can merrily wage war amongst themselves whilst the rest of us get on with our lives.

ARM floats power-sipping Mali-470 GPU for Internet of Things things

Hawkeye Pierce

Ummm, ignoring the wisdom/benefit of internetifying (yes I know,..) these things, off the top of my head, I would imagine all of the following could/would benefit from a display of some sort:

- thermostat

- entrance system

- burglar alarm

- video phone

- media controller

- various health devices

Let's check out Dell, doom and the competition

Hawkeye Pierce

Re: How can one article get so much wrong?!

How can one comment on an article get so much wrong?

Your first gripe is completely misplaced. The author was quite clearly talking about techies not the general "public" youth (who wouldn't know who Cisco are) that you refer to. I completely agree with Trevor's point - the young techies have lived their working lives largely in an API driven world, with services available for much of what they need.

As to your second point - you seem to be focused on front-ends completely missing the bigger picture. But let's talk about the front-end for a moment. People are becoming less concerned by arguments of Windows over Mac (over Linux), iOS over Android (over Windows) etc. Once upon a time, one learned particular applications which ran on particular platforms. Nowdays, usability and maturity (both of the user and the software) mean that the focus is on the tool, not the platform, and the tools are much more interchangeable on any platform. As to the bigger picture, following on from the first point, services are becoming the norm. I can access various services from a development point of view (from database or email, to higher level services) without a care as to what the platform is - it's simply irrelevant to me because all I care about is the service that I'm consuming not the underlying nuts and bolts.

Your last point is a complete non-sequitur to me. "Consolidation" says to me that everyone ends up producing the same thing - hence as Trevor says, no differentiation. If you have differentiation then it's not a consolidated market!

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020