* Posts by Hawkeye Pierce

66 posts • joined 30 Jun 2015

Page:

Financial Reporting Council slaps Autonomy auditor Deloitte with £15m fine over audit 'misconduct'

Hawkeye Pierce

Re: Outside Auditors

Completely agree. The mere fact that Deloitte had been doing the audit for at least the five years that the senior partner had been working with them rings alarms bells.

I get that big firms have complicated structures and that there's a cost in chopping and changing auditors frequently. But it really should be mandatory to change auditors at least every three (?) years, as some small mitigation to avoid auditors becoming entrenched and working for the company - when they should technically be working for the shareholders.

Yes I know shareholders vote to employ the auditors at each AGM but it's pretty unarguable to state that the system isn't working.

Stock market blizzard: Snowflake set for £33bn IPO as valuation bubble keeps on expanding

Hawkeye Pierce

Re: No way Buffett is considering this

Er no it's not a false rumour.

He bought $250m of stock at $105/share so is currently sitting on a very nice profit if he were to immediately cash out...

... which I would certainly do given my humble assessment of the company being **way** over valued.

(But yes, it is an odd purchase for him in more ways than one).

Who cares what Apple's about to announce? It owes us a macOS x86 virtual appliance for non-Mac computers

Hawkeye Pierce

Cloud-based virtual machines

Personally I suspect that Apple won't get out of the mindset that macOS is what you get when you buy a Mac - they don't see themselves as a software company and the software they do produce is with one intention - to sell Apple hardware.

However... I'd be surprised if they hadn't considered offering up cloud-based virtual Macs, rentable perhaps even by the day. That way, they don't have to sell macOS as a standalone piece of software and they don't have to provide consumer support of the OS on virtual machines, and they do keep tight control over it (it only runs in their data centres). But it does provide a stopgap for when the ARM based Macs come out and people find they have some Intel-only based software they need and it would also be a godsend for developers of iOS and macOS software for whom even using cross-platform technologies are still more or less forced to use a Mac in a couple of places in the development lifecycle.

Help. The political process is corrupted, full of lies and state-sponsored deep fakes. Now Microsoft's to the rescue

Hawkeye Pierce

Seriously?

Are you telling me that having said that it adds "digital hashes and certificates" to content and that it provides a "high degree of accuracy" of authenticity, that not once could they shoehorn the work "blockchain" in there?

This is either fake news or standards at Microsoft's PR division are slipping.

Utes gotta be kidding me... University of Utah handed $457K to ransomware creeps

Hawkeye Pierce

Re: On The Other Hand...

Unfortunately that article you link to regarding Citigroup is incorrect in a number of places.

First and most importantly, the deal was arranged by the Bush administration not Obama. Secondly the Government did not "give" $306 billion. The total sum handed over amounted to some $45 billion over two tranches with the headline $306bn coming from the value of the loans that the Government agreed to take any losses on... potentially that could have amounted to $306bn but realistically was going to be nothing like that amount. Also the bailout was not a gift - it was a loan and the Government received a sizeable stake in Citigroup itself as part of the deal.

And - albeit with the benefit of hindsight - a pretty successful financial transaction too for the Government as they've made around $15bn profit on the repaid loan and the sold shares in Citigroup.

Transport for London asks Capita to fling Congestion Charge system into the cloud

Hawkeye Pierce

Re: To be honest...

I agree, but I'll also add that whilst not problem-free, the Oyster system (contactless card for TfL public transport) seems to have held up well over the many years it's been in place. It has had its crashes but I believe the last significant one was more than four years ago and the one (or two as it happened) was eight years before that one.

I imagine the Oyster system must be way more complicated than the CC system. Don't know about the volume of data (guessing more people travel on public transport in any one day than enter the CC zone?) but the complexity and nature of the Oyster data must be way more.

Remember when we warned in February Apple will crack down on long-life HTTPS certs? It's happening: Chrome, Firefox ready to join in, too

Hawkeye Pierce

Re: Will this be a problem for embedded device certs?

Well you either had a mechanism already in place for updating the certificate every 27 months, so you just need to do this twice as frequently as you previously did, or you've spun up your own CA/certificate in which case as the article states, the new lifetime doesn't apply.

Health Sec Hancock says UK will use Apple-Google API for virus contact-tracing app after all (even though Apple were right rotters)

Hawkeye Pierce

Re: NHSX devs apparently superior to Google devs

I do hope you meant X PLUS 0.00000000001 because what you've stated makes a pretty huge change to the parameter. That is likely to completely screw up the app and make it useless... oh hang on, nope, as you were...

Play stupid games, win stupid prizes: UK man gets 3 years for torching 4G phone mast over 5G fears

Hawkeye Pierce

Re: 3 years for a terrorist offence ?

No need to post where this information came from regarding his large number of convictions for a larger number of offences including assault of a police officer and possession of a firearm...

... As The Register had kindly done it for you in a link to the local paper's reporting on the case right there at the top of the article.

You know it's almost as if you have an instant knee-jerk reaction to anything that anyone posts which you disagree with and rather than question yourself and maybe do all of ten seconds research, you just immediately discount it with no reason other than you don't want to believe it.

And on a different topic to those commenting on the length of his sentence, I would imagine his past convictions would have had a large part to play on this.

It could be 'five to ten years' before the world finally drags itself away from IPv4

Hawkeye Pierce

Re: Doomed to eternal limbo

No people didn't "go to those lengths... in order to avoid IPv6". They went to those lengths because - at the time - very few people were on IPv6 and so the problem had to be solved for IPv4. And not too much has changed since.

NAT is horrible. The fact that various things work at the IPv4 level doesn't change that.

Papa don't breach: Contracts, personal info on Madonna, Lady Gaga, Elton John, others swiped in celeb law firm 'hack'

Hawkeye Pierce

You must have been dealing with some pretty unusual lawyers.

All the lawyers I know would have found ample opportunity to bill multiple clients for the time they spent attending free seminars...

Eclipse boss claims Visual Studio Code is an open-source poseur – though he would say that, wouldn't he?

Hawkeye Pierce

"Respect for a global telemetry setting" could be a requirement as you say, but even if it were, without full audit of every component and on each update, I will bet you anything you like that the lawyers would take one look at the fact that Microsoft were facilitating third-party add-ins and would still require that exact same wording. Yes, in that scenario, the components shouldn't be collecting telemetry otherwise they'd be sent to the naughty step, but that still doesn't mean that they're not.

... just as the Eclipse Foundation can't guarantee that none of the Theia add-ins collect telemetry.

Now we know what the P really stands for in PwC: X-rated ads plastered over derelict corner of accountants' website

Hawkeye Pierce

Re: I don’t understand...

My guess is you're all wrong (as is the article).

If you go and host something on Azure (or AWS or...) you'll have some resource running on an IP address. When you've then finished with your Azure resource and you stop paying Azure for that resource, that IP address is now freed up and can be assigned to someone else.

If you don't change/take down your DNS entry, then that entry is now pointing to an IP address that you now don't control. So when someone else spins up an Azure VM and it randomly gets assigned the IP address you were using, then that VM can now be referenced by your redundant-but-still-defined DNS entry. Simple enough for that person to then spin up a web server responding to your (sub) domain name or to redirect to another server.

Unlikely to happen? Perhaps. But with free resources available from the cloud providers, easy enough to keep spinning up a VM and see if you "get lucky" with someone else's domain (although it's unlike IMHO to actually gain you any real benefit other than for the lolz).

So no, sub-domains don't get deregistered and they don't need to be "hijacked" for the circumstances described here to happen. And from the article I see no indication that is was anything more than the above - and sloppy adminstration on the part of PWC.

NASA to launch 247 petabytes of data into AWS – but forgot about eye-watering cloudy egress costs before lift-off

Hawkeye Pierce

Re: Just charge the users

Assuming that we're talking about data held in AWS S3 buckets then that already supports "Requester Pays" buckets. Yes it means that the requester has to have an AWS account but that's not unreasonable.

Is technology undermining democracy? It's complicated, says heavyweight thinktank

Hawkeye Pierce

Sceptics?

I don't think most people "are extremely sceptical about everything".

I think there is a significant proportion of people who fall into that category - those with the knowledge/education/learning/intelligence (delete as you see fit) to question what they read but in my experience there is a large proportion of people who simply believe what they read.

People are reading newspapers less and watching the news less whilst spending more and more time on social media platforms. Their "news" comes from the likes of what they see on Facebook (et al) and so their views are formed by whoever has the biggest marketing budget. I bet you that more people "learned" about the £350m we'd get back following Brexit from social media platforms than from newspapers or news websites.

Google says its latest chatbot is the most human-like ever – trained on our species' best works: 341GB of social media

Hawkeye Pierce

Re: Don't understand...

That's a good point about the Kardashians...

If you go to a Wikipedia page of your choice, and click on the first link in the main body of text for that page, and keep doing that, more often than not you end up on the Philosophy page (pro-gamers: count how many clicks it takes you...).

So yes, I wonder if you engage the chatbot for long enough, do all conversations lead to the Kardashians?

Hawkeye Pierce
FAIL

Don't understand...

Sorry, they're aiming for realistic intelligence and yet they trained it using social media posts????

Is this some new definition of intelligence that I'm not aware of?

Cool 'joke', bro, you could have killed someone: Epilepsy Foundation sics cops on sick flashing-light Twitter trolls

Hawkeye Pierce

@Anonymous Coward (aka moron/troll)

I downvoted you for your idiotic comment but didn't feel the need to add a "you're a moron" post so left that to everyone else. But given that you've come back for more, let me directly respond to your two main points:

1) Yes there are legal grounds. I don't know if you're in the UK but you'd find similar in every country to the Malicious Communications Act 1988 which details the offence of "sending letters etc. with intent to cause distress or anxiety". Other cases in the UK have resulted in successful prosecutions under the offence of causing Actual Bodily Harm which includes psychological injuries.

2) People also have to take responsibilities for their own actions if they deliberately and with intent, cause or may reasonably cause, harm to others. It is completely unreasonable to expect someone to avoid using the internet for fear of what they might see. It is NOT completely unreasonable to expect someone to avoid intending to cause harm to another person.

Escobar Fold 1 snort all it's cracked up to be: Readers finger similarity to slated Chinese mobe

Hawkeye Pierce

That is some website

Rather concerning imagery on the home page and an unflattering photo of the founder with the words underneath saying:

"Former accountant and chief of assassinations of the Medellín Cartel."

Wow, just wow.

Mozilla returns crypto-signed website packaging spec to sender – yes, it's Google

Hawkeye Pierce

Re: Can we get Web caching back, please?

> Then HTTPS-everywhere mania kicked in, and now every single load has to go back to the origin!

Absolute 100% codswallop. Your local browser is more than capable of caching HTTPS resources and will be doing so on every HTTPS site you visit unless that site is explicitly instructing the browser not to.

And to pick up on one other comments made here... Using HTTPS does not prevent a man-in-the-middle from seeing what DOMAINS you're accessing but does prevent them seeing what PAGES within that domain you're reading. That anti-government Facebook page you read - no the MITM can't see that you're accessing that.

We've read the Mueller report. Here's what you need to know: ██ ██ ███ ███████ █████ ███ ██ █████ ████████ █████

Hawkeye Pierce

Re: The Mueller report was one big nothingburger

Oh for goodness sake.

First off, there were were more 14 lawyers on the team so stop selectively referring just to the 14 whose political registrations are known. Secondly being a registered Democrat alone does not make you a "rabid Clinton supporter". Thirdly, going with your 14, I note you "forget" to mention who the non-"rabid Clinton supporter" is known to be... the registered Republican... I'll give you a clue... Mu*ll*r.

But most importantly, so bloody what? Way to go as an example of "if you don't like the message, shoot the messenger"! There is plenty of stuff in the report that is extremely alarming even if it doesn't pass a determination of criminal activity. Or would you like to try and justify every one of the acts in the report?

Or are you saying that the investigators were biased? In which case perhaps you'd like to share with us the bits in the report that are false? Or exaggerated? Or what evidence was overlooked?

No, you can't actually do any of that, can you? So you just parrot the "it's all fake", "it's all a conspiracy" statements as loud as you can to try and drown out what you don't like hearing.

Happy Thursday! 770 MEEELLLION email addresses and passwords found in yuge data breach

Hawkeye Pierce

@Sotarr Re: Interesting, but. . .

I don't know what site you've entered your password on to find out it was compromised but it can't have been Troy Hunt's Have I Been Pwned if you think there's a pay service to get more details.

Facebook to appeal against ICO fine – says it's a matter of principle not to pay 18 mins' profit

Hawkeye Pierce

@ratfox: Re: "it's a matter of principle"

No it's not. If you don't keep data secure you can expect a fine if you get caught. Doesn't matter if you didn't actually leak data, although you might reasonably expect a fine more towards the lower end of the range depending on how negligent you were. They quite clearly had a practice which broke UK data protection laws irrespective of whether they did or didn't share UK data.

After all, how ridiculous it would be if everyone was allowed to keep data completely insecure but you ONLY got fined if someone did actually get hold of it. The fine is there (or at least should be there) to ensure people take the correct steps, not as some money-making, after-the-incident, activity on the part of the authorities.

Your RSS is grass: Mozilla euthanizes feed reader, Atom code in Firefox browser, claims it's old and unloved

Hawkeye Pierce

@Sam Adams: Re: I've always liked RSS

ElReg does still allow you to get an RSS feed by querying the author, for example:

http://feed.theregister.co.uk/rss?q=alistair%20dabbs

Equifax IT staff had to rerun hackers' database queries to work out what was nicked – audit

Hawkeye Pierce

Monitoring isn't monitoring...

Just as a backup isn't a backup if you don't (albeit periodically) prove you can restore it, neither is a monitoring system monitoring if you don't periodically test that it's working as desired.

Put another way, if a software system test doesn't throw up any bugs, my first instinct is to question how thorough the testing was. Likewise if I don't get any alerts from a system designed to raise alerts, in any given period, I need to question whether it's working!

Princely five years in US big house for Nigerian biz email scammer

Hawkeye Pierce

Unclear

I've read the article but it's unclear... am I going to get my $10 million or not now?

Intel hands first Optane DIMM to Google, where it'll collect dust until a supporting CPU arrives

Hawkeye Pierce

Re: Purley Microarchitecture?

Reminds me of the story that back in the early days, IBM used to name their internal and highly-secretive projects by picking the name of a road around their research establishments. Cue journalists also selecting road names at random and asking some IBMer "How''s project XYZ" going, to much consternation about how said journalist knew about that project!

Amazon meets the incredible SHRINKING UK taxman

Hawkeye Pierce

Re: Dividends/Tax/Profit/Revenue/Van Drivers & Box Packers?

Not true - assuming the shares are in an approved incentive plan. Up to £3.6K in shares can be given per year and if kept for five years, they are tax, NIC and CGT free.

See https://www.gov.uk/tax-employee-share-schemes/share-incentive-plans-sips

Hawkeye Pierce

@Thoguht: Re: Just say No to Amazon

The paragraph you quote is not "a duty" and there is no such requirement under UK law. The word "prosperity" does not feature at all in the in the Companies Act 2006 which codifies a director's responsibilities.

The closest requirement is as follows and clearly involves more that simply "maximising the company's profits":

"A duty to promote the success of the company (including considering the interests of the company’s employees, the community and environment, the company’s reputation, and the company’s members)."

Hawkeye Pierce

Re: How it works:-

No employees won't "have to pay personal tax on the value of the shares they receive". Depending on how long they hold them, they will be tax free.

TSB boss: We know everything's working, you just can't see that

Hawkeye Pierce

Banks == IT Companies

I read an article some time back (Cringley perhaps?), the premise of which was that there are many companies around who are IT companies but don't realise it.

This particularly applies to banks and quite frankly if you view them as being an IT company and they screw up on the IT, you wouldn't look to use them again.

GoDaddy told off for reeling in punters with 'misleading' prices

Hawkeye Pierce

@Donn Bly - Re: Maybe we should raise a petiton

Sure, but if when you go to rent your $100 per day vehicle, they ask you for $365,000 because the minimal rental term is one year, you'd be a bit p*ssed off - which is equivalent to what happened here.

From July, Chrome will name and shame insecure HTTP websites

Hawkeye Pierce

Re: Dumb move

>> It's plain out nonsense that a website which doesn't ask for any user input would be more secure if it uses HTTPS vs. HTTP.

No it's not nonsense at all. A website that doesn't use HTTPS can have its pages, as displayed in the browser, modified in any way by simple MITM efforts. That's trivial to do and therefore it is most certainly less secure than if it used HTTP.

(NOTE: That's not to say it IS secure if it uses HTTPS just that it's more secure as there are less attack vectors).

I'll torpedo Tor weirdos, US AG storms: Feds have 'already infiltrated' darknet drug souks

Hawkeye Pierce

Always suspicious...

Maybe I'm being naive, but whenever I hear such a statement as "We have already infiltrated their networks, and we are determined to bring them to justice", I have to think "then why have you just announced that in public?"

Surely if you are determined to bring them to justice, you'd keep quiet about it whilst you go about bringing them to justice, rather than give everyone the heads-up, giving them a chance to disperse to other mediums and/or use better encryption/safeguards/etc.

Public statements such as that are either false, or are predominantly being made to appeal to some section of the voting population or to the person's boss... (or indeed all three).

We translated Intel's crap attempt to spin its way out of CPU security bug PR nightmare

Hawkeye Pierce

Re: Handbrake

But that's what I'd expect for something like Handbrake which is not going to be hitting the kernel much. Written efficiently, it will load a chunk of video in from the disk, work through that, spit it out and then load another block. In the broad scheme of things, only that disk access is going to suffer, and that's (simplistically) once per block read or block write. It's not going to be hitting the disk on a frame-by-frame basis, and the kernel's not going to be used for converting the frames.

Shazam! Apple chucks £300m at Brit what's-that-song app – report

Hawkeye Pierce

Re: The financial world is crazy...

Sloppy reporting I'm afraid...

Latest accounts (available via Companies House website) show a TURNOVER of £40m, Gross Profit of £37m, but Administrative Expenses of some £41m leading to a operating loss of around £4m. So "making £40m" a year should not be equated to "making £40m PROFIT" by any stretch.

UK.gov not quite done with e-cigs, announces launch of new inquiry

Hawkeye Pierce

@FrogsAndChips Re: Smokers are net contributors to the welfare state

This is a reasonably sourced article:

https://fullfact.org/economy/does-smoking-cost-much-it-makes-treasury/

Teen who texted boyfriend to kill himself gets 15 months jail

Hawkeye Pierce

@DA: "Committed Suicide"

Indeed, I thought everyone knew not to use that phrase, especially journalists.

See point 5: https://www.samaritans.org/media-centre/media-guidelines-reporting-suicide/advice-journalists-suicide-reporting-dos-and-donts amongst other places.

US voter info stored on wide-open cloud box, thanks to bungling Republican contractor

Hawkeye Pierce

Re: Voter Fraud

Wow you must have some significant inside information given that the state audit into the discrepancy found no evidence of persuasive voter fraud and that human error and possibly machine error was the main cause.

So no, common sense does not tell us that foul play was involved.

Who will save us from voice recog foolery from scumbags? Magnetometer!

Hawkeye Pierce

Re: Quad

> Oh, come on, even the president can remember 12345 as his code.

Hang on, I thought it was "covfefe"

UK biz: Oh (yawn) GDPR? Was that *next* May? – survey

Hawkeye Pierce

Re: Brexit?

It's also going to apply to anyone wanting to do business with, or in, an EU country regardless of where you are based. So whether or not a future UK government "changes it", you'll need to comply if you want to do business in the EU (and if you believe that any penalties under GDPR will be enforceable).

'Password rules are bullsh*t!' Stackoverflow Jeff's rage overflows

Hawkeye Pierce

Re: It only makes it easier to crack...

Increasing the delay between attempts can be done in one of two ways. The first is to only track by IP address (i.e. if the username + IP address is the same then delay on each failed attempt) in which case a bot farm can be used easily enough to circumvent that. If you don't factor in the IP address and delay on EACH failed attempt then you're opening yourself up for DoS attacks, preventing people from being able to log in.

Happy Friday: Busted Barracuda update borks corporate firewalls

Hawkeye Pierce

Re: PR people have no soul or conscience

Furthermore:

>> "The problem was quickly resolved and we are working with impacted customers to ensure all firewalls are updated with the correction."

No, the problem was that you pushed out an update that knocked out a number of your client's boxes. The CAUSE of the problem may have been quickly resolved, but the fact that you are working with impacted customers shows that the problem was not quickly resolved.

Apple eats itself as iPhone fatigue spreads

Hawkeye Pierce

Re: The timing of this 'release'

@John 104

Stock hit around $700 at one point but that was prior to Apple splitting the shares 7-1. The adjusted high is a bit over $130 I believe.

Sysadmin flees asbestos scare with disk drive, blank pay cheques, angry builders in pursuit

Hawkeye Pierce

Re: Die Hard VII: Sysadmin

Obligatory... you know the rest:

https://xkcd.com/705/

US reactor breaks fusion record – then runs out of cash and shuts down

Hawkeye Pierce

Money

>> "The MIT reactor used 1.4 million amps of electrical current"

And I'm guessing they ran out of money just after the electricity bill arrived?

New Microsoft Bug Bounty

Hawkeye Pierce

Re: Not eating enough carrots

The story about carrots being responsible for the RAF success being put out to hide the use of radar from the Germans is widely held but demonstrably false.

By 1939, the Germans not only knew about radar, but had good technology themselves. Moreover, the switch early on in the Battle of Britain from bombing airfields to bombing the radar stations is further evidence that they knew exactly what they were for.

Instead, the story was put out by the Government to persuade the British public to eat more carrots - being a good source of nutrition and readily grown in a time of rationing. Some of that was helped by putting it out that they would help the public see in the blackout.

So rather than a deception (albeit partially unknowingly true) on the Germans, it was actually a deception on the British public.

Worried by VMware's executive exodus? Dell should be

Hawkeye Pierce

OT: Oscar Wilde

May be off-topic, but you started it..

Oscar Wilde can hardly be "reputed to have said" that "To lose one parent may be regarded as a misfortune; to lose both looks like carelessness.” when it's one of the most famous quotes from his play The Importance of Being Earnest.

Tsk, youngsters today...

Ex-TalkTalker TalkTalks: Records portal had shared password. It was 4 years old

Hawkeye Pierce

Re: Not Surprised @Brewster

>> I speculate the cost of doing this right will exceed their losses.

I disagree with that. The cost of doing this right IN THE FIRST PLACE would have been less than they will lose from the incident. By the time you factor in the lost customers, the help desk costs to handle the increased calls, the incentives they've made to those customers to encourage them to stay plus the significant costs they've had in hiring in security consultants to bolt the stable door, that's going to be far in excess of the relatively low costs to do things right in the first place by employing competent staff (devs + managers) and to pen test the system.

25 years ago: Sir Tim Berners-Lee builds world's first website

Hawkeye Pierce

Over 4 billion web pages?

Well yes, there are over 4 billion web pages...

... but as Google index over 40 billion and they only index a small percentage of the Internet, I'm not sure what you were actually trying to say?

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020