* Posts by EnviableOne

2001 publicly visible posts • joined 28 Jan 2016

Feds probe alleged classified US govt data theft and leak


Acuity takes the security of its customers' data seriously

really, well obviusly not seriously enough...

HP CEO pay for 2023 = 270,315 printer cartridges


Or a panda stained in printer ink


AI PC no defined use case

Big Blue have been trying to find a use case for watson's AI for 20 years and still haven't found one to pay back the development costs

Record breach of French government exposes up to 43 million people's data


Re: This clearly breaks GDPR

not relevant data for the agency that processes unemployment

Article 5 1C of gdpr:

1. Personal data shall be:

(c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (data minimisation)

It's time we add friction to digital experiences and slow them down


Move Fast and Bloat things

for the sake of speed a lot of corners are cut that lead to vulnerabilities, sub optimal performance and security and privacy issues.

in the modern coding world (i hesitate to use the word programming) you pull in a whole library just for one function, you could write yourself in 2 minutes.

this bloats the application runtimes and adds all the complexity and vulnerabilities from the library to the piece of code you just "created"

this is why when people do things right, things become smalller quicker iverall and more secure.

see openvpn vs wireguard

also the tech industry really needs to sort its obsession with can we, and inject a momentary pause of should we in the conversation.

How governments become addicted to suppliers like Fujitsu


Re: Fujitsu rebrand

Fujitsu have their place in HMG as they bought what remained of ICL

Why do IT projects like the UK's scandal-hit Post Office Horizon end in disaster?


thats what bankrupt Marconi (Nimrod AWACS)


Re: Building software is hard...

8 out of the top 10 government salleries work for HS2 limited totalling a cost of £2.5Bn per year (pre pandemic) so god know what it is now.

this is why its taking so long and costing so much....

WTF? Potty-mouthed intern's obscene error message mostly amused manager


nah he was an ambulatory fuzzer, before such things existed


Re: Errors that *should* never occur

Screenshots for the win.

most of my never conditions are of the case event with three outcomes, does not equal 1 2 or 3

UK-US data deal could hinge on fate of legal challenges to EU arrangement


Re: Aw come on

but the onus is on the plantiff to prove the claims false in the us

wheras in the UK it is on the defendant to prove them true

So what if China has 7nm chips now, there's no Huawei it can make them 'at scale'


another idea

could it be possible that a country of 1.3 bn people possibly has someone intelligent enough to work out a method that doesn't rely on AMSL tech?

when Huawei were working at the bleeding edge with Kiran anyway...

Meta's data-hungry Threads skips over EU but lands in Britain


Re: Eh?

even in the USofA COPPA is supposed to protect kids right to privacy, just wish someone thought of the adults for once.


Re: Eh?

the thing is GDPR doesnt go far enough, and the ICO were part of the faction campaigning for it to be stricter, so being allowed to go our own way does not necessarily mean restrictions will be relaxed. The ICO were trying to give GDPR the teeth to make companies and board members criminally liable for data protection

Deloitte wins deal worth up to £100M for UK border platform


Re: Epic Chaos, General Chaos imminent

well they managed to do a really good job of track and trace ...

TCS bags £234M Teachers' Pensions deal as Capita set to end 29-year run


No need for expensive data transfer

TCS just have to wait for BlackBasta to leak all the Capita Info

Biden lines up $42.5B for US broadband boost


Ah the venerable Bede

perhaps a mistake of locality, but the ancient English monk came straight to mind when reading this sentence:

"Whether BEAD will be vulnerable" ...

the monk famed for his first-ever history of England would be amazed by even the speed his work would carry under the current system, but then again he died in 735AD

Supreme Court says Genius' song lyric copying claim against Google wasn't smart


Re: "the results were often character-for-character copies of song texts it hosts"

Elton John's: "Hold me closer Tony Danza"

The Beegees' "One Legged Woman"

Kids these days that can just google the lyrics, have been robbed of the fun...

it took me hours to work out the lyrics to "Gangsta's Paradise" by the late Coolio, and I'll never forget them now...

Microsoft rethinks death sentence for Windows Mail and Calendar apps


thunderbirds are go-ish!

time to dig out the venerable Mozilla project and see if it plays better with exchange online than it did on prem...

Palantir's deals with NHS England top £60M – without competition


they still dont get it

The FDP opt-out is not compatible with GDPR

where in order for your data to be processed, you need to provide informed consent, and deemed consent is not valid, as it was under the old DPA.

we need a UK version of noyb and consumer hero Max Schrems to take them on

EU boss Breton: There's no Huawei that Chinese comms kit is safe to use in Europe


Re: So, the Commission is looking to ban Huawei on security grounds

Except CIsco are nowhere in carrier-grade tech, Huawei's main rivals are Nokia (Finland) and Erricson (Denmark) with Samsung (SKorea) a distant third


Re: Following the series of links starting with the reference to Huawei backdoors...

Yeah, GCHQ's HSCIC said if there were backdoors in Huawei's kit, they were indistinguishable from the shoddy code in the rest of it.

The only reason it got banned in the UK is the US de-stabilised the Huawei supply chain, so the president's lapdog AKA prime minister used this as an excuse.

Singapore to roll out (literally) more Robocops


Since when has thta stopped anyone...

Segways, Watson, ...

US government extends software security deadline because vendors aren't ready


regulations also should address open-source software

JK right

all open-source licences confer no warranty that it is fit for the intended purpose.

if you are going to use an open-source tool, you need to ensure its security before you use it in your product, and if its broke, do the hobbyist a favour fix it and submit it.

Florida man insists he didn't violate the law by keeping Top Secret docs


Re: as did his aide Walt Nauta

Does that make the UK Texas?

Cisco promises to unify its net management silos in the next three to five years


Re: Best thing about fabric is…

Meraki is a lot better than you are making out, and Cisco's wireless is only still good, as they are absorbing the Meraki features.

The Meraki UI is great, its all plug and play and cloud configurable, none of the expensive site visit stuff, just get your average non-intelligent hand to plug the stuff in it picks up its config and it just works. deploying multiple sites, building a template and configuring everything just once. for retail/B2C-focused branch-heavy orgs like you seem to be working with it's simple to manage and just works.

I got out of DC networking when NSX came out, as it basically negates the need for anything more complex in the switching.


Re: "admins who work with Cisco are very familiar with"

Cisco Bought Meraki over 12 years ago, and have just started to ruin its UI with its own design elements.

Apparently, Meraki was supposed to be the cloud offering as its portal just worked, and cisco and UI design were largely strangers.

This what the third time they have integrated everything and about the fifth name change anyone else remember the Prime Suite?

I'll believe it when it happens...

although the Security Cloud is starting to move, basically its core is Secure X with a rebadge

British Airways, Boots, BBC payroll data stolen in MOVEit supply-chain attack


Re: SQL injection flaw

which is the entirely expected problem with agile methodology ("my bit works")

UK warned not to bother racing US, EU on EV subsidies


LFP is Lithium Iron(Fe) Phosphate, which has lithium, but no cobalt, in the cells, but a lower energy density.

Still doesn't discount the fact that shipping the components from around the world and extracting lithium and the various packaging materials and electrolyte chemicals, along with the clean-up of the ICE production process, means that over 10 yr service life of the battery, the difference between a Diesel and BEV is negligible.

Sodium-ion batteries have a lower energy density than LiFePO, meaning you need more of them too.

current tech is not there, the grid can't handle everyone switching to electric: there just isn't enough supply to charge on demand or the distribution infrastructure to fast charge at home. Hydrogen is coming along and requires less new infrastructure, when you look at its efficiency as a storage medium people tend to discount the fat an ICE is only about 20% efficient whereas a fuel cell is between 2-3 times as efficient, and most of the distribution infrastructure used for ICE fuels can be reused, along with cost, refuel times and ranges similar to ICE.

taking into account new tech like that produced by Viritech (currently working with Ford on the Hydrogen Transit) there is a lot that could be mainstream within 5 years

'Strictly limit' remote desktop – unless you like catching BianLian ransomware


Re: In other words: Best practice

problem is Best practice isnt all that common.

Compatibility mess breaks not one but two Windows password tools


its almost as if they have no testing or quality control

but they saving on headcount...

Ransomware crooks steal 3m+ patients' medical records, personal info


Re: Record Profits and Accountability

This reminds me of something that happened in Europe the letters GDP and R seem to ring bells...

Microsoft switches Edge’s PDF reader to pay-to-play Adobe Acrobat


Re: Could they just replace Edge ?

Trident (the IE engine0 is still alive and well in the chromium edge code, and works well for the $UnNamedChineseCompany CCTV cams my company loves to put everywhere, that still rely on an ActiveX plugin

WAN router IP address change blamed for global Microsoft 365 outage


Re: Network Switches Like the Heart of Gold's Onboard Computer

but no! you can't put the milk in first, it has to be Tea in first.

and sometimes milk is the wrong option, for the selected tea, black is better or occasionally a little squeeze of lemon...


Re: Waffle

why do you think companies employ Chief Incident Scapegoat Officers?


Re: There's always a fallback option

It's the perennial cost-benefit approach, the purse strings tend to open more when you can put things in $ amounts.

this $connection being down for $time costs you $$$$$, and if this happens during peak business it cost $$$$$$$$$$$$$$, and we have guaranteed it will be up for $9s

so simple sums if we spend $$ extra by building the system this way, we save the $$$$$$$$ on average and if the worst happens it will cost us $$ more, so saving us in the long run

if you want to disappear the risk entirely we can build it this way but that will cost you $$$$$ if the worst doesn't happen its a waste of $$$.

I spend my time trying to quantify the variables in those equations and have a drawer of reports I can bring out to refute any accusations...

JD Sports admits intruder accessed 10 million customers' data


Re: no payment information was among the mix

Mastercard and VISA are no better than the retailers, after all they are just processing networks.

FFS there are not even rate limits on transactions from the same vendor, or IP or even for the same card.

based on the "Card-holder not present" workflow, you can brute force a valid set of card details, as by mixing processors you can get incrementally more details, and the card network tell you not just that the details are invalid, but which ones are wrong.

but its all moot anyway, the details that were leaked are far more valuable to any miscreant than the card data would have been.

full address details, security answers and transaction details will get you full access to their credit profile and leverage for extortion...

Victims of IT scandal in UK postal service will get fresh compensation


Re: "has promised to pay £900 per claimant as part of reasonable legal fees to prepare their claim"

I had a QC charge more than that (£1200ph) to just be on a phone call and not even say anything

Citizen Coder? Happiness Concierge? Here come 2023's business cards


Re: You are Steve Bong

not that long ago, I had to manage a reputable estate agent (are there any) through selling a 10-bedroom house, as their in-house designed system didn't cater for anything over 6. the a week later a 45 bedroom £85m mansion came on the market in Guildford.

you'd be lucky to get 6 for £85m nowadays

OneDrive back on its feet, but ongoing Skype credit problem hasn't gone away


Re: Repeat after me:

the name Cloud is far too clean for what it is. It invokes pictures of white castles in the sky unassailable by mere mortals

when the truth is closer to

Dodgy Dave's lockup down the road with security cameras that worked at some point, the fire exit propped open for ventilation and some bloke saying your data will be safe if you pay them $ExhorbitantAmount, making it apparent if you don't it definitely won't be.

I prefer the acronym OPT (other peoples tin)

Brit MPs pour cold water on hydrogen as mass replacement for fossil fuels


Re: Vans and Lorries

the whole point of H2, as a storage medium is you can reuse most of the Petroleum infrastructure with a little modification, it's also a far more environmentally friendly storage medium than lithium-ion-based batteries.

the ideal situation is large offshore wind farms that are expensive to connect to the grid, use the energy generated to electrolyse hydrogen, which is stored locally, and collected by modified LNG tankers that take it to shore, where it is expanded and transported by pipe to distribution hubs, then in pressurised tankers to modified filling stations, for rapid transfer to vehicles, or in re-fillable hot swappable fuel cell units.

the technology is there, the problem is the petro industry need to get on board. there are viable solutions to the problems, the problem is you need another Telsa to prove them.

UK govt study says IR35 contractor tax reforms plain sailing for most


The study doesn't even look at the main issue caused by IR35

once deemed inside IR35 you are not a worker so not entitled to the benefits, but get taxed as if you are.

basically creating this sub class of indentured unprivileged worker, that the gig economy can take advantage of

US Air Force signs $344m deal for hypersonic Mayhem aircraft


Re: Expendable

I always go back to what the Airfield Fire team told me, their job is to get the pilot out because including fuel and training it costs more than the £100m+ the aircraft cost.

The other thing is the meat bag in the cockpit has the need to breathe and survive so anything over 6G is an issue

Doctors call for greater scrutiny of bidders for platform that pools UK's health info


Palantir might get your info, for 50% the TLAs already do

hate to keep harping on about this but:

EMIS Health was bought by UnitedHealth Group EMIS's cloud-based patient record system cunningly titled EMIS Web, contains about 50% of GP and community records.

if your GP app is Patient Acess, this is you and your records

UK bans Chinese CCTV cameras on 'sensitive' government sites


Re: Good idea anyways

the problem is for the price you can't get equivalent features, anything not from china, you are looking at 10 times the price, and when you have a paranoid employer with 50 cameras in each store....

BOFH: We're an industry leader … in employing idiot managers


Re: Have not found a way to set glass on fire.

I'm a big fan of PtF6 it oxidised oxygen and Xenon

Qualcomm teases custom Arm-compatible Oryon CPU cores designed by Nuvia


Patent troll complains when patent holder complains about their use of patented technology

Really? Pot meet Kettle

Qualcomm have been doing this to Samsung, intel et all for years

NSA urges orgs to use memory-safe programming languages


stop Blamimg C / C++

it's not C's fault people are using it for stuff it's not supposed to be used for

it's an ultra-low-level language designed for those applications, ie single core applications running at highly efficient speeds on highly limited resources, where you need to control the memory space and re-allocate it to get the required performance or capability from the limited hardware.

if you don't need to use C/C++ then don't use it, if you do, you make your trade-offs and know how to make it work for your situation.

Breached health insurer won't pay ransom to protect customers, warns of more attacks


Re: NHS?

Oh and EMIS health, now part of the United Health Group, has about 45% of NHS surgeries and 50% of community health notes...

UK government set to extract hospital data to Palantir system without patient consent


At least I have a new source of infinite electricity

Dane Fiona Caldicott (the former NHS data Guardian) is currently generating 1GW while spinning in her grave.

Who else saw this happening when NHS DIgital got absorbed into NHS England ...

this is definitely against GDPR, as Health Data Is "Special Category data," and very difficult to Anonymise, especially when you have a unique identifier like an NHS number or an uncommon condition.

As has been said above, this system is broken, you can see it in all the figures, the NHS got into trouble in about 2014, which is when the Lansley reforms of the Health and Social Care Act 2012 kicked in, it wasn't perfect before then, but it was better than this.

The NHS doesn't exist, its 2700ish organisations that get to put the badge on, that are all independent fiefdoms, which have their own boards (full of people on multiple 6 figure salaries)