Posts by Tony Pott

I bet there are intelligence agencies making offers for a copy of that data as we speak.

Wrong is what feels wrong.

At any job there's a line between acceptable screwing of the company and fraud. It's nothing you can define, but it's there, and most people would place it in roughly the same place. It's what feels wrong. Browsing the web when you should be working (and there's work to be done) is technically stealing time from your employer, but no-one would think it was 'wrong': just don't get caught. Having an entire full time job that you're doing in parallel, is on the other side of that line. I can't explain why, but it feels wrong to me.

I'm comfortable with the example of the guy who automated his job and played games: he's available if needed. That's just efficient use of time. If he'd had another full-time job that he couldn't put down the moment he was needed, I'd feel differently.

Stated another way

All the issues discussed flow from C running on top of a modern OS or on top of the hardware abstraction layer of the OS which is written in C, and a processor geared to servicing the needs of that OS. There it emulates a low level language, and is extremely useful doing it: so good, in fact that all modern OS's and their key libraries are written in C, and very few problems have arisen (the fact that it is possible to list named examples of problems illustrates how few they are). For every instance of a OS based system, there are a hundred embedded devices too small to require an OS, and the code there is written in C and it works on the bare metal.

The article (and the ACM piece it draws from) could more accurately be rewritten as 'C is vital to modern computing, and does it's job very well, but not perfectly.' Of course, this, while evidently true, is so evidently true as to be boring and unworthy of reporting. <troll> Much more interesting to report on the mitherings of the proponents of newer languages who don't want to do the work required to get their new toys to work well with existing infrastructure. </troll>

They'll be fine. The virus will realise where it is and slip away with an embarrassed smile. Even COVID-19 has standards.

Logic error

The presence of entries for dead people does _not_ suggest that the data is out of date. Rather, he fact that there are more entries than Ecuadorians requires that data must have been entered over time, and dead entries have not been purged.

"will be the world's largest optical viewing device mankind has ever built"

Please, please, please tell us about the larger telescope built by non-humans.

:-)

< sealing off those addresses previously associated with attacks. >

Which will be any tor exit node, thus killing the usability of tor to access uk sites.

'That, however, may be a matter for the courts to decide.'

Yes, I expect owners of illegal sites hosting CP to immediately sue ISP's if they continue to find their sites blocked.

Get real.

What could go wrong?

Big government IT, many DB's now reduced to a single point of failure. While this could be seen as a serious threat to civil liberties, in practice it will probably turn out to be very funny indeed.

Scott Lowe's article, bad link

The link under 'Scott Lowe' doesn't work: I had to go to the page source and copy the underlying URL.

This may be because my browser doesnt know what to do with 'herf': should that be 'href'? :-)

Industry standard not so secure

<quote>

Noticeably absent from Sony's update was the status of passwords used to log in to the PlayStation Network. Industry practices dictate they should never be stored in clear text, but rather should be run through a one-way cryptographic hash algorithm, which converts each string in plaintext to a unique set of characters that can never be reversed.

</quote>

In practice, a lot of them can be reversed by offline brute force. If one restricted oneself to trying to crack weaker passwords: lower case, 8 characters or less (which is a significant subset of normal users), and assuming a 20 byte hash value (sha1 for instance, expressed as an integer rather than a string). A quick back-of-an-envelope calculation tells me you can build a look up table of hashes of all possible combinations of this on slightly over 6TB of disk space, which can be had easily for ~£250.

Lower case and digits, 8 chars, needs about 82 GB, which if you're able to access other people's servers, is also attainable, and in a few years can be expected to become financially viable on your local machine.

From the point of view of users, the conventional wisdom of 'choose a password that even someone who knows you couldn't guess', is superseded by 'choose a long password, that you can remember, because threat comes from people who don't know you'. Your friends might guess that your password is mrmugginsthecat, but a lower case look up table for up to 15 characters would require 6.28E22 bytes, which will not be viable for the forseeable future.

Oh come on !

Are we supposed to believe that this is a bigger simultaneous reboot than an entire time zone turning on their machines when they arrive for work in the morning?? Every morning?

Bollocks.

Stupid

This is just bloody mindedness. I'm sure they would have no problem calling their child Foreal, which actually looks like quite a nice name.

How the mighty have fallen

Apple used to make good, reliable, products. Sadly, this has changed. Today their QA is rubbish. Apple won't get better while they continue to be their own biggest fanbois, since this makes them incapable of recognising that they, not their customers, are the problem.

Sad really.

...stare at the photo above while shaking your monitor.

or stare at the photo above while shaking your member should work too.

Someone has to ask the question:

Does this mean NASA will no longer be recruiting space cadets to train as astronuts?