Posts by ExampleOne

Re: What I said in February 2022 on the Computer Misuse Act ...

Schifreen adds that the deterrent aspect of the initial Act simply isn’t working, as evidenced by the continued rise in cybercrime. “It’s unlikely that increasing the penalties or tweaking the wording of the Act is going to stem the tide,” he said. “Far better than reforming the CMA would perhaps be to give some more resources to Action Fraud, so that they can investigate and prosecute more people. This might then act as a real deterrent.”

Perhaps we should simply ban the use of "no liability" licenses in commercial paid for software.

If a civil engineer builds a bridge and makes a mistake leading to failure and fatalities, they can expect to get dragged over the coals for the mistakes. Why do we so casually let software engineers off the hook?

Re: But... driving licences

I think the difference here is the LEOs are using FRT to find matches and associated information for those matches. I assume in the DVLA case, the DVLA already have all the associated information and just want the picture to print on the plastic.

Re: Very interesting.

The logic is that the password is a point in a suitably vast space. Exhaustively searching that space takes time, lots of time. Potentially years of time. Everytime you change your password, an attacker has to effectively restart their search in case your new password is in the already searched space.

This assumes an attacker is carrying out a dumb exhaustive search, which in practice targeted attackers won't do. There comes a point where kidnapping you, drugging you, and beating you with a wrench until you tell them the password is cheaper than simply brute forcing it!

Re: depends on the use case

The current price for spinners is around £20/TB for the largest ones. The price for a 60TB SSD is around £6000 or £100/TB. That is current prices for those SSDs.

Give it another 5 years and presumably they will drop in price. I am not convinced HDD prices will drop as fast, narrowing the price gap. At some point SSDs will overtake spinners on the price metrics.

And yes, I agree tape will continue. The problem for spinners is their niche is slowly shrinking as cheaper SSDs narrow the gap to tape.

Re: 15,000 spare seats

Or MS asked would they renew their 365 subscription with a new bundle that includes copilot.

Re: I'm Bearish on "The Cloud" in General, But ...

Even more importantly, no startup in its first couple of years of operation should be making financial decisions based on 3 or 5 year time horizons. 3 and 5 year horizon problems are firmly in the nice to have category when the average life of a startup up is below 18 months.

Re: Criminal Offence under subsection 3?

I doubt the CPS will take the case though.

However, UK law does allow for private criminal prosecutions, though they tend to be rare. This could be a fun one to try and crowdfund!

Re: A Mess

For Ubuntu I would need to hand feed 50 laptops, at the minimum I would need to run scripts at certain parts. But for Ubuntu I would have no idea how I could do this for a machine that is being delivered to someone's house 200 miles away.

The important bit here I have bolded.

What you are telling us is you know the MS tools, but don’t really know the Linux tools. Allowing for this, I completely agree Windows is the better choice for you.

Other people, with different skill sets, will draw different conclusions.

Re: I agree with the majority of the article...

It may be an unpopular stance, and not what you want to hear, but if you are that heavily invested in photoshop and it is a business tool for you, probably your best and only viable option is to pony up the money to Adobe.

Which is just the way Adobe like it. The writing was on the wall about this when they first introduced their subscription licenses!

Re: Microsoft makes keyboards?

In general, MS peripherals are, or were, pretty good. Mostly terribly boring, but that is what made them so good.

I have even heard people making informed defence of some of their mobile hardware. The problem here almost always was the software!

Re: "sued yet again by shareholders"

The article seems to imply, in this case, they are suing the board rather than the company with the proceeds going to the company. This seems a reasonable scenario to allow.

SteamOS?

“Promoted” being the most important part of that comment regarding scaling. When I was working with AWS, the documentation made clear that auto scaling measured response time in minutes or tens of minutes, not seconds or milliseconds.

Depends on the checksum you use, but the md5sum of zero is NOT zero.

$ md5sum <(echo 0)

897316929176464ebc9ad085f31e7284 /dev/fd/63

Re: Can't help feeling

The article seems to be saying it allows the CPU to ask for that, not that it is putting that through the CPU unasked.

If this is correct, than I think it is safe to say the CPU is defective. I do wonder if OEM systems exhibit the same behaviour though, because if they do, this would provide a very obvious avenue to really hurt the OEMs by burning out the CPUs while under warranty.

Re: Problems and solutions not welcome

DLUHC could (and should) make this happen by offering the budget for the resources to define the process - in return for a cast iron agreement to adopt them from participating councils. This won't be easy or cheap, but nationally there's no excuse for hundreds of completely different systems and processes.

Most councils will see this as a recipe for getting forced onto a solution that is not fit for purpose and would run a mile from it. "Cast iron agreement to adopt" an unknown solution is an incredibly risky commitment to give, even if they actually trust the DLUHC.

I think they already have been warned, what we are seeing is the start of the process of actually fining them. A process that is going to end up in a court room, so they need to do their best to make it legally watertight.

Re: "We have received requests"

Which is to be expected if they have genuinely passed IP68 certification testing, but in no way invalidates the contradiction between claiming waterproof status while excluding water damage from the warranty.

It won’t be a popular point, but… if the reported gain in productivity of 40% is correct, this is the single best investment they could make.

Doing some basic math, $39 per user per month is break even for a developer being paid $1000 a month if it gives a 4% improvement in productivity. They are claiming a productivity boost 10x that. Though it isn’t mentioned, I suspect they are using developers paid a lot more than $1000 a month.

Re: Screw the Hoi Polloi!

Run a cable across the pavement? So who is liable when someone trips over the cable? We may not like the reality we live in with ambulance chasing lawyers, but it is a bad idea to ignore it when formulating national policy.

Ok, so you dealt with the lawyers… how about the copper thieves who come down the street in the middle of the night and steal all the cables?

Or the pram pushers trying to push a pram along that pavement? Are we really convicnced that making pushing prams and pushchairs difficult is really a great policy?

Re: confused

They lost against Apple because the judge ruled that the iPhone App Store was not a monopoly because the market should be defined as all smartphones.

The jury here have decided that Google Play Store is a monopoly, which at least implies they disagree with the Apple case judge on the question of how the market is defined.

Re: like video games localization

Is a wine/proton port a "native port"? I suspect for the ideologues, it isn't.

My take is that an officially supported wine/proton port is effectively a native linux port of the game, so long as the developer is willing to commit to addressing issues that arise only on wine/proton. I don't dictate the game engine, why should I refuse to accept a usable stable set of libraries over the API they speak?

Re: The title is no longer required.

Except the European Commission, by entering Apples own marketing material, turn this argument into “if it works, you face prosecution across the EU (and beyond) for false advertising”. Add to that, anyone who bought an Apple device since the false advertising now has a case against Apple as well.

So yes, there may be a 1 in 1000 chance it works, which is better than a 0 in 1000 chance, but that only holds if you ignore the risk of it backfiring.

This looks a spectacularly silly argument to advance.

Re: Translation

Yes, for a tiny minority of people, this is a feature worth paying a premium for. But it is a tiny minority. Most phone OEMs probably would prefer to wait for a working standards based solution than invest any effort into integrating a solution the overwhelming majority of their customer base don’t have care about. Once the working standards based solution arrives, they do the work, and they can be reasonably confident that work won’t be hostage to a single vendor.

Re: MS is a monopoly

The depends on how the market is defined.

The fact someone can choose to opt out of a market completely does not mean that market can't be a monopoly.

Re: OED

Transformative, possibly, but surely all the LLM output is derivative work of the training corpus?

The company tried to insist on arbitration, won, and got upset when the class retaliated by using an automatic arbitration filing system.

The company then went to court to try and set aside the enforced arbitration process in favour of a class action. The judge was not amused.

The potential problem is not the with-holding the code, it's terminating subscription agreements for of end users who exercise their GPL rights. This is basically exactly the same legal argument advanced by GRSec, and it was called out as GPL violation then. Why is it not being called out the same now? Or were all the claims then FUD?

Truthfully until this particular model is legislated, we won't know if it breaches the GPL. If it IS legislated, and it DOES breach the GPL, RH and IBM are in a massive world of pain, as anyone who contributed anything to any GPL component of RHEL would have standing to sue. Including Oracle and Microsoft. Essentially, this is potentially a massive gift to those opposed to Linux.

Re: It's in the employment contract

It does happen.

I worked for a company that had an office move constrained by staff pointing out that moving office was a material change to their contracts.

Re: Bug/Vulnerability or just bad implementation?

But Google should not be trusting the message headers.

In the scenario you outline, MS have allowed an account to relay for a sender domain that is not validated to the account. This would be a problem in O365, as it allows any customer to masquerade as any other customer!

Now we can argue that Google should have rejected because the DKIM signing key was wrong, but that is a problem with DMARC or BIMI, but if the policy is “one of two”, you can’t fault Google for correctly applying a one of two policy.

Re: Wouldn't this require

While the law of the land might not, in the U.K. at least it would probably fall foul of the FCA rules of conduct, especially if he is lying to do so.