My first phone only stored something ludicrous like 128 text messages. That gets you in the habit of clearing up regularly.
Posts by Killfalcon
671 publicly visible posts • joined 7 Jul 2017
'Bro delete the chat': Feel the panic shortly before cops bust major online fraud ring
Who is DDoSing you? Rivals, probably, or cheesed-off users
Re: DDOS attacks are getting shorter ?
I guess there can be lasting effects - stuff needing reboots, etc.
That said, the point of a DDoS is what the attackers wanted to do. The classic is "DDoS on a player in an online game", which only needs to last long enough for the attacker to win the game (or make the target lose). Maybe it's cover for another attack. Maybe it's just testing for a response. Maybe the intent is just to have the target "randomly" go down - do that often enough and it'll make their service look unreliable, costing them customers without as much publicity as a complete take-down.
Also, from what I've seen - some of them are just badly written web scrapers. Some %age of what cloudflare is calling a DDoS could well be people hunting for things to shovel into their LLM.
Why is Big Tech hellbent on making AI opt-out?
Even modest makeup can thwart facial recognition
It's not just Big Tech: The UK's Online Safety Act applies across the board
Coder wrote a bug so bad security guards wanted a word when he arrived at work
In my experience in Finance IT - stuff using column positions is old, often "voting age" old. Occasionally "kids have grown up and gone to university" old. That sort of thing can be expensive and risky to replace, not worth it if it's working right now.
It's bad practice now, absolutely, but that's because we tried it and found the problems. And hell, sometimes when it was written it was a good idea - saving on overhead in a dramatically less powerful machine could be the difference between a weekend batch and an overnight batch, or even the holy grail of "takes about 20 minutes, so we can test and re-run several times in a day".
It can be very context dependent. Generally you want to automate as much as you can - machines make fewer (and different) errors than humans, fixing things is a pain.
I work with pensions sometimes - we don't manually check the vast majority of payments, there's tens of thousands of them daily. We do check the batch size and totals, and there's a bunch of checks that pick out things over certain values to be reviewed. And then, of course, there's all the other bills - everything from stationary to train tickets to the cleaners and tax bills. There are always exceptions, someone will need to check those.
Your computer's not working? Sure, I can fix that problem – which I caused
Yes, I am being intolerably smug – because I ignored you and saved the project
FCC slaps Verizon with $1M fine for dropping 911 calls, again
Techie installed 'user attitude readjustment tool' after getting hammered in a Police station
And I thought I had trouble getting my computer desk (an ancient mahogany beast that probably belonged to a lawyer before it got to the British Heart Foundation) through the front door of this Victorian workman's cottage.
I won't lie, the speed with which the delivery guys got my front door off it's hinges was impressive. Faster than I could google how to remove a door, it was off.
Seething CEO shoulder surfed techie after mistaken takedown of production server
Re: Labelling production
It's such a silly seeming thing ("make production red"), but colour coding works astonishingly well. Even if you don't consciously notice it, opening the wrong environment _feels_ off.
Might be one of the best time-returns there is in terms of preventing downtime. Simple to implement, simple to explain, basically no cost at all.
I didn't touch a thing – just some cables and a monitor – and my computer broke
Re: Yeah, sure. Nothing changed. Pinky promise.
I've had some users spend so much time "trying to fix" a problem under heavy deadlines that they genuinely forgot having made changes.
They changed a thing that shouldn't matter (or ""shouldn't"", at least), it broke, they quickly concluded it can't have been that meaningless change, spend two hours trying other things, and only then do they call for help.
Most of my work was about data format and validation, so in the end I just made sure to have ways to quickly find out what changed, and set that running while the user explains what they think the issue is. So often it was dumb shit like "opened file in Excel, excel changed the dates formats when saving" - the user "didn't change anything", but it still broke!
...and yes, sometimes, the user just lies.
During Lockdown, I once spent half an hour trying to remotely diagnose why someone's monitor was "too green" before giving up, telling them it was probably the cable needing to be replaced. I later found out they'd dropped it down the stairs and were hoping the company would give them a bigger one when replacing it.
The company would have given her a bigger monitor on request.
Bad vibrations left techie shaken up during overnight database rebuild
An attorney says she saw her library reading habits reflected in mobile ads. That's not supposed to happen
Re: Can the game access the tablet's microphone?
I dunno. I feel like if there was audio-data tracking, someone would have found it already.
Phone microphones are not very good, so any 'hidden' tone they can pick up should stand out on an oscilloscope. Some audiophile youtuber would have tripped over it when trying to eliminate background noise, surely.
Also it'd require android's permission-by-app system around microphones to be broken, which, someone at Defcon would have cracked years ago.
Re: *Audio*books
The purpose of the targeting data is to get some advertisers to pay more for access to users the advertiser thinks will buy their product.
It doesn't exist to block ads you won't like. If you are in a demographic that spends a bunch of money on relatively specialised things, targeted ads can drown out the lowest-common-denominator bollocks, but if you don't look* like someone advertisers will pay *extra* to talk to, you'll just get the trash.
* 'look' here is in terms of google's algo assigning you keywords that the advertisers separately decide they want.
Hey, Reddit. Quick question. All those clicks on my ads. Were they actually real?
Bill advances to exonerate hundreds in Post Office Horizon scandal
My understanding is that they don't want to accidentally pardon any 'real' criminals, despite how their malpractice has made it nearly impossible to tell who they are. This means essentially re-trying all 900ish convicted sub-postmasters ""fairly"", which is slow and miserable.
Personally I think the appropriate saying is "better that ten guilty people go free than jail one innocent", but as we've seen time and time again the Post office is really big on saving face, and that appears to mean proving that at least *some* of their prosecutions were correct.
Oracle Fusion rollout costs 15 times council's estimates in SAP rip-'n-replace
Re: In my simplistic thinking...
"I just need it to replicate what the old system did, including the export to MagnusSheets97"
"MagnusSheets97 that went out of support in 2003"
"Do you have budget to replace MagnusSheets97?"
"No"
"Then your system needs to talk to MagnusSheets97. End of discussion"
*project manager adds another 20k to the budget to build yet another shim*
UK lays down fresh legislation banning crummy default device passwords
Rarest, strangest, form of Windows saved techie from moment of security madness
I have once been saved from an infinite loop sending emails because Azure Information Protection (a plugin that lets you mark office docs "Confidential", "Top Secret" or whatever) didn't let Excel VBA set the status on Outlook mailitems, so there was an error to click-through before the code could progress.
It should have! It worked with all other Office format documents I tried, but not emails. And while it did save me some bother with that email loop, I did still have to work out a fix. The fix was to create a new excel workbook, mark *that* Confidential, attach it to the draft email, wait a split second for AIP to automatically grade the email Confidential (because it inherited the sensitivity from the highest of it's attachment's), then remove the template, boom, email is marked Confidential and will send without further complaint.
About four years later (that'd be now), Microsoft finally integrated the feature properly. I only last week got done stripping out that dodgy workaround!
Judge demands social media sites prove they didn't help radicalize mass shooter
This is misunderstanding the stage we're at in the procedure.
So, there's a civil (not criminal) court case. A claims B did a bad thing, and would like recompense. B isn't saying they didn't do the thing, yet.
B claims that regardless of if they did the thing, they are allowed to do the thing under S230, and asks the judge to dismiss the case without a full trial. Logic is that there's no point asking a court to say if they did the thing if the law doesn't care if they did.
A lot of court cases end like this - cases that are obviously doomed are a waste of the Court's time, but the line for "obvious" is intentionally very low, rather than deny too many people a shot at justice. This is why you might see a lot of fuss about "anti-SLAPP (Strategic Lawsuit Against Public Participation" laws, that are meant to make it easier to dismiss lawsuits that are obviously being used to silence people for making public comments. Normally those go to trial and cost a lot of money to defend, regardless of merit.
Here, the judge has read the initial documents, and says "A's claims are plausible enough that we can't instantly dismiss this, B is invited to write more words to counter that, or wait for the full trial date"
That's where we are now. The plaintiff's case has survived a motion to dismiss [ie, end the case before trial]. B has been invited to write a fuller explanation, if they don't or can't, then there's a full trial, where both sides are expected to prove their case.
Job interview descended into sweary shouting match, candidate got the gig anyway
I used to work in an actuarial department, and they got fed up of being unable to tell what people meant by "good excel skills". Some people thought that being able to copy down a sumif was 'good', some people had got the hang of Index(match()) but 'struggled with nested IF statements after six layers' and so rated themselves as "okay". Genuinely, most applicants had no objective sense of how good they were with Excel, and that made it surprisingly hard to get the right people into the excel dev team.
They, by combining the knowledge of every excel expert they could find in a room of 140 math grads* employed specifically to predict the future of insurance policies, build a Test. It was like 120ish questions, with worked examples about different features in Excel, who they worked and when you might use them.
Literally no-one got full marks - Excel is too damn big. I'm proud to say I came closer than most, but it was the first time I'd ever heard of 'slicers', and honestly I've still not needed to use those since.
The test turned out to be incredibly useful for dealing with Dunning-Kruger issues in self-reported skills.
*I was not a math grad, but a math/comsci dropout who'd instead spent a decade as on-site support, fixing the Very Clever solutions the actuaries came up with on deadlines.
Lawsuit claims gift card fraud is the gift that keeps on giving, to Google
Re: To sum up ...
I think there's a bunch of technical, nitpicky law things in the way there.
1) proceeds of crime - most places don't actually have laws on that, weirdly, and when they do they tend to be very specifically written (I think the UK one is one of the broadest, mind).
2) stolen goods - turns out that if you personally walk into a shop and buy something with your money and give it willingly to someone, that's not theft. Morally, of course if fucking is. Legally, it's in a different bucket where the laws are written as much to stop unhappy customers from having the local grocer arrested. Fraud is different to theft, and modern anti-fraud laws just aren't built around this kind of thing.
Genuinely, this is an area that requires competent legislation. If someone can draft some legalese to make this sort of scam *into theft*, without me being able to get you arrested by mailing you a giftcard and faking some text messages, then it would suddenly become a *massive* problem for Apple/Google/etc that they were suddenly on the hook for a lot of this shit. That would probably incentivise them to do something about it, but I'm not smart enough to guess at what that'd look like.
Re: To sum up ...
Steam is a really common one too. It's a global distributor, so they can always find local buyers who'll buy a $10 steam credit for $5 and be very happy with their cheap games. Or they can buy games directly and resell the keys - supposedly some of the 'cheap' steam-key resellers get stock this way, but I would have thought that'd be traceable, but it is at least not an option with google/iTunes stuff that doesn't let you resell products.
If we plug this in without telling anyone, nobody will know we caused the outage
Re: Let's Check the Server Room Access Log
That's the problem with remote servers, you stop thinking of them as hardware in the first place. Even worse is "cloud" stuff where everyone remembers the decade old sales pitch of virtual machines being seamlessly passed between servers without ever impacting client experience, yet, inevitably, your "cloud application" has been running in a single unchanging rack in a single warehouse somewhere in Dublin for the last six months, and won't move without an outage.
Some Intel Core chips keep crashing, game devs complain
Self-taught-techie slept on the datacenter floor, survived communism, ended a marriage
FTC asks normal folks if they'd like AI impersonation scam protection, too
If Chevron goes, the American government falls apart with it. For generations, US law has assumed (under the 'Chevron' decision) that Congress can create an agency to deal with Something and have the agency handle the details around that Something. Almost all federal authority works under this auspice, and without it a lot of things all fail at once, from the parks to the post, from the ATF to the FTC.
Thar be safe harbor: Reddit defeats third attempt to unmask digital pirates
Please install that patch – but don't you dare actually run it
Re: Uptime
I worked with some simulation software that needed a dongle (thankfully USB, though we did have some older serial port ones) to validate licenses, but only at boot. Because the dongles went missing a lot, I once ended up spending an hour sharing a half-dozen dongles between thirty machines, booting then in batches, after a power outage took down the whole room at once. PITA, but I got everything back up and running before the important folk got into the office!
("Power outage? What about the UPS?" I hear you ask. Well, the power went out because the UPS caught fire...)
The spyware business is booming despite government crackdowns
Re: " The spyware business is booming despite government crackdowns"
Honestly, I'd guess that even Google will find people it can't track but really wants to. Rival companies, for example, won't be using google docs for their accounting, and so the corporate espionage world still has reasons to exist. It's risky, obviously, especially when staff can move between the giants freely, but it's certainly not unthinkable.
They don't need to steal my data, as you say they get plenty of that, but there's always gaps they'll want to fill.
Developer's default setting created turbulence in the flight simulator
UK lawmakers say live facial recognition lacks a legal basis
One person's shortcut was another's long road to panic
Re: Oops!
You can have too much of a good thing, especially if you're having to pay for it.
That's quite expensive when you're looking at terabyte processes, and has a high risk of being the reason runs fail. Back in 2010ish, my lot (finance actuarial stuff, generating hundreds of TB per year) were spending six figures on daily backups, and those ran out-of-hours to minimise the risk of trying to backup a file that's part processed, or accidentally lock a file that needed to be edited by the simulation software (etc). We did have on-demand access to the last 30 dailies, the last 12 month-ends, and last seven year-end backups, though, which was absolutely worth the cost.
Mars Helicopter Ingenuity will fly no more, but is still standing upright
Poor communication led to complete lack of communication
Re: Email flooding
You get some fun stuff with Actuarial modelling, if you stuff up something basic enough. Errors that happen for every month in your projection, for every policy - my record is a log file with 4.8 million error messages in it. Took twenty minutes to open the file with the tools I had at the time.