* Posts by Killfalcon

436 publicly visible posts • joined 7 Jul 2017


Meta faces lawsuit to stop 'surveillance advertising'


Re: They’ll be breaking the law

"Nothing changes until a rich man goes to jail", as they say.


Re: What about those who do not use facebook at all ?

It's an interesting hypothetical, but I've been using NoScript for years, and they haven't been doing that.

I assume there's a technical reason why, but most of the time web scripts don't spin up random domains (and almost never work by IP address). They might use a CDN or two, but even thought they could do so easily, it's rare to find a major player putting their code anywhere novel.

I think we can worry about that when it starts happening.

European Parliament Putin things back together after cyber attack


Re: Poke the Bear and get a reaction

Somewhere in the Kremlin:

"I'm sorry, Comrade Putin, but our strategic lectern reserve has run dry."

Just follow the instructions … no wait, not that instruction to lock everyone out of everything


You often see comments like "why was it even being done that way?Best practice is to..." by people who were taught best-practice in years that start with a 2.

Truth is that the industry has learned a lot, the hard way, and often old El Reg stories are about those hard lessons being learned.

Fujitsu to test robot datacenter inspector that – trust us – won't take your jobs


Re: Fujitsu's datacenter bot

Something moderately complex they can leave running for weeks to test out the 5G thingy.

Oh, great. By peering into twilight, boffins find 'planet killer' asteroids in our system


Re: Venus re-engineered?

I doubt it, though I'm not an expert.

Venus is almost earth-sized, and the rocks in question are smaller than the dinosaur-killer, which didn't throw off that much of our atmosphere (some, yes, and there's probably bits of dinosaur-era rock that ended up on the moon, but not enough to massively change atmospheric density).

Privacy watchdog urges companies drop emotional analysis AI software


Re: Terrible usage of software

in principle, you could have it learn from the best humas, and then it'll be better than most people.

However odds are that the trainign data will be tagged by the lowest bidders of Fivver or Mechanical Turk, so I'm sure that'll go well.


Re: Stupid buggers

The guy from the sales team said a lot of things that sounded like evidence.

Rent-calculating software biz accused of colluding with 'cartel' of landlords


Re: Intention is irrelevant

They have to have more to gain breaking it than staying in, mind! They can be very stable if everyone prefers a comfy life of profit to a gamble on winning a price war and everyone else is making profits too, so... what if they've saved a bigger warchest? It's a massive gamble.

There's a reason it's common to offer amnesty to the first member of a cartel to dob the rest in to the feds. Evey cartel knows that whichever one of them breaks first gets to keep the profits and screw everyone else. _That_ is a recipe for instability.

CEO told to die in a car crash after firing engineers who had two full-time jobs


Re: If you could work two full-time jobs simultaneously, would you?

"Quiet Quitting" is more about "If I am paid to work one full time job, why would I work unpaid overtime?".

It's about working to your contract, and nothing past that. If you're in a company/industry that's not been doing pay rises for a while, there's really no incentive to go the proverbial extra mile, so some folks just don't do things they're not paid for.

Prison inmate accused of orchestrating $11M fraud using cell cellphone


Re: Why can't they solve this problem?

Well, mostly it's illegal to install phone jammers in most of the US (where this happened), for a bunch of reasons.

Radio waves don't respect walls, and can go quite a way vertically - even if you don't have immediate neighbours, you'd have dark-zone cones over the place that messes with phones and some instruments in aircraft.

The whitelisted approach towers still needs to deal with other cell towers in range - remember you need to block inmates, but not your neighbours, passing motorists, etc. There will be "normal" cells in range of most prisons (you can tell, they have phone coverage).

The faraday cage thing might be more practical, but it may be an expensive retrofit. Probably cheaper over-all to randomly search the cells, since you're going to be doing that anyway for other contraband.

(obviously we'd have the same problems over here, but possibly worse given how often our prisons are inside major cities. If there was a jammer running in Cardiff prison, it'd be jamming the local magistrates court, as well as most of the town centre...)

Rookie programmer's code goes up in flames ... kind of


Re: Was the update deployed? Or not?? If so, When?

Presumably they knew that the guinea-pig store had been given the update.

I'm guessing the red flags were mostly "this entire store dropped off the system" and second-order impacts from that (batches failing instead of skipping the store, maybe).

Er, Musk's trial hasn't stopped, no matter what he told Twitter, says judge


Re: Is this just a stupid ploy to try to get out?

The might get into the realm of Clever Schemes, and those are, generally speaking, things that courts have seen hundreds and hundreds of times over the years, and will recognise. If Musk has competent lawyers, they'll be strongly warning against doing anything like that.

Reality is that people try to get out of this sort of thing all the time, the only exceptional thing here is the number of zeros on the cheques. Musk and his lawyers will have to work really, really hard to come up with a novel form of bullshit the courts won't have a standardised response to already.

Keeping printers quiet broke disk drives, thanks to very fuzzy logic


Sometimes if you want innuendo, you just gotta step up and stick it in your own endo.

Chemical plant taken offline by the best one of all: C8H10N4O2


Re: Better yet...

I once cleaned out an old desktop keyboard, and soaked the keys in warm soapy water - this worked well, except for the long, thin space bar, which developed a noticeable twist...


Re: Coffee as glue

One place I was in had the machines in little slings under the desk to maximise desk-space. As a result, I can confirm that spilt coffee will also glue monitor stands to the desk!

Man wins competition with AI-generated artwork – and some people aren't happy


A lot of expensive art is purely for the boast, like watches. A £35k Rolex is a very, very good watch, sure, but it's primary purpose is telling other people you can afford a £35k Rolex.

Obviously there's also speculative investments ("will this art resell later for more?") and speculative investment frauds.

This artist is a rising star! They sold a painting for 100k! And by that I mean the agent sold it to his holding company for 100k, so there's a 100k sale in the record...


Re: Understanding my cat

In my experience, cats usually have a "language" - or at least a phrase book - of meows that mean things. Usually this builds up over time as they connect noises they made and results achieved - smarter ones can be taught to use a soundboard.

The problem is that cats are not a hive mind, nor web-connected. There's no universal Cat Language, just noises each individual cat has come to associate with being fed, petted or whatever. One cat's "pick me up" meow might be the same as another's "dinner is 23 seconds late.

Salesperson's tech dream delivered by ill-equipped consultant who charged for the inevitable fix


For a few years, half my job was re-writing stuff made by consultants who weren't exactly beyond contact, but that management had a strong policy to never contact again.

On the one hand, it is always easier to rebuild than design from scratch, but on the other hand - you should not build seventeen nearly-identical modules for handling client surnames (based on which broker submitted the business).

Found that one out when one broker file would not go through, because while it was fine disambiguation "Mr & Mrs Smith" it choked on "Mrs & Mr Smith".

Goodbye, humans: Call centers 'could save $80b' switching to AI


Re: Eels and hovercraft for the win!

I got a scambot call yesterday, claiming to be "calling back about the issue you raised to the housing officer".

Naturally, I elaborated on the vast amount of cheese that had piled up against the south wall. I'm reasonably sure it huge up in about the same time a human scammer would have done.


Re: Might have one advantage

The keypad thing is tone based: try yelling "boop" in different pitches until it takes.

Doctor gave patients the wrong test results due to 'printer problems'


Re: Anecdote

The worst I've run into, untangling accounts for a pensions company, was a married couple that shared an address (naturally), birthday and year (married couples are often about the same age, this is about a 1-in-2000 couples thing), shared a surname (pretty common for married folks) and... the same first name (Alex) and initials.

Made sure to put a note on that saying to triple-check the full name if either ever wrote in for one of the big D's (Divorce, Death, or Default), to avoid sending anything really insensitive out.


Re: a sensible explanation.

This. If the users stop making the daft mistakes, they'll have time to get to the really clever ones.

You'll always have a role, the only difference is how boring it gets.


One place I worked at migrated their on-site servers to a nice datacentre someplace else.

The waste heat from the chillers had been used to keep one half of the office warm, and turning all that off nearly froze accountancy.


I used to work with actuaries. Like, seriously smart folks - every last one had a 2.1 or better degree before they even started the actuarial studies. Their job was entirely problem solving and math-wrangling on short deadlines.

Yes, they made some *ridiculous* mistakes - I more than once "fixed the macros" by clicking the bright yellow 'Enable Macros' button. But... everyone has off days. Anyone can overlook stuff, especially when in a really stressful environment.

You can never have too many backups. Also, you can never have too many backups


Re: Saved by the backup

In small firms, sometimes there is no HR.

I'd still have checked for an Out Of Office, at least.


Re: A maze of twisty little backups

Delta.zip is, of course, a summary of the changes between Alpha.zip and New-tuesday.zip.


Re: Hardly on topic

10 PRINT "Hello world"

20 GOTO 10

Yeah, we'll just take that first network handshake. What could possibly go wrong?


Re: The guiding principle

And yet, people to this day make Tetris games that overheat CPUs literally thousands of times faster than the original gameboy.

Premature optimisation is bad, but inevitably anything left to the end of the project is cut for time.

Sage accused of misselling perpetual licenses it knew would soon be obsolete


The audit business model depends on having one solution they can apply to every customer they have.

If someone says "we need you to switch to..." they'll lose money trying, so will just prefer you go find another auditor, if they can't persuade you to stay with their platform. Really not flexible at all, and an absolute pain to run into.


The number of times I've seen "if we do _this_ we get the same/better service for less money" become "we get an utterly inadequate service for much less money, and the PM gets a bonus for saving the company money"...

Worst was the time they nickle-and-dimed down a cloud storage solution to the point we didn't have any backup/rollback service at all. We ended up having to go back entirely to on-premise storage because it turns out we were legally required to have said backups. I still don't entirely understand how that went so badly.

Lapping the computer room in record time until the inevitable happens


Re: Green energy

Only in the highly realistic simulator known as "Timberborn".


Re: Green energy

Those giant wheels aren't terribly efficient, a lot of energy goes in just making them move, friction on all the rollers they need to hold that much weight.

Do it with exercise bikes and have a high-score chart, IMO.


One place I worked (an HMRC warehouse full of forms - P45s, tax returns, etc) did in fact have a Playstation hidden behind some pallets, but they mostly used it for a FIFA league, and raced pallet trucks down the main aisle.

Tim Hortons offers free coffee and donut to settle data privacy invasion claims


Re: I listen to the best music...

Dusty Rhodes was a pro wrestler. Damn good one, too.

What are server makers really doing to and for the climate?


In theory, it's to recognise that you can't make your stuff greener than it is, so instead you find someone who's significantly greener and give them money so you can take credit for their savings.

It's a way to incentivise being greener even when you're in an industry no-one pays attention to, or even promote new businesses to setup specifically to run carbon-sinks or whatever.

In theory. I've no idea how well it's running in practice.

Being declared dead is automated, so why is resurrection such a nightmare?


Re: Yeah, and

It's more likely to do with risk.

A new hire doesn't have drive access? Well, sucks, but they can do the orientation slides or something. Forget to pay them? Manual payment can cover that without anyone being harmed, using the same processes that you run to do all your expenses.

Someone leaves and still has access to confidential documents? That's much more worrying. And accidentally paying them too much, well, you can get the money back, but recovery isn't free - god forbid they go out of contact or otherwise force you to go to legal action, and you have to pay court fees and lawyer's rates...


Re: Yeah, and

I remember when I was a student in shared accommodation (in fairness, that was a while back now), and having to change the name on the bills when someone moved out was often *astonishingly* painful, despite it being a thing that happens all the damn time. You'd think changing between family members would be common too!

The one exception was SWALEC, where the guy taking the call actually lived around the corner from us. Absolutely flawless service, took minutes to do.

(at the far end of the range, I once struggled to explain to Virgin Media that "Mr The Occupier" wasn't a real person)

Dev's code manages to topple Microsoft's mighty SharePoint


A friend of mine made a living for a few years as a consultant, going to companies and unlocking their excel worksheets for them. Aside from that particular trick, depending on the Office version you might be able to find/overwrite the password in the file with a hex editor, or up until Office 2010 you could just have a macro guess the password.

Their hashing was not great, so you'd get collisions all over the place, usually you'd find a 6-character string that would be accepted.

A lot of companies have critical stuff sat locked that was build by someone who's left the company. It works, but until they need to change it they just don't really realise how much trouble it is. and provided they actually own the file, it is legal to crack the password, and software can be found to do so.

Myself? I need a very good reason to put a password on stuff. I don't often deal with critical customer data, and the main use for protected worksheets is "stop me accidentally breaking something", so why set a password?


Re: Exchange

I've seen regular LAN folders go over name limits for just that reason, but the worst was when a manager renamed a folder from "AR Department" to "[Manager's full name] - Manager of AR Department", causing all manner of chaos down the file directory tree.


So, not that long ago, I found a bug in the office 2010 VBA editor. It wasn't quite as bad as a hard-cap on lines, but, in essence - too much code could crash it.

I was working with this horrifically complex macro - basically an entire application that happened to use Excel as a GUI. Periodically the users would ask for new functionality, and I'd be tasked with updating it (I assume in a past life I was a terrible sinner). VBA isn't hard to work with really, and this monster had a built-in error-stack, good naming conventions, lots of comments, pretty much the ideal for a gigantic excel macro, if such a thing has to exist! And it was oh so functionalised, no repeated code, lots of tiny sub-functions being called whenever that would have happened.

For some reason, it crashed a lot, but only when being tested with the VBA editor open.


If I closed the VBE window and just clicked GUI buttons, it worked fine! But I couldn't so much as run a test function with the VBE open, lest it hard-crash to desktop. After a few times of re-typing the same changes, the first thing I did was make sure it saved itself before doing any tests, in case I forgot, and then I went digging in the (online) manuals.

Turns out that because VBA has access to the entire Office object model, that includes _the VBA editor itself_.

So now the code checks to see if it's being run with the VBE open, and if so, it closes the VBE window to re-open either at the end of the process or if the error handler is invoked.

Amazing the lengths we can go to to avoid re-implementing decade-old excel macros in a better behaved language, eh? Still it pays my bills...

Getting that syncing feeling after an Exchange restore


Oh, this was all good natured joshing. He was well aware of the reality, and thought I'd find the way the spreadsheets broke down the costs funny (and I did).


Due to an unfortunate combination of access rights and fat fingers, in one prior job I was one of the only people to use a particular backup service - one we'd specially commissioned due to the value of the Actuarial data involved.

Because I knew how to request the backups, I was sometimes asked to raise a ticket for someone else when they needed it (which meant the restore ticket was in my name). This worked out pretty well - I knew exactly what the restore team needed to know, and that meant the tickets got done quickly, which made people happy.

So, anyway, one day the service manager turned up at my desk and informed me, in a very good natured fashion, that I'd 'cost' the company over 200k. How?

Because out of 20 uses of that backup system over 4 years, 18 had my name on the ticket, so the cost-breakdown sheet assigned it all to my user ID. The backup regime cost us that much because, well, it was 2009, and daily backups of hundreds of terabytes weren't trivial...

This is the military – you can't just delete your history like you're 15


Just like safety rules are written in blood, financial controls are written in red inked bank statements.


So often, it's the overly-complex hiding the tracks that gets people caught.

There was a manager at a big insurer (er, let's call them Celtic Bereaved) back in the 90s who was just writing himself cheques from the company, and approving them. Due to the volume of cheques moving around and the trusted (at the time) position he was in, this wasn't caught, and the final investigation confirmed that if he'd just kept doing that he'd never have been caught! If nothing else, these payments were so regular that anyone who might process them would just see them as "another one of those" - completely routine, and not suspicious.

What got him caught was he started moving money around between other accounts to 'disguise' the payments, and one day one of these cover payments attracted a desk jockey's attention as being a bit odd, asked a few questions and before you knew it, manager's in handcuffs and the board are setting up a team specifically to audit managers who have the authority to both raise and approve payments.

Large Hadron Collider experiment reveals three exotic particles


Re: Why is it so complex?

It possible there are simpler, and more complex, ways to organise a universe. They may even exist!

But we're in this one, and can't easily compare what other options might exist. It's like a little kid from central London wondering why they don't live on a farm. They just _don't_.

NOBODY PRINT! Selfless hero saves typing pool from carbon catastrophe


Re: aaargggh!

HSBC's international banking parts have a copy of my signature on file, so they can compare it when I sign things.

The _only_ way I sign anything related to them is via their website, with a little 2FA fob thingy... except for the one time I signed a thing so they'd have a copy.

You need to RTFM, but feel free to use your brain too


One place I worked was going through a lot of workflow improvements, and was pretty good at keeping the documents up to spec, but... sometimes the document updated had a very strange idea of how linear time works, with notes *after* defunct sections.

The worst was one where step 34 was "steps 7-33 have been automated and no longer need to be performed". It wasn't even highlighted, so it was easy to miss if you checked the docs before starting.

Took over an hour to do those steps, too, so while I was glad to not need to do them again next quarter, it stung a bit to have wasted the time.

The perfect crime – undone by the perfect email backups


Short answer is that the answer is often yes, but sometimes no. And if your backups are only kept a short time before being replaced with newer ones, the issue is moot.

Where it's a no, that's usually covered under "valid reasons for processing" - like "we can't use your data for anything right now, but there's a process to recover it if the police/HMRC ask for it, and we're required to be able to do that".

Note that not everyone has those obligations - the rules for healthcare and finance are very different, f'rex. The GDPR is built to flex around such rules and laws.

Plot to defeat crypto meltdown: Solend votes to seize, liquidate whale account


Re: Bandwagon

Someone already made Ponzicoin.

No, really.