* Posts by sbt

675 posts • joined 9 Aug 2017

Page:

Top engineer who stole trade secrets from Google's self-driving division pardoned on Trump's last day as president

sbt
Alert

Re: Good idea in theory

Almost 3 months is a bit long to be in caretaker mode (if the conventions are to be usefully limiting); lame ducks aren't very useful. Imagine if COVID-19 had arrived 12 months later as COVID-20?

sbt
Thumb Up

Good idea in theory

But it's awkward to formally constrain the authority of the executive for almost three months after the election.

The real answer is to shorten the period between election and swearing in. That would also require some reforms to how elections are administered and avenues for disputing results.

Other countries have caretaker conventions for the brief period between the election and handover, which is fine when it's only a few days. There's an understanding about what significant military/legal/financial or regulatory activities are off-limits in that period.

It's not like you now need weeks to travel overland to the capital on muddy roads by horse and cart. Time to modernise!

To plug gap left by CentOS, Red Hat amends RHEL dev subscription to allow up to 16 systems in production

sbt
Meh

If they really thought this would help ...

... they should have announced it before the changes to CentOS.

Doing it this way suggests this is a reactionary PR exercise to try and claw back some of the defectors to alternatives/forks. Probably too late for many.

Vatican absolved of one financial sin after revelation of data discrepancies

sbt
WTF?

They had one job...

This is hopeless. What are they doing if they can't accurately report transactions? Why aren't they checking and re-checking intuitively doubtful amounts?

Cisco drags Acacia toward court to keep stalled $2.6bn acquisition on track

This post has been deleted by a moderator

Crowdfunded Asahi project aims for 'polished' Linux experience on Apple Silicon

sbt
Coat

"The name comes from the Japanese name for the McIntosh apple"

Strange name for a beer, then.

Old hand at NewCo: IBM re-hires former CFO to run soon-to-be-spun-out Global Tech Services division

sbt
Meh

Nobody ever got fired for buying from a former IBM subsidary ...

... just doesn't have the same ring to it. Seems like they're squandering the brand value; if it's unprofitable in the fold, how's it going to go outside?

Trump silenced online: Facebook, Twitter etc balk at insurrection, shut the door after horse bolts and nearly burns down the stable

sbt
Headmaster

Real school, not book school, for a few minutes, at least

I think it was that time he said he'd been to 'real school, not book school' after contracting COVID-19. But maybe it doesn't count as a finest hour since I think he reverted to downplaying the virus before 60 minutes had passed.

He's back on Twitter, anyway. It's just virtue signalling for these social media platforms which still won't give up the 'clicks' unless they're made to.

Failed insurrection aside, Biden is going to be president in two weeks. What does it mean for tech policy?

sbt
Unhappy

Any real reform will fall to the filibuster

Joe Manchin will not allow its abolition.

Oh well.

Deloitte's Autonomy auditor 'lost objectivity' when looking at Brit software firm's disputed books, says regulator

sbt
Holmes

He who pays the piper calls the tune.

There always seems to be a conflict of interest when the auditors are employed by the audited. Perhaps we need a pool, or term limits?

United States Congress stormed by violent followers of defeated president, Biden win confirmation halted

sbt
Facepalm

Some credit

Have standards really fallen so far?

Few of the fake news crew seem shy about posting their bs all over. It's no point of pride.

Trump had his days (many days) in court and got precisely nowhere. When it came to testifying on oath, nothing; it was all theatre for the press and 'hearings' where the rumours flew unchecked. But the Kraken turned out to be a myth. It's just graceless, sore losing at this point, except that a woman is dead.

At least the same loss of support that BLM suffered when violence broke out will happen to the PBs and co, now.

sbt
FAIL

Can't see the camel any more for all this straw

I did think the other day when Trump's phone call with the Georgian SoS was published that some conservatives and Republicans would seize the opportunity to put some distance between themselves and the more incompetent, venal and unsympathetic extremes that Trump embodies. But having done pretty much everything short of standing in the middle of Fifth Avenue and shooting someone, it's apparent his supporters and enablers have no shame for him, or themselves.

They need to find some if America is to survive in any meaningful way. Today's rally may narrow his base a little, but it's still far too big.

U-U-turn: New York Stock Exchange backtracks on previous backtrack, will de-list China's biggest telcos after all

sbt
Devil

So someone 'important' wanted an opportunity to exit before the price drop was locked in?

I'm being too cynical again, aren't I?

Maybe some would be reassured by Hanlon's razor, but really all this stupidity, disorganisation and incompetence in governments is creating a real end-of-the-empire feeling about modern democracy.

'Following the science' rhetoric led to delay to UK COVID-19 lockdown, face mask rules

sbt
Angel

All science can do is inform us, or Hume's Law.

People seem to have forgotten that it's a method of finding facts by testing hypotheses, not making decisions. People seem to have forgotten about Hume's Is-Ought Problem or the naturalistic fallacy.

If the politicians ever say, "We should be guided by the philosophers", I'll fall off my chair.

Dell Wyse Thin Client scores two perfect 10 security flaws

sbt
Facepalm

Perfect 10? It goes up to 11. The stupid, that is.

I wondered why TF the clients needed write access to the server and it wasn't explained in either CyberMDX or Dell's reports.

In the referenced Thin client reference guide, however, reveals all (p. 7, my emphasis):

7 {username}.ini Files must be Write-Enabled

All {username}.ini files must be write-enabled to allow the thin client to place the encrypted user passwords in the files.

At that point, I stopped reading.

Just let this sink in: Capita wins 12-year £1bn contract to provide training services to the Royal Navy and Marines

sbt
Devil

They've certainly learned how to make money

The only clever part here is how the private sector has undermined recruitment into the forces, and then cleaned up on the necessary outsourcing to plug the gaps.

Or am I just being to cynical again?

HP bows to pressure, reinstates free monthly ink plan... for existing customers

sbt
Devil

Lifetime of said printers

Maybe I'm too cynical (and not trying to give the buggers any ideas), but I'd not be surprised to overhear in a Palo Alto corridor a suggestion they could "subtlely hasten the end of the printers on the plan by reducing head cleaning operations. It'll save ink and costs, after all. If that doesn't work, start thickening the ink".

If the Internet has taught us anything, it's that it's almost impossible to get folks to pay for something they were given for free (more than once).

Right-to-repair warriors seek broader DMCA exemptions to bypass digital locks on the stuff we own

sbt
Pint

A toast to all the public-spirit organisations and individuals ...

... who undertake Sisyphean engagements with governments and bureaucracies despite their Kafkaesque natures and try to balance well-funded corporate interests.

No point having 'fair-use' rights if there are no practical, legal means to copy.

Marine archaeologists catch a break on the bottom of the Baltic Sea: A 75-year-old Enigma Machine

sbt
Thumb Up

That's pretty good sonar...

...to pick up an object of the Enigma's size.

China unleashes fearsome new cyber-weapon: A very provocative meme

sbt

Your Google-fu is terrible

Come on, the top completion suggestion in Google for "Australia Afghanistan" is "war crimes" then "war crimes report". Google News has 1.7m results for that string. You're not going to get any meaningful news results just searching for one country name; there's too much going on.

sbt
Thumb Down

Re: Hypocrisy with Chinese Characteristics

No, because this 'art' made light of the plight of the victims in order to score political points. There has already been international coverage of this scandal, as there should be; it is most definitely newsworthy and we shouldn't be sweeping it under any rugs. That's not an excuse for the trolling.

sbt
Meh

Hypocrisy with Chinese Characteristics

Really, the Australian Government should have ignored this obvious trolling. The CCP's long history of double standards when it comes to human rights, foreign investment and even racism is no longer newsworthy. No regime with that much censorship can argue its legitimacy with a straight face; if the CCP and Winnie are so fantastic, they should able to stand a little dissent. Hong Kongers would be enthusiastic about closer ties to Beijing. It speaks volumes that any time the question of real freedom arises from Tianamen onwards, they're found wanting.

I'm just sorry for the distress this 'art' and the related international media coverage may have caused to the Afghan people and the families and the victims of the war crimes in the report.

Compsci guru wants 'right to be forgotten' for old email, urges Google and friends to expire, reveal crypto-keys

sbt
Holmes

Re: you are just an old git

I'm like a dictionary; descriptive, not prescriptive. Doesn't mean I can't lament the blandification of language, where so many today 'was like', instead of 'exclaimed', 'said', 'cried', 'moaned', 'murmured', 'expostulated', etc.

sbt
Headmaster

"sooner or later you will get crimed on"

Too late, alas, for the english language; it is already particularly victimised by the tech fraternity.

EncroChat hack evidence wasn't obtained illegally, High Court of England and Wales rules – trial judges will decide whether to admit it

sbt
Alert

Re: Openly intended for criminal use according to whom?

No down thumb from me; fair question. Naturally my original comment is predicated on the claim being true; It was made by both the prosecution and the NCA; no counter-claim by EncroChat or it's users was reported (perhaps for obvious reasons).

If it's not actually true, then I would withdraw my support for this approach, just as I wouldn't support general TLA cracking of Signal, Tor, etc, since these clearly are not the means of communication of 'solely' criminal gangs.

That said, I'm not sure the disjoint between subscribers and arrests need signify anything other than that TPTB haven't caught up with all the wrongdoers as yet. The number of reported arrests has grown by ~250 since the June report.

sbt
Go

It's important this is done openly

... but I can see the argument for letting evidence lead to suspects rather than always insisting investigating suspects leading to evidence. After all, where do you get your suspects from? It's a police state if you always start with the suspects and not the criminal activity.

There's an important and fundamental difference between blanket surveillance of all comms in the hope of finding criminality and the targetting of a specific platform seemingly, openly intended for criminal use; it seems to be of the same kind as an investigation or hacking of say, child abuse sharing servers on the darkweb, leading to identifying the users and operators who would not have otherwise been under suspicion.

Also worth noting that the individuals charged will still be able to make representations about the admissibility of the evidence adduced in their specific cases. I think they have the balance right here.

Swiss spies knew about Crypto AG compromise – and kept it from govt overseers for nearly 30 years

sbt
Childcatcher

There's another pickle here:

A) Encryption is hard; don't roll-your-own;

B) Commercial offerings are under attack by TLAs (as per this example, and NSA's Bullrun efforts; just that we know of).

Hmmm. It is a puzzlement.

HP: That print-free-for-life deal we promised you? Well, now it's pay-per-month to continue using your printer ink

sbt
Unhappy

Pray I don't alter it any further

As much as a subscription deal makes sense for low volume users, if HP get away with this change in particular, 'for life' as an offer for warranty or service will lose all meaning, just like 'unlimited' already has.

Let's have an end to big trademark holders taking over some parts of our common language and putting a rocket through others.

We've made it: Microsoft deems El Reg relevant enough to have a play with the nerfed version of its upcoming Xbox

sbt
Facepalm

Re: Thirsty

I meant sentences, sorry.

sbt
Paris Hilton

Thirsty

The last two paragraphs undermine the credibility somewhat.

After Cummings' Barnard Castle trip, cheeky Britons started using the word 'vision' in their passwords

sbt
Headmaster

It's four words, particularly needed ...

... when you're not using caps, digits or punctuation.

Feds throw book at eBay execs who deny they had anything to do with cyberstalking of site's critics

sbt
Devil

Before you embark on a journey of revenge,...

... fabricate some legal guff to justify the break-in.

If only the Watergate burglers had thought of that!

At least have a chat to Streisand first.

Devs strung up about .NET 5.0 string changes that may break working code are told: It's not a bug, it's a feature

sbt
Meh

Re: An API should NEVER change its behavior

That'd be great if there were never any bugs. If the API has no versioning support, then you can't add a new variant of the function that's 'fixed', and you can't fix the old one.

APIs are hard.

sbt
Angel

one of the reasons we have Unicode

Truer words, etc. Not for nothing does the second I in ASCII stand for Interchange. Code Pages were display oriented. Unicode has at tried to deal with lexical ordering and code point equality (not always successfully, mind you; there's a fair bit of early unfortunate decision making that still bites). Composed vs. uncomposed, for example. Multiple semantically equivalent CPs.

sbt
Thumb Up

comprehension

No worries; it's a confusing scenario and not unreasonable to suggest it was contrived given the original reporter noticed a test failing; didn't down-thumb you on that basis; sorry others were more harsh.

sbt
Thumb Up

they default to subtly different cultures if you don't specify one

Thanks again for the detailed clarification. You can probably tell I'm not a .Net coder. I do wonder if there's any good reason why Contains and IndexOf would have different default behaviours; it's almost as if they have different intended use-case scenarios, not just different functions. If not, is this a mis-feature? I note your reply to AC below; again helpful, but Micros~1's thinking philosophy here isn't 100% clear. It would seem helpful if they were consistent about handling default cultures and I can't see why they would need to have differences. This change maybe just a long belated effort to fix that oversight.

sbt
Pint

reasonable behaviour

Thanks, Loyal Commenter, for clearing that up; nice detail.

sbt
Windows

there's no indication that they had calls to contains followed by similar calls to indexOf

From the 3rd para:

His code could find a string within another string using the Contains method – which answers the question "is the searched string contained in the target string" – but when he used the IndexOf method to find the location of the string, it returned -1, meaning not found.

Quote from MS engineer, implying this is the scenario of concern:

It is not right to compare the results of Contains with IndexOf..

2nd last para, another dev:

"...would take it as given that if str.Contains(whatever) succeeds, there is no need to inspect the result from str.IndexOf(whatever) because we were just told it is in there and therefore can be found." That does not seem unreasonable.

But agreed, any string comparison functions should behave consistently. It seems folks are tripping up on the fancy-pants aspects of the system culture supported by indexOf, since contains is, by some argument, broken, or at least feature poor.

sbt
Happy

If str is null?

Dunno. Contains presumably returns false, and indexOf, -1.

Probably no better/worse than a "Contains" followed by an "indexOf". It's still weird to do two steps where one will suffice. 'Contains' only makes sense if you don't care where and just use it on its own. That way, the conflict between the two should never really arise. You might get some memory cache hit benefits in the second call to indexOf, but I'd bet the compiler would have a hard time optimising away the duplicate tests. String comparisons can be expensive, and then there's the (small) hit from another API function call/parameter pass.

I can see the argument for API stability, but we'll never get anywhere if these things are kept in cement. Particularly when the cross-platform consistency benefits of using a standard pkg like ICU are on offer.

sbt
Headmaster

"... that doesn't create new productivity improvements for our users"

What if they appreciate more culturally sensitive string comparisons?

Anyway, seems like an anti-pattern to use two different functions to do one job. Why not just (pseudocode, obvs):

loc = indexOf (str, search);

If (loc != -1) {

etc.

} else {

...

}

Can we stop megacorps from using and abusing our data? That ship has sailed, ex-NSA lawyer argues in new book

sbt
Alert

"... more in the way of solutions ..."

If users can't meaningfully consent to data collection / re-use then it should be more tightly restricted; e.g no transfer to third parties without separate consent. This will challenge the business models of the "user-as-the-product" advertising companies and bring their true costs and values to light.

People used to pay to communicate via telephony, telegraphs, telegrams, postage. The only reason why we can't put some cost back into the equation is that people haven't woken up to what it's actually costing them and they think it's free.

Another eBay exec pleads guilty after couple stalked, harassed for daring to criticize the internet tat bazaar

sbt
Terminator

Re: Corporate derangement syndrome

Straight out of the LRH playbook. The CoS really are the apotheosis of corporate derangement.

sbt
Devil

I hope they throw the book at them.

Preferably the hard-back, large print edition with brass corner protectors. There's probably one for sale on eBay.

Experian vows to drag UK's Information Commissioner's Office to court after being told off for data-slurping practices

sbt
Megaphone

CRAs should only credit report.

I'd go further. If the banks and other institutions that use CRAs are to be allowed to continue to insist on customer consent/legimate purpose for sharing information with CRAs, then CRAs should be limited to specifically that purpose (i.e. credit reporting) and not all this secondary usage/monetisation.

One of the world's most prominent distributed ledger projects has been pushed back by a year

sbt
Meh

If you're running THE exchange, why ...

... do you need a distributed ledger? Not seeing the problem here. Seems like 'gee-whiz' factor at play.

Big Tech's Section 230 Senate hearing was like Jack Dorsey’s beard: An inexplicable mess that needed a serious trim

sbt
WTF?

"... it is enormously time-consuming and incredibly expensive to do so."

So? Not sure why giant, hugely profitable corporate behemoths should get to sh*t all over civil society for the sake of 'engagement' and monopolise the resulting revenues, whilst evaporating gainful employment in so many sectors. They should be making new jobs, even if it's content moderation. Quality is not less important than speed. Their main motivation for doing the bare minimum is that BS, fake news and trollery gets more engagement. The network effect is real and it's too late for non-users-as-the-product models to compete as things stand.

If they want the S230 shield, then they also need to facilitate proper accountability/legal sanctions where necessary on their users, if those are to be treated as the real 'publishers'. Otherwise they should be treated as the publishers themselves, like sites with proper journos, or even some random blogger with their own .com.

Santander downplays 'hack' of PagoFX cash transfer biz, says nothing to worry about

sbt
Facepalm

Security Grade: Theatrical

"...malware notarized by Apple to run on macOS"

Proof, if more were needed, that notarization is just a thinly veiled ploy by Apple to intermediate themselves between every user and developer. That said, app stores (not just Apple's) seem pretty hopeless at filtering out bad software, rip-offs or surfacing great quality apps. But woe betide devs who quibble over the 30% ticket clipping. They seem to be able to detect in-app purchase bypasses OK.

Gate-keeping, but the horse is long gone.

Elizabeth Holmes' plan to avoid her Theranos fraud trial worked out about as well as her useless blood-testing machines

sbt
Alert

Catch-22

Is it proof of insanity to argue that the court should just accept the assessment of your own mental health expert and that the prosecution shouldn't be able to get their own report?

IBM to spin out Managed Infrastructure Services biz – yes, the one that was subject to all those redundancies

sbt
Facepalm

Meet NewCo, same as the old ISSC.

It's been done. But hey, those deck-chairs won't re-arrange themselves!

After ten years, the Google vs Oracle API copyright mega-battle finally hit the Supreme Court – and we listened in

sbt
Angel

How do you implement a porting tool ... ?

Easily. You are writing a parser, not a library. You could easily write it in Perl, so you write exactly no Java code and copy exactly no Java code. There cannot be a copyright issue with respect to Java, in that case.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021