* Posts by jeremylloyd

12 publicly visible posts • joined 7 Dec 2017

How to give Windows Hello the finger and login as someone on their stolen laptop


Re: Finger prints all over the keyboard?

Better finger print readers will do a "liveness" test.

UK.gov splashes out on 40,000 new devices amid COVID-19-fuelled homeworking boom


Re: ‘68 iPhone 6s”

The security updates the iPhone 6 receives does not qualify for compliance with Cyber Essentials. Only iPhones on the most current version comply with Cyber Essentials... given UK GOV/MOD are requiring Cyber Essentials Plus compliance from suppliers, it would be pretty damn stupid to buy an iPhone 6.

You can get a mechanical keyboard for £45. But should you? We pulled an Aukey KM-G6 out of the bargain bin


Re: A decent keyboard is a decent investment

Cherry clicky all the way for me. I have four here all going strong.

Ministry of Defence lowers supplier infosec standards thanks to COVID-19 outbreak


Actually, CE+ assessments can be done, and are being done, remotely if there is VPN access for the VA scan, and remote desktop access for the anti-malware tests.


It's not in the CB's (Certifying Body's) interest to pass failing companies, as if they get caught out they will be thrown off the certification scheme. They would also be breaking the contract with IASME and the NCSC.

UK data watchdog kicks £280m British Airways and Marriott GDPR fines into legal long grass


Re: The ICO are dinosaurs chasing lazy rodents on the sunny uplands of Chixuclub. This is why ...

While we're still in the EU a company can register with any data protection registrar - though it should be where the largest portion of where they business takes place. Once the UK leaves the EU, any companies trading in/with the UK will be subject to regulation by the ICO, and if external to the UK will have to register a representative in the UK. Similarly, any UK company trading in/with the EU will have to register a representative in an EU member state.

Salesforce? Salesfarce: Cloud giant in multi-hour meltdown after database blunder grants users access to all data


Re: Separating DBs

It is exceptionally hard to hyper-scale a SaaS system where each client has a unique single-tenant database. You get problems with backups taking very much longer, CDP with large numbers of databases, product upgrades which involve schema changes, load scaling across multiple product releases because you can't role out schema changes quick enough, etc etc. It's expensive to manage.

Multi-tenant solves many of these problems, but the trade-off is security. When you screw up, you screw up big-time.

Sophos antivirus tools. Working Windows box. Latest Patch Tuesday fixes. Pick two: 'Puters knackered by bad combo


Why assume it's Microsoft's fault?

Why oh why assume this is Microsoft's fault? 3rd party A/V products are renowned for using private API's and non-standard hooks. Is it any wonder things break when Windows updates are made? Is it Microsoft's responsibility to test their product with every single A/V product (and the many versions thereof) before patches are released? That's not really practical if you want to get updates out of the door.

iOS 13 leaks suggest Apple is finally about to unleash the iPad as a computer for grownups


Re: An idea...

Exactly! I just purchased a Surface Go for when I don't need a big screen laptop (Surface Book in my case). It's a lovely little computer with a keyboard so much better than the iPad Pro I have gathering dust on the side. It's just a shame it comes with Windows 10 Home, and you have to pay to upgrade to Pro to encrypt the drive.

Stop, collaborate, and listen: Microsoft Teams gets an Atlassian glisten


Not feature parity

You can't add non-tenant Microsoft accounts to Teams without a lot of pain, and them being added to the Users list in the Admin portal. That's a real pain when you have contacts across multiple tenants.

Also, we use Polycom desk phones integrated with S4B. How's that going to work with Teams?

Definitely not feature parity yet.

GDPR USA? 'A year ago, hell no ... More people are open to it now' – House Rep says EU-like law may be mulled


To some extent you are missing the point. GDPR hasn't legitimised something which previously wasn't legitimate.

In the first instance GDPR requires companies to be transparent as to their operations. Now you can make a valued choice as to whether to use a particular supplier or not based on the information they now have to provide. Before you had no idea how your data was being used. If they don't provide the information you expect, don't use that supplier.

Next, GDPR does fundamentally require companies to minimise the data they collect, how long it is kept for and to protect the confidentiality, integrity and availability of that data.

Next, companies that don't perform are (1) going to get wrist slapped then fined; (2) lose business as customers will start switching to suppliers who are more enlightened about the protection of their customer's data.

This problem was never going to be fixed like turning on a light switch, but it is a big step forwards.

Nokia 8: As pure as the driven Android - it's a classy return


Re: Nokia 925 is still my favourite phone

I've had the same problem on two 950's with the screen not coming alive. Personally, I suspect the proximity sensor thinking the phone is still held to your face.