Posts by doublelayer

How do you know you're not hiring one when you hire in your country? How do you know that I'm not passing on a job to one of them when you hire me? When you hire someone, you generally do some checks on who, exactly, you've just added. This doesn't guarantee they're not a hacker, but it provides you exactly the same information about whether you can trust them if they're in your country as if they're in a different one. You might choose to avoid some countries because you don't want to have their administrative requirements or you think they'll harass your local employees, but that's no reason to ignore all the other countries where you don't have those concerns.

I wasn't around then, but the quote sounds like it was intended to be from the point of view of a criminal, as Chicago had been a city with a lot of organized crime groups in it. So if it was a real expression from the time, it's likely not to be an expression common to people from the city, but to criminals. Then again, I didn't read that particular book, so I am just guessing that context exists.

Re: Is it 'Excel is dead' time again?

That's true, but it's still that the negative uses of Excel could be dead if we just took this simple, well relatively simple anyway, step. We all know that won't happen. It's not really about Excel's irritating type management capabilities. Those really don't help, but lots of spreadsheets manage to avoid having any numbers treated as dates and can still manage to completely screw up a process. An AI to detect the most common of problems is not likely to solve the problem of processes that use a tool with no error checking because the tool doesn't collect enough information to do error checking. The same problem happens when someone makes a database that doesn't check what they're throwing into it, since a database will make sure that the "how much to pay this employee today" column is a number but doesn't see a problem that it currently says 2147483647.

A bad workman may blame his tools, but a good workman also does if they have bad tools. It doesn't automatically follow that he who blames his tools is a bad workman. If you disagree, I'm willing to have you do your job with the worst tools out there and see how long it takes you to blame them. If you work in IT, you will be setting up a full corporate network, including user PCs and servers, networking, and security using only MS-DOS, the original version from Microsoft though you can use the latest version. If your a programmer, reimplement every line of code in your projects with a Turing machine, and you can talk to the MS-DOS guy if you need two Turing machines to talk to one another, but synchronizing the one tape each for input and output that each gets to use yourself. You'll soon be blaming those tools for why you haven't gotten anything useful done.

Re: Application abuse

It's getting a bit ridiculous if we're now requiring regulation to make a piece of software accept a format that no other spreadsheet uses and which nobody will use in practice anyway. A format which will not solve the problem. SQLite doesn't have the same type constraints that other SQL databases tend to have. This means that, if your spreadsheet mangles some data as you put it in, having SQLite as the backend format won't prevent that from being accepted, stored, and processed to your detriment. Of course, it would also break all the formulas because rows in a table do not update themselves when conditions change, the caller has to do that. You could put the formulas back by putting in a shim which would effectively overlay a typical spreadsheet over a table, in which case you would lose even those few benefits that remained when using SQLite, because now your table would just contain strings that were processed as cells.

SQLite is a good tool for some purposes, but just like spreadsheets, you have to know which purposes those are. This means that you have to know about its type handling and performance constraints (yes, there is also a performance problem trying to use that as a spreadsheet, but I didn't think I should spend another paragraph on it). If you don't, you may end up breaking something which needs a spreadsheet and not a database while simultaneously not fixing the problem where you need a real database frontend, not a spreadsheet which automatically puts things into a database.

Re: Apple FindMy Network

"I expect other than to disable mobile data, there is no way for an iPhone/iPad user to prevent this from happening"

You assume wrong. Settings -> Apple ID -> Find My iPhone -> Find My Network, switch it off. It is still opt out, but you can opt out. Also, it's a few tiny packets. Your bandwidth costs to keep it on are ridiculously minimal compared to all the other background stuff your phone probably does, let alone active use of the connection. If you have reasons other than bandwidth to switch it off, go ahead and do so, but if you're really only worried about bandwidth, you don't need to be.

Re: It is sad it is taking such a massive case

The analogy is a good one, because serving on a jury is important but often dull. Being a legislator is also important and often dull. If you select people who don't want to be doing it, they'll look for ways to not do it. Oh, sure, they'll try to pass laws that they have a personal interest in, but most important laws won't be like that. Those laws will be things like the exact nature of a internet platform's liability in the case of user-submitted comments. Explaining what that means to a legislator who was just lotteried in is unlikely to work unless you force them to pay attention for hours, but if Facebook or Litigious Law Group tell them what the right answer is, that will be much easier. To some extent, this already happens, but at least a politician who chose the job is at least supposed to be interested in the decisions they're making, so they will spend at least a bit more time understanding them.

I understand the problem you want to solve. I'm afraid that having politicians chosen at random from a group of people who don't want to do it is not likely to solve that problem and will certainly introduce some new ones.

Re: It is sad it is taking such a massive case

Another aspect to this is that the American tax system tries to tax anyone in its jurisdiction for everything they do, no matter where they did it. This applies to individuals and companies. This may be one reason why companies form so many subsidiaries outside the country. It's not just wanting to pay a lower rate offered by some country eager for extra revenue, but not wanting to pay tax on a transaction in the country of the transaction and the United States as well. I've known a couple people who got American citizenship, mostly through birth, but then left the country and earned money elsewhere who were surprised to hear that the US will be collecting taxes on that anyway. If companies form international companies to get around that, they're likely to try to use them for lots of even more dubious purposes as well.

My only solution to this would be to try to form an international set of tax rules about how to decide where something was done and therefore where it should be taxed. So my solution is even harder to get accomplished than yours. I think I'll give up on this getting fixed and just resign myself to large companies being able to find their way around most tax regulations.

It depends what that test does, but if there's any point to having a test, then it has to tell those who are good at something from those who are bad. Ideally, if it can successfully do that, then we'd prefer to have the good ones, rather than the bad ones. If this is not what the test does, then I start wondering whether the test provides any value, and what it meant when someone was tested as "unappointable".

Re: "The NHS suffers from a chronic shortage of anesthetists"

Some of you did. Some others of you refused to use it until they had no other choice, and some others loudly complained about it. I may not have been around for most of that, but I have the internet and it has a lot of examples. Just because some currently old people were instrumental to the design of technology doesn't mean that every old person knows how to use it. I'm fully confident that nearly all of them could learn to do so, but I'm less confident that all who could learn will.

Re: "The NHS suffers from a chronic shortage of anesthetists"

The only problem is that delete has to be next to something. Which menu item is sufficiently rare that it's a safe buffer for delete?

Also, on my Windows 11 installation, delete is now next to share, and since I rarely use that, maybe they now have the requested buffer. Then again, I don't like the new context menu in Windows 11 and typically go to the more options menu where they've hidden the original one. The original one still has delete next to rename as well as my custom menu items.

The insider wouldn't have to write the code to encrypt the files, set up the infrastructure to communicate with the victim without immediately being caught, or negotiate payment with the victim, and would be at least somewhat insulated from the initial investigation. If the article is right, this is also a guaranteed payment whether the victim pays up or not. Those are, unfortunately, terms that might convince someone to do it.

Re: I fail to see what he did wrong....

What kind of wrong are you referring to? Do you mean ethically wrong or pragmatically wrong? Either way, I'd have thought those were obvious:

Ethically wrong: Take a job where you're not supposed to sell secret information, sell secret information.

Pragmatically wrong: Sell secret information for a tiny amount of money, have no backup escape plan for if you get caught, do the stealing so badly that you do get caught.

If you're referring to the various boot software, while I'd like Windows to support it nicely, I'd also like if Linuxes supported it nicely, or if I didn't have to deal with it so much. I've broken that by installing two different versions of Linux on the same disk. No Windows involved. I would prefer if it was easier to have lots of operating systems on one disk, and in my experience, you can eventually get somewhere satisfactory with any combination of operating systems, including Windows and Linux together, but first you're likely to deal with at least some broken things and some time manually changing bootloader settings. This is also why I tend to have different operating systems on different physical disks when the machine supports that and also why I have a machine that runs lots of VMs on one bare metal OS so I can easily test out a new one without rolling the dice again.

Re: "Musk’s changes at X are aimed at making money"

It doesn't, because the debt has to be payed back over years, not right now. If it was all due tomorrow, that would be bankrupt. The hope would be that it can be returned to profitability before the required payments exceed the resources available to pay them. I don't think that's likely, but there's always the option of more money being found from somewhere to pay that bill or the more likely attempt to ignore the bill and the years-long litigation to resolve that process. Somehow, when you're very rich, you can get away with not paying bills longer than when you're not.

I don't have accounts on these services, nor have I ever. However, I think there's a group of people who want to make these things sound more different from forums and newsgroups than they really are. Another uncomfortable truth is that these forums, while structured differently than more general social media, are similar in many ways. The same is true of Usenet and many other places where people who don't otherwise know each other post their thoughts for others to read.

Our little community might get to write more words in our thoughts, or at least we don't have to split them into annoying little chunks like Twitter require. We might limit our discussions to the topics El Reg creates, although there is that user topics area where I never go, so maybe that's not really true either. Still, we post our thoughts for our fellows to read, they reply to us, and we even have our upvotes and downvotes instead of likes and...I'm sure there's a dislike counter on some of them. We even have the same problems that social media has; these forums are not immune to annoying conspiracy theorists and trolls, nor even our own malfunctioning Markov chain bot. If you ask why someone likes social media, the answer is the same reason you're posting here. They just have an interest in a wider community and don't mind the many costs involved.

Re: So how did we find him?

Depending on the severity, that could just make it even harder to find people who want to do that kind of work in the first place. Government already frequently underpays its staff and puts restrictions on them that a different career option might get. That applies to all governments, but there have been several articles here specifically about the U.S. government failing to find the administrators and programmers that they want. Add in a "oh, and if you work on anything important you will have no privacy for the rest of your life" and that will probably not help their case. Especially with techs, you have to have some reason why they would choose a job in government over one somewhere else, and if you keep adding restrictions, the only answers that will be left are the applicant who accepts is a ridiculously patriotic person who will take any punishment for their beloved country, the applicant can't get a job anywhere else and now that the government can't find anyone qualified, they'll have to deal with them, or the applicant is a spy who is willing to take that job because it's the only way to get information.

I wouldn't work for a company that wanted the power to surveil me outside of work hours, or for that matter even during work hours if they went far enough. There's no chance I would agree to a lifetime of surveillance, even if I quit. If others are like me, maybe they'd have to do as at least one American military person suggested and start conscripting people with technical skills. I'm sure that will be popular.

Re: Are you sure

The other side of this is that the prompt absolutely must, no exceptions, contain enough data to know what it's asking you about. Not just trusting that you can scroll up to see the command that launched it, not assuming that the user knows which script they clicked on, the prompt must print that again. If it's really dangerous, maybe make the user type it again to be careful, but that part is at least optional.

Re: cd /tmp && rm -rf *

The other useful parameter is -i, when you need to do something more complex and you're not entirely sure if it will be safe. For example, when I was trying to clear out temp files, but no other files, from a nested directory. I was very careful to specify "rm -i */*/*.tmp". Anything with that many asterisks seemed a bit too dangerous to do without at least seeing some of what would get wiped.

Re: Meta Ferenghi a'coming!

No problem. I understand your concern, and you can deal with it. Simply don't install third-party applications. I have Android devices, and the only third-party app I'll install on them is FDroid (I consider the apps I get through FDroid to be included). There are many others, but since I don't trust that they're reliable, I don't install them. You can make that choice, and I advise you to do so if you're not sure what you're installing. It doesn't mean that I shouldn't be able to install something, though.

Re: It's not whether the App Store is good or bad...

In fact, some of their blocks are to help their revenue, including one of your own examples. They have, repeatedly, refused to allow in apps or even retroactively removed them when they competed with functionality they added to iOS. This isn't a one-time thing. Back when they first released Siri, they removed a few other voice assistants, even though the limitations of iOS meant that nobody was really going to use those anyway. They did the same thing eight years later when they released a tool to report on how often you or your children used the device and decided that others who had written apps to do that when Apple couldn't do it for you would now be banned. Now you may ask how that really did anything for Apple's revenue. The screen time example, although it's not a simple substitution, they were still indicating to developers not to compete with services Apple chose to make, which could prevent developers from trying things that compete with the services from which Apple really does collect revenue. The Siri example is much more straightforward: without the latest iPhone, you couldn't use Siri. By banning other voice assistants, they managed to tell everyone who wanted one that they'd have to buy new hardware.

The example of non-WebKit browsers is much more straightforward, even though you've mentioned it to the contrary. This is true for two reasons. If someone released a more powerful browser that could run web applications that are more complex than the ones Apple allows WebKit to run, that could allow a company to release their app to run in that, bypassing Apple's revenue collection. I'm sure many games would be happy to do so. That's a lot of money that Apple wouldn't get, but restricting the engine to WebKit will prevent a lot of those from running. The other side is that it makes competing web browsers less useful to the average user, meaning more of them will stick with Safari. Apple gets a large payment from Google every year to have Google as the default search engine in Safari. If people were using a different browser, that would be less valuable to Google and Apple would receive less money next year. They evidently decided that banning browsers completely wouldn't work, but they took steps to restrict their usage, such as restricting what they can do and filing any app with unrestricted browsing capability as an adult app that a child's account* could not install. I know at least one app that removed the in-app browser, essentially just calling WebKit, so that it could still be purchased for use in education.

* That is assuming that the child put in their real birth date when asked. When I was a child, I learned to put in a fake date to prevent tracking and that, if I was doing that, I might as well be an adult.

Re: Those who refuse to learn from webcomics...

Oh, it's much easier than that. If I tell the AI I want to be rich, it will create a dubious business model, convince Mr. Son to believe strongly in it, and he gives me free billions. It's worked for others before, and he's proven both that he isn't smart enough to tell the difference and that he hasn't been deposed yet. Until he runs out of money, anyone who gets to him can be rich. Of course, this requires me to be able to take a billion dollars and not lose it, but that doesn't sound too hard when I can send the original idea bankrupt as soon as the AI sends the cash to me.

Re: In Other News ...

You can live as if there is no law. Nothing different will happen to you if you're right or not. Here are the options.

You act like there is no law, there is, you do things we don't like: Someone will restrain you, put you in prison, or take your money.

You act like there is no law, there is, you don't do things we don't like: You live life as normal.

You act like there is no law, there really is no law, you do things we don't like: Someone gets angry at you for doing those things, and comes to attack you. That person takes your stuff or causes you physical harm, up to and including death.

You act like there is no law, there really is no law, you don't do things we don't like: Probably nothing bad happens to you, unless someone decides that you're an easy person to take things from.

In either case, acting in a way that's detrimental to the rest of us will earn consequences. The benefit of law is that those consequences tend to be trial and punishment if the trial doesn't go in your favor, whereas the consequences if nobody does that tend to be more intense. This is true for two reasons. First, with law, people have at least some reason to believe that things we've agreed are crimes will be punished, so we're content to allow that to happen rather than trying to take revenge on those who wronged us. In addition, someone who is still tempted to take revenge on you is less likely to do it because that revenge is also considered a crime and they don't want to be punished. You can ignore it all you like, as the consequences you feel won't be worse for having a legal system involved. I'm not planning to join you.

Re: In Other News ...

True, but I meant that the model they used (and yes, it was a primitive LMM at the time) had plenty of information that works with a "I want to kill the queen" prompt without contradicting it. They didn't have any guards on it to prevent it doing that. Something designed for fantasy contexts is even more likely to output text that is unsuitable for reality, which is why it could be more dangerous than a general chatbot, although I have no reason to believe that a modern chatbot would attempt to talk him out of it consistently.

Re: Convicted of Treason

If I may take a tangent, I like the weird phrasing that Victorian English added to things, often without any real need. For example, the charge of "attempting to injure or alarm the Sovereign". I can't stop thinking about someone waking up the monarch from being tried as, technically, they were acting as an alarm, or even someone telling them disquieting information. I do wonder what was going through the mind of the person who inserted those two words into the sentence. From a quick check, I don't see evidence that "alarm" meant anything else at the time, or at least not anything specific enough to be a legal offense.

Re: In Other News ...

Possibly it wasn't really trained to do anything in particular, just print out some text that makes sense in context. This is especially true since the article suggests it was advertised as an entertainment tool. A discussion about killing a queen could easily apply in a fantasy context where the queen is evil, and the bot probably has plenty of that kind of text in the training data. All it has to do is print out something that seems to respond to the previous statement. As I recall, this is the same model that, when tested, frequently printed gibberish.

Re: In Other News ...

If a religious person told you to commit a crime, being clergy probably won't be sufficient to prevent them being prosecuted, always assuming that it can be proven that they actually did recommend it, not that the perpetrator mangled something in order to justify actions they already wanted. If an actual deity was blamed, you are more than welcome to search out that deity, demand proof of incitement, and charge it in court. Should you succeed in finding the deity, I think the rest of the steps will probably be somewhat painful.