Re: Dreaming
I remember working on a project where we had the time and resources to create a full regression suite and a variety of setups to replicate customer environments (it was a shrink-wrapped bit of software).
Or did I dream it?
334 publicly visible posts • joined 23 Mar 2018
That would be the place that uses Google Analytics.
(Yes, I know that theoretically this isn't passing PII to Google. Probably.)
"Present it with something unexpected and watch it fail."
As has been pointed out on The Reg and elsewhere, self-driving cars will (in the near future) inevitably get into situations where they can't cope with the input. The manufacturer has to make a decision as to whether, in this situation, it fails safe and stops (rendering it useless) or fails the other way and goes (rendering it dangerous). The only other option is to completely change the urban environment (e.g. cordoning off pedestrians) which just isn't going to fly.
There seems to be more and more of the hype in the regular media recently - talking about medical, legal etc. applications. The thing that's lacking with AI is, when a human makes a decision, you can ask them "what the hell were you thinking?".
The comforting thought is that we're a long way off Skynet.
£92m on a feasibility study?
For a start, most people thought the "We're going to build our own satellite navigation system. With blackjack. And hookers" was just dick waving/sour grapes.
But £92m seems like a hell of a lot of money to find out how a positioning system works when you can just look it up on Wikipedia (maybe I should bid for the contract). You need some clocks and some rockets. There. Done.
It's not how much the data is actually worth, it's how much the advertisers think it's worth. And you're talking about marketing people here.
Look at (for instance) Facebook's market cap. It implies that every FB user (even the fictitious ones) is worth about $250. How does that work? Say an advertiser makes a 5% profit on every thingy they sell, every user would have to buy $5,000 worth of thingies purely as a result of a Facebook ad to make that economic. Or something. It's late and I need beer.
See, that's my cunning plan. Because I'm still walking around with an S4, they won't think to target me with ads for shiny stuff.
Google do seem to be on a collision course with GDPR. It will be interesting to see how this plays out. Stuff like browsing history can easily reveal health/religion/sexuality/any of the "sensitive" classes of PII. Hmm.
You would have a pre- prod environment which exactly mirrored prod and a comprehensive set of automated tests that could verify 100% (or as near as you can get) that everything works. Patch that, run the tests and if all shiny then patch prod.
I haven't encountered many (OK, any) outfits that want to put in the investment to do this. Which is daft as it would also benefit your dev process hugely. Meanwhile, IT still gets the kicking when stuff is rolled into production and things break due to inadequate testing in an inadequate test environment.
2 words: STATIC LINK
The article mentions system DLLs. It's been a long time, but I think I remember that the order for DLL loading is something like: same directory as EXE; current working directory; windows/system; path
I also remember that LoadLibrary can take a full pathname and you can find the windows/system path easily. So a fix would be to specify the fully qualified pathname of the system DLL.
It's been a while though
I remember talking to an HPC chap a couple of years back. I asked the question why people weren't interested in the better FLOPS/Watt that you could get from ARM. His response was that the (proprietary) software that he used was licensed per core and that that cost vastly outweighed the savings in power/cooling/hardware.
Well, I suppose you could argue that cladding isn't structural.
I'm not sure that we'll ever get to the bottom of who should actually carry the can for that one. With all the layers of sub-contracting and who told whom what and when, I have doubts that justice will ever be served.
Call me a miserable bastard - I am - but back in those days, we'd have meetings with business experts and IT experts and get stuff done. Now the meetings are full of project managers, business analysts and like like so you have to talk really slowly and keep explaining things over and over again.
I bet as a structural engineer, you don't have people in the meeting saying "High tensile steel is pretty expensive. Couldn't we use something cheaper - like cardboard?"
I put my son off IT. He got his grades this morning and he's off to do an MEng in Civil & Structural.
25 years ago, IT was fun. Users said "Can you make a program that does this?" and we wrote it and they tested it and all was lovely. Now you need 3 weeks of meetings - some of which must be conducted standing up - before you can apply an index to a table.
I would've thought that some in the security services see this sort of action as a problem. Take the pr0n age checking in the UK - before that, hardly anyone knew what a VPN was. In a bid to satisfy the Daily Mail brigade, the UK government have just made the security services' haystack a shedload bigger.
Like most of the evils in the world, I blame management consultants. The obsession with measuring, metrics, spreadsheets and all that bollocks. It's very easy to measure how a child does on a standardised multiple choice test. It's very hard to measure anything like creativity or engagement. So the focus becomes almost entirely on things that are easy to measure.
When I was at school, there was a lot of music going on. Two orchestras, a couple of productions a year, concerts, stuff. You don't see much of that sort of thing in schools anymore - because you can't turn it into a number in Excel and draw a chart.
Has anyone also noticed how, 20 odd years ago, an appraisal was a half hour chat with your manager. Now appraisal systems are massively bloated and complex (and pointless as, in IT, half the projects that were your "objectives" will have been canned by the next appraisal). Makes me glad I turned to contracting.
If we all lob in a tenner, we can get the "senior leadership teams" of most schools bumped off.
When I was at school, we had one headmaster who taught part time. Now even the smallest school has 3 or 4 "senior" people who don't teach at all but just demand reports and paperwork from the actual teachers.
Mrs. H. is moving from full time into supply so she doesn't have to put up with this crap.
Well, the thing that struck me: what really drove demand for things like the Internet and VCRs was filth. When there is a pr0n application that required IPv6, then you will see things change.
Mind you, I believe that there is far more grot on the internet than one person can ever get through. I'll update you with my progress on this as it happens.
Somewhere up the chain of command between the people who understand the tech and the board, some person will have been keen to "control costs" and be seen to be taking an interest in the bottom line.
You're right about fines not being a deterrent. Hence my musings about whether ultimately the authorities should be able to shut an organisation down if it's repeated shown to be crap with people's data.
Given that this is pre-GDPR, the max fine would be £500K. And the cost of doing security properly? My guess is that they count this as a win.
Even Equifax is still trading - a key indicator that there is no justice (yeah, I know that's mostly US). There's no way the authorities are able to say "Sorry, but you're just too crap to be trusted with PII".
From the "probably a stupid idea" file, what if the ICO were able to employ a bunch of suitably gifted people (I nearly said "1337 h4x0rz" there) to actually test whether a company has actually sorted itself out rather than having to take their word for it.
"If it's fake, believable and intended to slur or defame a person then it's probably libel."
Ah, but libeling who? I recall a headline in a certain popular newspaper on "4,000 foreign murderers and rapists in the UK". (Reading down to paragraph 94, it was 4,000 foreign nationals who had committed an offence, which might include rape or murderer). Who sues in this instance? Press standards organisation no good as the "affected party" can't submit a complaint.