And free ones, built on Ghostscript.
234 posts • joined 2 May 2018
Avoiding disclosure - England and Wales census
Census results for England and Wales are deliberately corrupted to avoid personal disclosure. That's because they're often cross-tabulated for very small output areas, small enough that unique people might show up. The standard statement is
"In order to protect against disclosure of personal information from the 2011 Census, there has been swapping of records in the Census database between different geographic areas, and so some counts will be affected. In the main, the greatest effects will be at the lowest geographies, since the record swapping is targeted towards those households with unusual characteristics in small areas."
Should such corruption be standard or required practice?
The funder wanted routine staff stats including sexuality. We collected them anonymously and without any chance of cross-tabulating. Even so, it was a small organisation in which people were generally quite happily open about their sexuality, so it was easy to see that someone must have ticked a box that wasn't how they usually presented themselves, and there weren't many possibilities.
Yes, the English-language Wikipedia is the biggest but others are very well established. There are over 300 Wikipedias in different languages - English en.wikipedia.org, German de.wikipedia.org, Chinese zh.wikipedia.org, zh-classical.wikipedia.org, zh-min-nan.wikipedia.org and zh-yue.wikipedia.org, and so on. All are available worldwide, except where governments block them. It seems most of zh.wikipedia.org's contributors and readers are outside mainland China but it's still of great interest to the Chinese government.
All 300+ Wikipedias run on the Wikimedia Foundation's servers and the Foundation has the ability to intervene on all of them. Volunteer global sysops appoint and remove volunteer sysops for the individual wikipedias, usually just following that wikipedia's approval process and rules for removal (stale accounts, misbehaviour, whatever). But behind them, the Wikimedia Foundation has all the powers of global sysops and more, and they've used them to remove sysop powers from a bunch of editors of Chinese Wikipedias.
Re: When there are big data breaches...
>do the prosecuting authorities take into account the (lack of) patch levels, especially if the breach can be shown to have happened because...
Bad locks don't cause burglaries. People do burglaries and flimsy locks are no excuse.
Likewise, prosecutors don't say "the breach happened". They say you broke in.
Only on landing?
Airbus's modification, which is targeted to arrive by Q3 2022 for the A330-200 and A330-800, Q3 2023 for the A330-300, and mid 2024 for the A330-900
That's a few hundred planes flying until Q3 2022 with a known bug that can shut down all flight computers during landing, a few hundred more until Q3 2023, and hundreds on order that won't be fixed until mid-2024. Cool, cool.
The unit of measure for fatbergs is not hippopotami, even if the operator of an Australian sewer says so
Leaked Guntrader firearms data file shared. Worst case scenario? Criminals plot UK gun owners' home addresses in Google Earth
Re: On the other hand...
>Once inside the men took cash and watches, then asked whether the victim had any guns. When the homeowner hesitated to answer, he was shot at close range in the ankle by Daniels, who demanded, “answer quicker.”
And yes, it did go downhill from there. https://www.lep.co.uk/news/crime/liverpool-gang-members-convicted-after-lancashire-farmer-is-shot-twice-in-armed-robbery-3187597
Apple settles antitrust case with developers, but it's far from an Epic resolution to App Store monopoly concerns
I think "compete with free apps" here means "compete against free apps", not "compete using free apps". The argument is that some developers would like to sell for lower prices.
But I don't know why you think a baby-name app is shitty. Babies are, obviously, but people still want to give them names.
Judge dismisses objections to spaceport in Scotland from billionaire who also wants to build spaceport in Scotland
Magna Carta mayhem: Protesters lay siege to Edinburgh Castle, citing obscure Latin text that has never applied in Scotland
Re: Sumption is wrong
> they might as well be quoting the US constitution for all the good it'll do them
Well quite. And when they bang on about "we the people" that's exactly what they are doing.
This action was at the milder end of the Clause 61 myths, which also involve sending the Queen an affidavit removing your consent to be governed. Rational Wiki is great fun on this, if you have a few minutes - https://rationalwiki.org/wiki/Freeman_on_the_land#Lawful_rebellion_and_the_Magna_Carta
Remote code execution flaws lurk in countless routers, IoT gear, cameras using Realtek Wi-Fi module SDKs
Re: Two possible approaches
According to Apple, it's not your #1 and only partly like your #2. Yes, they send a database of hashes to your phone, but (they say), they don't scan the phone, they test an image as it's uploaded to iCloud Photos. In terms of bandwidth and CPU time, that's feasible. They say they'll start a manual review of an account when some threshold number of matching images is reached, not on each individual match.
not scanning your device, exactly
What Apple's currently saying is "Before an image is stored in iCloud Photos, an on-device matching process is performed for that image" (https://www.apple.com/child-safety/). That excludes scanning across the phone's library of photos, or across the iCloud Photos library, or the iPhone's iCloud Backup.
The technical summary linked at the end goes into more detail. https://www.apple.com/child-safety/pdf/CSAM_Detection_Technical_Summary.pdf
As it uploads an image, the device runs the matching process and creates a "voucher" for it. The voucher includes the match outcome and an encrypted "visual derivative". When the number of vouchers indicating matches reaches some threshold, the "visual derivatives" in those particular vouchers are decrypted and a process of manual review and action begins.
Whether the whole idea of checking your photos is good or bad, they've clearly put a lot of thought into avoiding scanning entire libraries.At this stage, anyway.
Hole blasted in Guntrader: UK firearms sales website's CRM database breached, 111,000 users' info spilled online
Re: They set out to piss off the gun owners? Really?
Alternatively, that's when the robbers turn up armed and mob-handed, knowing they'll have plenty of time to get away if the alarm's raised, and knowing they'll have time to locate and steal the farm's guns.
For example, https://www.lep.co.uk/news/crime/liverpool-gang-members-convicted-after-lancashire-farmer-is-shot-twice-in-armed-robbery-3187597
To rail against the very existence of the word "leverage" is to regret a coinage that's at least 297 years old, maybe more, and so well-established that it was used in a figurative sense by Gladstone writing about Homer in 1858.
What's more, your premise that we already had "lever" and there was no need to add to it misses the change in meaning and the difference in usage. "Leverage" is no more the same as "lever" than "coinage" or "usage" are the same as their roots.
"Use account password hashes" would have triggered people saying you can't use hashes, that's the point of hashing them.
"Exploit password hashes" would have triggered people saying that in ICT you exploit vulnerabilities.
"Leverage password hashes" triggers people who don't like language developing and changing. When writing reports for old-fashioned managers or grant applications that might be read by comma pedants, that might be best avoided.
Among readers of a technical news site, however, triggering the third group may be the best option and the most fun.
Ah, I see you found my PowerShell script called 'SiteReview' – that does not mean what you think it means
Amazon will know when its business, privacy practices keep you up at night – it has an FCC-approved sleep radar
Are you saying that small businesses should always have at least two servers? Surely if loads are low, it's not wildly inappropriate to run print server and domain controller on the same box. It wouldn't have been easy to justify the extra expenditure on the basis that there might be a longstanding critical bug lurking in the spooler; that argument threatens to fill the small office with separate boxes.
I'd tried it again before posting and got the same result as you, i.e. there is now an option to use Edge, but Edge only displays the raw HTML. IE, on the other hand, rendered it fully.
Yes, I'd tried switching default apps by file setting too, changing .mht and .mhtml to Edge, but that hadn't helped either.
Happily, Outlook 2019 is displaying things fine by itself and I only stumbled on this while testing a couple of years ago. Now I just revisit it whenever I see that MS are definitely retiring IE real soon now.
Three things that have vanished: $3.6bn in Bitcoin, a crypto investment biz, and the two brothers who ran it
Inventor of the graphite anode – key Li-ion battery tech – says he can now charge an electric car in 10 minutes
FYI: Today's computer chips are so advanced, they are more 'mercurial' than precise – and here's the proof
Re: Forbidden gates
The trouble is that those errors aren't evenly spread. Specific individual cores go bad. The chances are against you having one of those in your laptop or one of your on-premises server, but if you do have one then you may experience a series of mysterious crashes, incorrect calculations and/or data loss, not just one incident.
Re: Error detection
Something like this?
During timecritical mission phases (i.e., recovery time less than one second), such as boost, reentry, and landing, four of these computers operate as a redundant set, receiving the same input data, performing the same flight-critical computations, and transmitting the same output commands.(The fifth computer performs non-critical computations.) In this mode of operation, comparison of output commands and “voting” on the results in the redundant set provide the basis for efficient detection and identification of two flight-critical computer failures. After two failures, the remaining two computers in the set use comparison and self-test techniques to provide tolerance of a third fault.
Google employee helped UK government switch from disastrous COVID-19 strategy, according to Dominic Cummings
Re: "Understand the technicalities in a way I couldn't do"
they didn't grasp exponential growth
It's as if they didn't want to grasp exponential growth. Call it compound interest on steroids – at least Sunak understands compond interest and Johnson's akways had an eye for an opportunity. Or say it's like hyperinflation turned up to 11 – Johnson knows about hyperinflation from his classics studies, he's used the example of Emperor Diocletian to argue that price controls don't work.
I fear Johnson's dream of being Prime Minister didn't include a situation in which he wasn't the cheery urbane hero, so he couldn't believe it was happening.
The companies are registered in the UK, and have a UK director at first. The director's recruited money-mule style to receive and pass on letters from Companies House and HMRC, in one example receiving £150 per company.
Once all is set up, the UK director resigns and an overseas director is appointed, making them even more difficult to pursue than a UK director (who'd still have some limited-liability protection anyway unless they could be proved to be acting criminally).
Re: one of the major flight simulator manufacturers (Link-Miles)
Basically Singer went on a diversification/acquisition spree, then got into trouble and dediversified. It goes something like this:
General Precision Equipment Corporation bought Link Aviation Devices. Singer bought GPE, then the Link division bought Miles Electronics. Singer reincorporated their Link division as Link Military Simulation Corporation and that became part of L3Harris Technologies. In March this year, CAE Inc (previously Canadian Aviation Electronics) announced they were buying L3Harris's military training businesses, including Link Simulation & Training.
But Singer - by then called Bicoastal Corporation - separated Link-Miles from that Link division, and they sold it to Thomson-CSF, which later became Thales.
Re: When speaking to a Judge, avoid saying:
When speaking to a judge, if you don't remember then say so.
As a witness, I've truthfully said "I don't remember". When the QC kept pushing me, the judge told him "if he doesn't remember, he doesn't remember." I think that judge knew something about how memory works.
Proposed amendments to UK Finance Bill target rogue umbrella companies ripping off contractors after IR35
48,000 MUCs in just one batch
Meanwhile, last week's BBC File on Four and website had this item on mini-umbrellas, focusing on 48,000 UK MUCs that now each have directors in the Philippines and are likely each using the £4000 Employment Allowance to avoid paying employer's NIC. Presumably there'll be plenty more with directors in other countries. The companies are created using a UK director recruited money-mule style, but those directors resign once it's formed and registered with HMRC.
Mind you, this report wasn't about IT professionals. It began with people recruited to work on G4S COVD-19 testing sites, each recruit discovering they were being paid by a different company none of them had ever heard of.