Posts by Emir Al Weeq 234 publicly visible posts • joined 28 Mar 2020
Boots and Liquor, you are both right of course. I would follow the "moving on..." with a request to make sure that's minuted.
Also ensure that the design document's second draft's history includes "hardening/resilience removed at the request of A. Countant" and be sure that A. Countant is in the final design's sign-off list.
Keep all design drafts and the emails circulating them.
CYA.
Agree. I've said here before: I change my phone more often than my thermostat settings so no use case for me.
I last changed the 12 year old* thermostat's schedule in 2020 when lockdown made home-working a necessity.
*Probably older: was here when we bought the house, fitted by previous owners.
Those who haven't previously lost data like this and don't read the likes of El Reg and arstechnica aren't necessarily morons, they're just ill-informed.
My children's school uses Google Classroom. I would like to have seen them have a similar problem: today's lesson is on the very real risks of storing all your data in someone else's computer.
I got the impression from the article that the "sign disappearing time" was fairly short, as in: if a sign was seen and visibly of it was subsequently lost, then it was assumed that the sign was still there. This would make sense when, for example, queueing at a junction with an observed stop sign which then gets obscured by a van coming alongside.
I agree after, say, 10 mins this assumption gets iffy given that the sign may be temporary.
This is what made the TSR more susceptible to "appearing attacks": the stickers only had to fool the TSR briefly and it thought it had gotten a glimpse of a sign.
According to the BBC, the Minister of State for Security, Dan Jarvis, said: "What I can say is that the suggestion that privacy and security are at odds is not correct; we can and must have both."
So clearly, the laws of mathematics do need to be repealed.
https://www.bbc.com/news/articles/c1kjmddx2nzo
Was using Stansted airport's parking website recently: the info that I required was not available there so I tried the helpline. I tried several paths through the IVR and all ended in a message telling me to use the website and then terminating the call.
I hope he's confident of identifying his drive. I don't think I could tell my sorry square of metal pulled from landfill from someone else's. I got the impression it wasn't in a laptop or something he might recognise.
I can see him having to pay for expensive forensics on every drive he finds, and if one is unreadable, he'll never know to stop if it's the one.
>keep rolling out upgrades to those with a decent service
Sadly that's so true. Whilst I am happy to see research into how to improve at the top end of things, a bit of attention to the bottom end wouldn't go amis. An uplift to Gb/s sounds great, but for me an uplift from Kb/s to Mb/s on my uplink would be nice.
Just last night:
"Hi girls, is that the presentation homework with pictures in?", "Yes?"
Checks SWMBO's laptop and sees a grid of pixellated faces with one familiar black rectangle showing the message "Insufficient bandwidth".
"Don't upload it now, Mum's on a conference call".
Many, many years ago I attended a UK training course run by Ericsson. I complained that spellings had switched from English* to American-English. The reply was along the lines of:
This product is now available in the US. We translate the documentation into many languages and don't want to have to deal with spelling variations too. We asked our UK and US offices how their respective countries would react to us using the other's spelling; the US said they'd get an almighty fuss whereas the UK said customers would grumble a bit, so US it is. Apparently the trainer had given the UK course many times and I was the first to say anything.
* We often called Ericsson English, "Swinglish" due to the translation curiosities.
I hate it, but if the article said: all parties' apps had slurped and spaffed constituents' data then left it on an unlocked laptop on a bus, your average Joe would say, "So what? I've got nothing to hide", etc, etc.
It didn't sound like thorough research to me; however, well done for trying, but don't expect the great unwashed to care.
I live a few miles from this site and I typically get 4Mb/s down and 100Kb/s up data rates. Every time I read about this new datacentre I imagine it with an Openreach van outside and the tech saying "Sorry mate, it's all overhead twisted-pair round here, good luck competing with the Brookmans Park transmitter.
"The supplier did say this wasn't an attack involving ransomware"
"We do not anticipate the data being shared or made public, and we believe it has been deleted without any further replication or dissemination".
I wonder how they can be so sure of this? It sounds to me like they've been talking to the perpetrators and reached a deal, ie. they've paid the ransom and trust the perps to delete (for what that's worth). There may not have been ramsomware involved but that doesn't mean they haven't paid the scumbags.
>to sell that, along with any other data I can glean,
I'm shocked that you would do that with others' personal data. Shocked I say.
No, you strip the most sensitive bits out before selling it. Then, once you've established your customer base, you can add it back as part of your more expensive "premium" package. That's how to really treat personal data.
It sounds like you need my wife’s 1959 Austin-Healey “Frogeye” Sprite:
The indicators are a non self-cancelling dashboard mounted switch. No modern, nanny-state, snowflake, safety gimmicks like ABS, side impact bars, airbags, side or rear windows, roof, roll-bars or seatbelts; all UK legal on a car that age. You don’t even have to have one of those fussy MoT inspectors crawl all over it each year*.
Driver aids like electric screen wash, power steering or synchromesh on 1st and 2nd are absent but, let’s face it, if you can’t heel-and-toe to provide the throttle blip during a double-declutch whilst braking and changing down, then you shouldn’t be driving.
It does have one modern feature: keyless entry. No key, locks or even exterior door handles; you just reach inside and open from there.
Seriously though, do we ferry our children around in it? Not a chance! But, if they want, we will teach them how to drive it when they’re old enough (and yes, the change-down whilst braking is as described).
As a daily-drive it would be hell, but as a bit of summer fun it gives you a smile to match its own.
*Despite being pre-1960, hers does need an MoT because it’s had some modifications.
Many years ago we were visiting the in-laws. My father-in-law (fil) was complaining that he’d miss the football that afternoon because it wasn’t being shown on any channel to which he subscribed. Another guest says that she’ll call her son (let’s call him Jimmy) who’s “good with computers” and can get the football for him.
A little while later, 13/14 year-old Jimmy arrives and is offered fil’s tablet, I watched what he was up to. There was lots of rapid action during which, if memory serves, he found a website, downloaded something, sideloaded it and then set up as required. Throughout this, multiple warnings flashed up, none of which I had time to read before he accepted them; nor, I suspect, did he. On the first warning I had asked, “What was that?” but was told that “you just say ‘yes’ to all that stuff”.
I allowed the process to continue because (a) I was fascinated to know just how careless Jimmy would be with someone else’s machine/privacy/security etc, (b) I knew the tablet, which had been a gift from my wife, was hardly ever used and certainly had not been used for things like online shopping or banking and (c) fil would not care about, or even notice, the factory-reset that I would (and indeed did) carry out after the football.
Everyone (except me) was impressed with Jimmy’s computer prowess, although I provided a little education after Jimmy and mother had left.
My point: I think that few people give a stuff what the warnings say so long as the immediate result is what they want.
Not a support call but I was once asked to write an extra feature for a piece of config-file driven software I'd written. It was a custom job for one team and, although they'd never asked for a particular feature, I thought it would be useful and took just a few minutes of my time to include.
Several months later the team leader was asked for the feature (they'd not read, or forgotten about, the instructions I'd provided).
I replied to the effect of: "see instructions, section 5, request met before you'd even thought of it, how's that for service?"
She complained to my manager that I hadn't acted quickly enough.
I can't find the link to the actual enquiry document that highlights this but there are several examples of the code available to read that confirm your "written by idiots" point. My favourite was actually a function to return the negative of its argument; ie when given d, to return -d. As if the use of a function isn't pointless enough, the algorithm used was something like:
if d<0 then return abs(d)
else return d-2*d
He's suing for damages because he threw something away that he then wanted?
Is there an El Reg reader out there who hasn't done this?
If he wins we need to get together and launch a class-action case for all those RS-232 cables, USB dongles, etc, etc that must be worth squillions if we add it all up.
My children's school is too small to have budget for an IT department of even one, it relies on the Local Education Authority for this kind of stuff. A few years ago they provided a new system to allow parents to see their children's progress, pay for trips etc.
To log in you used your email as an ID, after which you were presented with a list schools that your children attended (my list was one school) and then you entered your password. Yes, you read that right and I trust that your gast is suitably flabbered: you were shown your children's school(s) BEFORE entering your password. This means that anyone could identify your children's schools by knowing nothing more that your email address. I checked this with a non-local friend who'd never used the system before, so it wasn't down to something like cookies.
I raised this with the school and the software manufacturer directly. Despite repeated chases with the manufacturer it took about a year to correct both web interface and app. Offcom's website did not make it clear how you report someone else for poor practice which is why I never got round to escalating it.
Whoever signed-off on this product clearly made no efforts to perform the most basic of security checks; identifying this data leak did not require clever pen-testing, it was obvious (to anyone with a bit of sense) after just one go at logging in. Well done to whoever tests software for Hertfordshire's schools.
Despite my push for Linux, SWMBO clung to Windows because it was all nice and familiar. Then we went to help one of her friends set up her new PC. It had the version of Windows where the screen was covered in big squares rather than using the traditional "Start" button (can't remember and don't care which it was*).
SWMBO took one look and we've been Linux with Libre Office ever since.
*But to date it: I think the Ubuntu LTS of the day was 12.04.
I have been to a number of meetings where the screen-sharing presenter, be they local or remote, has had an email or IM flash up a little speech balloon thing containing stuff that I should not have seen.
I think a lot of people just don't think about what they might inadvertently share until it's too late.
I used to live opposite a railway station that was also close to the local army barracks.
One morning I had a knock at the door and was told by a police woman to stay indoors and away from the windows due to a suspicious package on the platform. This put me in the opposite situation to this week's On Call hero: the only safe place in my studio flat was the bathroom*. Sometime later I heard a short crack (gunshot?) then a little while after that came the all-clear: someone's lunch had been made safe.
One of my best late-for-work excuses: the bomb-squad stopped me.
* Actually, I did leave the bathroom briefly and glimpsed a robot outside heading for the station.
Agreed.
My barbecue is made quite literally from bits of my old kitchen. Metal sink with metal plug, four very long handles screwed into the sides for legs and and old cupboard door with holes drilled through which I hammered the legs (interference fit) to stop it wobbling. No rulers used, all quickly by eye.
A barbecue should be rough and ready.
A few quid? You woz robbed! Locking is illegal in the UK and carriers are obliged to unlock free of charge. I suspect the market trader just used Vodafone's online unlocking service.
When I trashed my phone last year I pulled an old Samsung S7 out of the drawer and got EE to unlock it for me free of charge.
Sorry to hear how you acquired the phone and I can understand that you probably had other things on your mind.
I once wrote a bit of code that randomly toggled caps lock, scroll lock and num lock to provide keyboard Christmas lights*, I wonder if that would have had the same effect.
I also knew someone who fashioned a simple cradle out of Blu-Tac that allowed him to place his mouse on its side next to one of those small, solar-powered, dancing toys to keep screen-lock from engaging whilst WFH.
*Can't remember the back story as to why.
Us right-pondians can get that way too. This morning I bought some "Sticks Like sh*t" and the woman serving said she'd been told off by management for pronouncing it like me (I said "shit"); she was supposed to say "ess aitch star tee" (as per the brand name). My reply "What? In here?" (a builders' merchant), was met with much understanding. Next time there I'm going to buy a bastard file.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
