Posts by Max Pyat

Troll

Re: Trust the government / security services / police?

I'm presuming then that in your schema, everyone involved in the fighting of WW2 was/is a criminal?: Given that armed forces on all sides prosecuted attacks that killed civilians both directly and indirectly.

By your calculus, it would always be illegitimate for example to try and stop the Holocaust and death-camps if doing so involved attacking a single civilian (even if your enemies had no such reservations about targeting the civilian population on your side).

Your "analysis" of the Jean Charles de Menezes murder is pitiful. In particular how having spent two paragraphs on a spiel that even an entirely just cause can't "justify attacks on civilians", you then take a rather specious cause "fear of further bomb attacks" (fear!) and use it to justify the murder of a civilian by incompetent and negligent security officers (and the failure of that system to hold itself to account).

And no, security forces don't get to just say "we're human, we make mistakes". Anyone making that argument needs to be sacked (no hyperbole, they are not fit for the job). In a HV substation, if a technician throws a switch and kills a colleague, he can't say "I'm human, I made a mistake". Nor can his management. There has to be a full analysis of the entire system of controls that failed and allowed that to happen.

Only non-technicals/"civvies" will say stuff like "these things happen"/"he's only human"/etc.,etc.,

Re: Hmmm...

I'm sure they weren't just ordered to change jobs (of course that wouldn't work on its own, but Musk isn't that stupid)

They were probably also told to change their email sig, their profile updated in the corporate directory, and maybe given a new T-shirt with the job title on it.

Re: Bit ridiculous

That's fine, of course.

But you don't necessarily get to tell other people how they are supposed to feel or react. If they object, then that's fine and I don't see why not to respect that.

Re: Sounds like M$'s Github Copilot all over again then?

In principle various open source licenses would cover this, e.g. that AI generated code based on GPL must also be GPL, and if you'd published under GPL it would be a "good thing" for GPL code to spread in that way...

However as Ken Hagan points out, wealthy entities will ignore that as much as they can, and will be almost impossible to hold to account. Layers of AI tech will further obfuscate what's actually happening.

Re: gotta be the crypto mining

I think their point was that Ireland was at least probably a better place for crypto mining than the UK.

Re: Cliffnotes

His is literally what every sucessful modern economy has done. US being an object lesson having wholesale stolen IP from UK and elsewhere during industrial revolution

The western economies built up in 20th century were often facilitated in this (Korea, Japan, Germany) by US as part of effort to form a bulwark against Communism, rather than having to "steal", but dynamic the same

Re: Idiocy

Revolute is one,

Im reasonably happy with them overall

Re: Legal opinion

Of course you can get the legal opinion, however that does not remove liability should a court look at the question later and form a different legal opinion

Re: Bully boy tactics

setting a default browser is a "standard practice" too.

However, once you reach a certain scale, there are competition law restrictions on what you can and can't do. This certainly has a market-abuse smell about it.

Re: At last some common sense -- but will politicians listen?

Except they aren't going it alone. They're working hard on building up links in Africa and elsewhere.

Meanwhile, outside countries just see the US imposing sanctions and punishing countries for essentially "getting above their station". From a third country point of view, US/UK looks a lot more threatening (and in fairness, a lot more unstable and unreliable: Iran Nuclear Deal anyone?) than China.

Re: How do they do it?

Did you read the document you linked?

It is almost impossible to apply and leaves you open to challenge due to subjectivities.

I've worked in large scale procurement and it's incredibly hard to use bad past performance to exclude vendors. In particular, the assessment is always, IME, based only on what you receive as part of the process so you've to be super careful and clever if youre going to exclude on past failures.

Three pragmatic approaches I've used:

1) BEFORE you tender: bring the supplier in for repeated bollockings on basis of their current poor performance. Make it incredibly uncomfortable to be your supplier. Verbally, and as clearly as you dare, leave them in no doubt that if you seem pissed off now it's nothing to what you'll be like if they wander back in to sell you more. Make the individual agents of company believe that you'll hold it against them personally in future; even if they turn up representing a different company in the future.

2) Again, BEFORE you tender, get the supplier black listed because of their performance or because an investigation is ongoing. Hard, and might not stick when you actually launch tender, but good if it works.

3) Most by the book, but hard: Set up the assessment criteria to heavily weight what the bad supplier is bad at. Hope that they don't manage to spoof their way through it

Fundamentally, it's hard to punish your current suppliers for their failures in next tender. But it's almost impossible to punish them for failures serving other customers (e.g. for DfE to punish Capita because they made a balls of MoD contracts). Some of it is regs, but it's also the asymmetry. They know directly the scenario, you (e.g. in DfE) have indirect hearsay, and beyond that end up relying on the submissions of your vendors (read the linked doc!)

When I've intimidated/deterred a supplier to f*** off, it's only ever temporary. When/if they turn up again in 4 years they will explain that they've been on a big quality/improvement drive and are now so much better. And you have to give them a fair shot

I think the risk assessment comment is almost the key one.

The scenario painted is of companies that find handy open source projects, and then build critical infrastructure on top of that: paying nothing and assuming the project will be there forever and will deliver the bugfixes and features the companies need.

This might well be the case, but if so the fault is entirely with the companies using the software: they need to assess and manage the risks. If you're buying from a commercial vendor, you put clauses into your contracts. If you're looking at an open source project, there are ways to do that too.

On the positive side: the article highlights just how little money it would take to bank-roll some of these projects.

Re: "Only problem was keeping all my devices in synch"

Yes, lots of options.

I have a git repository on my local network, and keep the encrypted keepass file in that.

Then when I'm at home with phone, I can run a one liner in termux to synchronise the phone's git repository with the local server. Ditto for laptop and desktop.

The restriction is that you really should only edit on one device, as there's no way (obviously) to merge changes made in parallel via the version control system given it's a binary file. But on flip side, I don't move file to uncontrolled cloud services.

Re: Should not have Netherlands VAT ...

Not quite, and in fairness, Seagate make it all rather clear:

"In addition, while it is correct that the customer is responsible despite the warranty, the customer will be entitled for a VAT relief. If they declare the replacement as outward processing relief at export. If the customer fails to do so, then yes, it is up to the customer to pay for the VAT, and this is a Brexit consequence: VAT is charged when products are crossing the border."

So all that's required is for the customer to prepare export documentation and file it appropriately with HMRC or Customs & Excise or whoever it is these days in order to secure a VAT relief that can be applied against the import of the replacement (or repaired) HDD when it comes into the UK later on. There's probably not much more than a couple of days administrative work required on this (between reading into the processes, documenting it, etc.,), plus whatever administrative checks are needed at the border to make sure that it's all legit.

And one should not forget the most important thing: these are proper UK regulations vital to taking back control. This should not be confused with awful EU red-tape that presumably was in the background of the old system where Hard Drives would shoot back and forth without any proper UK control on what was happening.