* Posts by Lil Endian

247 posts • joined 14 Jul 2021

Page:

Razer ponders how to fix installer that grants admin powers if you plug in a mouse

Lil Endian

Re: WTF?

By golly, it's clean clear to Flag Town, c'mon. Yeah, that's a big 10-4 there, Pig Pen, yeah.

Robots don't smoke, says Alibaba, and that's why they deliver parcels so fast

Lil Endian
Facepalm

Maybe...

...if you paid your drivers a decent share of what you spent on trying to replace them they'd do a better job.

(No drivers, that's not an excuse to stamp on my next parcel. :p )

Lil Endian

Re: Elevators?

25 years? Daleks have been scaring the crap out of me way longer than that :)

38 million records exposed by misconfigured Microsoft Power Apps. Redmond's advice? RTFM

Lil Endian

Re: "Low-code platform comes with high expectations"

Yep.

Marketing tries to make all things consumer.

Cars do not drive themselves (yet). IT does not know what you mean (yet).

Drivers drive. Programmers program. Engineers engineer.

DdPpEe <-- Copyleft

This post has been deleted by a moderator

Lil Endian

4GLs

They tried it in the 80s, 90s... you can make coding easier, but you can't take the Muppet out of the show.

Poly Network says it's got pretty much all of that $610m in stolen crypto-coins back

Lil Endian

Meanwhile....

...back at the ranch, the curtains are drawn, but the house is real.

UK's National Data Guardian warned about GP data grab being perceived as going 'under the radar'

Lil Endian

Re: poster for GPs' surgeries

They should have to mail shot every home with this, and a simple link to a website to opt out in.

Senators urge US trade watchdog to look into whether Tesla may just be over-egging its Autopilot, FSD pudding

Lil Endian
Pint

Re: Appropriate Licensing

Yeah I realise the States is "fully automatic". I used "manual shift" as it's more of an Americanism AFAIK. "Stick Shift" would've been even better maybe.

I need to go all Bombastic Bob... lawl, that made me chuckle! [Heya Bob! :D]

Lil Endian

Re: I should sue for false advertising.

Obviously jurisdiction is important, so I'm talking England and not the USofA.

In English law the absolute definitions would be irrelevant, as they're essentially arbitrary. Rather the principle of the "Man on the Clapham omnibus" would be used.

I don't know if that's applicable across the UK/GB.

It would be reasonable for said Man to read FSD as meaning FSD, so clearly deceptive I would imagine. The courts may see it differently, but that'd suck.

Edit: conversely, the drink that advertises itself with "gives you wings" would not "fool da Man" - he'd have to be waaaaay below the average man to think the drink actually did give you wings! (or on some top grade A class) :D

Lil Endian
Holmes

Appropriate Licensing

In the UK drivers may learn to drive, and be licensed for, automatic cars only. They're then not permitted to drive manual shift vehicles (without re-testing).

Surely drivers wishing to use automated vehicles should be tested and licensed as such. They could be licensed for Level (X) automation and below.

Lil Endian

RHT-FSD

If L2 automation is sold as Fully Self Driving, what would they call L5 automation? "Really Honestly Truly Fully Self Driving"?

The misnomers are tantamount to cure-all snake oils, just wrong, and should be followed up as criminal misrepresentation. Legal action should be by the Government(s), as they (if willing) can out-lawyer the corporate.

OK, so you stole $600m-plus from us, how about you be our Chief Security Advisor, Poly Network asks thief

Lil Endian

Re: Poacher Turned Gamekeeper

I don't disagree Mike. I may be incorrect in stating the post was head gamekeeper - unsurprisingly there's not a blog or Guardian article covering this. I've seen it in print somewhere, but dust in the wind.

[1] In security loyalty should always be assumed absent. No agent, double- or triple- should be trusted. But they exist and are used. Loyalties do change genuinely. This case is unusual in that, even though it's almost certainly a crime there really was no victim as the bank was just evaporating the cash anyway.

[2] Agreed. I don't comment (or have info, referenced or hearsay) regarding other aspects of his skill set. There was no (security) breach.

As I can't cite any references, it's understandable if the anecdote is treated as myth. I personally accept it, both as plausible and through those that have relayed it to me.

Lil Endian
Pint

Re: Poacher Turned Gamekeeper

I can't stop imagining a programmer sitting at his console in shiny red pants!

And I know there are those of you out there WFH doing just that!

Lil Endian

Re: Mr White Hat ?

An actual white hat would never have taken any money...

I fully agree.

However, it does seem more and more like an inside job, either a theft attempt or a publicity stunt.

---

Mr WH takes funds.

Mr Poly gets cosy with Mr WH.

Mr WH climbs into bed with Mr Poly and secures their systems "to infinity and beyond".

Mr Poly claims "We're so safe! Run with us!"

---

If Mr WH does not go onboard with Poly it was probably a theft gone wrong, if he does it's more likely publicity IMHO.

Lil Endian

Poacher Turned Gamekeeper

In the '80s this happened with a major UK bank, one of the big five.

They knew one of their DP guys had fled the country with £Oodles. It was certainly "real money" and they knew he'd been putting it in a holding account before exiting-stage-left. But they had no idea where the funds had originated - there were no ledgers/transactions showing a loss, all balanced.

He was tracked down to Spain (I think). It was agreed the whole case would be dropped, he could keep the dosh and have a job as chief security bod at the bank if he spilled the beans and blocked whatever exploit he'd used. He accepted, and both parties held up their end of the deal.

How did he do it? He had noticed that in transactions involving exchange rates or interest etc, fractions of pennies [1] were being truncated not rounded - the fractions were disappearing into thin air. So rather than them evaporating he put those fractions in to an account he controlled. All real money, no trace.

[1] Many decimal places, word length I think.

PS. Does anyone else get pissed off with languages using "round half to even", aka bankers' rounding? It's crap for anything other than averaging out financial transactions, such as *anything using mathematics*. Fekkin bankers!

Pi calculated to '62.8 trillion digits' with a pair of 32-core AMD Epyc chips, 1TB RAM, 510TB disk space

Lil Endian
Coat

Mullican's 303

No wonder he got shot down if he used a Lee-Enfield.

Mine's the one with the extra clips in the pocket.

Boston Dynamics spends months training its Atlas robots to perform one minute of parkour almost perfectly

Lil Endian
Joke

Re: Fucking hell

I'm sure it'll be fine, the bots will use "regenerative recoil" to recharge their cells as they fire their AKs. The more they fire, the healthier they get! Win win!

Hang on.... :o

(x_x)

Lil Endian

Re: Question

In part covered by my post above ("explicit memory vs implicit memory")

I'll add to that that humans are here as, so far, we haven't failed a Darwin test. The bots we're making have to rely on us to be their "natural selection". We'll (they'll?) get there - if it doesn't work, try something else. But the evolutionary curves are at a very, very different point on said curve.

Lil Endian

Re: Quick learner

A significant difference is in the memory functions of the two entities (human and machine).

Explicit Memory vs Implicit Memory

Humans have both types of memory, and use their unconscious memories (implicit = non-recall).

The bots only have the explicit memories.

So the meatbag has the advantage, ergo the shortening in the learning curve human vs bot that you mention.

[There other factors that give the human the advantage..... for now muahahahaaaa!]

Un-carrier? Definitely Unsecure: T-Mobile US admits 48m customers' details stolen after downplaying reports

Lil Endian
Trollface

Re: "we have not yet determined that there is any personal customer data involved"

Your satire describes nicely how the poor(er) might will pay the price.

Well, we wouldn't want those unfortunate profit makers of the world to suffer just because of their own shenanigans - would we?!

Please Help George!

Lil Endian

Re: customer

I hope Troy Hunt has reserved some extra bandwidth to handle the incoming for you and others.

British defence supplier Ultra Electronics to be sold for £2.6bn to US-controlled firm

Lil Endian

Proxy wars are still a thing, carefully monitored coordinated by those with the vested interest. Keeping an eye on Africa?

Enemy image is still a thing, and required by governments to ensure that their population knows "we're right, they're wrong". (I'm not talking about oppressed populations here, just the concept.)

So yeah, major powers don't want an open show down, too costly. But sabre rattling is cheap. This applies to technological infrastructure attacks as well as open warfare. Tit-for-tat would ensue, and all parties would suffer. It's the new nuclear stalemate.

Lil Endian

Edit

ordinance

ordnance

Lil Endian

They will be dictated by the USA

--- They will be dictated by the UK via the USA ---

The UK owns the third largest debt of the USA. It's a meager ~$370bn compared to India (~$1.3tn) and China (~$1.1tn). But it's way past lend/lease.

The UK is doing what it does best - manipulating. It outsources its armed forces requirements to the US - armament, ordinance and personnel. It doesn't help the women, men or children that are its assets (that's what UK citizens are, assets of the state by definition - bye bye common law. No binding constitution. Not even a national flag.).

More dosh flows through the UK (offshore shell companies etc), ie the UK establishment, than any other nation.

Forget the mainstream press, or any other media. The UK establishment is very good at its international connivances, at the sufferance of its citizens.

Fuck the proles. Still, at least the weather's nice.... ahem.

China orders annual security reviews for all critical information infrastructure operators

Lil Endian

Re: Some jolly good ideas

Agreed.

...it doesn't show a continuous financial reward...

Much like Health and Safety.

Most H&S related incidents are limited locally, few have wide geographical impact (exceptions being core meltdowns and the like).

Because H&S risk is observable by the "commoner" it has been addressed. Yeah, it took a while. ICT risk is not so easily understood by non-techies (cf safe backdoored encryption as desired by FUD pushers). So, not only is pushing safeguards through legislation retarded, it's unlikely (in my mind) that it'll be done correctly. I'd like to optimistic and hope I'm proven wrong.

Lil Endian

Re: Mandatory Security Teams

Agreed.

In a thread a week or two back someone asked "What's wrong with capitalism?". You've answered that nicely.

Focussing on ICT, the unfettered reliance on information systems, specifically internetworking, by (essentially) all industries has created a house of cards. This is not only limited to capitalist states, but as you say, they inherently are not regulated sufficiently. This needs addressing by those knowledgable, ie. not politicians with a limited time in office. But parliaments create laws, so the relationship between the politicians and the "knowledgable" needs to be managed first.

Lil Endian

Re: Unusual - a bit of common sense from governments

IIRC for Y2K, all board members of Chinese air carriers had to be airborne at zero hour. Pretty compelling!

Lil Endian

Mandatory Security Teams

...establish teams to monitor security constantly.

Yes, can we have some of that please?

If private companies are to perform public duties (water, power etc) it would be nice if they put the service before the pocket (profit). But since they don't: legislate.

Apple says its CSAM scan code can be verified by researchers. Corellium starts throwing out dollar bills

Lil Endian
Thumb Up

Not Just iPhones

"I also think it's interesting that they're offering research grants towards doing research for any mobile devices and not just iPhones."

Well, naturally Corellium wouldn't have a singular focus on Apple for any reason would they?

*cough*

So, now it's the third party researcher that chooses the target. Corellium covered. GJ Corellium :)

Edit: Being less cynical, it is a Good Thing (tm)

Lil Endian

Yes, it's a diversionary tactic to bypass the scrutiny of precedence.

Pakistan's tax office services go dark after migration project goes awry

Lil Endian
Devil

>KZERRRRT< would be an honour!

Lil Endian
Pirate

Come on Simon! Baiting me with "migration" in the title, hoping I'd ask if the job was outsourced to Dallas PD? Well I won't!

Defo much more of a breach story than a migration thing. And FBR do seem to be handling it better than others.

More info required please!

US watchdog opens probe into Tesla's Autopilot driver assist system after spate of crashes

Lil Endian

Re: A solution looking for a problem

Re: bags'n'belts

I think it's an indictment of human stupidity in their arguments, rather than a view on the safety devices' causal influence regarding collisions.

Lil Endian

The phrase that springs to mind is "not road legal".

Lil Endian

Re: A solution looking for a problem

I can remember in the UK when seatbelts were becoming legally required. Arguments arose such as "It'll pin me to my seat and I'll die if my car goes under a lorry and I need to duck".

Lil Endian

Re: A solution looking for a problem

...we find it difficult keeping attention when we are not actively engaged.... it is a serious flaw.

Totally agree, cognitive loading is a huge issue in this context.

Those in jobs that require high attention to detail train, train and train repeatedly[1]. Even then, when they're in the "real" situation ("this is not a drill") they are human and therefore fallible. Any mistakes are fed back in to further training. They train to anticipate and handle cognitive loading, so handle situations better.

For the hoi polloi, reactions in pressure situations are more likely to be dire. No training. No anticipation. No contingencies prepared.

So giving partial automation to someone that's happy to "check on their dog" is simply daft.

[I've never understood why a driving license is essentially for life. Bad habits form. You can't (UK) hold a forklift license for more than a few years without re-testing. But 3 tonnes for Mercedes on a public road and off you go.]

[1] Think: advanced police drivers; fire officers; pilots...

Remote code execution flaws lurk in countless routers, IoT gear, cameras using Realtek Wi-Fi module SDKs

Lil Endian

Faulty ISP Configurations

"...faulty ISP configurations..."

Faulty by design (routers), eg. TR-069 port 7547 open, UPnP on by default etc etc

T-Mobile US probes claims of 100m stolen customer records up for sale on dark web

Lil Endian

T Mobile Statements

The statements TMob have made sound almost human. Not canned "We treat our customer data with the highest..." or "Security is very important..."

Either they're (relatively) honest, or their Eliza has some pretty sharp heuristics. Being cynical, Weizenbaum would be proud.

Dallas cops lost 8TB of criminal case data during bungled migration, says the DA... four months later

Lil Endian
Pint

Re: Take II

In lieu of multi-upvotes have a brew ->

(It was that or the keyboard icon! lol Cheers!)

Lil Endian

Re: This is why we still use tape libraries.

Yeah, like we had to when we were twelve on paper round money? Not a fekkin PD fer sure.

And if they tried that, the rolling migrate would totally be beyond them.... Hang on! Maybe you're right after all. :*(

Lil Endian
Facepalm

Re: DPD = DPD?

"Upon checking we appear to have lost the photo during a data migration..."

Lil Endian

Re: Impressive

Agreed. There are unknowns. But if they could store the data in the first place then there must be the ability to store the same data elsewhere. I really cannot imagine that budget would impede this considering the nature of the data.

As an aside, I remember looking at holographic storage decades ago (IIRC gallium arsenide & lithium niobate). I calculated that a cubic metre of the stuff would store all data ever generated in the universe. It was a bit of a bitch to actually get the data in there at the time though. Anyone know how that's progressing?

Back to reality though, as Cybersaber says above, tape is good, cheap, and it's never ending (ish).

Lil Endian
Pint

but I had to use your comment

Absolutely fine by me :)

...mission critical...

I wanted to mention the significance of this, but I'll condense it to: what fucking muppets!

Following your original post's title "This is why we still use tape libraries" then yeah, if it's critical data then use multiple media stored in multiple locations.

Here, I think we deserve one or two of these --->

Lil Endian

Re: This is why we still use tape libraries.

A backup is not a mirror site. The back up is performed. The backup is separated from the source then verified on a discrete system, then taken off line. (Put into a fireproof safe off-site and guarded by <insert superheroes of choice>.)

The migration is performed and the target is verified against the source.

Only when the new system is shown to be working is the source even considered for zeroing. IMO I'd keep the source for as long as is practical (to the heat death of the universe).

Taking the backup off-line prevents the fat fingered cock-up, as you say "if your backups are not also copied offline" - so keeping the BU on-line is numptyville.

they're still vulnerable to "who, me?" <-- I like that :)

Lil Endian

Agreed. But surely a 60TB NAS is within budget for DPD. What's that, £4K tops?

Edit: obviously that assumes certain things about the platform, but still...

Lil Endian

Re: This is why we still use tape libraries.

Agreed :) Where SOP != BestPractice

China warns game devs not to mess with history

Lil Endian
Go

Re: Factual Games

Everywhere.

Otherwise we just get bigoted, ignorant sheep spewing utter sheepshit.

Information is key. Communication is key. Education is key.

/stopbeforemegarant :)

Facebook and Amazon take over Philippines-to-USA sub cable after China Mobile quits

Lil Endian
Joke

Re: Subverted by US (tm)

Hehe, I'm sure you didn't!

Although perhaps we're in the wrong forum, as "Amazon Facebox Cock Vore" belongs here!

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2022