Posts by John H Woods

"All in a day's work for a civil engineer. Who'll also know who keeps plans of what is buried where and how to read them. And can tell you in advance which permissions you'll need and how to get them. And at least a good approximation of how much it will cost. And how to set everything up so it will actally work." --- allthecoolshortnamesweretaken

This is true, certainly of making holes in the ground ... as in the ancient joke: if you look up "Boring" in the yellow pages it says "see Civil Engineers"

Re: Too F***ing Late...!

"I probably should have bought a larger 6/8-bay device from the outset and used RAID 5" -- paulf

Dude, no. Just no. I'd recommend 6 disks and RAIDZ2 but other sensible options are available; RAID5 is not one of them.

"As long as it is generally secure to operate"

ah, about that ...

Re: It's only a matter of time ...

@LDS, I mostly agree but still think snapshots can be used ...

My home ZFS box snapshots itself every minute, whilst another cronjob tidies snapshots periodically (keeping a few hours' worth of per-minute snaps, a few days' worth of 6-per-hour snaps ... etc., etc., ... down to quarterlies which are never auto-removed). None of the remote users are sudoers; root cannot log in remotely; so I think snapshots can only be removed from the console.

I have, very recently, deliberately infected a client machine attached to this storage, and sure enough it immediately started encrypting every file in its network attached folder (in fact, one of my monitoring scripts on the ZFS box mailed me to tell me that there was a huge peak in write activity). When it subsided, I successfully recovered all the test files from snapshots (although I cheated and just went for a the last snapshot before my deliberate infection: if I had not known the date of the infection and the files had been changing there'd have been a bit more work to do (I'm trying to work out a decent way of automating this).

One could create and market a NAS box which was "reasonably ransomware resistant" using a number of similar approaches.

"Backups should not be local" --- agreed, because of fires, theft, etc. I'm not remotely suggesting that snapshots replace backups. My box makes encrypted copies of my most important files and dribbles them up to Dropbox.

But it seems to me that there is no technical obstacle to "reasonably ransomware resistant" local storage.

Re: Oh tomato tohmahto..

viridae is probably the word you were looking for ;-) but come on, it's all a bit of a laugh, isn't it?

"Don't forget this legislation is the UK government trying to legalise what it already does"

No. Sure, GCHQ do whatever they do. But the requirement for ISPs to store all history, and the requirement for them to pass it to any number of other bureaucrats (and, given outsourcing, to any number of private companies) without any reasonable form of oversight --- is all absolutely brand new.

Re: More Magic Technology

Meanwhile the UK's own DaFT is proposing "new technology" that blocks mobile phones in cars.

Re: Universal Credit

"If we are just improving the lot of one portion of the population, and that comes at an overall cost to everyone else, then we need a more refined approach." --- David Dawson.

The statistics are pretty much irrefutable: since the heydays of 60s optimism and social mobility, we have been improving the lot of just one portion of the population: those who need it least.

Re: @Lee D

"You pay for a better clock signal to get a better start in terms of GPS positioning. The clock in your handset is also a critical component too." --Ian Michael Gumby

I thought the point of having a four satellite fix when only three would do* is so that the receiver can calculate the single offset factor that would make the intersection perfect, and that this is the discrepancy between the receiver time and the (synchronised) GPS time.

Disclaimer: I am not by any means a GPS / geolocation expert.

* ok, I realise that the intersection of three spheres is actually two points rather than one, but one of these is way out in space somewhere.

"It hardly profits from it. The revenue barely covers the hospital and disability costs that result from smoking: lung cancer, emphysema, and many other disabilities" -- Richard Plinston

I am very far from being a supporter of smoking. But the direct cost to the NHS is somewhere between 25% and 50% of tobacco duty income (which is around 12B pa). The most significant spend on the NHS is the elderly, and smoking is quite an effective cure for that.

Re: Insert joke

... when you put viola players at the violin desks ... ?

Re: Saving space

"As far as I know, emojis are implemented as Unicode multi-byte characters, so the rebus of seven pictures of a woman probably consumes between 14 and 28 bytes." --- Kubla Cant

It's 4 bytes in UTF8, so 28 bytes. But you only need 8 bytes for "7sisters"

"The report mixes UK and Britain" --Phil O'Sophical

"Britain" doesn't have a formal meaning, it's quite acceptable, or at least commonplace, to use it to refer to the UK. Great Britain OTOH is the big Island in the UK.

Re: @Ivan4

"

'I'd still think it was somewhat troubling that a foreign power had interfered with it.'

Why is that? I would be extremely surprised if any election in any country, EVER, has not had some measure of at least attempted interference/influence from a foreign power. It's BAU for most governments." -- eldakka

Hey, I wasn't born yesterday; I didn't say I'd still think it was somewhat troubling that a foreign power had attempted to interfere with it.

Re: Trumpity Trump

Bob: "Do your OWN study"

What if I've done my own study and come to these conclusions

1) we are entering a natural warming period, but we seem to be entering it very fast

2) that seems to be as a result of human activity

3) there are other good reasons for investing in carbon free energy (pollution, air quality, finite fossil fuiel)

4) it seems unlikely that there is a global conspiracy of green scientists, even IF they are mistaken

Does that make me a howler monkey? Does it make me your intellectual inferior? Would you take my views more seriously if I said I had a significant scientific background? Or does that mean I'm just a co-conspirator? Maybe if i just used CAPS LOCK as much as SOME PEOPLE you could take my views SERIOUSLY.

Re: Ridiculous

"if I have a frontdoor made of cardboard (not the case) and somebody kicks it and nicks my stuff, it is the burglar who is responsible. Not the victim." --- Aitor

Allow me to fix your analogy:

You have offered to look after other people's stuff for them. You have a cardboard front door. Somebody says, hey, look, Aitor's got a cardboard front door. Somebody kicks it in and nicks not YOUR stuff but the stuff that other people have trusted you to store for them.

Any clearer? I would say that the person who said "Hey, Aitor's got a cardboard door" is probably less guilty not just than the person who kicked it in, but also than you yourself.

Re: Oh, here we go again!

"The fines will do nothing but take money from where it's needed and the company responsible is unaffected."

I can't see what you're railing against. Would you like a European Commission that had the legal power to tackle corporations? Or would you prefer that after a mutual agreement of their members to address air quality, they took no enforcement action at all when some members lapsed from this agreement?

Re: ...and the proof is...

"No room for the vast majority of mischief makers" --- Dr.Flay

Not saying you're wrong, but what's the evidence? My instinct would be that the majority of hackers are interested in making money, whether through criminality or state sponsorship, that it is a smaller group who are interested in hacktivisim, and perhaps an even smaller group that genuinely just does it for the challenge.

Re: Brexit means brexit.

"We have a definitive answer ... some people who think they're smarter than they are think that invoking article 50 is the job of parliament because it affects people's rights" --- streaky

If we're talking about people "who think they're smarter than they are" could I respectfully suggest that includes those who think their legal understanding exceeds that of the members of the UK Supreme Court?

Re: They're under our beds!

" We therefore need a "not these people" box which triggers a re-election with all different candidates" --- Lusty

Agreed --- and compulsory voting. In fact the boxes should have rankings, and the no-vote boxes should have the following flavours:

a) I don't care

b) I care but don't feel I have enough information to make a choice

c) I have enough information but do not want to vote for any of these people

Re: Not just BT

"I'd like to think my PC is being shut down properly before I power it off" --- soulrideruk

Hibernate is power-off safe: the state of the O/S is written to disk (whereas "suspend" states require the maintenance of some power to RAM). The problem here is that starting a hibernated system reads the same broken state back from the disk rather than the O/S setting itself up "from scratch"

"I just thought I was one really weird autistic" --- Jack of Shadows

I heard about it through this BBC article, which contains a short test. I am boringly average, of course.

Re: Arseholes

"The books are not impressed by the TV show" --- AC

That's ridiculous, Ser. The books are wonderful, but this has got to be almost the best adaptation that was actually feasible. Each TV season is about 1000 pages of text boiled down to less than 10 hours of screen time. Given the circumstances it's about as faithful as it could possibly be.

Re: It's a bit disappointing

It's the synergy of posh and utilitarian that forms the ultimate access blogging combo --- standard English, spectacles and a decent suit on the one hand; hi vis; steel toecaps; hard hat; clipboard or ruggedised laptop on the other.

An engineering colleague of mine pointed out the delicious irony that struggling with a ladder (and therefore having both hands occupied) will get you ID-free access to a lot of places where, if anything, the guards should be more suspicious of those so equipped!

Re: OpenCAM?

Some people are already working on this, e.g. https://blog.tho.ms/hacks/2016/08/28/openwrt-on-logilink-wc0030a.html. It seems a promising approach.

Maybe a partial solution to IoT devices is that manufacturers must make the devices user-modifiable the moment they stop supporting them (which in many cases is the moment they leave the factory).

Re: This, because we can't overwrite files that are in use.

"But it needs you to have the PC rather than a remote hack." -- AMBxx

The main purpose of whole disk / volume encryption is to protect the contents from people who have gained physical access to the computer.

Re: Here's a story about vaping

"the vapour of an unknown chemical" -- AC

Not really that unknown. The vapour is water, glycerol, polyethylene glycol, nicotine and flavourings. Unless you are getting really dodgy liquid the nicotine will be pure and the PG and flavourings will be food grade. PG has been inhaled for 70+ years in asthma inhalers, so I think a correlation with stomach cancer would have popped up before now. We probably need to wait till 2025-30 to see how safe vaping really is, but it is already easy to see that it is not as dangerous as smoking by a country mile. So much safer that the Dr mentioned may well be increasing the population risk simply by expressing his almost certainly unjustified opinion* in a careless manner.

*if they had really noticed a strong correlation, unless it has only just been observed, they would have published something.

Re: As artificially-intelligent software continues to outperform humans at various tasks

Mage, whilst I agree that "a so called 'Neural Network' doesn't understand anything" I think that

"a special kind of database implemented, in a sense, by data flow programming of identical processes." could well be a description of a brain.

My prediction: we'll have AI that can "understand" things long before we ever (if we ever) understand what understanding really is.

Re: It's simple

"There is a very simple backdoor in SSL/TLS based protocols ...

... 3) decode encrypted traffic using server private key (see Wireshark etc)"

Not if the peers use foward secrecy