2274 posts • joined 10 Apr 2007
Re: Gave up on stupidity a while ago
I'm speccing a new website service and am semi-seriously contemplating not bothering with passwords at all and just emailing the user a one-shot login code. It's not the kind of website service that a user is going to use very often, I suspect once ever or maybe once every year or so and forcing a user to deploy yet another password just for this seems a but silly when I suspect that the most commonly used function on the site will be "reset password".
Re: Page scroll stuttering
On demand image loading is "fine", however the new site appears to be performing processing even after the images are loaded, which is almost certainly what is causing the stuttering.
The old site, using the same browser, and all that, exhibits none of the same problems, therefore it is something related to the new site code.
I'm not "holding it wrong" :)
Page scroll stuttering
Something I've just noticed is that with the new design the page noticeably stutters when images are scrolled into view. Switching back to the current design this does not happen. Disabling JS also stops this unpleasantness as well, although it also means there are no images...
Re: Lines, lines and other visual distractions
CSS media selectors can be used and the images shouldn't be loaded unless required. This would require using CSS for the article image which isn't hard, but possibly annoying depending on how the output code works.
Lines, lines and other visual distractions
The sheer number of lines are visually distracting - as noted above already the brain will automatically make lines therefore adding so many of them doesn't add anything - in fact it makes it unnecessarily complicated. Not quote as bad as the "stacked chocolate box" of GUI designs that was inflicted on users quite a few years ago.
The article age and comments indicator are unnecessarily intrusive compared to the content itself. What si more important? The article teaser text or the age and comments indicator?
Re: I HATE IT!!!!!11!!!111!!
...and an animated "under constuction" gif
But haven't we always been at war with Eastasia?
Re: Data Controller
A link helps when posting URLs.
Not all users can post URLs.
Re: Data Controller?
In this instance the ICO is a 'third party' and neither Data Controller nor Data Processor. This is similar to 'recipient', which is the usual category for, for example, IT support for an application that stores Personal Data where the other organisation can access the data but doesn't do any "real" processing of the data. The difference is that 'third party' has a specific legal meaning.
PCI is very prescriptive and focussed about most things unfortunately this means that because of this level of proscription and focus, elements that are not specifically covered are missed out entirely because the rules don't cover them, even if they should. The more specific the set of rules, the more holes there are in them.
Re: run the numbers
The fines are the for repeat and flagrant offenders, particularly those that don't even try to maintain privacy. While there is an element of punishment/risk in fining organisations after a breach, if the organisation that was breached behaved well and did what they could and it's a first incidence of the time then they are quite unlikely to be fined. If you're a large, or well funded organisation, and don't do your best you will be in trouble though.
On the other hand, the buggers whose business model is hoovering up personal data directly and indirectly and then using this to build profiles of the data subjects and the data subject's contacts... they will receive fines regardless of a malicious breach.
Imagine a patent on organizing computer files being used against online shopping sites. Oh, it's still happening
.... so, in other words, a many-to-many relationship. This kind of thing is very easily implemented in a relational database, let's pluck one out of thin air "SQL-92" (note how this standardised SQL predates this claim), and has been part of standard teaching of SQL/databases since before that time.
Privacy Shield was worthless from the start, just like Safe Harbor (was). Until data rights become a legal obligation and not a voluntary agreement with no real enforcement potential then there can't be any data protection equivalency.
The EU very much believes in its right to all of what you thought was your property.
Name a national government that doesn't?
Re: Apple are shit nowadays
I would suspect that the first shipments, targetting the idiots who queue outside for a phone, are air-freighted around. After that slower, and cheaper, methods will be used. Air freight is especially punishing for heavy items, iPhones, including their packaging, are rather light and non-dense therefore while air freight will be expensive compared to shipping, it will not be prohibitive.
And usually a basic firewall/router separating the critical, but non-updateable PC that operates this kit, from the wider network is all that is required. The unpatched system shouldn't be able to affect kit in the wider network and vice-versa.
Not always possible, of course, but usually is.
About as good as the "training*" provider that was in the press the other week for fleecing the UK government for 'ludicrous' GDPR training: http://www.wired.co.uk/article/gdpr-parliament-house-of-commons-cost-data-protection
Why? Because once you have a URL to their training site it's a trivial matter to manipulate the URL to see the list of other user organisations (even to access some of them), see a lot of setup details and a lot of documents that probably shouldn't be available online. Disclaimer: I didn't do anything more than change a URL and use their web server's provided directory listing, so no "hacking" required.
Their other gem was a training module was that firmly rooted in the past decade, not working in many browsers due to the necessary popup restrictions, but at least it wasn't built using flash. The best part: you could print a completion certificate without even completing anything!
* Training, as in doing their best to scare organisations into further training and consultation all the while getting basic GDPR principles wrong.
Re: The ONLY things going for it were
Pardon me for being too young to have any relevant experience*, but the stories I've heard were that '98 was the good one when compared to '95 and would be the gold standard of Windows Operating systems until XP was released.
It wasn't bad really, as long as you stuck with a couple of basic rules:
- Never ever, ever, ever apply an in-place OS upgrade. Want to upgrade from Win95 to Win98? Start with a blank hard disk. The same goes for the upgrade from Win98 to Win98SE, although that was a little less painful and anything to Windows ME, or just ME in general was best avoided. The most unstable instance of Windows XP I ever came across was one that started life as Win98, the Win98SE, them WinME and finally a much suffering WinXP.
- Never install the Internet software stack from AOL, or Compuserve (and doubtless a few others). The bundle of crud combined with appalling installers and appalling assumptions was enough to ruin many a PC. Later this changed to never use a USB modem or ADSL adaptor, for similar reasons.
Having previously worked in an organisation that was focussed on monopoly, it was a desolotate and disappointing place. Rather than focus on the strengths of the organisation and work to produce better products and services, every staff meeting was a discussion of how competing companies had been edged out of tenders, how the market share was recorded and how, on the occasional loss to a competitor, how the purchaser of a competing product/service would be worked on both directly and indirectly to make sure that they knew their mistake and that our product/service was better. Even when it wasn't.
It was a soul destroying place, with customer service and the referrals generated through reliability and good service steadily worn down and eroded in favour of a "sell, sell, sell" culture that often sold impossible dreams and systems and services that were nothing short of lies. It didn't matter though, as long as the customer was tied into a contract.
Re: Technical, English and Idiot.
Never argue with an idiot. They'll bring you down to their level and beat you through experience.
Re: Edge aka Trident 12. No thanks.
I suspect that among the El Reg commentards there are very few fans of Edge.
First impressions count, of course, and starting with Windows 8 it was a resounding failure on every measure except when compared to older versions of Internet Explorer and even that was tenuous. Regrettably, while it has improved since, it's still a long way behind the other browsers on usability, performance and features.
To make it worse, configuring the damn Operating System to force the use of the damn thing regardless of user preferences, to make switching away from it to another browser a trial of "are you sure" messages and to make it effectively unmanageable using group policy don't endear it to professional users or system administrators.
Re: Whatever happened to ...
In my experience one of the key problems with the early iterations of Wirth's Pascal and ADA (and Modula/2) was his obsession in having to have a single pass compiler and how just this one thing tended to ruin a real-world developer's life. That and almost no supporting libraries or direct access to anything useful system-wise.
Re: I have a simple plan...
With you on the pretty picture or the hardware wish list? :)
Others have already made comments on the hardware wish list. However something that would help with performance mitigation is processor architectures that have considerably more executable cores, likely with different requirements and capabilities depending on task/process requirements. This would require potentially substantial changes to operating systems and many applications would have to be updated to "request" the appropriate processing requirements but it would allow a good deal of optimisation of use. For example, an audio decoding process would not need a huge amount of CPU power but does require very regular servicing (there is some support for this kind of thing already, but more would be better).
Re: Ah. And a Response to Something Relatively New for Doing Private and Pirate Deals With
I think I may have a problem. A serious problem.
I've just read the entire of two of amanfromMars's posts in the space of a few minutes and my brain is now going to suffer for the rest of the day. Luckily it's a Monday and nobody is likely to notice because I have long perfected the blank look when somebody foolishly asks me about that something that happened the other side of the weekend...
Re: Hard as I try...
I'm not up with the latest features of the latest x86 CPUs but common sense would indicate that there should be instructions that will flush the hardware executable environment, including the pipeline and speculative caches.
In this case the task/process manager of the operating system could ensure that such flushes are performed however the more rapidly that processes are switched between (to give the illusion of parallel execution) the more such a change would affect the performance of the system.
Any thorough solution is likely to require both hardware and software changes, with a certain level of fallback capability within the hardware to cover non-supporting operating systems.
Re: Hard as I try...
Or to just wonder how, and why, an interpreted language that is designed to execute within any compliant webbrowser, on any Operating System, on any hardware/virtual architecture can somehow access the low level CPU state.
Re: Performance on maths code?
OS aside, aren't there CPU instructions to store and restore all registers for the purposes of context switching? This takes the requirement away from every OS to somehow know exactly how many registers there are in the CPU that it happens to be running on. i.e. an older or non-updated OS running on newer or slightly different hardware.
Re: I have a guess! - I'm going to say "Flying". Until it wasn't, of course.
Or another one from Douglas Adams:
There is an art, it says, or rather, a knack to flying. The knack lies in learning how to throw yourself at the ground and miss.
Apparently this drone did not miss.
Re: Counter-terrorism police?
I suspect it's the case that where industrial espionage starts to transcend national borders that it becomes international espionage. Which is, of course, slightly different to terrorism even if the same agencies are involved.
EE WiFi calling
Urk! I tried that once, maybe twice. A most horrible experience. Have phone, have contacts, have messages. All fine. Then have an almost indescribably bad app that's unstable, ugly, hard to use and has a different set of bloody contacts, call history and messages.
I deleted the app, and probably deleted it from my app/play store account as well just to make doubly sure.
Maybe an attempt to cater for the unusual readers? :)
Although to be fair to WordPress, the core WordPress code, as horrible as it is, is pretty secure and updated regularly to ensure this continues. It's the thousands of really poorly implemented, barely supported/supportable plugins that are the most serious security issue with WordPress.
Of course, if updates are not applied...
Re: Cashless Swedes
Prepaid cards? In many ways as long as no credit is involved it's no less secure than cash. Until details are entered online of course...
Re: will need an Intel display adapter
For a virtual doubling of battery life? I kept reading.
No, for a 50% reduction in display power usage. On a typical laptop the display is not the most power hungry component.
Re: Cheap, cheap, cheap.
Unfortunately there is a lot of sustainability in this funding model....
Police stations are often in prime locations and therefore being sold off for good amounts of money. Police stations are often then merged and new buildings built using PFI arrangements. The same PFI arrangements that worked out so well for the NHS that trusts are now saddled with 25-50 years of crippling debt repayments and expensive servicing costs way beyond what it would have cost to just pay for the thing in the first place.
... unfortunately the funding sustainability element is not to the benefit of the public.
SAP? Why, unless you have an enormous amount of money to waste, would you ever use any of their products? They do their level best to make them as unusable and unmaintainable as possible, from every direction, while also playing a fine game of hide the documentation (what little there is that is actually worth anything) and screwing over their developers and customers equally.
Re: Dennis the Menace and Lord Snooty.
I was wondering earlier today what kind of *ist people voted this blight on society into any position of influence. NE Somerset... that probably explains it. One of the most blighted parts of the UK due to government policies and profiteering voting in a criminal*.
* If any non-politician said what he says, they would be up on hate charges by now.
Re: Possibly a Stupid Question...
Dark matter and dark energy are constructs to try and explain deficits in the current theories. With a bit of luck the theories will be improved and research such as this will probably help.
MailChimp have it so spectacularly wrong - pretty much on every point, not helped by some of the, ahem, "less well informed", staff at the ICO.
One totally wrong claim that they tried making is that they are not a Data Processor, because somebody at the ICO said they were exempt, for no valid reason whatsoever. They are categorically a Data Processor, with the client organisation being the Data Controller. This isn't an uncommon arrangement and is very simple and needs nothing much more than a simple Data Processing Agreement between the two parties. On MailChimp's side they must ensure that they stick to the terms of the Data Processing Agreement and in particular do not export or the data to third countries, which is pretty much any country outside the EU - in particularly regimes like the US which have no data protection laws whatsoever (Safe Harbor was worthless, Privacy Shield is equally worthless). "All" MailChimp really needed was to implement EU servers and to restrict access to these to MailChimp EU staff, which is something that they should largely have had in place anyway.
Just one of the reasons why we recently chose a different bulk mailer...
Re: So where is the news here?
It's not really news, it's pretty much a confirmation of facts... Dodgy companies don't care about ICO fines, they are just a risk factor to their business. When the ICO come visiting they'll drag things on as long as possible and the owners will then just close the company and start another purely to do the same thing again, just with a different company name. Until the company owners and directors are held personally accountable, this process will just repeat itself.
Re: 'Ye cannae break the laws of physics!'
...dont' forget the double sided sticky tape!
Given previous form, Microsoft will use the same public IP addresses as vital services for utterly unwanted ones, making blocking near impossible.
You only have to try and use IE browser in protected mode on a server and to access the KB links (linked to in Microsoft logs on a Microsoft OS) that don't work on the Microsoft KB website because
(b) there are many other random resources on the web page that also happen to be "required" for the page to load, or work.
Re: Msft Employee Perspective
It's amazing how people get GDPR so wrong...
The basic principles are:
1) Collect only the data necessary for the process, or processes, that the data is required for - do not collect other data "just because".
2) Only use the collected data for the process, or processes, that it was collected for.
3) Dispose of the data when it is no longer necessary to keep it.
There are six different permitted reasons for consent, the weakest one is explicit consent, i.e. an individual providing their details and specifically agreeing to the processing. Others, such as the collection of data for the provision of goods or services, are implicit and do not require that an individual specifically consents to their data being processed. The "right to erasure" is not all encompassing: if an individual explicitly gave consent then they can remove this consent at any time, which covers the explicit consent reason. However, if an individual provides data for goods or service then in many ways the "right to erasure" has little impact because an organisation is not required to delete factual records. An organisation should reduce the details held on the individual and to ensure that no further processing that affects the individual is performed, but that is different to complete erasure.
For example, if you run an online or mail-order shop, you do not have to delete all records of an individual that placed an order with you. You should delete, or at least reduce the information stored, after a defined period of time but that's it. On the other hand, if the same shop has a newsletter or something similar, then this is separate data consideration and this is entirely optional and an individual may require that their information is erased in this regard. Linking the purchase of an item to a subscription to such a newsletter in any way other than a very clear and optional opt-in is forbidden post GDPR, it's not permitted to make subscription to such a newsletter a requirement to the purchase.
Re: Show some understanding, people
For many years the Microsoft path to software "efficiency" is to throw more hardware resources at it. I don't recall any real instances where they've genuinely made something faster and more efficient.
If you've ever had cause to step through code at the CPU level you realise that not only is the shitty x86 instruction set wasting huge amounts of time juggling and swapping registers around, but much of the Microsoft code (i.e. libraries, variant hell, .net string handling, etc) spends huge amounts of CPU instructions not doing anything particularly constructive for the code it's meant to be running. While we don't really have to have efficiency everywhere, the level of inefficiency is staggering and whe e this is in lower level libraries then this rapidly escalates to affecting the entire system.
Petrol, handled properly, is actually pretty safe.
Yes, it's the petrol fumes that are particularly explosive. Which is pretty much how a combustion engine works, with a large surface area for the oxidisation of the fuel (very small droplets of fuel = large surface area) producing a lot of heat which expands the gaseous (non-oxygen) content of the explosion (ignition) chamber, thereby generating movement.
In simple terms, the larger the surface area of the fuel as it burns the more of it is that is burnt in a given time frame and therefore the more efficient the engine. Petrol is not particularly explosive (otherwise it would be a very bad fuel for general use) and it strikes a rather useful balance between being burnable but without "help" is not burnable in a run-away form, as in an explosion. A party trick that I would not advise: pour petrol into a (relatively narrow and non-deep) container, light a match and extinguish it in the petrol. There should be a small flash as the petrol gas that forms over the liquid is burned but as long as the container is not too deep nor not left too long this is very short and the match will be extinguished in the petrol. Do not try this. Certainly not at your own home.
The display is often the biggest killer on battery life on a phone. WiFi, and mobile data, are surprisingly efficient as long as there isn't any connectivity (base mobile station/WiFi router) hopping going on.
They should rename it to mammal-in-the-middle attack. I've always suspected that those server hamsters are stealing user's infos.
My goodness! What primitive looking technology you have there. You didn't even invest in the "turbo button" which, for those that weren't in IT at the time, was a very clever button that was linked to a mechanical hopper arrangement which released sunflower seeds into a transparent holder just out of reach of the central processor unit. Due to potential over
heating issues it was important not to run with the turbo button pressed for too long.
But this is *positive* gender stereotyping...
But surely this is positive gender stereotyping...
This evil, nefarious, good-for-nothing person in the middle is, of course, a "man". No woperson would ever do anything nasty. As a result of this, wopersons are not associated with this crass classification and smearing of their indirectly identified with gender, should they wish to identify with one at all.
I'm sure this makes perfect sense for at least one of the nutters who is doubtless getting very angry on somebody else's behalf. In the meantime, I'd like ships to stop being referred to as "she", because - well, just because. We should also delete the French language from existence because it, like many other languages, crudely assigns gender stereotyping to inanimate objects.
Re: I'm baffled
Unless you've agreed to location services in your contract/EULA - which you likely already have - since the carrier can update their terms any time they want.
Meanwhile, in the civilised/free world, a corporation may not meaningfully change the terms of a contract without agreement from the other party - explicit or implicit will do. While this is frequently abused the legal situation is that both parties must agree to a contractual change and if either party can demonstrate that they were either not adequately notified or given sufficient notification of a change in contract then the new one is null and void and the prior one still stands. It gets rather messier if the terms change "substantially" in favour of one side of the contract as this may cause the original contract, and all attached terms and conditions, to become null and void and this is particularly the case for monopolies, or near monopolies. For example, if you don't like the terms of a new contract then the exit clauses (penalties) of the prior contract no longer apply. This goes both ways though.