* Posts by Nick Ryan

3751 publicly visible posts • joined 10 Apr 2007

England's controversial extraction of personal medical histories from GP systems is delayed for a second time

Nick Ryan Silver badge

Re: Patient data being sold ? Already happened many years ago

If the data was truly anonymous and not trackable back to a living individual then it'd be find under GDPR rules.

Nick Ryan Silver badge

Re: Research Environment

The ONS has secure rooms where one queries the data. Essentially it's a double remote desktop system through their provided PCs. There's no network access to anything else and cameras and such to enforce things. It wouldn't stop someone remembering the raw data and writing it down outside, however as an Accredited Researcher with them one of the things that I signed was personal responsibility: I am personally legally responsible for the access.

There are also remote access options available however I believe that this does depend on the data being accessed and the organisation requesting access. These have necessarily been more common since covid hit. The remote access is essentially a web based remote desktop session - wouldn't stop someone recording the screen remotely but the data would have to be scraped rather tediously.

Nick Ryan Silver badge

Research Environment

Secondly, the external researchers would only access the data through a Trusted Research Environment whereby they execute queries on the data in situ, rather than moving it for analysis.
This point appears to have been missed. The Office for National Statistics (ONS) hold a great deal of personal data, Census, Labour Force Survey, Crime, and so much more. Access to this data is through their Secure Research Service (SRS) and in order to access this data one must be an Accredited Researched (I am one, hence why I know about this) and submit a project proposal listing the data analysis to be performed, the datasets required to do so and the outputs that will be generated. Once approved, all processing and manipulation of the data takes place within the SRS environment and when data is requested to be output, it is provided to the SRS staff who check it (and they really do check it, carefully) before the data is made available to take away.

Obviously, like anything else involving people and so on, there is scope for abuse and mistakes but it's a pretty solid process and much better than just giving the data away. Implementing something like this is a huge improvement compared to what the earlier NHS data grab was going to do: just hand the raw data over to private companies.

Hijacked, rampaging infrastructure will kill humans by 2025 – Gartner

Nick Ryan Silver badge

/sigh... another load of junk from Gartner. I wonder who paid for this report?

Good news: Jeff Bezos went to space. Bad news: He's back

Nick Ryan Silver badge

Re: Congrats ...

There's another post here in these comments that adds more to the story: https://forums.theregister.com/forum/all/2021/07/20/new_shepard_crewed_flight/#c_4298703

Nick Ryan Silver badge

Re: Congrats ...

Yep. I was at the National Space Centre the other weekend and there's a whole section on the female astronaut trainees who underwent all the training, in general passed with better scores and a higher ratio of them passing than their male counterparts... and then were all unceremoniously dropped because they were female.

BOFH: But soft! What light through yonder filing cabinet breaks?

Nick Ryan Silver badge

Re: Hilarious!

Yeah... in the last refit of kit that I did last year I found a load of mixed in non-standard (i.e. non suitable for standard rack) nuts. After a while I started to throw them into the (recycling bin) with a little more vengeance than strictly necessary... Grrrr

It had to happen: Microsoft's cloudy Windows 365 desktops are due to land next month

Nick Ryan Silver badge

Re: Umm...

In 2019 Microsoft were still trying to stop the use of convenient Remote Desktop sessions for client OSes.

Researchers warn of unpatched remote code execution flaws in Schneider Electric industrial gear

Nick Ryan Silver badge

It's a classic case of feature creep, in this case more specifically network attachment creep.

These devices were always designated for use in trusted environments and the vague stab at security was largely there to prevent tinkering by users that weren't privileged enough - almost to protect more from accidental changes than intentional or malicious ones.

A trusted environment in this case is where everything networked together is trusted and no non-trusted systems are connected. This works fine and has worked fine for many years, however then some numpty decides that for convenience they need to connect the trusted network or trusted systems to some other network. This isn't, like the initial comments here, directly connecting to the Internet (although some car manufacturers have genuinely been this incompetent), it's connecting to other networks, such as a more general office network. After all, the management systems, which are inevitably PCs of some flavour, are all usually networked together and the devices that they monitor and manage (through a dedicated communication protocol specifically for it such as ModBus or CANBus) are networked together therefore why not connect everything together? Well, the why not is obvious to anyone with any form of security clue however that often doesn't apply to the typical developer who when confronted with security their default response is to assign or require Administrator access to everything just in case.

Another commenter's remark about just having access to the control network is enough to disrupt things - network packets can be easily spoofed, amended or just flooded any of which are easily capable of disrupting operations and, frankly, without the detailed plans of any specific control network's design and operation the most effective way to damage things would be to flood the network and prevent monitoring messages from being processed. For example, a pressure sensor that sends values directly to a valve controller if the valve controller no longer receives the pressure readings it won't close off if the pressure gets too high - a simplistic example but that's the kind of thing that's commonly implemented.

Ah, I see you found my PowerShell script called 'SiteReview' – that does not mean what you think it means

Nick Ryan Silver badge

Re: Hands on...

I knew of a sales guy (yes, always the sales guys) who got fired before he started his job. He was invited to the pub the Friday before the Monday he started (the place had a good social crowd), got drunk and proceed to verbally attack the CEO and various other people.

He was a nice enough guy when sober, although he had almost no morals (perfect for sales), but when drunk... just best avoided at all costs.

Microsoft defends intrusive dialog in Visual Studio Code that asks if you really trust the code you've been working on

Nick Ryan Silver badge

VS Code "is capable of running code from the workspace on your behalf to provide a richer development experience,"

Compiling and building code is one risk with external sources, but automatically running shite that it happens to be in a directory is just typically negligent and stupid.

By the same organisation that created auto-infect/auto-run, executables in emails and ActiveX in browsers (hell, ActiveX has just always been awful)

Nick Ryan Silver badge

Re: re: So what do I do?

Shhhh... Just compile it and deploy it if it compiles. Testing, and in particularly usability testing is the end user's responsibility. If it compiles, it gets delivered...

Tencent uses facial recognition to enforce China’s curfew on gaming kids

Nick Ryan Silver badge

Re: It's past your bedtime sonny

Kind of. It's call parenting rather than using a TV/computer in place of parenting.

Please excuse the "adults" while they watch TV or use their computer as many hours as possible...

Nick Ryan Silver badge

Re: Confucius say

Or they'll just play offline games... and learn that changing the clock is very easy (if necessary).

Florida Man sues Facebook, Twitter, YouTube for account ban

Nick Ryan Silver badge

Re: Oh! Oh! This is awesome!

5 x zero is... zero. Hmmm.

Nick Ryan Silver badge
Trollface

Re: It's the plot of 'The Producers'.

...and I can't even see the reference myself, although it's not impossible that the article hasn't been edited since.

Nick Ryan Silver badge

Re: Grifter

I'll agree that it is a risk with Terms of Service for private organisations. The control measure is that these organisations also need to protect themselves from being sued for the content that they host, and not clamping down on illegal or otherwise inciteful or damaging content is asking for this kind of trouble.

In this particular case, he kept his accounts only as long as he did because of the very real fear of retribution against the organisations for applying their Terms of Service to his accounts - any other user spouting the same level of hate, bile, rabble rousing and incitement to criminal behaviour and so on would have had their accounts closed much sooner. That's the real injustice of it all.

DARPA nails cash to project 'FENCE' — a smart camera that only sends pics when pixels change

Nick Ryan Silver badge

Hmmm... I read it that the aim was to produce a camera (sensor) that only sends the changed information and not so much just the use of a normal camera sensor after which lots of processing is performed and then the data is sent. The latter would not be low power, although it would be a suitable way to prototype the algorithm.

As noted already above, slow changes would have to be filtered out somehow which means that individual light sensors would likely have to directly communicate/be compared with their neighbours and to only send an update if a light reading had moved beyond a certain threshold.

Go to L: A man of the cloth faces keyboard conundrum

Nick Ryan Silver badge

Re: Speaking of Satan

Argh! Too memories of dealing with the horrors of Microsoft Access databases... Where, depending on the current wind direction, speed and phase of the moon, an empty string column may be returned as " " (single space), or it could be returned as "" (nothing) - set the value to "" and the read it back and it would return " ".

Nick Ryan Silver badge

Re: The chosen one

The Boomer Bible would be a better source of reference

Nick Ryan Silver badge

Re: Font recommendations

I think the hate is more for the repeated unnecessary use of it. Replacing body text with a typeface that's designed for "fun" heading text is never a remotely good thing.

Five words everyone wants to hear: Microsoft has 'visually refreshed' Office

Nick Ryan Silver badge

Re: Windows 11 TPM

Microsoft are insisting that it's TPM 2.0 and many processors, even more current ones, do not provide TPM 2.0, only an older revision.

Nick Ryan Silver badge
Stop

Just repeating the same nonsense every time...

Microsoft has basically tweaked Office to bring it in line with the Windows 11 user interface and its Fluent Design principles

It's the Operating System's job to render applications. However, Microsoft insists every damn time that they "refresh the look" of Microsoft Office to whatever the current fad in their latest Operating System is, to re-implement all of the window and control rendering within the application rather than let the Operating System do it. It's an ongoing example of rampant stupidity and duplication and is one of the reasons that Microsoft Office is so bloated, slow and unstable and hard to port to any other platform.

Microsoft wasn't joking about the Dev Channel not enforcing hardware checks: Windows 11 pops up on Pi, mobile phone

Nick Ryan Silver badge

It also demonstrates what most anybody sane really knows... Windows 11 is simply Windows 10 with a slightly modified UI. Any "Windows 11 exclusives" are in place purely because Microsoft chose to do this to force computer obsolescence and churn rather than for any technical reasons whatsoever.

London Greenwich station: A reminder of former glories. Like Windows XP

Nick Ryan Silver badge
Stop

Re: How much longer will we have to endure this ?

It may not be great to connect an old/unsupported system to a network, however it is very easy to do safely.

Don't forget that these are are "kiosk" or "appliance" type installations, they are not configured as a general network for general use. [Well, they shouldn't be anyway]

It is easy to configure networking such that each client is isolated from all other clients on the network and to only have very tightly controlled network connectivity to, for example, a central server system. There is often no need for a client to be able to communicate over the network with anything other than the control system.

Things get a little more complicated where remote access to the installed client is required, inevitably for support purposes, but this is far from difficult to configure either.

What you need to know about Microsoft Windows 11: It will run Android apps

Nick Ryan Silver badge

You need to know about Microsoft Windows 11. It's the latest thing from a dominant monopoly therefore avoiding it is near impossible and counter-productive unless your mentality is one of "I don't like what I am seeing therefore I am going to shut my eyes and walk around blindly pretending that I didn't see it".

As for what you need to know about Microsoft Windows 11? Largely that it's little more than a minor UI reskin, a further attempt to lock users into Microsoft's online rental ecosystem, all with an extra sprinkling of needless hardware requirements to enforce unnecessary hardware churn.

Nick Ryan Silver badge

They also invested millions into user interface metrics and research and produced very good style and usability guides.

These were immediately ignored by other departments within Microsoft such as the department responsible for Microsoft Office.

I suspect they gave up with this investment as it was not generating immediate profit and also was not being used by their own developers.

Nick Ryan Silver badge

Re: What . . . why?

Been there. Got the TPM module. Returned it.

Turns out the manufacturer omitted to fit the headers that they stated were there in all their documentation and sales literature.

Nick Ryan Silver badge

Is this the correct XML file: "\Disused Lavatory\Filing Cabinet (locked)\Beware of the Leopard.xml"?

Bugger. Forgot my flashlight.

Nick Ryan Silver badge

Typically useless "Check tool" from Microsoft... run the thing:

This PC can't run Windows 11

While this PC doesn't meet the system requirements to run Windows 11, you'll keep getting Windows 10 updates.

[Learn More]

Does the [Learn More] link tell me what about my PC does not meet the requirements of Windows 11? Like fuck it does. Just a page of requirements.

Typically similar to the all too common moronic "an error has happened" type error response (as in "we know what the error is but we're too lazy or stupid to trap it and to give information").

UK urged to choo-choo-choose hydrogen-powered trains in pursuit of carbon-neutral economic growth

Nick Ryan Silver badge
Flame

Re: Huh

There are also a few not entirely great things about the use of hydrogen as a fuel:

  • It has a very low energy density, requiring it to be kept at high pressure to be able to store even a moderate amount
  • Hydrogen is very good at leaking due to the very small atomic size.
  • Hydrogen is rather prone to combustion
  • Hydrogen is typically combined with oxygen to generate power and as this tends not to be pure oxygen therefore other chemical reactions may happen (varying depending on the setup, but they will happen). For example nitrogen makes up ~78% of air therefore expect nitrogen dioxide and ammonia to be produced but also some hydrocarbons will be produced too and other than a small amount of toxicity (generally very low volume so not such an issue in an open environment), they can unfortunately somewhat shorten the life of a typical hydrogen fuel cell).
  • Hydrogen fuel cells are between 40-60% efficient when generating electricity with heat as a substantial by product and this needs to be dissipated or used (great if you want to warm things up).

None of these are impossible to reduce the impact of, but they all add up to a fuel source that is somewhat more involved than the simplistic "hydrogen is great as it just produces water as a by-product" that many people think it is.

Advert for coronavirus 'destroying' air 'purifier' exterminated by UK watchdog

Nick Ryan Silver badge

Re: Facebook

No

UK health secretary Matt Hancock follows delay to GP data grab with campaign called 'Data saves lives'

Nick Ryan Silver badge

Re: "Data makes money for our Chums"

There is considerably more money to be made in alleviating symptoms compared to curing the causes.

One is a repeat business, the other is a one-off (and is harder and requires more investment)

To CAPTCHA or not to CAPTCHA? Gartner analyst says OK — but don’t be robotic about it

Nick Ryan Silver badge

Re: Make them solve an "OPDE"

You are an evil genius and I demand my £10.

Nick Ryan Silver badge
Joke

Re: The problem with Captcha

But... but... everyone in the world is North American. Everybody. Absolutely everybody... surely this is so? It cannot possibly be not so? (breathe) But North Americanish culture is everywhere. Everywhere has the same ideal don't they? Except for the red commie scum of course. They don't. Everybody else in the world does though.

The US: One of the three remaining backward regimes in the world which still uses Imperial measurements, believes that their culture applies everywhere and persistently tries to brainwash the world into thinking that the US has a democracy.

Nick Ryan Silver badge

Yes. Made worse by them being used when not even necessary.

Nick Ryan Silver badge

Re: "Here is advice about CAPTCHAs from somebody who knows jack about CAPTCHAs"

It's usually more interesting, and often more valuable, to try to work out which organisation paid for the gartner "report" - to see what agenda they are trying to push. Gartner have no value whatsoever in anything otherwise.

Updating in production, like a boss

Nick Ryan Silver badge

Re: re: My-Handle

Not quite, but nearly! Similar situations though and before too long I usually wind up being the subject matter expert and often wind up knowing more about it than the developers (if software anyway).

Nick Ryan Silver badge

Re: Three card monte

Oh noes... now I'm remembering the horrors of people trying to stuff multiple, independent status values into a single column. Kind of works when there are just two status values as they just multiply together and as long as there aren't too many it sometimes works out OK. As soon as they want to add a third status though it's just a mess. Pretty much a really bad idea all the time.

Nick Ryan Silver badge

Re: VARCHAR(MAX)

Oh no! Table data stuffing... shudders... it was only a couple of years ago that I came across a moron developer thought that using tables and rows and columns was far too inconvenient therefore stuffed data in an exported XML stream into a single column.

I still see so much similar stupid done in databases, where individual columns are stuffed with multiple row data rather than using the database to store the rows. Master > Detail is such a basic concept but lost on some.

As for users stuffing too much data into a field, the number of arguments I've had about the storing of data in free-type text fields. If they need to store something in a structured way, store it in the database properly, not as a random-ish mash up of inconsistent characters stuffed into free-type text fields. Which the inevitably want to report on and then get annoyed when data is missing due to their typos...

Nick Ryan Silver badge

Dyslexia seems to be rather common in technical fields... unfortunately SQL queries and data definition editors don't have spell checkers, unlike source code. OK, source code isn't exactly a spell checker but spelling mistakes are flagged up and it's often a simple matter in a modern IDE to rename a local variable of function. Doesn't help so much with anything that's published though...

Nick Ryan Silver badge

nvarchar(max) is not as bad as you might think in terms of performance. If the data is small (for example 'Y'/'N') then it is stored in row, not off-page.
If only things were so simple... MS-SQL server does try to do some clever things when it comes to the (max) data type columns, however as soon as there are too many of them in a table definition then the MS-SQL optimiser seems to go "I give up, you made this mess, you deal with the consequences".

There are various table options that can be used, either to force large data columns out of row storage or to ask MS-SQL to try and store large data column values in-row ("text in row" table option). The table option "text in row" is also set to be removed in a later version of MS-SQL so relying on it is very much not a good idea.

Testing these options are a little tiresome as because the data storage method is only changed when the column data is updated, which is a simple enough query but is not quick and locks the entire table just in case anyone tries this and wants to continue with other testing while the update is applied.

From my observations and testing, using Microsoft SQL 2016, as soon as a column is specified as nvarchar(max) query performance goes to hell. Changing the column datatype to something sensible like nvarchar(30) makes a considerable performance improvement.

In short, nvarchar(max) and so on are not evil as such as there can be good and genuine uses, but performance wise it's like using variants all the time.

Nick Ryan Silver badge

Aggressively large varchar is not as bad as my current issue... a database where the clueless developers have used varchar(max) for almost every damn char based column. Gender recorded as a single char? Use a nvarchar(max)...

nvarchar(max) has its places, but using is for everything is ridiculous for performance reasons. Fetching a column that is nvarchar(max) takes about 7-8 times longer compared to where the data is stored inline. And this is for a database where the database server has been given enough RAM to load the entire database into memory.

Nick Ryan Silver badge

I'd be almost rich if I had £1/$1 for every time I've seen database uses which perfectly demonstrate that the developer didn't have a clue about SQL whatsoever, let alone the specifics of MS-SQL.

From horrors such as an absolute lack of referential integrity (no linked tables whatsoever), to company owners who insisted on browsing the SQL data directory to open up the "tables" directly and so often, the devopers who just do not understand that SQL operations are set based and not procedural.

...and the perpetual bugbear? No underlying fallback to a unique sort order in display results. Want to order by name? Fine, but make the last sort order column a unique record ID to ensure that the search results are consistent.

Windows 11: Meet the new OS, same as the old OS (or close enough)

Nick Ryan Silver badge

Re: Bloatware

That kind of shovelware is an auto-install nightmare. Per-user, per-install type of auto-install. Microsoft seemed to have made everything about it as annoying as possible.

Nick Ryan Silver badge

Re: Bloatware

...and the installs will still come with Xbox related shite that has no place on anything uninvited.

Nick Ryan Silver badge
Flame

Or, even better, make the domain setup option as fucking hard to find as possible and instead have an installation process that insists on setting up the system as a personal system for a single specified Microsoft 365 user (who is given local administrator rights of course).

BOFH: When the Sun rises in the West and sets in the East, only then will the UPS cease to supply uninterrupted voltage

Nick Ryan Silver badge

Depends if he was an MBA or not.

Systemd 249 release candidate includes better support for immutable OSes and provisioning images

Nick Ryan Silver badge
Joke

Re: Thinks I like about systemd

It looks like you're trying to manage your computer. Would you like help with that?

:)

Nick Ryan Silver badge

Re: Thinks I like about systemd

Having a user space application inform the user that the /tmp location is getting full and offering to empty it is a good thing. This way the user is informed of a potential issue before it happens, the user is offered the opportunity to easily fix this (i.e. delete contents of /tmp) and the responsibility for the action is passed onto the user rather than assumed.

However, any application that assumes that data in a /tmp path will always be available is a very poorly written application. If an application requires semi-persistent local storage then it should use a suitable location for this. If an application fails to operate because the contents of the /tmp path are no longer there then this is a fault of the application, not the OS. This isn't to say that an application shouldn't use /tmp for storage, but it should be able to recreate whatever is in there.