Posts by Nick Ryan 3756 publicly visible posts • joined 10 Apr 2007
The correct solution would have been to have one API call the other, so it always boils down to the same code path.This. Every time. There are many places even in Microsoft systems where the UI executes underlying scripts allowing the same functionality to be there whether using scripts or the provided UI. Doing this also means that most processes can be tested more thoroughly and even in an automated manner.
Banks make a lot of noise but are often the weakest link themselves.
I once has a new business banking account plundered. The only transcation that I made was to pay in the opening balance, the cheque book, bank card and linked credit/debit card were delivered and filed away in the folder than the bank provided. None of these ever used, but still somehow somebody knew all the details of the account and emptied it. Most definitely an inside job and very crap procedures/security checks.
Another occasion an ex-girlfriend had her bank account emptied the day after pay day. By her brother. Somehow he had walked into the branch and convinced them that he was allowed to do this. That made for a tight month for me while I paid for her entire month as well as mine, while she didn't want to bring this up with her parents or involve the police and the bank? They just said it was all OK and nothing to do with them... She changed bank.
Alas, this money is stuck with US customs requiring the assistance of a good, christian soul who would help transfer this money over, US$15,000,000 and for helping you can get 5% of this money.
Please help our christian brother in distress in this time of need
god bless you
Mark Wonga 419
Any astronaut sent to Mars with today's technology would arrive sickly, weak-boned, cognitively impaired and at great risk of cancer.This is not true at all... except possibly for the cognitively impaired due to the boredom and psychological problems involved in such a long journey.
"Artifial" gravity is easy to produce - a rotating element of a space vehicle will do this and is easily within the possibility of todays technology. Having gravity reduces the weak-bones and other health issues experienced by astronauts.
There are plenty of easy ways of protecting astronauts in flight from solar radiation using todays technology. Unfortunately these do tend to add a lot of mass to a space vehicle which will slow the flight down somewhat. Upon landing on Mars living in caves, whether artificial or not, would protect from most solar radiation.
What so many people forget is that it is a petrochemical industry - using petroleum, and to a lesser extent coal, based chemicals as fuel is only a very small part of the entire industry. Our industry relies on the entire petrochemical chain therefore thinking only about solar panels, which usually require extensive petrochemical derivatives to manufucture, is only thinking about a tiny part of the problem.
A key thing to remember about petrochemicals is that they are condensed (often rather literally) natural resources and there is nothing inherently unnatural about them just that we are using these plant originated concentrates inconceivably faster than they are created. They can be replaced by lower (energy) density plant based products however this creates additional problems involving land use efficiency. A smarter way to proceed involves both somehow creating processes that are considerably more efficient than the plant based processes (tailored bacteria, chemical processes and so on) but also to change the dependency on some chemicals in the petrochemical industry to more renewable alternatives. Neither of these are without risk or downsides and neither are likely to be common until they are economically more viable than just extracting the concentrated petrochemicals from the Earth and using tried and established processing methods.
Yep, far too much "modern" software is cobbled together in a manner too well reflected in this onligatory XKCD: https://xkcd.com/2054/ (Data Pipelines)
What happened to progress?
An entire sub-industry grew where it promoted form over function, user interfaces become less useful and omit many of the key and most important factors in good user interfaces. Not that there were that many good user interface designers in the first place, but with the vast growth in developers (of very varying competences) there has not been a similar growth in user interface designers. Nor database designers/developers either. This largely explains much of the mess the software industry is in.
As for vinyl over digital - the perceived snobbery of this is where it comes from. That and mainstream digital services which genuinely output worse quality products for technical reasons. For example, digital TV picture quality often being usually somewhat worse than analogue equivalent broadcasts due to bandwidth restrictions and the commercial need to cram more channels into the same limited bandwidth, thus reducing the quality of most of them.
The use of the CVV number is optional. Supplying the CVV number shifts responsibility towards the cardholder, not using the CVV number shifts the responsibility towards the retailer. If you entered the CVV number once for Asda then they can reasonably assume that you have the physical card in your posession therefore don't need to ask for it again.
The fine is up to €20m or 4% of global group turnover. There is no expectation of this being applied at the maximum except in the most serious of cases and/or flagrant malpractice - for example refusing to comply with audits, refusing to follow the investigation processes, and so on. Generally, repeat offenders.
The situation is not like this. Sensitive Authentication Data (SAD) includes the magnetic track data off a card, the PIN block/details and the printed CVV (whatever) number on the rear of the card - this number is not recorded in the chip, strip or embossed form. A compliant retailer is prohibited from storing or recording any of this data except for the shortest time possible to perform the transaction.
If a retailer processes regular or repeat orders they may do this using the non SAD stored data and the CVV number is not necessarily required however by doing so this changes the balance of responsibility for fraudulent transactions very much in favour of the card holder compared to the retailer. Often a retailer will require than the CVV number is presented on the first usage of a card but not for following usage of the card. This provides a fair degree of accountability but does not require that the card holder type in the CVV for every purchase and is a reasonable enough compromise where the retailer, such as Amazon, has delivery and cardholder addresses and an ongoing relationship.
Unfortunately the water company monopolies are more about shareholder return than providing value for money or a good, efficient service.
For example, there are documented and recorded discussions about the value in investing money in fixing water leaks compared to the money lost through the lost water. At no point was the impact on the end user's water not the environment nor anything longer term considered.
The same goes for software development and testing comparing the investment in software development and testing to the financial risk and liabilities with a failure. One would hope that the specter of GDPR fines would up the financial risk but for many organisations this isn't considered.
But we are either too stupid or lazy to cope with their complicated grammar, and so have dumped most of it.
I'm not sure that's true as we appear to have retained as much of the complicated grammar as possible... particularly where it is contradictory. Learning English is often largely about learning exceptions.
Apprenticeships are there for skills, degrees are there for education.
There is never a clean dividing line though, add in a generation of snobbery around degrees vs apprenticeships and a drive to make statistics look good (lots of degrees, academic qualifications) and it's no wonder we are in the mess we are in now.
Many universities while non-profit also own for-profit subsidiaries which perform commercial work and funding for the university. This does not mean that anything bad is going on, just that it's a way around the not-for-profit restrictions and there are very many genuine reasons that a university will want to spin off for-profit activities. Most of these subsidiaries should have a charter requiring the profit to be routed back to the university and this non-tied income is incredibly important to many universities and is often the only reason they are still viable.
Ah yes, the unfeasible academic dream of PKI data backups.
Take a relatively trivial relational database with 500,000 records of individuals in it.
Each record identifies an individual therefore we must have a system that manages 500,000 encryption keys. Each key must be related to a single specific individual and wholly identifiable to this individual and no other, therefore these keys are now also considered personally identifiable data. These keys must also be backed up because, if these keys are lost, any backups using these keys may as well be random noise in a data file. These key database backups must be retained, kept offline and managed just like mainstream data. Choosing to delete a key means that this key must be deleted from the live dataset and every single backup made of it. Effectively, we now have 500,000 individual backups to manage, which also require a database to manage these backups... which must also be backed up, because losing this will lose the database that manages the keys which means the core backups are worthless. This kind of scheme is possible, within ridiculous margins of possible course, but most snake-oil salesmen conveniently forget this side of it. In essense, all that's happened is that the pain point has been moved.
That's the key management side of it. We also have to deal with the data itself. There are a couple of broad options here:
1) Every single row of data relating to an individual is encrypted in the database, with the key being recorded in the separate key database (backed up separately, see above). Needless to say database performance at this point is something that happens to other people, as no useful indexes are possible and therefore the data may as well not be in a database. This includes searches therefore we have a database relating to 500,000 individuals which to many intents is unsearchable. This means no corporate statistics nor "big data" nor anything like this. Basic business processes will also be glacial against this database. This is usually the option touted as "data at rest".
2) The database is operated normally, but never, ever backed up. Ever. At all. Instead we have a nightly (or whatever) export of the database which converts the relational structure into a file or set of files for every discrete individual in the database where all data relating to each individual is exported into an export structure and encrypted using the key in the key database. This also requires that a re-import process exists which is thoroughly and regularly tested, particularly with version management of the using application and database structures taken into account. This is the closest that a key system can get to encrypting "data at rest" but it does not work around the issue of key management, it's just moving the issue from one place to another. The advantage of this technique is that ancillary files, such as documents, can also be thrown into the same key encrypted repository as long as the export process is smart enough.
A further problem with this is where data relates to more than one individual. For example, Project X references Individual A and Individual B, which key should be used to encrypt this data? A solution would be to have an additional encryption key used for wherever Individual A and Individual B are associated in the same data. Our key database has now become suddenly much more complicated and harder to backup in itself. Removing all keys relating to Individual B should not remove any shared records relating to Individual A as well. While deleting the reference Individual B out of the database would remove the reference it would not remove the data therefore this is not compliant with data protection removal. Deleting all references to Individual B regardless of whether or not any other individuals are associated with the data is not compliant with data protection management because this also mandates the correct management of data. Management policies can be created to help manage this kind of complication.
The point here is that in the real world things rapidly much more complicated than academic dreams of PKI backups or snake oil salesmen will ever admit. In any organisation of any appreciable size there are usually multiple databases and applications, each of which must be managed separately but in the same way. There is no perfect solution.
The post offers the observation “Simply put, moving to cloud releases IT teams from time-intensive maintenance of on-prem technology infrastructure. No more downtime to install updates, and no need to worry about expensive technology falling out of date.”
This "observation" in itself makes it clear that this guy has absolutely no clue whatsoever and should bugger right off. Probably go work for Gartner or somewhere suitably useless and just more blatantly paid-for "research" that coincidendally backs up the claims of whoever paid for it.
The large part of the problem is that many developers just do not understand that a web page, as in a web application is very different to a modal client/desktop application. Therefore they attempt to develop a web application as if it is... not helped that for years useless shit coming out of Microsoft/Visual Studio that tries to convince developers that a web page is just the same. It's not.
It's scary the inconceivably stupid things that I've seen developers try to do to force a web page to behave more like a modal desktop application. These always fail.
This is straight out of the school of moron developers who just cannot understand that a web page is not a fucking modal client application. When they find that a web page does not operate as if it was one they just to try to bodge, lever, hack and generally very badly kludge things until they can pretend that it is.... then vomit out a barely usable bug ridden mess of a "web application" and proceed on their merry way to break something else because some other new shiny JavaScript library has been dropped out somewhere and therefore must be used.
See also Java, ActiveX, Flash or Silverlight in the browser.
In a previous life we had somebody break into our office buildinf using a garden fork through the window. The office the broken into had locked doors so they couldn't get any further - it was part of the closing the office every night procedure to lock all the internal doors. If they had broken into one of the windows around the back, or even the neighbouring window they would have had free access to the warehourse where vaguely valuable stuff was kept.
Quite often some of our engineers didn't bother shutting the vehicular access door asuming that somebody else would do this. On occasion I only noticed this when driving away from the car park.
UK engineering is utterly knackered at the moment, come October, expect redundancies to ramp up across the UK.
Tell me about it... :( 18% of the UK's workforce work in engineering. This has almost certainly already changed, along with the number in the UK's workforce, but will almost certainly change considerably more in the coming months.
It's these issues that are slowly beginning to bite.
Aside from the anti-social few who shun all human contact, those few who are content to just sit at home with their loved one(s), the vast majority of humans need human contact and interactivity.
We have very much evolved to be social animals. At one point in time I thought that I could change career to be a hermit, since covid-19 I have proved that this is very much not the right career choice for me.
While productivity is up in some ways, in many others it is very much down - the longer term things such as cross team communication, informal communication, relationship building... all slowly dropping away. OK for a short time, but the impact slowly builds. Even meetings where relationships are built, side ideas are discussed, just don't happen - a video call is usually little more than a glorified presentation with none of the interaction between attendees either on side, during breaks, or anything else happening at all.
"We have X, what's the proper path to get that into the kernel?"
This. This is the step that should have been addressed first. If the organisation was closing in a matter of hours and they were in an extreme rush to ensure that the source would not be lost then dump and run would be acceptable, with an explanation, but not otherwise.
The Soviet Union strategy of spending on terrorism to turn us into a hostile, mistrusting, divided bickering dystopian society did not succeed to any notable extent.
Oh, I don't know, it seems to have worked far, far too well. Possibly also that somone did such a good job that many people thought that it was themselves doing the thinking and not external parties (who may or may not have been Soviet/Russian, but important not to check just in case)
Banning Alibaba’s cloud would not overly discomfort either US citizens or Alibaba, as the Chinese company has made no secret that it will prioritise Asian markets.
Yep... In an international and growingly connected world, one idiot nation isolating itself for braindead internal political reasons may affect income but there are plenty of other markets out there and often larger and faster growing ones too.
Yep, in the past I came across some computer administrators that had the slightly daft, but understandable notion, that PCs should never be turned off, never cold restarted either if possible - at worst a soft reset. All because they had failures on disks when going cold and restarting and also SMART messages notifying them of non-critical failures.
The proper solution, of course, would be to replace the faulty disks as they had already failed, but instead they insisted on keeping them limping along chewing through power (nothing could be spun down just in case) and waiting for them to spontaneously fail in the near future instead. There's a balance to be had in the cost of HDDs vs power but most of these places had this rather wrong.
Early CPUs just cooked themselves until they broke. The next improvement on this was there was a thermal cut off where the CPU shutdown itself before it cooked itself. The following improvement was the CPU would slow itself down to try and prevent the heat getting to the point that it needed to shut itself down.
These needed the advancements in CPU control and thermal monitors that later CPUs had. Earlier CPUs were controlled exclusively by the motherboard's timing circuits.
Is "larger ranges, at a cost of overall network performance" down to the frequency and what blocks it, the chance for more clients within the area sharing the bandwidth or the power required on the client device to communicate on these frequencies (hence why mobile technology tends to spout download speeds and never uploads)?
Quite acceptable to use PDFs, however what must be done is very careful comparison between what was sent and what was returned. There has been some very capable software specifically for this purpose for a while now.
Not just limited to PDFs either: print a document, post it to the other party, they sign and return it. How do you know that they haven't replaced one of the pages? Obviously paper quality and watermarks can help with this, but there is nothing stopping somebody taking a document in any form, printing it to an intermediary form, making adjustments, then printing it to paper.
The software we had would scan the returned printed copies as well, OCR the lot, then compare. It was tedious at times but at other times invaluable seeing what had been attempted at times.
You need whips. Massive, massive whips.
While it's often thought that this was the case, the builders of pyramids in Egypt were highly thought of craftsmen and workers, not slaves. Generations of families lived and died building them. What's even more impressive is that Egypt had such abundance that it could afford to have so many people dedicated to building what are essentially enormous vanity projects.
From trying to read the verbal babble that YAM have come out with... it's not so much as feck all out, it's unconstrained feck have come out. As in a limited numbers of fecks may have been worth something individually, however due to a coding error an unlimited number of fecks were genereted which instantly devalued fecks to the point that all their fecks are now worthless.
So I suppose that in some ways "feck all out" is correct, just that there should be some grammar inserted somewhere.
It's probably also because being cheap they employed US-only designers therefore the mechanical and electrical design only permits usage in the US. There's a reason that so many devices are available in the US and "rest of world" variants. The US devices typically have to use US only radio circuitry which I understand is more expensive compared to equivalent for the rest of the world (probably patent and scale of production related) and any cost savings they can make at the same time to counter this are often taken. As a result the US variant of a mobile device is often slightly less well specificed than the rest of the world variant, or slightly more expensive, but this can be hidden in exchange rates.
Kind of true in some ways. I once used a touchscreen (stylus only) slab PC running XP tablet edition. Other than being entirely setup for mouse and keyboard, and while the extra applications that came with the XP tablet edition tried to help with this through the improved, but still awful, on screen keyboard and the handwriting input, the rest of the OS was mouse and keyboard only. Mostly mouse only of course.
Many years later the relaunch of a less capable device was touted as the first of its kind. Hmmm.
You mean legendary as in the printing on the key caps starts to fall off within a couple of weeks of use? For such an expensive keyboard to do this compared to under £10 keyboards or those from OEMs such as HP or Dell where the printing is still OK after 10 years? Just not acceptable. The mechanical side is solid enough and keeps on running, but every one that I've seen has had to be replaced due to the key caps, that and because of the design of the thing (unavoidable) being incredibly dirty too.
Try living in an area where traditional walls were made out of flint. Crystalline and often having a nice high iron content, tends to shatter when hit and will quickly blunt all but the best diamond tipped drill bits. I tended to get through 3 diamond tipped bits for every 2 holes.
Later, in the same area, when things started to be built using bricks these often contained lots of smaller bits of flint meaning that it was pot lock whether or not one would be able to drill into a particular brick or not. Often what happened, other than the obligatory smoke coming out of the hole, that the flint rock inside the brick shook and vibrated so much it created its own cavity inside the brick.
Yep, that is very true when it comes to replacing cables. Luckily this doesn't tend to need to happen very often (for most people) and where it does need to be happen one hope that structured cabling management was in place rather than plastered in cables - which I've come across far too often.
WiFi is a broadcast technology compared to cables which are not a broadcast technology; As a result running one cable of an arbitrary standard next to another simply provides double the bandwidth with no concerns about them interferring with each other (OK, not always true, but should be) but WiFi does not have this capacity. WiFi is good for convenience, cables are best for everything else.
That doesn't matter you prole.
Cummings definitely did not break lockdown having been instrumental in the message telling proles, like you and I, that we must comply or else. He was also definitely not instrumental in all the hatred of unelected EU officials... despite them being elected and him not being. He also very definitely did not ensure that as much money as possible, both from the Tory party and government, was sent to his and his friends "research" companies and these companies very definitely did not break and laws and the funding was absolutely never in breach of the political and campaign funding rules.
Or if you want an indirect "who elected Cummings then?" response, it was the Tory party voters.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
