* Posts by Nick Ryan

3751 publicly visible posts • joined 10 Apr 2007

Watchkeeper drones cost taxpayers £1bn

Nick Ryan Silver badge

Re: Good value

That's going to be handy if they plan to bomb Luton or Reading. Maybe also Basildon :)

I went to Basildon the other day. Unsure if it had been bombed already or not.

Don't shame idiots about their idiotically weak passwords

Nick Ryan Silver badge

Re: Frequent changing of strong passwords

Flavoured = must contain a flavouring ingredient that is substantially the flavour intended

Flavour = could be flipping anything and will depend on how the recipient's taste buds interpret the random cocktail of chemicals used to make up the flavouring ingredient. See "beef flavour crisps" for this in action - no real beef in them and generally tastes nothing like beef actually tastes. However are an institution on their own these days...

A certain millennial turned 30 recently: Welcome to middle age, Microsoft Excel v2

Nick Ryan Silver badge

Re: CSV files

Excel will still murder the data format. As for Excel's broken CSV import code... well that's a story in itself.

Nick Ryan Silver badge

Unfortunately Excel's printing capabilities haven't advanced greatly since when it had to compete with 1-2-3. Still a bane of existence, trying to cajole excel into printing content sensibly without the obligatory multiple nearly empty pages.

Military test centre for frikkin' laser cannon opens in Hampshire

Nick Ryan Silver badge

Re: Top secret MoD test ranges

Very nice. They even have their own train lines and the wonderfully named "Walkey Way" road

Nick Ryan Silver badge

but needs to be a bit smaller for a shark :)

And that, sir, is why we are simultaneously investing in DNA technology. Can't minimise the shark mounted laser weaponry enough using current technology? No problem! Just use bigger sharks.

Nothing could go wrong. Nothing at all.

Budget 2017: How to make a downbeat forecast sound better. Say 'tech' a lot?

Nick Ryan Silver badge

It's the most accurate analysis so far. :)

Nick Ryan Silver badge

Re: Number of teachers is not the issue

Encourage and incentivize business to form partnership with schools. I know many of my colleagues who would be happy to do joint programs with schools, but barriers at both the buisness and school level make this very hard

Have you tried contacting and working with STEM (Learning) or, to a lesser extent, Engineering UK? Both have a lot of involvement and experience in getting schools and businesses together in STEM subjects.

Nick Ryan Silver badge

There is one sure way to get improved services. Pretend you are a suburb of London

You seriously believe this?

Have you tried these cash-cow fleece the public services at all? Surely you didn't fail to notice the pathetic Southern Railway service that is being inflicted on their customers who pay very high ticket prices for Southern to not bother to run trains - made worse by the union's farcical statement that guard-free trains are suddenly dangerous when none of the various commuter lines I have used have ever had anything other than just a driver on them but the lines and trains aren't littered with dead bodies. The other train services aren't much better with frequent failures, massive overcrowding (livestock are assigned better conditions) and general horribleness.

Every year the ticket prices go up (usually a lot, ignore the headline figures that are averaged out over route ticket prices). Every year the shareholders get paid more. Every year the service gets worse.

Ads watchdog to BT: We say your itsy bitsy, teeny weeny Ts&Cs too small for screeny

Nick Ryan Silver badge

Who would trust BT to do the right thing by their customers?

BT shareholders? Well, those that aren't also BT customers anyway...

Microsoft scoops Search UI out from the gaping black maw of Cortana

Nick Ryan Silver badge

Try AgentRansack. I'm not affiliated with the company that provides it in any way (other than having had a good relationship with them when reporting bugs and helping them to reproduce them) but it's been a stalwart tool for finding stuff.

London mayor: Self-driving cars? Not without jacked-up taxes, you don't!

Nick Ryan Silver badge

That would speed up the flow of traffic in central London.

DNS resolver 9.9.9.9 will check requests against IBM threat database

Nick Ryan Silver badge

Re: IoT?

I don't see how that affects anything. If the ISP requires a specific router, then use that. But what's stopping you from hooking up a second router that is the only device talking to the ISP's router? Then you use that router for your LAN rather than the ISP's. You can use whatever DNS server you like that way.

Unfortunately that doesn't really solve anything. The DNS requests will still go through the ISP router and be blocked or redirect there. DNS is easy to detect on a network as it's just a case of monitoring TCP/UDP port 53 and if the destination address isn't the one that the ISP wants you to use then the packet can be rerouted or dropped. Secure DNS extensions will make rewriting the packet (diverting it) pretty much a no-go however they can still be dropped.

Nick Ryan Silver badge

Re: IoT?

Pretty sure that BT and/or Sky routers also get narky if you configure a DNS other than the ISP's own DNS on a system.

While I can appreciate that they may have done this for security reasons - as in to help prevent hijacking of systems used by the majority of Internet users who really don't care and shouldn't have to care about such things, I'd rather have the option thank you.

Nick Ryan Silver badge

Re: El Reg in the crapper

True, but "resolves the domain component of a URI to zero or more IP addresses" is a little less snappy.

Intel finds critical holes in secret Management Engine hidden in tons of desktop, server chipsets

Nick Ryan Silver badge

Re: "Today's news will no doubt"...

Who'd have thought? A system, that was so ineptly coded that all one needed to bypass "security" was to give it an empty password, had lots and lots of other critical issues.

/sarcasm

UK.gov 'could easily' flog 6m driver records to private firms this year

Nick Ryan Silver badge

Re: So...what the Govt screwed up, the Govt will reap?

Doesn't make any sense at all.

Scrapping the paper tax disc and the production and distribution costs of this should not reduce the income for car tax. Car tax is still applicable therefore how can removing such a running cost reduce income?

It's 2017, and command injection is still the top threat to web apps

Nick Ryan Silver badge

Re: moving functionality from the server side to the client “brings its own security challenges”.

While I wholly aggree about security being server side, I suspect that a large part of the issue with client side security is that because there are so many developers (ab)using JavaScript to create single page applications it's the access and functions that these provide to locally available resources that is the problem.

On the other hand I have come across far too many idiot developers who assume that everything that comes from their "rich" web application is trusted and therefore adequate security and data validation on the server side is not necessary.

BT boss: Yeah, making a business case for 5G is hard

Nick Ryan Silver badge

Re: Who doesn’t want 5G?

You seriously believe that 5G can deliver anything comparable to line speeds? Radio bandwidth is divided between the connected devices and the more connected devices there are the more bandwidth is used on the management of this bandwidth. So one device is OK, two devices is less than half speed, three devices is less than one third, and so on. This is before you get crossover radio locations and other interference sources which also greatly reduce usable bandwidth.

This is before you hit the next problem, the speeds are very asynchronous in that while the high power transmitter can afford to up the power budget for a better data rate, your mobile device can't match this in any way and therefore even with 5G the device upload speeds are not great even if the maximum download speeds are fairly good. Quite contrary to nonsense sales pitches such as video calling - there's a reason these tend to only support WiFi.

Not that the tech isn't clever, but while there is convenience to radio communications there are a lot of practical issues as well.

Irish priests told to stop bashing bishops

Nick Ryan Silver badge
Coat

Re: no helpline required

Oh dear... are you seriously suggesting that they should do something constructive instead of "sending thoughts and prayers"? Many cults/churches/religions/faiths (delete as applicable) rely on "sending thoughts and prayers" and if these aren't working then where, or when, will it all end?

Please note: the only acceptable responses to this post are "Amen" and a repost or link.

Evil pixels: Researcher demos data-theft over screen-share protocols

Nick Ryan Silver badge

Re: So

I'm sure that there's also an opportunity for audio based file transmissions to occur as well. Unlikely to be anywhere near the bandwidth but for old time's sake it could be made to sound like an old Sinclair loading squeal...

Nick Ryan Silver badge

Re: Prior Art

There are various ways of getting something onto a target system. One of the most obvious is to just downloading the file from the Internet - there is often some external connectivity available which can be used. Another option is to use keyboard automation on the client system which just types the program in for the user, relatively simple, if slow, scripting would work.

All this depends on how locked down the server is - I have come across some that were very proficiently locked down... and others not so of course.

UK Land Registry opens books on corporate owners

Nick Ryan Silver badge

Re: May I introduce you to...

It's English, how many rules do you want?

Four. And make them contradictory as well please.

Off-brand tablets look done, but big players are growing

Nick Ryan Silver badge

Re: Much hyped 'death of the iPad' is wishful thinking - 11% year-on-year growth

Not strictly true. There is churn in iPads as well with newer OS updates somehow, despite being "more efficient", causing older models to run like dogs compared to before the OS updates. While you can avoid the updates you will find that many apps start requiring newer OS versions and that's the second problem after the performance.

Nick Ryan Silver badge

Value for money?

I'd consider a new tablet if any of them were good value for money - or at least a very good comparison to my Nexus 7 2013 which just goes on and on and on and I find to be a very convenient size. I can't find a remotely as good equivalent for anywhere near the amount that this cost - they are either hamstrung feature wise (or just likely to never receive updates), appallingly expensive or locked down with a disgusting and barely usable UI (amazon).

How we fooled Google's AI into thinking a 3D-printed turtle was a gun: MIT bods talk to El Reg

Nick Ryan Silver badge

Context

A large portion of the failure of AI image recognition systems is that they lack approproate context in their learning.

A system that is trained in 2D space on 2D images will not work anywhere near as well as a system that has a grasp of 3D space and has been trained on 3D "images". A system that confuses a 2D picture of something with the real thing is going to fail nastily.

Wheels are literally falling off the MoD thanks to lack of cash

Nick Ryan Silver badge

Re: A shortage of nuclear-trained personnel in the Defence Nuclear Regulator

So who exactly is looking after the nukes then?!

Probably G4S, they get every other gig that they have (less than) zero competence to perform.

Landlubber northern council shores up against boat-tipping

Nick Ryan Silver badge

Re: Vocabulary

And here in the The States, a "fly" is something on your pants that you unzip.

And here in the UK, a zipped fly is something we would not like on our pants. On our trousers, fine, but pants = underwear and zipped underwear down there is not a good thing.

The reference to "boat tipping" is a play on the phrase "fly tipping" which is the illegal dumping of waste. As for why "fly tipping", well: https://www.quora.com/What-is-the-origin-of-the-term-fly-tipping

'The Queen' is showing Geneva how to be polite on public transport

Nick Ryan Silver badge

Weird alternate reality going on here... although tonight was one of the worst where I had to literally sideways shoulder barge my way out of the carriage, nearly taking a daft bint with me who despite it being a packed train managed to forget that she had a bloody backpack on. That was just getting to the door, I then had to repeat the same to actually get from the door of the train onto the bloody platform into the half a space that we were generously permitted when getting off into the mob who were too dumb to understand "let people off before getting on".

The previous time I had a proper train alighting incident I left a dumb passenger nearly on the floor as they insisted on trying to board, in the middle of the door space into the middle of a crowd of exiting passengers... i.e. directly into me. When you're carrying a heavy bag and stepping down onto the platform into the path of somebody stupidly trying to step on there's only one winner.

However other than these two incidents the London ungerground is usually remarkably civilised with folk being let off and by both fellow passengers and the mob on the platforms waiting to get on.

Car insurers recoil in horror from paying auto autos' speeding fines

Nick Ryan Silver badge

Re: Why should the car be 'slow to respond'

The issue with signage is that sometimes it's a total arse trying to work out, at speed, whether the sign applies to you or not.

For example, a speed limit sign on a slip road (decelleration lane after it peels of the main carriageway) is often fully in view and angled towards the main carriageway. If you're driving along in a 70 zone I wouldn't want the auto-car to suddenly feel the need to reduce its speed to 30 just because it saw a sign attached to a slip road coming off the main road and thought that this applied to the main carriageway.

Nick Ryan Silver badge

Re: Try a sensible design?

It'll go this way in the end - with either our insurance, the manufacturer's insurance or the bot-developer's insurance covering it.

Insurance is little more than gambling. However for those who noticed that the insurance groups are setting the rules in parliament this is because they have a lot of money... a very large amount of money indeed (they are usually effectively owned by the banks). These groups do not like to lose their bets. Ever. Therefore the bets they take are considerably hedged in their favour and the law of the land has been amended to support this.

Google Drive ate our homework! Doc block blamed on code blunder

Nick Ryan Silver badge

Re: What is Google doing reading people's documents?

Much as I like to bash big faceless corporates as much as the next commentard... reading the article helps. The contents of google docs is report monitored, as in individuals have to report inappropriate content and google act on these reports, it is not actively scanned and monitored. However where google stuffed up is that they applied this process to random documents and not the intended documents.

AI bot rips off human eyes, easily cracks web CAPTCHA codes. Ouch

Nick Ryan Silver badge

Re: Tell the website authors

Because you could put anybody's email address in the "your email address" field and effectively send them an anonymous (spam) message just using the website's "contact us" form. This is why spam-bots target these things because they want to see if they can use them as an anonymous spam relay.

Nick Ryan Silver badge

Re: Tell the website authors

Because they hate you? :) Seriously though, I can't think of any reason for many of those other than to try and prevent automated submissions after a manual login.

The ones I tend to fail on are the picture ones where you have to identify all of the damn squares that have a smallest part of a mountain, street sign, store front or whatever in them.

Nick Ryan Silver badge

Re: Tell the website authors

You clearly don't run any public sites. It's NOT just about protecting user registration after the fact, there is a lot more to it than that. Consider just the two scenarios:

Your website has a public registration form. Without a captcha any vaguely known about website will easily receive hundreds of spam/malware/whatever bot account registrations every day. A remotely popular website will receive considerably more. As a result bot accounts will be created, advert/spam/malware links will be posted all over your website forums (or whatever else it has). Fine, you could remove these after the fact but the reputation of your website will rapidly drop to Daily Mail levels with even a few malware infections and spam/advert/link bot attacks generated by these bots. You could choose to manually approve new user accounts but then you have the entertaining task of trying to identify the gennuine account requests among the hundreds of spam-bot account requests.

Your website has a "contact us" form for visitors to send messages to you using. Without a captcha, for a vaguely popular site, you will receive many bot-messages every day. This is particularly the case if they find that the content of the message is CC'd to the "sender" - in which case congratulations, you are sending spam on their behalf. Even if the content of the message is not CC'd to the "sender", it's a fine way to clutter up inboxes, perform email floods and to flatten the reputation of your organisation's email servers.

Whois? No, Whowas: Incoming Euro privacy rules torpedo domain registration system

Nick Ryan Silver badge

"Public authorities" refers to organisations that are considered, by their national government or whatever, to be one. In the UK this is determined within the FOIA (Freedom of Information Act), the relevant schedule is http://www.legislation.gov.uk/ukpga/2000/36/schedule/1.

Nick Ryan Silver badge

In this case nominet (.co.uk registrar) has this largely correct already because for individuals (which is what GDPR is designed to protect) nominet does not publish the domain owner's contact details. i.e. "Registrant type: UK Individual". If it is a commercial interest that owns the domain name then contact details must be published.

This does not stop any due legal process around a legal entity requesting genuine details from the registrar or their agent.

Holy DUHK! Boffins name bug that could crack crypto wide open

Nick Ryan Silver badge

Thinking of which... whatever happened to hardware random number generators? I (vaguely) remember these things being available as add-on cards for systems.

Phone crypto shut FBI out of 7,000 devices, complains chief g-man

Nick Ryan Silver badge
Coat

Re: Let them have the password

And if you want to be nasty - have a few dozen micro SD cards with really toxic contents (such as episodes of X factor or Emmerdale) to distract the G-men while keeping the secure data elsewhere in an encrypted file on a cloud server.

Other than the human compassion side you really don't want to do that. Being caught with pirated commercial content will get you more jail time and heavier fines than almost anything else. Because, erm, because, well, erm, every pirated episode is worth many millions in lost sales and directly funds organised crime. Phew, for a second there I thought there wasn't a reason behind it at all...

Tell the public how much our tram tickets cost? Are you mad?

Nick Ryan Silver badge

Re: This sounds fair...

Only organisations that are defined a Public Authorities are subject to the FOI.

The actual definition of which organisations are defined as a Publich Authority is here: http://www.legislation.gov.uk/ukpga/2000/36/schedule/1 (it's easier to start with the "original, as enacted" view rather than the one with all the amendments.

Malware hidden in vid app is so nasty, victims should wipe their Macs

Nick Ryan Silver badge

Re: Nothing new!

Nearly. Amiga RAM was not battery backed, what this used was a persistent RAM drive called a RAD drive. Anything stored in this type of RAM drive would survive a soft reset of the system (the normal RAM drive was wiped by a soft reset). Powering the system off would clear the RAD drive.

If you had oodles of RAM (for the time) you could copy the OS to the RAD drive and configure the system to boot off it which made for a ludicrously fast booting system.

Plants in SPAAAAAAACE are good for you

Nick Ryan Silver badge

Which is a good thing because the average human is a fine biological humidifier.

Beware the GDPR 'no win, no fee ambulance chasers' – experts

Nick Ryan Silver badge

GDPR compliance should be easier for you. There is, very intentionally, no lower bounds to the "organisation size" when it comes to GDPR appliance. If there were, this would be gamed by the unscrupulous within minutes, if not faster.

What we already have is a new industry of GDPR ambulance chasing, even before GDPR kicks in - i.e. those organisations whose only interest is to promote their "training" or "certification processes" or "GDPR compliance applications". They have zero benefit other than draining cash and making GDPR compliance look considerably harder or "needing" legal advice repeatedly.

Hitting 3 nanometers to cost chipmaker TSMC at least US$20 billion

Nick Ryan Silver badge

Re: Price or opportunity?

Where is the Apple bashing in this article? Seriously... I've checked back and can't see it.

As for your "scamsum" references, why don't you also say "crapple" as well? Or is that taking being childish too far?

Before you head into Office 365, pull on this cosy Cloud Archive

Nick Ryan Silver badge

GDPR

Yay! Just sitck those four letters on anything, make up some mumbled techno-babble promises about compliance and sell, sell, sell.

Please don't check reality, please don't read the actual GPDR and, most importantly, please don't understand that these services are very unlikely to help in any meaningful way with GDPR.

Russia to block access to cryptocurrency exchanges' websites – report

Nick Ryan Silver badge

Cryptocurrencies are interesting...

Cryptocurrencies are interesting because they are no less real than the fabricated, but strangely accepted, warped reality of money circulating ("creation") schemes such future markets trading and other promisory trading schemes where it turns out that nothing is actually traded and often nothing happens at all, however it is very important to pretend that something has. In fact cryptocurrencies are probably better because at least most cryptocurrencies have a limited resource and accountability built in.

Rattled toymaker VTech's data breach case exiting legal pram

Nick Ryan Silver badge

Re: GDPR

It wasn't adequate for data protection under DPA rules, however there was too much money involved therefore rubbish like the "safe harbor" act was often considered "adequate" even though even a cursory reading would reveal that it was utterly useless. The follow on protection is no better or of use therefore exporting the data of EU citizens, particularly children who have an additional level of protection as do all other vulnerable individual, to a regime such as the US is against the rules.

Support team discovers 'official' vendor paper doesn't rob you blind

Nick Ryan Silver badge

Re: You say .. I say ..

English, as a language, is messed up enough without Americans (and Australians/similar) habitually misappropriating words and pronounciations.

Apart from having two words for almost every traditional/physical object, i.e. Cow+Beef, Pig+Ham and so on, we have a vast array of words that are not pronounced anything like they can be sounded out. For example "put" (opp. of take), "friend" (seriously, what is the "i" doing there?), arbitrarily deciding that a "y" (why) is actually either pronounced "ee" or "eye", never "why" of course... and it goes on.

Nick Ryan Silver badge

Re: The story is ...

I suspect you mean 1D and 2D barcodes. 1D barcodes are the more traditional types that are a series of stripes and you'd find on books and supermarket products. 2D barcodes are often square (but don't have to be), for example QR codes and are often rotationally symetical but don't have to be. While technically there are 3D barcode scanners these are often just video cameras because they are usually 2D barcodes with the additional "dimension" of colour or, occasionally, relative shading, as well.

How bad can the new spying legislation be? Exhibit 1: it's called the USA Liberty Act

Nick Ryan Silver badge

Re: The meaning of words

Very similar to the CAN-SPAM act which pretty much allowed exactly what it says in the title.