Posts by Nick Ryan

Re: The AOL Time Warner merger

Technically it was a "merge" with both organisations transferring into a new combined organisation, 55% of which was AOL, 45% Time Warner, as dictated by their current "value" at the time. The shifting of management positions and shareholdings would likely make for quite dull but insightful reading.

Re: 760,935 breaches Google detected

These days it's usually the applications that run on the webservers that are the source of the problem, not the web server itself. Earlier versions of IIS were a blight on the Internet, more recent versions are relatively safe; Not 100% safe of course, in reality that's that's effectively unachievable. The same with Apache, the security has improved since earlier versions.

And depending on your statistics, IIS is either doing quite well or is still quite a long way behind. It depends on how you filter and weight the results.

I'm more happy that there isn't a monocultore of web servers. Both IIS and Apache annoy for different reasons while performing administration tasks on them, both have strengths and weaknesses on this side and the performance front.

Re: yah know...

If this were to happen what would the Daily Fail (and Facebook's "trending") actually "report" on. After all, I cherish all the articles highlighting that some talentless twat who's happened to be on TV at some point was photographed wearing swimwear. On a beach.

Now if the aforementioned twat was photgraphed wearing swimwear while going to the cinema then, yes, this actually has a tiny bit more interest to it (just for the stupidity). On the otherhand, please don't let the Daily Fail and Facebook know this otherwise there would instantly be many of these z-listers wearing swimwear to the cinema just so they can be photographed doing it.

Re: Just because my band is broad doesn't mean your web site has to be fat.

It's not just "abusing modern web APIs with oldskool web design" an even more recurring poroblem is "oldskool" windows/client developers abusing modern web APIs. These are the same kind of idiots that rather than use Flash to enhance a website instead chose to build an entire "website" out of one Flash object.

Re: Slight tangent

The CD appears to have no function but to throw an error and initiate a sequence of downloads from the net. WTF has happened to the once-mighty HP?

They probably had to do this because there's no longer enough space on the CD for the two football pitches worth of legalise and disclaimers as well as the print drivers. Mind you, the way HP's print drivers are going there's probably not enough space on an otherwise empty CD, and DVDs are doubtless considered too expensive.

Re: They woke up

Put simply, it's impossible to create an entirely "secure" development language/environment. All it needs is for an algorithm to be incorrect or not thought through fully and that's security "broken", and this algorithm could be anywhere from the lowest level memory management code to a public access statistics report.

Doesn't mean that we can't improve things though.

Some ghastly internal US flights. Probably delta, can never remember as the seats are sold on from one carrier to the next.

Re: Er, what?

Still less lazy and ignorant than the cat "owners" (a.k.a. staff: dogs have owners, cats have staff) who don't bother to train their cats to go in a litter tray and instead leave them to piss and shit all over the entire neighbourhood.

IIRC the barcode scanners aren't really the problem. The fingerprint reader is much more of a custom affair and that's before you get to the customised keyboard.

Re: Best Tool

A serious problem is where proponents of one technology or another attempt to force use of it in fields where it's not ideal.

Yes, a NoSQL, or unstructured database can represent users and credentials however an SQL database tends to do this better and more efficiently. On the other hand associating arbitrary data with a particular user sometimes lends itself more to NoSQL rather than SQL. Similarly representing an arbitrary tree structure or membership for a field value is something that neither standard SQL nor NoSQL do particularly efficiently which is where the flattened reporting databases come into play, sharing features of both SQL and NoSQL.

Ideally I'd like a seamless NoSQL and SQL database where the most appropriate storage method can be used without having to have multiple independent database connections and therefore effectively preventing transactional functionality.

Re: It could always be worse.

Does this mean you disapprove of Intercal's COME FROM?

You should have asked more politely.

PLEASE COME FROM...

6502 registers limited? Pah! We had loads to choose from! A, X and Y for a start. Then we had the status register, a stack pointer (generally best left to the processor itself, but you could have fun manipulating it) and a program counter (current execution address).

It was a dream compared to the Z80.

Re: Internet Explorer

Edge doesn't support ActiveX so can't be used for those hideous older Sharepoint sites.

While I really appreciate the impending death of ActiveX, unfortunately it's not just older SharePoint sites that rely on it. It's used for horibblenesses such SharePoint Excel services integration, although at least this one is being depracated/removed in SharePoint 2016.

Re: Sex is a marketing way to sell stuff? What a news!

Might have gone to a few more tech conventions and a few less lingerie conventions had I known about this.

Might have gone to a few more lingerie conventions and a few less tech conventions had I known about this.

There. FTFM :)

Re: Unconvincing

You'd hope that wouldn't you? Unfortunately the last "finance" company I was in required that macros run in all MS-Word documents, not just the macro enabled versions, due to their normal.dot based MS-Word customisation (aka: unnecessary mangling of standard features).

Re: JG "it's not that simple... ...software"

From what I understand (and I'm far from an expert on this period / electronics), many manufacturers purposefully made it easy to circumvent stupid regulation. Probably partly because if they didn't the hobbyists wouldn't buy and recommend their kit to everybody they knew (a single sale is good, a single sale with +4 following it is better), but also as an act of defiance against stupidity. The kind of stupidity that brought about the US prohibition....

Re: Sadly

You may want reasonable security, but every day I still see "professional developers" intentionally/blindly doing stupid. In the last week or so:

Windows service application running using a user account that has domain administrator access. The service doesn't need this level of access, it was just used because the developer was too security blind to understand that they should have used a specific (service) account and to give it only the bare minimum permissions it needed to operate.

A new, public facing Internet system with a hard coded super-administrator password. Because that's never been a daft idea (no sir) even with the "justification" was that it would "prevent the situation where the final administrator account was locked out". Not withstanding the fact that we'd have been able to run database scripts fixing this should the rather unlikely happen.

...and this is exactly why I ditched my old (but just about still working) Samsung phone and got a Nexus. Samsung appear to lost all interest in their devices within 6 months of their release, which coincides with roughly how long it takes them to vomit up their updated software that's already out of date by the time they graciously release it.

This app sounds about as trustworthy as those apps that claim to measure blood sugar levels.

It's far from a new problem and just daft that it's being touted as something new. Data has always been subject to accidental or malicious changes.

Encrypting the data itself doesn't make a lot of difference really (except for passwords), it's another fad that while it does have practical benefit for security, the reality is that this is very limited. It's much more likely that user credentials are leaked and through those, and possibly programming and security faults, that data is changed.

For example, I gave myself access to an MS-SQL database because an IIS .net application's web.config file had the credentials stored in plain text and this user was configured on the database server with the System Administrator role. Encrypting the database wouldn't have made a tiny bit of difference to this but it's an example of how easy it is go elevate access with relatively trivial initial access.

Re: Inherited Wealth #MakeDonaldDrumpfAgain

Us Brits will comment all we like, thank you. We like lampooning idiots, it's a national passtime, please look into our historical documentaries "spitting image" and "yes (prime) minister".

Also, come back when you genuinely have a democracy: Hollywood repeatedly telling the world that the US has a democracy does not make it so. Even the UK is more of a democracy than the US, and the US recognises the UK as being a constitutional monarchy (https://www.cia.gov/library/publications/the-world-factbook/geos/uk.html).

Re: Missing the point

My thoughts too - SATA would be nice, but let's look to the future. SATA is on its way out, why include something like this just as other systems start to include a different storage media interface?

Re: Discrimination?

It depends on your definition of intelligence. If your definition is the memory of facts and procedures (and the logic that this tends to produce) then yes, there is a greater cross set of those with diagnosed autism and those with this type of intelligence. Some of this is the desire to label every damn personality trait rather than "this person is a bit socially awkward but they are a great scientist" - which if you consider many of what are recorded as great scientists they were known as being a bit socially awkward. Whether this was cause or effect is a different matter altogether (and it could even be a bit of both).

The more labels and hard black/white judgements are made the harder it is to just get on with life. We should be focussing on giving everyone the same opportunities and removing artificial (or social) restrictions on them.

Re: endianness @#define

Somehow or other I'd never actually noticed the disparity in L-R languages compared to the (arabic?) number layout system (the common alternative Roman numbering system available at the time [AFAIK] was just a work of art of almost purposeful obfuscation with an intention to be useless). It would genuinely make more sense if one hundred and twenty three were represented 321 (and read as three twenty hundred).

Re: Options for idiots

Vehicles are horribly noisy electical environments - partly from just the power feed but also from EMF which interacts with anything vaguely antenna like such as wires and circuits...

Re: Coding by geniuses

I first encountered this when working on an industrial placement as part of my Uni course.I was given the task to take over code from the resident genius. His code was concise, fast and didn't work.

It was so concise there were often no, or few validation checks with error messages. If something didn't work it was often ignored, and this "something" could have been any one of a dozen things in a single compound logic statement. Every bit of code worked like this, therefore when something didn't work it was next to impossible to work out why.

Needless to say I simplified things and logged every damn error message so we knew exactly wasn't working, where and when which gave us a start as to why.

Re: The point is not to match skills: It's attitude

I've had plenty of experience on both sides of the interview process, however what is usually genuinely important can be summed up something like this:

When you're interviewing for a position, your primary concern is to ensure that the candidate's personality is a match for the company and the team. Knowledge and skills can be taught, attitude can't.

Interviewing for attitude isn't as easy as interviewing for skills but it can be done and when you're a candidate it's often your responsibility to "sell" your attitude.

The problem with (IT) graduates is that they are in a wide, and widening, industry and the technology they'll have been taught at University will often not match what an employer requires. This isn't helped when many employers are ludicrously specific on what skills they "require" and while this is reasonable to help filter out the sometimes deluge of applications, being too specific will reduce the available candidates with exact matches down to zero.

The next problem is what graduates are taught and how. Pre-graduate education is currently largely mired in the process of being taught to pass an exam which doesn't give the Universities much to work with and is a perpetual gripe for them. Many Professors will complain that the first year of University is now wasted having to teach students how to learn and often to teach the basics of the subject they managed to pass exams for. Universities have previously been under an enormous amount of criticism for not teaching using environments and packages that are in common use in industry, their reaction to this has generally been either to switch to more modern environments (which given that most employers are not cutting edge isn't a problem) or to switch to cutting edge environments that aren't industry proven.

Re: The root of the problem?

As much as I like to hate Windows (in all of its incarnations), I agree with Jess above that comparing it to Flash is a trifle unfair.

Microsoft, to give them their due for once, have managed to cut out a lot of crap from Windows 10. That's not to say that it's all gone, or they haven't replaced it with other crap... FFS - Candy Crush, Minecraft, everythijg Xbox and zune and a host of other shit that you'd only expect on a shovelware inflicted phone on Windows Enterprise by default. Not that you might not want these apps, but they really shouldn't be inflicted, repeatedly, on Professional or Enterprise versions of an OS. However a pile of the legacy nonsense is no longer there and while I've personally found this annoying, crappy win32 code that relied on equally crappy win16 code really does deserve to die (looking at you Corel).

The Win10 interface is somewhat less retarded that Win8 and it breaks a few less of the fundamentals of good UI design. It's not to say that it's great, often the only way to do something useful it to find the underlying Win7/Vista/XP/2000 dialog and set the options there. However compared to the "mystery meat" navigation and the enforced brain fuck disjoint of Metro vs Desktop it's pretty much wonderful.

Re: Reliance on broadband provider for email

I've just logged into my Virgin email account. Went past some crap about "if you don't login regularly we might disable your account" (which obviously wasn't being applied to my account) and admired the long stream of "important" messages from Virgin Media. All unread. Apparently I can upgrade my Internet speed from 150Mb to 100Mb, although they forgot to mention "up-to" and the small points that the upload speed will still suck balls and if you attempt to download something during "peak time" (i.e. anytime until 8pm at night) your entire account will be throttled to buggery.

The registry, while having some advantages, is one of the single most ill-conceived ideas that Microsoft vomitted out and embedded into the heart of Windows. I'll admit that some of the plus points such as search are reasonable but compared to the overall inefficiency, instability and unmanageability of the registry pale into comparison.

Can you imagine the deployment and management pain if IIS web applications stored their configuration in the registry instead of files such as web.config? Suddenly you move from files that can be version controlled and managed to storage in an amorphous blob registry file that when the operating system fails you can't (easily) recover from - and it's often a fair bet that when a system really goes down that something upleasant will have happened to the registry database file, if not the file structure itself but what passes for referential integrity.