2900 posts • joined 11 Jun 2009
Re: Build statues in honor of Linus
Maybe Google needs to take a page out of THEIR handbook, and NOT sit there whining and trying to make EVERYBODY ELSE on the planet "do it THEIR way".
Sounds like another large company trying to muscle in and do a RedHat. Is this dude the security world’s Poettering?
How's that make sense? Do they only allow you to use a rearview mirror while in reverse too? It is the same view and no more distracting.
I believe you are legally mandated to have 2 of the 3 rear view mirrors intact and usable. TV screen, not so much. If I were looking at my in-car entertainment touch panel whilst driving and had an accident I would expect to be prosecuted for driving without due care and attention. Same goes for someone doing the same with the Tesla screen if not performing a reversing manoeuvre. I would not expect the same if I were checking my rear view mirror. One is deliberately placed within your field of view whilst driving so a quick upward flick of the eyes can check it, the other is down and to the side and considered a distraction.
Re: Woah, BT still had an open defined benefits pension scheme?
I'm not sure why you (OP) got the down votes as you seem to be stating the obvious. Such schemes were always poorly thought out and were overly generous. You would need to reserve a massive portion of an employee's remuneration to allow for such generosity. The only people that now get such schemes are politicians because they want them and you and I and future generations pick up the tab.
I also agree with your thoughts regarding the union. I recognise they are there to protect the rights of the workers but at some point you butt up against the viability of the employer. If you want to see an example of this look for historic articles where the Australian unions representing car manufacturing workers used to crow about the deals they'd made for better pay. How's that working out for their members?
It's a bit hard to do anything about the promised future income that won't materialise though isn't it? Especially if you're in the middle ground whereby you haven't amassed a large sum but it's too late to really make something out of a private pension if you started today. Final salary schemes were a great boost to those prepared to stick around and were a way of buying loyalty from your staff, which makes fucking them over that much harder to stomach. You may also find that someone on 35k may be able to move to somewhere paying 40k (I doubt pay differences will be substantial) if they're lucky but it is unlikely such a boost will make up for the pension shortfall.
Personally I never rated anything that was promised over contractually obliged: bonus vs salary, db scheme vs money purchase etc. as I always thought it had the potential to be a con by the employer to suck in the staff.
Re: "When it's political, technology cannot do anything."
"800 or so total programs "
I dont think they are living in 2017.
While I do understand that there are quite a few software packages that need to be run locally (architectural ones, for example) I just dont understand how they can end up with 800 programs.
Wouldn't surprise me if most of those 800 programs were just spreadsheets.
Try to sell those Ethereum and you'll find the market is nowhere deep enough to handle it and you will get almost nothing back.
Interesting. Is there anywhere you can observe liquidity and market depth on any of these "currencies"?
In years past it would be tin-foil hat territory and it can be equally well assigned to incompetence, but it would seem to be awfully convenient for the various 3 letter agencies out there. More-so if it had been kept under wraps. Will this spell the end of such dual controls or will the World just quietly ignore it whilst updating their status?
Re: Read the open letter righr till the end
The fascination with formally verified software is likely that it is at least one step better than not verified in any way shape or form software. Sure the former could have flaws and the latter none but I know which way around I'd bet.
The rise of ARM or are they headed that way too?
Re: Bitcoin per se is actually worthless
Hindsight investing is a truly wonderful thing. However there's nothing to say it couldn't have shat itself at that point for any number of reasons and gone to near zero. That is the nature of a Ponzi - you simply do not know when the game is up until after it happens and you start lamenting "I should have read the signs, they were there for all to see".
Just remember the saying "the market can stay wrong longer than you can stay solvent".
Re: 15 years of bookmarks?
And from looking at the list I have they are decidedly temporal. I think there could be plenty there that could face a cull.
I moved from Firefox when it started getting intolerably sluggish in use. From a recent trial that seems to have worked itself out so I may move back from Chrome in order to use a preferable browser vendor.
Re: Losing data is not a performance problem
It might be that the server has all the bookmarks but due to a comms issue (due to poor performance) when syncing, a partial sync occurs and hence shit disappears locally.
Re: To be fair
I assumed it was petty cash for when she next visits her overseas territories in the Caribbean.
I guess they are saying they have no evidence of all the data being bulk accessed internally and have no evidence of it leaving their infrastructure, yet 3rd parties have their bulk data so the only logical conclusion is that they must have been hacked in such a sophisticated manor that the forensic investigators they hired can not determine how.
Or alternatively that their security is so utterly shithouse whilst they are busy clipping the lucrative ticket on tax avoidance that they really cannot tell. Absence of evidence is not evidence of absence and all that. I wouldn't be surprised if someone grabbed it all with an external drive and a USB stick with Kali/Tails/whatever on it. In fact, probably just the external drive.
Except the crypto money doesn't have all the costs underlying "regular" money operations like regulations and reimbursement.
There is a hardware and power cost associated with processing transactions. The reason it is so high is likely "whatever the market can bear". After all, you have no oversight body to regulate costs as that was the choice you made.
Re: Any grownups?
The fact their main platform is written in Go says a lot too. You get the impression they're more interested in buzzword languages than they are in creating a serious platform.
And if, up until the point of collapse, you could make a paper fortune and fund your existence whilst dicking around with trendy shit wouldn't you give it a whirl? I'd argue it is highly attractive up until the point you lose everything. Locate anywhere, work whenever. It ticks the Gen-whatever boxes.
Re: How many?
The whole point of DevOps is efficiency, no?
Re: Is everyones WTFometer going crazy about now?
Not sure it was BYOD. It seems to be more of "take shit home you really shouldn't and store it on your Windows PC". Not like there isn't precedent for shit going missing from their network before.
Re: He's hosed.
You might also want to wonder whether the resistance is in order to distract from something more untoward happening elsewhere. Just saying.
Surely this only applies if the app is running? Keep track of what has access to the camera - if it is for avatars then create and remove privilege - and make sure you don't allow apps to stay live if you don't trust them. For those who might add that "for Skype/<insert comms app here> it needs to be running to field calls" I would say there's a price to be paid for convenience so make sure you're ok with that.
Re: EU competition rules
What constitutes the "precious"? Tax revenue? Or just power over everyone?
Re: It will matter
If, for example, UK provides "unfair" state aid to corporations HQ-ed in UK, Eu and WTO rules allow the Eu to apply appropriate measures to compensate - such as tariffs.
Because the EU doesn't provide state aid does it? Christ, half the companies in the EU couldn't exist without suckling firmly from the taxpayer teat.
Re: Software audits for small businesses
How does that work? I have a small business, for example, and they threaten me with a software audit. I tell them to go fuck themselves. What's next? If I'm not volume licensed or under some extra special licensing deal what can they do? They can't even stop me acquiring licenses as they flog them through 3rd parties. The only people they can threaten are the volume and other discount licensing schemes.
Re: I totally love those solutions
We've moved on from Crystal Reports to Power BI and still suitable reports don't really occur by end-users utilising drag drop. Different facet, same sales bullshit.
Re: Oh, this is going to be good...
Yep, took one look at this bit
Through the use of a single management interface, we're told, senior staff or business owners can not only manage things like patch deployments and file permissions on staffers' Windows boxes, but also set and revoke permissions and accounts on Android and iOS devices through MDM tools and controls for Office 365.
The aim of the service, said Caroline Goles, director of Redmond's Office small biz marketing, was to give smaller companies the ability to manage computers and devices the same way larger enterprises do, without the need for dedicated admins and large up-front investments.
and thought "that'll end well". Letting people that think record macro constitutes programming perform sysadmin work should turn out just fine.
Believe me there are some idiots out there of all nationalities. Maybe the means and location by which you meet Americans i.e. ones that have passports and travel perhaps, eliminates the segment of society that was being targeted.
Re: Oh dear ...
To me DevOps is click to deploy whereby the action is fully automated and reproducible such that if it works in Dev and Test/Staging then you can have a high degree of confidence that your production release will go smoothly. It should never be about rapid release without adequate testing.
I'll be fair, deploy to live and redeploy on failure can be used in certain cases depending upon what it is your system does. Clearly real-time payment processing and banking isn't one of those cases.
Re: Rolling update causes outage
You beat me to it. I was about to say "so they tested this in a staging environment first" before realising that I'm clearly not AgileDevOpsContainer compatible and just stick to doing the mundane shit of test before release. Newer practices just seem to yield better fuckups.
FB still frequently gets hold of things I've browsed in a supposedly different sandbox.
That's from fingerprinting you as a user. There's a website you can go to which will inform you how unique you are as and endpoint. Think about it this way...
1. You visit a site from whatever browser on a machine and look at shit.
2. Most pages have the Facebook "like" nonsense included which will have the fingerprinting code. It creates a "unique" id for you.
3. You browse other shit on other sites.
4. A "unique" id is created the same way on these other sites and likely matches that in (2).
5. Related shit thus gets served.
Re-identifying users is where a shitload of effort gets spent as that is key to the money making machine. The more info you can link to being from the same source the more your dataset is worth. Whether they create one id or a series of ids of escalating uniqueness I cannot say, but what I can guess is that they're pretty fucking good at it.
For the curious, try this site across your various usage patterns - sandboxes on same machine, different browsers etc. Bare in mind they are just showing one part of the re-identification world.
Re: Smart Devices?
Problem is we are rapidly moving towards the point where you cannot get a dumb alternative. Admittedly we don't seem to yet be so fucked that you need to provide a connection or these things won't work at all so a certain amount of idiocy is required.
The issue I have is when manufacturers don't allow alternative access. For example, Daikin air conditioners offer App control of their split systems via: direct phone to unit; phone to unit via LAN; or phone to unit via external Daikin portal. This at least gives you the option of having control without allowing access from the portal which IMHO is just a giant honeypot waiting to be hacked.
For a lot of IoT devices access is strictly via the manufacturers portal and that is the disaster waiting to happen.
With LAN access at least the savvy can block external outbound comms but have control via a VPN link from their phone back to their network.
Re: You're designing an internet fridge.
I was wondering why you'd need 60 fps on a fridge. So what if HTML can't manage it, it's a fucking fridge.
Re: Why is it...
Everyone's sorry when they get caught.
Re: The beauty of the GDPR: protection of personal data is a Right for European citizens
Thankfully UK gov has confirmed they will fully implement GDPR.
and likely waive the fines
Genuine question here...
Even if you are using an inter-operable protocol such as XMPP can you enforce the security standards across it i.e. If people are using Signal for example they can have reasonably faith that the developer of the app has made a best endeavours effort at ensuring you have security end-to-end in transit and at rest. If you had Signal conversing with WhatsApp could you have the same level of confidence that one end of the chain wasn't poorly implemented?
There is a slight rub with putting the "users and consumers" first - they have to be efficient ones. One problem I have encountered time and time again is companies and workers that have inefficient and illogical processes that are an artefact of how things used to be and their mantra of "that's how we've always done things". Their unwillingness to adapt over time leads to software that needs to fit with a bad workflow and then becomes part of the problem rather than the solution. The culture of a company is most often its problem, the software just a manifestation of it.
Re: From Wikipedia
The article mentions a bug but in a post-Snowden World was it incompetence or intent? I mean, the NSA have foisted one flawed encryption mechanism on us (Elliptical Key weakness) and have been observed trying with a new one but got called out on it. Snowden's releases showed that they have form paying for flaws to be inserted in systems, so why not?
In the midst of the "hand it over to someone else, sponsored by Dell" article I noticed
In the same survey I just mentioned, 35 per cent of businesses say they have consultants to advise them on security solutions, with 37 per cent choosing their own. That doesn’t strike me as very many (though I’m more frightened about the 15 per cent who say their employees choose the security solutions themselves). Are the 37 per cent following the DIY approach suitably informed on security? Some are, and I bet some aren’t.
Given the number of major businesses that have been hacked, and the track record of consultants in general I doubt you're any worse off setting up a pfSense firewall and taking your chances. The smartest consultants will likely work with major companies for big $$$, the SME ones will more than likely be the used car dealers of the sector. You may luck out and get a Sysadmin overlord doing some play-money work in the sunset of their career.
You can infer the likely outcomes from the statement that he is willing to return to Russia.
This is bullshit
Apart from the likelihood that they do not truly know others' salary levels
"At all relevant times, Oracle has known or should have known of this pay disparity between its female and male employees, yet Oracle has taken no action to equalize men and women’s pay for substantially equal or similar work," the suit claimed.
"Oracle’s failure to pay female employees the same wage rates paid to male employees for substantially equal or similar work has been and is willful."
This shit does not take into account that two people doing largely the same work in a non-unionised non-blue collar environment (i.e. no formulaic block pay bargaining) will generally be paid differing rates due to: bargaining ability, productivity and experience (perceived or otherwise). That's the difference in the professional world. You push hard for as much as you can get and your boss' perception of you will either help or hinder you in that endeavour.
Typically, though not always, I have found male counterparts to be pushier bastards that are far more adept at getting paid beyond their worth than females that seem to negotiate for an honest salary and therefore get paid less.
Re: Limited access
I think your average building site was more likely to contain a well thumbed copy of Razzle.
Re: "10.30 GMT (0930 UTC)"
Greenwich Mean Time (GMT) is time at the Shepherd Gate Clock, at the Royal Observatory in Greenwich, UK. GMT stays the same all year round, no Daylight Saving Time ( DST ) rules apply. London time is now BST (British Summer Time) or GMT+1
Re: Defeating Draconian laws
Before coming to the UK, I do a secure erase of my laptop SSD
Seem to recall reading an article that said not to do that as it'll shorten the life of the SSD due to all the wear levelling and such that happens. Better to have an encrypted disk whereby a quick format will do the same by removing the encryption key - depending on your choice of OS.
Re: Don't bother
I agree with the OP. I want my kids to be able to program and to understand what is involved and how to go about solving problems but in no way do I want them to be programmers. Programming is a means to an end. Make sure you are on the value adding solution providing side of the equation as someone who gets things done and not the rapidly commoditised code to a spec segment. Your pay packet will be a lot fuller and you will be perceived as being of greater worth, for better or worse.
Re: Hmmm ... I'm begging to sense a trend ...
So bad that pretty much everyone would do well to implement similar bans.
Re: EU - making it up as they go along
If companies such as Apple, Google et al in all good faith and with a duty to their shareholders to take advantage of all legal systems present in the EU to minimise their tax payments, however "unfair" that may seem to the rest of us, then it isn't those companies at fault but the EU.
Can we just quit with this bullshit now please? Companies have an obligation to act in the best interests of their shareholders. That is the legal obligation. You may argue that tax minimisation meets that obligation whereas I would argue that if aggressive minimisation strategies result in a revenue based tax then that wasn't really in their best interests after all.
Interested in why the downvoter couldn't elaborate on their take. You may not like the theory but it is pretty much how big business operates. Oil companies and spills etc. Manufacturers and low paid 3rd World workers etc.
Re: I fscking loathe PETA
In this case I can find them to be nothing but vexatious c*nts.