Posts by I ain't Spartacus

Re: How dare they?

I've got white hair. Whilst growing a beard now is OK, the confusion come Christmastime is too much of a problem. Hence I am destined to remain soup-catcher free. Unless I ever find myself in dire need of employment come December...

Re: Beware Pron ahead

Exactly. I think URL shorteners are fundamentally insecure for exactly the opposite reason. You don't know where they go to, and you can't go to say bit.ly's website put one in, and find out. And it ain't safe out here on the internet, I like to have my eyes open when I go somewhere.

I've seen too much - having been a forum Mod a few years ago, for my sins. Mostly it was just 2 Girls 1 Cup and Rick-rolling. But you never know...

Re: £16m

No that's just the bill for the speakers. The oxygen free quantum stablised EMP shielded platinum cabling is an extra $15 billion...

The record companies paid their artists, and would organise their marketing and studio time for them, if they wanted. As well as hunting down new talent and offering these services to them. Including taking a punt on new acts, and giving them free access to studio time for a first album. OK, not free, they'd pay out of the sales, but not a loan either, as the record company would eat the losses if the album stiffed.

Sure the record companies sliced off profits, some of which got spent on cocaine and hookers. But they actually put real money into developing new bands, and provided some services. And they weren't the only game in town, you could go off with the independents, or self-publish.

They can't have done too awful a job either, because top bands stayed with them, who had the ability and finance in place to go completely independent if they so chose. But obviously decided it was less hassle to let someone else do this stuff, but get less cash.

So they were at worst symbiots, rather than parasites.

Re: Oh really?

GCHQ are also supposed to be helping out against corporate hacking. It's always been assumed that China and Russia use still use state espionage resources to help state-controlled companies. As they did in the Cold War. And that includes all the government cyber-war toys.

I've never seen it suggested that we did the same, at least with stolen product designs. But I know the Yanks were accused of using info from ECHELON to help US firms win big international contracts. So I assume the same accusation has been levelled at us.

Raj,

That's bollocks. Churchill was certainly a racist. A man of his times, when racism was not only normal, but many people believed it was scientifically validated. He also spent the 1930s complaining about more rights (or even home rule) for India, which is obviously a lot less worthy than his constant (and correct) warnings about the Nazis.

He was an imperialist too. Though you'll find that the current national curriculum covers the British Empire, and why taking over a quarter of the world was a bad thing. I see nothing in modern British culture to suggest that we haven't accepted that the empire was "a bad thing<sup[TM]</sup>". And Britain has consistently been one of the world's largest foreign aid donors, providers of peacekeeping troops, supporters of global institutions and norms, since the war. Partly as a result of an imperial past.

But you'll have to come up with some justification for "genocidal" (which has a specific meaning). Or admit you're talking bollocks.

Come to think of it, mass murder as well. The bombing of German and Japanese cities is an interesting moral problem. After Dresden, it's clear that the British were beginning to have their doubts. Churchill pissed off Harris by criticising him for that, and changing policy. The Germans were also particularly criticised for terror bombing in Spain, and at the start of the war. So it was obviously seen as immoral. On the other hand, it was the only offensive tool the British had against Germany after the fall of France. And it was the committment to the bombing that did a lot to convince neutral opinion that Britain was serious, and intended to continue to fight until Germany was defeated. Would the USA have joined the war in Europe after Pearl Harbour if the phoney war had resumed after the fall of France - or just fought Japan? Also without the air attacks on Germany, would they have been able to beat the Russians in 1941 or 42? Admittedly the Germans made a pisspoor job or running their war economy, production actually peaked in mid 1944, according to the US Strategic Bombing Survey after the war. Because they didn't really start operating a planned economy until 1942 - and even then they wasted too many resources on having too many different models of tanks and planes, rather than just picking one, and bashing out lots of them.

Anyway it's a lot more morally complicated. Mass bombings of civillians are now unequivocally illegal. But then nowadays we have the technology to do precision bombing. Again, according to the US Strategic Bombing Survey, only 2% of bombs dropped in WWII fell within 500 yards of their target.

The Russians didn't sign Geneva, but the Germans did. So it still applied to them regardless. And not only was the order illegal, the order even admitted it was illegal in its own text. And various German generals took the trouble to lie after the war, claiming they didn't implement it, when they had. Plus the written order only went to senior officers, with them told to only verbally instruct their juniors. So they knew it was wrong. And in 41, the army probably had the power to ignore that order. After all, Hitler didn't sign it himself.

Like getting involved in the purge of the SA (Brownshirts) for political advantage, this was one of the early acts that got blood on the hands of the senior army leadership. They did illegal things willingly, and early, and so compromised themselves.

The order was also stupid. Killing prisoners has a habit of persuading people not to surrender. And so senior officers were pleading with HQ and Hitler to rescind the order for the first year of the war on the Eastern front.

Not that Stalin was any better, obviously. According to Anthony Beevor's book, the NKVD (eventually became the paramilitary bit of the KGB) killed more Russian soldiers at the battle of Stalingrad than the Germans did!

If they didn't shoot you, they could demote you below private soldier, into one of the penal battalions. These were tasked with holding the very front lines, and were to be shot by their own side if they lived long enough to retreat. Theoretically an act of heroism, or time well served, could get you promoted back into the regular army again. But in reality, the paperwork was so slow that you were most likely to be already dead.

Re: Lester, your Prime Minister

Surely that beard was some kind of crime against fashion?

I'm not sure Karadic ever actually signed anything either. But he got convicted in the Hague last week anyway. When you're leader for so long, it doesn't really matter what you sign. If stuff is happening on your watch for years, and you do nothing to investigate or stop it - you don't really need to prove guilt. It can be safely assumed you approved, and were just careful not to write stuff down. Otherwise you could have done something about it.

Particularly when the crimes are so systematic. Hitler may not have signed anything, but almost everything else about the holocaust was oh so carefully written down and recorded. Even where the army dipped its hands in the blood, they still wrote stuff down. Like the Commissar Order - which even accepts in its text that international law can't be allowed to apply to a conflict as important as the invasion of Russia. The order was to kill all Russian commissars (political military officers or civilian communist leaders), and to err on the side of caution and shoot people if you couldn't be sure. So they apparently restricted the copies issued to only senior officers, but still kept them on file, rather than doing it verbally. Whereas Hitler did issue the order apparently, but in verbal form at a staff meeting, and didn't sign it, as it came from Wermacht HQ. Although I'm not sure if his later refusal to rescind it was verbal or written.

Re: only 71? bah!

Kurt Meyer,

I admit that it's quite unfair to blame Hindenburg for everything that happened after his death - given that he was not a well man, or seemingly much in charge by the end. But then again he did make himself and Ludendorff virtual dictators in the last couple of years of WWI, so I'm not sure that "loyal servant" is quite such an accurate description of him either.

Re: Nowhere to hide

To be fair to them, the original charity got eaten - due to running short of money/competence. She was taken on as an anomaly, a consultant with considerable (and probably unique) expertise and experience. So our new heroes had no place in their multitude of procedures for a non-employee who was non-office based with a completely random level of caseload. They solved some of that by employing her, but all other procedures seem to have broken down.

That's a problem the article fails to address. The author calls for all procedures to be rigorously enforced on everyone, and exceptions added to procedures. Unless you're a very simple organisation, that's almost bound to fail. Once you get a few cases of it failing, then people will be sharing and writing down passwords - sending emails to and from their own accounts and squirrelling data away heaven knows where.

Your procedure needs to designate certain people who can override the rules quickly, but are capable of doing so with an understanding of the risks, consequences and IT capabilities. And deciding to do this as a one-off, update the procedures to cover this from now on, or to do something as a short-term stop-gap with better secured replacement to follow.

No-one has the resources, or foresight, to get procedures totally correct - and keep them current with changing circumstances. Anyone who claims otherwise is delusional. And while they think they have the best systems in the world, will almost certainly find that they've been circumvented massively at lower levels in order to get stuff done.

Re: tailgate - oh the joys

An SAS commander in the Malaya emergency supposedly reprimanded the guards at a training camp for not firing on a returning patrol who hadn't properly approached or identified themselves.

He then apparently screwed up in some way himself, and got fired at for his pains. So he reprimanded the guards for missing him...

_{I've seen this from two different sources, but being a forces story, that has no bearing on whether it's actually true or not...}

Re: Nowhere to hide

my favourite saying is "Security is also providing access to those who should, as well as denying it to those who shouldn't".

This is really important. Actually I could even make an argument that in almost all cases, proper access is more important than data security. Unless of course your data has real life-and-death implications. For two reasons:

Firslty - you're probably trying to do something. If you can't do that something (whatever it is), then your whole organisation is rendered pointless.

Secondly - if you over-secure everything, so that people can't get their work done - then they'll just break the rules. And then your security it toast.

Obviously this is all subject to sensible risk assessment. Sometimes the risk of the right thing not getting done is less than the risk of the data being leaked or damaged - in which case your security needs to be more inflexible, people need to understand why this is and know they'll get hammered if they break the rules.

This is possible though. You can get people to agree to quite unreasonable procedures, so long as everyone agrees that the risk is high enough to justify the pain. And extra effort, and resources, are dedicated to helping the people on the ground to get their work done.

I give an example. My Mum works with vulnerable children. But as an outside consultant for a very well known charity, seeing as she's retired. They've got their network wrapped up nice and tight. So tightly in fact, that she's been working for them since she retired ten years ago - and only got issued a mobile phone this year. So sure, they can now remote delete this data, and enforce a password on her. But before that she had all the details on her personal phone, with no password.

She wasn't allowed to remote connect to their network (or even connect in the office) until she'd done several of those shitty online courses. But you couldn't get onto those online courses, without access to the network! Ahem. So she had to drive 60 miles to the nearest office, only for some shitty online video course thingy - that was a total bureaucratic waste of time. So because she was unable to connect to their secure (so secure you can't access it) data system, she was emailing stuff to her boss to upload, from her personal email account in the clear. And IT were no help, and just followed their procedures.

Sadly many of these big charities seem to have swallowed all the bureaucratic crap of big corporations and government - mostly I suspect by hoovering up all the crappy middle management types that are unemployable elsewhere - because they pay too many staff.

Chaos would be bad. This information is in some cases very sensitive. But just finding the names and addresses of families with disabled kids is easy - there'll often be stories in the media and charity press releases with names, that you can cross rereference with the phone book. I'd suggest that helping them is probably more important than hindering your frontline people - and there's an argument for keeping the sensitive notes in paper form, and never committing them to computer. But if you must, then you need to commit much more IT resources to the necessary hand-holding.