2521 posts • joined 22 Jun 2009
Re: Not Surprised
As a sidenote to my last comment, I should probably mention that our pro mail system is unreachable from outside the local network, and that I host my own mail server for sensitive personnal stuff. My Google accounts are thus only seeing mundane, unimportant material (as they bloody should)
Re: @AC Not Surprised
That's still entirely Google's fault.
First there's the fact that my cheapo smartphone doesn't have any room left for yet another app (mostly because Google insist that I keep its own Play-related apps installed and up-to-date even though I never used them, ever, and never will, and also partly because GNURoot Debian is more important to me than pretty much anything else -and nothing of that can be installed on my humongous SD cards because Google's own Android won't allow it without jailbreaking the phone).
And then I only use my Gmail account through IMAP -I only log in my Google accounts when Google forces me to do so because apparently logging in via IMAP from across the street (let alone from abroad) is apparently considered suspicious enough to warrant an account lockdown. Given that my mail apps have, to put it lightly, QUITE decent security features, 2FA would actually decrease both usability and security for me (stealing and unlocking my phone would be a whole lot easier than breaking my accounts from the user side, although of course if The Big G slips and gives access to my account from the inside I'm stuffed, but 2FA can't solve that).
There is of course a bit of stubbornness from my side, too : I couldn't be bothered to keep my smartphone with me at all times to save my life.
The day Google enforces 2FA, I'm gone. I can't be the only one.
Note that I do use 2FA for my banking operations, even though my bank doesn't mandate it. I choose the card-reader password generator, because even though it's a bit more cumbersome it's actually 3FA (webform login, physical card, and NIP). 3.5 FA if you take the card reader into account.
Re: It takes very little to be better than tha Harrier...
Just, as an all-around plane - one that should take the roles that were covered by F-14, F-16, A-6, the F-35 is just a so-so plane, and will have troubles against more capable ones.
An aicraft covering most of these bases have been deployed in operations around the globe for quite some time now, with reported superiority on both airspace control and ground strike over USA-built alternatives. The problem is, it's French.
Fact of life: an experienced operator with good knowledge of his (/her) tool will almost always outperform a less experienced operator using a "superior" tool. Knowledge of the opponent's weaknesses (when applicable) also greatly helps. That's an universal truth. I see you point and raise a "Biplan vs Jet for night frightening operations" card on the eastern front during WW2. There is one well documented case of a direct victory for a biplan over a "modern" jet airplane (left as an exercise for the reader, yadda yadda yadda). Ultimately the performance problem is almost never with your tool but almost always with how you use it. (sizequeens notwithstanding).
Re: Hearts & minds propaganda, courtesy of MoD
> development started in 1957
Also missing (quite understandably) is the combat perfs. The gap would have been easy to cover but that's what you get for bailing out of the Rafale program - the reasons for this being, again, quite understandable, but directly in contradiction with the latter decision to switch to the American program. Politics is almost entirely about doing the exact opposite of what the previous administration did, just to prove how wrong they were. With the same result on costs and effectiveness, again and again. *SIGH*
(surely that vertical thing is mostly a gimmick, given how even the F35 program almost gave up on it in favor of the "short landing" option when it became evident that fans can't possibly compete with wings in terms of lift; feel very free to prove me wrong)
UPC and Battistelli lead to fear
Fear leads to anger, anger leads to hate and hate leads to alcoholism. The bar association knows where its interest lies ! Prosit
Quite clearly scandalous
I've come by some of them silicon valley people. They routinely take FRUIT (at work, even). A non-negligible proportion JOG to work, while their less depraved colleagues exhibit an unnatural propension to use non-motorized BIKES. The white powder mentionned in the story was probably gluten-free, organically-grown, perhaps even fair-trade certified. One can only hope it was not some kind of quinoa derivative. This deviant, unnatural lifestyle is an insult to civilization and should defo be banned. What are we, animals ? I mean, one of the attendees even dressed up as a rabbit, confession of guilt if there ever was.
Re: Enigma / Poland
the taxi driver taking me back to the airport beating the traffic by driving on the tram tracks for sort distances.
If that got you weak in the knees, don't ever go to Vietnam, where the "occasional taxi takeover lane" is the sidewalk...
Undisclosed number of bitcoin
That could be worth anything between 2 cents and a few bazillions.
Why did he have to give that up? Computer and phones I get (he used them to carry the offences), but by essence bitcoins cannot be useful to the investigation. Or was it feared that he may use them to make unapproved purchases?
Re: Trygve Henriksen
Nonsense. Some of the measures you are recommending will also make life difficult for day-to-day work, and the others are just useless if not harmful. Storage and desk areas, that you recommend be placed in the furthest area of the server room, should really be completely separate and placed foremost so as to serve as additional access control. In the real world no raised floor or access ramp will prevent strorage of any kind of object, including very heavy ones. You would only create problems for yourself by increasing the hassle of removing them. No raised floor will prevent clueless people from thinking that storing it there is easier than chucking it in the lift and putting it in *proper* storage in the -creepy, dark, distant- basement. Or, god forbid, filing the proper paperwork to have it discarded. "recycling area"-type marking actually makes it WORST, as people do genuinely believe that it's now YOUR problem and will dump MORE garbage there. Trust me, been there, seen that, and quite often, too. We even had to deal with a "work accident" claim from someone who got a backache from dumping a small (broken) fridge from the rest area into a tech space. Said tech space being difficult to dump gabage into was designated an Occupational Hazard in the claim. Yeah, right. (this one didn't go through, obviously).
Obvious design fail
Designing it "roomy" was asking for trouble. If there is spare space in a non-client-visible part of a building, it WILL be used as storage space until the room is no longer usable. You're lucky that you didn't end up hosting the cleaning staff's wheelie cart as well. I for one have never seen any place where that did not happen, and I've seen quite a few places on several continents. It's just a basic law of the Universe. If you want a garbage-free environment, design it with enough space for operation, but barely (of course that doesn't apply to client-visible places such as lobbies, where hundreds square meters of empty, wasted space seem to be desirable).
Re: "Whois" is already basically worthless
Then add to that proxy registrars, and only the people who need to be seen as giving trustworthy info are actually found in the databases.
"Low level format"
Also know to most techies as simply "format". There is no such thing as "high-level format". There is formatting, and there is deletion of the partition table. Microsoft's "quick format" is therefore not formatting anything. "low-level" format here would not be (more) indicative of deliberate mischief.
In any case on a machine that age, the most cost-effective wipe would surely involve physical destruction !
Actually this kind of "dendrite" are a well-known cause of short circuits in electronics; similar-ish structures form from solder (especially lead-free solder), for example. The cryo-EM here is just a mean to "fix" the structures at various points of time, since dissassembling the batteries at room temp would probably destroy them.
When users have to meet secretely and anonymously to try and understand licensing terms and avoid being sued to oblivion by their own supplier, perhaps it's time for them to understand that something is rotten and they ought to change suppliers...
Re: Maybe if they collected less insects, there would be more around...
Eeeh, lad, I can remember the day when a fly killer spray did what it said on the tin. The crap you get sold now only works by drowning them
Mostly true, although you can still find the "good" stuff if you look properly. I have a can of that (used it twice I think; I am usually quite happy sharing the premise with unobstructive bugs). It works very well, although the instructions for inside use state that you should spray it quickly, exit the room immediately, close it thight and return only at least 1/2 an hour later and then open all windows etc.
Re: Maybe if they collected less insects, there would be more around...
Or perhaps German instects are wising up and avoid traps. Took them long enough, too!
Re: Some if this is already possible ...
Same setup here. It's still not as good as a physical keyboard, but it's at least usable.
Why wouldn't it, but more importantly why would you want to do that?
In any case, it will not be a big change for me, I've been running GnuRoot Debian on my stock Android for ages, to do some network management and other offsite stuff. Better at local file management, too. Pretty much the only thing it can't use is the phone function, but who still uses that, amiright?
Re: this going to go well
At least no-one will actually die, just spend the rest of their lives in legal disputes as the mess gets cleared up. oh... was that a hospital system I just wiped?
Some interesting scenarii to consider: find a poorly secured account on the, say, DoJ systems, log in there and use that to chuck whatever mildly worrying connections at a NSA subsystem.
Interesting side effect: as most people in charge have a very hazy understanding of "hacking", care to imagine what absolute mess would be achievable... heck, some network testing tools allow you to spoof the originating IP out of the box, no actual hacking needed...
I will say no more lest it gives Anonymous some "interesting" ideas.
Re: easier way
The person was a very experienced vi user who could touch type at some speed. This was about 30 years ago. I suspect he was typing ahead on a very slow response remote connection - so could not see the effect of his keystrokes for several seconds.
Excuses. You do not type :wq [Enter] in Vi without having checked what you were saving. Period. Even if that means waiting for several seconds for the feedback to come from the distant system.
Actually, it's funny to imagine that we will see a revival of these "slow connection ate my homework" anecdotes as more and more people use Office360, GoogleDocs and the like, where a dropped connection and a split second of inattention can mean that you either clicked the wrong button or did something you never wanted to do, due to slow GUI update. Plus ça change...
Re: easier way
He mistakenly invoked the vi :x command for file encryption.
OK I'll bite
[random text relevant to the file being edited, and that will be taken as the keyword]
During all this, including the saving and closing, you need to not have looked at your monitor even once to check that your input is correct. That's at the very least 7 keystrikes not accounting for the keyword, so a very minimum of 8 keystrikes for a 1-character keyword (OK, seven if you condense the last 2 commands) if you do it purposedly. If you didn't mean to do exactly that, the random text is likely to be longer than 1 char, hence my "dozen".
Unless of course you were just hammering away in a tool that you don't undertand, in which case it's similar to hitting "by mistake" ctrl-a delete ctrl-s [enter] in, say, MSWord. All without looking. Only harder in Vi. While there is is no such thing as "probability zero", Vi users tend to have chosen the tool, and thus understand that command mode is meant to issue commands. That's why I was impressed by the level of gormlessness involved in the scenario.
Re: use the mouse to move the pointer
Use a Wacom stylus/digitiser to sign your name.
That's not a pointing device then, but a drawing one. And in your use case a pen/paper/scanner would actually be more cost-efficient than a Wacom. But I get you point. When drawing stuff that is not easily mathematically modeled or digitally imaged, a drawing device is indeed useful.
Once the signature is digitized, though, duplicating it using only kb shortcuts is not cheating but efficiency :P
In my defence, that's not something I do very often hence the "in my experience" statement, and a mouse is not terribly useful at that either (hence your Wacom reference, I suppose)...
Still, have an upvote for reminding me to never * say always again.
*drats, did it again, didn't I ?
Fair enough. I don't want to be seen as body-shaming butterflies. That might upset the twittersphere.
Re: Oh noes
migration of legacy Z/OS keyboard driven dumb terminals onto NT4 as late as 2005. Besides everything that is wrong with that statement
*chuckles* here, have an upvote from a fellow
hopeless old fart deadwood experienced professional.
Re: easier way
In emacs its just C-z M-e M-Tab, followed by your keyword.
And Enter, presumably ? I'm not very familiar with Emacs, but it's similar in Vi, and I stand by my words; please feel free to fire up Emacs and actually try it -from edit mode- in fewer that a dozen strikes (assuming here that you don't use a single-character keyword) and without hitting a key that you wouldn't use in normal non-command typing. I'd be happy to see the answer, as that would be yet another reason to say that Vi is superior to Emacs (which is obvious to begin with but heh :P )
I would try it myself but for some reason I am a bit reluctant. Wasting a few hundred MB of valuable disk space to install an inferior editor* just to make a point in El Reg comments does not rank very high in my to-do list. Not until I get (more) seriously bored anyway :D
* prflblblblblblb also yo momma's so fat she could install Emacs on her underbelly without anyone noticing.
Re: use the mouse to move the pointer
As an aside, our current labsystem is completely mouse-free once you've clicked on it's icon to fire it up...
in my experience, for long-term use of the same tool, keyboard-only is always more efficient, including for image or video editing applications. Of course said application has to allow for keyboard control, and with the current trend towards extreme infantilisation of IT users we now see applications (including "serious" scientific stuff) that are designed like toddler toys with bright and large colorful shapes and rounded corners as the only means of interaction ; of course these need to be clicked on -or better, punched on-screen- and are not KB-accessible, because UX means we're all back to kindergarten for some reason.
Re: easier way
he had earlier miss-hit some control key sequences - and the file was now encrypted with an unknown pass phrase of the subsequent text.
Wow, you'd need to be typing some very strange stuff while not looking at your monitor for at least a dozen keystrikes for that to actually happen in Vi. Oh, and you'd have to quit edit mode to enter command mode, which (unsurprisingly) involves a a key that is not used often. Usually escape, but I guess if you were really, erm, special you could set it to the "e" key and type in the ASCII code for "e" each time you needed to input that letter. Unsurprisingly, I'm not aware of anyone using that setup in the real world, but hey, there's no such thing as "probability zero". After all, I'm told some people devote a lot of time to chucking insults in Klingon at each other while banging bat'leths.
Re: Oh noes
it involves either pressing them with the palm of your hand (damned near impossible to operate a two-button mouse correctly that way) or taking your hand off the mouse to use them.
No, it involves moving the mouse with your fingertips, with your palm on the desk (in our colleague's case, at least. Can't speak for the user mentioned in the article). Actually given how we get told to use trackballs instead of mice because RSI, it might be better, come to think of it.
Re: Oh noes
Left and right click must be odd if you use the mouse backwards no?
Nopes, she's used to it. The wheel isn't a problem either, as more and more people are used to scrolling the "wrong" way due to touchscreens. No, the weirdest thing (to me) is the direction of the moves. I mean, OK you can train yourself to move right to go left but she's equally fine with touchpads, which go in the "right" direction. Oh well. As long as the works gets done, there's no wrong way to use your tools, I suppose.
Re: Oh noes
I'd suggest that any user unable to tell which end of the mouse to hold is unqualified to use a computer in the first place
As I said, we have someone here who only uses the mouse in an upside-down fashion. Doesn't complain that the cursor is moving the wrong way though, that's just how they've been told and always have used it.
Re: Now it can be told...
For desktops, a bluetooth dongle on the back connected to a wireless mouse (or keyboard) can be hours of fun, too. Days even, if you're careful enough not to get caught.
Re: Every day's a school day
In fact we have a person here on the team who uses the mouse "upside-down". That's how they were told to do many, many years ago and can't use it any other way. That's a bit weird to witness but they do seem to manage.
Also, the rotated camera is a classic. Formerly in charge of the imaging pool of a lab, that's something I witnessed too many times to count. Heck, that's even a trick I (and others) have used repeteadly to avoid (some) image post-processing. When you have a preferred orientation in mind and the imaged object seems to have a different idea in mind, rotating the camera so that all images are oriented the same way is often the best solution.
Re: myself on self-emailing photos
As a sidenote I recently had to ask a PFY for a contact list (off-work event). The guy trawled his phone's directory, took (very badly) handwritten note of the 3 phone numbers, shot two (very blurry) snaps of the piece of paper and sent them to me by email. I was (figuratively) fuming.
Re: Does IMEI count as personally identifiable info?
Tip: when you buy something valuable, take a photo of the label with the serial number & email it to yourself.
Tip: don't give tips about emailing photos to yourself on a place where sysadmins and netadmins might hear you, lest you are begging for an unfortunate workplace accident...
Well, TBH I'm not entirely sure that Google or Apple are securing their streams in any such way. You know, like when their default soft keyboards send home litterally everything you type. Before I switched to Hacker Keyboard, Google keyboard was frequently the app which used the most mobile data on my phone... which tells a lot about both mobile OS vendors and my level of secludedness !
Re: First post!
Still a few people there, and republishing of the old strips. Not even close to what it used to be, but the folding@home and digital photo club at least are not quite dead yet.
Re: Twitter IS a toilet
I see Twitter as a private company billboard, if they think you smell, have a wonky eye then they can ban you they like.
Says so in their TnCs, too. I don't know by what miracle some people have come to view twitter as a public service dedicated to information. That's a company dedicated to extract as much cash as possible from exhibitionism and narcissic instincts, and as such they always made the decisions which got them the most cash. No surprise there.
Re: Advertisers won't be happy.
and most of them will be running a Chromium derivative or FireFox, rather than (shonky old junk like) IE or Safari
I, for one, wasn't, but El Reg started crashing Midori at launch about 2 weeks ago, so on this machine I was forced to switch to FF... thankfully xombrero is still fine with whatever piece of client-side tomfoolery El Reg is now up to (perhaps bitcoin mining ?) so my usual machines are still Firefox-free
Although the system won't ask for your name, you need to provide use cases. If the use case is vague, the "generic" answer you'll get will be useseless, and if it's precise enough to allow for the correct "generic" answer one would presume that it makes your identification trivial. Hard to see the point then. Especially as they promise a "generic" answer, i.e. a non-binding one... and also it's unclear whether they would consider anonymous question to be proof of good faith.
Of course there are going to be health consequences
And you can rest assured that it's how the adslingers will weasel their way out of trouble.
See, excessive gaming and stressful in-game situations can lead to serious disorders, so we NEED to track gamers and suggest they have a break from time to time. Now it can't be our fault if the break involves buying something from us, surely, can it?
Re: No loss (Enable JS)
Yeah, it's a pity too, as it is used by some places I like. But I will only consider enabling JS for things that are both absolutely job-critical and reasonnably safe, and both conditions exclude anything using disqus.
Re: Really? It's not a joke, though Barb seems to be
"no Queen to step in and see that the wishes of the people be reflected in law."
In fact yes there is. There is a provision in the constitution that the Queen of Canada* has to support the PM unless he loses the support of the House (i.e. the People, or so it should).
Your incoherent babling about royally appointed people who are really self-appointed is amusing by the level of delusion and conspiracy theory. While the Queen's power is largely theoretical, the "royal" appointments are really the Queen rubber-stamping proposition by the PM, who happens to be elected and not self-appointed. So instead of the PM directly appointing these people like what happens in the other countries, he has to have the Queen (or, mostly, her representant) to rubberstamp his propositions. I can see how the slight complication can confuse the simpletons, but someone as clever as you are surely can grasp that simple concept?
* who really is Elisabeth II, and you denying it won't change that fact
Re: Really? It's not a joke.
" Canada, a sovereign nation with no Royal Family or legal colonial connection to any Nation ruled by Royality" except for Elizabeth II, Queen of the United Kingdom, Canada, Australia, and New Zealand, you mean ? Yeah, appart from her, no connection to a monarch whatsoever.
Perhaps 6 hands -> Shiva -> female ...
Re: Yeah but
And for the "reboot" part as well, since patching systemd would also require a reboot. systemd, bringing Linux to the WindowsME security level !
Possibly related recurrent TLS F**k-ups
These days I'm seeing a LOT of TLS errors when connecting to El Reg (comments, articles, frontpage, the whole lot). That's from at least 3 independant connections from my side (unrelated IPs) and 4 different machines, 3 different browsers. It often causes lost comments (back to blank form, please retype...). In fact I have now resorted to typing my comments in a text editor (Vim, since you ask, because that's the best text editor ever, obviously ;-) ).
My F5 key kindly asks you to sort your shit, pretty please.
Comment copy / pasted from Vim because I may get yet another TLS error on the first few tries
Re: "total labor cost to the US Army of approximately $2.6 million"
I am not one of the downvoters, and I had a long yet witty response typed when either ElReg or CloudFlare decided crapping themselves would be a good thing to do.
Long story short, 700 000 bucks claimed against McKinnon, a slightly lost kid on the other side of the ocean trying a default remote desktop password and not disturbing anything, vs 2.6 mil claimed against an IT professionnal with physical access to "critical" systems and causing actual damage... the 2.6 mil claim doesn't seem the most overstated of the 2, to me.
"crime in cyberspace" ????
Appart from the obvious fact that no-one cool has used the term "cyberspace" in the past 3 decades, how is sabotaging a server "cyber"?
Re: Self service checkouts
"You don't get the checkout operator looking over your purchases, giving you funny looks or making "witty" comments because you happen to purchasing certain items together."
I don't know about that, when I was a youngling I was amused by one tilltender wishing me a pleasant evening as I exited the shop with a bottle of champagne and a box of condoms.
I usually don't dislike exchanging a word or 10 with fellow humans. I see enough automatons at work as it is.