Re: Something in the water?
Not unique to the UK, but unhappily frequent anywhere near a Govt pork barrel.
It does lead you to wonder if outright bribes like in certain other parts of the world are ironically more honest.
Posts by Gordon 10
3884 publicly visible posts • joined 22 Jun 2009
Page:
Unit4 handed police ERP deal after 'significant deficiency' found in Oracle Fusion system
Are you ready to take a stand? Flexispot E7 motorised desk should handle whatever you dump on it – but it's not cheap
Mammoth grab of GP patient data in the UK set to benefit private-sector market access as rules remain unchanged
NHS-backed org reacted to GitHub leak disclosure with legal threats and police call, complains IT pro
Friday 14th May 2021 11:49 GMT
Im still unclear on why he needed to keep ANY data other than a couple of screenshots.
Using the leaked creds once is technically unauthorised access even if just checking they work. Using them to exfiltrate data (which is what appears to have happened) goes way beyond the pale regardless of how well intentioned he might have been.
I do think from a technie point of view the company over-reacted but that just human nature and security "researchers" should be aware and prepared for this.
FWIW I think the guy went from White Hat to Grey Hat when he stopped confining his work to disclosing the hole, and instead appears to have appropriated the data as "evidence" either to avoid the company covering it up, or for academic curiosity. It wasnt his job to investigate the extent of the breach.
Regardless of how egregious the hole discovered making moral judgements about a companies response or potential response is out of the scope of White Hattery and emotionally and corporately naive. You shouldn't be doing this activity for anything more your own satisfaction, and should not be expecting anything more than a grudging acknowledgement and cover up, and if such a thing occurs - unless that breaks a local disclosure law - you dont get to judge.
Man paralyzed from neck down uses AI brain implants to write out text messages
Thursday 13th May 2021 12:21 GMT
Re: Getting there!
Indeed. It almost sounded like the medical types were at risk at applying the same standards to the software as to the hardware which might be overkill in a read only application like this.
Get the hardware right (and safe and certified!) and the software will come along behind it. I'm guessing there would be plenty of people willing to spend an hour a day retraining the ML if it lets them communicate well for the rest of the day if they knew the implant is safe.
App Tracking: Apps plead for users to press allow, but 85% of Apple iOS consumers are not opting in
Another week, another issue: Virgin Galactic mulls test flight restart as VSS Unity fixed – but VMS Eve might be borked
UK's Department for Work and Pensions continues to move off Oracle Enterprise Data Warehouse in pursuit of a single version of the truth
Wednesday 5th May 2021 10:51 GMT
Re: So a recuction of privacy then ?
Thats a rather naive and blanket statement.
On prem is fractionally safer if done well in your own wholly owned DC or Cupboard (are you checking the minimum wage cleaners access?) - but how many companies actually do that? Let alone a Public requirement contracted out to the lowest bidder or an MP's bestie.
However by default a lot more effort has gone into making the the Cloud DC's and their services secure by design, and they are unlikely to be addressable to a random Googler.
With a State actor all bets are off anyway - I would go out on a limb and say they are equally at risk as the compromise is probably at the network/infratstructure/factory level.
UK government resists pressure to hold statutory inquiry into Post Office Horizon scandal
Tuesday 27th April 2021 16:45 GMT
Re: It's not just an IT scandal
You need to be clearer on where to direct your ire. Which is on the current Government who are failing to enact a series of recommendations to clean up Private Prosecutions made by the relevant Parliamentary Committee 6 months ago. I encourage you to Google for it - makes good reading.
Tuesday 27th April 2021 16:41 GMT
Re: Statutory inquiry
I think you are misunderstanding the role of the judge in the proceedings. The question you should be asking is how the PO was able to deny/bury material that should have been available to the defence team.
I suspect but don’t know that a number of cases did not proceed when a savvy defense solicitor or barrister was involved and it was dependent on luck of the draw and financial resources for the SPO’s involved.
NASA comes up with COVID-19 infection detector that's out of this world – E-Nose built from space station gear
Tuesday 27th April 2021 07:55 GMT
BBBZZZTTT WRONG!
Complete fail.
Manufacturing beats breeding & training.
Once you come up with a way of mechanising something you can scale up kit as quickly as you can get the raw materials and equipment to make it.
Breeding & training a new sniffer dog takes over a year and if similar to guide dogs has a high washout rate.
Unless you are suggesting mass scale puppy farms and industrialised training? That would go down well with the public.
Its one of the reasons we are driving cars rather than still riding horses. That and the vast quantities of poop. Which come to think of it is an issue with this idea too.:D
39 Post Office convictions quashed after Fujitsu evidence about Horizon IT platform called into question
Starlink creates risk of internet investment doom cycle, says APNIC researcher
Friday 23rd April 2021 07:54 GMT
Utter cobblers
Headline grabbing cobblers.
My academic attention whore alarm is going off.
The same can be said for any broadband service, which is why they have lots of ways of dealing with it, most of which will be applicable to Starlink.
I would also note that the solution for Starlink is to throw more birds in the air and on a per user basis it’s probably cheaper than digging holes in the ground.
Capgemini scores £150m contract to help Student Loan Company overcome its IT problems 5 years after £50m superfail
University duo thought it would be cool to sneak bad code into Linux as an experiment. Of course, it absolutely backfired
Thursday 22nd April 2021 09:11 GMT
Re: Place your bets...
Thats a naive statement. Its possible to get quiet co-operation for these sort of activities if the approach is right. It happens all the time in corporate environments.
This was lazy unethical behaviour - I suspect because they couldn't be bothered to get co-operation or were frightened of being told no.
Satellite collision anticipated by EU space agency fails to materialize... for now at least
Monday 12th April 2021 14:53 GMT
Re: Looking forward to full reusability & refueling
Hmm.
Given that SpaceX is also throwing up entire satellite constellations in volumes few others can match, I think this is a score-draw at best.
I'm no rocket scientist but if a couple of Starlink birds collide I reckon we are right royally f*cked.
How do we stamp out the ransomware business model? Ban insurance payouts for one, says ex-GCHQ director
Friday 9th April 2021 13:45 GMT
Dumb and Dumberer
Since when have GCHQ been good at anything other than electronic eavesdropping or lobbying for encryption backdoors? Its a disingenuous statement from a former member of an organisation who has contributed to the problem by hoarding and not reporting zero days and the like. The intelligence agencies are a large part of the problem.
Banning coverage or payouts is a dumb suggestion. Its no surprise to see technocrats trying to avoid the problem (partially of the industries own making) and ignore fundamental human and business realities that are much much harder to fix.
If this starts hurting insurances companies bottom lines then they will start taking action - such as setting minimum standards for coverage - but that wont address the core of the problem.
Its predicated on the false assumption that people buy the insurance rather than fix their legacy software and hardware estates, and its also predicated that IT is the fundamental reason a business exists rather than a useful tool like accounting or sales people.
There will always ransomware vulnerabilities just as there will always be fire risk in a physical premises. Suggesting that tackling a consequence rather than the multiple causes (human nature, Government behaviour, Vendor software development practises, designed in obsolesce etc etc) is just lazy and clickbait-ish.
Airline software super-bug: Flight loads miscalculated because women using 'Miss' were treated as children
Ex-Geeks staff lose legal bid to claw back withheld training costs from final paycheques
Thursday 8th April 2021 14:42 GMT
Re: I have seen this before
Not entirely sure what your point is. They got a substantial payrise post year 2, maybe not as much as they might have got on the open market, going from the one sample we know about, but they only had to stick it out for a few more months to get off the debt scott free.
They got a career jump start thanks to employer A, and Employer A doesn't appear to have put them into serfdom to do it. They may not like it but it appears the judge also thought the company had been pretty even handed.
I suspect they jumped ship before realising how much they would be clobbered then attempted a tribunal as a way of getting back.
My sympathy for these 2 guys is limited tbh.
Thursday 8th April 2021 14:36 GMT
Re: What about the quality of the training?
Presumably the complainants could have documented this lack of quality prior to the Tribunal. Either they didn't or the Judge wasn't convinced.
Not sure I have much sympathy for them tbh. It was well documented in their initial contracts and they knew what they were getting into, especially as they only had to stick it out another year to get the debt written off. I definitely have no sympathy for the guy who got a £10+ payrise upon leaving.
Privacy activist Max Schrems claims Google Advertising ID on Android is unlawful, files complaint in France
Post Office awards Fujitsu a £42.5m contract extension for the IT system behind wrongful subpostmaster prosecutions
Mullet over: Aussie boys' school tells kids 'business in the front, party in the back' hairstyle is 'not acceptable'
Director, deputy director, CTO of Free Software Foundation quit after Stallman installation
Wednesday 31st March 2021 11:17 GMT
Re: I met...
@Jake. I dont think Occam's Razor says what you think it says. The simplest explanation, with plenty of "prior art" to back it up, is that Stallman is/was has some douchebag opinions towards women - particularly young ones. It takes very little to assume that attitude bleeds over into actions.
Under threat of judicial review, UK.gov agrees to consultation before extending Palantir's NHS role beyond pandemic
Deloitte settled HPE's Autonomy lawsuit for $45m back in 2016 and agreed to cooperate with US DoJ
Monday 29th March 2021 12:32 GMT
You got that wrong-ish
Deloitte didn't assure HP of anything specifically, other than assuring *the world* the books of Autonomy had passed their yearly IFRS audit. A bad audit doesn't necessarily follow that a valuation for an acquisition was wrong.
HP hired KMPG to do due diligence on the acquisition of Autonomy, then their CEO failed to read the preliminary report (the CFO appears to have been fired for reading it and advising against the acquisition), then failed to wait for KPMG to complete their due diligence before signing on the dotted line with Autonomy.
The rest of your supposition seems plausible though. With one extra - if HP were hurt so badly by Deloitte's alleged dodgy auditing - why did they settle for $45m?
Mac OS X at 20: A rocky start, but it got the fundamentals right for a macOS future
Everything you need to know about the HPE v Mike Lynch High Court case
Thursday 25th March 2021 19:49 GMT
Re: Why so pro-Autonomy?
0. Anyone who was anyone knew HP overpaid. If you look at the comments section of the Reg stories at the time they are either OMFG or PMSL about HP.
1. Funnily enough the UK Fraud authorities declined to prosecute in this this case which suggests that a) at worst there wasn't enough evidence to prove fraud or b) at best everything was above board.
2. Auditors - see above. Plus the value of the deals highlighted is some tiny fraction of Autonomy revenues at the time. From memory it was essentially immaterial in a financial sense, a couple of % of sales but nothing that was justified
3. GAAP <> IFRS. HPE appear to have had very little understanding of the differences.
4. The due diligence wasn't even completed AND the preliminary report never read. HPE had literally no idea wether they were buying a Tesla or a Model T.
Anyone of these points alone puts HPE on dodgy ground, all 4 would make me very surprised if they succeed.
Also some nuance for the USians. This is a civil case - where judgement is made on the balance of probabilities of something alleged being true, the burden of proof is lower than a criminal trial. If this goes against HPE, Lynch will have a mega strong argument against extradition, as it begins to look like Uncle Sam the bully again.
Chairman, CEO of Nominet ousted as member rebellion drives .uk registry back to non-commercial roots
Richard Stallman says he has returned to the Free Software Foundation board of directors and won't be resigning again
Being asked to rate fake news may help stop social media users sharing it, study finds
Friday 19th March 2021 13:17 GMT
Gaming
What happens when the reviewing process starts getting gamed? Either by Bots or by some faction who manages to pile a load of reviewers in under the radar.
A sticky plaster at best....
This is all the result of the friction of sharing communication being reduced to near zero. Our social and intellectual models haven't evolved to cope yet. Metaphorically we are still at the point of pointing and grunting on the plains of Africa as far as our ability to handle electronic communications is concerned.
Big problem: Nominet members won't know how many votes they're casting in decision to oust CEO, chair
Thursday 18th March 2021 17:19 GMT
Re: Is the Nominet Board
You mean getting your pal in London to raise unsubstantiated allegations under parliamentary privilege, knowing full well that the Scottish MSP's dont have that same advantage (which is what all the redactions were about) - because the Scottish Parliament doesn't have that privilege, thus they are at risk of Contempt of Court, unlike Westminster.
A fact all the opposition MSP's on the committee and Salmond knew, but were careful not to acknowledge in public so as to stir the waters.
Sturgeon's a leading politician who probably didn't get to where she is by keeping her hands clean but at least she appears to have kept them to herself, unlike Salmond.
The rest of them dont give a damn about the women involved being abused again, as long as they have a stick to beat the SNP with prior to an election that could lead to an SNP majority, which would lead to all the laughably called unionist parties reaping the Brexit whirlwind in the finest piece of political karma the rUK has seen for a century. I for one will be bringing the popcorn.
In short - go away troll.
Thursday 18th March 2021 17:05 GMT
Re: Personal interests well before corporate
Once ousted I would seriously recommend they use some of the money saved from their enormous salaries to fund a forensic accountant to go over the books with a fine tooth comb.
Whats the betting if they haven't already there are massive golden parachutes built into the CEO's contracts?
Its also seems possible that the board has failed in its duty to hold the management to account. There should be an investigation and a recommendation that those doing so are barred from holding board positions again.
SQL now a dirty word for Oracle, at least in cloudy data warehouses
Friday 19th March 2021 10:06 GMT
This was a bit incoherent El Reg
Did you actually mean to say the opaque and propreitary SQL needed by DBA's to tune the system has been hidden away behind the scenes, or did you really mean to say access to SQL in general has been hidden? If so it might have been helpful to be more clear whats replaced it, because from reading the article I dont have a clue.
Ex-asylum seeker with infosec degree loses discrimination claim against UK cyber range provider after storming out
Desperate Nominet chairman claims member vote to fire him would spark British government intervention
Tuesday 16th March 2021 16:31 GMT
Eeerr did it ever occur to you that trying to do a job with the big boss man changing every 5 minutes because they've groped the help or because the strategy (tactics) change to another "sure fire vote winner" might be a little more tricky than working in your average corporate?
Whilst Im sure the ability of people in the Civil service has a similar range from time-servers to super bright diligent people, they have many many more rules than the average corporate, and likely a bunch of tossers as CxO equivalents that make the private sector paragons of virtue.
The real problem is that the UK is a super tanker and changing course is the work of years and not amenable to politicians whims and fancies. Plus the fact that some of the problems they have to solve are NP hard.
Biting the hand that feeds IT
