2135 posts • joined 25 Mar 2010
Re: Equality in advertising
To me the solution is so simple, I wonder what is the obvious thing I'm missing:
Let advertisers aim their ads at whoever they like. But also make all ads available to anyone who requests them, filtered only by such terms as the viewer specifies.
Then any woman using Facebook would easily be able to get a list of ads for job type XY, even if the advertisers themselves ticked "men only".
Holy macaroni! After months of number-crunching, behold the strongest material in the universe: Nuclear pasta
Science doesn't acknowledge "forbidden". There is only "possible" and "impossible", and the line between those categories moves from time to time.
It was good to read of the SNCF experience, if only as an antidote to all those who seem to be hankering for a return to the good old days of British Rail.
Note to millenials: there is no reason, either theoretical or historical, to imagine that a nationalised rail service would be any better.
Interesting use of anonymity here. Apparently, Leavers still don't want to be publicly identified, even by pseudonym.
Re: Don't worry, it won't last
I loathe Trump, and I think Kavanaugh is a lying partisan hack who doesn't belong anywhere near any judicial bench, let alone the USSC...
But I have to give Trump his due. He may not care much himself about "freedom of speech", but his administration on the whole has been more favourable to it than others.
Re: not yours
Having a legitimate disk copy of a given movie would seem to be a pretty good license to freely download a working copy from the Internet, in the event that the rights holder somehow revoked the functionality of the physical disk.
You're not a lawyer, are you?
You can certainly argue that having a legit disc copy gives you the right to do whatever you like with that disc, within reason - including, for instance, putting it into any kind of disc reader of your choice. But to claim that it gives you the right to make another copy of whatever work happens to be on that disc - is pretty much the opposite of how copyright works.
Oh yes, that'll work, because everyone knows what "AI" is - no ambiguity about that at all.
This is... a not entirely unforeseeable aspect of the tragedy of Brexit.
DEFRA, like for that matter every other gov't department both in the UK and in Europe, can't fully "prepare" for Brexit when no-one has the faintest idea of what, specifically, it's preparing for. And with negotiations still up in the air, and expected to come down to a traditional EU-style deadline-crushing intensive finale, no-one is going to know that until it's too late.
If they'd gone to the other extreme - creating contingency plans to cover every possible outcome of the negotiations - they'd have been (rightly) castigated for wasting hundreds of millions of pounds on consultants planning for things that were never going to happen.
The takeaway from this, apart from "let's shelve Brexit for at least ten years or so", is: don't have a referendum with a vague proposal. Negotiate and pass all the laws you need to first. Then the only question on the referendum paper is, "should these laws go into effect?".
Re: Saw this coming
The idea is not that anyone could infallibility spot a fake, that's too much to ask. But it should be possible to demonstrate that the picture or footage I took has not been doctored.
Sure, it may be edited for legit reasons - but then, if challenged, I'd still be able to provide the original for comparison.
Saw this coming
We really, urgently, need some way of authenticating "real", un-doctored video. Digital signatures embedded at the moment the image/footage is taken. Why is that not standard on every camera by now?
Get on it, camera makers. It may be too late already, but that's no reason not to do it anyway.
Re: Same Sh1t Different Day
Don't be silly. We've seen what happens when big govt systems are built that way. They're an unmitigated catastrophe in both cost and functionality.
At least this one is working, in the sense that it hasn't completely cut off the function of its departments. Compared with, e.g., the NHS information system, or Universal Credit, or any number of other public sector IT projects - £17 million a year sounds like a bargain.
Re: Plausible deniability
Only if you can also arrange for someone to lose the original paper version. That may (or not) be an audit record in itself.
The real question is, why do the work on paper and then digitise it? Why not just fill in a Web form or equivalent directly?
Seriously, you don't look at nutritional info at all? Either you're young, or you have the constitution of a hippo, or... I don't even want to speculate what.
I remember being young and ignoring all that stuff. Now, not so much.
More like "code whose original purpose, if any, has been forgotten or is now just obsolete."
The trouble is, it's not easy to identify that code. A lot of things that look like cruft turn out, once you actually remove them, to have been playing some obscure but important role.
Meh, snip all you like, but the sad fact is - lots of people evidently prefer to communicate that way. Not me, but then I'm not lots of people. It's not groundbreaking, but it's useful.
Re: Worse than useless data --> worse than useless reporting
To be fair, that's not worse than useless. It's clearly a story that's thrown together very quickly on the basis of a pretty unexciting press release - but those press releases, and stories, are often the necessary building blocks of serious analysis.
Re: Be careful...
The Internet has a *terrible* memory. I've tried finding things I posted on Usenet 20 years ago, and had no luck despite knowing exactly what I was looking for, and having a whole department of Google to draw on. Try finding a website from that era - chances are that even the Wayback machine only has a small selection of pages, if that.
It's a total myth that once you post it online it's there forever. Sure, *someone* probably has access to that material - but not ordinary drones like us.
Re: Right to be forgotten
Amateur. The way to be forgotten by Google is to get a gig writing some worthless but opinionated column for a reasonably well known publication. After a few months of this, any old results will be buried below the front page of search results, and we all know who checks those.
Example - try googling Andrew Orlowski, see what youthful misdemeanours you can find...
Libre Office is OK, but let's not pretend you can just slot it in to an office's install image in place of MS Office and expect it to work. That will not work.
MS has been to a lot of trouble to make Office customisable. What with styles and templates and formulas and macros, you don't even know *what* anyone else's install is capable of. And then there are a shedload of third-party tools that integrate with Office - again, you can't simply point those at Libre instead and expect anything but total chaos.
It's just not the same thing, and you're not doing anyone favours by pretending it is.
Smut slinger dreams of AI software to create hardcore flicks with your face – plus other machine-learning news
Re: Oh No
Any amount of training will only be as good as the current generation of processes. Within 18 months the next generation will be available, and it'll be able to fool whatever training you can get today. Within 5 years, there will be no reliable way even for an expert to distinguish between real and faked video.
Welcome to the future.
Re: Copyright Issues
Arguable points, but nothing to do with the DMCA. That act says nothing about copyright duration.
It seems to me that "doing it manually would be too costly to justify" is another way of saying "we're not being penalised enough for doing it wrong".
If the respective forces were being fined, say, £10 per person per day for every biometric record they kept after the justification for keeping it had expired, they'd pretty soon figure out a way to delete them. Nothing focuses C-level attention quite like the promise of a huge gaping hole in next year's budget.
Testing, testing, and more testing
It seems to me that "network scaling issues" and "company policies" are just another way of saying "testing".
If only we could get a provider who was willing to certify, on pain of actually, y'know, paying money by way of compensation, that a system designed in compliance with their published spec would continue to work correctly after patching...
Ah well, I can dream.
To test the passwords, the auditor general's staff compiled a dictionary of common weak passwords from pentest resources, and tested those against 520,000 current and disabled accounts on WA government systems.
If the system even allows you to attempt that sort of crude dictionary attack... Wot, no timeout between failed login attempts? No maximum number of failed logins before locking the account? I don't know if any kind of "strong password" policy could compensate for those weaknesses.
"56kb/s should be enough for anyone?"
I'm honestly surprised the plaintiffs haven't tried to get a friendly student to collect evidence for them. On the other hand, if they suborn a student who then does something illegal at their behest, where does that leave them?
Now you can tell someone to literally go f--k themselves over the internet: Remote-control mock-cock patent dies
"Industry site SexTechLaw"?
You made that up, didn't you? Fortunately I'm reading this at home so I can Google it...
Wow. Talk about niche.
You don't remember cold fusion, then? That was claimed by two researchers with way bigger reputations than these guys, citing way better evidence, and after a long, long wild goose chase it turned out to be bunk.
If a find like this is for real, it's huge. It's strange in itself that they didn't discuss it with some of India's leading physicists. Faking the email - is way beyond implausible.
Re: Witch hunts sometimes don't start at the top.
Pai did the right thing here, yes - but doesn't that make his hyper-partisanal statement, quoted at the end of the article, even more anomalous?
I think that statement was baiting a trap, and the Democrats have predictably walked right into it. That makes two in as many weeks. Honestly, I begin to despair of American politics ever returning to sanity.
Re: Spaceballs ? Nah!
You're all way too optimistic. The name we should be thinking of is Zapp Brannigan.
"My strategy is so simple, an idiot could have devised it."
Re: Sounds about right
Doesn't come close. Toilet cleaners may not be much appreciated, but at least they're not actively vilified and abused on an hourly basis.
Sounds about right
"Infosec", if that's a dedicated job, has to be the most thankless job in any organisation. It's like being an auditor, and a quality management engineer, and a test manager, all in one.
Everyone will blame you when it goes wrong, but the twist is that everyone will still blame you even if you do everything right. You'll be the one telling salespeople what cards and transactions they can't accept. You'll be the one telling Marketing that that "one little feature" can't be added to the next release. You'll be the one sending arse-covering emails to management saying that of course you quite understand they want to bypass your 4-week test cycle, but you'll need them to put that instruction in writing and to acknowledge your warning on the subject. Pretty soon you'll be excluded from product meetings because of your sheer aura of negativity.
And that's if everything goes right. When it goes wrong, you'll be stood directly in front of the fan, if you know what I mean.
Disclaimer: I've been a quality engineer and a test manager, and I've experienced a small fraction of the above. But an infosec manager? - must have it twenty times worse. They can keep it.
Re: Old fashioned
Please don't get me wrong, I'm a big fan of pen-and-paper voting. I'm just cautioning against complacency. Just because the votes are recorded and counted auditably, doesn't make the system immune.
Re: Old fashioned
And that will work just fine until someone, let's call him "Boris", hacks into the list of registered voters and transfers your record to the next constituency over, so you turn up at your local polling station to be told you're not on the list...
Or they hack the published list of polling stations, so you turn up and vote exactly as you expect, but the official polling station is two blocks away, and the ballot box you just used goes straight to recycling...
Or they change your name from 'LenG' to 'Glen', so now you're not on the list at all. Are they still going to let you vote? I'm pretty sure voting under a false name is a crime.
Or... oh, I'm sure you can see the possibilities. Suffice to say, hacking the actual vote is only the tip of a very large iceberg of mischief.
If you lack the IT skills necessary to do your job...
... then your manager has failed and needs either retraining or firing. Because it's their job to make sure that this is not the case. That's, like, literally the most important thing they're paid to do.
And they're paid more than you, which means their fuckup is bigger than yours.
What do people understand by the phrasing "do their jobs well"? Everyone imagines that a computer system can be super-efficient, one-button no-errors all-singing Dolby-surround digital perfection. Now, we hardened veterans know it's never (ever, ever) like that, nor likely to be - but at least one-third of all people imagine that it should be, and then blame themselves when errors happen.
When the fact is, the interface/app they're using is likely so shite that unless you perform steps A through J in the correct order and at the right time (which you have no way of telling, and neither does anyone else because it's undocumented and probably, frankly, completely untested...) - it will go wrong.
If you're lucky, it will go wrong in some obvious way, but many people are so deluded that they actually see this as a failure, rather than designed and intended behaviour.
TL;DR: if your job requires you to have skills you don't, in fact, have, then it's the job that's badly designed. Not you.
This XKCD also seems appropriate.
Dear Mr Pai,
You might want to rephrase part of your communication there.
If some people in your organisation "didn’t feel comfortable communicating their concerns to me or my office", that at least is one thing you can't blame on "the previous administration". It's a truly heroic admission of fault on your part, puts you head and shoulders above most Trump appointees. Hats off to you, sir.
Re: How it works:-
If they turn over billions, then of course they pay tax. National insurance contributions for their employees (who also, of course, will be paying their own taxes), and VAT on most of their sales.
Corporation tax is never more than icing on the cake.
Re: You can "dehumanize" robots?
You may take that attitude. But what this research shows is that a significant number of people don't. Don't you think that's interesting?
Re: Wait .. tell me I'm not misunderstanding this?
Hey, if you want the gov't to be able to spot a scam, you've gotta allow them time and resources to do it.
The more you insist on taking up their time with trivialities like the Irish border question, the less time they have to look at the proposals and contracts that get dumped on their desks by the handful on an hourly basis. That's one reason why cutting taxes is self-defeating - it makes a government more wasteful, not less.
So, I looked at the links - and it's not clear that a ransomware attack should even be notifiable. Ransomware scum don't commonly, so far as I know, steal records - they just make them unusable.
Don't create a new TLD unless it is 100% crystal clear from the get-go, beyond any question of debate, who it should belong to, and what authority should get to say who administers it.
This isn't hard. National TLDs are administered by an agency nominated by their respective governments. Similarly I have no objection to creating ".disney' or '.pepsi' if you really must, though I think it's a shocking waste of everyone's time.
But taking a regular word with no specific trademark attachment and making it into a TLD? Just don't fucking do it. And revoke the ones you've already done, starting with ".info'. We won't miss them.
New training rule needed
Looking at the photo accompanying the article, it seems to me: you can fairly safely assume that anyone who poses in front of a flag is up to no good.
The truly appalling thing about this story
is that, in the stock photo, someone has put ice in the whisky.
Dear El Reg: you're British, you should know better than that. Ice in whiskey? OK, if you like. Ice in whisky? - awa' wi' ye, heathen.
Re: Looking through the wrong end of the telescope?
The "Does it sound OK?" judgment is likely quite hard for an AI to answer.
I suspect that your personal aesthetic judgment plays a larger part in the process than you consciously allow.
Re: More detail please
You can always read up on Stuxnet, which did exactly this. The Russians' approach might be similar. Or it might be completely different, they've got the skills.
Re: As C.S. Lewis said...
I'm sure Lewis would have known how to spell "whisky". And cigarettes? Surely those didn't become sinful until the early 80s.
I don't know much about Lewis's life, but that linked article doesn't fill me with faith in the rigour of its research and writing. To parlay one drunken incident at a student party into his being "a big Marquis de Sade fan" does not, to me, look like research conducted in good faith.
Re: Idiot password checkers
(unless they limit length too short)
Which they normally do. Honestly, what percentage of sites even allow you to have a password of more than 16 characters?
Worst of all, those that allow you to enter such a password, but silently truncate it without telling you. Then reject the full password when you enter it later.
I've learned to limit myself to 10 characters. Most places accept that. OK, it's not as secure as it could be, but like the old joke says: "I don't have to run faster than the bear, I just have to run faster than you". There are plenty of people way easier to hack than me, and that's what matters.
Re: An object by any other name
This is what I was thinking. You don't have to lose a whole "object" to be screwed, the corruption of a single byte can do the job.
And since "objects" are commonly highly interdependent, the corruption of a single object could quite easily render your entire backup useless.
Why should the US continue to support them if they will not at least spend the agreed amounts?
Conversely, why should the Europeans raise their military spending, when Trump shows just as much contempt for those who do meet or exceed their 2% threshold as those who don't? And is willing to change the rules at whim?
What's the point of trying to please such a man? Might as well just ignore him, it's a lot cheaper - and will win a lot more votes - and the outcome is the same in the end.