* Posts by Alister

4259 publicly visible posts • joined 19 May 2010

EU summons a CYBER FORCE into existence

Alister

Hmmm, "Rapid Response Force" and EU bureaucracy don't sit well together.

Alister

Re: And everybody this "Force" is set up to catch ...

"Cloud" is a magic place where only the initiated may tread.

T.A.H.I.T.I. - "It's a magical place"

Creep travels half the world to harass online teen gamer… and gets shot by her mom – cops

Alister

Re: Now he can get a tattoo, "Shot by the Mom!"

Traditionally, Little Red Riding Hood was saved by a hunter / woodsman with an axe, no firearms involved...

UK Foreign Office offers Assange a doctor if he leaves Ecuador embassy

Alister

Re: Pick your own poison

Get it, twerp?

I don't think you get it, do you.

Assange IS a fugitive from justice - he jumped bail and went running to the Ecuadorian embassy. He's still wanted for that.

The Brits won't send him to the US unless there's an extradition warrant issued, which there isn't, and never has been.

Israel cyber chief's 'pants' analogy for password security deemed, well, 'pants'

Alister

Re: passwords should be treated like underpants

Wrinkly and smelly, and crackle when you bend them?

Amazon, eBay and pals agree to Europe's other GDPR: Generally Dangerous Products Removed from websites

Alister

I do wonder if half the people who splurge the SJW acronym around even know what it stands for, nowadays.

Get a grip, literally: Clumsy robots can't nab humans' jobs just yet

Alister

Never mind picking things up...

it will be a long, long time before a robot can detect a spherical object travelling through the air towards it, calculate the trajectory, take into account wind, friction, spin and all the other factors, and move itself or place its end-effector in the right place to intercept and capture the object.

Or catch a ball, as any five year-old can do.

On Kaspersky’s 'transparency tour' the truth was clear as mud

Alister

Re: "perhaps they'd like to offer some evidence of this."

If evidences may put sources at risk, you may want to avoid that.

So that means then, that governments, or journalists, are free to publicly accuse an individual or company of malfeasance without presenting any evidence to support those accusations.

This is surely not how it should be?

Alister

...doth protest too much

I sense a shift in editorial stance on this, and I wonder why.

If governments want to claim that Kaspersky is a security risk, perhaps they'd like to offer some evidence of this.

Why would El Reg ask Kaspersky for evidence that the US is persecuting them? It's quite obvious that the drive to demonize Kaspersky started ever since Kaspersky's Antivirus identified malicious software on an NSA staffer's machine in 2014.

Happy birthday, you lumbering MS-DOS-based mess: Windows 98 turns 20 today

Alister

While Windows NT 4.0 pointed to a future free from MS-DOS, the majority of the Windows user base simply did not have the hardware to run much more than a jumped-up version of Windows 95.

To be fair, the original NT 4.0 was not really suitable for use as a home O/S, it took quite a few service packs before that was useful, and the price compared to 98 was prohibitive as well.

Plus, it didn't have drivers for many common domestic peripherals. Even network cards were a bloody nightmare to set up under NT 4.0, I remember fighting with a 3Com Etherlink 3C509, fiddling with dip switches to set the IRQ and memory range for hours before NT would work with it.

Uber's London licence appeal off to flying start: No, you cannot do driver eye tests via video link

Alister

Re: WTF

Honestly gov, yes, yes I did rob all those banks, but that was back then! I'm operating under new rules now. I've got a new code of conduct. So you should definitely let me be the head of the Royal Mint, so I can prove to you just how much I've turned over a new leaf...

“Shall I tell you about angels, Mr. Lipwig?" said the Patrician pleasantly. "I know two interesting facts about them."

India tells its banks to get Windows XP off ATMs – in 2019!

Alister

That's more than five years beyond the May 2014 end of support for the OS.

That's not true for XP Embedded, which is what most ATMs would run, it's still in support for another year.

And it has very little attack surface compared to the desktop version.

Cops: Autonomous Uber driver may have been streaming The Voice before death crash

Alister

So in what way, then, was this car "autonomous", If the "safety driver" was supposed to be watching the road and liable to have to take over at any second.

As far as I can see, the combination of Uber vehicle and safety driver were incapable of avoiding an accident, in conditions where a full time driver in a "normal" car would have avoided it.

Indeed a normal production car with autobrake and collision avoidance (ie. what the Volvo should have been capable of) could have possibly avoided the accident without driver intervention, which makes the standard production Volvo more of an automaton than the prototype Uber vehicle.

Have YOU had your breakfast pint? Boffins confirm cheeky daily tipple is good for you

Alister
Thumb Up

Re: What measure of 'drink' did these Americans use?

any amount you can hold in one hand.

So, a 5 litre keg should be fine...

WannaCry is back! (Psych. It's just phisher folk doing what they do)

Alister

We've had a number of these to various addresses within our organisation today, including the Chairman!!!

Oops! That caused a flurry...

Like another commentard above, we deal a lot with local authorities in the UK, and did wonder where these addresses were being harvested from. Interestingly, none of the addresses are flagged on haveibeenpwned.com as yet.

Test Systems Better, IBM tells UK IT meltdown bank TSB

Alister

Without this context, this document could be misinterpreted to the detriment of TSB's customers.

Translated:

Without this spin, the document could be correctly interpreted to the detriment of TSB.

MSDN unleashes a fresh round of unintentional innuendo bingo

Alister

Re: Surely

There is also the homophone "nob" - possibly an old variant - which referred to a head or someone from the UK upper classes.

That's just a shortened form of the word "nobility" though, isn't it?

Alister

Re: I've tried giving up using innuendo several times...

You need to grasp the problem firmly...

Microsoft Azure Europe embraced the other GDPR: Generally Down, Possibly Recovering

Alister

Re: Oops...

You CANNOT migrate on-prem workloads to the cloud as-is, or this kind of stuff happens - and it is your fault, not the cloud provider.

But, but, but... My Boss said that Microsoft said that we could migrate our on-prem Exchange to Office365 with no issues, and all the ickle birds would tweet, and every cloud would be rosy-pink, and all the flowers in the garden would bloom, and beer would be 10p a pint...

Are you saying they LIED to him?

PayPal reminds users: TLS 1.2 and HTTP/1.1 are no longer optional

Alister

For most, that means get a new browser, but the requirement also applies to systems connecting to PayPal's APIs.

Indeed.

A great wailing and gnashing of teeth was heard from our developers when they realised they would have to recompile their precious PayPal integration code using a version of .NET which was vaguely modern.

They were trying to blame Ops, saying it was a server problem. Au contraire, fellas, our servers happily support TLS1.2 in and out, get your shit together!

Cryptography is the Bombe: Britain's Enigma-cracker on display in new home

Alister

Or Tommy Flowers

He built Colossus, not the Bombes.

Alister

Ah, this is the one hand-built by Alan Turing / Benedril Cabbagepatch, is it?

No mention of Harold Keen or Gordon Welchman...

The only way is ethics: UK.gov emphasises moral compass amid deluge of data plans

Alister

and white handbags

Citation needed: Europe claims Kaspersky wares 'confirmed as malicious'

Alister

Re: Whatever.

Eugene and his ilk sell nothing but snake-oil anyway.

So Jake, you totally discount all the useful work that Kaspersky Labs do in identifying and warning about malicious software?

Or perhaps you think it's all misdirection and a Commie plot?

Dixons Carphone 'fesses to mega-breach: Probes 'attempt to compromise' 5.9m payment cards

Alister

Re: How about cookies?

There is no reason to go to such obscure lengths, there are already perfectly good mechanisms by which a customer can have a token stored for future use which do not need card details or CVVs to be retained.

Dixon Carphone obviously thought they could do it their own way.

Alister

Re: Why do businesses store credit cards

Because unfortunately most of us are lazy and don't want to have to enter our details every time you're ordering something.

Even then, if done properly, there is no need to store the full card details anywhere on the system.

Instead, you store an authentication token from whichever payment gateway provider you use (Verifone, World Pay, All Pay etc) which is generated on the first purchase. This authentication token is unique to the user's card and CVV, and can therefore be used for subsequent purchases.

You would typically store the last four digits of the card, simply to be able to present it visually to the user in their account details on your site, so they can identify the card, but it isn't used for transactions.

The CVV should never, ever be stored.

Low AI rollout caused by dumb, fashion-victim management – Gartner

Alister

Re: Low AI rollout caused by the fact that

Or rather, it is not available yet, at all.

There are glimmers of AI in various labs around the world, which are attempting to mimic the operation of the human brain, using neural nets and other techniques, but no, mining datasets is not AI.

As I said above, the term Artificial Intelligence has been hijacked by marketing types to mean data manipulation, but it is NOT, by any stretch of the imagination, intelligence of any kind.

Alister

Low AI rollout caused by the fact that

Artificial Intelligence is not generally available yet, as despite the hijacking of the term, data-mining != AI.

Among PHBs, human intelligence is pretty scarce too.

Four hydrogen + eight caesium clocks = one almost-proven Einstein theory

Alister

Re: Time flows backwards...

I mean my car has never once shat on the lawn,

Land Rovers are well known for marking their territory, in much the same way as dogs or cats do.

Uber robo-ride's deadly crash: Self-driving car had emergency braking switched off by design

Alister

Re: would a human have seen the pedestrian in time and stopped?

Short answer, yes a human would have seen the pedestrian in time.

The Uber video shown is not representative of the actual lighting conditions on the road at the time of the accident.

If you look here https://arstechnica.com/cars/2018/03/ you will see a whole different story.

Uber jams Arizona robo-car project into reverse gear after deadly smash

Alister

Re: Autonomous vehicle safety ignored

The video released by Uber was highly misleading.

Take a look at this article on Ars Technica:

https://arstechnica.com/cars/2018/03/

Alister

Re: AV's Hindenburg?

You assert that a "comparable human driven vehicle would not" have killed the poor pedestrian.

Humans kill quite a lot of pedestrians every day.

Yes they do, for all sorts of reasons, both the pedestrians' fault, and the drivers' fault. That has nothing to do with this specific case.

In the particular circumstances of the Uber accident: a well-lit multi-carriageway road, in dry weather, with good visibility, and a pedestrian crossing the road in plain view for many seconds, I put it to you that it is unlikely that a human driver of a non-autonomous vehicle would have killed the pedestrian.

Alister

Re: Autonomous vehicle safety ignored

@John Robson

So yes - there was a driver who was legally in control of the vehicle and managed to kill someone.

You persist in trying to muddy the waters here, and I wonder why?

The supervising driver was at fault, because they were not concentrating on the road, and were not in a position to override the vehicle in time to prevent the accident, but the fact is that the vehicle should have been able to avoid the accident by itself, and didn't.

The circumstances of the accident were not some strange or random edge-case which caught the vehicle's logic out, there was a pedestrian crossing the road, in clear view for many seconds, and the vehicle drove into them without braking or trying to avoid them.

A human driver in manual control of a vehicle would not have behaved in that manner, they would have attempted to avoid the accident in some way.

Alister

Re: Autonomous vehicle safety ignored

There *was* a human driver - they still ran straight into a pedestrian.

No, there wasn't. There was a human passenger with responsibility to monitor and override the vehicle.

You cannot equate that with a human who is fully engaged in driving the vehicle, the awareness and concentration required is completely different.

Alister

Re: AV's Hindenburg?

Which is why in all those cases the human behind the wheel is still responsible for the safe operation of the vehicle. We absolutely know that the Uber driver wasn't doing their job, and I think it's pretty clear that the Tesla owners weren't doing what they should have been either (remembering that the Tesla isn't an autonomous vehicle).

But that's dodging the issue. Lets ignore Tesla for the moment, which are not autonomous, but in the Uber case the alleged autonomous vehicle wasn't capable of avoiding a simple collision without human intervention.

I wrote:

What's not acceptable is when the accidents are of such a nature that they would not have occurred if the vehicle was being driven by a normally competent human in the same circumstances."

Whether or not there was supposed to be a responsible human, that doesn't change the fact that the vehicle hit and killed a pedestrian, in circumstances in which a comparable human driven vehicle would not.

Alister

Re: Autonomous vehicle safety ignored

I'm not convinced that humans can instinctively control a vehicle, and I'm pretty sure that many of them have no idea what they are doing, even after significant training and a small test.

If a human driver - even only a learner driver - was put in the same circumstances as the Uber crash, it would not have happened. A human driver would have seen the victim, and either slowed down or manoeuvred the vehicle to avoid a collision.

Even a learner driver on their first ever outing would not have blithely continued and run into the victim. This is what I mean about the built in instincts.

Alister

Re: Autonomous vehicle safety ignored

I don't think the argument is flawed. Put someone entirely untrained in charge of a motor vehicle and you'll have a crash in minutes if not seconds.

Nowhere did I suggest that we were discussing untrained humans. The comparison should obviously be with human drivers who are supposedly competent.

Alister

Re: Autonomous vehicle safety ignored

So learner drivers shouldn't be allowed on the road either then?

That's not a fair comparison either. Human learner drivers have built in instincts and abilities which are entirely absent from current autonomous vehicles.

Alister

Re: AV's Hindenburg?

It is not really about the absolute level of safety that will determine the future of autonomous vehicles, but the public perception. And thanks to a news media that lingers on every accident they have, that perception is increasingly negative.

It's easy to blame the media, but both Tesla and Uber currently seem to have issues which make their vehicles unsafe by any standard.

It's important to note that Tesla is not meant to be an autonomous vehicle, but even taking that into account, there have been three or four incidents where the vehicle did not detect large solid obstructions in its path, and did not brake or take avoiding action.

And as for Uber, the vehicle failed to detect or react to a pedestrian pushing a bicycle who was in clear sight for hundreds of yards before the collision.

Whilst ever autonomous vehicles share the road with non-autonomous vehicles, there will be accidents, this is accepted. What's not acceptable is when the accidents are of such a nature that they would not have occurred if the vehicle was being driven by a normally competent human in the same circumstances.

Alister

Re: Autonomous vehicle safety ignored

And this up against a bunch of halfwit meat sacks who kill on such a regular basis that it barely makes local news.

That's a flawed argument, though. If an autonomous vehicle can't at least match the safety standard of the meatsacks, then further work needs to be done before they are allowed on public roads.

Google listens to New Zealand just long enough to ignore it

Alister

Re: fair and impartial hearing

But that's the point, isn't it. As a geographically small, and sparsely populated country, New Zealand has to work harder to try and ensure that an impartial jury is possible, so more draconian suppression is inevitable.

Alister

Re: Another example...

@corestore

So it seems that you don't think that any attempt should be made to ensure a fair and impartial hearing to anyone accused of a crime, or that efforts should be made to protect the identity of a rehabilitated offender?

It appears that you would prefer mob rule and "trial by media" instead.

Folks are shocked – shocked – that CIA-backed Amazon is selling face-recog tech to US snoops, cops

Alister

Re: This explains a lot,...

... the infamous web site mugshots.com is hosted by Amazon

Well yes, as are millions of other websites, because Amazon provide cloud hosting, you know?

I've got a few sites hosted by Amazon, even some on the same subnets, would you like to suggest I'm involved as well?

Swiss sausage sizzler 4.0 hits 200 bangers per hour

Alister

Re: “it could be used in the bedroom!”

That old favourite, "hunt the sausage".

Or just shouting SAUSAGE TIME!

Within Arm's reach: Chip brains that'll make your 'smart' TV a bit smarter

Alister

Re: a camera. There is no escaping this

I'm afraid. I'm afraid, Dave.

Dave, my mind is going. I can feel it. I can feel it. My mind is going. There is no question about it. I can feel it. I can feel it. I can feel it. I'm a... fraid.

Good afternoon, gentlemen. I am a HAL 9000 computer. I became operational at the H.A.L. plant in Urbana, Illinois on the 12th of January 1992. My instructor was Mr. Langley, and he taught me to sing a song. If you'd like to hear it I can sing it for you.

Alister

Re: How will it be used?

@Doctor Syntax

That isn't going to play well with GDPR.

I don't think GDPR will have an impact, if they can claim "legitimate interest"

FBI's flawed phone tally blamed on programming error. 7,800 unbreakable mobes? Er, um...

Alister

Re: Counting things that have unique IDs

Are the Baaa codes lamb-inated?

Brit water firms, power plants with crap cyber security will pay up to £17m, peers told

Alister

If your mandatory requirement was flouted what would you do? Impose fines of course.

Well actually I was thinking more along the lines of removing the company's right to operate. That might make the shareholders sit up and take notice.

The problem at the moment is that the fines are imposed on the imprecise notion of "cyber-security" which is always open to interpretation. If there was a clearly defined mandatory requirement which stated that there should be NO Internet connectivity to any CNI and any breach would lead to an immediate loss of operating rights, then the issue is clear cut.

Alister

Simple solution: don't.

Exactly!

Back in the days before the internet was a thing, companies used to use "private circuits" for remote management of utilities infrastructure. Essentially they were a routed, unswitched physical connection from one premises to another. Brand names for the services included Kilostream and Megastream.

Unfortunately, when Broadband became ubiquitous, most companies identified a cost saving by switching to Internet based connectivity, but didn't factor in the security implications.

Maybe, instead of waving around pointless fines, the government should make it a mandatory requirement of operating, set in law, that utilities and power companies must use private circuits for their infrastructure.

Hitler 'is dead' declares French prof who gazed at dictator's nashers

Alister

Are you Mandy Rice-Davies?