Posts by Tatsky 100 publicly visible posts • joined 25 Jun 2010
My dementia ridden granny struggled enough just operating a normal TV equipped with big button remote. Set top boxes and DVD players were out of the question for her. So foisting a subscription service and more technology on people like here would be akin to cutting them off from the only company and entertainment they have for the majority of the day.
In my experience of PCI-DSS ( a few years rusty ) If handing off to a 3rd party you would still have to complete the Self Assessment D and ensure that your provider is PCI compliant.
You would also have to answer any queries about MOTO payments (Mail order, Telephone Order) as your "personnel" would potentially be taking details over the phone and plugging them into a MOTO interface of some variety.
If you systems store, transmit or touch card details in any way then you need to comply with higher levels of PCI. It's not enough to just "not store" the details, even having the card details pass through your server in some way before being routed on to a payment provider is enough to warrant higher level PCI compliance with at least quarterly vulnerability scans.
There are some Gov websites which hand off to 3rd parties, and others handle the card payment within their application. The problem I think with PCI compliance is that anyone can stick a PCI compliance logo on their website, and it only becomes an issue if/when there is a leak of information tracked back to that store/site/application.
So... The argument would go that the copyright of any footage obtained by someone putting a camera on an animal would belong to that animal, because the animal is obtaining the shot, moving the camera, and exploring the environment?
I would love to see YouTube come up with an algorithm to determine whether footage has been obtained from an animal, and then present the uploader with a form which the animal must complete to authorise use of the footage.
"it's difficult to see how extra 'bobbies on the beat' would make any difference for this sort of crime."
The general consensus from top Bobbies is that more officers in community policing builds relationships with the community, making it more likely that things get reported. Secondly, when people in the community do report "radicals" and nothing is done about it, an approachable community officer could have their ear bent about "why has nothing been done?".
May, by removing community officers, has created a gulf between the communities where radicalisation may occur and the security services.
Set atop that the fact that the last 2 incidents have been carried out by people who have been brought to the attention of the security services by the community, it doesn't look too good for the PREVENT program.
Some quick math though, 20,000 less offices and 1000 less firearms officers -> 3000 on the watch list, equates to about 7 officers per "free radical". I can't see how May and Co can possibly defend those numbers, especially since the Police Federation told her in no uncertain terms that she risked security by slashing numbers.
Are you being serious, or do you genuinely not know how this stuff works?
There's not one set of keys that everyone has access to. Each person in the conversation has their own set of Public and Private keys. Signal, which WhatsApp is based on uses a double ratchet mechanism so that even is a hacker did compromise a set of session keys, they can't decrypt future messages.
The problem is having some sort of all encompassing key that Govts etc can use breaks encryption, because once that is determined anyone anywhere can intercept any encrypted message and read it, manipulate it.
What gets my goat is all these people who say "I have nothing to hide" not realising that encryption also hides their interactions with their bank, or their commerce transactions with online retailers etc. So yeah, everyone has something to hide.
I tried to use Rudds envelope steaming analogy.
She suggested people with warrants could intercept mail and steam open the envelopes.
However, that doesn't stop anyone from steaming open envelopes. Yes, it is illegal to tamper with the mail, but unscrupulous people don't care about that.
So likewise, if you create a mechanism to decrypt messages and wrap a legal process around it, the cat is out of the bag as there is now a mechanism which can be used by those not overly fussed about the legalities.
Or. The US companies and Gov realise they don't have the staff to operate their new shiny semi-conductor factories, so they have to bring that resource in. Cue mass immigration and free movement of qualified workers.
Over simplified I know, but how do you get 10s of thousands of qualified semi-conductor and electronic manufacturing plant workers at the flip of a switch?
People are working out that the last 20-30 years of trying to force everyone down the university route was the wrong way to go. There needs to be vocational education, so that those who feel university is not for them have a suitable level of education and training to get them good work. It's astounding that this has been mentioned before, but fallen on deaf ears. Now that the UK are leaving the EU, one of the solutions to becoming an industrial powerhouse is vocational training.
RE: "There is nothing to say that the drive manufacturers continue to maintain those factories and plants for worldwide production. Just means that anything they want to sell in the USA would have to be made locally, so let them build plants Stateside."
Do you have any idea how much it costs so set up the infrastructure to support one of these factories, let alone create the factory itself? And even if you could invest that sort of cash in getting a factory, you still have the huge issue of a complete lack of qualified workforce.
It would take around 10 years for the USA to build up the level of expertise and numbers of personnel to make this happen.
China et al have invested bigly in their factories and workforce. They have created who cities to support this manufacturing.
To make this a reality would take an overarching 15-20 year plan to gradually pull back production from international factories.
Wasn't it really really windy on Christmas day? I know it was up here in the north.
I saw several facebook posts on christmas day and boxing day about lost drones, and when i glanced out the window I thought the swaying trees might indicate what happened. i.e. drone goes up, gust of wind carries drone a long way off course.
Surely this stuff is just common sense?
I can't believe I am hearing so many "Don't buy it" or "throw it away" comments on the comments section of an IT/Technical new site.
FFS we're supposed to be tech savvy people, but the attitude here seems to be "nope, we will never ever use IoT devices" fingers in ears, I can't here you.
If people took that attitude when motor cars first appeared, we would all still be driving around with a man waving a red flag in front of us.
There is at least 3 prongs of attack here.
1) Improve the DNS system, and add filtering and security measures at ISP level. Boo hoo is ISPs complain, every other industry at some point needs to improve their systems to improve safety. Safety here is digital/online safety.
2) Educate and Legislate so that products released to market at least follow some basic common sense security principles, like encryption for a start.
3) Ensure that IoT devices and firmware updates are rolled up within mandatory product liabilities. In my industry our products are UL864 compliant in the states, and EN54 in the EU/UK. We must ensure that spare parts are available for 10 years after we cease production of a product line, and that includes our software updates.
Granted, none of this is easy, but it's what we must do.
In principle there is nothing wrong with IoT. Some devices seem plain ridiculous, but there are a lot of areas that IoT is useful, so rather than just trashing it and throwing the whole idea in the bin, maybe as an industry we should be working to improve the situation?
Typically when a Businessman takes over an organisation the incumbent management team are retained, normally under some sort of 2-3 year contractual agreement so that the "knowledge" and "IP" retained by these people is not lost.
Trump may well have been operating under the assumption that he would come in as the new CEO to that management team, use their experience to get things done, but with his strategy bolted on top.
As he has never held elected office, and has over the years managed, bought up and strategised for large corporations, it is reasonable to assume that he saw this like any other take over. Also, he is arrogant enough to assume he knows everything. He has the best brain remember, and he is smart, the smartest people, and he has all those great words.
Again I'm just patting someone on the back here, but your comment is spot on.
Many people forget (or just don't realise) that the shareholders that companies work to generate profit for are not big fat cats and CEOs they are Us, and our Pension plans.
If suddenly the return on our pensions dropped, and it looked like we wouldn't have enough money to retire on, then there would be hell on.
We want cheap goods, good quality, but with high wages and good profits for our pensions. The maths just doesn't work.
This is exactly my thoughts. Consumers want cheap goods, and corporates want profit. There is no way to produce goods in USA (or UK) which have a retail price suitable to consumers, yield a high enough salary for workers and return a high enough profit for the share holders.
The USA and the UK want their cake, and to eat it too if they expect cheap goods, manufactured locally paying good wages and returning good dividend on the shares which shore up their pension funds.
That's an interesting and very simple exploit, easily achieved.
As said above Netflix has assumed the security of the medium over which this authentication happens, but they have no control over it, so the assumption is flawed.
I guess the fallout from an exploit like this is limited to a) someone using your netflix account to watch stuff and b) the legitimate owner being locked out until they reset the account themselves.
However, I wonder what other companies and systems use the same auto phone call method for verification? I reckon there could be a lot more systems need looking at in light of this.
If you want to mitigate an issue with your DNS provider going titsup, then setup a secondary DNS with another supplier. ns.123-reg and ns2.123-reg may have borked, but you could have ns3 and ns4 with a different provider, in a different geolocation.
It's all well and good using a provider, but you still need to take responsibility for your own "setup" and put in place some redundancy.
They've left the non https canonical tag in there.
It's just a shopify site at the end of the day, and what this proves is that it doesn't matter how good the tool is, a user with no clue will still muck it up.
They've got google site validation and GA in there, and the aforementioned canonical, so someone had a good go at setting this up, but no cigar.
Also ref trade with EU, and the trotted out line "German car manufacturers don't want to stop selling to us, so they will force a deal through".
People forget though that Germany has a very different historical and cultural setup to the UK. In the UK we say "respect your elders" (even though many don't). In Germany it's a little different, wars and stuff. The Germans still feel a degree of national shame, and they hold their EU membership extremely highly, not like here in the UK where we take no interest in EU policy, but blame EU and Migrants for everything.
So I wouldn't count on the Germans wanting to maintain brilliant trading relationships. They will be unlikely to overrule the polish/french etc on a deal.
@Mark C 2
Mmmm'OK. So if the Euro/EU is to collapse then it will more than likely be expedited by the UK leaving the EU. Do you think that a huge collapse 20+ miles offshore from us will not affect us?
The "I'm alright Jack" attitude around here stinks.
BTW, since the UK voted to leave the EU there seems to have been a swing in support for the EU in other EU countries. We may well have galvanised support for the EU. So we will be sat here with our british Jams and gruel whilst the europeans are laughing tea cakes, interrailing all over the continent.
What's justified though. If you for a second imagine that not every corporate is evil (bear with me here) it's maybe prudent to assume the pound will fall further and so hedge your bets and increase the prices a little over the currency devaluation. That way if it does fall further you don't have to adjust your prices again, which would be a PR pig.
I was just going to say can anyone remember the episode of spooks where they convinced a guy to type out some known piece of text so they could map his keystrokes from audio, and then they were able to "listen in" on what he hyped on his non web connected embassy PC.
The problem I see is that companies are knocking out these devices and security isn't even a thought, let alone an after thought.
And it's not small, inexperienced, new to IoT companies which are doing this. Even Nissan fell foul of this by having their Leaf control app completely open and anonymously accessed via a simple web API, with the only identification you needed being the VIN number of the car you wanted to interact with.
But what do we do? A lot of these devices use standard HTTP to interact with a web service, so ISPs can't block port HTTP traffic. Maybe there would be some way to identify based on HTTP content and headers, but it's all getting a bit wishy washy.
It's not hard to implement some basic authorisation and authentication schemes into these things.
@sabroni
I agree that the name calling has to stop. The fact is that there were so many irons thrown into the fire with the leave campaign, that it's incredibly difficult to come to some reasonable conclusion about what the leavers voted for.
Some I know voted for parliamentary sovereignty at the cost of the economy, which now seems a tad ironic as the PM is actively trying to keep parliament out of it.
I know some who voted to have control of our own laws, which I think is Ironic as the government want to pass a bill to have all EU mandates written into UK Law.
I do know some people who voted based on immigration, and to be honest those lot are quite ignorant and ill informed.
I heard of one guy who from Newcastle who voted to leave to cause problems for Nissan at Sunderland.
So there is a wide spectrum of leave voter reasons.
My concern is that Tory HQ seem to have latched firmly on to the Immigration factor, by targeting foreign doctors and students first. This seems absurd to me, as we were told by the leave campaign that "low skilled EU migrants" are driving down wages, but the Government have started with some of the most talented, skilled and highly qualified people in society in Doctors, and the future talent in foreign students.
As one commented said above "this could be great for home grown techies as our salaries will go up" but my feeling is that by scaring off tech talent, we run the risk of the UK becoming a less attractive place for tech startups and tech companies, resulting in less work for all of us.
Eh?
<quote>There is no law requiring them to arrange their business to minimise their tax: they choose to do that.</quote>
I'm pretty sure their shareholders require them to make a good profit. BTW, the shareholders aren't necessarily fat cats or millionaires, they are people like you and me with pensions.
<quote>I choose not to do business with any company which does not pay a "reasonable" amount of tax</quote>
Well one man's definition of reasonable could be another man's definition of over the top. The government sets the rules, the businesses follow the rules whilst maximising profits.
However, if the government tightens the rules then the corporations move money around and setup infrastructure in countries where the rules benefit their bottom line.
But, fear not as our unelected PM, and her elite bashing elitists will sort this out, without bothering our sovereign parliament with any of this pesky shenanigans.
I can't help thinking about the parallels between this marketing campaign and the #ILookLikeAnEngineer thing that has been going around. That started off the back of a female software engineer being photographed by her firm for a PR piece. As she was a fairly attractive, young lady there was some criticism that "she can't be an engineer" and "no way, she is too pretty to be an engineer". So she started this hash tag, and it's been going for quite a while now. So seemingly if you say someone is too pretty to be an engineer you are sexist, and if you carry out marketing on the premise that engineers can be quite hot you are sexist... it seems that anything we do is sexist.
Or maybe some people are just too sensitive. Who gives a shit what genitals someone has, as long as their DBs are normalised and their unit tests are sexy.
You are talking about cry babies, with no idea as to who those people are?
If these people run Banking websites, or ecommerce, or anything which does involve the transmitting of personal data between client PC and server, then SSL should be applied and customers using a site like this which is not secure should be warned.
However, what about the situation where the site is a promotional site for a business. It doesn't do ecommerce, and has no data transfer (apart from someone snooping on which pages you visit, which when it comes to a brochure website.... there's probably not that big an issue). In these cases a warning is a bit over the top. The users this is designed to help are the same users that when they see this message are likely to drop their bowels and quickly navigate away from the site. This then results in the website owner seeing a significant drop in traffic.
The other argument against SSL is that Google et al are constantly telling website owners to make their site faster, more responsive etc etc but in my view SSL slows down sites because a) you have the overhead of encryption (which in a dynamic site is not such a big issue because the site is/may be dynamically built based on the user session and should use SSL, but in a static site the content is exactly the same and the overhead is unnecessary) b) the amount of data transferred may be significantly larger if the web page is built up of a lot of components i.e. CSS, javascript, images etc. Each request for a component carries an SSL overhead, and this increases bandwidth and so costs. c) one recommendation form Google was hosting your images/static content on a different domain/sub-domain so that you can get around the max connections per domain limit and also allowing static content to be cached... improving performance. Now you would need a wildcard SSL or move all your static content onto the main domain. This will slow down the site significantly. and d) I think (but it's been some time since I last looked at this) but HTTPS traffic is not cached/cahced in the same way, so if you have lots of images on a page the content won't be cached resulting in a lot more requests on your server, and a lot more content being served.
So the choice here is either get a certificate and slow down your site and increase hosting/bandwidth costs or don't go secure and expect a number of your customers to get scared off because of the warning message telling them that the site will result in them being scammed out of all their money by a Nigerian Prince.
BTW I agree wholeheartedly that any sites where personal or financial data is transmitted should operate securely.
I have always instantly lost respect for anyone who immediately comes back with a response of "You can't do that" or "that's impossible". These people need a fist pump to the face.
In my 20 years of building software I have not yet come across a problem I couldn't solve. Some problems have taken weeks, but eventually there is a way. But those people who immediately say "it can't be done" just hack me off.
I always take the approach that anything is possible, given enough time and money. Sometimes the timescales or budget limit what can be achieved.
I renewed my car tax on Monday without any issues.
I think this is more a case of people leaving renewal until the last possible moment, and then getting upset that the system has been cripped by tens of thousands of people who have also left it till the last possible moment.
You can renew your car tax for up to 4 weeks before the renewal date, so there is no excuse for leaving it till the last day.
This seems to be the way Virgin Media deal with disconnections these days. You phone up and ask to cancel and they say "yeah that's fine, bye" and don't offer you any incentives to stay at that point. I think this is to weed out the people who are angling for a better deal.
Then 7-10 days later you will get a call from them asking if they can do anything to keep you.
In my scenario I wanted to cancel my TV package because the cost was a rip off, and we mostly watched Netflix. I wanted the Phone package gone because we only ever had call centers and charities ringing us. 7-10 days later my father started getting calls from Virgin Media asking him why he was cancelling, and could they do anything to keep him. Turns out that because I signed up with Virgin Media when I lived with my dad, just before I moved into my house (8 years ago), they had his phone number on file for me rather than the one on my account, which I had with them for 8 years. Needless to say they never got through to me so I didn't get the sales patter.
I guess a scientist of any discipline has experience and training in designing experiments to test hypothesis, and anaylysing the data to come to a conclusion about the success of that experiment and drawing out relevant facts from those results to support their hypothesis.
Therefore they are also trained in identifying the potential errors in data, or the method of collection, and are also able to highlight where the conclusions may be wrong or not fully supported by the data.
The crux here is drawing conclusions from data, and the scientists are probably better at this than a creative writer or history student.
So the question posed here is if a huge volume of CO2 released into the atmosphere over a period which did not see significant change in temperature recorded, then some other factors must have an impact on climate change which we are not fully aware of. i.e. was there something offsetting any increase in temperature caused by the CO2, or when increases were observed in the 80's and 90's was there some other factor at play. The results indicate that CO2 is not the cause/only factor/variable at play.
Eh? Are you saying they should delist parts of the article/page?
Google don't host the page, they have no control over the content of the page. So they can't censor the page which loads in the users browser. That idea has all sorts of wrong written all over it.
Google simply index the content of the page, and then weigh search terms against it. They could maybe add excluded keywords against a page, so that page doesn't come back for certain keywords, but the EU ruling is that the actual page should be removed from the index.
It could be that one of the commenters has requested the removal, because that comment they left has caused them over the years to miss out on job opportunities etc etc. So you weigh how important that information about ML is (it's no secret what happened, and there are articles all over the internet about it) against 1 guys struggle to shake off a comment he made 7 years ago.... that actually seems like a fairly straight forward call to me.
Exactly. You search that guys name and a fairly prominent result is his negative comments about ML, which he could regret.
Also, there is a guy by the same name (could be the same guy, or just the same name) who is by the looks of it launching a new politically related social app. He could probably do without any negative comments found when searching his name reflecting badly on him.
Imagine you are this guy trying to launch a business, or get funding. Someone searches your name and finds that negative looking comment... it could cause you issues.
So it's not beyond reason to assume this guy may have requested the removal of the page.
Erm, she was doing 80mph in a 65mph zone.
Using my rudimentary maths skills, that's like 15mph over.
I dislike her simply because of her self evident reality distortion field. She was stopped for speeding, and then the cop noticed the glasses, but she has tried sensationalism to get the backing of Google Glass lovers.
Maybe not quite, but I remember when MS brought out the Ribbon interface, and the world spat out it's dummy. I think MS back tracked a little, but then the Ribbon was rolled out as intended in Office 2010.
At the time I found the learning curve jarring, but the people I work with, less technical, found it a massive boost. Instead of having an encyclopedic knowledge of the drop down menus, they had the stuff they would use most often right in front of them. So MS did something good here, as far as I can see.
I think Metro could go the same way. El Reg users, i.e. power users may find it a pain, but your general office worker who does some point and clicking, bit of word, excel and some internet surfing will probably find it useful.
I reserve judgement until I see it in the wild.
And .NET aint going no where.
I work on a PC roughly 12-15 hours a day. I write code, and am constantly switching between keyboard, mouse, keyboard, Alt-TAB between windows, more mouse.
I have often wondered what it would be like to have interface devices or softare which works off eye tracking or gestures. I lack the knowledge on how to do this, but I can imagine the ability to switch screens or click button based on eye tracking, or switching between tabs and windows with a gesture. A camera could be mounted into a keyboard, so you could make gestures literally a few cms off the keyboard. That's a far more efficient movement than going for the mouse, and back to the keyboard again. Over a day that's a huge efficency boost for me.
OK, there needs to be work done to cut through the visual noise of an office environment, or not carry out a Ctrl+Alt+Delete when someone sneezes, but that's what R&D and refinement is about.
Early pioneers didn't quit on the internal combustion engine because "that petrol stuff can get a bit burny", so I am all for MS continuing work in this area, and not dropping it because of a few issues to be worked out
I want my Minority Report interface in the next 10 years.
No, the complaint is (and this happened to me) is when threatening to leave, or rather just stating that you wish to terminate your contract, VM used the double speed as a carrot. In my case, they told me this was happening in July 2012. I have now checked the status to see what is happening and it has been put back to December 2012 - May 2013.
I don't care which rule book you go by, that's a bit underhand.
This cookies directive doesnt solve any problems.
So it's all about privacy, and not wanting your activities tracked online. The problem is that the reputable companies out the track anonymously for the purpose of improving their service,or earning some revenue for the service they provide for free. For example, el reg is provided to us for free, but it costs money to put this sort of service together. Someone has to pay for it.
Now, I doubt the less reputable companies out the are going to change their tactics, so a total fail there.
Secondly, what is it we are worried about? Walk into any shop in the land, and your shopping habits are logged, through epos. It's anonymous, but the shop owner knows how many people bought product x. Also, if the shop keeper wants to keep a tally of the number of customers who look at promotion y, he doesn't ask permission. I high steers up and down the countr footfall is monitored, and have you ever been asked permission?
Just because this is online ,doesn't mean there should be different rules to the real world.
This has just made life harder for small businesses, and done nothing to restrict those who do take advantage of the system.
Total fail.
Just throw a few twigs in a vase, throw some candles on the console, maybe a rug in front of the captains chair. Sorted. The little I have learnt about interior design from the wife are:
Twigs in a vase = Good
Empty vase on shelf = Good
Candles = Good (Candles should never be lit)
Cushions same colour as Candle = Very Good
Rug = Perfection
So from the comments we have managed to develop a:
- 37" TV, suitable for bedroom usage (too big for kitchen, too small for living room)
- Siri voice control
- Movement/Gesture control and activation
- Built in camera for Face Time
Can anyone else see the potential for embarassing bedroom escapades?
I can pucture it now. Steamy scene in the bedroom, legs waving around all over, and groans of "Who's your daddy". Siri picks up "Phone Daddy", click, Face time, boom, Shame!
What.... Just me?
OK, I got sick of reading all the comments along the lines of "I know how to drive, I understand over/under steer etc so I don't need all this ABS/traction control/lane detection" bollocks.
Yeah you may be a good driver, but surely you feel a lot safer knowing that the other bunch of nupties around you driving 1.5 tonnes of metal have these safety features.
I don't think a huge percentage of the population understand how to pump the brakes in the event of the wheels locking up/losing traction on ice etc. And knowing how to do this, and doing so in the event of hitting ice is a completely different matter.
Oh, and regarding limp mode. I think most cars manufactured in the last 10-15 years has a limp home mode. It is there to protect the engine and mechanicals in the event of a failure being detected, which could cause further damage or loss of control if normal driving is continued.
In the authors instance, as soon as the problem occurred they should have pulled over safely (to ensure their own safety, and the safety of other road users), and then worked to resolve the issue.
That's my 2 bob/cents
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
