* Posts by streaky

1743 publicly visible posts • joined 5 Jul 2010

UK fintech firm reaches for Ireland Brexit escape hatch

streaky

Re: Brexit means ...

But May and her ministers are saying we will get the best deal possible with all the implications of that

Those of us who voted Brexit read this as best deal possible but not any deal at any price.

The banks are wriggling because they want their own way like they got in 2008 and then punished us for in bond trading. Not happening, nope. It's about time the UK stopped being beholden to the banks and hedge funds and here's our chance. It's not as if they're going to move to Germany anyway, or god forbid France and nobody else is even close to having the infrastructure they need and they can't all run back to New York.

A couple of banks pointed out after the vote that without passporting all they really need to do is have a division in an office on a side street somewhere like Brussels with 4 people in it and call that their division headquarters and they're good to go. Most banks have that anyway..

DNS devastation: Top websites whacked offline as Dyn dies again

streaky
Coffee/keyboard

it is *your* infrastructure that is going to be targeted, not the DNS providers

Yeah but TCP attacks the average toddler can deal with, they're blatant and they're easy to identify the source of and can be mitigated quite quickly. UDP attacks against DNS infrastructure are very difficult to deal with which is why they're popular for taking out large targets - and regardless of that "you" as the target can mean that you're one of many large US sites and the attacker would be happy to take you out as collateral.

streaky

The security thing wasn't really a complaint, just a fact of life. We can we rebuild, we have the technology - though I wasn't really arguing for that. I wouldn't mind burning UDP to the ground though but it's an entirely separate subject.

TCP is dependent on all packets of a connection going to the same place

TCP anycast is a thing (indeed it's how a lot of HTTP DDoS protection works). Doesn't mean it's a sensible use of resources when your DNS provider can do useful things for you; it's all cost/benefit - DNS providers are cheap, anycasted HTTP isn't. As I said it's not really a solution to the problem, not relying on your singular provider's servers in the case they get hit or plain just go down is.

streaky
Boffin

TTL is nothing really to do with it. Sites would go offline under sustained attack sooner or later.

The main issue here is that these large companies are doing DNS wrong on a more fundamental level. We learned years ago that people were attacking DNS providers and this could be leveraged to take out fundamental infrastructure and sites of all sorts of sizes. The fix is obvious and it's something I've recently pointed out to github:

If you're an attack target do not just use a single DNS provider. Use 2.

If you do that it's much easier to not be caught in the crossfire. It's also much more difficult for adversaries to take you out via DNS - they have to take out two entirely separate networks to achieve that requiring double the attack assets.

The internet was designed very insecurely but they did build it in a way that made it easy to mitigate attacks like the one today and everybody running DNS services at the companies that were taken out look like complete clowns in retrospect. It's like the people who expect AWS zones to be up 100% of the time despite them not being designed to be survivable and Amazon giving people the tools to not do that.

Also fwiw using anycast to balance large sites is a really bad idea. If anycast was a solution to the problem we wouldn't be sitting here talking about anycasted dns providers being taken out.

Banks don’t give a 2FA

streaky

U2F

Been saying for years I'll move all my accounts to the first bank to offer U2F and also scores A+ on the qualys checker. All banks are technically incompetent and only refresh their sites like once every 10 years (my current bank only just did theirs and didn't improve any of their security when they did).

Despite best efforts, fewer and fewer women are working in tech

streaky

Re: Equality of Opportunity, not Attainment

@AC that's a completely different situation that will need a completely different economic system, it is useful today to understand if there's a problem and what that problem looks like. I don't think gender parity as a numbers game is necessarily a problem or assuming it is fixable by brute force though.

streaky

Re: Equality of Opportunity, not Attainment

As long as men & women (gays/straights/..., black/white/..., etc) have the same opportunity to follow an interest, get educated and compete for jobs on the same footing as everyone else: what else do you want ?

This is fighting talk to some people though you're totally right. Pay transparency is a problem but beyond that...

It's something I've talked about a lot in the past, it's not even a classroom issue (forcing IT on people who don't enjoy it be they male or female is a recipe for all sorts of disasters even if they end up working in the field). It's far more fundamental than that; it's about what kids are doing when they're 3 years old, 4 years old, until there's changes there there'll never be real gains on "equality" as a numbers game.

I know a lot of women who work in tech and some of them are a lot smarter than me and I couldn't be happier, but I don't think forcing the issue helps on a fundamental issue, partly the issue (to the extent there is one outside of statistics, and not the positive this is useful data statistics) is generational but if you look at the way kids play today there doesn't seem a "fix" in the works, not really in the sort of numbers some groups want anyway. I'll be retired before there's gender parity as a numbers game and I'm not that old.

Britain's fight to get its F-35 aircraft carriers operational turns legal

streaky

Re: Britannia Rules the......oh

That's a thought based on ww2 thinking. You can't solve a problem with numbers with modern weapon systems that's sort of the actual point. Huge standing armies? Cluster bombs, nuclear weapons. Huge less-capable fleets? Nuclear weapons..

Hell it was our nuclear testing that led to modern fleet decisions. The key is better radar and better weapon systems and on that point the UK has about as good as you can get. The whole thing with the engines is dumb but unless you're in literally hot water it's not the end of the world - when it comes to direct strategic defence of the homeland it's not an actual real-world problem.

People look at the Falklands conflict as *the* modern real-world test for the RN, if that's our standard then we'd do better in it than before and the nuclear weapons fleet hasn't lost anything. Why? We'd use stand-off cruise missile attacks and drones against the argies if it hypothetically happened again, followed up by/including special forces - and if they were equivalent strength of back then they wouldn't stand a chance against type 45's.

streaky

Re: Britannia Rules the......oh

I cannot make my true feelings clear, as the moderators would not allow it.

Dunno the mods are pretty good at letting speech be borderline American-levels of free.

FWIW minus an engineering cockup we're doing pretty good in all fairness. Fleet might be smaller but it's arguably more capable than ever.

The carrier fleet situation is one most people predicted, it's precisely why there's naval officers serving within the US fleet, to maintain the knowledge of how to operate carriers; it takes decades to build that back up if it's forgotten. There's always going to be minor technicalities that slip through and this seems to be one of them.

streaky

Re: Four dozen?

I'm actually surprised it's so low unless there's an MoD pool of lawyers available to deal with cases (and to be fair there probably is).

Even the list of civil suits completely unrelated to military operations must be mind-boggling most of the time. Ask Maersk how many lawyers they have at their beck and call and you'd get a fairly good idea how many you need without even trying to blow things up and kill people, floating around under the surface in completely secret locations with nuclear reactors humming away and trident in the back. The sea has always been this way, hell it made London as an insurance market centre.

Dirty COW explained: Get a moooo-ve on and patch Linux root hole

streaky

Re: The very definition of technical debt

390's must be way way way less than 5% of the linux base in terms of user numbers or cpu counts... Way way way less.

Not really sure you can file this one under technical debt so much as common screw up.

Is this the worst Blockchain idea you've ever heard?

streaky

Re: Blockchain and HMRC

The problem is that it doesn't (again) actually resolve any real world problem. PAYE takes care of any normal work people do where there's payroll and people's tax affairs are very average (which is most people) - the reason it doesn't actually solve any problem is because it doesn't improve the quality (i.e. accuracy of) of reporting from not-average people.

I've heard rumblings about transparency in how much tax people are paying (lets say your average Richard "Hypothetical" Branson) and you could record all payments and refunds in a blockchain that's there for all the world to see and it can't be messed with after the fact. Has dual use of you'd never need to keep hold of your P60's. Need proof I've paid tax, HMRC? Go look at the blockchain. I'm running for president and people want to know if I've been paying my fair share? Go look at the blockchain.

streaky

Blockchain as DRM

Yup well done, the one place blockchain could actually be used for something that makes any technical sense and you had to broadcast it, couldn't resist eh?

US reactor breaks fusion record – then runs out of cash and shuts down

streaky

Re: Dead End

Barring an unforeseen breakthrough, I doubt continuing to go down that path will ever yield anything besides more incremental improvements.

It's supposed to yield what it's supposed to yield. Fusion is a thing. Fusion reactors are a thing. Making fusion reactors produce more energy than they consume is a difficult thing. It's supposed to be there to narrow down designs for the demonstration commercial reactor which is in early designs phase.

It's like people that say ISS isn't a thing despite it constantly changing our understanding of everything from medicine to space flight to nutrition in a way we couldn't possibly ever hope to replicate without the existence of the ISS.

Fusion hasn't even really been a long time coming in terms of timeline and actual engineering science.

streaky

Re: Dead End

You know you're wrong, right? Expensive yes, too expensive.. possibly, probably not.. Dead end? No.

streaky
Facepalm

ITER..

There are advances being made that make ITER look like a bit of a silly investment. Argument behind ITER is you had to go big because of the technologies at the time, but the technologies have moved on since ITER was outline-designed and the project hasn't really changed in scope to accommodate. There are various alternative projects that look sensible taking into account of those advances. ARC at MIT is one of them. Still not sure it's a good idea to kill ITER though, it wasn't a commercial demonstrator anyway and will still fill various gaps in knowledge; it might be too late to pull the plug now and it's still not clear that we even should so it will live on.

AI software should be able to register its own patents, law prof argues

streaky

Re: I look forward to it

I'm filing my 5.12345mm rounded corner patent right now.

IBM: Yes, it's true. We leaned on researchers to censor exploit info

streaky

Re: I don't see any "shaming" or "censoring" here...

This kind of "request" is exactly why full disclosure was birthed; no transparency anywhere.

FWIW my understanding IBM were informed of the issue responsibly back in may. IMHO companies who sit on patches for that long, lets call them IBM's customers, probably need the beating to get their house in order. Nothing is achieved by pandering to stupid.

British jobs for British people: UK tech rejects PM May’s nativist hiring agenda

streaky

Re: The elephant in the room - stagnant wages because of the free movement of labour

No doubt things will get much better with less access to markets and labour

Yep. More trade, less mouthy clowns from the EU apparently willing to work for tuppence and less EU-sponsored tax evasion, and they can keep the rest. Germany can have the banks too.

Oh is that the sound of Deutsche Bank going down in flames and the German government doing the lalalala I'm not listening routine? Okay maybe not so much with the banks.

streaky
Black Helicopters

Re: The elephant in the room - stagnant wages because of the free movement of labour

Maybe I'm just too ignorant of economics: Simple logic tells me that if countries wanted to sell stuff more cheaply they would already be doing so. And if they wanted to pay more....

FWIW on this, the EU is a customs unions, external tariffs are set by the EU and if the EU takes a disliking to a country the UK does a lot of trade with (or wants to do a lot of trade with) or fails at negotiating low tariff or tariff-free deals with that the UK trades heavily with then the UK gets screwed.

China is your classic case of both, UK was happily buying solar panels from China trying to get some low carbon infrastructure going. Some German (and I think Spanish) trade groups got all hot under the collar, protested to both the German govt/EU and the EU slapped a huge tariff on Chinese solar panels without much investigation because the Germans didn't feel like being competitive. Ironically the German govt later said they regretted the whole thing because it turned out the Germans were doing the same as the UK and buying from China rather than German suppliers and nothing they could do would get rid of it. Which is circular to another problem with the EU massive inertia/momentum depending on the situation - that's not surprising because the EU is huge and it's member states are very different but that's a problem they've made no attempt to resolve, it's not even clear they recognise it is one. The EU isn't seriously looking at a deal with China and when they do it could easily take 10 years to sort, again because of the sizes of both sides.

The US is another example of UK trade harmed by the EU. The UK wants a trade deal with the US; it has done for decades. The UK pushed the EU-US deal and it got turned into the 7-headed monster from the deep now known as TTIP. It's not surprising because both sides of the deal are massive - but it's so big and so comprehensive (excessively so) that even before the brexit vote it looked somewhat dead in the water and post that and post-Obama I can't see it surviving. Talk about all your eggs in one basket. It's hard to even tell which side of the Atlantic hates it more so perhaps it should be put out of its misery.

There's loads of examples of this all over the EU, there was the one where T&L can't import cane sugar from poor states because of a combination of subsidies on sugar beet which we *really* shouldn't be subsidising for a long list of reasons including but not limited to - it's sugar; and the fact that the EU slaps tariffs on those imports because no logical reason; which is not only damaging to the EU via budgets and via health (sugar is far too cheap in Europe which is why you hear about countries looking at adding tax to it all the time which is completely illogical) - but is also damaging to poorer countries that could be doing things like growing sugar to export to richer countries to help make them less dependant on aid.

I could go on all day with examples that even I know about and I assume what I know isn't even the half of it.

streaky

Re: The elephant in the room - stagnant wages because of the free movement of labour

Study in Europe then

Aside from I shouldn't actually have to and everybody just swapping countries all the time is silly, I actually *like* living in the UK. I want to continue living and working in the UK. My job is in the UK.

See the problem right?

one friend working for a US dot com in London is on an excellent wage

Startups don't count. For many many reasons.

If you can't get a job in IT today, in London / SE / major conurbations anyway, you're either not trying, or you're not as good as you think you are, or you don't have useful skills

I already have a job, with decent pay, that I enjoy. It's the rest of the country I worry about, I'm not from London but I had to move here because there's really nothing outside, even in non-tech. There's a whole country of hard working people with necessary skills and everybody can't move/commute to London, the city would collapse under its own weight, apart from the other issues.

As an aside it really bugs me how poor the UK (and companies within at) are doing at providing something like apprenticeships in tech related fields.

streaky
Mushroom

Re: The elephant in the room - stagnant wages because of the free movement of labour

Wages aren't stagnated, they're dropping in real terms.

It's all based on the perpetual lies that firstly there's a skills shortage in the UK (there isn't, there's a shortage of decent jobs at fair pay) and secondly that the UK isn't being asset stripped (it is) and that all of these companies are paying their fair share of tax to cover the supposed skills shortage that apparently exists but in fact doesn't as denoted by have you even seen the fees for university on courses that are in part designed by some of these companies complaining about a skills shortage in he first place. Also FWIW the universities are filled with truckloads of foreign students in the first place.

All this is circular and the only way I could think to resolve it was to vote to leave the EU because if nothing else we can get a handle on foreign transfers of cash and the taxation thereof which we can't do in the EU - and if we still don't we can find a government that will.

It's not racist or xenophobic to give a shit about people growing up in the UK who will never see anything but 3 part time jobs to pay off extortionate student fees that they'll never get to use because tech companies obsess about setting up shop, paying no tax and only employing foreign "talent".

I want to do a part time degree in AI and despite being by UK standards fairly well paid and working in tech as a software engineer - I can't afford to and if certain companies would actually pay non-derogatory levels of tax I could maybe afford to because the fees would be lower and in theory, assuming they're hiring British workers, everybody should benefit. I'm just not holding my breath..

Google DeepMind 'learns' the London Underground map to find best route

streaky
Pint

But...

Can it solve Mini Metro?

Pocket C.H.I.P. makers go Pro with cloud-linked ARM-flexing module for IoT gizmo builders

streaky

Popular..

Shame the preorder I ordered like 6 months ago still hasn't shipped, lol.

Fujitsu to axe 1,800 jobs across the UK

streaky

Re: but but but

Unlikely since there's no jobs in half the EU

No jobs anywhere in the EU except the UK, even Germany completely out of character is laying people off apace. Why? Because the ECB has screwed the pooch..

BOFH: The Idiot-ware Project and the Meaningless Acronym

streaky

"sycophantic"

And we all know who the one respondent was - a crawly sycophantic toerag from the Hell Desk who thinks he can suck his way to the top by agreeing with every inane thought which crosses the Boss' mind.

Psychopathic? Maybe?

FBI wants to unlock another jihadist’s iPhone

streaky
Alien

Let me save everybody a lot of trouble:

There's nothing on it. Again.

FWIW has the FBI never considered the possibility that jihadis might encrypt empty phones just to keep the FBI busy and off the scent of other jihadis?

Windows updates? Just trust us, says Microsoft executive

streaky
Black Helicopters

"Just trust us"

Uhhhmmmm.. No?

Google's Chrome cloaks Pirate Bay in red screen of malware death

streaky
Pirate

Re: They need to be careful with this

The classic case of the boy (Google) who cried wolf (malware). If these warnings are going to be abused they'll be turned off never mind ignored.

Plus FWIW Google admitting that a linking = complicit is a precedent they maybe want to think twice about setting..

Google says it would have a two-word answer for Feds seeking Yahoo!-style email backdoor

streaky

Re: "We've never received such a request..."

Well there's things we know about this with Google. For one we know via a silly engineering choice (at best) that one of the alphabets from one side of the Atlantic was in their systems and that means access (was, at least) guaranteed for all five eyes. We also know people aren't allowed to discuss FISA orders to basically any degree including admitting they received one so minus 12 on a trust scale of 0 to 10.

Should Computer Misuse Act offences committed in UK be prosecuted in UK?

streaky

Re: Jurisdiction

If I commit a crime in the UK and stay in the UK, however, I would expect to be dealt with by the UK, not the US

You assertion revolves around the location of the victim. If it's a US victim they have a right to at least ask and if you refuse they have a right to decide if the extradition treaties benefit both sides; and therein lies the problem of why it's a more complicated issue. If you murder a US national in the UK and the UK says "not my problem" the US probably isn't going to really have a choice. Hell we go much further than that all the time with cooperation - look at British police digging holes in Greece right now..

streaky
Alert

Police..

As somebody (I've spoken before on these forums about how similar to the Pippa Middleton case it is minus the attempted selling of information to the press) battling to get the police to *investigate* (not prosecute, just talk to the victim about it) what seems like a cut/dry case to me with the perpetrator known and third party proof available - I can tell you the police won't touch CMA cases with a bargepole.

Still trying to wrangle the complaints procedure of the force involved so I don't want to talk too much about it but.. yeah.. they're not interested unless you're a Royal, even if both the victim and perpetrator are in the UK - so is it a shock they're farming cases out to more competent countries who will do simple follow-up? Not to me.

When is the law not the law? When the police won't investigate.

Google, Dropbox the latest US tech giants to sign up to the Privacy Shield

streaky

Re: Tick .. tock .. tick .. tock ..

Privacy Shield agreement won't be worth a bean if the US don't change their laws to support the concept of privacy as defined in Europe

Yup we're off to court again over this. Only thing - as I've said before - that can resolve this is a change in either US Constitutional Law (i.e. rewriting quite a lot of it) which won't happen or the EU accepting changes in The Charter which seems equally as unlikely.

There's no tidying around the edges which can fix the fundamental problem that the US in constitutional law doesn't recognise an EU citizen's right to privacy against warrantless (both explicit authorisation and ethical justification) invasion.

WAN, bam, thank you... oh @£$%. We've gone dead. Drop the burger. RUUUUUN!

streaky
Boffin

Split Brain..

They'd got into a “split brain” setup for some reason

Because Rule 1: never run things in pairs?

USB-C is now wired for sound, just like Sir Cliff Richard

streaky

Re: Consumers..

3.5mm is great but not perfect; a 'snap-off' magnetic connector would be better, and would have saved me money since I have damaged headphone cables be catching them on things.

I've had the 3.5mm jack save phones from hitting the floor before so I couldn't disagree more. I'd rather lose my outdoors-worthy earphones to protect my phone than lose my phone to protect my earphones every day of the week.

streaky

Consumers..

Who are buying devices not made by apple have the ability to shop elsewhere. Adding the functionality is fine but using that functionality to remove the 3.5mm port could by quite harmful to sales. I'd say phone makers should think twice before doing that.

The reason the 3.5mm standard has lasted so long is it's a simple solution to a simple problem and it's more than up to the task.

Also FWIW the waterproofing excuse is a diversion, there's plenty of mobile devices that have them and are waterproof and the cost of that is minimal.

British bloke bailed after 'hacker plunders Pippa Middleton's iCloud'

streaky

Re: Interesting..

No doubt, just find it fascinating the way it works. It shouldn't really be too difficult to get the police to investigate what should technically be considered serious crime (parliament intentionally wrote it that way when they created the law).

For my part I still have the official complaints procedure and talking to MPs about it to go through before I give up any hope it'll be sorted through the criminal justice system like it aught to be. You'd think the police would be glad to deal with this stuff in a world of targets and detection rates.

streaky
Terminator

Interesting..

.. how easy it is to get the police to investigate if you're connected. Same thing happens to you they're not interested; I know because similar happened to my sister and I know who did it and can prove it and point them in the direction of reliable third party evidence they can obtain legally and without fuss and they won't even discuss it.

London-based Yahoo! hacker gets 11 years for SQLi mischief

streaky

Business model only lasts as long as the class actions aren't awarded punitive damages. Feels like this [2014] Yahoo case could be an exception that could become a trend.

WTF is OpenResty? The world's fifth-most-used Web server, that's what!

streaky

Re: surely of rather more note?!

It *is* important to go by what sites do. For example what facebook uses is far more important information than what your dog's blog is using. Important datapoint is how many requests are served by each but that's data we'll never see...

streaky

lighttpd..

.. had (has) a lot of lua interwoven into it, obviously they were onto something. Shame it's essentially abandonware at this point.

RAF Reaper drone was involved in botched US Syria airstrike

streaky

Re: 39 Sqn RAF

Fairly sure that article on the MoD site is wildly out of date* - they did re-form years ago now at Creech but it was my understanding that they've moved at least mostly to Waddington now. I'm happy to be wrong about that but I'd be surprised if they're not almost totally back there in terms of personnel at least.

* "the RAF formed 39 Sqn at Creech Air Force Base in Nevada two years ago" - they re-formed in 2007, 2 years means that was written in 2009.

streaky

39 Sqn RAF

Nevada based? Creech? Fairly sure they've been at RAF Waddington for a while now?

Encryption backdoors? It's an ongoing dialogue, say anti-terror bods

streaky

Re: What could be done to counteract terrorist groups

My mum voted leave because she was convinced it would stop Syrian refugees coming to the UK stowed away in trucks

Well then she's an outlier. There's a problem with the EU that they were (and continue to be) paralysed in the face of them: which is something we all should be embarrassed about and it's true that if the EU was competent it'd probably have had an effect of Syrians trying to cross the channel but I don't buy into a direct relationship.

Farage also missed this key point.

Sorry Nanny, e-cigs have 'no serious side-effects' – researchers

streaky

Re: Going off on a tangent

why does the government get to pick and chose which lifestyle choices get rewarded or punished

Because the Daily Mail?

The correct socio-economic answer to this probably revolves around what the middle classes are doing at any given point be my guess. In the UK the middle classes are the largest grouping and relatively the highest payers of tax as a whole and per-capita and relatively to their own net worth and middle classes are the ones having the most babies and probably won't countenance taxation on family expansion. Or at least that's what people advising government most likely believe.

streaky

Re: Who do regulations protect?

@OP of this thread - I've said this before elsewhere but if you're getting cravings on ecigs you're doing something wrong somewhere. There's no reason to rush into cutting your nicotene intake. You're already doing better than if you were still smoking.

I started on 18mg last year and I'm currently vaping 6mg and I see no sensible reason to reduce that not least because (sue me) I like nicotene in the same way as I like caffeine. If you want to fully quit just take it steady with strength reductions, give yourself time to settle in.

One of the biggest mistakes people make IMHO is they think they can essentially use ecigs as a way to go semi-cold-turkey and there's no reason medically to do that and also it'll have less chance of working. Enjoy your vape, don't try to feel like it's a battle. You're now a non-smoker.

And yeah those pen ecigs are complete trash (note: this is what the EU is trying to unhelpfully push on people).

Also the guy suggesting menthol liquids - if there's any risk at all from vaping we already know the biggest risk is most likely to come from menthol flavours and FWIW throat hit (and burn) is always a function of VG/PG ratio. Higher VG = less burn feeling in the throat.

streaky

Nobody sensible anywhere is suggesting people who don't smoke take up vaping. Yeah, it's addictive but evidence suggests that the nicotine in ecigs is actually way less addictive (working theory is that it's due to the combination of chemicals when you burn tobacco - which is corollary to ecigs can help you stop smoking).

Nobody is saying it's a thing but as far as anybody can tell (with very extensive testing having been done) that even if non-smokers and children are taking up ecigs it's probably not going to be the end of the world.

Think of the children? Sure - but here's the thing: kids who are likely to take up ecigs are likely to take up smoking if we live in a world where ecigs don't exist but regular cigs do so if that's the choice it's logically a better option. We should be carrying on educating kids and that's fine but my thing is if they're gonna do one or the other either way (and these kids definitely are) ...