Posts by MJB7

Re: A service provider that doesn't bill because their attempted fixes failed?

I can see why IT support might seem like a sensible thing to outsource. Instead of having one person who needs to be able to handle DB admin, network configuration, hardware wrangling, etc (and who can't go on holiday), you can have a share of a full-time DBA, and a networking guru, and a hardware experts - and with cover so you don't have to worry about holidays or sickness.

In practise of course, it never seems to work. I remember when I foolishly deleted a file and asked IT (a three man in-house team) to restore a copy from backup if possible (if not, I could regenerate from scratch). Three days later I got an apology for having taken so long - they had been struggling with sickness in the team. AT THE SAME TIME, my customer had corruption in their SourceSafe database. The only fix was a restore from backup. Until this was sorted, a ten person team were effectively unable to work. It took their (out-sourced) IT over a week to restore it.

Re: China Syndrome // server equivilent?

> said vats could be placed on a bare concrete pad... Which to me somewhat implied a ground level floor.

Why? My house has concrete on all three floors.

Re: implement backoff to stop brute forcing

That works just fine (and is very worthwhile) until the site loses their entire hashed and salted password database. At the point the hackers just point John the Ripper at the db and print out most people's passwords. Then off to try the same password+email on Facebook, gmail, and banking sites -> profit!

(Actually, these days, banking sites tend to _insist_ on 2FA, so direct profit is a bit more difficult.)

El Reg may now be American, but that doesn't affect the spellchecker *in the user's browser*.

Re: So they want to hide the flaws?

Of course they are trying to hide the flaws until they have fixed them.

If I find a buffer overflow in OpenSSL, it's important not to tell the world + dog until a fix has been developed and tested.

Otherwise the bad guys will develop an exploit while the good guys develop the fix.

Now, if it turns out that the good guys aren't going to bother to develop a fix, all you can do is publish the details of the vulnerability and warn people not to use the package or application - but that's what "responsible disclosure" is all about.

Re: Botched Aircon

> I didn't know that the Four Yorkshiremen worked in IT...

You didn't? I'm a programmer, and our office has a wide age-range (and at 64, I'm at the high end). *EVERY* time we start to discuss old tech it degenerates into the Four Yorkshiremen.

Re: Isn't it stating the obvious that liquid cooling is more effective than air cooling?

It is stating the obvious that liquid cooling is more effective than air. The more interesting statement though, is that it is becoming _cheaper_. That is a (big) change - liquid cooling for mainframes went out of fashion because it was more expensive than air cooling. (Switching from ECL to CMOS helped, a lot, by reducing the amount of heat you needed to get rid of.)

Re: Pranks and things

Well I'm glad you enjoyed them (no, really, I _am_ glad you enjoyed them). I would very strongly not have done so, and would have tried to involve the police if any of them had been done to me. If the police weren't interested, I would have tried to undertake a private prosecution.

Secular Britain

Err, actually not. Like Iran, the Head of State is head of the national religion of the largest nation in the United Kingdom. It's just that, very much unlike Iran, and pretty unlike USA, we are very relaxed about what (if any) religion people are.

I know Sunak is the first Hindu PM - does anyone know if any previous PM has been not-Christian? (Disraeli doesn't count, he became an Anglican aged 12.)

Re: Dead Friends

Actually, it is supposed to be down to the nearest and dearest to "memorialize" the dead account. It's a tough problem; they probably _could_ scan everyone's feeds with AI and detect when someone dies - but they would inevitably get it wrong from time to time, and the publicity would be awful.

Of my 141 friends, four are dead. I expect that proportion to grow over time.

https://what-if.xkcd.com/69/

Re: No loss of hardware support

Few modern software packages will run on the 486 these days. They will all assume the existence of AVX/SSE/SSE2 deep in their core, and simply won't run. It's dead Jim.

Re: Musk

There are actually cryptographic voting protocols where it is possible to show that your vote is being recorded correctly, _and_ it is impossible to determine how you voted after the fact even if you assist (possibly because of that big Kalashnikov being stuck in your face).

Re: Piledriving

I call bullshit here. There are a number of vibration sensitive facilities on the West Cambridge site, and there is also a site management committee for discussing things exactly like "the impact of construction work on on-going experiments". I'm sure the piling work did affect the nano-science lab, but they would have been warned well in advance that it was going to happen, and how long for.

Also the overlap between the normal waking hours of your typical building contractor and your typical grad student is not that long. (Which is no help if you want to run some experiment for a few days.)

Re: "What else are they going to use?"

Yubikey, client certificates, there are lots of other options. (But all of them tend to be less convenient that a simple username and password for the end user.)

Re: Jurisdiction?

Given they had a NL office, the employment contract was almost certainly with Chetal bv (in other words, a subsidiary company registered in the Netherlands). That makes tax, health insurance, etc very much simpler. As such, the jurisdiction would be the Kingdom of the Netherlands.

Re: Dissent

Do you have a citation for the implication of what you have said that a director of a UK (by which I _probably_ mean English or Welsh) company is legally obliged to accept collective responsibility for board decisions?

Obviously if he does dissent outside board meetings, he is unlikely to endear himself to the existing establishment at Nominet - but I have a funny feeling that "endearing himself to the existing establishment at Nominet" is rather a long way down his list of priorities.

Re: LONGBOWMAN

No, the _most_ important lesson is that "The moral is to the physical as three is to one," as Napoleon said.

Re: "nobody should ever be allowed to use sharp knives"

But that's not what Rust says. If you need a sharp knife without a safety guard, you can have it - you just have to mark the code region as `unsafe`. That means when I come to review your code, I don't have to worry about dangling pointers, use-after-free, multi-threading errors, etc in 90% of the code, and hopefully the remaining 10% is so simple that it is obviously free of errors.

Re: "ignores the possibility of oppressive regimes coming to power"

Germany has a history here (which is why there are quite so many privacy advocates in Germany). Religious affiliation has often been a question on censuses - and the German citizens of Weimar Germany dutifully filled out the question. Those that put "Jüdisch" had a problem a few years later.

On Luxembourg: The ECJ has one justice per member state, so almost all of them are not from Luxembourg.

Re: Crates

I expect there will be some kernal specific crates - but this is kernal code, there won't be many crates. In C, you don't get a normal standard library.

This is wrong, she was (and Charles is) monarch of:

United Kingdom of Great Britain and Northern Ireland

Antigua and Barbuda

Australia

The Bahamas

Belize

Canada

Granada

Jamaica

New Zealand

Papua New Guinea

Saint Kits and Nevis

Saint Lucia

Saint Vincent and the Grenadines

Solomon Islands

Tuvalu

Their constitutional position in each of those separate countries is identical.

Re: Yet another American English / British English difference

Thanks. Much better!

Maybe we are all feeling a bit too sensitive.

I have no idea what "government" means in Australian English.

Re: Don't Mind The Fire

If there is a vulnerability in the way OpenSSL generates RSA keys, but I only ever use ECDSA in my application, the vulnerability doesn't affect me, and I don't need to upgrade (and have to rerun all my expensive regression tests).

Now maybe OpenSSL is overly complicated, and I would be better switching to LibreSSL or NaCl - but that's a much bigger change, and OpenSSL _has_ had a lot of eyeballs on it (at least since HeartBleed).

The same will apply to go modules.

Re: I like his chances

On "Two", you are mistaken. There are economic benefits to society in general. The patent holder gets a short term monopoly in exchange for making the invention patent (=open, public) to allow further inventions based on the idea.

Re: Security Question

You can't update ASICs, so you really, _really_ need to get these right first time (so stick to small, well-understood, functions). Otherwise, you do it the same way you update any other firmware. If you care about security, the image is signed with a private key, and the corresponding public key is hardcoded in the update firmware. If you don't, just accept any old malware.

Re: Chemistry, now?

It's common in America, and becoming common in the UK as a gender neutral term for a single alumnus or alumna. (And the plural is "alums".) In this case we don't _need_ a gender neutral term as Ms Nichols was (very definitely, my teenage self confirms) female - but I wonder how many people would recognize "alumna".

Downvoting a joke

I went back and reread it. Why is it supposed to be amusing?

Re: Once again, ahead of the curve

I have an oven and a hob that have a wifi connection - but we never use them. The IoT device we _do_ use remotely, is the pellet-stove: it's nice to be able to turn it on in the winter a couple of hours before we get home. The app with our e-Bike is also useful (the bike computer on the e-Bike has a tiny screen in comparison to the phone). The TV is slightly too old to understand the Internet.

Re: So?

"Recreation room, Bean Bags, Festival tickets, Health Club, Friday night drinks, climbing wall, Sushi bar, Basketball ring, Tuition re-imbursement, international transfer opportunities, and exciting team environment"

Sounds good to me, and I'm 40! (I've just started being able to give my age in hex again).

Re: IBM Engineer...

The Falklands War started when an Argentinian boat went into one of the old whaling stations on South Georgia and started dismantling it for scrap. They had permission from the Argentinian government, but not from the Falkland Islands government ... so the local magistrate arrested them.

Notes:

1. South Georgia is a dependency of the Falkland Islands.

2. The base commander for the BAS base is sworn in as a magistrate; this is usually a formality.

Re: Burn

Courts *hate* enforcing performance. They would much rather issue a judgement for monetary damages, and they are very likely to conclude that the $1B has been agreed by the parties as the amount of the damages.

Re: Hobnobs - invented for mans pleasure

I think most Americans (particularly those that read El Reg) can be expected to understand British English, even if they can't speak it. Cultural references like "Hobnobs" though, is rather more of an advanced topic.

Re: Coz war?

"People getting bombed on a daily basis don't buy new consumer electronics...."

This is true, but while Ukraine is a big country (40M approx), it's about a tenth the size of the EU or USA+UK, and while probably fewer Indians etc buy consumer electronics than Europeans, there are an awful lot of them.

So why is the war in Ukraine having an impact on global demand for consumer electronics?

Re: Writing printer drivers

One of my earlier tasks as a paid programmer was writing a plotter driver to connect our CAD package to a Benson plotter. There was some sample code, but "the bad news is that the comments are in French; the good news is that there aren't many of them"

Re: HHGTTG

_You_ hated the movie because it was so much worse than the original radio series or the books. On the other hand, I have a friend who thinks HHGTTG is brilliant _despite_ only ever have seen the movie.

DNA had so much of genius, that even when you filter out 90% of it, the result is still brilliant!