* Posts by Deckard_C

61 publicly visible posts • joined 4 Jun 2014

Page:

Morrisons tells top court it's not liable for staffer who nicked payroll data of 100,000 employees

Deckard_C

Re: Depends if decent efforts at data security made by Morrisons

Taking photos of your screen would limit you to how many details you can steal, much less than 100,000

Printing 100,000 records, I recken at 60 records per side duplex 3 reams of paper, somebody might notice.

My emplorer has less than 100 employees. We have restrictions so only allowed applications are allow to run. That has stopped a few browser based malware by stopping dropped payloads from running.

USB storage devices are locked down, simply option in Symantec. So only 2 poeple have access to bypass that myself being one as I'm IT. But I don't have access to the payroll system, I could look at the database tables but they are encrypted so can see anything anyway.

When the auditors are in and they want a reports saving to USB they tell finance and they ask IT to copy it to USB and they can watch while IT is doing it. Not common enough to be an inconvenience.

You could upload to something like dropbox/onedrive, but everyone knows their visit to dropbox/onedrive will of been recorded. Which we avoid anyway because it's easy for people to get scammed out of their dropbox/onedrive details.

We could be more secure on individual client record access as software supports it (only have access to clients record you are doing work for) but that is seen as too much inconvenience to mantain so only do that when we do work for employees or their family

Buffer the Intel flayer: Chipzilla, Microsoft, Linux world, etc emit fixes for yet more data-leaking processor flaws

Deckard_C

Re: Nice explanation but....

The intel chip is a socket 775 so not affected. Since production ceased 2011 and others sources say these new flaws affect intel CPUs from 2011 onwards. Like you mention the motherboard is for AMD CPUs so also not affected.

Mindly annoying?

It was that gosh-darn anomaly again, says SpaceX as smoke billows from Crew Dragon test site

Deckard_C

Sweeping under the carpet != putting a completion of How Not to Land an Orbital Rocket Booster on the SpaceX youtube channel

https://www.youtube.com/watch?v=bvim4rsNHkQ

If you can't nail Mike Lynch with fraud claim, judge asks HPE, can he score a win over you?

Deckard_C

As far as I can tell "ACL Netherlands BV" only came into existance in 2017 and the assets transferred in 2017.

https://translate.google.com/translate?hl=en&sl=nl&u=https://drimble.nl/bedrijf/amstelveen/k68103271/acl-netherlands-bv.html&prev=search

Yet Lynch got sued in 2015 and counterclaimed in 2015 https://www.theregister.co.uk/2015/03/31/hp_autonomy_lawsuits/

So was the creation of "ACL Netherlands BV" purpose to try to avoid the counterclaim? and how can that work?

Arm wants to wrestle industry into a seat on the UK.gov's £70m hardware security train

Deckard_C

Re: Stock images

Very secure combination that.

CPU looks like a socket 775 to me so core2 duo era

Wanted – have you seen this MAC address: f8:e0:79:af:57:eb? German cops appeal for logs in bomb probe

Deckard_C

Re: Am i being thick...

The email server will add your external IP address to the email header, which will give them the public wi-fi from the ISP.

Emails clients will either add the local IP to the email header or send it in the helo to the email server which will then add it the header. (webmail won't include it as you can't get the local IP in a browser)

The MAC address will be in the log of the wi-fi networks DHCP or maybe still in the DHCP server with the IP lease. Which will also includes the host name of the device. Windows 7 and maybe 8 would name PCs after the initial user so you get a lot of first names. Android and Windows 10 gives seemingly random names.

My home router (ISP provided) still lists the MAC address of a device which was connected once over 3 months ago, includes the host name (first name of the owner) so I know what device it was.

Talk about a cache flow problem: This JavaScript can snoop on other browser tabs to work out what you're visiting

Deckard_C

Might that not be the reverse, stopping the ever changing ads will make the site more predictable. Provided they have fingerprinted the site with ads blocked as well.

Tech world mulls threat as new round of US China trade tariffs looms

Deckard_C

US Exports

Won't the tarriffs hit US manufacturing exports? as they will have to pay the tarriffs on any components imported from China. Or even if they don't use the China sourced components they loose the advantage of be able to use those cheaper components.

UK data watchdog fines Facebook 17 minutes of net profit for Cambridge Analytica brouhaha

Deckard_C

Since CA servers do have personal data on and if any of that data didn't come from Facebook and Facebook is claiming it didn't, then Facebook doesn't have the data subjects permission for that data and they can't have access to the servers.

Is it me not understanding GDPR or facebook?

Russian rocket goes BOOM again – this time with a crew on it

Deckard_C

Re: Space Shuttle

The Soyuz launcher has an escape rocket which can pull the crewed capsule away from the rest of the rocket for the first 160 seconds of flight included when sitting on the launch pad. This is automatically triggered when if the engines fail or the launcher departs from controlled flight and can also be triggered from the ground. After 160 seconds the crew capsule can still be seperated from the rest of the launcher as happened in this case. The US launchers before the shuttle had similar systems. That's what the shuttle lacked any escape system from launch to glide after reentry. After Challange they got parachutes which could be used if they got to the glide after rentry and for some reason couldn't land.

Most of the inflight explosions of launchers happen when the lauchers departs from controlled flight tearing itself apart or the self destruct is triggered to aviod it leaving the cleared air space.

A story of M, a failed retailer: We'll give you a clue – it rhymes with Charlie Chaplin

Deckard_C

Re: Ironic, isn't it?

Or instead of next morning next month as you find you’ve accidentally order something shipping from china. Unless your making sure you only picking prime items.

Really gone off Amazon as it’s really easy to buy fake rubbish unless you make sure your picking only prime items, not sure your even safe then.

Usually you can buy the same stuff same brand cheaper elsewhere, think they’ve got to the point where people think they the cheapest so they don’t have to be anymore.

Building your own PC for AI is 10x cheaper than renting out GPUs on cloud, apparently

Deckard_C

Re: The Cloud..

With the cloud you will also get a big cloud bill after the review in the Times and then can’t fulfill enough orders to pay it.

If you haven’t put in place limits on how big you cloud can surge.

Some credential-stuffing botnets don't care about being noticed any more

Deckard_C

Re: Maybe just

Just makes it more likely for people to use the same password across sites. At best the new password will just 1 have added to the number part. Which the bots can easily be programmed to try.

Microsoft's Jet crash: Zero-day flaw drops after deadline passes

Deckard_C

Re: Access

Ah yes where someone sorts just one column or overwrites whole chunk of the sheet or all that inconsistently entered data..... I'll just go and sit down now somewhere quite.

Deckard_C

Re: Access

Been responsaible for some of those in my foolish youth, they still haunt me. Can be fairly reliable if you only let one person in the database at a time.

Virus screener goes down, Intel patches more chips, Pegasus government spying code spreads across globe

Deckard_C

Re: Intel's plan....meh.

Best bet seem to be via OS update if you are running Linux or Windows 10. For Windows 10 like the previous microcode update it's a standalone so you have to go searching for it in the Microoft Update Catalog, search for KB4346086. Targeted for Windows 10 Version 1703.

I do wonder what percentage of PC out there that need the microcode update actually has this one or the previous one, I supect it's not very high.

Hello 'WOS': Windows on Arm now has a price

Deckard_C

I think it was a big mistake using Windows in the name of Windows RT. Compounded by launching Windows RT tablets at the same time as Windows Tablets and all the prelaunch talk was about the soon to be launched Windows tablets was that you would be able use all existing windows applications. So it became Q. What does RT mean? A. It's means it's Windows but you can't run Windows applications.

Deckard_C

Re: Local video playback

It is impressive and 50% longer than intel's* latest in the same type of test. Just I doubt it has much relation to how long it will last when you doing something other than watching a local video.

Of course you can't really benchmark "normal" usage. For example a Daily Mail reader will have much shorter battery life than a BBC News reader, and a Reg reader will get the longest (as they will have something like NoScript or AdBlockers)

I only run NoScript as nearly all adverts are dependant on scripts to display themselves these days. Also I don't get images on a lot of sites either as them seem to use scripts to load them in, so I avoid the page jumping up and down which I find really annoying when I use somebody else computer.

*I always get a down vote when I mention Intel in a negative way.

Deckard_C

Local video playback

I'm not conviced hours of local video playback is a very good indication of CPU power efficiency. As that's mostly CPU idle as the dedicated video decode in the iGPU decodes and sends the video to the display. Does the CPU even get involved sending the video from RAM to the iGPU or is it DMA by the iGPU. And is video being played just a loop of video which fit's in RAM.

Intel is also using hours of video playback as a performance camparison for it's new laptop CPUs (I think 16 hours is there claim)

Devon County Council techies: WE KNOW IT WASN'T YOU!

Deckard_C

Re: More than just spelling.

Haven't used a Postal Order since mail ordering things from Maplin like edge connectors and cable for the C64 userport so I could POKE* and PEEK the CIA into bit bashing a serial connection to my mate's C64 next door so we could text chat.

Of course it first involved a phone call well probably a couple rings and then hangup, to expensive to actually talk. Then turn the C64s on, load the program from tape and then the speed was probably like teletype which was of couse made it cool. Probably didn't actually use it much as it was quicker to talk through the fence when we wasn't allowed out.

The C64 did get you to know the hardware, if you wanted it to make sound you had to POKE the SID chip registers to set the waveform, frequency, attack, sustain and decay durations.

*POKE was the BASIC command to write a byte to a memory location which could be the control registers of the CIA which was IO chip, SID which was the sound chip, VIC the video chip

Microsoft: For God's sake, people, cut down on the meetings!

Deckard_C

Re: Bah!

I was disappointed when outlook started telling the recipent that you used the don't send before feature. As I used that for those people who would sit in the emails and reply immediately with another question involving more work. Slows it down and gives me a chance to deal with my emails.

Although most people these days don't seem to bother reading emails, at least the ones from IT. The times I've head "Oh I don't read emails from IT"

Deckard_C

Re: firing off emails at anti-social hours

"Any E-mail which doesn't require an action from someone probably shouldn't be sent in the first place."

I find any E-mail which requires an action from someone needs to be followed up by a telephone call or actually visit. The email is actually just a record that I've asked them.

So if see little point in doing something I will E-mail the person asking for a confimation they do want me to do it preferably requiring them to supply me with some information I need to proced.

Or if it's something I want to do, E-mail them to say that I will preced with it by some date and they need to E-mail before then if they don't want me to go ahead and do it.

Deckard_C

Re: Then there are the Meetings about a meeting to set the agenda for another meeting

And there are meetings to prepare for a meeting

PC shipments just rose, thanks to Windows 10

Deckard_C

Windows

I think it’s more likely that windows 7 only has a year and a half before no more updates and takes big companies a long time to replace a large number of PCs and smaller ones who just OEM license don’t want to waste a money on just a win 10 license on an old PC when for the same amount your half way to a new PC.

If I had the time I would of taken advantage off the free Win 10 upgrade and dual booted back to 7 until the updates stop.

Although intel didn’t release the firmware updates for spectre to the Intel CPUs we’ve got in most of our PCs and the ones they did HP didn’t release BIOS updates for. MS only included the firmware updates in Win 10 updates not Win 7.

First A380 flown in anger to be broken up for parts

Deckard_C

Parts will be removed from the aircraft to be overhauled or repaired, but you don't want the aircraft sitting around not earning waiting for the parts to be overhauled or repaired so you need a pool of parts which have already been overhauled and repaired ready to put back on. Cheaper than brand new when you only need a overhauled part.

Deckard_C

Re: A380 leasing as an investment

What the piece failed to mention was there 4 A380s at the end of their lease, 2 are to be parted out and 2 have been placed with another airline. So not as bad as it first sounds, but still a challange.

England's top judge lashes out at 'Science Museum' grade court IT

Deckard_C

Re: I'm told they still use fax as the losest common denominator.

For criminal matters the courts, lawyers, the CPS, police have being using CJSM for years which is an email system where all the emails go through the CJSM emails servers. You can either have webmail access to it for connect your email system to it provided you have full control over your email server and not shared. Not Office365 or gmail etc.

Although now you can't use it for documents as they have to be uploaded to the criminal courts system. And you can't present any documents in court if they haven't been uploaded to the system. Basically they have gone paperless in court. They have a clickshare type system in court so you can display your laptop screen on a big screen. It might actually be clickshare but haven't actually been in the courts to see.

Also depending on the hearing they don't actually bring the defendent to court from the police cells or prison and is done by video conference, the lawyer might be at the court or with the defendant depending on circumstances. I think it's more common for the lawyer to be at the court as they may have other cases to deal with as well. A Lawyer will be sent to court to deal with what ever clients are appearing that day at that court.

I'm not a lawyer.

Send printer ink, please. More again please, and fast. Now send it faster

Deckard_C

"We have an MFD that actually stores two stacks of A4 side by side in the tray, when one stack is depleted the spare gets shunted into place, you can even refill the backup stack whilst it's printing from the first."

We've got some like that each stack is three reams so the active stack is on a platform which lifts the paper as it gets used. Unfortunately it's gets loaded with one ream of A4 or one ream of A3 as you can imagine it really doesn't like A3 resulting in call outs. When replaced it will be a device with standard 500 sheet trays.

Also the replacements won't have side stacking finishers as cupboards have since been put next to them so the finishers stick out in front of door ways and we have to move them to open the side doors on the cupboard side to clear paper jams. Can't open manual/bypass tray to use because of the cupboard as well.

Braking news: Tesla preps firmware fling to 'fix' Model 3's inability to stop in time

Deckard_C

Re: A different problem

If remember correctly an america miltary guy (probably air force) did a lot of deceleration research by strapping himself on to a rocket sled and stopping it quickly. I think he got upto 50G before getting detached retinas, longer then a few microseconds but less than a second.

I think you can sustain 9G for a few seconds in a Typhoon in a G suit which covers both you torso and legs with the proper training and practice.

Royal Bank of Scotland decision to axe 160+ branches linked to botched IT gig – Unite

Deckard_C

Re: 'Created' My Arse!!

& should be avoided as well for domain names.

US sanctions on Turkey for Russia purchases could ground Brit F-35s

Deckard_C

Re: In hindsight

UK Military defense budget is more like £35bn the "defense" budget also includes other things, the difference mostly made up of foreign economic aid.

An easy-breezy attitude to sharing personal data is the only thing keeping the app economy alive

Deckard_C

I'm not sure Facebook the site and App will still be big in a few years. It seems while today's youth (of working age) do have a facebook accounts they don't use it. And have moved on to other alternatives because they find them better.

Facebook the company will still be around as they are buying up the alternatives,

They also don't see the point of twitter, at which point I bore them explaining why there is a 140 char limit. and if they are still listening and understand how much a MB I might tell them how much could be stored on a floppy. This is my revenge for them saying "I wasn't even born then" to me.

By the way I don't much see the point in using Facebook, Twitter, WhatsApp, Instagram etc.

Ariane 5 primed for second launch of year after trajectory cockup

Deckard_C

Re: Ariane 5 vehicle has proven.a.. reliable workhorse,..92 launches out of 97 attempts.

Since I only remembered 2 failures I had to check

Out of those 5 those launches:

2 were explosives failures and total loss, total of 3 payloads (I think both were destroyed before they got a chance to destroy themselves)

1 was early first stage shutdown, not intended orbit howecer payloads met their objectives

1 was second stage early shutdown, 1 payload reached intended orbit using own engines. 2nd payload total loss

1 was wrong transfer orbit for 2 payloads as mentioned here, both will reach intended orbit

F9 has lost another payload which was a secondary on a NASA resupply flight to ISS due to early engine shutoff. It may of been able to get the secondary to the intended orbit but there was a risk to the resupply mission if they tried.

The first Ariane 5 launch and failure would of been a Reg story since it was due to a float conversion to an 16bit Integer causing an overflow error. The code was reused from the Ariane 4 and when it was designed for the Ariane 4 it was determined the overflow would never happen which was true for the Ariane 4.

Watchdog growls at Tesla for spilling death crash details: 'Autopilot on, hands off wheel'

Deckard_C

Re: Selecting Lane 3 of 2

I don’t think it was selecting lane 3 of the left hand route but lane 1 of the right hand route and possible not aware it had got to the point of where the routes are diverging as GPS isn’t that accurate.

Microsoft's Windows 7 Meltdown fixes from January, February made PCs MORE INSECURE

Deckard_C

Re: No surprises

If it’s 32bit windows 7 then no meltdown patch anyway. If it came with windows 7 then your oem probably hasn’t released a bios update for the Intel CPU firmware and MS so far is only including Intel firmware in Win 10 updates, so probably no spectre v2 patch either.

Deckard_C

Re: Re. Game over, Microsoft

Yes, well wipe and install. Vista vintage PC (now running win 7 64bit) and PCs from 2010. Hardware limit to 4GB of ram only 2GB installed.

How a QR code can fool iOS 11's Camera app into opening evil.com rather than nice.co.uk

Deckard_C

Re: goto fail;

Back in the day this was used to obscure dodgy links in scam emails. Make the username part look like a domain the password the port. Most people used to assume the username was the domain not the bit after @.

Of course these days most people using the internet don't seem to have a clue of what a domain is in a URI. You probably get plenty of hits with saying

click on http://scam.me/ to reset your Office 365 account

even from those who don't have a Office 365 account. This is based on the number of times I've had to say that's a scam email because you haven't got a Office 365 account.

Europe is living in the past (by nearly six minutes) thanks to Serbia and Kosovo

Deckard_C

Re: For those who wonder...

Nuclear gets first pick as they need near 100% output all the time to have a chance of the investment being paid for.

Coal need to be running constantly but can vary the output, only generally shutdown for there summer maintenance.

The gas power stations are the one which handle most of the large changes in load, for the UK anyway..

Hydro and pumped hydro handle the quick changes in load

Wind is interesting as when there is plenty of power wind turbines are sometimes stopped, because they are the easiest to stop I don't know if that's techincal reasons or contractually. With a power grid being able to stop or reduce supplying power can be as important as providing that power on demand.

Meltdown/Spectre week three: World still knee-deep in something nasty

Deckard_C

Re: Still no patches for...

No meltdown fix for 32bit (x86) versions of Windows

See FAQ Q4 https://support.microsoft.com/help/4073119

Which seems to be mostly overlooked

Boffins split on whether Spectre fix needs tweaked hardware

Deckard_C

Re: Meltdown is not comprehensively protcted agaist.

No protection against meltdown if you are running 32bit Windows.

From https://support.microsoft.com/help/4073119

Q4: I have an x86 architecture, but I don’t see an update offered. Will I get one?

A4: Addressing a hardware vulnerability through a software update presents significant challenges, and mitigations for older operating systems require extensive architectural changes. We are working with affected chip manufacturers to determine the best way to provide mitigations for x86 customers. These may be delivered in future updates.

Possible cut to British F-35 order considered before Parliament

Deckard_C

Re: Still not too late

"In service" seems to be of of those strange terms, more it's been handed over to the Navy. As IOC isn't until 2020 and first deployment is to be 2022. Last I heard they was still having issues with the Cats and fully loaded F/A-18 but that might be fixed now, also the traps alone are now costing $1.3 billion. Bargin at a construction cost of $12.9B and $3.7B in R&D. Good to know the UK isn't along in messing things up.

Deckard_C

Re: Still not too late

The new US carriers actually use large flywheels connected to motor/generators to store the energy for launching the aircraft with EMALS anyway, so would use the same system. It's just how long it takes to spinup the flywheels for the next launch. The US carriers have four catapults and they wanted a high launch rate. Lizzie would just of had two and have less aircraft to get in the air.

When you look into what is involved with EMALS you start thinking steam isn't all that bad after all, more so if just launching one type of aircraft. Not that I can really comment.

Software update turned my display and mouse upside-down, says user

Deckard_C

Re: Now it can be told...

Last two weeks I've had

done to my PC while I left it unattend, a screengrab of my desktop in picture viewer fullscreen. You can move the mouse pointer but can't click on anything. The screengrab has to be in a folder on it's own.

I've done the ctrl-alt arrow to two IT trainees.

And afterwards had a user do the ctrl-alt arrow to themselves.

First had the ctrl-alt arrow done to me by my boy when he was a toddler

Screengrab with an application open in a window set as a wallpaper so it looks like you have a application open you can't close.

Years ago I wrote a little program with the X close disabled and a close button which would randomly move on mouse over event to prank my flat mate. Can't remember what message it displayed.

Also one which screengrabbed the screen then displayed it full screen while moving it to create a shake effect.

Deckard_C

Re: easier way

Not that you seem them these days, but have you seen a copy typist at work? They don't look at the monitor or keyboard until they stop to turn the page. Some can have a conversation at the same time, I'd be typing parts of the conversation.

Had a secretary tell me yesterday, she was doing audio typing and when she looked back at the screen from looking round the office she wondered where the rest of the document had gone as only the last bit of typing she had done was left in the document. She worked out the she had accidently pressed ctrl-N instead of ctrl-B

Behold iOS 11, an entirely new computer platform from Apple

Deckard_C

Re: Innovation? We've heard of it

Your not talking about Amigas and it's applications then as that was C and linked libraries and functional GUI elements. Yes games would dump the OS, multitasking and hit the Hardware with probably a fair bit of assembly.

Modern compliers will generally produce quicker code than hand assembly unless there are some major cpu instructions the complier can't use like SIMD. Most of the time you'll be slower.

The problem is more likley (in no order):

Bling GUI elements like transparency, fade in and zoom on to display or wobble.

Lots of code which isn't complied into native CPU instruction things like javascript and bytecode languages.

Text based protocols and formats like HTML, XML which has to be scanned byte by byte.

Can't even tell how many bytes a character is with checking each one, but it mostly doesn't matter.

Use of Frameworks where 5% of the features are used but have to take the hit of the complexity of the other 95%

Forget trigonometry, 'cos Babylonians did it better 3,700 years ago – by counting in base 60!

Deckard_C

Re: Trigonometry is not about triangles...

sin, cos, tan and the reciprocals and derivative are used heavly in design and describing AC circuits which includes audio and radio circuits and basically any circuit which has a signal. After all sin describes a pure AC signal or audio wave hence sine wave.

To be honest I found the maths far to difficult just have a look at wikipedia https://en.wikipedia.org/wiki/Trigonometric_functions and scroll down

I found using matrices to solve simultaneous equations with more than two unknowns to be much easier to get my head round not that I can remember how now.

For example GPS uses trigonometric functions for the radio waves aspect, trigonometry to calculate your position using simultaneous equations to solve the 4 unknowns of your position in x, y, z and time.

Linux-loving lecturer 'lost' email, was actually confused by Outlook

Deckard_C

>As opposed to an admin who thinks he's above user preference?

Extensions isn't a user preference, that's decided by OS and software makers. A bit like putting bleach in a bottle labeled milk.

Who are you to dictate file extensions?

>Admins don't it's the software makers

>What if he didn't want to use them at all?

What if he wanted to drive on the other side of the road.

>What if he had never heard of those particular extensions. What if another program used the same extensions?

That's why you don't make you own extensions, as he picked one which meant this is not need and can be deleted.

Not that I go around deleting files. But I do have to deal with people asking me to open files because they can't as the extension is wrong. So they get this file is corrupt or unknown file. Luckly most modern common files I can identify looking at the raw file as they have a 4 byte identifier. But not all software providers include sech an identifer in there file format.

Also I've seen backup software have default exclusion of file extensions of known temporary files. And of course emails clients and email security software will block attachments of a whole load of extension which identify files which contain code. A lot more than I can list.

Suprising how often this happens on an urgent email sent by someone as they just go on holiday.

These days with more of this stuff in the cloud your admin won't have control to override this. Cloud provider may say they just don't have that option. Like you can't send certain things in the post.

I think story was from a time when extensions where less standard and the risk lower.

'No decision' on Raytheon GPS landing system aboard Brit aircraft carriers

Deckard_C

There where ordered with modern avionics, just it couldn't be certified to RAF regulations because when the software was designed in the US it wasn't documented enough to meet the RAF regulations. Nobody thought to check this when they where ordered. So they might of been perfectly safe to fly but didn't have the paper work. The US and the Dutch have different regulations so for them they where safe to fly.

The temporary solution was to install the same old avionics as the rest of the fleet. They where then used for UK based training allowing more of the older Chinooks to be deployed to Afghanistan. They where still fairly different to the rest of the fleet as originally order for special forces use. They where stuck in a hanger for years until Afghanistan forced the MOD to spend the money to get them flying.

The long term solution was the replacment of the avionics by modern avionics when the rest of the Chinook fleet got there avionics replaced.

Microsoft's new Surface laptop defeats teardown – with glue

Deckard_C

Re: Add it to the pile of coal.

I thought I was going to have to remove the headlight of a 206 just to replace the bulb, but was then shown you could just pull the neck of the washer fluid bottle off. But then that 206 did get scrapped in part due to the labour cost of getting the heater matrix replaced.

Page: