Posts by Lysenko 986 publicly visible posts • joined 23 Jan 2015
Python hipsters??!! What??
Hipsters either use Haskell, Swift or JS depending on subspecies (UberGeek, FanBoi or WebMonkey). Python?? No chance...
I agree about whitespace though. Making the style guide into syntax is dumb as a box of rocks.
The key difference here is Python 2.7 always was and still is a fairly credible language. V3 fixed/broke dodgy design decisions like overloading strings as byte arrays, but it wasn't a wholesale refactoring of the entire standard library and operator evaluation logic because those things were not catastrophically broken in the first place.
PHP7 starts from a different position. Those basics (and MUCH more) are catastrophically broken. Either PHP7 terminates backward compatibility on a heroic scale (and nukes it from orbit, just to be sure) or it is pointless.
A more accurate parallel is/was IE6. Ubiquitous, entrenched, critical to line of business functions but fundamentally broken to the core, just like PHP.
Hilarious. This might be an easier sell if Mongo (and the rest) had promoted their tools as large scale document management or file systems, but if you insist on calling the product a "database" and implicitly inviting RDBMS comparisons then you're simply asking for trouble if you try to present the single most basic relational feature as "enterprise".
If they want to charge for something, implement bulletproof ACID. Lots of freetards won't need it (or understand it in some cases) but backside covering management might pay up as part of their P45 avoidance strategy.
[*] I use Mongo myself as a storage engine for tens of thousands of JSON packets. It works great for that, but it is functionally indistinguishable from dumping INI files in a sub-directory - the database in this system is PostgreSQL.
Agreed. In fact I personally don't care if they have to ditch/block all canned video and audio to do it. I want Skype to work but I don't need youtube, music, games and so on with a work phone (I can use a shenzhen generic for that).
They've blown about £250 million of market capitalization on this so far. An MBA-less ignoramus like myself might think:
"Hmmm ...maybe it would have been a good idea to spend 1% of that on beefing up the IT security budget!!"
...which of course must be a ridiculous idea leading to the implosion of capitalism, plagues of locusts, dead rising from the graves ...etc.
I mean ...it must be insane ...or the MBAs would have done it that way in the first place.
"television ads for fast delivery from Amazon.co.in. Which were galling seeing as Amazon hasn't made it to my Australian home"
Unless you're contending that Google's figures are rigged, India today has twice as many online shoppers as the *entire* population of Australia in a country less than half the physical size! Seems to me the Amazon priorities you find galling are actually just common sense.
Obviously. No-one experienced at tech journalism or blogging would attempt to foist such a deluge of bovine byproduct on the commentariat here and expect anything other than universal derision. This isn't a "safe space" for PowerPoint "ninjas" used to communicating with PHBsCIOs and other non-technical execs.
I suggest ElReg form a Kaizen team to organize an agile scrum and skills sprints so Mr Walker can focus on his core competencies in bringing about editorial transformation achieving readership buy in towards seizing the low hanging fruit of holistic and full stack quality perspectives.
Presumably he's thinking of an opt-in/out box so that the customer can switch off hard encryption and tracking so that when something is blagged from your account (or before - prevention beats detection) Knacker can instantly browse all your details and transactions to determine where the bad guys siphoned off your savings to.
These gangs move fast so messing about with warrants and oversight plays into their hands! Also, such attacks are rarely one off so once an instance is detected a wide trawl of all similar or associated data makes sense to prevent others falling victim.
It is all perfectly logical if you "THINK OF THE CHILDREN" ....brrr ...sorry .... if you sincerely believe that executive branches of government always have benign intent and if you have no grasp of market forces (which dictate that crooks will always be at least as smart as cops until being a cop pays better than being a crook).
1) Get a briefing from IT and Legal so I don't stitch up the company in terms of liability insurance or appear like an idiot by mixing up a DDoS with a data theft and talking about "hundreds of databases" (which I certainly hope isn't true).
2) Ban Marketing and PR from saying anything (reasons: see 1).
3) Identify sacrificial goats. This would be whoever proposed the last reduction in "administration" expenses. Bonus points here if an external Management Consultancy or activist shareholder can be hung out to dry. Ideal solution - pin it on Bankers somehow. Remember that the public (i.e customers) like seeing "suits" lynched, not engineers.
4) Offer indemnities as far as possible, subject to Legal advice. Do not involve anything that the opposition can spin as further ID snaffling.
5) Offer carte blanche, penalty free early contract termination. Undecided customers will respect it and those who really want out will leave anyway because trying to enforce the penalties would be an even bigger PR disaster and might even fail in court.
6) Announce credible steps towards future recurrence with a visible hair shirt element. Bonus and dividend cancellations to the fore.
7) Assume a sharp, short term fall in the stock price. Preventing that is impossible so worrying about it is irrelevant. Adopt a price target for Q2 2016.
"I've been looking through the departmental budgets and obviously I'm missing something: at first glance it appears we are spending more on marketing and executive bonuses than on security!
Obviously that's insane so, like I said, clearly I'm missing something?
... I AM missing something ... right ??!!??"
If you read the full text of the clause it entirely hinges on the definition of the word "assist". You can make a pretty strong argument that responses like: "Yes, I agree, that IS a pretty nasty problem." constitute assistance. You are using expert knowledge to validate a proposition.
HR ... once you use the word "resource", then "exploit" is never far behind. Just change the name to "Livestock Management" and have done with it!
...in these discussions is that although we might get our sphincters in a spasm about "privacy" the existence of FacePalm, Twits and the vast number of NSFW "webcam" sites indicates that there is a substantial exhibitionist demographic out there.
Such people probably don't want their bank accounts raided any more than anyone else does, but from "private" opinions to dietary habits to grumble pics, they go out of their way to broadcast to the world. Privacy as we construe it is therefore an anti-pattern.
...there is a worrying lack of appreciation of how intense reality distortion fields can be and how much rationalisation can be manufactured to get past an: "I can't tell the Boss\Customers\Shareholders THAT! He \they won't like it!! <cringe>" culture.
I can buy the idea that VW execs. didn't know about this because I can buy the idea that they created a culture where "positivity" was encouraged (promoted) and "negativity" was discouraged (fired) to the point that they were left bouncing around in an echo chamber of their own wishful thinking. I've seen it happen first hand. That sort of ignorance is still culpable of course.
...is arguably the primary real world relevance of the "Ubuntu on a phone" idea. The semi-existence of this option creates a back door in the market if people get sufficiently suspicious about iOS or the huge binary blob injections Google essentially mandates with Android.
Personally I would probably switch to something fully Chinese or Russian (Yotaphone?). That's not because I imagine the PLA and FSB are less likely to be snooping. It's because the USA has a virtually unique propensity to try and extradite people who may never have set foot on US territory to face charges under US law in US courts.
The hubris, overweening arrogance and anti-democratic totalitarianism of the USA in attempting to to project legislative and judicial authority extra-territorially is easily as big a problem as the obsession with snooping.
I'm not remotely concerned with some spook raiding disrobed selfies from my phone (that's their problem: some things you just can't unsee!). I am concerned with an electioneering DA misinterpreting something snaffled from my email, concluding that I'm involved in a Libor rigging conspiracy and screwing up my life with extradition proceedings (I write software for Banks, among other things).
£500ph ?? Nah. The sentiment is right but the presentation lacks something.
I suggest that in line with the recent elevation of "Foot II", another trip back to the '70s is in order. "Quintuple Time" has a better ring to it. Then spend the six week resolving demarcation disputes and holding shop stewards meetings ;)
The issue with the USA isn't so much NSA vs. SVR it's a question of tort lawyers. In the vast majority of cases businesses aren't really concerned with government spooks tapping into data per se, they're concerned with class action law suits and astronomic tort costs. That isn't going to happen in Russia or China unless the plaintiffs have some serious political connections.
Assuming a 64bit identifier and 8 byte payload:
(((100000 x 10) x 16) / 1024) / 1024 = 15625kbps
...taking your 1:1000 duty cycle and (for no particular reason) ZigBee @868MHz data rates of 40kbps:
(15625 / 1000) / 40 = 0.39
There is a lot of useful work you can get done with numbers like that, particularly since the above is assuming that all 100000 people are connected to the same tower (impossible) and that there is no mesh store\forward or backbone links (absurd).
It is refreshing how much useful data you can get through a low power radio link when you don't have to account for cat photos, XML or its portly rather than morbidly obese cousin, JSON.
The point is that if rubbish performance by your leasing (or outsourcing) company is costing you a fortune in fines (or contract penalty clauses) then you might sometimes reconsider your delivery model and bring the offending functions in house where you can control them properly.
I know about package managers thanks. I'm setting some stuff up right now for a guy you might call a "power user" in Windows terms since he can program a bit in Delphi. So, what do we find setting up Lazarus for him with Synaptic? Version 0.9 something!! Current version is 1.4x. So, download the deb from project website. Install. Doesn't work. No error from the GUI shell, just "nothing". Stop.
Fire up a terminal (FAIL!), execute from command line, bunch of viciously user hostile error messages, conclude we have some lib problems, apt-get, part success, part fail, scratch head, aptitude the fails, it works (wat??), try again, more extreme hostility from the command line, get frustrated, apt-get subversion (I'm already in a terminal so why back out), wget FPC V2.6.4, clone FPC V3.1.1 source from svn repository, recompile the compiler, pull Lazarus source, recompile entire IDE, RTL etc. in situ. It works.
Windows: Download current Delphi service pack release. Double click setup.exe. Make tea. It works.
Re-read. *I* use Mint, Yocto, Arch and OpenWrt all the time. I have no problem at all with a root shell or the make I'm running right now with about 25 command line switches. This isn't about me - it is about mainstream desktop users and they don't build kernels and rootfs images from source every few days.
If I ran Ubuntu I would knock up an internal build with no accessible command line capability at all and make the devs I employed use it. Any time they ran into a wall - write a GUI solution - rinse, repeat and a year later they might just reach WinNT4 standards.
To be fair to the vendors, they are damned either way as things stand. They either maximise interoperability and therefore have lowest common denominator security or else they fix the security problem and get vilified for "vendor lock in" and refusal to adopt "open standards". The ZigBee arguments apply equally go ZWave.
WiFi simply isn't an option for many of these devices due to power issues and Bluetooth LE doesn't currently have the routing sophistication to solve range problems. That only leaves the EnOcean, Insteon, Lutron approach of proprietary protocols - which may well actually be security through (relative) obscurity in terms of the black hat target list.
The real nasty in the IoT\HA space in my view is the creeping acceptance of "cloud" BS (I'm looking at you: NEST, SmartThings, HoneyWell, GE\Wink), potentially exposing these control systems to hackery from anywhere on the planet.
>>Uhhhh....what? Presidents aren't psychic. They're human. And fallible.
Which one requires psychic powers:
1) Being self aware enough to know that you are widely despised?
2) Being aware that internet hackery is "a thing" and you need to have competent staff working security for you to prevent it?
This isn't a question of being able to see round corners, it is a question of not running (for President) round corners with your eyes closed because you had no idea there could possibly be a brick wall there or you were too distracted by your hair transplant to pay attention to the obvious risks.
As for being able to live with yourself when your mistakes kill people, that is dead [sic] easy. Ask any sociopath.
>>That is at best evidence that the corporate security review policy needs >>fixing
Quite. It needs fixing. Who "presided" over it not being fixed? The point about being President is you are supposed to see threats coming BEFORE something nasty happens. Any fool (even Trump) can delegate the task of fixing screw ups after the event.
"I may not be able to secure my web site but I'll sure as hell secure the borders!!" ...Yeah, right, now about that bridge I've got for sale....
As for scaring the Establishment: the only people with anything to fear are the Republicans. Trump is unelectable, but if he goes 3rd party he could do the same thing Perot did to Bush I by cornering the wingnut vote and thus handing the Presidency to Clinton II.
Despite all the frothing at the mouth in the 18th century about the tyranny implicit in a hereditary monarchy America has always been relatively comfortable with hereditary oligarchy.
Couple that with economic Darwinism and an interpretation of the 1st Amendment that allows the media to be bought, corrupted and essentially compelled to broadcast unlimited private "party political broadcasts" and you have a recipe for the recreation of a pseudo-monarchy, albeit with two power blocks vying for supremacy - pretty much like any other civil war (Yorkists vs. Lancastrians, Stewarts vs. Hanoverians, Cavaliers vs. Roundheads etc).
If you are running for President of the USA then you are aiming to be CiC of a nuclear armed military. The fact that you're too incompetent to ensure that your own web site is passably secure is directly relevant to your candidacy.
It isn't a question of expecting the follically challenged a$$hat to know how to secure it himself: the point is that a guy punting at one of the biggest Executive Management jobs on Earth either didn't think to delegate the task to someone capable of doing the job properly or has such a breathtaking lack of self awareness and common sense that he never imagined he would be a target! Either way, I wouldn't want the security of any country in such hands.
This hack is simply "investigative journalism".
>>You don't tug on Superman's cape
Wrong superhero comic franchise.
I accept Superman did battle the odd alien, but that was always about outer space and other irrelevances.
Captain Comb-over is a superhetero for the 21st century. He realizes where the real alien menace is (Mexico).
The creators forgot to fit clearly unambiguous genitalia and name it "HeteroBOT". You know how hot under the collar some 'merkins get about ambiguous gender identity and (scare quotes time) the "Gay Agenda"!!!
Letting an intersexual and possibly homosexual (yes, I know: logic isn't relevant) robot into your CAR!!?? Possibly with ("THINK OF THE...") CHILDREN??!!
The horror doesn't bear thinking about. Thank $DEITY this unholy abomination can no longer menace impressionable young minds on the public highway.
>>We've seen video of a quadcopter-mounted handgun recently
Seriously?? Maybe a recoilless air pistol, but there is no way in hell any quadcopter of the sort typically discussed by drone paranoiacs is going to withstand the forces of discharging a conventional firearm even if totally randomised aiming and instant loss of control\destruction of the platform is deemed acceptable. Bomb delivery via Amazon type drone tech., maybe - firearms: no chance.
...but I can see uses for it in other settings, like conference rooms. So long as everything in the room is intended to be recorded\minuted (sales presentation or something) there could be some "shiny beads" coolness factor in controlling the lighting, projector, ordering taxis or whatever.
>>People are dangerous and people kill, with or without guns......
True, but irrelevant. The point is whether a particular technology tends to facilitate a negative outcome to the point where any positive effects are negated. You would not, for example, write an airliner flight control system in Zend PHP. Why? Because it is a fundamentally dangerous language that facilitates blowing your own foot off and that negates any advantages of fast and cheap development. Guns, like PHP make it too damn easy to do something stupid.
I worked on a NATO small arms proofing range. I know exactly how dangerous guns are (we routinely shot up livestock carcasses), we took extreme precautions regarding range safety and we still ended up with an accidental death. I am consequently actually qualified (passed exams and so on) to handle firearms and I wouldn't have one of the damn things in the house if you paid me.
>>A gun is an inanimate object, just as is a hammer, an iron bar or a stone.
...or a bomb, nerve gas, arsenic, anthrax ...all of which could be argued to fall under the definition of "bear arms".
>>If someone intends to kill another, the tool that might be used or not has no importance..
It has every importance because people are fickle and emotional creatures. Essentially, if you make it difficult to kill someone there is a chance that tempers may cool and common sense be restored.
>>Dont you see the connection, some people are simply bad, and their objectives will always be obtained regardless of the means that are available..
However some people are just bad tempered drunks. The vast majority of gunshot victims aren't targeted by relentless, dedicated assassins.
>>Do you think we should also remove guns from soldiers ?
Of course not. Killing people is what soldiers fundamentally exist to do. It would be as daft as taking explosives away from quarrymen.
>>telling the great "unwashed" that "They will get Justice" for so and so criminal
Your case in point being someone getting shot by a cop? With a gun?
>>then rioters shot two policemen in retribution
Shot? That would be with a gun again?
>>to defend us against an angry mob of their creation
Because said angry mob have guns?
>>the criminals are unafraid of cops that have been neutered
I thought the cops had guns? Indeed, your first point specifies armed police shooting people as a starting point.
>>It has NOTHING to do with race or greed, only a willingness to work hard.
Ummm, by your own argument it seems to have quite a lot to do with guns as well. Doesn't seem likely that a cop armed with a nightstick would have been able to shoot anyone in the first place.
Arguments about cop massacres if "only the crims have guns" hold little water. A British cop armed with a baton and CS gas (maybe a taser) has far less chance of getting shot on duty than an American one.
"The PC is simply a tool that does stuff and much like their car..."
If that were true then they would have to pass an exam before being allowed to use a PC and risk prosecution if caught drunk in charge of one. These problems arise because users *don't* think of a PC in the same way as a car. Your fridge analogy (or possibly bogroll in some cases) is closer to the mark.
I disagree. As the police are fond of reminding people when it suits them: "Ignorance of the Law is no defence".
Consequently the "bosses" (is that you Len McClusky?) shouldn't be on the hook for this, whoever was heading up that investigation and whoever put the discs in the desk drawer should be held to account. The fact (if it is indeed a fact) that the frontline cops were not explicitly trained to obey the law is an irrelevance, as per standard police operating practice.
Never seen the shows you're referring to but we messed around with one in the biomechanics lab when I was at University. It generally "worked" if one was totally cooperative with it and it took a while to suppress deviations on lies but it only took about 10 minutes to learn to create false positives on control questions and render the device entirely useless.
"How horrible, fantastic, incredible it is that we should be digging trenches and trying on gas-masks here because of a quarrel in a far-away country between people of whom we know nothing. It seems still more impossible that a quarrel that has already been settled in principle should be the subject of war."
UKIP spokesman on the Russian annexation of Lithuania.
UK only: Read the "Unfair Contract Terms Act 1977" (which despite the name also involves torts).
Slapping GPL on your code doesn't get you off the hook if you cause death or personal injury or other losses attributable to fraud or misrepresentation and you can't blanket disclaim away liability for negligence under any circumstances. Disclaimers and offering source code are arguments you can present as a defence, but they are not enough to get a case dismissed out of hand.
The other point you are missing is "consideration" (payment, essentially). Given that no contract can exist without consideration, giving away a binary for free will probably limit your liability to tort whereas distributing something under GPL and then charging for support, consultancy etc. will bring bring in contract law.
Too many people seem to think that they can put any provisions (particularly disclaimers) in a contract\license and so long as both parties agree the terms are automatically binding. They aren't; whether contract terms are reasonable or not is a matter for the courts. The liability you want Microsoft to assume would be unenforceable.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
