* Posts by DontFeedTheTrolls

532 publicly visible posts • joined 4 Apr 2017

Page:

Spanking the pirates of corporate security? Try a Plimsoll

DontFeedTheTrolls
Headmaster

Correlation ≠ Causation

While there may be lots of smoke, is there a smoking gun?

Do we know the outage is related to any of the AWS related service or is it impacting internal legacy infrastructure and applications and is that legacy a major factor in the spread of the problem?

I'm not defending Travelex, AWS, DevOps or Legacy, just pointing out that at this point I don't believe there is clear enough detail to laugh blame at any particular business decision or technology choice. There are things we can tut at, but tutting is not a good stance.

DontFeedTheTrolls
Boffin

Re: A decent backup strategy is very expensive.

And a seat belt will probably make fuck all difference if a Boeing 737Max falls out of the sky on top of your car.

You must consider multiple failure scenarios and have multiple options of defence and recovery. A backup and DR is not the answer to everything, they are single tools in the box of tricks.

What do Brit biz consultants and X-rated cam stars have in common? Wide open... AWS S3 buckets on public internet

DontFeedTheTrolls
Headmaster

"Got to be some kind of idiot to put PII on cloud."

Got to be some kind of idiot to put PII anywhere that you are not confident it is appropriately secured, monitored and audited.

Cloud is not itself the problem, all the tools are there to place multiple blockers between unauthorised persons and the data. We see plenty of reports of data breaches on private data centres owned and operated by the data owner.

The difference is:

a) the business taking their responsibility seriously

b) engaging the right people to implement established good practises to secure the data.

I don't particularly advocate using cloud, I generally believe it should be easier to secure the data in a building you own and control, but don't claim cloud is insecure just because your CEO let's the Marketing team do whatever they want with the company data.

Whirlybird-driving infosec boss fined after ranty Blackpool Airport air traffic control antics

DontFeedTheTrolls
Devil

$550/hour

What's the depreciation per hour on a Eurocopter EC-120 that you're not permitted to fly?

DontFeedTheTrolls
Headmaster

Re: Contrary view

OP said he would need to perform 360 degree loops. That's not hovering but flying forward albeit in a constant turn.

DontFeedTheTrolls
Boffin

Re: 10 minutes?

For those that don't know, Pilots and Front Line ATC are not allowed to work with a Blood Alcohol level above 50% of the driving limit.

And thanks to Scotland reducing it from 80 Milligrammes per 100 millilitres of blood to 50 Milligrammes per 100 millilitres of blood, that's 25 Milligrammes per 100 millilitres of blood nationally. You're welcome.

Windows 7 and Server 2008 end of support: What will change on 14 January?

DontFeedTheTrolls
Mushroom

Anyone here still running RHEL4? Because that's just gone out of support. RHEL5 goes out of support 2021. RHEL8 is current.

Ubuntu 17 anyone? 19 is current.

Fedora 29? 31 is current.

Operating systems have a life cycle. Who knew.

As internet pioneers fight to preserve .org’s non-profit status, those in charge are hiding behind dollar signs

DontFeedTheTrolls
Angel

"It is also unclear how or why ICANN would turn over control of one of the largest internet registries, with over 10 million names, to a new entity for no consideration"

Ethics. Pure and simple. Sometimes you have to give a little for the greater good of society, and I hope someone does the right thing. .org can continue to charge for domains and operate as a not for profit organisation.

I'm the queen of Gibraltar and will never get a traffic ticket... just two of the things anyone could have written into country's laws thanks to unsanitised SQL input vuln

DontFeedTheTrolls
Headmaster

Re: 'Twas ever thus

But when it comes to software, they seem to have entrusted the job to a moderately talented schoolkid civil servant. Welcome to the world of public services.

Is there alien life on Earth? Maybe, says Brit 'naut. Well, where did they come from? How about this far-away cluster. Or this 'Godzilla' galaxy...

DontFeedTheTrolls
Coat

One advantage of the Earth being flat is that just like Stealth planes the relative reflection of rays is mostly directed away from the observer (unless they're looking directly from above), which subsequently decrease the chance of observers on other planets being able to "see" Earth from afar. If they don't know we're here they're less like to come and assimilate us. God*, in his** infinite wisdom knew how to protect Man from the rest of the Universe he created.

* other deities may be available

** her, their, other gender non-specific deity relevant pronoun

Intel teases NUC-leheads with new desktop-class graphics systems and a fast i9 CPU

DontFeedTheTrolls
Boffin

Re: Displacement??

Given existing NUCs are ~ 0.5 litres this is probably a good way to express the difference in size for the new boxes.

DeepMind founder behind NHS data slurp to be beamed up to Google mothership

DontFeedTheTrolls
Childcatcher

If we really could consolidate and pool the health records of everyone the likelihood is we would make significant progress in medical research.

And right now I don't trust any of the interested parties in doing it safely, privately, and without their own agenda.

Tory chancellor pledges to review IR35 rollout in UK private sector – just like all the other parties

DontFeedTheTrolls
Headmaster

Re: Chop chop chaps...

"The rules (which haven't changed) are very clear"

HMRC wrote the rules and clearly do not understand them since they've lost 8 out of 10 cases they've brought to Court. If HMRC can't understand the "clear" rules, how can anyone else be expected to understand them.

DontFeedTheTrolls
Boffin

Re: Chop chop chaps...

There has been substantial disruption to the delivery of projects in the Public Sector through the change to the rules, and there is growing evidence there is going to be substantial disruption to the delivery of projects in the Private Sector as a consequence of the proposed changes. Contractors are not simply being changed into "employees" as a result, and a downturn in productivity impacts the total tax take and everyone suffers. So yes, there are unintended consequences.

DontFeedTheTrolls

Re: In other news, lying liars tell lies again.

For once this is something none of them are lying about, and I believe every one of them when they say they will "review" the proposed changes to IR35.

I don't for one second believe any one of them will change anything in the short term, and I can see some redirecting HMRC to increase retrospective investigations. It is easier to smash a number of small companies who don't have high paid corporate lawyers for a small amount of tax than it is to smash the big guys who would be due billions in tax if they weren't able to skirt the law with creative avoidance schemes.

Uncle Sam challenged in court for slurping social media info on 'millions' of visa applicants

DontFeedTheTrolls
Coat

Re: And for those with NO social media accounts

Just made me think - was the "Orange King" a prediction in Disney's take of Jungle Book as King Louie

DontFeedTheTrolls
Coat

Re: And for those with NO social media accounts

"Milk and sugar?"

"Please"

"One lump or two?"

"One please"

"And Sugar?"

Dirk Gently

Tricky VPN-busting bug lurks in iOS, Android, Linux distros, macOS, FreeBSD, OpenBSD, say university eggheads

DontFeedTheTrolls
Headmaster

Re: Puzzled as usual

"As already asked more or less, is this an attack against a VPN endpoint such a router or firewall which provides a service to devices working in clear on the local LAN?"

Since the article states it is "Linux distros, along with Android, iOS, macOS, FreeBSD, and OpenBSD" I'd say it very much is the end user device that is the critical and vulnerable item. That may also included routers and firewalls built on one of said *nix OSs, but that is not the primary target.

Onestream slammed for 'slamming' vulnerable and elderly folk: That's £35k to Ofcom, please

DontFeedTheTrolls
Boffin

Re: pathetic

Yup, Directors should be in Court if the business has been conducting fraud.

Take Sajid Javid's comments on IR35 UK contractor rules with a bucket of salt, warns tax guru

DontFeedTheTrolls
Boffin

"an uncosted pledge that would leave a multibillion-pound hole in accounts should the party remain in power after the UK general election"

Or perhaps they don't want to publish the true situation that the net tax take to HMRC is almost identical before and after IR35. What they gain in NI from "disguised employees" they lose in VAT and Corporation Tax. The figures published attempting to justify IR35 only show one side, they don't take account of loss of any other source of tax.

Former Oracle product manager says he was forced out for refusing to deceive customers. Now he's suing the biz

DontFeedTheTrolls
Boffin

If it walks like a duck and talks like a duck...

Prior form here based on the other lawsuits. Quack!

I do find it funny it's RICO being used for "organized criminals enterprises"

Oracle finally responds to wage discrimination claims… by suing US Department of Labor

DontFeedTheTrolls
Coat

Why are most Equalities positions filled by women?

It's cheaper.

ESA toasts 10% budget boost by stretching ISS support out to 2030

DontFeedTheTrolls
Coat

All I can picture is a bunch of gammons banging their fists and exclaiming "but we voted to leave Europe".

Brian Eno's latest composition: A giant Christmas card with Julian Assange on it

DontFeedTheTrolls
Headmaster

Re: Assange is not in jail for being a journalist.

"Remind me when he was found guilty of anything again please?"

1st of May 2019, found guilty of skipping bail. It's even linked in the article.

Christmas in tatters for Nottinghamshire tots after mayor tells them Santa's too busy

DontFeedTheTrolls
Boffin

Re: I have it on good authority ..

Austerity - less spending.

The responsible way you ensure you can continue to pay your Mortgage.

'Ethical' hackers say: It's just hacker. To be one is no longer a bad thing

DontFeedTheTrolls
Headmaster

"The word hacker itself needs the adjective."

A, with you.

So it's like Journalist, and Ethical Journalist

DontFeedTheTrolls
Childcatcher

Ethical Hacker, Ethical Paedophile

If you are hacker, claiming to be ethical or not, you are on the criminal side of the fence.

Penetration Tester is the approved term for someone whos engagement is by contract to undertake the activities.

It might be the same skills in use, but it remains critical to keep the distinction otherwise all sorts of bedroom based keyboard junkies will justify their hacking by claiming it was ethical. Or are we suggest such a thing as an Ethical Paedophile exists?

UK political parties fall over themselves to win tech contractor vote by pledging to review IR35

DontFeedTheTrolls
Mushroom

Smoke And Mirrors

The ONLY proposed change to IR35 is WHO makes the determination, Contractor or Client.

NOBODY is suggesting IR35 will be changed in any other way, it will still apply exactly as it does today, all that is being offered by some candidates is a review of the WHO question from 6th April 2020. This is the perfect example of political spin at its best.

Quite frankly if this is the deciding factor in this election for anybody then you probably don't deserve a vote. Much bigger issues and our children's future is at stake.

The current tax system is not fit for purpose, no politician is willing to put their head above the parapet and say it, they are too worried about their own ego and place in parliament.

Dead or alive, you're camming with me, says RoboPup: Bomb squad hires Boston Dynamics Spot to snoop on suspects, packages

DontFeedTheTrolls
Mushroom

"on behalf of the bomb squad, leasing Spot for three months between"

I'm guessing the lease is for quite a substantial amount of money given there's a distinct possibility Spot won't be returned.

After five losses, Apple finally wins a round in $600m VirnetX FaceTime patent mega-battle

DontFeedTheTrolls
Boffin

Market Cap currently ~$250million. This is however based on current market price, which factors in that the $600m has not been paid and carries some degree of doubt. Apple will be unlikely to buy enough shares to mitigate the difference.

Take a Big Blue cheque and go: IBM settles 281 UK age discrim cases

DontFeedTheTrolls
Terminator

Re: confidential terms

However if you take the narrow bean counter view, 30 years of Defined Benefit pension costs a lot less than 40 years of Defined Benefit pension, and those youngsters aren't eligible for Defined Benefit.

Bose customers beg for firmware ceasefire after headphones fall victim to another crap update

DontFeedTheTrolls
Coat

The irony that Bose can't hear the noise being created by the users of their now borked Noise Cancelling Headphones

No wonder cops are so keen on Ring – they can slurp your doorbell footage with few limits, US senators complain

DontFeedTheTrolls
Boffin

Re: The un-named PR gave half an answer of course

"I think it isn't actually illegal" - correct in strict terms only, the mounting of the camera is not illegal, but any images it captures fall under other laws.

From gov.uk: If your CCTV system captures images of people outside the boundary of your private domestic property – for example, from neighbours’ homes or gardens, shared spaces, or from public areas – then the GDPR and the DPA will apply to you.

Royal Bank of Scotland IT contractor ban sparks murmurs of legal action

DontFeedTheTrolls
Boffin

Re: Fair Tax

"Same job, same taxes."

This is a fair statement. 100% same terms and conditions deserve same pay rate and any tax due will be the same.

Terms and Conditions not identical? Pay rate for the job may vary and subsequently any tax due may vary.

DontFeedTheTrolls
Boffin

"If the company can take them on as PAYE, doesn't that just prove that they shouldn't have been employing them as contractors in the first place? Sounds like RBS were doing exactly what HMRC created IR35 to stop."

There are a massive number of projects rolling through all the banks and financial services in general. Each contractor may only be engaged for a few months for a specific project, with a high churn rate, so while the overall number of contractors appears high, the reality is that they are not "Friday to Monday" scenario "disguised employees" that HMRC created IR35 to stop. I've not come across a genuinely disguised employee contractor since about 2004, it simply wasn't worth the risk.

Who loves Brexit? Irish distributors ... after their sales jump by a third

DontFeedTheTrolls
Boffin

Yes, welcome to democracy where everyone continues to get a vote throughout their lifetime despite a vote in one particular year. A deal was promised, there was no majority to leave without a deal, yet that is very nearly what transpired. Long may the frustrations continue.

It's not too late to change your opinion, millions already have, reverse Brexit now!

Interpol: Strong encryption helps online predators. Build backdoors

DontFeedTheTrolls
Big Brother

"...will immediately switch to a less compromised alternative."

Anyone using those less compromised alternatives must be a predator, therefore much easier for the authorities to track even though they can't read the content.

Ex-Capita accountant who claimed £10k bung to leave was blackmail has appeal thrown out

DontFeedTheTrolls
Headmaster

Re: Handwriting On The Wall

If an employer offers you money to leave, take it carefully undertake negotiations and see how much higher an offer you can push for: because you WILL be leaving.

Thanks, Brexit. Tesla boss Elon Musk reveals Berlin as location for Euro Gigafactory

DontFeedTheTrolls
Mushroom

Re: @disgustedoftunbridgewells

"Remain voters didn't vote to destroy the country and economy."

"Neither did leave voters"

I know it was all just "Project Fear" but people were warned of the serious consequences that would be expected in the event of trying to leave the EU. There were degrees of consequence and risk, however so far Project Fear has pretty much been on track.

So yes, Leave voters did vote to destroy the country and the economy. Perhaps in good faith they believed the Vote Leave et al campaigns that this was in the greater good?. i.e. the greater the wealth you have now the more good you'll get out of Brexit.

20% of UK businesses would rather axe their contractors than deal with IR35 – survey

DontFeedTheTrolls
Mushroom

Re: If you're going to treat contractors as employees, kiss the VAT goodbye.

Double and triple dipping - somebody please correct me if I'm wrong but inside IR35 you get taxed NI and Income Tax on the gross and don't get any tax relief on pension payments you make which occur after the NI and Tax have been taken off, unlike employees who do get tax relief on pension payments.

DontFeedTheTrolls
Headmaster

In fairness the article says Rangers were still evading tax in excess of £20million, so while an error may have occurred which might have resulted in a different outcome to liquidation, Rangers were still operating a tax evasion scheme. A loan that you never have to repay? That's not a loan, that's a payment, a salary, something that you need to pay NI and Tax on.

DontFeedTheTrolls
Boffin

"a new class of worker treated as an employee for income tax and NI purposes but has no holiday, sickness, or pension rights"

And this is where it is fundamentally wrong. The responsibility for employment is being split based on the size of company, small companies being split, large companies being ignored.

The "worker" is an employee of company "A" who sell the services of the worker to company "B". It is company "A" who is required by law to ensure all employment laws are adhered to, including holidays, working time rules and all other benefits and conditions. IR35 artificially transfers the responsibility of NI and Tax to company "B" under the assumption everything company "B" pays company "A" for the worker is salary. This is a wrong assumption.

I'm still not that Gary, says US email mixup bloke who hasn't even seen Dartford Crossing

DontFeedTheTrolls
Coat

Yup, simple form to raise corrections.

And a field to add your phone number so that El Reg can keep you updated by text on the progress of the changes you've suggested and the thanks for being helpful and pragmatic...

Any promises to extend rights of self-employed might win an election, hint Brit freelancer orgs

DontFeedTheTrolls
Boffin

Re: Tories?

If the "employer" takes on a permanent employee they have to account for things like Pension, Sick Pay, Holiday Pay, Critical Illness , Training, equipment, line management (appraisals don't do themselves) and a myriad of other costs that add up to the Total Cost of Ownership of an worker. In other words Employers need to pay for the a lot of unproductive time of the employee that they don't need to pay for directly from a contractor, the contractor is accountable for all of that themselves.

So it is possible that the "employer" pays out less total cash to a contractor than the TCO of a permanent employee, worker contractor gets more take home, and HMRC gets more tax.

DontFeedTheTrolls
Headmaster

Re: IR35

You are assuming they would be paid £1,000 a day as an employee, something I doubt for any but the highest Directors in the Civil Service.

If they are being paid £1,000 a day to their Limited Company then I can almost guarantee they are paying way more into HMRC than they would as a permanent employee on a normal salary.

DontFeedTheTrolls
Headmaster

"The tax system is designed by permanent salaried employees on PAYE at HMRC based on the nature of work as they know it"

Which is exactly the point of the statement "Build a modern tax system" - Government controls HMRC (OK, don't laugh) so government can engage (employ, outsource, or whatever) knowledgeable people in the real world to create a tax system that reflects the true nature of work and remuneration. The current system is >100 years old without major overhall and is no longer fit for purpose.

Note, I don't include PWC, EY, Capita, or any of the other self-interested Consultancy majors as suitable for the job.

All bets are Hoff: DXC exec is standing for Brexit Party in UK General Election

DontFeedTheTrolls
Pint

Re: he's american

Up vote and pint for referring to merkins. Not used enough, and far better than "Septic"

DontFeedTheTrolls
Coat

Re: Swivel-Eyed Loon alert

There was a case in Scotland where the voter wrote "C..." against all candidates bar one, and "Good Guy" against his vote.

The Returning officer (with a wry smile) said "well you cannot claim he hasn't expressed a clear preference"

Morrisons tells top court it's not liable for staffer who nicked payroll data of 100,000 employees

DontFeedTheTrolls
Pint

Re: Depends if decent efforts at data security made by Morrisons

We all make typos occasionally, have a pint for standing up.

DontFeedTheTrolls
Boffin

Was he there to audit the data? - yes.

Did he therefore have legitimate reason to access the data? - yes.

Did Morrisons take suitable precautions to ensure that when he had access to the data he didn't do something malicious with it? - no. Irrespective of what he actually did beyond his job remit, Morrisons appear to have done nothing to prevent him doing it (evidence yet to be presented and reported).

He could have been restricted to a room where he couldn't take any possessions in or out with him, and he could only work on the audit within that room. I've been to IT exams with this type of restriction, where a metal detector scan was completed to enter the exam room.

He could have had a chaperone watching him. Not exactly comfortable, but could be considered necessary.

Page: