* Posts by Daniel B.

2925 posts • joined 12 Oct 2007

Popcorn time at Popcorn Time: More vid slurpers hauled into court

Daniel B.
Silver badge

Re: Case dismissed?

Looks like the MPAA is having a Goebbels moment where they're now believing their own lies, and forgetting what the law really says.

Is this a revival of the stupid lawsuits from the '00s, where single moms get slammed with six-figure fines? Oh yeah, bring it on. If there's something we really need in this world, is more bad *AA publicity.

1
0

At LAST: RC4 gets the stake through the heart

Daniel B.
Silver badge
Boffin

Re: Good luck, with some devices embedded management servers...

Being honest, AES was standardized in 2001. It has been FIPS 140-2 validated for at least 10 years, maybe even since 2001 as well. Any device built in this century could and should support AES, or at the very least 3DES (though I'd disable that shit cipher as well server-side).

RC4-only devices would be those from the 20th century.

0
0

Ashley Madison hack miscreants may have earned $6,400 from leak

Daniel B.
Silver badge
Boffin

Re: What?!?

I'm betting it wasn't even the "Impact Team" the one blackmailing people. Anyone who grabbed the AM dump could have done it. Of course, anyone paying would be simply stupid as the info is already out there and thus, available to everyone. The "epic dump" was released on August 16; anyone paying after that date (or asking for blackmail money) is just wasting their time ... or their money.

2
0

What Ashley Madison did and did NOT delete if you paid $19 – and why it may cost it $5m+

Daniel B.
Silver badge
Boffin

Re: Hmmm...

The hackers seemed to pretty much have root/superuser/admin access to the entire AM IT infrastructure, and "the database" mentioned there is a live/running one. So, it's pretty safe to say encrypting the data at rest wouldn't have stopped them gaining access to it, since they could access it via the running application.

If the encryption had been made at the application level (that is, it is decrypted by the application itself, but stored encrypted in the DB), it wouldn't have been in cleartext in those dumps. Because they were made with mysqldump.

4
1

You CAN'T jail online pirates for 10 years, legal eagles tell UK govt

Daniel B.
Silver badge

Re: Of course it will work...

Please give some examples of any such cases?

Jammie Thomas. It's in the link on my previous comment. Notice that 24 songs are worth $222k USD according to the MPAA/RIAA. So you might download 5 songs, but the Recording Industry Ass of America will find a way to turn them into something worth over 1000 USD anyway.

0
1
Daniel B.
Silver badge
Boffin

Re: 10 years?

And remind me, why is this a reason for treating online copyright infringement any differently than offline (physical) copyright infringement, which is the actual point at issue?

Because online copyright infringement is mostly not done for profit. Copyright infringement, and in fact the whole concept of "copyright" was built upon the idea that you would own the rights to sell copies of stuff you created for a limited time (the "limited time" has been subverted by every single copyright extension where the term is "life + something" as opposed to "a fixed length of time"), and it was made to avoid someone else making a profit off the original creator's work. For a limited time. Once those works fell into the public domain, anyone would be able to copy 'em and make a profit.

Most of what passes as copyright infringement these days has the whole "profit" part cut away, which is why it wasn't even considered before the DMCA and similar laws. Yes, it does hit content creators, but the "1 illegal copy == 1 lost sale" rule gets kinda murky there. Sometimes, that illegal copy causes the "pirating" party to actually buy a legit copy later down the road. Yet the RIAA/MPAA trade bodies still want to slam these kind of infringment cases under the same case as actual copyright infringment cases (i.e. the ones made for profit). Which ends up causing really stupid things, like that single mother getting $222k fines for 24 songs. A far milder option would be to simply ask the person who has the illegal copies to "go legit", that is, actually purchase the stuff at normal prices, not magic inflated prices. Then maybe, MAYBE you'll get some goodwill back from the people you alienated in the first place.

0
1
Daniel B.
Silver badge
Facepalm

Re: I'm sorry

Yes. If one person downloads a movie and another sells millions of dollars of pirated software, you don't want the law to allow no differentiation between how you treat both of them.

Yet most "copyright infringement" laws have been modified to have the opposite effect. 20 years ago, sharing music wasn't copyright infringement because nobody was profiting from that. A couple of draconian laws later, single moms get slammed with six-figure fines and tractor owners might face jail time if they try to tinker with their tractors.

1
1
Daniel B.
Silver badge
Boffin

Re: Not silly at all

Suppose someone stole the physical money without assaulting you, would you want someone to be treated less severely because they used a computer to do it?

That's exactly how the law works today. Theft + assault is dealt with more severely than simple theft. Breaking and entering a residence when the owner isn't at home is a lesser crime than breaking and entering when the owner is home.

We spend half our time complaining about how the law and patent system applies a double-standard just because something was "done with a computer". Well now the law is catching up.

Um... we spend half our time complaining that companies are getting patents for stuff that shouldn't even be patentable, like software. The law is just getting worse.

2
1

Another root hole in OS X. We know it, you know it, the bad people know it – and no patch exists

Daniel B.
Silver badge
Boffin

This is expected behavior when trying to write to page 0 ... from userspace. The way I understood this vuln, the NULL pointer makes it way down to kernelspace calls, and there is where the writing occurs.

0
0

Spain triumphs! Fascist anthem hails Spanish badminton champ

Daniel B.
Silver badge

I'm still miffed that Spaniards were so stupid as to let the PP win the past general election. That's like Germans re-voting the Nazi Party back in.

0
0

Crazy Chrysler security hole: USB stick fix incoming for 1.4 million cars

Daniel B.
Silver badge
Boffin

Re: No wonder we are running out of IPv4 addresses

Every single device connected to the net should have its own publicly routeable IP address. NAT was a hackjob implemented to alleviate the IPv4 address shortage ... but instead, network engineers saw that as "extra security" and took that at face value.

Of course, NAT "security" is bollocks, and this hack proves it if the devices are connected to a NATted network. The faster we migrate to NATless IPv6, the faster we get all the security theater mentality away from IP addresses.

2
7

Even Microsoft thinks Outlook is bloated and slow

Daniel B.
Silver badge
Go

Re: Where is the real Outlook substitute?

Zimbra don't seem quite there for my needs yet, though looks interesting for those that have an open-minded IT crowd.

Zimbra has ... served us well. The payware version even d0es calendar syncing IIRC.

0
0

Nokia will indeed be back 'making' phones – and it's far from a foolish move

Daniel B.
Silver badge
Boffin

Um...

Actually, they were far better on "doing a secure smartphone OS" business, even though Symbian was the one that actually did their flagship OS. It was the iToys becoming popular that sent most smartphone OSes off the rails.

Nokia smartphones were able to last more than 24 hours on a single charge. That's an impossible feat with "modern" smartphones...

0
0
Daniel B.
Silver badge
Happy

Re: It's the devil's work

The guy responsible for said axing is no longer CEO at Nokia. I'm guessing this is going to be less of an issue these days; in fact, Nokia might actually embrace Sailfish this time 'round.

0
0

Red Hat bolts the stable with RHEL 6.7

Daniel B.
Silver badge
Boffin

systemd!

The main reason we're all sticking to RHEL 6.x is systemd. You can say it, El Reg. It's no secret.

8
0

China wants to build a 200km-long undersea tunnel to America

Daniel B.
Silver badge

>China has a number of ambitions train projects in the pipeline, including a 270mph maglev from Shanghai airport to the city

"In the pipeline"? That Maglev has been up and running for over 10 years!

And it isn't even Chinese tech, it's German tech. Of course, the Chinese in all their pirating glory "invented" some knockoff tech that was suspiciously similar to Transrapid's one. Searching for "Zhui Feng" will spit out "pirated from German tech" as its first hits.

2
3
Daniel B.
Silver badge

Re: The Chinese and Russians are going to build it??

"That is just the way of doing business for them in Mexico, for anybody. I would have been surprised if they did not."

Nah, for what I've read, China has far worse corruption problems than Mexico. As bad as some corruption scandals may be, contracts actually have legal binding and deals don't require becoming spunk-brothers with contractors.

1
0
Daniel B.
Silver badge

Re: The Chinese and Russians are going to build it??

Yeah, same reason why we're wary of the Chinese HSR project in Mexico. Even more so when it was discovered that the company had bribed the Mexican President's wife.

5
0

Samsung's latest 2TB SSDs have big hats, but where's the cattle?

Daniel B.
Silver badge

Man, I'd love to know what ISP lets you download 2+ TB of data. Comcast limits me to around 250 GB/month before they start to complain.

Any other ISP, I'd think. Especially ISPs outside the US.

2
0
Daniel B.
Silver badge

Re: Drip feed?

Well, my current uptime is 6 hours 27 seconds and according to OSX's Activity Monitor, I've already written 8GBs. And that's w/o counting hibernation er.... "safe sleep" which might write up to 16GB every time my Mac "sleeps".

So no TB/day worries, but I might actually hit 1TB/mo at this rate.

2
0
Daniel B.
Silver badge
Boffin

Playing games does not write at all (maybe swap, but that's an indicator of an under-RAM system more than a drive problem).

Only if you're playing shit social games.

Every single game ever saves something to disk. Especially the newer "Call of Halo" genre games that insist in autosaving after every action.

And high HDD/SSD write amounts are credible. My monthly disk write stats may be near the 1TB mark if you were to base 'em on my current uptime (6 hours, 7.51 GB written). I got to agree with Trevor_Pott here, especially as my coworker has already killed an SSD, it lasted him ~14 months.

0
1

SatNad's purple haze could see Lumia 'killed'. Way to go, chief!

Daniel B.
Silver badge

Re: "I expect Microsoft to kill Lumia, possibly as soon as mid-2016"

A fitting end for the thing that killed Nokia's smartphone platform.

2
0
Daniel B.
Silver badge

Re: Blackberry?

Merge QNX and its userland with Microsoft's phone OS and its user land?

No please, no. That's kinda like buying a Picasso and then letting our 4 year old paint all over it, then let your cat use it as a kitty litterbox.

3
0
Daniel B.
Silver badge
FAIL

Well...

I hope Nokia shareholders give a vote of thanks to Elop for getting them $$$Bs for something that is now judged to be worthless.

Not quite so much, it is actually thanks to Elop that something is now worthless. Even if Nokia had stayed on Symbian, they would still be better than the "MS phone division" these days. Everyone know WinPhone was dead since it was announced.

5
1

Facebook casts a hex with self-referential IPv6

Daniel B.
Silver badge
Boffin

SLAAC and fixed IP

Solaris 10 allows you to add a "token" to your IPv6 config, which will be used during SLAAC. So you set up:

ifconfig e1000p0 inet6 token ::b00b:babe:cafe/64

and you'll get that addy even if you are using SLAAC. :)

0
0
Daniel B.
Silver badge

Old news

I had already noticed this on Sunday. I found out that www.facebook.com was resolving to:

2a03:2880:f013:13:face:b00c::1823

IPv6 "vanity IPs" are fun. I've seen at least :b00b:babe:cafe, the ever present :dead:beef, :b00b:cafe among other funny spellings.

I'm probably going to set up :b00b:135 in the near future...

1
3

Russia campaigns to stop SUICIDALLY STUPID selfies

Daniel B.
Silver badge
Joke

Re: Anytime there's an awesome video of people doing crazy stuff

In America, kids play Call of Duty to fight fictional wars. In Putin Russia, kids go out to street to fight street brawl wars!

In America, kids play GTA to do dangerous driving stunts. In Putin Russia, everyone drives like that in real life!

In America, kids play Assassin's Creed. In Putin Russia, they do parkour themselves while using selfie sticks to record themselves!

Maybe Russians just need more videogames.

1
0

Microsoft SLASHES 7,800 bods, BURNS $7.6bn off books in Nokia adjustment

Daniel B.
Silver badge
Boffin

Re: Nokia was dead anyway

no-one will like me for saying this but Nokia (phone division) was already dead before MS got involved. It was already a business case of a giant missing the boat and failing badly (aka Kodak).

Nope. They were actually rebounding upwards, and Symbian Belle was getting rave reviews ... up until the Elopocalypse. MS's strategy for borging Nokia instead killed the only strong non-Apple, non-Android smartphone competitor. Sure, by the time MS bought the phone division it was pretty much dead weight, but that was because of MS's mingling in the first place.

2
0

Furor rages over ICANN and Facebook's bid to publish home addresses of website owners

Daniel B.
Silver badge
WTF?

The smell of RIAA

... is all over this proposal. They were unable to get SOPA/PIPA/ACTA passed, so of course they're trying to sneak this crap into ICANN.

Any real criminal activity would result in the proxy domain registrar being subpoenaed. This is an obvious attempt to circumvent the law, with the MAFIAA forcing registrars to engage in mass-doxxing. A boon for copyright trolls like the long-gone ACS:Law, but even more for those big-ass internet trolling groups.

The worst thing that might happen if this gets approved would be activists getting "doxxed", and probably killed. This is really, really BAD.

7
0

Linux on the desktop is so hot there's now a fight over it

Daniel B.
Silver badge
Boffin

Re: It's a damn pity...

...that no one sells/supports a proper desktop Linux distro that is designed for PC users instead of geeks.

Pretty much most of the mainstream distros are actually geared towards PC users, and even pass the grandma test. They have been like this for quite some time, 6 years, maybe longer. Of course, thanks to Gnome 3 there's a Windows 8-ish moment in some graphical interfaces, but the thing is: they're pretty much useable out of the box. Ubuntu even works with WiFi out of the box, as does Fedora.

The only real stopper is the lack of MS Office, and even that is mostly because of MS's stranglehold on the word processing and spreadsheet areas.

4
1
Daniel B.
Silver badge
Boffin

Re: Advantage over rdp session?

Judging by the screen shot the main advantage over running an rdp session into my Windows desktop is the way individual applications can be 'piped' into a graphical session. Am I right?

Terminal Services licenses are extremely expensive. Thus not-RDP stuff will end up being cheaper than RDP.

I did like RDP, but it's not quite there compared to XDMCP or other "remote desktop" stuff. Hell, UNIX had "remote desktop" at least a decade before Windows had RDP!

0
0

KRAKKOOM! SpaceX Falcon supply mission to ISS EXPLODES minutes after launch

Daniel B.
Silver badge
Boffin

Apollo 12

Switch SCE to AUX!

Also, that hardware survived lightning striking twice. I wish I had hardware survive one lightning bolt!

0
0
Daniel B.
Silver badge

They say there are no atheists in a foxhole: I'll bet there are about as many Musk fanboiz on the space station

Well, it is after all the first failed launch ... out of 19. The Russian garbage used by competitors has a higher failure rate, which means that the ISS crew are probably still rooting for SpaceX's engines.

0
0
Daniel B.
Silver badge
Boffin

Re: What a shame

Russia and SpaceX are both unreliable sources to supply ISS.

The ULA is using RD-180 engines for their launches ... that's the stuff used for non-COTS launches. SpaceX has had only 1 launch failure out of 19 ... so I'd actually think SpaceX is actually the one with better odds.

0
0

Apple gets around to fixing those 77 security holes in OS X Yosemite

Daniel B.
Silver badge
Boffin

EFI Update

There's another very relevant update: they've finally fixed the EFI bug where EFI flash can be overwritten after waking up from sleep, as the areas that should be write-protected are flipped back to read/write when sleeping, but not turned back to read-only upon waking. Whoops!

3
0

Apple CORED: Boffins reveal password-killer 0-days for iOS and OS X

Daniel B.
Silver badge
Boffin

Re: Whooooops!

Apple currently still has, on its app store, an app expressly stating that it is intended to be used to "bypass your school filter", etc. It's as simple as installing it, and you get full, free, VPN access to the outside world that's almost undetectable.

If your school system can't stop VPNs, you're doing it wrong. Pretty much any corporate network I've had to plug into has blocked pretty much all VPN connection methods. Some proxies are even smart enough to detect "SSL" connections that have been transferring far more data than what a regular HTTPS request would require and cut off those connections.

6
1

Limited edition Iron Man S6 sells for $91,000 thanks to ... serial number

Daniel B.
Silver badge

Yeah, the Chinese have weird superstitions. It does make me wonder why the hell would a language have one of its numbers sound like "death", it just causes stupid stuff like this. Chinese buildings skip pretty much any floor with a 4 in it.

0
0

Unlucky, Palmer: Facebook's going to BAN Oculus pr0n apps

Daniel B.
Silver badge

So we skeptics were right

Once FB got on board, they were going to find a way to ruin it.

6
0

Shouty investor Elliot trains guns on Samsung merger

Daniel B.
Silver badge

Icahn smell something strange

Is this a real activist investor, or is it an "activist" of the kinds of Carl Icahn?

2
0
Daniel B.
Silver badge

Re: The Lee family should tell them to .....

You are wrong. They are useful way of holding parasitic or egomaniac managers (and controlling families) to account.

Thing is, "activist" investor these days is just the politically correct moniker for what used to be called a "corporate raider". Think Carl Icahn. So we're actually wary about this "investor"...

11
0

Everything Apple touted at WWDC – step inside our no-hype-zone™

Daniel B.
Silver badge
Joke

El Capitan?

So they're naming their next OS X release after a DuckTales character that's 400 years old, and obsessed with gold?

0
3

Did you almost prang a 737 jet with a drone over Dallas? The FAA would like a word

Daniel B.
Silver badge

Re: Freaking lasers*

Drone firmware should be aware of no-fly zones. IIRC they pushed an update to avoid drones being able to fly over the White House after that recent White House landing incident.

0
1

Doom, Mario, Pac-Man level up to video gaming's Hall of Fame

Daniel B.
Silver badge
Happy

Re: Rogue? Nethack?

Also, Zork.

It is pitch black. You are likely to be eaten by a grue.

6
0
Daniel B.
Silver badge
Go

Re: re: way more impact then Doom @stucs201

Yes, Doom was one of the first games to allow user generated content, and its successor, Quake, was all the rage for allowing TCP/IP play for free, and for the "mod" community that formed around it. Stuff from the Doom/Quake era is very relevant, as there's at least one game directly descended from that: Team Fortress 2.

0
0
Daniel B.
Silver badge
Go

Re: No Space Invaders !?!

Oh so very agreed. Space Invaders is as much of an icon as Pac-Man.

6
0
Daniel B.
Silver badge

They are saying Pokemon had a lack of impact on culture? It had way more impact then Doom

Um... nope. Pokemon is currently known more because there are still Pokemon games being cranked out, while Doom has mostly kept to a specific generation of gamers (though that might change now that id is cranking out a new DOOM). The squeaky kids playing "Call of Halo" games weren't even born when DOOM came out, of course they don't know about it, but will know about Pokemon because again, there are still Pokemon games being released.

And it still wouldn't make it as there are far more popular games still on the waiting list, like Sonic, Space Invaders, even Zelda. Sure, I'd expect other games as Lemmings, but maybe those weren't that known as I think they were.

6
0

Virgin Galactic will get into space 'within 18 months to two years'

Daniel B.
Silver badge

Re: Being picky... @wolfetone

So, mechanically, there is something in the gearbox designed to stop that.

Yes there is. It's fitted in quite a few cars that have 5 gears, and have Reverse in the same "lane" as 5th. The mechanical thingy actually seems to engage when you move the stick towards 5th; I've tested this on a 2001 Tsuru (Mk. 3 Sentra for the rest of the world) while stopped. I have no idea if it is possible to do it intentionally, like going from 2nd to Reverse though, and I'm not about to test it either.

0
0

MS scolds businesses for failing to eradicate 7-year-old malware

Daniel B.
Silver badge
Facepalm

Re: Microsoft is the malware cesspit (@ AC)

Stealing. You keep using that word. I don't think it means what you think it means.

Hint: There's a reason why theft and copyright infringement are treated as separate offenses in most jurisdictions.

1
0

Facebook flings PGP-encrypted email at world+dog. Don't lose your private key

Daniel B.
Silver badge
Boffin

Re: PGP is not security

A certain amount of metadata has to be in the clear, otherwise how does a public mail server know how to route your email? It at the very least needs to know what domain to send it to. So maybe metadata encrypted with a public key for that domain, then the server in that domain can route it to the appropriate user.

It can be hidden right now, with current tech, but both the sending and receiving MTAs have to support TLS.

Sender sends his email via SMTP to his outbound SMTP server. He does so via TLS.

Sending SMTP server initiates connection to receiving SMTP server, via TLS.

Send email over secure channel.

Receiving person check inbox via IMAP, using TLS.

The thing is, this will probably leak information in the sense that you will see a something sent to sending smtp, then a something of similar size being sent to the destination, so you can still infer who is getting the email even if you can't read the metadata.

0
0

Woman dumps ultra-rare $200,000 Apple 1 computer in the trash

Daniel B.
Silver badge
FAIL

Stupid widow

The recycling center says that the woman was "cleaning up" her late husband's stuff, which means she just grabbed everything and dumped it. Because she probably thought it was just annoying stuff taking up space, better used for cat furniture or something.

Maybe this will make housewives reassess what might be garbage, or actually highly valuable stuff.

1
3

Forums