403 posts • joined Friday 2nd March 2007 00:17 GMT
Re: Re: Warmist
Like most FUD-merchants you repeatedly pedantically pick over the words of some one commenting on an issue rather than addressing the actual issue itself - because you have no *evidence of merit* to challenge the actual issue.
Picking apart the words of Prof. Phil Jones from a BBC interview or Audrey S. Thackeray here does not alter the fact that the BEST study (the most comprehensive and rigorous review of recent temperature data) showed that the planet continues to warm.
Add to this the recent NASA studies that demonstrate that it is non-condensing greenhouse gasses (CO2, methane, etc.) that are the major root cause of warming, in contrast to the amplifying effect of water vapour, and your alleged "open mind" is exposed for what it really is: denial by FUD.
The situation is worse than CAs with conflicts of interest and hacked CAs: if a CA sets out to do bad stuff it can pretty much go ahead and do it. By the time the act is discovered and certificates revoked millions or billions may have been stolen or people locked up, tortured or dead (think bad govt. controlled CA).
Trustwave has just been caught with its pants down on this (http://www.h-online.com/security/news/item/Trustwave-issued-a-man-in-the-middle-certificate-1429982.html) but naturally they are claiming that they only did it with good in mind and nothing could possibly have gone wrong, but they say(!) they won't do it again anyway.
Yup, I'm reassured too!
re. re. The answer is obvious...
Quite right - and going on from that the most secure protocols are those that are open and used billions of times every day as then the inevitable flaws will be found and fixed.
The alternative is a bit of closed source code knocked-up by your bank who have a vested interest in claiming that it is secure and will use expensive lawyers against anyone who claims (or even demonstrates) otherwise. See Bagged and tagged's post above and the link to the truly excellent Light Blue Touchpaper security blog.
Give me a secure open source OS and a secure open source browser every time.
Missing interesting data: net revenues
Surely one of the advantages of download music sales for content providers & copyright holders is that the distribution costs are substantially lower than for CDs.
And of course when it's revealed that net revenues for music sales rose as a result of lower costs the Recording Industry Ass. of America and the like will stop bitching about file sharing killing the music industry.
And then I woke up...
"Of course, it's a move that also means Google can finally start to plump up those user metric figures over at Google+" - the cynic in me interprets that as: "fluff the stats to pump our share price" al la Farcebollocks > $50bn nonsense.
Still Gmail, Docs, Android integration, Maps/Street View, etc. remain handy enough to sacrifice a chunk of one's privacy for. However I won't be sentimental if & when alternatives like YaCy mature and we can leave the Chocolate Factory behind. Glyn Moody had some excellent thoughts on this recently: http://www.h-online.com/open/features/What-should-free-software-do-in-2012-1401813.html
LVM is not what *YOU* think it is - it *IS* aggregated storage
Try to engage your brain before you call someone else stupid. Yes we *ALL* know that mounting disk partitions in a filesystem is not aggregated storage.
Look up LVM - Logical Volume Manager. If you don't know how to use Google here's a link: http://www.centos.org/docs/5/html/Cluster_Logical_Volume_Manager/
LVM *IS* aggregated storage, it *IS* used in enterprise storage solutions, it has been around in Linux since the late nineties and has been a mature product for 5+ years.
Because Micros~1 doesn't want to slip more than ten years behind Linux?
The kind of features they are including with their "new" file systems put Windoze on a par with Linux in the mid-noughties as opposed to NTFS's equivalence to the mid-nineties.
Aggregated storage? Jeez! Amazing! I forget how long ago I first toyed with LVM on Linux!
So we may have to use our Windoze VM for a while to retrieve data from borked ReFS storage while waiting for stable kernel drivers. No biggie.
Correct me if I'm wrong...
...but my impression (admittedly from a rather old TV programme about Soviet phage research and use - Horizon from the late 90s?) was that the major advantage of phage therapy with reference to bacteriological resistance was that the phages, being DNA-based organisms themselves, were also capable of adapting by random genetic mutation to changes in their potential host bacteria.
It would seem to me that the approach of the Israeli lab would be one that the drug corporations would be happy with ("Don't worry, we can genetically modify a new phage for that and charge you an arm and a leg for it!") whereas the Soviet approach was much more low-tech and capable of being reproduced in local medical facility labs: the cataloguing and storage of collections of evolving phages used to treat infections prominent in that locality.
However good this "endless supply of ammunition" is, it is the way in which it is used that will determine if it benefits the rich few who are already over-treated or the large majority of humanity who are genuinely at risk from infections like TB or simple infected wounds.
As I said I'm not a medical professional in any way, I'd appreciate some enlightenment on this. And Wikipedia is down protesting SOPA! Panic!!!
A lovely camera but...
...for a compact it's so darned big!
I've been angsting over a new compact for a while and it was between this and the Panasonic Lumix DMC-LX5. Both are excellent performers for image quality, features/manual control and build quality. I was tempted by the optical viewfinder of the X10 (the lack of which seems to me to be the LX5's only failing) but when you pop it in a moderately robust case to take into the hills, etc. it's enormous. Also the 24mm wideangle of the LX5 is very handy.
p.s. I know you can get a hotshoe optical finder for the LX5 - but it's £170!
AMD could try ramping production too
Have you tried to get hold of A8 APUs over the past few weeks? Rare as rocking horse poop! Having built a box to order with a Fusion APU they seem to me to offer excellent value for all-round use but if AMD can't meet demand Fusion is not going to save them against Intel in the desktop market.
I have a Fedora 16 32-bit VirtualBox VM running Gnome Shell on a 4 year old Linux Core2 host with an equally old ATI card so I'd be surprised if it won't run on much newer hardware. It did take a little tweaking with help from the Fedora forums but it wasn't uberpenguingeek stuff.
Maybe these links will help:
A good roundup...
...but why end with the usual "Linux world more fragmented than ever"?
This perspective panders to the "One True Virtuous Linux" tendencies and has its ultimate expression in Stallman/Gnu and their tiny list of niche distros deemed pure enough to be endorsed.
How about "Linux world more diverse than ever"? I speak as someone who only really got to grips with Linux via Ubuntu and have since moved on because Unity and some other aspects of the distro don't meet my needs. No drama necessary, simply the opportunity to change the tools one uses because one's knowledge and goals have outgrown the old tools.
It may have been inevitable that a figure like Shuttleworth would behave like he is now doing and alienate a section of the Ubuntu community. That's unfortunate but it might also be what is required to maintain Ubuntu as a well supported off the shelf distro for new users and enterprise desktops.
For the rest of us the Linux community (and I think it really is a community in the way that an operation funded by a single wealthy individual cannot be) will provide as circumstances change. I've not yet settled on Gnome 3/KDE or DEB/RPM but I'm confident that the tools are out there to allow me to do what I need to do effectively and reliably.
It would be great to change the world with Linux/FOSS but only the zealots have the luxury of waiting until that time (and inevitably they will never be the people who contribute to it happening). In the meantime lots of people are doing so much cool and useful stuff, let's go play!
Virgin Media Affected
Plenty of time-outs and go-slows with domestic VM cable broadband this afternoon. Naturally VM's status page showed everything was fine and dandy so I must have just imagined it all!
Recognition at last!
Cool, so I now I know I'm an ethically relativistic, rash, impulsive, vengeful troll when I flame Virgin Media.
OR MAYB THEY REELY R A BUNCH OF MONEYGRUBBING BASTARDS WHO TREAT US LIKE CA$H COWS AND DONT GIV A SHIT ABOUT TEH QUALITY OF SERVICE THEY ***FAIL*** TO PROVIDE!!!!!!!!!!!!!!!!!!!11111!!!!!!!!!!!!!!!!!!
And who (or whose close ally in the Middle East) was the likely author of Stuxnet, the purpose of which was industrial/political sabotage?
And whose security agencies and major corporations were cosying up to Aaron "Epic Fail" Barr's HB Gary to buy tools and undisclosed zero-days to spy on labour unions and foreign competitors?
Never mind what the NSA, CIA, etc. have been up to that hasn't made light of day because those in possession of incriminating evidence have been extraordinarily rendered to places where they don't bother pretending that torture is "enhanced interrogation techniques".
No effect on VMs
VMs don't see the physical BIOS and the physical BIOS doesn't start the boot process for VMs, the BIOS for a guest OS is virtualised by the hypervisor. Some virtualisation software like VirtualBox give the option of a virtual UEFI BIOS and it seems likely that they may offer the *option* of a virtualised secure boot. However M$ does not have the whip-hand over companies like Oracle and VMware the way it does over x86 OEMs so it's hard to imagine them upsetting a large chunk of their user base by effectively locking out Linux et al for no tangible benefit.
Even so this is no reason to accept the Beast of Redmond trying yet again to pull a fast one in using its monopoly position to undermine competitors.
Trust me, I'm a copper...
"...we can re-assure those who live and work in London that any activity we undertake is in compliance with legislation and codes of practice" - ah well that's all fine and dandy then. Move along! Nothing to see here!
On the other hand, try telling the above to the family of Jean Charles de Menezes or those of the many others who have died at the hands of Met Plods through incompetence, prejudice or political motivation. I wouldn't trust the Met with a rusty tin opener, especially under the oversight of recent supine Home Secretaries, Tory & Labour.
It seems I have missed a point or two...
...but I wasn't rushing to be negative, simply expressing what seemed logical within the constraints of what I knew. As a result (thanks to your elucidation) I now know a little more and am aware of more things I need to find out about.
If we never question what seems to us to be mistaken in some way for fear of our own misunderstanding being exposed then we limit our means of filling the gaps in our knowledge.
DNSSEC doesn't fix the flawed trust model of the CA system
All you are doing by including certificates in DNSSEC is transferring your trust from one centralised and largely unaccountable group of organisations to a (partially) different group of organisations.
Say it was VeriSign that got hacked instead of Comodo and certificates for paypal.com were stolen, you're pWn3d under the CA system when you think you're logging in to PayPal. So let's get our certificates via DNSSEC and we're safe right? Wrong - because the TLD .com is administered by...well done: VeriSign! You are still pwn3d.
We need to start with a completely different trust model, one where individual users can genuinely decide who to trust to verify the authenticity of sites and can modify who they trust without vast swathes of the internet blinking out. Something like Convergence and its flexible notary system is what we need.
Additionally DNSSEC is something that would be of benefit in its own right without being over-burdened with certificates. Trying to lever this additional functionality into a system that has failed to be implemented for years already can only delay its widespread adoption even longer.
To say that Safeboot is not M$ mandated is technically true but effectively a big fat lie - due to M$'s monopoly position in the desktop OS "market" and consequentially disproportionate influence on OEM & motherboard suppliers.
@Giles "FUD" Jones
Astonishing, Giles! Who knew that 40%+ of worldwide smartphone users love hacking their phone from the CLI and re-coding the apps?? And that less than 5% of smartphone users have the good sense to buy a WinMo phone that "is a tool to do a job"?
You and Mr Ballmer are whistling in the market share wind, becoming a gale as WinMo rises without trace.
Open eyes --> yawn --> nose --> coffee cup --> sniff. 'Nuff sed.
True, but there's no Trust 'ere...
As usual for Trusteer "security bulletins" the only mitigation they suggest is the use of their software. In this case they are fairly subtle about it:
"The only way to defeat this new attack once a computer has been infected with SpyEye is using endpoint security that blocks MITB techniques."
However, even if this is more subtle than their usual "BUY OUR SOFTWAREZ NOW LUSERZ!!!" (directed at the banks with the cost inevitably added to our charges in the long run), it is at best a questionable claim. If one's PC or other device used for on-line banking has been pwned then the use of MITB social engineering techniques is the least of one's worries.
That's a rhetorical question, right?
The only reason we know about this tiny insignificant bunch of mindless haters is that media types have wet dreams about them and punt them to the front page: a symbiotic relationship between two groups of people who share a similarly slender grip on reality.
John: put your handbag away
Let's deal with some myths & facts shall we.
(i) Firefox was a memory-hog until version 7, i.e. until a couple of weeks ago.
Actually John there have been no major changes to Firefox since Mozilla started their rolling release with Firefox 4 in the spring. Some previous versions of Firefox have suffered from memory leaks on both Windows and Linux but that has been much less of a problem since 3.5 - i.e. a long time ago.
(ii) Firefox has tendency to crash.
Well no actually, if you're judicious about the add-ons that you install it's very robust, even on Windows, has been for a very long time.
(iii) McAfee known for more reliable software than Mozilla.
My first instinct is to helplessly fall about laughing at this. McAfee almost ranks with Norton as a producer of "security" software that is only a notch or two above scareware in the way it tries to terrify lay users into unnecessarily forking out their hard-earned for peace of mind.
In fact Firefox plays nice with hundreds of different add-ons, including a pretty cool one called NoScript that helps to protect from malicious scripts and accidental clicks for free - you may have heard of it. So on balance who is likely to blame for this problem between Firefox and McAfee's ScriptScan? It's pretty obvious, unless you have some ***evidence*** to the contrary, John.
However I'd go further: I reckon most people who genuinely take an interest in the security and reliability of PCs, their own or those of others professionally (guilty!), couldn't give a flying fuck if it is Mozilla's fault in some way. To very badly paraphrase Winston Churchill: after the next update Firefox will still be a great browser, but McAfee will still be a steaming pile of donkey pooh for which there are many better alternatives (which don't have any problem at all playing nicely with Firefox).
@Micky 1 too
Hahahahahahaha! HAHAHAHAHA! AHAHAHAAA!!
I expect you're using Safari on a Mac so you don't need something like NoScript because your software is impregnable...err...wait a minute...
Back to the main topic, this is actually a good news story. All of the smaller players are gaining ground against the leader and no-one is in a monopoly position. This tends to keep them honest so nearly everyone benefits, even IE users, poor innocent saps that they are.
Forgive me if I'm teaching granny to suck eggs...
...but can you not unpack the plugin XPI file and edit the em:maxVersion tag in install.rdf? Of course there may be a more fundamental reason why it doesn't work with FF7 but I would have thought it's worth a try. And naturally this is unlikely to fix the attachment upload problem.
There are bound to be problems with Convergence at the start, as elegant as the idea is it is still a massively ambitious undertaking to turn the net's trust model on its head. Personally I think there is a responsibility on those of us that recognise the problem to actively participate in the solution. That may be just using the plugin, feeding-back issues to the devs and possibly running a notary but every little helps.
Six hundred notes??
Am I missing something? £600 for a middling Core i3 laptop with a paint job + design tweak? I'm struggling to see what one is paying £150-200 for compared to similar slabs from other reputable manufacturers like Asus.
For this price one can get either same spec + ultralight or fancy CPU+GPU or multimedia wizardry like Blu-ray and nice sound.
Shock news: spam bot more influential than twats
It's hardly news that the needy & pointless Web2.0rhea inhabitants are less influential, even by their own measure, than a trivial wedge of code...but it does put a big smile on my face every time it is ably demonstrated publicly!
@Ken: No, the sky is not falling...
...but the current trust model means that we are perpetually at risk of a weak link (like DigiNotar or one of the many Comodo resellers - and by the way DigiNotar was a wholly owned subsidiary of Vasco not Comodo, the Comodo hacks were back in the Spring and beyond) being broken at which point many thousands of end users are likely to get burned in some way.
You may be lucky and simply lose a few hundred notes on a TV that you thought you were buying online. Or you may be unlucky and your government decides they don't like the e-mails you've been sending and arrange a blind date between your genitals and Mr Mains-Cable in a cosy cell somewhere.
And no you're not being stupid, those involved in the CA system are as tight-lipped about the risks as the banks are about card fraud: "Nothing to see here, everything is fine, carry on spending" - because it would hurt their profits if they actually dealt with the problems. On the other side the mainstream media seem blind to this issue: maybe because it's a bit technical or perhaps because they're all iPhone users and they've been told by Saint Jobs that they're safe.
But if you trawl around the geek press and places that focus on security it's all there. El Reg's coverage is pretty good, Heise Online (http://www.h-online.com/) is good and Bruce Schneier's blog (http://www.schneier.com/) is excellent. On this particular topic Moxie Marlinspike's presentation on the CA trust model is a must: http://www.youtube.com/watch?v=Z7Wl2FW2TcA
And here is the problem: security based on the sale of trust that is effectively irrevocable
Have Comodo gone out of business? No because, as Moxie Marlinspike and others have been pointing out, they are too big to be held accountable by any of the other commercial or regulatory (haha) players in the current internet system of trust. And we, the Joe/Joanne Schmoe users of the net do not have any means of keeping them honest.
We really do need to invert the trust model and create a distributed system where we are in control of who we trust and there are no monopoly commercial interests milking the system for their own profit. Let's hope that something like Moxie's Convergence project takes hold so we are no longer beholden to unaccountable CA cartels.
Destroy All Monsters: try reading the article in the link
(i) The world price of helium is artificially deflated by an act of the US Congress *forcing* the sell-off of the USA's strategic reserve of helium by 2015, i.e. flooding the market regardless of demand and price;
(ii) We *cannot* make helium, terrestrial reserves result from the radioactive decay of elements in the earth's crust: we have almost exhausted 4.6 billion years of production in about 100 years;
(iii) Helium is essential for all sorts of things that you probably approve of (if only you took the time to find out): MRI scanners, the LHC, keeping deep sea divers safe, making rocket engines viable, geoscience and solar telescopes.
Oh but yeah...you wanna have cheap helium-filled balloons at your overclocking party, silly me!
Naughtyhorse: Get back to mom's basement...
...and when you get that brain tumour 20 years from now from playing too much CoD on your overclocked processor let's hope that there's still enough helium left for an MRI scanner to save your life.
Collect your Darwin award as you skulk out.
Here's an idea...
...like...you know...turn it back into a laptop again...erm...for free. It's trivial and if you partitioned your hard drive with a separate slice for /home it's even more trivial.
Surely that's one of the main reasons we love Linux and FOSS: we are free to pick and choose the bits we like and don't like and it's pretty straightforward to do so these days. Don't like Unity? Try Fedora. Don't like Gnome 3? Try Mint or Debian or the still excellent Umbongo 10.04 LTS. Don't like all the extra software? Xubuntu or Lupu or...so many to choose from!
Canonical have done good things for Linux but they are not Linux by a long stretch. Pick the bits they do well and spend the rest of your time finding other cool stuff to work with it rather than moaning about it. Linux: ROCK ON! :-)
Unfortunately you are using the logic of the Daily Wail that leads to things like every known substance being declared both a cause of and a cure for cancer.
Actual studies based on what happens in the real world show that bugs & vulnerabilities in OSS are fixed significantly faster than in proprietary code. End of.
And as for your bizarre statement:
"Linux is a hodge podge of competeting ideas that has met some success in certain areas (servers) where this doesn't matter too much"
Yeah, those servers, they don't matter much, no point them being secure and reliable, it's not like they deal with anything important like financial transactions over the internet...hey...wait a minute...
Or a big fat fail for BOTH Apple & Adobe...
Both have been arrogant and treated their users as if they are cannon fodder with which to fight their pathetic corporate squabbles.
Adobe expected its various semi-monopoly apps like Flash and Photoshop to last forever regardless of their willingness to ditch/piss off chunks of their user base on a whim. Likewise Apple will brook no criticism, however constructive, of its products' failings or its arbitrary attitude towards other vendors that its user base find valuable.
A plague on both their houses.
Summed up very nicely,..
...that terrible Prof. Jones dismissing ***OPINION*** voiced against the overwhelming ***SCIENTIFIC EVIDENCE***. It's a bleedin' outrage! Call the Daily Heil now! And so what if most of that opinion masquerading as science if funded vested interests making billions from carbon-based fuels?
And, Andrew, as for your collection of ad hominem quips against Steve Jones and your final hyperbolic nonsense about the possibility that the Tories would be able to close the BBC, you can do so much better.
Let's hope they catch evil mastermind Louise Boat too!
Lucky we have talented public school/oxbridge-educated investigative journalists of the calibre of Anna Botting on the case: http://www.youtube.com/watch?v=DG7IURgryjA&feature=player_embedded - where would we be without Faux News??
Shit...I blinked and M$ took over the world...
Yeah you can just hear all that chatter from Redmond not caring about the tiny minority of developers working on iOS/Android for smartphones and tablets and the tiny minority of developers working on Linux for the cloud and the web. And anyway all this stuff about mobile devices and the cloud will never catch on.
And then you woke up.
Simples: at any one time roughly 12% of the population are twats...
...and therefore at some point there is a very good chance that they will begin to use Twitter.
Not that *THEY* aren't watching you...
- Geek's Guide to Britain INSIDE GCHQ: Welcome to Cheltenham's cottage industry
- 'Catastrophic failure' of 3D-printed gun in Oz Police test
- Game Theory Is the next-gen console war already One?
- BBC suspends CTO after it wastes £100m on doomed IT system
- Peak Facebook: British users lose their Liking for Zuck's ad empire