* Posts by Christian Berger

2776 posts • joined 9 Mar 2007

Feds finger Norks in Sony hack, Obama asks: HOW DO YOU SOLVE A PROBLEM LIKE KOREA?

Christian Berger
Silver badge

Defence Defence Defence!

From the little bits of information we get it would have been trivial to prevent or at least contain that infection to a small part of the company.

Just use the usual best practices for clients. Harden your operating systems, use application servers whenever possible, do not have persistent OS partitions between boots, etc. Notice that secure boot would have not helped in this situation at all.

The sensible thing to do would be to invest in actual security. Let's do code reviews, let's make our software simpler. Let us teach assembler before C in universities so people learn how to avoid buffer overruns.

Unfortunately the industry has little interest in secure systems. They want to continue to sell closed source software, they want to continue to use DRM, which means that they will always want to have ways to distribute binary code software which opens the gates to malware.

1
0

Forget Google's robot cars, now it's on to ANDROID cars

Christian Berger
Silver badge

We live in a sad world...

...when even QNX looks decent compared to what marketing wants people to have.

0
1
Christian Berger
Silver badge

Re: Yes Please

"having used a sorry excuse for a Pioneer double-din DAB reciever/bluetooth stereo in my car that cost £300, I cant wait for something that's Android powered for the aftermarket."

Actually if you have a double-din slot, you can install one of the many car PC concepts and run just about any operating system you'd like. With, for example Lazarus, one could write a little software package which does all the GUI stuff which would run on normal operating systems as well as Android.

0
0
Christian Berger
Silver badge

Re: No chance

Actually both QNX and Android are probably much better than the junk that's currently used. I mean there are systems like "Nucleus" aka "I loose 512 bytes RAM on every DNS query" out there.

Of course what would be ideal would be a small and simple operating system that just does its job. I neither see that with ONX or Android and particularly not Nucleus.

1
0

Back dat app up: Microsoft opens Azure Backup to Windows PCs

Christian Berger
Silver badge

Re: Behold the cloud

You confuse Facebook with the Internet. The Internet is where you exchange encrypted data between computers.

2
2

BYOD: How to keep your data safe on their mobile devices

Christian Berger
Silver badge

Re: Wonderfull snakeoil

"And if it's encrypted, all you've done is removed the encryption key from RAM and made it absolutely inaccessible."

Yes, but how do you remove the key from RAM in the following situation:

I steal the device from you without you immediately noticing. I get over to a van where I quickly disassemble it to get to the JTAG connector found in just about any such device. I then use that to read out the RAM and the flash, this process involves halting the CPU. This takes probably no more than half an hour when you are able to practice.

Alternatively you can get some liquid nitrogen, drop the mobile phone in there to preserve the memory contents. Even if you can only recover 80% of the key, you are still easily able to get to the rest.

And I'm not even talking about things like malware or security critical implementation bugs.

0
0
Christian Berger
Silver badge

Re: Wonderfull snakeoil

The idea is obviously to read out the flash-chips _before_ they are erased. So you steal the mobile device, remove the battery and bring it to the data recovery company. Since you won't boot the original OS any more, there is no chance any wiping software could ever delete anything.

0
1
Christian Berger
Silver badge

Wonderfull snakeoil

I mean sure, remote wiping sounds like a good idea, until you realize that the same companies which offer hardisk data recovery for broken harddisks now offer the same services for the flash chips on your mobile phone. No matter if you have any remote wiping or time based wiping, you can simply pop it off to a company and they'll send you back the files. And it won't even cost you a thousand quid.

Encryption also sounds like a good idea, until you realize that you cannot actually enter an encryption key. While it is acceptable to enter a decently long key on a laptop, on a mobile phone even a short pin is quite an effort since you don't have a proper keyboard.

So in short, there probably is no way to store data securely on mobile devices. Even if device manufacturers would do everything correctly. The good thing is, you can work around that problem. Mobile devices now have rather decent wireless internet connections. So instead of having to store the data locally, you can simply log into a terminal server and go on from there.

2
1

Win Server 2003 custom support: That's NOT going to be fun

Christian Berger
Silver badge

Could be a new business model...

... just limit the support to 2 years, then bring out a new version of your operating system that's utterly undesirable for your customers to upgrade, i.e. because it's incompatible or requires new hardware, then charge through the nose for support.

I bet this would work. Microsoft has a vendor lock in. If I don't like systemd, and I cannot find a Linux distribution without it, I can simply switch to some BSD. Why, because all my programs are written for POSIX and don't really care if they are running under Linux or some other *IX.

0
1

Microsoft whips out real-time translator for Skype calls

Christian Berger
Silver badge

Re: German

I have seen their "German" Demo from a couple of weeks ago. The German person spoke extremely clearly and they used pre-rehearsed non idiomatic sentences. Even then it didn't work very well. The English speakers, who spoke normally, were translated into complete gibberish.

In short this system doesn't seem to be better than what IBM showed in the 1990s.

2
1

QEMU, FFMPEG guru unleashes JPEG-slaying graphics compressor

Christian Berger
Silver badge

Re: It's probably not what the web needs urgently...

Well improvements are always good, but we need to be careful when an improvement greatly increases complexity. Going from 8 to 16 bit colour depth doesn't add much complexity, at most you need a lookup table or a function to translate the pixel values. That may be acceptable when dealing a lot with images. However this is completely new code and image decompression code has had security issues before. So I'd say we should first give it a bit of a shake down, and use it wherever we actually need it now.

0
0
Christian Berger
Silver badge

It's probably not what the web needs urgently...

...as image loading times aren't a problem any more, loading the stopgap javascript code probably takes longer than loading a couple of images over a connection that's already established.

However I'm sure it has lots of uses in various places. So I'd first establish it somewhere else, and once it's integrated into graphics libraries, we can start using it in browsers. One problem with browsers is also that some are unlikely to get updates.

3
1

Ford dumps Windows for QNX in new in-car entertainment unit

Christian Berger
Silver badge

"The problem becomes - if not touch screens, then what? Customers are increasingly after twiddly features - SatNav, climate control, media services etc. These all require control of some sort."

Well yes, the solution for that has already been found, buttons. Ideally with a QWER*-like keyboard so you can type commands, or perhaps something where you use 4-12 soft buttons to navigate through a menu. The first time you try you will have to look at it, but if the menu is structured well, you will quickly remember to press 13221 to plan the route to the nearest open moustache shop, or 23 to turn off the radio. Of course people will remember those combinations as movements not numbers.

1
0
Christian Berger
Silver badge

Well it's cargo cult UI design

Mobile phones now have converged on touch screen, so some people, who don't understand the problem now believe that touch screens are somehow suitable for all applications.

If you look at car radios you will find that they are all designed to be used without looking at them. The left knob was volume and power, the right one was tuning. In more modern ones you choose the station by pushing buttons below the display. You can easily distinguish them. That's decent user interface design. That's also why your f an j keys have a little hump, or why your desk phone has just such a hump on the 5 key.

3
0

The future looks bright: Prepare to be dazzled by HDR telly tech

Christian Berger
Silver badge

Actually this could make some things easier

For example studio cameras today have a somewhat larger dynamic range than the TV signal. They typically squash their dynamic range into the smaller one available for television. This can lead to strange results. For example if you watch a white (light grey) wall where a bright blue LED light is shining on, the camera has a conflict between preserving the brightness or preserving the colour. Many television cameras now opt for the colour giving you a dark spot when you watch it on a monochrome TV. In extreme cases you can see the blue spot fading into darkness before suddenly becoming light grey again.

0
0

Your data: Stolen through PIXELS

Christian Berger
Silver badge

I hate it when all my bad prejudices come true

I mean that guy is using Mint... so I assume he's subscribed to the FreeDesktop people mindset who solve trivial problems in very awkward and complicated ways, but I refuse to actually believe that, since it's a bad stereotype. People are better than their stereotypes, aren't they.

Then I see that person using video to steal data and doing this in a complicated way instead of just using hexdump or base64. Both programs are commonly available on just about any unixoid system.

This somehow strikes me as a typical solution from those people. Instead of using what's already there they seem to want to re-invent the world, and typically fail at doing so.

1
0

GSMA denies latest Snowden leak

Christian Berger
Silver badge

GSM security is a strange beast

Particularly since only the last bit of the call is only encrypted. If you are an attacker on the network, you can easily get all the data, including the location of your victim. In fact you can even reprogram their SIM-card.

In fact you can even use a few synced SDRs and get the precise location of every caller in your neighbourhood. You simply determine the time of arrival of the data bursts and know where the mobile station is.

1
2

PlayStation Network blasted offline AGAIN. Just not Sony's decade

Christian Berger
Silver badge

Seems only fit...

...considering that that part of Sony probably is one of the largest promoters of malware in the world. Not only have they installed malware on literally millions of computers by using autostart bugs in Windows and their CDs, they still insist on you installing DRM malware in order to consume their music and films.

Although I'd prefer it if the problem was attacked at the root cause, the DRM companies. Companies like Macrovision or Irdeto which tell clueless executive that somehow their systems will lead to greater sales and reduced piracy.

0
1

A nation of CODERS? Yes, says UK.gov, and have some cash to do it

Christian Berger
Silver badge

Don't forget the ethical aspects

After all teaching children how to code is useless without them knowing why and what to code. Most of the problems with IT in our society is caused by programmers not thinking through what consequences their actions have. If you write a messenger which stores contact lists on some central server, instead of finding a decentralized approach, you are responsible for someone abusing that data and perhaps even raiding the home of someone, just because they had some the phone number of someone in an opposition party on your phone.

Code shapes the world. And better code can make the world a better place. People need to see their responsibility.

1
0

Dutch lawyers seek to overturn data retention

Christian Berger
Silver badge

If there was any evidence...

...politicians would bring forward that evidence instead of constantly talking about "abstract threads" or abusing children for their political goals.

3
0

The internet is less free than last year. Thanks a bunch, Snowden

Christian Berger
Silver badge

It's probably inequality.

The rich getting richer and richer both inside of countries and among countries causes tensions. The UK already had mass protests which were ignored when they were peaceful and only picked up by the media when there was property damage.

Of course the easy way would be to share. We'd need to tax the rich and feed the poor. We'd need to let more refugees in... but for the people in power that's obviously not desirable. It seems much cheaper to hire cops to shoot poor people than actually helping them. In any case it's the cops who get the blame.

1
4

VCs say Uber is worth $41bn... but don't worry, we're not in a bubble

Christian Berger
Silver badge

It'll be different than the previous bubble

When Facebook and Uber and whatever fails, they will be considered "to big to fail" and bailed out with public money.

So investors will be able to first turn their investments into hugely inflated "virtual values" and then maybe sell of a tiny bit of them to recoup their investment first, then when the whole thing goes down, they get saved by governments. At the same time they lend the money they got from those governments for their "virtual values" to those governments again, and, if they feel like it, negotiate a 90% debt cut, so they will be seen as heroes.

So you invest, let's say, a million, then claim the company is worth 100 billions, it goes bust and will be saved with 50 billions (which seems cheap). They give those 50 billions to the government and demand 5 billions back, because they are so nice. Effectively they exchanged a million into 5 billion without any risk or actual productive work.

This is why investment banking needs to be tightly regulated.

Ohh BTW in the case of Uber there's a special thing. Some countries, like Germany, have a highly regulated market for person transport services. With new transatlantic treaties like TTIP, Uber could simply sue Germany for fictional losses they believe they made because of those regulations.

0
0

Snowden files show NSA's AURORAGOLD pwned 70% of world's mobe networks

Christian Berger
Silver badge

Re: Well GSM was designed in the 1980s...

I am aware of various projects from simple "rouge base station detectors" to research into implementation and standard defects in GSM.

However if we could only siphon a small percentage of the money we spend on touchscreen phones, we might be able to find ways to circumvent the intrinsic problems of cellular networks. For example it's trivial to track a telephone in use, just by measuring when its transmission bursts arrive at various antennas. That's simple triangulation. Maybe, for example, we could combine direct sequence spread spectrum with public key cryptography. That way we could communicate without others being able to detect it. This would easily solve quite a bit of the problems of cellular networks.

0
0
Christian Berger
Silver badge

Well GSM was designed in the 1980s...

back then the thread was a local attacker trying to get into the wireless connection from the base station to the mobile station.

Actual security never was an issue on GSM. It was, at best, be more secure than the analogue networks before it. There is no security against rouge base stations, there is no security against an attacker working at the phone company.

Maybe instead of having kickstarters for more of the same kind of bland touchscreen phone, we should do some research on mobile networks which offer some resilience against such a central attacker.

4
0

Pub time for NASA bods? Orion spacecraft test launch called off

Christian Berger
Silver badge

Spaceship? ...named Orion?

... queue music!

https://www.youtube.com/watch?feature=player_detailpage&v=F-p5A_GislM#t=11

There was a weird little German Sci-Fi TV show called "Die fantastischen Abenteuer des Raumschiffes Orion". It was mostly famous for having common household items as sci-fi instruments.

0
0

Sony employees face 'weeks of pen and paper' after crippling network hack

Christian Berger
Silver badge

And miraculously...

... the supposedly lowered productivity of those people will have no real effect on the real world. It's not like this affects any of the parts of Sony that actually do something... like building electronics.

Those are the parts of Sony we could probably live without, the parts which manage licensing rights, the parts that do marketing and advertisements.

Other than that, I don't believe Sony's IT department has done more things wrong than any other IT department of your typical mega corporation. It's hard to secure Windows desktops, the logical solution, switching to a few big application servers which get reset to a known good image every night is not wanted by some people.

4
1

Chromecast video on UK, Euro TVs hertz so badly it makes us judder – but Google 'won't fix'

Christian Berger
Silver badge

Actually it's not even 60 Hz...

.... but something crazy like 60000/1001 Hz, because when they stared with colour TV (called color TV there) they found out their chroma sub carrier was interfering with their audio sub carrier. Instead of moving the audio, they simply changed the framerate.... which actually makes monochrome and colour TV in the US completely incompatible if you go by the specs. It also means that a show produced at a monochrome station will play slower at a TV station that already switched to colour... and of course computers here and there use 60 Hz straight.

And of course they use this weird scheme were they cut off part of their chroma sub carrier by bandwidth limiting their colour difference signals in weird ways... which gives them the ability to squeeze their image into 4.2 MHz... while PAL can be limited to 4.33 MHz, without having to resort to such a low subcarrier frequeny and weird trickery.

0
0

Pity the poor Windows developer: The tools for desktop development are in disarray

Christian Berger
Silver badge

There's Lazarus

It's a Delphi Clone with all the bad bits left out. Therefore it's easy to write portable code for it which simply compiles on Linux, MacOSX and even Windows. And on each of those platforms you get a nicely statically linked application without any need to install.

Though I haven't tried it yet, it also seems to work for Android.

To be fair, Microsoft's offerings on the Windows development market never were on par with the rest of the industry. In fact up to the 3.x series of Windows it was not uncommon to develop Windows software under DOS and then just run it on Windows to test it. Even after that, Microsoft offered Visual Basic as its rapid application development tool. It required a framework to get your software to run and was essentially interpreted. Borland, for example, offered Delphi as a competitor product, which, just like Lazarus today, gave you fully compiled statically linked binaries you could just start.

2
0

Yes, UK. REST OF EUROPE has better mobe services than you

Christian Berger
Silver badge

The measurements are deeply flawed

They use cars to measure network quality. This means they only measure near roads.

Now if you are on a road, and you don't have a chauffeur, you most likely shouldn't use computers as you need to drive.

Much more important would be how well the connectivity is on trains. There you typically have the time to access the Internet. However nobody measures there.

Also you'd need to have different weights for different needs. For example I don't care about having 10 kbit or 10 Mbit, what I care about it having a decent connection with a decent sub second latency so I can use ssh or mosh.

0
0

The gender imbalance in IT is real, ongoing and ridiculous

Christian Berger
Silver badge

Some women aren't helping it

Here's an example of a "research project on 'gender inspired technology'".

https://www.youtube.com/watch?v=E5KhOKzIl_g

That's not helping it at all. That's just showing idiots as if they were representing women.

2
0

UK cops: Give us ONE journo's phone records. Vodafone: Take the WHOLE damn database!

Christian Berger
Silver badge

Wait? They gave out data about journalists?

Shouldn't journalists be among the group of people where it's near impossible to make a case against privacy? I mean journalists have sources to protect.

0
0

Suffering satellites! Goonhilly's ARTHUR REBORN for SPAAAACE

Christian Berger
Silver badge

The German Equivalent was/is Raisting

In the 1980s a sci-fi series used to have a shot similar to this one in the opening titles:

http://de.wikipedia.org/wiki/Erdfunkstelle_Raisting#mediaviewer/File:Erdfunkanlage_Raisting_Panorama.jpg

I think their original dish, hidden beyond a radom, recently got a newer radom and now houses a museum. http://www.radom-raisting-gmbh.de/

1
0

Mysterious BEAM outside London Googleplex ZAPPED

Christian Berger
Silver badge

No it's because

...when you break them, you'll have mobs of angry nerds trying to get you.

8
0
Christian Berger
Silver badge

Most likely a hoax or misunderstanding

A static electric field is hard to maintain under real life conditions. If it's to strong it'll build an arc and even if it's weak objects will gradually discharge themselves, particularly in moist situations, also large metal plates in public spaces are usually grounded for lightning protection.

Cables in the ground cannot be the cause as even if they are not explicitly shielded, they are shielded by the ground.

9
0

We have a winner! Fresh Linux Mint 17.1 – hands down the best

Christian Berger
Silver badge

Feels like going into the wrong direction

It feels far to much like a "typical desktop system" than an actual useful system. It starts by not showing the boot logs, a misfeature I've never found a reason for. It uses Pulseaudio, probably the least usable sound system ever devised on Linux and probably the only one where setting the volume on an application changes the master volume in a rather unpredictable way.

It seems like so much effort is wasted on features nobody ever cares about and which later turn out to be colossal security bugs.

2
1

Get a job in Germany – where most activities are precursors to drinking

Christian Berger
Silver badge

The BBC once had a nice insight into working in Germany

Deutsch Plus

http://www.youtube.com/watch?v=4lk9rS7n-4Q#t=823

Just listen to the cheerful music.

Over the series Mr. Antunescu a trained graphic artist, gets a job as a runner, mugged and finds a girlfriend.

0
0
Christian Berger
Silver badge

BTW if you are thinking about moving to Germany...

I know a company that's looking for a decent programmer with some knowledge of networking.

Here's the ad:

http://www.hfo-telecom.de/karriere/stellenangebote

It's an interesting job in the VoIP area with a diverse range of tasks requiring problem solving skills. So one day you might just be debugging VoIP calls for customers finding out what happens if CPE gets a new IP address while the telephone is ringing, while on other days you might be looking for a bug causing T.38 fax negotiations to be mangled in horrible ways.

Speaking German is of advantage, but it's a simple language.

Ohh I nearly forgot, the company sponsors 3 festivities with free alcohol a year. :)

2
0

The next big thing in medical science: POO TRANSPLANTS

Christian Berger
Silver badge

We'll need to wait for studies

However unlike other pseudo medical treatments this actually could be plausible.

What we need now are decent quality studies.

And no, even if this can be a treatment to certain conditions, it doesn't mean that sanitation isn't one of the greatest achievements in health care. The situations where you have to little bacteria in your guts are rare, for example after a long treatment of antibiotics. Normally we all have a decent amount of gut bacteria. The gut normally regulates itself rather well.

0
0

Androids in celluloid – which machine deserves the ULTIMATE MOVIE ROBOT title?

Christian Berger
Silver badge

Well it's missing the "Analoge Haluzinelle"

It's the holographical woman here:

https://www.youtube.com/watch?v=oVk18BJdHgM

(there are English subtitles to turn on)

0
0

That's all folks! US TV streaming upstart Aereo files for bankrupcy

Christian Berger
Silver badge

I think it all was mostly about their attitude. I mean they should have clarified what the difference between them and a cable company was.

Cable companies pay the stations... and in return get part of the ad space! (in the US system)

This company, at least the way it would have been legal, didn't pay the stations and didn't demand ad space.

Maybe Aereo's plan was to eventually run their own ads or to sell their user data, otherwise they would have refuted the claims they are a cable company.

0
1
Christian Berger
Silver badge

They should have done it differently

Simply sell "housing" for your servers which not just includes power and cooling, but also terrestrial reception. Then set up a separate company which offers ATSC terrestrial receivers which are able to stream, either for sale or for rent.

That way you'd have 2 completely legal businesses nobody would complain about. The fact that they marketed it as a service was the main problem.

0
0

Windows Phone will snatch biz No 2 spot from Android – analyst

Christian Berger
Silver badge

Given the fact that Windows phone is incompatible to Windows...

... I doubt that. Windows CE at least had the advantage that it was similar enough so you could port some applications or you could get a Visual Basic programmer (yes lots of commercial software was written in that) to write for Windows CE.

Now moving either to Windows Phone or Android means that you'd have to completely renew your software. Your old software won't work, you need to get new one. Companies will have to buy whatever they can get their software for. It's probably much easier for software companies to find Android programmers in the price range they can afford. There's just more of them around. Plus nobody knows if Windows Phone will be a long term strategy by Microsoft or yet another flash in the pan. Android seems like something that will be here to stay, at least for the next 10 years, so it is worth a bit of investment. Nobody knows if Windows Phone will even exist in 5 years.

Microsoft could have gotten it so easy, by just porting a stripped down version of Windows to mobile phones. They could have built a x86 emulator just like the one they had on Alpha (OK that wasn't done by them) and you could have gotten all the normal legacy Windows software to run. With that they would have gained that market in a flash. However that would have meant to acknowledge that Microsoft is mostly about legacy software.

Some people may find it bizarre, that people who run old Unix shops can just sit back and relax. They probably already run terminal servers for over a decade, and adding a mobile device just means installing some ssh client on it. (or mosh if you want to use it over GPRS)

1
0

Leaked screenshots show next Windows kernel to be a perfect 10

Christian Berger
Silver badge

It's not like many people complain about the Windows kernel

It's probably by now means particularly slow or bad in any way. It does have some interesting ideas like "Personas" which would allow you to have different APIs.

What people complain about is the Windows user space. It stops supporting old software and drops vital features while gaining irrelevant ones. The user space is where most security bugs lie. If you'd just install cygwin directly on top of Windows, you would probably have a rather decent and secure operating system.

6
1

Google Contributor: Ad-block killer – or proof NO ONE will pay for news?

Christian Berger
Silver badge

Will they still track you?

I mean few people mind the ads, they mind the tracking by Google. This solution still means all requests will be known to Google.

2
2

The cloud that goes puff: Seagate Central home NAS woes

Christian Berger
Silver badge

Why would you use a NAS with just one disk?

I mean you should at the very least have a RAID... particularly since large harddisks are still more expensive per Terabyte.

0
0

Two driverless cars stuffed with passengers are ABOUT TO CRASH - who should take the hit?

Christian Berger
Silver badge

Completely unrealistic problem...

As this problem has already been solved 100 years ago.

1. You put the cars on rails

2. You divide the rails into blocks

3. You devise a system which counts the number of trains/axles going in and out of that block

4. You close off the block when one car got in and open it up again when it got out

5. You enforce the rules by multiple systems

I've seen such systems working driverless on underground stations. It works like a charm, even without sophisticated computing equipment.

2
0

Webcam hacker pervs in MASS HOME INVASION

Christian Berger
Silver badge

This is one example of the difference between...

...an "informed Society" and an "information Society".

An "informed Society" would have people knowing the basics about networking and default passwords, they would then configure their devices accordingly and perhaps even ban them from accessing the Internet.

An "information Society" simply outsources all of those things to the manufacturer and expects it to somehow magically make everything secure with a cloud service.

An "informed Society" uses data networks to exist, an "information Society" can only abuse them.

0
0

Where the HELL is that Comcast technician? Finally – an app for that

Christian Berger
Silver badge

Not sure if they are actually complaining about the technicians

I'd rather assume they got that for not upgrading their networks and throttling their users while mandating for a non free Internet.

Of course to the normal user that's just "Youtube doesn't work and the technician didn't do anything about it".

2
0

GOTCHA: Google caught STRIPPING SSL from BT Wi-Fi users' searches

Christian Berger
Silver badge

To do something about it, we might need to give it a "terrorism" spin...

We could be saying something like, "All that collected data could be used by terrorists". After all BT and Google are collecting lots of data which can/will be misused eventually.

0
0

Britain's HUMAN DNA-strewing Moon mission rakes in £200k

Christian Berger
Silver badge

DNA living on?

I doubt it would live on the moon considering the harsh conditions. And unlike living beings a hair cannot repair itself. It'll just gradually decompose into carbohydrates.

0
0

Forums