Re: Oh $!#t.
I picked a bad day to quit trolling.
2164 posts • joined 15 Mar 2007
I picked a bad day to quit trolling.
"Bugs requiring unlikely user actions"
Come on, just how often have you found end-users doing things in a manner thought to be unlikely/unreasonable/damn strange by the developers?
It could be a new marketing slogan!
Funny how PRISM did not phase the big US companies, but the prospect of losing business did cause some backbone to be shown?
Really the lesson is don't use any company that is not 100% in our own legal territory, and (especially if you can't do so) make sure all data is encrypted with keys that only our own business has access to.
Sure that won't stop a court order to gain access, but that raises the bar from simply fishing for stuff to 'probable cause', and you also know about it so can take proper legal steps to defend against the action.
What you can often do is convert your running XP box in to a VM, and then run that fairly painlessly under another more modern OS.
There are catches, of course, like if you have special hardware that needs an old driver, or use it for demanding games, etc, but you can get the best of both worlds:
1) All old software still working as you had it.
2) Support for new hardware and better basic security (assuming you stop email/web in the VM).
The choice of new OS is yours, could be Win7/8 or Linux, depends on what suits you best. At least Linux is free-as-in-speech to try! Whatever you do, get a new HDD to make a copy to play with, and may sure you have at least 2GB of RAM, ideally 4+, before you even consider VMs.
Luxury! When I were a lad we were lucky to dream of such things. Times were so poor we could hardly afford Palm and her five sisters.
Given the trend for advanced malware to avoid running on VMs it order to evade analysis, it seems a pretty good time to deploy any world-facing Windows boxes in VMs, perhpas?
You get the advantage of threatening malware exposure to deter some, and the ease of imaging a running VM to look for boot sector or in-memory nasties that any decent root-kit would hide from AV tools.
Oh yes, and a far, far, less painful reinstall by simply copying a clean VM stored on a read-only NAS or similar if the brown stuff hits the rotary air mover...
AFIK the idea of OAM is the polarisation is rotating. Now you can generate any polarisation by taking a pair of orthogonal antennas and driving them with the appropriate amplitude & phase
You get linear at any angle if the phase shift is zero, with the angle determined by the magnitude of the two drives.
You get circular with LHCP or RHCP depending on the phase being +/-90 deg.
So if you were to drive the amplitude in a cyclic manner you would get the appearance of a rotating linear phase, and if at the receiving end you were to combine the similar antennas with a matching cyclic ratio then bingo - you have the original signal as if it were received by a rotating antenna.
But how is that different from any classical modulation on dual polarisations? Sure they might be claiming the equivalent of higher than QPSK-like "polarisation constellation" points, but that is not without a loss of orthogonality and hence some cross-talk and loss of SNR.
The real question then is can such a scheme deliver any better then just going to higher RF modulation constellations on two classical orthogonal polarisations?
Unless you run at very low frame rates and resolution, or use movement detection, you can eat up 10GB surprisingly quickly! Also you might find you ISP capping your upload bandwidth quickly as well, given the true nature of a lot of "unlimited" contracts.
We have 9 cameras and they generate 6TB/week, but that is with good video quality.
Given the history of security on these web cams, I doubt you need the NSA's resources...
Given a lot of, probably the majority of, these cameras have a history of really shit security and unpatched firmware, you might want to consider some 3rd party method of limiting which devices can connect in to your home network via the camera's exposed interface.
Also important if you are worried about burglary is having a recording of the images on something that won't get nicked by the thief, so it has to be pretty well hidden or to store images off-site, a potentially expensive aspect.
Not really in the 'home security' area, we have used the Vivotek power-over-Ethernet cameras at work, great as you only have a single cable to run and that can be UV-resistant cat5 for outdoors (e.g. CB14001 from CPC/Farnell) and no bandwidth problems. They come with surprisingly decent recording software, though Windows-only and only for their cameras. Oh and dodgey firmware security, but in our case they were not exposed outside our firewall for any exploiting.
Funny that, when my business sells hardware it is done for the revenue it brings in. Why is that such a novelty to HP?
Are you sure your not in XKCD land?
"If it is taking you more than an hour to patch, you have no clue what you are doing"
I have had a fresh install of Vista (and recent installs of Win7) that took hours to get updated, rebooted, updated and that was simply following what MS offered. Are you saying that a consumer OS should need some special magic to make it less painful than just clicking 'OK' on the update option?
With Linux it is usually 10-30 minutes for all patches, then one reboot and that is it up to date.OK, it might not run certain special applications, but I can get an XP VM I prepared earlier up and running in less than 10 minutes...so still less pain than a typical fresh installation of Windows.
Bah, pass me the can of Tenants' brain damage please...
I generally reboot a less-used machine after patching "just in case" something had updated and borked the start-up process. That way the running machines have a decent expectation of rebooting when needed.
Thankfully it is rare!
Well, it is not really "secret" as being unknown, more as the key. If you have plenty of cheap enough energy then you can recycle the elements used to create past crap Xmas toys, etc, from the landfill in to something you really need and want right now, like the latest Orgaimator2000 robotic dildo or whatever.
I'm not sure how an economist would see it, but if someone succeeds in generating a lot of energy cheaply and reliably and without needing resources in a few politically unstable regions of the world, a lot of societies problems would be over.
Except maybe over-population, but decent education and an endless supply of the Orgaimator2000 should see to that....
Hard to say.
On the Wikipedia page for it says: "Advice columnist Dan Savage wrote that he believes all men should try pegging at least once, as it may introduce them to a new enjoyable sexual activity and illuminate them to the receiver's perspective in sex"
So far I have not has such an 'illuminating' experience, but I'm not sure if that is something to be happy or sad about.
Perhaps all those women were also aware that "skiing" is yet another sexual practice and you attempt to excuse your poorly judged vocal ejaculations simply slipped you deeper in to bad boy territory.
OK, I think its time I got my coat...the one with Rodger's Profanasauris in the pocket, thanks...
That bit about "...weigh the evidence against HP's officers to determine whether the condition of the settlement that would indemnify them against charges of wrongdoing would be fair for shareholders" says a lot in my mind.
As you say, if they are so damn sure of fraud why no action before any shareholder settlement? Get the facts out in court and then deal with it.
So gov to use banks to verify individuals identity for issuing passports, driving licenses, etc..
Banks use data like passports, driving licence, etc, to verify users when signing up.
A small circular problem?
"How does it help the intended victims? OK they avoid software company X (possibly to the extent of that company going out of business), but the real issue"
That is not what I meant as quite certainly company X has already cleaned its servers up.
The point is if you have been on company X's site then you might want to look more carefully at your own security!
From the link in the article:
Perhaps the bigger news was the compromising of the engineering software companies web site in the first place. But they fail to say *who* that was, which might help other folk know if they might be exposed or not.
"content-free user-whoring network"
Fixed it for you...
My thoughts exactly - way too easy for a child, elderly, distracted person to scald themselves badly by using the wrong tap.
Also why no mention of the cheaper stand-alone sort hot water boilers? At least they don't look like a sink tap and are more reasonably priced (still in the £100-500 range AFIK).
MS made them an offer they couldn't refuse?
Not all backup systems present the "backup" as files on the regular file system.
How about rsync to a remote system that has no obvious log-in? Said system could also have features like file system snap-shops so you could roll-back even if said remote file system is deleted/encrypted.
It appears that web sites will be using some HTTP extension to declare by whom their SSL certificate should be issued, but surely in a MITM attack you would just advertise the 'other' compromised issuer used for the web-access morphing attack?
Have I missed something here?
I applaud the attempt to deal with the mess that is SSL issuing, but it seems to need far more than that to deal with a well-executed MITM attack (along the lines of noticing cert changes and validating with several geographically/politically separate entities that such a change is correct).
Another benefit of PDFs is they actually retain the correct/intended page layout on different systems (unlike Word, etc, where changes in software version, local printer settings, etc, alter the layout).
Not so funny when you have paid for seriously expensive test hardware only to find it is not going to do things you expected because they have deliberately hobbled it in the application software.
Another argument in favour of Open Source software (and proper/full hardware documentation) where deliberate hobbling is not possible.
Hobbling through generally incompetent development failing to make things work properly is, as for closed source, still possible...
Someone ate them for pudding, I'm guessing.
You get socks and cake mixed up? I did wonder why that pudding of yours tasted odd...
The "big stuff" is usually easy to deal with, probably still has some command-action left in it, and even if not it is easy to track so others can take evasive action and it is a candidate for some sort of active re-entry control.
Its all the small stuff that is hard to deal with.
Google translate is your starting point...just don't use it for anything culturally sensitive!
Most computer hardware is assembled in China, so I doubt they would have much issue with compelling suppliers to provide the necessary drivers if they want any of it to be sold in China.
Whether they use/abuse the GPL Linux as a start is unanswered, but they could go FreeBSD and avoid open-sourcing the drivers to play nicely with global IPR practice. Other non-GPL aspects compiled in and not open sourced could be built-in state spying...
As others have said, it is very doubtful you could do a whole OS without starting either something similar it that sort of time scale and budget.
With some difficulty.
Word offers the ability to compare/merge two documents and shows the difference using the same "track changes" feature that can be used to show your own (and other's in another colour) edits/revisions.
However, it was always sh*t at many things, often showing a whole table as "changed" when in fact only a word or even some formatting was different, and would often flag up changes in automatic fields (table of contents, heading numberings, page numbers, etc) that really you don't normally care about because they are designed to update anyway..
Word sucks, as does Open/LibreOffice writer, but in different ways. I prefer the Office 97 version of word, even though it is more buggy and won't do odf or docx in any usable way, but that is probably down to my years of sorry experience in using it and not really liking the ribbon of later versions (though I also use 2010 at times). As others do, I often write the main multi-section document in LibreOffice to get content OK, then import to Office 2012 for final formatting for those who can't cope without Word or if there is something it does better than LibreOffice.
p.s. macros in documents are the Devil's work.
p.p.s. MS has a long and inglorious history of embedding absolute paths in linking stuff that promptly breaks when you try to edit it on another machine.
p.p.p.s. Thunderbird has also degenerated in to storing absolute paths to things, even though they are all folders/files in the same profile sub-directory so should be relative to there.Then if you move your profile to another user name, or a machine with different directory structure, random bits of your email don't appear/work any more.
How old was your previous OS that a 2TB HDD was "massive" and 32GB of RAM a "huge expanse" that posed some sort of problem?
As opposed to today, with being needed just to get the damn thing to work...
Don't know, but the Soup Dragon had 4 legs and 2 arms instead of wings, presumably from finding an ecological nice in serving soup and blue string pudding. Guess that is evolution for you...
So how do you know there's someone still with a bush working at his local strip club?
Really? So why is Firefox so keen to dump useful GUI stuff in order to look like Chrome?
World's favourite platform for whoring you from advertiser to advertiser...
Interesting you should say this, as I have long suspected it on my Tesco account - generally crap coverage when you try to use it even in a modest sized Scottish city, even when signal strength is apparently decent.
Better plan would be something that infects the most routers and opens a small percent of bandwidth for tor or similar, while disabling remote updates from any ISP (or just updating version number so it looks as if it worked).
If a large percentage of connections were infected it would be a major deal to try and get them all cleaned and plenty of plausible deniablity.
Not that I would promote breaking the law, of course.
You seem to have missed the point, its not about securing Joe Public against a wi-fi driver trying to intercept their connection, it is about tracking everyone who attempts to speak.
Tying it to a phone is a nice touch: it allows them to easily follow the locations most folk who ever use the internet as well (unless they are sufficiently paranoid to only switch it one when absolutely necessary).
Your fckd'd. One way or another, your fsck'd.
This is "Papers citizen!!!" at every opportunity.
"whether they just want to control their own population, or whether they're really serious about security"
Really, this is all about control of their population. Just like China, Russia has not quite got the idea of democracy at all, and the last thing the powers-that-be want is to be questioned by folk they can't simply "disappear".
The fact the west is moving this way is a far more worrying sign.
That is MS' underlying problem these days, they still see the world as:
"Windows on x86 is the answer, now what was your question?"
They would be far better to separate applications from being Windows-only to supporting what is out there on all platforms. Its not like they don't have the resources to do cross-platform development, is it?
Edited to add: Good work nevertheless, makes such videos watchable!