* Posts by Paul Crawford

1696 posts • joined 15 Mar 2007

A backdoor into Skype for the Feds? You're joking...

Paul Crawford
Silver badge

Call me cynical, but I suspect a lot of the moves towards security by Joe Public for communications have been driven by the uncovered abuse of surveillance powers by all sorts of governments and companies/RIAA types.

3
1

WTF is... LTE Advanced?

Paul Crawford
Silver badge

Pointless at current caps

Really, how long till you blow your 500MB or whatever cap?

Unless this comes with a *much* lower cost per MB it is not getting my vote.

3
1
Paul Crawford
Silver badge

Re: How about a reliable 2/3G?

Not much use on the move!

1
0

Have your users managed to force iOS devices on you?

Paul Crawford
Silver badge

Re: @jake 04:12

"Front line...is your company thinking?

Oh, maybe said staff have to visit customer premises and need something handy that works over 3G networks? An iPhone is not essential, but also not that bad a choice in that case.

IT departments are there to serve the business, that means balancing what people need/want to do against the risks of letting them do it, and as necessary to make sure the systems are protected from the dumb and malicious (both inside and outside the company).

1
1

Half of youngsters would swap PRIVACY for... cheaper insurance

Paul Crawford
Silver badge
Stop

Re: It does genuinely save money

While you may well be right that being monitored tends to reduce instances of dick-headedness, the real problem here is mission creep.

If all the boxes did was gather stats about speed, cornering, use during light/darkness in some way that the owner could see and only be uploaded once per month or similar without the ability to track exact positions, then fair enough - it is roughly a sensibility monitor.

Maybe actual detail could be kept for a limited time as a black-box style for post-crash investigation, but such detail, like the aircraft block box, should be subject to proper privacy protection and only used when a disputed or fatal crash is involved.

But far more worrying is the real-time and every detail aspect that is BOUND to be sold or or mined for other reasons. If such a system is indeed going to save money/lives, then the system needs to be openly designed and thoroughly reviewed so what it can and cannot do is known and not subject to mission creep.

11
0

Mac malware found with valid developer ID at freedom conference

Paul Crawford
Silver badge

As for the lack of control/configuration options, that is just an example of the Gnome teams design fascism where they dumb things down and treat the users as idiots (which may or may not always be true).

Just look at all of the options removed from Gnome 2 when it went to Gnome 3.

2
0
Paul Crawford
Silver badge

Re: Ubuntu / Gnome etc.. use the Gnome Keyring...

That is a bit of an off-topic rant really. Expecting to remove the login control of a desktop and still being able to use the desktop is a bit much.

Don't want gnome keyring? Don't use gnome! Install the server version and all you have is text-mode (or SSH) login and the usual password management of Linux.

Look at the code if you want with:

~/Downloads$ mkdir software

~/Downloads$ cd software/

~/Downloads/software$ apt-get source gnome-keyring

Not well documented (but what software is?) but it is all there. Find the data files having seen the entry in gck-secret-binary.c file:

#define KEYRING_FILE_HEADER "GnomeKeyring\n\r\0\n"

With the command:

~$ find .gnome2 -type f | xargs grep 'GnomeKeyring'

Binary file .gnome2/keyrings/login.keyring matches

Binary file .gnome2/keyrings/default.keyring matches

If you really worry about others remotely logging in via some keyring vulnerability then set up your firewall(s) to only permit IP addresses from specific machines you use as an additional layer of filtering.

2
0

Murdoch hate sparks mass bitchin', rapid evacuation from O2, BE

Paul Crawford
Silver badge

Re: Look before you leap

Up to the point when they out-sourced the call centre I had quite good service from VM for my cable connection. Of course, it is different now but not quite so bad to jump. Zen anyone?

0
0

McAfee all-in-one security suite covers PCs, tablets, and smartphones

Paul Crawford
Silver badge

Looking over the article again, it says both cross platform and "is delivered through Intel Identity Protection Technology".

So will it only work on special Intel hardware, thus seriously limiting its usefulness on the phone/tablet front, or is this talk of special Intel hardware an aside to basically a software solution, in which case how can it be any more secure than other more open systems?

1
0
Paul Crawford
Silver badge
Black Helicopters

How safe?

There are two issues that trouble me, beyond the usual McAfee crapware-trialware-scamware aspect:

1) Are you really asking users to put all of their most important data in the hands of a USA company? Now it appears to be properly encrypted when 'at rest' but how sure are we this scheme has no designed-in backdoor?

2) Even if the back-end storage is secure, what happens if the user accesses it on a machine already infected with a root-kit? I am presuming in this case it is compromised, unless somehow Intel's encryption hardware is able to bypass the OS to bring your data to the screen, etc.

And if that is the case, it is also deeply worrying as you (as in administrator of your OS of choice) are no longer really in charge of the computer.

7
0

Cluster kids, pick your weapons: It's the Battle of Leipzig 2.0

Paul Crawford
Silver badge
Joke

No shows?

Given the strengths of Linux in the HPC arena, I am surprised the penguins of Antarctica have declined to show.

What is the Aussies excuse?

0
0

Sony investor wants to break up firm, re-invest in hardware biz

Paul Crawford
Silver badge

Re: Take Sony back to its roots.

I have to agree - the marrying of content producer and device manufacturer is bad for consumers due to the willing imposition of DRM and the reluctance for either to act in a manner that risks the other's legacy income stream.

Just look at the root-kit fiasco and the various attempts to push DRM on user (e.g. mini-disk had it wilde CD did not, removal of Linux mode on PS3, etc) and you can see why Sony is not going to be on my buy-list for the foreseeable future.

5
1

Top guns doomed as US Navy demos first carrier-launched drone

Paul Crawford
Silver badge

Re: Hmmm

I think these are intended to be mostly autonomous so loss of command link over the target is unfortunate, but not a show stopper.

Also most data relay is via geostationary satellites which are (probably) beyond the range of current anti-sat systems, unlike spy sats that are usually only a few 100km up and in the range of the last (and very dumb from a space debris point of view) demonstration of anti-sat weapons.

1
0

New Lumia 925: This, loyalists, is the BIG ONE you've waited for

Paul Crawford
Silver badge
WTF?

Waterproof?

Once you have no SD card and a sealed battery, then WTF are they doing not making it waterproof?

Considering the times I have had to remove the battery to reset my HTC phone, and the rapid demise of an iPhone with water (as you can't get the battery out to give it a chance to dry our before electrolysis destroys it) this is a big deal.

Yes, I know Nokia is not the only one doing this, but if you are making the device effectively sealed, then do it properly!

9
0

United Nations: 'Overpopulated Earth? Time to EAT BUGS'

Paul Crawford
Silver badge
Joke

"gourmet buggery"

My mind shuddered at the thought, and it was not about food!

5
0

Penguins in spa-a-a-ce! ISS dumps Windows for Linux on laptops

Paul Crawford
Silver badge

Re: Fuming

I am amazed that somehow you think an astronauts "real work" consists of making power point slide shows or arsing around with word processing style sheets.

11
0

Notebook sales to surge, says notebook seller

Paul Crawford
Silver badge

Re: Tell you what, Ray

8 - not "figure of 8" cable but IEC (the "kettle lead") as you can find them world wide and thus plug in anywhere you go.

Otherwise up-voted for all points. In particular 1, 4 & 10

1
0

Unlocking Technology Act plans to let freedom ring for devices

Paul Crawford
Silver badge

Re: What's the difference?

The difference is if you, or some other person, finds how to jailbreak a device you can offer that service or product without risk of prosecution and quite probably counter-sue if they deliberately try to stop your method.

4
0

How smart does your desk phone need to be?

Paul Crawford
Silver badge

Re: Internal use ...

We have old Cisco IP phones and those are the only two features I have seen to make them "better" than the POTS they replaced:

Caller ID (a name, not just number) + call history (handy for re-dial).

The phone's ID/number moves with the phone, not the socket its plugged in to.

1
0

Get your very own open source nematode

Paul Crawford
Silver badge

Re: Scan it.

Leading to: http://en.wikipedia.org/wiki/Visible_Human_Project

0
0

Google not sabotaging YouTube on Windows Phone after all

Paul Crawford
Silver badge

Must try harder?

"Windows Phone invested additional engineering resources against existing APIs"

Sounds a lot like "Google did not help us, so we had to RTFM and get some smart folk to actually do some work on this product".

As for MS claiming "a bad boy hid the APIs and won't give them back" it really could not happen to a nicer company.

12
1

Windows Blue preview to land at end of June

Paul Crawford
Silver badge

What users want?

Choice usually, for example:

(1) Why can't you have the desktop style of choice? In XP you could have "classic" over the Fisher-Price style. Seems things changed again with Vista/7 and now with 8 its worse with 3rd party tools needed to give users what they are asking for. Why can you choose the one you want/are familiar with?

(2) Menu vs Ribbon - again WTF is the problem with a simple config option to do things the way you are familiar with, or choose a new (who knows, better for some perhaps) option?

(3) The old oligopolistic practice of trying to force Windows by making things specific to it, the key example is Office. Available for MacOS (just, and often lagging) but why not for iOS where there is a market? Or for Linux/Android?

(4) Office365 - being pushed as the pay-always choice. Not to mention the exposing of all your data to USA law, something that could easily be avoided by client-side encryption before the data leaves your computer. And WTF is Office365 doing when bits of it don't work the same/at all on different browsers?

Yes, I know these are really rhetorical questions because we all know the answer is profit maximisation by forcing you customers ("hostages") to change and buy-again, and again...

8
0

Deep inside Intel's new ARM killer: Silvermont

Paul Crawford
Silver badge

Re: Goalposts.

I was wondering the same - what is the performance comparison of ARM vs x86 on the same fab technology?

Also, as others have pointed out, ARM is generally a lot cheaper to buy/licence than Intel's offerings, so this had better be really good to make it.

And what about SoC builds, will Intel be offering to integrate customer's hardware on the same fab as this new CPU?

6
0

HTC profits PLUNGE 98%: Pins hopes on HTC One, 'Facebook mobe'

Paul Crawford
Silver badge

Re: Argruably the desire was the 1st mainstream android...

Have to agree, I have a Wildfire and its crap - or more precisely the software is crap and HTC have done nothing to fix it in the last 2 years.

Any wonder their customers have deserted them?

0
0

Look ma, no plugins! Streaming web video with just JavaScript

Paul Crawford
Silver badge

Re: "the real ones who actually make money at this sort of thing"

They will pirate anyway, so it is not helping the content providers and, while it is unlikely to result in the innocent/dumb user being prosecuted, at least they may get their PC fixed and save the rest of the Internet one less zombie.

What helps the case for content providers is the end user gets the pirated-like freedom to view anywhere/anytime but is paying for the privileged, rather than paying to jump through hoops. More likely to get and keep customers that way.

3
0
Paul Crawford
Silver badge

@Christian Berger

DRM, in the sense of making you unable to do what you want, is ALWAYS a less good experience than the pirate version.

Watermarking has its own issues, but is much better as it can be made invisible to the viewer (in the same sense of "acceptably small" which video compression relies on) not to get in the way. By knowing their download is marked, less people are going to share the copy they paid for with others, which is the main goal of a commercial operation.

Of course, mashing up watermarks by using several copies is possible, but potentially hard to do in a way that stops any of the donor's being identified.

Hopefully the content makers will realise that you can't stop piracy, but you can make the paying option cheap enough and good enough (from the customer's point of view) to make the risks of pirating enough to stop all but the most hardened freetard.

Just now I would not hold my breath, as the 'big content' industries have shown themselves to be very dumb in this respect so far.

8
0

Suspected Chinese NASA spy smuggled smut not state secrets

Paul Crawford
Silver badge

Re: Steno-pornography?

Probably by getting original copies of said pr0n and comparing them bit-by-bit. Also probably by watching them very carefully, over and over again, just in case there was some subtle political or technological message in "Big Girl Needs Big Dildo".

But who says he was not on the make, given the Great Firewall and China's anti-pr0n laws, maybe his stash of gentleman's entertainment was part of a pension plan?

3
0

Japan's XP migration solution: Remove network cable

Paul Crawford
Silver badge

Re: Fixes and stuff ....

Ah the old red / blue network arrangement :)

Just add someone with a rubber truncheon to deal briskly with anyone plugging in to the "wrong" network and you have pretty good security even with a leaky OS.

4
0
Paul Crawford
Silver badge

"already have migrated"

There are lots of reasons why you may want/need to keep an old OS going, the most obvious is you simply don't have the money to buy a new PC but that is probably not the biggest issue here (though report suggested so).

Legacy software, or special hardware, are both reasons why an 'upgrade' can be very expensive and time consuming because you find that the software won't work right on the new OS and/or is not supported or licensable on a new machine, and newer versions of said software is not 100% backward compatible and/or needs something else and so on...

My own solution for my dying w2k box was to convert it into a VM and run it on a Linux machine, more or less the best of both worlds (can run special software that is Windows-only, has better network security Linux-style). Even so, that takes IT skill to implement and user training to make it workable, both of which also cost money one way or another.

Certainly w2k and XP had nothing in the license about virtulisation, but AFAIK Windows 7 (probably also the abomination that was Vista) only permit it on the expensive enterprise version, not OEM/standard.

1
0

Why next iPhone screen could be made of SAPPHIRE - and a steal...

Paul Crawford
Silver badge

Re: Sizes?

Not as much as a Humvee decorated with elephant tampons!

3
0

New NASA rover lands in frigid alien hell tomorrow

Paul Crawford
Silver badge

Re: Optional accessories?

You seem to have "autonomous vehicle" and "shark" mixed up. Don't worry, its a common mistake.

1
0

Java applets run wild inside Notes

Paul Crawford
Silver badge
FAIL

Seems no one remembered the stupidity of Outlook running attachments.

Why did anyone think it is a good idea to run, even in supposedly sandboxed code, anything that comes in to your machine?

3
0

British biz walking around with 'Hack Me' sign taped to its back

Paul Crawford
Silver badge

Re: RF jamming ?

"Since when is that supposed to be an issue ? Sure, it'll work the first day or two,"

I think an hour or so might be enough to cause a chemical plant to go seriously wrong!

Never underestimate the ability of dumb people to get stupid things done in places you never imagined possible.

1
0
Paul Crawford
Silver badge

RF Jamming

I wondered about that, as a friend of mine mentioned the option of WiFi used for industrial control/monitoring systems. Amazing how dumb the cost saving of not having to install a dedicated (and hopefully air-gap isolated) wired network can be.

0
0

The Chromebooks are coming! New models due late 2013

Paul Crawford
Silver badge

The high-res one is attractive - as a machine to put Ubuntu, etc, on.

The normal ones for students? Cheap perhaps, but useful, really?

I can see them being a good buy for the utterly-IT-incompetents . I can think of certain friends/family in that category who just should never, ever, be allowed to do more than access a web browser. And even then pinned full-screen so I don't get a phone call about something having gone "stamp sized" and that no they really did not touch anything...

1
0

BT unleashes SIP licensing troll army

Paul Crawford
Silver badge

Re: How does this work?

"SIP was accepted as a 3GPP signaling protocol"

So it is considered an 'essential patent' and so should be under FRAND terms then for 3G? Sounds like it should be FRAND elsewhere in that case.

0
0

Japan's naughty nurses scam free meals with mobile games

Paul Crawford
Silver badge
Coat

Made me smile

Naughty Nurses "where smartphone penetration is over 40 per cent"

Thanks, mine has the book of double entendres...

10
0

UK.Gov passes Instagram Act: All your pics belong to everyone now

Paul Crawford
Silver badge

How things move

Funny how all IP laws seem to move towards what suits big business.

I can't see how hard it would have been to deal with orphaned works in a fair manner: for example, you can make use of it without risk of prosecution, but if the legitimate owner turns up then some reasonable compensation is due along the lines of some fraction of a professional's fee.

6
1

Internet freedom groups urge W3C to keep DRM out of HTML

Paul Crawford
Silver badge

Re: AC 18:15

No, you can't have an open system and DRM because, by definition, DRM stops you doing what you want and thus YOU are no longer in charge of your computer.

You could have a propitiatory 'blob' that hides the DRM key, but than you have to trust it absolutely (if root) or at least with your own account's information which in practice is quite a lot. See http://xkcd.com/1200/

Then of course the "big media" will not accept that unless it also relies on a closed path to the video/audio card so you can't intercept the decrypted data en-route to the display. See for example one of the reasons why Vista was so crap:

http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.html

But this is a far bigger issue than media streaming, this also opens the doors to all future web sites being in lock-down mode so you can skip adverts, copy data if you want/need, etc. Therefore I am 100% behind the free software movement here as the web should not, in fact, must not become a closed system otherwise we are all going to live in the anus of a DRM's facebook in future.

And that is too hideous to be allowed just so Netflix, etc, can dance to Hollywood's tune.

0
0

New Google Play terms ban non-store app updates

Paul Crawford
Silver badge

Considering the recent security problems with apps (I hate that term!) updating themselves to become full blown Trojans, this makes sense. However, part of me also wonders about the more sinister control aspect...

3
0

Review: Western Digital Sentinel DX4000

Paul Crawford
Silver badge

Re: @Annihilator

"A homemade NAS is fine, and I've used one. But I wouldn't trust anything business critical with it."

I have used "enterprise level" NAS at work and to be honest would not trust it any more.

Repeat after me "RAID is not backup"...

2
0
Paul Crawford
Silver badge

Re: clarke@cilia.org

Most customers have no idea what RAID-x means, so no point in telling them. The key aspect here is they should have never been shipped with an unsafe option!

Of course, the other thing is no one should have only one cope on any device, no matter what RAID system is in use. RAID != Backup.

2
0

Behold Ubuntu Server 13.04: Focus on hypervisors and OpenStack

Paul Crawford
Silver badge

Shame they do not support 10.04 desktop for 5 years, but foisted upon us the unpleasant business of gnome3/unity.

2
0

Amazon: Hard luck Microsoft, AWS will always be cheaper

Paul Crawford
Silver badge

Re: Lock-in

Really, if you have any sense you will have an independent backup copy so no matter what your cloud provider does, or has done to them, you still have your data.

Though before you get to that stage, you should be asking serious questions about the security of all of your data in another company/country. No open client-side encryption? Then fsck off!

0
0

EE: Of course we're going to get 1m 4G users by the end of the year!

Paul Crawford
Silver badge
Facepalm

Unless 4G provides much cheaper data (i.e. lower £/GB, say 1-2GB for the same price as others charge 500MB) then what is the point? You will just end up paying too much because you are tempted to use data-intensive services and getting gouged.

Oh wait...

1
0

Boffins explain LED inefficiencies

Paul Crawford
Silver badge
Joke

Re: Popularity

Well they could always throw in a comment about MS and have Eadon and his band of merry troll-beaters fill up the forum, would that help?

0
0

BitTorrent offers file sync tool for PCs and NAS

Paul Crawford
Silver badge

Very interesting

Assuming it goes open-source (or at least the protocols do, so it is properly reviewed), this is a great idea as you get all of the benefits of "the cloud" without having to open your privates to those you don't trust that much. Like MS, Google, Amazon, etc...

Ideal for extended families so a selection of machines can share files and act as back-up for each other.

Of course, if it has a "read-only mode" (i.e. original creator can make changes that propagate across all shares, no one else can) then it could stir up a lot of controversy as The Pirate Bay's web site could become a local searchable share on thousands of machines and be all but unblockable by court orders to ISPs.

8
0

Chinese IEEE members want MAC control for cognitive radio

Paul Crawford
Silver badge

Re: @Christian Berger

But is it practical to achieve that sort of tight beamforming in small enough packages and at reasonable cost, power consumption, and bandwidth?

If you consider the wavelengths for which we can probably use and get reasonable building penetration, say in the 10cm range, and an angular requirement of say 10 deg to get a large number of urban users then an ideal antenna needs a diameter of around 60cm and in practice a phased array is going to be significantly bigger. For a big base station that is viable, but not for handheld or set-top boxes.

For the OP's point about not going through service providers via white space mesh connection then it won't be practical, but for some future high rate mobile it might just be viable. If it is cost effective enough and has enough back-haul bandwidth.

0
0
Paul Crawford
Silver badge

Re: Hopefully China will continue

You really don't understand how radio works it seems. Two problems:

(A) There is simply not enough usable[1] spectrum in a typical built-up area to give everyone gigabit links like wired/fibre can.

(B) Cognitive radio is only usable if everyone is sharing the same negotiation system, and ideally (and essentially for non-cognitive systems) you have some database of users so you don't have a white-space user talking over another radio link it can't sense (due to sensitivity or shadowing issues) but is actually in use.

Hence radio should really be reserved for things that need it, such as mobile use, and not as a cost-saving option to avoid investing in fibre, etc, that has enough capacity for the foreseeable future.

[1] Yes, I know there is huge and very sparsely used spectrum up at tens or hundreds of GHz but that is not going to effectively penetrate well through walls, etc, and currently it is not cost-effective to produce TX/RX for them in single chips, etc.

4
0

Forums