"We cannot even capture the backside of the passer by"
Exactly! That is no way to make a good perv-cam
3055 posts • joined 15 Mar 2007
Exactly! That is no way to make a good perv-cam
Yes there is - make sure the fsckers know they (whoever is in power currently) will be tarred with introducing it come the next election. It might magically make the grow some ethics, like the LD has in this respect.
The ISPs should tell the committee that cost recovery is not an issue - they will all simply put all of the hardware, software and administrative costs down on the customer's bill separately itemised as "Conservative Government Snooping Tax".
"same kind of lock-in as if they'd stuck with a Windows-native client"
Actually if they had used a win32 client and stuck to the most simple and common API calls (and actually read MS' own guidelines about privileged use, etc) they would have far less of a problem.
I have several applications that were written for Windows a long time ago that just keep working, version after version. Often also working on Linux+WINE as well. Its the fancy new and/or undocumented stuff that bites your ass eventually, so just keep clear of the latest fad (how is Silverlight doing?) and use the common stuff and its not too bad.
Much more so if you force your developers to build & test on two different platforms/compilers always (even if both are "Windows" and "Visual Studio" but different releases) as that way they can't use the ephemeral stuff...
So how does it survive reboots? Can it spread machine-to-machine, or would making your office work PCs shut down every night be a useful mitigation technique (as well as saving money on electric)?
"the incident nevertheless serves as a reminder that
free stuff in the cloud can be taken away as well as given"
There, fixed it for you...
" I was impressed with the power and the fuel economy" ... "my 13 month old car with less than 9,000 miles is worth half of what I paid for it"
Why don't you just keep the car for 5-10 years and get your money's worth out of it? Works for me (as a tight-fisted Aberdonian)
Yes, this is a sore point also on most Linux systems as well. If there is one sane thing that the Firefox management could do for their products and the world at large, it would be to focus on making a browser that was easy to secure and designed to enforce a respect for privacy.
That means having a simple way of using central management tools to set parameters and to force/block plug-ins that are centrally defined, and to have a sane limit on what the browser should ever need to access so things like apparmour profiles are trivial to use without issues. And this goal should be thought through so it works using WSUS and several of the Linux options (both per-machine via local admin, and centrally for the network).
As far as privacy goes, this means reporting only one of a few configurations so its not easy to fingerprint for tracking (and/or randomly reposting different bits every time so no two sessions on a given machine look alike, e.g. dithering on canvas draw etc). It also means having a design so things like history and cookies are all isolated from javacript and plug-ins by default, and only signed plugins that ask for permission and are granted it can use it. And that denying access just returns a near-blank list, like a fresh browser install, so a plugin can't tell if it has real access blocked or not.
So please Firefox team, quit dicking around with the GUI to look like chrome, quite removing features because you can't be arsed to support or test them, and focus of having a selling point that system admins want - an easy life of little trouble from users, idiot or otherwise.
Poor quality trolling there.
You could have tried mentioning the lack of portability beyond Windows, or the benefits of ASCII for cross-platform use in bash, maybe even joked about csh/tch/sh/bash offering one common way of doing things.
Of course this is not helped by the muppets at Google & Firefox, etc, dropping support for web browsers on the likes of XP even though a significant number of folk still rely on it.
For the technically competent there is always Linux for safely browsing using old machines, but that is hardly a solution for the majority who don't even grasp what an operating system is, let alone that it can be replaced on existing hardware.
Meanwhile in Europe we don't have school massacres practically every year for the last century...I think you will find that even with all of the "terrorist" acts in Europe post WW2 together the death toll is less than a year of US gun-related accidents.
With the billions of dollars in funding and all-seeing surveillance, can''t they do something useful to help out the government departments they are supposed to serve?
You know like catching the perpetrators, recovering data, that sort of thing...
I'm glad I am not the only one thinking that.
Thanks, mine is the dirty mac...
The ars technica article, essential reading for those who didn't get your reference:
The resulting Hitler parody to enjoy:
Just by making suppliers liable for faults and security holes that are not patched reasonably quickly and for the usable life of the IoT devices, and no weasel EULA to got out of it, would be a major start. Most of the problems fundamentally come down to the "ship it fast even if shit, and don't pay for a decent support team" mentality of modern businesses.
 say 30 days from it being reported
 say 5 years after that model was last offered for sale
"Alternately, do not access password stores on any systems that are not known-secure."
Please tell me just how you know when a machine is compromised without being able to boot it and scan with various rescue CDs to check?
If you can do this where no one else has, there is a fortune in AV to be made!
"How many RFCs...have been written by women ?
I'm guessing within an expected statistical range of the proportion of women taking part in the organisation.
Plenty of women have technical merit, but if you look at the proportion leaving school with an interest or attempt to follow a technical career you will see the problem is far from an issue with the IETF or similar.
Why so few women lecturers? Why so few women in science/technology roles? Duh, look at the number of women graduates 10-20 years previously!
"Doubling the amount of time they have to devote to testing is"
WTF? Don't they have any automated testing then? In which case its only another build machine and for someone of Google's size I doubt that is such an intolerable expense.
Edited to add: Or is this down to the shitty inclusion of FlashPlayer, and the pain of supporting that?
"At the same time, build, Firefox, and platform engineers continue to pay a tax to support Thunderbird."
Really? It sounds like they really don't have a sane project structure in that case.
FFS just how much HTML or web rendering should be possible in any web client? Or is this really a case of their sponsors wanting people to move to web-mail so they can whore them more effectively to advertisers?
A very good question and the answer is usually one or more of three options:
1) Cost savings
3) Trendy, as everyone else is apparently doing it
Sadly there has been nothing serious to place responsibility on those in charge to do it properly. And by that I mean to consider security from the very beginning: How it is protected, how it is partitioned to control damage, how it is tested, how it is patched [repeat from start]. Dangle serious fines and jail time over managers and things will then be done, otherwise its business as usual until the shit hits the fan...
"We see from this place every day the malign scope of our
adversaries’ advertisers' goals"
Both, most likely.
I don't know if it was specifically intended for this port-forward risk, or just the more general issue of a VPN being dropped due to other software bugs or MITM attempts, but the UK Gov security advices on system deployment has a section on setting the firewall to only allow the VPN range of access. For example, see section 8.7 of this:
"In the UK the headline figure for investment in this is £175M over the next 10 years"
And the ISPs, etc, who have a clue are saying £2B or so is needed. Now why would the gov not publish its costing approach when the bill is in the debate stage?
"Now, they're guaranteeing a mess in the future"
As if any of the recent bills have been any different in this respect?
The whole thing stinks, but how much of that is incompetence and how much is (political) malice is hard to tell.
You are aware that article 33 of the Fourth Geneva Convention specifically forbids collective punishment?
Its only the best all round solution if you don't have any significant delays in loading ads, and they are not poisoned flash files or similar that then infect your PC.
"competing against your contemporaries you are competing with 60 years of back catalog"
It is worse than that as today people are paying lots of different fees: ISP's, mobile phones, computer games, alcohol, etc. So music has to fight against a whole lot of other things to get a share of the youth's limited money compared to 20+ years ago.
And the problem is it is much easier to get music without paying compared to the more tangible goods, not just file sharing but YouTube and radio, etc. You really need to have something very special to keep enough fans buying. Today it also seems most folk are contended with crappy compressed audio, so the benefits of selling a CD or FLAC track appeal to few.
I don't know what the answer is. Certainly it would help if buying music was easier by micropaying options per track, etc, and such a scheme would potentially help others to make a living without being whored by Google. But will it happen?
"The thing that is important is entropy"
The things that are important are entropy and rate limiting on brute forces trials.
High entropy means more attempts on average to guess it, rate limiting stops them from doing it quickly. However to most likely password cracking scenario is when they have already compromised a web site and can brute-force the database.
Or 50 Shades of Grey?
That would be bad, I mean there are much better examples of BDSM literature for the discerning reader...
"For the really clueless it will take personal friends or family dying at the hands of terrorists before they wake up and smell the coffee."
So what? In the week or so since the Paris attacks more folk have been killed and injured on the roads of Europe than in the attacks. Should we all give up our own privacy and security to stamp out
cars the next bogeyman?
Tell it like it is!
I often wondered why the GUI muppets at Gnome, Firefox, Google, MS, etc, all seem to go down the same route of removing functionality and discoverability. They need a course in GUI design which consists of taking the odd granny/granddad or two off the street and giving them a simple task to do on the device. If they can't work it out in under 2 minutes the designers get beaten with rubber hoses until the elderly folk succeed.
A couple of lessons and I am sure designs would be so much more usable...
Gluttony is in there as well, if pies are going for free.
Lust as well, if its warm apple pie
The "snooper's charter" is going far more than that, demanding all of your (and everyone's) internet access to be stored for a year and searchable, and also has various weasel-worded sections about who can access said data. That is blanket survalence.
What was proposed above was targeted - yes, you have some ability to scan all traffic, but it is used to pull out certain web sites that are known to be ISIS or similar, and then just look at that. A massive decrease in data gathering. Then you start to look for patterns, not just the odd link-following by someone who didn't know what the site was, but repeated visits and/or visits to sites related to that ideology.
Again, a big decrease in who you are looking at and then you are down to the levels where you can start to analyses what they are up to and see if they merit some human survalence and intelligence-gathering.
That was my thoughts on the article, it will come down to a bidding "war" where you offer money for services and you don't get a cast iron guarantee of delivery, just a position in the scheduler based on who else is bidding for it and how much they are willing to pay.
What, you really need it to work? Maybe just buy your own server then...
Usually devotion needs some sort of special dream, fantasy, or belief that out-weighs common sense. Given that MS is the dancing-dad of technology, and that few end users or sysadmins ever get up in the morning looking forward to engaging with MS' software, its going to be a long and tough sell...
Maybe he should have spoken about how all of your data is encrypted by your own password before it hits MS' servers, and they don't have any access to it as a result.
Oh wait, that was a pipe dream resulting from me drinking too much port in a storm.
You credit the
clueless fuckwits honourable members of parliament with too much technical thinking there.
I also doubt encryption is the biggest problem. Knowing what to do with a mountain of straw to find those couple of darn needles is a big challenge and more hay-gathering (AKA snooping) is not the answer, but having folk able to analyse it (and maybe act on it) probably is.
Yes, Google provides links to copyright material and they also got hauled over the coals!
What, they didn't? Anything to do with having $B to pay lawyers by any chance?
Its a good point, Google is a master at whoring your from advertiser to advertiser.
MS used to offer a paid for OS that respected your privacy, but from XP's "product activation" through Vista's intrusive and bloated DRM aspects, and then finally to Win10's forced updates, weasel-worded upgrade pushes and and default-on telemetry, you have to ask: "Why pay for this shit?"
"Last heard of working in a sex dungeon in Blackpool"
You or the lady?
"the man had deleted all of his Facebook data. A huge pain and shame"
Indeed, the shame being he should have deleted it himself!
Even if keeping on FB then please delete and create a new profile with a new disposable email every year or so. It limits what FB can easily gather on you and evidence of past indiscretions, and a perfect excuse to dump those "friends" who are sufficiently important not to appear to single out for un-friending, but that you really did not want watching your every post.
Edited to add: And don't give FB your email log-in password or mobile number, mkay?
Just add in the planned Snooper's Charter and there is an even bigger reason to quit the UK and go elsewhere for work :(
An article on possible destinations and how they are for freelance work would be very welcome!
You can use GPS along with other time sources, both network or radio.
For example, the Meinberg LANTIME M900 can use combinations of GPS/GLONASS as well as LW from your nearest source (probably DCF77 in central Europe, MSF in UK, etc)
Exactly, time for El Reg readers in Scotland to write to their MPs and make clear the problems and risks from all of this. Not just for Scotland but also when it comes for voting on the snooper's charter zombie that has re-emerged from the Home Office.
£3,571 *per f@%kin' camera* !!!
Is about right, given that a lot are analogue so you are talking networking, HDD recorders, etc, and labour to visit each camera point and do the work, possibly with a cherry-picker.
To achieve exactly what?
Aye, there is the rub. Just how helpful are these cameras? Have we got evidence that they will save more than £10m in reduced crime?
True, but its a good start.
You mean like arming the Taliban as an anti-Russian move?