Feeds

* Posts by Paul Crawford

1548 posts • joined 15 Mar 2007

Microsoft denies Windows 8 app spying via SmartScreen

Paul Crawford
Silver badge

Re: h4rm0ny

OK, that explains something and makes more sense. I had assumed this was an extension of the device driver signing process where they did look at your code.

0
0
Paul Crawford
Silver badge
WTF?

One way mirror?

So am I right in assuming that to get approval MS get to see all of your 'trade secrets' of your source code, quite possibly to copy (sorry, "influence") for new MS products, but you don't get to see theirs?

If you have to bare all, at least go open-source and maybe get community help in bug-fixes, etc.

0
2

Drilling into Amazon's tape-killing Glacier cloud archive

Paul Crawford
Silver badge

Re: Not as cheap as it sounds

Just read the blurb:

"Secure – Amazon Glacier supports secure transfer of your data over Secure Sockets Layer (SSL) and automatically stores data encrypted at rest using Advanced Encryption Standard (AES) 256, a secure symmetric-key encryption standard using 256-bit encryption keys. You can also control access to your data using AWS Identity and Access Management (IAM). IAM enables organizations with multiple employees to create and manage multiple users under a single AWS account and to set resource-based access policies."

So basically they encrypt the "tapes" (we presume they use tape ultimately) but the still have access to your data, i.e. it is not encrypted at your side, using a key that only your company has.

Bend over Blackadder, its PATRIOT time!

0
0
Paul Crawford
Silver badge

Re: Not as cheap as it sounds

For a small user at least you save the cost and maintenance of the tape drive, and the off-site storage of tapes in case of major local damage, etc, which makes it attractive.

But the lack of any obvious way to control the encryption yourself (unless I missed something) is not good.

0
0
Paul Crawford
Silver badge

Re: Hmm, where do I put all my sensitive data?

The only sensible option is to encrypt the data with *your* key before it gets to them. Of course that usually buggers up de-dupe and always buggers storage-side compression, so they won't like that being the norm.

Considering the other problem, that of up/down link bandwidth, you would really want to compress/de-dupe your data before considering backing it up, which would help them as well. Not quite so simple to use properly then.

0
0

Microsoft Surface slate: Acer, resellers predict a riot

Paul Crawford
Silver badge

Re: Whatever is bad for Microsoft is good for everyone else.

I up-voted you because some of what you said is true (i.e. we need more and real competition for the mass buyers of computers), even though I suspect you need to keep taking the dried frog pills...

4
0

Office for ARM will lack features, report claims

Paul Crawford
Silver badge

Re: Is this really an issue?

"A surprising number of companies were still using 16-bit installers that should have been done away with a decade earlier."

Er, why?

Assuming they do/did a proper job that the business needs, why should they not be supported on 64-bit as for 32-bit OS?

The idea that *working* software has to be replaced simply because the OS supplier can't be bothered to support it is a worry, and is the best argument of all for going open-source where you have the ability (or paid contractors can) support legacy stuff if it is cheaper then throwing away years of experience and bug-fixes in the pursuit of 'shiny'.

9
3

AuthenTec sells out to Apple to the sound of 1,000 lawsuits

Paul Crawford
Silver badge

Re: Your rival may get many more viewers by NOT banning it

There are no rivals - except the pirates, and of course then you don't need all of this technology to 'allow' you the watch the stuff you just paid for, you can watch it anywhere.

Really, in a number of ways I support the TPB simply because the low bar to accessing 'pirated' material has, or hopefully will, make the content industry realise its not so precious after all and that if they want my money they have to make the experience of legal purchase easy and effective for me, on any of my devices.

Does any one out there really want stronger DRM to be baked in to the hardware and further restrictions on what you can and cannot do with YOUR hardware becoming the norm? Screw you Apple!

1
0

Hooper's copyright hubs - could be a big British win with BBC backing

Paul Crawford
Silver badge

What metadata should be protected?

The idea that removing any metadata should be stopped is a dangerous one, as it could lead to images being attributable to people who really don't want that in public (e.g. photo of a crime, personal adverts on dating sites, etc).

What is needed is some sensible machine & human readable metadata for copyright that is protected by law, and maybe some hash of the rest (date.time, camera settings, GPS coords, etc) if it is missing. That way images' ownership can be traced as needed, but are not identifiable so easily unless the photographer applied their public 'signature'.

1
0

Apple disappoints at first Black Hat briefing

Paul Crawford
Silver badge

Re: Ouch

Do you really want all of your data locked to the CPU, so if your machine dies and you swap the disk to another it is all unreadable?

At least with an iPad there is no real expectation of recovering data/physically upgrading if it has failed (or stolen, as likely), and their whole software model is based on cloud backup.

And yes, you probably should have a backup of your PC but we all know how easy and regularly done that is...and how successfully and well tested the restore process is...

1
0

Expert: EU Microsoft competition fine could reach $7bn

Paul Crawford
Silver badge

Re: pointless

It is not pointless because:

1) It makes Joe Public realise that this is OK and sort of MS-approved, and is safer than a random download.

2) It gives other browsers a chance, and not just Chrome that Google push relentlessly on their home page.

Remember, this is not for El Reg's typical reader.

1
0
Paul Crawford
Silver badge

Re: What a ridiculous situation

oligopoly

noun

the market condition that exists when there are few sellers, as a result of which they can greatly influence price and other market factors. Compare duopoly, monopoly

The point you are missing is this is not about corporate users for whom a sysadmin sets up the approves configuration, nor for readers of El Reg who fully understand how to install other browsers and/or configure search engine choices.

This is about Joe Public who can't tell the difference between an address bar and a search engine, and for whom the blue 'e' was "The Internet". Once most of them are using an OS-specific browser you get the stupidity and lock-in seen, for example, in a lot of South Korean banks where you need an ActiveX plug-in for on-line banking.

And so you can keep your hands tightly around consumers genitals and squeeze them for all the money you can with little chance of them moving way from your cash-cow.

That is what the EU has acted for, and given the size of MS and their inability to keep a promise, I don't think 10% fine is out of the question. Please educate yourself on the whole anti-trust proceedings that started with MS moving against Netscape before arguing about it.

11
0
Paul Crawford
Silver badge

Re: What a ridiculous situation

You really don't get it do you?

"There is no law saying you MUST buy Microsoft" - go to any of the major vendors (HP, Dell, Toshiba, Leveno, etc) and see what proportion of consumer machines & laptops you can buy world-wide without Windows, then report back here.

Damn, I fed a troll again!

13
4
Paul Crawford
Silver badge

Re: What a ridiculous situation

I think you missed the Troll icon.

Can't you understand what the implications of monopoly / oligopoly status means? If Ford had 99% of all garages in their pocket, you don't think they would get such treatment as well?

As for the success of companies, you also seem too dim to realise that often that comes from misusing their position to crush opposition and/or disadvantage competitors. I have no problem with Google being the biggest search engine if it is due to them having the best algorithm, but it is an issue when they start promoting their own brands ABOVE competitors because of ownership, not relevance.

Geed, you break the rules then expect to get punished! Oh unless you are a US company in the USA where the DOJ drops things that might harm your profits.

11
8

How to fix the broken internet economy: START HERE

Paul Crawford
Silver badge
Facepalm

Re: Unicorn sighted! Oh wait, it's just a donkey with an ice cream cone stuck on its napper :(

I did not even get that far, I read about it on this esteemed organ and immediately found it won't work on Linux. Now I do have access to an old copy of Windows, but it comes back to the point that Andrew made (as countless others have) that DRM sucks!

The inconvenience and high probability of paying for something and getting screwed later is too high, and suddenly them there torrents looks might good, me hearty!

It comes back to this issue of control-freakery, and I guess some of that comes back to Byzantine licensing terms for each and every country and media that exists having grown over the years. Also pointed out is 2/3 of users are 'honest', so why make life hard and irritate your paying customers to protect content that is mostly going to be paid for, and those who don't pay you can't practically stop anyway?

I wish that some sense could be injected to both sides of the copyright debate.

6
0

Yahoo! hack! leaks! 453,000! unencrypted passwords!

Paul Crawford
Silver badge

Email down?

Seems I can't log in to my web email just now - merely a coincidence?

Still no big deal as I just use it for spam and facebook, which is the same thing really.

1
0

Chemical giant foils infected USB stick espionage bid

Paul Crawford
Silver badge

This is why I disable autorun on all possible media!

Autorun was a dumb idea - if you know so little about computers to be able to find and run a setup.exe file on some new software, you have no bloody business running arbitrary software in the first place! Learn, or get a knowledgeable person to help you (paid if necessary).

9
0

Multi-platform exploit sniffs your OS, penetrates your back door

Paul Crawford
Silver badge

Re: AC 13:41

No my argument is more like: My friends/family/granny didn't understand it, it didn't work for them...

As for runas - why should it not have "just worked" like sudo? More skill required to fault-find.

Same for ACLs, the issue is not that I don't understand what they should do, more the fact you often need to use the tool to see what the effective ACLs are, and a lot of insight to see what those implications are for the system.

Then you get on to the thorny issue of execute permissions - can I use the ACLs to block all user-writeable areas like TEMP and their own profile from execute permissions and not break the whole machine? Not break Chrome? Linux has the execute bit that, by default, is disabled on downloads etc (OK, not on stuff copied from CD or FAT which is dumb...) which is another hump in malware prevention, ACLs should allow the same, but by default don't.

But you are 100% correct to say "they shouldn't have had to, the default user IDs are setup correctly for default user access" - it is this 'insecure by default' problem that plagued Windows for years, and while it is much improved now you still get the odd legacy application that only works with your admin pants down. You just pray that no one brings along a bucket of soapy frogs...

3
0
Paul Crawford
Silver badge

@ AC 11:09

Yes, Windows of the NT/2000/XP... range has many security features that ought to be more than a match for the UNIX model. But avoiding the fanbois arguments about how many bugs in Windows vs Linux and so on, there is a significant difference in that for most Windows users and a lot of older Windows software - it just did not work in practice.

The whole 'run as' option for windows often failed for installers, and a lot of crappy written software (including some from MS in the past) assumed the user had admin privileges and open firewalls, etc, for really stupid stuff. If you are on a tight budget and/or have some older specialised software you just have to run as admin and hope for the best.

The other big problem is the ACLs use for access control with NTFS installations (majority case from ~2000 onwards) are simply too complex for anyone other than a seasoned Windows administrator to understand. So for Joe Average all of the security features it just broke things, or in the case of UAC on Vista it just irritated them when it popped up so often that they disabled that as well.

So to say "just because some people didn't use it" is a gross misunderstanding of the majority of non-corporate Windows users' problems with using the security offered, where as most Linux users don't need to bypass the UNIX model's default security to nearly the same degree.

5
0

Microsoft tightens squeeze on TechNet parasites

Paul Crawford
Silver badge
Trollface

<= As an AC he/she just could not select the icon. Fixed it for you...

3
0

US mulls outlawing rival product bans using standards patents

Paul Crawford
Silver badge

Really the whole "block the competition" aspect sucks, why not limit patent litigation to deciding on a parentage of the sales revenue based on how much the patent is of the whole device?

Given that most products have thousands of patents used in them it seems ridiculous that trivial stuff can command even a few percent of the cost simply because some big corp has enough lawyer funds to bully for it..

13
0

Aluratek, Coby license Microsoft patents for Android

Paul Crawford
Silver badge

The "part of patent agreements" is really a wish list. Also sorry for the typos.

0
0
Paul Crawford
Silver badge

Re: patent extortion

Actually the FAT32 issue should never have been allowed as the point here was MS did some stupid things for compatibility reasons and got a patent on it. No one in their right mind would *want* to use FAT32 except for the need to talk to Windows machines (due to their de facto monopoly in the desktop arena, and inability to read/write much else then FAT or NTFS).

I am all in favour of protecting innovation, but anything that is to do with interoperability should be excluded from this.

Also why the secrecy? Any deal that is not public is mighty suspicious and part of patent agreements is they *should* be conducted in the open so that the "value" can be seen for trading, not just to stop predatory agreements being signed, but also to allow investors to see the actual value industry putts on the innovation concerned.

5
0

Revealed at last: Universe's intergalactic dark matter skeleton

Paul Crawford
Silver badge
Pint

@Gareth Perch

I thought it was Toyah Wilcox?

1
0
Paul Crawford
Silver badge
Coat

Noodly appendages

The answer is simple and obvious - those dark filaments are the cooled hyper-pasta of the Flying Spaghetti Monster's noodly appendages!

Thanks, my jacket and hat is the pirate one with the book on global warming in the pocket...

16
0

Microsoft sets October date for Windows 8 release

Paul Crawford
Silver badge

Re: Windows 8 - what is it?

I don't think there is much change the the underlying OS that is major, but it has has some minor improvements. Had there been a no-Metro option I think most commentards here would be less hateful in their comments, probably looking forward to it in fact as an improvement over 7. But sadly they have already tried the preview...

Maybe on a tablet/phone it has a purpose, but on a desktop it sucks. But don't trust me, I don't own a fez.

3
0
Paul Crawford
Silver badge

Re: hate for XP and the Teletubbies references

I hated the XP teletubbies appearance, but at least they let you change back to 'classic' look.

With win8 they have gone out of their way to stop you, the useless bar stewards!

Mind you, Ubuntu's Unity is well on its way as the Linux moment of pulling defeat from the jaws of victory, think of all those XP users who would find Gnome 2 quite usable? Ooops, we screwed that one.

3
1

Cisco backs down on cloud control of routers

Paul Crawford
Silver badge

Re: Well, that's OK then

Give up your base? Or maybe time to get another product from a company that is not doing this to you and make damn sure you tell world+dog about it?

4
0

Mozilla shoots down Thunderbird, hatches new release model

Paul Crawford
Silver badge

Yes, that plain/HTML bug annoys me a lot.

Also the in-line spell checker 'forgetting' to check a whole paragraph, etc, if you just did an edit. Buggy since V2 I think. Finally on my annoyance list is the inability to run filters on the "global" inbox, meaning if you have several email accounts and use the unified folders thing (which I like) you need to define multiple filters.

Email is long established, just fix the bugs please! Oh and give us back coloured button text - that black text only crap is not so good for quick recognition.

4
0

Door creaks and girl farts: computing in the real world

Paul Crawford
Silver badge

F'in caps lock key?

Please will somebody realise that caps lock is of little use, and for most non-perfect typists just a source of hassle when you accidentally touch it going for 'A' or similar.

If dropping anything that is "no longer needed" please get rid of caps lock!

1
0
Paul Crawford
Silver badge

Re: Are you really going to pop that disc in your drive?

Yes, because I don't have a stupidly configured computer that runs anything presented to it, and there is a good reason to expect it is valuable to me. Even with Windows one of the first things I do is disable autorun on *ALL* media via the registry setting.

How would any other media be safer? Infected USB are depressingly common...

1
0
Paul Crawford
Silver badge
Thumb Up

Parallel printer ports on motherboard

If you need older hardware support in a modern computer check out the DFI EL620-C ATX motherboard, it has a parallel port (you need a bracket/25D/ribbon cable thing unfortunately as it is not rear-facing), two rear facing serial ports (and more inside), PS2 mouse & keyboard, 4 rear-facing USB ports, and two Gigabit Ethernet ports.

Oh, and it also has 3 ISA slots for industrial cards like we use!

Supports the older socket 775 CPUs unfortunately, but Intel still make the Q9400 quad core one (and others) if you can find a supplier that is not utterly incompetent to actually sell you them.

5
0

DNSchanger shutdown may kick 300,000 offline on Monday

Paul Crawford
Silver badge

Indeed. Some how I don't think it will be the grandparent generation who are the worst affected...

1
0

Numbers don't lie: Apple's ascent eviscerates Microsoft

Paul Crawford
Silver badge
Facepalm

Re: Apple treated differently than Microsoft.

If you look at the article, you will find that MS has fallen to "If you factor in iOS devices, the ratio drops to less than 2-to-1". So basically if you include all Apple devices: desk-top computer, laptop, tablet and phone, they are still a minority compared to Windows.

That is why no one has investigated Apple. Yet. The time will come I hope...

4
5

Leap second bug cripples Linux servers at airlines, Reddit, LinkedIn

Paul Crawford
Silver badge
Facepalm

Sadly I am troll-feeding but its worth noting this bug was introduced around the time of the last leap-second.

Real problem is lack of testing of such rare events. Windows is no better really, it ignores the leap second so clock is simply wrong for a while which can be a problem for transaction systems.

0
0
Paul Crawford
Silver badge
Boffin

How to test?

Why can't someone set up NTP server called skippy or something, that every two days it adds an anomalous +1 leap second and then two days later has a matching -1 leap second?

That way you could set up a test machine that is more-or-less on time, but makes sure that your kernel and any Java, etc, updates are all happy with the concept of a clock shift.

0
0
Paul Crawford
Silver badge
Linux

Re: Leap seconds: not a one-off unique event

I don't know why they hung. All of our Linux machines ran quite happily (as they have done fore years before including this event) using NTP and Trimble GPS for precise time-keeping.

It is not like the folk behind NTP don't know about this, it has been supported and documented for a long time:

http://www.eecis.udel.edu/~mills/leap.html

Sounds like something that was not tested during the last leap second event, but still, I fail to understand why it would take the system down for more than 1 second?

2
1

Used software firms win small victory in shrinking on-premises world

Paul Crawford
Silver badge

Sensible decision

Seems the EU has sense here, after all the claims that software is "Intellectual Property" should come with the same sort of rules that physical property has, that you can if necessary re-sell it. I hope this ruling also gets applied to music & DVDs that are delivered on-line to break the distinction between physical and virtual delivery. Of course, there are big concerns that a number of customers won't be honest and delete the copy before selling it on, but really, are they not likely to be the ones obtaining it dishonestly in the first place?

As for cloud-only to get round this - I can see a number of cases where that is simply not practical due to network latency & bandwidth concerns, not to mention issues over data sovereignty and applicable law.

6
0

Euro Parliament kills ACTA treaty before court can look at it

Paul Crawford
Silver badge

"backdoor control laws"

That is the key point: the secrecy of negotiation.

The fact that some very controversial proposals were included then dropped from ACTA (but not Japan's own laws?) shows the attitude of some aspects of those pushing this forward. I hope, but don't really expect, that in future the revision of patent, copyright and trademark laws are done in the open and NOT simply to maximise large company profits.

This applies obviously to the heinous business of DRM and so on being pushed by the content industries, but equally to the land-grab of copyright by the likes of Google, etc, against small players. The law should be fair to all parties.

14
0

Microsoft gets its hypervisor war face on, squares up to VMware

Paul Crawford
Silver badge

For what client?

For a Linux VM or Windows VM? My own experience shows NFS as significantly faster than CIFS for the same hardware/network system, so can we please have some like-for-like comparisons?

Methinks MS pushes CIFS because that is Windows default networking and not because it is actually any better...

4
0

Australia goes cold on ACTA

Paul Crawford
Silver badge

Re: The "dropped" part matters

Irrespective of any merits in ACTA, the manner in which it was negotiated and the attempts to use it to bypass parliamentary process is a VERY SERIOUS matter. Same in the EU where it is/was being pushed by the commissioners as a done-deal to be passed by the EU parliament.

This cannot be allowed to happen!

For the sake of democracy everywhere it is important that ACTA is rejected and politicians made to sit up and take notice that new laws or trade agreements need to be done in the open, and with the goals and participants all visible so that it actually reflects what the people want.

As Andrew has pointed out in past articles, most people are not "freetards" and will support creative work by paying if it is made a easy and good choice, but this has been a long time coming with music finally becoming easy to download DRM-free. Prices are a bit high (compared to CD per-track cost when manufacturing costs are excluded) but not bad. However video is still DRM-encumbered and subject to stupid regional restrictions.

Can the industry groups get round to fixing the carrot before demanding ever bigger sticks?

1
0
Paul Crawford
Silver badge

The "dropped" part matters

The fact it was dropped matters, as criminalisation was proposed behind closed doors. And considering Japan, one of the original proponents of ACTA, has gone and introduced this independently you can be sure it was not a joke:

http://www.theregister.co.uk/2012/06/27/anonymous_japan_ddos/

0
0

ITU denies plans for global internet power-grab

Paul Crawford
Silver badge

"from friction comes life"

Getting fscked?

1
0

Ten... pieces of tat for Apple fanboys

Paul Crawford
Silver badge

Re: In the interest of fairness

Certainly, for windows:

9 sets of AV software + Original CD to nuke it from orbit and re-install.

And for Linux:

8 books on compiling a kernel for Dummies/Fun/Profit/Sysadmin/BDSM/etc, a signed posted of Richard Stallman + a Tux penguin for your desk.

3
0
Paul Crawford
Silver badge

Re: Just visit your doctor...

Yes, and no Windows CD-ROM either - now try changing your IP settings!

0
0

Powering your iPad costs $1.36 per year

Paul Crawford
Silver badge
Gimp

But what is the cost of running (rechargeable) battery powered sex toys we ask?

4
0

LinkedIn faces class action suit over password leak

Paul Crawford
Silver badge

Re: Definitions - are you sure?

The salt can't be "random" but could be something complex and user-specific, such as their email address (or a MD5 hash of that).

The goal is to make the required rainbow table too big so a standard table (for, say, all 8-character passwords and common longer ones) can't be used, and the time & storage to generate one big enough is unworkable for a reasonable time-scale so you are back to brute-forcing each user.

1
0

Windows 8 'harder for malware to exploit', says security analysis

Paul Crawford
Silver badge
Linux

Re: Err...

Secure boot is a double edged sword: while clearly a major step to preventing rootkits, it is also a good way of stopping freedom.

My own preference would be for a uniform and guaranteed way of turning it off, of cource with BIG MESSAGES ABOUT THE DANGERS so Joe Average is not fooled again by malware in to shafting himself.

The Linux option that blocks things like pci access, etc, to allow signing is not good in my view as I use that sort of thing in development. OK< I don't need secure boot, but would like the half-way house of knowing most of the boot process went OK and only the modules (or hardware access) were things to worry about.

8
0
Paul Crawford
Silver badge
Linux

Re: Amazing!

Windows users being forced to pay more for the privilege of using their PC?

Oh my fishy heart bleeds for them as I play a surprisingly small violin...

7
6