At last! Now I can have my robot monkey butler!
2904 posts • joined 15 Mar 2007
Re: 371kg of cold liquid xenon
At least you did not go for anything kryptic...
Re: 371kg of cold liquid xenon
I should react to that, but seem to find my shell full just now.
Re: No One Wants The Flight Found
Really? Other than a handful of nut-jobs, everyone in the area of science and technology wants to know what happened so there is a better chance of it not happening again.
This is not some shitty OS that crashes and people just shrug their shoulders, reboot, and try to redo the last hour or twos lost work. Here it really matters!
Even if it turns out to be a human fault, or even a deliberate action, we can learn and make it less likely in the future. As already pointed out, the lack of a squawk that said something useful about location and status is something that is trivial to remedy, but some other failure scenario may be present but no one has seen it yet (other than the poor souls on board MH370) so knowing that would allow something to be done.
Re: MH370 and MH17 were organised by the same people
Too much schnapps, too little dried frog pills.
Now if only AMD would open up the management processors, etc, so a proper audited open-source BIOS could be offered for matching motherboards we might be able to use less tin foil for our millinery needs.
Interesting. Wonder if those networks deliberately interfere with VPNs, or maybe VPN traffic is just less tolerant of shitty networks?
Re: Data estimates
"autonomous car .. about 40GB a minute of data"
Very likely in its own sensors, but almost bugger-all of that will be hauled back to the cloud as the radio bandwidth is simply not available for the huge number of cars in most cities (along will all of those trying to use youtube on mobiles, etc).
Sure they might sell CPUs for on-board processing but most likely it will be ARM for lower power and cost if the car companies have anything to say about it.
My first thought was this is so they can slurp your data to whore you to advertisers (and paying gov departments) just like Google do. And Win10 does.
Having thought about it a bit more, that is also my 2nd thought.
Edited to add: What are the real alternatives to Skype these days? Something that is cross-platform and not dependent on a big data-slurping company? Might be useful to know.
"a bill to regulate services like WhatsApp, including a requirement that services maintain a local office and enable lawful intercepts"
That might work for something like WhatsApp, assuming they are willing to do an about-turn and break any pretence of privacy and encryption to stay and set up offices there. Which I kind of doubt given they are not exactly making money off use but from slurped metadata and a mass exodus of users to another would make that much, much less useful. Also it might become a political hot potato if the masses of current users are unhappy about all of this.
However it is kind of pointless move because it sends the message that businesses can't use secure encryption, only what is approved for state snooping on. Also I am sure we will simply see the rise of P2P apps that are all but impossible to block at a network level (e.g. use same ports as web browsing or other apps, no single IP range to central servers to block, etc).
Re: No central provider.
"way around E2E encryption should be compromising the physical endpoints"
This is very likely to be possible with any phone, including those featuring in the current criminal cases, given how crappy the software is. But it much simpler and cheaper to shoot the messenger, isn’t it?
Re: I love how
The judge is indeed asking that messages (for the "criminals") be recorded before encryption and handed to authorities. Well, not asking... ordering.
Is this on-going (i.e. a request to change it) or for an case on trial where they want stuff that it is too late to change?
And no, she is not trying to bypass parliament, as the law that allows her to demand such things already exists.
I think the point is this does not already exist for WhatsApp, and the system was designed that way to avoid criminals, spooks and nosy ISPs from listening in. In effect she is demanding that a change is made to back-door the system for surveillance purposes. The question is whether or not there is an existing law that applies to over-the-top suppliers like WhatsApp that mandates such access. Do they clearly fall under telecoms regulation, for example, where this is often that case, or not?
If not she is trying to make properly functioning encryption in software illegal by the back door of punishing a supplier for not having the ability to sneak in to its customers data, and not by parliament making that an explicit aspect of law.
Re: I love how
The two options are:
1) The judge is a technical incompetent and unable to comprehend how properly implemented encryption works.
2) They are trying to bully WhatsApp in to creating a back-door but without going through the Brazilian parliament, etc, to do so in an open and properly debated manner (such as having a telecoms regulation that explicitly covers over-the-top providers like this).
The motive for (2) is probably not wanting to alienate the population or businesses that then see proper encryption as illegal and not something that protects you from the multitude of criminals (private or "state") who also want your information.
Re: The you-know-who is warming up backstage
Chinese USA government's constant attacks by the People's Army hacking units NSA and others, running Chinese American closed source software represents an unacceptable risk."
Re: "run MS Office"
Appears you can use Office365 using a Linux based web browser:
"run MS Office"
Options appear to be:
Find one with Win7 (or a spare install licence) and lock it to block win10 updates, living with the EOL risk.
Get a Mac and use the Mac version of Office
Use a VM on Mac/Linux to host Windows & Office. That way you can deny it network access and use, for example, the VMware shared folders so stuff can be up/down loaded by email.
Use Linux and on-line Office365, after all it will be based on web standards?
Re: There's more!
I think you mean "by spreading obvious bollocks through the moron-net in a manner that even the Daily Mail and Morning Star would be ashamed of".
Re: Not quite $0 per month ...
So £38/month for around 12TB of protected storage (i.e. 400 times the original MS offer) assuming RAID-5 on each of your NAS and then they are mirrored somehow, and with gigabit access speeds and no dependency on foreign government policies.
Hmm, how much for the same size and speed from a cloud provider?
Re: So a major price increase then...
Sad, but predictable.
Many years ago when I was using w2k and then XP I was pleasantly surprised when MS decided to go per-processor licensing as we saw the first multi-core x86 appear, instead of some complex and ultimately rather pricey per-core formula as Oracle and the rest of the "old guard" pushed.
Now that practically all my software development is for Linux first, with Windows support as an after thought for "the old guard" perhaps I shall not care...
"Excel is a swiss knife type tool every accountant knows on a level you would not master in years."
Very true, but why do people assume that a general migration to Linux means EVERYTHING must be Linux?
In my own limited experience, most folk are happy with Linux for many things, and the few business-critical programs you really must have can often be run in a VM of Windows. Said VM can be minimal, have limited network access, and generally is a very secure way of doing things (given that a lot of smart malware avoids running in VMs to evade analysis).
Sure it is an extra training step for those users, but my 75 year old and largely computer-illiterate father was able to master VM use for a specific genealogy program. I'm sure your accountants, etc, would manage it fine if given a couple of minutes tuition and a cheat-sheet of things to remember.
Re: ...or use honeypots
Use a server with something like ZFS that supports snapshots and is copy-on-write. Then seeing massive disk use between snapshots is a clear sign of bulk modification, plus you can go back to previous snapshots to recover the data quickly.
Try FreeNAS on, say, a bottom end HP Microserver with, 4 * 6TB disks or similar and 12GB or 16GB RAM. Under a grand for a system with 12TB of well protected storage. OK, you need to make damn sure that snapshots are on and *WORKING* (hint - make sure 'recursive' is ticked) and that control over the NAS is secured so malware cant go in and disable stuff or simply wipe it. But that is kind of basics anyway.
"your main web browser should not even have access to a file system containing your personal files"
Except for everyone needing to upload and download email attachments if using web-mail, PDF data sheets, photos up to FB (for the vain and/or with family who pester them enough to bend over for a Zucking), etc?
Of course if you are properly paranoid you will already have an AppArmor profile for Firefox set to only allow read-only access to specific directories (e.g. 'photos') and only read/write to a sane place or two like 'downloads'.
Re: Linux mint and no longer have this sort of problem
You see, if you can run arbitrary software on ANY platform, then you can encrypt your own files (as pointed out above).
Sure it is less likely on Linux and one reason I migrated, but if you are properly paranoid about this then you will (A) have an isolated backup anyway as that covers hardware failures and "gross administrative misconduct", and (B) set user-writable areas to non-execute so you can't accidentally run something unpacked from an archive (because your were drunk and it promised good pr0n).
Re: This is why...
Not having admin rights should be the norm, but it only take one of many privilege escalation bug in ANY operating system to be back to having your machine toasted.
Really the only sensible mitigation technique is a working, tested, backup system that is not a simple extension of the main PC's file system. Also works for lost or damaged PCs as well...
Re: "every provider must log all Russian internet traffic for up to a year".
Why would law makers care about the costs that the public ends up paying?
Of course, if all web browsers suppliers added a "poke random web sites every 30 seconds" by default you could see those logs grow by a factor of hundreds and maybe then the big ISPs would have to make a noise.
Re: Never as easy as it seems from an armchair
But all of the vendors are like this and SCADA systems are niche products so where do you go to buy a system that wasn't designed by idiots?
This is why we need the law to step in and for security folks to draw up regulations, including things like operating in a VM as an essential attribute, otherwise no sale (and no insurance or license for a business which fails to follow the rules).
Sure there will be a lot of bitching at first, but niche market or not, we need a nice big stick to beat them with so all of the usual software good practice is followed. Things like forcing a declaration on matters like hard-coded passwords, support back-doors, operation with AV/VM tools, respect for proper multi-user practice (i.e. no need for interfaces to run as admin), 10 year or more support that will include replacing any protocol or SSL certificate found to be weak or compromised, etc, etc, etc.
Impressive analysis, but infection vector not apparent
Seems they do a lot to avoid VMs and sandboxes, so why are they not in more common use for security sensitive systems anyway? After all, the actual controllers are dedicated hardware boxes and the SCADA PCs just Windows machines to supervise them. Any reason why those PCs can't be run in a VM?
But how were those machines infected in the first place?
Why were they internet connected?
When will we see serious personal fines and jail time for managers who fail to put sufficient security design, monitoring and management in to critical infrastructure?
Trusting some AV or firewall vendor who said they would stop trouble is just not good enough. Unless, of course, they are offering to pay the fines and do the jail time if they fail.
Re: Every time I see "<3"...
Ah, the double polaroid moment:
You ought to be questioning why you use MS in the first place?
Re: A final throw of the Minty dice before
But at the present, I would NEVER install Linux - either Ubuntu or Mint on my Aunt Lucy's PC. Her old desktop could just not take the excitement of those interminable problem fixes via a list of arcane and lengthy commands.
Quite the opposite, I have put Ubuntu on father's laptop and friends' home PCs and it gives me FAR less support trouble than Windows and the inevitable AV that still fails to stop infestations. Oh yes, and none of this in-your-face nagware or the privacy violations MS are now pushing having conveniently forgotten all about the "Scroogled" campaign.
Yes, the The Register has a "down button"
Better still, express your displeasure by leaving Facebook and doing something interesting in real life.
That sure is a lot of pussy!
Re: square hole
An amusing (but NSFW) take on the square hole / round peg idea:
Re: I'm sorry Dave...
Indeed, as this parody shows:
Re: Says everything that there is to be said
I forget who said it, but: democracy takes power from the corrupt few and hands it to the incompetent many.
Re: Okie is a strange place
Gotta protect our wimmin from seeing something more interesting...
"valuable feedback on how people use the OS so Microsoft can improve it even more"
Ah yes, so that is why Windows 8 & 10 are so much loved and respected by the users?
As for blocked updates for Win7, if the fsckers had not been abusing the update mechanism for this there would NOT be blocked!
Re: Charles 9
Eh? You can, and generally should, set Linux to automatically install security updates.
Unlike the "new Microsoft", that does just that patches stuff without major changes (like the old MS). If you actually want to do the equivalent of an OS upgrade you can (though it is not 100% successful in my experience when unusual partitioning / RAID is in use, etc). You are warned to back up and be sure before starting, etc, etc. Or you can simply tell it never to offer such an upgrade again.
"forces to be deployed without human loss of life"
On your side. While that is generally a good thing, if it makes politicians more trigger-happy it is probable not.
Re: Formatting has two options
Lets face it, if you worry about a TLA recovering data you should have been using an encrypted file system with the HDD when in use, so not only do they have to try and undo the overwrite, but they also have to know your encryption key as well.
Re: "don't work properly"
Thing is, you need an order of magnitude greater skills to get data out of those areas, and probably you are looking at a tiny fraction of what was once stored on the HDD.
Deleted via recycle bin? Piss-easy to get back.
Formatted? Not too hard if standard structure used and/or you use a scanning tool looking for recognisable data (word doccuments, JPEG images, etc)
Overwritten with zeros? Damn hard without low-level HDD access below the usual SATA command set (possibly even custom forensics hardware & software).
Physically destroyed with thermite? No chance.
Considering the effort and possible desire to get some 2nd hand value/use, simply doing a full disk wipe or using the "secure erase" option is plenty good enough.
Re: Of course, given a choice...
Greece was looking like a good cheap holiday option with ancient historical sites to visit and fantastic food.
Not so cheap from the UK now, of course...
Re: IoT and it will get worse?
Have an up-vote!
"I wonder how many of these aren't supported by anyone including the manufacturers of them?"
Fixed it for you...
Re: Why use and array of any type anyway?
I can think of a few very good reasons for centralised storage, such as (1) simplifying the task of recognising, protecting and managing your data (snapshots, data replicated to off-site store and/or tape robot), and (2) allowing common data/programs to be updated in one go for everyone who needs access, (3) allowing applications on differing native OS to share data.
However, (1) it will never match local storage for speed on any comparable basis, and (2) you get a degree of redundancy in your company that one central fault won't take down everything.
So really depending on what attribute matters more you you will go for one, the other, or maybe a bit of both (e.g. fast data local, central for share/replication/off-site transfer).
Re: "UPS costs $1,000"
I guess it should be uW per IOPS (or SI alternative) given that IOPS is I/O per second, and energy per I/O would then be energy/second = power.
Re: "UPS costs $1,000"
Just. It is a Lenovo X3650 M5 Server and a Dell PowerVault MD1220 Storage Array which have PSU rated for 900W+600W = 1500W but allowing a bit of margin for PF not exactly 1.0 you would really be looking at a 2kVA UPS (even though average power is likely a bit lower). Oddly enough the SPC benchmarks have $/IOPS but not pJ/IOPS or equivalent indication of actual power consumption which in this day is likely to factor in to the overall ownership cost as well.
p.s. I guess you missed the joke icon?
Re: No backup, no commiseration.
I thought Dropbox provided snapshots? What went wrong with that?