So has the US dropped the secret court orders and the demands that companies comply and do not reveal that data was requested?
2602 posts • joined 15 Mar 2007
Re: Wrong culprit?
Two reasons I can think of:
1) The design is such a clusterfsck that there is no sane way to fix it short of a major re-write.
2) They won't (or can't) allocate sufficient competent programmer time to fix it.
In either case it is software I don't want to have dealings with.
Not in this case. More generally there is an issue for rockets not wanting to reach too high a speed low down in thick lower atmosphere due to drag (and possible heating) but they ain't getting high enough for that!
Re: a way to make "rm" command safer?
There is "safe-rm" that has a blacklist of "dumb to try deleting" checks on what you ask for, and I think most modern versions of rm need '--no-preserve-root' if you give them '/' as the argument before destroying your OS (to catch mistakes like "rm -rf / tmp/*" where you mistyped, adding space in /tmp/*).
Not just security
It is other safety and practical issues related to the stupid muppets in marketing, etc, deciding that everything must be push-button and app-controllable along with a move away from simple low-risk control approaches. We have in no particular order:
Toyota ECU design faults causing runaway and crashes
Ford recall as "off" button not stopping the engine (WTF was wrong with a switch in the MCU power line? Same question to you Toyota?)
Jaguar door unlocking silly buggers
And on, and on, ...
Re: joules per bit
It could be rising relative to the pJ/bit for processing even if dropping compared to previous interconnect technologies.
I trust myself - mostly - and not a corporation based in another jurisdiction.
But it is less of a concern that malware could create its own protected world, so long as I can create my own protected worlds against malware without
NSA Intel having the key to it, forcing an external network connection to establish it, or ultimately holding my business to ransom by virtue of this key holding.
Is this happening to the Linux drivers (if any) and if so is the code change visible? Makes me glad not to depend upon closed source drivers for most things [*]
However they may feel about rip-off chips, the act of potentially damaging equipment by deliberate actions is one they should be spanked by the courts for. The only honest option, if they must do anything, is simply to put up a warning that the device is counterfeit and to stop using it without fake data and without difficult-to-reverse actions on the hardware.
[*] except video, where crappy driver issues are the norm on both Windows and Linux :(
It should be possible to make an analogue random source using the internal noise of a PN junction and turn that it to a bit stream for the job.
But this should be a separate small chip where the design is fully published and anyone with a tin foil hat and scanning electron microscope (what, you did not get one free with the hat?) can grind off the package top and see the chip below matches the published and validated design exactly.
Only by that route can the suspicion of, for example, Intel's random number instruction be avoided (and the somewhat ignorant discussion about its use with other sources, see http://www.theregister.co.uk/2013/09/10/torvalds_on_rrrand_nsa_gchq/ for more).
Re: Bring your own tinfoil.
The difference here is ISPs would not have to support it, not collect sensitive data (to be spilled like TalkTalk, etc) and not have to increase our bills to provide the gov with data that probably has bugger-all value.
If GCHQ have a limited budget and only cable taps then they have to prioritise what they do, and that probably means setting filters on the real-time taps, etc, to manage data volumes. Also it means the every petty bureaucrat cant go an a fishing expedition against you without going via GCHQ and that kind of raises the bar as I'm sure they have better things to do that field questions about the sort of petty things that most people get in to disputes over.
That is the point, yes we need spy agencies but we also need rules for what they are allowed to do (and that in my view allows for interfering with computers, as that is by nature a targeted activity), and who they are answerable to. What is being proposed is a mass data and power grab by the gov without any meaningful justification.
Re: Why would you do this?
Probably because it was cheap and proven technology at the time the decision was taken to develop the drone. I.e. probably 10 years ago...
Also in most cases the data is not *that* secret as they are looking at "the enemy", and not at their own top secret bases, so probably it was deemed sufficient for that sort of job. After all, they (NSA/GCHQ/etc) can probably track the location of the drone no matter what encryption it uses, so they can guess at what they are looking at and send their own spy drone/satellite to look.
"The WANG that would not die"
Now that is a film I would pay money to see. Even just to brag about the title!
Could this be Paris' first zombie flick?
Just as long as he has not taken any mint sauce flavoured lube...
Re: Slightly moot?
What is that software? Is it really so special there is no on-site alternative?
Re: IN OTHER NEWS
Well he doesn’t want the other wolves to eat them!
"...the use of Word documents with macros becoming more popular in APT attacks"
Why don't they enable the apparmour profile for Word, etc?
Re: The judge should apologize
Actually I go the opposite way - I don't think there should be any media coverage of a pending court case until its over.
Look how Christopher Jefferies was treated in the media over the mere possibility he murdered Joanna Yeates in 2010. After that media frenzy, had he gone to trial instead of Vincent Tabak, just how would you find a jury not prejudiced against him?
That is the point against Hunt. Not the post-trial analysis or recriminations, but the ability to have a jury that may have access to media and ensure they are not biased by tabloid scaremongering?
Modern compilers (at least gcc with -Wall flag) will spot that, and even I think the DOS-era MS C-compiler will complain at highest warning level.
Sadly a lot of C code horrors are covered by compiler warnings or static analysis tools, but are ignored all the same.
Re: rm -rf
I one did that deliberately on a machine I was going to wipe/reinstall anyway just to see how far it would go. Eventually the characters on the desktop went away and the machine halted. Reboot with live CD and nothing - just two in-use directories left. rm had even rm'd itself :)
However, on a more serious "look out" experience I once wanted to change permissions on my own in the hidden .thunderbird and so on directories. So I did this:
chmod -R <settings> .*
Do you see my mistake? Yes, '..' is a match for '.*' so it recursed up a level and then down all other user home directors! Thankfully I was not doing that as root...
Re: social ills
"we should put them to work on solving social ills not playing games"
Given that our social ills are mostly due to deep flaws in human nature, amplified by human interaction, I fear the answer might be Terminator's job...
He has been
poking telling porkies again...
Re: Try doing that on Linux Mint!!
Google docs - easy collaboration and multiple editors of the same doc/spreadsheet/etc.
OK you have to add in Google to that list, but if its not terribly secret it works really well. And on any OS with a decent web browser, which is more than some offerings that favour their own...
I think this used to be a National Semiconductors plant until ~2011 when TI bought them out. Shame to see it go, as not a whole lot else in Greenock to move to :(
Nothing either to do with the shitty Flash-based admin and needs a version a fractional point beyond the last one Adobe supply for Linux, perhaps?
Or the changing command line tools so you go up a version and past stuff won't work as no muppet thought of good backwards comparability?
Or the just-revealed decision to sack the original virtulisation developers and find cheaper alternatives (if at all)?
Re: "..for another 300 years or so.."
In reality the risk from the radiation is small, but people are paranoid about it now compared to, say, the very real risks of death or injury from car use, etc.
For comparison, think of how long it has taken for the forests to grow back after we raided them for fuel and building materials. Oh wait, they haven’t...
Or how long the impact of CO2 from coal, oil and gas will impact on the world?
Re: The men/women thing...
It may not be linearly correlated, but the driving limit is the concentration in your blood, so it ought to related to (at least) your water content or so.
Sadly politicians lying about facts & figures (or being "economical with the truth" as they say in parliament) has become so common that people will simply ignore the guidelines. Pushing harder on binge drinking might have made sense (less A&E trouble, etc) but they probably blew that.
"Managing an app store is hard"
No, managing an app store cheaply is hard.
Having a competent person install, test and review apps for key-word appropriateness is only going to cost a modest amount per app and ought to be covered by the (20% I guess?) overheads MS charge to sell via the store (and from all other Windows-related profits).
Or is "profits at all costs" the motto here?
Re: at least 66.6% of iPhones not possessed by Satan
66.6 the percentage of the Beast
Lollipop was was spawned to be released
opening an unexpected 3rd party XLS file connecting computers for web/email use to critical systems is getting dragged out and shot, yes?
And having key systems on networks without a firewall IP address white-list to reduce the scope for malicious C&C servers?
Re: Competiton Time?
Surely you mean the planet Porno?
And stop calling my Shirley!
(Or planet X, or maybe planet XXX)
Without AMD out 64-bit workloads would have been on Itanium chips (maybe bought a bit more time for Power & SPARC of course).
Now how do you all feel?
Re: "old fashioned and shit to begin"
Exactly, a better screen would be an obvious and on-going benefit to every end user in a way that a few seconds boot time saving would not!
In particular of the software monkeys could properly fix display scaling so older folk and/or those with eyesight problems could easily adjust display size to suit.
Re: Deep joy!
I hear that Juniper Networks supply such firewalls for secure application. Oh wait...
It is high time that the cost of vulnerabilities was put on the manufacturer of the phone (or carrier, if bloatware). Basically, for say 5 years after purchase it has to be supported, and if not patched in a timely manner (say 30 days from notification) they are liable for the costs.
Yes, it would put up the costs of phones slightly, but then we would have a damn sight less trouble over all from them and lower cost than the current "you need a new phone gov" option.
I did wonder about that, as (so far) WhatsApp is advert-free and offered with a small fee. Last night it told me I would not have to pay this ever, so I did ponder on how the system will be paid for.
WhatsApp seems a great system, but not in Facebook's hands I fear.
Re: Less Scary
While simple in theory, its not as if the bad guys have a DNS entry for "botnets-are-us.com" to make it easy. A lot is P2P between compromised machines to obscure the final machines.
Other side of such ISP fiddling is how long before world+dog starts asking for ISP blocks for all sorts of reasons a-la Pirate Bay? Then it impacts on wider freedom and adds a lot to costs to support it.
True about free wifi, but said free wifi links are usually pretty low bandwidth and only on a small percentage of machines. So it might not stop the problem, but would make it a damn sight smaller.
Re: Not invisible
"But a crime might be something I choose to do"
Or quite possibly is something legal in your own country (or a civil case, not criminal) and not in the USA where no doubt they would decide on such action.
Either way, it is a slippery slope to go down. For example, can we then blame MS if they fail to stop botnets DDoS'ing a web site, etc, on the grounds those machines are "under the control of MS"?
Perhaps, just perhaps, we might see some sense returning and people not putting critical systems on relatively unprotected Internet end points?
Or not, if the bean counters continue to rule the roost...
I have no problem with the Ubuntu team getting money from any Amazon searches provided it is done with my explicit consent.
I was rather annoyed by them for doing it be default when you might be searching for stuff on your private machine. Had they simply offered two search boxes, one clearly labelled for the "local machine", and one for "internet & shopping", I reckon most folk would have had no major beef about it.
And how is that different from Facebook?
Re: Not all you need
I have a Fed 4 range-finder my father gave me as a present almost 40 years ago. Last tried it out about 15 years ago with some "colour" IR slide film and it worked! Even the exposure meter was still working (selenium cell, no battery required). Very sharp images even if heavy and a bit fiddly to use.
But modern digital cameras are much lighter and easier to use, and no cost/delay in processing film to see how successful (or not) you photos were.
Cheese eating? - Oui
Surrender monkeys? - Non!
Such a shame we in the UK have such a bunch of
clueless fuckwits technically challenged leaders.
Re: Uber are trying to be two different things
UK London at least we have two different forms of taxi.
Fixed it for you...
One aspect about the various changes in regulation that are mooted is they are stupidly reactionary: they see (picking Uber for argument's sake) the business practice and they try to target that.
What they ought to be doing for everyone's sake is to identify why such regulation ought to exist, and make sure it applies to Uber as for any other taxi company. For example, most people are not in favour of cartels and other "closed shop" arrangements that serve to protect a few, but they are in favour of, for example, making sure that cars and drivers are in fit condition and fully covered by insurance. Simply putting that onus on Uber alone would be a step towards a level playing field.
OK, it may not address all of the issues, for example, to keeping universally available service, but unless that is also explicitly imposed by the existing taxi license holders its a hard sell to argue against Uber on that point. Legislate for social outcomes, not business methods, etc.
They should have gone for good pr0n. Much nicer to keep dreaming about for months afterwards :)
OK, maybe not the S&M sort =>
Re: "Microsoft dishing out free copies of Windows 10 to people hasn't helped..
Most people don't want a new OS, or a new PC, as such: they just think its a way to stop the current one sucking so badly.
Like not putting crap like these things on your corporate LAN? Have another IP range for them without Internet access nor much internal access so only the security desk PC can record/view the cameras?
Oh and while you are at it, partition your network to put printers, etc, that have web servers and other crap that is never patched on to a similar restricted zone...
I noticed that when trying to update a W7 VM a week or so ago, even an hour or two later - no patches apparently downloaded. Gave up and shut the VM down as I only needed it due to the incompetence of VMware management where they need flash 11.5.+ but Adobe only offer 11.2.+ now for Linux.
WTF #1 needing flash for anything
WTF #2 not using a version that is available on most server-room platforms
WTF #3 was added in 11.2 -> 11.5 that mattered?