* Posts by Michael Wojcik

2908 posts • joined 21 Dec 2007

Swots explain how to swat CPU SNITCHES

Michael Wojcik
Silver badge

At least a decade

Yes, security researchers have been looking at side-channel attacks for at least a decade, for very large values of "at least".

Paul Kocher's successful demonstration of timing attacks was 1996.

Wim van Eck's proof-of-concept for EMI interception of a display signal was 1985.

National intelligence services were doing acoustical attacks on relay-based encryption machines in the mid-1950s.

So "at least six decades" would be a fair and more precise statement.

But hey - don't let me stop any of the Reg's resident genius commentators from explaining why this latest bit of research is pie-in-the-sky nonsense with no practical application.

0
0
Michael Wojcik
Silver badge

Decades of security research, including numerous successful side-channel attacks, say you don't know what you're talking about. But thanks for playing.

0
0
Michael Wojcik
Silver badge

Re: 3 days ago saw an application of this attack

This could be a way to find the private key in a "black box" crypto unit where the private key never leaves the unit

Yes, this class of attack has been used against smartcards and the like. Such black-box devices have also been subject to active attacks like the various radiation attacks.

0
0
Michael Wojcik
Silver badge

Re: In terms of doing anything useful

Yup. That's what people always say about side-channel vulnerabilities. Then feasible attacks are demonstrated and the people who asked whether the vulnerability was real slink away.

We saw that happen in the mid-1990s with Kocher's timing attacks, and then again and again with other side channels.

Now, it's true that noisy, low-entropy channels are less generally useful than great big wide ones. They have a greater work factor, which is the definition of increased security (something precious few people seem to understand). But historically even noisy, low-entropy channels have been useful for specific attacks - for example in coaxing them to probabilistically leak sensitive bits, of keys or pseudorandom state or the like, under particular conditions. Then you use that information to narrow down the search space for brute-forcing the target. Whitening helps, but a multitude of side channels makes it difficult to whiten everything.

0
0

Facebook worth more than Portugal? Hell, it's worth a LOT more than THAT

Michael Wojcik
Silver badge

Not everyone hates work

We'd all much prefer being able to consume without having to work

Bullshit. Work - proper work, engaged and constructive labor - is one of the key means of self-actualization and critically important to a satisfactory existence, once more-pressing needs are met. No doubt many people never reach the point of psychological development where they understand that, and many more never have the opportunity to work at a fulfilling job. But among the rest, not all of us are lazy slugs, either.

Time to review your Maslow, Tim. Or Solzhenitsyn's One Day in the Life of Ivan Denisovich.

0
0

Come and Twiddle Tek Gear's one handed keyboard

Michael Wojcik
Silver badge

Re: Voice..

When I'm on a roll, I can touch-type prose text as fast as I can speak it clearly, and I know a number of other people for whom that's true. I have little use for voice input even if the recognition were perfect.

Other users, of course, have other requirements.

0
0

It's 2015 and default creds can brick SOHO routers

Michael Wojcik
Silver badge

Re: It's 2015 and you need to come up with some new headlines

It's 2015 and everything is still terrible, including headlines.

And comments.

0
0
Michael Wojcik
Silver badge

It is all very well, that we deride the use of default password by the manufacturers and that people don't change them, but for most people the router is just another device that is plugged into the wall and turned on, they don't have the first clue about what it does, or that they should "manage" it.

All the SOHO routers I've bought in the past several years have come with "Quick Start" cards and software for Windows and OS X that walks the owner through setup, including changing the goddamned default credentials. Now, no doubt there's a group of people out there who 1) wouldn't be able to figure that out on their own, 2) are running neither Windows nor OS X, and 3) can't follow the alternative browser-based instructions. But that group is kind of small.

I'm not buying this "oh, ordinary folks can't figure out how to change the default creds" bullshit. Manufacturers, for all their faults, have made that pretty fucking easy on a lot of models, from what I've seen. If you can sign up for Twitter or whatever the social-networking flavor of the week is, you can follow a single page of written instructions for configuring your new router.

0
0

Windows 10: The Microsoft rule-o-three holds, THIS time it's looking DECENT

Michael Wojcik
Silver badge

Re: Security?

Listening to the people in my social set -- most of them over 40, most on Win XP, 7, or OSX -- I hear a desire for better OS security, and a stable user experience. Nobody in my set is talking to Siri now, and I doubt they'll talk to Cortana. Most of us use laptops -- nobody cares about a 2-meter screen. Or holograms.

That's my feeling too. If I wanted Cortana, I'd write it myself - I already have the MEMM parser and related bits running under UIMA, and CMU Sphinx is right over there. I do all my real work on a laptop; don't want a huge screen, don't want a tablet, use my phone as a phone. I saw 3D displays at SIGGRAPH in '89, thought they were clever, never wanted to use them myself - and AR even less so.

Certainly there are people who find these various doodads exciting - this forum alone is evidence of that. But they leave me cold.

I'll have to upgrade to Win10 eventually. (IT insist on replacing my laptop every three years if it needs it or not, leading to days of lost productivity as I get everything moved over.) When they foist a Win10 box on me it'll be irritating, just because I'll have to spend a little more time poking around it disabling features I don't want and figuring out how to coax it into working more like my Win7 machine. (Of course the Linux VMs will move over and keep running the same way they always have. Some years back I had to make the switch from ksh to bash but that's about the extent of UI disruption I've ever had to put up with from a *ix OS.) In the end, though, it'll be Just Another Windows. I do as much work as possible with Cygwin and vim and command-line utilities, so once Windows is broken to the saddle they're all largely the same.

0
0

SECRETS of the LOST SCROLLS unlocked by key to HEALTHY BOOBS

Michael Wojcik
Silver badge

Re: Interesting but not really breast scan tech

sticking boobs in what amounts to a vice

The real problem, I think, is sticking them in a vise. Many vices are improved by boobs, and vice versa.

0
0
Michael Wojcik
Silver badge

Re: The Sun

But who could forget that their stuff is in the basket next to doggy-style?

See, this is what you get when UI designers actually pay attention to what users want.

0
0

Alan Turing's LOST NOTEBOOK goes under the hammer

Michael Wojcik
Silver badge

Re: Truing biography

Mathematical notation is created (rarely designed) to express some concept consisely and in a way that helps *the person creating it* thinking about the concept/using it correctly.

There's a nice bit in Beckmann's A History of Pi on this point, where he quotes a Medieval text on geometry that was written without the benefit of that eponymous bit of notation, and instead uses the breezy quantitas, in quam cum multiplicetur diameter, proveniet circumferentia. Put that in your equation and smoke it.

0
0
Michael Wojcik
Silver badge

Re: Typical auction

I found the default font hard to read, too.

0
0
Michael Wojcik
Silver badge

Re: Glad to see Turing had problems with notation!

I used Leibnitz in high school and college, and Heaviside as well in college, but I don't think I ever had a course where we used Newton's notation. I may go look it up just out of curiosity.

Of course, some fields, like linear algebra, seem to spawn new notations all over the place. How many ways are there of writing complex vectors in common use?

Which leads me to ask - does anyone know of a site that's good for answering a "what the hell is that notation supposed to be?" question. I was reading some mathematical paper a couple of years ago - might have been Zadeh's original fuzzy sets paper - and ran into something I don't think I'd ever seen before. Spent a while poking around Wikipedia and Mathworld to no avail.

0
0

Wizard of Oz OFFICIALLY 'most significant movie' EVER, says PNAS

Michael Wojcik
Silver badge

And once again, we have a Reg reader deciding to extrapolate from an off-the-cuff remark in order to decide that someone's research project is useless because of some patently obvious objection that no one else might possibly have considered.

You kids must have been a riot in school.

No one gets a PhD (from an accredited institution, anyway) without learning about serial indexes. No one works in this area without understanding influence studies, citation networks, reputation networks, etc.

0
0
Michael Wojcik
Silver badge

Re: transmogrification of the story

the other wrote a readable book

I don't think I'd call Stranger in a Strange Land any more "readable" than Battlefield Earth. BE is space-opera tripe masquerading as science fiction (and, yes, part of Hubbard's Get Rich Quick scheme, but I don't think that's particularly relevant). The characterization is laughably inept, the plot structure is a series of "oh gosh something happened!" comic-book panels, the imagery and prose are uninspired... but it aims so low that there's something of a rollicking, two-fisted glee to be found in the thing if you can suspend your nausea.

SiaSL, on the other hand, is Heinlein's usual highfalutin' nonsense, full of sophomoric attempts at philosophy and Mary Jane characters having All The Sex (and, in this case, All The Money) and/or grumpily telling lesser mortals to sod off. (And, hey, I appreciate a fellow curmudgeon, but it's a fragile hook to hang a novel from.) The plot structure is his standard "half a plot in a novel-and-a-half", petering out in a series of vignettes halfway through the book. It's the opposite of BE: aims so much higher and falls short, giving us something interesting, but not half so interesting as the author believes.

Neither one aspires to be Midnight's Children, I suppose (at least I hope Heinlein didn't think he was writing the Great American Novel). And neither is the worst thing that author ever published, much less the worst SF has to offer. Conversely, many novels that have some claim to greatness may be very nearly unreadable nonetheless (I'm looking at you, Gravity's Rainbow). But SiaSL has a place in the pantheon that is not, I think, entirely justified.

Also, BE was written 30 years after Hubbard invented Scientology, so to say it "turned into Scientology" is dubious at best. "Advertised Hubbard, and by extension Scientology" would be fair.

0
0
Michael Wojcik
Silver badge

How do they know it's the film or the book that's being referenced?

They're talking about references to films, in other films. Since film is a visual medium, such references generally have a visual component; since that's not present in the book,1 it identifies the film as the primary referent.

Even when there isn't a visual component - for example when someone quotes a line that appears in both the book and the film adaptation - there are often other clues, such as prosodic features of delivery (intonation, pacing, etc). As a synchronous, recorded2 medium, film has both information channels and restrictions that prose doesn't, and those can often be used to demonstrate that the referent is probably another film.

There are entire scholarly disciplines (influence studies, some aspects of textual studies, etc) which have been dealing with this sort of problem for a couple of centuries (in the domain of books; for film obviously it's been somewhat less, but still a good long time).

And in some cases it's simply because the new film refers to some detail that's original to the older film, and not to the book. If I mention "ruby slippers", I'm talking about the film of The Wizard of Oz, and not the novel The Wonderful Wizard of Oz, where the WWotE and then Dorothy are shod in silver shoes. ("There's no place like home" is also the film's invention, &c.)

1Assuming we're not talking about illustrated books, and generally in this context we aren't.

2Assuming we're not talking about animation, and ditto.

0
0

Want a cheap Office-er-riffic tablet? Microsoft Windows takes on Android

Michael Wojcik
Silver badge

Re: It's good to have choice

Google blocking Outlook (as per this article) because their system is "more secure"

OAuth is not "[Google's] system". It's a standard created by Blaine Cook for Twitter and then developed further by others.

Personally, I have no use for OAuth - it solves a problem I don't have, because I'm more careful with my credentials than the people it "helps", and the attacks it addresses aren't in my threat model - and I dislike it for historical reasons. (I used to follow a few people on Twitter in case they posted anything important,1 but when Twitter started mandating OAuth that broke my preferred clients. I find that sort of "security by jackboot" particularly obnoxious.)

But at least Google give you the option of disabling it, which is more than some people (the Twits, again) do.

Oh, and it breaks Thunderbird, too.

I have Thunderbird working with two GMail accounts on another machine. I don't remember offhand if more-recent versions of Thunderbird support OAuth, or if I configured GMail to remove the OAuth restriction, or if I added an OAuth extension to Thunderbird. There were a couple of attempts at OAuth extensions for Thunderbird back when OAuth first came out; they were problematic, but may have since been fixed. Or the support may have been added to the base MUA engine.

1They never did, but the phenomenon isn't unknown, for example during natural disasters.

0
0

2014 in infosec: Spammers sneak small botnets under the wire, Java is dull

Michael Wojcik
Silver badge

Gah

OpenSSL's Heartbleed and Shellshock bugs

Shellshock has nothing to do with OpenSSL.

0
0

Pull up the Windows 10 duvet and pretend Win8 and Vista were BAD DREAMS

Michael Wojcik
Silver badge

Re: It's not difficult you know

Couldn't have it been done with an extension of CMD and more external commands?

No. The cmd language is fundamentally broken. Fixing it would break existing cmd scripts.

or at least add what doesn't fit as an evolution of VBScript?

Well, that's more plausible, particularly since WSH (Windows Scripting Host, which actually runs VBScript scripts) supports multiple languages; at least JScript is implemented, so there's an alternative to VBScript (which I find horrible) in the same engine. And WSH has both CLI and GUI modes. Combine WSH with WMI and it's a plausible admin interface.

Of course, it's still around, as far as I know. Has it been removed from more recent versions of Windows? I know Powershell is the only scripting interface for some tasks (eg some Exchange stuff), but lots of things have stand-alone CLI tools, WMI interfaces, or WSH interfaces.

why the heck did they have to reinvent the wheel like this?

Because every other computer scientist wants to create a programming language. And Powershell's OO model does have some things to recommend it. It's highly parallel with a lot of conventions, so different commands - including the extensions written by third parties - generally support similar options and behaviors. I don't find it viscerally attractive, particularly; I use Cygwin bash as my Windows shell. But I've worked with Powershell and my team has developed some substantial extensions for it, and for actually writing scripts (as opposed to ad hoc twiddling) it has some real strengths.

I mean, I can administer Unix boxes using the same shell I was using 25+ years ago.

Shrug. I can administer Windows boxes using the same shell I was using 25 years ago. Well, it'd be Cygwin bash running in Bourne Shell emulation mode, but close enough.

I never had to re-learn the alphabet like I feel I have to do now with this Powershell crap

Sorry, but that's a feeble objection. Microsoft acknowledged that their existing CLI administrative tools were insufficient. They looked at the problem and decided to fix it properly, with a tool that was robust, consistent, and could handle future requirements cleanly. "I don't wanna learn something new" may be a reason to ignore the result, but it isn't a valid critique of it.

When I started doing AS/400 development in the late '80s I had to learn a system that was nothing like any I had used before - not at all like UNIX or Windows or MS-DOS or VMS or ISPF/TSO on MVS or any of the others. It wasn't much like anything else in the world, except the never-released Future Systems and some aspects of System/3x (which I'd never used). But I sucked it up and learned how to work with it. When a new system comes along you can adapt or you can refuse to do so, but blaming it for being new is childish.

0
0
Michael Wojcik
Silver badge

Re: Have you actually used PowerShell to automate GUI operations?

That would have been NT was the first Windows that ran it's own environment

No, it wouldn't. That was Windows/386, released in 1988. But thanks for playing.

(And it's "its own environment".)

0
0
Michael Wojcik
Silver badge

Re: Have you actually used PowerShell to automate GUI operations?

Call me old-fashioned if you must... but wasn't windows.3.1 really just a GUI nailed onto DOS 6?

Good lord, no. MS-DOS 6 wasn't released until a year after Windows 3.1 went GA.

More importantly, from Windows/386 (a version of Windows 2.1) on, Windows on an 80386 or better-class CPU could run in "386 enhanced" mode. In that mode, Windows had its own protected-mode kernel and ran unprotected apps as Virtual-8086 tasks. DOS was no more than a bootloader.

The idea that Windows NT was the "first Windows OS" is simply wrong. Windows/386 running in 386-enhanced mode was Microsoft's first Windows-based OS. DOS was still present as the bootloader, but once Windows started up it was discarded.

My first job at IBM was working on the largely-forgotten "DOS 4.0 and Windows Kit", and that included working with pre-release Windows/286 and Windows/386. We even had the source code, or a good chunk of it, anyway. It was actually kind of fun in those days, particularly after one of my colleagues wrote a replacement for the "MS-DOS Executive" (the precursor to Windows Explorer) that had enough functionality to be useful. The 'Kit also included some handy apps - an equation editor, a data-graphing package - which made it decently useful for the university undergrads it was aimed at. Never took off, though. And I didn't use it myself, since I had access to proper UNIX workstations and could write my papers in roff.

0
0

NSA: We're in YOUR BOTNET

Michael Wojcik
Silver badge

Re: Gotta love

It's a real pity they didn't do more

Well, I suppose it's a pity they didn't do more of the same quality. But considering there are 14 episodes, with a good variety of plots, highlighting the various characters, and occasionally varying structure (eg Out of Gas), and a good film that resolves the overarching plotline, I think it's a pretty strong package, and I have to wonder if they'd have been able to keep it up.

Even among those 14 episodes there are certainly some I think are stronger than others - I'll take War Stories or the aforementioned Out of Gas anytime over, say, Safe - though they're all watchable.

Serenity (the film, not the pilot episode) gave the series a strong ending. I think I'm just as happy to see it go out that way rather than dwindle into a mess like some do.

0
0

Just WHY is the FBI so sure North Korea hacked Sony? NSA: *BLUSH*

Michael Wojcik
Silver badge

Re: Curious timing

politicians in general and the US of A in particular

While it's true that (nominal) representative democracies require more rhetorical maneuvering than political systems which unabashedly secure power for specific individuals, I don't think the USA holds any special status in this regard. On what grounds do you believe the Commonwealth countries, for example, feature less falsehood among the political class?

In fact, at the Federal level, the separate election of the legislature and executive (as opposed to conjoining them in a parliamentary system), and the de facto two-party arrangement, might conceivably reduce the need for falsehood a bit.

0
0
Michael Wojcik
Silver badge

Re: We know they lie

They understand the principle just fine. They also understand that it has little actual force in the real world. History and psychological experimentation provide ample evidence that audiences are not, in general, strongly conditioned by a history of falsehoods; that the "Big Lie" and other non-logical rhetorical techniques are far more successful at persuading people, in general, than logic and reason; and that a strategic mix of silence, deception, and limited truth (carefully couched) has been very successful in achieving their aims1 and shows no signs of weakening.

For all the ink and breath spent on the subject, I see no signs that the Snowden revelations, for example, have done any significant damage to government intelligence agencies or broadly speaking to the parasitic private industry they contract out to. That doesn't mean those revelations were not useful, but their utility does not appear to include any dismantling or even reduction of the surveillance / police state.

(And the same is true of other, longer-standing efforts in this area, such as Cryptome. John Young may be a class-A curmudgeon,2 but he's been publishing stuff since long before Wikileaks was a gleam in an attention-seeker's eye. Yet still we have steady encroachment on civil liberties and other abuses of power. Ditto Watergate, the Pentagon Papers, etc.)

1First of which is the continued existence and burgeoning budget and power of the intelligence industry, of course.

2And visitor to these hallowed pages under a pseudonym? Perhaps.

0
0
Michael Wojcik
Silver badge

Re: I think it's safe to assume...

Sigh. When will they start teaching critical thinking (and Bayesian reasoning) to these kids?

0
0

Firefox 35 stamps out critical bugs

Michael Wojcik
Silver badge

Re: Have they enabled look like Firefox yet?

Norton since before the Semantic takeover

I hate to quibble over Semantics,1 but it's "Symantec".

1I'm lying, obviously.

1
0

Buggy? Angry? LET IT ALL OUT says Linus Torvalds

Michael Wojcik
Silver badge

Re: There are a lot of unscrupulous people in the world

Most places, if you used the language from your post at work, you wouldn't have a chance to quit; you'd be fired first.

Most places? I find that very hard to believe. Have anything to support that claim?

0
0
Michael Wojcik
Silver badge

Re: No need to be a dick.

Year of the linux desktop? Not while the public face of linux and the internet voices of it's devotees remain so pompous, arrogant and just downright unpleasant...

So true. Why, Windows would never have become popular if Gates and Balmer weren't so damn charismatic. And the Apple OSes also clearly owe their success to the modest charm of Mr Jobs.

Really, I can't think of a single OS that doesn't owe its success to some saintly technical leader.

0
0
Michael Wojcik
Silver badge

How do you think "script kiddies" manage to hack places?

A better question is why do you think your ignorant and trivial argument is interesting?

As Linus noted, and as I and other commentators have mentioned several times in these discussions, the question of responsible disclosure has been publicly and prominently debated for decades. What in the world would make you think that this sort of handwaving observation, even if it were true (and it is not), would be any sort of contribution?

0
0
Michael Wojcik
Silver badge

Re: "on the darknet"

Given we all know what it means,

The premise is false. I have no idea what "darknet" is supposed to mean, beyond "ooh, scary people have network connections".

it is now a good and useful word.

And even if the premise were true, I reject that enthymeme. Common meaning is not sufficient to make a word useful, except in the degenerate sense of "has some possible use". If it doesn't add some novel and productive connotation or rhetorical effect to the vocabulary, why is it useful in any practical sense?

(In this context, "good" is meaningless, so I'll ignore it.)

0
0
Michael Wojcik
Silver badge

The best way to find flaws is to use the methods that should be used in testing in the first place: take part of an API and fire shit at it until it fails in a way you can take advantage of. Twenty years ago this was almost pointless but now you can exercise an interface with several tens of million different bits of crap in a second - a lot easier than reading the source code.

Fuzzing and other forms of black-box testing are certainly important, but there's no justification for calling them the "best way to find flaws". That's simply wrong.

Historically, many important vulnerabilities that were discovered by other means - whether that's reading source code, manipulating multiple documented interfaces, or whatever - could not possibly have been discovered by fuzzing, because they require manipulating multiple vulnerabilities in ways that combinatorial explosion puts far beyond the reach of (pseudo-)random brute force. Tavis Ormandy's #GP Trap Handler exploit for Windows is a good example.

Analytically, it ought to be obvious that there can't be a "best" method of security analysis in any absolute sense, because requirements are situational. If I'm testing the part of my threat model that involves someone breaking into a data center and physically stealing drives, fuzzing APIs isn't going to do me a damn bit of good.

Many people want to condense IT security down to some simple set of rules. Ain't gonna happen. Complicated systems are complicated.

0
0

Alabama tops US teacher-pupil sex league

Michael Wojcik
Silver badge

Re: meh

So we have the subjective idea of an age of consent but in some cases if you are a teacher you are assumed to be more criminal than the rest of the population.

Legislatures pass laws for all sorts of reasons, and laws regarding possibly-criminal sexual conduct are particularly dicey, since people are often reluctant to vote against them. Looking for sweet reason in this area of the law is a particularly perverse exercise.

That said, laws and regulations regarding sexual relations between teachers and students should be based on more than simply the presumption of consent, because there are complicating circumstances. Teachers are in a position of authority, so issues of possible compulsion, harassment, and illegal incentives (eg grades as quid pro quo) have to be considered. Many people also feel that teachers can exert undo influence over more-impressionable students and so consent in those circumstances is questionable anyway. That last leads into a morass of questions in psychology, agency, liberty versus protection, etc; but it hasn't stopped some schools from explicitly referring to it in their regulations, at least.

2
0
Michael Wojcik
Silver badge

Re: meh

I taught at the same university when my wife returned to do a PhD - does that make me a perv ?

I'm not aware of any state laws regarding faculty-student relationships in higher ed, but at every university I've attended or taught at, there are various regulations regarding the subject. They seem to vary quite a bit from school to school but often come down to something like "if the student isn't supervised or evaluated by the faculty member, then you're not automatically in violation, but depending on level of ick we may take a closer look".

When I received my most recent degree, my wife was the Director of Graduate Studies for the granting department. Of course she recused herself from all decisions regarding my progress. (Not that any of them were ever in doubt anyway, all modesty aside.)

0
0
Michael Wojcik
Silver badge

Re: Inanimate objects?

"the victim (the postbox?????) rang the police."

This Internet of Things is getting out of hand.

1
0

Prez Obama snubs UK PM's tough anti-encryption crusade at White House meet

Michael Wojcik
Silver badge

Re: The horse bolted the stable long ago!

As Bruce Schneier famously said, anyone who thinks cryptography is the answer to their problem doesn't understand cryptography and doesn't understand their problem.

That's doubly true for anyone who thinks OTPs and steganography are the answer to their problem.

Cryptography is certainly part of the answers to many problems, defined properly (i.e., the "answer" is in terms of changing the distribution of costs between defender and attacker). And OTPs and steganography are sometimes part of that cryptography part.

But it's wildly ignorant to believe that a cryptographic system with perfect entropy distribution (the OTP or isomorphic equivalents) responds to a threat to broadly restrict cryptographic technology. There's a reason why information-security systems are composed of many protocols, and each protocol built of multiple primitives, cryptographic and otherwise. There are no silver bullets.

0
0

GRENADE! Project Zero pops pin on ANOTHER WINDOWS 0-DAY

Michael Wojcik
Silver badge

Re: GOOGLE AND M$

More Unnecessary Capitalization, PLEASE !

(It's like someone prototyped a kernelsprite with Kanaya and Karkat.)

0
0

REGARD our TINY but POWERFUL LASER, suitable for very SMALL sharks

Michael Wojcik
Silver badge

Moaning Achieved by Stimulating Excitable Readers

1
0

Boffins: It's EASY to make you GRASS YOURSELF UP for crimes you never did

Michael Wojcik
Silver badge

Re: Background

That is certainly one important issue, but it's hardly the only case of coaxed fallacious testimony used systematically to convict innocent people.

The broader issue is insufficiently stringent rules of evidence in various court systems. In the US, at least, there's widespread abuse of "expert" testimony that is often nothing more than outright grift.

0
0
Michael Wojcik
Silver badge

Re: False or inaccurate memories?

Obviously no-one wants to see people guilty of serious offences against the person walk free

That may be obvious, but it's also not true, when the alternatives are considered.

0
0
Michael Wojcik
Silver badge

Best thing you can do is to say nothing and insist on a lawyer.

Yes. This video should be mandatory viewing for all US citizens. First a criminal defense attorney explains why you should never talk to the police without counsel; then a police officer explains why he's right. It's a long video - just short of 50 minutes - but entertaining and well worth the time.

(The officer is George Bruch. I'm not sure who the lawyer is, unfortunately.)

Edit: Just saw Haku posted a link to the same video below. I'll leave my post up because I don't want to leave one of those inscrutable "deleted by the author" notices.

1
0
Michael Wojcik
Silver badge

Re: Remember...

I remember being a student and insisting on such things as facts and proof, as exactly the means by which studying provides any useful result. I was, and am also quite sure of having my mnemonic faculties intact, and I am absolutely sure of the things I did or did not do, For instance I never killed any neighbours pet, set fire to government buildings or shot the prime minister, no matter how badly I wanted to.

Be as absolutely sure as you like. You're still wrong. It is vanishingly unlikely that any human being's "mnemonic faculties [are] intact" in any useful sense. Decades of experimentation have amply established that.

And even before those experiments, we have philosophical ones like Descartes' "Evil Genius", which quite rightly points out that it's impossible to prove that someone hasn't by some means deranged your senses or reasoning faculties.

Are the researchers trying to have us believe that none of what we think is real actually happened, thus paving the way for total denial, and the annihilation of science itself?

Spare us the sophomoric solipsistic anguish, please. The researchers are just confirming prior results about the ease with which false memories can be established, and what rhetorical maneuvers are useful in doing so. Reasonable scientists will adopt a probabilistic outlook as they always have. That can either be frequentist ("the evidence of my senses (in interpreting my instruments) is usually consistent, and the results of my reasoning usually coincides with what others report") or Bayesian ("I'll assign small probabilities to adverse causes such as derangement"), but in either case we Just Get On With It. The lesson here is to be critical, not to throw our hands up in despair. Scientific Epistemology 101.

(This September sure is September.)

0
0
Michael Wojcik
Silver badge

It's quite chilling that this can be done to adults too.

I'd say the "chilling" aspect is that we needed Yet Another Experiment to explain this simple fact of human psychology to people. We have decades of methodologically-sound psychological research showing all the ways in which self-reporting (whether it's confessions, eyewitness testimony, or what have you) is completely untrustworthy. And that includes phenomenologically - no one can trust their own memories worth a damn.

Just read McRaney's blog or books if you want the short version.

And, of course, many of these findings are basically scientific confirmations of what rhetoric scholars have been saying for centuries.

Judicial systems overvalue testimony precisely because it's so easy to suborn. Juries and other audiences overvalue it because it's comforting to believe in a myth of human reliability. I don't see either of those facts changing any time soon.

0
0

FERTILISER DOOM warning! PESKY humans set to WIPE selves out AGAIN

Michael Wojcik
Silver badge

Re: LERN TWO PHUQUEING SPEL!! LOL

You'd have easily won Troll of the Week with this - obviously bogus spelling flame, use of LOL, good-sized catch, etc - but posting anonymously is an automatic disqualification.

0
0
Michael Wojcik
Silver badge

Re: Sounds like a no-brainer to me?

If farmers are using too much - just point it out to them and I'm sure they will stop immediately.

Yes, because never in history have farmers continued to make bad decisions (*cough* Dust Bowl *cough*).

Really, the amount of "noble farmer" idealization going on in this forum is remarkable. And yes, I too have farming family and friends and the odd bit of farming experience myself. Unlike some of you Sons of the Soil, though, I'm also aware of history and capable of critical thinking.

0
0

Sick of these new dot-words? Join the .club – it's the only one challenging .com

Michael Wojcik
Silver badge

Minor error

the best dot-club domain up for auction - wine.club - sold for a healthy an idiotic $140,000

FTFY. HTH. HAND.

0
0

VMware finds new post-paranoia RAM-saving tricks

Michael Wojcik
Silver badge

Re: No win..

I'm fine with secure-by-default. The additional memory consumption is a tax on system administrators who don't pay attention to the default settings and aren't prepared to weigh the cost of disabled TPS versus their threat model.

0
0

Kiss your Glass goodbye: Google mothballs techno-specs (for now)

Michael Wojcik
Silver badge

Part of the Nest division?

The new unit will continue to be headed by current Glass Project leader Ivy Ross, but Ross will in turn report to Tony Fadell, a former Apple exec and CEO of Google's Nest Labs smart thermostat division.

So, a HUD for my home furnace? About time!

Of course it won't really be useful until it's fully integrated with my IoT toaster.

0
0
Michael Wojcik
Silver badge

Re: Metaphor Side Slip

Ah, a level of politeness East Germany could only aspire to. It'd be a paradise on Earth.

I, for one, welcome our new panoptic overlords. We have met the enemy, and he is us, as Walt Kelly said.

(Good lord, I'm practically waxing amanfrommars1 here.)

1
0
Michael Wojcik
Silver badge

Re: the killer app that could've been

Making every attractive lady appear naked by imaging over her clothes with an age & body type appropriate adult industry star would have been a killer app.

I am almost certain we discussed that possibility in these hallowed halls when Glass first came out. I remember thinking, and possibly posting, that it really wouldn't be hard - a little HMM or ANN modeling; some image search; and some transformation, which could be done with physiological rules, a model, or a combination.

"Attractive" is obviously subjective, but it'd be easy enough to only do the overlay if there's a sufficiently-close match. (That wouldn't meet my standards but it'd probably work for anyone unpleasant enough to use such an app.)

It'd be an interesting project if it weren't so vile - but there are analogous ones (show everyone wearing a flannel shirt, so you can pretend you're in the Pacific northwest!) that are less icky.

0
0

Forums