Feeds

* Posts by Michael Wojcik

2352 posts • joined 21 Dec 2007

4K-ing excellent TV is on its way ... in its own sweet time, natch

Michael Wojcik
Bronze badge

Re: Chicken and Egg

@Gene, they did try that, so I called to cancel and the price went back down. Once Netflix came along we canceled the TV service entirely.

Hurrah for you. 'round here, cable is my only choice for reasonably usable Internet service, which I need for work; basic TV is bundled with the network connection, and the incremental cost of extended cable is about what Netflix would cost. And the TV service is less annoying than streaming from Netflix, which1 is far too prone to pausing for buffering.

1On the occasions where someone visiting the house has used their own Netflix account. We had their DVD-by-mail service for a little while, but dropped it because we rarely watched the DVDs.

0
0
Michael Wojcik
Bronze badge

Re: Chicken and Egg

By then, the internet will be standard at 1gbps to the home no doubt

Hey, can I borrow your unicorn?

So, 10 years from now, ubiquity

Not unless there's nothing else available. Frankly, I expect my current set (20-something inch LCD) to still be working, though its possible the no-doubt-crap capacitors in the power supply will have given up the ghost by then. And if it's still working, I'm not replacing it.

1
0
Michael Wojcik
Bronze badge

Re: ...and then you show them

Don't go and press your face against a 4K screen and get over excited: get 3 or 4 metres from one like you would at home

I have rooms in my house where viewers could sit 3-4m from a television screen, but I'll be damned if I'm going to put a TV in one.

In the parlor, where the TV is (the only set in the house), we're 1.5 to 2 meters from the screen. Maybe 2.5m for the furthest comfortable seat with a decent view.

Mind you, I wouldn't buy a 4K set either, regardless of where I'm sitting.

0
0

Microsoft splurges 2½ INSTAGRAMS buying Minecraft maker Mojang

Michael Wojcik
Bronze badge

most popular?

Minecraft is the most popular video game in history, with 100 million downloads

Wikipedia claims 170 million for Tetris, so 100 million isn't even close, if both of those figures are accurate.

1
0
Michael Wojcik
Bronze badge

Re: well...

It is still the only screen sharing software that is usable at all...

Bridgit isn't bad. We find it generally reliable and usable even for widely-distributed teams (we have one daily call with participants from SE Asia, Europe, and N America) - latency is quite good.

I'm on another team that uses Skype similarly, and we see roughly similar performance. Bridgit has more features, so if those are useful to you it's probably worth the additional expense.

1
0

Massachusetts shoots down car dealers' Tesla-busting sueball

Michael Wojcik
Bronze badge

Re: Sounds like a good decision.

Or to put it another way, when all you have is an axe, everything looks like a grindstone.

(Fans of benchmarks may substitute "whetstone".)

0
0

SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn

Michael Wojcik
Bronze badge

Re: I *like* this idea

While I can't comment on the merger in general, other than to say I think it will prove to be a Good Thing, I do want to point out that we (Micro Focus) have been selling COBOL on both Red Hat and SUSE for many years.

0
0

Boffins say they've got Lithium batteries the wrong way around

Michael Wojcik
Bronze badge

Re: Green Prince of Darkness

A) that's barely cogent

I suspect you meant "that's barely coherent". It's not cogent at all - unless you're using "cogent" in the sense of "pertinent", but usually when it's employed that way it's something of a term of (rhetorical) art, where it means not just relevant to the issue at hand but a significant contribution to supporting the writer's thesis. And I think "barely cogent" in that sense gives FSS too much credit.

1
0

Archaeologists and robots on hunt for more Antikythera pieces

Michael Wojcik
Bronze badge

Re: Ancient technology ...

I suspect the Roman empire was responsible for holding back, or even reversing, the development of science and technology over a large part of the 'old world'.

I vaguely recall reading somewhere - perhaps in A History of Pi? my copy is on another continent at the moment, or I'd try to find the passage in question - that the engineers of the much-vaunted Roman aqueducts thought water flow was proportional to the radius of the conduit, rather than to its cross-sectional area1 (neglecting edge effects). The suggestion was that Roman engineering mostly consisted of "I dunno, try making it bigger" rather than actually doing the math.

But I haven't looked into the matter at all myself.

1And thus to the square of the radius.

1
0

Apple's Watch is basically electric perfume

Michael Wojcik
Bronze badge

Re: Surprisingly disappointing (because of a lack of awareness)

But maybe it's just- to me- that gadget fetishism is starting to lose its lustre, or rather, lost it long ago (as did the trend of thinking smartphones are the answer to all the world's problems- something else the article got spot on- geeks and boys' toys technology-fetishists rationalising their obsession as something more grown-up and worthy).

Yes. This hagiography of the smartphone has been prominent for several years in one of my academic fields, digital rhetoric, and has indeed gotten so obnoxious that I started avoiding conference panels where it looked like anyone was going to be talking about the damn things. Disillusionment can't come too soon.

1
0
Michael Wojcik
Bronze badge

Re: Surprisingly disappointing (because of a lack of awareness)

The Apple Watch’s uniqueness and strength, like other Apple products, is its “usability" and "user experience”. Sadly, these terms are meaningless to people who use products that don’t excel in these areas, and so they have no idea of their importance (and also why people love their Apple products so much).

You can't understand what's so great about my cult until you join my cult!

Go sit in the corner with the homeopaths and Scientologists, would you?

4
0

2016: Robo-butlers, flying cars, and Google's internet Terminators hunting SHA-1 SSL certs

Michael Wojcik
Bronze badge

Re: SHA1?

3DES because it still uses DES which has been cracked for a long time

In what sense has "DES ... been cracked for a long time"?

DC and LC against DES are better than brute force in simple complexity but infeasible due to the large number of chosen or known plaintexts required - around 239 for the best attack. The best variant of the Davies-Murphy attack seems to require 245 known plaintexts, so linear cryptography still has the best result, and it's still infeasible.

Any modern competent DES implementation avoids weak and semiweak keys, so forget about those too.

DES is vulnerable to brute-forcing because it has a short key. That's not "cracked"; it's simply reached the end of its design life.

3DES EDE with key mode 2 is weaker than it should be, with an effective key length of around 80 bits. That could be considered "cracked", but it's poor terminology at best. 3DES EDE with key mode 1 has an effective 112-bit key (due to meet-in-the-middle) and again the best known attacks are not feasible, with large computation and memory requirements (plus 232 known plaintexts, which is tough even if you have an oracle).

It's only a matter of time for it to be thoroughly cracked.

While it's true that "attacks only get better", as the saying goes, there's no proof that any better attacks against DES or 3DES will be discovered. DES isn't a group, so the obvious route for a complete break is closed.

What's more likely is that computing power available to well-funded attackers will make 112-bit keys (for symmetric ciphers) unsuitable for medium-term protection of highly valuable data - just as NIST and every other entity in the field has been saying pretty much since the invention of computer cryptography. But again that's not a "crack". It's just a cipher reaching the end of its design lifespan.

And if you're worried about cipher-suite choice for SSL and TLS, far better to worry about the vast number of servers forcing RC4 for performance reasons, since it's possible there are feasible attacks against RC4 as used by HTTPS. The combination of predictable plaintexts (due to HTTP headers) and the ability to get a victim to encode a lot of them (due to Javascript-based attacks and the like) make the plaintext requirements of the RH attack on RC4 much more plausible.

And then you can worry about sites that only support SSLv3, or TLSv1 and so are vulnerable to BEAST, and so on.

1
0

City hidden beneath England's Stonehenge had HUMAN ABATTOIR. And a pub

Michael Wojcik
Bronze badge

Re: Those that do not know History, are doomed to repeat it. (Quite true but....)

The problem with revisionist history in the US is more related to rampant politcal correctness these days.

That's a load of crap. The only "revisionist history" (historiography, actually, but I expect that distinction is lost on those who invoke the "political correctness" bugbear) in the US these days is that being perpetrated on textbooks, largely at the hands of education authorities in Texas; and their concern is to make the historical narrative safe for rich white folks.

1
0
Michael Wojcik
Bronze badge

Re: Forget the 'WHEEL'...

BEER!!!! is the one true marker of a civilizations passage through time.

Generally it's one of the markers of the start of civilization, since it's usually invented when people settle down into an agricultural lifestyle. It requires surplus grain, storage technology, leisure time, and labor specialization; and it provides food preservation, drinking-water purification, and entertainment. Secondary benefits include a form of commodity money (various preliterate cultures paid workers in beer, at least in part, because beer was desirable, divisible, and fungible) and the general pacification of the populace (on the "bread and circus" principle).

Of course, not all early civilizations invented beer, as far as we know. I don't know if there's any evidence that the Cahokians had beer, for example, and since their primary grain (and foodstuff) was maize, it probably wouldn't have been very good beer. But they did have caffeinated beverages, so that's all right.

0
0

Hawking: Higgs boson in a BIG particle punisher could DESTROY UNIVERSE

Michael Wojcik
Bronze badge

Re: Bubble of the true void expanding at the speed of light

Doesn't have to be dark inside the lower-vacuum-state bubble, unless I've missed something. There will still be elementary particles and photons, and probably eventually atoms, though they'll have different properties due to changes in shell energies and the like.

Also, I don't see why a metastable Higgs would necessarily cause collapse to zero vacuum energy. Surely there could be local minima between our current state and zero?

But this really isn't my area, so I may be wildly incorrect.

0
0
Michael Wojcik
Bronze badge

Re: Surely

Fortunately I have just filed for the patent on this, and I refuse to license it except to people who promise not to destroy the universe.

1
0
Michael Wojcik
Bronze badge

I might be wrong, but to produce a metastable Higgs, I believe you'd need a particle collision at that energy level, not just some random particles whizzing away from a supernova.

If 1020eV particles are relatively scarce, and mostly happen Out There, then collisions are relatively improbable and so will happen only infrequently. If the probability of producing a metastable Higgs from such a collision is also low1, then false vacuum collapse may simply not have happened yet in our Hubble volume.

It might have happened innumerable times outside our Hubble volume - we'll never know.

As others have pointed out, it might also have happened within our Hubble volume and simply not reached us yet. (I've seen sources that claim the expansion of the lower-vacuum-state bubble happens a bit slower than the speed of light, for some reason I can't recall; and if that's true we will be able to see its effects, though probably only briefly.)

Since the universe apparently still exists I'm going to go out on a limb and say either something was lost in translation or this isn't much of a threat.

The key word there is "apparently". All we can go on is what we perceive, and we very likely don't perceive more than a very small part of the universe.2

But it's not worth worrying about false vacuum collapse, for the simple reason that you can't do a damn thing about it before it happens, and you won't care afterward.

1I have no idea what the speculation on this topic says, and I can't be bothered to look it up, since I'm in no position to vet the material I find.

2It's unprovable whether there's anything outside our Hubble volume, for reasons that should be obvious, so this remains forever a cosmological hypothesis. Of course per the epistemological scandal so does everything else, ultimately.

0
0
Michael Wojcik
Bronze badge

Re: Intrigued

how would one calculate the velocity needed for a grain of sand to destroy a planet?

The simplest way is to ask Randall Munroe. He's an expert on doomsday mathematics.

0
0

You can thank Brit funnyman John Oliver for fixing US broadband policy, beams Netflix

Michael Wojcik
Bronze badge

Re: the real problem

Well, if you're going to throttle my streaming in favor of VoIP packets, then I'm just going to have to find a way to use VoIP to stream my data

I don't think you understand Quality of Service. Prioritization doesn't mean "VoIP wins and your torrents of pirated movies lose". It means (in principle) that the carriers apply different rules to packets according to the needs of their applications.

VoIP mostly needs low latency. It doesn't need a lot of bandwidth, and it doesn't need reliable delivery - in fact, you want to discard anything that's been delayed too long.

That makes it really bad for tunneling large file transfers or video streams.

Now, of course the Net Neutrality Brigade insists that if ISPs aren't required to treat every packet as sacred, they will perpetrate all sorts of evils upon the poor defenseless Internet users. And no doubt that in an environment where they often have local monopolies or duopolies, if there is no regulation at all, many will engage in bad behavior - that's what big companies do - such as favoring their own profit centers over those of third parties. But that doesn't mean the QoS baby needs to be thrown out with the unfair-practices dingo bathwater.

1
0
Michael Wojcik
Bronze badge

Re: the real problem

That means that if one of those ISPs was to try making Netflix slow in order to try to shake them down for more cash, the ISP would lose their customers to competitors that offer a better Netflix performance.

That ISP would gain me as a customer. If I could get an ISP around here that blocked Netflix entirely I'd do it.

0
0

Google recommends pronounceable passwords

Michael Wojcik
Bronze badge

I'm not sure what "false premise" Graham Dawson is complaining about (Graham, care to elaborate?), but I agree Schneier's comment about the XKCD method is rather glib:

Modern password crackers combine different words from their dictionaries ... This is why the oft-cited XKCD scheme for generating passwords -- string together individual words like "correcthorsebatterystaple" -- is no longer good advice. The password crackers are on to this trick.

But of course "on to this trick" isn't an objection in and of itself, because of Kerckhoff's Principle: attackers shouldn't be able to determine the password1 even if they know what method you use to create it.

I keep a randomized word list that contains a bit under 100,000 words. Four words drawn at random from that list gives me close to 1020 possible combinations. So attackers can test on the order of 107 ("eight million per second", again from Schenier) to 1010 (supposing a cluster of 1000 such machines)? That still leaves them with, on average, a job that will finish in 5x109 seconds or so. It's a risk I'm willing to run.

Let's say that consciously or unconsciously I actually decline to pick any of 90% of the words in my dictionary, and attackers have exactly the same dictionary to work with. Now I'm down to 1016 possibilities, and the super-attacker with a 1000-machine cluster only needs around 500,000 seconds to determine my password. Why, that's less than a week! What a terrific use of resources by that attacker, in this extremely unlikely scenario.

And, of course, after picking my words I tweak the passphrase a bit, just to add a little to the number of permutations an attacker has to try, and to satisfy ill-conceived "password strength" filters. And perhaps I use five words rather than four. And so on.

Attackers are free to "combine words from their dictionaries" to create candidates for my passphrase preimages. Combinatorial explosion is overwhelmingly still in my favor.

Sure, if you pick from, say, the 100 most common English nouns and the 100 most common English adjectives (a dictionary which, incidentally, misses all four words in "correct horse battery staple"), you're working from a relatively small entropy pool; there are only 2004 possibilities (or 200P4, about 3% less, if you don't allow a word to appear more than once). Even with the measly 8-per-second machine someone could crack that in a second or two, if they have the same dictionary. But increase your dictionary to 1000 words and pick five of them, and you're back to several days' work effort even for a dedicated attacker with a cluster.

It's worth reading the comments to Bruce's post. Many people take exception to his critique of Randall's method.

Of course, it's also worth noting that what Bruce says is the "XKCD scheme ... is no longer good advice". A lot depends on how large the dictionary is, and even more importantly how words are chosen from it. Some people suggest that Randall's scheme (at least as typical users understand it) involves the user trying to think of four random words that can then be visualized. You really want a stronger randomization process - building a dictionary of "words the typical user is likely to be able to visualize" isn't trivial, but it's still a heuristic an attacker could use to prune the dictionary. (And given sufficient input in the form of known passphrases of this type, it would be trivial to train an HMM or similar algorithm to rank words.)

1Or, better, passphrase.

0
0

New Star Wars movie plot details leak, violate common sense and laws of physics

Michael Wojcik
Bronze badge

Couldn't be bothered to watch any other one - did I miss something?

I too couldn't face Episode II - Send in the Clones or Episode III - The End of this Shit (I believe those are the correct titles) after the dreadful Episode I. But I did watch Red Letter Media's analysis of Episode III, which is even longer than the film but, according to many, far more entertaining and interesting.

0
0
Michael Wojcik
Bronze badge

Re: Stormtrooper turned good guy?.

Reference to 'nuking Hiroshima' is more than a little tasteless at this time of the year.

But would be super appropriate at Christmas?

Also, do learn how the Reg's comment-threading system works, and why quoting the relevant part of the post you're commenting on is a good idea. Particularly if you feel compelled to respond to a dozen posts in a single thread.

0
0

Jimbo tells Wikipedians: You CAN'T vote to disable 'key software features'

Michael Wojcik
Bronze badge

Re: There's a simple solution - fork Wikipedia

The fact is that out of its 5 million pages the number of pages that are actually susceptible to copyright are few and far between

That "fact" is not established by a handful of examples. You'll have to do better than that if you want to be convincing.

And even if your purported "fact" is true, it doesn't support your original claim ("its [sic] probably only the hoaxes that are copyrightable"), which is prima facie a load of crap.

0
0
Michael Wojcik
Bronze badge

Re: Cant Google take it over?

Why have a duopoly when you can make it a monopoly, eh?

0
0
Michael Wojcik
Bronze badge

Re: El Reg got it right

Isn't it interesting, when it is pointed out that the Emperor has no clothes, that said Emperor can only respond by an ad hominem retort.

I agree with the sentiment, but I have to put on my rhetorician hat1 for a moment and note that the quoted phrase is not argumentum ad hominem. Had Wales said, for example, "Everything Orlowski writes is sheer unmitigated bullshit" we'd have an ad hominem enthymeme2,3, but as it stands his statement is simple pathos (appeal to emotion). It would be a stretch to infer any logos in it at all, so it can't be a logical fallacy.

In context, of course, it might be full-fledged ad hominem.

1It's a Scala.

2An enthymeme in both the logical sense (an incomplete syllogism, with one premise and/or the conclusion assumed) and in the rhetorical (an imprecise or general syllogism, as in a rule of thumb).

3Such a construct would probably also be part of ethos, i.e. argument based on the character of the speaker. Argumentum ad hominem often is, though sometimes it's simply part of a more general argumentum ad populum - rabble-rousing.

1
0
Michael Wojcik
Bronze badge

Re: There's a simple solution - fork Wikipedia

Of course that presupposes that anything on wp is copyrightable facts aren't and I doubt the spelling and grammar corrections of the plagiarisms are either

That's not how copyright works, at least not in the US. Copyright doesn't apply to "facts"; it applies to the textual, visual, audible, or other representations of content, which may or may not include facts. Written material which is primarily factual in content is eligible for copyright, and indeed copyright attaches as soon as it is written.

"Spelling and grammar corrections" are a gray area, since they may fall under fair use. The usual tests would apply.

1
0

CNN 'tech analyst' on NAKED CELEBS: WHO IS this mystery '4chan' PERSON?

Michael Wojcik
Bronze badge

I don't even question the stuff on Bones - it's so fantastical that it just registers as sci-fi on my scale.

Agreed, but sometimes it's painful even then, like the bit a couple years back where the wizard ("hacker") used his magic powers ("hacking skills") to infect some system through RFID stickers on library books. Ow.

A recent episode of Major Crimes on the other hand... They physically took some servers and their tech geek says this: "The data will still be intact, but you're gonna need some help getting through their firewalls."

Yes, that one still stings too. And usually Major Crimes avoids the IT stuff entirely, which makes it one of the more-watchable procedurals in my book.

0
0
Michael Wojcik
Bronze badge

What gives you any confidence that they're any more accurate in areas you don't know about?

Why, the Gell-Mann Amnesia Effect, of course.

Personally, I find the GMAE bites the hardest while watching police procedurals, which these days do so love the Stupid Computer Tricks. They're obviously just magic that the writers appeal to whenever they can't, or can't be bothered to, figure out a sensible way to advance the plot. Procedurals that pretend to be about forensic science are the worst - Fox's Bones is a particular offender.

But then I never watch TV news, so I'm spared the sort of thing described in the article. I read the newspaper and other sources, but they rarely do interviews so at least I needn't witness the grim spectacle of some self-professed expert making idiotic pronouncements.

(Except when the expert is me, of course. And I enjoy that.)

1
0

Kill queues for fast data centres: MIT boffins

Michael Wojcik
Bronze badge

Re: Circuit switched data

It's a hybrid of (virtual) circuit-switching and packet-switching, because the circuit can potentially be different for each packet on a connection. The point is centralizing the packet-switching decisions to take advantage of more information about the network state.

If the arbiter can keep up, there's a potential gain because that additional information can be used to reclaim some inefficiencies caused by distributed routing (and, as other people have noted, potentially to provide other features such as QoS). Whether it's useful in practice is another question; clearly the authors claim it is, in the particular environment they studied, but obviously generalizing from that result would be suspect.

0
0

Video: Dyson unveils ROBOTIC TANK that hoovers while you're out

Michael Wojcik
Bronze badge

Wakes up at 6am every day, trundles around a carpeted room for 2 hours and genuinely keeps the carpets clean.

In two hours or thereabouts I can vacuum every room in my house (~2300 ft2, 215 m2), and get a bit of exercise in the process. I honestly don't see the benefit of one of these robot-vacuum things.

0
0

Ballmer PERSONALLY wrote Windows' Blue Screen of Death text

Michael Wojcik
Bronze badge

Re: not the BDOD

Yes. And the article's not too accurate about Ctrl-Alt-Del, either.

In Windows NT and its descendants, Ctrl-Alt-Del is the Secure Attention Key sequence, which is rather a different thing than the warm-boot trigger it was in the original IBM PC BIOS (and thus under OSes that didn't intercept it), or the interrupt-the-application functionality (a bit like the SysReq function for IBM 3270s and the like) it had in Windows 3.x / 9x / ME.

The Windows SAK handler did offer an option to reboot, but its primary purpose was to present the logon UI. Using a SAK for that purpose had been considered a good security practice for years, since it prevents unprivileged applications from spoofing the logon (aka login, etc) prompt. Some UNIX variants (e.g. AIX, at least from 3.1) supported it as an option on the tty stack, but IME it was rarely used there.

4
0
Michael Wojcik
Bronze badge

Or Tandy TRS-80 level 1 BASIC of which "The only error messages were: "WHAT?" for syntax errors, "HOW?" for arithmetic errors such as division by zero, and "SORRY" for out of memory errors."

They really needed to add a "WHY?". It could be displayed whenever the machine was feeling recalcitrant. More languages should take their cues from INTERCAL.

0
0

Nevada to host Tesla gigafactory: reports

Michael Wojcik
Bronze badge

Re: The Future is... finally... here.

I know, I know. Ignore the trolls. But: the internal-combustion gasoline engine is a perfectly serviceable tool which will remain the best one suited for certain jobs for a long time yet. Ditto the diesel engine, turbines, &c.

I'd much rather have a diesel-electric or propane-electric (turbine or IC) car than an all-battery-electric one. The vast majority of the miles I drive are long trips.

2
0
Michael Wojcik
Bronze badge

Re: More power to them..

I thought the plan was more power (storage) to their customers, more money to them.

Not that I have any problem with that. We could use some incremental improvement in battery technology and economies-of-scale cost savings.

1
0

Good luck with Project Wing, Google. This drone moonshot is NEVER going to happen

Michael Wojcik
Bronze badge

Re: The task is impossible

Which are more tiresome - those who insist that something is impossible, or the sophomores who always contradict them with this particular argumentum ad verecundiam?

1
0
Michael Wojcik
Bronze badge

Re: Why?

They can then provide a delivery service to others for a huge fee.

No, they can't, because existing delivery services don't charge huge fees. There's nothing about magic drone delivery that makes it significantly more valuable than what postal services / shipping companies / couriers now provide.

0
0
Michael Wojcik
Bronze badge

Re: And the other side of the story?

Chris, as a journalist I take it you have asked Google how they intend to go about those various questions you raise.

AC, may I suggest that, as a reader, you investigate the concept of the "editorial"?

2
0
Michael Wojcik
Bronze badge

Re: Argument from personal incredulity

I, personally, guarantee that all the technical problems can be solved.

What a peculiar thing to claim. What do we get if one or more of the problems turns out to be intractable?

2
0
Michael Wojcik
Bronze badge

Re: I would like 1 bag of skittles

Good lord. It's like no Reg readers have ever read RISKS.

Detecting power lines isn't difficult? Against a contrasting background in good lighting, perhaps - but I wouldn't want to see an automated drone try to find its way around the airspace near my house under any conditions.

Like some others here, I suspect this is just Google looking for another excuse to gather information.

2
1

TRANSMUTATION claims US LENR company

Michael Wojcik
Bronze badge

So if Photons don't have mass, then why are they bent towards a black hole?

(They don't have rest mass. But that distinction isn't really relevant to your question.)

I'm sure this has been asked and answered in any number of Reg comment forums for stories like this one, but the short version is that photons follow the curvature of spacetime, This operates just as predicted by general relativity, as has been demonstrated by e.g. the Pound-Rebka experiment.

1
0

If you think 3D printing is just firing blanks, just you wait

Michael Wojcik
Bronze badge

Re: The File

I don't make claims that I will be able to print a working suspension bridge or anything 'structural' any time soon

For me, I fear it would have to be strandbeeste or nothing. What more noble purpose could a 3D printer serve?

1
0

Mozilla's 'Tiles' ads debut in new Firefox nightlies

Michael Wojcik
Bronze badge

Re: Public key pinning?

It's not the public key that's "pinned"; it's the server certificate.

There are a couple forms of pinning (that I'm aware of). Sometimes an application - that would be the HTTP User Agent1 in this case - has built-in rules for certain domains. When a server presents a certificate for one of those domains2, the UA takes an additional validation step3 of confirming that the issuer4 matches the hard-coded rule. Google does this with Chrome, so that Chrome will not accept a certificate for any google.com domain that's not been signed by the appropriate root. It doesn't permit the whole set of trusted signers for that purpose.

In the other form of pinning, the first time a client connects to a server and validates the received server certificate, it makes a record of who signed that certificate, and subsequently rejects (or raises an alert) if it gets a new certificate for that server that was issued by someone else. The idea there is to make it harder to mount a MITM attack because the attack has to be in place the first time the client connects to that server. There are various problems (as should be obvious), and it's really mostly useful for users who are comfortable with SSL/TLS PKI5, but it's potentially a useful defense.

1"Browser", for the noobs.

2That is, a certificate that claims to identify an entity that matches one of these rules, whether that's determined by subject DN or subjAltName extension or whatever.

3In addition to all the other ones: signature check, validity-dates check, CRL/OCSP check, blah blah blah.

4That is, the signing entity - a CA or intermediary signing certificate.

5That is, almost no one.

1
0
Michael Wojcik
Bronze badge

This Sponsored Tiles idea is *so* bad that we will see large-scale adoption of IceWeasel.

I very much doubt that. People love to complain about changes to Firefox - I've done it more than once myself - but few bother to switch. I haven't; I just beat it about the head and shoulders with extensions until I get something that's more or less what I want, and then I get on to doing other things. The benefits of switching to one of the FF forks aren't compelling enough to get me to spend half an hour downloading and installing it.

Though I've had tiles disabled since they first appear, because I find them obnoxious and unnecessary, so this particular change doesn't bother me.

1
0

TROLL SLAYER Google grabs $1.3 MEEELLION in patent counter-suit

Michael Wojcik
Bronze badge

Re: 'Trolls' aren't the problem

The whole idea that patent owners MUST actually produce something or else loose their claim is ludicrous

Yes, as some of us have pointed out more than once. Doesn't help, though.

0
0
Michael Wojcik
Bronze badge

Re: Legal term?

Pay me, and I will ensure my writing is unambiguous, grammatically correct, and fully fact-checked.

Since one of those three qualities is meaningless and the other two impossible, I suspect your rate would be rather high.

1
0

IBM: OK, Watson, you've won Jeopardy. Now, CURE CANCER

Michael Wojcik
Bronze badge

Exactly. The story here is not "Watson is doing a better job (than a human would do) of analyzing this corpus". It's "Watson is doing a different job". The ramifications, and value, of that are pretty self-evident to anyone who has experience with both scientific research and natural language processing.

The machine processes the corpus and finds hidden correlations. Human judges then examine that result set to determine which ones are worth further investigation. The machine isn't replacing human researchers, and this form of research doesn't replace existing forms. It's supplemental.

So expect to see this sort of research leading to a number of new and useful treatments. It's particularly likely to be useful for rarer forms that have relatively long morbidities, because those are under-studied (since pharmaceutical money follows the big case-loads) and there's more opportunity for detection and intervention.

That said, "cure cancer" unfortunately is a fantasy. It's not even a particularly meaningful phrase. "Cancer" is a catch-all for a vast array of conditions where for any of a large number of complicated reasons cytogenesis outstrips apoptosis. Cancer is a symptom of a body out of equilibrium; it's a fall from a thermodynamic state of grace. When it happens we try to push and prod things back into position, sometimes with great success; but short of magical technology (e.g. nanobots that continuously monitor and intelligently intervene in cellular processes) it won't be "cured" in any general sense.

But hey, like most everyone else I'm happy to see any progress on this front.

1
0

Reg man looks through a Glass, darkly: Google's toy ploy or killer tech specs?

Michael Wojcik
Bronze badge

Re: Well, no I'm not in favour of thumping people as a general rule but.......

"This is what someone who does not remove their Google Glasses is doing."

Seriously?

Nah. Being hipsters, they'll be doing it ironically.

1
0
Michael Wojcik
Bronze badge

Re: Let's see...

I'll be doing brain surgery in less than a week.

So? I can do brain surgery now, and I don't even have Glass.1

1Desired patient outcome may not occur.

1
0
Michael Wojcik
Bronze badge

Re: Let's see...

I can think of ALOT of uses for glass

I can think of one: it could notice when someone types "ALOT" and inform them that the Alot is better than you at everything.

0
0