* Posts by Yes Me

389 posts • joined 11 Jan 2008

Page:

Chat about Safe Harbour all you like, the NSA's still the stumbling block

Yes Me
Bronze badge
Holmes

US hosted data

> If they do this openly, just imagine what they do with your US hosted data.

Actually customs officers in many countries can demand passwords; they have very strong powers. I'd say that this is a risk that most companies have learned to accept (or else issue special sanitised laptops for international travel). And data hosted in another country (not just the US) is subject to whatever that country's intelligence services are allowed to do. That's an intrinsic risk of cloud computing, and it's short-sighted to only point at the US risks. There are numerous countries that require equipment vendors to provide back doors.

5
1

ICANN further implicated in .Africa controversy

Yes Me
Bronze badge
Megaphone

All so predictable

The gory details weren't predictable, of course, but ICANN richly deserves every moment of stress and annoyance that this causes them. Opening up the gTLD space was known to be madness from the start; warnings not to do so have been ignored over the last 15 years; and now the madness is coming home to roost. .africa, .market both in the news today, .sucks recently, and so on. "Here be dragons" we told them, and now they know what we meant. Only the lawyers are happy.

4
0

Snowden to the IETF: Please make an internet for users, not the spies

Yes Me
Bronze badge

IPv6 privacy

Tom, you are out of date. IPv6 privacy addresses solved this weakness years ago (and have been the default on Windows for years). There are new IETF recommendations in this area too, post-Snowden.

https://datatracker.ietf.org/doc/rfc3041/

http://datatracker.ietf.org/doc/rfc7217/

http://datatracker.ietf.org/doc/draft-ietf-6man-ipv6-address-generation-privacy/

http://datatracker.ietf.org/doc/draft-ietf-6man-default-iids/

2
1

GOOGLE GMAIL ATE MY LINUX: Gobbled email enrages Torvalds

Yes Me
Bronze badge

DMARC, not DKIM

It's DMARC that's to blame (being a broken solution). DKIM itself is fine.

It's also the obnoxious "conversation view" I suspect. Switch that off and only the actual spam ends up in the spam box. I probably get less mail than Linus, but I do get 100 or more per day on gmail, and the false positives are rare. But come on, if you care about this, you need to eyeball the spam folder a couple of times a week. I see less than 1% false positives and they are almost all from [email protected] via mailing lists, and caused by DMARC.

5
1

Tuesday, Wednesday break my heart. Thursday doesn't even start. Friday I'm in .love

Yes Me
Bronze badge
WTF?

Still puzzled

So has anybody ever explained why any of this is a good idea for anybody except for the moneysucking bottomfeeders (or the other way round) that set up the new registries?

2
0

AARNet warns of 'draconian overreach' in telco regulation

Yes Me
Bronze badge
Unhappy

Only obeying orders

The idiotic laws passed in NZ and proposed in AU are just a matter of following instructions from 5 Eyes HQ in Virginia. Shame they are incompatible with the latest US technology...

REANNZ was disappointingly spineless over SDN. They should have simply told GCSB to see them in court. Let's hope AARNET and Aussie universities show more courage.

3
0

'Save the teachers!' 184 cryptologists send Oz Govt cleartext petition

Yes Me
Bronze badge

compelling argument?

It becomes compelling if you add "...and without enough well-trained cryptographers they will throw us out of Five Eyes." After all, this whole law is about toadying up to the NSA.

2
0

How many top-level domains are there now? 300? 500? No, it's 1,000

Yes Me
Bronze badge

Re: let $185,000 bloom

This stupidity is the last thing Jon wanted and the suggestion that he would have wanted it is a bit of an insult to his memory. Jon was a member of the IAB at the time when the IAB wrote to the White House prior to the creation of ICANN, saying among other things:

"On the other hand, a very large increase in the total number of gTLDs

(say to thousands) would lead us into technically unknown territory."

[Source: http://www.ietf.org/mail-archive/web/ietf/current/msg04154.html]

1
0

IETF doc proposes fix to stop descent into data centre 'address hell'

Yes Me
Bronze badge
WTF?

NOT an IETF document

So why did El Reg choose to give free PR to this particular piece of non-standard stuff as compared to all the other non-standard stuff in the universe? Somebody made a phone call or two?

Like it says at the front of the document: it's an Independent Submissions document, *not* from the IETF, and the IETF steering group says "the problems described in RFC 6820 can already be addressed through the simple combination of existing standardized or other published techniques." In other words, SARP is pointless.

1
0

ICANN running the global internet? It's gonna be OK, it's gonna be OK, US Congress told

Yes Me
Bronze badge

"What has ICANN done wrong?"

That isn't quite the point. The point is *if* ICANN does wrong in the future, who will reprimand them? Today, the answer is "the US government". Things need to be set up so that tomorrow, the answer is "the users of ICANN services". And it needs to be clear legally that, if ICANN doesn't correct its errors, the users can indeed walk away with their fingers in the air. That is already clearly the case for the protocol paremeters community (the IETF) and for the IP address community (the Regional Internet Registries) but not so clear for the DNS community. Hence the delayed schedule for the transition.

"...the new top level domains. But those don't hurt anyone." Are you sure about that? Since the new domains allow their registrars to extract money that was not previously extracted from content providers, those providers are hurt. Just look at the .london con trick; utterly pointless, but it extracts ££ from the marks.

2
0

Security gurus deliver coup de grace to US govt's encryption backdoor demands

Yes Me
Bronze badge

undetectable threats

AC asked "How do you tell your citizens that they are under perpetual existential threat from rogue, undetectable threats and there's sod all they can do about them?"

That has been true for every human being since before we were human beings. Understanding that fact has been part of the human rite of passage from child to adult for 200,000 years or so. But you're right in the sense that attempting to weaken crypto is a massive act of CYA on the part of the governments concerned. As has been argued for 20+ years, any serious bad actors will not tolerate weakened crypto anyway, so they will use something from another source.

0
0

TPP partners plot milder copyright takedown rules

Yes Me
Bronze badge
Unhappy

...the ridiculously secret nature of the whole thing

Indeed. The rumour that one aspect is not quite as bad as previously rumoured really doesn't help that much.

http://www.newyorker.com/news/daily-comment/why-does-obama-want-the-trans-pacific-partnership-so-badly is really good reading on this. If as rumoured it contains investor-state dispute settlement provisions (companies can sue governments over hypothetically lost profits) it will be truly awful for consumers.

2
0

Australian government mulls secret terror court proposals

Yes Me
Bronze badge

Secret courts have worked well in the USA, North Korea, and so on, so it seems like a well-proven solution, doesn't it?

Wording that could be construed to make SDN impractical has also been legislated in NZ, and has had a chilling effect (because it's hard to file a revised network plan and get it OK'ed before each SDN command message is sent).

0
0

ICANN's leaving the nest, so when will it grow up?

Yes Me
Bronze badge

NGO

AC#1, you said 'It'll be a California based "NGO" controlled by the US Government by means of California "law" and US federal "law" including "secret" "courts" and "secret" letters and suchlike.'

If you actually read the names community proposal, it would be a California Public Benefit Corporation controlled by ICANN itself, after the end of ICANN's government contract. But this proposal isn't agreed by any means yet. As for the FISA court and National Security Letters, yep, they're kind of hard to get away from, although since IANA publishes contact data for all registrations, I don't quite know what would be subject to a FISA warrant or an NSL.

In case you wonder, I greatly dislike the fact that IANA lives under US jurisdiction, but that's life.

0
0
Yes Me
Bronze badge

Hmm. Can we detect some personal skin in the game in this article? And the game is not over yet on ICANN's accountability post-transition, and the transition is still a year away. In fact, the game is *far* from over. The ball is in the ICG's court.

https://www.ianacg.org/

Also, I don't think ICANN is behaving like a teenager. I think it's behaving like a greedy child, and it listens far too much to even more greedy corporate adults.

2
0

MAC address privacy inches towards standardisation

Yes Me
Bronze badge

Re: IPv6 addresses

" geo tracking built into every IPv6 address"????

No such thing. I don't know where you got that from. The routing prefix is normally 64 bits and that is topological, of course, like an IPv4 address, so it serves for rough geolocation. The interface ID is normally 64 bits too, and the latest IETF recommendation is that it should be pseudo-random and with a reasonably short lifetime. How short depends on how much pervasive surveillance you're willing to accept. Enterprise networks that allow BYO are going to have to get used to this, and the spooks are no doubt frothing at the mouth. (Well, not so much, because mainly they rely on application layer metadata, but if you want to know which machine in a cybercafe somebody used at a certain time, a pseudo-random MAC address and interface ID will make your job harder.)

2
1

It begins: Time Warner Cable first ISP accused of breaking America's net neutrality rules

Yes Me
Bronze badge

Re: Yes

How little you understand. What TWC is doing is charging money to people who use the network capacity that TWC is paying for. TWC is not a charity, to my knowledge.

Net neutrality is about unfair discrimination, not about fees for service.

0
1

OK, forget DNS for a sec. Why not shift IP addresses and protocols away from Uncle Sam?

Yes Me
Bronze badge
WTF?

Oh, and there's more...

"The IETF is even less attached to ICANN. It shares a "supplemental agreement" with IANA/ICANN that it can walk away with at any time with 30 days' notice."

Rubbish. Firstly, it's an MoU (signed in March 2000) and secondly the notice period is 6 months.

"Wilson's plan for a staggered IANA transition has, somewhat expectedly, been warmly welcomed by the numbers and protocols community, ..."

Rubbish. It hasn't even been discussed in the protocols community (i.e. the IETF's IANAPLAN working group.)

1
0
Yes Me
Bronze badge

Excuse me but...

...Paul has no standing to comment on protocol parameter matters. That's the IETF's job and the IETF has spoken.

https://tools.ietf.org/html/draft-ietf-ianaplan-icg-response-09

0
1

Trans-Pacific Partnership stalled says Australian trade minister

Yes Me
Bronze badge
Joke

Re: Why?

"... the captain will stand proudly on the poop deck."

How appropriate.

0
0

Wikipedia to go all HTTPS, all the time

Yes Me
Bronze badge
Meh

Re: Everybody's doing it ...

All the information on Wikipedia, like all the information on El Reg, is freely available to the public. So you have to ask very carefully what is gained by encrypting the payload. It's well established that traffic analysis works quite well on HTTPS headers. if you doubt that, see https://arxiv.org/pdf/1403.0297. A user under a repressive regime can't conceal very much of what they're doing at all by preferring HTTPS. For a quite passionate debate on this, look at the thread starting at http://www.ietf.org/mail-archive/web/ietf/current/msg93261.html

5
4

ISP Level 3 goes TITSUP after giganto traffic routing blunder

Yes Me
Bronze badge

Hmm...

Hmm... I wonder who on earth (literally) could ever be authorised to announce the default route in BGP4.

0
0

Cisco spins CERN partnership

Yes Me
Bronze badge

Re: Yeah, sure

I think you've been confused by the inclusion of buzzwords like "highly secure". Who would dare put out a press release that *didn't* say "highly secure"? CERN has been buying Cisco kit since, oh, 1987 or '88. It's only fair that Cisco should give a bit back.

What I find truly amazing is the *absence* of the buzzwords "software defined networking."

0
0

HTTP/2 is now utterly officially official

Yes Me
Bronze badge

Re: It should be dead anyhow

> There is no logical reason for this protocol.

So you'd rather stay with a protocol that confuses server load balancers and thereby breaks transactions because it uses multiple independent TCP streams?

0
0

Trans Pacific Partnership 'fast-track' bill dumped

Yes Me
Bronze badge
Unhappy

Re: could be the lobbyists have written the damn thing

It's pretty certain that lobbyists for the copyright "industry" have written some of it, along with lobbyists for patent trolls and Big Pharma. Protecting egregious profiteering by Big Pharma is rumoured to be one of the main points, and keeping it secret is clearly intended to avoid the inconvenience of open discussion.

3
0

US government asks internet community how long it should extend IANA contract

Yes Me
Bronze badge
Unhappy

Re: Icann

Not necessarily. Any solution that gives ICANN some sort of perpetual right to act as the Clerk of the DNS would be even better than the status quo, from ICANN's point of view (and therefore worse, from other points of view). Any solution that provides checks and balances on the Clerk of the DNS, like the existing checks and balances on ICANN's two other clerical jobs (address space and protocol parameters) would be worse than the status quo, from ICANN's point of view (and therefore better, from other points of view). So ICANN's real goal is to tip the balance away from checks and balances, not to preserve the status quo.

That's assuming ICANN continues to behave greedily rather than in the spirit of Jon Postel, of course.

0
0

How ICANN pressures 'net engineers to give it behind-the-scenes control of the web

Yes Me
Bronze badge
Alert

While I would't trust the ICANN establishment any further than I can throw one of their lawyers (which isn't very far at all), I do trust the IETF to exercise the cancellation clause in its fundamental agreement with ICANN if necessary. I also trust the various Regional Internet Registries to do the same thing. It's less clear that there is anyone to similarly blow the bolts for the top-level domain system, but I can't really imagine anyone (including the US Department of Commerce) agreeing to a new regime in which there was no cancellation clause. So I think this is just smoke and mirrors from the ICANN side, designed to create panic and outrage when neither is needed.

4
0

Rand Paul is trying to murder net neutrality. Is there a US presidential election, or something?

Yes Me
Bronze badge

Re: someone should try explaining to Rand Paul

Presumably he was named after Ayn Rand ("the morality of rational self-interest" and all that tosh).

0
0

ICANN wants total control of DNS while breaking its own bylaws to block .africa probe

Yes Me
Bronze badge
Facepalm

What's the surprise?

So, you try to make a lot of free money out of selling completely pointless domain names to people with scurvy motivations, and other people want to know how you decided which set of people get to give you that money, and it all gets ugly. What did you expect? A round of applause? The ethics of the domain name "industry" just get worse and worse.

2
0

Hey, you wanna help run the internet? This power restructure is for YOU

Yes Me
Bronze badge
Unhappy

Re: Complicated...

> How is this different from how the 'leaders' of Hong Kong are 'elected'?

I'm not sure I want to accept that gambit. The point is that it's a fairly technical business (where 'technical' means both computer science and legal technicalities) and this really means that it has to be run by a technocracy. And what you see in the diagram is that a whole lot of technical communities around the world select the technocrats, most of them using open nomination processes. I think we can call it a demotechnocracy.

It is pretty much bound to be complicated. A shame that the underlying job of work (listing the TLDs and registrars, as I said on another thread) gets lost in the noise.

0
0

Internet kingmakers cry mercy over mad dash to fill global DNS throne

Yes Me
Bronze badge
Facepalm

Not even

No,it's not the Internet, it's not even the DNS. It's just a minor clerical function (making a list of TLDs and who is the registrar for each one) that has been parlayed into a parasitical money machine by business interests. And,oh look,it's the party of big business in the USA that's trying to prevent change. Change might damage the money machine, and we can't have that.

0
1

ICANN urges US, Canada: Help us stop the 'predatory' monster we created ... dot-sucks!

Yes Me
Bronze badge
Unhappy

Re: “I don't know whether they need that money to continue operating”

> Vint Cerf, seemed to forget the point when he joined the ICANN board.

Well, in fairness, he tried to limit the madness. Vint didn't create ICANN; actually it was forced on the world by Ira Magaziner in the Clinton administration, and by some fairly powerful commercial interests that didn't want to see such a cash cow left to techies who might throttle the free money faucet.

And yes, there's a DNS record for icann.sucks. But it's a loopback address (127.0.53.53). And no whois server will admit that it's been registered by anybody. How strange.

3
0

Boffins: Large Hadron Collider NOW movin', we're getting down and crush groovin'

Yes Me
Bronze badge

"What makes you think they're not developing fusion power?"

Yeah, right. I remember being very excited as a little boy to read about the Zeta experiment (http://en.wikipedia.org/wiki/ZETA_%28fusion_reactor%29) and how we'd have free electricity in a year or five. Still waiting. It's just damn' hard to do.

The more we understand fundamental physics, the better our chances of getting that free electricity. That's worth the price of a few beers per citizen per year, which is all that CERN costs.

8
0

BIG DATA wizards: LEARN from CERN, not the F500

Yes Me
Bronze badge

Re: I wonder...

You wouldn't want to try it while the machine was running. Not if you wanted a long and cancer-free life. Also, you can visit from where you are right now:

http://home.web.cern.ch/about/updates/2013/09/explore-cern-google-street-view

0
0

NZ used XKEYSCORE to spy on World Trade Org election emails

Yes Me
Bronze badge
Thumb Down

Re: I would be wary of anything published by Nicky Hager

I wouldn't; Hager has a long history of publishing inconvenient truths. And his selection of which bits to publish is no worse than selections made by right wingers; it's just different. The election was hardly affected by 'Dirty Politics' - as any fool knows, Key gets reelected because he takes care to keep the absurd real estate market in Auckland rolling along, so that undecided voters continue to believe that he is an economic super-hero. Bad luck if you are an underpaid working class Kiwi.

1
0

Snowden tells tech bigwigs: It's up to you to thwart mass surveillance

Yes Me
Bronze badge
WTF?

Magic!

"technologies to obscure VPN services, so VPN traffic can’t be identified as being encrypted."

Um, so encrypted traffic has to look like clear text? Or is he just saying: use steganography for everyting?

0
0

This ISN'T Net Neutrality. This is Net Google. This is Net Netflix – the FCC's new masters

Yes Me
Bronze badge

If anybody's still reading fresh comments on this story...

"The FCC is going to force cable companies to provide many more details over their internet offerings: everything from speeds, rates, restrictions and packet loss stats. And it will do so for the consumer.

But, it doesn't know how to. So it is asking its Consumer Advisory Committee to come up with a plan within six months."

Actually this concern is at least ten years old and the answer already exists:

http://tools.ietf.org/html/rfc4084

1
0
Yes Me
Bronze badge

Re: Not over

Of course it's not over; but given that the US totally screwed up local loop deregulation and thereby retained geographical monopolies, this is a significant step forward. (If you'd checked the number of major US infrastructure providers supporting IPv6 lately, you might have stopped beating that IPv6-hater drum, too.)

And whatever the article says, I expect that the big issues between content providers and content aggregators will end up as FTC and Sherman Act issues rather than FCC issues.

3
0

Complicit Kiwis sniffed Pacific comms says Snowden

Yes Me
Bronze badge

Re: You should read the mainstream news articles

Or you should watch the giggle-show known as "Breakfast" on TVNZ1. Even they got it right this morning: their security consultant said "This surprises nobody in the [SIGINT] business, and there's more to come" and their Pacific Islands correspondent said (in ladylike terms) "This is going to piss off the Pacific Islands." Nobody suggested that the story was inaccurate, except the PM who said it was inaccurate before it came out. Well, if he knew that before it came out, presumably that could only be because GCSB grabbed it and showed it to him, but that would be illegal, so either he was fibbing or he knew that GCSB was breaking the law again...

6
0

High Court: IBM staff refused pay increases can claim damages

Yes Me
Bronze badge

Well, let's think about it a bit more

"...a quarter of UK staff being kicked off its final-salary pension scheme" [in 2009].

However, since about 1997, new hires have of course not joined the Defined Benefit scheme since it was closed by then. So we're talking about people who've now been with IBM for almost thirty years or more, and have not yet accepted a package. So whatever the legality or ethics of it, we aren't actually talking about a very large fraction of IBM UK staff. The majority of the staff, on a Defined Contribution pension scheme, might feel aggrieved at the impact of this decision on the pension fund as a whole.

0
4

Dot-word sensation: Google forks out $25m for a fist of .app-y pills

Yes Me
Bronze badge
Unhappy

A sad day

Ludicrous. Don't be evil??? Don't be stupid!

0
0

Net neutrality victory: FCC approves 'open internet' rules in 3-2 vote

Yes Me
Bronze badge
Happy

Re: draconian, greedy monopolies should be a thing of the past

Yes, and I want a pony too.

2
0

I'm the wire starter: ARM, IBM tout plug 'n' play Internet of Stuff kit

Yes Me
Bronze badge

Re: Potentiometer + cloud + monopoly

It all needs to be autonomic and self-configuring, including secure enrollment of new devices. What it doesn't need (from the consumer's point of view) is to depend on proprietary or cartel solutions for that. That's the difference between your £8 spark plugs and £130 injectors (whose fair price is probably £30 at a guess). So beware of Big Blue (or Cisco, or anyone else) who offers the One True Solution for IoT security. The One True Solution includes a monopoly rent.

0
0

What's the hot domain dot-news? Er, it's .news

Yes Me
Bronze badge
Paris Hilton

Whoopee

That's great! News from crap.news will be so much more reliable than news from crap.com. Well worth my share of the $10M, which I am pretty sure we punters will end up paying indirectly.

Paris, because surely paris.news will be here in no time.

0
0

Global DNS power grab: US senators want a word with ICANN next week

Yes Me
Bronze badge
WTF?

Er, piffle. It's not a job for the USG and never has been, and it's not a job for the ITU and never has been. It's a job for the voluntary technical standards that have been ensuring that it works since 1983. No government or UN help needed, thanks.

By the way they aren't called "packages". They've been called "packets" since the 1960s.

0
1

IBM pushes the Accelerate, makes one Big Blue storage family

Yes Me
Bronze badge

Re: Long-Names-With-Silly-Components-itis

Oh come on. I wasn't sneering at the need to avoid other people's trademarks. I was sneering at the pathetic belief that renaming something is going to influence rational purchasing decisions. This nonsense has been going on for years in the distributed storage area (and I mean 20 years at least). Even "GPFS" was a rebranding originally (late 1990s). Lipstick on a pig is really the correct metaphor, because IBM has never, ever got this area right, back to AFS/DFS. Remember the Storage Tank fiasco? Or should I call it IBM TotalStorage SAN File System?

The problem has always been the products, never the names.

0
0
Yes Me
Bronze badge

Long-Names-With-Silly-Components-itis

"GPFS was recently rebranded to Elastic Storage. Why is IBM rebranding it again as Spectrum Scale?"

Because some years ago IBM Marketing became infected with Long Name disease, a condition in which the patient believes that long names with silly component words make fools buy stuff that they didn't buy with accurate, descriptive names like "General Parallel File System".

It's an unfortunate form of mental illness, because the more evidence there is that it doesn't work, the more the patient makes the names longer and sillier.

1
0

Hackers fear arms control pact makes exporting flaws illegal

Yes Me
Bronze badge

Re: Impractical law

> how would they enforce this?

Randomly and capriciously, when they decide to go after someone who has pissed them off. But otoh, Wassenaar is very old news, so making a big deal of it now for this particular event is a political choice. (Just as Citizen Four made a political choice, one I admire, and like the PGP T-shirt, which was intentionally provocative.)

1
0

Back off – it is ILLEGAL to make us accountable, claim ICANN lawyers

Yes Me
Bronze badge

Lawyers know best...

...how to give advice that their employer wishes to hear. But that advice doesn't mean anything until it is tested in court.

1
0

Net neutrality: Someone WILL sue. So will the FCC's rules hold up?

Yes Me
Bronze badge

Re: This is the most shoddy analysis of a legal issue the Reg could have posted.

@Tom 13:

OK, now we *know* you're a shill. ianal but there are gazillions of cases where regulations qualify the law.

0
0

Page:

Forums