3028 posts • joined 25 Mar 2008
This is not a problem
Breaking crypto is against the law.
So no one should do it.
Every employee at ElcomSoft involved should now be in the gulag.
What do you mean "That's not how the world works"?
Tell that to the MAFIAA and their DMCA fanatics
No need to charge him. The USA can demand his extradition from the UK if he is here (there seems to be no way to block that, ask McKinnon) and if hat does fail, the USA can just grab him from anywhere they see fit, take him to some island and torture the hell out of him (the USA has form for that too).
I don't see the latest set of leaks putting any lives at risk, nor do I see them being particularly interesting. And whilst I totally agree that some things should be kept secret, I really would appreciate it if politicians would stop spouting bull-crap all the time*; then there would be no need for a sites like WikiLeaks.
Until that happens, roll on the next leak. Just chill the PR assault a big, mm-kay?
*Although it is amusing when one catches the buggers out.
I really hope I am not being thick here...
...but I have a feeling I am.
Virtual Desktops...thin clients...isn't this the old Unix model of having a beast of a server and then a client creating a "window" on to the user session? Isn't this exactly what the X Server was meant to do?
I'm not knocking it, I am just wondering why people are running around and getting all excited about this "new" idea when...err...it isn't that new.
A plug-computer and a monitor with a couple of USB ports (simply for ease of access) is appealing. Although if the network goes down...one is well screwed. At least with all my VMs on the desktop, I can struggle along for a bit.
Isn't that now out of date? Should SHA1 or something be used instead? (Genuine question, it was an off-hand comment in a audiocast I listened to on Monday).
Hmm...seems it might be, considering one of the closing statements in the first post.
"Did you build your car? No? Then don't complain about anything about it, fridge, carpets,house, in fact ANYTHING you own that YOU personally didn't make, don't EVER complain about."
I don't, I pay a guy (or gal) to fix them for me. Or I buy an alternative. Same with software. I can either fund (or part fund) the fix, find an alternative or get involved with fixing it.
There is a great malaise today where people expect every little thing to be sorted for them by some mythical higher power, or for every little thing to be perfect from the get go.
Standing on the sidelines and moaning isn't going to get anyone anywhere. In any aspect of life.
It's put up or shut up.
Ah yes...this will be a doctor who lives on thin air than and does not expect any remuneration for their time. My, my, my.
So I do "put up" for the doctor. It's called "paying the bill".
...how much time have YOU devoted to fixing and testing the bugs that you complain about?
Put up or shut up.
"A malicious PDF is reportedly used to download and install the ransomware"
So it is just Adobe Reader that is exploited, or are other readers affected too?
Still, as only the last 24 hours worth of personal data should have been affected (and it doesn't change that often). It would mean wiping, re-installing and then recovering data from the off-site back-ups (I presume the back-up drives would have been jiggered). Annoying, yes. Devastating, no.
Everyone has off-site back-ups for their home PCs, don't they?
Why are you giggling?
...the real guilty person(s) are probably larging it up in Goa or somewhere.
"Signed an extradition treaty that the US will *NEVER* ratify"
Err...apart from the fact the USA did. FOUR YEARS AGO! Kindly do try and keep up.
However, all arguments about the one-sided nature of the treaty, our leader being spineless toadies etc remain justified.
Although there can be good cases for extraditing people to the USA, financial crimes seems to be one. The FSA, SFO, HMRC etc all seem to be incapable of bring financial scammers to book (or simply don't care to, far too lucrative to take the bribes and cushy consultant/director positions).
You just hilighted...
...a second issue, and this is a Windows failure. Why does a user application ("iTunes" in this case) need admin rights to install? If the install is for "all users" I can see that, but then it should be done by an actual admin who know WTF they are doing.
The "Bonjour" service? Unless that is going to offer all media that any user of that PC has loaded, then is does not need to run as admin - it's an agent of the current user, nothing more.
FF does not need to be running - it simply has to know which plugins have been explicitly authorised byt the user and which have not. On next start it could say "Plug-in 'iPrunes' has been added by an external piece of software. What do you wish to do?
[ ] Enable
[*] Keep disabled
[ ] Remove
If you did not install this, then it is recommended that you remove the plug-in"
"In Windows World, 100% vigilance is always required."
It's the same on Linux, no OS is immune from an idiot operator with root access. That and apathetic users who think they are secure because they are on "Teh Linuks". Sorry dude, a poorly set-up Linux install can get owned as well.
"Computing with Linux is like computing in the good old days, before the computer industry was overtaking by greed. Windows is a hostile environment with a pretty interface."
This story is nothing to do with Linux and everything to do with bad design by Mozilla (and Apple). An installer on Linux could do the exact same thing just now.
It's not hard to do
Welcome to iPrunes!
This will install iPrunes and these selected features. You can run this again to add/remove these features at a later date, or simply uninstall them from the related applciation
[*] iPrunes (required)
[ ] Windows Explorer/Nautilus/Finder integration (allows media to be opened in iPrunes)
[ ] Firefox plug-in (allows media to be opened in iPrunes)
[ ] Internet Exloder add-on (allows media to be opened in iPrunes)
A question for every single DLL? No. For the atomic add-ons that affect other applications, yes. And, of course, those applications should verify the addition with the user before letting them run.
' “... why did Apple think it was OK to add the iTunes Application Detector plug-in to my Firefox web browser without asking me?” '
He should ask...
“... why did Firefox allow Apple to add the iTunes Application Detector plug-in to my Firefox web browser without asking me?” '
If FF is not protecting the user from random plug-ins, then the fault lies with FF and Mozilla.
"An honest 'democracy' would have nothing to hide."
Horse-hockey. Some things are, and should be secret (as in restricted for national security), some other things are commercially confidential, and yet more things are personally private. The abuse of these by the UK government (their favourite ruse is to hide behind "commercial confidentiality") and others is a problem.
I do not think that the latest rounds of "leaks" is anything remotely surprising. It most certainly will not put lives at risk and most governments should just go "Meh". Why? because most governments should already know the content of these cables if they have been doing their fscking jobs! This all should be no surprise to them.
Whilst WikiLeaks (and others) have served democracy in the past (Iraq war revelation etc), I think fame has gone to Assange's head as the hype surrounding this latest "expose" bears little relation to its actual content.
With bells on.
I wouldn't go that far
The failure is not with Android, the failure is with the carriers. They haven't twigged that they world has changed and that they are now just dumb-pipes to the real value (e.g. Facbook or whatever). They still they apply all this "value-add" bullcrap (what you get on every PC and uninstall immediately) and make the rod for their own backs.
If they had stuck closely to Android core, none of this would be a problem. People would use their phones more, push more data, increase their profits. The iPhone is a prime example of this, no variance in OS or hardware and it works. MS is being slightly less prescriptive, but not by much.
WinMo7 is, IMHO, inferior to 'Droid in just about every measure and a dinosaur compared to iOS. But it looks like it might succeed, which is a shame. Once more true innovation and freedom has been dashed on the rock of old business models.
Maybe Google will grow a pair and bring on the Nexus Two. It only takes them to sing-up one decent carrier to break the backs of the others. Or set-up their own network.
...this is the complete lack of information gathering, planning and thought we can expect from an "exemplary soldier" of 23 years service? Jesus wept, are we boned when it all kicks off.
I am someone else who can't see HD. Well, that's a small lie, what I can't see is the difference between a random HD system and a SD system that has been set-up properly. If you spend the time (and it doesn't take long) to ensure resolutions match (If using LCD/Plasma, I am still on CRT), setting contrast etc correctly for the room and using a good connection (not RF...) then you'll be surprised at what SD can deliver.
A lot of the "wow" factor about HD is just people seeing XYZ on a decent screen. I have *never* seen a side-by-side comparison of the same content on the same screen being run SD/HD. Only if that is done can one judge the difference.
If going down the HD route (AIUI) it only takes one component to not be 100% complaint with the HD DRM wankery and you only get SD anyway. I wouldn't know, as I say I am still using an old CRT telly and I will keep using it until it dies...which I think will happen soon judging be a few glitches I am seeing.
..."[any] good sysadmin" be even considering MS?
I automated the arbitrage via some python scripts to scrape the sites and a EJBs to run the logic years ago (I have degrees in Mathematics, Computational Statistics and Artificial Intelligence). And yes, I said "EJB"s. Site changes can futz me up for a while, but I get it back pretty quickly. I have to be careful to not bet too fast 'n hard, only placing a few a day otherwise I'll appear like a bot (it's still me doing it, the engine just takes the donkey work out; it lists possible bet combinations and I can still dig in if I want with the engine yanking back any hedging bets from the recent scrapes).
EULAs/Contracts? Most are just permutations on a theme, so it's pretty easy to have sets of "rules" that get loaded on a per-site/account basis and factored in (all done engine).
Been running this since mid-2008. Won about £315k less costs (kit, connection, tax) so that's about £200k. Not bad for 2 and a bit years. And I still have the day job. I could reduce the tax liability, but I really can't be bothered. This is (almost) free money to me anyway.
I run a "fantasy bet" system letting it select the top 5 on a daily basis to see how it would run fully-automated. It's pretty good, but the heuristics are not yet up to matching a skilled human. When it is, I plan to run it for a few years, make enough to retire (I won't need much) and then open source everything. It's all built on F/OSS and this is my way of giving back.
There's only one problem with the system I'm using....I'm a dirty great liar too!
After my warranty ran out...
...I bought some "pattern part" ink. It works OK and I can't tell the difference, but the printer can't tell if the ink is full or empty as the chips could not be reset due to a patent. WTF?
A patent on telling how full a bucket is? Jesus.
It's a Dell printer (rebranded-Lexmark) and needs to go when I switch over to Linux as it's not supported, so I'll be looking for a printer where I can use "pattern part" ink. if I was doing high-end stuff...maybe I'd worry. But I'm not.
@AC - Fusspots
"Obama has obviously failed because the US has not hit the peaks of prosperity of a half a decade ago."
Err...you know there is a world-wide recession, yeah?
You know that lax financial regulation (over decades, and amongst other things) caused it, yeah?
So the question isn't if the USA is as prosperous as it was a decade a go, it's "Is the USA in less shit that everyone else?" And I'd say "Yes, yes it is" Could someone else have done better? Maybe. Could someone else have done worse? Oh yes indeedy. And one such person who could lead you to disaster would be this dizzy moo.
I see I was right
Americans! Do yourselves (and the world) a favour, do not vote for this chump. Vote for anyone else. Hell, change the constitution and allow Schwarzenegger to be prez. He may be a Republican, but he's probably one of the most democratic leaders in your country!
At least he knows how to read a blasted map and that the world does not end at American borders.
Where? Am I one of the few sub-40 year olds who know COBOL? It were my first proper job 'n everything. Ah well, back to this new-fangled Web2.0 stuff. It won't last I tells you.
Are you mad? The list price will be £550. In the world or consumer products, US$1 = £1; regardless of what the actual exchange rate may be.
...is not with FB, but with your "friend". They were the data controller for "[YOUR] data" and made it public without consent. How are FB supposed to know which data is and is not precious if it is given freely to them by a third party? (This is not just a FB thing, it affects every company).
The only option would be for FB to contact you personally and then we'd have complaints out FB harassing non-members!
I took the simple approach - as I am not on FB, I made sure all my friends knew I did not want to be, nor did I want my picture on there. A few snaps of me are up there (public events, parties) but not an awful lot, although with face recognition becoming what it is even a little could be too much.
What so anti-profit?
Maybe I am reading more into it than what your actually said, but why the snide comment about mkaing a profit from the software centre? This is a business, companies need revenue. If you don't like it, then don't buy from it. And at least with Linux there are other distros that you can choose.
As for Ubuntu going rolling-release...hmm...I started on Ubuntu and I am still a total newb, but already the lock-down and breaking away from the community is beginning to grate. Maybe I'll buy a book, magic up some time from *somewhere* and teach myself how to install and configure Arch.
Twilight TV Series - it's called "Vampire Diaries". Not done by the same people or set in the same universe, but almost as schmaltzy.
How about "reboot the franchise"?
I misread that as
"Bum em, bum em with fire."
Gave me quite a different mental image I can tell you!
Drive a stake through its heart
No, really. Do it. It was fun in its day, but the franchise is dead. It is an ex-franchise. It is no more. Kaput. Left the mortal plane. Etc.
And no Joss Whedon? WTF? Oh, wait, this is Hollywood. Fuck the content creators and the talent, the studios want their pound of flesh. Pay-up, bitches.
...it is possible to pirate software there too. And you appear to have confused a kernel with a software movement. Linux tends to be synonymous with "open source" and that does not mean "free" (although it often is).
Furthermore, if one did switched to F/OSS (assuming an analogue existed for whatever MS solution was being replaced) there have been issues with F/OSS code held in the repositories (e.g. Unreal IRCd) as well as known exploits for F/OSS software.
That said, F/OSS tends to be pretty open about bugs/exploits and that at least allows people to respond to them (good and bad people...)
The feckless wasters will always get caught out no matter what system they are on.
And as for "safety", it's more about the people. People pick the tool, people configure the tool and people use the tool. They need the correct training and knowledge.
I thought it looked good...
...right up until I read the OS that it had. But then it's a Dell, they're not allowed to sell any one else's OS.
...no one mentioned Linux.
If one knows the root password (or equivalent) in *any* OS and ons says "Yeah, sure, do what you want to my system Mr. Malware" then that OS install is pretty much pwned.
Having signed/trusted repositories lessens the risk but does not remove it completely, people can add new repps and repos themselves can accidentally host nasties (either through naïvety or actions of a malicious party).
What people need to do, is get out of the habit of downloading "SuperFunHappyTimes" from website X and installing it without thinking first. People also need to be suspicious of installs that ask for elevated privileges, this should not be required for end-user software (and if it is required, then there is something wrong with the OS design).
And now, just to keep you happy "This would never happen on Linux as Linux is much better, users more tech savvy and less likely to install random crap for dodgy websites."
You don't need many photos
If you have too many, the false-positive rate will drive you nuts. You only need photos of "people of interest". Of course, your local council will then apply these laws to god-fouling etc.
In certain, very restricted, areas I can see the use of this tech. Prisons, military facilities, maybe even parts of hospitals. But in general-public CCTV, Flickr, Facebook etc? Fuck right off. (Sorry Sarah).
Will there now have to be a new social etiquette over when photos can be posted? I am not even on FB and my ugly mug is up there, fortunately most people are considerate enough to ask me before risking other people's monitors.
You can't identify a face...
...if you can't see a face. I'm buying shares in mask makers....
...buy a different brand of PC, the OEM is not a monopoly, but they are invariably infected with Windows.
On Linux? So one will need a premium account then I guess. If not, I look forward to being able to run Spotify with my freebie account on Linux (I can use the Windows one under WINE right enough, but that's not the point).
As for this whole cloud thing, I really don't get it at times. I thought the "cloud" was all about server images expanding as demand increases, migrating across different data centres and all that stuff. Really good for SaaS etc, but if a client is going to work with it, it will need an always-on connection. A secure one at that! (Hello FireSheep.)
If this is a true cloud platform AIUI (all work done on server, client is merely a display screen) then why the high-specs? All it would need is sub ~1gb RAM and ~4gb SSD, maybe an ARM chip to boot. Or am I missing something? Are these "cloud" apps just bog-standard, FAT clients that use a server for data? A la Outlook, Rhytmbox and most other things. Would explain the storage I guess....
Don't be silly
Google wouldn't do anything evil. Just ask the font of all knowledge...err...Google.
Oh, I don't expect to see "Extreme Tux racer"* being Kinect controlled by tomorrow morning, I don't even expect it to be necessarily used with Linux. Once the drivers are stable enough to start passing meaningful values, people will use it for all sorts of things.
The average PC (any OS) has more than enough grunt to do the processing the xBox does.
"Yeah look at windows 7 that [didn't] sell like mad on the first day either but its already [the] market leader due to [steady] sales."
It is nigh-on impossible to buy a PC without Windows 7 due to OEM agreements. I do not call this abuse of a monopoly position a valid gauge of the popularity of Windows 7.
Allow me to adjust
Never owned one, but the original xBox was capable enough in its day. It's still good now (especially when it's hacked), I can only presume that the 360 is similar
Wrong on an epic scale. There's even open source drivers for Kinect now, it's free to be used with anything and I expect to see it get taken up big style.
Bang on the money, but IE9 looks like it may be a non-turd. It will, after all, be the first MS browser with a nod towards standards compliance.
Err...really? It might be my favourite MS OS, but XP certainly has some turd-splatter on it. Not releasing USB devices when I demand it is my biggest gripe. There are more.
Are you serious? It is a total sack of bloated vomit (if have to suffer its suppurating pestilence on a daily basis)
>.NET and Developer Tools
Some of the GDI is nice, some integrations are good, debugging is great and, in general, VisualStudio is faster than Eclipse. But that's it. The languages are not cross-platform and TFS is a bucket of diseased sputum.
Ah, I see. This is "humour" isn't it? Office is a raging pile of foetid balls, 2007 and 2010 even more so. Inconsistent APIs, inconsistent windowing behaviour, poorly documented (and inconsistent) file formats, lack of standards support, bloated and slow.
If their OS...
...wasn't so ripe for the picking in the first place, most of this would be moot.
"Standing Advisory Council on Religious Enforcement of Doctrine"
I'll have to read-up on the details of WPA (when I do run the WiFi at home, that's what it uses, router is too old for WPA2). I do wonder how tools like Aircrack-ng could make this even worse, but I doubt it's possible to decrypt the packets in real-time, unless one manages to sniff the hand-shaking I guess.
But I really am ignorant of the details.
...I really thought I was missing something. I didn't realise that each WPA connection ran its own crypto, assumed that anyone connected could see data on that network (not read-up on the details of WiFi yet...really must).
Good news: I don't run a public WiFi, you can all rest easy.
Is the answer really...
...as simple as using SSL?
...it's "-Xincgc"? :-)
Like those fringgin' pointless exam questions:
"Which option alters garbage collection?
e) It is not possible to alter garbage collection"
DID you WASTE your LIB DEM VOTE?
- Crawling from the Wreckage Want a more fuel efficient car? Then redesign it – here's how
- Apple SILENCES Bose, YANKS headphones from stores
- Flesh-flapping, image-zapping app Snapchat NOW ad-wrapped
- Vid NASA eyeballs SOLAR HEAT BOMBS, MINI-TORNADOES and NANOFLARES on Sun
- TV Review Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots