Feeds

* Posts by David Hicks

1243 posts • joined 22 Apr 2008

Fags flash butts in nightclubs

David Hicks
Thumb Up

They are for people who have quit the "real" stuff

After smoking for 15 years it took me just a couple of weeks with one of these (different brand, same idea) to decide that the "real" ones tasted bad. TBH I was probably close to quitting anyway, but these made it much, much easier. And I didn't even use the ones containing nicotine, just the flavoured vapour. Now I puff on one of these every once in a while, but not every day.

I'm not sure I see the purpose of the proximity sensor thingy, other than "Hey, cool, you use one too!" and a bit of a conversation starter.

Do people actually use these in non-smoking venues? I got the feeling that it looks enough like smoking that staff and other patrons might kick up a fuss.

And one last thing, el-reg, whether they actually release any nicotine or not, they seem to help a lot of people get off the fags so are to be encouraged IMHO. Of course the government will get around to banning them sooner or later.

0
0

Use of Weapons declared best sci-fi film never made

David Hicks

LOL

The stereotypes aren't entirely unfounded, it's true.

OTOH try watching something like Ghost In The Shell sometime, I'd recommend the Stand Alone Complex series. No suspiciously young girls, no tentacle rape. Also no spoon-feeding every little story detail like western media, it leaves a bit more to be figured out and thought about.

I enjoy them, once in a while. They do sci-fi very well.

When they're not drawing a 200 foot tall monster destroying tokyo with it's hundreds of giant prehensile penises that is.

0
0

Do-Not-Track bill introduced in US Senate

David Hicks
Flame

It can't be opt-in

Because then the trackers and advertisers would instantly have every person suddenly opted out. The user is a commodity and while not that many people will bother to opt-out, almost nobody is going to opt in. The advertisers would argue that most people are fine with being tracked (never mind that most people don't know about it....) and that it unfairly burdens them or some such thing.

Basically there's a lot of money in it, and if you start to take that away from big advertising firms like Google, you'll suddenly see them get very, very interested in buying their own politicians and laws.

1
1
David Hicks

What a surprise

The advertising giant is against user privacy options because they could affect revenue!

This won't get through I assume, but it would be nice. At the moment a combination of Better Privacy, Adblock Plus and Cookie Monster for firefox stop most of the client-side tracking that I don't like, but there's nothing to stop trackers from just using my IP address or using the more nefarious 'evercookie' methods.

Having a legal requirement to leave me the hell alone would be good. Having tracking as "opt-in" instead of the usual "opt-out" would be even better, but that'll never happen in a million years!

3
1

Nokia touted Meego to rivals, but nobody wanted to know

David Hicks
Linux

So what's next on the linux phone front?

I had an Openmoko freerunner which was dreadful in terms of both hardware and software, largely due to bad management of the project. Really, you're going to have one of your so called star developers spend the next six months redesigning the on-screen keyboard for the seventh time? You don't think maybe getting phone calls stable first would be a good thing? LOL...

Now I have an N900, which is fantastic because it's a Nokia linux phone, and we all know that (until recently) Nokia stood for quality. Even when they lost their way in terms of being cutting edge, you knew with a nokia that it would damn well work or they weren't going to sell it. But Maemo was merged into Meego, and then that was shelved. This seems mostly to have been because of management territoriality causing profits to disappear and competition to be ignored.

So... what next?

Who's going to make my next full-linux phone? Or am I going to have to build it myself out of gumstix and gaffer-tape?

0
0

Sony implicates Anonymous in PlayStation Network hack

David Hicks

@David W.

"There was a warning (vague, albeit) about copy protection, and the software itself wasn't malware."

Err... define malware?

The Sony XCP software was apparently installed silently before a EULA was displayed, and the EULA didn't mention taht it installed hidden software. It then ate resources, caused bluescreens, put in measures that allowed processes to hide themselves and generally caused trouble. Then it prevented you format shifting music you had bought, except to a few (mostly Sony) devices.

Whether it's criminal depends on how you interpret the actions against various laws about using computers without permission, laws Sony are currently trying to bend as myuch as possible in their favour when it comes to people accessing their own playstations without Sony's permission...

sony shouldn't be shut down, they should be ignored and left to wither and die.

16
2

NHS Barnet reveals 187 breaches of personal data

David Hicks
Troll

187? Amateurs

They should take a look at Sony to see how the pro's do it.

1
0

Oz minister ties privacy law review to PSN hack

David Hicks
WTF?

Holy Carp!

Australia, government minister, technology related.... and it's not a huge jar of pure, condensed, filtered, unashamed idiocy!

Wow!

4
0

Vote now for the best sci-fi film never made

David Hicks
Happy

ALL OF THEM

Also can we please make it a decent version of the book? There are so many terrible adaptations.

For instance - everyone involved in "I, Robot" and the Tom Cruise version of "War of the Worlds" needs to be taken out back and put down like a lame racehorse. Either that or just barred from making more movies, you know...

0
0

User data stolen in Sony PlayStation Network hack attack

David Hicks
Alien

+1, Absolutely Mental

Would read again. You might want to work Obama or (for old-skool fun) Bush into there though, for maximum impact/paranoia.

0
0
David Hicks
Flame

Sorry but WT-holy-F?

Might very well not have been? Might very well not have been?

Why the hell would you think that people hacking their hardware would be in any way involved in this in the first place?

Seriously, are you that warped in the head that you equate people gaining control over their own hardware with stealing millions of user details and (potentially) credit card details for the purposes of fraud?

Hell, even the most pirate-y of console hackers isn't interested in massive data theft and fraud.

Sony failed to secure their systems. The fact that passwords were even stored on their systems (instead of secure, salted hash values) is a huge failure in itself.

The ability to penetrate and compromise Sony's server infrastructure is entirely separate to breaking client-side security, it is also unambiguously criminal. This is absolutely nothing to do with custom firmware, homebrew or piracy.

27
0
David Hicks

Credit Card details

Sony are not sure at present if CC details have been compromised. Other info certainly has. When someone has your -

username

password

real name

email address

street address

credit card details

Would you not agree there's a lot of scope for negative effects? If this were just your username and password then it wouldn't be as big of a problem.

Also - good luck logging in to change those.

3
0

Amazon: Some data won't be recovered after cloud outage

David Hicks
Troll

Surely not?

Wasn't the data "In the cloud"? That means it's safe, secure and always available? Doesn't it?

Surely I haven't been lied to by advertisers and marketing men?

8
0

How is SSL hopelessly broken? Let us count the ways

David Hicks

encryption without authentication is pretty useless

"In either of the last two cases, having Firefox bitch about self-signed certificates is less than helpful."

Then you don't understand the technical side of it. Without an authority you have no idea who you're talking to. In a public setting MITM is really quite easy, so without the third party vouching for you, I have no idea who you are. What use is encryption if I'm only encrypted as far as your MITM-bot?

Setting up a local CA for an intranet is pretty trivial, not a serious issue at all, and firefox's 'bitching' is there for a damn good reason.

The public trust apparatus and certification authorities are broken. Lessening the importance of trust and authentication in secure comms is not a very good way to address this.

0
0
David Hicks

Sorry but no.

The scary message is there for a reason. MITM is actually pretty trivial in a lot of settings, especially on public networks (look up ARP poisoning amongst other things, moxie's sslsniff does this along with a bunch of other tricks), so a self-signed certificate doesn't offer much to me in the way of security as it's absent any authentication.

Is it better than nothing?

I'm not sure. Maybe after the first time, if the browser stores the certificate and checks it's getting the same one every time.

0
0
David Hicks

Why would I have any reason to trust a web of trust?

I trust my immediate friends. Well, some of them anyway. I may extend trust to their friends. But a tenuous link to parties beyond that, by the vouching for and of people I don't know well if at all... I may well be missing a deep understanding of the workings of a web of trust, so if anyone wants to enlighten me then that would be great, but I don't trust it.

Don't get me wrong, the CA infrastucture and https are both pretty broken, but WoT does not inspire me.

I still trust a few (not all) CAs more than I trust your PGP signature I'm afraid. Besides which your scheme still needs some way of having a protected comms channel with a WoT PGP sig verification service, a way that isn't vulnerable to MITM or other attacks... so we're back at square 1!

0
0
David Hicks
Boffin

Mostly a problem of trust, broken CRL and bad programming then?

So it seems that most of the problems here are either as a result of -

1. Sloppy string validation in Common Names and URL bars

2. Massive proliferation of "trusted" entities who may or may not have good security practises or even be trustworthy at all

3. Broken revocation methods

4. Un-revoked certificates using obsolete hashing or encryption methods

I've been working with SSL/TLS for a bunch of years now and 2, 3 and 4 have been obvious for a LONG time. 1 is more interesting because you would have thought you'd be extra, extra careful in a security application, if only because the programmers are working on security systems!

Apart from CN validation though, the problems here are HTTPS problems, not SSL or TLS problems. SSL has many wider applications than securing the web. These frequently do not involve any public authority trust at all, have manual revocation methods, cipher suite restrictions and no plaintext-to-encrypted bridge.

The fundamental difficulty here is that the problem is almost impossible to completely solve. A little like DRM (which can be summed up as "how do I give the content and the key to someone, but prevent them using the two together in ways I dislike?"), the trust problem comes down to "How do we establish a relationship of trust between two parties that have never met?". The solution we have been using so far is to involve a third party that the user has never met either. When there were only a handful of these third parties it was perhaps not too much of a stretch; now I look at firefox and there at least 50 "authorities" each with a couple or more root certificates. I know several of them have issued bad certificates in the past and others have been compromised. But if I get rid of them I lose the ability to 'secure' a lot of comms, though secure is the wrong word. Tricky.

tl;dr - The HTTPS infrastructure is in need of a lot of work. SSL/TLS itself less so.

8
0

Sex Party's down-under struggles with dominant Catholic priests

David Hicks
FAIL

Bad troll

None of that would be an issue if this was just a case of sex party volunteers lobbying to be able to put posters up in a place of worship.

When that place of worship is also the polling place for an election, and the church is paid for that service, it becomes an entirely different matter. It becomes the church interfering in the democratic process.

And the sex party isn't about being promiscuous, it's about protecting people's rights to keep the government and religions out of their bedrooms and marriages.

0
0

Commodore USA prices up revived C64, VICs

David Hicks
Happy

I'd buy it if...

... I could just buy the case, for a reasonable amount, because it looks to me like it houses a standard mini-ITX motherboard, and you can get some (pretty cheap) mini-ITX boards that will take much better processors than that.

With a right-angle or flexible PCIe extender, you may even be able to cram in a decent graphics card too.

Also props to Lottie, that is an absolutely awesome idea.

0
0

Toshiba readies 'cinema specs' 3D TVs

David Hicks
Thumb Down

Where's the content?

I have a 3d tv - I was in the market for a new telly and thought I may as well - but so far I'm not seeing the compelling content. I haven't used 3D mode in months.

AFAICT there were a few demo/launch games hastily adapted for it by Sony, a couple of animated films reworked for it and.... that's it.

I quite like the technology, but there's no way to use it much at present

0
0

Anonymous hacks Sony PS3 sites

David Hicks
FAIL

@Highlander

Geohot and graf didn't violate the terms of the psn, as neither of them cared about it or used it. Sony are still trying to prove Hotz had a PSN account *at all* but it looks like he didn't.

And there are no terms of use for a ps3 that you own. Seriously, you own it, it's yours. I didn't sign a lease agreement when I bought mine, did you?

Geo is in trouble for all sorts of stuff. The metldr key hasn't even turned out to be all that useful AFAICT. Sony are suing him for everything from DMCA violation to extortion. Yes, extortion. He jokingly said that if MS, Sony or Nintendo wanted to secure the next console generation, maybe they should give him a job. Sony included that as evidence of threats to continue breaking systems unless he was paid, rather than a half-joking offer to work as a security consultant.

As for what geo and graf want... Geo seems to want fame and Graf wants to learn and share, gaining full control of the system in doing so. Neither of these things is a crime.

And as for your wonderful weaselly excuse about OtherOS not really being removed... really, you can stop white-knighting for the huge multinational now, they don't need you and they aren't going to give you any free stuff.

3
1

Internet retail tax threshold 'probably irrelevant'

David Hicks

Well it had to be something

Moving from London to Perth, I was shocked. I thought I'd been living in one of the most expensive places on the planet. It turns out that almost everything in Oz is incredibly pricey. Despite a ~50% rise in salary when I came across, and lower income taxes, I feel like I have less purchasing power.

1
0
David Hicks
Jobs Halo

No sh*t sherlock...

Stuff is expensive here. Buying it in from the US or Asia is often cheaper by far more than 10%

Which is weird, because you would have thought that getting stuff in bulk would reduce shipping and unit costs. Either the stores are ripping off the public, or the suppliers are ripping off the stores. I suspect it's a bit of both.

I hear that it's common practice to have a legally enforced "sole importer/distributor" agreement here, which would explain quite a lot. That people use the internet to buy from abroad is not a surprise. What is a surprise is that it's not illegal yet, because the history of globalisation has shown us that it's fine to pick and choose where your raw materials and workforce are if you're a manufacturer, but try it as a consumer or retailer and you'll get the smackdown.

Steve Jobs Icon because I just checked the iPad2 prices and they're withing the bounds of reason compared to the US. In fact the 32Gb Wifi model is actually cheaper here!

1
0

Facebook Comments kill web freedom

David Hicks
Linux

All the cool kids still use linux

A scoff at the implication that all the cool kids use Mac. Now give me a moment to wipe the crumbs from my cheetos stained mouth with my cheetos stained fingers...

On a more serious note, do you really think that many people use Mac that would have used linux otherwise? I know of some I suppose, but the majority would seem to be windows defectors.

And facebook, much as I dislike the privacy abuses, provides a useful service and a troll-free oasis. Trolls can be entertaining, but a place without them makes for a nice change of pace.

2
1

Nokia deal to 'rocket Windows Phone 7 past iPhone'

David Hicks

That's a HUUUUUUGE if

I don't know many people that still love Nokia that much. A few years ago, sure. But a few years ago was when Nokia should have been changing the game by introducing smart, capable, modern smartphones. Instead they let themselves be usurped by new entrants to the game.

What's left of Nokia's reputation (solid devices, not that up to date, not sexy) could be completely ruined by a bungled or unstable Win Phone launch.

Even if it goes perfectly I don't see it making a difference. They missed the boat a while ago. Right now they're trying to figure out what to do about that. Waiting another year, while the boat disappears off into the distance before finally, weakly shouting "Hey, Come back!" is not going to help.

They should have grabbed Maemo by the balls when they were ahead.

4
0

Ten... on-ear headphones

David Hicks
FAIL

I got as far as "oxygen-free headphone cable"

Before laughing and skipping straight to the comments.

Superstitious audiophile nonsense.

1
0

Paramount buries Dune remake

David Hicks

All four books?

Err... no.

Much as I enjoyed the two miniseries, especially the second one, they only covered three books. Pretty sure the second miniseries covered "Messiah" and "Children"

Also, there are six books!

It's just that the end of "Children" is a good place to stop because there's a break of 5000 years or so between there and the story of "God Emperor".

0
0

IBM wants to relieve Aussie traffic pain

David Hicks

Traffic? Australia?

You musty be having a laugh!

I moved over here from London last year. Trust me when I say the Aussies have no idea what "traffic" really means. Besides which, the only transport problems they really have are people commuting about inside cities, as going from one city to another is a serious undertaking so most of the roads elsewhere are deserted most of the time.

Frankly a focus on suburban public transport improvement would likely help more.

0
0

Southampton Uni shows way to a truly open web

David Hicks
Linux

I can read pdf on my phone...

with evince. It's nice having an N900.

On the main content - so you finally bought into the semantic web idea then?

I remember that was the 'next big thing' back when I was a lowly student and you were moaning about how half the new intake didn't know how to use ftp from the command line any more...

Plus ca change etc.

Genuinely surprised to see your face peering out at me from the front page this morning though, nearly spat-up coffee all over the keyboard!

D.

0
0

Microsoft Kinect hacked to control the PS3

David Hicks

It's kinda cool.

It uses a PC to emulate a controller over bluetooth, and stitches the kinect into that. So it should work for lots of things.

What I'd like to see is the direct version, using a hacked ps3!

1
0

Oracle kills Sun.com after starvation diet

David Hicks

Shame that so many old domains are out of use

dec.com is vaguely still in use by HP.

Octopus.com is up for sale, auctioning having reached almost 50,000 dollars before the auction was suspended a couple of weeks ago because someone started a domain ownership dispute with ICANN.

Mentat.com is just not there, looks like it's owned by someone that's most likely waiting for a cash-in. That's the tragedy with most of the decent single-word domains in the world, some 'investor' (I use that word layered with the most sarcastic venom I possibly can) has usually bought them up, slapped a cheapass portal and some ads on them and a big banner "domain for sale". So now nobody can use them. Bastards.

5
0

Make streaming a felony: Obama

David Hicks

So that's the trick then

As usual - change the law to make many more people criminals either by inventing new offences or shifting them into the criminal rather than civil code. Classic police-state dystopia type of move that. Then you can justify more budget for your investigators and if you can muddy the waters between "criminal" and "terrorist" whilst you're at it then all the better, copyright infringers are now enemies of the state and your corporate sponsors are happy!

53
0

Data-mining technique outs authors of anonymous email

David Hicks

So 80% of the time it can pick between a known list of 158 people?

And this is supposed to be good enough for use in court? Holy hell...

With a false positive rate of 20% on such a small sample it's next to useless for picking people out of the general population, surely? All you could hope to get is "this guy we already suspect writes in a similar style to the release", which has got to qualify for pretty weak circumstantial evidence at best.

1
0
David Hicks

DOH! Reading fail...

... and there I was assuming that these guys had claimed to have tracked down the people releasing "Anonymous" email, not just "anonymous" email.

This is going to get rapidly more confusing.

0
0

TorrentFreak seeking copyright report’s mysterious author

David Hicks

If you have to go to these extents

In order to get people to not just throw out your data, or give it a veneer of respectability, then you must already know you're peddling bullshit.

8
0

UK.gov to miss another deadline on privacy

David Hicks

You're missing the point

It's not about whether the cookies themselves contain identifiable information.

It's about tracking. It can be a random number in the cookie itself, but when half the internet brings in something from doubleclick or google-analytics then google and the other ad networks can track your browsing habits and get a good picture of everything you do online.

Some people have a problem with this.

1
0
David Hicks

But that's exactly what it needs to say

An online shop for instance, could not track until someone clicks an "add to cart" button, or a buy button. Then they say "we need cookies to carry on or the site won't work" and the prospective buyer then makes the decision.

I'm not sure anything more than session cookies are required even then.

A forum site which remembers the user via cookies could survive with session cookies if it made people log in every time, and be login-free if the user agrees to persistent cookies.

There are many ways to minimise cookie use, and there are many ways the user can be told (or asked) "cookies or no site for you".

0
0
David Hicks
Black Helicopters

A website does indeed have access to cookies it creates

Now think about the average website. That facebook 'like' button is a script brought in from facebook that can set and read cookies, regardless of whether you have a facebook account, they can track you across anywhere with such a button.

A lot of pages bring in stuff from google-analytics, and that gets to set/read a cookie also.

And then there are the ad networks, and the bigger ones will have content across millions of sites. Hell, this very 'reply to post' page brings in scripts from doubleclick (google now, I believe).

So it's not as simple as cookies only being set for the site you're on, it's cookies being set for hundreds of sites you never visited explicitly but were brought in anyway.

Take a look in your cookie dialogue in your browser. There will be hundreds. This is why I recommend use of the "Cookie Monster" extension with firefox, it lets you control this stuff and switch off third party cookies while allowing the first-party ones you need to make the sites you actually visit work correctly.

1
0
David Hicks

That would be the "do not track" header, surely?

That the browsers are now putting in place.

Or you could, you know, not track anyone until/unless they actually log in to your site having clicked through your terms of use. Casual browsers should not be tracked by default.

Why does everything need a session? And why is it a problem to have a session in the URL for most online activites in which any sort of session security is secondary?

1
0

Anonymous probed for hack threat against WikiLeaker captors

David Hicks

Seriously?

He'd get worse if he was in Saudi Arabia so it's OK?

As long as you're just a little bit better than the worst thing you can think of, then everything is just fine?

You shouldn't be allowed to vote.

4
0
David Hicks
Flame

If you need it pointing out who are the good guys ...

... and who are the bad guys in this situation, shoot yourself now.

A hacker group, variously called script kiddies, a great hope for the future, youthful activists or just plain terrorists is demanding - get this - that the US government treat a prisoner awaiting trial as a human being.

And yet some people will have a problem with this, somehow. Despite the history of 'innocent until proven guilty', despite the prohibitions on 'cruel and unusual punishment', we saw that those running the show had no regard for human rights when guantanamo bay was set up. We saw that nothign had changed when Obama forgot to close it down. This is just another in a growing set of things that ought to be making any true patriots of the USA scream bloody murder. Except those that wave flags and crow about how great the US is are more likely to side with the military because Manning is perceived as the enemy. Not a US citizen, not a soldier (that they claim to venerate) but the enemy. And the enemy deserves no rights, is not human, for some reason.

4
0

Feeling heat from Macs, Microsoft sells PCs sans crapware

David Hicks

The thing it's a subsidy

Corporate genitalia aside, the crapware subsidises the OS cost, or the full machine cost. It's one of the reasons the likes of Dell can sell windows machines cheaper than they can linux machines (volume and support costs being the other reasons of course).

Either PC makers will 'get' this and PCs go up in price but come comparatively crapware-free, or 'signature' just becomes a premium windows PC branding and almost nobody buys it because it's more expensive.

OTOH, is it that hard to run "PC Decrapifier" or similar on a new box?

It's what I've always done.

2
0

iPhone to whup Sony PSP 2

David Hicks

Which is about a third of the nintendo figures

And I wonder how many actual unique customers there are, because I account for three of those 60 mil PSPs due to theft or damage.

There is a world of difference between a $2 causal game a decent handheld game. The question though is not whether there is a difference, it's whether anybody cares.

0
0
David Hicks

Hard to tell

They've not only competing with iPhone though are they, they're trying to compete with the handheld gaming king - Nintendo - who have led the pack since the original gameboy days. And this time around they have the 3DS, which is out now and has 3D and everything so it must be great!

And the Sony model will be a lot more pricey than the Nintendo offerings. And they let the last handheld platform just kinda languish for a few years. And there's quite a bit of bad-will towards them anyway.

Going to be tricky to pull of a huge success.

0
0

'Self-incriminators' may be forced to tell the court what they know

David Hicks

Every time I hear of the application of laws made in the last decade

I'm happier about my move to Australia.

No, it's not exactly a shining beacon of freedom and has it's own problems but they don't seem to be quite as stupid as the UK, and I'm not quite as familiar with (and contemptuous of) the political system here yet

0
0

New charge against alleged WikiLeaker carries death penalty

David Hicks

Just give up the pretence at legitimacy

and shoot the guy already. That way people will know you don't fuck with the military. Hell, why not take out his family too, so people know you're serious. Nobody snitches on the mob^H^H^HUS Military and gets away with it.

3
2

Facebook to share home addresses, phone numbers

David Hicks

I got some sort of facebook popup/intermediate page...

...when I logged in the other day, asking me if I'd like to share my phone number and address. And then I noticed on the sidebar that it was offering to find more friends for me if it could just have my email address and email account password please? We won't keep hold of it! Honest!

How about no.

I'm not surprised that the less savvy end up giving ever more data to the beast. I am surprised we haven't seen more fallout from that yet.

2
0

Apple to Microsoft: 'App Store name is not generic'

David Hicks
Linux

I'm sick of this nonsense

I don't care who got there first. I din't give a rats arse.

Stop trying to divide off and claim parts of our language you miserable corporate bastards. If you want to trademark and claim words as yours then at least have the decency to make up some new ones.

Tux, because linux had app stores before either party. And they're free...

27
1

Australians safe from Mortal Kombat

David Hicks

So it'll just get pirated then?

Like what happened with the banned versions of Manhunt 2 etc?

Personally I enjoyed manhunt. Playing it on a projector but otherwise in the dark was a genuinely dark, brooding and scary experience. But people just focus on the fact you could kill bad guys with a shopping bag...

0
0

BT Home Hub 3 ADSL Wi-Fi router

David Hicks

Fob?

What happened to the "fast setup" button?

Does it have one of those? Because I like those.

0
0