1243 posts • joined 22 Apr 2008
Re: I don't want a smart TV.
@AC - "A TV is not a computer,"
When it's running linux on its multi-core ~GHz processor, has installable applications, a web browser, can stream media all over the place etc etc.... yeah, it is a computer.
Essentially a Smart TV is like an iMac with slightly more emphasis on the screen and less on the computer power, but they're much the same sort of deal.
Re: Rootable? You'd hope so!
What exactly should I not be tinkering with in a device that I bought?
Re: Barns & Noble are not a UK retailer
I don't disagree with any of that, but when our own government (in the form of GOV.uk) uses Google Analytics and an outsourced helpdesk program from zendesk in San Francisco, it kind feels like the battle has been lost.
Re: Security for users of the inter-tubes?
"incredibly tyrannical US government"?
Holy moley do you need to recalibrate your sensors, unless by "incredibly tyrannical" you mean "It's hard to believe how tyrannical the US government is because it's not very tyrannical at all".
There are a lot of dodgy things going on in the western world with respect to individual liberty and privacy. There is abuse of power by governments. However Obama is not an arbitrary (unelected) or absolute ruler and the abuses by the state in the US, while occasionally heinous, are not that bad compared to ... say anywhere that actually has a dictator.
There is much injustice to be fought, but hyperbole doesn't really help.
Re: This is why I can't run an exit node
You'd still be letting your link be used for this stuff, adding to the network capacity. Though perhaps you've just highlighted a potential attack on the system, if you had a lot of nodes and bandwidth that all flooded the network with nothing much and then requested it over and over again.
Either way I ain't touching that.
You can fit 5 drives inside a microserver easily, lets be generous and say he's updated to the latest and greatest 4TB drives, that's 20TB per microserver. A 2TB laptop drive could be crammed in at the top and connected by looping the eSATA port back inside the case. The internal USB slot can host a thumb drive, and there are another five externally for another 1.5 TB. With a suitable USB-3.0 card in the PCIe 1x slot an with internal socket and three external you could add another 4 of these for another TB.... you might be able to pick up and *maybe* fit in the case a PCIe flash card in the x16 slot for up to another TB, bringing us to ~25.5TB per microserver before we even consider external SATA or USB3.0 enclosures...
So with a decent budget and some determination you *could* do 100TB in four microservers I reckon.
This is why I can't run an exit node
Or a freenet node, or really be part of any other sort of darknet where you don't monitor stuff going over your own links.
Not because there's a legal risk, but because I'm damned if any network or computation resources of mine are going to be used to transmit child porn.
Meh, I wouldn't grant them a patent on the technique, some of us cam up with that idea as soon as we heard about QR codes.
And I've still *never* seen anyone use one.
Re: What about Android?
Stallman, IIRC, shuns all mobile phones, including android.
I think they may be fine with that
As I'm pretty sure the Phat Profitz are in the books anyway.
No physical distribution, no printing costs, still more expensive than a paperback? Check. No hardware costs either? Pure profit for amazon.
Re: No surprise
"Is the battery life really a bit deal for 99% of buyers..."
Err, yeah. Being a slave to the power socket with a tablet is far less fun than having a thing that just works for months at a time. You pick it up, press the button and start reading, even if you forgot about it for weeks.
I also find e-ink to be far kinder to my eyes than backlit displays.
People have ereades perhaps?
They've been out a while and (other than the backlight) is there much reason to upgrade?
That said I was thinking of getting my mum a kindle for Christmas, but someone above reminded me it's actually got some pretty big downsides - ebooks are often MORE expensive than the paper versions, which is ludicrous, and you can't borrow or lend them easily. So maybe not. Also she's only just got used to using 'the Google' (firefox) rather than 'the internet' (AOL) so introducing more tech to her life at this point might just be cruel...
Still capable but lazy :)
Although starting to realise that I'm more capable than I thought...
"Actually not illegal UNLESS he explicitly said ... "
Wasn't saying it was illegal, the point of that post was that the guy is a worse arsehole than some of the other bottom-feeders that usually post these pics purely for titillatory purposes and not as a way to expose them to friends and family, or enable stalking.
There was some debate about the 'legal firm' trick as to whether it could be classified as extortion. Still not sure if that was the same guy, mind. And either way, legality is moot, the guy's a slug, which is an insult to slugs.
Re: Legal situation
I was under the impression that release forms were more of a nicety than a necessity. Though if the site is US based it may fall foul of the necessity to keep records of the ages of the victims....
Meh, there's a whole mess in this area, evidently Senor Scumbag has managed to slither through the gaps well enough up until now.
"Well I'm fairly sure that publishing photographs of (almost) any nature of a person without permission is in fact against the law."
I'm pretty sure it's not, I think that's your first problem. Especially of folks in public places. If the pictures were taken by the person uploading them (who therefore holds the copyrights) then the site has the right to publish and whoever is in the picture has no rights at all, particularly not to get the pics taken down.
If the uploader was just a recipient of the image and not the original photographer then it's possible that a DMCA takedown could be legally effective, and a civil suit could be prepared against the uploader.
The only time I think this sort of thing would become illegal in the criminal (rather than civil) sense would be if it could be shown to be harassment. IMHO, IANAL etc etc
Make no mistake - this guy is a class A scumsucker, I'm not defending him in the slightest, I just think you have a charmingly naive view of the protections offered to you by law :)
"In essence, he is no more culpable than those sites that put up pics of nudists or public topless sunbathers as pr0n."
You know, except that whole linking it to facebook profiles, real life people, threats to link it to maps to allow stalking. You know all those things that make it far worse?
Not that I'm defending other sites that put up naturist or revenge pics, but they at least don't mix harassment in with their obscenity. I'm not sure if it was this guy but there was a site that hit the news recently that did much the same, and replied to any form of request for pictures to be removed with a link to another site claiming to be a legal firm who would issue the correct takedown for a low, low fee of only a couple of hundred dollars. Pretty damn despicable...
They have access to our market, and use our common infrastructure, morally they should be paying tax on their profits like everyone that runs a UK business is expected to. Basically, they're not paying the price of entry.
Even if everything they're doing is entirely legal, that does not itself mean it is moral. Seeking profit above all else, to the very edge of the law, is not inherently good or right. In countries where there are no environmental protection laws, is it moral for a company to maximise profit by just dumping its waste products into the nearest river?
Sales taxes are regressive and hit the poor worst.
What's more you'll find that if you apply this to companies they'll coalesce into single legal entities to avoid selling things between each other, therefore avoiding absolutely all tax.
You've come up with an AWESOME formula for impoverishing the poor and middle classes.
Re: @Chris Miller RE: Stemcor
There's a third option - it can be shown that Amazon, Google and Starbucks are profitable in the UK but move profits abroad via various tax-avoiding means (this *is* the case), whereas Stemcor is genuinely having a hard time of it (I have no idea if that's the case).
I have no love for politicians of any stripe, but these allegations seem MIGHTY convenient to me. Totally agree it should be looked into, personally I think everything the politicos are into ought to be investigated, but I'm not convinced this is the same thing that the big multinationals are up to.
Re: Their obligations?
I love this argument - that everything right up to the edge of the law is somehow acceptable and 'right', completely ignoring any idea of social responsibility on the part of the people who make up these companies, who are supposed to be moral/ethical/sentient beings themselves.
Is it right that in countries with lax environmental regulation, that companies should just dump pollutants in the rivers? Or is it right we call them out for being immoral, exploitative and unethical?
Is it right and moral that companies use child labour and sweatshops in countries where that's allowed, in order to keep costs as low as possible so they can skim a slightly larger profit margin from selling the resulting goods to the west?
Me, I reserve the right to call the people running those types of companies (from my examples above) immoral and probably even evil, despite the fact that they're within all applicable laws.
By the way, I'm not trying to say the folks running Google, Amazon and Starbucks are evil, I'm just saying that the argument that companies are exempt from moral judgements over their actions is nonsense.
Re: But what about muh socialism?
@GotThumbs - "I think Amazon should say....Screw em and don't do business in those countries at all."
Awesome, because it would be far better for them just to up and leave rather than pay a percentage tax on their profits.
Do you understand what a PERCENTAGE tax on PROFITS is? Idiot.
@Chris Miller RE: Stemcor
This seems to be a red herring as Stemcor is UK based and reports a low level of profitability - 1% - in the last year on record. A turnover of billions doesn't mean a profit in the billions.
I'm not saying it shouldn't be looked into, it absolutely should and not least because a politician is involved, but this doesn't seem to me to be a game of shipping profits around to the most favourable place as is being played by amazon et al.
Re: They are giving the middle finger to microsoft at last!
' At least as much as Windows, and fact probably more, but split over far fewer units sold.'
Which should be more than taken care of by the lack of windows license.
Re: They are giving the middle finger to microsoft at last!
I guess I never consider support beyond hardware failures, which should be the same, because as a competent software developer I support myself.
If they're going to start offering linux to consumers I can see it, but this is aimed at developers.
I'd still rather be able to buy one with no OS and no support contract.
Re: They are giving the middle finger to microsoft at last!
Economies of scale don't really apply to a situation where the hardware is the same but a different OS image is added. It's not going to add hundreds to the price to flash a slightly different image to the exact same hardware.
Now, I can see them wanting to recoup any development effort they put in by charging for it, fine, that could explain it just fine.
Still, don't hold your breath for Dell UK to get the picture. They flat-out refused to sell one of these without Windows when I enquired, and made no mention that they might be able to meet my requirements for an MS-free laptop in the near future.
Re: Damn right
It depends what you mean by stand out.
Competently producing high-quality work to schedule is enough to stand out in a lot of places. Believe me, I've seen a *lot* of software shops that could vastly improve by having a few of these people on board. They may not be producing kernel device drivers or contributing to the Go runtime in their spare time, but they're head and shoulders above a lot of what you'll encounter in our industry.
Of course you want the device driver and Go folks if you can get them at a reasonable price, but these types are very few and far between.
Re: Damn right
I know plenty of folks making good money doing solid work at major corps, some of whom don't even have a computer at home. While I would look at enthusiasm and outside interest in a candidate without experience, not everyone that's good at the day job is obsessive about it at home too.
Maybe most of the best ones are, but not everyone can be the best and not everyone can hire the best, sometimes industry-average is fine.
It's a trap!
El Reg needs an Admiral Akbar icon for this.
Next week we'll be reading about how surprised everyone was when he was arrested at the airport as soon as he cleared immigration.
This whole thing is a sham. If he committed an offence he did it here, in the UK, and should be charged under UK law. Same with that McKinnon fellow.
Contracting definitely has its appeal
I have a project. If I do the project on time and to a good standard we're done. Maybe I'll get another, maybe I won't, maybe I'll take it, maybe I won't. Maybe I'll raise my rates, maybe I won't.
But there's no bullshit appraisal based on management opinions. There's no writing down your useless goals for the year which are irrelevant a month later, never mind a year later when you have to try and twist what you actually did into a narrative that somehow supports what you said you were going to do, despite the fact those goals were discarded ages ago and you did an awesome job on whatever the hell else it was you were doing but somehow that might not count because it doesn't align with the agreed targets and anyway you haven't been engaging with the wider company and perhaps we can push for a little more leadership training in the next period and would you like to write an article for the staff news letter next month and by the way we've got an all-hands staff meeting this afternoon that's going to take three hours but be entirely content free because the visiting that exec has mastered the art of saying long strings of vaguely encouraging sounding words without conveying anything close to what might be considered a fact, factoid or piece of information in them......
Bugger all that for a lark.
'I don't really need to pay £15 for a BD to just see better pore definition on some actors face'
Oh but High-Def is a *great* leveller.
You realise that the prettiest people that hollywood has to offer, even with all the makeup artists money can buy, still have bad skin and even the occasional lady-moustache.
Yeah I know, "The Year of the Linux Desktop" perhaps deserves the fail tag. Though I'm not convinced that was ever anything but a taunt by the 'anti' side.
Linux is incredibly mainstream though. It's the most popular smartphone kernel, it's on a lot of wireless routers and other infrastructure, it's in your tv, it's running your ISP servers, it's on credit card terminals and it's in a hell of a lot of other places. You're quite likely to have more linux devices in your life than windows ones (unless you're a sysadmin!)
Perhaps we ought to change the ironic slanging to "next year will be the year of the GNOME desktop" ;)
One of the most, if not the single most popular/common OS on the planet.... sure I can see why that would be in a list of technology failures!
Re: Secondlife Is still Alive.
I can get away with reading the reg at work, not so much an immersive 3d environment....
Amazon are very much in my bad books right now
But that's mostly because they just delivered my new memory stick to my mum. I'm sure I changed that default address....
There are many side effects of taxing corporate profit rather than sales. In theory -
- Struggling, barely profitable companies get to keep employing people without having to worry about the extra tax/sales disincentive that would come about if your plan was put in place
- It encourages reinvestment into the business. Why pay tax on profits if you can plough much of it back in and make the company even better?
- It hits those that can pay (profitable companies) vs indiscriminately applying to people who may or may not be the best targets. As the other poster mentioned, VAT is regressive.
The theory breaks down when profits can just be spirited away though.
'This is how EU entities pay for the use of Amazon’s technology and intellectual property, which is primarily developed in the US'
That might be an entertaining diversion if Amazon in the UK/EU/Wherever was an independent entity with a relationship to the parent something like a fanchisee, but that's not the situation is it?
Theoretically I should be able to pair a PS3 controller...
Could do that with my N900 and the emulators I ran on it. That and tv-out made for much Sonic related joy in various hotels I found myself stuck in.
I assume that I probably could do the same with my newer android phone, but it doesn't seem that easy.
Reminds me I still haven't played the last one
And now I've looked it up I'm not sure how to go about purchasing it. There are a bewildering array of editions available, all of which have some extra stuff (but not really all of it).
Cheapy platinum edition it is then?
My Wii is jailbroken
Nintendo didn't seem to put anywhere near as much effort into stopping it as the other console makers, and I like that a lot.
I could load the homebrew channel to run non-approved software. Some nice team or other made a homebrew browser (I suppose we'd call it an app store now). I could run an isoloader so that I could play the games I bought and ripped from a drive - far faster than the optical drive and no messing about with disks. I could rip games to play on Dolphin on my PC.
I hope the U is fully broken before long, I might get one if I can do my own things with it.
I'm sure there is truth underpinning this report somewhere
I'm sure many concerned people were honestly horrified by what they found. I'm sure they put the report together as best they could and with as much honest gravity as they could. I'm sure that they did their best to convey the seriousness of the situation to those that could convert concern into action.
I'm also sure that in the past we've seen minor errors at multiple stages that have resulted in scores of kids being removed from loving homes. Tread carefully.
Re: 3 questions
Oh I see, you meant to be compliant with the law! Of course I considered the legal landscape - I was looking at ignoring it completely and rendering it ineffectual. I guess it comes down to whether you prefer compliance and legalit or security and maybe being imprisoned.
I mean, of course you can't have properly secure comms and comply with all the various laws, the laws are specifically designed to prevent real security. You only have to look at the UK where many standard TLS ciphersuites could be interpreted as being illegal because you can't provide the government with a decryption key afterwards.
I don't think it would be that hard to secure a persons audio comms using decent tech and a reasonable frontend. I don't think it would be that hard to do it in such a way as your comms are unbreakable, even to you (after the fact), but that doesn't mean you wouldn't get put in prison for using whatever I designed.
Usability, flexibility, whatever else are really no more difficult to overcome than the tech issues, IMHO. But you absolutely have to start with the absolute knowledge that you *cannot* have real comms security without the user taking some extra steps - for instance meeting, in person, the folks that they want to talk securely to and using something like NFC to perform a 'bump' certificate exchange/cosigning.
I'm not saying these guys are doing that or are even any good, mind, I haven't looked into it.
Re: 3 questions
@kyza - Pls forgive density in this question...is this the equivalent of, or similar to, a one-time pad?
If this was directed at me....
OTPs are designed for encrypting smallish messages, and the pad itself must be exchanged between parties ahead of time. Generating and exchanging enough OTP data to carry on multiple phone conversations (you'd need a pad for each side) would be a hassle and you would have to top up your pad with face-to-face contact every so often.
OTPs also do not provide the protection of a proper authenticated encryption scheme, either. In the way they are typically used it's perfectly possible that a message could be altered in flight (say by a compromised router) if you make certain assumptions about the format of the underlying data. Using a GCM-like system protects against this. This weakness is something I thought of off the top of my head and I'm not even a crypto expert, just an interested amateur. I'm sure there are other weaknesses an expert could point out.
Re: 3 questions
Re: Question 3, I'm not sure what you mean by 'Really Secure' but using standard encryption methods you can get to the point where it's basically impossible to decrypt things.
By 'standard methods' I mean a proper authenticated encryption* scheme, public/private identity verification using private trust infrastructure and an ECDHE style key exchange mechanism with frequent changes and disposal of session keys. Recent versions of TLS implemented in well-audited libraries will do a lot of this for you.
In the case of data streams created like this they cannot later be decrypted by anyone, including the original parties, as all the keys used to encrypt the data are long gone. Legal sanctions then become useless.
(*authenticated encryption does not mean encryption with RSA-style authentication, it means schemes like GCM)
That's the more interesting part to me. Do we have a malicious employee? A remote exploit and then privilege escalation? Just some weak passwords?
The only time bad things happened to my public facing linux machine were during the time when it really shouldn't have been public facing and had horribly weak passwords. I was still half-way through adding kernel support for the platform, the root password was 'root' and root SSH access was allowed. Not that that's how they got in, first they gained access to the 'dave' user (password 'dave') and then spent quite some time guessing at root.
The eventual attempt at using their new-found power was full-on retarded though - they created a ramdisk (on a machine with 32Mb of RAM) and then tried to run a shoutcast binary, compiled for x86, on an experimental ARM box....
Re: Normal people don't use Linux
I'll say here what I've said before - If you can't make one of the friendlier Linuxes work for you, and after days of struggling, then you have no right working in this industry.
It's really not that hard, and as much as you think you're showing us how broken linux is, you're really just exposing your incompetence. Which is why you've posted as AC no doubt. Wise, nobody I know would hire you after that admission.
Until such time...
...as it's decided to be a security risk and canned, with no refunds and no apology, if Sony's usual tactics are to continue.
Re: If you encrypt something more than once...
Good point on the re-encryption. Must be that it just doesn't help when talking about double DES.
You're wrong about it being algorithmically secure, by the way, check wikipedia - there are three known attacks, one of which requires time equivalent to 2^39 - 2^40, quite a bit less than 2^56 brute force. From what I remember this may be down to a badly designed S-box.
Re: Reminds me of an odd australianism
LOL, no I'm not sure if the burpless cucumbers are better for down-under bottom barks....
Reminds me of an odd australianism
In Australia you can buy two types of cucumber - regular and 'burpless'.
I had no idea cucumbers and belching were associated, but apparently it's a big problem down under.
- Nokia: Read our Maps, Samsung – we're HERE for the Gear
- Ofcom will not probe lesbian lizard snog in new Dr Who series
- Episode 9 BOFH: The current value of our IT ASSets? Minus eleventy-seven...
- Too slow with that iPhone refresh, Apple: Android is GOBBLING up US mobile market
- Kaspersky backpedals on "done nothing wrong, nothing to fear" company article