254 posts • joined Wednesday 14th May 2008 08:49 GMT
Re: NOT only Open Networks
Yeah, as far as I can tell, WPA2 uses a four way handshake which ensures that the AP needs to authenticate itself to the STA as well as the other way round. So a middleman couldn't just set up an AP that accepted "any" password (for WPA2-PSK at least).
Maybe what Thorin says is true for WPA (not WPA2) though (and WEP is broken anyway).
Re: NOT only Open Networks
There is nothing that prevents a malicious individual from setting up a WiFi Access Point that accepts whatever WEP/WPA password you throw at it...same goes for hacking OpenRadius to accept any credential.
@Thorin - really? That's a disturbing thing to learn. I'd kind of assumed that the authentication part of WPA2-PSK might use some signing mechanism that allowed the AP to prove to the STA that it knows the key, as well as for the STA to prove to the AP that it knows the key, without actually transmitting the key over the air. Is that not how it works?
...off to swot up on the specs...
Re: Open Networks
@DaLo - yes, but it need not be "a fake website" (which suggests that some effort went in to constructing a copy of the real thing like a phishing attack does). The MITM can just present *any and all* HTTP websites to the end user over HTTP - the user sees the real website (just over HTTP not HTTPS) and the middleman can capture all traffic.
Re: Open Networks
The middleman can proxy all connections to SSL websites and present them to the user over http:
If the user isn't looking for the padlock (they possibly aren't on facebook et al, more likely are on bank websites though) you've got their login details.
Encrypted but not secure networks
Even a pub that deploys a cheap router and scrawls the WPA key on a beer mat when you make a purchase is being more secure.
I guess there is still ample opportunity for a MITM attack with such a network. If you create your own network that mirrors the (publicly available) credentials of the pub's, devices might choose to connect to your network automatically. The credentials will be correct and you can sniff people's traffic.
Maybe if you're sat in the pub, theres a fair chance people's phones will connect to the pub's network not your own, but it probably depends on which AP has the strongest signal. But if the credentials are saved, there's nothing stopping you setting up a network just down the road from the pub (in the chippy or whatever) pretending to be the pub's network and having people connect to it that way.
I spose Amercians can't even pronounce American properly.
Re: Does anybody use jif's any more?
er, not really. As the page you linked to states:
The Animated Portable Network Graphics (APNG) file format is a non-standard extension to the Portable Network Graphics (PNG) specification
It's not really PNG, but a separate extension of the format.
Re: Does anybody use jif's any more?
PNGs (pinjs?) can't be animated. Jifs can.
Re: An open letter
IF Google are selling in the UK, then what they are doing *is* illegal.
Google say they are not selling in the UK.
PAC say "it sure as hell looks like you're selling".
Google say "no really we're not".
The next step is a court case to determine whether or not they are selling. If it turns out that they are selling, then (1) they *are* doing something illegal in not paying (much) UK tax and (2) they also did something illegal by lying to PAC.
Yes, there may be a need to change the law to make the definition of "selling" clearer, or whatever, but that is a separate discussion.
Re: NFC payment is pretty crap....
Yup, pay by bonk by card works nicely in M&S at motorway services, WH Smith self checkouts at the station, etc. If you're buying lunch or a paper or whatever it really is quick, no need for a PIN or fumbling for change.
I wish all self checkouts accepted pay by bonk cards, and since in general they're used for smallish grab-and-go type transactions I'd have thought they would get good use of the tech.
But yeah, no idea why I'd want to faff about with my phone to pay. Taking a card out of my wallet is always going to be quicker than loading a phone app etc.
Re: "...poor decision making..."
Other accountants maybe. I'm sure PwC's accountants are a better breed that will definitely help you make the right decisions.
What a lot of waffle
that just boils down to:
1. Faster hardware can make stuff faster, to a point.
2. You might need to think about the algorithms you use.
Well, thanks for that wonderful insight.
As someone more or less said above, no point writing a load of code to parallelise a really inefficient algorithm and then chucking lots of hardware at it if you could replace it with a non-parallel but much more efficient algorithm.
you just reinvented the credit card:
"Affirm gets away with using such basic info and security by paying for the goods for the shopper and then giving them 30 days, interest-free"
Credit cards used to just require a 16 digit number and an expiry date, and some sort of handwritten scrawl which may or may not have been your signature.
That didn't work out too well from a security point of view, so they added various extra layers of security.
What goes around comes around, I guess.
Re: Where angels fear to tread ... ?
In the utility room next to the washing powder.
Re: Crap weather
Possibly. In bright sunshine you tend to either end up overexposing the parts in sunlight or underexposing the parts in shadow. I imagine it would make it more difficult to stitch adjacent photos together too.
Re: Mixed blessing
Hmm. That kind of kills it really. PDFs are meant to represent actual "documents" so quite often you need to print them. When you print a PDF it should print exactly as laid out in the PDF - that's one of their major advantages compared with HTML. Not being able to print them properly kind of kills the whole point of PDF. Especially as FF is bad enough at printing web pages - I often get better results telling FF to print to a PDF then printing that from Reader...
Chrome's PDF printing is also lousy.
You can print "lost" vouchers yourself from the website
so if you get access to someone's online account you can print their vouchers and presumably spend them instore. Obviously the vouchers are tracked in an online system when you scan the barcode to avoid double-spend of reprinted vouchers.
wrong with a "normal" key?
Why did they even invent keyless entry etc?
Re: Ethical question
Nobody NEEDs to be on Facebook.
Many people want to be.
This is true whatever your age.
Re: My rule for applying for jobs
"Says more about you and your attitude to work if you can't accept certain types of people."
Says more about you and your attitude to work if you don't have any scruples regarding who you work for.
Probably not that hard for a savvy teenager to get around DNS-level filtering - just switch your DNS servers to Google public DNS or something.
One - Virgin Media is not Virgin Group. The latter just licences it's brand to the former.
Two - reports elsewhere state that Liberty Global will be moving it's HQ to the UK (as most of their business is in Europe not the US). Liberty Media, which Malone also has a stake in, is a separate company that does business in the US.
Re: Do they honestly think younger people dont read?
"Don't know about reading, but you could of worked out for yourself that younger folk lost the spelling/grammar plot a good while ago.
nb for the avoidance of doubt: could have => could've. Not freaking could of, or should of, etc"
Was that a deliberate mistake to illustrate your point or an ironic accidental one?
Re: They won't de-dupe the whole file
even after encryption your going to hit some duplicates
Not any time soon you're not.
4kB = 4*1024*8 = 32786 bits. Not 32786 possible values, 32786 bits. So basically you're flipping a coin 32786 times, repeatedly, and hoping you get the same pattern of heads or tails on multiple attempts.
Re: All that money so little profit
If I sell you a widget for £100 on eBay, that's not eBay turnover. It isn't eBay that do the selling - they are just a marketplace. The only money that touches their hands is the fees the seller pays.
The quoted $13bn revenue (and it is "revenue" if you look at the official announcement) includes money eBay received from their subsidiaries including eBay and PayPay. That's not the same as the volume of transactions passing through their systems.
As with all businesses they have costs to pay from the revenue...
Horses for courses
This also links to something I was thinking about yesterday. I read the comments on a Graun article related to the horsemeat-in-burgers thing, and a surprising number of people said that they actually wouldn't mind eating horsemeat, properly labelled as such. (Just as people in lots of other countries do).
It is perfectly legal to sell in the UK, but virtually nobody does, because retailers tend to stick to "safe" options - they sell what they think people want - and are afraid to cause controversy.
I suppose it is a sad reflection on society as a whole - people are afraid to try new things, and sometimes organisations are even afraid to offer new things because they fear people will be afraid to try them.
The real shortage is of experienced "mid level" types as opposed to newbies
Businesses themselves are the problem here - and the company I work for is as guilty as the rest. We want to hire people with a minimum of 3-5 years experience and have little interest in taking on new graduates. There is a shortage of such people.
Meanwhile, for about 3-5 years, there has been a good number of computer science (etc) graduates unable to gain employment.
The only way for businesses to gain people with real-world experience is for businesses to be willing to employ newbies and train them up, not just poach them off other businesses.
Re: It's still the same old programmes
BBC nature documentaries - e.g. the current Africa series - are almost enough by themselves to justify (1) the licence fee and (2) getting a big HD colour telly.
Re: And really, who needs it
but it does save your mum having to sow your name in to them.
Actually, you may be on to something there. Maybe RFID technology could be used to create an automatic sorter for use in communal institutional laundries (prisons, healthcare settings, uniformed trades etc) to get the right garments back to the right person after laundering.
Nothing to do with NFC, though. And I recall that when I worked for a week or two in a car factory the uniforms were bar-coded for much the same purpose already.
And really, who needs it
RFID tags in your socks, underwear, t-shirts etc? Are they really necessary?
In our house we use basically two of the wash cycles available on the machine, one for clothes and another (hotter one) for towels and bedding. Very occasionally we also use the "hand wash" cycle for woollens etc.
How would having the machine tell me what cycle I should be using really enhance my life?
Similarly, I can figure out what to do with three eggs and half a pack of slightly-out-of-date bacon without my fridge telling me.
Re: Is unsubscribing really the worst possible thing to do?
Certainly it's not true for the vast majority of reputable UK online retailers (the sort you might actually buy something from in the first place). These all honour unsubscribe requests which solves the problem right away.
Re: Master of your own domain
"So the more they sell my email account the more crap they will get back"
Oh, I'm sure that really bothers them. All those envelopes they will have to waste their staff time opening!
Seriously, just send them to the bit bucket - replying to spam with spam just makes you part of the problem.
Re: Apple TV
Why not? They don't have to make it themselves... e.g. the Nexus family are "Google" products manufactured by others.
Re: So... who's suing Apple?
It's entirely possible the prior patents have expired.
Re: One of the great side effects of the blackout is I no longer ads..
You can just click a "don't bug me" or similar option on the banner. I did a few weeks ago so now I can't see what the exact option is called.
Re: The weakest link
Um. Broadcast digital TV is compressed with lossy compression (MPEG2/MPEG4) and the quality isn't really that great (it's compressed to the point that it is "just good enough"). You don't want any lossy compression on the production side because every bit of processing would result in recompressing and maybe even resampling with further loss and this degrades quality.
Try ripping an MP3, burning it to CD, ripping it back again with slightly different parameters, and repeat the process a couple of times. The quality will drop drastically even though every stage of the process was a digital recording...
Re: How did they tell their customers?
I think you'll find this design has more moving parts than your solar garden lights.
And the mechanical components in this will wear, too. If it's made out of a significant amount of plastic for less than $5 then they will wear quite quickly. Especially if the weight hanging off it is large enough to be useful.
You've just invented a perpetual motion machine. I can't see any flaws myself. :-)
On the off-chance you're actually completely serious, no, it is impossible. For it to work would break several laws of physics, as any 14-year-old physics student should be able to explain. If you don't have a 14-year-old to hand, here goes:
In the light, the energy to power the LED comes from the food a human eats. His or her muscles convert this stored chemical energy to motion (kinetic energy) to overcome acceleration due to gravity and lift the bag from the floor to the top of the rope. The energy is stored as gravitational potential energy in the bag at the top of the rope. As the bag descends, this gravitational energy is converted back into motion (kinetic energy) . This kinetic energy is converted by the mechanism into electrical energy and that electrical energy is converted into heat and light by the LED. Apart from the fact that some energy is lost to the environment as heat (largely due to friction) at each stage, once the energy has been converted to heat and light by the LED there is no way to convert it back to the energy required to lift the sack.
How efficient is the mechanism?
Basic physics tells us that it takes approx 98 joules to lift a 10kg mass up 1 metre - how much of that do we get back? A 0.05 W LED consumes 90 joules over 30 minutes (1800 seconds). Gonna need a big weight or a long rope (and you'd better get good at Olympic-style weightlifting!) to power the average set of LED Christmas lights...
North East. Or North West. Or Yorkshire, the East Midlands, the West Midlands, Wales, the South West...
Basically anywhere but London/the South East would be a better idea.
BT just mosey along afterwards and get to charge people through the nose to use infrastructure that taxpayers have built
BT's business model is based on doing just that... remember most of their infrastructure used to be nationally-owned.
This list looks like it's compiled by an American website and is based "on the names of 450,000 babies born in 2012 to moms registered on the BabyCenter website".
The official UK list takes a while for the ONS to compile and the latest one is here:
Re: Top Tip
Oh noes, the microscopic foil particles are coming to get us!!!1!!!1! And not do us any. harm. whatsoever.
Which is just as well, because takeaway curry and beer both come in aluminium packaging. And it's Friday.
Normally the other way round
Browsing Amazon is somewhat painful, unless you know exactly what you want.
So I usually browse elsewhere, find what I want cheaper from Amazon, and order it from them.
It's a shame they aren't paying much tax but until they stop being significantly cheaper than the competition, it's not worth the expense of going elsewhere for the sake of making a minor protest.
Re: Work cut out
I pity whoever has the phone number 01234567890. (Hopefully no-one...).
Re: It's *complementary*
It may indeed be complementary to the existing mobile connectivity available in London.
it's also currently complimentary, i.e. provided free of charge.
- FLABBER-JASTED: It's 'jif', NOT '.gif', says man who should know
- Analysis Spam and the Byzantine Empire: How Bitcoin tech REALLY works
- Geek's Guide to Britain INSIDE GCHQ: Welcome to Cheltenham's cottage industry
- VIDEO Herschel Space Observatory spots galaxies merging
- Game Theory Is the next-gen console war already One?