Re: NOT only Open Networks

Yeah, as far as I can tell, WPA2 uses a four way handshake which ensures that the AP needs to authenticate itself to the STA as well as the other way round. So a middleman couldn't just set up an AP that accepted "any" password (for WPA2-PSK at least).

Maybe what Thorin says is true for WPA (not WPA2) though (and WEP is broken anyway).

Re: NOT only Open Networks

There is nothing that prevents a malicious individual from setting up a WiFi Access Point that accepts whatever WEP/WPA password you throw at it...same goes for hacking OpenRadius to accept any credential.

@Thorin - really? That's a disturbing thing to learn. I'd kind of assumed that the authentication part of WPA2-PSK might use some signing mechanism that allowed the AP to prove to the STA that it knows the key, as well as for the STA to prove to the AP that it knows the key, without actually transmitting the key over the air. Is that not how it works?

...off to swot up on the specs...

Re: Open Networks

@DaLo - yes, but it need not be "a fake website" (which suggests that some effort went in to constructing a copy of the real thing like a phishing attack does). The MITM can just present *any and all* HTTP websites to the end user over HTTP - the user sees the real website (just over HTTP not HTTPS) and the middleman can capture all traffic.

Re: Open Networks

The middleman can proxy all connections to SSL websites and present them to the user over http:

http://hakinthebox.blogspot.com.au/2012/06/you-just-cant-trust-wireless-covertly.html

If the user isn't looking for the padlock (they possibly aren't on facebook et al, more likely are on bank websites though) you've got their login details.

Encrypted but not secure networks

Even a pub that deploys a cheap router and scrawls the WPA key on a beer mat when you make a purchase is being more secure.

I guess there is still ample opportunity for a MITM attack with such a network. If you create your own network that mirrors the (publicly available) credentials of the pub's, devices might choose to connect to your network automatically. The credentials will be correct and you can sniff people's traffic.

Maybe if you're sat in the pub, theres a fair chance people's phones will connect to the pub's network not your own, but it probably depends on which AP has the strongest signal. But if the credentials are saved, there's nothing stopping you setting up a network just down the road from the pub (in the chippy or whatever) pretending to be the pub's network and having people connect to it that way.

Umerican?

I spose Amercians can't even pronounce American properly.

Re: Does anybody use jif's any more?

PNGs (pinjs?) can't be animated. Jifs can.

cf. tumblr.

Re: NFC payment is pretty crap....

Yup, pay by bonk by card works nicely in M&S at motorway services, WH Smith self checkouts at the station, etc. If you're buying lunch or a paper or whatever it really is quick, no need for a PIN or fumbling for change.

I wish all self checkouts accepted pay by bonk cards, and since in general they're used for smallish grab-and-go type transactions I'd have thought they would get good use of the tech.

But yeah, no idea why I'd want to faff about with my phone to pay. Taking a card out of my wallet is always going to be quicker than loading a phone app etc.

Re: "...poor decision making..."

Other accountants maybe. I'm sure PwC's accountants are a better breed that will definitely help you make the right decisions.

Perhaps.

Re: Where angels fear to tread ... ?

In the utility room next to the washing powder.

Re: Crap weather

Possibly. In bright sunshine you tend to either end up overexposing the parts in sunlight or underexposing the parts in shadow. I imagine it would make it more difficult to stitch adjacent photos together too.

You can print "lost" vouchers yourself from the website

so if you get access to someone's online account you can print their vouchers and presumably spend them instore. Obviously the vouchers are tracked in an online system when you scan the barcode to avoid double-spend of reprinted vouchers.

WTF is

wrong with a "normal" key?

Why did they even invent keyless entry etc?

Re: Ethical question

Nobody NEEDs to be on Facebook.

Many people want to be.

This is true whatever your age.

Re: My rule for applying for jobs

"Says more about you and your attitude to work if you can't accept certain types of people."

Says more about you and your attitude to work if you don't have any scruples regarding who you work for.

Re: OpenDNS

Probably not that hard for a savvy teenager to get around DNS-level filtering - just switch your DNS servers to Google public DNS or something.

One - Virgin Media is not Virgin Group. The latter just licences it's brand to the former.

Two - reports elsewhere state that Liberty Global will be moving it's HQ to the UK (as most of their business is in Europe not the US). Liberty Media, which Malone also has a stake in, is a separate company that does business in the US.

Re: They won't de-dupe the whole file

even after encryption your going to hit some duplicates

Not any time soon you're not.

4kB = 4*1024*8 = 32786 bits. Not 32786 possible values, 32786 bits. So basically you're flipping a coin 32786 times, repeatedly, and hoping you get the same pattern of heads or tails on multiple attempts.

Re: All that money so little profit

If I sell you a widget for £100 on eBay, that's not eBay turnover. It isn't eBay that do the selling - they are just a marketplace. The only money that touches their hands is the fees the seller pays.

The quoted $13bn revenue (and it is "revenue" if you look at the official announcement) includes money eBay received from their subsidiaries including eBay and PayPay. That's not the same as the volume of transactions passing through their systems.

As with all businesses they have costs to pay from the revenue...

Re: It's still the same old programmes

BBC nature documentaries - e.g. the current Africa series - are almost enough by themselves to justify (1) the licence fee and (2) getting a big HD colour telly.

Re: And really, who needs it

but it does save your mum having to sow your name in to them.

Actually, you may be on to something there. Maybe RFID technology could be used to create an automatic sorter for use in communal institutional laundries (prisons, healthcare settings, uniformed trades etc) to get the right garments back to the right person after laundering.

Nothing to do with NFC, though. And I recall that when I worked for a week or two in a car factory the uniforms were bar-coded for much the same purpose already.

And really, who needs it

RFID tags in your socks, underwear, t-shirts etc? Are they really necessary?

In our house we use basically two of the wash cycles available on the machine, one for clothes and another (hotter one) for towels and bedding. Very occasionally we also use the "hand wash" cycle for woollens etc.

How would having the machine tell me what cycle I should be using really enhance my life?

Similarly, I can figure out what to do with three eggs and half a pack of slightly-out-of-date bacon without my fridge telling me.

You can give me £10-15 if you like

but "Handily, the Tab II7 ships without a network lock".

Re: Is unsubscribing really the worst possible thing to do?

Certainly it's not true for the vast majority of reputable UK online retailers (the sort you might actually buy something from in the first place). These all honour unsubscribe requests which solves the problem right away.

Re: Master of your own domain

"So the more they sell my email account the more crap they will get back"

Oh, I'm sure that really bothers them. All those envelopes they will have to waste their staff time opening!

Seriously, just send them to the bit bucket - replying to spam with spam just makes you part of the problem.

Re: Apple TV

Why not? They don't have to make it themselves... e.g. the Nexus family are "Google" products manufactured by others.

Re: So... who's suing Apple?

It's entirely possible the prior patents have expired.

Re: One of the great side effects of the blackout is I no longer ads..

You can just click a "don't bug me" or similar option on the banner. I did a few weeks ago so now I can't see what the exact option is called.

Re: The weakest link

Um. Broadcast digital TV is compressed with lossy compression (MPEG2/MPEG4) and the quality isn't really that great (it's compressed to the point that it is "just good enough"). You don't want any lossy compression on the production side because every bit of processing would result in recompressing and maybe even resampling with further loss and this degrades quality.

Try ripping an MP3, burning it to CD, ripping it back again with slightly different parameters, and repeat the process a couple of times. The quality will drop drastically even though every stage of the process was a digital recording...

Re: How did they tell their customers?

Mobile broadband?

Um...

I think you'll find this design has more moving parts than your solar garden lights.

And the mechanical components in this will wear, too. If it's made out of a significant amount of plastic for less than $5 then they will wear quite quickly. Especially if the weight hanging off it is large enough to be useful.

Re: Sigh

North East. Or North West. Or Yorkshire, the East Midlands, the West Midlands, Wales, the South West...

Basically anywhere but London/the South East would be a better idea.

Re: Confused....

BT just mosey along afterwards and get to charge people through the nose to use infrastructure that taxpayers have built

BT's business model is based on doing just that... remember most of their infrastructure used to be nationally-owned.

Re: Top Tip

I guess the point was that you didn't actually eat the foil.

Normally the other way round

Browsing Amazon is somewhat painful, unless you know exactly what you want.

So I usually browse elsewhere, find what I want cheaper from Amazon, and order it from them.

It's a shame they aren't paying much tax but until they stop being significantly cheaper than the competition, it's not worth the expense of going elsewhere for the sake of making a minor protest.

Re: Work cut out

I pity whoever has the phone number 01234567890. (Hopefully no-one...).