Re: If they felt AuthenTec was clearly superior
Why shouldn't the technology available via licence? This, after all, is the founding principle of the patent system. Bullies that buy companies to shut down their licensing are stifling innovation.
4035 posts • joined 16 Apr 2007
Why shouldn't the technology available via licence? This, after all, is the founding principle of the patent system. Bullies that buy companies to shut down their licensing are stifling innovation.
I didn't find the release date of the CVE anywhere. Contrary to your insinuation I don't think Google is wonderful. There's a lot to criticise about the company. But they're handsomely winning the PR war about security. And I think they understand better than most, that you can only keep the most severe exploits under wraps and even then only a for a very short time (OpenBSD is the model here).
I haven't done a look at the commits but I can't imagine they put something in stable without first having it in the beta version. A hotfix for all versions would be the exception here. I suppose that checking this would prove which of us is right about this.
The press release doesn't make it clear when the CVE was made public. As the bugfix has just gone into the stable version of the browser, it will have been fixed in beta and canary channels earlier and presumably available as a hotfix if required.
Not that Google might not get caught out by its 90 day rule at some point but at the moment it has the PR on its side.
From the security page:
One of the quickest ways to get involved is finding and reporting security bugs. It will get prompt attention from a security sheriff, be kept private until we coordinate disclosure, and possibly qualify for a cash reward through our Vulnerability Rewards Program. We occasionally run security contests outside of our regular reward program (e.g. Pwnium2, Pwnium3) too.
Oh, and the code is all open source so that miscreants have a head start finding bugs. Except, of course, that automated scans are better than code review for detecting exploits.
Google quickly discovered that it was excellent PR to run bounty schemes, and much cheaper and more effective than trying to prevent disclosure.
Clawback is a customer right when direct debit is used, though you usually have to sign it off so that the banks can't be made liable if you are using the clawback to default on legitimate charges. If you do, you'll also be hit by the bank with pretty hefty charges.
Are you complaining about the fact that there are still landlines? You might consider them legacy, but they are also a part of the universal service obligation from Land's End beyond John O'Groats to Orkney and Shetland. Personally, this is something I think is important.
I would expect that a huge proportion of Reg readers have taken advantage of Local Loop Unbundling (LLU) to get their broadband service from someone other than BT, but how many of you have done the same with your phone service?
Why do those who stick with the incumbent expect things to change for better for them?
Despite the fact that telecommunications were privatised much later in Germany than in the UK the system seems to be working better. LLU was introduced shortly before 2000 and I immediately took advantage of it and haven't looked back. There are many accounts that LLU, introduced even later, in France and has been a success, even prompting the notoriously slow and surly France Telecom to up its game.
I think that what you're really describing is a failure of regulation both to encourage competition and to maintain standards. From the very start privatisation of the phone service (and later other utilities) in the UK was flawed. Cable & Wireless (itself a product of privatisation) was not allowed to compete with British Telecom for the same services and so mainly concentrated on companies. The carve up led years of record profits and combined with underinvestment. When LLU was introduced it didn't come with enough incentives for other companies to invest either. This is why the situation in the UK is the way it is.
Some other points:
paying by direct debit
This is pretty much every contract even though it actually costs the providers money – banks often charge to hold the money in escrow because it can be clawed back by an account holder. If it can't be excluded by the contract, then the provider will seek to make alternatives as expensive as legally possible. The costs associated with potential non-payment are simply too high. An alternative, of course, might be to introduce PAYG for landline. Remember when they did that for the leccy?
This really is up to the regulator to enforce as part of the service (it's in the spec) to prevent the Ryanair prices you describe. Companies wanting to avoid showing direct lines should should show the number of the switchboard.
Again, this is really down to the regulator. I've only ever had a few in Germany but have always complained (caller id helps here) but since the fines were significantly increased a couple of years ago, I believe that particular problem has largely disappeared. When it has happened, I never got angry I just told the caller I would be lodging a complaint and noted the number. It probably helps that the provider of connectivity for the nuisance caller can be held responsible, so that even if the number is withheld the phone company can track them down using their logs.
has been available here for years, but as others have pointed out, it's not really any cheaper to run
When it comes to switching providers, price should never be the only reason, though it may be the most important one. Other factors such as minimum length of contract and quality of service matter as well. VoIP is cheaper than POTS, Since I made the switch in 2006 I've had more than enough dropped calls or calls with too much interference to gloss over the problems and a VoIP connection requires an individual power supply. The agreed service level in the contract is only 99 % which is one of the reasons why it's cheaper. Nevertheless, network-based VoIP for all new contracts is now standard in Germany.
The costs should also be given some historical context. I'll bitch as much as the next man about the telcos but costs both in nominal and real terms have come down significantly since the 1990s. I used to pay around DM 0.80 a minute for calls back to the UK. A flatrate for calls within Germany has been standard here since about 2005 and I've had a flatrate for calls (to landlines) for Europe and North America for about the same period.
Officially I've still got ISDN, though it's run through the FritzBox and doesn't get everything right, notably forwarding the number of a caller when I redirect a call to my mobile. I guess I should start investigating how I can replace the setup (hardware and config) with straight VoIP.
It killed both international calls and video-conferencing markets.
Competition is such a bit, eh? International calls were a pure profit market kept up by the lack of competition. The carriers managed to keep the illusion going while all the same adopting the same VoIP technology they decried. Costs over a network have almost nothing to do with distance, so why should charges? Since the early 2000s multimedia traffic over the network has dwarfed voice traffic so it was only a matter of time for charging to catch up.
There has never been a video-conferencing market: since the first phones from the early 1970s it's always promised to be the next great thing and never happened.
You've obviously never worked with Microsoft's offerings then!
The multiple product streams were the result of a bloated and dysfunctional product management which created the mess in the first place.
Actually there are lots of other reasons why Lync is better than Skype
Actually, there are lots of reasons why Skype <strikethrough>was</strikethrough> better than Lync. I know Skype is a disaster for admins but it was successful because it was much better for users. I hate pretty much every aspect of Lync which I have to use for customers.
@Big_Ted, we're sceptical because Microsoft has given us cause to in the past and that the time-limiting seems kind of pointless, unless a subscription model is waiting in the wings.
However, I'm happy to wait and see what the terms are as and when the product is released.
but I don't think what we got - regulatory price fixing - was the right way for things to change
I agree but it happened because the networks were too stupid and greedy to prevent it. The lobbying post 2003 essentially kept revenues high for a few years in return for regulation later, which for most CEOs and shareholders would then be somebody else's problem. This can be compared to the way banks avoided regulation of Euro area bank charges.
PAYG in Germany is cheaper and offers more than the UK. The market is only just starting to consolidate from four operators to three and there is a very healthy MVNO market. Free internet on trains for all is on its way (already the case in the Netherlands). And yet I never read sob stories like this about how hard done by the networks are.
The only thing the UK suffers from is lack of investment when the going was good.
FWIW the European Commission was forced to act because they discovered evidence of illegal collusion between operators over roaming. The initial suggestion was drafted by Viviane Reding with Kroes just involved in crossing some t's and dotting some i's.
The Commission has little say over mergers within countries but transnational operators are considered an expression of the single market. If only the EU had been as successful in energy markets.
My linx is running SQL Server Express, and IIS. It is also running one of the Visual Studio Expresses. It does it al flawlessly and without lag.
In 1 GB RAM? Sounds like bollocks to me.
And guess who's to blame? the head of the EU.
No, Juncker is the head of the European Commission, even then he is only primus inter pares. The EU does not have a head. Power is shared by the Commission, the Council of Ministers (the leaders of the governments of the member states), and the European Parliament.
As the Commission's remit is not criminal law, Mr Juncker has personally not done anything illegal. In any case, most elected politicians enjoy immunity from prosecution for anything done as a result of executing their mandate as an elected official. This is why, for example, Tony Blair hasn't been prosecuted for the war in Iraq.
I'm sure Google are leaving themselves open to claims. It could be argued that they are assisting/enabling criminal activity. Class action anyone?
You are insane. Any defence of Microsoft is based upon the unverifiable assumption that no one else had discovered the bug and developed a possible exploit. The resources open to the various secret services, but also to organised crime (the difference between the two groups can often be difficult to tell), dwarf what Google can through at the situation. And you can still cling to the belief that no one else may have discovered (and already be exploiting) this or other bugs?
As for making disclosure of defective software open to legal challenge? That will drive disclosure underground and should make all of us worried about the safety of our systems.
Google should be judged on its own response to similar issues. The WebView one does not count, technically because it's already been fixed, but most obviously because Google cannot deploy a fix. Manufacturers of kit with Android who do not provide security updates are the ones you should be targeting with any legal action.
For gods sake, it got to MARS !
The hard work of getting there was down by ESA. "All" Beagle had to do was land safely. It had been pointed out that it was underspecc'd to do this and so the ignominious and untraceable crash was no real surprise. The probe didn't even have a black box to provide a signal for any of the orbiting satellites to indicate where it landed.
@Moultoneer – totally with you on this: £50 million down the toilet. Though there were some interesting aspects to the project, it was, as is so much British scientific research, dramatically underfunded and the crash was an unqualified failure.
Next time: spend twice as much on it; make two; add redundancy and test, test, test.
The Apostrophe (') on a German keyboard is also difficult to find, many Germans seem to use the forward slanting version (´) which screws up things when downloading mp3 files ;)
Actually, the use of accents or "ticks" instead of apostrophes is common in Germany even though it's infuriating to anyone who understands the difference. To be fair, they're not helped by Outlook's tendency to treat an apostrophe as a single quote, in which case, in German, the first quote is written on the base of a line very much like a comma.
They'll have to build the licensing cost into the standard, when they decide what patents will be included. Rather than some companies having it as part of cross-licensing deals, and others having to pay for it. Otherwise there's no way to check that everyone's paying the same amount.
How do you expect this to work? Who collects the money? Beyond that it's interfering with a company's right to do business, which may well lessen its desire to continue. Or do you consider the MPEG-LA something worth emulating?
FRAND isn't perfect but it does try and compromise between gouging and interoperability.
That made me smile a bit. Yes. After smashing into the surface of Mars it is no longer a spacecraft.
Let's face it: it was never a spacecraft in the first place. At best it was an attempt to test whether Mars has gravity too.
Google does update the OS. It's just manufacturers and carriers who don't ship the patches and updates. This isn't good but not really (or at least not entirely Google's fault).
However, it's not really about the stock browser as much as the component used for viewing HTML / websites in lots of applications. Might be some interesting legal cases if these turn out to be vulnerable.
Thanks for the report on the improvements in Windows 8 for sys admins. But surely they could have been made without the UI clusterfuck? Even with classic shell you still get to shift between completely different GUIs
Much as I dislike this recent marketing land-grab I reckon that .club is a good alternative to .org. Though maybe even better as a SLD for a country: trainspotters.club.uk
Those marketing examples are, in my view, anti-examples. Seriously: watch.fox as a call to action to visit the website?
knavery isn't much use without knaves, which was displaced by lads some time ago. Hasn't rapscallion mutated to the much easier rascal (there's an entropy-based rule for such changes, I believe)?. Caterwaul still seems pretty common to me.
Personally, I'm not a huge fan of synthetic words derived from Latin and (particularly) Greek so can happily live without obambulate, subtopia, concinnity and opsimath. Of course, please excuse my hypocrisy for those words of classic (and pseudo-classic) origin I do use! melange is a French loan word than offers nothing more than mix or mixture.
Philistine is more than vaguely racist. So, I guess only flapdoodle is looking for more exercise!
if you read the EULA (you did correct before you installed it?) then you will know what Microsoft is obliged to provide. If you dodn't like the EULA then don't install the software and use something else. If you feel that Microsoft software is so important to you that you cannot use another product then ask yourself what you are complaining about.
You don't have to use their product.
The EULA that came with the software preinstalled on the machine? The software I paid for because of the volume licence that MS has with the hardware manufacturer?
I think it's pretty clear to all that the problem isn't that Google reported the vulnerability to MS. On it's own, that's a good thing. But it's not on its own.
I think that the only problem here is buggy software which leaves users vulnerable. If this were the car industry then Microsoft could expect to be charged for every day it didn't provide a fix or a replacement.
There is already a thriving market for undisclosed security bugs. There are two ways to dry it up: reduce the number of bugs; reduce the number of undisclosed security bugs by making more of them public.
Does Google have a competitive interest in Windows being a better OS?
Just as much as any other company which uses the software. So, yes is the answer.
It's naive to think that Google's team is the only one that may have discovered this bug. It's just that others may not have condescended to report it.
Google's real test will be when others start discovering similar bugs in its software or services.
So, you should ask Dell, HP, Lenovo, etc. or yourself if you custom-build your system for patches for Windows?
I think you'll find the EULA on a PC is with Microsoft and not with Dell, HP, Lenovo, etc. This makes Microsoft contractually obliged to maintain the software.
With phones the software contract is with the manufacturer and not with Google. Unfortunately, we haven't had enough court cases to improve the distribution of security updates by those manufacturers.
The porn industry has traditionally of successfully adopting the best web technologies: payment systems, web-video, etc. None of the "join the conversation" bollocks for them: it either works or it's dropped. IIRC Cloudflare is pretty popular but they do roll some of their own stuff in order to be able to inject country-specific code.
All joking aside, I reckon it might be interesting to work for one of these sites for a while to find out how "webscale" really should be done.
Like it or not... most of the World may have left the age of analogue behind. But, yet very few actual HD Channels still exist. Here in Germany for example the few "Broadcasters" that can be arsed into upscaling their crap up to 1080i.
Upscaling can be done by the device. The main difference between SD and HD are the codecs used. I agree that the situation in Germany is parlous, especially in comparison with the UK: my mum gets an impressive selection of HD channels on DVB-T England. More than I get on the standard cable service here in Germany. As both countries have a licence fee of roughly the same amount, that can't be the reason. It's got more to do with the fact that the BBC is directly involved in transmission whereas in Germany this is more fragmented and the LfA (regional media authorities) are too spineless to enforce universal access via DVB-T.
Not that it really matters: most German TV isn't worth watching even in SD and would only be worse in HD!
@diodesign - thanks very much for tweaking the article (and also dropping me a note by e-mail).
I stand by what I initially said – "4K readiness" is nonsense – which is reflected in your changes.
As the two don't go hand-in-hand – screen resolution and bandwidth – there will always be a gap. Traditionally resolution has been the driver for bandwidth. Upscaling if done well, and possibly even transcoding to HEVC, might be worth it for some.
I guess we'll know that 4K is gaining acceptance when we start seeing 4K rips in large numbers.
On the one hand we have:
Over the short term, Akamai found that 4K readiness has actually decreased by 2.8 per cent worldwide quarter-to-quarter.
And on the other:
Akamai has noted that over the last year 4K readiness has gone up by 32 per cent
Of course, both sentences include the nonsensical term "4K readiness".
The rest of the "article" reads like the hastily scribbled notes from a press conference.
Will the site makeover include the chance to avoid articles from those who can't write?
Moi aussi, c'est vrai.
A great script, and great directing from Stephen Frears made the ensemble piece work: Peter Richardson's portrayal of Mr Lovebucket was outstanding but it all clicked. But really, with the premise of getting Nicholas Parsons to fly in by helicopter to open Heimi Henderson's off-licence, what could go wrong?
"Do you know Mr Jolly?"
"Know him? He borrows our Fairy Liquid!"
Thanks for the link.
Too many to choose from. Barker was brilliant but there was also Tommy Handley, Max Miller, Spike Milligan, Tommy Cooper, Les Dawson, Morecambe and Wise, Peter Cook, etc. All of them have had me incapacitated with laughter in their time.
It was nice to see Peter Cook get some work from later comedians: Mr Jolly Lives Next Door is, in my view, the best of The Comic Strip films; Chris Morris' heavily ad-libbed interviews of Cook as Sir Arthur Streeb-Greebly.
Ooh! a whole rouble. What does that buy you today? (What did it buy you yesterday? And will it buy you anything tomorrow?) ;-)
No doubt the CIA is as busy in Ukraine as the FSB but I don't see Yatseniuk as their man; I think the success of his party in the parliamentary elections caught a lot of people by surprise.
As for PR fuck ups: it's difficult to top giving the thugs in eastern Ukraine anti-aircraft missiles and letting them slip their FSB handlers log enough to shoot down a commercial plane full of Dutch passengers. That really gave carte blanche to CIA and the rest to arm Ukraine.
Yes, Putin could send troops into Kiev any time but he could never hope to hold it. Who knows: the result of the misguided belligerence may even see the French aircraft carriers lease-loaned to Ukraine and stationed in Odessa…
Whovever downvoted this was not following the news.
And the 50 Kopek brigade joins El Reg…
As opposed to Yanukovich and his cronies before? Or Putin and his kleptocracy?
Not sure the OnePlus One compares directly with a Note 4 but it's still certainly excellent value. Though it also looks like OnePlus are cutting some corners with their products. Caveat emptor.
OLED's a breaker for me so I'm happy to stick with Samsung and, to be honest the stylus-based Notes are damn impressive machines with no direct competition for what they do. But if you don't want that, then sure, go for something cheaper.
Android 5 has a new, faster and less memory-intensive runtime.
Security updates should have nothing to do with upgrades. We need some court cases around companies failing to provide them.
The only slightly worrying thing there is that the latest version of the OS
What's the problem with that? Lollipop is the first version with significant changes (new design, ART, etc.). Even then the changes are tiny compared with the major changes in API in earlier (1.x and 2.x) versions. I would expect adoption to be slower than other point releases in the 4.x series and Lollipop not to be the most common version before the next wave of handset "upgrades".
The most important thing is actually the distribution of security relevant patches. Manufacturers have an understandably limited interest in having to integrate or backport changes into their mods but it is for the regulators to make sure they do their job or fine them otherwise. Users generally don't really care what's running as long as their favourite apps run.
FWIW I stuck Cyanogenmod nightly on my S4 Mini the other day and it's very stable with just a couple of things missing.
Personally, I think that there are lots of things to like in Material Design but such things are always a matter of taste.
There will certainly be calls for more Big Brother action but there is now evidence (on top of the small matter of legality) that all the snooping does is cost money.
I'd don't understand how you can do "move fast and break things" without having unit tests. They seem pretty sine qua non to me, otherwise how do you know what's broken?
That said: tests are a development aid and a developer's friend and not an end in themselves. TDD can be a trap because without some code you won't really know what to test for. Better to write code/test couplets where the tests help you think through (and perhaps improve) the logic you've coded and then fix the implementation so that any breakages will be caught.
Maybe I'm wrong here, but that's just my own perception from looking at web logs on my own servers.
These services generally use JS code to get the stats which excludes a lot of bots: http logs commonly contain 4 - 10 times as many requests as those reported by JS.
My sig's 6 lines (address, two telephone numbers). It doesn't really matter: good mail clients will strip it in replies.
I personally find the lack of text/plain, top-replying and the lack of quoting far more annoying that even the most ridiculous signature. But I guess that puts me in the small minority of people who've been using e-mail for more than 15 years.