Feeds

* Posts by Destroy All Monsters

9687 posts • joined 3 Jun 2008

DJANGO UNCHAINED: Don't let 'preview' apps put you off Fedora 20

Destroy All Monsters
Silver badge

Re: "a decent upgrade for Fedora fans"

Nah, surely it's supported for 12+ years, just like Windows XP, isn't it?

Of course not. Are you some kind of weird coelacanth?

1
0
Destroy All Monsters
Silver badge
Windows

Don't remind me

Xlib and Xt Intrinsics ... it was regular torture porn back in the early 90s. Complete with the 5 kg manuals. I also remember a weirdish sorta/kinda "object-orientation in C" style. Then gcc crashed.

Shit, I'm old.

2
0
Destroy All Monsters
Silver badge

KDE installed!

Now if I only could get friendly with the mysterious DBus.

0
0

HP: This Xmas, get the SACK... and not the one filled with presents

Destroy All Monsters
Silver badge
Devil

Re: If HP Execs didn't make $19 BILLION dollar cock-ups on a regular basis...

A very small violin plays for the megastructure that cannibalizes itself to put more lard on the head.

One can only hope that "activist shareholders" will soon deploy their shark fins for a wakeup call.

6
0
Destroy All Monsters
Silver badge
Holmes

Re: Morals

To be honest, sometimes you have to get rid of people to keep the ship afloat at all, even though it may be a "damned if you do - damned if you don't" problem. Been there, done that. On the other hand, there was zero "middle management" in our case.

In a sane economic climate, this shouldn't be much of a problem.

Unfortunately this short recession is far from over.

4
2

We don't need no STEENKIN' exploit brokers: Let's FLATTEN all bug bounties

Destroy All Monsters
Silver badge
Pint

Well no. They would not be FORCED to pay up when a mysterious call from a stranger arrives.

On the other hand, they could put money & time into assurance efforts. No more half-arsed coding during the weekend for Internet-facing software by C++11 hackers freshly out of uni, but bill accordingly.

Or it could come down to: insurance.

Good processes? Low premiums. Shite processes? High premiums. Fly-by-night? No insurance (but maybe the customer is indeed happy with that).

It would be like high-reliability engineering, really.

4
1
Destroy All Monsters
Silver badge
Holmes

Not the same guy, guv!

1
0
Destroy All Monsters
Silver badge

Re: "companies would most likely rather employ full-time vulnerability researchers"

Yeah, I am puzzled about this too.

Is being employed no longer considered a good thing?

Kujawa reckons a kitemark scheme for federally approved industry seal for software testing would offer an alternative means of weeding out security bugs from the software ecosystem.

Yeah, FIPS approved and everything. 100% security tested SEAL OF GOVNMTAL APPROVAL.

The real world just doesn't work that way.

3
0

Nato, UN, NGOs slug it out with namespace biz bods: IMHO... STFU

Destroy All Monsters
Silver badge

Re: NATO = UN Agency?!

Of course. Did you think it was the US "protection" outfit of Yurop?

0
0
Destroy All Monsters
Silver badge
Headmaster

MUH PROTECTION!

Can anyone in the taxfeeding heaven tell me what this is about except people having too much time on their hands while their taxpayer-provided paycheck arrives unbidden in their mailbox?

0
0

Feuding fanbois in a flap over piracy haven in new iOS 7 jailbreak tool

Destroy All Monsters
Silver badge

Re: Ethical

Hush!

1
0
Destroy All Monsters
Silver badge
Coat

What!

access a local alternative app store called Taig

Hosted in Ireland?

1
1

RSA comes out swinging at claims it took NSA's $10m to backdoor crypto

Destroy All Monsters
Silver badge
Trollface

Re: Truism

Simply saying they "[relied] upon NIST" is utterly inadequate, given that NIST provided no proof of the security...

Actually, RSA was using it even before NIST was done with approval, maybe even before the approval process was even started.

From the reuters article:

RSA adopted the algorithm even before NIST approved it. The NSA then cited the early use of Dual Elliptic Curve inside the government to argue successfully for NIST approval, according to an official familiar with the proceedings.

6
0
Destroy All Monsters
Silver badge
Trollface

Re: Truism

The Album of the soundtrack of the trailer...

Interviewer: An excerpt from Carl French's latest film. Carl, we're all a little mystified by your claim that your new film stars Marilyn Monroe.

Carl French: It does, yes.

Interviewer: Who died over ten years ago?

Carl French: Uh, that's correct.

Interviewer: Are you lying?

Carl French: No, no, it's just that she'e very much in the public eye at the moment.

Interviewer: Does she have a big part?

Carl French: She is the star of the film.

Interviewer: And dead.

Carl French: Well, we dug her up and gave her a screen test, a mere formality in her case, and...

Interviewer: Can she still act?

Carl French: Well... well, she-she's still has this-this enormous, ah-ah, kinda indefinable, uh...no.

0
0
Destroy All Monsters
Silver badge
Holmes

Snowden? Maybe not. Probably not.

Note that contrary to the article, Reuters did not say or imply that the bribery info came from Snowden:

Undisclosed until now was that RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software, according to two sources familiar with the contract. Although that sum might seem paltry, it represented more than a third of the revenue that the relevant division at RSA had taken in during the entire previous year, securities filings show.

It is "sources familiar with the contract", which is someone else.

Check it out again

We also read:

RSA adopted the algorithm even before NIST approved it. The NSA then cited the early use of Dual Elliptic Curve inside the government to argue successfully for NIST approval, according to an official familiar with the proceedings.

Aha.

1
0
Destroy All Monsters
Silver badge
Holmes

Because their job is (was?) ALSO to make sure US companies had the tools to net get slurped by evil commie or french or persian spies. Hence the stadardization effort for DES and later AES, accompanied by efforts to persuade people to make the key maybe not too long.

6
1

US Department of Justice details Kim Dotcom evidence

Destroy All Monsters
Silver badge
Holmes

Your correspondent has just re-watched Donnie Brasco and so cannot help but think sitting behind a keyboard and logging on to a web site rather lowers the bar for “undercover” work.

Quite so. But these are the times of remote-control operators being "traumatized" behind their screens while they blow up wedding parties in Yemen. Pass out the purple cyber hearts!

14
1

You've got $60k: So, 2013 sporty Corvette, or a year of AWS's new I2 beast?

Destroy All Monsters
Silver badge
Holmes

Re: Cost efficiency

Have an upvote.

Someone is doing the ROI analysis.

That someone will find amazon's offer is good value.

Because amazon is not offering vanity/consumer goods like corvettes here, they want to sell this to business types.

No-one needs big boxes by Dell not yet written off gathering dust in the corner because the project came to an end but the servers and the sysop that comes with it didn't magically disappear. Well, I guess you can sell them on eBay or give them back to Dell for refurbishment, but still...

Btw does anyone know what "1 CPU unit" in amazon speak is? I think it is less than a real CPU ... it may be the "hyperthreaded" peer only.

3
1

Mozilla: Native code? No, it's JavaScript, only it's BLAZING FAST

Destroy All Monsters
Silver badge
Holmes

Java's "Enterprise" coding style is the ultimate in slow, unreadable, bloated, crap.

That may be so but what is Java's "Enterprise" coding style?

Pretend this is a job interview question.

0
0
Destroy All Monsters
Silver badge
Trollface

And apparently none of them has even heard of "D"

It's like a Japanese sergeant, holding out forever on a pacific reef, while the world moves on.

0
0
Destroy All Monsters
Silver badge
Windows

Re: Yeah right

ITT: People hoping that these newfangled "Virtual Machine" languages just went away so that they can get back to the well-remunerated job of getting some work done in original K&R C.

Until the nurse rolls them back into their room.

3
0

How much did NSA pay to put a backdoor in RSA crypto? Try $10m – report

Destroy All Monsters
Silver badge
Thumb Down

Re: Re Mr Snowden

> I have met Germans who had brushes with the Gestapo.

Guess you must regret not having been the Gestapo.

10
1
Destroy All Monsters
Silver badge

Re: @VernonDozier: What the hell am I reading?

A blast from the past

Date: Thu, 29 May 1997 15:54:20 -0400

From: freematt@coil.com (Matthew Gaylor)

Subject: Newsflash: PGP approved for export of strong crypto

[Just in case you haven't already heard...]

Hello Friends,

Around here, this is what we call "pretty good news." The other good news is that it's NOT April Fools Day (yes, this is for real.). Best of all: no key escrow! :)

Have a Pretty Good Day,

dave

................................. cut here .................................

CONTACT:

Mike Nelson

Director of Corporate Communication

Pretty Good Privacy, Inc.

415.524.6203

PRETTY GOOD PRIVACY RECEIVES GOVERNMENT APPROVAL TO EXPORT STRONG ENCRYPTION

SAN MATEO, Calif., May 28, 1997 -- Pretty Good Privacy, Inc. (www.pgp.com), the world leader in digital privacy and security software, today announced that the U.S. Department of Commerce has approved the export of Pretty Good Privacy's encryption software to the overseas offices of the largest companies in the United States. This makes Pretty Good Privacy the only U.S. company currently authorized to export strong encryption technology not requiring key recovery to foreign subsidiaries and branches of the largest American companies (see list of companies below).

The approval allows Pretty Good Privacy to export strong, 128-bit encryption without a requirement that the exported products contain key recovery features or other back doors that enable government access to keys. More than one-half of the Fortune 100 already use PGP domestically to secure their corporate data and communications.

"Now we are able to export strong encryption technology to the overseas offices of more than 100 of the largest companies in America, without compromising the integrity of the product or the strength of the encryption," said Phil Dunkelberger, President of Pretty Good Privacy, Inc. "We worked closely with the State Department when they controlled the export of encryption, and are now working with the Commerce Department. And we have never had a license application denied."

The license allows export of strong encryption technology, without government access to keys, to the overseas subsidiaries and branch offices of more than 100 of the largest American companies, provided that the offices are not located in embargoed countries, namely Cuba, Iran, Iraq, Libya, North Korea, Sudan or Syria.

"As far as we know, Pretty Good Privacy, Inc. is now the only company that has U.S. government approval to sell strong encryption to the worldwide subsidiaries and branch offices of such a large number of U.S. corporations, without having to compromise on the strength of the encryption or add schemes designed to provide government access to keys," said Robert H. Kohn, vice president and general counsel of Pretty Good Privacy. "Pretty Good Privacy still opposes export controls on cryptographic software, but this license is a major step toward meeting the global security needs of American companies."

The U.S. government restricts the export of encryption using key lengths in excess of 40 bits. However, 40-bit cryptography is considered "weak," because it can be broken in just a few hours. Generally, the U.S. government will grant export licenses for up to 56-bit encryption if companies commit to develop methods for government access to keys. For anything over 56 bits, actual methods for government access must be in place.

Pretty Good Privacy's license permits the export of 128-bit or "strong" encryption, without any requirement of a key recovery mechanism that enables government access to the data. A message encrypted with 128-bit PGP software is 309,485,009,821,341,068,724,781,056 times more difficult to break than a message encrypted using 40-bit technology. In fact, according to estimates published by the U.S. government, it would take an estimated 12 million times the age of the universe, on average, to break a single 128-bit message encrypted with PGP.

"Pretty Good Privacy, Inc. has been working diligently to ensure compliance with the export control laws. Clearly, the Commerce Department recognizes the needs of reputable American companies to protect their intellectual property and other sensitive business information using strong cryptography," said Roszel C. Thomsen II, partner at the law firm of Thomsen and Burke LLP.

"User demand for strong cryptography is growing worldwide," said Marc Rotenberg, director of Electronic Privacy Information Center, and a leading privacy-rights advocate. "This is just one more example of the need to remove obstacles to the export of the best products the U.S. can provide."

Companies that are approved for the export of Pretty Good Privacy's strong encryption should contact Pretty Good Privacy's sales office at 415.572.0430 or visit the company's web site at www.pgp.com. Companies that are not currently on the list of licenses obtained by Pretty Good Privacy, but would like to gain approval to use strong encryption in their branch offices and subsidiaries around the world, should also contact Pretty Good Privacy at 415.572.0430 for information about how to be included in future government-approved export licenses for PGP.

About Pretty Good Privacy, Inc.

Pretty Good Privacy (www.pgp.com), founded in March 1996, is the leading provider of digital-privacy products for private communications and the secure storage of data for businesses and individuals. Pretty Good Privacy's original encryption software for email applications (PGP) was distributed as freeware in 1991 by Phil Zimmermann, Chief Technical Officer and Founder of Pretty Good Privacy, and allowed individuals, for the first time, to send information without risk of interception. With millions of users, it has since become the world leader in email encryption and the de facto standard for Internet mail encryption. Over one half of the Fortune 100 companies use PGP. In order to provide only the strongest encryption software, Pretty Good Privacy publishes all of its encryption source code and algorithms for extensive peer review and public scrutiny. The company can be reached at 415.572.0430; http://www.pgp.com.

Immediately followed by

Date: Thu, 29 May 1997 18:46:08 -0400

From: "Tom Betz" <tbetz@pobox.com>

Subject: Re: Newsflash: PGP approved for export of strong crypto

On 29 May 97 at 15:54, Matthew Gaylor wrote:

> SAN MATEO, Calif., May 28, 1997 -- Pretty Good Privacy, Inc. (www.pgp.com), the world leader in digital privacy and security software, today announced that the U.S. Department of Commerce has approved the export of Pretty Good Privacy's encryption software to the overseas offices of the largest companies in the United States. This makes Pretty Good Privacy the only U.S. company currently authorized to export strong encryption technology not requiring key recovery to foreign subsidiaries and branches of the largest American companies (see list of companies below).

Hokay... does anyone know the exact date the NSA cracked PGP?

2
1
Destroy All Monsters
Silver badge
Facepalm

@VernonDozier: What the hell am I reading?

So RSA was born as a commercial product, that used some of the PGP technology.

Wrong. RSA was sitting on its patents and unable to monetize the stuff properly (not to mention being hindered by ITAR and COCOM.)

Zimmermann wanted to use the RSA algorithm in PGP. But it was patented. So he finagled the fact that basically someone at RSA said over a beer that he could build an implementation. (Building an implementation is not hard to do; we did it at school). Then someone exported the code as a printout to Norway and Finland to be "legally in the right" about that as I remember. End of story.

These were interesting times. Also the times when Clinton wanted to get into your phone via Clipper chip and "key escrow" retardation.

I remember reading an article in Scientific American from the early 1990s, where IBM said they had the technology to develop CPUs that run up to 4GHz using RISC technology

Must have been very simple CPUs (like, a few trransistors) using experimental GaAs or Josephon Junctions. "We are doing it in the lab" is not "You can have it at the retailer".

Parallel processing makes it more difficult to brute-force decrypt.

LOLWHAT. Brute-force decryption is "embarrassingly parallel" problem.

My guess is that computer speeds plateaued as a result of Government intervention

Time for bed, Mulder!!

See also: RSA Company History

See also: PGP history

14
0

MailOnline pulls recipe site after innocent young cookbook DEFILED

Destroy All Monsters
Silver badge

Re: As usual, el reg dodged the real question

They may either go up or down. It is difficult to say.

2
0
Destroy All Monsters
Silver badge
Holmes

How is Lybia anyways?

Lybian cyber-hijackers ... bragging about their conquest

Must be the after-effects of all that viagra distributed by Ghaddafi for RAPE, as detected by the truthy Susan Rice.

1
1

Google: Surge in pressure from govts to DELETE CHUNKS of the web

Destroy All Monsters
Silver badge

"Big Business" would sell you anything. That is the point of it.

"Government" is angling for votes no matter what the cost. If need be, they serve you a soup spiced with disgusting red and brown pieces of stale shite then tell you it is for your best while asking you to pay for it. That is the nature of government.

You know what you want.

[In the beginning, people] demanded inexpensive liquor, tobacco and consumer goods, clean women and a chance to win a fortune; and our ancestors obliged them. Our ancestors were sneered at in their day, you know. They were called criminals when they distributed goods and services at a price people could afford to pay. ... They had what they called laissez-faire, and it worked for a while until they got to tinkering with it. They demanded things called protective tariffs, tax remissions, subsidies — regulation, regulation, regulation, always of the other fellow. But there were enough bankers on all sides for everybody to be somebody else's other fellow. Coercion snowballed and the Government lost public acceptance. They had a thing called the public debt which I can't begin to explain to you except to say that it was something written on paper and that it raised the cost of everything tremendously. Well, believe me or not, they didn't just throw away the piece of paper or scratch out the writing on it. They let it ride until ordinary people couldn't afford the pleasant things in life. ["The Syndic" by C.M. Kornbluth]

2
0

'F*** off, Google!' Protest blockades Google staff bus AGAIN – and Apple's

Destroy All Monsters
Silver badge
Big Brother

Re: bad side effect of a generally good thing

I don't know whether putting one's fetishism about how "things should like" onto a housing market raped mercilessly by the fetishism of the "everyone should own a house" housing bubble is the way forward.

1
1
Destroy All Monsters
Silver badge
Terminator

"Anti-gentrification"? What??

Seriously, WTF is with the stupid level of those people?

My only hope is that they will be first through the meat cleaver once AIs pump out the HK drones.

They and their dumbass Che Guevara Tees.

Jeez. move to flyover country if so needed.

8
9

Worried OpenSSL uses NSA-tainted crypto? This BUG has got your back

Destroy All Monsters
Silver badge
Black Helicopters

Gaius Baltar in your server room etc.

> It is a rare example of a software screwup that has beneficial side-effects.

Oh yeah?

Someone may have known something.

12
1

Parents can hide abortion, contraception advice from kids, thanks to BT's SEX-ED web block

Destroy All Monsters
Silver badge

Re: Legality

For a fee!

2
0
Destroy All Monsters
Silver badge
Devil

The coaltion demands that...

Clearly not the "Coalition of the Willing", then?

Clearly we need less buttered corn on the cob for more flexibility. Err... yes ...

2
0

Ex-Microsofties face 20 years in slammer over insider trading

Destroy All Monsters
Silver badge

Re: buy low, sell high?

A "market" is not a zero-sum game. The whole point of a market is that EVERYONE is better off.

Is the stockmarket a zero-sum game? It is difficult to decide with all the new money from nowhere rushes into it from everywhere. Maybe it is just a way to get a piece of the pie. Of course, the stockmarket in its current form turns to frank buccaneering when the raging exponential collapses, so you better get out early.

More here: How the Stock Market and Economy Really Work

3
4

Mosquitoes, Comets and Vampires: The de Havilland Museum

Destroy All Monsters
Silver badge
Holmes

Mosquitos in "Tintin": Good memories.

Anyone remember the use of Mosquitos bought off a war scrap dealer by an unnamed sand kingdom to wipe out Tintin trundling through the desert on camelback?

Luckily a miscommunication causes the Mosquito to attack the sand kingdom's armored battalion instead in a 1958 blue-on-blue incident, so our hero lives to see another day. Amazingly, no-one of the armor grunts seems to get killed either.

1
0

Italy's 'Google tax law' could fall foul of EU discrimination rules

Destroy All Monsters
Silver badge
Big Brother

Re: "stopping the so-called double Dutch and Irish sandwiches": Not quite

This is the age and time where 15% VAT is regarded as "unfair" and 30% income tax is "low" and where politicians are looking for hidden cash pots all over Europe to keep their promises about the voters' good life going for a few hours more. Apparently they believe that "the rich" have huge stashes of euro bills in Uncle Scrooge-style bunkers - instead of owning factories and commerce that provide MUH JOBS.

I'm awaiting the righteous bloodying of Jewsspeculators and hoarders and talk of nationalizations as well as harsh penalities for "antisocial" entrepreneurs any minute now.

7
4
Destroy All Monsters
Silver badge
Mushroom

Keep your stinky fingers off productive capital

Supporters have claimed that the measure could add at least a billion euros a year to the coffers, a much-needed cash injection for the country, which has the second-highest level of debt in the EU after Greece.

These supporters are the people very near the state: taxfeeders, cronies, mafiosi and assorted parasites.

A "cash injection" for a bottomless pit of incompetence and graft is not a "measure" - it is utter waste.

It is not a coincidence that before hiding under the kimono of the Eurozone (thus effectively performing trans-european socialization of its debt problems), the lira underwent serial devaluations.

10
4

Crooks target Target: 40 MILLION bank cards imperiled in cyber-heist

Destroy All Monsters
Silver badge

Re: Insider Job?

It's called "cash", though with the "war on cash" by our administrative overlords (not averse to kicking in doors to verify 'provenance' if the sum reaches 4 digits), it has become a bit dangerous.

2
2

Never mind software-defined HYPE, 2014 will be the year of REALLY WEIRD storage boxen

Destroy All Monsters
Silver badge

Re: Nonsense! LTO-6 now, upcoming LTO-7 and LTO-8

Obama will just outlaw them.

Problem solved.

0
1

Fedora 20 Heisenbug makes ARM chips 'a primary architecture'

Destroy All Monsters
Silver badge

Complexity is now going through the roof

Goddammit!

I'm currently getting owned by systemd. WHY!

0
0

Macbook webcams CAN spy on you - and you simply CAN'T TELL

Destroy All Monsters
Silver badge

Re: So, it can be done....

These days: Genius == Able to do more with a computer than read Facebouque

4
0
Destroy All Monsters
Silver badge
Black Helicopters

Pretty sure the next thing will be motherboards with various "pressure sensors" needed during "testing" that someone "forgot" to remove during the production run. And which just happen to be queryable from WebGL libraries.

Yeah.

0
0
Destroy All Monsters
Silver badge
Thumb Down

Re: So?

HERPERS DERPERS! YOU A GENIUS!

3
1

Oracle: Our figures say hardware has flatlined, but we assure you it hasn't

Destroy All Monsters
Silver badge

Analysts will analyze, film at 11

> Cisco ... you're missing the point.

What is the point?

> The financial markets look to Oracle as a bellwether of the health of the IT industry

The "financial markets" are made up of clowns that need to clown lest the music stops.

For me all this just means that in an bubble atmosphere of the worst sort anything can happen and random interpretations can be pulled out of random arses.

We also may have Oracle cannibalizing its own customer base for a last hurrah but this is yet another problem.

2
0

Oi, bank manager. Only you've got my email address - where're these TROJANS coming from?

Destroy All Monsters
Silver badge
Trollface

Re: Well, after I used the RAC's recovery service

Glad you didn't respond. Their services must seriously hurt.

3
0

Feminist Software Foundation gets grumpy with GitHub … or does it?

Destroy All Monsters
Silver badge

The fact that the Ada programming language has been named after a clearly oppressed member of the female side of humanity, cruelly exploited by patriarch Babbage and even today belittled as his "sidekick" and a "dilettante" is itself a sign of the oppression. In this case, males typically apply obfuscation to cover up subconscious guilt at the creation of a formulation and machinization of militaristic thought the use of which is the control of inherently chauvinistic killing machines. Do not be deceived!

25
1
Destroy All Monsters
Silver badge

An unsolvable decision problem

Feminism is a self-satire of know-nothing princesses trying to cook up up an inedible mix of both victimization and juvenile omnipotence fantasies at the same time, porked up with freudian jargon and if need be random words of marxist cant.

As was the case of Sokal's hoax about postmodernist thinking, it is à priori undecidable whether anything coming from that corner is serious or not.

29
7

Want to be a better CIO? Get a twenty-something to show you the ropes

Destroy All Monsters
Silver badge

Re: Young whippersnappers

The Japanese Kohai-Sempai system has its uses....

"Much to learn, grasshopper!"

On the other hand, it is even more unsettling when the young ones are even more conservative than oneself or are beholden to technical lore valid 15 years ago.

2
0

Suffering SPITZER! Boffins discover Milky Way's MISSING ARMS

Destroy All Monsters
Silver badge

Re: Mostly Harmless

Yeah, the anal probing has seen a serious uptick around here the last fifteen centuries.

What is the Galactic Empire doing about that??

1
0

WIN YOUR OWN HADRON COLLIDER pop-up book with El Reg

Destroy All Monsters
Silver badge

Re: Eligibility

So say we all.

0
0