* Posts by Charles 9

8178 posts • joined 10 Jun 2009

Verizon boss: Yahoo! email hack 'is a big deal to us', we'll decide new price next month

Charles 9
Silver badge

Re: Trialing 5G...

Latency cannot be entirely controlled because most of it is down to physics: speed of electricity and all that. Even light takes a measurable fraction of a second to travel a few thousand miles, and that's impossible to remove.

0
0

'Biggest ever' Linux release

Charles 9
Silver badge

Re: "commits"

Not when you routinely work with code management. A commit means a change to the code (add, edit, delete, etc) is applied (committed) to the current codebase.

4
0

Clinton, Trump actually agree on something – blocking AT&T's Time Warner mega-buy

Charles 9
Silver badge

Re: Can we break them up instead?

No, because many of them merged for survival: to be able to compete with the likes of Google. Breaking them up would just kill all the pieces.

This merger is no different. AT&T sees the writing on the wall and won't last much longer unless bought up.

0
2

Murder in the Library of Congress

Charles 9
Silver badge

Re: Let's build

OK, who shells out for all that expensive infrastructure?

1
0
Charles 9
Silver badge

You do know that most of the cable TV companies are tied to major media PRODUCERS, too? Heck, all the major broadcast networks are simply parts of huge media conglomerates. Comcast owns NBCUniversal (major TV network and movie studio all in one), Disney owns ABC and ESPN, Viacom owns CBS, etc.

0
0
Charles 9
Silver badge

Re: Can't live with 'em

"That 20 year patent is from proof of concept stage and not when (if at all) it reaches market, by the time it has gone through testing and regulatory you get about 10 years market exclusivity. Have a late stage failure and it can be around £500m or more flushed down the toilet. I'm not saying the pharma industry is perfect and patent abuse does occur but you need an incentive to lay out that much money."

Different industries run at different paces. The pharmaceutical industry, as notes, runs glacially due to the bureaucracy involved in testing and proving medicines. Same for mechanical industries (especially large ones) where machines are acquired in cycles lasting a decade or more.

The electronics industry is the speedy one here, with duty cycles often being as short as a few years. So perhaps what's needed is acknowledgement of this and a splitting of patent terms based on industry: slow-moving industries can be kept to two or three decades while faster, less physical ones can reflect their breakneck nature and be limited to say 3-5 years.

5
0

Thanks, IoT vendors: your slack attitude will get regulators moving

Charles 9
Silver badge

But what can you make in its place? Another Internet that'll just get as swamped as the current one? Or a Stateful Internet with no privacy? Hello. Police State.

0
0
Charles 9
Silver badge

Re: You must write this crappy code all around us

"Software needs to be treated like a hardware product legally. Its that simple. Why we ever allowed them to escape this liability is just beyond me."

Simple. China happened. How do you force a country like China to cooperate when it doesn't have to? They're sovereign, after all, with nearly two billion people all by itself.

1
0
Charles 9
Silver badge

Re: Après nous le déluge

"However, "Keep buying our shit or we'll turn you into a barren radioactive wasteland" does appear to be somewhat self-defeating as a strategy, because in order to keep a particular export market you have to actually HAVE that export market.."

China has nearly two billion people. They could turn INWARD if they wanted to. Plus they have an Eastern attitude towards warfare. Look how fiercely the Japanese fought in World War II, and how many Chinese swarmed in battles in the Korean War. This is an attitude that could well see everyone losing (MAD) as a winning condition.

0
1
Charles 9
Silver badge

Re: National regulation won't do a damned thing.

"There are ALREADY liability laws in the USA. Perhaps they require a bit of tweeking, but if it can be shown (in a *cough* class-action lawsuit) that the IoT vendors were NEGLIGENT with respect to security and WELL KNOWN types of exploits, we'll get some REAL action."

Except when it gets INTERNATIONAL. How can American laws get Chinese companies to comply when a lot of them are coming through grey markets that are by design nearly impossible to regulate. And you can't go to the manufacturers because they're in another country: protected by that country's sovereignty.

0
0
Charles 9
Silver badge

Re: Playing Devils Advocate for a moment.

Even if the regs are put in place, the grey market will just expand to go around it since the devices are too small to police. It's like trying to insist on an Internet license: how do you police what people do within their own homes?

As for security first, that only applies when security is the actual industry. Everywhere else, productivity trumps security; who cares about security when the job doesn't get done?

0
0
Charles 9
Silver badge

"You're thinking of the Pinto, the model that was infamous for bursting into flame when rear ended being my wife's very first car. It was never "pulled".

Um...does the term "recall" ring a bell? That's the formal term for pulling a product, either to fix it or to destroy it. There's still the matter of the lawn darts.

As for campaign contributions, death, especially unexpected death, is expensive to a company. That's why they take it seriously. No amount of campaign contributions will help if a bereaved (and possibly famous) family decides to sue you for bookoo bucks for negligence, wrongful death, and so on. Remember, juries are from the populace and judges are tough to bribe. And we're not even starting on the media circus that could easily ensue. No amount of bribing seems to have helped Volkswagen or Toyota (and note, the latter has a strong American presence, so that's saying something). Burning batteries on an airliner left Boeing with a lighter pocket and a lot of egg on its face.

0
1
Charles 9
Silver badge

Re: Time, cost, quality

"Funnily enough industries such as aviation and nuclear spend a lot more money to find and fix bugs in their software"

Because planes falling out of the sky and an exploding plant in the Ukraine have directly killed people. Killing people tends to put the strongest focus on you. That's why the Edsel was pulled, why lawn darts are banned, and so on. When has the IoT directly and demonstrably KILLED people?

1
1
Charles 9
Silver badge

"The only time that anything will change is when it hits the decision makers in their pockets. Then they will do the absolute minimum necessary to address the identified issues; and no doubt, at a later stage, they will get hacked again. Rinse and repeat."

Or when it KILLS someone (or demonstrably proves it WILL do so) outside of its purpose. And I mean DIRECTLY. Why was the Edsel pulled? Because a rear-ender could set it ablaze, killing the people inside. Why can't we have lawn darts? Because one ended up in an innocent kid's head. If the squelching of most the Internet results in significant or shocking death, then the lawmakers will HAVE to pay attention because it'll become an election point (meaning if they don't pay attention, they'll be replaced by people who will).

0
0
Charles 9
Silver badge

Re: Après nous le déluge

"Which will stand not for Underwriters Lab but for Undertaker's Lab, with the remit to FSCKING BURY any vendor (and their products) that don't conform to the security standards set by a panel of international security experts."

Question: How do you bury a country with more people than any other, nukes, and a not-so-nice attitude toward you?

1
0
Charles 9
Silver badge

Re: National regulation won't do a damned thing.

"If just a few big, rich states move, the other will be forced to follow. It the US or the EU set regulations, they are too rich markets to stay away from with non-compliant products."

But China has pressure it can apply, too, and it's on the OTHER side of the line. Think Prohibition when smuggling became such a lucrative game. What's to stop China finding ways to go AROUND any regulation you can whip up, hiding behind their own sovereignty (and their nukes)?

0
1

Chinese electronics biz recalls webcams at heart of botnet DDoS woes

Charles 9
Silver badge

But without Big Brother, you'll just end up where we are now, in the anarchy of an Internet where no one can rein in the bad guys. Bad guys, in this case, protected by sovereignty.

0
2
Charles 9
Silver badge

Re: What percentage returned?

Then we're probably up the creek because we probably won't get either side to cooperate. Most of the devices in question are made in China, who could care less about what happens to the West. As for the users, they're just ordinary people in search of turnkey solutions. They don't WANT to learn and aren't interested in licensing or such for things they do in the privacy of their homes.

0
0
Charles 9
Silver badge

Re: Joe Stupid isn't smart enough to do everything you say

"The design of Internet is flawed, assumed good users and well behaved devices. The design of eMail ignored spam issues on Telex, RTTY, and earlier Telegraph and added almost no security at all and missed out the idea of whitelists."

Well, here's your fork in the road. The only alternative to the current Anarchy of the Internet is a Stateful Internet, and that means bye bye privacy, hello Police State. From the way things are going, no third option is possible because any inroads will be abused to take us back to one or the other.

So, pick your poison.

0
1
Charles 9
Silver badge

Re: Router Rules

"That's a good point, a part solution would be to have a http landing page once the router is connected that forces you to change the password before it activates and connects to the internet."

Then something hits, the router goes bonkers, and people forget the password (which if you'll recall happens ALL THE TIME which is why passwords are not considered a reliable identity metric). And they won't take, "You lose" for answer; they'll answer with scathing reviews and defections.

0
0
Charles 9
Silver badge

Re: UPNP is convenient.

But Joe Stupid isn't smart enough to do everything you say, and it's HIS devices that are running roughshod all over the Internet making life miserable for everyone else. Like you said, standards mean nothing to device makers who hide behind the sovereignty of a hostile power and can always use the gray markets to sidestep around regulations (and few countries can embargo another, especially one as large and powerful as China, without retaliation).

We need a solution that even a brick can understand (and this knowing bricks can understand few things other than perhaps a hammer blow, which is against civilized society when applied to humans).

5
0
Charles 9
Silver badge

Re: Router Rules

How do you teach that to Joe Stupid, though? You need a turnkey solution for him or he'll complain...or find someone who accommodates him.

6
1
Charles 9
Silver badge

Re: How are these devices accessed from the internet though?

OK, so how do you fix the problem without getting complaints (and defections) from the customers? As for standard, who follows them when they'll just go around them like smugglers during Prohibition?

4
0

Basic income after automation? That’s not how capitalism works

Charles 9
Silver badge

Re: Retirement of boomers in economy

"Contrary to what most of the press has been spouting, we won't need millions of more workers to take care of the consumption habits of the retirees."

Not saying you do. In fact, the problem behind the problem is that it's difficult to correct a severe population imbalance without consequences. First world populations waxing elderly (which also puts political pressure: seniors are consistently the most active voters). China heavily male, and so on. Best I see it, this can't help but get ugly at some point because, in spite of imbalance, none of the imbalanced side are going to be willing to step aside.

"What Japan needs to do is implement a UBI so that employers can't threaten peoples survival with 80hr workweeks or no job and no money."

Only one problem. Who PAYS for it that isn't going to just up and leave the moment you try?

"What has actually happened is that China has finally taken most of the manufacturing jobs, and if they haven't then automation probably has. Governments are afraid of increasing the debt. The whole cycle has started breaking down because the people that actually want to buy what is being produced don't have a job to pay for it."

Which then raises a real specter. What happens when NO ONE is able to pay for the stuff and the people with all the money, realizing the game is up, have gone into their walled gardens to cater exclusively to each other?

0
0

Today the web was broken by countless hacked devices – your 60-second summary

Charles 9
Silver badge

Won't work. Many of them are either shameless ("And Proud of It!") or ephemeral ("Are you taking about that company that disappeared last week?").

1
1
Charles 9
Silver badge

Re: Education

You're talking people who wouldn't know how to program a VTR back in the day. Five words: Good Luck...You'll Need It.

0
0
Charles 9
Silver badge

And ways around them, too, like false flagging and knocking off.

0
0
Charles 9
Silver badge

Re: persuading

Or they could retaliate with sanctions or suits at the trade court.

0
0
Charles 9
Silver badge

Re: A few points

But Joe Stupid can't tell the difference between one legally offered for sale and one ILlegally offered. They don't know enough to beware and never will. Remember car boot laptop sales?

0
0
Charles 9
Silver badge

You Can't REQUIRE a sovereign nation like China to do anything without a treaty. That's part of the definition of sovereignty.

0
0
Charles 9
Silver badge

Re: Home Router Traffic

China ships directly to you, AROUND standards. How do you stop that without a bureaucratic nightmare?

0
0
Charles 9
Silver badge

"If you want an alternative analogy, consider a contagious disease - of humans or animals. If the disease is sufficiently dangerous TPTB usually have sufficient powers to ensure that humans are isolated and animals destroyed. It's draconian but essential for the wider community."

But what if the disease is encouraged by a foreign power because it (a) helps to cull their own excesses or (b) some of them are immune, and they don't care about the rest? If everyone but them dies, THEY WIN.

That's the situation now. Most of this stuff is made in China, and China is noted to be competitive if not hostile to the west, at least economically. In this light, they could care less if the devices are being pwned. Indeed, THEY may be doing the pwning as covert warfare. Meanwhile, they're using channels that are hard to control (alibaba and the rest), AND they can be testy. Not to mention they have nukes AND an Eastern mentality (more accepting of MAD). As the saying goes, it's complicated, and Darwin favors THEM right now. Your move.

1
1
Charles 9
Silver badge

Re: Too simple solution?

"Stupid is the problem. If the punter is too stupid it has to be their problem rather someone else's. I'm a biologist by training. I see no problem in applying Darwinian selection to the IoT.

How about "Here's your device, there's the password. We have no copy of it. Looking after it is your responsibility.""

Problem is, Darwinism doesn't jive well with civilized society since it smacks of throwing people to the wolves. Thus attitudes about capital punishment, eugenics, and unwilling euthanasia in its various forms (illness, population, age limits, whatever). There's a reason "Social Darwinism" is considered a dirty word.

0
1
Charles 9
Silver badge

Re: no internet

But then what happens when the reply is, "But that's not my house. Ask the police." and shows them a picture of THEIR interior, which doesn't match?

1
0
Charles 9
Silver badge

Re: Education

"Then, once you've sold a few million to grateful end-users who have been frustrated by the quality of routers mandated by bottom-feeding ISPs, cash in the company and move house."

And WHEN (not IF) your Kickstarter fails because all you're hearing are "squeaky wheels" and the average Internet-goer really doesn't give a soaring screw about what their stuff does, they just wanna go online, thank you, and many of them don't own or drive cars so won't get the driver's license analogy, either?

2
1
Charles 9
Silver badge

Re: Capt. Hindsight

"If it isn't, heard of a reset button?"

Uh...no.

What now?

1
0
Charles 9
Silver badge

Re: Too simple solution?

Yes, too simple. People will lock themselves out and your help desk gets hammered. You have to take Stupid into consideration.

2
0
Charles 9
Silver badge

Re: no internet

"Well I'M sorry, but if do not remove this false claim immediately, I'll assume you're denying me service under illegal pretense, in which case you'll NEXT be hearing from my attorney."

THAT'S why they don't do it now. They risk getting thrown in court if they're wrong.

1
0
Charles 9
Silver badge

Re: ISP - do they have the tools...

Not really. Each individual contribution is not that big, so it's a form of "smurfing." It's only when taken as a whole that they're formidable. Like army ants and killer bees.

1
0
Charles 9
Silver badge

Re: Maybe a sledgehammer approach is needed?

There's also the matter of the manufacturer disappearing in the night, making it impossible to seek compensation.

2
0
Charles 9
Silver badge

Re: Education

"Your router definitely should have these features. If you can't find the controls for them, get a new router. If you can't get a new router, get a new ISP. If you can't get a new ISP, move house."

And if you can't move house?

2
0
Charles 9
Silver badge

"All IoT devices MUST have open source software, must be update-able over the network, and perform the update from secure servers, look for updates on a weekly basis. All above and future problems solved. Don't adhere to this, don't get a license from FCC, EU etc"

The devices come from China and are imported direct. Who gives a damn? As for the update mechanism, they'll just hijack it and pwn it THAT way.

2
1
Charles 9
Silver badge

Re: The blacklist of things

Then what happens when innocent users SUE for the collateral damage of them not being able to go on the Internet for no fault of their own? And no, many of them can't switch ISPs, or those ISPs are blocked, too.

3
0
Charles 9
Silver badge

Re: Doomed to fail

"However, it's a problem that needs solving. There has to be a back-pressure mechanism that sends a "stop" to the ingress point since there is no practical means of ensuring that every piece of equipment in private hands is well behaved. That of itself is not a panacea - and is potentially a new route to DDoS by spoofing the back pressure - and, if you look at the IPv6 gestation period, unlikely to be with us any time soon. It's also not the only issue that needs attention - more privacy, anyone?"

Intractable problem. The ONLY reliable way to manage a network is to introduce ironclad attestation. But that instantly eliminates privacy. What's happening is that the wired world is reaching the "wishbone" point: a point in which the third option is disappearing from the strain exerted from both extremes (in this case, the Anarchy of the current Internet and the Police State of a Stateful Internet). The pressures mean ANY third option quickly slides into one or the other extreme, rapidly NOT becoming a third option. Eventually, the wishbone will break, meaning no third option is possible anymore because it'll IMMEDIATELY gravitate towards one or the other extreme (the "winner"). In which case, only three options will be left: Anarchy, Police State, or Walk Out?

2
0
Charles 9
Silver badge

Except there would be collateral damage. Those targets also have LEGITIMATE business via the web. You'd be doing the DDoS's job for them using that, and the way the IoT botnet works, they use the same legitimate requests we do, so they're camouflaged as well. As for the ISPs, they don't see a lot of traffic individually, and the amount they emit wouldn't probably surpass traffic from a home server running, say, a home camera feed.

3
0
Charles 9
Silver badge

Re: Standards Bodies need notice

""We can't stop them all so we might as well do nothing"."

In this case, it's accurate. It's not worth swatting one angry bee because there are a million more after you. You really DO need an "all or nothing" solution to it or the ones that slip by kill you.

Problem is, sovereignty gets in the way. How can you regulate devices when they can just be shipped direct from companies who don't care?

3
1

What will happen when I'm too old to push? (buttons, that is)

Charles 9
Silver badge

"An Amazon gift card is sufficient. So I can buy paperback novels. Nope, no electronic gizmo needed. When the mega-EMP strike occurs I'll have plenty to read while I starve to death, thank you."

What if it's a FIRE, though? Lot easier to take your library when it's one little device instead of a bookshelf full. And a fire is MUCH more likely than any EMP holocaust (which can BTW be mitigated to a good degree, ask your military).

1
0

Location boffins demo satellite-free navigation

Charles 9
Silver badge

Re: Better to have accurate dead reckoning

"Building devices into the road would also fix the "Australia problem", since as the continent moves, so do the roads and everything built into them :)"

But what about the "New Zealand Problem" where their islands move inconsistently (as in not at the same rates at all points, meaning some masses extend while others contract)?

0
0

Dirty COW explained: Get a moooo-ve on and patch Linux root hole

Charles 9
Silver badge

Re: Routers etc. e tc.

Until you can pwn a million of them all at once and then sic the whole mess army-ant-style at your target, which is precisely what's happening now. An army ant may be tiny, but anyone or anyTHING who disregards a mass of them doesn't live for long.

0
1
Charles 9
Silver badge

Re: There will always be another bug..

"However, for the stuff that's actually in operations and exposed to the net the users are likely to be the only ones who can actually take action, especially if the only possible action is to disconnect it."

Which means it's NOT an option because the average user won't care. And if their ISP cuts them off, they'll say they're being denied service they paid for and the lawyers will get involved.

0
1

Forums