* Posts by Charles 9

8233 posts • joined 10 Jun 2009

Freeze on refrigerants heats up search for replacements

Charles 9
Silver badge

I wonder if part of the problem is that the very properties that make a substance a good refrigerant also make it a greenhouse gas?

As for propane, what about at the point of a leak, which would not only be more concentrated but also likely to trigger static sparks. IINM, this caused a massive fire involving lots of cylinders one day.

1
7

Apple's car is driving nowhere

Charles 9
Silver badge

Re: Trains, planes and ships

So what happens if there's a loose car on the tracks? Or a large tree? Or a cow (remember why old trains had "cow catchers")? Or there's a bridge kink ahead (REAL train disaster occurred because a rail bridge was dislodged by a ship but only kinked the rail rather than broke it, keeping the electrical connection live so the train had no clue what was ahead).

1
0
Charles 9
Silver badge

But performance can also mean acceleration, and being able to get up to speed in a reasonable amount of time (or even quicker in an emergency) would be a good selling point for just about ANY car buyer.

4
1
Charles 9
Silver badge

"But anyone with half-a-brain knows that self-driving cars are dangerous and unlikely to happen until the AI epoch arrives, which is currently a LONG way off."

What self-driving car makers are learning is that what we use to help us drive pretty much can't be taught. It's based mostly on instinct: on stuff newborns can accomplish before being old enough to really be taught anything (this has been shown in labs: infants can recognize human faces and anomalies without any grasp of language or higher thinking--this shows it's instinctive). Which raises an interesting question: how can we teach a car something we don't even know how we came about knowing it? Indeed, how can we even know what we know if we can't recognize it ourselves?

8
2
Charles 9
Silver badge

"We did it already. It's called a train."

No, because unlike a train, a car can go between two arbitrary points without need of switches or other restricting mechanisms. As long as there's road between A and B, you can almost always reach it. That's why many people insist on a personal car: the ability to take it anywhere, anytime whenever the need arises. Unless you can do that, practically door-to-door, trains will never replace cars.

7
1

Robot cars probably won't happen, sniffs US transport chief

Charles 9
Silver badge

Re: Why all the edge cases?

They're also worst-case scenarios. Particularly no-win scenarios (Trolley Problems or Cold Equations) where you simply can't have a Happy Ending. It's a moral quandry so difficult WE haven't developed a universal solution to the problem of "Not everyone can be saved--who dies?" Yet an automated car can conceivably be put into such a problem, which raises even more moral problems. How can we trust to a computer what we can't reliably trust to ourselves?

0
0
Charles 9
Silver badge

Re: Easy Peasy way to resolve the question

So why not have the Google cars take a few runs up and down Donner Pass and back in the winter? Donner Pass isn't too far away and is notoriously difficult during a blizzard.

0
0
Charles 9
Silver badge

Re: In a word - he's a moron

"To add to your point, once autonomous cars exist the usual argument for the defence - if you take my client's licence away he'll lose his job and his family will be on the street - won't be true any more."

What if the driver is a trucker?

0
0
Charles 9
Silver badge

Still not as hard as you think. No seat belts, for example, so you can fall over in a drunken stupor. Also, the suspension is usually nonexistent, so one bad rock or pit and you can be thrown off.

0
0
Charles 9
Silver badge

Re: Code could make "moral decisions" based on flag.

"a nice 120 mph cruise on the interstates drafting inches behind a long line of other automated cars would make short work of long trips"

...until the lead car suffers a spontaneous blowout. Moments later, you'll have a massive 20-car pileup on the motorway and probably more than a few fatalities. These sci-fi scenarios never take Murphy into account.

0
0

Verizon!'s top! lawyer! ponders! walking! away! from! Yahoo! gobble!

Charles 9
Silver badge

But how many do Verizon ALREADY have? They're one of the biggest communications companies in the country, after all. How many of those eyeballs are UNIQUE to them?

0
0

Location boffins demo satellite-free navigation

Charles 9
Silver badge

Re: Very useful. Not.

What if it DOUBLE-reflects, becoming RHCP again? Quite possible in an urban canyon.

0
0

More than half of Androids susceptible to ancient malware

Charles 9
Silver badge

MX Player ALSO has a file explorer to let you find media files on your device.

As for custom firmware, that's no good if you run a root- or custom-aware app.

0
0

Forget malware, crooks are cracking ATMs the old-fashioned way – with explosives

Charles 9
Silver badge

Actually they do because tender is required to complete a transaction if you don't use barter. It only gets dicey when a debt is involved, but normal store transactions don't normally constitute debts. Anyway, there are no laws in America that require someone to accept a bill unless a debt is involved (thus the words "Legal Tender for all debts, public and private").

In the UK, legal tender laws specifically list exceptions such that stores, city councils, and the like get relief from pester payments. You're expected to pay your dues with a reasonable spread of coinage and/or notes. In general, notes are always welcome unless they're too ungainly (say a £100 to buy £2 worth). Pound coins, again, are good in general. Pence coins, OTOH, tend to limit you to no more than certain amounts at a time for various coinage denominations.

1
2
Charles 9
Silver badge

Many shop keep low tills to deter robbery. That's why they don't do cash back or limit it. And Legal Tender laws allow stores discretion when faced with large bills/notes.

2
0

In 2020, biz will chuck $100bn+ at protecting itself online

Charles 9
Silver badge

Re: Spend increase

Plus there's the fact that most of the attackers can hide behind the sovereignty of hostile nations. What good is tracing your miscreant only to find it leads you to either Russia or China, neither of which could care less about what happens to the west (because they're tacitly supporting anything to give THEM a leg up) AND have the military force to counter any sort of intimidation (I mean, how do you intimidate a country with NUKES)?

0
0

Intel: New x86 AI instructions

Charles 9
Silver badge

Re: A.I. is still hard.

Bet you they'll use this to develop ways to make the ads unblockable.

1
0

The exploding Note 7 is no surprise – leaked Samsung doc highlights toxic internal culture

Charles 9
Silver badge

"Any candidates?"

Nope. In a dog-eat-dog world, nice guys finish last.

1
0
Charles 9
Silver badge

Re: From this side of the Pacific....

As far as it goes, South Korea is a microcosm for the kind of cyberpunk future you might read about in William Gibson's Sprawl books or a Shadowrun sourcebook. Those chaebols carry as much if not more clout than the government, given their huge, international nature.

4
0
Charles 9
Silver badge

Not in South Korea. The chaebols go to extremes to "keep it in the family". Samsung, Hanjin, LG, Lotte...ALL of them have family at the top levels of their hierarchies.

4
0
Charles 9
Silver badge

And people wonder why South Korea is one of the the worst first-world nations in regards to suicides: worse than Japan's (and theirs are well documented for the same reasons: extreme cultural and social pressure).

According to that chart listed further down, South Korea is #2 overall and Japan #17 (but much higher once you exclude third-world countries). To compare, the US is a third of the way down the list, the UK two-thirds down.

6
0
Charles 9
Silver badge

Re: Historic?

"Also, from a quick bit of research, Samsung seems to still be a family owned business, which seems remarkable for a company with something like 17% of Korea's GDP."

Not really. This is par for the course with the chaebols. Their family-oriented nature was brought to the forefront recently with Hanjin Shipping Company's bankruptcy and with fierce family feuds over at Lotte.

12
0

Email security: We CAN fix the tech, but what about the humans?

Charles 9
Silver badge

Re: S/Mime

"Anything and everything on the Internet can be compromised. It's really about building a framework that supports defence in depth and therefore requires multiple compromises to subvert."

Which isn't viable because the bad guys only have to be lucky ONCE, then they can blast your whole works wide open. Plus multiple defenses tend to get met with escalations and bypasses: ways to beat multiple defenses simultaneously.

"Still possible but at some point the effort required and the reduced returns will start to have an effect."

A company's jewels are likely to be worth more than any amount of effort it would take to get them, meaning it's almost always profitable. It's like with spam: the investment is minuscule compared to the reward. That's why the 'Net's still full of Script Kiddies.

"It's all about doing something rather than passively accepting it all. And the tools are there right now."

So it's been claimed. But is it REALLY worth it in a Sword of Damocles world?

0
1
Charles 9
Silver badge

Re: S/Mime

But then things BREAK and users complain. Plus, for any given signature framework, someone can STEAL the credentials (like Realtek's driver signing keys).

0
0
Charles 9
Silver badge

Re: You can't fix stupid!

...ESPECIALLY when they're over your head.

0
0
Charles 9
Silver badge

Re: Neuter the attachments, validate the links and isolate the browser

And how do you keep people over your head from complaining?

0
0
Charles 9
Silver badge

Re: Neuter the attachments, validate the links and isolate the browser

"Of course there's more to it but as such an 'efficient' attack vector and with decent user education at least a generation away email security needs to be a bit more than spam blocking."

A LOT more to it. A malware could just attack and take over the e-mail client, no matter how thin or sandboxed it may be (sandbox escape and privilege escalation are common now), and use it as a springboard to other exploits. Same with malware web links. It'll probably use a Turing Test so that it passes validation checks and ONLY infects when it detects a human in control. And they can escape the browser as easily as the e-mail sandbox (after all, escaping a Java sandbox is easy enough, too).

As for educating users, didn't a comedian once note that you can't fix stupid? And suppose the Stupid is over your head?

0
1
Charles 9
Silver badge

Re: wrong tree

"the "people" -- will gladly embrace it"

Really? Show me a real-world situation where security trumps ease of use? And don't say the front door because that was a compromise: most front doors only have ONE dead bolt.

2
0
Charles 9
Silver badge

Re: "Not really. What you can do, they can UNdo"

"The other is to not have that omnipotent root. There needs to be a disk space manager that can dole out a portion of space to the server. That manager doesn't, however, have to have the rights to read or write to that portion, nor does it have to have the rights to set up user or program IDs. It might even be the case that such a manager can only be active when booted into a safe mode."

SOMEONE has to have access to it or it's useless; the attacker just poses or takes over that someone. Plus if there's only one non-root way in or out, what happens if that way gets hosed (including any and all backups--think Murphy)? You end up with a lockout situation, and if that locked-out area has critical data, you can't just erase it and move in, either.

"Do we sacrifice some operational convenience for this sort of OS? Maybe, but it's arguable that some of our woes are the direct result of sacrificing security for convenience."

And convenience trumps security 8 days a week. Who cares about security if the job doesn't get done? The job ALWAYS comes first because your job (and the business) depend upon it first and foremost.

PS. As for Qubes, credits to milos a hypervisor attack pwns the underlayer before long.

0
0
Charles 9
Silver badge

"One quick solution is to not allow anything in email to be executed."

They'll just find an exploit and go AROUND it, say by latching to another process.

"Something more drastic would be a very different OS architecture so, for example, your ransomware can't overwrite your office suite files because the server which is the only thing that can actually access the part of the disk with those files on it only responds to the office suite programs."

Then they just go for the server instead. There MUST be a way to ACCESS it, and if you can ACCESS it, someone else can hack it.

"But the banking spam, for instance, is very unlikely to have come from a pwned machine in the bank"

Meaning that'll be EXACTLY where it comes from.

"Not the only solution. What's required is to build trustable services on top of it. That wouldn't preclude the continued existence of untrustable services."

No, because trusted services on an UNtrusted medium open you to Men in the Middle. It's the Weak Link problem. You have to secure the ENTIRE thing, end-to-end, or the weak link pwns you.

Put it this. In today's world, the operative statement is "Don't Trust ANYONE...Not Even Yourself."

0
1
Charles 9
Silver badge

Re: "Not really. What you can do, they can UNdo"

But the point is it doesn't really make things harder. If you can go AROUND the security measure (by, say, using privilege escalation) then it becomes just another hoop to jump, and hoop jumping tends to hurt users more than they help because they start to find ways AROUND the hoops. That's why houses only have ONE dead bolt typically.

0
1
Charles 9
Silver badge

"There's a good deal more that tech can do."

Not really. What you can do, they can UNdo.

"One would be to sandbox email handling so that ransomware can't get at the user's files or gain privilege to install keyloggers or whatever."

Java was designed with a sandbox and look where it is now. Fact is, sandboxes can be ESCAPED and routinely ARE escaped Even hypervisors are under attack. We're also seeing e-mails that can attack even from plain text mode, even from the preview window. What next? e-mails that pwn you (or your hypervisor) on download, before you even have the chance to see it?

"Another would be to verify message source."

Not much good when the attack came from a pwned machine. The address would likely already be verified if not an insider.

"We have a system which was built on the premise that people could be trusted and put it in the hands of those who can't and haven't really considered what has to be done to rectify that situation."

The ONLY solution is to REbuild the ENTIRE Internet from scratch, using a basis of DIStrust instead. But that would break a lot of things, not the least of which being the anonymity that allows whistleblowers and the like to speak their minds without threat from an oppressive State. Meaning a potentially disastrous unintended consequence.

4
1

Casino cops are coming if we can't move all this cash in a hurry

Charles 9
Silver badge

Which wouldn't have made sense since December 31 would've been a Saturday, and when due dates fall on a weekend (and it would make sense to have the due date on the end of the calendar year because tax reporting switches with the new year, too), you often have to pay up on the LAST business day before then, meaning it would've been due on the previous Friday, the 30th, and this would've been too late.

2
0

Decade-old SSH vuln exploited by IoT botnet armies to hose servers

Charles 9
Silver badge

Re: SSH and Internet Facing Devices

It's also the ONLY way they can make money, and if the law comes knocking, there's always the back door...

No law on Earth will be able to stop them because e-tailers allow direct imports from hostile powers who don't care what happens to the west. And China has nukes...

0
0

Mercedes answers autonomous car moral dilemma: Yeah, we'll just run over pedestrians

Charles 9
Silver badge

Re: User selection

Some people may not hold sentimental attachment to rabbits, so instead use "your spouse" or "your child".

0
0
Charles 9
Silver badge

Re: This is a weaselly excuse...

"The safety design of modern cars means that you should be able to walk away from a 30mph crash if you're inside the vehicle."

The thing about the tree, though, is that it could easily fall ONTO the car, crushing the cab. It would be even worse if the object in question is a concrete pole or some other very heavy top-heavy object...or instead of a tree, the only way to avoid tragedy (say an careening bus full of children) is to drive over an edge.

0
0
Charles 9
Silver badge

Re: 'Pranksters' paradise

Why bother putting their skins at risk from a car that decides to run them over? Just use life-size human-shaped balloons. I don't think car sensors are smart enough to distinguish between these and humans and will react accordingly without risk to the prankster.

0
0
Charles 9
Silver badge

Re: would you by a car which might consider killing you?

But the same can be said of the bystanders and that's covered by the First Law, too. So that's why the Trolley Problem: the First Law WILL be violated no matter what you do, so what will the automated car do: save the passengers and become a risk to bystanders (raising government scrutiny, plus it may be your spouse, kid, or relative in danger) or save the bystanders and become a risk to the passengers (posing a sales problem to the dealers)? And no, any third option will just endanger BOTH groups.

0
1
Charles 9
Silver badge

"But this is a very temporary problem, roads will not be accessible to people soon and automated will be the only, and safest, way to travel."

Don't be so sure. The Trolley problem demonstrates a significant moral angle to driving. And because of this, competent drivers tend to develop intuitive road awareness that comes practically from instinct so can't be taught to a computer...because we don't know how we come about the skills.

The Trollable Self-Driving Car

1
0
Charles 9
Silver badge

Re: Lets play a game

The Moral Machine IINM is BASED on the Trolley Problem.

2
0
Charles 9
Silver badge

Re: How is it happening now?

Legally, that's why you have trials, because things aren't always black and white and judges and juries have to assess the situation on a case-by-case basis. Common example: you killed someone in an ambush, but he'd been pursuing and shooting at you previously (meaning the aggravating circumstance of lying in wait is countered by the mitigating circumstance of immediate threat to life). It's up to the courts to determine if the loss of life was the result of deliberate action (murder), negligence (manslaughter), or some other circumstance, and if so, how much is the accused responsible for the circumstance (did the accused act willingly or was coerced, threatened, or otherwise forced into a no-win situation like the Trolley Problem). Were there other people involved? One common variation of the Trolley Problem can be called Guerillas In The Village (instead of you in a trolley, it's you encountering it's a bunch of militant guerillas about to wipe out a village and deciding for variety to let the rest of the village off if you execute one of them).

That's also why you have inquiries when tragedies hit (the inquest into the late Phillip Hughes is in the news right now), to see if things were simply fate (the inquest seems to be heading in that direction) and where things could be improved in future (perhaps there will be research into better neck protection if it doesn't hamper batsmen too much).

1
0
Charles 9
Silver badge

Re: Hard decision but Mercedes are probably right

"...it was almost certainly driving too fast in the first place."

There's no safe speed when an obstacle suddenly emerges from a blind spot less than ten feet in front of you (like the COMMON scenario of a little child, concealed by parked cars, suddenly running out into the street).

6
6
Charles 9
Silver badge

Re: Hard decision but Mercedes are probably right

"Basically, If I was buying an autonomous car, I would want it to protect ME. (humans are ultimately selfish, no matter what you say) and I would certainly not want it to be second-guessing my life over what ultimately could be just a paper bag. And humans are the customer, so this makes perfect commercial sense."

But then what happens when the person the car is approaching is your wife or kid suddenly emerging from a blind approach on a noisy, rainy day for some emergency? Now it's personal AND a situation where you could morally be inclined to go "them not I".

0
7

BT will HATE us for this one weird 5G trick

Charles 9
Silver badge

Nine times out of ten, you just won't get anything. That's why WAP flopped.

1
0
Charles 9
Silver badge

Re: Money

Which fighting/vicious dog owners will simply ignore. And if the law starts snooping, they'll either cut and run or let the dogs loose. What good is a fatal dog attack when the dog's found to have no chip and no way to trace it to its owner?

3
0

Internet of Things botnets: You ain’t seen nothing yet

Charles 9
Silver badge

Re: PnP

They also get used by IoT devices, with or without your permission; and miscreants like to target commonly-forwarded ports to pwn the programs within to use as springboards into your LAN. It's a no-win situation; the only practical solution to this involves more rigamarole than the average user is willing to put up. And that's not getting started with households behind a CGN which introduces a second firewall layer that smothers most UPnP setups.

0
0
Charles 9
Silver badge

Re: Turn off uPNP

"Weak parenting! Kids (can) learn really quickly that wants satisfaction carries a cost."

And many CAN'T. Seen it FIRSTHAND, so I'm speaking from experience. Far too often, it's the children that trigger divorce...or worse.

"As yet not come across a game (Xbox One) that has required me to turn on uPnP on the WAN interface. Suspect if we do come across one, the Xbox will be relocated to it's own VLan."

And if you don't know how to do that and have no one to turn to? Not all of us are geeks or know geeks.

1
0

OK Google, Alexa, why can't I choose my own safe, er, wake word?

Charles 9
Silver badge

Re: Not for me

Then we'll just have to agree to disagree since our firsthand experiences are simply too divergent to find common ground. I find it always works for me, can't have the device in arm's reach, AND find Google Maps to be the ONLY accurate mapping program (because of recent construction, none of other maps including Here are keeping up).

0
0

'My REPLACEMENT Samsung Galaxy Note 7 blew up on plane'

Charles 9
Silver badge

"Time to develop some better battery technology... in the meantime - yeah I don't feel like suffering smoke inhalation because of your iTunes. Sorry about that."

So what do we use in the meantime? Alkalines aren't dense enough power-wise, nickel-based batteries suffer from memory, and wet cells are already banned. Meanwhile, finding a battery at your destination isn't guaranteed, why is why we take the Boy Scout route and bring our own.

0
0

FCC death vote looms for the Golden Age of American TV

Charles 9
Silver badge

Re: All I want is...

"for me "interchangeable module " = PC"

But for the average consumer that's not acceptable for two reasons. One, something's sticking out of the TV when they don't want something like that (think wall mounts with no shelves nearby). Two, they don't want another remote (just control the whole shebang with the TV's remote with no programming needed). That's why we need a module: it hides in the TV and uses the TV's controls.

1
1

Forums