2858 posts • joined Wednesday 10th June 2009 16:31 GMT
Re: "secret" benchmark *proves* Intel is superior.
The batteries themselves, yes, but haven't most phone batteries settled on a common voltage of ~3.6V?
Re: Why not 2?
Because if you can subvert ONE person, how much harder would it be to subvert TWO? One does the deed and the other lies to protect him. Plus as noted, how do you watch a watcher? Especially if you can double the watcher watcher?
Re: It woud be OK if...
You'd think anyone nicking a phone wouldn't think to bring a Faraday bag like people use to get nicked clothes out of department stores and the like. If it can't get the kill signal, it can't be killed. And you can't use cell phone reception as a vigilance control. One big blackout or trip to the sticks would kill the phone.
Re: Waiting for "Kinect: PRISM"
Or just slap a piece of glass over the eyepiece and duct tape the whole thing? The glass muffles the IR camera while the duct tape covers the visible-light camera.
Re: The same could be said of...
The thing about "buffoon" is that it can actually backfire. If someone is totally clueless about the word, they won't get it. But then again, someone may be such a natural clown that he takes it as a compliment and pulls a prank on you or something.
Re: For how long?
IIRC this PS3 "compatibility" is being done through an OnLive-like system. As for bait-and-switch, there's still that NFC-on-the-disc patent...
Re: regarding the update in the article...
In the PC sphere, most of the servers are user-owned, so as long as there's interest in the game, someone's going to be maintaining a server for that game. You don't see that with console games unless the games are console-hosted.
Re: Pay to Play and no one cares?
Remember, in the console world, they don't allow for user-owned or -rented servers. That's why there's generally no online fees on PCs—the users themselves provide the hosting hardware, not to mention the matchmaking and so on. Those that are left are subscribed (WoW), microtransaction-based (F2Ps), or some combination of the two. Or the servers are sponsored as a means to drive hardware sales and the like.
The console makers don't really trust user-owned servers, seeing them as a possible exploit avenue to penetrate their walled gardens.
Re: PS4 also has DRM on used games
Plus there's still the matter of that NFC-on-the-disc patent Sony holds. As reported, this can allow no-resale even without an internet connection.
Perhaps, but it's easier for a human to remember ONE big password than 100 of them, so the master password can be as long and complicated as their memory can dare it. Which starts putting a strain on the yottabyte datacenter, which still has two intractable physical limitations: limited time and limited resources. And there are some things even a quantum computer can't readily speed up (such as lattice- or error-correcting-code-based encryption).
Re: Simple technique to increase cypher strength
"Establish and maintain data custody at all points where the only person(s) with access are those who the creator of said data authorized explicitly. Any hole that a "bad guy" can slip through, a "good guy gone bad" can get through even more easily."
Which goes to a fundamental and probably intractable problem with data security. In order to be useable, SOMEONE has to have access to the data. As long as someone has access to the data, someone can impersonate them. Given enough resources, Mallory can be indistinguishable from Alice no matter the level of security you apply. Even physical security isn't foolproof: stolen devices and rubber hoses come to mind.
Re: Companies don't pay taxes, people do.
But as the article notes, hiding the money in shell companies only goes so far. If the cash stays in the company, it gains value That counts as a capital gain, meaning taxes due when you cash out. Same for dividends. Furthermore, aren't business transactions normally subject to sales or value-added taxes, whether the purchase is for resale or for internal use?
Re: Thank you Sony!
Before I let Sony off the hook about the "no DRM" bit, ask them to explain that patent about NFC-tagged discs. Unless they agree in writing to not implement it in the PS4 (or better, to abandon enforcement of it), there's still the threat they can lock the games down later.
Also, on the matter of resale, what about games that are downloaded from Sony without a disc? And what about the Steam model (which Microsoft is pretty much copying)?
Re: US Tax deferral is fraud....
As the article notes, the main thought is that the money never enters the US directly. Instead, Apple will look for foreign locations to build plants and so on. These plants affect the company as a whole, boosting the market cap without directly taxing the increased market value until cashout time. And even there, there are supposedly a few tricks to evade that: such as borrowing against the gains and dying with the debts. This may have changed, but some assets can be re-based when they're inherited, allowing the heirs to pay off the debts by selling out at a reduced tax burden.
"Of course, no one ever started a company, practiced a sport or mastered a musical instrument and made lots of money those ways."
All of those involve investment, which means you put in money and likely time to get the return on the investment. The point still stands.
Re: Well said.
So enlighten us. How would the FBI alone take down the entire US population (which BTW outnumbers them by a factor somewhere into the triple digits at least). And while you're at it, go into how the armed forces would be forced to act against their own citizens: potentially against even friends and family?
Re: I don't see why
IIRC even Sega backpedaled on backwards compatibility. The Power Base IIRC only worked on the original Genesis. The Model 2 Genesis had different hardware that made things quirky and the Model 3 Genesis had no Z80 in it, meaning no 8-bit support. The MasterGear adapter was pretty basic as the Game Gear was merely a souped-up, shrunk-down Master System). Meanwhile, Saturn games couldn't be run on a Dreamcast.
Re: False positives
So let me take the question further. What if it was EVERYONE'S security you were trying to protect? What if one slipped secret basically meant game over: meant your home country and everyone in it was basically doomed. Would your decision stand? Would you (and everyone else) rather die than live under Big Brother?
Excuse me. What about the cameras and satellites? Not to mention the eyes on the ground. And I would think at least one pair of eyes will be trained on every pub around: if at the least to be there in case things get rowdy.
Wired posted an article about the US supposedly building a facility where they intend to house EVERYTHING that passes through American wires. IOW, even an encrypted comm gets captured and stowed away somewhere for the day they can break it. And IIRC, neither terrorism nor treason have statutes of limitations.
Re: it's probably MUCH worse than this
The Android IS is open source, meaning many eyes get to look at it.. And it's based on Linux, which is based on UNIX, which at least has some history of security compartmentalization. If someone can sneak an exploit into Android, why not into the Linux kernel?
Re: False positives
I'm not saying that's what *I* believe. I'm saying it's what *THEY* (the US government) believe. And frankly, while I disagree with it, it's hard not to understand the perspective. What happens when you're down to a stark choice between privacy and security with no overlap?
Re: Ban Laptops
"I don't even see the need to have remote access to personal data. Work should get done at the office and home life done at home. If an employee needs to do work at home, there is something wrong with their job classification. Hire another person in the office."
Easy enough to say until accounting tells you there's not enough in the labor budget to retain another worker. That's the big big problem with labor these days: people are expected to be working as much as possible or they'll find someone who works harder than you. It's a race to the bottom to find people who work as hard as possible for as little as possible...if they don't find a foreign worker who can work for what we'd consider a pittance or just turn the job over to an expert system who can work round the clock with virtually no time off.
As for remote access, consider that some places have very poor Internet access. If you have to make a deadline (maybe it's for a contract), you can't stay in the office, and you can't rely on remote access, what options do you have left?
Re: Just Sack the Person at the Top
And if it STILL happens? It's not like a government bureau can be dissolved, and a "changing of the guard" could result in a bad-to-worse transition.
Re: RDP? What does the ICO do with the money?
And everyone else seems to think the Internet is literally everywhere. What if you need to meet a deadline but you're going to be "out of the loop" for a while? What if your Internet access is notoriously unreliable or hard to secure (you're using a WiFi setup that's not yours)? Then there's the matter of drive-by (hidden in a popular site) rootkit (hidden from detection) malware that can still nick the RDP details.
Re: it's probably MUCH worse than this
Chips made outside the US? Uncooperative gatekeeper OS (How will it know what to send? Without it, it'll just catch all the network overhead)? Kept out of the loop (airplane mode or simply out of range) too long, unable to retain everything? Sounds like a hardware eavesdropper would be too prone to discovery or other modes of failure.
Re: it's probably MUCH worse than this
What about a rooted phone with custom software compiled from source?
Re: It's the gagging order that's the problem
Makes me wonder what happens if they're caught BETWEEN two laws. What if a company is required to disclose by law but at the same time forced to NOT disclose by another law of equal priority: damned either way?
Re: False positives
But the trouble is they fear the false NEGATIVE over the false positive because they believe the false negative to be an EXISTENTIAL threat and therefore to be snuffed at all costs (when the price of failure is cessation of existence, no price is too high).
Publicity could've been covered up with blackmail: something like, "you wouldn't want this dirty little secret to just suddenly turn up at the New York Times" or the like. Credible threat to the firm, plausible deniability to the government because the dirty secret is at least a stage removed from them (if the firm tries to turn on the government, they'll just turn around the claim the firm is a conspiracy theorist nutcase—what proof do they have).
Simple: They never sell you the software in the first place, merely subscribe or lease you to it (think Steam and OnLive; both use the same model). You cannot resell what was never legally yours.
Re: All sounds good to me
Where does it say the games MUST reside on the internal drive? What happened to external drive support which already exists on the 360?
Re: no wonder
Perhaps, but they fear the false negative more than the false positive. No one wants to drop the big one because the big one may just kill them. When the false negative becomes an existential threat, all else is secondary.
Re: If such surveillance was either essential or well controlled it could have been done honestly
But what happens when absolute, total surveillance becomes ESSENTIAL to survive? IOW, what happens when it's down to let Big Brother watch us or we die?
Re: not only but also
c) The ISP catches this because you're underutilizing the house DNS system and starts sniffing around. Pretty sure the ToS for such a service will require that the DNS settings not be altered on pain of cutoff.
Re: Not to worry
Five pounds gives you ten the authentication connection will be over SSL with the consoles having the public key, meaning faking the authentication will only be possible by stealing the private key. Track records for private key thefts have been historically very low.
Re: Ever reliable...
Then explain why Steam is taking off. Why can't Microsoft do things Steam is doing like demos and sample periods? Wouldn't that and online reviews take the place of word of mouth?
Re: It's a pity
Roll your own is my recommendation. Gaming requirements have hit a plateau lately, meaning you can get some decent hardware for a modest investment. Though given your PC's age (in comparison, mine's about 4 years old), it'll probably have to be built from scratch if you don't have an empty case lying around. Pick and choose your parts.
You can go middle-of-the-road (like a Core i5 or something from AMD) without much trouble since most of the grunt work goes to the GPU, and there you have plenty of options (budget $200-300 for something with comfortable performance; choose nVidia or AMD to suit your taste).
Measure how much you put on your hard drive(s) to determine what's best for you. If you put a lot of stuff in it, you'll probably want to stick with traditional drives at least as a secondary. Getting a solid-state drive for the boot drive does help with performance, but the price premium means you need to choose the device carefully depending on your storage and performance needs as well as you budget.
Memory generally isn't a big problem these days, especially with 64-bit OS's. Try to get at least 8GB of memory to give yourself some headroom, but check for the ideal clock settings and always buy in matched sets to maximize the performance on your motherboard (check your motherboard's specs for details on ideal arrangements). Getting more may not be needed right away, but as an option it doesn't really hurt on a 64-bit OS.
Re: Why not try to expand the password memory capcity?
Why not? For the same reason you can't make something foolproof: eventually the world will produce a better fool. While it's not impossible to expand the human memory capacity to an extent, there are usually limitations that are not well known to the system designers. What if one has a bad memory for faces? For images? For spelling?
Re: Calm down...
Actually, I think it's QUITE warranted.
1. The control is being left to the publishers, and given the track records of the big guys like EA and UbiSoft, how do you think this will go?
2. The model already exists with Valve and Steam.
3. Given a recent patent application, I think Sony are actually going to go one worse than Microsoft on this and employ a system that can work even without Internet.
Re: Another great micro$oft design decision
Given a recent patent application (for discs with NFC chippery built in), I would say Sony will go one better and come up with a "use once only" disc that doesn't even require an Internet connection. Even if you have no Internet at all, once you use the disc, the NFC chip on the disc (which will likely contain a crypto key or the like) will prevent it being used anymore.
"A monopoly is only a problem when the prices are to high, I get MS Office for $10 because we have a site license. That's probably close to what the real price should be. That is a monopoly."
Doesn't sound like a monopoly to me. A monopoly has to affect an entire market to be one. In your case, what your company chooses is your business, but if all your corporate peers had no choice but to use MS Office, then you're dealing with a monopoly.
Also, there are different kinds of monopolies. The worst ones are de facto monopolies that come about due to sheer market forces (rather than de jure monopolies enacted by law—those tend to occur with stuff like utilities where competition would result in duplicated infrastructures that are an eyesore if not a risk to the public). These run the risk of becoming self-reinforcing monopolies where even disruption is difficult because the monopoly holder can control the entire chain and create barriers of entry.
Except if the PC presence shrinks, so does the ad visibility. The ads show up on PCs, NOT mobiles. To avoid losing their ad visibility, they need to start migrating the ads. I suspect they'll take this a step at a time, perhaps starting with tablets where there's more real estate to spare and then move on to phones as their resolutions increase.
Re: For those who feel I am too paranoid
But if you replace the government, what do you replace it WITH? Ever heard of the phrase out of the frying pan and into the fire? ANY government made by man will eventually be corrupted by the necessary human element. The only other type of government where the human element is minimized is the rule of absolute law: where the law dictates terms with no exceptions. We're not comfortable with that, either, because we're aware of the concept of mitigating circumstances.
That's actually the exact technique I use. I also don't put the key in the Public folder but instead put it in a dedicated directory which I sync using tools like DropSync, so the actual existence of the database isn't known to all and sundry. And since KeePass has an Android client, I can still access stuff from my mobile if the need arises.
Re: the off-line solution
When THAT day comes, not even your Revo will be safe because the act of terrorism will come through the AIR: think an EMP from an airborne atomic/nuclear explosion. Not even offline devices will be wholly safe from them.
Plus there's always the risk of you getting mugged and the mugger nicking off your Revo WHILE you were using it (meaning the master password isn't needed, and they can nick everything else off before it has a chance to lock itself).
Re: Deterministic Password Generators
But you'd still need the necessary credentials to pass into the procedural generator in order to reconstitute the password. If that information is smaller than the hash technique, it isn't worth it since they'll just try to retrieve the procedure parameters and then reconstruct the algorithm (likely through disassembly—and the procedure must be in memory for it to work, so there's no guaranteed way to hide it).
Re: Policing users
So how do the ISP perform packet policing when their users increasingly use end-to-end encrypted channels like SSL? Or worse, encrypted-by-design networks like ToR, i2p, and freenet? How do you you DPI an encrypted packet?
You ever seen all these recent articles about malwares hiding in government installations for nearly a decade? The best malware stays silent and hidden, eavesdropping on network activity and then secretly sending off its results. If a malware sneaks onto the LastPass system, they can just listen for the credentials being passed online (and since it's at an endpoint, it's a point where it could avoid encrypted channels and hear a means of obtaining unencrypted credentials—either the user's master password or his master key).
- It's true, the START MENU is coming BACK to Windows 8, hiss sources
- Xmas Round-up Ten top tech toys to interface with a techie’s Christmas stocking
- How UK air traffic control system was caught asleep on the job
- Pic NASA Mars tank Curiosity rolls on old WET PATCH, sighs, sniffs for life signs
- Google embiggens its fat vid pipe Chromecast with TEN new supported apps