Feeds

* Posts by Charles 9

3457 posts • joined 10 Jun 2009

RSA: That NSA crypto-algorithm we put in our products? Stop using that

Charles 9
Silver badge

Re: And now for something completely different

If that were true, wouldn't at least one company simply refuse to comply, and if threatened with the loss of export privileges, reply, "We lose either way; compliance means the world won't trust my company. So, given a lose-lose situation, I'd rather lose gracefully."

2
0
Charles 9
Silver badge

Re: Maybe the clue's in the name?

"and which Intel won't let you see the details of ...."

Hasn't anyone tried to decap one of these Intel CPUs to find out for themselves what's in the works? I'd find it hard to think they'd create an implementation that would fool even a direct physical examination.

2
0

'Occupy' affiliate claims Intel bakes SECRET 3G radio into vPro CPUs

Charles 9
Silver badge

Re: Like all good conspiracies

"what network would the be connecting to?"

Probably a whispernet. Black-and-white Kindles employ this technique. As for signal propagation, any bets one of the pins goes to an antenna that's mounted within the motherbard as a requirement or the like?

0
0
Charles 9
Silver badge

Except 3G is STILL wireless, and the 3G tech is pretty well known. Radio transmissions should be pretty easy to pick up, and once you know enough about what is happening, you can probably conduct Faraday cage experiments to support your findings.

Besides, the 3G part of vPro is hardly secret, as it's being advertised as an anti-theft/remote-brick device.

0
0

Google smacks Surface with free Quickoffice for Android, iOS

Charles 9
Silver badge
Unhappy

No ODF Support

Just gave it a spin for the sake of it. One problem: I use LibreOffice.

Guess what? No ODF support.

1
0
Charles 9
Silver badge

Re: Hey, we have another source of money

US law does have laws against that, too (here we call it "dumping"), but since alternatives already exist that are not only free but FOSS, trying to assert dumping is going to be a hard sell, especially since the tie-in to Google Drive means they can claim competition by a different business model.

3
0
Charles 9
Silver badge

Except they can't because they used the VERY generic term "Office". They can trademark the complete phrase "Microsoft Office", but not the word "Office" because it's too broad. Therefore, QuickOffice (which is different enough in name and logo to MS Office) would get a pass. Also, Microsoft would have to answer why they didn't make such an assertion with StarOffice/OpenOffice/LibreOffice previously (there is IIRC a statute of limitations for filing a trademark infringement claim).

4
0
Charles 9
Silver badge

Re: Byz At this rate...

Not even with Google Docs, which can ALSO access Google Drive, meaning you can edit on the desktop and have access on the phone PDQ?

1
1

So, Linus Torvalds: Did US spooks demand a backdoor in Linux? 'Yes'

Charles 9
Silver badge

Re: Linux backdoor?

So the spooks insert code that detects the VM. Malware authors do that all the time. Exploit never appears in the VM; only on a live system.

0
0
Charles 9
Silver badge

Re: rdrand: Well

How do you open-source a chip schematic. Plus if the chip makers were true genii, they'd have accounted for the possibility of someone decapping or otherwise stripping the chip down to the circuits and trying to trace them (on the assumption that a truly determined adversary, say another state, would try to identify or subvert it) and simply made it so the chip fried and was useless on any attempt.

1
1
Charles 9
Silver badge

"Linus thought this was absurd because even if the data was not random, it wouldn't reduce entropy. That's true so long as the data is produced without any knowledge of the other random data it will be combined with - but the sufficiently paranoid observe that we can't check that's the case."

Given most of the other inputs to /dev/random (the true RNG stream) are environmental, they'd have to subvert the environment to a great degree to be able to know the state of even one of the input streams to the point of being able to counter it.

And there are other true random sources of bits besides radioactive decay. You can use a reverse-biased transistor, shot noise, avalanche noise (this is what the Entropy Key uses), and so on. Then there are projects like HAVEGE that emply the hectic, multitasking nature of modern CPUs to draw entropy.

1
0
Charles 9
Silver badge

Re: Agreed.

"If I were the NSA, I would just have the "right" people placed in a company like RHEL, where the compiler could be doctored, and the doctored binary and clean source code could then be distributed.

Any recompile would, of course, inject Trojan horse code - regardless of how closely the source was inspected: Neither the compiler source, nor the project source code would contain any evidence"

But they'd also have to dodge an independent compile using another toolchain's compiler: one outside NSA control.

In the end, a compiler could probably be vetted a few times, down to the machine code, and its binary code hashed a few ways (just in case the spooks have a way to create a preimage trojan for one of them--it would be statistically infeasible to tamper with the code AND match the hashes on two different hash familities). Once that could be verified, then you can compile against that one and establish a chain of trust that shows the code wasn't tampered without it showing up in the source. I don't think we're at the stage were we need such anal retention YET...but it's still an option.

1
0
Charles 9
Silver badge

Re: Don't know about that

I know there's at least one culture that intentionally swapped their nods and shakes to stave off trouble from oppressive overlords while at the same time end-running a "cannot tell a lie" canon. Even after they were freed, the trend stuck.

0
1

Hiroshi Yamauchi, bizlord who gave the world Donkey Kong, dead at 85

Charles 9
Silver badge

Re: Not sure if it's true....

Just a slight pedant alert. In Japanese, when they're trying to accommodate a foreign word, they differentiate it by using an alternate phonetic alphabet: katakana (vs. the traditional hiragana you used).

To translate the word "monkey" into katakana would be 「モンキ」, though as you say Japanese has a direct term for monkey and wouldn't need katakana.

1
0
Charles 9
Silver badge
Joke

Oh? I'd have figured either poison mushrooms or infection from a turtle bite.

0
0

I, for one, welcome our robotic communist jobless future

Charles 9
Silver badge

Re: Nice article, but way over-simplistic

1) Isn't that what the criminal code is for: to weed out dangerous elements like power-mongers?

2) There's the condition of "ignorant bliss". Unless you say the desire to live is innate and fixed, there may be a point where people enter the world not knowing better.

3) There will still be a desire to improve things. The thing is, the best designs tend to come from people who can devote their energy to the task. Thus why we value masterpieces and such. Even in the past there were people like artists who found natural talents and made use of them.

4) There will still be a need for doctors, but the economics of medicine will change. Doctors would be doctors because they WANT to be doctors, not out of any economic pressure. I will concede there may be a point where the desire to be a doctor could be too weak, so another thought process would be needed.

5) Don't be so sure. We're clever little ticks and since pathogens needs to interact, there will always be ways in. There's current research into Quorum Sensing disruption, for example (though I concede the supposed adaptation-free QS disruptors might still be evolved beyond perhaps by rotating QS indicators).

6) Did you know they are researching ways to produce sythetic hydrocarbons using the excess energy from nuclear reactors? Navies in particular are funding this research since it reduces logistics for aircraft carriers. This goes to the bigger problem of needing more ubiquitous sources of energy.

7) Explain why it would require complete and immediate world cooperation for this to work.

8) Like with doctors, there will still be a need for policemen (think career cops; some people WANT to protect and server).

1
1
Charles 9
Silver badge

Re: Bleak

But it speaks to a bigger problem. Humans have a maintenance cost (we eat, drink, require space to live, etc.) which taxes into currently-limited resources: resources that robots can't improve anytime soon. What the unrest in the Middle East (and occasionally in Europe with the odd rumbling in North America) tells me is we are approaching a "danger zone" where the population is tipping beyond a sustainability threshold that can trigger resource conflicts (which historically tend to spawn the worst wars). When you need fewer people to sustain the world, the question eventually goes to, "Do you really NEED that many people on the planet?"

1
0
Charles 9
Silver badge

Re: Not going to happen

"No they can't. That's just wrong and the evidence is all around us. Most people when asked "how much do you want" really, deep down, think "all of it". What it is hardly matters at all."

But then, after the think it over REALLY really well they realize, especially for some things, "Well...maybe not ALL of them." I mean, having ten million T-shirts is one thing...until you notice the size of your closet. Imagining having all of the cake sounds nice until you actually get around to eating it (otherwise, the buffet business wouldn't be viable). There ARE limits. Part of our life experience is learning them.

2
0
Charles 9
Silver badge

Re: Hardly new idea

"Better to keep your mouth closed and be thought of as a fool, than to open it and remove all doubt. ;-)"

Trouble is, that adage falls apart when the presumption of idiocy is already beyond the point of doubt. At which point, you have nothing to lose anymore and might as well speak out on the chance of removing the possibly-erroneous assumption.

0
0
Charles 9
Silver badge

Re: We work because we *have* to

"And it's not because of how much it costs to put food in our mouths, it's because of the cost of having somewhere to live: something which requires almost zero ongoing input of labour (bar a small amount of maintenance), but which has a huge scarcity premium."

An interesting thought that, too. And there is a tradeoff to the rural/city equation. It's easier in cities to find what you need because everything's closer, but BECAUSE of that, space is at a premium, leading to what you describe (you can see it in any big city--New York is notorious for it). OTOH, rural space is perhaps underutilized in terms of human capacity--likely because being sustainable there is more complicated.

And since we are not in an age where vital resources like energy are ubiquitous, there's no cure-all solution as of yet.

0
0
Charles 9
Silver badge

Re: If you live in a lake, it takes longer to walk to the well

"The step change comes when it becomes practical to have semi autonomous robots doing jobs that currently we have to use people for - cleaning toilets, making burgers, assembling motorbikes."

One thing we've learned in the automation push is that robots tend to be at their best when the process is controllable. You always assemble the car the same way. you always build microchips the same way.

When the environment becomes less controllable, then Murphy strikes. There's debris in front of the toilet (including possibly a passed-out drunk) that confuses the robot heading for the toilet, or the burger doesn't flip right and instead flops elsewhere. Ever noticed there aren't really robots for picking tree fruits or for picking grapes without breaking a bunch of them? Many kinds of crops have such natural randomness to them that even our cleverest minds can't build robots that can handle them: especially when a soft touch is needed (thus they tend to compromise on man-machine interfaces where the machine provides assistance only--a simpler way for human pickers to collect the crops).

2
0
Charles 9
Silver badge

Re: I see a flaw.

"There are some solutions. The government could issue a basic income, perhaps, though funding it would be a great difficulty. Or abandon market solutions entirely for the most vital goods like food and go full-on communist, nationalising production."

Until then, however, some of our most precious resources are still limted. Food, water, energy. Without them, we're basically dead, destitute, or otherwise in dire straits. While reading this article, I thought back to Star Trek's universe and recalled some of the things that allowed its society to function. Two things in general allowed what was essentially communism to both be accepted and work there: ubiquitous energy (so much energy ordinarily they never felt much of a concern it would run out except in specialized circumstances--we're talking routine compact generators capable of multiple GW) and the ability to use that energy to fulfill the other needs (synthesizers and replicators--the ability to convert energy into different forms of matter). We would need that level of ubiquity to be able to accept what's proposed in the article. Otherwise, the potential for it running out will always keep us, at least nominally, at the neighbor's throat in the event of a crisis.

0
1

Torvalds shoots down call to yank 'backdoored' Intel RdRand in Linux crypto

Charles 9
Silver badge

Re: Host key generation is more of a risk

Some implementations store some of the random data on shutdown to help jumpstart the generators on next boot. That would reduce the window of vulnerability in that regard.

0
0

Life … moves … in … slow … motion … for … little … critters … like … flies

Charles 9
Silver badge

Re: For killing flies.....

I've seen them. They're really popular in Southeast Asia. Clear your room of skeeters and get some exercise at the same time. They're actually available in America, too, though I disagree with the prices.

0
0
Charles 9
Silver badge

Re: Killing flies ...

Experience tells me they do go forward but can react to the air from your hand. I've found better success with a cupped hand. The wind forces are different, so the fly can't detect it as easily, plus it can catch the fly in a trap if they think the cup is safe (it isn't; when you slam down, you make a shockwave in the air trapped by your hand; said shockwave can be surprisingly effective on the fly even if you don't directly smash it). I've had some success swatting houseflies bare-handed this way. Also, try tensioning your arm so that you slam down as quickly as possible when you release.

0
0
Charles 9
Silver badge

Re: Time Perception.

Something has occurred to me: something related to the perception of time.

Perhaps our perception of time can be affected by state of consciousness, too. I once recall a few mornings when I was groggy, having just gotten up, and happened to look at the wristwatch I had at the time. I could've sworn I was seeing the seconds tick by pretty quickly, but by the time I was fully awake, things seemed to be normal again. Now, I knew time hadn't sped up while I slept, so I wondered if grogginess caused us to perceive time differently as well. Have there been experiments into the perception of time in differing states of consciousness?

0
0
Charles 9
Silver badge

I'd always figured the big reason small animals perceived faster was simply because their nervous systems have less distance to travel. Barring everything else, neural impulses still travel at some fraction of the speed of light, and inter-synapse chemical reactions should still propagate at the same speed regardless of species, so all speeds being equal, it's quicker to navigate a two-inch brain than a ten-inch one.

5
0

Psst.. Know how to hack a mobe by radio wave? There's $70k+ in it for you

Charles 9
Silver badge

Re: Google wins

Too bad I don't use mobile Chrome. I tend to stick with Opera Classic. It's a bit clunky these days, but it doesn't crash a lot the way the Webkit-based Opera does.

0
0

Do you trust your waiter? Hacked bank-card reader TEXTS your info to crims

Charles 9
Silver badge

Re: The U.S. Credit Card industry *MUST* go to 100% adoption of smart chip cards

I'd like to know how sporadic they account (as in, how many minutes per day on average). Plus, many of these mom-and-pops may lack the resources or the desire to step up, meaning the credit card companies face a possible trade-off: force them and some of them could walk away. Plus, card companies in the US may not see enough of a risk-benefit to moving to Chip-and-PIN (US laws ALREADY protect consumers in the event of credit card fraud, capping liability). They already have robust anti-fraud measures in place, and this does very little for the shoulder-surf-and-slug or for e-commerce where you're basically back to the old-fashioned way. Also, there's a competing push: contactless cards.

0
0
Charles 9
Silver badge

Re: The U.S. Credit Card industry *MUST* go to 100% adoption of smart chip cards

They CAN'T.

Some places are SO remote that TELEPHONE access is sketchy. These kinds of places aren't even on stripes but still use the good-old-fashioned IMPRINTING machine. If you can't convince these types of people to switch to stripes, how in blazes are you going to take them the additional step(s) needed to to to Chip-and-PIN?

0
0
Charles 9
Silver badge

Re: Two part PIN?

Still a compromised terminal can act as a Man In The Middle. Last I checked, the terminal performs some negotiation with the card prior to performing the transaction. Unless a number of exploits have already been addressed and new cards issued, these transactions can be altered to make the cards more vulnerable.

0
0

Chap unrolls 'USB condom' to protect against viruses

Charles 9
Silver badge
Trollface

Re: Pedant alert

All right, then, nano- or picocomputers to satisfy the trend.

0
0
Charles 9
Silver badge

Re: Such 2-pin power-only USB cables have been around for years

"Anyone else notice that in Asia they provide public 'Charging Stations' in airports, ferry terminals and almost anywhere. Meanwhile in some parts of the Americas, if you plug into a wall outlet at the airport, you'll be instantly tasered half to death and dragged off to serve 20-years."

Airlines are catiching on to the idea of charging stations. Depending on the airport, you can find them for your favorite airline free of charge (DTW, for example, has plenty of them at Delta gates). As for doing this more generally, I've given it a thought. Could make for an interesting startup opportunity.

0
0

'Liberator' 3D printed gun enters London's V&A Museum

Charles 9
Silver badge

Re: What kind of 3D printing... Ammunition & Philosophy & Clarification

While nothing is more research, researching a COVERT means of killing a man is not only highly researched, but also due to its nature full of TRADE SECRETS. Especially since these can be tools of the state (like the ricin umbrella), so plans tend to stay away from the public eye. Plus, with each discovery, the circumstances become more difficult. Right now, distance and security at the gate are the main things protecting VIPs who must speak in public. A gun would beat the distance problem in a way few others could, and those others would have difficulty beating the security at the gate (springs are invariable metallic, a bow would be harder to conceal and still be effective, especially if they can't be metal limbs, and a blow weapon would probably lack accuracy at range if its size is limited).

0
1
Charles 9
Silver badge

Re: What kind of 3D printing...

Plus there's the matter of the reduced metal content: handy for someone wanting to get past a metal detector and still be able to kill at 5-10 meters or so. The only thing you'd need beyond the liberator is a nonmetallic cartridge (has anyone tried using a ceramic slug in a carbon fiber casing or the like in one of these, resulting in a fully-nonmetallic distance weapon)?

2
2

Microsoft's swipe'n'swirl pic passwords LESS secure than PINs, warn researchers

Charles 9
Silver badge

Re: Reposition Characters OnScreen

Probably because some people rely on muscle memory to recall things like PINs. Some people don't like it when you mess with muscle memory.

0
0
Charles 9
Silver badge

No, more like downvotes to an overly-used cliche. Also, the thing about mobile devices is that it's more difficult to type things in. That's why a focus on gestures and PINs (which can use larger buttons). How many times have you missed on a virtual keyboard?

0
1
Charles 9
Silver badge

Re: Extra dimensions!

Write your signature twice at your normal speed. Note how different the two of them are, not just in appearance but also in time taken. Circumstances can alter our strokes and our timing, meaning unless a timing-based check is forgiving, we have a passing fair chance of missing. That's probably why timing hasn't been used much in current gesture checks like those seen in Android.

4
0

TWO can play this 64-bit mobile game, says Samsung, crossly

Charles 9
Silver badge

Re: 32bit NT4.0 Enterprise

There is concern when it comes to pointers, which would have to be twice as big. Also, data alignment could be more costly for small values, as not accessing an aligned memory space usually incurs an access time penalty. So there are tradeoffs.

Another thing I've been thinking about is the increased address space could play into increased memory mapping of devices and so on. Would there be any benefit to, say, mapping the internal flash or some of the other internal devices (I suspect many of them are already mapped in the 32-bit space as few devices go beyond 2GB RAM).

0
0
Charles 9
Silver badge

Re: Which fab are Apple using?

"Samsung is also working toward designing their own ARM cores like Apple (and Qualcomm) are doing. The current Exynos CPUs are using ARM designed cores so they are comparable to the Apple A4 and A5, where Apple designed the SoC but dropped in ARM cores licensed from ARM, Ltd. It is quite possible Samsung's 64 bit ARM will be their own core, rather than using the A53 or A57."

No argument there. Odds are Samsung's 64-bit CPU will be an ARMv8-based Exynos SoC.

1
0
Charles 9
Silver badge

Re: Why oh why

"But when Epic came up demonstrating their new game, at the same event, they said they got 5x the speed of iPhone 5. And they attributed that only to the 64-bit architecture. I'm not exactly sure how graphic calculations benefit from more bits."

I suspect this was less to do with the bit count than with the increased register space (more and bigger registers), allowing for faster memory transfers.

2
0
Charles 9
Silver badge

Re: Why oh why

But in terms of moving raw data, if a register is twice as wide, it can hold more in it (8 bytes vs. 4). Since the busses are also twice as wide, it shouldn't take twice as long to load 8 bytes onto a 64-bit register vs. 4 bytes onto a 32-bit one. Plus, 64-bit CPUs tend to have more registers than their 32-bit counterparts, meaning more transfer space, potentially meaning faster memory transfers.

3
0

Google swaps out MySQL, moves to MariaDB

Charles 9
Silver badge

Probably due to architectural differences. Whereas MariaDB is basically a fork of MySQL, designed to be a drop-in replacement, PostgreSQL is a whole other beast which basically means a learning curve.

0
0
Charles 9
Silver badge

I guess to each his own. If your setup isn't overly complicated, migrating to MariaDB shouldn't break anything. It's designed as a drop-in so everything can be preserved, usually. Mine was simple enough: a few CLI commands and everything ported no sweat. But, your mileage may vary. It's worth at least a look and perhaps some time on a test rig.

0
0

ATTACK of the ROBOT BANKERS brings stock market to its knees

Charles 9
Silver badge

Re: Attack of the High Frequency Trading systems.

As for the idea that a transaction fee will stop HFTs, given that the companies with the capital to build and operate an HFT routinely operate with billions of dollars at a time, any kind of non-exorbitant transaction fee would likely be absorbed by them as The Cost of Doing Business. And beyond that, suppose these companies decided to end-run around transaction fees?

0
0
Charles 9
Silver badge

Re: Attack of the High Frequency Trading systems.

But there are too many bags for that to happen, and more keep on coming every day. Part of the HFT's job is to FIND the bags...FIRST. And when a trade tales MILLIseconds, every NANOsecond counts. This is "first in wins" taken to inhuman extremes.

1
0

BBC releases MYSTERY RIDDLE poster for Doctor Who anniversary episode

Charles 9
Silver badge

Correct. Rose was left alive in Pete's World along with the cloned Ten (which I'm sure most are figuring is what David Tennant will be reprising for the special). Given the clone's circumstances, this would also allow for Tennant not to have to look younger for the special, either (since the cloned Ten was more human than Time Lord and therefore aged).

0
0
Charles 9
Silver badge

Re: The geek in me is compelled to mention...

Never thought of it in those terms. My thought was that the Other, like Eight during the Great Time War, was probably forced into some bad but necesary things. He couldn't have done them "in the name of the Doctor" because this was before he became the Doctor (and that's why I don't think it's Eight; at least Ten acknowledged what Eight did--regrettably, yes, but it didn't seem like Eight abandoned the title during the Time War and resumed it when becoming Nine). I think of it like ultimate motive: why did the Doctor become (and assume the title of) the Doctor in the first place? It's not as if this has been discussed in significant detail, has it?

0
0
Charles 9
Silver badge

Re: The geek in me is compelled to mention...

But he also got flak from the old school at the same time, so there's pressure in both directions.

It'll be curious to see how things are steered once Peter Capaidi becomes Twelve. After a rash of young Doctors, I have to wonder how an older one will be handled these days.

0
0

NIST denies it weakened its encryption standard to please the NSA

Charles 9
Silver badge

Re: American Institutions

But then who do you trust for anything with global relevance? Who's to say YOUR non-US government isn't doing the same thing and just weren't caught doing it? The REAL real problem is we're at a lot point in the world of trust, and trust is an essential part of security. But in terms of security, our trust has become so ephemeral we're almost to the unusable "trust no one" state.

We're floating towards Descartian "Evil Genius" territory, and unfortunately (Sorry, Doc Smith), there is no genuine, imitation-proof symbol of trustworthiness in the universe (at least that we know of).

0
0