3190 posts • joined 10 Jun 2009
Excuse me. What about the cameras and satellites? Not to mention the eyes on the ground. And I would think at least one pair of eyes will be trained on every pub around: if at the least to be there in case things get rowdy.
Wired posted an article about the US supposedly building a facility where they intend to house EVERYTHING that passes through American wires. IOW, even an encrypted comm gets captured and stowed away somewhere for the day they can break it. And IIRC, neither terrorism nor treason have statutes of limitations.
Re: it's probably MUCH worse than this
The Android IS is open source, meaning many eyes get to look at it.. And it's based on Linux, which is based on UNIX, which at least has some history of security compartmentalization. If someone can sneak an exploit into Android, why not into the Linux kernel?
Re: False positives
I'm not saying that's what *I* believe. I'm saying it's what *THEY* (the US government) believe. And frankly, while I disagree with it, it's hard not to understand the perspective. What happens when you're down to a stark choice between privacy and security with no overlap?
Re: it's probably MUCH worse than this
Chips made outside the US? Uncooperative gatekeeper OS (How will it know what to send? Without it, it'll just catch all the network overhead)? Kept out of the loop (airplane mode or simply out of range) too long, unable to retain everything? Sounds like a hardware eavesdropper would be too prone to discovery or other modes of failure.
Re: it's probably MUCH worse than this
What about a rooted phone with custom software compiled from source?
Re: It's the gagging order that's the problem
Makes me wonder what happens if they're caught BETWEEN two laws. What if a company is required to disclose by law but at the same time forced to NOT disclose by another law of equal priority: damned either way?
Re: False positives
But the trouble is they fear the false NEGATIVE over the false positive because they believe the false negative to be an EXISTENTIAL threat and therefore to be snuffed at all costs (when the price of failure is cessation of existence, no price is too high).
Re: Ban Laptops
"I don't even see the need to have remote access to personal data. Work should get done at the office and home life done at home. If an employee needs to do work at home, there is something wrong with their job classification. Hire another person in the office."
Easy enough to say until accounting tells you there's not enough in the labor budget to retain another worker. That's the big big problem with labor these days: people are expected to be working as much as possible or they'll find someone who works harder than you. It's a race to the bottom to find people who work as hard as possible for as little as possible...if they don't find a foreign worker who can work for what we'd consider a pittance or just turn the job over to an expert system who can work round the clock with virtually no time off.
As for remote access, consider that some places have very poor Internet access. If you have to make a deadline (maybe it's for a contract), you can't stay in the office, and you can't rely on remote access, what options do you have left?
Re: Just Sack the Person at the Top
And if it STILL happens? It's not like a government bureau can be dissolved, and a "changing of the guard" could result in a bad-to-worse transition.
Re: RDP? What does the ICO do with the money?
And everyone else seems to think the Internet is literally everywhere. What if you need to meet a deadline but you're going to be "out of the loop" for a while? What if your Internet access is notoriously unreliable or hard to secure (you're using a WiFi setup that's not yours)? Then there's the matter of drive-by (hidden in a popular site) rootkit (hidden from detection) malware that can still nick the RDP details.
Publicity could've been covered up with blackmail: something like, "you wouldn't want this dirty little secret to just suddenly turn up at the New York Times" or the like. Credible threat to the firm, plausible deniability to the government because the dirty secret is at least a stage removed from them (if the firm tries to turn on the government, they'll just turn around the claim the firm is a conspiracy theorist nutcase—what proof do they have).
Re: no wonder
Perhaps, but they fear the false negative more than the false positive. No one wants to drop the big one because the big one may just kill them. When the false negative becomes an existential threat, all else is secondary.
Re: If such surveillance was either essential or well controlled it could have been done honestly
But what happens when absolute, total surveillance becomes ESSENTIAL to survive? IOW, what happens when it's down to let Big Brother watch us or we die?
Simple: They never sell you the software in the first place, merely subscribe or lease you to it (think Steam and OnLive; both use the same model). You cannot resell what was never legally yours.
Re: All sounds good to me
Where does it say the games MUST reside on the internal drive? What happened to external drive support which already exists on the 360?
Re: Not to worry
Five pounds gives you ten the authentication connection will be over SSL with the consoles having the public key, meaning faking the authentication will only be possible by stealing the private key. Track records for private key thefts have been historically very low.
Re: Ever reliable...
Then explain why Steam is taking off. Why can't Microsoft do things Steam is doing like demos and sample periods? Wouldn't that and online reviews take the place of word of mouth?
Re: It's a pity
Roll your own is my recommendation. Gaming requirements have hit a plateau lately, meaning you can get some decent hardware for a modest investment. Though given your PC's age (in comparison, mine's about 4 years old), it'll probably have to be built from scratch if you don't have an empty case lying around. Pick and choose your parts.
You can go middle-of-the-road (like a Core i5 or something from AMD) without much trouble since most of the grunt work goes to the GPU, and there you have plenty of options (budget $200-300 for something with comfortable performance; choose nVidia or AMD to suit your taste).
Measure how much you put on your hard drive(s) to determine what's best for you. If you put a lot of stuff in it, you'll probably want to stick with traditional drives at least as a secondary. Getting a solid-state drive for the boot drive does help with performance, but the price premium means you need to choose the device carefully depending on your storage and performance needs as well as you budget.
Memory generally isn't a big problem these days, especially with 64-bit OS's. Try to get at least 8GB of memory to give yourself some headroom, but check for the ideal clock settings and always buy in matched sets to maximize the performance on your motherboard (check your motherboard's specs for details on ideal arrangements). Getting more may not be needed right away, but as an option it doesn't really hurt on a 64-bit OS.
Re: Calm down...
Actually, I think it's QUITE warranted.
1. The control is being left to the publishers, and given the track records of the big guys like EA and UbiSoft, how do you think this will go?
2. The model already exists with Valve and Steam.
3. Given a recent patent application, I think Sony are actually going to go one worse than Microsoft on this and employ a system that can work even without Internet.
Re: Another great micro$oft design decision
Given a recent patent application (for discs with NFC chippery built in), I would say Sony will go one better and come up with a "use once only" disc that doesn't even require an Internet connection. Even if you have no Internet at all, once you use the disc, the NFC chip on the disc (which will likely contain a crypto key or the like) will prevent it being used anymore.
Re: not only but also
c) The ISP catches this because you're underutilizing the house DNS system and starts sniffing around. Pretty sure the ToS for such a service will require that the DNS settings not be altered on pain of cutoff.
Seems a little behind the times.
The Wikia network has had a visual editor available for its numerous wikis for some time (and BTW, they do retain a Source Edit mode in case of preference or necessity).
Re: Why not try to expand the password memory capcity?
Why not? For the same reason you can't make something foolproof: eventually the world will produce a better fool. While it's not impossible to expand the human memory capacity to an extent, there are usually limitations that are not well known to the system designers. What if one has a bad memory for faces? For images? For spelling?
Re: For those who feel I am too paranoid
But if you replace the government, what do you replace it WITH? Ever heard of the phrase out of the frying pan and into the fire? ANY government made by man will eventually be corrupted by the necessary human element. The only other type of government where the human element is minimized is the rule of absolute law: where the law dictates terms with no exceptions. We're not comfortable with that, either, because we're aware of the concept of mitigating circumstances.
That's actually the exact technique I use. I also don't put the key in the Public folder but instead put it in a dedicated directory which I sync using tools like DropSync, so the actual existence of the database isn't known to all and sundry. And since KeePass has an Android client, I can still access stuff from my mobile if the need arises.
Re: the off-line solution
When THAT day comes, not even your Revo will be safe because the act of terrorism will come through the AIR: think an EMP from an airborne atomic/nuclear explosion. Not even offline devices will be wholly safe from them.
Plus there's always the risk of you getting mugged and the mugger nicking off your Revo WHILE you were using it (meaning the master password isn't needed, and they can nick everything else off before it has a chance to lock itself).
Re: Deterministic Password Generators
But you'd still need the necessary credentials to pass into the procedural generator in order to reconstitute the password. If that information is smaller than the hash technique, it isn't worth it since they'll just try to retrieve the procedure parameters and then reconstruct the algorithm (likely through disassembly—and the procedure must be in memory for it to work, so there's no guaranteed way to hide it).
Re: Policing users
So how do the ISP perform packet policing when their users increasingly use end-to-end encrypted channels like SSL? Or worse, encrypted-by-design networks like ToR, i2p, and freenet? How do you you DPI an encrypted packet?
You ever seen all these recent articles about malwares hiding in government installations for nearly a decade? The best malware stays silent and hidden, eavesdropping on network activity and then secretly sending off its results. If a malware sneaks onto the LastPass system, they can just listen for the credentials being passed online (and since it's at an endpoint, it's a point where it could avoid encrypted channels and hear a means of obtaining unencrypted credentials—either the user's master password or his master key).
Even as huge as the resources of US.gov are, there ARE physical limitations. Barring an exploit, a large collection of individually-salted credentials would take more time and energy than the human race can currently exploit. Further along, you run out mass and energy on the PLANET, and we're not even close to ready to exploit extra-planetary mass and energy resources.
Put it this way. As much as people believe there's a black helicopter for everyone, consider the cost of building one, then multiply by the number of people in the country, then factor in the available US budget, which IS finite and having some debt issues.
"A monopoly is only a problem when the prices are to high, I get MS Office for $10 because we have a site license. That's probably close to what the real price should be. That is a monopoly."
Doesn't sound like a monopoly to me. A monopoly has to affect an entire market to be one. In your case, what your company chooses is your business, but if all your corporate peers had no choice but to use MS Office, then you're dealing with a monopoly.
Also, there are different kinds of monopolies. The worst ones are de facto monopolies that come about due to sheer market forces (rather than de jure monopolies enacted by law—those tend to occur with stuff like utilities where competition would result in duplicated infrastructures that are an eyesore if not a risk to the public). These run the risk of becoming self-reinforcing monopolies where even disruption is difficult because the monopoly holder can control the entire chain and create barriers of entry.
Except if the PC presence shrinks, so does the ad visibility. The ads show up on PCs, NOT mobiles. To avoid losing their ad visibility, they need to start migrating the ads. I suspect they'll take this a step at a time, perhaps starting with tablets where there's more real estate to spare and then move on to phones as their resolutions increase.
Not necessarily for the video part. In that regard, I think it's being done a bit inefficiently, though correct me if I'm mistaken. I'll admit I'm drifting from the topic at hand, but what I'm discussing seems more realistic AT THIS STAGE. Are TV video transmissions of a single quality or of a progressive quality such that the first bit of a frame produces a low resolution frame and then other parts refine it into a higher resolution over several stages like a progressive JPEG does? I would think for a more mobile world a progressive-quality stream would be more versatile without having to retransmit the same image multiple times, unless the overhead involved with progressive quality outstrips the costs of just transmitting the image multiple times.
Which is why I say virii with long incubations are worse, because for much of that time you can still be a transmitter. That had always been the danger of HIV and AIDS: the fact you can have it and not know it. It's been increased public awareness of that fact that has kept it under control by means of increased testing to catch it at early stages.
IMO, a nightmare virus would be something like a "time bomb": ticking away without your knowledge. It would be (a) airborne or otherwise overly easy to transmit, (b) highly lethal, but (c) with at least decent incubation. I consider us fortunate the closest we've come to a virus that ticks off all three criteria has been the 1918 pandemic, with its iffy (c) qualification.
As for an ebola vaccine, that's a longshot. Ebola is a retrovirus, a kind of RNA virus. RNA virii have always been hard ones to nail because, by their nature, RNA virii tend to mutate a lot. It's for this reason we can't nail a virus for the common cold (coronavirus is also an RNA virus).
I think it's an either/or case. Its unique shape that makes it so effective in human cells (thus it's called *H*IV) has the drawback of being poor at fending off the elements. Similarly to the ebola case. As mentioned, the mutation that allowed ebola to go airborne also made it less infectious, probably because a structure capable of surviving in air also makes it less capable of infection once back inside. The potential bug-a-boo is either (a) a virus that is SIMULTANEOUSLY highly infectious and airborne-capable or (b) a switch-hitter: one that can switch between airborne-ready and highly-infectious depending on the circumstances (various bacteria can switch-hit by hibernating as endospores—can a virus switch similarly?).
Re: At or below cost
"The MFN clause is vital to enable Apple (or anyone else) to know that if they invest in a business model that succeeds, the suppliers can't simply cut them off. Without the MFN clause, the iTunes store would have been shut down by the music publishers who thought the world belonged to them."
That's an interesting thought, but it begs the question: do the ebook publishers need Apple and its numerous iDevice users more than Apple needs the publishers to drive incremental business? Because if it's the former, then Apple's dictating terms by introducing a barrier of entry.: raising prices always runs the risk of alienating customers and causing them to defect...unless you get them ALL on board, in which case you have a captive market and cartel behaviour. If it's the latter, then Apple would be in no position to dictate terms to the publishers; if Apple isn't that critical, they can stick with Amazon and the Kindles and so on. They get their wholesale price no matter what Amazon does afterward, unless the fear is that Amazon will pressure the publishers to lower their wholesale prices under threat of boycott?
Re: Reading between the lines
Cinemas are physical locations and they employ this to create a captive market. The ticket may be cheap, but they'll scalp you at the concession stand and bar you from bringing your own food for reasons of sanitation (about the only time you're allowed is medical necessity—diabetic food, for example).
Re: NOT correct
Memory-SAFE...but what about memory-EFFICIENT? Can you compile a Sappeur program to run in a limited memory profile, say an embedded device? IOW, can you be BOTH memory-safe AND memory-efficient? What safeguards bounds and other things as such at runtime if there's no extra memory to manage it? That's the tradeoff I'm talking about. It's not always about performance efficiency.
Re: @ Charles
Mules are a way. They're not under the eye of the law, so they start the chain in a way that the law can't see. Laundering, shuffling the money multiple times, muddies the trail, and the shadow account helps to hide the money from people like taxmen. Another way is to extort/blackmail/glean financial details, which are then used to withdraw money, take a cash advance, or something else that's hard or impossible for a bank to fully reverse. If the transactions are done a little at a time (smurfing) it will be harder for the banks and law to spot before the point of no return.
The trick is to employ routes that avoid banks and other financial institutions as much as possible. Firms that want to maintain legitimacy keep within their purview as a show of security. The black market wants the opposite: to avoid them.
Re: More than 13 is POSSIBLE just inadvisable according to WHo lore.
@Tom 13: Going back to "Trial of a Time Lord", I wish to clarify that scene. You're describing the Valeyard, which according to the Master was "an amalgamation" of the darkest aspects of the Doctor's nature. It's not so much an incarnation of the Doctor but rather some kind of offshoot (like the Doctor clone produced from the severed hand). Furthermore, the Master's description of the Valeyard's genesis was left very subtly vague: "somewhere between your 12th and final incarnations." Note there was no number given to the "final" incarnation. The regeneration to Twelve simply means the Valeyard's genesis could emerge at any time beyond that point, though I would think for the sake of canon continuity the question of his origins will be addressed sooner rather than later: if not in this incarnation then in the next one.
Nevertheless, the Who lore puts twelve regenerations as the measuring stick for Time Lords. But due credit to good writing with intentional vagueness. Going back to "Trial of a Time Lord", I recall the Master describing the Valeyard as having formed somewhere between the Doctor's 12th and final incarnation (a misleading hint—cheeky, but I like it). There is a lot of hints and so on (some from the Doctor himself) that the Doctor's incarnation limit is somewhere greater than 12. But given the lore, I would think they're going to start flirting with the thought more and more as time passes: perhaps increasingly dropping clues and tidbits. I'm pretty sure such tidbits will be a draw for any serious fan.
Re: New Dr.
I only get into Doctor Who recently but have begun to get more familiar with the inner plots and so on of one of the most intricate television series still to air.
To describe John Hurt as a previous "Doctor," and given the increased focus on the Doctor himself (and his past) during Matt Smith's time ("The Pandorica Opens" and "The Name of the Doctor", for starters), I would imagine Series 8 (which will now include the 11th official Regeneration) is going to start getting seriously edgy. I have to wonder if the Doctor won't just end up crossing his own timeline (again) but end up ENTANGLED in it (as in, given no choice but to crisscross it again and again). That would make for a plot where practically anything goes. Any bets?
I was thinking a better bulletproof vest.. If a layer the thickness of Saran Wrap would take the force of an elephant on a pencil point to penetrate, what about a thicker bunch of graphene layers. How well would it stand up to, say, a 30.06 (something I don't believe kevlar was designed to handle—IIRC stopping a rifle round usually calls for sacrificial ceramic in addition to the kevlar).
Re: But 666 is a wonderful number!!
Doesn't roll off the tongue as easily as caustic soda (which is still scientifically correct). There's also the use of the word "caustic" to indicate it's not something to treat lightly, which you don't get from the chemical designation (it's like asking someone not familiar with chemistry to distinguish between sodium hydroxide, sodium chloride, and sodium bicarbonate). It's also specific enough to distinguish it from its cousin caustic potash (potassium hydroxide) where both used to be lumped into the term lye.
As for the COSH indicator, it's not as bound to scientific terminology. They went with the KISS principle in the name of safety.
Re: Users already have fingerprints
"The real problem with this technology for ultra sensitive material, is if someone really wants access to it, they will take what they want to get it; an eye, a finger, something inside you, etc."
Depends. What you really want is a biometric that ONLY works when it's used, INTACT, on the original owner. That's why modern finger scanners don't go for the loops and whorls but rather at the blood vessel patterns which are unique even among monozygotic siblings. The best ones measure the FLOW as well as the PATTERN meaning a detached digit is worthless: no flow. As for the rubber hose route, perhaps a sufficiently dutiful keeper would somewhat damage the finger to the extent that it can't be used for reading anymore, though I suspect a panic finger would suffice as well (different finger triggers a wipe).
Re: But 666 is a wonderful number!!
Actually, in scientific terms, they make the distinction for the sake of precision. An acid reaction is termed corrosive while a base reaction is termed caustic. Either way, the reaction happening to your body is bad. That's why lye is now more properly known as caustic soda.
The problem was that the API for Gecko took some serious leaps in the interim. Look at the differences between Firefox 3 and 4, then 4 and 5, and now the modern ever-evolving browser. Camino's API hooks were rendered obsolete, and there wasn't enough desire to keep up, probably because there were more than enough alternatives on the loose, all of which were better able to keep up with the times.
Re: If Google loose patience with hardware manufacturers again
Actually, Tom got it right the first time. "Loose" as in "let them loose". He's proposing Google get some chip designs for hardware-accelerated VP9 and release them to all and sundry ("let them loose" or "turn them loose"). I suspect there are some hiccups in such a plan, but I believe that was the intention.
- Vid Hubble 'scope snaps 200,000-ton chunky crumble conundrum
- Updated + vids WHOA: Get a load of Asteroid DX110 JUST MISSING planet EARTH
- 10 years of Facebook Inside Facebook's engineering labs: Hardware heaven, HP hell – PICTURES
- Very fabric of space-time RIPPED apart in latest Hubble pic
- Massive new AIRSHIP to enter commercial service at British dirigible base