3696 posts • joined 10 Jun 2009
"Actually, it raises an earlier question. "Are they lying in order to keep their well-paid jobs?"
And that's not a hard question to answer at all...."
That just raises the hard question right back: Are selfish toadies the inevitable result of our system because they're willing to do immoral things? If so, like I said, the cutthroat competition will progress and we'll inevitably slide towards autocracy (one winner) or anarchy (no winner).
A new stock phrase will enter the lexicon.
Just as "We can neither confirm nor deny" entered the common vernacular, I think we can safely say the next such phrase to join it will be, "By this statement, we the owners and operators of this site hereby swear that we not under the active investigation, cooperation, or influence of any government agency."
PS. Wonder how long before they amend perjury laws to make it both legal and mandatory to lie under oath to conceal matters of national security.
The thing is, if most humans are cowards, then the Coward condition IS essentially the Human condition. Remember, they can outvote us. Intelligent but principled humans are destined to lose because, being principled, we're unwilling to exploit the cowards. Since nice guys finish last, only the most ruthless systems prevail, meaning we gravitate to extremes where extremists prevail.
"They are there to enforce justice, not to prevent things before they become crimes."
Except for most people, the commission is too late. What comfort is arriving at a murder scene after the fact. They'd rather the murderer be caught before he kills. See the problem? More and more, the commission is too late, as the perp has probably gotten away or the victim is beyond repair.
They're basically saying, "If we don't, someone will use this and launch an attack that will DESTROY the United States." In other words, they're claiming an existential threat: the worst there is. Against such a threat, no holds are barred.
Thing is, that raises a "hard" question. Is it worth protecting freedom when that same freedom can also destroy you utterly? In other words, instead of "Live Free OR Die" it's actually, "Live Free AND Die"?
What if the human condition won't allow for a happy middle ground between totalitarianism and anarchy, at least on the grand scale, and society will inevitably gravitate towards one or the other whether we like it or not?
Re: IPV6 IPV4
That's probably because 2 billion of them are sharing only a handful of addresses. Ah, the marvels of NAT... (Pardon, using Troll as best substitute for Sarcasm Mode).
Thing is, challenge or not, some things just prove too hard a nut to crack.
Take the Nintendo Wii's boot1 system. It's a tiny program encoded with an encryption key buried in the OTP memory only visible to one of the processors. The key never leaves the processor. in any way, shape, or form. After Nintendo fixed an exploit, the end result was that boot1 secured boot2, which prevented certain types of hacking. To date, no one's broken boot1 or found another way to access boot2 to restore the low-level hack.
Many SoC systems that run things like tablets have similar hardware-based chains of trust. They rely on the same principle: the initial boot code is signed by a key unique to that processor (and it's a key pair--one of which is kept in the processor and can never be changed, the other is kept by the manufacturer under lock-and-key). To date, I don't recall too many of them having been utterly broken except by slips in implementation. Properly done, most hackers go AROUND the problem, which may not be an acceptable solution depending on what is needed.
Shows that SOME implementations can be done right to the point that even the most determined hacker can't get through.
Re: No need to break the scheme to avoid jail
Don't most of them lock the card until you register it (as in submit your identity)? At least that's how I see it work in the US.
Re: Digital signature conundrum
"Or perhaps get a dozen, twenty or even a hundred legit watermarks from hacking, social engineering and or volunteers, then liberally paste ALL the watermarks into the pirate copy. Call it the " I am Spartacus" defence. How would the industry prosecute if they can't pin it down to one person?"
Probably with the Ring Sting technique: BUST EVERYBODY!
Seriously, these watermark people aren't stupid, and you have to figure out which part is part of the watermark, which part is part of the real image, and which part is red herring, and odds are, due to the encoding technique, no two copies will carry identical segments, meaning fingerprints are smeared across the ENTIRETY of each individual copy. Plus, I suspect the watermarks could be encoded with some form of parity correction. Think instead of bits of the ID scattered across the movie, you have bits of the ID along with with perhaps triple or quadruple parity mixed in with it. WIth parity, all you need is some piece of the original and enough parity data to fill in the gaps. With that kind of setup, cutting and pasting probably won't be very successful in removing the ID (the pieces would probably contain at least one original chunk and enough parity) and may in fact result in revealing multiple IDs which can then be Ring Stinged.
Re: Digital signature conundrum
"But there's a big flaw in the plan. Watermarking is all very well for streaming, but the bulk of sales are still plastic discs, and the process of mass-production doesn't allow for them to contain unique versions. So as soon as one playback device is compromised, it all falls apart."
BluRay shows a way around this: the ROM-Mark, which is stored in the Burst Cutting Area, the part of the media between the pits and the spindle hole. They can design the plastic media to have two areas: a pressed area and a burned area. The burned area would be processed with a quick technique to slap on a number of keys in some standard way. As for preventing them being read, perhaps they can only be read by a certified device built by a licensed and bonded manufacturer (like with the ROM-Mark devices) which invoked a trusted path technique to be sure the device hasn't been tampered. It's like the article notes: hardware-based tamper-evident roots of trust.
"Do you think a pixel precise time based watermark will successfully survive the rip, resize and transcode to be able to successfully determine with reasonable certainty which source the transcode comes from?"
The thing about watermarking systems is that they recognize the potential for mangling the watermarks through transcoding, so they go about it in different ways, using the codec system to create various artifacts that can survive transcoding, and many of them are block-based as well as time-based. That's why Cinavia's audio watermarking system is better than most: it's designed to keep its data above the noise floor so that it's more likely to be preserved in transcoding. Most watermarking systems like the Cinavia one also introduce plenty of redundancy, creating multiple gotcha points. The tradeoff for a system this robust is that you can't encode a tremendous amount of data in the stream, but if all you want to encode is identifying information, that's not that big a deal. A robust system spraying the ID information all over the stream, again and again and again in random intervals. It's gonna make for a very hard cleanup job. And you can forget about trying to mix and average two streams. Random intervals means you're more likely to MIX them together rather than destroy them (IOW, they'll be able to tell you used TWO sources in an attempt to mangle the data).
Re: Pinning the activity record to a persona
You're not paranoid enough.
"As regards 2, why can I still walk into PC World and buy a t-mobile mobile internet dongle for £10 cash then put credit on it using cash with the payment card enclosed in any newsagent? If I use that with new hardware (no previous network use) you don't know who I am. And can't."
Oh heck YEAH I can. The phone can track its general location from the network masts it accesses (you can't avoid that; it's part of the system), and if your phone has a GPS receiver, that'll nail you down to within a meter. Now just pass by SOME camera that's either posting to the Internet at large or is accessible to the plods and BANG: face linked to a space-time stamp. More than a few crooks have been nailed by that kind of link (if not cell phones, then ATM records or the like). And good luck avoiding the cameras. Like I said, they don't have to be owned by the government for them to be able to access them. That includes things like cell phone cameras and store surveillance systems. Big Brother's got plenty of buddies.
Re: Miss Information
"I am in scandinavia and lo, something called "SwedishNSA" appears to be a participant in my part of the network."
Credits to milos that's a joke name. Given my very limited understanding of Swedish, the appropriate initialism for what would be Sweden's national security agency (if any) would be a different arrangement altogether.
Re: If it pisses off the Spooks
"Are there particular jurisdictions where you could host an exit node with less concern about the potential legal blowback?"
I don't really see any. The exit node problem is basically the same as the "trusted storage" problem: the authorities there can get access to the data in either case, and if it is against their law, BOBHIC.
In such a case, DTA seems to be the operative procedure. Anything that's friendly to the west is likely friendly to the US, which means friendly to the NSA. Out of what's left, you have (1) regimes even more oppressive or domineering like China and North Korea, (2) countries that, while not oppressive, still have their own rules you probably wouldn't like, or (3) countries whose internet is basically too weak to use.
Re: Commercial fusion may not be as far away as you think
"Tritium has to be manufactured in fission reactors by exposing deuterium to neutrons."
Actually, another way to get tritium is to bombard lithium-6 with neutrons. You usually end up breaking it into tritium and stable helium-4, plus a decent amount of energy to boot. That's why many countries are keeping tabs on lithium supplies.
"There is an abundant solar resource 20km straight up in the low stratosphere that triples the solar resource available. This holds the promise of reducing PV electricity cost by a factor of three very quickly, while still benefiting from the long term PV cost reduction. This offers a solution for affordable electricity now rather than waiting and hoping for the next twenty or more years. An acceleration in volume from increased adoption of cheap PV electricity reduces its cost and gets to cheap synthetic fuels."
Except for two things. First, how do you get the PV array that high up and KEEP it up there? 20kn is still well within Earth's gravity well. At least in space, you can park in geostationary orbit or at a Lagrange Point and not expect it to drift away and/or fall. About the only way you could achieve this with positive energy return is to build a space elevator first.
Second, and this one applies to the space solution as well, how do you get the energy back down? A 20-km-long umbilical would be impractical (see the space elevator problem), which means it would have to be transmitted wirelessly, probably by laser, but then there are plenty of horror stories about solar-powered lasers being hacked or going awry and causing havoc. Plus you have to account for some of the energy being diverted into and absorbed by the atmosphere, which could have long-term issues of its own.
These systems typically use cathodic protection: either galvanic or impressed-current (the larger the ship, the more likely it's the latter). Thing is, cathodic protection relies on the consumption and eventual replenishment of a metal anode like zinc. Since ships are regularly dry-docked, replacing their anodes is easy enough. An impressed-current system allows for the anode to be placed elsewhere where it can maintained more easily, but it adds a power requirement. At least oil rigs tend to be manned while in use. The same can't always be said of windmills.
Well, it's a consideration. Would probably depend on the turbine's current generation. If it's DC, it wouldn't be difficult to tap some of it to apply an impressed current. Thing is, you'll still need a metal anode for the process. It would all depend on the conditions whether or not a galvanic or impressed-current system would be practical.
Re: Not so big a snag.
Then you forgot how much a 3DO system COST in those days. THAT was what killed the 3DO and the Apple Bandai Pippin. Both were going some $500 when the original PlayStation was capped at $300, and neither one could justify the added expense (Sony could undercut because they had some vertical integration, much as Commodore did in its heyday).
But these days, barring the extreme high end, a PC costs pretty much the same for a given spec: perhaps a tad more if it's prebuilt.
Re: They seem to be doing everything right, apart from...
That's the thing. AMD's Linux support isn't as robust as nVidia's. The fglrx driver series isn't as well-developed, and support for GPGPU and GPU-assisted rendering is a little behind the times (ex. XvBA, AMD's answer to nVidia's VDAPU for GPU-assisted video rendering, falls flat on my rig, and GL rendering is buggy as all getup). Plus, at present, TF2 doesn't run as smoothly as it did on my Windows install, so not everything's there, it seems.
Not so big a snag.
Note that ALL the CPUs are Intel-brand Core i-series and ALL the GPUs are nVidia-brand. within a generation of each other, and all using the same driver set. The spread is among those two brands, and they're all essentially compatible with each other. Some are just beefier than their brethren, which means if it runs on one of the boxes just fine, it'll run on ALL of them (some not as well, but at least it's not going to break). So in this case, Valve is looking for a reference spec they can say, "build to this and we can vouch for your experience".
Valve is essentially doing that I'd been thinking about for some time: opening up a gaming console by essentially setting a reference design and letting other companies use that as a basis for their own Steam Machines. I'm pretty sure they won't get the designation without some compatibility testing, but Valve is getting into the console market without having to tie themselves too tightly to hardware, and since we're talking the mature PC market (a market SO mature that BOTH Microsoft AND Sony essentially chose it for their new consoles--consider THAT), problems will probably be few and far between these days.
Re: I wouldn't mind one
HDMI has been a standard feature of video cards for a while now. They even now come with basic sound chips to make the HDMI output basically feature-complete.
Re: Way to miss the dick in your digestive tract
"You must be thinking about the $17 TRILLION* bailout given to Wall St. by... wait, who was controlling all three branches of the government in 2007?"
It was SPLIT in 2007. No one party controlled the entire government. Dems retook the House in the 2006 elections, giving them control of the ENTIRE Legislature (they'd been holding the Senate for a while and still do).
Re: Will Google change sides?
Conceivably, yes. They wouldn't be very popular, yes, but it's similar to those exit ramps that are only useable by ETC users--cash users are barred.
Re: Why people don't move on
And what about those people that got XP-prebuilt computers and have no desire or money to step up the OS, meaning they're stuck with the OEM XP and the sticker on their machine? Plus the software they're using isn't Linux-, WINE-, or VM-friendly, meaning they're stuck with the machine, essentially.
And you wonder why they're so far behind? Because clean-rooming an entire OS with all its quirks is, simply, A SLOG. Especially when under the legal onus of VERIFYING their clean-room procedures (a slip of which caused a complete code review at least once). Plus they're chasing a moving target in that Microsoft has released three new versions of Windows (which include significant revisions) in the meantime.
I think a lot of it depends on the speed of innovation in a particular market niche. For your VMS example, what other forms of hardware changed in the meantime, and how quickly did they emerge? Did VMS have to negotiate other, more fundamental hardware changes like a change of bus structure, a change of memory mapping or memory type, a transition of peripheral card or drive bus design, etc?
In the 13 years since Windows XP was first released, we've had:
- A transition from AGP to PCI Express, which in turn has had two improvements on top of it.
- GPU has evolved from a dedicated side processor to a more general-purpose processor that can be used advantageously for certain tasks, meaning heterogeneous computing: something relatively novel in the PC world.
- A transition from USB 1.0 to 3.0, with corresponding changes in the command structure to account for the new SuperSpeed bus.
- A move from 32-bit to 64-bit as well as the mainstream acceptance of multiple-core CPUs.
- A shift from Parallel to Serial ATA, and along with it a different address mode that isn't necessarily legacy-compatible.
- Solid-state drives became mainstream, ranging from bus-mounted to slot-mounted, and each with its own quirks concerning optimal performance and service life.
- The new Extensible Firmware Interface (EFI) to supplant the BIOS.
- Hard drives so big they basically REQUIRE said EFI to function properly (you can bodge it, yes, but your mileage may vary).
- At least two jumps in major motherboard architecture (brought about due to competing CPU manufacturers), which also signalled the shift of memory controller from motherboard to CPU.
- Memory tech has kept moving on, from DDR to DDR2 to DDR3 on the mainstream RAM font with even more exotic solutions appearing in the enterprise.
I probably missed a few things here, but the main point here is that a lot's been going on in the meantime, and given the breadth of those changes, it can be tricky to be able to handle ALL of them relatively smoothly (because you never know when one of these will change a low-level function).
Re: What about fitness-for-purpose?
But technology still marches on. Specifications can change, like they can for cars (When was the last time you could buy leaded petrol?). Software can still become obsolete (and faster than cars because of the speed of the industry--lifecycles in a few years).
Re: Doomed to repeat...
Quite frankly, target platforms are ALWAYS a moving target. They keep changing, and there's no way to predict where it'll go next. Perhaps in a few years web apps will no longer be trustworthy because of hacking/BIg Brother issues, forcing a return to local apps. Only thing is, will you need to code for Android now because powerful Android devices are now working as desktop replacement (just a scenario)? Technology moves so quickly compared to human thinking that it's hard to plan for it; it's like trying to catch a fly in midair (you never know which direction it'll go next).
Re: Yes, but...
"I can't think of too many practical technologies that weren't theoretical technologies first.
So, 'Good show,' say I, and have a pint."
The trouble is that you show theoretical tech that, nine times out of ten, never makes it out of the lab. This isn't the first time we've seen data-crystal tech in the lab, but in the 20+ years, how far has it gotten? Why can't we use data crystals NOW?
I don't mind all this theoretical tech. Just don't GRANDSTAND it. Save it for when your drive appears in a Best Buy or something.
Until then, I'll have that pint another time.
Tell that to that one Congress during the Kennedy Administration (I think) that got a whole lotta Fifths. The thing is, if what you are compelled to disclose could result in the revelation of culpatory evidence, you are at risk of self-incrimination. I'm sure a lawyer could make a case on those grounds and drag the proceedings for months if not years.
Re: "Just short of a criminal act"
"That was a complete bullshit thing to even say. Our legal system doesn't work that way. Something is a crime or it isn't. It isn't part of the judges or prosecutors job to prove something was almost a crime."
But the thing is, you can't ban something RETROACTIVELY. It's forbidden in Article I, Section 9 (along with Bills of Attainder and a few other things). They can only punish for present or future activities. But since Lavabit's turned off, there's no more present or future activity, and they can't force him to turn it back on because that would mean retroactively banning turning it off.
Re: "Just short of a criminal act"
They can't. The reason it was "just short" was because he closed it before they could actually perform a realtime subpoena. As it stood, he altered the situation so that any request they demanded would be considered retroactive, which is explicitly forbidden in Article I, Section 9.
Oh? What if his OWN account was in the bunch and turning over the keys would mean potential self-incrimination, which is explicitly forbidden by the Fifth Amendment? Then he can argue he has to obey a higher authority (as the Constitution is the highest law in the US).
Except the US has that base covered, too. Most other western-friendly countries have cooperation agreements if not outright mutual defence treaties with the US, meaning if the US makes a decent case, they'll do the work for them. The only other nations left then are those hostile to the west like Russia and China. Problem is, they have their OWN agendas and are just as bad. IOW, you're gonna bend over no matter where you go.
Furthermore, at least the US didn't threaten to jail him for not disclosing the key: just fined him. The UK has a law in the books that demands a minimum two years for the same offence. In fact, I'm surprised he didn't put HIS OWN account into the same mix and then plea the fifth, saying disclosing the private key would compromise his own account, potentially resulting in self-incrimination.
Re: Install a Kill Switch?
ISTR the second amendment prevents the government from seizing legally-owned firearms, yet that happened quite a bit in Louisiana post-Katrina. At least one incident made the news. The justification? Martial law.
I would think a similar 'threat to national' security that uses a different part of the Constitution might be used to override the Fifth Amendment on the grounds that, without it, the US is doomed, rendering the Fifth moot anyway.
Re: Would the Supreme Court hear the case
"I believe they already did. An appeal was filed by EFF on the first or second week of the Snowden scandal and the court promptly declined to hear it."
So what if another firm makes the same appeal, and another and another. There's such a thing as persistence. Eventually the SCOTUS will decide hearing it and answering the constitutional question is preferable to having to refuse to hear appeal after appeal (once the question is answered, any further appeals to the same--now answered--question can be ignored).
Re: Now wait just one fscking minute here...
There's more than one court in the US. Courts of Appeal and the SCOTUS come to mind.
Re: OK, but where was it hosted ??
1. Know enough about the trail and you can find an .onion site. El Reg covered this previously.
2. If the host country is friendly to the US, chances are they'll be willing to cooperate.
Re: Doesn't need TOR-cracking abilities
Also seems to indicate the host is not in a country hostile to the west.
Re: dread pirate roberts
Could be tricky. Mt. Gox is based in Japan.
But why bother?
Okay, so some of the less-effieicnt devices may draw a bit while plugged in, but most devices on standby literally sip the power when not in active use. I think El Reg once did an article about it and found the power draw they did on standby amounted to pennies a day, at worst a few bucks a year. Meanwhile, cutting the power in and and out hard like you would with a strip increases the risk of introducing a shock to the system which can damage the sensitive electronics.
Re: 52 quid for a block of plastic?
The problem is that you can't just use any ground-up thermoplastic. There are so many different kinds of plastic that quality can't be assured with recycling. For example, you can't just grind up polyurethane and expect to be able to use it again (it's a thermoset plastic; once set it STAYS set). Plus, what happens when different kinds of plastic mix?
For that matter, just what kind of plastic is being used in this machine? PVC? PE? PP?
Re: Expensive toy, at best.
Hey, if they can pack this thing down to a chip that fits on a watch, what's stopping someone using the same chip design as a time source on a server. It may be overkill for most businesses who can just turn to the NTP time pools, but perhaps this can diversify the time source pool, make it more reliable. And any firms that need highly-accurate time could consider such a device if they don't have a similar source already. If the watch only costs $12,000, then something else using the same chip would probably stay safely within five figures and be something worth considering for a firm that routinely handles seven figures or more.
Besides, one big safety recommendation these days when connecting anything with a notable amount of power: connect the EARTH line first. USB and all the other modern plug designs follow that principle by making sure their shields (the normal use for shields is for earthing) touch first. You can't do that with the headphone-type plug. Part of the challenge you're looking it is to have a standard that follows the earth-first procedure, can carry both power and data, is relative easy to use and cheap to design, is thin so it can fit thinner phones, and put most of the wear-and-tear on the plug since it's easier to replace (thus why all the spring clips on a Micro USB setup are on the plug, not the socket like it was with Mini USB). Sure, Lightning ticks all the boxes, too, but it's not open, and it's not in Apple's interest to keep it open. Indeed, anyone with a proprietary design will be against openness since they'll seek lock-in. Allowing competition for a plug standard sounds fine until you have a dominant player with a the ability to push a standard only it can ever use.
Re: Micro USB
Perhaps not analogue A/V, but HDMI support came with the MHL (Mobile Hidef Link) standard. MHL 2.0 (seen in the Galaxy S4 and later devices) can do full 1080p. And HDMI supplies both video and audio.
Re: Have you seen the new micro USB 3.0 cable?
It's not so bad when you realize (like with its big brother), you can use a USB 2.0 cable on it no problem. You just don't get the top speed out of it, which may be fine for some people. The USB 3.0 spec is designed to be backward-compatible with the older cables specifically so older cables can still be used on them.
Re: MicroUSB poor standard
Well, MicroUSB was designed for two things: thinner phones (it's a thinner plug) and wear issues (most of the wear-and-tear falls to the plug, which is easier to replace than the socket).
Re: Trolls used to be found *only* under bridges
"3) Patent officers who reject a patent get to keep a small %age of the forfeited deposit"
It'll never work. They'll just reject out of hand and become (like Congress) masters of contriving excuses. And due to human nature, you can't force the fairness into the system because humans are inherently corruptible. Yet you can't have anything-goes either or inventors will never develop for fear of copycatting (that's the main reason modern patents exist--to stop copycatting for a reasonable period).
Re: Fix the system
Techniques CAN be patented. After all, you could implement the technique on a chip or a mechanism, making it hardware instead of software and mooting the point. The problem is the LENGTH of the patent because the software industry moves so quickly that two decades is about ten software generations. Cut the length down to about 3 or 4 years (and adjust the lengths for each industry as well) and it becomes a lot fairer.
- YARR! Pirates walk the plank: DMCA magnets sink in Google results
- Pics Whisper tracks its users. So we tracked down its LA office. This is what happened next
- Review Xperia Z3: Crikey, Sony – ANOTHER flagship phondleslab?
- OnePlus One cut-price Android phone on sale to all... for 1 HOUR
- Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know