* Posts by Charles 9

8177 posts • joined 10 Jun 2009

Google AdSense abused to distribute Android spyware

Charles 9
Silver badge

Re: The gift that keeps on giving

2) I recall CNN got hit with a drive-by in the past, so it HAS happened.

3) For many the Internet is like the telephone was: an essential point of contact with your line of work and so on. Basically, unplugging means Walking On The Sun.

0
0
Charles 9
Silver badge

Re: Liability for this sites with the web site owner!

"Personally I would rather have an internet with no advertising and if some sites go to the wall so be it."

Even if one of those sites was your one and only favorite hobby site? And before you say another will pop up, why hasn't that happened for Kickass yet?

0
0
Charles 9
Silver badge

Re: @AC

So you see, put this (or another Towelroot-like exploit, a KNOWN silent install) together with Quadrooter (many phones out there use Qualcomm SoC) and you've got a very dangerous situation here, especially since the bulk of the vulnerable devices out there are EoL and made by companies out of the reach of any law enforcement who cares.

1
0
Charles 9
Silver badge

"Don't you muppets realise the most click ads are the most simple (Google & Bing search results), not some 50mb video with some shite music blaring out, all because I had the nerve to scroll down the page."

They do. They also know they don't get clicked as people get numbed to them. It's been that way for over 100 years, as E. E. Smith even wrote about it in First Lensman, which dates back to WW2. It's hard to get through to a jaded mind, but it's their job.

0
0
Charles 9
Silver badge

Re: Sue, sue and sue again

Then it'll never happen, simply because many of the firms have become transnational, meaning they can pit sovereignty against nations that want to interfere.

0
0
Charles 9
Silver badge

Re: no additional clicks

Maybe it really IS a "silent install" trojan, which could then use that other exploit mentioned last week or so to elevate to root and wreak havoc.

Do we have an indications this is a silent install?

4
0

Google's brand new OS could replace Android

Charles 9
Silver badge

Re: How does using the Linux kernel prevent Google from distributing Android updates?

"Why would manufacturers be more keen to accept a demand for no proprietary drivers or other binary blobs in the new OS than in Android?"

I think the idea is that if more of these blobs can be moved to Userland, the kernel is easier to update whether they're updated or not. In other words, the kernel doesn't have to be held hostage by patent-protected hardware whose code is only provided in blobs at the manufacturer's pleasure.

1
0
Charles 9
Silver badge

Re: How does using the Linux kernel prevent Google from distributing Android updates?

"Although it's not settled law, contributing code to the kernel triggers the surrender of enormous amounts of software AND hardware patent rights to Linux and anyone else who wants to use it, thanks to the GPL poison-pill-patent-clause license."

Incorrect. The poison-pill clause only exists in GPLv3, while the kernel by necessity (due to the wide codebase) is still at GPLv2. Anyway, containerization provides a way to safely run proprietary, patented code in an open kernel without surrendering patent protections.

0
0
Charles 9
Silver badge

Re: Fuchsia

Until it can run Crysis (3), it'll be a nonstarter as a Windows-killer. Games remain a killer app there.

2
0

So what's the internet community doing about the NSA cracking VPN, HTTPS encryption?

Charles 9
Silver badge

Re: Shor's algorithm

They're working on post-Quantum algorithms using lattices and so on. Thing is, most of them have holes in them.

0
0

WD: Resistance is not futile

Charles 9
Silver badge

Re: Promises

Forget the jetpacks and flying cars. The big problem with them is simply sheer physics. It actually takes quite a bit of energy to get a body as big as our off the ground and KEEP it up there. That's why you don't see birds as big as ours nor with bones as massive.

2
0

You say I mustn’t write down my password? Let me make a note of that

Charles 9
Silver badge

Re: password manager

"I only remember my master and SSO password"

But what if someone manages to steal THAT password?

0
0

'Daddy, what's a Blu-ray disc?'

Charles 9
Silver badge

Re: Skeevy bastards

Pixel dimensions IS the resolution. You're simply describing the pixel density. Otherwise, why is it that we change display resolution when we go from say 1080p to 720p? Why is a picture file's dimensions described as its resolution?

2
0
Charles 9
Silver badge

Re: Daddy, what's a strawman?

"In theory AACS already provides that. Disks have unique Volume ID. Except it would require the player to be connected to the interwebs to receive revocation. And CSS has been broken anyway."

They uses a proprietary system, and IIRC certain 4k discs REQUIRE Internet access and say so on the case (the ones that don't, they don't care about too much). Combine this with an industry-standard secure protocol and the odds are they won't break it this time (and to be fair, they've learned, most consoles from the seventh gen on have been very hack-resistant) since breaking those algorithms have more serious implications.

0
0
Charles 9
Silver badge

Re: Daddy, what's a strawman?

Wait until the discs get serialized and have a shelf life. You know it's going to happen eventually as the publishers want to move everyone to a forced rental model, which will also put an end to the First Sale Doctrine.

1
1
Charles 9
Silver badge

Re: Skeevy bastards

Resolution actually is an AREA (TWO-dimensional) measurement. Thus why you normally need TWO numbers to describe it properly (width and height or whatever you want to call them). The end result is a PRODUCT telling you the exact number of pixels the screen contains. An UHD does indeed contain exactly four times the number of pixels a 1080p screen does. Simple math will demonstrate. You double each dimension so you multiply each one by two. Multiplication is commutative so you can move each 2x to the side and combine them to get 4x the original resolution. Thus doubling both dimensions quadruples the pixel count (what we could call the resolution, which is always shown as a product).

2
0
Charles 9
Silver badge

Re: quality..

"Paying for a gaming video card that can do 4k , is an extra dimension of pointlessness . Unless you are playing the game in a CINEMA"

Or are using a very large screen in the traditional position of a computer monitor (just a foot or two away) meaning you can actually see the pixels that close up and being able to discern detail from a longer distance can make a difference in say an FPS where you're in a sniper duel.

4
0
Charles 9
Silver badge

Re: quality..

"Yup - and if you want you can record that "warmer" sound into flac format (or onto a blank CDR), and you can then listen to an exact reproduction of that "warmer LP sound" wherever you are... you can even close your eyes and pretend that there is spinning vinyl somewhere nearby :)"

Isn't the problem here that you really CAN'T capture the full vinyl range even with FLAC because vinyl is an analog medium and therefore works on a continuous range (it operates over the R set, so to speak) whereas FLAC is digital and therefore has a discrete range (say in the Z set)? Now, Z ⊂ R but R ⊄ Z, meaning there's no physical way to fully duplicate the analog vinyl range on a digital FLAC; the best you can do is get a very close approximation.

1
9

ISPs face piracy sue-balls

Charles 9
Silver badge

Re: Relax kids

But we're talking servers placed in non-American countries. Doesn't the word "sovereignty" tend to get in the way here?

0
0
Charles 9
Silver badge

Re: Relax kids

If KA was complying, why were they raided and taken down?

0
1

Adblock Plus blocks Facebook's ad-blocker buster: It's a block party!

Charles 9
Silver badge

Re: If you want to use Facebook with control over content

Bet you soon you won't be able to use that without blocking actual content, too.

0
0
Charles 9
Silver badge

Re: Where's the off switch?

Such a solution already exists. However, the problem with community-based solutions is that they expose the OTHER costs of keeping up systems like Facebook. In this case, you get hit with bandwidth usage.

0
0
Charles 9
Silver badge

Re: Don't forget 'connected' TV's

"It's connected to mains and an aerial. Both are strictly one way."

BZZZT! You've never heard of powerline networking, have you? And yes, they have ways to send them down upstream power lines, last I heard. The bandwidth is the pits right now, but that's all you need for demographics data.

0
0
Charles 9
Silver badge

Re: arms race

"There were multiple communication channels in existence on the net years before Facebook came along to monetise it. They are still viable. If Facebook and the online advertising industry were both to disappear from this Earth today people would still communicate."

In the years before Facebook, the post was cheap enough to be useable. Not anymore. Now, like I said, it's Facebook or Bust.

0
0
Charles 9
Silver badge

Ad blockers can be tuned more precisely, allowing you to handle the situation where the ad server and the content server are the same.

0
0
Charles 9
Silver badge

And if you're looking for something where an ad for it just happened to be on the TV before, you will unconsciously leap to that one first because it's the freshest instance of what you're looking for on your mind. That's the true magic of ads; they affect you subconsciously, lodging in your memory so that when the time does come for something of the sort, it automatically registers because it's exploiting the way our brains work.

0
1
Charles 9
Silver badge

Re: Thought I'd add... (not ad)

The kind of people you're talking about, this stuff probably turns them on.

0
0
Charles 9
Silver badge

Re: There's no way publishers win this war

The publishers however, can employ techniques that are not conducive to surgical strikes.

Facebook, for example, can take the "take hostages" route (similar to unscrupulous guerillas sticking to hospitals, religious places, etc.) and simply make ads indistinguishable from content: likely by "baking it in" by putting text ads inline with articles and baking ads into graphics, then using random-looking hashed names (so they can track each visit) for everything universally so good luck with a pattern search. NOW how do you strip the ads without collateral damage?

And remember, the server can tell whether you call up something or not, and if you fake loading something you waste your bandwidth, which for many is at a premium.

0
0
Charles 9
Silver badge

"For a site with any sort of automated content, the ads will pretty much always be surrounded by some sort of standard DIV or other handy giveaway that the Ad Block regexps can sniff."

Not if the element name is random (or worse, hashed, so they know what it's about but you DON'T). How will you be able to tell them apart NOW? And before you say "I'll just watch for the word "advertisement", they'll make a graphic out of it with a hashed/random name. NOW try picking it out without resorting to OCR.

0
1
Charles 9
Silver badge

Re: Don't forget 'connected' TV's

You don't even need a connected TV. The BOX is ALREADY connected to the provider AND talks back (for plan enforcement if anything else). They're nearly more reliable than Nielsen boxes when it comes to demographics (where Nielsen is better is that they can handle multi-watcher homes).

0
0
Charles 9
Silver badge

Re: arms race @Charles 9

"Facebook is far from being the only way to keep in touch. One almost forgotten solution that has been around for more than a couple of decades is Internet Relay Chat (IRC). Set up your own private channel for family and friends and then you can have multiway chats, transfer files, etc. No need for your family pictures to become tagged, geolocated, recognized and otherwise processed property of some data slurping corporation."

You underestimate the capabilities on the other end. There, Facebook is SEPARATE the Internet on cell phone plans, which costs extra, meaning ANYTHING related to the Internet (e-mail, IRC) EXCEPT Facebook is a non-starter. And given that cell phone reception there can be hit or miss, something that doesn't require a constant connection, like Facebook, is preferred.

Basiclly put, it's Facebook or Bust. And if they're pretty much the only family I've got left, going without means going total hermit.

4
4
Charles 9
Silver badge

"When will the ad pushers realise that most people don't want adds pushed in their faces when they visit a web page?"

They DO realize it, BUT they only need ONE hit out of the unwashed masses to make it ALL worthwhile. Think about it. ONE hit among BILLIONS and it's in the black. They've essentially got nothing to lose.

2
0
Charles 9
Silver badge

Re: Simple, innit?

Basically, a fast-flux system. That's how malware barkers evade domain blocks.

0
0
Charles 9
Silver badge

HDMI can already detect when the TV attached to the box is on or off, and a little electrical magic can achieve the same for analog plugs (thus auto-sensing TVs), so that's sorted.

0
0

Nobody expects... a surprise haemorrhoid operation

Charles 9
Silver badge

Re: *urph*

"Had to show that to get wee bugger out of the nursery, and a couple of times security asked to see our bands whilst I was wandering about the horsepistol with him in the snugli."

Blame that on too many instances of baby-snatching, some of them by women who could swear up and down (and pass a polygraph in so doing) that the baby is hers even when the DNA tests don't match.

1
0
Charles 9
Silver badge

They'd probably have to write it off. The traveler will likely never be in a position to pay, and all remaining parties can cite legal protection or sovereignty.

0
0

Air gap breached by disk drive noise

Charles 9
Silver badge

But still, I wouldn't really start worrying until someone found a way to make an airgapped computer exfiltrate data without installing anything in it first, allowing it to work on a pristine or even read-only boot image.

6
0

Adblock Plus blocks Facebook block of Adblock Plus block of Facebook block of Adblock Plus block of Facebook ads

Charles 9
Silver badge

Re: I find the best way to avoid adverts on Farcebook...

"If you want to get in touch with me, get a phone, pay a visit, send an owl, send an email. I see no need to enrich someone else with my personal data just to allow another communications channel."

Bad reception, can't afford it, can't afford it. And he's practically my only immediate family, so while YOU may be willing to disown your family over demographics, I'm not. Family comes first.

4
1
Charles 9
Silver badge

Re: I find the best way to avoid adverts on Farcebook...

"The answer is in the excerpt.... feature phone."

You didn't read the whole thing. I mentioned shoddy reception. At least Facebook is a lot like SMS: it works opportunistically (and BTW, SMS costs more than Facebook over there). And compared to back home, we get off light with advertising. Ads over there are everywhere: printed on tarps, plastered on any wall where there's space, legal or not.

2
0
Charles 9
Silver badge

Re: I find the best way to avoid adverts on Farcebook...

"Someone important only has FarceBook? Which institution do they come from?"

Countries where Facebook is free and loaded on to feature phones there while the Internet (including e-mail and all that) is at a premium. Yes, it really exists; try going to some of the less opulent places in southeast Asia.

As for cutting them off, that's kinda harsh for a member of your immediate family (not to mention culturally improper over there).

3
12
Charles 9
Silver badge

Re: I find the best way to avoid adverts on Farcebook...

"...is to not use Farcebook."

And what if the only point of contact you have with someone important (like a member of your family) is through Farcebook because they don't have e-mail or a reliable telephone?

13
64

Hilton hotels' email so much like phishing it fooled its own techies

Charles 9
Silver badge

Re: Newegg

This sounds like the reverse in this case. Someone's probably trying to establish an account in your name and used your e-mail address. Perhaps you should contact newegg and tell them you didn't create this account and that someone could be trying to usurp your online identity. Meaning you should start snooping around your contact details.

0
0

Bungling Microsoft singlehandedly proves that golden backdoor keys are a terrible idea

Charles 9
Silver badge

Re: Securer boot

You know that's over a year old, and the Win10 free update year has run out since then yet we haven't heard complaints about Win10 systems that are impossible to downgrade because of something like this (they can create keys that work with Win10 ONLY, you know?). Sounds like something that was backpedaled before release.

0
0
Charles 9
Silver badge

Re: "Security of Everyone" - WTF?

"Like encrypting all your files, plus all your backups if they're in an accessible disk or network drive, and then demanding bitcoins."

Nuke from orbit and then restore from an OFFLINE backup. Is it really that hard?

Some boot/EFI malwares, however, can SURVIVE a nuking.

0
0

If you use ‘smart’ Bluetooth locks, you're asking to be burgled

Charles 9
Silver badge

Re: Masterlock: keeping standards as low as possible

And if someone happens to walk up and ask what the **** they're doing?

0
0

Microsoft researchers smash homomorphic encryption speed barrier

Charles 9
Silver badge

Re: The key is not stored

"The argument from incredulity is a logical fallacy that occurs when someone decides that something did not happen, because they cannot personally understand how it could happen."

It's also called being properly paranoid. Don't trust what you can't understand, especially in a world where it's hard to trust ANYONE; you're as likely as not being taken for a ride.

0
0

How do you securely exchange encrypted-decrypted-recrypted data? Ask Microsoft

Charles 9
Silver badge

Re: Magic encryption dust

Why not just explain things in a way the average computer user can understand, because we frankly can't take your word for it (not that we can actually FIND your word on the matter, you show a list of works with your link but not a SPECIFIC link that explains how you can do part of the work with part of the key and still not know enough to decrypt the rest, sort of like how one can manage to open a door partway with only part of a key and yet not use the crack you open to get it the rest of the way.

0
2
Charles 9
Silver badge

Re: Homomorphic encryption

Except it's way too slow, especially for complex calculations, IIRC. Plus we have no assurance the homomorphic system doesn't have potential holes in it.

0
0

Boffins' blur-busting face recognition can ID you with one bad photo

Charles 9
Silver badge

Re: Privacy concerns

"You can bet your life, facial recognition will start to be used when you go in for a job interview. So, you think it's bad now... you have no idea."

I'd hate to think the nightmare scenarios this could pit for identical siblings where one is a convicted felon...

2
0
Charles 9
Silver badge

Re: Amazing

You'd need to mesh your eyes as well, then, or figure out extrasensory perception. I hear they've been making progress there, too, based on shape, distance, node ridge, etc.

2
0

Forums