* Posts by Charles 9

6213 posts • joined 10 Jun 2009

Obi: These ARE the 'droids you're looking for

Charles 9
Silver badge

Well, that scratches LTE in the US for starters. Band III is locked in by the military, and band IV is the best one there (II and XVII are noted as alternates). Good US multi-band phones can tune into bands I and VII which keep options open abroad (I speak from experience).

PS. This talk of a unibody design smells of one that can't be opened, which means the battery can't be removed. That's gonna be a turn-off right there.

0
0

Ins0mnia bug means malicious iOS apps WILL NEVER DIE

Charles 9
Silver badge

Re: Does it matter?

"Hmm. I've had old flip-phones last more than five years. Also, my ancient Samsung Omnia would be able to work today (it turns on...) except that it was a Verizon device and there is no way that I am ever going to go anywhere near Verizon ever again. For one thing, it's still locked to Verizon as Veriscum refuses to unlock phones, even out of contract. (Or at least they refused back when I was a Veriscum victim, they may have changed lately. Doubt it, though. I hate Sprint, but they're not a bad as Verizon.)"

There's a reason for that. Pre-LTE Verizon phones were CDMA which were not interchangeable between carriers (mostly due to design limitations; CDMA phones could only tune in on that carrier's frequencies).

"Anyway did't some legal ruling the US force the carriers into unlocking phones?"

That ruling can only apply to GSM and LTE phones (both of which use SIMs) which are designed around interchangeability. That basically means AT&T, T-Mobile, MetroPCS, (LTE) Verizon phones, and any MVNOs using them as a backhaul. Sprint doesn't count because its pre-LTE phones were CDMA and its LTE phones use TDM (all the others use FDM) which IINM isn't as well supported.

0
0

Wileyfox smartphones: SD card, no bloatware, Cyanogen, big battery – yes to all!

Charles 9
Silver badge

Re: close, so close...

Airlines only ban them in checked baggage, and that's due to them being a fire risk. You can take them in your carry-on baggage if you wish. I speak from experience.

1
0
Charles 9
Silver badge

Re: Well...

Add on GOOD radio setups that can pick up whatever signals you want (mobile, LTE, WiFi at least, but also GPS if it's included). A knockoff phone can tick all those boxes but have terrible radio support that makes it a deal-breaker.

0
0

Malware menaces poison ads as Google, Yahoo! look away

Charles 9
Silver badge

Re: Looking at the problem backwards

The counter is that only a company like Apple, who has a uniquely sirenesque appeal (Apple's sorta like the Carrot Ironfounsersson of the computing world; you can't help but like the guy even with his strength and other quirks), could pull something like that off. Anyone else, and as Detritus would say, "We look in gutter for our heads..."

1
1
Charles 9
Silver badge

Re: No whitelist here!

So what happens when you get a false positive and it blocks something you actually WANT (or worse, NEED) to retrieve?

0
8

Security for those who know they can't win the security war

Charles 9
Silver badge

Re: I'm tired already just reading it

...Or was it the 12th sentence on page 97? Oh wait, that's an illustration! Was it the caption on that page. Wait, where's the book?!

THAT's the level of horrible I'm talking about. About the only way many of these types of people survive is by muscle memory, but here even that gets tangled up with all the websites one visits regularly. Plus, in the case of the password safe, the computer may be shared.

3
1
Charles 9
Silver badge

Re: I'm tired already just reading it

Indeed. What kind of security precautions are advisable for people with sensitive files to keep but horrible memories, such that even "CorrectHorseBatteryStaple" is too hard to remember (Was that "HorseBatteryCorrectStaple" or was it "DonkeyWrongPilePin")?

3
1

How much of ONE YEAR's Californian energy use would WIPE OUT the DROUGHT?

Charles 9
Silver badge

Re: thermal de-sal

"If you already have thermal power stations, then even after the 2nd or 3rd stage turbines the steam still has heat to help boil off seawater, and as you need to cool the steam off anyway the combined power and water plant can work out cheaper overall than RO."

That's a consideration, yes, and I'm sure power plant designers are keen to extract every last bit of heat out of their boilers (or at least until Diminishing Returns kicks in), but I think this will work only if the power station is close to a source of salt water. Otherwise, the pumping costs will likely tip it below break-even. Plus there's the issue of cleaning up the byproducts over time.

"The nice thing about TSE is that as the city grows, you get more of it. You can see this in action in Oman where the trees along the side of the highways reach further out of town every year."

You would think that your sewage treatment costs would rise along with the population. You'll need to increase your capacity so that you can treat more sewage at a time, and this may also involve additional capital expenditures (more tanks, etc.). How will does TSE scale with population growth?

0
0
Charles 9
Silver badge

I don't have any concrete numbers at present, but design considerations alone can present challenges. For example, what is the world's largest greenhouse in terms of floor area and in terms of overall volume (a solar still essentially needs a design similar to a greenhouse, especially on the ceiling)? Second, how well will a batch process with labor-intensive between-batch cleanup (a solar still needs to be periodically cleared of its deposited minerals, which don't just include salt) work against a more-or-less-continuous demand for clean water (not just among farmers, but also among a sprawling metropolis like Los Angeles which basically never sleeps)? Third, just how much sunlight will you need to evaporate X gallons of water? For a frame of reference, near Los Angeles is the world's largest solar-thermal energy plant in the world, the Ivanpah Solar Power Facility. It generates 392MW (e or t, no one says) over a span of some 1400+ ha. Sounds like a lot until you realize they say this'll power about 100,000 homes. Los Angeles County alone has over ten million homes according to the 2010 US Census. Oh, and BTW, what about the energy needed to move all this water and waste to and from the desert (and please note, most of California's desert is actually elevated several hundred feet—in comparison Death Valley and the Salton Sea are pretty small areas—which means you'll be pumping seawater uphill)?

0
0
Charles 9
Silver badge

They only work during the day when there's sun out, they'll probably interfere with local fauna, and the infrastructure needed to pump the seawater and brine is bound to be prohibitive. Not to mention there's still the issue of what do with the concentrate, which is basically toxic at this point and has to be disposed carefully to prevent ecological issues. And no, you can't dessicate it completely as there's more than salt in that brine.

And oh yeah, there's that BIG big problem...of SCALE. You think solar stills can provide millions of gallons a day to Los Angeles County?

0
0
Charles 9
Silver badge

Re: Big dam.

Except some lifeforms rely on the brackish water you get at estuaries (the borderline zone between the river and the ocean), making them some pretty important and pretty sensitive environmental areas. Anyway, you forget the Colorado River, which is already overtapped to the point it usually doesn't make it to the Gulf of California.

0
0
Charles 9
Silver badge

Re: Hogwash

But it won't return to the ocean in the same way. Some of it will come in fresh, lower local salinity while the rest of it (the waste from the desal plants) will come in too concentrated. And note that most marine life is very sensitive to local salinity.

0
0
Charles 9
Silver badge

I think solar stills suffer two issues versus other desalination methods: they don't scale well where volume is needed, and they're inconsistent which can be a problem when you need a steadier flow.

0
0

The Onion Router is being cut up and making security pros cry

Charles 9
Silver badge

Re: Am I reading this wrong?

It's 180K in the USA alone, with an additional 150K in the Netherlands and so on.

So. putting them all together, you get 180,000 + 150,000 + 4 * (50,000) = 530,000 between all six countries listed.

1
0

Snowden, NSA spying, hard drive malware ... what we need is a UN privacy watchdog!

Charles 9
Silver badge

Re: EFF has turned a corner

"What's really needed is a private non-profit with the technical expertise to do serious computer security research and open source distribution, that would include counter-surveillance technologies."

To pull something like this off, the non-profit would likely have to be a transnational on the level of, say, the Red Cross, to be able to stand up to pressure from state agents. Thing is, the states are the incumbents and would be likely to either nip something like this in the bud or infiltrate and subvert it.

0
1
Charles 9
Silver badge

"The only solution is the electorate to make their feelings known to the government in one voice, "If you support mass spying on individuals you will not be reelected."

The politicians will simply respond by removing ANY AND ALL candidates who would be against mass spying so that your only choices are him and someone else who's all for spying. So you're left with the choices of a spymonger, a worse spymonger, or (maybe) going unrepresented, which amounts to the same thing.

0
1

Spotify now officially even worse than the NSA

Charles 9
Silver badge

Re: Good reason to use an iPhone

Then Android M can't come soon enough, as M is supposed to finally introduce ubiquitous user-controllable permissions.

PS. What's to stop an app balking when it detects you've blocked access to something, along the lines of, "We need this permission to function properly. Please enable the function to continue using this app"?

0
0
Charles 9
Silver badge

Re: @AC

"The landlord (and tenant) can only do what the contract (and, in my case, English law) allows."

The key aspect is that it's usually the landlord that presents the contract, usually on "take it or leave it" terms.

1
0
Charles 9
Silver badge

In a world full of obedient sheep, what's a few rebellious goats to them? The only way you'll make them pay attention is to become a WOLF...and take the sheep away.

2
0
Charles 9
Silver badge

If not for car CD players and other people disconnected from the Net, I would've thought music labels would've abandoned physical media long ago and gone strictly to rental and subscription models so they can keep their music under control.

0
0
Charles 9
Silver badge

Re: New T&Cs

"It is time to oblige companies to respect the contractual obligations of Commercial Law. If payment is required for a service, then it is a contract. If it is a contract, then one side cannot change the conditions without consent from the other side."

Most contracts contain a "subject to change at any time" clause, sometimes including a "without notice" disclaimer. Since it's part of the contract, it's enforceable unless there is a specific law which forbids the practice (and last I checked, no such law exists). It's like with laws themselves. Laws can be changed to make things illegal and so on. It's just that (in some jurisdictions like the US), the law cannot be retroactive and must only apply to anything going forward.

1
3

Nvidia's GTX 900 cards lock out open-source Linux devs yet again

Charles 9
Silver badge

Re: Freedom...

I guess it boils down to the classic open-source fear of being Borged by a proprietary code that in turn shifts development away from the open code. So the demand is to keep the code as open as possible, and when it comes to key systems like video, the bar is set higher. The only problem is that the two remaining big GPU manufacturers, nVidia and AMD, possess enough oomph that they can push back and answer with "Take It Or Leave It. You need us, we don't need you."

That's also concern for what happens if a company liquidates and no longer exists to support a device that may still be in active use. And open code base at least keeps options open.

0
0

Hyundai ix35 Fuel Cell: El Reg on the hydrogen highway

Charles 9
Silver badge

Re: Internal generation

1. Put Water in Tank

2. ????

3. Profit

Where's step two? HOW do you turn the water into hydrogen suitable for a fuel cell?

1
0
Charles 9
Silver badge

Re: Fuel tank rated to 10,000psi

"The primary problem with pressurising H2 is metal embrittlement and there's a secondary issue that pressurised Hydrogen has a nasty tendency to simply waft through the walls of most containment vessels due to its tiny molecular size - I wouldn't be at all surprised to find that the tank would lose 10-25% of its capacity if left sitting for a week."

And just to demonstrate how difficult the containment situation is, recent advances in hard drives are attempting to hermetically seal hard drives so they can be filled with helium (monatomic noble gas He, weight 4) which is already known for being so tiny it can leak through practically anything (especially balloons). Hydrogen gas, despite being diatomic (H2), its molecular weight is even smaller (just 2), so the problem here is only exacerbated.

And while I can see that hydrogen isn't as likely to react chemically in the event of an accident, there's still that high-pressure tank to consider in a crash. Strong as it may be, it may take the wrong kind of it for it to fail catastrophically, and my imagination has a little trouble visualizing the full impact a 700bar tank about the size of a car boot suddenly bursting within.

1
0

Want security? Next-gen startups show how old practices don't cut it

Charles 9
Silver badge

Re: People "trained in IT security" are a lot of the problem

"They spend a lot of time doing things that are visible, but don't really help much, so they can be seen as doing "something". But they're afraid to step on toes to effect changes in policy that will truly make a difference, like banning the use of USB sticks that can not only be a vector for infection they can provide an easy conduit for IP theft on a massive scale as well as too often data loss to the outside through carelessness or negligence."

The reason they're afraid to step on toes is they're afraid one of those toes is someone above them who goes, "Who hired this clown?" IT security doesn't do much if the top brass don't see the point, and part of IT's job is making those same top brass see the point.

0
0
Charles 9
Silver badge

Re: Additional thoughts

Over a whole ecosystem, yes diversity is a plus. But within a clan (that is, within one group of a single species), diversity has to play second fiddle to compatibility (as in, the males and females need to be able to breed). Same in the office: diversity in software has to take second place to network communication; otherwise, things can't get done.

1
1
Charles 9
Silver badge

Unless the purpose of the attack wasn't to exfiltrate data but simply to stymie you during a critical period. Say, take down an e-store website during Black Friday or Boxing Day?

After all, DoS can be a Murphy Moment, too.

1
0
Charles 9
Silver badge

Re: Not fully convinced

But unlike a military, a business needs to be able to, well, do business. At some point, the return on security diminishes because you stifle the business flow. That's why there's a sliding scale of security versus ease of use. Improving one necessarily stifles the other the way a locked door delays you getting into your own house.

Plus one needs to realize that no security measure can be effective even in a practical sense since there's always the threat of the trusted insider turned traitor. I mean, insiders defeated the Great Wall of China.

3
0

Comcast sued for – you guessed it – allegedly SCREWING OVER CUSTOMERS

Charles 9
Silver badge

Re: Scams

"Who would work for such a company and why?"

Anyone starving. For many, it's far preferable to be working for Evil, Inc. and put food on the table than to be starving in the streets. There's a self-preservation instinct, you know?

"Going along with the status quo just because there is no alternative, is never going to solve the problems. Is it?"

Sometimes, one has to admit defeat and declare a problem intractable (or at the least, infeasible given the conditions). For example, hoping for a government that cannot be corrupted is considered infeasible given the human condition (the self-preservation instinct inevitably leads to corruption, which can occur in any form of government). So too may the status quo be an infeasible problem if the only alternative is to go without which in so doing leads to serious disadvantages.

So basically, while one can walk away, it's hard to walk away from the only watering hole within line of sight.

0
0

Intel's Compute Sticks stick it to Windows To Go, Chromecast

Charles 9
Silver badge

For the record, Intel has a spec sheet on the STCK1A32WFC, the higher-end of the ICS's. According to the spec, the CPU is an Atom Z3735F which is one of those with a built-in graphics unit. According to ARK, it's your basic Intel HD Graphics units with a clock range going from 311-646 MHz. According to Kodi, it's enough for H.264 up to 1080p but not H.265.

0
0
Charles 9
Silver badge

Re: Yours will be for movies over ethernet?

Because the Pi is ARM-based, which pretty much requires a blob since ARM implementations differ from setup to setup and there's no standardization concerning these setups: most of which are in fact protected as trade secrets. Furthermore, some of the stuff in the Pi's CPU is actually protected by patents which requires licensing.

5
0
Charles 9
Silver badge

Re: Yours will be for movies over ethernet?

The Pi tends to be underpowered in media playback last I checked, especially at 1080p and/or H.265, and firsthand experience tells me it tends to hang when trying it for extended periods. The article notes the ICS handles 1080p smoothly (albeit probably using H.264).

1
1
Charles 9
Silver badge

Re: pricing?

It's in the article: $110 for the cheaper 1GB model with Ubuntu, $149 for the more expensive 2GB model with 8.1 Bing. Since it supports USB booting, you're free to change the installed OS within reason. Still, for a media playback device, it sounds tempting...but did anyone try this stick out with the new H.265 standard?

0
0

Mozilla testing very private browsing mode

Charles 9
Silver badge

Re: But does it block the java script too?

"If you were interested in something, and found a site, it was always linked to other sites by these to other, similar sites."

But then you had to FIND the one site in the first place, creating a Chicken-and-Egg problem.

0
0
Charles 9
Silver badge

Re: So...

Aren't you afraid you'll block the important security updates that are likely using the same channels?

0
0

Rise up against Oracle class stupidity and join the infosec strike

Charles 9
Silver badge

Re: Ada - the only infrastructure that's reliable & secure by design

"If boards understood the massive risk they face from IT, they'd insist on Ada now, and throw out all the closed-source rubbish."

Thing is, most boards have to answer to the investors, and many investors these days are quite short-sighted.

0
0
Charles 9
Silver badge

Re: Your solidarity is not so solid

"When I read the Reg, I don't need or want the extra overhead of TLS. For that matter, when I post comments, I don't need or want it. I don't care if someone goes through the (not trivial) effort of impersonating me here."

You'll start caring when someone finagles the identity you get here to steal a more significant of your identities elsewhere. Plus there's the prospect of having malware injected through your in-the-clear transmission by someone along the TCP/IP chain.

0
0

Boffins dump the fluids to build solid state lithium battery

Charles 9
Silver badge

Re: Another week...

"This is a tech NEWS website. If you want to know what is available to buy now, check a retail website like Amazon."

It's just that a lot of these "new technology" announcements turn out to be vapourware, and we get all hyped up over nothing. Much better by far that we hear news of technologies going into actual trials of a decent scale or, even better, preparing for a mass-market rollout, meaning we actually have something to look forward to.

1
0

Boffins nail 2FA with 'ambient sound' login for the lazy

Charles 9
Silver badge

The thing about those tokens is that they're not suitable for the average person, which is the level of paranoia we're reaching, where EVERYTHING needs a second factor but not everyone has that second factor on hand.

Plus, as noted with the RSA incident, CPRNG algos can be stolen.

0
0
Charles 9
Silver badge

"At my employer for example possession of a mobile phone on an operations floor is an instant sacking offence - they are that concerned about any recording devices, whether audio or visual."

Just for the record, why the paranoia? Top Secret workings, concerns of industrial espionage, or confidentiality issues?

0
0
Charles 9
Silver badge

Re: what people say and what people do

"In general, general users are underwhelmed by security measures, nobody cares"

So how do you MAKE them care without risking their lives in the process (about the only thing that FORCES people to care)?

0
0
Charles 9
Silver badge

"Some form is biometric device is far preferable."

But what happens when someone copies your biometrics and steals your identity?

1
0
Charles 9
Silver badge

Re: @Charles 9 - This from a security team!!?

"I lean towards the 'sack them for undermining security' solution, rather than weakening overall security to make their lives easier."

Which quickly gets reversed when you learn the one demanding the relaxation is ABOVE rather than BELOW you.

2
0
Charles 9
Silver badge

If your reception is so bad even an SMS is hit or miss, you basically don't have a practical second factor to work with, which means you're SOL.

So that leaves a big unanswered question. How do you do 2FA when lots of people don't even have a second factor to work with?

1
0
Charles 9
Silver badge

Re: This from a security team!!?

But you also have to consider the secure-vs-easy scale. If you try to make the second factor too onerous, people will say, "Sod this!" and look for shortcuts; failing that, they'll abandon the whole works. How do you do secure in such an environment?

0
0

Perhaps middle-aged blokes SHOULDN'T try 34-hour-long road trips

Charles 9
Silver badge

"We are all crazy drivers which is why jonny cabs will become the only option."

Until you find out that two Johnny Cabs programmed to two different programs by two different companies don't necessarily get along, especially when their directives (like in your example above) directly conflict.

0
0

Intel left a fascinating security flaw in its chips for 16 years – here's how to exploit it

Charles 9
Silver badge

Re: data treated as code

"So did 8086. Code segment, data segment, stack segment, et al. In practice these pointers were often set at the same address, which kind of defeats the point."

In Real Mode, once memory cleared 16 bits, the code and data segments could and frequently did occupy different 64K segments of memory. About the only time the CS and DS were the same was in Tiny (.COM rather than .EXE) compiles meant to fit completely into a single 64K segment.

Protected Mode meant 32-bit programming which meant access of up to 4GB of memory in an age where even 8 and eventually 256MB was considered high. This meant a flat memory model and that deprecated segments.

1
0

You've been Drudged! Malware-squirting ads appear on websites with 100+ million visitors

Charles 9
Silver badge

Re: Isn't it about time...

Many malware are now VM-aware and are likely AV-aware (or worse, AV-sabotaging) to avoid honeypots, so they won't react to such a scan. And the give and take has an unintended consequence as well. Soon, malware researchers will eventually have to develop honeypots that mimic humans to the point they can pass a Turing Test. Once that happens, the malware writers will usurp the research and create malware attacks indistinguishable at the endpoints from humans...

0
0

Imation ejects its removable disk biz, hands it to Sphere 3D

Charles 9
Silver badge

Re: I'm puzzled..

RDX drives are rated better for cold (long-term) storage. Most hard drives on the market are only warrantied for 3, 5 years, maybe 7 on the outside. RDX drives are supposed to maintain their data cold for up to 30 years. They're also shock-resistant by design, as the spec requires them to maintain integrity even after a 1m drop, something that could occur if Murphy strikes during a changeout.

0
0

Forums