* Posts by Charles 9

3883 posts • joined 10 Jun 2009

Fiendish CryptoLocker ransomware: Whatever you do, don't PAY

Charles 9
Silver badge

I suspect the next step(s) for crypto malware are:

(1) hibernate first so as to increase the odds of getting INTO the backup, The idea being should one try to use a backup to restore the OS and files, it'll just wake up again.

(2) stick around after the ransom so as to hit the victim again (what business doesn't want a repeat customer).

(3) look for ways to invade the MBR, BIOS, and/or EFI to get around OS safeguards and try to gain nuke-resistant.

2
1

Microsoft holds nose, shoves Windows into Android, iOS boxes

Charles 9
Silver badge

Remote Desktop is not included in Home releases. it's intended for the Enterprise, so it's only on the Enterprise branch of Windows products: meaning XP Professional, Vista/7 Professional, Enterprise, and Ultimate, and 8 Pro/Enterprise.

2
0

Snowden: 'I have data on EVERY NSA operation against China'

Charles 9
Silver badge

Re: China is not a problem

But colds and flus are rarely fatal, so it's NOT too late. It's entirely possible to MITIGATE its effects. Sure, you can have an insider in your midst, but there are ways to minimize the damage, just as it's possible to still control the situation after discovering a bomb.

1
1
Charles 9
Silver badge

Re: America's most important creditor

China is only the US's biggest FOREIGN creditor. The vast bulk of US sovereign debt is held DOMESTICALLY.

3
0

All cool kids' phones run ALTERNATIVE alternative custom Android ROM

Charles 9
Silver badge

Tell that to all the people who have NFC phones but no Google Wallet support due to carrier lockout. S3 and S4 owners have been crowing for months about the solution around it, and I like it, too.

There's also the matter of custom UIs like Sense and TouchWiz. There are people who find it too clunky, too bloated, or simply not for them. Cyanogen uses the basic AOSP interface, which you can then customize. I personally don't use it because AOSP's NFC support is spotty, but many others like the KISS simplicity. Also, this saves them money since it can buy them time when they don't have to buy a new phone just yet. I did that for my Desire Z and slimmed things down enough that I could still use it satisfactorily for another six months when bloatware kept slowing my phone to a crawl.

As for the XDA Forums, I found their search tools useful for hunting down information. You can search threads, groups, and the whole site if necessary.

1
0
Charles 9
Silver badge

Re: What's the point?

These two questions made me switch.

"Does your phone have NFC? Does that phone allow the use of Google Wallet?"

For me (A T-Mobile US Galaxy S4), the answers were "yes" and "no" (T-Mobile still doesn't support Google Wallet officially, AFAIK it's only supported for Sprint). The community found a way around that, and I found the feature most useful in my experience.

Another one:

"Do you like the built-in software on your device?"

That was "no" for me, and since they're built-in, you can't uninstall them even as they poll your network and sap your data allowance and battery life. Getting one with the excess baggage or "bloatware" stripped out was a nice plus. In addition, there were assorted niggling details that were both annoying and (until I customized) impossible to address.

In addition, having better control of the phone meant I could take charge should something go wrong. Because of a good routine, even when updates went wrong, I had a means to backtrack.

PS. I understand my experience is not for everyone. I first rooted a phone only a year ago (Desire Z/T-Mobile G2) to give it more freedom when I went abroad, but since then I came to appreciate the additional freedom and flexibility it allowed.

1
0

'Please, steal my phone' TV ads by T-Mobile US slammed by legal eagles

Charles 9
Silver badge
Joke

Re: I have a question for these morality crusaders.....

Oh? I thought they took that out some time back. I know mine's broken. And since unplugging it can surge the set and break it, they'll find out eventually.

1
0
Charles 9
Silver badge

I thought the standard practice was to pop the cover and remove the battery. This removes the need for the metallized bag and ALSO prevents the tripping of vigilance control that could still work without a signal (since they can be time-based). In addition, it allows for the swap-in of a new SIM that further distorts the original phone's identity.

0
0

Rorschach test suggested as CAPTCHA replacement

Charles 9
Silver badge

Interesting...but...

I don't think this will work. The thing behind CAPTCHAs is defeating bulk access by restricting access to people capable of working their way through something less-than-programmatic, like a distorted picture. The big thing the GOTCHA doesn't do, it seems, is CHECK the initial response against anything reasonable.

So if a machine encounters a GOTCHA for the first time, what's to stop it from putting down a bunch of gibberish like "correct horse battery staple" and simply remembering what it used for the next time it sees the blot (quite easy with the right technique)? Even if the system checks for grammar, you could easily construct a "mad lib" type of system ("I see <NOUN> with <NOUN> and <NOUN>).

6
0

Can you trust 'NSA-proof' TrueCrypt? Cough up some dough and find out

Charles 9
Silver badge

Re: Almost unsolvable problem.

"I have an easier solution, if you don't want people to know some things, don't tell em, don't write it down, and certainly don't store it on a computer."

And if you have a bad memory or the information's not easy to memorize (like random data--poor fit for Memory Theater), you're basically hosed?

Anyway, it is possible to set up some chain of trust. You just need to hand-assemble something that can process a few bits of assembler code, use that to create a means to do more of it, and build up from there. Or you can hand-disassemble one of the low-level steps, verify it, then use the verified tool. Then you can take on a compiler with assembler code and build on up. And you can do all this from a bare-bones OS or from a setup where direct access is used, bypassing the OS. Just saying there are ways that don't have to take years. Weeks, a month or two, maybe, but not necessarily years.

4
0
Charles 9
Silver badge

Re: Unnamed qualified professionals vs amateurs?

They haven't said WHO they're hiring because they're still in the process of contacting prospects. IOW, they don't know yet. Once the funding builds up and they get some contracts, then they'll be able to list names.

2
0

Web daddy Tim Berners-Lee: DRMed HTML least of all evils

Charles 9
Silver badge

Re: No DRM

And Hollywood and the rest see a consumer public that can't figure it out. It may be your device, but it's THEIR content, THEIR rules, THEIR copyright. Either submit to the terms or you don't play, end of.

So if you keep saying "NO NO NO" to DRM, Hollywood will just respond with "NO NO NO" to consumer devices. They've ALREADY demanded that 4K devices must be purpose-built: no PC/phone/fondleslab playback for you.

If you don't like the terms required to watch the latest movie on your fondleslab, then Hollywood DOESN'T NEED YOU If they feel the money isn't there, they'll abandon the streaming market and go back to the box office, where they get most of their money anyway.

1
0
Charles 9
Silver badge

Re: whip that deceased equine into a metric ton of viscous froth

"1. Copyright and patent law are substantially fair, equitable, beneficial and very much net-positive, with one glaring exception: software patents. Applying patent law to software is a flawed premise, much because the lawyers and judges that argue and decide these disputes are rarely if ever even remotely qualified to do so. If software designers were involved in every step of the patent process it might be marginally workable (though speaking as a software architect, I can't imagine anything I'd rather do less.) Nearly every software patent I've seen was based on fallacy, and virtually every high-visibility case of enforcement, imho, has constituted abuse of civil courts."

The BIG big thing with software patents is that the length of the term is extremely long compared to the speed of the industry (heavy equipment might get turned over every decade or so--software, perhaps 2 years). The simplest and IMO best way to control software patents is to simply shorten their terms to something like 3 or 4 years. That encourages the patent holders to cash in as quickly as possible but in ways that are productive, as any attempt to troll runs them the risk of the clock running out before they win (given the intentinoally-glacial pace of the court system).

"2. At the end point, DRM-protected content must be rendered viewable and/or audible for the consumer by a digital device. When said device happens to be a PC, trying to protect that content at the application or protocol levels is futile, that pesky need to render thing makes it ultimately copyable. DRM would need to be inherent to display/audio device drivers, to offer comprehensive protection, but the pace at which both hardware and operating systems evolve makes that approach way less than practical."

You'll note that some content providers are SPECIFICALLY excluding PCs in general. 4K content will ONLY be rendered on purpose-built devices certified by them to obey only THEIR rules, which will likely include signal monitoring and tamper-proofing (yes there's the analogue gap, but in their eyes that defeats the purpose). Now, for anything where a PC is concerned, yes, that cat is likely to get out of the bag because they lack control; that's one reason many content providers are leery to embrace the Web. Thing is, the Web needs the content, but the content doesn't need the Web. There's a possibility the Web could be relegates as more and more providers demand strict controls on their content that the Web just cannot provide; they're basically going to start demanding DRM as a first prerequisite to providing the content AT ALL.

0
0
Charles 9
Silver badge

Also, while some people will engage in art for art's sake, they're a considerably minority. Many of our most recognizable works of art were not done for art's sake. Nearly all of them were commissions made by rich clients or institutions. Which goes to show even the greats like Leonardo da Vinci had to make a living.

0
1
Charles 9
Silver badge

Re: DRM is fundamentally broken

Perhaps, but I think all they really want is to prevent it being captured at the full resolution, and to do that, they can establish a hardware-based chain of trust from end to end. THAT at least is possible, as is seen by a number of chains of trust that have yet to be acceptably broken. The only way around the chain of trust is to employ the analogue gap, and to them that's an acceptable loss as the resulting loss of quality would defeat the purpose (much as they're not too concerned with camcorders in movie theaters--the quality is too low to be of mass appeal barring desperation).

0
1
Charles 9
Silver badge

You know that'll mean they'll leave the PC and digital area altogether. Like I said before, the staked involved mean the movie makers would sooner take their ball and go home. If they can't control their product, they won't provide it at all. That means they'll go back to theaters, airports, and television. No more home movies for you forever (and it's not like they get the bulk of their revenues from the home video market anyway--most of it comes from the box office).

1
1
Charles 9
Silver badge

Re: DRM does not belong in the standard

The problem is that while DRM will be proprietary, it will more than likely not be LIMITED, meaning DRM content will either EMBRACE the web...or MARGINALIZE it. The Web needs the content, but the content doesn't need the web.

0
1
Charles 9
Silver badge

Re: He does NOT have a point

"Extrapolate the development of DRM into the future and we might well end up with a compartmentalized system managed via routine ('standard') DRM. There are obvious interest groups that would love this development: big publishers, control-freak security agencies, anybody that hopes to control and monetize your data consumption. It's a slippery slope."

You forget one important detail. Providers don't HAVE to use the Web. Nor do they have to publish their stuff in the ways WE want it. THEIR stuff, THEIR rules, and if you don't like it, the door's right there.

That's the most fundamental thing we have to realize. It's THEIRS, NOT OURS (if it were ours, we'd be communists). Unlike music, movies have large budgets, so they take big risks (a record bomb might be six or seven figures--a movie bomb is at least eight; Heaven's Gate was a $40M bomb 30 years ago). They're MUCH more risk-averse and more likely to take the ball than just let it go.

What Berners-Lee is saying is that if you don't standardize DRM on the Web, the content providers (who won't go without DRM no matter how much we kick and scream--live with it) will go OUTSIDE the Web to other protocols like RTSP, which may not be as open or as well-understood. Or they'll continue to encapsulate their HTTP traffic in proprietary ways. Either way, the Web becomes secondary to them.

So basically, DRM is here to stay, like it or not, and it can exist with or without the WWW. So the choice is yours: embrace DRM or relegate the Web. No middle ground is possible.

As for the whole patent/copyright debate, they both have their uses. They're an alternative to commissions by the rich, which were how the most recognized works of art were typically made before the modern system. Most artists need to make a living, and these give them a possibility without rich clients. We don't need to abolish them, just limit them back to the way they were before: short terms enough to make a living off but not enough to excessively milk. We should also account for the accelerated pace of some industries and make some terms even shorter (ex. make software patents 3-4 years long to account for rapid progress in the tech industry--and no, copyright won't work on a technique since you can weasel around copyright with a clean-room copy--that's how the PC Clone BIOS was made; only patents can cover ALL the bases).

1
1

Why a Robin Hood tax on filthy rich City types is the very LAST thing needed

Charles 9
Silver badge

Re: What does automated trading add?

"More generally, making trading - acting on the information and opinions - in the market easier is beneficial. Much of the existing regulation is precisely about that. But not all. In particular, taxing transactions makes trading more difficult, just like prohibiting certain means of trading (prohibitions of shorts were common enough in recent years, meaning you were free to provide information to the market by acting on your opinions as long as those opinions were positive...). I think this is what Tim is saying, essentially, though I absolutely do not presume to be his spokesperson or his interpreter."

But at the same time, it's noted that trading should not be TOO easy. This is especially true with high-frequency traders who act so quickly the human mind cannot keep up. The end result is feedback loops leading to chaotic market swings. The market needs to be able to move, yes, but if it moves TOO much it'll overshoot, and this can be trouble. Think of the market swing like a bungee cord. You don't want it too tight that it jerks you hard and early, but you also don't want it too slack that you hit the ground before the rebound kicks in. Everything in moderation.

3
0

Oracle says open source has no place in military apps

Charles 9
Silver badge

The DoD should challenge Oracle with this question.

"Who will support our software if you cease to exist?"

One of the BIG big things about Open Source is that, if all else fails, you still have the documentation of last resort: the source code. Even if all commercial support disappears, someone with the necessity could examine the source code to solve problems. For a military application, that can become a security issue and one closed-source inherently cannot accommodate.

6
0

Tape never died, it was just resting

Charles 9
Silver badge

Re: Last resort you can always take a tape cartridge apart and recover the tape

But what if it's the controller that fails? That kind of failure can also bite SSDs.

0
0

T-Mobile FREES AMERICANS to roam world sans terrifying charges

Charles 9
Silver badge

Re: T-Mobile just don't know how to run a mobile network

I had little to complain about with my experience with T-Mobile. I was on a contract with them for two years and the phone was nice and the service quite satisfactory. I rather liked the WiFi Calling feature since I tended to spend plenty of time on WiFi (usually at home), and the subsidized rates weren't too bad, either.

As noted, their unlock policy was quite fair and reasonable. I got my unlock code with little trouble (I asked after 18 months), and the phone worked pretty well aborad, in fact better than I expected given T-Mobile's bands.

I only left because my contract was complete and didn't want to continue paying the subsidized rate. The main drawback is that I lost the WiFi Calling feature as well as Visual Voicemail (now THAT was good as it meant you could navigate it without having to use touch-tones). I'm currently still on the T-Mobile network but with a MVNO, and those two things are really the only things I miss. If a prepaid GSM-based service offered those features (T-Mobile won't offer the service with their prepaid plans), I'd probably jump on it.

0
0
Charles 9
Silver badge

If you're coming in for a visit, just get one of the prepaid SIMs. To an extent, prepaid has been less subject to price gouging, and rates tend to be competitive amongst providers (though the best plans tend to be based on the T-Mobile network; AT&T-based MVNOs can't seem to undercut the parent company, whose rates tend to be higher than T-Mobile's. And since Verizon still uses CDMA for voice comms, support for international phones is hit-or-miss: mostly miss).

0
0

Tape rocks for storage - if you don't need to, um, access your data

Charles 9
Silver badge

Re: "A simple trawl could send a tape-robot into melt down."

I think the "trawling" refers to the fact that Google is in a particular situation where tape is not suitable. Google is in an industry where data essentially has an INFINITE shelf life and NEVER goes stale: someone could request ANYTHING...even data from 15 years ago...on a moment's notice. Plus, due to the way they work, they could end up having to gather data from who knows how many different locations and must do it tootsweet. For Google, everyone REALLY WANTS everything...YESTERDAY. Their business depends on it.

Retrieving 1 entry from a single tape may just be annoying, but (even WITH an index) imagine the stress involved when the robot has to change bunches of tapes just to build up 100 links from nearly as many tapes? Like I said, though, this is particular to Google's line of work.

0
0

Boffins build BEELLION-YEAR storage medium

Charles 9
Silver badge

Re: A small detail is missing

That's what it sounded like to me. From the way they described things, I kept thinking it would be an optical disc format of some sort.

0
0
Charles 9
Silver badge

Low Thermal Expansion Coefficient

For the record, the Thermal Expansion Coefficient is the rate at which a substance expands when it's exposed to heat. Like how a ring might expand when doused in hot water and contract again when doused in cold water.

In terms of material longevity, this means a material with a low TEC (like Tungsten and Silicon Nitride) is unlikely to distort when exposed to heat: A Good Thing.

I wonder if anyone here recalls that tungsten's high melting point was one reason it was was the metal of choice in incandescent light bulbs.

0
0

Control panel backdoor found in D-Link home routers

Charles 9
Silver badge

Many have noted that is IS disabled by default on most of the routers. I know it was disabled on my DIR-615 (since replaced with a new dual-band ac router).

0
0
Charles 9
Silver badge

Given that most of these devices DO support WPA2, which supports AES as well as TKIP. These have not been compromised and most of the talk about WPA2-PSK cracking has been in the same old problems: weak passwords. As for the WPS button, which IS handy so I don't have to carry wound my standard-limit WPA key around, especially to devices where entering the key is difficult, I just make sure to use it carefully so that the device is most likely to be seen first, and I check my client tables afterwards in case of intruders.

0
0
Charles 9
Silver badge

Re: None so blind, etc.

"It's pretty much accepted that every piece of embedded kit has some secret sauce to allow the makers to intervene when everything is badly screwed up, although usually it's in the form of some soopersekret login/pass pair."

With something like this, the usuall fallback is the factory reset, which is supposed to reset the firmware back to default settings (which are written in the manual with the caveat that you're supposed to CHANGE it once you're in). Failing that, there's also usually the emergency flashing mode, which should allow for the flashing of ANY firmware in a local setting. If even that fails, then there's likely something fundamentally wrong with it and it will need physical attention in any event.

0
0
Charles 9
Silver badge

Re: It would be nice to think

It does, usually. Thing is, is that enough or can this be triggered even with remote management turned off?

0
0

Wanna be Zuckerberg's neighbor? Tough luck, he bought the block for $30m

Charles 9
Silver badge

Re: "market it to buyers who liked the idea of being Zuckerberg's neighbor"

Still makes me wonder what would've happened if some other rich (if not richER) person made a counteroffer over the top of Zuckerberg's and got one of the properties instead. THEN turned out to be the kind of untrusting person who spied on his/her neighbors...

0
0

Easily picked CD-ROM drive locks let Mexican banditos nick ATM cash

Charles 9
Silver badge

Re: Backwards

No, because booting from a CD-ROM would break a chain of trust., as there's no way to verify the CD-ROM is official from the BIOS. The hard drive can initially be set in the factory and sealed in the box (note the crooks have access to the FACE of the CD-ROM, NOT the internals of the machine; drive housings can be bolted down with one-way screws so they can't be removed) so that any further updates have to be signed before they're accepted.

0
0
Charles 9
Silver badge

Re: BIOS Password

But then how do you update the machines when security patches are mandated? That's probably why the CD drives are there: to facilitate updating. That being said, the drives should not be bootable. The ATM software should be the one in charge of the updates and should insist on signed code from the CD-ROM before updating.

Based on what I'm hearing, I don't know if these are official offsite bank ATMs being hacked. I suspect these are more second-tier ATMs like those I see in a mom-and-pop store.

0
0

YouTube turns on dormant DRM, permits official downloads

Charles 9
Silver badge

Re: Don't worry

Nothing. That wasn't the point. Plus the downloaders don't work with protected streams. They have to pass through third-party DRM systems before YouTube can negotiate them. Getting THOSE downloaded is a lot more difficult.

0
0

UK plant bakes its millionth Raspberry Pi

Charles 9
Silver badge

As much as I appreciate the ability to tinker around with the Pi, perhaps it's time to look for something with a little more oomph. My eyes have been drifting towards one of the Cubieboards. The main thing I'm interested in with this is the additional memory it packs (at least 1GB), so you can dedicate such a device for more utilitarian things (I'm wondering if I could turn a Cubieboard into a Freenet server; CPU isn't a big thing, but you need plenty of RAM to keep things running at a smooth pace).

0
0

Hollywood: How do we secure high-def 4K content? Easy. Just BRAND the pirates

Charles 9
Silver badge

Re: Digital signature conundrum

"Which leads me to conclude one of two things must be true. Either we're all radically missing our guesses as to how this "watermarking" will work, or Hollywood's emperor is still standing there in his best birthday suit."

Perhaps the information is stored in the I-frames. Those frames don't rely on adjacent frames and the most likely to remain I-frames or keyframes when transcoded, as the I-frames are typically chosen for being too distinct to use difference coding.

0
0
Charles 9
Silver badge

Thing is, challenge or not, some things just prove too hard a nut to crack.

Take the Nintendo Wii's boot1 system. It's a tiny program encoded with an encryption key buried in the OTP memory only visible to one of the processors. The key never leaves the processor. in any way, shape, or form. After Nintendo fixed an exploit, the end result was that boot1 secured boot2, which prevented certain types of hacking. To date, no one's broken boot1 or found another way to access boot2 to restore the low-level hack.

Many SoC systems that run things like tablets have similar hardware-based chains of trust. They rely on the same principle: the initial boot code is signed by a key unique to that processor (and it's a key pair--one of which is kept in the processor and can never be changed, the other is kept by the manufacturer under lock-and-key). To date, I don't recall too many of them having been utterly broken except by slips in implementation. Properly done, most hackers go AROUND the problem, which may not be an acceptable solution depending on what is needed.

Shows that SOME implementations can be done right to the point that even the most determined hacker can't get through.

1
0
Charles 9
Silver badge

Re: No need to break the scheme to avoid jail

Don't most of them lock the card until you register it (as in submit your identity)? At least that's how I see it work in the US.

0
0
Charles 9
Silver badge

Re: Digital signature conundrum

"Or perhaps get a dozen, twenty or even a hundred legit watermarks from hacking, social engineering and or volunteers, then liberally paste ALL the watermarks into the pirate copy. Call it the " I am Spartacus" defence. How would the industry prosecute if they can't pin it down to one person?"

Probably with the Ring Sting technique: BUST EVERYBODY!

Seriously, these watermark people aren't stupid, and you have to figure out which part is part of the watermark, which part is part of the real image, and which part is red herring, and odds are, due to the encoding technique, no two copies will carry identical segments, meaning fingerprints are smeared across the ENTIRETY of each individual copy. Plus, I suspect the watermarks could be encoded with some form of parity correction. Think instead of bits of the ID scattered across the movie, you have bits of the ID along with with perhaps triple or quadruple parity mixed in with it. WIth parity, all you need is some piece of the original and enough parity data to fill in the gaps. With that kind of setup, cutting and pasting probably won't be very successful in removing the ID (the pieces would probably contain at least one original chunk and enough parity) and may in fact result in revealing multiple IDs which can then be Ring Stinged.

0
0
Charles 9
Silver badge

Re: Digital signature conundrum

"But there's a big flaw in the plan. Watermarking is all very well for streaming, but the bulk of sales are still plastic discs, and the process of mass-production doesn't allow for them to contain unique versions. So as soon as one playback device is compromised, it all falls apart."

BluRay shows a way around this: the ROM-Mark, which is stored in the Burst Cutting Area, the part of the media between the pits and the spindle hole. They can design the plastic media to have two areas: a pressed area and a burned area. The burned area would be processed with a quick technique to slap on a number of keys in some standard way. As for preventing them being read, perhaps they can only be read by a certified device built by a licensed and bonded manufacturer (like with the ROM-Mark devices) which invoked a trusted path technique to be sure the device hasn't been tampered. It's like the article notes: hardware-based tamper-evident roots of trust.

0
0
Charles 9
Silver badge

"Do you think a pixel precise time based watermark will successfully survive the rip, resize and transcode to be able to successfully determine with reasonable certainty which source the transcode comes from?"

The thing about watermarking systems is that they recognize the potential for mangling the watermarks through transcoding, so they go about it in different ways, using the codec system to create various artifacts that can survive transcoding, and many of them are block-based as well as time-based. That's why Cinavia's audio watermarking system is better than most: it's designed to keep its data above the noise floor so that it's more likely to be preserved in transcoding. Most watermarking systems like the Cinavia one also introduce plenty of redundancy, creating multiple gotcha points. The tradeoff for a system this robust is that you can't encode a tremendous amount of data in the stream, but if all you want to encode is identifying information, that's not that big a deal. A robust system spraying the ID information all over the stream, again and again and again in random intervals. It's gonna make for a very hard cleanup job. And you can forget about trying to mix and average two streams. Random intervals means you're more likely to MIX them together rather than destroy them (IOW, they'll be able to tell you used TWO sources in an attempt to mangle the data).

1
0

Snowden's email provider gave crypto keys to FBI – on paper printouts

Charles 9
Silver badge

Re: They'll get around it, next time...

They DO have one big thing going for them: they know the terrain, and knowledge of terrain can be a great equalizer in an asymmetric war. Vietnam, Iraq, and so on have used knowledge of terrain to their advantage.

0
0

NSA justifies hacking world's digital communications

Charles 9
Silver badge

"Actually, it raises an earlier question. "Are they lying in order to keep their well-paid jobs?"

And that's not a hard question to answer at all...."

That just raises the hard question right back: Are selfish toadies the inevitable result of our system because they're willing to do immoral things? If so, like I said, the cutthroat competition will progress and we'll inevitably slide towards autocracy (one winner) or anarchy (no winner).

0
0
Charles 9
Silver badge

A new stock phrase will enter the lexicon.

Just as "We can neither confirm nor deny" entered the common vernacular, I think we can safely say the next such phrase to join it will be, "By this statement, we the owners and operators of this site hereby swear that we not under the active investigation, cooperation, or influence of any government agency."

PS. Wonder how long before they amend perjury laws to make it both legal and mandatory to lie under oath to conceal matters of national security.

0
0

Three BILLION people now potential nodes for the transfer of cat videos

Charles 9
Silver badge
Trollface

Re: IPV6 IPV4

That's probably because 2 billion of them are sharing only a handful of addresses. Ah, the marvels of NAT... (Pardon, using Troll as best substitute for Sarcasm Mode).

1
0

NSA using Firefox flaw to snoop on Tor users

Charles 9
Silver badge

Re: Pinning the activity record to a persona

You're not paranoid enough.

"As regards 2, why can I still walk into PC World and buy a t-mobile mobile internet dongle for £10 cash then put credit on it using cash with the payment card enclosed in any newsagent? If I use that with new hardware (no previous network use) you don't know who I am. And can't."

Oh heck YEAH I can. The phone can track its general location from the network masts it accesses (you can't avoid that; it's part of the system), and if your phone has a GPS receiver, that'll nail you down to within a meter. Now just pass by SOME camera that's either posting to the Internet at large or is accessible to the plods and BANG: face linked to a space-time stamp. More than a few crooks have been nailed by that kind of link (if not cell phones, then ATM records or the like). And good luck avoiding the cameras. Like I said, they don't have to be owned by the government for them to be able to access them. That includes things like cell phone cameras and store surveillance systems. Big Brother's got plenty of buddies.

0
0
Charles 9
Silver badge
Joke

Re: Miss Information

"I am in scandinavia and lo, something called "SwedishNSA" appears to be a participant in my part of the network."

Credits to milos that's a joke name. Given my very limited understanding of Swedish, the appropriate initialism for what would be Sweden's national security agency (if any) would be a different arrangement altogether.

0
0
Charles 9
Silver badge

Re: If it pisses off the Spooks

"Are there particular jurisdictions where you could host an exit node with less concern about the potential legal blowback?"

I don't really see any. The exit node problem is basically the same as the "trusted storage" problem: the authorities there can get access to the data in either case, and if it is against their law, BOBHIC.

In such a case, DTA seems to be the operative procedure. Anything that's friendly to the west is likely friendly to the US, which means friendly to the NSA. Out of what's left, you have (1) regimes even more oppressive or domineering like China and North Korea, (2) countries that, while not oppressive, still have their own rules you probably wouldn't like, or (3) countries whose internet is basically too weak to use.

0
0

Thorium and inefficient solar power? That's good enough for me

Charles 9
Silver badge

Re: Commercial fusion may not be as far away as you think

"Tritium has to be manufactured in fission reactors by exposing deuterium to neutrons."

Actually, another way to get tritium is to bombard lithium-6 with neutrons. You usually end up breaking it into tritium and stable helium-4, plus a decent amount of energy to boot. That's why many countries are keeping tabs on lithium supplies.

0
0

Valve uncloaks prototype Steam Machine console specs

Charles 9
Silver badge

Re: Not so big a snag.

Then you forgot how much a 3DO system COST in those days. THAT was what killed the 3DO and the Apple Bandai Pippin. Both were going some $500 when the original PlayStation was capped at $300, and neither one could justify the added expense (Sony could undercut because they had some vertical integration, much as Commodore did in its heyday).

But these days, barring the extreme high end, a PC costs pretty much the same for a given spec: perhaps a tad more if it's prebuilt.

0
0

Forums