Feeds

* Posts by Charles 9

3813 posts • joined 10 Jun 2009

LG taps TSMC to bake its first-ever mobile chip

Charles 9
Silver badge

Must be the frequencies.

If the G3 Screen is limited to Korean markets, it's likely the LTE in it is geared for the rather odd Korean frequencies.

0
0

Ad-borne Cryptowall ransomware is set to claim FRESH VICTIMS

Charles 9
Silver badge

Re: VM for fun and profit?

"Redpill" comes from the Matrix universe. In the Matrix, most humans are lulled into believing the world they're in is real, but it's not. People who were scouted and took a "red pill" eventually were disconnected from the Matrix and exposed to the real world. Someone a few years ago proposed a malware which would transparently wrap the existing OS into a virtual machine which was then controlled by a hypervisor in the malware. Thus the reverse was also conceived: a malware that could detect the presence of a VM and, knowing this, found a way to break out into the hypervisor. Such a malware that could do that can be termed a "redpill," similar to the Matrix scenario.

1
0
Charles 9
Silver badge

Re: VM for fun and profit?

Until the malware starts packing a redpill exploit...

2
0
Charles 9
Silver badge

Re: AdBlocker / NoScript

Careful with the VM. Some malware's smart enough to detect this and use an exploit to redpill its way out to the metal. As for known, trusted sites, the problem is that the malware targets ad networks USED by known, trusted sites. That's the key to a drive-by attack; they target sideloads used by otherwise-popular sites. Ideally, they want to use an ad system that's part and parcel with some key part of the site, making it practically unavoidable.

0
0
Charles 9
Silver badge

Re: AdBlocker / NoScript

Only if the ad is not of a domain that's required for the site to run. If the ad's domain happens to coincide with a part of the site that's required for operation (not unheard of), then you're caught between Scylla and Charybdis. The only way to get proper site operation is to open yourself up to that drive-by.

0
0

This Changes Everything? OH Naomi Klein, NO

Charles 9
Silver badge

Re: About that self-professed rational liberalism

"There is no economic gain to be derived by increasing the number of widgets produced. More widgets might not all sell. Their price might tank, and that will eat into profits. Maintaining the same production levels while cutting production costs to a minimum is guaranteed to increase profits."

Actually, there's a fatal flaw in this statement. It forgets to account for one key element: the consumers. In order to buy things, consumers need money, and that more often then now comes from employment. But if you shortchange workers, you end up with items out of their affordability range. IOW, you torpedo your own market. That's one reason henry Ford always paid generously: to make sure he had customers for his products.

1
2

Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know

Charles 9
Silver badge

Re: Much as I appreciate using drones for recognizance...

"Where it will get really interesting is when the solider is removed entirely, and a decent AI is left to control the drones and select or recognise the targets. That will trully reduce the cost of asymmetric warfare, and could be the beginning of the end for the cowardly brand of terrorism currently afflicting the world."

Then what happens when the terrorists get their hands on them?

0
0
Charles 9
Silver badge

Re: Some interesting possibilities here...

"5) I'm not sure about this one, but probably millions of people, if the location of the Amazon distribution center nearest to me in Netherlands is any indication."

IINM, the testbed for the concept is going to be New York City. 10 million people alone plus whoever is within reach in the suburbs on Long Island and New Jersey. Not to mention a ground traffic problem that makes aerial courier a more-financially-tempting option.

0
0
Charles 9
Silver badge

The term was coined before the advent of electricity. The more proper term these days is "over-unity," which accounts for non-mechanical "perpetual" concepts.

0
0

'George Orwell was an OPTIMIST. Show me a search history, I'll show you a perv or a crook'

Charles 9
Silver badge

"If someone's search history contains <insert comically-named skin flick here> then it would nice if that wasn't considered embarrassing so much as private and even more so if it wasn't considered perverted so much as normal."

Remember that the very concept of personal privacy is a relatively new thing: probably no older than about a century and a half for the ordinary joe. Basically, the smaller the community or the larger the reach of its people, the less one's privacy can be guaranteed. Privacy increased with the rise of cities that created a screen of other people and such, but with the increase of electronic communications, particularly those of an audio-visual nature, that privacy has dropped drastically. We're rapidly becoming the Global Village, and I don't mean that in a good way.

1
0
Charles 9
Silver badge

For the person whose history he or she submits. He's saying if he knows your search history, he can find skeletons in your closet.

1
0
Charles 9
Silver badge

Re: Why does Microsoft want people to stop talking about Windows?

Surprised a video ad from a seller of actual (physical) windows didn't get wiped and the company suing Microsoft for harming their business by wiping out their ad hits.

1
0

Trips to Mars may be OFF: The SUN has changed in a way we've NEVER SEEN

Charles 9
Silver badge

Even if they were past the prototype stages, VASMIR is not launch-capable, so you still need a way to get it up into orbit. Right now, the hope is to fit a VASMIR to the ISS, giving it an easier time with course corrections while putting the engine through some space trials.

0
0
Charles 9
Silver badge

Re: Ongoing project already underway to provide a lightweight shield

Nice thought, but cosmic radiation is a whole other kettle of fish. They're the top end of the EM scale for a reason. We already know they've been able to penetrate the Earth's magnetosphere (which is already bigger than anything we'd probably be able to generate), atmosphere, AND a mountain.

0
0
Charles 9
Silver badge

Re: Or you could use a small asteroid.

Not gonna do much good. Cosmic rays are SO energetic they've been detected under a gol-dang mountain, with all of Earth's atmosphere in between.

0
0

How the FLAC do I tell MP3s from lossless audio?

Charles 9
Silver badge

Re: I won't even mention Quiet Comfort...

I've never been partial to overpriced Bose equipment. I find less expensive alternatives. And while they won't completely cancel out background noise, they do make a nice difference in a noisy environment like inside a conveyance. I personally keep a pair for air travel.

0
0

Guns don't scare people, hackers do: Americans fear identity theft more than shooting sprees

Charles 9
Silver badge

Re: The media strikes again!

Perhaps another reason is that identity theft is perceived as a fate worse than death. Shot to death, you're dead, game over. Identity is stolen, all that belongs to you is at risk, yet you're still alive to suffer all the consequences. Many would see living in helplessness as being worse than death.

5
1

In dot we trust: If you keep to this 124-page security rulebook, you can own yourname.trust

Charles 9
Silver badge

Re: The rest of the story

The problem with the scenario is that, in spite of all the safeguards in place, a Trent is still needed. Thing is, as we've seen, Gene and Mallory have gotten smart and are now starting to target Trent in an attempt to subvert or impersonate Trent (think dodgy CAs). The bigger he is, the bigger the target is on his back.

0
0
Charles 9
Silver badge

Re: Trust?

But it's also essential to a safe Internet. Without Trent, how can Alice and Bob prove their identities if they've never met before?

2
0

The internet just BROKE under its own weight – we explain how

Charles 9
Silver badge

Re: ipv6-literal.net not reserved.

Ever thought that it's both? That Microsoft is the cyber-squatter in question and that they did this so they can't be accused of breaking Internet conventions by internally routing an otherwise-fair-game domain (it's quite all right if they own it)?

0
0
Charles 9
Silver badge

Re: It's happening, get over it

"My phone is on carrier grade NAT when it is on the telco network. Everything I have done over phone (tether) works fine whether it is the likes of SSL or IPSec VPNs, skype, and everything else. No issues."

Sounds like you're MAKING the connections in this case, plus Skype has a Trent to help it. But what about if you have to operate a deamon behind a carrier-grade NAT. Even worse, what if both you and the target party are behind a NAT (or worse, carrier-grade NAT, meaning neither you nor your destination have a uniquely-addressable point to refer to. There's physically no way to achieve that without a third party (a Trent) that both of you can reach, which has safety implications of its own (Is Trent really Trent?).

0
0

City council thinks what we're all thinking: 'Comcast is terrible – and NOT welcome here'

Charles 9
Silver badge

Re: From the banks of the Thames River in (New) London

I suspect there will always be debate on both sides of the Atlantic when it comes to pronunciation. The best way to note it is that British English is more traditional but rather inconsistent whereas American English is generally more structured but as result things change.

I came to realize this when I had to pause for a moment to realize what was being described in a "gaol" and why I didn't recognize the pronunciations of words like Cheswick and Worcestershire, among other things (I describe it best as a lot of contraction, so much that it can confuse Americans).

0
0
Charles 9
Silver badge

American, given Comcast has no UK presence. The merger is also of American firms.

3
0

Hey, iPhone 6 fanbois: Apple's bonk to 'Pay' app IS GO

Charles 9
Silver badge

Re: Anybody here use Google Wallet before?

Uptake's been a touch slow for two reasons:

1) Supported phones were pretty low at first. Due to card company recalcitrance, you not only needed the right phone but the right network, too, which kinda sucked. When the S4 came out, card companies allowed it because of the Secure Element, but Google managed to leverage more leeway bit by bit. When Android 4.4 came out and Host Card Emulation, the number of supported devices jumped since the implementation was now independent of network or the Secure Element. More or less, if a device had a compatible NFC unit and could run 4.4, it could now support Wallet (shame it can't be backported; there are more NFC-enabled Android devices you could support if you could).

2) Retailers have started getting a touch wary about contactless payments. Fears of data skimming and hacking have them wondering if they should be covering their butts. Combined with the slow uptake, some places that once accepted contactless are now dropping it.

0
0
Charles 9
Silver badge

Re: I'm baffled...

"A genuine question; does anyone know if 'drive by' skimming is possible with credit/debit card based NFC? As in scammer with handheld NFC reader walks down a crowded street fishing for close proximity with a card in a wallet or handbag. Or is conventional skimming merely limited to lifting the data on the mag stripe for later use in a country that still uses them - i.e. the scammer isn't actually processing payments, so the same would apply to 'NFC skimming'?"

NFC's a bit more complicated than that. There has to be an exchange between the originator and the device. The originator has to send a signal that indicates it's a point of sale in order for a transaction to take place (if it's a tag type instead, something else happens). From what I understand, the card number used for this system is strictly for contactless and can't be used for other purposes. Furthermore, there's supposed to be some kind of nonce that's sent to the clearinghose to prevent replay attacks.

As a further safety measure, the NFC unit of most phones is inactive when the phone's asleep or locked, meaning the user has to wake up and/or unlock the phone for a transaction to take place.

1
0
Charles 9
Silver badge

Re: I'm baffled...

"Don't forget that, as far as I'm aware, the US doesn't have chip and pin, so it's miles above what they have over there."

Not YET. Transition is in progress and will probably take about a year or two.

0
0
Charles 9
Silver badge

Re: POS upgrades?

"Apple Pay uses a Secure Element to store the card details, not Host Card Emulation (which is, essentially, a software only version of Secure Element)."

Do we have confirmation of this? From past experience using the Galaxy S4 and so on, Secure Elements can be finicky and more trouble than they're worth (if the transaction chain breaks due to a reset or whatever, the Secure Element can't be reset easily). That's one reason Android 4.4 added Host Card Emulation so that it (1) wouldn't be necessary and (2) would be easier to fix should something go wrong. Since HCE is now the norm on Android, why would Apple stick to the SE?

0
0
Charles 9
Silver badge

Re: POS upgrades?

If Apple Pay is using Host Card Emulation, then it shouldn't be an issue. Google Wallet for Android versions 4.4 and up uses Host Card Emulation and will work fine at any terminal set up to accept the contactless card systems of the big boys (Visa, MasterCard, Discover, and American Express all have their own names for it but they're essentially the same). A Secure Element is not required on the phone to use Host Card Emulation, reducing the hardware requirements, and this may have been what's tipped Apple over the edge regarding NFC support.

I will concur that the number of places that accept contactless payments shrank recently as some places saw it as either a fading fad or a liability. Walmart as I understand has been steadfastly against the idea because they want more control over payment data. Neither Walmart, K-Mart, nor Target support contactless. Best Buy does but only to a limited extent. 7-Eleven, Wawa, and Burger King have all withdrawn support. So basically, Your Mileage May Vary.

1
0

Boffins say they've got Lithium batteries the wrong way around

Charles 9
Silver badge

Re: RE: nitroglycerine.

"Metalic Lithium contains both an oxidiser and an oxidant? Allowing it to release energy without using an external oxidiser like 'air'?"

Actually, yes. It is capable of producing what's called a self-oxidizing fire. Certain other metals like magnesium have the same properties, as does thermite by design. Plainly put, asphyxiants don't work on them which is why they can burn even in oxygen-poor environments like underwater or even in vacuum.

0
0

Apple's new iPADS have begun the WAR that will OVERTURN the NETWORK WORLD

Charles 9
Silver badge

Re: Except that the article has got it entirely wrong

I would be more inclined to accept a SIM-less device if the switching mechanism was outside the control of the manufacturer. If what you say is true and the "soft SIM" is really a programmable SIM, then this might inspire third parties if they can ink MVNO deals with the primary carriers and so on.

0
0
Charles 9
Silver badge

Re: Inevitable Convergence

I'll be worried when these phones start penetrating Faraday cages. If people are paranoid about always-listening phones, they'll throw them into Faraday bags at night.

0
0

FBI boss: We don't want a backdoor, we want the front door to phones

Charles 9
Silver badge

Re: Pencils

"And clothes - people can use them to conceal weapons."

Forget clothes. At this stage, we'll have to ban the human body. Recall that a few years ago someone managed to hide and detonate a bomb concealed...let's just say where the sun don't shine.

Let's face it. We're almost to the point where one person can ruin the world. Which means no government will trust its citizens since just one could be the one that destroys them. The operative phrase is rapidly becoming, "Don't trust anyone."

0
0
Charles 9
Silver badge

Re: Founding fathers?

Four words: Ink On A Page...

0
0

MasterCard adds fingerprint scanner to credit cards for spending sans the PIN

Charles 9
Silver badge

Re: The law suits...

Because you can't trust the PIN pad not being switched out or otherwise tampered with?

1
0

Aboard the GOOD SHIP LOLLIPOP, there's a Mobe and a Slab and a TELLYBOX

Charles 9
Silver badge

"USB OTG and a memory stick?"

Not an option since using OTG blocks charging, and since using OTG puts additional load on the battery, this is one place where it's NICE to be plugged in, only you can't.

I also insist on removable batteries. Not only is it a safety feature in case the battery becomes faulty or a pull is needed to reset a device, but it allows for aftermarket upgrading if you don't care about bulk like I do.

0
0
Charles 9
Silver badge

Re: Inexpensive?

Compared to an iPhone 6, especially one fully loaded, yes.

3
2

Bad news, fandroids: He who controls the IPC tool, controls the DROID

Charles 9
Silver badge

Re: Where is Binder?

Binder is part of the base OS. It's the thing that handles what Android calls Intents. The Intents are IPC messages that say you want to do such and such. They're also what prompt you to pick a program to handle things like Market links, SMS messages, and so on unless you set a default. What the article is claiming is that something can hijack the intent chain so as to call up system-level functions and use them to hack the device.

Honest question: Can this hijack occur with just a URI or does it require some kind of app installation to perform?

PS. It may interest you to know that Binder is an inherited thing. It comes from OpenBinder which was in turn originally developed for BeOS (now that brings back memories).

0
0

Forget passwords, let's use SELFIES, says Obama's cyber tsar

Charles 9
Silver badge

Re: Cut'n'paste

Point is the camera can detect things not normally visible to the naked eye, and these camera CAN and DO capture infrared since they can see the infrared emitted from remote controls and the like. Removing the IR either takes a filter layer or software post-processing.

The point being that while one biometric can be fooled, if the system can simultaneously check for several different biometrics (check for a pulse, moving eyes in the right color, breath, voiceprinting, et al) as well as create dynamic tests that thwart preimaging (asking for a blink, an answer to a simple generated question, etc), then it should be possible to take "faking it" past the practical limit for most adversaries. And you might be able to deal with the gun-to-the-head scenario (which will exist regardless) with a duress sequence: one that not only alerts authorities but also releases traceable dummy data, making it seem you're letting them in.

0
0
Charles 9
Silver badge

Re: Cut'n'paste

That's one reason I suggested checking both for image and for infrared pulse (something phone cams can already do). Two simultaneous checks which when combined can be trickier to defeat. Since humans can't see infrared naturally, you can make it so that it's difficult to fake a face pulse, especially if it's taking a full infrared image that wouldn't be readily fooled by LEDs (which would emit hot spots). Combine this with a motion-based match (make the subject randomly wink or blink or open the mouth--this would stop the photograph--as well as check for the actual pulse to thwart steady-state infrared emitters) and you can get something that has a decent expectation of an actual, live face.

0
0
Charles 9
Silver badge

Re: Cut'n'paste

Pretty simple to fake an infrared face pulse while still fooling a selfie cam lock? Kindly demonstrate...

0
0
Charles 9
Silver badge

Re: Cut'n'paste

Those same cameras can also detect infrared, which is why camera heart rate monitors work (perhaps not too accurately, but interesting nonetheless). If the face checker also checks for a facial pulse (which a paper mask would likely obstruct), then it would be more difficult to fake.

1
2

Samsung: Thought your PIPE was FAT? Check our 4.6 GIGABIT WiFi

Charles 9
Silver badge

Re: Not for Fanbois.

"Europe is not so bad if you consider it a nation."

It's still considerably denser than the US. Key cities in Europe tend to be more evenly distributed. The geopolitical structure of Europe not only helps this but also affects the economics of wiring up, since each country only has to deal with its respective areas and don't necessarily have to agree with the neighbors.

I'd be very interested in an Internet distribution map of countries like Canada, China, and Russia (these are single countries comparable to the US in land mass). Based on what I've read so far, though, they too have their faults: particularly lopsidedness.

0
0
Charles 9
Silver badge

Re: Not for Fanbois.

"Looking at that the other way around: I live is a city-(non)state far smaller than Illinois though with a goodly fraction of the same population. (It's called London). Why can't I have gigabit networking to my house for UD$20/month?"

Simple. You live in an OLD city. South Korea's infrastructure is pretty modern: its age measured in decades, while good old London has infrastructure dating back centuries (yes, some of it got bombed and subject to fires, but a lot of the stuff, especially underground, survived). And if there's one thing New York and London have in common, it's that it's hard putting up new infrastructure when old stuff's in the way.

Put simply. Infrastructure is much easier to install in a new city (or one forced to rebuild due to war or disaster) than in an old city.

0
0
Charles 9
Silver badge

Re: Not for Fanbois.

"Probably relevant: broadband in South Korea is way ahead of the rest of the world."

Probably also relevant: South Korea is SMALL, about the size of the US state of Illinois. Meanwhile, Japan's about the size of California. Geography matters when it comes to wiring up: the smaller, the easier. Not to mention the US has tons of rural area between its two coasts. Between that, the mountains, big rivers, etc. I'd call it a small miracle we can do high-speed links from coast to coast. Know any other nation comparable in size to the US that's doing better across the board?

2
1

Windows 10: Forget Cloudobile, put Security and Privacy First

Charles 9
Silver badge

Re: Proprietarty

As a number of exploits recently have shown, this trust issue is not limited to proprietary software, since we as humans lack the ability to be eternally vigilant in everything we do; otherwise, we'd never trust anyone and nothing would get done. Makes you wonder if you wake up tomorrow and realize you and everyone else in the world is essentially living under the Sword of Damocles.

2
0
Charles 9
Silver badge

Re: What would happen if

It's probably also SSL/TLS encrypted and uses the same channels as the update system, meaning breaking the spyware also breaks your update system, leaving you open to malware attack.

Kinda like the only way to keep your home safe from intruders is to keep a vicious human-aggressive dog on the premises. Keeps the intruders away, yes, but also likely to bite you, and it's not like you have much in the way of alternatives. The ruffians are already notorious for kicking doors and bashing windows, and the ones that still resist, they torch.

2
0

Cops and spies should blame THEMSELVES for smartphone crypto 'problem' - Hyppönen

Charles 9
Silver badge

Re: What Freaks Me Out...

Using them for everything won't work. The state has the resources to keep a quantum computer in a black project, store everything since the advent of the PC, and probably even be working on a way to break lattice and other post-quantum encryption. And you can't stop them OR convince them to stop since EVERY state and state leader behaves like Damocles: as if under perpetual existential threat. Under such an environment, NOTHING is taboo since the one that can destroy you can come from ANYWHERE at ANYTIME.

0
2
Charles 9
Silver badge

Re: 2-part security?

How does remote wipe work if the phone is kept in a Faraday bag and only removed when in a Faraday cage?

0
0

Red Bull does NOT give you wings, $13.5m lawsuit says so

Charles 9
Silver badge

Re: Almost did to me...

Maybe not Red Bull, but in the US there have been some cases where a caffeine/alcohol combination was at least partially to blame for a number of deaths: mostly from the consumption of Jagerbombs or those tall cans of alcohol+caffeine like Four Loko. They knew it was a factor because the conflicting buzzes meant the body couldn't warn the drinker they were overdoing it. Hard to deal with the Jagerbombs since they're mixed on site, but they basically told the Four Loko and the like to ease up on the caffeine so that drinkers can at least get some kind of warning buzz.

1
1
Charles 9
Silver badge

"Reg I was expecting better. Stop emulating the daily mail and consider presenting facts sometimes."

Hey, it pulled you to the article. Tabloid headlines are like that for a purpose: human nature draws us to extremes. It's called "sensationalism." The mundane "Red Bull Sued for False Advertising" simply wouldn't draw as many clicks.

2
6