Re: The end of piracy again!
Most people avoid TPB these days because it's ad-ridden (meaning potentially malware-ridden.).
8586 posts • joined 10 Jun 2009
Most people avoid TPB these days because it's ad-ridden (meaning potentially malware-ridden.).
Problem is Big Content has the stupid on their side. As long as the stupid continue to buy movie tickets and so on, they'll have a guaranteed revenue stream, meaning infinite money to attack squeaky nails.
"There is really no reason to start with junk servers unless you need to prove the concept before you get the funding you need to do it right."
As noted in the article. These things usually get thrown up for third-string stuff that was just handy to have and tend to grow organically into the organization.
Now, gradual flash chip failure is actually pretty easy to detect and then negotiate (lock the drive to read-only, copy what you can to a new unit, use recovery tools for the rest if needed). But IINM Flash SSDs also suffer from a higher-than-normal rate of controller failures, and controller failures are sudden catastrophic failures: fine one moment, hard-bricked the next, so these need to be taken into consideration as well.
That may affect rust, but I think solid-state will have a big edge in that regard given I doubt we've hit top end on solid-state bus speeds, which in turn will cut the rebuild times and thus the margins of error.
"...but we are going to collide with limits sooner rather than later."
What kind of hard limits do you think we'll hit given that rust capacity has managed to continue climbing in spite of scares while solid-state capacity is still growing and still has several big shifts left in the tank?
But what if the malcontents have a Red Pill that can jailbreak them out of the guest OS into the host?
"I wonder if I should let on that I've got sites like TV & Ammyy listed in my HOSTS file & therefore can't access them from this computer at all?"
NO! Don't! Then they'll know what's up and go to Plan B: a relay that WOULDN'T be on your blacklist because you never heard of it until now.
Think Prohibition. Ornerous laws can become unenforceable if enough people balk on them. Think the black market and why AK-47s still come into the country. Demand draws supply through hook or crook. Meaning the law can ring hollow.
But can you think of one better?
But what's to stop the foundry from being doubled?
But centralization is NATURAL, part of the human condition, and therefore inevitable. Put it this way. The Gilded Age got that way not because governments coddled big businesses but the other way around, because businesses got SO big they could stand OVER the governments and dictate terms or simply buy the governments out. Same today with transnational businesses like big oil. Why don't governments strip big oil subsidies? Because big oil threatens to pull out and take their revenues with them to other, more "friendly" countries. That brings up a turn of phrase: Better 10% of something than 100% of nothing.
PS. As for regulation that WORKED, what about the US taking over the rail network during World War I and standardizing the rail gauges and so on, such that when World War II came around, they found they didn't have to do anything else to get the rail companies on board the war effort that time around?
Spectrum, however, is a limited resource, with an absolute limit to its utility (Nyquist’s theorem). This puts the onus on the State to regulate it to ensure it's being used to best improve the lot of the people (under capitalism, there can be incentive to hoard, wait out the competition, and then monopolize).
Infrastructure is a huge upfront cost while the RoI is iffy. "Extra infrastructure" doesn't really sell with customers, especially at the consumer end, plus the competition can weasel their way to stay competitive with those who actually plunk down. Unless there is an absolute truth in advertising law, that won't change.
Since so many people are getting skilled with channel-surfing, they synchronize breaks so that no matter which channel you turn, you see a commercial. Meanwhile, inline ads are the last bastion: embedded right into the broadcast, part and parcel and inseparable, forcing you into the ultimate "Take It or Leave It" situation: ads and all or not at all. Not even hidebound traditionalist events like Test Cricket are immune (sure the uniforms are clean, but you can't say that about the field). And since the sports themselves need the ad revenues to keep things going (otherwise they have to raise ticket prices beyond the tolerance point), you start to wonder how it will all end...
"illegally inspecting my PC"
It's not illegal. It's entirely possible to detect ad-blockers completely server-side simply by seeing if the ad videos get called up or not. If they won't let you see the video without requiring the ad be served first, that's basically your problem as they've made the ad the price of admission. It's done with their equipment so their rules apply, and it's all legal. You either bend over, hope and pray for something like a torrent (and the networks know about it and can send out fake torrents), or just go without that episode.
"It's actually illegal to probe my system for plugins. Against the law. Yet you think it is acceptable."
One, under what law?
And two, what's to stop a server from detecting a blocker by, you know, noticing you're not calling up ads? That's entirely server-side and impossible to ban without stepping on Constitutional toes.
"I'm stopping making music, I'm giving up computers and I'm disconnecting off the net."
Then why are you still here?
"On the TV Ads that show up before a video, I mute the sound and minimize the window for however long the ad runs and then I restart the video."
You just watch. Next thing you'll know they'll detect the ad is not visible and PAUSE it as long as it's covered, only restarting it when you switch back.
After that, it'll be ads for things for which there is no alternative (the market is captive), meaning the only option is to go without, which may involve Walking on the Sun...
"If I see an advert for product X, then when I want to but something in that product category, Product X is removed from the list of possible suppliers."
So what do you do when it's the ONLY supplier? Or when ALL the possible suppliers display ads? Do you go without?
Odd. Most people in search of stuff like that tend to search in other channels such as Rule 34 sites and sites that specialize in adult and underground anime (since Pokemon is is Japanese in origin so gets grouped with anime).
"Disturbingly, Pika-porn (poke-porn) has existed for a lot longer the current go-poke-fad."
Longer than even pony-porn IIRC. Just remember Rule 34, and Pokemon has been around for nearly 20 years.
You better also use home-built hardware as well that has guaranteed verifiable traces and so on, lest we forget the State is interested in subverting communications at the hardware level, beyond any userland level of detection, prevention, or intervention.
But if you "Deny by default" then YOU dictate the pace of the Internet in your area, meaning it can never be faster than the pace YOU can inspect it.
"then all we do is use a different encryption wrapper so that the plain text part of the handshake looks different."
They then use DPI to detect if it's genuine or not and whitewash anything that can potentially not be kosher such as text, images, sound, and videos.
Not even with a whitelist and whitewashing of unencrypted data?
No, as long as they're in power, they can be influenced, usually under the table. It's simply part of the human condition. No matter what kind of power structure you put up, SOMEONE's going to find a way to corrupt it. Removing people from the direct influence of the people means it's easier to influence them on the sly, but making them MORE direct means the charismatic can dictate policy by appealing to the stupid.
"If they ban end to end encryption (or enforce backdooring which is the same thing as it isn't end to end encryption if it doesn't work) then they are banning the commercial use of the internet."
And you think the people in charge consider this a BAD thing? The less power the plods possess, the easier it is to control them.
And they can do that. That's what the whitelist does: block off the Internet except for the stuff THEY deem worthy. If they try to create extranets, there will likely be tells.
I doubt these pluggable transports can make tor information look perfectly like other packets. Next step is that the Chinese perform DPI of all random-looking traffic to see if they're real packets or covers. If they learn how to transcode transport packets, they can then mangle the streams to block inline stego, and so on.
Whoever controls the networks carries the advantage of the Big Brother perspective. They can whitelist and restrict the whitelist even more as they learn more.
Unless they just ban encryption altogether. It's actually pretty difficult to make encryption non-obvious, especially if you monitor potential side channels and whitewash them.
But then all they'll have to do is detect its probable use and demand whitewashing of plaintext and mangling of images, video, and sound to stunt stego.
"Amortisation is the practice of reducing the value of assets to reflect their reduced worth over time."
No, that's depreciation.
Amortization is the practice of smoothing out financial shocks (such as a large one-off like a capital investment) over time by splitting the large single payment over the expected useful life of the investment. It's still been paid for, but by spreading the cost in the books, it helps provide a better long-term view of its impact on the business (of course, if something happens to cause a write-off, the balance has to be immediately applied).
"Can't we just put the stupid package to permanent death already."
Not as long as there are very expensive pieces of kit that require Flash to operate. Since the costs are sunk and being actively amortized, they cannot be replaced. Since they already exist, they cannot be forced to be replaced by legal means (because they're currently legal, they can't be made illegal retroactively).
So IOW, SUAUI (Shut Up And Use It).
"Well, I mean, nearly everyone has a phone everywhere. But we *don't* generally walk around with it unlocked and the banking app loaded."
It's not that hard. You just turn it on while you're in line or as you make your approach.
"1) take card from wallet
2) tap card"
1) Take card from wallet.
2) Tap card, but pad refuses to read. Try again, doesn't work.
3) Say sod this and swipe, only to remember it's a Chip card.
4) Try to insert the Chip, but it's broken.
5) Call the whole thing off.
1) Take card from wallet.
2) Tap card, but find out the NFC reader's turned off.
Plus, consider many people don't like to carry their wallets around (for fear of identity theft) or have no way to (because their clothes have no pockets) but they still have ways to carry their phone (like on a clip).
Well, the app may still be useful for people who have trouble following signs or can't read the native language or English.
"A QR code is a QR code is a QR code, there's nothing physically preventing you displaying somebody else's QR code..."
Except each QR Code is probably only good ONCE since it's probably salted with a One-Time Password.
What's the common unit for this chart?
And how about you compare them to their median cost of living as well, since where you are can determine how far you can stretch your cash.
So what happens when you have a terrible memory and keep forgetting your phone?
It may be inconvenient for YOU, but for many people biometrics is the ONLY thing guaranteed to be on their person. You can't rely on what they KNOW (for they may not have a good enough memory to KNOW anything) OR what they HAVE (for they may not have anything on their person), so what choice do you have?
You don't have to stop them altogether. Just alter them enough so they change into one the system doesn't recognize since fingerprints are epigenetic. Alter them too much and it's like busting an error code: something else comes out instead. People who receive finger lacerations seem to experience this. Perhaps medical science can find a way that isn't so painful.
Well, think of it this way. Too many people have bad enough memories that they can't remember PINs or passwords, even if their lives depended on it. Plus they tend to LOSE things. What do you do when you can't KNOW anything and sometimes don't HAVE anything?
PS. If you read the article thoroughly, it seems they only want the biometric to be part of a multi-pronged approach, which might help to mitigate the stolen biometric bit.
PPS. As for changing fingerprints, what about acid etching?
"But not this important! I mean, they're backups, for Bob's sake! Of your actual data you actually need to run. Only to be needed -- and usually found not up-to-date/functional -- when the live copy fails."
The thing is, the people demanding the backups belong to the insurance company. Basically, they're not going to pony up for "being bloody stupid," and not having a viable backup to them is considered "being bloody stupid," since live data crashing without a backup basically means you're screwed.
But isn't one issue with older hardware is that they're inefficient when it comes to power consumption? And you're talking a world where electricity may not be a given.
Such a world would be better suited for power-sipping ARM-based units which are also more compact and could even be powered by batteries.
Because of errata that would've been corrected in the 64-bit chips but can cause serious trouble on the originals (think the "f0 0f" bug).
Except HP could employ a "divide and conquer" strategy and swamp each individual case with so much red tape it'll either make the litigant give up, make the lawyers (if they're on contingency) give up, or make the victory pyrrhic.
"The obvious solution is to lower your attack surface. Make it hard for the user to install software from random sources, make sure you always use a minimal amount of code so you minimize the chance of getting compromised via a bug... and so on. You know, normal best practices security."
But that doesn't work well against the average user (who BTW can't be educated). How do you deal with people unwilling and unable to protect themselves (and by extension, everyone around them)?
"Speaking as someone who has been called upon to fix friend's PCs, I sometime think it would be nice if every consumer PC sold came with external HDDs and an image back up system by default. :)"
Two problems with that approach.
One, sleeper infections exist that stay quiet for a while so as to get themselves INTO backups, meaning restoring the backup just gets you infected again (since you probably won't know which files contain the payload and a smart one will hide in multiple locations, including WITHIN legitimate programs).
Two, you overestimate the intelligence of the average computer user. Given an external hard drive, they'll probably find some way to break or usurp it. Didn't the late Terry Pratchett write once that if there was an End of the World button, the paint wouldn't even have time to dry?
"There is practically zero cost in the free sharing of smarter sophisticated intellectual property between developers and/or across live open source platforms which creates software of advanced nature."
Two words: trade secrets.
"Anyone who wants their control network to survive a determined attack. "
Then they get overridden by the board, who have to answer to the investors.
"High profile attacks like Talktalk and others have highlighted the need to do a thorough job of securing things to a wider audience given the beancounters saved them a small sum skimping on security only to find significant amounts of value wiped off shortly after the attacks."
And then the public forgets them next week, guaranteed. Meanwhile, the other investors will simply go, "Glad it wasn't me." Unless we see a board overthrow BEFORE a breach hits, I don't think the investors really care.
"Must be a day with a 'y' in the name."
Well, for someone living in a Spanish-speaking country, such a day doesn't exist. NONE of the weekdays have a 'y' in Spanish. Even the Spanish word for day (dia) doesn't have a y in it.