* Posts by Charles 9

7128 posts • joined 10 Jun 2009

Latest Androids have 'god mode' hack hole, thanks to Qualcomm

Charles 9
Silver badge

Last I heard, it won't make the August patch cycle because it was submitted too late. Meaning September at the earliest.

1
0

US Politicians tell DEF CON it'll take Congress ages to sort out how to regulate crypto

Charles 9
Silver badge

Re: Hopeless

"You are missing the point - we don't generally need "unbreakable" encryption, just hard enough to make mass surveillance impossibly expensive, and difficult enough so that targeted use has to be prioritised to serious crime."

But the thing is encryption is in the end useless because we can't decrypt the stuff in our brains (if we did, we'd be in Ghost in the Shell territory). And since the stuff MUST be decrypted at some point to use, the plods will simply target points "outside the envelope".

0
1

Broken BitBank Bitfinex shaves 36% from all accounts

Charles 9
Silver badge

Re: I wonder

In which case it's a lost cause as it's proof people CAN'T learn. Twice stung indicates stinging doesn't make them learn.

0
0
Charles 9
Silver badge

Re: I wonder

It could've been worse. There were plenty who lost all their assets when Mt. Gox crashed. And this one could've easily just shut all their doors, turned out the lights, and left you with nothing at all. As they say, better 2/3 of something than 100% of nothing...

2
0

If you use ‘smart’ Bluetooth locks, you're asking to be burgled

Charles 9
Silver badge

Besides, 7 times out of 10 they can just do what the SWAT do when they insist of coming in: use brute force to break the hasp or the frame. Because most door frames are made of wood, they don't take as much force as you think (OTOH, many commercial door frames are made of steel), and there's little you can do to stop them, especially when the house is empty (meaning possible countermeasures like door stops can't be used).

4
0

How many zero-day vulns is Uncle Sam sitting on? Not as many as you think, apparently

Charles 9
Silver badge

Re: Snapping up cheap spy tools, nations 'monitoring everyone'

So now comes the question. Which would you prefer: anarchy or the police state? Because in today's world, keeping third options is becoming more and more difficult.

0
2
Charles 9
Silver badge

Re: They should be banned from buying exploits

"The only 0 days they should be permitted to keep in their arsenal and not inform the vendor about are those they discover themselves."

What makes you think they DON'T discover them themselves and what we're seeing most of the time is parallel efforts to a single goal?

0
1

California to put all your power-hungry PCs on a low carb(on) diet

Charles 9
Silver badge

Re: I'm cautiously optimistic ...

But where are the GAMES?

0
0

Graphene solar panels harvest energy from rain

Charles 9
Silver badge

Re: Is solarPV a waste?

Meaning turbines are more efficient than Stirling engines?

0
0
Charles 9
Silver badge

Re: Rain water into Hydrogen

"At best, it's an inefficient energy STORAGE mechanism. We have pretty good batteries already."

Pretty good? They're not really all that efficient, they don't scale well, they don't really last that long under prolonged use, and many have an issue with spontaneous combustion. We REALLY need something better.

0
0

Forget security training, it's never going to solve Layer 8 (aka people)

Charles 9
Silver badge

Re: Silly thing is ...

"Sure, there will always be crooks and naive/stupid people. But why being a crook on the Intenet is so easy? Because of technical reasons, or because too many make money from letting the crooks around? Yes, it's a layer 8 issue too - but not the one identified by the researches. Follow the breadcrumbs - and you'll find why it works."

Or maybe because of sovereignty? It's hard to nab a crook if they happen to live in a country hostile to you.

0
0
Charles 9
Silver badge

Re: @Walter Bishop

"Clickable links wouldn't be a problem if they moved to the Industry Standard Lubuntu desktop."

They'll find a way. Remember the term "rooting" doesn't come from the Windows world.

0
0
Charles 9
Silver badge

Re: "still won't save you from the rise of street cameras and spy satellites..."

Like I said, pervasive cameras (Google cars) and spy satellites (commercial photography satellites).

0
0
Charles 9
Silver badge

"And since I'm using a company laptop, try measuring my care level...."

Pretty high, I would say, since they may eventually trace the zero point back to you, you get sacked, maybe charged with criminal negligence resulting in gross damages...

0
0
Charles 9
Silver badge

Re: Making legit look phishy

"As Mike said, have the legit e-mailers send harmless mail. Then the phishers can duplicate this to their hearts' content - they'll be sending harmless mail."

No, the problem is that they can make a harmless-looking e-mail harmful no matter what you try to do. Remember, you can't fix stupid. Even without direct links, you can make a stupid user copy and paste, even hand-type if need be, and use a similar domain the malcontents bought first or hijacked (so no unicode involved and it can't be removed because it was bought from a crooked vendor who can bribe or is immune to the authorities).

0
0
Charles 9
Silver badge

Re: Errm

Trouble is, sometimes you can exploit a system by feeding it CORRECT inputs, too.

0
0
Charles 9
Silver badge

Re: Making legit look phishy

But what's to stop a phisher from duplicating EVERY SINGLE THING the legit e-mail can throw, only to use legit-looking (maybe even Unicode) domain names so that you can't tell the two apart even with a poring of the source? That's how good phishers are getting: the point where the besieger's advantage is becoming harder for the besieged to counter.

0
0

Samsung Note 7: Probably the best phone in the world. Yeah – you heard right

Charles 9
Silver badge

Probably also to do with spectrum. American phones need an emphasis on bands 4, 12, and 17 (as those are the LTE bands used by AT&T, T-Mobile, and MetroPCS the main GSM-based carriers, and this trend extends throughout the Americas). They're still pretty international-friendly, though, as they normally support band 3 and at least one other common band (usually 1, 5, or 7). Verizon and Sprint phones use less-common bands so require more customization.

0
0
Charles 9
Silver badge

Re: Samsung v Xiaomi

It's one reason I finally decided to retire my S4 for this (used in good condition), as S4 is off the Lollipop list, let alone Marshmallow (OTOH, my S5 is already there). It just took a while for the US carriers to catch up: T-Mobile most recently in June. I think AT&T is the only holdout.

0
0
Charles 9
Silver badge

"Watch that first step! It's a doozy!"

As in it's a pretty big one. One with a lot of substance to it. Term based on the old Duesenberg cars that hit their heyday in the 1930's and affectionately coined the phrase, "It's a doozy!" as a way to say, "Now here's a REAL car!"

Because of Stagefright and so on, Google's been forced to pay a lot of attention to security with Android N: particularly the ability to patch core functions of the OS that normally get obfuscated by carriers. In order to avoid getting investigated by governments for still letting hopelessly-vulnerable-and-unpatchable devices be approved, they need to slam that door hard. That's why you have things like seamless updates, which means updates don't take forever to install, and why IINM he core framework is being separated from the user interface (which is what the manufacturers and carriers want to control).

I still haven't heard any call for requiring the use of root-proof tech like ARM TrustZones and Secure Elements; this may have to do with catering to low-end device makers, though.

0
0
Charles 9
Silver badge

I wouldn't count on anything to run Android 7 well until after Android 7 itself comes out. This one looks to be a doozy in terms of changing the core functions, if you'll recall, since Google has been forced into a security focus with this update.

1
0
Charles 9
Silver badge

Re: Charles 9

"Your thinking like a customer, not a seller. If they make the battery replaceable, how will they sell you the Note 8?"

They can't. I look for a phone that ticks all the boxes, and then find the cheapest one. And for me, a non-replaceable battery (and a lack of microSD) is a deal-breaker based on firsthand past experience.

So until they cater to the customer (which as the adages go is #1 if the law is not involved), I'm not buying.

5
0
Charles 9
Silver badge

Re: Could be great

Thanks to SafetyNet and dm-verity, more apps are root- and custom-aware, so going stock is the only option for those situations. Plus don't Samsung devices have KNOX, which customizing also breaks?

0
0
Charles 9
Silver badge

Re: Got a Note 3 at launch...

"I think Samsung also understands that more and more people are extending their replacement cycles."

If that were true, they'd make the battery replaceable since that's one of the first things to go. I've replaced the battery on my S4 twice now to keep it going strong.

5
1

Simply not credible: The extraordinary verdict against the body that hopes to run the internet

Charles 9
Silver badge

Re: homonym or homily

"As to who should be herding the root servers, I rather suspect that the original principle should be applied vigorously and have them managed by independent agencies hosted in various countries. With all details of the management agencies being publicly available. I certainly would *not* want someone like Erdogan or Un or (some days) Putin or Zuma with their hands on the leashes of more than one of the servers."

How do you avoid puppets then who can in turn be protected by the power of sovereignty?

0
0
Charles 9
Silver badge

Re: Umm, some balance please

"It is literally criminal how they get away with blatantly saying "F U" to everyone's face and nobody lifts a finger in retaliation. I would send in the Marines and have them all shot for treason on site, no delay and no discussion."

OK, then. After you sweep ICANN clean, what would you replace it with? And how would you ensure it did its job properly while also preventing it being corrupted or subverted AGAIN?

You see, the big trouble with all these cries of "Throw the Bums Out!" is that no one ever bothers to consider what you're going to do AFTER they're gone. It's not like the Internet runs itself or can completely ignore political entities that can control the physical wires...

1
0
Charles 9
Silver badge

Re: And they have a famous chef, too

"You haven't been downwind of an open tin of Surströmming, have you?"

But at least that at worst only has a local influence. I'm talking international stinks.

1
0

By 2040, computers will need more electricity than the world can generate

Charles 9
Silver badge

Re: More Information

"Generate solar electricity in North Africa (where there's a lot more sun than there is in most of Europe), and use low-loss HVDC transmission to ship it across to places in Europe that could make use of the electricity. And as a side benefit, generate a bit of income for the Africans in the picture."

But then politics inevitably gets involved. Who owns what? That's why we can't have a solar satellite in space. That kind of energy means power, political power, and there WILL be fights over it.

0
0

Boffins bust biometrics with inkjet printer

Charles 9
Silver badge

Re: It very much depends on the reader

"However, whatever security measures you use, never forget that someone may choose to use a more direct route."

But what if their victim is a masochist (so get off on torture) or a wimp (so faints before you get started)?

0
0

Stop us if you've heard this one before: Telcos try to kill net neutrality

Charles 9
Silver badge

Re: Those poor innocent profits..

Ergo, we can't have nice things. If we can't afford them, it's equivalent to not having them.

0
0
Charles 9
Silver badge

Re: No problem!

I got news for you. That pretty much covers practically all the TV in the country.

INCLUDING the big broadcasters.

Disney (on the list) is the owner of ABC

Comcast (on the list) is the owner of NBCUniversal, also on that list itself.

Viacom (on the list) changed its name to National Amusements in 2006. It's is the majority owner of CBS.

And you've probably noticed the Fox Networks Group.

The only way you can effectively boycott is to get the Nielsen participants to unplug their TVs.

0
0

Tesla autopilot driver 'was speeding' moments before death – prelim report

Charles 9
Silver badge

Re: Fat effing chance

Thing was, it ALSO saved Corporate America time AND money in lawsuits claiming a design flaw that doesn't take submarining into account. Handling the back behind the rear wheels was easy enough, but the sides (which affects ride height) are another matter.

0
0
Charles 9
Silver badge

Re: Dangerous attempts to fix stupid?

This isn't a motorway. It's an arterial, which means traffic lights. If he was FIRST out of the light, pulled ahead, and there's not much between the light and the truck, he could easily have a large opening in front of him before encountering the truck.

0
0
Charles 9
Silver badge

"But if it occasionally confuses a plain white truck side for a threat-free path, that's unacceptable."

But here's the catch. How do we know it would be easy for a HUMAN to see it, too? Sometimes, we assume too much and don't take the assumption that the human could be as confused as well. Or the human could be tricked by illusions and other conditions a machine would be less prone. For example, a anisotropic painting of a kid in the middle of the road, or a whiteout condition.

The situation here is that human drivers and computer drivers approach perception from two completely different angles, and they don't overlap. The real question you have to ask is which of us can handle better in the overall scheme of things: human intuition that can't be taught because it's inborn even in toddlers (so we don't even know HOW we learn it) or tireless machine perception that's harder to fool objectively but likely easier to fool subjectively?

0
0
Charles 9
Silver badge

Re: No thanks

What if it becomes take it or leave it? As in take the self-driving car, pay crazy car insurance to keep the privilege, or just get off the road?

1
0
Charles 9
Silver badge

Unlikely, since the crash is likely to be so violent as to break the camera. Not even black boxes (and they're built to take a pounding) are immune. Plus, consider where the best place to put a camera would be (in the mirror or visor) and remember what part of the car got decapitated more than the driver.

0
1
Charles 9
Silver badge

Re: I remember that accident - only in 1967!

"The BEST are MANAC - dry van trailers in the U.S. under the name TRAILMOBILE. Their advantage is the supports of the Mansfield Bars are towards the outer end - where the worst damage occurs,"

But I doubt TRAILMOBILE rigs are recommended for areas with way-above-grade railroad crossings, since lowering the crash zone inevitably lowers the ride height, raising the chance of a hump taking the trailer off its wheels.

1
0
Charles 9
Silver badge

Re: Waste of time

Or, in more practical terms, over 108 feet per second (> 60mph = more than a mile a minute). Meaning, in the time it would take an 18-wheeler to turn left across the intersection, a car going 74 mph would've covered 3/5 of a mile by that point (more precisely, 3256 ft in 30 seconds).

1
0
Charles 9
Silver badge

Re: Dangerous attempts to fix stupid?

"As I stated before, an active driver would have spotted something amiss because cars ahead would have started evading it, even if the truck itself was practically invisible against the background."

Unless, of course, he was the FIRST car there, meaning there were no other warning signs other than the truck itself. As for the truck yielding right of way, he may well have not seen the car prior to the actual turn. Remember, the car was speeding at near 75 mph. A car can close distance rapidly at that speed.

2
0
Charles 9
Silver badge

Re: Not an AI

"Who is going to pay?"

The drivers, that's who, likely by way of a mandate to do it within, say, ten years. They pay one time for the device or their car isn't declared roadworthy (this would also fix the import issue). The driver either pays up or gives up driving. Either way, you likely end up with safer roads.

0
3
Charles 9
Silver badge

"Mansfield bars are mandatory on the rear of trucks in the US but, unlike Europe, not on the sides."

Probably because of ride height issues. More parts of the US have high humps, particularly at railroad crossings. Trucks routinely get stuck there because the hump catches under the trailer and lifts it off its wheels. Plenty more then get struck and destroyed by trains.

Any Mansfield bars capable of stopping a car would aggravate the hump issues, and there's no money to address the humps because many of these roads are locally maintained by communities constantly strapped for money.

8
3

Did Donald Trump really just ask Russia to hack the US govt? Yes, he did

Charles 9
Silver badge

Re: @JC2

Could also be the END of it. Heard of the phrase, "No Vacancy"?

0
0
Charles 9
Silver badge

Re: Clinton got caught rigging the primary...

"Dude, the charge is election rigging, with plenty to back it up, and you think those three words is enough to refute it?"

YES, unless you actually CAN back it up with evidence that would be admissible before a court.

0
0

Alleged skipper of pirate site KickAss Torrents keel-hauled in Poland

Charles 9
Silver badge

Re: What first amendment?

Ever heard the phrase "A picture is worth a thousand words"? When 9/11 happened, it wasn't the headlines that made the greatest impact but the photos. And believe me, no front page would elicit more shock than that of a new atomic mushroom cloud. Especially if the spot it happened was someplace like Rio.

0
0

Zero-day hole can pwn millions of LastPass users, all that's needed is a malicious site

Charles 9
Silver badge

Re: Truecrypt + Notepad

The thing with databases is that they are much more efficient when it comes to searching, especially as the dataset grows. You think it's easy enough to sort through your text file, but how about when you have to sift through hundreds of them? Plus programs like KeePass are actually better at handling the clipboard, since it only keeps your password in the clipboard for a configurable number of seconds (default is 12), so you minimize the risk of clipboard sniffers.

Not to mention it saves on a drive letter and packs everything into one neat program you can call up at will.

2
0
Charles 9
Silver badge

Re: Fingerprint me ars...

YES! I've got ten of them to work with off the tips, then I can get more creative and use other parts of my fingers. And unlike a password, I don't have to remember them (which is an issue for people with poor recall or simply too many things to remember) or keep a second factor handy (which lots of people end up LOSING).

PS. And even IF they lift my print, it probably wouldn't even work for them given my genuine finger only works about 3 times out of 10.

0
0
Charles 9
Silver badge

Re: Why?

But many people can't work like that. They have such bad memories that "correcthorsebatterystaple" is a stretch ("Or was it 'donkeyenginepaperclipwrong'?").

0
0
Charles 9
Silver badge

Re: It's Risk Management

"I tend to use Lastpass for random passwords for junk websites and use complex passwords and my memory for critical ones..."

And for people with BAD memories?

3
0
Charles 9
Silver badge

Re: What goes around...

The thing with eggs, though, is that they MUST be in one place (right next to you) if you intend to actually USE them. So at some point, they MUST be in the same basket.

Plus some of us have bad memories, meaning out of sight really means out of mind (and thus gets lost).

8
1

Brits unveil 'revolutionary' hydrogen-powered car

Charles 9
Silver badge

Re: Zero Emissions!

"Producing hydrogen by electrolysis is still far to inefficient."

Not even high-temperature electrolysis? Plus you can just use electrolysis to even out power spikes in low-demand times.

0
0

Forums