* Posts by Charles 9

8256 posts • joined 10 Jun 2009

Hackers electrocute selves in quest to turn secure doors inside out

Charles 9
Silver badge

Re: Several pieces of equipment melted

And IIRC that was based on the EMPs they notices when conducting atomic and then fusion bomb tests. I wonder if they've found a way to deal with the EMP a high-powered A- or H-bomb detonating 20 miles or so over South Dakota would make.

0
0
Charles 9
Silver badge

Re: Push The Button To Exit

So security guards stay at their posts even in the event of a fire? Like I said, the spy may be willing to risk burns for high-value data, but the rent-a-cop?

0
0
Charles 9
Silver badge

Re: Push The Button To Exit

"In the most obvious way possible - all the buildings I've worked in that require swipe to exit, or even just pushing a button to exit, automatically release the door magnets when the fire alarms are activated."

What I'm wondering is how they safeguard against someone sneaking in through these doors DURING a fire, hiding, and then rummaging in the chaos (because we can't rule out someone committing arson in order to commit high-class espionage).

2
0
Charles 9
Silver badge

Re: Push The Button To Exit

What if there's a fire? Under most fire codes, any obvious egress must be allowed to open easily from the inside, even without power, in the event a fire knocks out the power (this is due to the panic inherent in a fire; people swarm to the nearest exit regardless of its purpose). Probably why the locks are electromagnetic (active, meaning they only hold while power is applied).

I'd like to know how a high-security compound meshes with the fire code.

0
0
Charles 9
Silver badge

Re: They're still alive after electrocution?

It is for men for whom evisceration is just a flesh wound.

15
0
Charles 9
Silver badge

Re: They're still alive after electrocution?

I thought electrocution was what happened when you ran a computer program: use electricity to carry out a job.

0
1

Stay out of my server room!

Charles 9
Silver badge

Too late. They would've already made alternate access methods.

Compromise must be assumed to be COMPLETE compromise.

2
1

WordPress auto-update server had flaw allowing anyone to add anything to websites worldwide

Charles 9
Silver badge

Re: Signed updates

Then what happens WHEN (not IF) THAT update mechanism gets compromised. Sounds like a Catch-22 if you ask me. The ONLY way to prevent stale exploits is unavoidably exploitable.

0
0
Charles 9
Silver badge

Re: Welcome to the future. It's not safe.

No, we can't accept that software WILL be vulnerable because that ALSO means we must accept that all software must be COMPLETELY vulnerable, essentially making it worse than useless, which means we'll have to go all Luddite back to the Sears catalog.

0
0

Emulating x86: Microsoft builds granny flat into Windows 10

Charles 9
Silver badge

Re: How long before Android/Chrome catches up?

"I agree on the high performance gaming, but for slightly different reasons. There has been a dark cloud hanging over PC gaming for years, console gaming seems to be taking the market share (Just to be clear I prefer PC gaming and don't own a console). But now Windows 10 and Xbox one share a common platform I'm hoping this will change. High performance gaming developers have no interest in Android, only consoles."

But you still have games that REQUIRE a keyboard, mouse, and good eyes to play. WoW's still the 800-lb gorilla of online gaming, and while Overwatch will expand Blizzard's reach, they know where their real money lies. Unless and until WoW becomes playable on a PS4 the same way you can with a PC, PC gaming and the like aren't going anywhere soon.

0
0
Charles 9
Silver badge

Re: Baby... Bathwater?

Um...they TRIED. Didn't work, and this was with experts. Let's see you do better, especially when high-performance graphics and low-latency networking basically require close-to-metal coding.

1
0
Charles 9
Silver badge

"Still, if working away from an office is your thing, just use a laptop."

But laptops are increasingly being seen as security risks: being too big to really be portable, they become easier to lose. A case of bigger NOT being better. At least phones are usually kept in pockets, clips, or holsters: basically, on the person, and usually with locks. They're considered more personal so more attention tends to be paid to them.

0
1
Charles 9
Silver badge

Re: Cart before the horse

Apple's library was noticeably smaller than Microsoft's, thus making it easier to convert. Also, Apple controlled the hardware chain so there were very predictable hardware specs for the devs to work with. Even with the brief stint into third-party PPC Macs, the specs were still pretty strict.

0
0
Charles 9
Silver badge

Re: How long before Android/Chrome catches up?

"Chrome OS supports Android apps and developers seem to be happy creating new Android apps instead of converting legacy Windows apps - Google seems to be getting in a better position than Microsoft."

Except most Android apps aren't business-oriented, built around internal networks, keyboards, mice, and so on. IOW, there's a general dearth of productivity software. High-performance gaming is also notably absent from the Android lineup because the specs basically demand a PC with plenty of RAM (not just storage) and graphics capability that would melt most tablets.

1
3
Charles 9
Silver badge

Re: Cart before the horse

Not an option anymore. Current Atom chips aren't good enough, and Intel isn't offering any more for a while, by which time it's too late. It's hard to require something that isn't available.

4
1

MP Kees Verhoeven wants EU to regulate the Internet of S**t

Charles 9
Silver badge

"China wants to make money. If that takes certifying tat to be able to sell it in Europe, they will. Of course, they'll prefer to "certify" it, but sooner or later that stuff will get largely weeded out. Also, uncertified grey market stuff will only be part of total idIoT sales anyway.

And about those 1.5 billion Chinese, maybe the more relevant metric is the purchasing power they have, compared to 450 million Europeans.

Your point, as you're stating it now, is not particularly strong, and expressing it as you did as "China has nukes" is utterly opaque. Someone who until recently visited China regularly, overseeing the manufacturing of electronics, considered it totally ludicrous."

China wants control more than they want money. It's just that the latter is the safest way to the former. But if they have to spend some to get more control, they'll do it. That's what happening with all those "goodwill" projects. They're plunking down to gain beachheads.

0
0
Charles 9
Silver badge

What I'm saying is that you can't count on regulation in a market that basically lives on working AROUND regulations. A market that acts like an ooze: try to corral it and it just finds a crack, lifts it, and escapes through it.

And as for the "China has nukes" angle, it boils down to saying it's no use trying to dictate terms to China. They have 1 1/2 billion people, plenty of goods, plenty of know-how, and the means and mentality to force the issue if necessary (they're Far Eastern, a region whose philosophy tends toward Death Before Dishonor). Why do you think so many countries are starting to get chummy with China? They've got most of the cards.

1
1
Charles 9
Silver badge

"How do they grey market vendors contact the customer? They're not employing people to wander the streets to sidle up to punters saying "Wanna buy some hookey cameras? Come round the corner and I'll give you an address" are they?"

Depending on the country, YES THEY DO. I've BEEN to some such countries.

As for enforcement, eBay may be in Luxembourg NOW, but they have PLENTY of other locations. The trick with pressuring a multi-national (like the big oil companies) is that they can always threaten to pull up stakes. How do you explain to your citizens why their tax revenue is now in another country? That's why shipping lines never flag in a first-world country. They gain too much from the loose regulations than they'd ever lose flagging elsewhere. Same here. The costs savings by playing fast and loose and fly-by-night are worth more than any inconvenience they'd get by having to move once in a while. You're basically fighting with free: as history as shown us, it's hard to beat free.

2
3
Charles 9
Silver badge

How will they enforce it when data can cross borders so easily even China has trouble?

3
1
Charles 9
Silver badge

Or

4) Stick to the gray markets where nothing's concrete enough for the law to reach.

2
0

New state of matter discovered by superconductivity gurus

Charles 9
Silver badge

"Question: does a "sublimation" chemical only have solid and gaseous phases - or is there a liquid phase that is too unstable to observe normally?"

It all depends on the conditions. Freezing and boiling points are dependent on BOTH temperature AND pressure. It's just that in some cases like CO2, atmospheric pressure is so low that you go past what's known as the Triple Point (the point where all three phases can coexist). Below this pressure, liquids can't form, and you get sublimation instead. If you pressurize the CO2 (to, say, 5.2 bars), you can get it into a liquid state.

1
0
Charles 9
Silver badge

Yttrium Barium Copper Oxide

That's a bit of an oldie. That was one of the first to be able to superconduct in liquid nitrogen, much easier than liquid helium. Been around since the late 80's IINM.

6
0

Trump hires very best, greatest net neut haters to head FCC transition

Charles 9
Silver badge

Re: Bandwidth

They don't want to be a carrier because there's strings attached. Thing is, those strings are also what are keeping everyone else from the sticks. Basically, unless they're near trunk lines, the sticks are sinks. That's why they're the sticks in the first place, essentially. It's all a very complicated tug of war between moving to where the goods are versus drawing the goods to you.

0
0
Charles 9
Silver badge

Re: Bandwidth

Google doesn't pay that much because they actually have a private network. They don't need to use the Net so much.

2
1

Donald Trump confirms TPP to be dumped, visa program probed

Charles 9
Silver badge

Re: Actual question

The TPP is essentially dead because NEITHER candidate was going to agree with it as it stands. Plus getting it ratified even then is going to be tough (there are plenty across the aisle who don't like--you can probably find at least 34 of them, enough to block a ratification).

2
0
Charles 9
Silver badge

One man's crap is another's fertilizer.

4
0
Charles 9
Silver badge

Re: And so it begins...

To many the recession never will end because it's triggering a post-labor economy where fewer and fewer things require human labor to perform. Vast chunks of the population will soon become permanently redundant, at which point things will get ugly.

5
0

User needed 40-minute lesson in turning it off and turning it on again

Charles 9
Silver badge

Re: F+1+2?

"It certainly brought home the requirement to be very clear and explicit in your instructions and to then realise that someone else's interpretation of what you said can still be different to yours."

It can also drive home the point that sometimes you just can't win because you end up with a person who can't find their butt with both hands and a road map. Tell them to pick up the three-inch cylinder (the ONLY block in the bunch that matches the description), and they end up using the oblong brick. And they swear it's the cylinder, and when you ask what they call the cylinder, they answer "stick".

It's times like this when you wonder if "civilization" is overrated.

2
0
Charles 9
Silver badge

"I had to wait for her to hang up. You hang up on a customer and you get fired."

Even when you're getting the blame for something that isn't possibly yours? They record the phone call, don't they? Challenge them by asking them to play it back. If they're going to fire you over what I term a "brick", then perhaps they're not the right company to work for in any event.

"She refused to accept that the physical line had to be repaired as I saw that she called in 3 more times that day. You get a little nasty note when you get a repeat call with in a week."

Again, point out she's blaming the company for something that isn't theirs. Doesn't the company have a policy for dealing with impossible demands?

1
1
Charles 9
Silver badge

Re: take away

"Over my dead body."

Remember, many computers are in private homes, and there are people who don't take the kind of intrusion you propose lightly.

That's why you can't compare car usage to road usage: because cars at least run on government-regulated roads. If you demand a license to use a computer in the privacy of one's home, you're asking for Big Brother.

1
2
Charles 9
Silver badge

Re: IT support can make strong people cry.

"Wish I could've seen his face when I told him how, armed with his IP (he was on dial up so no router) I could get into his machine without knowing his username or password, and have full control over his data. I did talk him through how to block SSH at the firewall and how to open a terminal and change a few things so it was secure."

Would you change your mind if his face took on a look of complete puzzlement instead?

1
1
Charles 9
Silver badge

Re: Switches as opposed to buttins

But then Murphy can hit even there. Such as a switch put in upside-down so it's on when it's DOWN, or one that's miswired so it's on all the time, and so on. It's as the late Douglas Adams wrote once. There will always be a person for whom even the simplest design possible is beyond them (either that or they're the type where the solution to the square peg and the round hole is a big enough hammer). And yet at some point your life will depend on that person.

2
1
Charles 9
Silver badge

Re: Where's the "Any" key?

"Dunno.. They way some of them are I doubt they could find their A-hole with a map, flashlight, and helpful-but-effeminate guide, let alone the "A" key."

Oh? If their name has an a in it, then ask them how they type their name.

1
1
Charles 9
Silver badge

Re: F+1+2?

Sorta reminded me of a scenario I played out in my head a couple days ago. If we were to make first contact with an alien civilization and we at least somehow found a way to communicate, how would we begin relating stuff like measurements to each other? The challenges in finding ways to communicate things we take for granted but would be, for lack of a better term, utterly alien to them, like how long is a second?

2
0

The solution to security breaches? Kill the human middleware

Charles 9
Silver badge

Re: Incredible

"Don't just read a book about security, you need to be critical thinkers and work outside the box. Follow your instincts and experience. Take the time to do it right."

The problem is that, more often than not, you're not given the time or resources to do it right, and IT tends to be pretty low on the corporate totem pole. So how do you do it right with a tight deadline and a shoestring budget?

0
0
Charles 9
Silver badge

Re: Buzzword Bingo

"If you want "cyber" security, stop screwing around and demand that we treat our information systems like any other engineered system: Delete the broken patent and copyright systems, and allow that knowledge to be shared."

Simple answer: no one will play. Knowledge is power, literally, and there are many out there who DON'T want their knowledge shared. If not allowed to exploit their knowledge, they'll take their ball and go home, leaving society hungry. That's why we have patents and copyrights in the first place. Without some incentive, not enough people are willing to come forward; end result, society is starved for knowledge. You don't need to do away with the systems because people can and have released their stuff either out of copyright but patented but only for anti-exploitation reasons. The TERMS of those patents and copyrights can be adjusted to reflect changes in society, however. Copyright was once life of author without extension for a person or about 25 years for a business. I think reeling terms back to those roots (based on the face they're supposed to be LIMITED, under the Constitution, IIRC) would help speed things along with documents and so on. As for patents, change the terms to reflect the industry they apply. Machinery and so on tend to have long work cycles, so patents of 25 years are still appropriate. Medicine can also make a case due to all the legal hurdles a drug maker has to clear just to get things to market; they really only get a few years to sell their stuff IF they get the go-ahead. Non-physical stuff? Stuff moves fast here, so what if patents for these get limited to, say, three years tops?

0
0
Charles 9
Silver badge

How do you get around click fatigue, though?

0
0
Charles 9
Silver badge

"Surely prevention is still the first line of defence and monitoring the second."

But you can't prevent a zero-day because you have no foreknowledge of the exploit. Trouble is, the moment one is in, one has to assume the worst (they've already gotten access to everything) which is usually too late for a clean up.

0
0

British banks chuck smartphone apps out of Windows

Charles 9
Silver badge

Re: Phone or computer?

Then you're missing out because having access to knowledge on the spot can be very, VERY handy, especially if you conduct research on something you just spotted before you buy it.

0
0

Experts to Congress: You must act on IoT security. Congress: Encourage industry to develop best practices, you say?

Charles 9
Silver badge

Re: Standards in the US would also affect china, due to dev costs

So what happens when two regions give conflicting mandates, meaning you have no choice but to create two versions since one version WILL violate the other and vice versa?

Like, for example, radio equipment where frequency allocations differ from region to region and different bands are off-limits for security reasons?

0
0
Charles 9
Silver badge

Re: Be Careful What You Wish For...

So what do you do when the manufacturers are outside the country, being protected by that country's sovereignty, and that country refuses to cooperate?

0
0
Charles 9
Silver badge

Re: How do you deal with China?

But eBay and the like are multi-national. They're like gel. If one country applies pressure, it'll just ooze to another. That's why ships rarely flag in US or European countries. Plus some of the sellers like Alibaba are already based in China and the like and out of western regulatory reach.

0
0
Charles 9
Silver badge

Re: Well, if these fine legislators have their way --

You can con by mail. That doesn't require a face-to-face presence and is just a bit of a slower version of a 419.

0
0
Charles 9
Silver badge

Re: "One area might get hit badly, but not everywhere"

DDoS's are getting SO bad that they can hit even redundant infrastructure. It's not that effective having four servers at different locations if the enemy's so massive they can split into four and STILL effectively attack you.

0
0

Windows cmd.exe deposed by PowerShell

Charles 9
Silver badge

"It's just amazing that nobody here has actually bothered to install the update and verify any of this."

Ever thought it's because they haven't made the move YET, but PLAN to?

PS. To El Reg, I attempted to reply directly to the comment above featuring the quote, but it reports 410 Gone although the comment is still listed.

0
0

The encryption conundrum: Should tech compromise or double down?

Charles 9
Silver badge

Re: Let's be clear. These data fetisihsts want to dump due process. They want it all, all the time

Would you rather live in a world where not just death but mayhem can come from anywhere at anytime without warning?

Because the human condition basically means we'll end up at one of two extremes. Either the Police State or Anarchy. Any attempt to try for a third option will eventually gravitate towards one or the other end.

And before you quote Benjamin Franklin, allow me to counter with this idea. Perhaps, to spin on a Jack Nicholson line, humanity "can't handle freedom"...

0
0
Charles 9
Silver badge

Re: pfft laws

Don't give them any funny ideas. Didn't Minnesota pass such a law?

0
0
Charles 9
Silver badge

Re: " ONLY clue you've got is a hint of a hunch and no way to back it up enough "

"There are always reasons and always a trail. It's time people stopped listening to this sort of hysterical BS and remembered the words of Mary Shafer. "Insisting on perfect safety is for people who don't have the balls to live in the real world.""

But if no one knows the trail exists, how can they follow it? Take "Unabomber" Ted Kaczynski. No one even heard of him until a relative clued the feds in based on his egomaniacal crypto puzzle. What about Timothy McVeigh and Terry Nichols. Were they on any serious terrorist investigation map before Oklahoma City? And then there's the Bath School Massacre: still the worst school massacre in US history. Spontaneous action by a farmer (thus legal access to TNT as excavation charges), and no one could've anticipated his actions because he acted too suddenly: almost immediately after losing a local election.

0
0

Launch set for GOES-R satellite capable of 30-second weather updates

Charles 9
Silver badge

Re: "...most dramatic weather in near-real time"

But better data usually helps to clear the haze. At this point, this can only help.

1
0
Charles 9
Silver badge

Re: A VERY good idea..

The satellite footage is public domain because it's a product of the US Government. That's the default status of products of the US Government unless there's an exception attached.

1
0

Forums