* Posts by Charles 9

4493 posts • joined 10 Jun 2009

Sorry, Qualcomm, Apple – your patents don't scare us

Charles 9
Silver badge

Re: First mover advantage

"If someone wrote something equivalent to your software, by the time they got it to market you would have version 2 ready."

Thing is, copycatting also makes it easier to leapfrog. Since all the effort of the v1's already done, they can think of ways to one-up you. So by the time you come up with a version 2, they may have not only anticipated but also gotten ahead of you, coming up with the equivalent of your version 3 at the same time. Suddenly you're in the uncomfortable position known as "First is Worst."

If you can be so easily leapfrogged with no recourse, why bother trying? As a result, we could end up back in the days of the Renaissance when most works were reserved for commissions from the wealthy and powerful. Note that most of the revered works of art were just that: commissions only revealed to the public long after it was originally made and therefore useless in a contemporary sense. How would you like it if the most useful software (and by that you can include the stuff needed to make other software: compilers and the like) was instead kept under the lock and key of ultra-conglomerates a la Gibson's Sprawl?

0
0
Charles 9
Silver badge

Re: Inventing the IP ≠ Being The Bully

But who was the first to put ALL of them together into a whole greater than the sum of its parts? Gestalt effect.

0
0
Charles 9
Silver badge

Re: First mover advantage

The main problem now isn't the exclusivity but the length. When the length was first used, industries were usually about durable things that last decades. But software cycles quickly. You can fix the patent problem by specifying different lengths for different industries: say a max 3 years for software and 5 for hardware.

0
0

US govt bans Intel from selling chips to China's supercomputer boffins

Charles 9
Silver badge

Re: Q:

In the US IIRC. Intel's foreign foundries are for older, less important chips.

0
0
Charles 9
Silver badge

Re: They're still at it

How? Bad as it looks now, the US is STILL a huge sight better than any other country on offer. Including China, or they would've ALREADY demonstrated self-sufficiency (they carry a cultural impetus) which proves they can successfully cut off the US.

1
8

Foreign firms must obey EU laws no matter where they're based, says EU. Hear that, Google?

Charles 9
Silver badge

Re: missing the point

Nope. That's due to the roads being owned or at least regulated by the respective governments. Their road, their rules. But what about privacy rights? They're of a more personal nature and don't involve government property. So who gets the call? The country of location or the country of origin?

0
5
Charles 9
Silver badge

Even better? What happens when a lax citizen is in a strict country (or vice versa) and a clash occurs (where the laws of the two locations differ)? Which law applies?

0
0
Charles 9
Silver badge

Re: missing the point

So what happens when an American is in Europe or a European is on American soil? And the specific rights in question clash? Whose law takes precedence? The soil or the citizenship?

0
2

+5 ROOTKIT OF VENGEANCE defeats forces of gaming good

Charles 9
Silver badge

What's to stop a miscreant from hacking the sent OGL commands to make the scene look different to the competition? A setup like this can still allow a hacker to tell "lies" to his opponents.

0
0
Charles 9
Silver badge

VM's are not useful for this type of cheat. The cheat would be on the host, giving it hypervisor access where it can snoop any memory at will, including pre-encryption (making a secure tunnel useless here, too).

1
0
Charles 9
Silver badge

Re: Confusing paper

"If the hardware/OS/games are created using the generally hated (at least here) concepts proposed by Trusted Computing Group (previously known as the TCPA and the previous Microsoft Palladium project), it would be possible to implement a hardware and software stack that would prevent client side privileged access to the system unless it was signed by a recognised key. This would at a stroke prevent almost all of this type of client side attack, but at the same time would wrest almost total control of a machine from it's owner, making it a data appliance rather than a PC."

You will note how little you hear of the Trusted Platform Module outside of tightly-controlled settings such as businesses who need the control for their own reasons. Simply put, it's a non-starter on the consumer (and gamers are a subset of consumers mostly) end. If the only practical solution is to implement a system that isn't accepted by your customers, your market is basically a dead end. Either people won't buy your games because they're full of cheats or people won't buy your games because they won't buy the "secure" hardware needed to run them.

0
0
Charles 9
Silver badge

Did you note the part of the article about "sponsored events" and "professional gamers"? In both, money is involved (the former due to the sponsorships and the latter because professionals, by definition, are doing it for a living).

0
0
Charles 9
Silver badge

I'm surprised they haven't taken a look at hardware-based cheating. At that point, the gaming companies may be forced to raise the white flag. After all, what man can make, man can subvert if determined enough.

4
0

You. FTC. Get over here. Google is INVADING our children's MINDS – anti-ad campaigners

Charles 9
Silver badge

Re: Major Shock!

That doesn't sound that good to me. Sure, the price may be lower, but don't you also run the risk of hitting a fly-by-night counterfeit dealer, depending on the circumstances? I know some friends that got hit like this trying to bargain-hunt online.

0
0

Popular crypto app uses single-byte XOR and nowt else, hacker says

Charles 9
Silver badge

Re: Bitwise XOR is a completely legit way to encrypt...

The One-Time-Pad is the only encryption system proven to be perfectly secure. Furthermore, any other perfectly-secure system must (also proven) be essentially the same as a OTP. Using XOR, the OTP also has deniability since you can change the message simply by changing the key.

0
0
Charles 9
Silver badge

Re: Everything after the first 128 bytes remains untouched.

Not really because most files have internal structure that goes beyond ten bytes. Meaning it would be detected as corrupt (and to a spook, suspicious).

0
0
Charles 9
Silver badge

Here's a serious question. How can you get encryption right if you can't roll you own NOR can you trust anyone else to be a Man In Black behind your back?

0
0

Google Ads go NUCLEAR, foist exploit kit

Charles 9
Silver badge

Re: AdBlock

"It is not just the random nature of them , but the simple fact that no person could possibly purchase even a small %age of the ad volume on ANY website."

Trouble is, the needed %age to turn a profit is in the low fractions of a percent. IOW, just one hit in several thousand is enough, and if one follows P.T. Barnum, there will always be enough sicker to make the whole business worthwhile. Not to mention the ads are getting tougher to block, leaving you with two choices: suck up or abandon the Internet.

0
0

Microsoft drops Do Not Track default from Internet Explorer

Charles 9
Silver badge

Re: status quasi

They can glean information no matter what you answer. Give different answers and they'll know you're deceptive and change tactics.

0
0
Charles 9
Silver badge

Re: It's a common misunderstanding...

But if we're the product then we're passive and don't buy anything meaning we never respond to ads making them pointless. We MUST be customers in order to make ads worthwhile.

0
0
Charles 9
Silver badge

"What's needed is a browser add-in that will accept the adds without displaying them & even generate click-throughs without displaying the results."

Credits to Milo's it'll soon be followed by a Turing Test to make sure the click-throughs are human.

0
0
Charles 9
Silver badge

Re: :-P Pththththth!

And when they inevitably fight back by using ad blocker blockers?

0
0
Charles 9
Silver badge

What about the likes of Google who do provide actual bona fide services that have little or no viable substitutes? You're talking about a lot of potential collateral damage.

0
0
Charles 9
Silver badge

Re: DNT is a mirage.

They'll never be outlawed because they'll just go international, even if it means bribing some hodunk country to change its laws.

0
0
Charles 9
Silver badge

Re: You can't trust sites to honor do not track requests or anything alike

And then they start using ad-blocker-blockers and pay walls...

0
0
Charles 9
Silver badge

Re: No

And if the caller is I'D as international and vanishes the next day?

0
0

Why does the NSA's boss care so much about backdoors when he can just steal all our encryption keys?

Charles 9
Silver badge

Re: We have RIPA

Oh? They can't just demand it from EVERY suspect?

0
0

Broadband routers: SOHOpeless and vendors don't care

Charles 9
Silver badge

Re: Good Password(s) inadequate?

Not if they can figure out ONE of the passwords and know the technique, meaning it boils down to a one-word dictionary attack, which IIRC is within feasibility.

Also, what if you visit a bunch of sites with the same theme OR have a truly abysmal memory...oh, and the computer's shared so you can't use a password manager?

0
0
Charles 9
Silver badge

Re: Good Password(s) inadequate?

That's good for making ONE long, easily memorable password.

Now try making A HUNDRED long, easily-memorable passwords AND be able to recall which is which without mixing them up. Because that's the situation the average user actually faces today: not just being able to remember A password but remembering WHICH password. And because of password-stealing we're expected to use a different password for each site to mitigate this, even for supposed-low-priority targets since they can glean information from these to facilitate identity theft.

0
0

Can't patch this: Mozilla pulls Firefox encryption feature after just a week

Charles 9
Silver badge

Chrome is perhaps not trustworthy, but about about Chromium, which IIRC is the open-source fork of Chrome, with most of the Google-centric stuff stripped out?

0
0
Charles 9
Silver badge

Re: 100% False Positive rate

Aren't many hijackings the result of social engineering (AKA identity theft), which no amount of safeguarding will prevent (because the miscreant will simply glean enough credentials to pass any test)?

0
0

Sony nabs cloud gamers OnLive, administers swift headshot

Charles 9
Silver badge

Not unless the game's key component is online, which means you eater pay up or pack up.

0
0

Tennessee sues FCC: Giving cities free rein to provide their own broadband is 'unlawful'

Charles 9
Silver badge

Re: Bogus argument

The FCC will just counter their authority is delegated to them BY Congress through the Telecommunications Acts. Unless Tennessee can cite where it's the purview of Congress ALONE, that argument won't stand.

1
0

Silicon Valley powers: Let mass spying die in May 2015 – it's bad for privacy (and business)

Charles 9
Silver badge

You assume these interests can't pressure the rest of the world to cooperate regardless. A little extortion perhaps...? There's also the chance these interests are worth more than Europe and therefore out monies the competition.

2
0

My self-driving cars may lead to human driver ban, says Tesla's Musk

Charles 9
Silver badge

Re: No human driver? No, that won't happen

The ship and car could fall back to accelerometers which would be much tougher to fool.

As for the cargo, lock it down tighter?

0
0
Charles 9
Silver badge

Re: @Terry Barnes -- Not a problem solved

Alan Turing PROVED the answer is "never" for "a program that can detect infinite loops".

0
0
Charles 9
Silver badge

Re: Not a problem solved

OK, I'll bite.

"The lights are out at the crossroads ahead. Does your car know how to negotiate the crossroads in a safe way which gives gives priority to other drivers according to the time they arrived and prevailing traffic? Can it establish basic signals to other drivers to indicate intent. Or does it just nudge out like an asshole and hope for the best? Or does it annoy the driver by giving up? How does it know to give up? Naturally it would have to do the right thing however many lanes, rights of way, trucks, buses, bicycles, motorbikes and cars (self drive and otherwise) there were."

How do WE do it? Usually by some established rules. First, keep the headlights on so other cars can see you. Second, don't assume you can go straight through. Third, FIFO. Fourth, if two cars arrive at once, use a left-hand first rule (use right-hand in right-side driving countries). Fifth, if all cars arrive at an intersection at once, wait a random number of seconds (between 1 and 10, including fractions) to see if one car moves. If not, creep forward yourself. Eventually, all cars acknowledge who moves first and use the left-hand rule to resolve the rest.

"A man is standing in the road by the traffic lights. A police man. How does your car know to obey his signals instead of the traffic lights?"

By recognizing the person in the middle of the street using forward sensors (technology already exists). Perhaps noting the badge or makeup of his/her uniform one can identify as a traffic officer or the officer can wear special indicative gloves (fluorescent, for example) that automated cars can easily see (would not be difficult to alter uniforms to accommodate self-driving cars). A little training and the car can recognize the hand gestures in 3D and know how to respond to them.

"A man is standing in the road by the traffic lights directing traffic. This man is a loony. How does your car know NOT to obey his signals instead of the lights?"

The same way we would, by noting the loony is not in uniform or using the special gloves and so on. And if he goes as far as to doll up as an officer, well that's impersonating an officer of the law, which is (a) a crime in and of itself and (b) capable of fooling a human, too, making the exercise moot.

"A big truck ahead is stopped and a guy hops out to halt traffic each way so the truck can reverse into some entrance. How far away does your car stop from this? How does it know not to try and overtake this obstacle?"

The car should note a pedestrian in the roadway and start assessing the situation. Consider how the situation is done today with humans. Usually, the pedestrian has to convey the situation to drivers, and the best way is to indicate a roadblock, either by standing in the middle of the road or (if the road is wide) by using road cones he brought with him. A self-driving car would already be trained to be aware of pedestrians and cones in the road and recognize them as obstacles. If the car can assess all paths are blocked, it should correctly come to a stop.

"Your car encounters a stationary bus in your lane. Is the bus broken down? Is the bus stopped at a bus stop or stopped at lights? If it's stopped at a bus stop how long is it likely to be there picking up passengers? When if ever is it safe to pull into the oncoming lane to overtake this obstacle?"

The car looks around. If the road is two-way two-lane, it has no choice but to wait. If there is an overtaking lane, are pedestrians approaching it? Is it near an intersection where it would need to be aware of the signal lights anyway? Those are things it can be trained to detect. If the way is clear, divert to the overtaking lane if open and pass the bus like humans do.

"The road has a big pot hole in it. Can your car see this? Can it see it when it's filled with water? Or does it just smash straight through it?"

Quite easily thanks to more advanced radar. And it should be able to distinguish water from a solid surface (it would register a different return pattern). Either way, the car should recognize to steer around it.

"A road is closed and there is a diversion in place. Does your car follow the signs or just keep driving until it falls into a hole the council just dug?"

Make the signs machine-readable by editing highway and traffic codes. Then the cars can read the signs and know what to do.

"You're going up a country lane. 50m ahead you see an oncoming car. Does your car know it has to pull into the verge NOW because there is no verge ahead?"

The car can (a) know about the no verge through its location and/or (b) look ahead and realize there is no verge, unless your vision is blocked, in which case how would WE know there's no verge ahead if we're not familiar with the area (which is (a) for the machine)?

"Your car goes into place with terrible radio coverage, or no GPS like a tunnel, underground carpark or simply a built up area. What does it do? Dead reckoning? Revert to the driver? What?"

How does a submarine know where it's going when it's underwater and radio-blind in the middle of a featureless sea? The tried-and-tested method is to use a three-dimensional accelerometer set to get a reasonable fix of location until a new fix can be made.

0
0
Charles 9
Silver badge

Re: No human driver? No, that won't happen

"There is also the matter of criminal acts. An unmanned container ship or oil tanker would not pose any significant threat that a manned vessel does not pose, but would be a far easier target to hijack or steal from. The possibility of a hacked car being used to kidnap a celebrity or child is also something to bear in mind."

Wouldn't an automated ship be harder to hijack since the controls can be put in a state where no human can take control and the humans locked themselves in a safe room strong enough that attempting to break it or the control system runs the risk of damaging or stopping the ship, making the whole exercise worthless?

As for the hacked car and celebrity, this still sounds less likely than just grabbing the person off the street or being the rogue driver in a cab/limo.

0
0
Charles 9
Silver badge
WTF?

Re: Real world testing

"I think the point the original commentator was making is that the weather is North America can be very hard to predict. Ice and Snow can be hard for the human and could be impossible for the electronic driver."

Why would it be impossible for an electronic driver? Unless you can describe in detail situations no sensor would be able to see and where the only way one can survive intact is by instinct or even blind luck? The article notes being able to see through rain, and if snow is blinding, perhaps the prudent course a computer would take is to slow to a crawl or even stop (something humans are averse to doing).

The nightmare scenario I keep thinking about is rush hour in an overcrowded Asian city such as downtown Manila, where pedestrians and vehicles of all sorts are everywhere (including many where automation is impossible, like bicycles), road markings aren't really honored, and time is of the essence (perhaps because fuel is low).

0
0

The storage is alive? Flash lives longer than expected – report

Charles 9
Silver badge

Re: Spinning rust.

"The controller of a flash drive must surely know how many pages have failed and been replaced from the pool of spares. So what's going on? Are SSD controllers not being honest with their SMART statistics (for example with SMART 182, " Erase Fail count")? Or did the testers simply write until failed, without monitoring the statistics to see whether impending failure was easy to spot? Or are there whole-chip failure modes with flash storage, that make abrupt failure far more likely than with other VLSI chips such as hard disk controllers? (Well, there are 8 or 16 more VLSI chips in an SSD, so maybe 8 to 16 times the risk)."

What's happening is that it's the controller that's failing first, rendering everything else moot.

5
0
Charles 9
Silver badge

Perhaps it should be noted that since the most common mode of failure is "sudden catastrophic" the main point of failure is not the flash chips but the controller handling them. I guess for the low price point it would be too much to ask to install a backup or replaceable controller unit for the drive.

So noted, in SSDs the controller tends to fail before the actual media. Kind of reminds me of a story of someone looking for a used piano bench and finding out they were hard to come by because pianos tend to outlast the benches, meaning many were scrapped and replaced altogether, reducing the supply.

1
0

Cisco posts kit to empty houses to dodge NSA chop shops

Charles 9
Silver badge

What's to say the old parts aren't pwned either? Remember they've been at this kind of thing for DECADES. Backdoors all the way down...?

0
0
Charles 9
Silver badge

Hide a sleeper piggyback inside another chip and overrule the SD. Try again.

0
0

Is the DNS' security protocol a waste of everyone's time and money?

Charles 9
Silver badge

Re: Solution looking for a problem

"DNSSEC doesn't solve anything that adding a 128-bit random cookie to the DNS request and response wouldn't have solved."

Solve the problem of a rogue or hijacked server being able to see and appropriately respond to the cookie?

Frankly, the whole problem boils down to a matter of trust, which is a HARD problem in computer security. Because, let's face it, given sufficient resources, Mallory can subvert ANY trust system. Yes, even the Web of Trust, by inserting shills.

0
1

Noobs can pwn world's most popular BIOSes in two minutes

Charles 9
Silver badge

Re: OS Warning

A BIOS is basically a Ring -1. It can intercept any verification and return good results.

14
1

Ouch! Google crocks capacitors and deviates DRAM to root Linux

Charles 9
Silver badge

Re: It is just an elevation

Doesn't this exploit bypass segregation, allowing full access to all memory?

0
0

Carriers want 5G to do everything, for anything, anywhere

Charles 9
Silver badge

Re: Lan replacement

Well, for the situation stated at the end of the comment, the answer would have to be, "Raise the desk on a pedastal (giving you space to insert a box on its floor) and connect it to the wall by a wide bump runner out the back semi-permanently affixed to the floor (tearing up a solid marble floor is a no-no given the cost of obtaining such a floor in the first place) which protects the cable but can still allow even wheelchairs to run over it. No other option would fit the aesthetic or budget constraints.

0
0
Charles 9
Silver badge

Re: Lan replacement

US, and most office buildings I've seen feature drop ceilings. While electrical sockets in the outer walls and floors usually have to be built in (due to being set in concrete), network connections tend to be more ephemeral and can come and go as tenants move in and move out. Guess it depends on how the office is setup. If it's mainly sets of cubicles each centered around a column, then it's easy enough to just wire up the column, but if it's more open in nature, then people within won't be as fixed to a single spot, and here properly-secured WiFi would be of benefit.

0
0

Canadian bloke refuses to hand over phone password, gets cuffed

Charles 9
Silver badge

Re: Nobody posted *that* XKCD yet?

Did they ever make one where it doesn't work because the man's a masochist who cries out for more?

0
0

Netflix: Look folks, it's net neutrality... HA, fooled you

Charles 9
Silver badge

Re: Net neutrality

They do, but they see it as discrimination.

0
0

Forums