Feeds

* Posts by Charles 9

3467 posts • joined 10 Jun 2009

IM demo for TOR coming soon

Charles 9
Silver badge

It can only do so much. A savvy power would know real binary data would be formatted. That's why the "magic numbers" technique works. Attempt to obfuscate and they'll try to parse it, which will likely produce telltale clues. As for steganography, mangling inputs should break all but the most robust (and lowest bitrate) systems.

0
0

RSA booked TV's Stephen Colbert to give the final speech. This is what happened next

Charles 9
Silver badge

Re: Unless you don't live in the US.

Not even after Waco, Ruby Ridge, and ESPECIALLY Oklahoma City, all perpretrated by natural-born Americans?

1
0

Boeing going ... GONE: Black phone will SELF-DESTRUCT in 30 secs

Charles 9
Silver badge

Re: Another Boeing Project 25?

And aren't there electronics and even chemicals sensitive to X-rays? What if the phone has a lead lining or other form of X-ray shielding?

1
0
Charles 9
Silver badge

BECAUSE it's so open. They can gut out all the insecure stuff and replace it without having to relicense or pay anything for the base. QNX, for example, requires licensing. Besides, the Linux-based Android kernel includes SELinux, which they helped to develop.

1
0
Charles 9
Silver badge

Re: Security on Phones

The Cold Boot attack. Perhaps encrypt the RAM and use a secure SoC where only the CPU can read the key. There's already commercial examples of such systems.

0
0

Bitcoin or bust: MtGox files for bankruptcy protection

Charles 9
Silver badge

Re: Maybe they really _are_ lost

So paper money can't be incinerated into invisible particulate matter and coinage can't be melted down into a useless amalgamation of base metals? You may still have stuff left afterward, yes, but whatever the heck it IS, the one thing it certainly ISN'T is money. Besides, by law, there has to be a way to retire old money so that fresh currency can take its place.

0
0
Charles 9
Silver badge

Re: Strange...

According to Coinbase, which is one of the more legitimate sites with proper accounting, bank ties, and legal paperwork filed, as of the time of this message, about $560 per.

1
0

LOHAN chap brews up 18% ABV 'V2' rocket fuel

Charles 9
Silver badge

Re: No Duty on Brewing

Alcohol tax revenues go to the STATE, as the fed washed its hands of all alcohol-rated taxation with the 21st Amendment (the A in ATF deals mainly with transport, not with production—IOW bootleggers and smugglers). The reason alcohol laws are so uniform across states is because they tie federal road funds to certain alcohol-related prerequisites (like a minimum age of 21). Licensing is issued by the state (for example, the Virginia Alcoholic Beverage Control board), and they DO have reason to regulate for safety reasons. Many moonshine stills are in the woods, so if the moonshine there catches fire, there's a potential forest fire to deal with. Also, victims of exploding stills may not be well to do, meaning the government has to help foot the cost of healthcare for the injured. So you see, the money and the safety angle are intertwined.

0
0
Charles 9
Silver badge

Re: Beyond 18% ABV...

Try a Samuel Adams Utopias. They worked long and hard to come up with the right yeast strain. AFAIK, they made it to 50 proof (25% ABV): the strongest purely-fermented alcoholic beverage known. Some claim higher but those are either jacked or fortified.

2
0
Charles 9
Silver badge

Re: No Duty on Brewing

/ believe the prohibition has less to do with safety and more to do with control of a desireable commodity and, of course, tax revenue

If that were true, homebrews would be subject to similar restrictions (after all, most people drink beer, not booze, and drink more of it). Nah, safety's the bigger issue here. Not only do some unscrupulous shiners sell the foreshot, but there have been instances of accidents occurring at moonshine stills (either the shine catches fire or a bad setup causes the boiler to explode).

2
0
Charles 9
Silver badge

Re: No Duty on Brewing

Sounds a lot like the general rules in America (it varies from state to state). Homebrews are generally accepted as long as they're not sold commercially. Distillation requires a license. As I recall, controlling the toxic "foreshot" is one thing, I think another reason has to do with fire codes (since you're using heat to distill and the final result can potentially be flammable).

0
0

Fukushima radioactivity a complete non-issue on West Coast: Also for Fukushima locals, in fact

Charles 9
Silver badge

Re: Just remember...

US Law requires distilled spirits (and wine/beer) to be radioactive. Sure it is a bit indirect, but the law DOES require it.

Let's talk context. The reason for this requirement is that they want to make sure the ethanol used in the drink came from plant products rather than petroleum. They do this by testing for the presence of radioactive Carbon-14 (which would be pretty fresh in plant-based alcohols in contrast to petroleum-based ones).

0
0
Charles 9
Silver badge

Perhaps we can ask the residents of New Hampshire or Cornwall. Both are situated on significant granite deposits.

0
0

Final LOHAN test flights codenamed 'Punch' and 'Judy'

Charles 9
Silver badge

Re: says

Funny. I saw those names and thought something else entirely: an anime involving outer space bounty hunters.

So it begs the question, which came first: Cowboy Bebop or Girl Genius?

On third thought, perhaps something prior to both used those names in the past, and each independently took them on.

0
0

NO WONDER Big Blue dropped it: IBM server biz BOMBED in Q4

Charles 9
Silver badge

A flood of red ink tends to evoke the metaphor "bleeding money" instead.

I agree that "IMPLODED" is a better term, although by the time I type this they've settled on "BOMBED" which evokes a similar image.

1
0

Prez Obama cyber-guru: Think your data is safe in an EU cloud? The NSA will raid your servers

Charles 9
Silver badge

Re: Your data

They don't have to trump it. They just IGNORE it: "Ink On A Page". It's not like you can vote in anyone else to replace them (no one even gets on the ballot unless they're in on the plot). And the average American is to apathetic (or busy trying to earn a living) to organize a massive uprising a la Kiev.

2
0
Charles 9
Silver badge

Re: @Charles 9

So someone wanting to get your stuff would need to successfully hack into a US and Chinese cloud provider, and crack the encryption.

You forget the very real possibility the NSA and its chinese counterpart routinely hack into EACH OTHER. Meaning it's passing fair one encounters the other's file, puts two and two together, and obtains a copy of the other's file, reducing the number of places you have to hack. Furthermore, merely finding something like this would likely draw an investigation into who did something this elaborate.

1
0
Charles 9
Silver badge

Re: Like most crime you can't stop a *really* determined criminal.

As if that's stopped the NSA before. Remember Stuxnet? It penetrated an airgap...

0
0
Charles 9
Silver badge

Re: @Eguro

As I understand it, there are encrypted filesystem programs already in existence that can operate on a file image. A CLOUD file image could perhaps be done in a stretch. As for the other piece, that's just a keyfile, and you can make that just about anything of your choice. As for hardening the image file, many of them can use multiple algos for extra strength. It reduces the throughput, but with a cloud file the network is the bottleneck anyway.

0
0
Charles 9
Silver badge

Re: @Eguro

Not impossible. Once one realizes you need the other copy, they'll just hack into EACH OTHER. Which they've already been doing.

0
0

Hey 4G bods: We need to make 'phonecalls' with our 'voices', too

Charles 9
Silver badge

Re: "Most systems currently expect the call to drop, which means you’ll have to redial."

Guess we'll have to agree to disagree, because my experience was the exact opposite of yours. My N95 missed half the time while the Android rarely missed. Meanwhile, I'm used to saying "Call" because I once had a *1G* phone that allowed voice calling. Flip open the phone and it asked, "Who would you like to call?" Android's a touch more complicated than that these days, but then again I also use the extra functionality, too.

0
0
Charles 9
Silver badge

Re: "Most systems currently expect the call to drop, which means you’ll have to redial."

I'm the other way with touch and speak dialing: probably because it MISSED half the time.

BTW, I thought most Android phones with Google Voice Search understand a "Call" command?

0
1
Charles 9
Silver badge

Re: Really ?

It's guaranteed by law in the US as well, last I checked. As long as the changeover follows certain procedures, you can port your number from carrier to carrier.

0
0

Aaah-CHOOO! Brit boffins say WiFi can 'sneeze' malware

Charles 9
Silver badge

Re: Mainframe infected by nasties ..

If I recall, that was only true if the mainframe ran on Harvard architectures which separated the code and data. Trouble was, Harvard architectures prevented certain useful things such as varying forms of compilation like Just-In-Time and other situations where code and data are one and the same.

Plus that's just one way to pwn a machine. What about Return-Oriented Programming, which cherry-picks existing code instead?

3
0

Samsung and Apple BEWARE: Huawei is coming to eat your lunch

Charles 9
Silver badge

Re: Pronouciation

If you study the Japanese kana tables (what are essentially the Japanese version of the alphabet--only they represent phonemes), you'll see many different consonants being represented there: including "ra", "ro", etc. But there's none starting in "l". It's just the way their language developed. I can see why the connection was made, though, since similar tongue motions are done with the Japnaese style of "r" and the English "l" (which also involves lightly touching the palette). The point is that this idiosyncracy in language presents a "lost in translation" problem sometimes. I'm not implying anything good or bad about it; happens all the time between distant languages. I once heard an African tongue (one that involved lots of tongue motion, I think) that made me think in wonder, "How did a language like that develop?"

0
0
Charles 9
Silver badge

Re: Pronouciation

Even then, there is never any guarantee that hear an audio clip in the same way as a native speaker, specifically if your ears were exposed to the difference between 'rip' and 'lip' during a short period in your infanthood, you will never be able to distinguish them in adulthood (hence many racist jokes about Japanese pronunciation of European words).

I thought the Japanese R/L mixup came from their alphabet, which doesn't distinguish between them (basically, their alphabet has the R consonant, but not the L--when they have to accommodate an L from a foreign language, they use the R which is closest). I know a few Japanese writers and artists have actually played on this ambiguity as jokes or whatever.

0
0

Jolla announces Sailfish OS 1.0, says Android love-fest soon to come

Charles 9
Silver badge

Re: Unique opportunity for Sailfish

Chris, no, don't. I'm having enough of this prompting garbage on iOS where EVERY BLOODY TIME I get prompted that switching on WiFi would be so much better than saving my battery and not supporting positional accuracy for whichever 3rd party that is not close enough to government to simply demand cell triangulation - an extra trick they use is swapping "OK" and "Settings" around so you always have to look before you can stop it. And don't get me started on the mail app where every single mailbox will tell me it cannot talk to the server, despite that the OS itself knows full well that cell data is off or airplane mode is enabled. It's only funny the first time.

You may not, but someone sufficiently paranoid might like it. The point I want to make is that the ultimate decision should fall to the user, not the coder, not the phone maker. If the user wants to be prompted every 5 minutes, it's his/her call. The OS should allow, encourage, even REQUIRE the user make these calls about their apps.

0
0
Charles 9
Silver badge

Re: Samsung Galaxy, Google Nexus, and Sony Xperia phones

They can hook up with the Android modders to help with that. It didn't take long for the S4 to have a significant modding community, if XDA is any indication. They've already delved deep into custom installs and getting around various protection systems including KNOX. I've been tracking it since I'm not too fond of TouchWiz (memory hog) and have been using AOSP-based ROMs for a leaner, meaner phone.

0
0
Charles 9
Silver badge

Re: Samsung Galaxy, Google Nexus, and Sony Xperia phones

Well, it would be pretty safe to say the S4 series, the Nexus 5, and the Z series, respectively, for starters. How far back each goes, no one knows, but as those represent the top of the line (or close to it) currently in circulation, those are probably the safest bets.

1
0
Charles 9
Silver badge

Re: Unique opportunity for Sailfish

Actually, we can. What's being stated is that the base Android OS is too lax on security (owing to a model intended to coax developers, not to woo users). The hope is that Sailfish will be built with user-selectable security being baked right into the kernel where it can't be removed. Thus, when a Sailfish app asks for something, it can be controlled by the user to a meticulous degree. For example, instead of being forced to say "yes, you have network access" or "no" in broad, you can perhaps be able to have it prompt you, either the first time or (and here's where it can top iOS) EVERY time or in specific timed intervals. With this level of control and a "deny-by-default" attitude, it would be very tough for anything underhanded (like perhaps Google Play Services) to slip in under the radar.

0
0

Samsung brandishes quad-core Galaxy S5, hopes nobody wants high specs

Charles 9
Silver badge

Re: Brilliant

More bits also mean more registers. More registers means doing things in less cycles. Doing things in less cycles mean less running the processor at full speed. Less running the processor at full speed saves battery.

Depends on where the information comes from to begin with. If you have to fetch stuff from memory, then you take the hit no matter what, either with one 64-bit swipe or 2 32-bit ones (and it's only natural that energizing 64 wires takes more energy than energizing 32 of them).

If you can optimize your routines to use additional registers, OK, but there's also the tradeoff of having more registers in use at once (again, energizing a maximum 64 registers vs. a maximum 32). Also, some operations can't be optimized well to use the registers, perhaps because it's memory-heavy or is otherwise of a nature where a ton of registers isn't going to be so useful (sorta like how GPGPU computing is not ideal for video encoding--it's process-divergent and memory-heavy).

1
0
Charles 9
Silver badge

Re: Brilliant

Tell me. What can you do with a 64-bit phone that you can't with a 32-bit one? More bits likely draw more power, and more RAM probably isn't needed for at least another generation. Sure, mapping storage would be neat, but isn't the flash the bottleneck?

2
0
Charles 9
Silver badge

Question. About this heart rate monitor? Is it more or less an infrared sensor that does it much like an app I've seen in the Play store that can use the camera's ability to see infrared to do the same trick?

0
0

MIT wants quasars to help put free will to rest

Charles 9
Silver badge

I think that's the intention. See if there is a correlation between two things 13 billion light years apart, then how would classical mechanics explain it (since under that, it would take that long for one to react to the other simply due to the limitations of the speed of light)? And I would assume the two quasars would be chosen such that we wouldn't be equidistant between them, removing that possible coincidence.

0
0

Mobe operators, need to check your network? There’s an app for that

Charles 9
Silver badge

They can't control the customers too well. Thus this bridge. You use the mobe so the tech can go where people go, but you control the variables and use a hired hand to make the results more precise and reliable.

0
0

Beware Greeks bearing lists: Bank-raiding nasty Zeus smuggles attack orders in JPEGs

Charles 9
Silver badge

Re: Steganography to hide the whole thing

The big trick would be to conceal the payloads in ways that can withstand mangling, image conversion, and so on. Many hosting sites will routinely alter images to make them easier to store and transmit, and the extent of these alterations can break many stegos to date: including perhaps this method or a variant of concealing it in the EXIF data. I will admit that a 1080-sized wallpaper gives more real estate to work with, but that's again reduced by the robustness requirement.

0
0
Charles 9
Silver badge

Re: Not steganography

It's been so noted in the article and qualified appropriately (IOW these weren't El Reg's words).

I suspect, though, it won't be long before someone uses real stego to pull it off. I think the main concern is that many sites mangle images before posting to fit within dimension and/or size limits, and JPEG is a pretty forgiving format for that...except when you want to keep fine details which are necessary for stego, meaning mangling a JPEG will likely mangle the stego beyond the point of recognition.

So perhaps what we're seeing is a V1 attempt at hiding the list within an image file. V2 will see true robust stego.

1
0

TV scraper Aereo pulled off air in six US states after tellyco court injunction victory

Charles 9
Silver badge

Re: Crucial difference

"If wee little paperclip antennas installed in racks in the basement data centers actually worked, then why does everyone else spend so much time up on the roof struggling to get an OTA HD signal? Why doesn't Aereo drop this service model and start selling these amazing "antennas" to the public? Perhaps the same technology can be applied to directly detect signals from deep space missions using nothing more than a slightly larger paperclip?"

Because location is part of the reason Aereo works. Aereo carefully picks their facilities to optimize the reception, much like transmitters use tall masts and prefer the tops of hills and the like: the clearer your line of sight, the better. Put it this way: no matter how good your setup, trying to get good reception in a valley (or a concrete canyon) is pretty much going to be hit or miss: bad line of sight compounded with reflection echoes.

0
0
Charles 9
Silver badge

Re: Beer analogy

They pay by the eyeball on the TV. Thing is, TV watching has spread out lately, and the TV auditors lack the means to measure things like Aereo, computers, even DVRs.TV shifting been a brewing storm for the advertisers for a few years now because to date they lack a reliable means of measuring shifting.

0
0
Charles 9
Silver badge

Re: Crucial difference

"Also, insects have antennae; televisions have antennas. Once a loan-word has acquired a new meaning, it follows modern English pluralisation rules in its new sense."

Last I checked, it should be all or nothing. Multi-mast WiFI setups still use "ae" IIRC. Put it this way: either insects have antennas or wireless systems have antennae: no vacillating.

It's like with the "mouse" and "house" question. Why don't we say "mouses" or "hice"?

2
1

US Senate bill would mandate 'kill switch' on all smartphones

Charles 9
Silver badge

Re: dumb question but...

Plus what if the phone never gets the kill signal in the first place because it gets shielded before the kill signal is ever sent? Then it's sent someplace where the kill signal isn't supported?

0
0
Charles 9
Silver badge

They're not synced between countries. IOW, steal phone, sell overseas, profit.

1
0
Charles 9
Silver badge

Re: What good does bricking a stolen phone do?

I don't know about that. People have been mugged and killed apparently JUST for the phone (as in nothing else was stolen), which is then fenced.

2
0
Charles 9
Silver badge

Re: Land of The Free

Also, this gives the ability of authorities to stop all communication from a certain physical area. Say for example where there is a protest, they can just kill all phones within a mile radius. Or, kill all phones in area X, that arent specifically phone models used by police or military.

They've been able to do that for years, no killswitch required. Cell phones are pretty useless without CELLS. Governments simply shut down the cell towers and kill the reception. I recall that's a technique Iran used (that and killing Internet access in the affected area: thus killing WiFi and femtocells as well). Police and military don't need cell phones since they traditionally use two-way radios whose frequencies are already reserved for them (Know why the US can't use Band III? Military had dibs on the frequencies already).

2
0

Steelie Neelie 'shocked' that EU tourists turn mobes off when abroad

Charles 9
Silver badge

Re: It's not phone calls, it's data

They made up for it by offering flat-rate pricing for calls, then for texts. Once you're flat, you stop caring. Data's only starting to go there but some of the data allowances can be generous.

0
0
Charles 9
Silver badge

Re: Funny thing is

Can one actually SEE Iceland from the English Channel?

0
0

Fiendish Internet Explorer 10 zero-day targets US soldiers

Charles 9
Silver badge

Re: ASLR Bypass Apocalypse ..

So how do they keep the INNER circuit from being directly attacked. IOW, who guards the guards' guard? Similarly, wouldn't the malware writers simply target the hardware directly, which HAS happened, as BIOS/EFI exploits can attest.

0
0

Wii got it WRONG: How do you solve a problem like Nintendo?

Charles 9
Silver badge

What failed the Dreamcast was a combination of bad timing and strong competition. By the time the Dreamcast came out, Sega was already perceived as on its last legs. They were desperate enough to try to jump the gun AND not use the new DVD format for its games. Both were gambles and in this case they didn't pay off.

Meanwhile, Sony went the other way and decided to wait. By using DVD media, they could paradigm shift gaming expectations away from whatever Sega could produce (and though Sega could produce superior graphics, the TVs of the time—HDTV wasn't even out yet—meant it wasn't easy for the average gamer to see it). Not to mention it also meant it could double as a DVD player at a time when the format was novel and in demand, fueling a synergy between the two. Furthermore, they chose to include PS1 backward compatibility, which meany anyone who missed out on the PS1 generation and its large number of great games could buy in with one purchase. Plus, in gaming terms Sony really is the gorilla in the room because it's not just a gaming company. It's a media company as well; they could perform media tie-ins none of the other companies can achieve. Only Nintendo with iconic decades-old franchises could come close to that level of media power. The deathblow probably came when EA (THE most-demanded sports gaming company) pretty much snubbed Sega. EA is considered the third party to watch when it comes to support. When EA snubs a platform, pretty much everyone else realizes it's a lost cause. Like it or not, when it came to sports gaming then and probably now, EA blazes the trail.

1
0

Minecraft developer kills Kickstarted Minecraft movie

Charles 9
Silver badge

Re: Confused!

The trademarks associated with Minecraft and its assorted characters. Under USPTO law, these rights must be asserted in order for them to remain valid.

0
0

Comcast Corp to merge with Time Warner Cable in MONSTER $45bn deal

Charles 9
Silver badge

Re: FIFY

This is truly a retarded argument that I keep hearing over and over again. Cable companies don't service rural areas they can't make money in. Many of these remote places have only crappy DSL or dial-up.

Point is you have big cities on BOTH coasts. In order for these cities to be able to talk to each other in high-speed, you need to make it high-speed all the way down, including out in the boonies. Otherwise, it'll be like planting a two-lane bridge in the middle of a four-lane highway: basically making a chokepoint. This is where geography plays a role. How much do you think it would cost to run high-speed fiber between New York and Los Angeles, considering in the meantime this fiber will have to negotiate two mountain ranges and more than a few rivers (including the Mississippi)? And that's not among the worst-case scenarios (consider a run from Miami to Seattle, longer and more convoluted).

0
0