* Posts by Charles 9

5704 posts • joined 10 Jun 2009

You ain't nothing but a porn dog, prying all the time: Cyber-hound sniffs out hard drives for cops

Charles 9
Silver badge

Re: This is...

It's hard to know where to find a hard drive if it's for example hidden inside a wall cavity. There are tons of wall cavities and other nice little crevices in any house that would be indistinguishable from actual house even with people searching, so without a sniffer dog it would be like trying to find a nonferrous needle in a haystack. And they can't just tear the house apart in a search; even with a warrant, if they turn up empty, there's a risk of a suit on a Fourth Amendment claim the search was unreasonable. And last I checked, this hasn't been fully challenged yet, so there's a risk the police lose such a suit.

2
0
Charles 9
Silver badge

Re: SSD?

Except by now the plods are well aware of TrueCrypt/VeraCrypt hidden volumes and will just ask for the secret secret key. Plus what if someone recursed by hiding a volume file IN a volume file.

0
4

No, drone owners – all our base are belong to US, thunders military

Charles 9
Silver badge

Perhaps a bit of confusion here. While the FAA does not control the airspace below 500 feet of private property (that usually falls to the ground property owner unless they've sold an easement), they do have power over any aircraft, manned or unmanned, bigger than a foot or two in wingspan. That latter power attaches to the craft and not the airspace so they have regulatory authority no matter where the craft goes. That's why downing a drone larger than toy size can result in a federal felony charge.

6
0
Charles 9
Silver badge

Re: this one looks good - silent as well

1) Doesn't work if the drone is working on a program as it's not receiving input. Even if you jam its GPS it can maintain bearing if it has a tri-axial accelerometer.

2) It's a radio transmitter over a certain power range, meaning it falls under the purview of the FCC.

3
0

Feds widen probe into lottery IT boss who rooted game for profit

Charles 9
Silver badge

Re: What ever happened to "employees and family members may not participate"?

It's there. Only the suspect used false identities and shills to get around that rule.

3
0
Charles 9
Silver badge

And YOU don't get the point. Lotteries are a regulated industry because gambling can be subject to federal regulation concerning gambling. State lotteries (and by law, lotteries MUST be done by the states) therefore walk a fine line to make sure they don't get involved.

1. Lotteries don't need to game their systems to earn money. They work the same way casinos do: their games are structured so that the odds always favor them, allowing them to take a profit even with the odd winner. That's why a typical Pick 3 $1 Exact hit only pays $500 while the odds of hitting are 1 in 1,000. Plus games with big top prizes tend to have liability limits in case there's a run on the top prize.

2. If you haven't actually played the traditional lottery, you should know the numbers for these games are drawn from mechanical randomizers. Where does software fit into a mechanical (ie. hardware) randomizer? And note, for security reasons, these drawings are televised.

3
1
Charles 9
Silver badge

By your logic, nothing is random because lifeforms are pretty deterministic, too. Which then asks the question, "What about chaos theory?" And what about those hardware RNGs you're seeing more and more often based on physically-shown-to-be-random phenomena?

But it's kinda hard to game a mechanical randomizer that's inspected by a third party firm before each drawing and supervised during the drawing. Based on past instances of corruption, they've come up with a pretty effective system to minimize the odds using multiple machines and multiple sets of balls.

4
2
Charles 9
Silver badge

Re: Don't win the jackpot...

In most lotteries, the most one can claim without an ID is only a few hundred dollars (in Virginia, for example, it's $600, when a $1 Pick 3 Exact hit is $500). Beyond that, you have to go to the regional offices that mean all the paperwork and so on. Plus at $5,000 the feds get involved because gambling winnings are considered an income that requires withholding at those levels.

What I want to know is how he was able to game the game when most lotteries use mechanical randomizers which typically are inspected before each drawing.

7
0

Comcast 'rolls out' 'world's first' DOCSIS 3.1 modem, pumping 1Gbps over existing cable

Charles 9
Silver badge

Best Buy is still around. And there's h. h. Gregg, too.

Anyway, DOCSIS cable modems are now at commodity level. You can buy them at Walmart.

0
0
Charles 9
Silver badge

If Cox Gigablast is any indication, then this trial will be set in one of two types of locales:

1. New developments, where the ground is torn up anyway so it's cheap to lay new fiber networks.

2. Affluent neighborhoods where the people can afford to plunk down.

1
0
Charles 9
Silver badge

Re: 4.0

You're in for a wait, then. DOCSIS 3.1 is only two years old and still has plenty of legroom. It's theoretical max is 10Gbps down/1Gbps up. If there is continuing progress, it will probably be at the expense of channels as physical limitations kick in. Besides, most major cablecos are at least partially fiber now and will probably be making their next major infrastructural investments in moving the last mile to fiber so as to keep up with firms like Verizon already at the FTTH stage (I have access to both Cox and Verizon FiOS; I stick with Cox right now to avoid extra box rentals).

0
0
Charles 9
Silver badge

World's first? Then what's the difference between this and Cox's GIgablast?

0
0

There's an epidemic of idiots who can't find power switches

Charles 9
Silver badge

Re: Image @ John Savard

Actually, there's no "right" way to orient a US socket, but some guides DO recommend installing it as you say, "upside down" so the ground pin is up. of course, in high-current (read: industrial) settings electrical codes usually require you use a different plug: sometimes even those plug that lock when you turn them.

1
0
Charles 9
Silver badge

Re: Am i stupid? or am I smart?

Excuse me, but computer plugs in the US are THREE-pin, not two, because they insist on dedicated grounding/earthing pins. As for the plug getting knocked out, that's usually a function of how old the socket is. A fresh socket usually has enough grip that you risk tearing the cord off before the plug comes out. If a socket is getting loose enough that plugs can get knocked off (which usually takes a number of years, especially if plugs aren't moved often), it's usually time to see about getting the socket replaced.

1
0
Charles 9
Silver badge

Re: since I am on a roll

Odds are the ceiling fan light came after the fan itself, which in turn came after the switched outlet, which BTW is in the Code so that a room can always be lit from the doorway (which can be important at night, which IIRC is also why the NEC requires any such illumination switch be within arm's reach of the doorway).

1
0

Security industry too busy improving security to do security right

Charles 9
Silver badge

Re: Will no one think of the terrorists^Whackers?

POS/PIN Pad Malware is being neutered with the move to Chips since the chips are supposed to produce one-time-use tokens which are useless even if stolen. Plus there are additional motivations to break SSL/TLS beyond PCI.

0
0
Charles 9
Silver badge

Re: Too Hard?

"Is it possible to determine, in a nondestructive fashion, which type of contactless card is which?"

A general rule of thumb is that 2nd-Generation contactless cards are also Chip cards since both use the EMV system.

0
0
Charles 9
Silver badge

Re: Too Hard?

Point is, they usually can't deny a chargeback in this case since you already reported the card stolen. And this also falls into the "small ticket" exception the card companies instituted because it's usually not worth it for them to pursue frauds for transactions that small. They'll either pin it on the retailers for not checking or just eat the costs to get on with business.

0
0
Charles 9
Silver badge

Re: square (and equivalents?)

Unless Square updates their readers to Chip readers, they'll become liabilities come next year. Furthermore, they're reliant on Apple or Android devices, the latter in particular has been shown to have lots of vulnerabilities. Plus we don't know the security reputation of guys like Square. What if they get hacked?

0
0
Charles 9
Silver badge

Re: Too Hard?

"Though with contactless you can have your cards cancelled and the crooks can still buy stuff because some POS terminals don't actually check in with the bank before authorising transactions. Cards don't keep your money safer, they just make it easier to track."

Only the first generation of contactless cards do that, plus if you've already cancelled the card, that trick supports your claim, meaning any dispute over the charge would fall in your favor (it would fall to somewhere else along the chain for failing to check). That's why they're being dropped (and why Google dropped its original contactless Wallet) for the second-generation contactless cards that use the EMV system (which Android Pay and Apple Pay now use as well).

1
0
Charles 9
Silver badge

Re: Great

Oh, PCI has teeth. Trouble is that a good chunk of their customer base are gazelles: prone to running, and teeth are no good without something to bite down on. For many of these small businesses, they have to weigh the costs of using the equipment vs. the additional customers who appreciate being able to use plastic. If the numbers don't add up, they don't fall under PCI's umbrella.

It's a lot like odious office password policy that makes passwords so hard to remember that everyone resorts to Post-It notes. You try and make things too tough and your clients defy you, leaving your overall picture weaker.

It's actually something of a hard problem in security vs. economics. What happens when the least acceptable standard is so odious to implement few are willing to put up with it?

0
0
Charles 9
Silver badge

Re: Too Hard?

Thing is, you have to trust iZettle, plus I'd like to know the terms and conditions in case there's an assumption of liability (for example, what if someone hacks or switches the pads). Plus, this doesn't appear to be available in America just yet.

0
0
Charles 9
Silver badge

Re: Too Hard?

Until customers walk away because they ONLY have plastic (yes, I've seen it happen lots of times). Many people are going increasingly cashless due to muggers and pickpockets. At least with plastic, you can call the bank and have your cards cancelled and flagged. So the mom-and-pop faces a dilemma: take plastic and you risk safety, refuse and you risk customers.

3
1
Charles 9
Silver badge

Re: Too Hard?

Then kiss your mom-and-pop businesses goodbye because most of the problem lies with them. They typically run on razor-thin margins which is why they're notorious for cheaping out and delaying things out of necessity, yet without them the only retailers left would be the juggernauts. So what'll it be? Slow-to-act but personal attention or the cold, emotionless juggernauts?

2
4

Big Brother is born. And we find out 15 years too late to stop him

Charles 9
Silver badge

Re: Keyboard-warrior outrage

"The number of Bad Guys is infinitesimally small."

But they're very much like high-yield bombs. One guy can do a lot of damage, people die, and if the government can't stop them before they slay innocents, the public will ask what good are they?

1
0
Charles 9
Silver badge

Re: Curious

"Indeed. Obvious solution: inject more needles."

And make sure they're nonferrous, so they can't be picked up with magnets.

Preferably, use biological materials like bone so that even technology will have a hard time distinguishing the needles from the hay.

1
0

Hollywood given two months to get real about the price of piracy

Charles 9
Silver badge

Re: Out on a limb here

Actually, you devalued what they DO possess by diluting the supply. That CAN be demonstrated as loss much like dumping a commodity on an open market spikes the supply and thus tanks the equilibrium price. DeBeers tried to corner the diamond market, but after diamonds outside their control entered the market, the cartel eventually crumbled.

Rarity can be a value in and of itself, and we DO see value in rarity which is why collectors exist. Put it this way. Would your $2M Bugati still be worth $2M if I developed a matter replicator and could just make copies of your car?

2
0
Charles 9
Silver badge

"Even in US it's not a criminal offense if you consume less than $1000 worth per month!"

Where in the United States Code does that specific exemption exist?

As for why no criminal cases in America, that's because copyright infringement is mainly a civil matter, meaning it's up to the plaintiffs to sue for damages. Infringers don't go to jail, but they run the risk of big damages, as this link notes:

http://abcnews.go.com/Business/story?id=8226751

I DO know Japan cracked down on downloaders some years back, to the extent they penetrated a P2P darknet called Perfect Dark to bust them (and the charges were specifically for downloading).

0
1
Charles 9
Silver badge

Re: I dunno

Well, from a business perspective, that's what works. The Old Reliable. New stuff is a crap shoot most of the time unless it's a known success story crossing over from another market (Marvel's Avengers come from comics while the likes of Harry Potter, Twilight, Fifty Shades, etc. all come from literature). Something out of the blue becoming a success is a shot in the dark, and that can irk the investors while a successful franchise can bring in several hit movies all turning nice profits (Harry Potter got up to eight, Twilight to five, and let's not start with Marvel's general success on the big screen). The viewers have spoken with their wallets. If the choice is between a complete unknown or a franchise that can draw repeat trips, the fiduciary choice is obvious.

0
0

Dry those eyes, ad blockers are unlikely to kill the internet

Charles 9
Silver badge

Re: Simply put...

"because that's a sure fire way to make more people decide to install an ad blocker."

And more ad-blockers are a sure-fire way for sellers to start raising ad-blocker-blockers, and they have the advantage from the technical point of view because they can detect when the ad is pulled and have ways to tell if it's being pulled by a human or a robot (by using the side channels that are requied to make the ad appear, which they'll force you to open as part of the ad-blocker-blocker). Because of the cutthroat nature of Internet sales, soon ALL of them will be doing that, so your only way to avoid them is to abandon the Internet.

0
0
Charles 9
Silver badge

Re: Simply put...

"However like the movie studios and distributors, most advertisers are still using antiquated thinking instead, of thinking outside the box a little and actually putting some effort into ads, that actually give good factual information about the product or service they are trying to sell and don't do stupid annoying things like pop up over the entire screen or redirect you automatically to another site, because that's a sure fire way to make more people decide to install an ad blocker."

They probably have experience on their side. Thinking outside the box doesn't fit well against the human psyche. We only have a limited scope of what gets our attention. And ad campaigns are very much like election campaigns. Historically, what works appeals to the gut, not the brain.

0
0

LifeLock didn't live up to their hype, and now they're $100m lighter

Charles 9
Silver badge

Re: Zoinks!

"That's just gobsmacking. How did this manage to fly?"

The FTC had the position of strength since LifeLock agreed to settle out of court. If they didn't agree, it would've gone to court, which given the evidence the FTC was presenting would only mean bad news for LifeLock: including the distinct risk of an even higher fine set by judge and/or jury.

0
0

13,000 Comcast customers complain to FCC over data caps

Charles 9
Silver badge

Re: Data caps are just a small problem by comparison

I think it's even worse than that. Remember that Comcast is not only the biggest cable company in the US, with exclusive (usually by way of owning the cables) access to many markets, they also own NBC, one of the "big four" broadcasters in the country, so they have tremendous business leverage with Congress. What better threat to rural Representatives that are raising a stink than to pack up and leave their constituents in the lurch, knowing that when it comes to utilities, the incumbent always has the advantage due to the high upfront costs needed just to get started, especially in very rural areas where the nearest upstream connection is some distance away.

1
0
Charles 9
Silver badge

Re: Yep... I figured half as much

They can't. They have this thing called "fiduciary duty." Also, in a competitive world, nice guys finish last. You take what you can when you can get it or someone else leaves you hungry.

1
0

Congress strips out privacy protections from CISA 'security' bill

Charles 9
Silver badge

Re: Wht we need to work on is...

That's kinda tough when the average Joe Public isn't interested in learning. Please note all those people who swear on their Bibles or whatever that the world is only 6,000 years old, that anyone and anything that's been to space has been tricked by the Devil, and that Final Judgment is nearly 20 years overdue. As a comedian once said, "You can't fix Stupid."

0
0
Charles 9
Silver badge

Re: "data handed over is immune from freedom of information requests."

I believe income tax (which the 16th Amendment allowed by exempting it from existing restrictiong) was addressed separately from the matter of excise taxes. Income tax had been tossed around since the Civil War, but the Pollock case forced a resolution because SCOTUS got involved and limited income tax to that from labor (the states were supposed to get a proportional cut from income tax from other sources).

There had also been a discussion in the past about which was better: an income tax or a sales tax. They settled on the income tax primarily because it was harder to hide income under the table.

0
0
Charles 9
Silver badge

Re: What fucked up approach to democracy

Truth is, Congress had actually had gentlemen's agreements to avoid non-germane riders. Thing was, riders were also the best tool to get lesser Congresspeople to sign on to controversial bills (IOW, if persuasion doesn't work, try bribery). Since the lesser Congresspeople lacked the power, they couldn't get anything done directly for their constituents, so it became something of a necessary evil to tempt these votes with riders to keep those districts happy so they can be re-elected

So basically, removing riders prevented bridges to nowhere but it also burned the bridges needed to get the tough acts passed, meaning Congressional activity (and approval) tanked.

0
0
Charles 9
Silver badge

Re: What fucked up approach to democracy

Problem is two can play that game, and the House in particular has historically blamed President Obama for everything that goes wrong in the country regardless of its real cause; they just use the "six degrees" technique to connect everything to him. In such an environment, admonishment doesn't work because they can ignore it in their heads and just admonish Obama back, piling on extra reasons to make their story look like the real one. Remember, the game of chicken did end up crashing at least once with a shutdown of about two weeks, and they keep blaming Obama for that shutdown, even when public opinion showed otherwise; after all, the GOP regained the Senate in 2014 in spite of it.

1
0
Charles 9
Silver badge

Re: Mass protests

And plenty of money, seeing as how you probably won't have a job to come back to once you're done in DC. I mean, what happened to all the people who tried to Occupy Wall Street?

4
0

ZOMBIE Commodore PET lurches out of its 1970s grave – as a FONDLESLAB

Charles 9
Silver badge

Re: Not *another* cheap nostalgia-exploiting "revival"

Because I believe its slogan is trademarked ("His prices are INSANE!"), plus there's the whole image of a crazy electronics dealer and the fact the name "Crazy Eddie" rolls off the tongue so easily. I lived in Nassau County during Crazy Eddie's height, and there was a store near Roosevelt Field that I visited a few times as a kid. I believe the name's being held by an online retailer, and seeing as it's been nearly 30 years since the fall of the Antars, some feel the image can be safely re-introduced. Problem is, a store like Crazy Eddie can't compete anymore in the world of big-boxers like Best Buy. Its biggest rival, Circuit City, bit the dust shortly before the turn. Even the vaunted Radio Shock has closed up shop.

0
0

Let's shut down the internet: Republicans vacate their mind bowels

Charles 9
Silver badge

Re: Conservative = stupid

"The liberal position, which I have held for decades and you have never understood, is "I have a good life, but I observe others do not. How can I, as a citizen, work to ensure that others have a good life as well?""

Which makes no sense in a world of 12 islanders but only 10 coconuts. It sounds all nice on paper, but eventually the game turns zero sum and it's you or him.

0
0
Charles 9
Silver badge

Re: Fucking appalling

No, it succeeded. The Arab Spring was a bust. The popular uprisings fizzled out, and the governments in Egypt, Syria, et al are no better than what was there before. Sure, some information got out, but not enough to make a difference. They didn't have to squelch all communication, just enough of it. Also consider the ramifications for those people who did manage to leak. Have we ever heard from them again (implying they allowed some information to leak so as to trace them)?

0
0
Charles 9
Silver badge

Re: Encryption

"Which, of course, will change nothing. Have they forgotten that all the WW2 communications intercepted by places like Bletchely park were in clear text, easily intercepted by anyone with a radio, because the spies had first encrypted their stuff by hand using Enigma, one-time pads, etc."

Then it was still transmitted in an encrypted form. The thing about encrypted communications is that they're typically not human-comprehensible, which makes them stand out. The only way around that is through steganography (hiding a message within another innocuous message), but even that has its limitations, especially for messages of arbitrary subject and length.

"Even if "they" could somehow force the internet and every device connected to it to use only non-encrypted messages, those who want secrecy will still be able to encipher their stuff before it gets anywhere near the internet, and one-time pads (or their opensource software equivalents) have no back doors."

But has a bandwidth limit and, again, will make it stand out and make it easier to spot and trace. Plus it's tricky to combine the one-time pad with stego and still make it able to get past detection and mangling techniques while still able to produce a message of usable length. Another consideration. If the enemy figures out even one of the messages is suspect and mangles it such that the other side can't decipher it, you've defeated the one-time pad for the duration because now the two ends are out of sync.

0
0
Charles 9
Silver badge

"Have you read Plato's Republic? It makes an interesting argument in its effort to answer your exact question."

Interesting, yes, but highly unrealistic and one that assumes a knowledgeable and informed public when the opposite is true. The average American has a narrow scope of knowledge that can have a detrimental effect in a highly-interconnected society where one's decisions, made even in isolation, can affect the whole, perhaps even boomeranging back and hitting the decision maker.

3
0
Charles 9
Silver badge

Re: Bring on James Kipper for President of the United States

Uh, one little detail. Only people born in the United States (more or less) can run for President. And that's right in Article II, so the requirement can't be removed easily.

0
0

Microsoft steps up Windows 10 nagging

Charles 9
Silver badge

Re: I'd like to know...

Rotting in the ADX Florence Supermax in Colorado under eight LWOP sentences (he pled guilty to avoid the death penalty). Given he's 73 now, I don't know how much use he'll be even if he was eligible for parole, which he's not.

1
0
Charles 9
Silver badge

Re: Bring on the law suits!

You're forgetting that Microsoft covered their butts my making the upgrade automatic only on home installations. Enterprise installations are neither eligible for the free upgrade nor given the automatic upgrade, last I checked. So if a business computer gets snarled by an automatic update, it will be assumed to be a Home installation in a business: against the license, so there will be some questions. As for the loss of data in a home, a home user would have a weaker standing because home data accumulation is less likely to be of enough value to warrant a suit.

0
3
Charles 9
Silver badge

Re: Oi Microsoft

With that kind of attitude, you'd think they'd attach GWX to every single update they provide, including the security updates so that you end up between Scylla and Charybdis. Remove the update to get rid of GWX and you're left open to pwnage.

0
1

Canadian live route map highlights vulnerabilities to NSA spying efforts

Charles 9
Silver badge

Re: The Traveling Salesman Problem

That's what's happening, as the Internet can't see things too well in terms of physical distance, just in terms of time, and packets can be delayed by more than just sheer distance, such as a slow leg along the way.

0
0
Charles 9
Silver badge

Re: How much extra bandwidth does this require?

Not shortest; fastest. That's why you have beltways and so on, because if you had to cut through the downtown of a highly-congested city just to get past it, you find that taking the beltway around it, which is usually a motorway as well, still saves you time even if the trip is further in terms of distance. IOW, a speedy dogleg down a motorway can still beat a straight-on trudge through rough and crowded surface streets.

2
0

Forums