3501 posts • joined 10 Jun 2009
Re: @Charles 9
So someone wanting to get your stuff would need to successfully hack into a US and Chinese cloud provider, and crack the encryption.
You forget the very real possibility the NSA and its chinese counterpart routinely hack into EACH OTHER. Meaning it's passing fair one encounters the other's file, puts two and two together, and obtains a copy of the other's file, reducing the number of places you have to hack. Furthermore, merely finding something like this would likely draw an investigation into who did something this elaborate.
Re: Like most crime you can't stop a *really* determined criminal.
As if that's stopped the NSA before. Remember Stuxnet? It penetrated an airgap...
As I understand it, there are encrypted filesystem programs already in existence that can operate on a file image. A CLOUD file image could perhaps be done in a stretch. As for the other piece, that's just a keyfile, and you can make that just about anything of your choice. As for hardening the image file, many of them can use multiple algos for extra strength. It reduces the throughput, but with a cloud file the network is the bottleneck anyway.
Not impossible. Once one realizes you need the other copy, they'll just hack into EACH OTHER. Which they've already been doing.
Re: "Most systems currently expect the call to drop, which means you’ll have to redial."
Guess we'll have to agree to disagree, because my experience was the exact opposite of yours. My N95 missed half the time while the Android rarely missed. Meanwhile, I'm used to saying "Call" because I once had a *1G* phone that allowed voice calling. Flip open the phone and it asked, "Who would you like to call?" Android's a touch more complicated than that these days, but then again I also use the extra functionality, too.
Re: "Most systems currently expect the call to drop, which means you’ll have to redial."
I'm the other way with touch and speak dialing: probably because it MISSED half the time.
BTW, I thought most Android phones with Google Voice Search understand a "Call" command?
Re: Really ?
It's guaranteed by law in the US as well, last I checked. As long as the changeover follows certain procedures, you can port your number from carrier to carrier.
Re: Mainframe infected by nasties ..
If I recall, that was only true if the mainframe ran on Harvard architectures which separated the code and data. Trouble was, Harvard architectures prevented certain useful things such as varying forms of compilation like Just-In-Time and other situations where code and data are one and the same.
Plus that's just one way to pwn a machine. What about Return-Oriented Programming, which cherry-picks existing code instead?
If you study the Japanese kana tables (what are essentially the Japanese version of the alphabet--only they represent phonemes), you'll see many different consonants being represented there: including "ra", "ro", etc. But there's none starting in "l". It's just the way their language developed. I can see why the connection was made, though, since similar tongue motions are done with the Japnaese style of "r" and the English "l" (which also involves lightly touching the palette). The point is that this idiosyncracy in language presents a "lost in translation" problem sometimes. I'm not implying anything good or bad about it; happens all the time between distant languages. I once heard an African tongue (one that involved lots of tongue motion, I think) that made me think in wonder, "How did a language like that develop?"
Even then, there is never any guarantee that hear an audio clip in the same way as a native speaker, specifically if your ears were exposed to the difference between 'rip' and 'lip' during a short period in your infanthood, you will never be able to distinguish them in adulthood (hence many racist jokes about Japanese pronunciation of European words).
I thought the Japanese R/L mixup came from their alphabet, which doesn't distinguish between them (basically, their alphabet has the R consonant, but not the L--when they have to accommodate an L from a foreign language, they use the R which is closest). I know a few Japanese writers and artists have actually played on this ambiguity as jokes or whatever.
Re: Unique opportunity for Sailfish
Chris, no, don't. I'm having enough of this prompting garbage on iOS where EVERY BLOODY TIME I get prompted that switching on WiFi would be so much better than saving my battery and not supporting positional accuracy for whichever 3rd party that is not close enough to government to simply demand cell triangulation - an extra trick they use is swapping "OK" and "Settings" around so you always have to look before you can stop it. And don't get me started on the mail app where every single mailbox will tell me it cannot talk to the server, despite that the OS itself knows full well that cell data is off or airplane mode is enabled. It's only funny the first time.
You may not, but someone sufficiently paranoid might like it. The point I want to make is that the ultimate decision should fall to the user, not the coder, not the phone maker. If the user wants to be prompted every 5 minutes, it's his/her call. The OS should allow, encourage, even REQUIRE the user make these calls about their apps.
Re: Samsung Galaxy, Google Nexus, and Sony Xperia phones
They can hook up with the Android modders to help with that. It didn't take long for the S4 to have a significant modding community, if XDA is any indication. They've already delved deep into custom installs and getting around various protection systems including KNOX. I've been tracking it since I'm not too fond of TouchWiz (memory hog) and have been using AOSP-based ROMs for a leaner, meaner phone.
Re: Samsung Galaxy, Google Nexus, and Sony Xperia phones
Well, it would be pretty safe to say the S4 series, the Nexus 5, and the Z series, respectively, for starters. How far back each goes, no one knows, but as those represent the top of the line (or close to it) currently in circulation, those are probably the safest bets.
Re: Unique opportunity for Sailfish
Actually, we can. What's being stated is that the base Android OS is too lax on security (owing to a model intended to coax developers, not to woo users). The hope is that Sailfish will be built with user-selectable security being baked right into the kernel where it can't be removed. Thus, when a Sailfish app asks for something, it can be controlled by the user to a meticulous degree. For example, instead of being forced to say "yes, you have network access" or "no" in broad, you can perhaps be able to have it prompt you, either the first time or (and here's where it can top iOS) EVERY time or in specific timed intervals. With this level of control and a "deny-by-default" attitude, it would be very tough for anything underhanded (like perhaps Google Play Services) to slip in under the radar.
More bits also mean more registers. More registers means doing things in less cycles. Doing things in less cycles mean less running the processor at full speed. Less running the processor at full speed saves battery.
Depends on where the information comes from to begin with. If you have to fetch stuff from memory, then you take the hit no matter what, either with one 64-bit swipe or 2 32-bit ones (and it's only natural that energizing 64 wires takes more energy than energizing 32 of them).
If you can optimize your routines to use additional registers, OK, but there's also the tradeoff of having more registers in use at once (again, energizing a maximum 64 registers vs. a maximum 32). Also, some operations can't be optimized well to use the registers, perhaps because it's memory-heavy or is otherwise of a nature where a ton of registers isn't going to be so useful (sorta like how GPGPU computing is not ideal for video encoding--it's process-divergent and memory-heavy).
Tell me. What can you do with a 64-bit phone that you can't with a 32-bit one? More bits likely draw more power, and more RAM probably isn't needed for at least another generation. Sure, mapping storage would be neat, but isn't the flash the bottleneck?
Question. About this heart rate monitor? Is it more or less an infrared sensor that does it much like an app I've seen in the Play store that can use the camera's ability to see infrared to do the same trick?
I think that's the intention. See if there is a correlation between two things 13 billion light years apart, then how would classical mechanics explain it (since under that, it would take that long for one to react to the other simply due to the limitations of the speed of light)? And I would assume the two quasars would be chosen such that we wouldn't be equidistant between them, removing that possible coincidence.
They can't control the customers too well. Thus this bridge. You use the mobe so the tech can go where people go, but you control the variables and use a hired hand to make the results more precise and reliable.
Re: Steganography to hide the whole thing
The big trick would be to conceal the payloads in ways that can withstand mangling, image conversion, and so on. Many hosting sites will routinely alter images to make them easier to store and transmit, and the extent of these alterations can break many stegos to date: including perhaps this method or a variant of concealing it in the EXIF data. I will admit that a 1080-sized wallpaper gives more real estate to work with, but that's again reduced by the robustness requirement.
Re: Not steganography
It's been so noted in the article and qualified appropriately (IOW these weren't El Reg's words).
I suspect, though, it won't be long before someone uses real stego to pull it off. I think the main concern is that many sites mangle images before posting to fit within dimension and/or size limits, and JPEG is a pretty forgiving format for that...except when you want to keep fine details which are necessary for stego, meaning mangling a JPEG will likely mangle the stego beyond the point of recognition.
So perhaps what we're seeing is a V1 attempt at hiding the list within an image file. V2 will see true robust stego.
Re: Crucial difference
"If wee little paperclip antennas installed in racks in the basement data centers actually worked, then why does everyone else spend so much time up on the roof struggling to get an OTA HD signal? Why doesn't Aereo drop this service model and start selling these amazing "antennas" to the public? Perhaps the same technology can be applied to directly detect signals from deep space missions using nothing more than a slightly larger paperclip?"
Because location is part of the reason Aereo works. Aereo carefully picks their facilities to optimize the reception, much like transmitters use tall masts and prefer the tops of hills and the like: the clearer your line of sight, the better. Put it this way: no matter how good your setup, trying to get good reception in a valley (or a concrete canyon) is pretty much going to be hit or miss: bad line of sight compounded with reflection echoes.
Re: Beer analogy
They pay by the eyeball on the TV. Thing is, TV watching has spread out lately, and the TV auditors lack the means to measure things like Aereo, computers, even DVRs.TV shifting been a brewing storm for the advertisers for a few years now because to date they lack a reliable means of measuring shifting.
Re: Crucial difference
"Also, insects have antennae; televisions have antennas. Once a loan-word has acquired a new meaning, it follows modern English pluralisation rules in its new sense."
Last I checked, it should be all or nothing. Multi-mast WiFI setups still use "ae" IIRC. Put it this way: either insects have antennas or wireless systems have antennae: no vacillating.
It's like with the "mouse" and "house" question. Why don't we say "mouses" or "hice"?
Re: dumb question but...
Plus what if the phone never gets the kill signal in the first place because it gets shielded before the kill signal is ever sent? Then it's sent someplace where the kill signal isn't supported?
They're not synced between countries. IOW, steal phone, sell overseas, profit.
Re: What good does bricking a stolen phone do?
I don't know about that. People have been mugged and killed apparently JUST for the phone (as in nothing else was stolen), which is then fenced.
Re: Land of The Free
Also, this gives the ability of authorities to stop all communication from a certain physical area. Say for example where there is a protest, they can just kill all phones within a mile radius. Or, kill all phones in area X, that arent specifically phone models used by police or military.
They've been able to do that for years, no killswitch required. Cell phones are pretty useless without CELLS. Governments simply shut down the cell towers and kill the reception. I recall that's a technique Iran used (that and killing Internet access in the affected area: thus killing WiFi and femtocells as well). Police and military don't need cell phones since they traditionally use two-way radios whose frequencies are already reserved for them (Know why the US can't use Band III? Military had dibs on the frequencies already).
Re: Buyer beware
Oh indeed. Probably the fate of many stolen phones is an advert on Fleabay two weeks later for cheap screens, or a casing, or sensor glass, or a battery, or whatever.
Which correlates well to a lot of stolen cars. If the car isn't stripped (sometimes on the spot) for black market parts, it's being hauled away intact to be sent overseas. Either way, Lojack would do jack about it (since the strippers would quickly locate the beacon and send it elsewhere and the exporters would move the car out of range).
Similarly, stolen phones are either stripped down and sold for parts or quickly stuffed in a shield bag and sold overseas where the kill signal won't reach.
Re: It's not phone calls, it's data
They made up for it by offering flat-rate pricing for calls, then for texts. Once you're flat, you stop caring. Data's only starting to go there but some of the data allowances can be generous.
Re: Funny thing is
Can one actually SEE Iceland from the English Channel?
Re: ASLR Bypass Apocalypse ..
So how do they keep the INNER circuit from being directly attacked. IOW, who guards the guards' guard? Similarly, wouldn't the malware writers simply target the hardware directly, which HAS happened, as BIOS/EFI exploits can attest.
I'm curious to know how the exploit is defeating both ASLR and DEP. Is the code using a JIT Spray or something else?
What failed the Dreamcast was a combination of bad timing and strong competition. By the time the Dreamcast came out, Sega was already perceived as on its last legs. They were desperate enough to try to jump the gun AND not use the new DVD format for its games. Both were gambles and in this case they didn't pay off.
Meanwhile, Sony went the other way and decided to wait. By using DVD media, they could paradigm shift gaming expectations away from whatever Sega could produce (and though Sega could produce superior graphics, the TVs of the time—HDTV wasn't even out yet—meant it wasn't easy for the average gamer to see it). Not to mention it also meant it could double as a DVD player at a time when the format was novel and in demand, fueling a synergy between the two. Furthermore, they chose to include PS1 backward compatibility, which meany anyone who missed out on the PS1 generation and its large number of great games could buy in with one purchase. Plus, in gaming terms Sony really is the gorilla in the room because it's not just a gaming company. It's a media company as well; they could perform media tie-ins none of the other companies can achieve. Only Nintendo with iconic decades-old franchises could come close to that level of media power. The deathblow probably came when EA (THE most-demanded sports gaming company) pretty much snubbed Sega. EA is considered the third party to watch when it comes to support. When EA snubs a platform, pretty much everyone else realizes it's a lost cause. Like it or not, when it came to sports gaming then and probably now, EA blazes the trail.
The trademarks associated with Minecraft and its assorted characters. Under USPTO law, these rights must be asserted in order for them to remain valid.
Re: Rendering on PC:s
"My first thought was Babylon 5, though they did have a special piece of hardware (Video Toaster). I'm sure there are plenty of other examples, though."
I personally like the series, but due to the technology, it is now easy to see when the CG was invoked (it reduces the resolution and is easy to notice in DVD releases). I personally would like to see the series upgraded to BluRay quality the way they're redoing Star Trek: The Next Generation, but I maintain skepticism over the possibility (mainly the availability of the original film footage).
This is truly a retarded argument that I keep hearing over and over again. Cable companies don't service rural areas they can't make money in. Many of these remote places have only crappy DSL or dial-up.
Point is you have big cities on BOTH coasts. In order for these cities to be able to talk to each other in high-speed, you need to make it high-speed all the way down, including out in the boonies. Otherwise, it'll be like planting a two-lane bridge in the middle of a four-lane highway: basically making a chokepoint. This is where geography plays a role. How much do you think it would cost to run high-speed fiber between New York and Los Angeles, considering in the meantime this fiber will have to negotiate two mountain ranges and more than a few rivers (including the Mississippi)? And that's not among the worst-case scenarios (consider a run from Miami to Seattle, longer and more convoluted).
"How does the population density argument explain the fact that I have faster broadband on my phone than at home? Shouldn't the cost of building those cell towers out in the boonies make mobile broadband impossible in urban areas too? But apparently they figured out that they can do better tech (LTE) in the cities, and keep older/cheaper tech (EDGE/EVDO/etc) in less populated areas and keep everyone reasonably serviced. Not that the cell companies are much better than Comcast or TW, but at least there is some overlap and competition between them. Honestly my only hope is that mobile+netflix will kill cablecos for good. Fuckin' leeches."
In many cases in the US, HISTORY gets in the way of cities' building up. Can you perhaps tell me the average AGE of a high-bandwidth city? I strongly suspect none of them to top 100. Meanwhile, the biggest cities in the US are also among the OLDEST (New York predates the country, Chicago, San Fran, LA, etc. were well-established before 1900). Heck, even across the water, I hear London's having its own teething issues with high-speed broadband (no wonder, that's an old city if there ever was one). I'll make it quick: NEW infrastructure in an OLD city (especially one with lots of OLD existing infrastructure) is difficult, especially if it's WIRED tech, which in dense cities probably have to go UNDERGROUND (and New York has SO MUCH existing underground infrastructure they don't even allow implosive demolition for fear of damaging stuff down there). At least wireless infrastructure has one key advantage in a city: you can use the buildings themselves to provide height, although concrete canyons have also proven to hamper ranges. Plus very dense cities present problems of contention and the problems when you try to relieve this problem by crowding masts.
The general rule of thumb is that the best countries with broadband are also typically the smallest and/or densest. The big thing retarding US broadband expansion is natural and unavoidable: geography. The US is a big country geographically with lots of rural space in the center. This skews the infrastructure costs upward and makes them less viable. To put it in perspective, consider how much it would probably cost to connect New York and Los Angeles (a very realistic prospect) with high-speed data. Miami to Seattle (longer and more convoluted) would be even worse. And let's not even start with trying to connect a place as remote as Hawaii.
Re: Some people regret the lost jobs of horse carriage maintenance.
It's not like you can choose between the two of them even now. If TWC is in your area, odds are none of the others are. Same goes for Comcast, Cox, whatever. And the reason for this is pretty simple: the communities don't like redundant infrastructure, which would be the inevitable result if two cable companies started overlapping. You'll note that the main competition for cable companies in a given area are the wireless and telephone companies, each of which use separate infrastructure.
In other areas, especially rural ones, the ROI to get to those communities wouldn't make it worthwhile unless the market was captive, and ALL the cable companies know it, so they can basically hold the towns and counties hostage with "all-or-nothing" offers. That's the natural way of utility companies and other industries where there is a high (in terms of money or undesirability) barrier of entry in the form of up-front infrastructure costs. These kinds of companies tend to form monopolies naturally.
This merger is less the AT&T-T-Mobile merger and more like the GTE-Bell Atlantic merger (which produced Verizon): more geographical and horizontal in nature. I'm just saying this isn't as similar as you think.
Re: Goose and Gander
Not if you as sender don't have a Google account, because you then have not signed up to their ToS (you cannot have a one-sided contract).
What he was trying to say was that anything that enters the Google ecosystem becomes subject to Google's infamous search scrutiny. IOW, if you send an e-mail to a gMail user, everything about it will be scrutinized, and even if you don't agree to use Google, they'll start building a profile on you, a la a Jigsaw attack. Merely interacting with anything pertaining to Google is all it takes. This isn't anything new; Facebook does it two by using the Like button as a sort of leech outside the Facebook ecosystem.
Re: You'll never convince...
The next time someone tells you natural is good, dare them to eat a castor seed (the source of ricin).
Re: Not a Dos/DDos attack but
Have you seen ransomware in action? Most of them encrypt the contents of your device, making backups useless. At this early stage, if I were an Android ransomware writer, I'd at the least use a root exploit amd remove/disable any and all backup programs. Given time, I'd encrypt the pertinent bits of data like call logs, contacts, etc. and move from there.
Re: meet the Law of Unintended Consequences...
And what happens when crooks stash stolen phones in Faraday bags so they never hear the brick signals and then fence them overseas so they never hear the signals again?
Re: But who has control...?
It's probably kept by the manufacturer. Otherwise, bricking can't be done by law enforcement.
Re: "how painfully slow migrations from Windows XP to Windows 7 are proceeding"
Sometimes, it's the software. Software that came from the Windows 2000 era, perhaps, still works in Windows XP but breaks on Vista and up. It's custom-made, mission-critical, must-be-up-at-all-times software, and the developers behind it don't exist anymore, meaning it can't be recoded for 7. The only possibility is to code a new program from scratch, but the budget probably doesn't allow it. So some places are caught between a rock and a hard place, being forced to stay with XP with no migration route.
Re: You can have it all!
Don't you suffer from data crossover problems, then, since you may need data on the 7 drive but have to run it on the XP or Ubuntu drive? Or do you keep a separate tray for the data?
Re: Bad writing
I don't think that's logically sound as "not A" would mean "nothing at all" in this case. We have an A-or-B situation, plus the null option (neither A nor B; again this would be "do nothing"). In this case, there's no intersect: doing A (going hard now) precludes doing B (go slow and over time) and vice versa.
Re: Is it possible for "crypto currencies"
Messages have been in the block chain since early times. As for secret transmission, that's hampered by the need to share the block chain.
Re: Once upon a time....
And now you're contradicting yourself, because we're BOTH arguing about the handle wire. I have already acknowledged that the lock basically disconnects the handle wire from the latch. I'm saying you WANT this in an accident because you want to reduce the odds of the door opening DURING the accident (raising the risk of you being thrown out as it opens; a distinct possibility with older cars that had the belt affixed to the door instead of the post; basically put, you're better off IN the car during the accident, and let the frame absorb the energy). The reason being that if the accident involves the door deforming in some way (for example, a side collision), this deformity can cause the door handle wire to go taut, (much like something flying into a balloon string) and potentially engage the latch if it's still engaged because the door is unlocked.
Under the scenario your describe, it wouldn't matter if the door was locked or not. After the accident, one should be able to unlock the door, thus re-engaging the handle wire to the lock, and then try to open the door, unless (as you say) the door is physically wedged in place, meaning you're stuck either way. And if the accident is such that the latch itself physically fails, then as you say the state of the lock is irrelevant and the whole argument is moot: whatever happens happens regardless of the lock state.
- Updated Microsoft Azure goes TITSUP (Total Inability To Support Usual Performance)
- The Return of BSOD: Does ANYONE trust Microsoft patches?
- Review Apple takes blade to 13-inch MacBook Pro with Retina display
- Munich considers dumping Linux for ... GULP ... Windows!
- Pic iPhone 6 flip tip slips in Aussie's clip: Apple's 'reversible USB' leaks