144 posts • joined 17 Jun 2009
Trusting Data you send to users?
So, let me get this straight, Twitter uses easily guessable URLs in a small namespace to carry information that they just _assume_ the user/client has not messed with?
Reminds me of the days when the power company would send out actual IBM cards with your account number and amount due (with "Do not Fold, Spindle, or Mutilate" printed on the face, of course), and _some_ folks would "X-punch" the amount before returning the card with their payment. Just be careful not to run up too much credit.
Not that I would ever do such a thing. Oh, no, I'm just too honest and anyway not that old. Grandpa told me that story as a cautionary tale about trusting data that comes back into the system. Yeah, that's what he said.
Remind me again what kernel underlies OSX and IOS (not the Cisco one)?
Not that I really disagree, since this almost certainly targets stuff well above the kernel. Stuff that has moved on since Next essentially forked Mach/BSD.
Actually, it would be interesting if they targeted the Cisco IOS, since there are many of them, running over top of, e.g. QNX as well as Bare Iron.
Re: Cautious Clicker
If ElReg offered a (decent priced) ad-free subscription, i'd seriously consider it. The auto-play loud videos are getting to me, but I also feel I "owe" the site as a whole some eyeball time.
Alas, I am old enough to remember when Cable TV was touted as Ad-free, high-quality programming for pennies a day, and we all know how that turned out: "Dear Mike16, we know that you value our content and do not mind at all the 90% of your bandwidth dedicated to bringing you important offers, but you may be interested in our Platinum Reader subscription that will serve only the most profitable^Wcrucial notices, for the extremely reasonable price of $400/month"
Lease versus buy
Well, they could always take the tack they did with Native Americans, granting title "As long as the sun shines and the rivers flow". So sorry about dam construction and nightfall, you're outa here.
As for "cui bono?", at least from my (hilly area in California) viewpoint, OTA is already pretty dicey, but I'm a little surprised about broadcasters position. As far as I can tell, they have a gravy train with cable saddled with fees to carry "must carry" channels. The way I expect them to go eventually is a single multiplex with about 10 watts xmit, just so they can claim to be OTA, while forcing everybody not on their block to pay for everything, via the cablecos. As it is, Comcast has interpreted "must carry" to countenance "must carry HD content but it's OK to downsample to 480i unless the punter coughs up another $15/mo", and the FCC has apparently agreed.
As an old fart, I remember when broadcasters lobbied against the very idea of CATV, while advocates argued that it would usher in a wealth of high-quality TV with no advertising. Remind me how that's working out?
Accuracy, or rather coupling "noise"
A similar comment was made by Jerry Lichac, the designer of the Atari TrakBall (tm). His point was in regard to the three-point suspension (later used in virtually every mechanical mouse). Critics of the concept said that the control would be unusable because the idler at 45 degrees to the measured axes would couple some X into Y and vice-versa. His contention (later proven correct) was that the user will be observing the cursor, not the ball, so will naturally correct for any (slight) coupling.
BTW: He also prototyped a haptic trackball for Marble Madness (lit, even), but it was judged too expensive for production.
Pop-Unders are worse
Although Xroach is clearly prior art.
And how about those _LOUD_ auto-playing video ads that ElReg serves us?
Re: STFU bitches, In the US, you don't get a firewall/router
You say that as if there is something wrong with having control of your own LAN. Comcast (my ISP) can't even keep their nameservers lit. Buying and configuring my own router is a minor hassle compared to those morons controlling the traffic between my computer and my printer. Of course I am the sort who used to build networking gear, and who would really rather own my own DOCSIS modem, if only Comcast would stop playing games to encourage perpetual rental.
Thus it ever was
i was a (minor) part of an attempt in the early 1970s to have the vote-counting software for the U.C. Berkeley Academic Senate audited by a third-party group of security professionals. We failed, of course. The reason given was essentially the same as this case. Why any sane person thinks these schemes are a good idea, or promote democracy is beyond me.
I suspect that any Athenian who wanted to check that the voting urns were empty before the vote were similarly derided.
I thought, as a long-time reader of El Reg (and the Economist) that I understood the difference in definition of "Liberal" between the UK and the US, but even the most "just to the left of Ayn Rand" definition would seem to disqualify them from that word. As for "Democrat", well the US Dems have already pretty much bleached that of all meaning. But did the LibDems ever live up to the dictionary meaning of their name, or are they more like the typical "People's Democratic Workers Paradise" that we should all hope never to find ourselves in?
One word: RISUG (OK, one acronym)
I'm sure Reg Readers know how to decrypt that.
It's basically a nano-coherer. Well, several billion of them. On a chip.
Re: Why is it ironic?
"These are Silk Road coins. ". Exactly. They are equivalent to the briefcase full of cash seized in the near vicinity of two people and a similar briefcase full of drugs. The best possible outcome (still bad) if you are one of those people is to claim you have never seen either case before.
"The coins found in possession of Ross William Ulbricht will be dealt with after trial." Probably, but there are plenty of cases where a person has been acquitted of the alleged crime yet unable to "prove their innocence" sufficiently to get their property back. So the trial will be a mere formality.
I would love to get a copy/scan of that printout, even one page. All my printouts from the CDC501 seem to have gone missing, and I'd love to have a comparison for when "kids these days" wonder what was such a big deal with the 1403, which only profs and grads with funded research were allowed to use. (email to the printer model mentioned above at nulli.us, please. It's a nonce account for this purpose)
Re: Too modern.
The 3800 came out a year after the 6600, and the same year(1965) as the IBM1130 and CDC6400. IIRC, both of the 6x00 (and more) were re-badged as "Cyber" a bit later. If we are going all Yorkshiremen, I've used two different computers with tubes/valves, not counting the bottles in the 6x00 console.. But I do recall the 6400 fondly.
Re: Flies Over the Great Wall
A series of unfortunate accidents will befall any location sporting a suitable antenna dish.
These are not, AFAICT, SatPhones like Iridium. More like the pirate TV dishes favored in some US-allied countries in the middle east. Even if the powers that be don't immediately destroy your dish, they will make a note who and where you are.
Why is it the junk that hangs on?
I still have all five Atari-800s (courtesy of Garage-cleaning friends), but have not seen my box of Magneto-restrictive delay lines (Surplus from RADAR MTI units) in years. Just went looking for a miniUSB cable, with which the house was once infested. None to be found. Worse is running across my "spare" BSA Goldstar transmission, about 15 years after selling the Goldstar. No, you can't have it. Gave it and a Panther engine to a fellow who actually wanted them, a year or so later.
BTW: Best use of AOL CDs? A friend made himself a plausible "Fish scale" suit of armor from them.
Re: For added irony, on the story's page
I try to be a "kind reader" and leave the ads un-blocked, but any day now the new habit of auto-play video ads at full volume is going to push me over the edge. Worse, they don't just auto-play right when I load so I can turn them off. No, they spurt little bits of random audio so I'm not sure what's happening or what to silence. Even, I think, when I've shifted to another tab. FFX 29.0.1 MacBook Air, OS 10.8.5, if a Reg IT-boffin cares to check it out.
First off, the silliness. If you think an iPad is a fully capable replacement for a MacBook, you must not edit many Makefiles. Paying extra for a TAB key just enrages some folks.
Some history. A friend worked at Apple back in the day, and his group produced a IIGS followon that was ARM based. Ran all existing (6502-based) IIGS code. Snappier GUI than the then-current Macs, cheaper, oops! So it was "gassed".
If you-all think that "just re-compile" is so easy, and Apple so supremely competent at re-targetting their software to new platforms, perhaps you can explain why their special flavor of X was so badly broken by the transition to x86? This was software that had run either (and even "cross") endian for over a decade and they managed to introduce rookie endian-bugs. Not to mention that even when they went from 68000 to 68020 they managed to stumble over the "let's just stick some unrelated flags in the upper byte of these pointers" bug that had bedeviled the 360->370 transition, again, a decade before.
Not to say it won't happen. They may be able to hire someone less Laurel-and-Hardy to do software (for a change). And the move to their own ARM SOC would indeed be a master-stroke for "you will get all your software via iTunes/App-store, and will update when we punch the button, and will not whimper or your device will die", which is so clearly the path forward.
Are you expecting children to already know how to design processors, PCBs, etc., before they go to college?
Not many, but some. There were a few of us "designing" processors on paper and chalkboard back in the day (mid 1960s), with heated discussions over the economic benefits of dynamic logic versus the higher reliability of such things a dual-rank shift registers. Of course we didn't _build_ anything, what with transistors being a couple bucks apiece and even tubes being out of the question in the quantities required. Not saying we were "average" or even "normal", but we did exist, as do "kids today" who can field-strip an Arduino and do unanticipated things with it. Some have geek-parents (mine were a secretary/bookkeeper and an auto mechanic), some find their own way. I do concur that most schools exist to quench the spark, rather than the thirst.
May I have the Popcorn concession...
When someone actually proposes to revert the U.S. Pledge of Allegiance and the currency to remove the edits adding "Under God" and"In God We trust"? Or going back 2000 years or so to put back The Nativity to a more plausible date, rather that the Roman edit aligning it with the birth of the sun god?
How about a proposal to remove Mohamed from the decoration for SCOTUS? I can imagine the strange bedfellows. Some wanting no indication that a "Heathen" could have anything to do with laws, the other resenting the blasphemy of an image of the Prophet.
I like my strong female characters as much as the next man, but really don't think genuine ones can be purchased.
Re: We're headed for Sirius Cybernetics, probably...
This is just too good to pass up.
In fact exactly those two languages were involved in something that happened to one of my daughter's friends. He was taking a conversational Italian class in preparation for traveling to Italy. When he noticed that the ATMs in his neighborhood (a traditionally Italian one) offered Italian as a language choice, he selected it, and the card/system "remembered". Ah, but the I.T. angle is that it apparently did not remember the language chosen, but some sort of "index into the language table" A week or so later, across town, he was startled to have the ATM messages in Polish.
Re: The internet Archive was ranked?
The requests might be about someone stupid enough to look at a lot of formerly presumed legal stuff, while logged in or from a unique, stable IP. Yeah, they _could_ get that from their taps, but still.
As for LinkedIn, "social networks" (in the pre-friendster sense) are always interesting to spooks. I once got email from a former co-worker looking for another former co-worker. The "target" was an ex-VP, not my social stratum, and I didn't have him in my contacts, and said so. A few days later he emails again: "found him, in prison. Aggravated assault." Imagine that today. Imagine being on the "known associates" list for someone "They" don't like.
User-modified traffic controls
Back in th 1970s, my hometown paved an old rail right-of-way to provide extra lanes on the main road out of town. This was nearly pointless, as the next town over had already sold their portion for development, so a choke-point was created. Anyway, in addition to the widening came spiffy new traffic lights. After a few weeks of motorist frustration, the control box for the lights exploded. Many of us thought that this was the work of a Motorist Liberation Front, but it turned out to be that the construction crew had damaged a gas main, and the slow leak had followed the path of least resistance into the box, where a spark from the contactors had ignited it.
All they will do is follow the lead of other "content companies", e.g. film studios and record companies. They will arrange to have razor-thin taxable profits in-country while for some unknown reason buying almost everything from "third-party" vendors at well over market rates. Of course, those vendors would be found to share quite a few shareholders with the ISP. Well, would be found if the IRS could actually get to the records in whatever tax haven they were incorporated.
Console maker control?
At least since the NES, console makers can, and do, use various methods to keep unauthorized games off their consoles. Usually pitched as "anti-piracy" or "think of the children" measures, they are essentially taxes on access to that console. They also (e.g. the aforementioned NES) often come with secret (i.e. "illegal under various anti-trust laws") agreements that strongly favor the console maker, and whose violation (in the sole opinion of the console maker) can result in "less than banning" punishment, like "unfortunately delayed shipments of already-paid-for goods, that sadly happen to miss the holiday shopping season",
OTOH, this amount of control and revenue is a powerful incentive for console makers to "play nice" with at least the juggernauts of game development, no matter how "evil". Much as, e.g. a Standard Oil tanker caught refueling a U-Boat, back in the day. Probably a "rogue employee" who just noticed the keys to the tanker hanging in the guard shack, not a corporate policy.
Re: It cannot be the point of x86 to run Android
"That means I can run an image of every OS ... work on a decade old computers or on computers in a decade."
Not unless you are deliberately omitting Windows, MacOS, and (most?) Linux distros from "Every OS".
Pretty much all of those have current versions that just won't run on older machines, even if you plump up the RAM. If you meant "Well, _some_ version of these OSes, e.g. the one that was current when the machine was made, will still run", well, yeah. And my PDP-11 will still run RT-11, too.
Re: How robust though?
I have had very good results recovering data from "very old" (30..40 years) tapes. Of course with such large "bits" one would expect that. The issue with any storage medium these days (OK, maybe not no-name spindles of CD/RW from the flea market) is not so much media lifetime, but "what do I do with those bits". Try reading a Word3 file with any Word that runs on any computer you can find? How about that film/music/ebook whose DRM server died with the shell-company that ran it? If you can even get the tapes out of your modern (for the 2000s) tape-safe with electronic lock.
Opt in? (Re: What am I missing?)
What makes you think you are the one controlling the option?
More likely it will be like the "write protect" on SD cards (or 5.25-inch floppies for that matter), which merely suggests to the software that you would really rather not write, if the software feels like pleasing you rather than its owners today.
Re: What am I missing?
You are missing two things. One is that the thieves already have countermeasures, and have for years. The other is that by mandating a unified approach to phone-bricking, LEOs can now brick all phones in a certain area, much like they temporarily shut down cell service at the BART protests, and sent threatening text-messages to the Ukrainian protesters, only more durably. Thieves do not mind using things like Faraday bags because they are taking the phone as an object, whereas protesters actually need the phone to be in communication to send out pictures of trigger-happy "protectors" dealing with peaceful protesters.
Not that this has ever been a problem in the "Free World".
Re: Like they care
"The business of the PIN being stored in the card has always puzzled me. In order to be completely trustworthy, it must be the case that you, and only you, know the PIN number."
I know very little about the mag-stripe cards, and less about chip-and-pin (other than that various vulnerabilities have been found over the years), but IIRC, the "PIN" stored on a mag-stripe card is actually an "offset", to be added to the number you type in, which is then hashed and transmitted to the central server. So it's more like salt than the password itself. OTOH, PINs are typically only used for ATM cards and the like, not "credit" cards or even the "yeah, you'll get your money back, eventually" debit cards.
Try asking a few photographers or musicians who have had popular images or (original) songs claimed by the "Big Guys". Sure, eventually (in geologic time scales) it all gets sorted, but meanwhile...
Or I suppose in your world it is just fine for someone to drive off with your car, as long as you eventually get it back. No matter that you can't get to work meanwhile, so have no income, and no need to punish them in any way, right?
IIRC, back around maybe the early 1980s, some U.S. Senator proposed a ban on $100 bills, since "their only use is for criminal activities". Of course, back then $100 was a fair bit of money, about 2.5% of the poverty threshold for a single under-65 person, as opposed to less than 1% today.
Anyway, I strongly suspect that Bitcoin is a bit easier to "trace" than cash. The advantage is that you don't actually have to carry a suitcase full of it into an abandoned factory at midnight.
The military is so careful...
That a friend once (a while ago) found U.S. Navy acceptance marks (anchor and date) on some surplus parts, indicating they had been received and inspected in 1942. From Siemens.
Re: Test-Driven Development
My personal code standards (which I enforced dictatorially when "lead" of a massive three-person group at a Telecoms company), mandates braces on all ifs. But the Linux Kernel coding standards _forbid_ them for "single statements". They also mandate placing the statement, indented, on the line after the if(), thus almost guaranteeing the occasional "deception by indent".
Lest the Linux hordes pile on me as a MSFT shill, the particular bug would have been caught by a -Wunreachable or equivalent, but when I was (briefly) doing Windows development, I found that it was rarely possible to get a "clean" (no warning) compile from Visual C if I turned on many warnings, because the system-provided headers were full of dubious constructs.
The woodpeckers are winning.
Bricking is about more than temporary comm-blocking
Imagine a peaceful protest. Imagine disabling communications. OK, now imagine if even _one_ protester manages to record the ensuing police actions and get the physical evidence out of the area. _That_ is why the "proper authorities" need to totally disable the devices. Putting your phone in a Faraday pouch may protect it from being damaged, but then you can't record.
Of course Cameras are also frequently stolen, so they will need kill-switches too.
Just a nit-pick
I know, but Hanger 1 was not (just) for Blimps. It was used for actual rigid dirigibles.
Re: But, how long before it can discriminate between:
If your refrigerator uses Phosgene, I think we have found the problem with your beer.
As for Utah beers, Polygamy Porter ("Why have just one?") is not bad, although I really just bought it for the bottle.
OS X on multiple platforms?
If they had really been compiling OS X on Intel for five years, why all the endian problems at the switch? And why is "programmer view" in the Calculator still broken on Intel? Ah, I see, they _compiled_ it for both platforms, but didn't actually run it.
Conductive properties of produce
A little research turns up:
Characterization of Organic Illumination Systems
How will I get decent performance out of my IBM 650 code?
Laugh while you can, Monkey Boy. Worst-case latency to RAM these days is a lot worse (in CPU cycles) than back in the "My main memory is spinning rust" days of yore.
Bug? Or Sleeper Cell?
I'm surprised to see this many comments and nobody yet mentioned what leapt out at me as soon as I read the article.
Say you have a high-value exploit, and want to have it easy to turn on when you really need it, but difficult to detect until then. What better way that to do the "injection" and the "activation" in separate steps. That way, there is less chance of some nosy kids and their dog sniffing peculiar behavior and blowing the whistle before you have even selected your first high-value target.
Then later, a simple "one line" bug fix turns on the spigot.
Perhaps the pre-melted chargers and phones are slightly easier to extract metsl from?
The major advantage of standardized connectors seems to be the availability of inexpensive after-market chargers. With the minor disadvantage of electrocutions and pants-on-fire.
The market giveth and the market taketh away.
Re: "...a tiny TV antenna each in a nearby data centre..."
"It's not like you need a very strong signal to get a very good picture."
I assume you are watching your DTV via a Cable-ish system. Even they have the usual (for DTV) problems of out-of-sync audio and "witness protection" video from time to time.
Over the air it is much worse unless you are a few miles and line-of sight. The DTV standard includes forward error correction, but apparently the level of such is an option, and by reducing the number of bits allocated to error correction, one can increase the number of channels to run infomercials, so...
A more cynical person might wonder if broadcasters are deliberately making it difficult to receive OTA TV, to force customers to go through the Cable companies, thus increasing the broadcaster's revenue. But of course, an entity whose license is predicated on serving a public benefit would never do that.
OT: New Coke
Need to tighten the straps on your Tinfoil Hat. There are many who believe, with some evidence, that the whole point of "New Coke" was to flush the supply of "Old Coke" so that when they "relented" and "brought back Classic Coke", nobody would notice that the sugar had been replaced by HFCS. This only makes sense in the U.S., where sugar incurs high tariffs and corresponding high local prices, while HFCS is subsidized.
But they probably recouped the cost of the "New Coke Fiasco" in a few months of higher margin on Classic.
And yet the story lives on, like the "Chevy Nova" one, or the notion that patents are for the benefit of small inventors, because, well, that one guy eventually got a payout for intermittent wipers.
As for Omidyar "playing to his new crowd", well, what do you expect? He's in business. You may as well be shocked that politicians lie or water runs downhill.
Putting on my mu-metal hat (tinfoil is not effective against the latest NSA/GCHQ measures), I have to wonder if the whole thing is just "motivation" getting users to "update" to a version more friendly to "lawful intercept".
Fact is, if "They" (NSA, GCHQ, RBN) want to do something nasty to you, they will, unless you go all Unabomber and live totally off the grid in some unheated (can't forget the IR-scanners in those drones) but
well-insulated cabin in the woods.
Cassette data storage
Sigh. I've been reviving a KIM-1, and yep, the one bit that isn't working yet is the cassette data storage. Yes, the (approximately proper era) cassette recorder has line-out. Even has a "remote switch" so in theory I could do cool things with a PIO pin and a transistor or so.
Already hacked the "sorta 20mA loop" TTY lines to be "sorta RS-232". Then found how much serial IO drivers have rotted since people who actually used TTY 33s were common. This was not helped by KIM being hard-wired half-duplex...
Noticeable Latency Increase?
As a Comcast subscriber, that would be "Hmm, it's been about 15 minutes now..."
So, I have the choice of not opening emails of unverifiable provenance, consisting of only attachments, in which case my bank, my doctor, and my boss (back when I was employed) get angry with me, and get even...
... or ...
opening such attachments and having my computer owned by criminals.
Nice choice there.
Re: Put the screen in a phone
I think you missed the point. He said he wanted the e-ink display in a small "mostly dumb" phone, with a WiFi hotspot for the "screen intensive" stuff could by outsourced to a tablet or the like. I agree _that_ would be desireable, so I may be mis-reading as well, but I doubt it. Phone for connection. Tablet for webgrazing and Angry-birds. Or, in my case laptop for "research" (webgrazing) and a pile of xterms running ssh.
- SMASH the Bash bug! Apple and Red Hat scramble for patch batches
- BENDY iPhone 6, you say? Pah, warp claims are bent out of shape: Consumer Reports
- NASA rover Curiosity drills HOLE in MARS 'GOLF COURSE'
- WHY did Sunday Mirror stoop to slurping selfies for smut sting?
- Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9