1383 posts • joined 24 Jun 2009
Lol. The Register has trolled its own commentards into a Dave Spart thermonuclear meltdown.
Re: Western morality
ISIS has no chance of making it anywhere, but they will probably keep murdering civilians and making videos. Sooner or later, they will bump into a real army, with a real air force and a real navy standing by. At that point, the video chap will realize that perhaps he should have stayed at his job in Slough (or wherever). The ensuing slaughters (of ISIS but also of many innocent bystanders) will be so severe that, 10 years from now, people will be arguing that it was all too much and how we should have not killed so many people just because of a few beheadings.
Re: Yeah, well, like, you know.
Those comparing this to other killings in war etc. The point here is that the killing was an orchestrated murder, filmed and broadcast. As far as I am aware, neither the US or any other country has filmed and broadcast en execution. Even N. Korea has not done this. The US has, of course, killed thousands of its enemies, often deliberately, sometimes by accident, as have most big nations. Sure there are big moral arguments there too, but different ones.
Re: we need the public to become educated in the tools they are using and what can be installed
Unlike El Reg and its commentards, not everybody devotes their whole life to being a tech expert. IMO, pins set by default would help those normal people.
Saying "people are stupid they should learn" is a bit like saying we should just leave live 240v wires uninsulated and just educate people not to touch them.
Whether a law is needed is doubtful. Better just have the manufacturers set the unique PIN by agreement. It is what they already do with commercial hardware - eg. HP blade equipment always comes with unique admin passwords already set, and detailed in a paper tag. And the customers for this are usually advanced admins.
Re: Lack of integrated email/contacts/calendar?
...and the hardware upgrades the monster would require
Quite so. Remove Windows from a modern desktop PC and install Linux, and you are left with vastly overspecified hardware. But do the opposite...
Re: Pots and Kettles
Agree with Mage. The government is accountable to you in at least *some* way. Google isn't, particularly if you live outside the US. Eg. People can issue FoE requests to UK government departments, who must give some sort of answer by law. This has led to the uncovering of several scandals. You can't do that with Google. However, if the guv'mint and Google get together, that is the biggest risk.
Got Android ? Check below to see if Google has been tracking you (they weren't tracking me)
Re: Irrelevant observation number 1:
Have an upvote Smartypants. Don't agree about the speedo though. My last car had a digital speedo. The new one has analogue. It takes much longer to read and absorb the analogue displayed speed, especially if you are trying to stay at 30 mph.
Analogue speedos have degenerated. They used to be a big circular dial going from 0 to 120 mph. Nowadays, they go up to 180 mph, regardless of the car, and the figures are squashed into half a circle or little more. In my car, 90 mph is at the 11 o'clock position, and only every 20 mph is actually numbered.
Multi-core is great for parallel tasks, obviously. I can encrypt a huge file on my 8 core laptop and the machine doesn't slow down at all, I can happily continue to do other stuff. In single core days it would have been reduced the whole machine to a crawl.
But there is a downside. Many tasks can't be parallelized by present software. For example, that encryption above. It only gets one core, so only gets about 12% of the PC's compute power. In an ideal world, it would take 6 or 7 cores, run mongo-fast, and leave me with 1 or 2 CPUs read El Reg and play Tetris.
Awesome. 10 billion transistors in the headline but the story doesn't repeat that claim - is it true Reg ?
Re: Your dog is more popular than your daughter
Dog's name is maybe more secure because it is slightly harder to obtain that a son's name. Not sure about the daughter thing.
Re: Correct horse battery staple
Hi AC agree if the crims manage to steal a list of hashed passwords they can brute force offline. Some posters say that that, combined with Moore's law, will eventually make all passwords risky but it ain't so. The entropy of a CHBC can easily increase faster than CPU speeds.
For example, if today's GPUs can brute force "correct horse battery staple" in 550 years at 1000 guesses per second, then in 20 years time they will do it roughly 1000 times quicker, reducing the time to 6 months or so. However, just by adding 1 more word - "correct horse battery staple white", you multiply the whole lot again by 2048 (if you are selecting from a list of 2048 words), adding another 11 bits of entropy and extending the compute time again from 6 months to over 1000 years.
In 100 years you will need 9 words in that CHBS password...
Correct horse battery staple
Software authors need to update their code to allow passwords of the above variety, and quick. This "R3g1st3r" stuff is no more.
'N^a&$1nG' could be cracked in approximately 3.75 days using one AMD R290X GPU
Lol. Security fluffers always quote these times assuming 1000 guesses per second or whatever, without mentioning that 1 guess per second is the internet reality, moreover imposed by the target system. Also, I assume Trustwave are all in jail now ? Or did they nor really hack 600000 real passwords?
OED is trolling you
Some of the OED's annual additions are genuine words that will stand the test of time. A few are just teenage grunts that will be an embarrassing memory by Christmas, put in partly for trolling purposes.
OED should put up a list of annual additions/deletions for each year, so we can go back and see what worked and what didn't. Actually, their site has additions year-by-year, but no mention of deletions. Do they see deletion as a failure ?
Re: "The pressure to differentiate is more intense than ever"
Don't say "Chrome", say "Iron". Iron = Chrome with stalkware stripped out.
Re: I solved this a while ago:
@ Suricou Raven great project, well done and will keep your accounts secure. There are a couple of things:
As it is generating, not storing passwords, you still need to keep a list somewhere of the accounts you actually own. So that you don't forget you actually have an account at www.datsundrivers.com
If you lose it, it will need to be replaced before you can re-generate a password and log in somewhere.
If it is stolen, could it possibly be reverse engineered to get the master pin and thus the passwords ?
Certainly fixes the key logging threat though, and ingeniously.
Re: Why trust any third party?
And when you have 78 "memorable" nicknames for 78 sites ? Still memorable ?
Re: Who trusts a third party with their authentication?
I do the same as PhilipJ. Best way.
Re: Similar to where I work a few months back...
In the case of a major outage, customers prefer communication to actually fixing the thing. They are more bothered about being kept informed than they are about the outage itself. Took me many years to learn this.
The customer prefers knowing that the outage will last 3 hours than not knowing how long it will last, and having it come back after 1.5 hours.
Storing your passwords on the Internet
Make sure that .txt file editor is not auto-saving backup copies outside of your encrypted volume.
Containers = Ancient tech
Containers might be this week's zeitgeist-chasing meme, but they are also ancient. In computing terms, they date from the last ice age. Mainframes had it in the 70s, unix chroot since the 80s or earlier, and Solaris has had a mature product in widespread use for almost a decade.
Interesting article anyway. With containers being significantly different from VMs on terms of what they offer, it seems that they compliment virtualization rather than compete with it. All that has changed really is that Linux has at last got containerisation, so now you can have it under the GPL.
I often used my old clam shell's built in voice recorder to make notes. Open it with one hand, dial #34, speak, stop. My posh Samsung S3 has a recorder too, involving lengthy menu navigation using both eyes, both hands and brain to focus on a screen you can't see in sunlight. Never use it. Smart phones went to far in giving up hard keys altogether.
Oh and sound play back is speaker only, so no privacy in a quiet, open office. Progress!
Sad. And a shock that the cause was suicide.
Re: I don't get the complaints about Mien Kampf
Not read the book, but I don't agree that Hitler stated what he was planning to do from the start. The "final solution" was only decided in a meeting of the German high command in 1942.
Anam.ie's web page says "You could say that Anam has grown up with SMS.". But in fact the company was only set up in 2012. It seems to be separate from Anam Mobile, which was founded in 1999 and also seemingly has O'Sullivan as CEO. Both Anam Technologies (anam.ie) and Anam mobile (www.anam.com) resolve to the same web page.
According to Alexa et al, traffic to anam.ie is almost non existent, and the site (Drupal) is ranked at over 19 million. It is therefore dwarfed by the theregister.co.uk on 3700 and even my own wretched blog on 5 million. This story by el Reg will certainly give them a slashdotting (unless I have it all wrong - entirely possible). They also have a Twitter account but have not tweeted as yet and have no followers seemingly.
Nothing wrong with that though. It is great to see small/medium sized companies grow. And free coverage in the Reg is fine, so long as it is actually free. I don't agree with others that the article reads like an ad. It doesn't. It is just a little odd that El Reg would have a big story about such an as-yet small firm which has just started up and whose business is still so small.
Re: Using pre-made services doesn't represent a skill
Nah. 2 of my sisters and one of my brothers are about Big_Ds age, non are in the tech biz, and they all know how to set up a router and have done so without help from kids in their teens/20s. The kids do know how to use Facebook though.
And Dad was updating his community website at the age of 79, and in a big way. Using Dreamweaver IIRC.
I would ask about the knowledge level of the people who composed the survey. If they are non-technical, they might think listening the Spotify is the last word in being "digitally savvy", and judge others on that level. In order to compose the survey, their own expertise level has to be much higher than the "man in the street", and this might not be the case. In fact their expertise level may actually be below that of the average citizen.
This would explain how they can equate a 6 year old who listens to Spotify with a 44 year old who contributes to the Linux kernel on a regular basis and runs 10 websites including his own tech blog. He does not listen to Spotify because he has built a far better music solution. But the survey and the surveyors don't understand any of that. They questions only ask about noddy internet services.
Might seem far fetched but this happens now and again on BBC TV and Radio 4. On the rare occasions they cover a technical subject, it sometimes becomes apparent that the interviewer's knowledge level is not only less than the expert he is interviewing, but also below that of the average citizen. The interviewer has problems grasping what even laymen already understand, and his questions and reactions reflect that, much to the exasperation of listeners at home.
Re: I call bollocks.
These days, I think teenagers are put off computers and tech purely *because* so many grown ups are so expert in this area.
In the 80s, just having access to a computer was a new and exciting thing. We all knew somehow that it was the tip of a revolution. Nowadays, Tech is a mass employer. There are likely several Software Engineers in your street. Every house has 5 PCs. Even the "man in the street" has a lot of tech knowledge, probably enough to set up his family's router and network. A teenager interested in programming is likely to find he already has 3 uncles who are expert in the latest languages. And that takes the excitement away and he may lose interest.
For real ?
Er, doesn't the Linux Kernel have about 15000 developers already ? Facebook advertises for one more ? And this is a story ? I must be getting old.
There is a bot in here again. Call Rentokil.
Re: No convinced
I don't know if IOT will improve the character of citizens in the way described in the later parts of the article. The internet so far hasn't exactly brought out the best in us (?). But it could indeed be a boon for the old or infirm or disabled, and maybe those who look after them.
Technically though, once your house has, say, 50 connected devices, it will have some admin overhead. Oops - time to update the firmware in that cat litter monitor. It fixes a bug where the data has the wrong urine Ph level for your breed of cat, then on to the automatic curtains, dammit they are on the wrong timezone again I am sitting in the dark here...
TLDR. But does any company put core compute into the cloud ? Putting a project in there is one thing, but if you cloudify a compute function your business can't afford to lose, and the provider goes down/bankrupt/whatever, you cease trading 3 days later. It's no good bleating about your contract or SLA, you are are out of business already. I must be missing something.
I'm looking forward to the new tech, but the problem with wireless isn't just the speed so much as the way it changes all the time. Use a monitor app and you will see the wireless (n class) strength waver wildly up and down every few seconds. It might be good to stream 4 movies at once now, but in 15 seconds ? Not so much. Wired is just stress free.
It would have been useful to know the features of each router, eg which ones have gigabit wired ports. Interesting article nonetheless.
Re: I call semi-bollocks
Sure, but cops and g-men could re-program any firmware, they might even have their very own code in your Haswell quad core, garage door opener or sat-nav. The only thing that makes this USB back door more dangerous is that USB devices often get interchanged between computers.
It is also risky for the hackers. It is harder to remain anonymous when passing around an infected thumb drive, than it is when, say, launching a virus on your botnet. If malware is suspected there is a physical chain of supply to follow.
Well any code can be hacked and infected. All that SR have proved is that hacking embedded firmware takes a big budget, months of research and special equipment. We knew that already. Not to disparage their effort but what has it achieved?
Big corps and governments have the resources for this kind of thing, but if they wanted to do it they would be doing it already.
Everyday hackers and black hats will continue to cast their net widely, waiting for that one password which is set to "apple" or whatever.
Emulation, especially MESS.
Re: Incoming Rant
Whoa! Upvoted for "massive circle-jerk".
To be serious, I think that too many FOSS developers are excited by graphics development, and many fewer are interested in writing wireless drivers. "Ohh! look! my menu !" But as they are doing it for free it is hard to critisize them.
Re: Is there any evidence that Wayland is an improvement?
Upvoted for "ground sloth".
...Jewish ...gay, liberals,... Nazis... elites......etc
Lol. A top quality rant. Fact-free, prejudice packed, explosive delivery. Complete with obligatory Nazi comparison.
March 12, 1989 - Tim Berners-Lee switches on the first web site
March 13, 1989 - Cern scientists go online, disagree about something, call each other "Nazis"
...tells the story of American life under Fascist rule while the Axis Powers
I suppose for a foreign power to occupy the US would not be easy given that the general population is armed.
Unrelated, but there seems to be a widespread botnet attack on Wordpress blogs' "xmlrpc" feature in the last few days. People are reporting bots with up to 30,000 members trying to guess usernames and passwords. In the last 4 days my own low traffic blog has received 24,000 attempts from over 8000 bit IPs.
I run Wordpress because it seems one of the best available. But I agree is it hugely bloated and slow. I particularly like the Wordpress approach to error handling. There isn't any. And they have solved the error message problem by just ignoring it.
Another history in case it helps anyone
Interesting stuff here, especially about the chair. I might be doing the Herman Miller thing after reading the above.
I have chronic back pain which 18 months ago suddenly became nerve/sciatic pain, after I spent Christmas sitting on somebody's knackered sofa. made basic life functions difficult.
1. Doctor visit. Prescribed powerful drug for 28 days. Doc said it might fix my back by enabling me to walk and move normally for a month. It did. Removed all pain and the nerve pain did not return after the drug stopped. It was Naproxen. Pain free for 8 months. Interesting that the drug did not fix my back, just removed the pain, which enabled normal movement, which fixed the back.
2. "Normal" back pain returned (not nerve/sciatic pain). Obtained prescription again. Worked again but not quite as well. Little pain for 2 months.
3. "Normal" back pain returned. Obtained same prescription. This time it did not relieve the pain much or help. Visited local chiropractor on recommendation. Two visits later all pain was gone.
4. Two months later, dreaded nerve/sciatic pain came on. This can be hard to shift. Eventually visited a highly regarded sports Physiotherapist. What he did was similar to the chiropractor but more rigorous, and more vigorous and extensive. He appeared to know exactly what the vertebrae were doing and where they were misplaced. Also he gave me stretches to do every day and good advice. After 2 visits to him the pain was gone. That was about a month ago. I was going to arrange a 3rd visit but no need so far.
So now I am 90% pain free, doing the stretches every day and continuing to to my Alexander technique/semi supine position for 20 minutes each day. This works wonders with "normal" back pain but does not touch nerve pain, I need the Physio for that. If you have medium "normal" back pain I can recommend it for pain relief.
Stuff I tried that did not work
- rented another car for 2 weeks. A big car with soft suspension, rather than my low sports car with its very hard springs. Made no difference.
3. Weeks later nerve pain came on. Prescribed Chropractor visit did not help.
Re: Storage cost
@Alan Brown One thing that has failed to track Moore's law is network speeds, I think. It took roughly 20 years to go from 10 mb/s to 1000mb/s, an increase of only a hundred fold. Over 20 years, Moore's law should increase a quantity 1024 times, very roughly.
All of which has not made backing up these large disks very easy.
Re: Storage cost
So the average person (with savings) can't afford $50,000 of storage? Unless £1=$2.5
The post was a wild conjecture on the next 40 years' storage prices, designed primarily for amusement. The figures in it are hugely approximated and not designed as financial advice. But yes, I was aware of the small disparity. Welsh football pitches.
Re: Storage cost
Hi Steve, we all know Moore's law refers originally to IC manufacture. However, many other quantities in the technology biz follow a similar curve, eg. data density on disks, mag tapes, you name it.
Re: Storage cost
Given the current economic climate, I'd say that the average person doesn't have savings.
Average assets of UK adult March 2014 = £147,000 (source: AOL), of which £20,000 savings
Also, I said "the average person (with savings)" and not "the average person". Hope this helps.
Re: Not wanting to defend plod, but
Interesting discussion above about the traceability BT Fon connections. A stranger connecting to your BT router gets a separate channel and an internal IP on a separate range (default 10.x.x.x). However I am guessing they get the same internet facing IP. Can't test it just at the moment tho.
As others have said, an investigation would be brutal for you, even if found innocent. The loss of all IT kit, for months, stigma, job worries, stress. A chap who went through it himself wrote a Reg article a couple of months ago. He was found innocent, but the experience was not pretty.
Article asserts that big companies don't create jobs, small ones do. Can't agree. If the author had said: growing companies create jobs, static ones don't - that would be more likely.
Small firms should be subject to less red tape than large companies. However in the UK and elsewhere, it is a similar level for both. As soon as you become Ltd and employ 1 other person, you have to follow almost the same rules as Ford or BP. This provides a huge barrier to entry and means it is very hard to start a successful business unless you have huge supplies of cash to begin with (to spend on the rules and administration of them). Nice bit of protection for the big companies.
We should have a new limited liability entity for small companies, up to say 1.5 million turnover a year.
Agree with author re gov lobbying. Big companies and their ceaseless and powerful lobbying (taking ministers to dinner) warp and damage the competitive fabric of the economy.
We are the dot in dot com
I love how Sun is such an exciting and innovative company since it got taken over by Oracle.
- Review Is it an iPad? Is it a MacBook Air? No, it's a Surface Pro 3
- Game Theory The agony and ecstasy of SteamOS: WHERE ARE MY GAMES?
- Hello, police, El Reg here. Are we a bunch of terrorists now?
- Microsoft and HTC are M8s again: New One mobe sports WinPhone
- Worstall on Wednesday Wall Street woes: Oh noes, tech titans aren't using bankers