83 posts • joined Wednesday 24th June 2009 23:43 GMT
At some point Andrew, you're just beating up an old man
Your criticism here is tenuous at best, as others have commented, and certainly not deserving of a whole article flaming someone. This article reflects more on you than Fry, as it just shows an irrational level of hatred, and a willingness to further degrade The Register into just being your own personal ball of hate.
The end result?
It's fine to suggest a reason to why they made the mistake, but the fact is that it was innacurate. It's not really much consolation to the stranded tourist that it was a genuine mistake, they want results. Google provided, Apple didn't. If the data was so bad, why just Apple as the victims?
So the map is crap, what's that got to do with job adverts?
You've already reported the map sucks, and by all accounts it does. The fact Apple are recruiting in no way implies that they believed this to be the case, that they were panicking, or that they believed that new developers would mean it would suddenly be fixed.
In fact I'd fully expect that, regardless of the state of the application, you would see job adverts go up now. This is because they have completed (arguably) the first development iteration, and are now getting ready for the next release. This often involves increasing the team as you don't start a new application with 1000 devs on board - it would be chaos.
I can't help but feel that this article is a thinly veiled excuse to continue bashing apple. I quite enjoy bashing apple, but would like some new material to do it with rather than another re-run of "the maps don't work".
hold on, this can't be right
Don't you remember that they "provided enough technical detail to convince The Register the diagnostics software doesn't represent a privacy threat to handset owners"?
A gift that keeps on giving, because it's a story you keep on sensationalising. Where are you today then? Is it bad or benign?
SSL - I'll try again
"even when they're entered into webpages protected by the SSL protocol".
SSL is protecting the transport of information. It is not designed, intended, or able, to protect against a key logger. 3 articles on this have all made this sensationalist statement, as though it is in some way breaking the security that SSL provides. If I had a key logger on my PC it would also be able to read things typed into a web page 'protected by SSL', because SSL is protecting me from bad people outside of my PC, not the bad people on it.
When they axe Silverlight
It doesn't get deleted from the internet. Their 'Axing' of it involves not developing it any further. You'll still be able to download it, write apps for it, same as now. It just means there won't be a Silverlight 6. Given all Lovefilm need is something to play videos, what is the problem with that? There aren't any new features needed for their purposes. The only risk they're taking from that perspective is that it might not be supported in later versions of browsers (I don't know what the story is there).
It is insurmountable (probably)
Microsoft's PlayReady tech (the DRM system they use) is very secure. Say what you like about MS business practices and attitude, their tech guys are not idiots. They've experience both of screwing up DRM, and then securing it again (remember that WMP DRM debacle). This DRM is their new attempt at it having learned from those mistakes. You will not be able to hack the stream to go to anything but the silverlight control.
You really need to stop mentioning the SSL stuff
You're just embarrassing yourselves. SSL protects the data during transport. This happens way before then, this is not even part of the communication stack. This is logging key presses, nothing to do with transport.
To be honest it draws the credibility of this Eckhart chap into question given that he felt it was important to point out. He should have made it clear that SSL isn't intended to protect against this sort of situation.
I'm not sure this is so naive
If I had recently hacked a load of networks (PSN etc.) gained millions of credit card details, and then wanted to maximise my returns on that, what would be a good tactic?
1) Using about 80% of the cards create a large amount of interference in the banks automated fraud detection, causing the systems to hopefully overload, almost certainly take a longer to freeze money, and claw it back. The receipients would be innocent, making it very hard to identify other non-innocent recipients.
2) use my remaining 20%, while the systems are down to a crawl, transfer money to a load of dodgy accounts, and quickly get that money moved on through various laundering techniques, before the banks can catch up and claw it back / follow the money.
@Dan White, Not the case any more.
My friend recently moved his virgin account to a new location, and just as a reward for staying with them, they gave him one for free. They are just throwing the things at customers now.
"We can't turn it around quite that fast. It's been three days"
Three days from what exactly, oh yes - release! That's when a game has passed QA standards and been certified internally to be good enough for release. Skyrim was going to make a mint, and Bethesda knew it, still rather than a careful testing program they have stuck with their tactic of using their most enthusiastic users as unwitting beta testers.
It's why I haven't bought it yet. I'll pick it up when they iron out the issues (probably be on sale by then).
heaps of internet-enabled set-top boxes
Surely these will be sitting atop a TV set, as the name suggests, so they'll need a license anyway for that TV set?
I think they really are actually after people like me who don't have a TV set at all, but use BBC services like the iPlayer catchup and BBC news (those 0.2%). I'd gladly pay this if it wasn't such a hassle to have to remember and actively go and pay for it. As someone else pointed out, with 97% of the population owning a license, about 2% who should own a license but don't, and now 0.2% like me, can't we just say "bad luck" to those other 0.8% and take it out of taxation?
No Sentient, you misunderstand
Not 'attacking IIS', I'm saying that once the system has been comprimised by the SQL injection attack, I suspect it is then using the fact you can easily find IIS and configure it (now that it has permissions) by writing an automated script to do it. Thus the websites that are seen as comprimised are ASP.NET, because most websites running on IIS are ASP.NET. I'm not suggesting an IIS vulnerability.
Actually I would suspect it is more likely IIS
The nature of the attack doesn't appear to use anything specific to ASP or ASP.NET. So my unfounded guess as to why there's such a high proportion of sites that are ASP.NET (yet not all of them) is that the automated script that is run once the server is comprimised is targetting IIS. This makes some sense to me, as IIS is easily locatable, and easily interrogated and manipulated by a script (by design, not by mistake). This would make it an easy target for someone wanting to do a mass automated attack. I'm sure they could have targetted other web servers, but I guess they haven't.
Very poor reporting
From evidence given, nothing to do with ASP.NET. By the sound of it, it's about crap programmers from any database back end. Can you just clarify the ASP.NET vuln?
How it will be classified
A massive quango trawling all the smut they can find and building up a blacklist!
Actually given the spirit in which this appears to be being approached, that would be intolerable as it would expose those workers to porn. Instead there'll be a whitelist of what we can access, and sites will have to pay to be on vetted in order to be allowed to be on it.
I really need to get in on this criminal thing
They seem to make loads of money, get caught rarely, and keep the cash. I mean, how much of this hundreds of millions will actually be reclaimed? I'd settle for a cool 10 mil (easily going to fall through the gaps here), no-one's getting caught, it's seems crime really does pay!
Oher information could include:
Your (approximate) current location at time of login, the time of day you tend to browse the site, your prefered browser, the articles you read, the length of time you spend reading an article, etc.
I suspect they want to collect habits to link to identity data, rather than identity data itself.
It's the inverse of that that worries me
"I thought the 80% recommendation was wrong, but I followed it because otherwise I'd be liable"
Something not right there
The prof says:
"I hear that Microsoft (and others) are pushing for this to be mandatory, so that it cannot be disabled by the user"
He then links to a blog post which says:
"There's no indication that Microsoft will prevent vendors from providing firmware support for disabling this feature and running unsigned code."
Perhaps they should talk to each other and compare notes?
Would it really be so bad?
If I were some big name like Ferrari for example, why would I really be so worried about people going to Ferrari.xxx, it's not like you type it by accident. If people want to do a load of porn based in Ferraris, so what?
What a waste of time
I'll write out the summary of the "grilling" in advance.
MP: Did you lie to us before?
MP: These other people say you did.
JM: Well I didn't.
MP: Okay, that pretty much cuts off all my questions then.
I don't understand
What does that email even mean? It just seems to be 3 totally unrelated sentences. Who "used to be such a nice man"? The person complaining is a woman. I'm obviously missing something because everyone is making such a fuss. Could someone take a second to explain what he's saying?
You can prevent something without the assumption that the person is guilty of it. For example you can wear a condom to prevent contracting an STD, that doesn't mean you're accusing the person you're sleeping with of having one, just that you don't know for sure.
Have you asked VMWare for comment on the comparison?
Given this is essentially MS providing the data, it would seem fair to ask VMWare for their views on the comparison. Perhaps they can provide a set of circumstances where the prices aren't so different.
If the password wasn't described as temporary - show us!
Ironically, there seems to be a culture of secrecy in wikileaks. There must have been an email or some form of logged electronic communication in which that password was conveyed to the journalist. It's not like they could speak it out over the phone while someone on the other end jotted it down (well they could, but it would be impractical and too error prone). So why don't they simply put this argument to rest by leaking that email. It should show exactly how the password was described.
Everybody just totally failed here
The Grauniad shouldn't have published the passphrase, wikileaks shouldn't have given them it in the first place, and even if they did, they should have separately encrypted it to the "insurance" encrypted file that was published (I assume that's the one that was on the torrent sites). Then finally people dealing with encrypted files should have been aware that you can't "change the password" on an encrypted file.
Just a total balls up from everyone.
No mention of XSS attacks
Does this 'snafu' also mean that cross site scripting attacks are also opened up from within any .gov.uk site to another?
Could someone clarify this for me
Is this new law banning use of any cookies without consent, or just tracking cookies. The testing they've reported suggests to me that it's all cookies, but that's just stupid. They are a perfectly reasonable way of storing state (and this is coming from someone who whitelists cookies). It may be persisting a session id for authentication, the on screen location of a widget, or the page you're on in a survey. That's not tracking you, it's simply working around the stateless nature of http.
I can see the reasoning behind the law, but please tell me it's only applying to cookies that uniquely identify you, and persist for a significant period of time.
Coat the balloon in something highly flammable...
Then the rocket firing will ignite and destroy the balloon... and possibly the plane as well. You could even fill the balloon with Hydrogen rather than Helium to really go off with a bang! LOHAN launches like a pheonix from the flames.
You are so wrong here
You said yourself, 5 million people watch it. This may seem insignificant in a country of approx 300 million, but remember that not that so many people there watch the news. Furthermore, those that do watch the other news channels tend to do so because they're free thinkers. Most of those that watch Fox News obey Fox News. So in light of that, 5 million obedient viewers is quite an army to be able to lobby with.
We carried out a survey of 1000 women
The survey was conducted by a male underwear model in tight fitting jeans and no shirt. He arrived in a porsche. The survey concluded they were interested in casual sex with men who drive a porsche, but definitely weren't trying to marry him.
Kensington Locks - of little use
Kensington must have a few of their marketting dudes posting in these comments. The things are nigh on useless. It is well known that you can open them with a piece of cardboard in a few seconds. I know this to be true because I had to do it when I lost the key to one.
You're not excused, I told you I don't know what I'm talking about
You can't be bothered to read the post you're replying to, so I don't know why you expect me to be able to research a nuclear leak. The most obvious number that has changed is the one that has gone 4, 5, 6, 7. Going from a 4 to a 7 is more than a fudge factor, and the scale isn't just linear. Now you will probably say that the scale is only applicable once the material has leaked, and it can't be a 7 till it's leaked enough. Maybe, but reports have suggested that this is more of a subjective assessment of the state of the leak. The steady raising of the level indicates to a layman that it is getting worse, perhps not, I really don't know. That's why I asked the question.
What do I understand about damage assessment? About the same as you seem to understand of English - very little.
So why do the numbers keep on changing?
I'm not saying you're right or wrong, I just don't know enough about it. However I think Tepco and the various bodies regulating this could have done a little better in actually predicting these numbers. It's bound to be unsettling when every week the numbers are getting bigger, even if the biggyness doesn't directly equate to nastyness. Could they at least put a ceiling on it? The worst it could get to is... ... and for that reason you don't need to worry.
Also, there is clearly a large difference in opinion; I'm glad that Auntie is printing them all, rather than just yours. They may be wrong, but so may you be (as I said, I don't know).
So it's not a windows bug it's an IE bug
or have I missed something?
Biological vs statistical
I seem to have missed the point on the confusion about the biology bit (I honestly have, no sarcasm). The statement that accident rates link to gender does not related to a biological difference seems very clear to me. She is saying that there is no medical cause for a man or a woman crashing more than the other. So my being male, in itself, does not make me more likely to crash (medically).
From this I assume she has concluded that there is no reason to assume that the statistic is a valid measure. If you mined your data enough you might be able to find a stat that said that people that liked apples are more likely to crash. The reason there is such abundant data on gender is that we all have one. The fact that data is skewed in favour of one group does not mean that the gender caused it (hence previous comments from people about causal links).
You could argue that the fact we have so much data and the result is not 50 - 50 does imply the measure is useful. Then again you would also say "apples make you more likely to crash" if we had enough data on that. you can cut your data in so many dimensions that you might get a significant weighting from any number of groups, it doesn't mean you're right, just that you might have over-mined your data.
This of course breaks down in the field when insurers find themselves paying out more to men than women. However I cannot (reasonably) change the fact I am male any more than I can change the fact I am white, however one is not allowed, one is (soon to be was). The insurers will need to look harder for a stat I can control that helps capture the risk
I think this line is a lot more blurry than pro and against people are making out.
"Guns don't kill people. People kill people." - Are those carrying out the terrorist acts the people or the guns?
If I told a known person to go and kill another known person, am I culpable?
what if I told a random person to go and kill a known person?
What if I told a random person to go and kill a random person?
What if I told a random person to go and kill a random person in return for a large amount of money?
What if I told a random person to go and kill a random person of a particular ethnic group for a large amount of money?
What if I told a random person to go and kill a number of random people, mostly of an ethnic group in return for satisfying their religious duties, and being rewarded with contentment in the afterlife?
What if a large number of people told a random large number of people to kill for one of the above reasons? Who is culpable when an act is then commited (please tell me it's "The Daily Mail").
I don't know where the line should be drawn where the person commiting the act is solely culpable compared to the one encouraging (or perhaps sponsoring) the act. However to say this is clearly injustice, or clearly justice, is incredibly simplistic.
Did you mean "Superset"?
I find it unlikely that every part of silverlight 3 would be available on a phone, there's some low level networking stuff in there for example. However they might have managed to get all and a bit more in. If so, what's the other bit of the superset?
Could we get a clarification of a "Pro-Paedophile" government?
I'd really like to know how he would elaborate on that concept. Is he suggesting we're going to start having lap-dancing lessons taught in schools?
"Today children we're going to learn about the benefits of sexual promiscuity with older men".
Can we have a panic button installed for over-politicised pricks making bull$&!t statements.
I can just see this going wrong.
A lot of people with oyster cards just touch their whole wallet to the machine. If you have mastercard and visa, who takes the payment?
Yes, it's their fault, but that doesn't mean it won't happen.
I don't get it
If browser settings were to be considered acceptance, doesn't that make the law entirely useless. If I've set my browser not to accept cookies, they can't set a cookie, so they can't fall foul of the law. If I've set it to accept the cookies, it's considered acceptance, so they can't fall foul of the law. Short of finding a browser vulnerability and exploiting it, how could you break this law?
I'm not BITTER about the HTML 5 failure!
Why so sad? Why so angry?
- IT bloke publishes comprehensive maps of CALL CENTRE menu HELL
- Analysis Who is the mystery sixth member of LulzSec?
- Nine-year-old Opportunity Mars rover sets NASA distance record
- Prankster 'Superhero' takes on robot traffic warden AND WINS
- Comment Congress: It's not the Glass that's scary - It's the GOOGLE