Feeds

* Posts by david 12

617 posts • joined 6 Jul 2009

Page:

Hackers pop Brazil newspaper to root home routers

david 12
Bronze badge

Re: Java as a crutch

FF doesn't run Javascript exploits? Thank God I can get rid of NoScript -- Everyday more of the www refuses to run unless it can first check that you have a 'supported' browser.

0
0

Boffins say they've got Lithium batteries the wrong way around

david 12
Bronze badge

RE: nitroglycerine.

>At the other end, the battery evolves metallic lithiun,

>which is the equivalent of the petrol in your car turning

>into nitroglycerine.

Metalic Lithium contains both an oxidiser and an oxidant? Allowing it to release energy without using an external oxidiser like 'air'?

I wish people wouldn't casually compare explosives with single components of two-part reactions.

1
1

China is now 99.8% sure you're you, thanks to world's-best facial recognition wares

david 12
Bronze badge

"The systems already in place ... dramatically cut down on [immigration] wait times, much to this correspondent's delight."

Not that I'd noticed. Rather the opposite. Immigration wait times are noticebly longer now than they were back when immigration used to just look at your face, and at your passport, and then stamp the passport.

1
0

Microsoft bins Bing image widget after Getty sueball

david 12
Bronze badge

Paywalled court site:

"CM/ECF has been tested and works correctly with Firefox 3.5, and Internet Explorer 7 and 8."

Not spending the money on updating the browser testing...

0
0

Jimbo tells Wikipedians: You CAN'T vote to disable 'key software features'

david 12
Bronze badge

> I would download ssh, then <

Because installing SSH would /Never/ introduce a whole new set of security vulnerabilities to your machine.

Like the server here when I got it. Two web servers. Two secure shells. Three FTP servers. 2 extra editors. 2 extra backup systems. 2 extra scripting systems. etc etc yada yada yada.

Because the native software was never good enough, and then because a second *nix subsystem was better than just one.

1
0

RIP MSN Messenger, kthxbai. Microsoft finally flicks on KILL SWITCH in China

david 12
Bronze badge

My old copies of Messenger can't find a server to connect to. So (1) What is Trillian etc connecting to? and (2) What server is China using until October?

0
0

Vertigan killed FTTP but the battle for scalable FTTN has not begun

david 12
Bronze badge

Either that or...

Either that, or the "tech industry" (of which I am a member) realised, long before the Whirlpool commentariat, the labour party fellow travelers, and the fourth estate, that there was no rational "nation building" argument for the NBN.

It's long since that we stopped hearing the argument that high-density residential countries like Korea and Singapore were overtaking us with their fibre networks. Presumably by now they would be able to demonstrate their "high-bandwidth applications" and their "accelerating" use.

If you want to make that case, give us a credible report. Otherwise I'm going to continue to observe that the NBN is the TV replacement, and not much else.

2
2

Google flushes out users of old browsers by serving up CLUNKY, AGED version of search

david 12
Bronze badge

Re: Feature, not bug...

Yes. I've given up trying to make my browser show me the fast version of gmail, so I use a seperate (old) browser for gmail.

2
0

Broadband slow and expensive? Blame Telstra says CloudFlare

david 12
Bronze badge

Transit?

It's not clear to me that they've used the term 'transit' in a clear sense. If, as the linked article claims, they peer to all the other ISPs in Aus, then they aren't 'transiting' Telstra in the sense that they use the same word when talking about the USA.

It could be that in this one case, they mean that 'peering' to Telstra is charged, like the deal Netflix just did in the USA.

Or it could mean that they transit Telstra to get access to small ISPs that they don't peer with, that they didn't include in the group 'all other ISPs'

Or something.

0
0
david 12
Bronze badge

Re: Acting just like Telecom Australia

KRudd and friends were building the NBN as a completely separate infrastructure ONLY after Telstra told them they couldn't do it for the price asked... Turned out they were correct. Went massively over budget and behind schedule, because it couldn't be done at the price.

1
0

Government report: average Oz user will want 15 Mbps by 2023

david 12
Bronze badge

"optimistic assumption that speeds are symmetric"

Instead, you've implied that upload speeds are as important as download speeds for backup.

Backups are incremental and non-critical. Recoveries are critical and total. It doesn't matter to me how many weeks it takes to do a full backup of my home or office workstation or server: we don't do that, and I don't do that, because I don't want to spend weeks recovering my workstation or server if it falls over.

At present, ADSL download speeds are too slow to make cloud backup reasonable for some of our factory workloads. Our plan is to move more stuff into the cloud when we get NBN. There are some perfectly reasonable business uses for a high-speed network.

Now that we no longer host our own web server, or name server, or mail server, an assumption of symmetric 'speeds' would be a pessimistic assumption.

0
0

Linux turns 23 and Linus Torvalds celebrates as only he can

david 12
Bronze badge

Re: And about 2 years later ...

We spent the $199 on Coherent, and found that it had no virtual memory manager. If you had 8MB, that's what you got.

Which made the whole thing pointless for us -- why bother with the overhead and limited documentation of *nix, if you didn't get a large virtual memory space?

0
2
david 12
Bronze badge

Re: Can't help himself

You don't have to read it as a dig. It could be a friendly little in-joke for those of us who, like Tanenbaum and Linus, were there at the time.

0
0

IT blokes: would you say that LEWD comment to a man? Then don't say it to a woman

david 12
Bronze badge

Don't bother being polite in response

Unacceptable men have nothing to loose by behaving different to the norm, their only chance is to try something different, given that they've got zero chance anyway. Because (a) being polite is what all the other blokes are doing, and (b) women at conference are not there to form a social releationship.

It follows that any kind of personal response (other than submission) is irrelevant: they still aren't any worse off than they were before.

If you want to have an effect on this kind of behaviour, you have to change the equation. Name names. Get somebody fired.

1
0

Cutting cancer rates: Data, models and a happy ending?

david 12
Bronze badge

False history, artificial conflict

Everything in research gets re-invented every 30 years, due to the natural turn-over of staff. And, due to the exponenctial increase in medical knowledge and research technique, research avenues that were dead-ends 30 years ago often reveal new insites when revisited.

But having said that, you don't need to pretend that anyone in the last 50 years ever thought that surgery didn't trigger metatisation in some cases. The article would still have been interesting and informative without the faux conflct between 'old ideas' and 'new ideas'

0
3

Big content seeks specialist court for copyright cases

david 12
Bronze badge

Criminalize AFACT

Back in the day, when the criminalization features were first added to the Aus copyright act, it also became a criminal offence to falsely accuse someone of copyright infringement.

No idea what the state of the paly is now, after several re-writes of the copyright act.

Writing as one who has been falsely accused of copyright infringement, I'd be pleased to see some lawbreakers brought to book. I've never heard of the false accusation sections being used, if they still exist. That seems unbalanced.

9
0

Cracking copyright law: How a simian selfie stunt could make a monkey out of Wikipedia

david 12
Bronze badge

I 'm with the photographer

-- Mr Slater. I think that going to Indonesia and getting a monkey to press the trigger was an act of considerable effort and iingenuity. Precisely the kind of thing copyright rules should protect. Not the kind of thing you should rip off, even if you can.

I also think that if curating and editorial selection is not important, Wikipedia (and it's authors) don't have any particular claim to copyright: "Original" research is not permitted at Wikipedia

16
5

Microsoft parts Azure cloud, reveals NoSQL doc database

david 12
Bronze badge

>the company’s first-ever non-relational database

Well, perhaps the first non-relational database since DOS 3, if you count all their other non-relational databases as bought-in from outside. But then SQL Server was bought in from outside too.

[It was DOS 3 that added record locking and data sharing to the file system? ]

0
0

Pedals and wheel in that Google robo-car or it's off the road – Cali DMV

david 12
Bronze badge

Parts are in place

A true driverless car requires 3 things:

A mapping system, like google maps, so that it can plot routes.

A control system, like Siri, Skyvi, Cortana, or Google Now, to take routing commands

A lane keeping// cruise control system like that on expensive cars

--all at an affordable price. If you've used some of those, you know that at present, it's "almost their", and looks like being that way for some time yet. This is still a few years off competing with Ford/Toyoto/BMW

1
0

Intel's Raspberry Pi rival Galileo can now run Windows

david 12
Bronze badge

Win version?

The linked article says that "a GUI-based OS is out of the question".

What are they providing as "the IoT version of Windows"? Is it a headless version? A winphone version? Win8?

0
0

The internet just BROKE under its own weight – we explain how

david 12
Bronze badge

Re: IPv6 like OSI is far more complex than necessary

I take the opposite point of view -- SIP is fucked, and it's inability to work with NAT is just one part of that. Out of all the fully -functional voice protocols that we had around, why did we wind up with SIP?

Actually, I know that answer to that: because it was easier for amateurs to make a broken open-source implementation of SIP, rather than implementing the existing ISO standard protocol, or any of the other protocols that actually worked.

0
0
david 12
Bronze badge

.. we handled the very real issues posed by [Y2K] so well...

Or perhaps you handled them so badly.

Dedicating too much real resource to fix a problem is a fail, just as much as loosing resources because of unfixed problems is a fail.

I was doing consulting with a [very] large multinational company that was unable to pay their very large [national] bills for a month, because they had dedicated all of their IT effort to ensuring that there would be no Y2K problem, and then had only 6 months to prepare for a real, legislated, [national] accounting and tax change.

Proper IT management would be good. Y2K was not a good example of good management.

2
2

Intel admits: Broadwell Core M chip looking a bit thin, no fans found at all

david 12
Bronze badge

Ouch - bitten by the headline writter

1 point to you, Sir/Madam

0
0

No, minister Turnbull, IP addresses aren't part of routine billing data collection

david 12
Bronze badge

Headline writer is lying liar ?

Ok, manages to equate "That's recorded in their records" to"billing data collection" instead of "operational data" , thus catching many more readers, as paid to do.

Is it lying to attribute that idea to Turnbul? Or just sloppyness?

0
0

Cracker takes control of 200 rooms in Chinese hotel

david 12
Bronze badge

"Claims to be an open standard"

That is an unjustified slur.

Standards are expensive to buy. I wouldn't pay E1000 for the set of standards either, I'd just download some of the Open Source KNX software, but that doesn't mean that I think E1000 is unusual for an Open Standard: it just means that I already know that any ISO/IEC set of standards is 95% self-referential administrative overhead, and 5% incomprehensible.

0
0

Now even Internet Explorer will throw lousy old Java into the abyss

david 12
Bronze badge

Re: WTF ????

Missed the link. My Error. Sorry. Would have written that differently if I had found the link. Would not have said "WTF" if I had found the link and read the link. Would have been calmer. My reaction was totally only based on reading the article.

Instead, would have pointed out that the new feature was the button helping you to update a supported third-party Active-X control.

Slowly, the article, total nonsense before, starts to come into focus. FF already has, and has had for a long time "a feature that prompts you to update supported third-party addins".

Prior to this release, IE could only throw lousy old Java into the abyss. Now, like competing products, it can notify you about upgrades.

But old versions of IE will still only be able to alert users when web pages try to launch ActiveX controls that are considered out-of-date and potentially insecure.

Enhanced third party support from MS is a newsworthy step. It will be interesting to see what the business analysts make of this announcement

0
0
david 12
Bronze badge

>There will be some exceptions to IE's ActiveX blocking feature, though.... the feature is only coming to recent versions of Microsoft's operating system and browser >

ActiveX blocking is a feature of every version of IE that supports ActiveX

3
0
david 12
Bronze badge

WTF ????

IE blocks blocked Active X controls. Has done so for what, decades? The list of blocked Active X controls is updated regularly. Repeatedly. All the time.

To restate: IE is "automatically blocking old, insecure add-ons", and has been since I was in short pants.

So WTF is actually going on ???

I could guess that the list of blocked ActiveX controls is now going to include old versions of Java, but that would be only guessing, since, like the rest of the echo chamber that is the internet, this article includes no checkable resources: the author has clearly repeated some other unsourced report, all of which are saying the same thing, none of which are giving references.

4
4

Windows Registry-infecting malware has no files, survives reboots

david 12
Bronze badge

Re: What I don't get

> Can your database system then execute the binary data being referred to without having an external file somewhere on the filesystem? <

In the obvious sense, this is a description of what a "relational" database is, by definition. But I'm sure that by 'binary' you mean something like 'encrypted' or 'encoded'. And yes, since a releational database system can execute code stored in the database, it can execute code to un-encrypte and un-encode programs stored in the database, and then execute that code.

Some old simple non-relational database systems lacked that ability to do that. Turn-of-the-century database systems presented a malware-surface because of that ability. New, modern database systems are sand-boxed to prevent that from affecting your wider system.

It would be nonsensicle to suggest that a system-configuration database could be 'sandboxed' from the system it is meant to configure, so the solution must lie either in reducing the capability of your computer system (for example by using a limited flat-file database system) or in hardening the system to prevent re-configuration in undesired and hidden ways.

0
0
david 12
Bronze badge

Re: Executables in the registry.

> A microsoft trick so you can not read the code.

MS is a big company, so all kinds of s-t comes out of there. But they have a private API for writing hidden and protected information to the registry, so if this 'trick' was used deliberately to hide information in the registry, it was done by some idiot acting independantly.

On the other hand, two cents says that some blogger found a limitation of regedit, and some comentard described it as a feature.

1
0
david 12
Bronze badge

Re: This is silly.

>If regedit can't access these keys then that's probably just a limitation of regedit's GUI.

Yes, regedit only correctly displays keys that a user can edit correctly. And instead of crashing, or crashing and destroying the registry, or allowing you to write garbage to keys that aren't in the expected format, it does not show those keys -- though you can still read and write through the standard API.

There are actually 'hidden' keys as well. (And 'encrypted' keys.) Windows copy protection/registration data is stored in a section of the registry that users don't normally have access to. Example 'hidden' keys are HKEY_LOCAL_MACHINE\SECURITY and HKEY_LOCAL_MACHINE\SAM.

The security implications of having keys and values, or INI files, that an ordinary user can't find and examine are well known. The suggestion that any modern Linux distribution has transparent and meaningful configuration files that an ordinary user can examine and alter would be laughable if it wasn't so patently arrogant and dishonest.

0
1
david 12
Bronze badge

Re: "a tool Microsoft uses to hide its source code from being copied"

I'm not sure I'm following you:

>UNIX has done that for 40 years.

Unix has had record locking for 40 years? The database primitives were only on the internal versions of Unix, not on the publicly released versions. Which is why open source used text files instead of databases.

>Use LDAP for one

Your LDAP store has a seperate file for every attribute?

>with the user settings able to move with the user between machines ... relatively trivial

NIS is an effective solution for trivial problems. And 20 years ago, it wasn't even that.

0
2
david 12
Bronze badge

Re: "a tool Microsoft uses to hide its source code from being copied" @Def

>In DOT.NET they brought back an improved version of the INI file

Perhaps they might have brought it back, if it had ever gone away. MS continued to use INI files for applications where it made sense: the important thing that changed was that the Windows API that accessed INI files was captured and pointed at the registry.

0
0

Synology and the NAS-ty malware-flingers: What can be learned

david 12
Bronze badge

For DSM 4.0, please install DSM 4.0-2259 or later

But not -2454, because 2454 has the same date and time as 2254, 2255, and 2255, and not 2257, because that is Earlier than 2255, not Later. No, you want 2262 or 2263, because those are Later than 2259, as well as being Greater than 2259, though Lesser than 2454.

Although ACTUALLY, for most hardware, the last version of DSM 4.0 was DSM4.0-2228

> http://ukdl.synology.com/download/DSM/4.0/ <

0
0

Turnbull says NBN 'most reckless commitment of Commonwealth funds in our history'

david 12
Bronze badge

Re: Shock horror

When you don't like the message, attack the messenger.

1
1

NASA tests crazytech flying saucer thruster, could reach Mars in days

david 12
Bronze badge

Re: Captain Future's enemy had one of those.

>The last time I thought about it, it seemed evident to me that the force towards the "front" would exactly equal the force towards the "back".<

Then you will be surprised to hear about the technology called the "sail", by which ships are enabled to move "upwind", into the wind.

However, I understand that the suggestion here is that there is a mysterious quantum force. My analysis of quantum forces is that they are mysterious, and that my humble intuitions about the nature of Newtonian mechanics are of no help in predicting quantum effects.

11
2

Plug and PREY: Hackers reprogram USB drives to silently infect PCs

david 12
Bronze badge

Can you still buy memory cards/USB sticks on EBAY?

1) All flash devices have firmware.

2) Reprogramming the firmware of flash devices is a standard operation, and little old ladies in the market stalls of Shenzhen will do it for you. The most basic purpose is to implement algorithms dealing with bad flash cells. For years, the most common malware purpose was to lie about the size and provenance of the flash device.

3) 10 Years ago it was common for usb devices to include keyboard emulators to install software. There were a couple of efforts directed towards standardising the process, which eventually died as the industry moved away from the idea because of security concerns

This clever demonstration links the two well known ideas: flash controller.reprogramming, and usb device malware.

11
0

Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees

david 12
Bronze badge

Re: @dkjd Medical doctor (GP) not a scientist?

I'm sure that most PhD's aren't trained Doctors. 'Doctor' is a very old fashioned courtesy title when used to address PhDs.

0
3

Microsoft says 'weird things' can happen during Windows Server 2003 migrations

david 12
Bronze badge

>workarounds are possible

> but those outlined in the post require rather a lot of working around.

At least one of the work-arounds is trivial: disable workstation "password" resets.

And I did that anyway when I was doing server upgrades. Disabling and re-enabling is a simple policy setting.

Routine machine password reset is more a kind of enviromental sanitation setting than a present threat mitigation. The machine password is not, of course, a "password", it is totally user-invisible, disabling changes makes your network more robust, and the risk/danger is very very very low on my list of possible risks/dangers to my network.

0
0

ONE EMAIL costs mining company $300 MEEELION

david 12
Bronze badge

Re: Headline wrong?

Of course the headlines wrong. That's the whole point isn't it?

>It may have cost some others something though, as is mentioned in the story.

Or, it "may" have cost them nothing,

or they "may" have made an extra profit from the attention the stock is getting.

If the prosecution had any actual evidence, they wouldn't be resorting to weasel words like that.

1
0

Banning handheld phone use by drivers had NO effect on accident rate - study

david 12
Bronze badge

non comparable statistics

One of the studies I read 20 years ago found that mobile phone use was comparable to drunk-driving: but ignored the fact that drunk drivers are drunk for the entire journey, mobile phone users are effectively 'drunk' only while making a call.

Another study derived usage figures by observations in [a location that higher than normal mobile phone users] at a time of day that had [higher than than normal mobile phone usage].

I think that both those studies gave false figures for the total expected benefit of banning phone use while driving, But they also implied a false figure for how much pain the enforcement would cause.

If the number of accidents caused by mobile phone users is small only because sensible people don't use their phone much while driving, then this relatively harmless law is doing good while not causing much inconvenience to many people.

0
0

Voteware source code requester labelled 'vexatious'

david 12
Bronze badge

Re: "Freedom" of Information...

Freedom From Information laws.

My first contact with FFI laws was many years ago, when I was trying to sort out an error in my file with a goverment department, back in the days of physical files. It eventually emerged that the reason I got different repeat requests for information every time I went in, was that they had TWO physical files. Which would have been obvious if they had show me the information they had. But the actual statement was "We can't show you, because of the Freedom of Information laws"

0
0

Interview: Michael Cordover, voteware freedom-of-information crusader

david 12
Bronze badge

Re: Without trust ...

>Florida ... when their electronic voting machines proved

I guess you're refering to Florida, when their manual-mechanical voting machines proved to be less than fair and correct.

Or perhaps you meant to refer to some little-known electronic voting machine in Florida, and the reference to "Al Gore" just crept in there because you got your dates, politics, and technology mixed up.

0
0

Hackers steal trade secrets from major US hedge firm

david 12
Bronze badge

'secret sauce', 'trade secrets'

Not by any ordinary meaning of the terms. Not even 'secrets' by any ordinary meaning of the term: market trading is done in public, in a public market, with the public.

Writing as a person who created trade secrets, and the secret sauce, in the finance industry, I wondered if the miscreants had stolen trade secrets, or secret sauce, and if so, if they could possibly have made any money out of doing so, and if the victim could possibly have lost money from the theft.

Reading the article, I see that the answers are No, and No: if any trade secrets were stolen, it didn't cost the firm anything, and didn't gain the thieves anything.

The theft, the loss, the gain, came from front-running and the artificial delays. So a descriptive headline would have been something like:

Hackers steal millions from major us hedge firm

Hackers intercept trades from ..

Hackers delay trades from ...

Hackers re-route trades from ...

Hackers inside-trade inside ...

1
0

'Hashtag' added to the OED – but # isn't a hash, pound, nor number sign

david 12
Bronze badge

Re: Pound sign

Also called the Number Sign in ASCII, where it was put by the Americans, which is part of the reason why it is the alternate value for the English Pound position.

"‘‘The symbol # means the same as No., and it can be very useful"

("The I.S.O. character code,’’ The Computer Journal, vol. 7, no. 3, October, 1964)

In AUS, the subtitles on my TV show # (number) or £ (pound) to indicate music, depending on where the program was subtitled, indicating an odd translation difficulty somewhere.

0
0

Today's get-rich-quick scheme: Build your own bank

david 12
Bronze badge

I've done this

-- for a couple of clients, who ran investment banks for their dealer network.

Operationally, not very difficult. My clients did not require banking licences or building society licence or anything: whatever the requirement is for a banking licence, they were able to do this without it. Perhaps banking licences are tied to lending money? Or accepting money from the public? Or depositing with the Reserve Bank?

My clients were just borrowing money from their dealer network, as a service to the dealers, as a kind of loyalty scheme. The money was just invested in the parent company.

The reporting requirements were not very rigorous, for a few hundred clients and a few million dollars.

Within the reach of a small coding team for those numbers, but the product I had would have scaled badly.

0
0

Sneak peek: Microsoft's next browser (thanks, IE Developer Channel)

david 12
Bronze badge

Extended Support Release

Now that they are copying the rapid version number increment, the other thing they should copy back from FF is the Extended Support Release -- so that I don't get stuck on websites that require this months version.

0
0

NSW budget calls for lower GST threshold on imports

david 12
Bronze badge

Re: NSW budget calls for lower GST threshold on imports

I've seen $700 estimate for the all-up cost of collection on $500 (assuming the threshold was lowered to $500). Very little of this is the "cost to the customs department" -- but it's the cost you would expect to pay.

Nobody is suggesting this as a tax-raising measure. The whole point is to make importation unattractive.

They calculated in y2K that from a tax view, $1000 was the sweet spot, and it's only moved up since then.

1
0

Hacker claims PayPal loophole generates FREE MONEY

david 12
Bronze badge

Virtual credit cards

>Virtual credit cards were payment systems designed to combat online fraud by utilising temporary card numbers.

1) Do virtual credit cards still exist? If not, how old is this article?

2) If virtual credit cards do exist, who offers the service?

0
0

Page: