* Posts by sabroni

1473 posts • joined 11 May 2007

Some Androids can be HOSED by WiFi Direct vuln

sabroni
Silver badge
Facepalm

throws an IllegalArgumentException, crashing the device

Really? Might want to try catching that then, instead of letting it crash the device. FFS.

1
2

Apple patch shields Macs from Thunderstrike

sabroni
Silver badge

according to a report.

Not clear from your article, or the linked iMore one, exactly who is claiming that this is fixed. Any chance of a bit of clarity? It doesn't sound like it's Apple saying it's fixed, but both Hudson in your article and Rick Mogull in iMore are quoted from when "Thunderstrike" (cool name!) was discovered, not from after patching. So who are these "beta developers", mentioned in your article but not in iMore?

1
1

'Linus Torvalds is UNFIT for the WORKPLACE!' And you've given the world what, exactly?

sabroni
Silver badge

Re: Popularity is a terrible measure of quality.

Innit! Just look at all the upvotes on this thread....

3
1

Netadmin wanted for 'terrible, terrible, awful job nobody wants'

sabroni
Silver badge

Thank fuck for jake!

Where would the world be without you to sort shit out, eh?

11
1

Microsoft just saved Windows Phone... Now stop whining

sabroni
Silver badge

that's unfortunate

apparently "There is only room for 2 players, and both the seats are filled."......

7
0

German iron meets Monaco's highlands: Audi A1 review

sabroni
Silver badge
Unhappy

Ouch!

Now you've upset my old delta hf turbo!!!!

0
0
sabroni
Silver badge
WTF?

You can drive an Audi on a road with no-one else around?

Someone needs to tell all the audi drivers, you don't have to slipstream the car in front to get anywhere....

1
0

Buggy? Angry? LET IT ALL OUT says Linus Torvalds

sabroni
Silver badge
Happy

Re: not tolerating fools

Doesn't extend to those who can't construct a sentence then?

0
0
sabroni
Silver badge
Happy

Re: Yeah Man!

Fire up Lynx!

1
0

Want a cheap Office-er-riffic tablet? Microsoft Windows takes on Android

sabroni
Silver badge
Flame

Re: avoiding an Android monopoly is good

BURN THE HERETIC!!!!

5
0

Which of UK's major ISPs will let you have exotic p0rn? NONE OF THEM

sabroni
Silver badge
Happy

Are you new here?

4
3

Amazon's tax deal in Luxembourg BROKE the LAW, says EU

sabroni
Silver badge

Re: PR is the special olympics of electoral systems - you get elected just for turning up.

No, it's a simple system where you get elected if you get a big enough proportion of the votes. 30% of the votes means 30% of the MPs. It's complex, so I can see why you might have difficulty with it.

The good thing about FPTP is that all your rich mates get to keep running the country and pretending it's because we asked them to.

30
6

I don't think you're ready for this Jelly: Google pulls support for Android WebView

sabroni
Silver badge
Thumb Up

Re: a load of fandroids will be along to explain how any second, without a hint of irony....

See!

I love it when a plan comes together!!

1
0
sabroni
Silver badge

Re: WTF

No, no, no. This is totally, totally different to MS dropping support for XP, and a load of fandroids will be along to explain how any second, without a hint of irony....

19
5

Microsoft cracks personalisation without prying

sabroni
Silver badge
Thumb Up

Bloom Cookies!

A lot of software engineers forget how important it is to give your product a cool name. I want some of these and I don't eve know what they are!!!

6
0
sabroni
Silver badge

Re: I'm going to re-enable Ghostery etc.

NoScript it. You still see ads then but nothing dances and it's nice and quick.

2
0

Node.js fork io.js hits version 1.0 – but don't call it production-ready

sabroni
Silver badge
Happy

Re: Can anyone recall me

Yes, you're the guy who posted about microsoft keyboards then replied to himself twice getting more and more irate!! That was cool!

If you mean can anyone remind you what the point of node.js is, I believe it's to do with the way javascript's function scope allows loads of concurrent (idle) connections to take very few resources. This makes certain sorts of chatty but mostly idle systems very easy to engineer. A "proper" language would make that nice and complex!

(I've not used node.js in anger so correct me if I'm wrong!)

3
1

Don't use Charlie Hebdo to justify Big Brother data-slurp – Data protection MEP

sabroni
Silver badge

Re: re: those Germans

Yeah, Churchill and our boy's have got a lot to answer for.

1
0
sabroni
Silver badge

Re: Saying we should bomb $MiddleEasternCountry in retaliatiopn

We're discussing the Charlie Hebdo cover, not western foreign policy. I see your point, but not it's relevance.

The OP was talking about freedom of speech and comparing someone saying "I feel like Charlie Coulibaly" (a reference to the hostage taking nutjob in the pattiserie) to a picture of Mohammed saying that he "is Charlie" and all is forgiven. I can see how one of those is considered lawful and one isn't.

Bombing the middle east in retaliation would be mental, but isn't really relevant to the question of whether free speech should be unlimited or not.

Are you saying you think people should be free to say anything, including threatening other people, under free speech laws?

2
4
sabroni
Silver badge

Re: Without even a hint of irony

You're not equating drawing a picture of the prophet Mohammed with saying you feel like killing Jews are you? In the UK the second would be considered hate speech, the first is legally fine. I can understand and agree with this distinction.

12
0

It's hacker jihad: Islamist skiddies square up to Anonymous

sabroni
Silver badge

United Islamic Cyber Force

No, we're the United Cyber Force of Islam. United Islamic Cyber Force are a bunch of SPLITTERS!!!

22
0

What do UK and Iran have in common? Both want to outlaw encrypted apps

sabroni
Silver badge
Headmaster

Re: stepped foot

It's SET FOOT, FFS! Or stepped would also work.

0
0

This $10 phone charger will wirelessly keylog your boss

sabroni
Silver badge
WTF?

Re: Microsoft wireless keyboards have built in feature to defeat this

And yet people still say they're not secure!

1
0
sabroni
Silver badge
FAIL

Re: Anonymous coward

Grow up and use your username. Going anon just to call people names is pathetic.

11
1
sabroni
Silver badge
Happy

Re: Decrypt any Microsoft wireless keyboard: MUH TRUSTED COMPUTING!!

Wow. Someone's not getting any....

6
0

Boybanders ONE DIRECTION launch DoS attack on open-source bods

sabroni
Silver badge
Thumb Up

Re: Babymetal

Su-metal has an awesome voice, I read somewhere that the entire project was dreamt up as a vehicle for her. Certainly sounds nothing like a cat being strangled. The little'uns are a bit more shrill but they're there for dancing more than singing.... Altogether they're a breath of fresh air in a increasingly fragmented and insular metal scene!

1
0
sabroni
Silver badge

Re: Does anyone, anywhere, actually care?

No. You can tell by the fact no-ones commenting on the story.... Well, except for all the comments about not caring.

5
0
sabroni
Silver badge
Thumb Up

Re: Then swapped to the next story.

Then came and commented on how you weren't interested in it. Cool!

10
0

DAMN YOU! Microsoft blasts Google over zero-day blabgasm

sabroni
Silver badge

Re: Best interests?

>> Or they could just say they have a problem and admit it, together with an idea of when they can be arsed to fix it. <<

Umm, that's exactly what happened. The problem was Google didn't want to wait the few days between their "deadline" and patch Tuesday. Next time you pull a quote from an article maybe you should read it too?

3
2

Elite: Dangerous 'billionaire' gamers are being 'antisocial', moan players

sabroni
Silver badge
Thumb Up

Re: It's for kids!

Well one of you can spot a joke. To the rest, thanks for your informative posts and many downvotes! I'm here all week. Try the fish!

1
10
sabroni
Silver badge
Happy

Yeah, like I'm going to read all that.

I preferred the wild speculation and opinion tbh.

0
4
sabroni
Silver badge

>> "But you're just reporting the wild speculation and opinions of a noisy minority of forum whiners with no basis in fact"<<

I like the way you backed up your comment with all those references and facts! Or is it just wild speculation and opinion?

14
6
sabroni
Silver badge
Happy

It's for kids!

Grow up!

3
36

It's 2015 and ATMs don't know when a daughterboard is breaking them

sabroni
Silver badge

Re: anyone know if its possible to get banks to disable payment-by-bonk on your card?

I asked for a card without it and they told me very politely to fuck off, so I doubt it.

1
0

HTTPS bent into the next super-cookies by researcher

sabroni
Silver badge

Yes, but the example code just uses a load of different prefixes on the same domain. Then you just use script to access each sub domain in turn using http and if the browser uses https instead then you know that bit is set.

2
0
sabroni
Silver badge

Re: Ahh, but reading the original article does

Ok, it's not very clear from the article but as far as I can tell it's to do with using the fact that a single site is HSTS enabled as a bit and storing an identifier by hitting lots of sites.

So (I think) the idea is you set up 8 domains for example (to hold a byte). Hit each in turn with a url containing a flag to ask the server to respond with "HSTS enabled" to store a 1 or "HSTS disabled" to store a 0. Then later the code attempts to read those sites again without the flag and using http. The server responds indicating whether the connection was https or not and you can reconstruct your byte with that information!

Yeah, as Google responded "defeating such fingerprinting is likely not practical without fundamental changes to how the Web works". For once I agree with Google. Gah!!!

3
0
sabroni
Silver badge

Investigation helps not!

So reading up on this on Wikipedia and others I see that HSTS is effectively an https only header that tells a browser to i) communicate with the domain using only https for a specific time and ii) interpret any secure transport errors as meaning it should stop communication immediately. The header is ignored on http requests and shouldn't be sent.

So in normal use there is a potential for MITM attacks during your first contact with an HSTS site as the redirect to https happens with the usual 301. Once you connect with https you get the special header and your browser knows to always communicate to the domain using https, making further MITM attacks very difficult.

No where in that is there any requirement for this information to be shared with any other domain, or any advantage to doing so. I don't see anywhere in there a requirement for a magic number between the domain and the browser. What this generates is a private list of sites and durations that the individual browser uses to force https on certain sites.

So how did this become a tracking issue?

1
0
sabroni
Silver badge

Re: the issue is about being able to use it as part of a "fingerprint",

Sorry, that explanation doesn't really help.

What is the "it" you're referring to?

The article says:

>> His point is that an HSTS “pin” is set for each HTTPS-redirected site you use, it's unique to user and site, and it's readable from your browser settings by any site <<

That looks like a domain issue, specifically "it's readable from your browser settings by any site". Is the article wrong? What am I missing?

4
0
sabroni
Silver badge

Re: If this was a cookie, it should only be readable by the server that set it.

Exactly! Isn't the issue here about boundaries not protocols? Why can other sites see a domain specific secret?

7
0

Music fans FUME over PJ Harvey ticket CHAOS as Somerset House site buckles

sabroni
Silver badge

Re: so all the "heart" and "honesty" vanishes

No, it doesn't. What you're talking about is to do with your attitude to artists and whether you think they're cool or not. Artists change over time and success can definitely change them, but it's much more complex than "successful = bad, underground = good". Step away from that and just start listening to the music. Maybe you'll find there are successful acts you actually enjoy listening to, even though they're trying to make music other people like. Some times when an artist tries to make music people like they succeed!!

0
0
sabroni
Silver badge
Happy

Re: and pray tell me how anyone can find out they don't like a track without first listening to it.

Forsooth, good sirrah, for surely that is an impossible task. But nevertheless, one can listen to said track and dislike it without expounding on it's vagaries in the comment section beneath. If one does indeed post in such a manner, then one should not take offence if a gentle ribbing ensues....

0
0
sabroni
Silver badge
Thumb Up

Re: I know right!

Why do people insist on listening to music that you don't like? Fucking idiots.

0
0

Double-digit tablet growth spurt is OVER, say pundits

sabroni
Silver badge

Re: Powerful PC adds dynamic range

And what do you use when you need to get over yourself? I assume lifting gear is required....

4
1

Space Commanders lock missiles on Elite's Frontier Devs

sabroni
Silver badge

Re: so I might even buy it

Purchase it now and you are buying it, those who got it from KickStarter were funding it's development in return for a copy of the game. If you can't tell the difference then maybe you shouldn't be on kickstarter.

9
9

Untangling .NET Core: Open source for Windows, Mac, Linux

sabroni
Silver badge

Re: No sane dev wants anything to do with MS

So everyone who disagrees with you is insane? Seems unlikely....

7
2

Spanish scraper scrapped: Google axes Google News

sabroni
Silver badge
Facepalm

Re: Google is very successful and you are simply jealous

Am I? Of course I must be, what other reason could there possibly be to criticise Google?

2
2

Microsoft pulls a patch and offers PHANTOM FIX for the mess

sabroni
Silver badge
Happy

Re: Just sayin'

Instant downvote. Just sayin'.

0
2

Europe's top court mulls vandal's right to privacy after bloke catches thug on home CCTV

sabroni
Silver badge

Re: e.g. Google Glass

Sweet! Make users carry signs!!

(Signage? What is it with the desire to use a fancier sounding word? They're signs, not "signage"!)

1
0
sabroni
Silver badge
Stop

Re: retard

You better mean that as "slowing" and not "mentally disabled". As a term of abuse it's unacceptable. Rein it in.

3
5

Forums