Feeds

* Posts by brooxta

129 posts • joined 2 Sep 2009

Page:

Apple slings fanbois' data at Chinese servers in China Telecom deal

brooxta

"Disingenuous"? You're going with that?

"If they're making out that the data is protected and secure that's a little disingenuous because if they want to operate a business here, that'd have to comply with demands from the authorities," said Jeremy Goldkorn

It's more than disingenuous, it's the lie that everyone swallows when they sign up for cloud-based anything anywhere, not just China.

3
0

Giving your old Tesco Hudl to Auntie June? READ THIS FIRST

brooxta

It's not your auntie June you should be worried about

... it's who she passes it on to afterwards.

After all, auntie June is probably not going to have the elite hacker skills necessary to discover the undeleted files on the (emulated) sdcard. So you're safe for now. But only until she sells it on eBay for ££.99 (excl p&p).

And then you're both done for...

0
0

It's time for PGP to die, says ... no, not the NSA – a US crypto prof

brooxta

Re: He's right! PGP sucks to use!

@Joe Harrison

Its practical use is that it serves as a working system for many tech-savvy types, and also as a standard for other systems.

PGP was invented years ago and it was an enormous step forward, even though it was as tough to use then as it is now (in fact tougher - ever tried using it on a 386?). The thing is that the problems it set out to address then have only become worse in the intervening time: now there is not just the concern that it is possible to exercise mass-surveilance on populations in the "west", but the proof that it is in fact happening.

I don't know what the next big step forward will be or where/who it will come from, but I do know that it will need to give us at least what PGP does. Otherwise it won't be a step forward, but rather backwards.

The experts tell us that cryptography is hard and good cryptography is even harder. From my experience I would tend to agree. The question is, is it worth it? And attempting to answer that question leads you on to other rather bigger questions.

4
0
brooxta

Re: Not saying PGP is perfect

> And how do you trust an email or key server?

That's what the fingerprint is for. You use it to verify that what you downloaded is actually correct.

2
0
brooxta

Re: Not saying PGP is perfect

You don't need the whole certificate/key in a qr code, you can send that as an email attachment or download it from a web page or key server. The qr code would be useful for the key fingerprint though, which should be much more manageable. You would then use the fingerprint encoded in the qr code to verify you had downloaded the right key.

5
0
brooxta

Re: He's right! PGP sucks to use!

It might suck to use for all the reasons he gave, and yes SMTP sucks because it was designed without security in mind, but there is one reason at least why PGP absolutely rocks:

You can use it to encrypt a message to send via just about any medium. And you can verify that security independently of the infrastructure you used to communicate.

As soon as you start to build a monolithic "secure" system you lose that independence, which is a big loss.

In every secure system I am aware of (and I should say that I in no way consider myself an expert in the field) there is always a trade off between convenience and security. You can have more of one but it means less of the other. If this guy has come up with a way of increasing the convenience without losing any of PGP's security then I'm all for it, but if he's advocating the opposite I don't want to know.

36
0

Totes AMAZEBALLS! Side boob, binge-watch and clickbait added to Oxford Dictionary

brooxta

Re: Each year we get the 'new words' announcement...

Re @Pet Peeve

That's right. It's kind of the ultimate listicle for word-geeks.

0
0

Boffins brew TCP tuned to perform on lossy links like Wi-Fi networks

brooxta
Unhappy

"TCP/IP protocol"

Grrrr.

2
0

Who needs hackers? 'Password1' opens a third of all biz doors

brooxta

Re: Correct horse battery staple

> 'N^a&$1nG' could be cracked in approximately 3.75 days

That was the most worrying part of the article!

0
0

New voting rules leave innocent Brits at risk of SPAM TSUNAMI

brooxta
Trollface

It's all part of the rise of the corporations - a necessary step. Haven't you read any dystopian sci-fi?

11
0

Murder accused DIDN'T ask Siri 'how to hide my roommate'

brooxta

Re: I'm more impressed

Probably best not to turn the microwave on, unless you want to burn your phone... but that usually means something different.

0
0

The internet just BROKE under its own weight – we explain how

brooxta

Re: We need IP6

We can't be too prolific with our IP versions. The version field in the IP packet header is only 4 bits long = a maximum of 16 versions ever without breaking compatibility completely.

2
0
brooxta

> geeks who want to do it cos its cool to have a v6 connection from your bedroom

Yes, because when was the last time a geek in their bedroom changed the face of the internet as most people know it?

1
3
brooxta

Re: You don't need NAT for IPv6

Yes. If it does NAT it is, to all intents and purposes, a firewall.

And as to latency, which do you think is quicker/less resource intensive:

NAT: checking whether a packet is allowed to cross the lan/wan boundary, tracking which ones do and rewriting the address and port number on all of them.

IPv6: checking whether a packet is allowed to cross the boundary or not and forwarding them essentially unmodified if yes.

6
9

Snowden leaks show that terrorists are JUST LIKE US

brooxta

Removable batteries

Yet another reason to demand a device with a removable battery from your smartphone vendor of choice.

9
0

Fifteen zero days found in hacker router comp romp

brooxta

IOW be afraid, be very afraid

So presumably this doesn't necessarily mean that every domestic router is pwned, but certainly that just about anyone can be.

3
0

On test: Samsung 845DC EVO 3-bit Toggle MLC and 845DC PRO 3D V-NAND SSDs

brooxta
Boffin

Tantalum Capacitors

I make it 21, not 23 as the article says. Or are there two extra ones hiding behind a controller chip on on the other side?

0
0

Ancient pager tech SMS: It works, it's fab, but wow, get a load of that incoming SPAM

brooxta

Re: Can you turn it off?

@AMBxx

It's called a tablet. But then you still need a mobile for voice, so it's a catch 22. Unless of course you can make do without GSM/POTS in which case VoIP/Skype may do it for you.

0
0
brooxta

Re: The biggest challenge ...

That doesn't really sound like a holiday...

20
1

TracBeam sues Apple over location

brooxta

Re: A US patent doesn't seem to be worth the paper it's printed on anymore

I think you'll find somebody has already patented that idea, as long as it's printed using a computer.

6
0

Yahoo! will! deploy! end-to-end! email! crypto! by! 2015!

brooxta

Re: PGP eh?

That's a good question, one that everyone familiar with public key cryptography would know to ask.

If Yahoo! did anything like storing unencrypted private keys on their servers then their implementation would be slammed by everyone with any security credibility and the whole thing would be dead in the water.

Since most users have No Clue (in this case, specifically, about email privacy and cryptography) then Yahoo! will be dependent on third party assessments of their security product/model in order to gain traction and buy in.

That being the case I would be fairly confident that Yahoo! will handle the key safely (ie. either only stored locally on the user's computer, or else - like Lastpass - storing an encrypted copy on their servers and only ever decrypting it locally).

0
0

'Up to two BEEELLION' mobes easily hacked by evil base stations

brooxta

Recipe for disaster

Ingredients:

1x OMA-DM (with backdoor conveniently left open, or not fitted at all)

1x stingray (fake mobile phone tower)

Blend with Machiavellian malevolence to taste. You may like to add the odd cackle or two for good measure.

The result:

A deliciously effective means by which to crack citizens mobile phones en masse. I bet someone's thought of that before (and deployed and used it).

0
0

The Therapod diet: From HUMUNGO DINO to TINY BIRD in 50m years

brooxta

Therapod diet

It's not exactly a crash diet now is it?

230+kg over 50m years, that's around 0.005 grammes per year.

Is it for featherweights?

0
0

Wireless charging stretches the friendship by 45mm

brooxta

Re: 2KW across 35mm !!

I wonder what one of those would do to a misplaced set of keys? Especially if one of those keys was a car key with a radio coil (or IC equivalent) inside.

0
0

Nice computers don’t need to go to the toilet, says Barclays

brooxta

Re: >> did you make it to your user group meetup

Which user group did you say it was? ;-)

0
0

NSA man: 'Tell me about your Turkish connections'

brooxta

Re: The chocolate is still ****, though.

He could have been a bit more polite about it (when in Rome/Baaaston and all that), but I agree.

1
1

Comcast bosses: THAT pushy sales rep was only obeying orders

brooxta

Insert subtitle here

Retention department retrenches: retrains retaining reps.

2
0

Apple: We'll unleash OS X Yosemite beta on the MASSES on 24 July

brooxta

I take it you are also anticipating a calamitous sky-falling-on-our-heads event following the revelation that Apple PR communicated directly with El Reg. Will wonders never cease?

1
0

The answer to faster wireless is blowing in the wind

brooxta

Re: read all about it

Must be some weird quantum optical effect. Wave - article duality?

2
1

New Star Wars movie plot details leak, violate common sense and laws of physics

brooxta

SPOILER ALERT

Star Wars franchise storylines not in fact based strictly on reality and the known laws of physics!!!

Oh wait...

Next time I must remember to use The Force before posting.

>Gets coat<

PS maybe the producers were trying to come up with a really gripping way if opening the film ... But they needed a hand?

>Dons coat<

>Leaves<

5
0

Google's Pankhurst doodle doo-doo shows the perils of using Google to find stuff out

brooxta

missing the point

I think the real issue here is the way that Moss Side gets referred to as a "suburb" of Manchester by so many sources. From my own recollections "zone" or "theatre" might be better word choices.

4
0

Get an EYEFUL OF CURRY for the sake of your brain

brooxta

memories

I thought plaques helped people remember stuff. Obviously not when it comes to Alzheimer's. You learn something new...

1
0

Another 'NSA-proof' webmail biz popped by JavaScript injection bug

brooxta

Re: Browsers cannot be secure...

Something like Enigmail?

0
0

Airbus to send 1,200 TFlops of HPC goodness down the runway

brooxta

Pilots-as-a-service

No word in the article on what they're using this computing power for... So I'm left to guess that they're using it for a new pilot-as-a-service scheme for new aircraft. Brings a while new meaning to the term "cloud computing".

0
0

FAKE Google web SSL certificates tip-toe out from Indian authorities

brooxta

Re: Longitude prize

Yes it appears intractable. But it's also very important. Hence the longitude prize suggestion, slightly tongue in cheek.

0
0
brooxta

Longitude prize

This is why we need an alternative to the certificate authority model. Currently we have something that has some of the mechanisms and appearance of security but with too many caveats. There is far too much trust placed in the hands of too many organisations, many of whom are not obviously and transparently known to be trustworthy and some of whom are known to be systematically or ideologically compromised.

Consider including this problem on the longitude prize list?

7
1

Booze in SPAAAACE! Brit rocket boffin preps bold stratobeer mission

brooxta

Re: You say "unsymmetrical", I say "asymmetrical"...

You could ask the in-laws by loud hailer from the recommended safe distance of five hundred metres while they perform the necessary close inspection (by ingestion) to distinguish the two.

0
0

Google spares founders from TERMINATORS, but not Eric Schmidt

brooxta

Re: "what does that make Eric Schmidt?"

A mandroid.

1
0

Your Android phone is a SNITCH: Wi-Fi bug makes you easy to track

brooxta

Re: Since the phone knows your location....

If I understand what you're saying correctly I think someone may have already had this good idea...

https://play.google.com/store/apps/details?id=net.kismetwireless.android.smarterwifimanager

1
0

True fact: Your CAT wees ... like a racehorse

brooxta

Re: thats a bit closed minded !!

Yep. With this kind of basic biological research you have to be committed. Either urine or you're out.

I'm out, ta for my coat.

10
0

Who gives a F about privacy? New scorecard rates US pols on spying

brooxta

Re: Greenpeace Blimp?

Consider your question seconded! Is this mission creep from Greenpeace? What does this stunt achieve for them, beyond establishing that they are fond of flying, which actually we already knew about.

4
2

Yahoo!: Yes you, YouTube content-maker. GET IN MAH BELLY!

brooxta

Explanation mark

That's because at Yahoo! everything goes with the bang.

3
0

US Supremes just blew Aereo out of the water

brooxta

Minority Report

So if an individual set up their own hardware and software to do the same thing for themselves would they be in trouble? If not then I think SCOTUS got this rather wrong.

8
0

Google mulls splashing MEEELLIONS on laying fat pipe in watery depths

brooxta

bandwidth not privacy

The USS Jimmy Carter et al can grant the NSA physical access to the raw feed pretty quickly.

Google are likely in this only for the bandwidth. Security/privacy will have to depend on encryption (as A Blowhard stated above).

1
0

Bored yet? Now there's ANOTHER OpenSSL fork – it's from Google

brooxta
Boffin

Details details

Does anyone know which protocols the new software supports and which cipher suites? And then how does that compare/differ to vanilla OpenSSL? From what I can work out from a quick scan of the linked-to git repository it seems to basically be the same as OpenSSL but maybe not quite as many cipher suites supported. But I could well be wrong.

0
0

Microsoft: NSA security fallout 'getting worse' ... 'not blowing over'

brooxta

Cloud security

When it comes to security in the cloud or in closed source products I am reminded of the Henry Ford quote about his cars, "Any customer can have a car painted any colour that he wants so long as it is black." The modern IT equivalent appears to be, "You can have any kind of information security you like so long as it is crap."

34
0

Mobe battery flat? These ELECTRIC PANTS will pump things up

brooxta

But what kind of pants?

Trousers - maybe.

Underpants - no way!

1
0

High-end storage tanked, but 'HDPA' storage about to soar says IDC

brooxta

Tilte issues

> High-end storage tanked, but 'HDPA' storage about to soar says IDC

>That'd be 'high performance data analysis' kit for HPC-inspired Hadoopery

So, presumably that'd be "HPDA" rather than "HDPA"? :-)

Although I'm all in favour of HDPA, anything that improves the sound quality on most public address systems would be a good thing.

0
0

Han Solo headed for lengthy stay in bacta tank after Bay Door Control cockup

brooxta

Re: light sabre duel

Hmmm, and that nicely explains why he's the one in hospital doesn't it?

3
0
brooxta

Garage door my as...

... asteroids.

I bet it was a light sabre duel with JJ Abrams about whether the lens flare in a particular shot was going to obscure the trademark H Ford eyebrow-raise-and-eye-roll combo.

1
0

Page: