* Posts by Fazal Majid

541 publicly visible posts • joined 16 May 2007

Page:

Google listens to New Zealand just long enough to ignore it

Fazal Majid

Re: Another example...

Google can and does suppress content in specific locales, such as the EU’s right to be forgotten. The difference of course is that the EU has much more heft than New Zealand, and their Civil (Roman) Law courts take a dim view of sophistry the more capricious Common Law jurisdictions like NZ or the US sometimes let slide.

Publishers tell Google: We're not your consent lackeys

Fazal Majid

Re: @AC

IP addresses are explicitly considered PII under GDPR. Google doesn’t get to make that determination.

Opt-out is also not sufficient, the user has to explicitly opt-in (checkboxes checked by default are considered invalid consent and still expose the data controllers to steep fines, as they should).

Europe fires back at ICANN's delusional plan to overhaul Whois for GDPR by next, er, year

Fazal Majid

Re: Interesting wording

Yes, many consumer groups like La Quadrature du Net have their class-action complaints ready for May 25, but their focus today is Facebook and Google.

Fazal Majid

The public data in WHOIS is so often obfuscated as to be useless. Copyright lawyers have access to a private database with full details, that’s what this whole debate is about.

ICANN’s delusion is because they are used to the capricious arbitrariness of (British-inspired) Common Law rather than the rules-based (Roman) Civil Law where judges don’t have the latitude to give their buddies or fellow members of the elite a break just for the asking.

We pick a storage CTO's brains on Linux-heads, big vendors – and should all the admins NVMe?

Fazal Majid

Re: The business case is pretty good.

Indeed. The whole point of NVMe is to reduce latency by getting rid of legacy SCSI command bloat. Adding the latency of FC or Ethernet would be a huge step backwards, which is why it makes no sense to anyone other than storage networking vendors in denial about their irrelevance in an era of microsecond latency.

Cloudflare touts privacy-friendly 1.1.1.1 public DNS service. Hmm, let's take a closer look at that

Fazal Majid

Hence the support for DNS over DTLS

Most DNS resolvers don’t support it yet, however, so a proxy on the LAN (or in the router) will be needed.

Google lobbies hard to derail new US privacy laws – using dodgy stats

Fazal Majid

The true danger of GDPR for Google

Is not the right to be forgotten, but the requirement for data collection to be opt-in, not opt-out. The opt-in has to be genuine and informed, i.e. a checkbox enabled by default does not qualify.

Uncle Sam slams plans to give govts final say over domain privacy

Fazal Majid

Whois is already useless

Many, possibly most Whois entries are obfuscated by proxy registration services, usually the registrars.

OK, who is shooting at Apple staff buses in California? Knock it off

Fazal Majid

Those buses are nondescript

Apple, Google et al like to be discreet about them and you can’t always easily tell them apart, certainly not at highway speeds.

Long haul flights on a one-aisle plane? Airbus thinks you’re up for it

Fazal Majid

Re: How bad does it have to get?

The problem is Delta bought Virgin, or most of it, and they are aligning VA to their legendary standards of disservice.

Fazal Majid

Re: I hate the nickel-and-diming

The reason why they do that is the extras are not shown on comparison pricing sites like Orbitz or Kayak. Deceptive as hell, but when the FAA tried to mandate full transparency, they were forced to back down by the airline lobby.

RIP Ursula K Le Guin: The wizard of Earthsea

Fazal Majid

Re: Six Earthsea books

7 total. There's also Tales from Earthsea and The Daughter of Odred (although the latest is a novella).

Fazal Majid

Re: A good read?!

There's the Ghibli film, directed by Goro Miyazaki (Hayao Miyazaki's son), loosely based on The Furthest Shore. It is far more faithful to the original and she begrudgingly accepted it.

Ecuador tried to make Julian Assange a diplomat

Fazal Majid

Usually you get the option to change your name when you get naturalized. They should have named him Jose Garcia and asked for diplomatic papers under that name, and pulled a fast one that way.

The only real victims in this farce are the long-suffering Ecuadorian diplomats in London.

You. Apple. Get in here and explain these iOS slowdowns and batteries – US, French govt reps

Fazal Majid

Yep. Question 9 should be: what is the design lifespan of those batteries?

Ugh, stupid power supplies hogging server density, who needs 'em?

Fazal Majid

Fire hazard

What could possibly go wrong with a technology (lithium batteries) with a known record of spontaneous combustion being put in a large number of small, hot enclosures?

Euro Patent Office commanded to reinstate 'Nazi judge' it attacked

Fazal Majid

St Germain en Laye

Is an exceedingly tony suburb of Paris, as befits the birthplace of Louis XIV, and as much a part of Paris as Hampstead would be in London. This is not at all to minimize the brazen and repeated abuses of power Mr Batistelli committed while in office. I hope his departure will lead to reforms in the EPO's governance.

Badass alert: 1 in 5 Brits don't give a damn about webpage crypto-miners

Fazal Majid

Doesn’t make sense

Given how slow general purpose CPUs are compared to GPUs, how even GPUs have been superseded by ASICs for Bitcoin, and how JavaScript code is orders of magnitude slower than the native C/C++ code that can"t compete with GPUs, I don’t understand how this can make money for the operators. Granted, crypto currencies other than Bitcoin or Ethereum have not started the hardware race of their more mature forebears, but it would probably take less effort to code a CUDA or OpenCL implementation of Monero than all this infrastructure for JS mining.

Remember the 'budget' iPhone SE? Apple plans an update – reports

Fazal Majid

Very encouraging

The lightning port on my iPhone 6 is dying, as had the previous one I had to replace under warranty 2 years ago. I'd love a small inexpensive iPhone with wireless charging, as my primary mobile device is an iPad Pro 10.5", not an iPhone.

IETF mulls adding geoblock info to 'Bradbury's code'

Fazal Majid

Well, at least it’s not useless garbage like the “I’m a teapot” HTTP status code 418.

Europol cops lean on phone networks, ISPs to dump CGNAT walls that 'hide' cyber-crooks

Fazal Majid

Re: There's no incentive for IPv6 in the west

Not so. Large service providers have to get IPv4 addresses on the black market nowadays, at around $10/IP. Microsoft bought Nortel's /8 at its bankruptcy auction, and Amazon bought big chunks of MIT's /8 for AWS.

Beware the GDPR 'no win, no fee ambulance chasers' – experts

Fazal Majid

Re: Dwarves???

Tolkien admitted as much:

No reviewer (that I have seen), although all have carefully used the correct dwarfs themselves, has commented on the fact (which I only became conscious of through reviews) that I use throughout the 'incorrect' plural dwarves. I am afraid it is just a piece of private bad grammar, rather shocking in a philologist; but I shall have to go on with it. Perhaps my dwarf – since he and the Gnome are only translations into approximate equivalents of creatures with different names and rather different functions in their own world – may be allowed a peculiar plural. The real 'historical' plural of dwarf (like teeth of tooth) is dwarrows, anyway: rather a nice word, but a bit too archaic. Still I rather wish I had used the word dwarrow.

The Letters of J.R.R. Tolkien 17: To Stanley Unwin, Chairman of Allen & Unwin. October 1937

Dot-Amazon spat latest: Brazil tells ICANN to go fsck itself, only 'govts control the internet'

Fazal Majid

Re: The whole thing's stupid

Yep, just a greedy land-grab by registrars looking to shake down multinationals and trademark owners for more registration fees under the new gTLDs.

Aw, not you too, Verizon: US telco joins list of leaky AWS S3 buckets

Fazal Majid

Usability is to blame

AWS and S3's permissions system has got to be some of the most baroque, over-engineered and complicated permissions format ever devised. It's not surprising so many fail to get it right.

Apple bumps up price on iPad Pro as flash costs climb

Fazal Majid

The iPhone X is $1149, not $999

It doesn't make any sense to get one with a measly 64GB of flash.

Oracle's systems boss bails amid deafening silence over Solaris fate

Fazal Majid

Re: Not the repo you're looking for

Unfortunately OmniTI disengaged itself from OmniOS. Whether the project is sustainable as a community project is anyone's guess:

https://lists.omniti.com/pipermail/omnios-discuss/2017-April/008699.html

Rolling in personally identifiable data? It's a bit of a minefield if you don't keep your feet

Fazal Majid

PII covers more than you think

IP addresses and device IDs like the Apple Identifier for Advertising or Google Android Advertising ID are considered PII, and thus GDPR encompasses more than many companies think.

Minnesota Senator calls out US watchdogs: Why so cozy with Amazon?

Fazal Majid

The fact Target is headquartered in Minnesota must be fortuitous.

Node.js forks again – this time it's a war of words over anti-sex-pest codes of conduct

Fazal Majid

We'll see if the Ayo fork gets any traction. The previous one Io.js was motivated by complaints that the main Node.js project then run by Joyent was too slow at incorporating technical feedback and contributions from outside the company, i.e. the technology was not progressing as quickly as it should.

This fork is driven purely by process and personality conflicts, and is thus much less likely to provide benefits (new features or bug fixes) to the average Node.js developer. The fact it was launched before the Node.js board had the opportunity to respond to the complaints also looks like a fit of pique. After all, policy concerns around inclusiveness are not technical, and thus belong to the board, not to a technical steering committee.

Nasty firmware update butchers Samsung smart TVs so bad, they have to be repaired

Fazal Majid

They were unusable to begin with

What with Samsung SmartTVs' horrendous UI. Bricking the device is more like a mercy killing, really.

What code is running on Apple's Secure Enclave security chip? Now we have a decryption key...

Fazal Majid

Re: No public code review --> security by obscurity.

The Secure Enclave runs a variant of the L4 microkernel, one version of which (seL4) was proven secure using formal methods. No one knows if Apple performed the same kind of analysis on SEPOS. but they have clearly given serious thought to their design.

Google paying Apple BEEELLIONS to stay search top dog on iDevices, say analysts

Fazal Majid

Apple may have a branded DuckDuckGo in the works

Over the last 2 years or so I've seen online surveys that suggest Apple is working with DuckDuckGo on a co-branded search service. I doubt Apple would voluntarily forgo Google's billions for default placement, but it would be a credible threat if Google is foolhardy enough to believe its brand trumps the power of defaults.

Marketing giant Marketo forgets to renew domain name. Hilarity ensues

Fazal Majid

You can usually renew domains for ten years

Of course the flip side is that by the time the renewal notice comes in, whoever did it the last time likely has left the company...

Two-factor FAIL: Chap gets pwned after 'AT&T falls for hacker tricks'

Fazal Majid

That's why NIST deprecated SMS authentication

in the draft SP 800-63-3 guidelines, which also discourages other security theater like forced password rotations and crackpot password composition rules:

https://www.schneier.com/blog/archives/2016/08/nist_is_no_long.html

You think your day was bad? OS X malware hackers just swiped a Mac dev's app source

Fazal Majid

Re: Lost ?

Every git checkout is a full backup of the code repository, including his colleagues/employees, so in the worst case they'd lose a few days' work that hadn't been pushed to the Git server and pulled by the other devs.

DocuSign forged – crooks crack email system and send nasties

Fazal Majid

The perils of outsourcing

Sounds like their email marketing provider was compromised. No doubt marketing selected the said provider based on the color scheme of their website with no input from IT or security audit.

Yeah, keep buying those SSDs, grins Seagate: Your data will be on our disks eventually, muaha

Fazal Majid

Delusional

Sure, there is an argument to be made for disk replacing tape as the backup and archiving medium of choice, but that is not a path to riches, as can be seen by comparing the market cap of Seagate or WDC and Quantum.

That apple.com link you clicked on? Yeah, it's actually Russian

Fazal Majid

A simple fix

Would be to block IDN on the .com zone, where the vast majority of attempted impersonation would likely occur.

BMW chief: Big auto will stay in the driving seat with autonomous cars

Fazal Majid

Unjustified arrogance

I am a BMW driver, and given the horrendous nature of their in-car electronics and software, I have severe doubts about their software chops. They are resisting Apple CarPlay and Android Auto despite clear customer demand for in-car software that doesn't suck, and think they can play the same customer-hostile games with autonomy.

In any case, it's not relevant. Tesla outsells BMW, Audi and Mercedes 2-to-1 in the $50K+ segment, and is now coming to eat their lunch in their bread-and-butter entry-level luxury (3 Series / A4 / C Class) segment with the model 3. Despite having nearly 10 years warning, the luxury brands don't have an even remotely compelling all-electric offer for sale today, just vaporware. They are going to be too busy scrambling to survive to be fighting on the autonomous driving front, where Google et al have hired up all the machine learning PhDs needed to make the required breakthroughs.

Banking group denied access to iPhones' NFC chips for alt.Apple.Pay

Fazal Majid

Apple's refusal to cooperate can't have been a critical factor—they could only stall, but not block it if they did not prevail in the appeals process, and regulators have limited tolerance for scofflaws.

The deciding factor is clearly that the regulators see mobile wallets as competition for the entrenched banks, and allowing them to coopt the former would reduce competition, quite rightly in my view. The situation might be different if others asked for this, e.g. telcos.

As ad boycott picks up pace, Google knows it doesn't have to worry

Fazal Majid

Re: Excellent

Toyota and DJI drones certainly enjoy their custom.

Everspin's new gig: a gig or two of non-volatile RAM on PCIe

Fazal Majid

DDRDrive

DDRDrive introduced a similar product years ago. It held 4GB of DRAM backed by GB of SLC NAND and a supercapacitor, for $2000 list. If the card detects power loss, the supercap has enough juice to write the RAM contents to the flash. It was primarily marketed to ZFS users to accelerate the ZFS intent log (write cache), as DRAM does not suffer from the performance cliff of most SSDs.

Public IPv4 drought: Verizon Wireless to stop handing out static addys

Fazal Majid

Verizon, not Verizon Wireless

I don't know of any wireless service that hands out static IPs, there is not much call for them unless you are running servers.

Kodi-pocalypse Now? Actually, it's not quite here yet

Fazal Majid

Shaming

The end credits to X-Men Apocalypse had a message "This movie created 15,000 jobs", presumably to make people feel bad about pirating. I'm not sure how much of an impact this would have in a society rife with narcissism and self-rationalized bad behavior, the example being set from the above.

Aah, all is well in the world. So peaceful, so– wait, where's the 2FA on IoT apps? Oh my gawd

Fazal Majid

Re: Goolge can't even get their subsidiary use their own 2FA tools

Yes, SMS based 2FA is deprecated by the current drafts of the NIST SP 800-63-3 authentication standard, and due to be banned altogether in the next. SMS relies on the abysmal security of GSM standards and can be spoofed by a DIY Stingray involving about $2000's worth of hardware and GNU Radio.

This is security theater at best.

Rap for chat app chaps: Snap's shares are a joke – and a crap one at that

Fazal Majid

"went against the underwritten rules of Wall Street"

I think you meant "went against the unwritten rules of Wall Street".

Shopping for PCs? Ding, dong, the Dock is dead in 2017's new models

Fazal Majid

AMD Naples workstations

What I am looking most forward to is AMD's 32-core/64-thread Naples server CPU, for use in my development workstation. I can exploit the cores doing parallel builds, but Intel's extortionate Xeon pricing means I am currently limited to 4 measly E3-1670v3 cores.

$310m AWS S3-izure: Why everyone put their eggs in one region

Fazal Majid

US-East is popular

Because half the US population lives in the Eastern Time Zone.

Amazon only recently (4 months ago) opened its US-East-2 region. Many people haven't heard about it yet (I hadn't until just now) and in any case it is based in Ohio, which is nowhere near as big a connectivity hub as Virginia.

Silicon Valley tech bro's solution for homeless: Getting himself in the news. Again.

Fazal Majid

SF only pays lip service to homelessness

Sure the tech boom has put a lot of strain on an under-supplied housing market (thanks in no small part to NIMBYs stifling any high-density residential construction), but it's also brought in an extra $4+B in tax revenues per year, a truly staggering amount. That windfall would allow the city to purchase housing for every single homeless person in a single year.

SF sees fit to fritter it away instead on things like $500+M for bike lanes over the next 10 years (total cyclist population: 14,000). Of course, homelessness is a complex social problem with mental health and substance abuse implications, but the simple truth is for all it's liberal self-image, San Francisco would rather wring its hand about homelessness than actually put its money where its mouth is.

Google Chrome 56's crypto tweak 'borked thousands of computers' using Blue Coat security

Fazal Majid

Re: The curse of "Blue" security

Blue is the corporate color par excellence. It symbolizes trust, loyalty, authority,

conservatism, business in Western cultures:

https://www.six-degrees.com/pdf/International-Color-Symbolism-Chart.pdf

https://www.flickr.com/photos/philgyford/56867986/

The headline is wrong, this is clearly Bluecoat's fault for misimplementing TLS 1.3, and not testing it against the browser with 50% market share. If they had not implemented TLS 1.3 at all, the browsers would have fallen back to TLS 1.2.

Page: