Posts by Franklin
459 posts • joined Thursday 17th May 2007 16:15 GMT
Re: See icon
Do you keep other people's email passwords in your Contact lists?
Re: WOW, Jealousy reigns supreme
"Once you became exe's, that should have been the end of it regardless of any offspring. Give it up and move away if you have to, but just forget about it and get on as best you can. They are not worth your life."
I dunno, I'm still close friends with many of my exes.
Re: How are Apple (or Amazon) acting illigally
Apple (and other companies) aren't breaking any laws. The tax codes permit them to do what they're doing.
Those tax codes are written by politicians. Politicians require boatloads of cash to get elected. Large corporations like App,e and General Electric and ExxonMobile have large boatloads of cash, which they give to politicians who make these activities legal. See the problem?
I remember the first year I started in business for myself. I incorporated as a small corporation doing Web and database programming and general consulting. Did pretty well for myself that first year, at least by the standards of a tiny operation, but you can imagine how I felt when my accountant told me at the end of the year that I would be paying more corporate income tax than Microsoft (who, you may correctly deduce, made rather a lot more profit than I did...).
So Java has a lot of problems with security...
...and Oracle has decided to address the problem by changing the version numbering scheme.
Whew! That's a relief. I'm glad that's sorted, then.
Re: What about the religious nutheads?
Your experience differs from mine. I lived in Atlanta, Georgia for three years, and in that time lost count of the number of times I heard folks complaining first about atheists (who are actually secretly Muslims, one very sincere chap in a grocery store solemnly swore). Not to mention the aforementioned Muslims, and anyone else not deemed sufficiently Christian. Often on the basis of the person in question's dress and/or skin color, I'm sorry to say.
Made me quite happy to leave.
Repeat 9/11 type war starters? Are you daft?
Say someone takes this onto a plane. Then what? Before 9/11, passengers would generally cooperate with a hijacker. Nowadays, that's no longer true. What do you think would happen if someone started waving this single-shot gun around on a plane now? Do you think the passengers would just sit there? If he fired it, do you think the passengers would let him reload? They'd kill him.
In a post-9/11 world, taking this onto a plane would be hazardous to the would-be hijacker's health.
I'm a long-time professional Photoshop user; I started using it for a living with version 1.0.7. I don't mind paying for my tools. Adobe has made rather a lot of money from me over the years.
I stopped at CS5, however, and I won't be upgrading to any cloud-based offerings. Like most small business owners, I don't always work where there's an Internet connection available, and I am not going to bet a client's job my business on my broadband not being down at an inconvenient time.
I am perfectly willing to buy^H^H^H license desktop software that I use to make money, but this? No way. Sorry, Adobe, I've been with you since 1992. No more.
Re: The NRA will love this
"The NRA is sponsored by American citizens....about 98% of their funding is from membership dues."
Do you have a source for that? According to Bloomberg, that's so blatantly untrue that not only are it and the truth not in the same ballpark, they aren't even on the same continent.
"From 2004 to 2010, the group’s revenue from fundraising -- including gifts from gun makers who benefit from its political activism -- grew twice as fast as its income from members’ dues, according to NRA tax returns. [...]
Combined, sources such as fundraising, sales, advertising and royalties produced about $115 million in 2010, just over half the NRA’s $227.8 million in income, according to the group’s tax return. Most of the rest, about $100.5 million, came from membership dues. Other sources included program fees, sales of assets, investment income and subscriptions."
Re: 2 HTC Phones, 2 Buggy Phones
I tried abandoning the Apple ecosystem for Android a couple of years back. Got an HTC Sensation, which was on paper quite a nice phone--big screen, good specs, ability to upgrade with a flash memory card, all things my iPhone 3 lacked.
In the year I had it, it was replaced under warranty twice for the same flaw: first, the GPS would fail, erratically giving me results that were way off (To my knowledge, I've never been to the Middle East, and I'm quite certain I didn't get there by driving down my street!) and then crashing hard whenever I tried to access GPS at all. The second time I brought it in for warranty service, the guy at the phone store told me his Sensation had just been replaced for the same problem the day before.
It also had an unfortunate habit of suddenly and without warning heating up in my pocket until it was nearly too hot to touch. I'd like to think I have hot stuff in my pants, but not malfunctioning tech...
I have no idea if my experience was typical or not, but I know it'll be a cold day in Hell before I buy an HTC phone. (Should that cold day come, maybe I can use it to keep warm.)
"Provides liquidity"
Arbitrage and HFT-type traders hope to make a profit, exploiting tiny variations in a stock's price to make money. This money comes from other folks trading the stock. Since they're pulling profit out of the trades, aren't they technically REMOVING liquidity from the system?
Re: Ah the incompetence of the police.
"If they cant be bothered to solve a crime then they won't, not matter how much of your job you do for them."
To be fair, we don't actually have any direct evidence that this is down to incompetence. There might be other explanations that don't necessarily suggest that the police lack the intelligence or skill to perform their duty. They might be taking kickbacks from local criminal gangs to feign incompetence, for example. We certainly wouldn't want to rush to judgment on their competence!
Re: Hmm...
"I think this is a terrible situation, but a bunch of self elected Internet vigilantes blackmailing police into action is not the way to go."
You're right. Blackmailing the police isn't the way to go; the police doing their job in the first place is the way to go.
When that doesn't happen, though...
Re: Fehu
"No, it probably means the pics are either of not good enough quality to identify anyone or that they do not show conclusive proof of coercion."
Your faith in the competence and willingness of the law is touching.
Re: And who didn't know this?
Indeed. Just yesterday, in fact, I attended a lecture on genomics in which the researcher was making the same depressing claim: the vast quantity of information published in the field is rubbish, unreproducible and just as likely to be the result of statistical error or problems with alignment of sequenced bits of DNA as to actually show any meaningful results.
In one case, he talked about a report on genetic variations in mtDNA that was published in Nature and whose results neatly fell within what you'd expect to see if your alignment of sequenced strands was off.
Re: What's so difficult?
Actually, almost none of the malware link-spam I'm seeing contains links to an executable. More often, the malware link will reference a PHP file, which then looks at the browser user-agent and attempts a drive-by download if it spots a vulnerable Windows browser. More and more often, these links will give you a bogus 404 message if the browser user-agent is a Mac or Linux browser or a modern Windows browser, meaning that many AV firms may not even be seeing them as valid URLs at all.
Another common tactic I've seen is for a link in malware link spam to go to an HTML file that uses JavaScript or the refresh meta tag to redirect you to the actual malware, often through three, four, or even five intermediaries. Again, you can't tell just by looking at the link that the destination is malware.
And of course some URLs go to a compromised site that's hosting the Blackhole or Phoenix exploit kits, which will attempt a number of download techniques based on the browser's user agent, plugins, Java version, or whatever.
Might've shown more courage if they'd've called this version 1.0 rather than 0.6.1. Kids these days just don't know how to commit...
Re: Spamhous must really be hurting those parasites
"@handle - that's not necessarily the case. Spamhaus is the reason I can't use a desktop email server (which I started after an important ISP-server email disappeared into the blue costing me a large wad...with a desktop server, it gets delivered, or you get an error message...either way you know whether it got through)."
No, Spamhaus is not the reason you can't use a desktop email server. Spamhaus doesn't prevent you from doing so; it simply lists your desktop email server for what it is, and other folks choose not to accept email from it.
Let's put the blame where it belongs. It is not Spamhaus' fault you can't do what you want; it's the SPAMMERS' fault you can't do what you want. I'm sure you're 100% legit and would never send unwanted commercial email, but for almost everyone else running desktop email servers--sometimes without their knowledge or consent--that is most decidedly not the case. The collective Internet has finally thrown up its hands and said "enough."
Spammers are why we can't have nice things. Blame them. They're the villains here.
"What's that you say? You've been egregiously violating the law for years, and raking in millions? Well...stop it. Next month. Or you'll get SUCH a fine."
I suppose the idea of...err, actually penalizing these guys for the lawbreaking they've already done is right out the window.
Posted in Fake fingers fool Brazilian biometrics
"What if the fake finger is just a hood you slip over your own finger?"
For even better results, make the hood out of a material that is permeable to natural skin oils. Then you can not only get through biometrics as someone else, you can leave someone else's fingerprints at the scene of the crime!
Any materials scientists in the house?
Posted in France demands Skype register as telco
Re: Skype is a phone company
"As for tracing and interception, if those don't work for Skype then that's where the criminal activity moves to."
Well, sure, if by "criminal activity" you mean "talking." Seems to me that real criminal activity is going to involve goings-on in the real world as well, and there's still plenty of opportunity to nab the crims there.
But of course, defining "criminal activity" as "talking" is certainly...convenient for governments who want to control what people talk about.
Re: nice but is it efficient
"If parachutes are 'big and heavy', why is nobody jumping out of aeroplanes with rocket packs?"
Rocket packs are free if you're already in a rocket, because you...err, use the same ones you done launched with. Don't know too many folks who go skydiving from backpack rocket rigs...
Posted in Honk if the car in front is connected
Re: Can't wait
Personally, I can't wait for the first person to set their passcode to 16309, enabling James Kirk to control their car from his car and lower their shields.
How much extra do you have to pay to remove the automated phone tap built into the gizmo...you know, so that News Corp reporters have access in case you become newsworthy?
So it turns out this rocket engineerng thing is actually pretty hard. Who knew?
Seriously, though, congratulations to SpaceX. I bet there were a few folks having pretty stressful mornings...
Re: nothing like trading in rights you could get yourself
Riiight. The Second Amendment prevents the government from getting out of hand, because the mere thought of Joe in his deerskin cap with his thirty-aught-six slung over his shoulders gives even the most battle-hardened American military commander the heebie-jeebies.
That's why the NRA has diligently protected our rights by weighing in so vigorously against SOPA and PIPA, and why they continue to work so hard to support the values of free speech and expression, oppose CISPA, and support people who promote the open sharing of knowledge...oh, wait.
Okay, so when so I get to call 6 strikes...
...against large hosting companies?
I write a lot of content. I release nearly all of it free under a Creative Commons-like attribute/sharealike license. And you know, about ten or twelve times a year, I find someone lifting big chunks of my stuff and slapping it up on their own web sites without credit, or (worse yet) claiming authorship.
So when do I get to start going after ISPs for hosting pirate content or broadband providers for facilitating copyright infringement? Or is that something you only get to do if you're a gigantic, wealthy media conglomerate? Oh, wait, I think I know the answer to that...
"In my experience, I find Internet dating tends to bring people together from afar. I know of people who have met their ideal match, however their "match" may live in another state or country. The glue that initially holds them together tends to be phone calls and Skype, but, hey it works for them."
I've actually had the opposite experience. I started dating one of my partners, who lived close to me and I'd known socially for a while, because a dating Web site suggested that we'd be a good match. (It was right, by the way. We've een datng for about eight years now.)
On the other hand, I met another of my partners in person rather than on a Web site, and she turned out to be rather a long ways away...I live in Oregon, she liives in London. We met waiting in line for an elevator (or as they say in the language of her people, in a "lift queue") and have been dating for about five years now. I got to see the fair city of London for the first time by gong out to visit her, in fact.
Important travel tip, for those who might follow in my footsteps: Never, ever tell the gentleman at customs "I'm here to see my girlfriend!" when he asks why you're visiting the UK. The resulting conversatioon is as unpleasant as it is long.
"Malware endorsed by a digital certificate is not unprecedented - Stuxnet and Flame were both signed using digital certificates - but the appearance of the same tactic much further down the food chain in more everyday nasties is still very bad news."
Also old news. Signing ordinary run-of-the-mill malware with security certs isn't new. As far back as 2008, there was rogue antivirus scareware being distributed from a network of hacked sites that included a valid code-signing cert issued under the name "Mistland Limited".
It's not hard to get a security certificate. A business license (either belonging to you or stolen from someone else--a quick Google search shows there is a business called "Mistland Limited," apparently a real estate firm in London, whose name was probably used to get the cert without their knowledge) and about five minutes on the phone should do it.
"Franklin, before you start parroting feminist rhetoric, please take a look at my recent Reg post here (it's about 2/3 of the way down the page, under the title "Different Standards") where I discuss the origins and reasons behind the "slut/stud" paradigm in detail."
Your reasons remind me a lot of evolutionary psychology: truthy-sounding rationalizations for cultural norms.
Of course, evo psych is what social scientists point to when they want to say "Man, that's not really science," and honestly, that's what your "explanation" sounds like to me. If men seriously were motivated by a desire not to raise other people's children, they'd castigate male promiscuity as well as female promiscuity; after all, last time I checked, if your wife makes a baby with someone who isn't you, chances are good there's another man involved in the process at some point along the way.
Calling the notion that double standards like this are bad "feminist rhetoric" is equal parts amusing and appalling. I'm always a bit perplexed by folks who seem to think that "feminism" is something bad. In matters not requiring physical possession of a penis or a vagina, folks ought to receive equal treatment and opportunity--is that really such a scary idea?
Yes. Welcome to the sexual double standard.
We still live in a culture where it's cool for guys to have sex, but women who have sex are castigated as "sluts" and "tramps" (which rather brings up the question of who these cool guys are supposed to be having sex WITH). Women who are revealed to have naked pics of themselves face significant social, and in some cases financial, censure; there are still quite a few places in the US where a woman who has naked pics of herself spread about can, for instance, lose her job.
A lot of folks believe the answer is "well, just don't take any naked pics, then!" Seems to me that line of reasoning is basically the realm of people who are fine with double standards. Bit like going into Iran and saying "Well, just wear the burka, then!" The real solution, seems to me, is that if it's OK for men to be sexual, it's OK for women to be sexual too.
Re: The Right to Free Speech
"If you need to hide, you probably shouldn't be saying it."
You can't be serious.
There are a number of legitimate reasons why a person might need to hide his identity while exercising free speech, speech that a government finds embarassing being just one of the more obvious ones.
Re: Hmmmmmm. morality and lawyers.
"Legally, if you don't have an agreement limiting distribution ("Sign here to say you won't upload it to the Web or show it your buddies on the football team...") then you waved all rights,..." [citation needed]
I think you meant to say "waived all rights." And under US law, at least, that statement is not true.
There are both civil and criminal statutes which regulate and in many cases limit what a photographer can do with a photograph of a recognizable person, which vary from state to state (and sometimes with the person--public figures, for example, have a much harder time pursuing a photographer for, say, breach of privacy than private citizens do).
Put very simply, and with full awareness that laws vary: You generally do not need permission to distribute a photograph of a person taken in a public place. You generally DO need permission to distribute a photograph of a person taken in a private place. In addition, there are more restrictions on using a photograph of a person for commercial reasons; this may include, for example, publishing a picture of a person on a pay-for-access Web site or on a Web site that generates revenue from banner ads, even if the photographer is not compensated directly for the photograph. (Laws on this point vary by state.)
There is also a whole can of worms involving defamation. A photograph that is distributed with a caption or text that defames the subject may be illegal even if the photograph by itself would not be.
States may also have "unreasonable intrusion" laws and/or other laws which regulate photography or distribution of photographs taken in private places.
All of this is largely academic, though, because there are clear distinctions between the people who TAKE pictures and the people who PUBLISH pictures. A publisher may be liable for publication of an image containing someone's likeness even if the photographer incurs no legal liability in taking the image. In this particular case, the photographers uploading images are under different legal limitations than the Web site, which is acting as a publisher for those images. It's the responsibility of the publisher of an image, not the photographer, to determine whether or not a particular image can be reproduced without the consent of the subject (a model release). If a photographer provides an image without a release, and the publisher then ends up involved in a lawsuit because the subject claims consent was required to reproduce the image, the publisher, not the photographer, is on the hook. As long as the photographer didn't do something silly like claim he had a release when he didn't, or claim that a release wasn't necessary, it all lands on the publisher.
And that's what this lawsuit is doing--going after the publisher.
Not just phishing sites
I've started to see sites using exploit kits to drop malware that do the same thing, placing a unique code in an emailed URL and returning a 404 if they don't see the correct code. They also will return a 404 if they don't see a windows user-agent string, presumably to slow down security and abuse teams not running windows.
Siri still has a long way to go.
She gets Monty Python references, as evidenced by what happens if you ask her the airspeed velocity of a swallow, but nada on Blade Runner references. I told her "You look down and see a tortoise. It's crawling toward you. You reach down and you flip the tortoise over on its back, Siri" and she abjectly failed to ask me what a tortoise was OR shoot me.
Oh, wait, maybe I should have asked a Nexus phone?
"As far as I recall the Lisa/Mac didn't offer an affordable upgrade or experimenter card slots."
True of the first Macs, not of the Lisa. The Lisa had a card cage next to the motherboard, with (if I recall correctly) three slots. On my machine, one of the slots was occupied, but I don't recall what was in there. (Parallel port, maybe?) I bought an aftermarket SCSI card for the second slot, and used it to connect SCSI devices when the parallel-port Profile hard drive--with its whopping 5 megabyte capacity--started to get a bit flakey. If I remember right (it's been quite a while), the computer couldn't boot from a SCSI drive but it could use them.
Re: Excellent
"As for a LISA being worth almost US$25K, I wonder how many former owners rue junking their LISAs now?"
I junked mine about three years ago when it totally quit working. The motherboard had so much corrosion on the circuit traces that it would no longer even turn on.
I picked it up for $100 in about 1987 or 1988, from a used computer place that said it wasn't working. It turned out that a cable for the video tube had popped off; easy 5-minute fix. It was a Lisa 2/5, with the 5 MB hard drive, and served as my primary computer for about the next four years or so--I replaced the ROMs with Mac XL ROMs and found it ran Mac software quite nicely. (I was running System 6.0.8 at the time.)
Lovely machine. I was sorry when it finally failed for good.
Posted in You're not cool enough for some malware
Yep, I've seen these.
I've also seen the malware pages check the browser user-agent to make sure it's a vulnerable browser and/or the targeted platform.
Visit the site without the validation string that's included in the email link, you see a 404. Visit the site with your browser user-agent set to, say, Linux Firefox, you see a 404. Visit the site with the correct validation string and your browser user-agent set to IE 7, you get a drive-by download attempt.
Re: What did I just read?
"Those posts bring up visions in my mind of usability labs where developers bring in their girlfriends to do the testing."
I could bring in my girlfriend, but she's a Ph.D. student working as a Linux developer in a lab that's doing computational modeling of the human brain, so that might not be the best possible test case...
Someone downvoted space elevators? Must be a bloke from Virgin Galactic. A space elevator would drive a stake in the heart of their "get gazillionaires to pay a jillion dollars for a brief suborbital trip" business model...
Now, son...
Now son, go clean your room or I will take away your favorite toy...and SEND IT INTO SPAAAACE!
(Actually, now that I think about it, I think I would have been a lot more motivated as a kid if my parents had said "Son, if you clean your room, we'll take your favorite toy and send it into space!")
Re: Hacked
Just don't read the comments. Dear lord.
A bit ironic, really.
One of my sweeties has a We-Vibe, and the one complaint we have about it is the user interface is rubbish.
It's got a single button, buried in the tip under the silicone, that's very difficult to press to turn it on and off. Worse, the vibrator has, like, 15 speeds and patterns...and you have to push the button repeatedly to cycle through them. Once it's on, you can't turn it off without cycling through all the patterns.
If this is an example of the state of the art in vibrator UIs, the vibrator is still pre-Windows 98...
Re: Luckily 25,000 signatures required
Not to worry. I'm sure someone will release a tool soon enough that lets Anonymous use a bonnet to sign the petition tens of thousands of times per second from large numbers of different IP addresses...
Re: The benefits still outweigh the negative...if only clear lenses are used.
"On a side not....this kind of "CHIPPING" for children (those who are truly loved) would be most helpful in the case of a child gone missing or kidnapped."
If they start chipping kids in order to prevent kidnapping, I hope the chips are placed in an obvious and conspicuous location. You know, to prevent the kidnappers from having to do too much exploratory surgery when they dig the chips out with a pocket knife. (Seriously, who thinks that chipping kids would deter kidnapping?)
Re: About what I'd expect, really
The lowest bidder is still informed of the requirements...which likely don't mention security at all. It's amazing (and depressing) how many job specifications I've seen that don't say boo about security requirements...often from clients who really ought to know better.
About what I'd expect, really
Writing code in PHP is easy. Writing secure code is harder. Government departments hire the lowest bidder, who probably doesn't even think about security, much less know security best practices. If you put in a higher bid because your proposal considers security, well...let's just say you'll likely be disappointed in the outcome.
Re: SEC
So you pay bribes to win $54M worth of business, and pay a $10M fine? Not bad, especially if you can simply include the cost of the fine in the markup on your kit. (Is there an accounting column for "fines paid for illegal practices" in the "total cost of goods" spreadsheet?)
Re: More retarded nonsense. And CIA under Barack Hussein Obama orders behind it!
Well, at least the title of your post is truth in advertising. "More retarded nonsense" indeed.
Re: Shame it doesn't work
"Whilst I don't buy into their central claim that HTML5 is currently in a fit state to supplant native apps (just check out the recommended Android version), it's nice that they've gone to all this trouble to crawl along the bleeding edge and document (albeit subjectively) their findings. The code is open to inspection, at least on the client side."
My own personal takeaway from this experiment is twofold:
1. HTML5 really isn't quite ready for prime time, at least not without a lot of back-end massaging of the data you send to an HTML5 app; and
2. Notwithstanding point (1) above, Facebook's HTML5 developers are a bit rubbish.
Well, I suppose backing down is better than the North Korea approach (close the borders, plant mines, start a nuclear program). So they'll instead die a slow death of attrition, I reckon. It never ceases to amaze me how many social networking sites don't seem to understand how easy it is to lose their userbase's trust and how hard it is to get it back again.
