Feeds

* Posts by Franklin

524 posts • joined 17 May 2007

Page:

Obama allows NSA to exploit 0-days: report

Franklin

You know what would be cool?

If the Federal government created a large, well-funded organization designed to safeguard the computer and communications infrastructure so vital to the nation's economy, perhaps by discovering flaws in commercially important cryptographic systems and...

Oh, wait.

5
0

Apple is IMMUNE from Heartbleed, it says. But don't check if it's true

Franklin

Re: Apple is misleading

"For example, is Safari vulnerable ? So if a apple or windows browser visits a malicious web site can data be stolen from the machine visiting the server. Heartbleed works on clients too."

If you're using a Web browser to browse to a secure site, the security of the connection depends on the version of SSL running server-side. If some banking site somewhere is vulnerable, that's not Apple's fault, seems to me.

Yes, anyone connecting to a vulnerable server is at risk. Apple hasn't said otherwise; what they said was "IOS and OS X never incorporated the vulnerable software and key Web-based services were not affected," which as near as I can tell seems to be true. (Mavericks, for instance, ships with OpenSSL 0.9.8y.)

0
0

Organic food: Pricey, not particularly healthy, won't save you from cancer

Franklin

Re: Luxury item

"The organic movement contains an awful lot of people who think organic=natural=Good whereas using modern pesticides in agriculture=unnatural=Poison, irrespective of the effects/evidence."

Indeed. And rather a lot of those folks don't know that organic food is often grown with pesticides, or if they do, assume for some bizarre reason that "natural" pesticides must be less poisonous than "synthetic" pesticides.

There's a wide range of pesticides used by "organic" growers, ranging from pyrethrins to copper sulfate. You really, really don't want to eat any of those pesticides--in many cases, they're more toxic than synthetics.

6
2
Franklin

Re: 1 in 10 reasons probably invalid, so all invalid?

"And saying that it "won't save you from cancer" is a straw man. No-one has ever claimed that."

Actually, lots and lots (and lots and LOTS and lots) of organic food proponents do indeed say that organic food will protect you from cancer. Do a Google search for organic food cancer and see for yourself. Pay attention to the claims you'll find on undergroundhealth.com, diseaseproof.com (which gets extremely specific--not only does it say that organic foods will protect you from cancer, it even specifies what varieties of cancer it claims are "caused" by "non-organic" foods), or any site at all that mentions "Max Gerson," the poster child of the organic food "non-organic=cancer" crowd. Hell, you'll even find personal stories on huffingtonpost.com of people claiming organic food smoothies "cured" their cancer.

So don't call it a straw-man argument. It's not. Rather a lot of folks make exactly that claim.

6
1

I QUIT: Mozilla's anti-gay-marriage Brendan Eich leaps out of door

Franklin

Re: Animals

"Sorry, either you agree with free speech and democracy, or you don't. If you do, you have to accept others will hold views you don't like."

I accept that he has views I don't like. That's a bit different from trying to have his views enshrined into law, but that's a quibble--if you don't see the distinction, it's not really worth going into.

He has the right to have views I don't like. I have the right to choose what Web browser I use and what companies I patronize.

It seems strange to me that folks who support his right to his views, don't seem to support my right not to patronize companies whose views I don't like. We all have the right to hold our ideas...but Mozilla doesn't have a right to expect me to use their products!

I don't quite understand the ideal that says people who run a company have a right to whatever views they have but their customers don't have a right to take their custom elsewhere.

11
4

IBM PCjr STRIPPED BARE: We tear down the machine Big Blue would rather you forgot

Franklin

Ugly, sure, but still more attractive than the PS/2.

I remember when the first PS/2s came out. A friend and I had been reading about them, so when they showed up at the local computer store, we went 'round to have a look.

The pictures in the magazines didn't do justice to how ugly they were. Stunningly ugly. So ugly that the first time you laid eyes on one, you were apt to rock back on your heels and wail "what hath God wrought?" in your best William Shatner voice.

So we went down to check them out. When my friend had recovered the power of speech after being nailed square between the eyes by the ugly, he commented it looked like the business end of a ventilation device for outhouses. "Well, form follows function," I said. The salesperson showing us the wares ducked behind the shelf and broke up laughing.

To this day, I still can't rightly comprehend the enormity if the fact that someone made them look that way on purpose.

1
1
Franklin

Re: oscilloscope

A logic tester? Luxury! We had an LED with a resistor soldered to one leg. You'd hokd the resistor against the ground pin, touch the other leg to the pin or trace you were interested in, and see if it lit up.

9
0

GRAV WAVE TSUNAMI boffinry BONANZA – the aftershock of the universe's Big Bang

Franklin

Re: "expansion of space briefly exceeded the speed of light "

One quick and dirty way that gets the idea across, if crudely, is "space was unfolding so fast that objects in space would seem to recede from each other at greater than the speed of light." If, you know, there were "objects" during the inflationary period (which there weren't) or you could see them (which you couldn't).

6
0

NSA's TURBINE robot can pump 'malware into MILLIONS of PCs'

Franklin

"signals intelligence shall be collected exclusively where there is a foreign intelligence or counterintelligence purpose to support national and departmental missions..."

...and it's convenient, though not necessary, when the department's missions align with the nation's.

3
0

Twitter blew $36m on patents to avoid death by lethal injunction

Franklin
Mushroom

"Nice IPO you got there. Would be a shame if something happened to it."

21
0

Even HTTPS can leak your PRIVATE browsing

Franklin

"[A]s the authors note, the attacker has to be able to visit the same Web pages as the target, and has to be able to capture the victim's traffic."

So the NSA, basically.

3
0

'No representation without taxation!' urges venerable tech VC

Franklin

Re: New Barbarian Manifesto

"His point was very simple. If the number of voters consuming government money outnumber the people providing government money, then Democracy will fail. Consumers of government money have no stake in the productive side of the economy, they will simply vote themselves more and more benefits..."

How does he explain corporations voting themselves corporate welfare and tax breaks, I wonder? We talk about the poor consuming government money, but we don't talk about all the corporations doing the same.

Well, some folks do, I reckon, but it's always "they DESERVE that government money, because they MAKE JOBS!" Never mind, of course, that they aren't making jobs as an act of charity--they're making jobs because they have to in order to make more money.

2
0
Franklin

Re: We get into problems when.....

"Pretty soon the "wealthy" don't want to be "wealthy" much more and join the majority who just want to feed at the trough."

Riiiiight. Well, I guess that explains the long lines of rich people burning all their money so they can become poor and feed at the trough, then. I was wondering about that.

6
0

Apple cash stash dash results in Icahn v CalPERS bitchfight

Franklin

To me it reads a bit like "Hi there, I'm Mr. Icahn, and I see you have a pot of money. I would like to transfer your pot of money into my pockets please. Oh, look, there's another company with a pot of money! Hi there, I'm Mr. Icahn, and I see you have a pot of money. I would like to transfer your pot of money into my pockets please."

Amazing that folks can make a living doing that.

17
0

Windows 8.1 becomes world's fourth-most-popular desktop OS

Franklin

What's even scarier is the number of cash registers I see running Windows XP. And last month I went to a movie theater and about midway through ending credits, the glorious 4K digital projection stopped suddenly, and was replaced with a Windows XP desktop showing a plain white background and the message "Active Desktop Recovery. Microsoft Windows has experienced an unexpected error. As a precaution, your Active Desktop has been turned off" with a "restore" button and a bunch of troubleshooting info.

12
1

Prof Stephen Hawking: 'There are NO black holes' – they're GREY!

Franklin

Re: How could we have been so stupid?

For every complex problem there is an answer that is clear, simple, and wrong.

The universe isn't under any obligation to be simple, beautiful, or even comprehensible to us. In fact, given that we live in a relatively large world of things moving relatively slowly with respect to each other, it's just about guaranteed that there are bits of the universe which absolutely won't be intuitively obvious, and will vigorously defy attempts to make them seem simple and elegant to us.

Complex theories are complex because when we test simple theories, they usually don't match reality.

9
0
Franklin

Re: "I know absolutely nothing about the black holes...

"its also entirely possible that they've all been coming up with utter twaddle in order to sell impenetrable books to the facebookwits.."

I think you have Dr. Hawking confused with Deepak Chopra.

15
1

EE BrightBox routers can be hacked 'by simple copy/paste operation'

Franklin

Welcome to embedded systems programming...

...where security is something we've heard of.

1
1

CryptoLocker creeps lure victims with fake Adobe, Microsoft activation codes

Franklin

It's not just P2P. I received a text message yesterday on my phone advertising "free Microsoft Office" and a URL, which I knew instantly had to be either a phish or malware. Visited the site (from a disposable *nix VM, naturally), and yup, shore 'nuf, it downloaded Cryptolocker. No surprise there.

The advertising it via text messages is new, though.

1
0

Slurp away, NSA: Mass phone data collection IS legal, rules federal judge

Franklin

Re: Boo Hoo

"The sheeple should be glad the NSA has their back"

And their front, and up their skirts, too, I reckon.

This "sheeple" is literate enough to understand that the risk of terrorism is far less than the risk of being hit by a drunk driver, but we don't use that as an excuse to let the police track every sale and use of alcohol that goes on in the country, nor to eavesdrop on every dinner table throughout the land.

3
0

You gotta fight for your copyright ... Beastie Boys sue toymaker over TV ad

Franklin

In the US, parody is still permissible use even if the parody is for profit (see the novel "The Wind Done Gone") or for advertising (see the Leslie Nielsen parody of the Energizer Bunny in TV ads for Coors beer).

The US parody exception to copyright law is VERY broad, and is not Invalidated just because the parody is used for advertising or marketing.

Of course, there's a lovely bit of irony here; the Beastie Boys copied the melody from that particular song from another song, and prevailed on "fair use" grounds.

0
0

Supreme Court can't find barge pole long enough to touch NSA lawsuit

Franklin

The Supreme Court will no longer be of any concern to us. I have just received word that the NSA has dissolved the court permanently. The last remnants of the Old Republic have been swept away forever.

7
0

Hey, is that CSI: Hackers on TV? Oh, it's Microsoft's Cybercrime Center

Franklin
Mushroom

Cue embarassing Stuxnet infection of Microsoft's cybercrime center in 3...2...1...

5
0

Justin BIEBER ploughs cash into NaaS: NARCISSISM-as-a-Service

Franklin
Pint

Kids these days...

Always taking pictures of themselves and flinging 'em about. Not like in MY time, when taking a selfie meant paying someone to paint it on canvas while we sat very still for hours...

2
0

World's first 3D-printed metal gun 'more accurate' than factory-built cousin

Franklin

Re: Danger Will Robinson

"But we also need some way to ensure that our liberties are kept intact."

Might be too late for that one already.

3
0

Dell goes private: Stock ceases trading, now Big Mike's baby once again

Franklin

He didn't just liquidate the company and return the money to the shareholders?

2
1

Does Apple make you puke? Take this iOS 7.0.3 update with your tablets

Franklin

Re: Another bug fix ....

As it turns out, writing operating systems is actually hard.

20
1

It's NOT an iPad - but that's FINE: I learned to LOVE Microsoft's Surface 2

Franklin

"What I possibly want is a Nexus 10 that can become a second screen to a Chromebook, or maybe an iPadBetter that can become a second screen to a MacBook."

Well, at least the second screen bit is covered: https://itunes.apple.com/us/app/iscreen/id379944104?mt=8

1
1

You like iPads, you like things called 'Air'. You will LOVE this puppy

Franklin

Re: A thinner tabler is that it, how robust, it will need a bulky case????

One might, if one were to be a bit pedantic, suggest that moving from a 32-bit processor to a 64-bit processor is something that qualifies as a bit more than an "incremental" upgrade.

But far be it from me to be that pedant. Carry on!

6
12

If there's somethin' strange in your network 'hood. Who y'gonna call? Google's DDoS-busters

Franklin

Re: Is Cloudfare under the NSA too?

Cloudflare has ten data centers in the US and is incorporated as a US corporation. It's headquartered in San Francisco, CA. Does that answer your question?

1
0
Franklin

CloudFlare offers a free DDoS mitigation service that, Prince says, "provides at least equivalent DDoS protection to what Google is offering."

CloudFlare has one big competitive advantage over its DDoS-mitigation rivals that significantly boosts its desirability in some markets: It is spam-friendly and willing to host DDoS-proof spam sites for large-scale spammers.

Past and present Cloudflare customers like spamvertised "make money fast" Ponzi scheme site oriscashsystem and carding and malware forums like Cpro can attest to CloudFlare's technical proficiency, DDoS mitigation, and willingness to turn a blind eye to abuse. This will, as the market for DDoS mitigation becomes increasingly competitive, no doubt give Cloudflare a significant marketable edge.

0
0

Snap-happy blogger babe posts catcalling blokes' mugshots online

Franklin

Re: There are far worse things than being cat-called

"Aw come on now. If a bloke gets all dressed up he's out on the pull, to impress the ladies and he doesn't mind saying so. If a woman gets dressed up it's to "make her feel good about herself"??? What complete nonsense, she's out to get noticed..."

The fact that a woman might be dressing up for someone else--her boyfriends, say--doesn't mean she's dressing up FOR YOU.

"The human race would die out if it were left to all you PC hippies, too afraid to call a spade a spade and make the first move just in case you caused offence by daring to talk to a member of the opposite sex."

Not at all. It's not hard (well, it's not hard for people with working social skills) to tell whether or not someone is willing to have you make the first move.

Consent is sexy. Try it some time. You might be surprised how well it works.

4
1

Whodathunkit? Media barons slit own throats in anti-freetard crackdowns

Franklin

"Our industry is working hard to bring content to audiences when they want it, where they want it, but content theft is a complex problem that requires comprehensive, voluntary solutions from all stakeholders involved."

Seems to me, judging from how the Motion Picture Ass. of America and the Recording Industry Ass. of America have operated thus far, that should read "Our industry is working hard to bring content to audiences when we want it, where we want it, but content theft is a complex problem that requires crushing anyone who dares want media on their terms rather than ours." Or am I being cynical?

9
0

Web.com DNS hijack: How hacktivists went on a mass web joyride spree

Franklin

Wait, what?

People still use Network Solutions as their domain registrar?

0
0

Apple's new non-feline Mac operating system, OS X Mavericks, ready to go

Franklin

Re: Worthwhile Features?

"Compressed memory? App Nap? These sound like ways of making a machine slower."

Compressed memory is used as a strategy to avoid page swapping for VM, so it actually makes the machine faster. The computational cost of doing the compression/decompression is significantly smaller than the I/O cost of making the slow, expensive trip out to hard drive storage.

7
0

Apple iOS 7 makes some users literally SICK. As in puking, not upset

Franklin

Re: A split personality release

I'm glad I'm not the only one who thought so.

iOS 7 can't seem to make up its mind. In some ways, they've cleaned up and de-cluttered the user interface. The new alert dialogs are less intrusive than the old ones, the new Safari feels a lot more streamlined and keeps the user interface out of my way, the new lock screen makes entering a passcode a whole lot easier...

...and then they added garishly colored icons and a whole lot of animated effects that really don't add to the user interface in any meaningful way I can tell.

What one hand giveth, the other hand taketh away.

8
1

Apple Maps directs drivers INTO path of ONCOMING PLANES

Franklin

Re: Highway to heaven...

"While it's tempting to have a go at Apple Maps, the real problem here is the airport security."

That was my first thought. Who attaches a runway to a public road? What person thought that made sense?

There's a little town in Oregon that has a small general aviation airfield next to a Chinese restaurant, so the enterprising owners of the restaurant extended a taxiway into their parking lot and provide small aircraft tie-downs in said parking lot. Makes flying into town for a bit of take-out easy, I suppose, but I still question the wisdom of connecting runways to roads.

0
0

Regretful selfie-snapping vixens, lads to get shame-hiding digital burqas

Franklin

Re: Pointless

"If you are ashamed of your behavior and don't want it photographed maybe you should just not behave that way in public?"

Ah, right. If you're not doing anything wrong, you don't need to worry about who's watching you, eh?

There are things that people can do in public here in the US that are not shameful but that employers can definitely get upset about. We live in a wannabe theocracy where corporations are considered people, remember?

Obligatory XKCD: http://xkcd.com/137/

0
0
Franklin

Re: Why should an individual's private life influence whether or not an employer should hire them?

"It depends on whether they were legally allowed to smoke a joint when the picture was taken. If they weren't, then you can rightfully expect them to break any other law..."

...because if you've broken one law you'll break any?

Ever get a speeding ticket? I hear speeding is a gateway to embezzlement, murder, larceny, mugging, and Sabbath-breaking.

2
0

Google fluffs DEATH DEFEATING startup Calico

Franklin

Re: Don't we live too long already?

"have the decency to hop off the mortal coil and let someone else have a go."

Why--because potential people are somehow worth more than actual people who are already here?

2
1

You thought slinging Photoshop into the cloud would fail? Look who's laughing NOW

Franklin

Re: Cloud based

"Which in case you have not noticed; is what this whole cloud exercise is all about."

Because why pay once and own it forever, when you can pay over and over and over and over again?

3
0

Paypal not sure if its bargepole is long enough for crowdfunding

Franklin

Re: Very strange

"Crowdfunding is very strange and questionable."

Quite the opposite. Crowdfunding is a way to break the monopoly of wealthy businesses.

There are many businesses--the book publishing industry and the music recording industry come to mind--that have made being a content producer a sucker's game. It's difficult for many people to write, edit, print, and distribute a book, or record an album, by themselves. Sure, you can do a lot of it for little or no money, but to get professional editing, or design, or sound engineering? That (for most folks) costs.

The publishers know it, so they are able to charge extortionate rates, screw the content producers on royalties, and just generally be evil as hell, because until recently there was no other game in town.

Now, things are changing. Print on demand, online distribution, and--yes--crowdfunding are all parts of the process that's taking control of these industries out of the hands of big, moneyed corporations and putting that control back in reach of individuals.

And that's a good thing, I say.

3
0

ATTACK of the ROBOT BANKERS brings stock market to its knees

Franklin

"The other mystery is why the exchanges (or governments or regulartory bodies) don't put a stop to it..."

No mystery there. Where do you think the governments, regulatory bodies, and so on get their money from? Who do you think they're answerable to?

1
0

David Attenborough warns that humans have stopped evolving

Franklin

This is what happens when people who aren't evolutionary biologists try to talk about evolutionary biology.

The normal lay view of natural selection--the "survival of the fittest" model where only the most 'fit' individuals in a community survive to reproduce--is oversimplified to the point of being flat-out wrong.

Evolution only needs three things to operate:

1. There are differences, however small, between different individuals in a population;

2. Those differences are heritable; and

3. Those differences have some impact, however small, on the likelihood that an individual will reproduce.

Humans still have all three. There are still heritable differences between individuals that affect, even if it's only to a tiny degree, the odds that we will reproduce. Whether it's a gene that makes it just slightly more likely that we will have asthma, and having asthma makes it just slightly more likely that we either won't reproduce or will choose not to reproduce, or if it's a gene that has just a tiny effect on our immunity to disease...anything, even if it only has a small chance of affecting reproduction, matters.

The number of studies demonstrating evolutionary processes at work in humans is too long to bother listing completely, but here are a few:

http://www.livescience.com/19993-humans-evolving-natural-selection.html

http://www.sciencedaily.com/releases/2009/10/091019162933.htm

http://www.nature.com/embor/journal/v9/n1s/full/embor200863.html

http://phys.org/news/2011-10-humans-evolving.html

3
1

Microsoft to unveil new Surface slabs at September 23 event

Franklin

There should be a few surprises in sotre, I imagine. Maybe the new Surface tablets will come with a free Zune MP3 player, along with new software to sync to your Kin phone!

7
0

Google goes dark for 2 minutes, kills 40% of world's net traffic

Franklin

Sorry, my bad.

I did a Google search for "You reach down and flip the tortoise over on its back. Why aren't you helping?"

0
0

Publishers stand behind Apple in ebook price-fixing fight

Franklin

They do have a point, kinda, in that this is a business model that's used many times in many industries.

For example, if you buy a car from a dealership, the car manufacturer may have agreements in place with the dealership specifying a minimum price below which the dealer can't go. Same with a bunch of other industries.

Not saying that's good. Just the opposite, in fact; I wish the DOJ would pursue vertical price-fixing in other industries as aggressively as it's pursuing this. Price fixing on an ebook might cost me three dollars; price fixing on a car will likely cost me hundreds, or even thousands.

3
1

Blogs with 'weakest of the weak' passwords hijacked for bot army

Franklin
Mushroom

The purpose of this attack, as near as I can tell, is to serve up the W32/Kuluoz malware from compromised sites.

The attack comes in stages:

1. Launch a brute-force password-guessing attack on Joomla and Wordpress sites;

2. Deposit a malicious backdoor script on the hacked site;

3. Install a file, nowadays usually but not always named "main.php" (earlier versions of the attack used different script names) on the compromised sites. On WordPress sites, it may be installed on the root level of the site, in the /images folder, or in a folder called /img; on Joomla sites, it is often placed at the root level of the site or in the /components directory;

4. Send out spam emails directing marks to the location of the main.php script, usually disguised as DHL or Fedex notifications.

The main.php script is interesting. It checks the browser's user agent when a visitor arrives, and some variants appear to check the IP address against a blacklist as well.

If it sees a vulnerable Windows user agent string, it downloads the W32/Kuluoz malware using a number of different drive-by download exploits.

If it doesn't see a vulnerable user agent string (or if the IP address is blacklisted), early versions presented a phony 404 error page. This error page was generated by the script and looked different from the site's true 404 error page.

More recent versions of the script, which I've seen in the past few weeks, do an internal redirect to a real 404 error page, making them more difficult to detect.

I've written extensively about this attack and the apparent link between the WP/Joomla brute-force hacking and the Kuluoz malware downloaders on my blog:

http://tacit.livejournal.com/580719.html

The attack has been tweaked and modified several times--the earliest versions tried to dupe marks with spam emails pretending to be airline flight confirmations, for instance. It has also scaled rapidly as the attacks on weak WP and Joomla passwords has scaled. In some cases, I have seen ISPs remove the malware script, only to see it reappear a few days later--suggesting that either the passwords haven't been changed or the backdoor scripts are still on the compromised servers.

0
0

Infosec analysts back away from 'Feds attacked Tor' theory

Franklin
Devil

Cue "The NSA got to the infosec researchers!" conspiracy theories in 3... 2... 1...

7
0

Police probe IDIOTIC Twitter bomb threats slung at journalists

Franklin
Thumb Down

Re: I wonder what these people get from threatening people

"By getting some fembot to create an anonymous bomb threat, the women's rights outfit, get to ask for more funding."

Riiiiiight. Because a conspiracy is so much more plausible than a bunch of losers actually sending rape threats.

Actually, now that I think about it, that would be a nice world to live in, wouldn't it? I wonder what color the sky is in that world.

2
1

Page: