* Posts by A Known Coward

145 posts • joined 11 Dec 2009

Page:

Don't panic, US Navy has only deployed a ROBOT SHARK (but where are the lasers?)

A Known Coward

... also because Sharks will naturally swim very close to land (litoral waters), at or near the surface of the water in addition to deeper waters further from the coast - all required for that essential surveillance role. Seeing a Tuna swimming just off a beach or within a harbour would immediately look out of place. Their characteristic fin projects above the water for extended periods, perfect for a camera to grab clear unobstructed shots.

A shark is large enough to carry all the equipment and batteries, but not so large that it can't slip through, or around anti-submarine and anti-torpedo nets.

They could have chosen a dolphin, but that is itself problematic as navies around the world have been training Dolphins to carry out surveillance and plant mines for decades. A lone dolphin swimming around your military vessels and ports would warrant close scrutiny.

0
0

Chrome devs hatch plan to mark all HTTP traffic insecure

A Known Coward

Re: HTTPS is also about privacy

"Well, https doesn't encrypt URLs, for one thing. So a snooper can see (the URL of) all pages you visit using https, even if they can't see the content."

As Raumkraut said, that's incorrect. The path and query string are only sent to the server after the secure connection has been established. Perhaps you should reconsider that down-vote?

0
0
A Known Coward

Re: I'd consider "broken HTTPS" far more insecure than HTTP

"the world+dog needs to fix the massive hole that is SSL certificate issuing."

The solution you're looking for exists and is in use already, it's called certificate pinning. It's not a perfect solution, but the situation isn't nearly as bad you as make out.

Furthermore you seem to be arguing that we shouldn't bother locking the front door unless we also put bars on the windows and install an alarm system. There will always be those with the resources to bypass any security, but that doesn't mean we should just give up and let everyone have access to our data.

1
0
A Known Coward

No cost involved

FFS - No. No experts are required, no cost at all. Go look at the Let's Encrypt (https://letsencrypt.org/) project. Those small sites are almost universally on shared hosting packages which will offer one-click setup via CPanel (or equivalent), most will probably set it up by default.

Please stop the uninformed hysteria. I feel like I've walked into the twilight zone with all the opposition being expressed to the idea of bringing the very security and privacy to internet connections which should have been there from the start.

1
5
A Known Coward

"Think of the children" == Godwin's Law

Think of the children, screw the rest of us.

If you think those school children aren't smarter than you, and haven't already found ways around your filters then you're wrong.

4
1
A Known Coward

Re: Time to buy stock in VeriSign/Symantec

Considering the EFF is launching an entirely free, automated CA in 2015 there will be no potential for existings CAs to cash in.

4
1
A Known Coward

You no longer need a unique IP to get an SSL certificate. That's what SNI is for.

4
0

Swiss McDonalds serves up no-holes-barred cheesy action to punters

A Known Coward

Re: And that's the news from Switzerland...

Yes I have been to Switzerland, more than once. No I've not been to Lugano, although I was in Locarno this summer.

The Wikipedia page on Lugano seems to support my case - https://en.wikipedia.org/wiki/Lugano#mediaviewer/File:BancadelGottardo(Botta).JPG

https://en.wikipedia.org/wiki/Lugano#mediaviewer/File:SNV_San_Gottardo_02.jpg

While I grant that down on the lakes there's a definite Italian influence to some of the older buildings, I stick by my description of the newer stuff as "concrete boxes".

Just travel a couple of miles down the Lakes into Italy and the contrast in the towns couldn't be greater.

The Swiss mountain villages are an entirely different matter, those are incredibly pretty. Once you get to the towns of any significant population though ...

2
1
A Known Coward

Re: And that's the news from Siwtzerland...

Switzerland is indeed in the running for the most boring country in the world. Even their towns and cities are spectacularly dull, grey seas of bland concrete boxes.

2
3

QEMU, FFMPEG guru unleashes JPEG-slaying graphics compressor

A Known Coward

PNG Killer?

Only if the file sizes and decompression speed are better than PNG, I can't find any comparisons on their website.

0
0
A Known Coward

Re: It's probably not what the web needs urgently...

Sorry but I'm going to keep using PNGs for my GUIs, after all to actually display them they all need decompressing to bitmaps at which point they consume identical amounts of memory. Anyone who uses JPEG for a GUI is just sacrificing fidelity for the sake of saving a small amount of disk space.

It will be interesting to see how well the lossless option of BPG works in comparison to PNG. I note that's not one of the comparisons they do on the website.

0
0

El Reg Redesign - leave your comment here.

A Known Coward

What's it supposed to look it?

Can we have some screenshots of what it's supposed to look like? I very much doubt it's exactly what I'm seeing, because that looks like something from over a decade ago, low res, sparse and hard on the eyes, but who knows?

What's immediately apparent is that there is no anti-aliasing on any of the text (was fine before). This is in Opera 26 (Chromium) on linux.

8
0

Magnifico! Galileo satellite nudged back into correct orbit

A Known Coward

Re: How long before we see more ion engines?

Ion engines aren't THAT slow. The Dawn probe has been zipping around the solar system on it's ION engines since it's launch in 2007. After a year of studying Vesta in 2011, it set course for Ceres and is due to arrive in 2015. By comparison to that journey, a small orbit change for a satellite is nothing.

0
0

IETF takes rifle off wall, grabs RC4 cipher's collar, goes behind shed

A Known Coward

Re: Well, hell, what's left?

Right, AES_GCM or Camellia, with ECDHE is what everyone should be using.

Running your site through https://www.ssllabs.com/ssltest/index.html is always a good idea. Anything less than an A is a poor performance. A+ is possible without making any compromise except for excluding IE6 and some combinations of XP + IE8.

1
0
A Known Coward

Re: Well, hell, what's left?

The advantage of DHE based ciphers is forward secrecy* which has got to be a Good Thing™?

* https://en.wikipedia.org/wiki/Forward_secrecy

In fact I wouldn't want to use any Payment/Banking system which didn't support cutting edge security. Unfortunately the PCI requirements are updated so slowly that they are out of date by the time they are published.

My online banking (Barclays) security is a joke. RC4, no forward secrecy, no strict transport security headers, sha1 signatures, no stapling, no TLS fallback prevention, ssl v3 still supported ...

0
0

Intel buys Canadian ID-wrangler PasswordBox

A Known Coward

Only 26 passwords?

I'm cynical about the sample size of that survey if the average was that low ...

0
0

What's MISSING on Amazon Fire Phone... and why it WON'T set the world alight

A Known Coward

Re: $50 and a month of Prime

I'd assume this is pretty standard for all companies giving devices which depend heavily on paid content to reviewers. Are they expected to spend their own money buying content to test the device. The Fire Phone (and iphone), but particularly the Fire phone, is all about purchasing apps, books, music and watching subscription videos from Amazon, how can you really review them without doing those things?

1
0

Technology quiz reveals that nobody including quiz drafters knows anything about IT

A Known Coward

9/12

I don't use twitter, why is knowing the character limit important and who cares?

Who the hell is Sheryl Sandberg? Internet leader?? Non-entity more like.

Again, I don't use Facebook, I don't care about Facebook or it's history. I saw "The Social Network" but I guess it was a forgettable film as I don't remember much about it.

The iPhone answer was just a lucky guess. What does that have to do with the the 'Web'?

So does that make me an internet ingnoramous? I mean I'm apparently one of just 9% who used Mosaic in the early nineties, but I know less about the internet and WWW than someone whose total experience comes from the Twitter and Facebook apps on their iPhone?

Where are the real questions? These are just trivial fluff.

2
0
A Known Coward

Re: question 4

No

0
0

Suffering satellites! Goonhilly's ARTHUR REBORN for SPAAAACE

A Known Coward

@Gavin

The other way around surely?

I think it was the early 90s when I visited. I seem to recall the visitors centre being moderately interesting, but the dishes were the main attraction. I was lucky though, I grew up close to Jodrell Bank and saw those dishes regularly and they dwarf 'Arthur'. The Lovell telescope is three times larger.

1
0

Mysterious BEAM outside London Googleplex ZAPPED

A Known Coward

Damaged high voltage cable?

It's the obvious answer, surely?

The electrician helpfully noted that those cables are normally shielded, but if they've been damaged then that shielding is compromised. London is experiencing a lot of problems with underground power cables lately, with multiple explosions as water gets into damage connections. This would then explain why they are now digging up the street and why they turned off power to the street while doing the work.

1
0

Androids in celluloid – which machine deserves the ULTIMATE MOVIE ROBOT title?

A Known Coward

Marvin - Remember it's film version, not the book, radio or TV version

I see an early surge in votes for Marvin, but I'm sure most of those are people thinking of the alternate, non-film, versions of Marvin. IMHO while Marvin was the best bit of the film, that's really not saying much ...

12
2

You'll go APE for our new Gorilla Glass 4, Corning reckons

A Known Coward

Re: Just a thought

Assuming you are doing more than 30mph, an airbag alone won't save you from potential lethal injury. If you don't believe me google it, there are a few youtube videos showing the result of no seatbelt + airbag, plus the odd article/paper on the subject. All airbags are designed to work in conjunction with a seatbelt, not as an alternative to wearing one.

Assuming you don't sustain a head injury, there's a high risk of neck, back and leg injury as you slide off your seat and into the footwell, something that's only made more likely because of the airbag.

e.g. https://www.youtube.com/watch?v=AEkV70Pl5c8

0
0
A Known Coward

Re: Just a thought

The only way you'd hit the windscreen is if you weren't wearing a seatbelt, and if you're not wearing a seatbelt and the airbag fires you're likely to die anyway.

1
0

Kindle, meet my partner. Darling, play nice with Kindle, please

A Known Coward

Re: Xerox, anyone?

> This seems like a compelling argument... until you remember that the basic human nature would prevent 99.999% of those who paid $8.95 for it from mass-producing them and giving them away for free.

Yes, but then it only takes 1 person to put a drm stripped copy on bittorrent from which a hundred thousand (or more) copies are made. While basic human nature makes us less likely to give something away free when we've paid for it, it also means we are less likely to pay for something that can be had for free.

1
0

Mastercard and Visa to ERADICATE password authentication

A Known Coward

Re: Stop with the mobile requirement already

Forgive me, but if you're in $FOREIGN_COUNTRY you're not going to be shopping online much are you? Services are a bit different, but it still seems like you're being a bit pedantic.

I'm not really in favour of using phones for 2FA either, but the original posters comment about a PAYG sim being a 'rip off' just seems like complete rubbish. It's only expensive if you use it a lot, but the original poster clearly wouldn't use it very much since they manage to get by without a phone at all.

0
3
A Known Coward

Re: Stop with the mobile requirement already

How is a free PAYG sim from Three a 'rip-off'?

Moreover how are calls charges of 3p a minute, texts at 2p and data at 1p/MB a rip-off either? Assuming you ever use the thing? I put £10 on mine months ago and despite periodically checking my emails via 4G and making the odd call I've still got over £7 on there.

10
1
A Known Coward

Re: Biometrics

"half decent ones look for a pulse and blood vessels"

Which I've seen defeated countless times by simply placing your finger behind the photocopy of a fingerprint (or a latex print created by the same).

17
0

Annus HORRIBILIS for TLS! ALL the bigguns now officially pwned in 2014

A Known Coward

Re: Supposed to be internal testing.

In fairness to the BBC, it seems a lot of sites are confusing the issues. Many are referring to the TLS bug as 'Winshock' however it seems that name was first applied to the more critical buffer overflow issue in Internet Explorer CVE-2014-6332 (severity rating of 9.3 out of 10). Some articles even acknowledge that they are different issues but still imply a link between them.

0
0
A Known Coward

Re: Supposed to be internal testing.

An article I read, I believe the BBC one, said that it was found by IBM researchers.

3
0
A Known Coward

So you're suggesting that this bug in Windows code arose because Microsoft were copying an open source TLS implmentation in 1995? Yes, the bug is that old. Why isn't the open source TLS stack that they copied also vulnerable?

If, as you allege, Microsoft have been just copying their code from free open source projects since the mid nineties, then why are you paying for Windows?

23
0

Would you recognise the Vans shoes logo? Neither would Euro trademark bods

A Known Coward

Re: Undedicated follower of fashion

Which logo are we talking about? AFAIK their logo is just their name (a dictionary word) in capital letters, which isn't particularly distinctive, but neither is it a 'squiggly line' as stated in the article. Are they trying to trademark a different logo?

6
2

Ubuntu 14.10 tries pulling a Steve Ballmer on cloudy offerings

A Known Coward

Re: Cloud

AKA shared hosting

0
0

Blighty: Welcome your new, faceless MI6 chief – Alex Younger

A Known Coward

Re: The DA-Notice or Defence Advisory Notice ...

They pretty much have already stuck up two fingers to the committee by telling everyone where they can find uncensored pictures and then lampooning the whole censorship issue with their 'redacted' image? What better way to point out the stupidity of the D-Notice than to completely subvert it without actually breaking it?

12
0

What the 4K: High-def DisplayPort vid meets reversible USB Type C

A Known Coward

Re: Nirvana

Nirvana would be a round connector that works at all angles, 360 degrees and just not 2.

3
0
A Known Coward

Re: Good cables are better

For PCIe you at least need access to the inside of the machine, which isn't the case for firewire or thunderbolt. It would be a problem for an external express card slot on a laptop.

I wonder why four people down-voted, there's nothing inaccurate about saying the DMA of firewire is a huge security risk. It's hardware level access which cannot be disabled by software, and cannot even be disabled by the BIOS on some motherboards. Apple fans maybe?

5
1

SCREW YOU, Russia! NASA lobs $6.8bn at Boeing AND SpaceX to run space station taxis

A Known Coward

Re: SpaceX's cheaper Dragon capsule has room for seven

It's the console you see at the top of the picture, it folds away there to allow easy access to the seats then swings down in front of the two forward seats where it's reachable by the pilot and co-pilot.

There's a video of Elon Musk demonstrating it at the unveiling a few months back

1
0

Airbus developing inkjet printer for planes

A Known Coward

"the ship from Momo"

I'm unfamiliar with that reference, but I'm curious?

3
0

Lenovorola TRIPLE-ola: New Moto G, Moto X and 360 wristputer UNZIPPED

A Known Coward

Motorola website says new G is 4G (LTE)?

They also say that it accepts an SD card, which the original didn't. Although that was added in the later 4G model.

http://www.motorola.co.uk/consumers/mobile-phones/Moto-G/motorola-g-gb.html

1
0

Video: Dyson unveils ROBOTIC TANK that hoovers while you're out

A Known Coward

Can it move furniture?

Well? Can it move the chair and bin out from under the desk to vacuum there? Can it pick up the laundry basket or the rugs so as not to choke to death on the frilly edge? Can it climb stairs or clean beneath the cushions on the sofa? Well of course it can't, so you'll need to go around after it with a second vacuum cleaner to do all the bits that it missed.

I guess if you've got lots of money and little time for chores then it's a great idea. But if you've got the money why wouldn't you pay someone to come in and clean instead? It creates a job in this country instead of China and a human being has none of these limitations, plus they can do whole load of other jobs too.

7
0

Software bug caught Galileo sats in landslide, no escape from reality

A Known Coward

Re: Latest satellite status message

Uh no that was Queen.

1
1

'I'll dance on their graves at 1 MILLION operations per second'

A Known Coward

Richard Dawkins?

Why would the atheists/humanists want to upvote a comment that suggests atheism is a 'collective delusion' in order to 'redress the balance'? The balance is already in their favour.

3
0

Primetime precrime? Minority Report TV series 'being developed'

A Known Coward
Stop

Dick's work explores ideas, it's philosophy which uses the freedom of sci-fi to create impossible scenarios in which he could pose 'what if' questions. The short story Minority Report is intended to provoke questions over the ethics and morality of the scenario. Exactly how are they going to play that out in an on-going series without it wearing thin?

My gut is that we'll get yet another mind numbing police procedural with 'a twist' with one of the protagonists ever so slowly starting to question whether what they are doing is right. Either that or the movie take on the story, which was basically just The Fugitive.

I'm sorry but I can't see how this can end well, much as I dearly want to see some intelligent and thought provoking sci-fi on TV (there's so little of it), I can't see how they can make this work.

3
0

The agony and ecstasy of SteamOS: WHERE ARE MY GAMES?

A Known Coward

Re: Loving it so far.

I'm going to guess that it doesn't require anything like 500GB for the OS, but it recommends at least that much free space to install games into. After all with just 250GB and with some games running to 20+ GB you'd only be able to install ~10 games at a time.

Look at this way, a full linux desktop with email, openoffice etc can be installed into a parition of few gigabytes (if you're really careful about what you install far, far less). The linux steam client is a few MBs in size. There's no way that the SteamOS can consume 500GB, that has to be for the partition it will install games to.

3
0
A Known Coward

Re: I have 34 games

Of the 91 steam games I own, 53 run on linux. Currently playing XCom: Enemy Unknown (Enemy Within) and Metro Last Light.

Debating whether I'd enjoy the X3 series (Terran Conflict, Albion Prelude, Reunion), loved the space combat aspect of X-Wing vs Tie Fighter back in the day, but not sure whether the whole accounting/trading side of X3 would be fun.

Will definitely be buying Metro 2033 Redux when it's released and may buy Witcher 2 when they've shaken out the bugs. Looking forward to all the games (including AAA titles) which are due to arrive on the platform, especially since so many of the AAA engines have been ported to Linux in the past year.

1
0

Microsoft throws old versions of Internet Explorer under the bus

A Known Coward

Re: Seamonkey

"Iceape isn't a 'spinoff' ... it's Seamonkey with Mozilla's (trademarked) branding removed."

And they were forced to remove that branding because ...

Yes, that's correct, they modified the code. It's a fork of Seamonkey, a spin-off, it's a knock-off, it's not the genuine article.

Speaking as an open source developer who is about 5 minutes away from requiring Debian to stop using a trademark for the same reason. Their buggy, broken packages which apply unauthorized patches are damaging to the reputation of many software projects. That's when they aren't introducing huge security flaws (SSH keys etc).

2
0

Tiny steps: HTTP 2.0 WG looks for consensus

A Known Coward

Re: Mandatory encryption?

It's going to be interesting to see how that encryption works. TLS requires the use of trusted certificates, certificates that cost a hefty amount per year for an individual running a small two page website.

If HTTP 2.0 isn't going to create a two tier internet, one for the masses which provides no default protection against snooping (HTTP 1.0) and another for corporations which does (HTTP 2.0), then they'll also need to rethink the certificate system. At the very least making cheap ($1) certificates possible. Perhaps requiring them to be issued along with domain names as a complete package, your domain registrar issues a basic cert, they have all your details anyway and know you are the registered owner of the domain.

2
0
A Known Coward

The protocol is still plain text. Only that text is then compressed and encrypted. The intended recipient can still decrypt and uncompress it to produce the original plain text.

0
0

Russian law will force citizens' personal data to be stored locally

A Known Coward

Re: Who says he wants to spy on his people?

Exactly, this is no different from what Europe wants to do to prevent the US snooping on their citizens. With Russia it's automatically assumed that they just want to increase control over their citizens, but that Europe is just acting to protect it's citizens?

Sure Putin isn't a good guy, but then not everyone in Europe is convinced that the motives of the European leadership are entirely benign.

14
0

Page:

Forums