* Posts by LDS

1696 posts • joined 28 Feb 2010

Google open-sources HTTP/2-based RPC framework

LDS
Silver badge

Re: A critique of HTTP2.

That's why also his rant about self-signed certificate management is wrong. Browsers are correct to signal a self-signed certificate as dangerous. You have no simple way (but perusing very technical details of them, and matching them against the expected ones) to ensure they're really the same self-signed certificates you expect. Performing MITM against a self-signed cert is pretty straightforward, and then you have really no security - sure, you're protected from casual eavesdropping, but just that.

I do use my one certificates for example to protect my mail server and web mail, but I actually don't use a simple self-signed cert. I use certs issued by my own CAs. This way I can check they are actually valid.

0
0
LDS
Silver badge

Google is trying to reinvent TCP/IP over and over...

Google is obssessed with HTTP just because it's allowed to bypass firewalls. Thereby is trying to bolt on it everything that is already available in TCP/IP. Just FW will updated and start to inspect HTTP/2 sessions - MITM them if necessary - and decide what is allowed and what is not...

4
0

And the buggiest OS provider award goes to ... APPLE?

LDS
Silver badge

Re: This is not a football match.

It looks you never used AD and printers. In Windows you can load printer drivers on a server, and have them automatically deployed when a user adds a printer. Users can search for printers in AD (and you can search also for printer features), or printers can be automatically added through group policies. You can set them up per site, so if a user moves it will always find the nearest printers already added.

Even Plug&Play has been doing for years what you say CUPS does, and since it can look for drivers from Windows Update (or a WSUS server ), unless you want the latest drivers from the manufacturer, the printer is added automatically.

CUPS comes with many drivers as well, but it often lacks specific drivers to exploit specific printers functionalities, especially the high end photo printers.

0
0
LDS
Silver badge

Re: I don't understand reporting these stats...

It's no suprise there are more bugs reported against a large number of third party applications (that you may have or may have not installed) than those reported about a handful of kernels (which you have always installed)

Applications may also be very large compared to a kernel (i.e. a database engine).

Anyway, a kernel bug is usually nastier than am application bug, because often happens in code executed with high privileges.

2
1

Samb-AAAHH! Scary remote execution vuln spotted in Windows-Linux interop code

LDS
Silver badge

Re: MIcorosft contributing security fixes to Samba

You can't really know how long does a patch take do be developed, and how many other patches are in the pipeline already. Nor nobody voted Google - a private company - the "Security RoboCop" (TM) of the world.

And I'm sure Google is not interested at all in securing other products - just to put them in bad light as much ad it can. Otherwise it would collaborate to understand when and how disclose a patch - not bully its competitors in adhere to is unilateral policy.

2
1
LDS
Silver badge

Re: Hang on a minute...

MS can charge you for some licensed use - depends on the protocol and other stuff. After all that's IP.

0
0
LDS
Silver badge

Re: Another Open Source security problem

I head to decommission Debian 5 for the same reason... and it was less old than XP.

1
1
LDS
Silver badge

Re: Hang on a minute...

There is still a *huge* difference in a thread and a process, even in Linux: threads -> same address space, processes -> different address spaces, and need of IPC to make them communicate.

If tasks are separate enough, then only the startup overhead is a matter. But when tasks needs to communicate and coordinate, that overhead may start to matter.

2
3
LDS
Silver badge

Re: Several reasons

Because NFS doesn't run in kernel, does it? SMB is implemented in services - the file sytem redirector is in kernel - it performs I/O, can't be in user space...

4
1
LDS
Silver badge

Re: MIcorosft contributing security fixes to Samba

Also the CVE entry was filed in November... thereby the patch took more than 90 days... probably MS understood compromised Samba servers are a risk for Windows users as well.

While Google prefers to act like a bully, without caring what could happen to its users as well - or probably being more products than users, it doesn't care at all.

That's why maybe actuall paying for software is not that bad.... "free" software may be paid in several different alternative ways... including some you may not like.

7
15

Superfish: Lenovo? More like Lolnono – until they get real on privacy

LDS
Silver badge

Re: Problem is inherent to closed source

Sorry, but yours is a rant along the lines "Only <put your preferred religion here> will save your soul from this decaying and rotten world!".

This was not a technical issue of closed, open, or free source. Or do you assert that it was *technically* impossible to install such kind of dodgy software on a pre-installed Linux Mint, for example? If so, feel free to explain....

Truly, they could have even installed a modified kernel to achieve it...

2
1
LDS
Silver badge

Re: Problem is inherent to closed source

It looks someone already forgot the Ubuntu-Amazon deal...

http://www.theregister.co.uk/2012/09/24/ubuntu_amazon_suggestions/

16
1

Mozilla mulls Superfish torpedo

LDS
Silver badge

Re: @Paul crawford - Deeper problem

Certificates are used for more tasks than TLS/SSL connections only. And *any* software run under root/administrative privileges will have the rights to modify the certificate store - and installers run privileged because they need to modify the system.

Sure, maybe something could be done, for example requiring than any executable trying to modify the certificate store(s) should be properly signed itself - but the vetting procedure to obtain a certificate is not so sound, often, as it should be. As long as it is a commectial business only, obtaining money becomes more important than ensuring security.

But it won't help Mozilla, for example, because Mozilla uses its own stores, and thereby they are outside the OS knowledge.

As long as a privileged user - or someone on their behalf like the device maker - installs crappy software, there's little you can do from a technical point of view to protect the system - otherwise it could become so inflexible it can lead to usability issues. It's a matter of policies and knowledge.

1
0
LDS
Silver badge

Re: I love crapware

The crapware gets installed on the bottom line consumer PCs - those that have the greater chance of going onto the hands of people without IT skills. probably only the 1.46% of them - or even less - will ever see another OS but the pre-installed one.

2
0
LDS
Silver badge

Re: Deeper problem

The issue is there's no way to tell a "fake" certificate from a "trusted" one - as long as a software or a user has enough privileges to install a root CA on a system. This is a weak point of the X.509 standard - everything depends on CAs trust. There are good reasons to install CAs outside the OS "known ones" - for example company wide CAs.

Anyway, this had little to do with TLS/SSL - it's really an example that if you let some softwre to mess with your system with high privileges, you're screwed. And you should never trust a pre-installed OS - no matter what OS is.

6
0

Facebook security chap finds 10 Superfish sub-species

LDS
Silver badge

Re: Level the playing field

And why not any BSD or even another OS? Is Linux the only other choice? And what distro of Linux? Not every distro costs nothing, after all. Only "free" ones should be allowed? And if so, why? Such an approach would be "religious", not "commercial", sorry.

I could agree that PC should be sold - or at least available - without a pre-installed OS - I use Windows, but usually don't use the OEM license that comes with them especially when it's an "home" one and I have my full pro/ultimate ones (my PC upgrades usually don't match OS ones).

But most people in the non-IT market want a PC they turn on and works - without going through a lengthy install process. Tablet and phones made them also more used to a "turn on and use" approach.

That's why PC aimed at business user can be ordered without an OS license - someone will take care to install the OS, but most of consumer ones can't.

PS: sorry, but a Windows OEM license is cheaper than £100.

9
0

For pity's sake, you FOOL! DON'T UPGRADE it will make it WORSE

LDS
Silver badge

Re: bébé

It' a bit harder than you think, because in some languages you have different types of accents, for example Italian uses both è and é (note the different orientation) thereby "compose" + e + ' what should generate? Ok, maybe a good speller can then select the right one, and no, in a professional text you can't really just use one type. Otherwise you need a fairly good composer for the target language.

Anyway the real solution is the one adopted by a colleague of mine. He believes his a real "hacker" because he uses only ASCII7 characters, so he will always write e', a', o', etc. in any documents (I just wonder he don't use only a monospaced font as well), making each document of his look like coming from the '80s....

0
2

Man the HARPOONS: YOU can EASILY SLAY ad-scumware Superfish

LDS
Silver badge

Re: Lucky me

Thanks that if you got cheap PCs to install Linux on...

1
3
LDS
Silver badge

Re: Any worst than by the NSA or any other ... agency

Also, the very naïve and incompetent implementation put users at great risk, opening what should have 'secure' encrypted communications to world+dogs.

At least the NSA sniffs data for itself only....

1
1

Don't touch me up there! Photoshop creator appeals for 'ethical' use

LDS
Silver badge

Re: Defending Subsrcriptions

For the professional user using them on a daily basis, I agree that model makes sense. It doesn't for the "casual" user which may just stay with an older version for far longer before upgrading, and use maybe only a product or two.

For example I do use Lightroom - but I'm not a professional photographer - and maybe could find Photoshop useful sometimes, but LR costs me about 70 euro per upgrade (on average, every 18 months or so), while CC would cost me 146 euro per year. Thereby I just bought LR and still use an old version of Paint Shop Pro I bought years ago (X3) for some tasks I can't perform in LR.

Maybe it's not a huge saving, but the issue with the subscription model is you can't allocate your money each time in what you need/prefer in any given moment. If you're a professional, well, you know you have to invest some money to keep your tools up to date. If you're not, you may prefer a more "whimsical" approach.

2
0
LDS
Silver badge

Re: Bring out the GIMP!

Maybe because it's easier to find books/tutorials about achieving something with Photoshop than GIMP? If you know what to do maybe you can also find your way in GIMP - if it fits your needs - but if you're learning, it's much more difficult to learn with a far less "supported" tool.

1
3
LDS
Silver badge

Re: that's one way of looking at it, here's another

I understand your financial concerns, but I would not send a son/daughter of mine to an art/photo school that didn't teach them digital imaging without Photoshop. Because you may like it or not, it became an industry standard, and it's much easier to find a job in those sectors if you can use it proficiently.

3
7
LDS
Silver badge

Re: Marketing/advertising have no ethic, so asking for ethical use is useless...

It's a bit different, even if heavy make-up and other "props" can literally change you - but not so extensively like Photoshop can. But even using make-up and other tools, there's a line between what is just correcting minor, maybe temporary, defects, and enhancing subtly some features, while removing what you won't notice in reality (say, a forehead reflection from a light above), and transforming someone in someone else.

Anyway, lying to customers and readers didn't begin with Photoshop, who ever said that? There's always been a group of people ready to sell their soul to the devil (and yours too, if they could) to try to sell something to you - at any (ethical) cost.

2
0
LDS
Silver badge

Re: Marketing/advertising have no ethic, so asking for ethical use is useless...

"People don't buy products - they buy how they think using the product will make them feel."

That happened later. In the beginning most ads were about the product itself, and its benefits. It was in the late fifties, early sixties, that advertising switched to the "feel good factor", and promoted more the lifestyle they want you to believe a product will allow you, than the product itself. That also, required more "appealing" and "idealized" people, especially young women. Lately digital manipulation led to absurd idealization - but the in the "backstage", there's always someone ready to sell his or her mother, and sell you snake oil.

2
1
LDS
Silver badge

Marketing/advertising have no ethic, so asking for ethical use is useless...

Face it - if you looked for a job in marketing/advertising and alike is because "ethic" has no meaning for you - and you like money and manipulating people above everything else.

You learnt how to lie, and lie well - and it became a second nature. Image manipulation is a perfect kind of lie, because people are after all "trained" to think "images can't lie". Photoshop turned them into the "perfect lie" (as long as you are able to use it well...) Nobody in marketing/advertising and the like will ever kill the golden eggs chicken. All we could to, it training people to understand the lies.

17
3

(Re)touching on a quarter-century of Adobe Photoshop

LDS
Silver badge

Re: Find Edges is NOT useless

You can actually use it to create a mask to control how a sharpen filter - including the unshsarp mask, is applied: http://digital-photography-school.com/how-to-sharpen-image-edges-in-photoshop/

The idea is to exclude some areas of the image from the sharpening process, so you can enhance details in some, while others where probably only noise would be "sharpened", are excluded.

0
0
LDS
Silver badge

Yet Photoshop supports 10 bit color channels on compatible monitors and video cards. Something that in some workflows can be more important than more pixels.

Anyway, HiDPI support is still a bit sparse among different Windows versions, and probably displays not yet so widespread, especially in the professional market, when there are many more important parameters, and not just the pixel count per inch.

4K+ display are going to change this, and applications - not only Photoshop - will need to adapt.

1
0
LDS
Silver badge

Re: Paint Shop Pro

Far better of the recent installers of PSP that install some "utilities" always running in background and you can't get easily rid of...

1
0
LDS
Silver badge

Re: Pascal ? Really ?

TurboPascal first, and later Delphi, added to Pascal what was needed to turn it into a professional and productive language and toolchain.

BTW, Delphi was 20 last Saturday. But, unluckily, BorInCodeDero (Borland/Inprise/CodeGear/Embarcadero) management worked (and still works) actively against its own product crippling it the more they could, while ensuring it never got the features it really needed to keep it actual as the development landscape evolve and changed from Windows 3.1 to Windows 8.1 and Windows 2012R2. Lack of focus and of real strategy, bad positioning, and fashion chasing (Linux first, then .NET, then iOS and Android), didn't help either.

Now most development has been "offshored" to Spain and Romania, and the resulsts are not good.

But there are a some good Windows applications written in it, just most user won't be able to tell the difference from a C/C++ one.

5
0

Wi-Fi beam-steering tech could KILL OFF fixed home networks

LDS
Silver badge
Big Brother

Fixed networks are harder to mess with....

... the more traffic I can keep in a cable, the better.

28
0

So long, Lenovo, and no thanks for all the super-creepy Superfish

LDS
Silver badge

"Komodia is a computer security firm which makes software.... to break SSL encryption"

And is this a security company???

I can see legit use for that as long as you are inspecting your SSL sessions for some good reason, but an SDK sold to anybody doesn't look really a "security product", especially if it lets you alter the session.

7
0

Hoping for spy reforms? Jeb Bush, dangerously close to being the next US prez, backs the NSA

LDS
Silver badge

Re: If Americans have to choose between a son/brother and a wife of an ex-president...

If you can't see what is creepy in a handful of families taking control of political life and turning it into some sort of inheritable oligarchy, well I wonder what "democracy" really means for you, and what you really learnt from those who founded your nation - which were people with far more capabilities and decency.

Do you believe Washington, Lincoln and others would have liked to see Bushes and Clintons so glued to power they want to create "dinasties", and cannot step aside?

What's your model now, Argentina? Russia? I always had great respect for how United States created modern democracy - but it looks two century and a half of taking it for granted resulted in complacency - and in increasing inability to maintain it, and stepping back to a pale imitation of it.

I don't live in a country with a monarchy, but in one that very well knows the damages oligarchies lead to. Maintaining power and transmitting it to heirs becomes more important than everything else.

9
1
LDS
Silver badge

If Americans have to choose between a son/brother and a wife of an ex-president...

... they're doomed. This kind of democracy looks too much alike an inheritable one. And they wanted to export it too.... maybe it's time they re-learn what a real democracy is.

10
0

Lenovo shipped lappies with man-in-the-middle ad/mal/bloatware

LDS
Silver badge

Re: Facebook complaining about Lenovo on privacy topics?

Sure, they don't want competition. What if someone can get at your "products" data before they even send it to your website? C'mon, that's not fair, until you get a Superface service also on your PC...

3
0
LDS
Silver badge

Re: Microsoft hardware

Microsoft created the "Signature PC" program (http://www.microsoftstore.com/store/msusa/html/pbpage.MicrosoftSignature) to sell PCs without "crapware" installed. Just, AFAIK, it's only available in the US.

It's also funny that while most accuse MS of "monopoly", someone would also like an even stronger one. A single vendor would only mean less choices and higher prices - exactly as it happens with Apple. Also Windows doesn't cover only a handful of client-side devices - there's also much more in the server room running on Windows - it's would be a far bigger hardware market to cover, and I can't see MS buying Dell or HP anytime soon...

13
1

Windows 10 for phones: Stepping towards the One True Windows

LDS
Silver badge

Re: Is IE still cack on it?

Tap the tab button then "+" is "extremely unuintitive"?

Nor I never find it "losing state". Also I usually ask the desktop version of each site and it doesn't look it "spams wildly". Did you use any Windows Phone past WM 6.5?

8
1

Sony's super-frumpy SmartEyeglass goggles are $840 Google Glasses

LDS
Silver badge
Joke

But you can't also show off your latest mobe. If you "wear" it on your nose, like in the Apple patent, you can show everybody you just got the latest mobe, and put it square in their faces!

1
0

Apple LIGHTSABERS to feature in The Force Awakens

LDS
Silver badge

Re: Retrogression of the "Force".

Actually Germany technology didn't take any step back - and a lot of it was poured into USA and URSS one. Japan technology did a step up after the war - when someone started to sell cameras to the US troops...

Sure, had they killed all those German scientists and technologists (and some, probably many - were compromised with the Nazis, even if they were clever people in their field) maybe the whole world would have took a huge step back.

0
0

Amazon's delivery drones SHOT DOWN by new FAA rules

LDS
Silver badge

Re: Administrative Schizophrenia

Sure, most people are unfamiliar in following a 3D virtual 'road' indicated by needles only, at high speed and with no brakes and no way to stop, while other vehicles can come from below and above you also, and the air itself moves too.. We are much more familiar with physical 2D roads which don't move, lower speeds, and usually vehicles can come from the same plane only.

Also, oceanic routes are among the trickiest to navigate, especially without a GPS or an inertial system. They are so long usually planes can't simply fly a fixed heading all the time, and being away from navaids most of the time, they required a fairly complex mix of dead reckoning and star navigation, while oceanic ATC ensures you don't hit other planes.

Sure, it's simpler to design an autopilot for an airplane than for a car due to the 'simpler' environment- as long as strict rules and ATC maintain proper separation, no actual autopilot could work otherwise -, but for a human is far simpler to drive a car than navigate a plane (or even a boat), because we're not used to sense the magnetic field nor 'feel' altitude. We're used to use eyes to follow reference points and lines, feet on the ground.

2
0
LDS
Silver badge

Re: common sense vs profit (1-0)

A failure of a drone is 'slightly' more probable of all oxygen getting out of your room. Especially when more and more drones fly, and they began to wear out with use.

Also fixed (i.e. power lines, antennas, buildings, even tall trees) and mobile (birds, other drones, etc.) obstacles must be taken into account. Anything navigating blindly outside visual range could be dangerous.

1
0
LDS
Silver badge

Re: common sense vs profit (1-0)

As long as drones don't have sensors to inspect, return and assess the situation around them - I can't see how they could be used safely beyond visual light of sight. If any camera they mount as a "small" field of view and is pointed to the area of interest, how can the drone or its controller assess the situation around the drone and take any action needed to ensure safety? What if the drone has a mechanical failure and needs to land in an emergency? What if the drone has an electronic failure and can't communicate or manage itself?

But more sensors add weight and suck power. Probably that category of drones is larger than actual ones, and would need different rules.

2
0
LDS
Silver badge

In some ways they are drones because you don't actually "pilot" them fully as you would do with an RC plane or helicopter - you tell them where to go and they comply taking care of the flight issues.

Sure, fully automated drones are effectively banned with this rules - but I guess a complex and strict certification would be needed to allow them to fly over people - especially for obstacle avoidance and emergency procedures.

0
0
LDS
Silver badge

Re: Administrative Schizophrenia

Ask yourself why getting a driver license is far easier than getting a pilot one... a 3D space where you can't easily stop is a bit more complex to move within.

13
3
LDS
Silver badge

There's the Playmonaut for that....

2
0

El Reg's plucky Playmonaut eyes suborbital rocket shot

LDS
Silver badge

Re: You mean I can build an open source rocket to hit targets several miles away? Cool!

You can trade paylod for range, and you can still launch it with a different trajectory.

The german 8.8 gun was designed as an AA gun (and later found its way as an antitank one), which does require a "straight" trajectory (and thereby an high muzzle speed) to be effective. Long range guns don't, otherwise they would be limited by obstacles and earth curvature. Antiship missile take advantage of the sea being almost flat and surface waves not being radar friendly. Their terrestrial counterparts need to fly higher, often slower, and with a fairly more complex guide system to deal with the more complex environment. Most unguided rockets simply use a ballistic trajectory because it's the simplest to get past most obstacles at high speed.

Low level bombers were a big bet in '70s and '80s strategies - but in the first Gulf War they demonstrated to be very vulnerable to plain old AA artillery barrage fire. After many Tornados were downed, the allied forces switched to medium altitude bombing. Guided bombs and stand-off ones gave better result when air superiory is established and medium/high altitude SAMs are already disabled/destroyed, or taken care by elecronic warfare and SEAD teams. Today, more effort is put in low visibility and electronic warfare to blind/deceive enemy sensors than just flying low and fast.

It is still true it may be far easier to infiltrate a single low flying plane, but an unamanned one would require far more complex technology, or remote control, not easy to achieve BVR without a powerful enough radio transmitter - or using some for of repeaters.

Anyway, I don't find very sensible to detail some "open source rocket science" in these times.... ok, it's secret matter, but helping mad people with ready to made components looks a bit silly to me.

0
1
LDS
Silver badge

You mean I can build an open source rocket to hit targets several miles away? Cool!

Don't know why, but I guess several governative agencies may have something to tell those people...

4
0

Uber: Sorry we're really awesome and all that (oh yeah, and for leaking your personal info)

LDS
Silver badge

"compiled into an Excel spreadsheet that was accidentally shared "

It looks they don't use their "hyperconvergent cloud based technology" for everything... and hire the usual clueless user who needs to copy data into a spreadsheet to use them...

0
0

STINKY nerds: Sick of horrifying chums with your terrible BO? Nosey Google wants to help

LDS
Silver badge

It was developed because...

... its vulnerability researches could never met the 90 days deadline to take a bath...

0
0

Microsoft loves Surface pen maker N-trig so much it bought it – report

LDS
Silver badge

Wacom has a far better technology, wasted money

I own a Surface 2 Pro, and one of the reason I would not buy a Surface 3 is its pen technology. Not only the different pressure level capabilitis (mostly useful for graphic artists, less for the average user), but Wacom use a passive technology that doesn't require a battery in the pen - as long as your tablet works, so does the pen. And no need to pair it or the like as happens with bluetooth devices.

Thickness, in a tabtet 10" or more, is more a marketing problem than a real issue - you don't put it in a pocket, a few mm won't change your life.

MS should have kept on using Wacom technology, even if more expensive or requiring thicker screens - it just delivers a better "user experience".

1
2

Forums