* Posts by streaky

778 posts • joined 5 Jul 2010

Page:

Ed Snowden crocked cloud, says VMware CEO Pat Gelsinger

streaky
Bronze badge

Re: "The solution to this particular technical problem is a legal one"

I said it's a legal problem not that it needs new law. It needs civilian oversight and courts willing and capable of enforcing the existing law. Neither of those are true today.

The US has a separate problem in which none of it's legal protections apply to non-US citizens outside the US - even if that changes we're a long way from them acknowledging that's even a problem (and killing their tech sector by not using it is probably an way to start clearing that up).

0
0
streaky
Bronze badge

Re: Full encryption, all the time - possible, but hard

Homomorphic Encryption is absurd - it isn't computationally useful unless you like pretending it's the 1940's on extremely powerful and expensive hardware; and it will likely always be thus (nobody can see a path through the quagmire and it's not like it's going to magically appear and even if it does it's decades away).

The solution to this particular technical problem is a legal one; and that looks decades away too.

1
0
streaky
Bronze badge

Re: Snowden? Or the NSA/GCHQ/etc

100% not Snowden. Snowden just told us what we all feared anyway.

The problem for "cloud" is there's no technical solution to the problem minus not putting data in certain regions.

9
0

So, was it really the Commies that caused the early 20th Century inequality collapse?

streaky
Bronze badge

Re: A bit simplistic

The problem is they're not actually discredited per se. Communist governments work like other governments; they're magnets for corruption and incompetence - this is what is actually discredited but we've known this for a long time and it's still happening if you're capitalist, communist or anarchist.

The directed economies generally can work as long as you assume that government is capable of actually planning ahead. In a perfect system (which I'm not suggesting can actually exist for a second) there's nothing preventing a government reacting to reality and also correctly planning ahead. China didn't come out of bouts of mass starvation because it embraced capitalism (frankly, it still hasn't; it's embraced other people's capitalism) - it happened because it's directed economy was directed towards the tech sector and making enough food to feed themselves and because they allowed people to do things like buy cars.

Their directed economy is running round the world happily swapping natural resources for infrastructure and weaponry, then eating those resources and spitting out phones and computers to the rest of us. If the UK's economy was directed it'd be way more broad-based than it is and it'd still be worth getting a job in mechanical engineering.

6
1

NASA dismisses asteroid apocalypse threat

streaky
Bronze badge

Don't encourage these people is usually the best thing. NASA responding in this way is absurd.

You just ask why they know exactly where it's going to hit but not when "sometime between 15 and 28 September" - 12 hours earlier even on the same track it hits china, another 12 and it misses the planet completely; and why is it always the US in imminent danger anyway.

10
0

NSA-resistant email service Lavaboom goes BOOM! (we think)

streaky
Bronze badge

Can't Exist in a Bubble..

The whole reason these services are doomed to fail is that they exist inside a little bubble. Focus should be on getting everybody using secured email by making it both stronger and easier for normal people to attain. Lava* services never did this (they mostly only appeal to people who already know how to secure their communications anyway) so even if nobody turns up with a warrant they're inevitably doomed to failure in the long-run.

1
0
streaky
Bronze badge

Re: Shit out a bucket of kittens

Maybe you're the disinformation station making us all think that crypto doesn't work so we don't even bother. Ever thought of THAT?

No kidding even arguing over this stuff is absurd, I imagine they can break a lot of stuff but we have a fair idea what's relatively weak and what's relatively strong. No doubt the NSA (and GCHQ) have smart people working for them but if they could break everything everywhere their capabilities (Snowden et al) wouldn't be such a shit-show around this stuff and the wouldn't be so focused on breaking into things and rootkitting things.

5
0

Anti-privacy unkillable super-cookies spreading around the world – study

streaky
Bronze badge

Re: There are other options

in which case you will need to add some other digital trickery

They'd have to break through the crypto to touch it so yes it is effective. Indeed it's why mobile VPN services are progressively becoming fairly big business.

Regardless, it has the air of wake up and smell the lawsuit about it. Companies found doing this to their customers (and it's not exactly hard to test) will end up on the bad end of all sorts of privacy laws around the globe so on the off-chance any were reading this I'd tell them to how about stop.

4
0

Rise up against Oracle class stupidity and join the infosec strike

streaky
Bronze badge

Re: First, I stand for TLS, not SSL.

SSL is dead! Long live SSL!

I usually find it's easier just to call everything TLS and not support any SSL versions, there's been good computational reasons to do this since long before POODLE et al which is why I was having a good chuckle at rest of world when it happened.

1
0

I've seen Kaspersky slap his staff with a walrus penis – and even I doubt the false-positive claims

streaky
Bronze badge

Re: White hats, Black hats, and Grey hats...

Need no hats, will stick to Linux

Linux: no hats here. Cept Red ones.

Oh god run for the hills Linux has exactly the same issues as windows and bsd and osx and os-freaking-two. Humans aren't perfect, the end. Microsoft is extremely competent at hiring some of the best developers in the industry; their issue more relates to management being dumb and having no idea who they're selling to.

I hope that Kaspersky has significant credit for investigating Stuxnet and the Equation Group (NSA?). For that reason it wouldn't surprise if many people recommend Kaspersky to friends simply to support the company.

Most people use Kaspersky (product) because it generally tests the best. This is in spite of Kaspersky (the guy) and his machinations.

Even if the claims are 100% true and I stated why I think it's nonsense on the other article - it's a technical problem with a technical solution that's there for other vendors to find - personally I'd look at it as battle hardening or an indication that the way our software works is broken and do something about it. This is probably why the other vendors at worst have replied with a "meh".

15
3

Assange™ is 'upset' that he WON'T be prosecuted for rape, giggles lawyer

streaky
Bronze badge

Re: "Ego-stroking myth has been discredited"

they don't have to say it until the moment he walks outside the door of the Ecuadorian Embassy and the moment they do the extradition treaty would take effect

But there's no situation where any of this makes any difference to his legal issues with Sweden. He's guaranteed the US has decided what to do or not to do with with him now so even if Sweden says "nah fuckit" which is unlikely considering the victims would probably turn up at some high level court the next day - he's still royally screwed. If he had any sense at this point he'd be hoping the US wants him and to walk out the door. Sooner whatever sentence he gets starts the sooner he gets out. If he hangs around for another 10 years he's just going to start his sentencing later. I mean it's all completely nonsense anyway but he obviously is incapable of applying logic to his situation if he really believes what he's claiming.

The US has "renditioned" for less than what he's been accused of

The UK has sent special forces into buildings for less than he's accused of, nay, has done. To see he's being treated with the utmost respect and total kid gloves is a HUGE understatement.

0
0
streaky
Bronze badge

Re: WTF?

something has smelled fishy since the Swedish charges were levied

Only thing smelling fishy is Assange.

If the US wants him they'll ask the UK government not the Swedish one. The UK and US have one of the world's most comprehensive extradition treaties - it's asymmetrical (the bad way for Assange) but you can be assured it exists.

15
12

Kaspersky Lab denies tricking AV rivals into nuking harmless files

streaky
Bronze badge

Kaspersky trained at the KGB's hacking school thing, so you know, yes, I guess?

That said it's not exactly an unusual story in the industry.

1
0
streaky
Bronze badge

Re: I'm not buying this..

It doesn't *sound* right at all from a technical perspective. If it was happening people using alternative products would be making noise about it that's for sure. The core malware samples that engines use to classify code will be guaranteed to be actual malware or the system fails; I can't see this working any other way - why would any vendor trust crapware just because it's uploaded to VT anyway? They wouldn't that's why.

It might well be true Kaspersky tried it; what is highly suspicious are any potential claims it actually worked.

4
0

Intel left a fascinating security flaw in its chips for 16 years – here's how to exploit it

streaky
Bronze badge

Re: Require root or administrator access ...

"requires root" when you're talking about exploiting systems isn't any sort of barrier. Now one assumes on systems with not unreasonably old CPUs if you get rooted then your hardware is junked. You have no way of finding or removing something put there with this so why wouldn't you make that assumption.

System compromises tend to chain a bunch of exploits together (for example web app -> shell unpriv -> root), now they can add a little something extra to the end; and that something is a pretty nasty kick in the hardware teeth.

Do you own a dedicated server hosting business? How do you know your systems aren't compromised with this? Oh, yeah, you don't.

0
0
streaky
Bronze badge

Re: a ha ha ha ha ha :(

F00F was easily fixed at the OS level though.

0
0
streaky
Bronze badge

Re: a ha ha ha ha ha :(

To a general air of "when has a chip ever had a bug ?"

Those people are crazy, they happen all the time. I think the issue is more when has a chip had a security bug that somebody found and it hasn't been possible to mitigate it with a microcode update. I don't think it's ever happened before.

Given the timing of the introduction and precisely where this bug is in the CPU one has to start asking themselves rationally if it was intentionally introduced and if Intel should be doing a product recall; that's the major issue here.

0
1

Random numbers aren't, says infosec boffin

streaky
Bronze badge

If you pool a huge volume of supposedly random data used for crypto you create entirely different challenges. The issue isn't creating volumes of it anyways, the main issue is PRNGs are notoriously hard to both prove and disprove the validity of, unless they're extremely broken.

3
1

ROBO-TENTACLE with mind of its own wields deadly electrical power – turns on Tesla car

streaky
Bronze badge

There are of course a lot of things to consider before such a charger could be added to your house:

Is "Why are you not buying a hydrogen car?" one of them?

1
10

Major web template flaw lets miscreants break out of sandboxes

streaky
Bronze badge

Did you know

If you add all your users to sudoers and let them use compilers, bad things can happen..

1
0

Contractors who used Employee Beneficiary Trusts are in HMRC's sights

streaky
Bronze badge

Re: Pay your tax like everyone else

I wonder how many people in the middle east have been killed as a result of people voting labour.

Roughly zero pretty much any way you look at it? I don't see either John Major or Hague responding any different to 9/11 nor Hussain's nonsense down the road of that's your argument.

Not for nothing but back on topic nothing about being a contractor (and self-employed) is intended to stop people paying their fair share of tax or to make it easier to avoid or evade tax. Yes it's riskier, but nothing about the tax system is there to reduce that risk: everybody is under some risk of not working next week; it's the decision you make.

0
0
streaky
Bronze badge

Re: @Rol Pay your tax like everyone else

"Should HMG decide to disallow any of these, should HMRC be able to go back x years and claim unpaid tax?"

It is somewhat the cost of doing business, tax systems work like this - I don't know if they should or not but they do. Just be happy you live in a country where you can't be jailed for it; directly.

Also by the way the rules on retrospection only apply in criminal law.

1
0
streaky
Bronze badge

Re: Pay your tax like everyone else

"Contractors have none of that and that's why businesses pay high rates - because they know they can get rid of them at the drop of a hat"

And they have to pay tax on those earnings. Many contractors do at the standard rates. I don't know enough about the specific scheme to be able to comment directly on it but given the HMRC think they're getting money it's fair to assume they think it was obviously bullshit.

Also the HMRC doing idiotic - nay, arguably criminally corrupt - deals with the likes of Voda and many others doesn't negate your requirement to pay tax on your earnings (and yes it sucks). If everybody paid their fair share (i.e. what most other people pay) then no doubt the tax rates could come down generally; rather than the bullshit situation we've dug ourselves into.

3
0

W3C's bright idea turned your battery into a SNITCH for websites

streaky
Bronze badge

Re: Solution?

Add some randomness to make it fuzzy or round it to the nearest 10% probably? That said it probably doesn't work very well as a tracking tool anyways..

1
0

HP insists 'we don't have a global dress code' – while deleting one from its website

streaky
Bronze badge

Re: Not sure what the fuss is about...

Clothes that show to much flesh (short shorts, crop tops etc) are a no-no as are clothes with rude words or offensive logos

I know what we need. Burkas for everybody!

6
0

And on that bombshell: Top Gear's Clarkson to reappear on Amazon

streaky
Bronze badge

Re: 12 Years a Wage Slave

In fairness I don't think they cared about either but caved to inevitable pressure on all occasions it was reasonably valid (and the slant one still bemuses me to this day). If we start getting worried about racist terms from other countries that we don't know we're going to have some major problems - well, we already have.

I think the issue is the constraints that they place on people regardless of all that; but how the fk should I know..

6
1

US State of Georgia sues 'terrorist' for publishing its own laws ... on the internet

streaky
Bronze badge

Re: Lets hope he isnt black

It's not just black americans that randomly die in the US when dealing with the police. That's the irony; actually way more white people do *AND* there's no reporting standards with regards to who/why, so naturally there's no reliable data available.

This is all stuff you want to be happening in a democracy of course.

7
1

Want longer battery life? Avoid the New York Times and The Grauniad

streaky
Bronze badge

Re: and the same tests done with

Disable js/css/all plugins and you're good to roll. It'll look like shit and be unusable but hey.. Battery right?

On this theme amazon.co.uk blows my 2KW desktop PSU every time I use it ;)

2
1

Antitrust this! EU Commish goes after HOLLYWOOD’s big guns

streaky
Bronze badge

Geographical sports rights, TV show rights, movie rights; the works - this all should be up for grabs. If all this is fixed piracy will mysteriously drop and nobody will know why, but it's important to note that the two things are in no way related. You have no data proving that.

6
0

Reg reader casts call centre spell with a SECRET WORD

streaky
Bronze badge

Re: Lawyer magic word...

When somebody implies there's some sort of legal action in the offing there's nowhere for the discussion to go. It's not a case of striking first or cancelling contracts but if you're sane you're not going to talk to people when they're talking about that.

Like I said, either look for a better solution or just do it.

1
0
streaky
Bronze badge

Lawyer magic word...

Doesn't work.

Most companies, especially ones with tight procedures like large call centres usually have rules about what to do when somebody uses a word like "sue", "lawyer" or "court" and that's to terminate all contact and pass the case onto the legal department. If you're in an emergency and need to get things moving this is absolutely not the play. Words like that should only be used if the situation has broken down so that the only option left is to actually do it - if you're planning on using your lawyer to read through contracts or actually sure you need to either use better to use more neutral language to state that (we're going to need to pass this onto the board and/or legal department to consider our options if this isn't fixed asap or something similar) and/or just if you think you're going to court surprise them with it rather than declaring intent like many people do.

6
0

Microsoft attaches Xbox stream bait to Windows 10 hook

streaky
Bronze badge

Re: not on my network in a million years.

Win10 allows you to open programs just like the previous Windows versions

Indeed microsoft actually quickly backed away from the apple-tablet model once they figured it doesn't work at all, much less for them. People that bought into it notwithstanding.

2
0
streaky
Bronze badge

Re: MS's Game Plan

1. Write an OS

2. Abandon gamers

3. Have poor OS sales

4. Oh shit!

5. Write new OS

6. ????

7. Profit

1
1

Brit school software biz unchains lawyers after crappy security exposed

streaky
Bronze badge

Re: Legal advice

They're completely legal, what's more now they're going to end up with every blackhat in the world trawling though their code.

Some people never learn from the mistakes of others.

5
0

Mozilla's ‘Great or Dead’ philosophy may save bloated blimp Firefox

streaky
Bronze badge

Re: Chrome sleek and fast, Firefox bloated and slow

I love firefox and I do believe it doesn't get the recognition it deserves but it does try my patience sometimes, even as a software dev.

2
0
streaky
Bronze badge

Re: Chrome sleek and fast, Firefox bloated and slow

Except firefox's gc classifier can't figure out where 90% of memory goes and then can't do anything about it.

Firefox is easily the worst offender for all sorts of slow browsing failures. I use it every day and it's by a long way the best web dev platform - and lets not even talk about Chrome's font rendering on high pixel density displays - but if you're doing stuff like watching twitch streams or using amazon's site very bad things happen when they don't in Chrome or IE. You could say "ah but that's twitch's fault" or "it's Amazon's fault" but when you can point to another browser that doesn't fail so catastrophically with the same code somebody just isn't competitive.

3
2

'The server broke and so did my back on the flight to fix it'

streaky
Bronze badge

Re: graeme@the-leggetts.org.uk

People suffering from severe pain are not renowned for their acute mental faculties and diligent decision making processes

I've always managed, if you're taking that many paracetamol you're gonna notice it and realise you have a problem that can't be resolved by self-medicating, *especially* if you're still in pain. They're not addictive, so there isn't much excuse.

0
0
streaky
Bronze badge

Re: graeme@the-leggetts.org.uk

Not to mention that paracetamol is no more effective than a placebo for back pain.

Works for me. Science. Seriously though it depends what exactly the back pain is.

Plus also it takes a fairly massive dose of it to do any sort of damage, more than a mentally stable person would actually take.

0
0
streaky
Bronze badge

Re: "Apple server"

The thing I always remember about Apple servers was it's the thing they could actually do competently in a world where Linux wasn't the big deal it is today. Weird how times change.

2
1
streaky
Bronze badge

Hubswitch..

Hubswitch earned his name because he kept using the word to describe any piece of kit he thought might be the problem

We sure it wasn't because he was one of those people who couldn't tell the difference between them, which not all that many years ago was shockingly common amongst allegedly qualified network engs?

7
0

7/7 memories: I was on a helpdesk that day and one of my users died

streaky
Bronze badge

There was nothing noble about the IRA, but if you're gonna bomb things I'd prefer empty buildings over people is all.

Personally I advocate heavy use of drones and carpet bombing for dealing with terrorists... but apparently we can't have that for reasons.

0
0
streaky
Bronze badge

I assumed first time reading that it was bombs versus bomb, multiple distributed attacks haven't been common in the UK. There have been bigger single bombs by a large margin but there were usually warnings; I think that warning versus not changes the feeling of personal danger to a fairly large extent.

The IRA attacks were pretty nasty but with exceptions they were smart enough to more damage buildings than people.

1
1

Britain beats back Argies over Falklands online land grab

streaky
Bronze badge

Re: Argies are too late @Flocke Kroes

As for "more capable militarily", I'd say the current lack of fixed wing aircraft capable of being used on ships would argue otherwise. As is the inability to bomb the runway at Port Stanley from a fixed base.

Things we have now we didn't then:

Trident.

Cruise missiles by the metric fk ton.

SAMPSON

Drones

Way more capable defensive and offensive missile systems

A military that's had some practice

The list continues but I'm bored, carriers are for halfwits.

Come to think of it when we've used all that kit and the yanks get bored of selling us tomahawks at roughly the end of time we can just start doing aa refuelling runs over the atlantic for months on end. That said there'd be nothing left of Argentina after day two but still..

0
0

Mobe encryption guru Charles Brookson picks up OBE from the Queen

streaky
Bronze badge

Re: Queen != Government

She's well advised to keep her nose out of (nor be influenced by) political debates

Problem.

David Cameron's insane government makes the list of people to give honours to. Queen just hands them out.

0
0
streaky
Bronze badge

Re: Secure from the security services?

all mobile networks have a lawful interception clause written into their licences

Yeah but then you have to go to court and explain why you need to tap somebody's comms and expect a competent person to not think you're full of it.

Gemalto is my answer to this statement.

1
0
streaky
Bronze badge

Re: Congratulations

rightfully honoured for his contributions to ensuring that our privacy is protected by one arm of the government whilst another is bleating about how encryption is going to mean the end of the world and that the sky will fall in

Isn't it the same crypto that was generally considered staggeringly weak long before anybody had even heard of Snowden (was assumed completely broken in circa 1998)?

Uses a PSK stored by the (apparently idiot) SIM card maker, which means if you get into their gear you can just take all their keys. But I'm sure that would never happen.

I can make the leap between that tech and getting an OBE to be honest, surprised the CIA didn't award him the Intelligence Medal of Merit.

In all fairness I'm not sure if we blame the networks of him for all this but I think most people found GSM fairly sketchy on day 1.

1
0

Australian government demands signoff on telco network designs

streaky
Bronze badge

Order Changes

order changes to networks

Including installing this little black box we have here, don't ask what it's for. Patriot Act school of network eng one assumes? Notify us of changes (honest it's nothing to do with us back-dooring your gear). I'd literally rot in jail/raise up and army before I found any of this acceptable.

Terrorists? These guys are jokers, try fighting a few thousand people who know what the fk they're doing.

6
0

So much for rainbows, Zuck: Facebook staff still overwhelmingly male and white

streaky
Bronze badge

I realized it would not have even paid for an apartment there even with 0 left over for living expenses

Call the chap racist then back up the argument, interesting.

0
7
streaky
Bronze badge

Re: Why is...

Isn't it more important to hire people based upon their ability to do the job?

You really don't want a slice of this cake. Simple answer is apparently no but don't go down this rabbit hole of silly, I've been there and it stinks of mediocre.

0
0

Page:

Forums