Feeds

* Posts by streaky

494 posts • joined 5 Jul 2010

Page:

Assange™ slumps back on Ecuador's sofa after detention appeal binned

streaky
Bronze badge

Re: streaky

"Evidence or not, Assange obviously believes it - why otherwise spend more time in house arrest than he's likely to get (assuming he's convicted) in Sweden"

Assange might believe aliens started WW1 it doesn't make it true or relevant to his actual problem.

1
0
streaky
Bronze badge

Re: dan1980

"Which advances things how?"

It doesn't advance things, it doesn't walk them back either.

By your argument Ronnie Biggs would have never served any time. You don't fuck off somewhere for 3 years and have charges dropped. Right or wrong it isn't a *legal* argument unless you also believe in unicorns.

If he'd not shown up at a friendly embassy he could have been tried, convicted and been released by now - instead the entire process hasn't started and there's *one* person on the entire planet to blame for that.

And not for nothing but if the Yanks wanted him they'd ask us to extradite him given it's about 100x easier from the UK than Sweden.

4
3

Renewable energy 'simply WON'T WORK': Top Google engineers

streaky
Bronze badge

Disposal.

"can only ever - perhaps - be finally disposed of in a wildly expensive geological vault"

Yarly?

0
0
streaky
Bronze badge

Re: Nuclear Power

Commercial fusion isn't 10 years away, it's 25 which is coincidentally roughly the lifespan of a fission reactor. If you're building them roughly right now then you're fine.

3
0

Giant bank IT cockup of 2012 'could have brought down ENTIRE financial system'

streaky
Bronze badge

Does anybody know..

What actually happened? None of the news stories carry any detail.. Any AC's want to provide a few details? We all know all these high tech jobs we're supposed to have in the UK, US et al went to india - but more specifically what the cock-up was?

0
0

Mozilla, EFF, Cisco back free-as-in-FREE-BEER SSL cert authority

streaky
Bronze badge

Re: A major obstacle to encrypting everything

"There are clients which support TLS but not SNI"

Whilst this is strictly true, the reality is SSLv3 being broken removed all the remaining browsers/stacks (anything on windows xp) that don't support SNI from the equation, therefore no problem. Anything that doesn't support it is out of support (again, anything on XP) with a seriously compromised stack.

Per wikipedia SNI support:

Internet Explorer 7 or later, on Windows Vista or higher. No support for any Internet Explorer version on Windows XP because SNI depends on the SChannel system component shipped with Windows Vista.

Mozilla Firefox 2.0 or later

Opera 8.0 (2005) or later (the TLS 1.1 protocol must be enabled)

Opera Mobile at least version 10.1 beta on Android

Google Chrome (Vista or higher. XP on Chrome 6 or newer. OS X 10.5.7 or higher on Chrome 5.0.342.1 or newer)

Safari 3.0 or later (Mac OS X 10.5.6 or higher and Windows Vista or higher)

Konqueror/KDE 4.7 or later

MobileSafari in Apple iOS 4.0 or later

Android default browser on Honeycomb (v3.x) or newer

BlackBerry 10 and BlackBerry Tablet OS default browser

Windows Phone 7 or later

MicroB on Maemo

Odyssey on MorphOS

Even if you're on XP (for reasons passing understanding) third party browsers will generally cover you via NSS.

1
1
streaky
Bronze badge

Re: Do I understand this?

"This is basically a self-signed certificate"

No, no it isn't. They're clearly getting a CA certificate that's well supported in the browser trust chain. It costs money, but not that much money,

2
0
streaky
Bronze badge

Re: A major obstacle to encrypting everything

"if SNI isn't enabled or the client doesnt support it"

Ther are no browsers in active support that don't support SNI. The end of SSLv3 was the end of no SNI support - therefore not a problem.

No seriously, SNI.

0
3

Oi, Europe! Tell US feds to GTFO of our servers, say Microsoft and pals

streaky
Bronze badge

Re: Just goes to demonstrate the lack of political sophistication of the tech sector!!

"Except that none of those countries is seeking to make their domestic warrants apply world wide"

The UK does, I'm sure many of the others do too - I just can't be bothered to read their laws.

And also you're confusing a public process of law creation followed by courts (even where secret - and where the laws are totally nonsense) with the FSB up in your grill and asking where your licence to talk about things like this and/or revoking it.

Don't get me wrong the stuff GCHQ and NSA are doing is utterly nonsense the difference is we know about precisely what they're doing. The good news is everything we're doing to shut the numpty security services in our own countries out is also making us more secure against the Russian, Chinese and other alphabets - which is what the NSA and GCHQ *should* be looking at helping with rather than cat pictures we're sharing on facebook and the like that they're actually doing.

0
1
streaky
Bronze badge

Re: Just goes to demonstrate the lack of political sophistication of the tech sector!!

"nowhere else in the world has the same profit-threatening, global-reach warrantry system. Anywhere but the US would suit their requirements"

Also Canada, UK, Australia, New Zealand. And oh god don't forget China. And Russia is about 14 times worse. I'd probably stay out of basically all the Middle East too because the operating environment borders on the silly.

Oh and then you need a certain standard of developer and the ability to attract them to whatever country you operate in so you can wipe India, Pakistan and Eastern Europe off the list. Can't go to South America because your business might become state owned at basically any second. Then if you're Microsoft and you do find a suitable country - your business if probably worth more than the country's entire GDP - what happens if you have do to a recall or end on the wrong side of a lawsuit and need a loan without too much noise?

Oh and you're still going to need to repatriate funds from the USA so you're going to need a bank there that can be frozen, and hey conferences and layovers on your way to Barbados for your jollies and now you're subject to arrest for wire fraud and whatever else the US govt decides to use against you in it's pool of "stuff we can use to arrest people when we don't like them".

Pretending you don't have business interests in the USA isn't the same as not having them - the ultimate truth might well be "the cloud" isn't suitable for certain people (see: criminals and people likely to be accused of criminality - valid accusations or otherwise, businesses with trade secrets and states) to use because it's likely unprotectable.

It also might well be that it isn't ethical to provide such services. Cloud storage should be ultimately encrypted with the end user's keys that never leave the end-users possession so there's no access in the first place to a customer's data then in principle you can't be ordered to turn over data you have no access to - there's a double security benefit here which is if you're say apple and you have a security compromise or the user's account is compromised whoever does it still won't have crypto keys for the files so no nuddy pictures of d-listers splashed all over the internet. Come to think of it why doesn't iCloud work like that?

Cloud based hosting/servers is an entirely different problem - which speaking as somebody who has a fledgling stealth mode cloud host - is a really serious problem to resolve.

0
3

Judge: Terror bomb victims CAN'T seize Iran's domain name as compensation

streaky
Bronze badge

Re: What else can they seize?

Well it'd be a WTO case. For the record the WTO finds against the US (yes, even for the little guy) all the time, which is why a Antigua and Barbuda can legally ignore intellectual property treaties as applies to the US (online poker related).

4
1
streaky
Bronze badge

Re: Bizarre in many ways

"The US continues to fund many terrorist organisations and continues to launch drone strikes into countries which it is not at war at."

The US is at war with Pakistan, it's just not a declared war. I'll get Barack to send you over a copy of the parchment.

3
2
streaky
Bronze badge

The reasoning is consistent.

0
1
streaky
Bronze badge

Re: A pity

Well, the US doesn't control the DNS system. It doesn't even really control the root nameservers.

It does control the IP space though - directly and indirectly through the US-owned carriers that truck most of the internet's bandwidth. If the US made a decision about IP space there wouldn't be a damned thing anybody could do about it.

If they'd found in favour it'd have probably increased the noise regarding the ITU's (and thereby Russia/China's) control of the internet - and *that* is where it gets dangerous.

1
1

Google will have to WAIT and SEE if I fine them - EU antitrust chief

streaky
Bronze badge

Re: IF ONLY HE HAD A CLUE

"tax them so we can all benefit rather than suffer imposed crapness"

Cool, or they could get pounded into the sand. I hope they get pounded into the sand.

Google puts up active roadblocks to innovation much worse than the ones Microsoft was found guilty of some years back.

For example, they use certs to lock people out of their protocols for the sake of stifling competition. Case in point - the cast v2 protocol requires Google CA signed keys to verify that a device is made by Google so you can't be a first screen device (e.g. a TV) without those keys which you can't possibly get hold of - but as a client you can just send requests to a chromecast without authenticating and it'll just do what you ask thereby proving it isn't security related; again the entire point of those certs is to lock down the entire google/android/chrome ecosystem from competition and innovation now they've pulled millions of google device users into it. It's a pretty horrific bait & switch and they should be forced to have their protocols opened up (in the sense that they're usable by third parties) or be made to pay very massive fines and forced anyway.

Nobody should be allowed to get away with that level of nonsense - Microsoft weren't, if Google are then I'm going to assume very bad things took place and go from there.

1
0

Sysadmins disposed of Heartbleed certs, but forgot to flush

streaky
Bronze badge

Lazy?

"while sysadmins may have run in the necessary patches, they haven't gotten around to revoking the PKI certificates their sites had before the bug was discovered"

Suspect it's actually a concious decision to not replace certs. There was a realistic attack window, there was a paranoid attack window and in between there was statistical reality.

1
0

This 125mph train is fitted with LASERS. Sadly no sharks, though

streaky
Bronze badge

Re: Good, but not good enough

"You don't need X-rays for finding cracks in rails, eddy current detection is far easier."

At line speed?

0
0
streaky
Bronze badge

Re: Good, but not good enough

@ John Sturdy

You'd need a camera sensitive enough to take images at line speed without blur, so like I said you're in high speed camera territory. It's not every day kit just for the imaging let alone having a system that can flag things up to be looked at.

2
0
streaky
Bronze badge

Re: Good, but not good enough

"you can probably do most measurements using 200£ worth of off the shelf phone hardware with a couple of extra cameras"

You're going to need a high frame rate camera for one so not really.

In a way you're right though - the major accident-related issues on the track in recent years are cracks that aren't obvious on visual inspection and in one incident I believe the problem was what we former engineers call a non-metallic inclusion, which is code for "oops we didn't make it right".

If they can fit the train with high speed x-ray cameras and get it doing it's thing it could be a whole different world of useful. Machine vision of cracks on x-rays should be reasonably simple compared to the other stuff the train is doing. The tracks on the high speed lines in this country are work hardening so they have to be replaced over time - if we can decide what to replace based on evidence (by being able to actually see inside that rails) as opposed to on a schedule we can save money *and* make the lines safer at the same time.

1
0
streaky
Bronze badge

Re: Anybody from the IET News reading?

Given that many Network Rail employees are IET members (I know a few) I'd imagine it'd be a fair assumption that engineering on the railway related stories might be of interest. It's not exactly a huge leap :)

2
0

Virgin Media CUTS OFF weekend 'net surfers after embarrassing smut-filtering snafu

streaky
Bronze badge

"Find me an ISP with a comparable speed that *never* has such issues and I will swap to them today."

Hyperoptic 1000/1000. The only issue I've had is when my housemate didn't tell me they were doing maintenance at 4am and I couldn't play dota 2. Sad times.

0
0
streaky
Bronze badge

Re: Sounds Safe

By default you can't change the DNS servers that the Virgin 'Super' hub uses, you need to put it into modem mode and run your own router to change DNS

Why would you ever need to do that? Change it on the device. The fact that somebody changed DNS to get round the problem proves it isn't an issue when there is no problem. Ergo their babysitting service is worthless (at best).

0
0
streaky
Bronze badge

Re: What I never understood

Blocking inbound FTP/HTTP/RDP isn't going to reduce any sort of level of traffic, beyond a few attempts at the first step of the three way handshake. That doesn't even register. Most people's routers will do exactly the same thing anyways.

Not entirely sure what your argument is here.

1
0
streaky
Bronze badge

Sounds Safe

"By using a different DNS service, I was able to work around the problem."

Surely you're not suggesting that their filters can be completely bypassed by the thing that any 6 year old can do - use different resolvers.

Sounds wildly pointless and you shouldn't let virgin babysit your kids for you.

0
1

'Tech giants who encrypt comms are unwittingly aiding terrorists', claims ex-Home Sec Blunkett

streaky
Bronze badge

I pay attention.

Every time one of these guys speaks I increase key sizes and trim older ciphers and hash algos and increase the number of rounds of sha-512 on our one-way stuff (passwords and the like).

Still taking David? 4096 bit. Still talking? 8192 bit. Still talking? New GCHQ boss steps in. That'll be 16384 bit. Did you stop yet?

I'm happy to keep throwing CPU time at this problem until the clowns say, y'know, we were wrong and - sorry.

34
2

UN takeover of internet postponed indefinitely

streaky
Bronze badge

Re: Good and bad...

The problem isn't the UN it's that the ITU is controlled by Russia and China and they want to do scary things with it. Devil you know and all that applies in this case.

0
2

iBail: American Psycho actor Christian Bale rejects Steve Jobs role

streaky
Bronze badge

I think you guys missed my point slightly - if you're expecting a nice easy role with plenty of key demographic fan service which apple fanboys will love filled with plenty of red meat and it turns out to be something else you might have second thoughts. I'm only speculating here but I can imagine why - it might be scheduling or something, only Bale knows at this point the answer.

0
0
streaky
Bronze badge

"So... you're saying Jobs was a 'baddie'. Actors enjoy playing baddies, don't they?"

I'm not saying Jobs is anything, given his reputation I can't imagine how you could write Jobs as anything as a psychopath with a serious personality complex and possibly a messiah complex. There's a difference between playing a lovable baddie and.. modern day board room Hitler.

If I was an actor and wasn't aware of his history a stark look at it might give people cause for concern. Not that I have any reason to suspect Sorkin would write it like that, but knowing his work I wouldn't discount it.

My apple fan boy housemate and I do agree on one thing about this role though - it's an extremely difficult role to cast.

"For a look at Sorkin on a recent angry childish rant, take a look at "Studio 60" on YouTube"

You argument only works if people subscribe to your world view. I was involved in the effort to keep Studio 60 on air so lets assume I don't see it like you? Also Studio 60 was totally not recent. NBC thought they could fill their air with reality TV, and now nobody would work with them either way. But we might have been wrong, or not.

5
0
streaky
Bronze badge

Most actors would *kill* to work with Sorkin, I strongly doubt the issue is the script. Maybe they're finding out what sort of chap Jobs was :)

9
1

How Hollywood film-makers wove proper physics into Interstellar

streaky
Bronze badge

Re: 3hrs in IMAX?

At BFI which is one of the few legit IMAX cinemas (where the European premier was held last week) in the UK it'll be about 20 quid I'd think (rough usual price) - *and* worth every damn penny.

@intrigid, yes ^ - and also there's one in Manchester I believe but the BFI one is a nicer cinema :)

0
0

Cray-cray Met Office spaffs £97m on VERY AVERAGE HPC box

streaky
Bronze badge

Re: 16TFlops for £97m???

Yeah I actually changed my mind about this having read some more - their old kit is 140TFLOPS sooo.. In which case that's actually some serious business and everybody looks less silly.

Be nice if they could put out an accurate press release though given everybody is saying 16TFLOPS which is majorly different.

Still looks expensive compared to Tianhe-2 though :)

1
1
streaky
Bronze badge

Re: 16TFlops for £97m???

No, they mean TFLOPS. 16PFLOPS is world top 4 territory and not something the Met Office are buying.

3
4
streaky
Bronze badge

Re: 16TFlops for £97m???

My boss' words on the subject were "they can have my PC for a million if they want"

Whilst it's not only about the flops it does seem like they're overpaying by about £96 million to avoid a £500k software problem at face value.

But it's only taxpayer money so I'm sure it's fine.

Put it this way - for just over twice the price you can buy the world's most powerful supercomputer (Tianhe-2) at 55 PFLOPS (theoretical peak) before the downvotes start.

5
3

GET A ROOM, yells Facebook as it stumbles on IRC, slaps it in an app

streaky
Bronze badge

Facebook

Given how many of their employees crawl over freenode (see: technical staff) I distinctly doubt they just discovered it :)

1
0

Pay a tax on every gigabyte you download? Haha, that's too funny. But not to Hungarians

streaky
Bronze badge

"Before you say your ISP offers unlimited - it usually ain't if you want to use it full throttle."

Happily pound mine at the gige up/down I pay for - the issue isn't governments it's customers who accept bad service and/or live in the middle of nowhere. Generally the issue is services from *really bad* private ISPs some of which the government throws money at and nobody knows where it goes (anywhere but on providing better services - yacht funds/index-linked pensions I guess) (company will remain nameless because we all know full-well who it is).

0
0
streaky
Bronze badge

Two other words: civil war.

Could you imagine the government pulling this in the UK?

2
0

Facebook pays INFINITELY MORE UK corp tax than in 2012

streaky
Bronze badge

"A possible solution: Instead of a high corporate tax (25% or 30%) on profit, have a low (5%?) corporate tax based on income."

A possible solution: how about make them pay the tax they're supposed to pay by making them not juggle accounts to hide the money they're actually making.

0
0
streaky
Bronze badge

The problem isn't the tax system, it's that these international corporations are allowed to get away with massive misreporting of revenues, sales, profits and costs which leads to them not paying any tax. Cart/horse and whatnot. It's accounting law to blame to explicitly tax law, the accounting voodoo allows them not to pay tax.

The worst part of all this is if any companies are able to accurate identify where the money comes from and where it goes it's the mostly-online ones like google and facebook - they know where their advertising customers are from and they know the location of the users they're targeting (at an individual level, not just by sampling) so they should be held to a higher standard when they're filing accounts; not a lower one.

0
3

Edward who? GCHQ boss dodges Snowden topic during last speech

streaky
Bronze badge

Re: Mission Shift

"in the absence of any evidence to the contrary"

You'd have to completely not understand the medium *and* have been living under a rock for the last two years *and* be extraordinarily naive to reach that conclusion. They're hoovering up enough data for the whole argument to be nonsense.

Lets be clear here, of all the things that have been said about Snowden - nobody has ever said he's a liar or has fabricated anything.

9
0
streaky
Bronze badge

All I had on reading that was flashbacks of a postit note attributed to GCHQ staff with "Google no crypto - LOL" scrawled across it. Says everything we need to know about that sentiment really.

1
0
streaky
Bronze badge

Re: They truly think we're all idiots

The problem isn't secrecy, the problem isn't them back-dooring kit. The problem is the pervasiveness.

GCHQ is military intelligence, they probably shouldn't be so eager to go after civilians - criminal or otherwise but it's still besides the point. The point is if you have a communications security problem or think you will in the future you should be able to go to GCHQ for advice (and help) - I know of no network people who would chose to knowingly allow GCHQ staff within a million miles of their core routers or cables given the choice, if this isn't a major problem I don't know what is.

They talk about pedos found (cue obligatory Monkey Dust link) and attacks stopped, they can list the cases they've been involved with and in what way they actually helped without necessarily giving away the exact methods used - there's been no hint of any potential technical involvement in either attacks (I'd rather talk to Arbor frankly) or arresting people who have had inappropriate dealings with children in the public record so we have no way of assessing the rhetoric. Not that I'm saying it's impossible but there should be made public a list of this stuff somewhere so people can decide for themselves if GCHQ is a) targeting assets correctly and b) is fit for purpose. I personally would rather hear about the success they had in finding Bin Laden but we all know it was a tip-off that led to his capture/killing and the Americans dumped the guy who helped confirm his location in a Pakistani jail to rot.

Also not for nothing but oversight of a technical field requires technical competence and nobody in authority has any of that so we're all screwed on that front.

13
0

Space exploration is just so lame. NEW APPS are mankind's future

streaky
Bronze badge

Fusion.

Sad I missed that one. Fusion deniers are morons, it's a steady progress deal - we don't need to for war so can't throw military budgets at the problem - also makes the Manhattan project look like toddlers playing with duplo in terms of complexity and scope.

Not for nothing but the most advanced fusion reactor is in the UK not at LLL or MIT or some other nonsense. http://en.wikipedia.org/wiki/Joint_European_Torus

Cold fusion on the other hand..

0
0

YARR! Pirates walk the plank: DMCA magnets sink in Google results

streaky
Bronze badge

Re: I wonder if.....

You're not seriously suggesting that google give other people's sites a fair shot in rankings are you?

1
0
streaky
Bronze badge

Re: Not a problem - I prefer privacy

"either agents for the NSA or have poor security"

It's a bit of both* depending on what day of the week it is and which way the wind is blowing.

* It's that slide where GCHQ thought it was *hilarious* they weren't crypting traffic between their DCs that still gets to me.

0
0
streaky
Bronze badge

DMCA's and Google

I get maybe 1 legit DMCA/month for one of my sites actually sent to me, chilling effects lists thousands of pages from my site that were flung at Google and they neatly complied.

If you actually care about google placement this change is a legal and administrative *minefield* for them. If I started querying all the pages from my site [alone] that they have knocked out because of bullshit DMCA requests it'd keep somebody at Google in fulltime work for months.

Google are irrelevant though so who cares?

5
0

Marriott fined $600k for deliberate JAMMING of guests' Wi-Fi hotspots

streaky
Bronze badge

Re: curious how it works

Filter out any ssid that is yours. Look for auth to anything that's left. Fire deauth at that MAC.

EZPZ.

0
0
streaky
Bronze badge

Re: A small step in the right direction

"For instance in a business environment where people shouldn't be using their own Wi-Fi or plugging in unauthorised equipment in your buildings but do so anyway."

Yeah, no, there's legal ways to prevent outside signals. If your security policy is based on "no wifi" but doesn't account for other signals you're already screwed. This is not the way to do this - and as I mentioned somewhere up there ^ it's a jailable offence in the US and the UK.

"disabling wifi other than theirs *could* be considered protecting their service"

At best this is anticompetitive. If your service isn't a rip off and doesn't suck you shouldn't need this. If it does and you're jamming people, seriously..

0
0
streaky
Bronze badge

Re: Harvey's law

"The FCC will fine you and confiscate your equipment."

Strictly speaking you can do jail time for this in the US. Also in the UK.

I'd want to know who's smart idea it was and prosecute them accordingly.

Oddly enough I'm absolutely convinced (but have no proof) that something similar is done with 3G data around underground stations that aren't under ground around London, one day I'll take some kit with me.. Phone calls no problem, pushing data - good luck!

1
0
streaky
Bronze badge

Re: Harvey's law

"considering it's unsavoury usages far outweigh it's legally safe usages"

Yeah alright. Are you going to argue reasons not to go near black people next? It's a protocol, you'll allow it. Traffic volumes I can understand, because it's <x> protocol without knowing up front why is extremely obnoxious.

0
0

Page: