Feeds

* Posts by as2003

121 posts • joined 19 Aug 2010

Page:

China is now 99.8% sure you're you, thanks to world's-best facial recognition wares

as2003

"...from 91 angles."

Huh?

91 angles between 0 and 1deg? 91 angles between 0 and 180deg?

9
0

Yahoo! YUI! project! is! no! more!

as2003

What has node.js got to do with the demise of YUI? They serve entirely different purposes.

3
0

Will GCHQ furtle this El Reg readers' poll? Team Snowden suggests: Yes

as2003

Re: Financial Damage

So what happens when details of their activities escape and the world at large then loses faith in the products and services their country provides, and stops buying.

Do they then have to spy on themselves?

4
0

MONSTER COOKIES can nom nom nom ALL THE BLOGS

as2003

Re: Wrong inference?

Yes, good point. My mistake.

Anyway, it sounds like the behaviour needs to be better defined.

0
0
as2003

Although section 6.3 of RFC 2109 (written in 1997) is talking about the client-side, I think it's not unfair to infer that a server should be able to support requests with at least 300 x 4kb cookies.

In his test, Bogdan Calin uses 100 x 3k cookies.

6.3 Implementation Limits

Practical user agent implementations have limits on the number and size of cookies that they can store. In general, user agents' cookie support should have no fixed limits. They should strive to store as many frequently-used cookies as possible. Furthermore, general-use user agents should provide each of the following minimum capabilities individually, although not necessarily simultaneously:

  • at least 300 cookies
  • at least 4096 bytes per cookie (as measured by the size of the characters that comprise the cookie non-terminal in the syntax description of the Set-Cookie header)
  • at least 20 cookies per unique host or domain name

6.3.1 Denial of Service Attacks

User agents may choose to set an upper bound on the number of cookies to be stored from a given host or domain name or on the size of the cookie information. Otherwise a malicious server could attempt to flood a user agent with many cookies, or large cookies, on successive responses, which would force out cookies the user agent had received from other servers. However, the minima specified above should still be supported.

3
1

FAA shoots down delivery by drone plans

as2003

Why is the reason a craft is in the air important to the FAA? I.e. Why do they care if the nature is commercial or not? Genuinely interested.

0
0

Content control freaks are peddling futility, says iiNet

as2003

> The only way the government could stop this traffic would be to block all encrypted traffic

Shhh! Don't go putting ideas in their heads!

4
0

Appeal to again seek code for Australia's secret election software

as2003

360,000 lines of code to count votes?

Perhaps I'm being naive, but this seems grossly over the top. No doubt it had a commensurate price tag too.

1
0

Space station 'nauts will use URINE-FUELLED ESPRESSO MACHINE

as2003

I estimate that...

...sending 20kg by Falcon-9 to low Earth orbit (where the ISS resides) comes to about $80,000.

I also estimate that the cost of an espresso from that machine would be comparable to London prices.

4
0

Give us a slice or we BLURT all your users' topping preferences to the WORLD

as2003

> There's little evidence Rex Mundi's victims have paid up.

well, there wouldn't be. For all we know, a lot of people have paid up.

0
0

'CAPTAIN CYBORG': The wild-eyed prof behind 'machines have become human' claims

as2003

@ Lee D

I'm not quite sure what your point is here. You just seem to be indiscriminately pouring scorn on all aspects of the AI field.

Sure, it's proved to be a lot more difficult that anyone expected; it may not even be possible! But what would you have us do? Just give up?

Your bit about "every AI project I've seen tends to be a year or two old at the most - usually just long enough to write a paper, get your doctorate and then flee before someone asks you to do any more on it", is grossly disingenuous. You seem to be implying that the sum total of activity in the field of AI amounts to a handful of pre-doc students taking random pot-shots at the problem?!

0
0

Canon offers a cloud just for still photos, not anything else. Weird

as2003

Re: Marketing bollocks

> what's it doing new that Flickr doesn't?

Not fucking up and alienating vast swathes of users?

Just read the support forums to get a taste of what's wrong with Flickr.

0
0

TrueCrypt hooked to life support in Switzerland: 'It must not die' say pair

as2003

Re: CryptTrue

!FalseCrypt

7
0

Oh, wow. US Secret Service wants a Twitter sarcasm-spotter

as2003

I'll do it for free

def is_tweet_significant( text )

return false

end

30
0

FORGET OUR PAST, 12,000 Europeans implore Google

as2003

A few media outlets seem to be implying that 12,000 is a large number. I suspect Google get an order of magnitude greater sign ups per day.

5
1

Police at the door? Hit the PANIC button to erase your RAM

as2003

Re: This app will self destruct in 5 seconds...

Uh... what if the script is installed on the truecrypt volume that it unmounts, or the fully encrypted disk the OS is installed on?

2
0

Achtung! Use maths to smash the German tank problem – and your rival

as2003

Re: The tank used for the illustration ...

> This is not the first time that I've lamented that El Reg doesn't provide larger versions of the thumbnail images used in its lists of articles.

Here's the original

0
0

Game of Thrones written on brutal medieval word processor and OS

as2003

If he's into self-flagellation

...someone should point him towards LaTeX

11
3

Amazon granted patent for taking photos against a white background – seriously

as2003

How much does it cost to get a patent?

I'm going to patent "A method of applying for beyond-trivial, and/or blatantly common sense ideas, concepts and processes".

Then sue all the trolls.

13
0

Ye Bug List

as2003

Re: Embeded Flash YouTube

I missed your response, but I didn't miss a whole bunch of videos suddenly being visible in recent articles. Thanks!

Incidentally, I'm still being asked to install Adobe Flash Player on every page, but I believe that is due to the current set of adverts.

0
0
as2003

Embeded Flash YouTube

Not really a bug, but I don't have Flash installed which means none of the embeded youtube videos work because you're using the flash player.

I wouldn't mention it, except for the fact that I know you could use an HTML5 player.

For example, in the recent article on the PiPhone [1], I just see a big grey "plugin missing" box, but if I navigate to the source article [2] (where they are using the HTML5 player), it plays perfectly well.

[1] (http://www.theregister.co.uk/2014/04/28/chap_builds_mobe_based_on_raspberry_pi/)

[2] (http://www.davidhunt.ie/piphone-a-raspberry-pi-based-smartphone/)

Also, If I remember correctly, you're using some weird overlay which obscures the 'youtube' logo bottom right, thus making it impossible to click through to the video's page on youtube.

0
0

Web cams pointed into hot young star's 'Ring of Fire' down under

as2003

Re: And if you don't have flash installed... re. ABC News 24

I haven't watched it enough to form an opinion, but I have it on good authority that it's basically the Australian equivalent of BBC news. Make of that what you will.

0
0
as2003

And if you don't have flash installed...

Here are the direct links:

2014 Annular Solar Eclipse

29 April 2014: Partial Solar Eclipse -- live event, online!

Watch ABC News 24 Live

2
0

Google kills fake anti-virus app that hit No. 1 on Play charts

as2003

Someone with more spare time than me should do a statistical analysis of voting practices in Google Play to identify vote rigging. It's painfully obvious when it happens, and it seems to happen a lot.

With all their experience of battling spam, I don't see why Google seem to be turning a blind eye to this problem.

12
1

Drone 'hacked' to take out triathlete

as2003

Re: Occam's Razor

This seems far more likely. "New Error Photography" more like.

Either way, I'm curious to see the footage.

4
0

US to strengthen privacy rights for Euro bods' personal data transfers

as2003

Nice try

If these secret US agencies are perfectly happy to violate their own Constitution and then lie about it, what hope is there for this scrap of paper?

31
0

New WebCL toolkit hooks browser apps into GPUs – and that's not good news for Apple

as2003

Cue millions of websites (hacked or otherwise) becoming host to embedded bitcoin miners.

Perhaps not, but I do wonder how many zero-day hacks lie in wait for us.

6
2

WhatsApp chats not as secret as you think

as2003

Did anyone think WhatsApp was secure?!

They have a notoriously bad track record. Prior to August 2012, messages weren't even encrypted!

3
0

Microsoft to get in XP users' faces with one last warning

as2003

Hopefully this doesn't end up bricking swathes of ATMs across the globe

24
2

New Forum Wishlist - but read roadmap first

as2003

I'm sure this has been mentioned before, but up-voting and down-voting requires a complete reload of the site. This is *so* 1990's. Could you at least add one or two lines of javascript?

If you use the principles of graceful degradation then it doesn't even have to break anything. And it would really benefit the one or two of us who have these cutting edge browsers that support this new-fangled javascript.

Similarly, seeing as I'm being forced to log in every day, perhaps you could make that a less tedious task by throwing a bit of javascript at that?

Also, I don't see why a bunch of ideas have been ruled out because "they could be gamed". Entire websites have been (successfully) built around these ideas that can be "gamed".

I would also like to "+1" the suggestion of getting notifications when any post of mine has been responded to. It's a pain having to log in, open an article, click comments, click my posts, middle click a handful of my posts, ...and scroll.

All great apart from that!

1
0

Netflix coughs up to cruise on Comcast

as2003

> What, other than a channel Netflix doesn't hugely need, can Comcast offer beyond quality carriage?

Perhaps it's an exclusive deal. I.e. Netflix signed the contract with the understanding that YouTube and other video streaming services would not be offered similar deals and would continue to be throttled?

2
1

John McAfee declares war on Android

as2003

I guess it's no bad thing, raising the profile of permission overreach, but Android already presents all this information to the user when installing a new app. So I'm not sure what McAfee's proposal is bringing to the table.

Facebook finally got canned when a recent update decided that it now needed to access my text messages.

7
0

FBI offers $10,000 bounty for arrest of laser-wielding idiots

as2003

11 incidents per day?

Who has the time, perseverance, and steady hand required to cause 11 incidents a day?!

0
9

session time

as2003

Totally, agree. This is really annoying.

1
0

Ditch IE7 and we'll give you a FREE COMPUTER, says incautious US firm

as2003

Re: Rare pragmatic response

In this case, I don't think they've factored in the number of less-than-scrupulous users who will suddenly discover they have been using IE7 all this time.

4
1

Hey, Silk Road dealers: Looking for new life? Pay for a biz course with Bitcoin

as2003

Re: Bitcoins traceable for most users

I didn't say they *can* determine the source of funds, I said they *have more chance*.

0
0
as2003

> Cumbria University admitted it has no way of checking whether pupils had earned their virtual crypto currency by stealing, through botnets, by legitimate mining and trading, or via drug sales on Silk Road.

They have more chance of discovering the source of bitcoins than real money. They can trace back through every bitcoin transaction ever made. Try walking into a bank and asking where your client's payment came from.

Do universities check that traditional tuition payments haven't come from nefarious activities?

4
0

Rap for KitKat in crap app wrap trap flap: Android 4.4 is 'meant to work like that'

as2003

Whether or not I agree with Google's design decisions, I can usually see *why* they've done something.

I have no idea why they would do this. It seems everybody loses.

10
0

Sniff, sniff, what's that burning smell? Oh, it's Google's patent-filing office working flat out

as2003

don't be [caught doing] evil

6
0

Yahoo!, Summly to publish News Digest: An app for Generation-TL;DR

as2003

no Android version?

Nice to see Yahoo haven't lost their "unique" approach to business.

2
0

Cryptolocker copycat ransomware emerges – but an antidote is possible

as2003

Re: Spread the cost. @AC

You're right that revisions are deleted after 30 days (and Google counts those revisions against your total storage, but Dropbox doesn't), but CryptoLocker gives you three to four days to pay the ransom before deleting your files, so if you haven't noticed after 30 days then I suggest your files can't be that important.

0
0
as2003

Re: Spread the cost. @lorisarvendu

Not true. All the major cloud backup services (Dropbox, SkyDrive, Google Drive, etc) have implemented file versioning so you'd always be able to navigate back to a previous (unencrypted) version.

0
0

French gov used fake Google certificate to read its workers' traffic

as2003

Re: Techie question.... @Jamie

So if you sign your own certificate and someone navigates to your site, they'll see the usual "You're browsing on a secure connection, but we can't verify the identity of the site. Do you want to proceed?"

Someone sat between your users and your server could then strip out your SSL and re-encrypt traffic with their own self-signed certificate. You wouldn't have to dig deep to see the certificates were different, but if your end user is expecting to see that warning, then would they do that? I doubt it.

I suppose if you were able to convince a user to add you as a root certificate authority, then I guess you'd be more secure, as you suggest, but then how does your user know that initial connection hasn't been compromised and they aren't actually installing an attacker's certificate?

I don't think getting your certificate signed by a CA is detrimental to security, and only adds barriers to adversaries, especially to common or garden ones you're much more likely to encounter.

Again, correct me if I'm wrong...

1
0
as2003

Re: Techie question....

I'm not an expert, but I'm pretty sure this would make a MITM attack even easier.

A man-in-the-middle would be able to strip out your certificate and add their own, which now wouldn't even need to have a chain of trust, it could just be any old certificate.

0
0
as2003

Technical question?

If some adversary (criminal, governmental or other), employs this MITM technique, then the end user will still see the green padlock in their browser but if they inspect the chain of certificates, they should notice that the certificates involved are not the usual ones, no?

Are there any browser plugins that can warn about unexpected (but apparently legitimate) chains of certificates? Perhaps checking against previous experience and/or some independent database?

0
0

TPP leak: US babies following bathwater down the drain

as2003

Re: P=Partner, not Parent.

> that strength is decreasing rapidly and they won't get taken seriously much longer.

[citation needed]

4
10

FTC torches Android flashlight app for spying on users

as2003

Glad they are getting shut down

But why would anyone install a flashlight app that required the "Location" permission, (and full network access presumably)?

Fully agree with M Gales' post above.

9
1

US puts Assange charge in too-hard basket - report

as2003

Oh really?

Is this like that time President Obama said "we're not going to scramble jets to catch a thirty year old hacker", then grounded the Bolivian President's jet on the basis of a rumor?

30
1

Angela Merkel's phone was being listened in on by FIVE foreign powers

as2003

Re: Well Well

Meanwhile, we are getting outraged and vocal about one of our diplomatic bags getting opened in Gibraltar. Hypocritical much?

0
0

Page: