Bad CMS! Bad!
Your CMS is cropping out the two things the entire article is about.
Here's a link to the uncropped image which shows the offending tape over the camera and the two microphone holes that can be found on the side.
167 posts • joined 19 Aug 2010
> To view the webinar, which is streaming now for you to watch at your leisure, click here.
... ERROR 404: Sorry, this page doesn't exist!
I wonder too.
If they begin blocking known VPN endpoints, that'll only be partially successful because I can still VPN to my brother's apartment in Manhattan. And existing commercial solutions will inevitably adapt too.
Locking the catalogue to the country the account is registered to would be the other option, but what happens when you then travel abroad?
> It is expressive, fast (yes, really), powerful, scaleable and easy/pleasant to code. ... It's biggest issue was the organisation of large scale project code
It's powerful? What does that even mean? Any language that's Turing complete is "powerful".
Yes, it's scalable, and yes it's easy to get started in because it's so basic, but pleasant to program in? If you want a language that's pleasant to program, you'll find Ruby, Python or Perl a lot more fun.
Maybe Lyft did steal the data, maybe they didn't, but I think it's a stretch to imply Lyft's CTO did anything wrong.
If I was CTO of Lyft, and I read the news that Uber had put their codebase on GitHub, of course the first thing I'm going to do is git clone that repo. It would almost be remiss of him not to. It's quite possible he picked through the code and didn't even realise the database key was in there.
Correct! I am down under right now.
I noticed a fresh story filled the headline spot this morning, so whatever you did seems to have worked.
Back to "D-Link spilled its private key onto the web" this morning. I read it weeks ago and yet it lingers like an unwanted guest.
Looks like you've implemented some algorithm to decide which story gets the headline position on the main landing page.
Right now I'm seeing either D-Link spilled its private key onto the web – letting malware dress up as Windows apps or BOFH: Press 1. Press 2. Press whatever you damn well LIKE. It seems to randomly alternate between the two.
The problem is that both these stories were published on the 18th. 12 days ago.
When I load El Reg, I'm left wondering if there some aggressive caching going on somewhere along the line (its not), or there has been nothing to publish in the last 12 days, or the register has gone under and disbanded its staff leaving only this semi-sentient website behind.
Whatever the case, the front page looks stale.
It's not really a "vulnerability" in Android if: you have to manually enable installation of unverified 3rd party software, then ignore the blatant red flag that says "this app requires access to your camera".
> Really? Then why are we having this discussion seven years later? Not everyone jumped just because Jobs said 'jump'.
Obviously we're arguing semantics here, so let me re-phrase and explain a bit further.
There were plenty of reasons to drop Flash; the constant security issues, the poor performance, the terrible UX, but I'm arguing that the single biggest blow to the success of flash was when iPhones were shipped with support for Flash, and Steve Jobs indicated there never would be.
If you've worked in tech over the last decade, you'll have noticed that a very significant number of your colleagues have been using iPhones and other iProducts. When iPhones were shipped with flash, suddenly web developers were compelled to make websites that worked without Flash. And if they worked without flash then there was no need to use Flash in the desktop version of your website.
Any ecommerce website that popped a polite "This site requires flash" notice silently lost business. CEO's with new iPads were calling up their CTOs, demanding to know why the website was broken.
We are still having this discussion seven years later because when I say a technology "died", I'm not implying that it literally died over night and disappeared. It'll just slowly fade away. At 15 frames per second.
I'm surprised flash has persisted this long. It died the day Steve Jobs decided iPhones and iPads weren't going to run it, (around 2008?).
I doubt encryption is a major concern of theirs. Especially when they'll have a library of zero-days for every major OS, many popular apps, programmes and firmware. And why use your valuable zero-days when you can just coerce Google/Apple/Microsoft/etc to just hand you the keys to the front door?
Time for some investigative journalism...
Ok, I'm in!
Pretty tempted to come along for the ride
What are your sources? This is worse than the time The Times published that piece claiming Russia and China had obtained and decrypted the files Snowden stole. At least The Times attributed the story to anonymous "senior government sources".
Ohio is a "one-party consent" state, so this ruling seems to be in line with that.
Presumably the "two-party consent" states like Florida, would have ruled in favour of the prosecution.
> And some of us actually don't enjoy sitting in front of a computer any more than we need to.
...says the guy who has been commenting on the Register since 2010 ;P
I don't blame you for being cynical, but it sounds like you're suggesting we just give up and hand all our rights and privacy over to the government.
I'm glad there are people more passionate about their civil rights than you; people who are willing to fight for them. Maybe they will fail, maybe they wont. But at least they are trying. At least they are doing something.
Both the NSA and GCHQ keep saying "we fully comply with the law".
I suppose this stonewalling is supposed to placate and/or reassure us, but to me, all this says is either they are lying, or the law is horribly broken. Both of which are deeply troubling scenarios.
Flash was a workaround made for a bygone era. We don't need it now, and seeking to prolong its demise just seems cruel.
Joking aside, flash is an accessibility nightmare, it's a security nightmare, it's a nightmare for web crawlers and website indexers and it's a nightmare for underpowered computers. Project Shumway only solves one of these problems.
The most egregious parts are under the "Dielectric-Bias System", which claims: "All insulation slows down the signal on the conductor inside" and "when insulation is unbiased, it slows down parts of the signal differently, a big problem for very time-sensitive multi-octave audio".
Ignoring the offensively ignorant implication that audio data is transmitted in analogue form, is there any truth to their assertion?
> After 28 years, MACHINES find Wally
> Python and genetic algorithm spot stripey-shirted cartoon fugitive in a jiffy
No. You're implying his algorithms found Wally, when in fact he already had all the locations of Wally. His algorithms just found a reasonably short path between the locations Wally has previously appeared - the classic Travelling Salesman problem.
How do they know it's the film or the book that's being referenced? Pretty sure when people refer to a "Catch-22", they are thinking of the book and not the 1970 film adaptation.
Even if the attacks did originate from North Korea, no one is discussing whether it was the work of a bunch of script kiddies or a state-sponsored group. I pretty important distinction when you're deciding to sanction a country, one would think.
Ignore these luddites; the reg has been due a makeover for a very long time.
I applaud the move in the right direction, but you still have a long way to go.
You may have moved a few deckchairs around, and administered a lick of paint here and there, but you have some serious flaws in functionality. The most obvious of which is the inability to get any notification that your comment has received a response. With user engagement comes page-views. You're pissing free money up the wall.
And for the love of god please hire a professional graphic designer.
That video was painfully dull. I kept waiting for some kind of content.
How the hell is Sliverlight even in the list, let alone #1?! I can't think of a single website that even uses Sliverlight*.
(*Netflix was the only one that sprang to mind, but apparently they ditched it earlier this year)
Were you reading another article?
> Not only that, but professor Kara also reckons once a robot's learned its way around a screen, it only needs a couple of minutes to disassemble it.
Furthermore where are you getting "spend years and millions" from? It's not mentioned in the article or the press release how long they have been working on this, nor how much it cost. More to the point, who cares? It's their money and time to do do with as they wish.
And yes, it's progress. Do you honestly expect the first iteration of an autonomous machine-learning disassembly robot is going to be perfect?
A little explanation of what DoxBin is/was would be nice, and also some comment on why this guy claims he won't be going to prison would interesting.
Not only is this old news; as far as I can tell, this security researcher is just running 'hashclash' to look for the collisions. A program that has existed since 2009. Not sure why this story is making so many headlines.
* Verizon are inserting unique identifier token headers (UIDH) into mobile traffic, regardless of whether you opted out or not.
> Links to the doctored story were sent to the MySpace account of a suspect
So they knew the details of his Myspace account. Why didn't they just subpoena Myspace for the user's IP address, like they normally do? Why go to all this effort?
Wouldn't this 'FixIt' program be signed too? (And if not, it would be trivial to do so).
Regardless, this MITM attack isn't exclusive to TOR, it's just as feasible to do with with regular internet.
Furthermore, I wasn't aware that you can mark exit nodes as "BadExit". That's a pretty cool feature; one that doesn't appear in the regular internet.
The story implies that TOR is dangerous - but as far as I can tell, it's actually safer than regular internet.
Remember to pay for your ticket with cash
I'm in Australia so that probably affects what I see.
It seems that 2/3 of page loads on El Reg now show me adverts for Thaimatches dot com, featuring a particularly be-cleavaged young lass.
It's not my place to dictate how you bring in the dollars, but I can't help feeling they are inappropriate for the register, in terms of content as well as aesthetics.
Just my two cents.
What a bizarre reaction!
Look at it another way: Who *should* decide how a website looks? The person who owns and pays for it, or Steve Graham?
> and uses AES-256 encryption to protect stored files
Doesn't really make any difference if a) the attacker can walk in through the front door with the correct credentials, or b) three letter agencies can just stroll in through the back door with the decryption key
Not that I want to discourage any steps towards security. But it feels more like they are waving around buzzwords in the hope of giving some false sense of security.
Sad but true.
It always sets alarm bells ringing when there are arbitrary limits on password length. It implies that passwords aren't being hashed behind the scenes.
> Not our overlay
> This is a Bloomberg video
Sorry, yes, I was actually referring to the youtube videos that appear in other articles.
> I think the video tag was fixed a while ago.
In the article I mentioned? Curiously it still appears broken to me in Chromium 37.0 (in both Ubuntu 14.04 and Windows 7)
Something very strange going on in this article:
Looks like an </object> tag is missing.
And while I'm here, can I ask what the justification for the Register overlay on youtube videos is? It's mildly irritating that I can't close adverts and popups in the videos, and the link to the video's page on youtube is not working.
91 angles between 0 and 1deg? 91 angles between 0 and 180deg?
What has node.js got to do with the demise of YUI? They serve entirely different purposes.
So what happens when details of their activities escape and the world at large then loses faith in the products and services their country provides, and stops buying.
Do they then have to spy on themselves?