Feeds

* Posts by as2003

97 posts • joined 19 Aug 2010

Page:

Google kills fake anti-virus app that hit No. 1 on Play charts

as2003

Someone with more spare time than me should do a statistical analysis of voting practices in Google Play to identify vote rigging. It's painfully obvious when it happens, and it seems to happen a lot.

With all their experience of battling spam, I don't see why Google seem to be turning a blind eye to this problem.

12
1

Drone 'hacked' to take out triathlete

as2003

Re: Occam's Razor

This seems far more likely. "New Error Photography" more like.

Either way, I'm curious to see the footage.

4
0

US to strengthen privacy rights for Euro bods' personal data transfers

as2003

Nice try

If these secret US agencies are perfectly happy to violate their own Constitution and then lie about it, what hope is there for this scrap of paper?

31
0

New WebCL toolkit hooks browser apps into GPUs – and that's not good news for Apple

as2003

Cue millions of websites (hacked or otherwise) becoming host to embedded bitcoin miners.

Perhaps not, but I do wonder how many zero-day hacks lie in wait for us.

6
2

WhatsApp chats not as secret as you think

as2003

Did anyone think WhatsApp was secure?!

They have a notoriously bad track record. Prior to August 2012, messages weren't even encrypted!

3
0

Microsoft to get in XP users' faces with one last warning

as2003

Hopefully this doesn't end up bricking swathes of ATMs across the globe

24
2

New Forum Wishlist - but read roadmap first

as2003

I'm sure this has been mentioned before, but up-voting and down-voting requires a complete reload of the site. This is *so* 1990's. Could you at least add one or two lines of javascript?

If you use the principles of graceful degradation then it doesn't even have to break anything. And it would really benefit the one or two of us who have these cutting edge browsers that support this new-fangled javascript.

Similarly, seeing as I'm being forced to log in every day, perhaps you could make that a less tedious task by throwing a bit of javascript at that?

Also, I don't see why a bunch of ideas have been ruled out because "they could be gamed". Entire websites have been (successfully) built around these ideas that can be "gamed".

I would also like to "+1" the suggestion of getting notifications when any post of mine has been responded to. It's a pain having to log in, open an article, click comments, click my posts, middle click a handful of my posts, ...and scroll.

All great apart from that!

1
0

Netflix coughs up to cruise on Comcast

as2003

> What, other than a channel Netflix doesn't hugely need, can Comcast offer beyond quality carriage?

Perhaps it's an exclusive deal. I.e. Netflix signed the contract with the understanding that YouTube and other video streaming services would not be offered similar deals and would continue to be throttled?

2
1

John McAfee declares war on Android

as2003

I guess it's no bad thing, raising the profile of permission overreach, but Android already presents all this information to the user when installing a new app. So I'm not sure what McAfee's proposal is bringing to the table.

Facebook finally got canned when a recent update decided that it now needed to access my text messages.

7
0

FBI offers $10,000 bounty for arrest of laser-wielding idiots

as2003

11 incidents per day?

Who has the time, perseverance, and steady hand required to cause 11 incidents a day?!

0
9

session time

as2003

Totally, agree. This is really annoying.

1
0

Ditch IE7 and we'll give you a FREE COMPUTER, says incautious US firm

as2003

Re: Rare pragmatic response

In this case, I don't think they've factored in the number of less-than-scrupulous users who will suddenly discover they have been using IE7 all this time.

4
1

Hey, Silk Road dealers: Looking for new life? Pay for a biz course with Bitcoin

as2003

Re: Bitcoins traceable for most users

I didn't say they *can* determine the source of funds, I said they *have more chance*.

0
0
as2003

> Cumbria University admitted it has no way of checking whether pupils had earned their virtual crypto currency by stealing, through botnets, by legitimate mining and trading, or via drug sales on Silk Road.

They have more chance of discovering the source of bitcoins than real money. They can trace back through every bitcoin transaction ever made. Try walking into a bank and asking where your client's payment came from.

Do universities check that traditional tuition payments haven't come from nefarious activities?

4
0

Rap for KitKat in crap app wrap trap flap: Android 4.4 is 'meant to work like that'

as2003

Whether or not I agree with Google's design decisions, I can usually see *why* they've done something.

I have no idea why they would do this. It seems everybody loses.

10
0

Sniff, sniff, what's that burning smell? Oh, it's Google's patent-filing office working flat out

as2003

don't be [caught doing] evil

6
0

Yahoo!, Summly to publish News Digest: An app for Generation-TL;DR

as2003

no Android version?

Nice to see Yahoo haven't lost their "unique" approach to business.

2
0

Cryptolocker copycat ransomware emerges – but an antidote is possible

as2003

Re: Spread the cost. @AC

You're right that revisions are deleted after 30 days (and Google counts those revisions against your total storage, but Dropbox doesn't), but CryptoLocker gives you three to four days to pay the ransom before deleting your files, so if you haven't noticed after 30 days then I suggest your files can't be that important.

0
0
as2003

Re: Spread the cost. @lorisarvendu

Not true. All the major cloud backup services (Dropbox, SkyDrive, Google Drive, etc) have implemented file versioning so you'd always be able to navigate back to a previous (unencrypted) version.

0
0

French gov used fake Google certificate to read its workers' traffic

as2003

Re: Techie question.... @Jamie

So if you sign your own certificate and someone navigates to your site, they'll see the usual "You're browsing on a secure connection, but we can't verify the identity of the site. Do you want to proceed?"

Someone sat between your users and your server could then strip out your SSL and re-encrypt traffic with their own self-signed certificate. You wouldn't have to dig deep to see the certificates were different, but if your end user is expecting to see that warning, then would they do that? I doubt it.

I suppose if you were able to convince a user to add you as a root certificate authority, then I guess you'd be more secure, as you suggest, but then how does your user know that initial connection hasn't been compromised and they aren't actually installing an attacker's certificate?

I don't think getting your certificate signed by a CA is detrimental to security, and only adds barriers to adversaries, especially to common or garden ones you're much more likely to encounter.

Again, correct me if I'm wrong...

1
0
as2003

Re: Techie question....

I'm not an expert, but I'm pretty sure this would make a MITM attack even easier.

A man-in-the-middle would be able to strip out your certificate and add their own, which now wouldn't even need to have a chain of trust, it could just be any old certificate.

0
0
as2003

Technical question?

If some adversary (criminal, governmental or other), employs this MITM technique, then the end user will still see the green padlock in their browser but if they inspect the chain of certificates, they should notice that the certificates involved are not the usual ones, no?

Are there any browser plugins that can warn about unexpected (but apparently legitimate) chains of certificates? Perhaps checking against previous experience and/or some independent database?

0
0

TPP leak: US babies following bathwater down the drain

as2003

Re: P=Partner, not Parent.

> that strength is decreasing rapidly and they won't get taken seriously much longer.

[citation needed]

4
10

FTC torches Android flashlight app for spying on users

as2003

Glad they are getting shut down

But why would anyone install a flashlight app that required the "Location" permission, (and full network access presumably)?

Fully agree with M Gales' post above.

9
1

US puts Assange charge in too-hard basket - report

as2003

Oh really?

Is this like that time President Obama said "we're not going to scramble jets to catch a thirty year old hacker", then grounded the Bolivian President's jet on the basis of a rumor?

30
1

Angela Merkel's phone was being listened in on by FIVE foreign powers

as2003

Re: Well Well

Meanwhile, we are getting outraged and vocal about one of our diplomatic bags getting opened in Gibraltar. Hypocritical much?

0
0

Microsoft bans XXXXBOX gamers for CURSING in online combat

as2003

Technology?

Are they using automatic voice recognition, or are they doing this manually / relying on community members to flag stuff up?

0
0

Brit boffin brews INSTANT HANGOVER RELIEF

as2003

Good luck to him, but does he not remember how he was dismissed from his government position as drugs policy advisor? Of all people, his "hopes the UK government can set that to rights" seem a bit optimistic.

9
0

GCHQ hijacked LinkedIn profiles to hack Belgian telecoms network – report

as2003

Am I going to get hacked if I click that link?

Do you work for NSA/GCHQ?

1
0

Google scrambles to block backdoors

as2003

I really don't understand this move

Surely the only people who understand the implications of this would also understand how futile it would be?

8
0

Anatomy of a killer bug: How just 5 characters can murder iPhone, Mac apps

as2003

Re: MWN?

Agreed. Really good to see an article like this on el Reg.

Unicode is notoriously difficult to get right, so I have sympathy for the Apple developer w̻̔̽ͯ̄͒́̎ͅh̻̰̭̗̣̪̩͗̎ͯͣ͆̓o̬̱͚̟̹͉ͦͥ̔̈́̓ͨ͋ ͤͤg̭̩̲̍͐ͣ̈́̆͗ͅͅǫ̐ͥͬͣ̀̿̂t͚̤̙̠̫̐̌̾̉̽ ̫̳̫̈̅̍͗̑ṱ̴͎̲͇̯͉̖̊ͤ̈͐ͬḧ̤̳̭̠͉̱͌ͬ͞i̜̺͓̞̳̓̉̓ş͔̩̲͙̤̺ͬ̆̉̂ ̲̭̍̑̉̉̄̆ͫ͞wͬr̛͖̭͎͉̪ͬ͂ͩͥ̚o̢̰͉͙͇͖ṅ̌g҉̫͕̺

3
0

Xerox begins rolling out patches for jumbled-numbers copier glitch

as2003

Thanks for the explanation. Baffling that they decided to take that route for the sake of a few hundred kilobytes.

It sounds like it could be the bizarre brain-child of an eccentric but senior engineer at Xerox. And it's worked well enough until now that no one could be bothered to tell him what a pile of over-engineered crap the idea was.

1
0
as2003
Paris Hilton

I still don't fully understand this.

If it's faulty OCR, why does the copy look such poor quality?

If it's not using OCR, how how the digit get flipped?

0
0

Screw you, Brits, says Google: We are ABOVE UK privacy law

as2003

So Google isn't subject to British laws, but BP (and Deepwater Horizon) is subject to American laws?

30
0

Magnets too slow for disk writes? Use lasers

as2003

Re: Haven't we had read/write laser disks for close to a couple decades?

You're either referring to magneto-optical disks (e.g. MiniDisc) which still use a magnetic write head to change the polarity of a substance heated by a laser, or you're referring to ReWriteable CDs which rely on dyes that change opacity depending on the temperatures they are heated to (i.e. not magnetic).

If my understanding is correct, this new process is completely different; uses only lasers and is orders of magnitude faster.

4
0

Silent Circle shutters email service

as2003

I think they are more concerned about the endpoints than the transport.

2
0

Ubuntu puts forums back online, reveals autopsy of a brag hacker

as2003

Re: The curious part of me wants to know....

(If my understanding is correct:) Technically, this wasn't XSS. XSS means "cross-site scripting", and there was no "cross-site" element involved in this attack. The attacker embedded javascript directly in the announcement he posted and directed the other moderators to. I.e., the script was served from the same server as the website and the cookies, and hence wouldn't (and couldn't) have triggered any XSS protections.

0
0

Android 'Master Key' DEMON APPS sniffed out in China

as2003

Re: At the rish of being downvoted into Oblivion

Just as an addendum to the above; comparing Windows to Linux a decade ago would lead you to a very different conclusion regarding the security of open vs. closed systems.

Would I be out of line to suggest that it's fairly foolhardy to claim 'closed' is inherently secure than 'open', on the basis of a single piece of anecdotal evidence?

1
0

Former CIA and NSA head says Huawei spies for China

as2003

How is the NSA so certain Huawei is feeding intel back to the Chinese government? Because they intercepted the emails.

21
0

Why you backed Vulture South's crowdfunded capers

as2003

That link again is: http://www.pozible.com/project/26539/

(Would be better placed in the article though).

0
0

MoD and tech, arms giants start super-duper cyber fight club

as2003

Does anyone outside of the government use the word "cyber"?

0
0

Using encryption? That means the US spooks have you on file

as2003

Re: Steganography?

Plot twist: storage manufacturers have been spent years emailing terabytes of "encrypted" data around, lacing the meta-data with trigger words. NSA was forced splash out on multi-million dollar data warehouses to accommodate this suspect "chatter".

1
1

Microsoft links Skype to Lync

as2003

They should call it Lyp Sync

5
0

Australia's de-facto net filter has ZERO regulation

as2003

s311 != s313

"Senator Conroy told Estimates that the government will set in train a process to improve the transparency surrounding the use of s311"

Sleight of hand on the senator's behalf, or typo?

0
0

My, my Pi, did it spy ya? Bye, bye Pi, did it go higher?

as2003

Why do the balloons burst? Is it because atmospheric pressure drops and the balloons expand too much, or the low temperature causes the rubber to become brittle? Or a combination maybe?

0
0

Big Data is bovine excrement says Obama's Big Data man

as2003

Re: First of all ...

Cool story, bro.

It's not that people don't know, it's that they don't care. And why would they? Most people see a few targeted ads as a perfectly adequate price for using google/youtube/etc.

2
3

China's 'human flesh search' hunts down teen vandal

as2003
Meh

yes

6
1

Tea, Earl Grey, hot! NASA blows $125k on Star Trek 3D FOOD PRINTER

as2003

Re: Flavors

oh, and you have to wait 3 hours for each biscuit to be printed.

1
1

Badges for Commentards

as2003

Ok, so the badges thing has been running for a while now. My thoughts on the system? Aiming for these medals seems to have prompted certain commentards into a frenzy of just spamming useless comments on every story published. I think it would be much better to reward the *quality* of the posts, rather than the *quantity*, (or at least some kind of hybrid). You already have the metrics to do this.

For starters, can you just remove medals from people who predominantly get down-voted?

1
2

Yahoo! May! Buy! Tumblr! For! One! BEELLION! Bucks!

as2003

Oh man, yahoo is just a grave yard of once-promising projects.

I bet anyone with an interest in tumblr failing are rubbing their hands in glee right now.

10
1

Page: