Feeds

* Posts by Rob Carriere

157 posts • joined 17 Nov 2010

Page:

Plug and PREY: Hackers reprogram USB drives to silently infect PCs

Rob Carriere

Re: I call semi-bollocks

Gotes said:

"Could be a bit annoying when you've just plugged in a keyboard and have no other means of responding to the prompt."

Er, yes. One of the reasons I've never quite gotten the big rush to make keyboards USB. (Yeah, I know, standard connector is 0.3 cents cheaper). The things need exceptional handling in a number of places and this is one of them.

Still, as someone below has already suggested, you can pop up a passcode on the screen and require it to be input. Combine that with serial number lock-in for known good keyboards and you're good to go.

Alternatively, dedicate a USB port to the keyboard and only ask questions if a keyboard is plugged into another port. This should serve most desktops well. A laptop already has a built-in keyboard, so you have a channel to answer the popup. That in combination with a serial number lock should minimize the fuss on most laptops.

0
0
Rob Carriere

Re: I call semi-bollocks

I suppose the non-sensitive machine still works (doesn't really matter whether it gets pwned by a malicious document or a malicious drive -- you were prepared for it to get pwned)

But, yeah. Nasty.

How hard would be to modify the OS so it pops up a notice, "The device you just inserted wants to register as mass storage, a keyboard, and a network card. Which of these functions do you want to allow?"

8
0

NEW, SINISTER web tracking tech fingerprints your computer by making it draw

Rob Carriere

Re: Surely this is illegal under Computer Abuse and Data Protection laws?

I'm guessing that would depend on your jurisdiction.

The Dutch anti-tracking law, for example, specifically states that it is the act of tracking that is being legislated, not any specific technology used for that purpose. So as far as I understand it, you'd be perfectly welcome to use these techniques instead of cookies as long as you only use them for purposes for which cookies would be allowed (that is, to implement essential functionality of the site, such as login; to gather anonymized usage statistics of the site; or to do anything else for which I have given explicit and informed consent.)

0
0

LOHAN seeks stirring motto for spaceplane mission patch

Rob Carriere

To Boldly Fly where Mighty Orbs Go Bust.

0
0

Facebook: Yes, we made you SAD on PURPOSE... for your own good

Rob Carriere

> Here's a link for anyone interested:

> https://diasporafoundation.org/

Thanks. That looks interesting.

0
0
Rob Carriere

It'd be interesting to think through how hard it would be to do a purely peer-to-peer facebook alternative. Kill the vampire in the middle, so to speak.

3
0

Surprise Android 'KitKat' update fixes nasty OpenSSL vuln

Rob Carriere

Most Android devices suffer from a double MitM attack (Manufacturer in the Middle).

As far as I know, there are two ways to avoid that. First, buy your device, don't get it via a carrier plan. That gets rid of the one middleman. For the other, either get one of the Nexus devices, or install Cyanogenmod.

8
0

Tennessee bloke cuffed for attempting to shag ATM – police

Rob Carriere

Re: Perhaps he misread it

At least it was in the US. Otherwise he might have expected to get chips with his pin.

0
0

BEAM ME UP SCOTTY: Boffins to turn PURE LIGHT into MATTER

Rob Carriere

Re: Get your tin-foil hats here -- at these prices I'm cutting my own throat

Yup, the article talks about electron-positron pairs. The positrons would be the anti-matter bits.

So, to add to your fine list: possibility of making a hole to another dimension from which robots with positronic brains emerge. No matter what orders we shout at them, they shut down the facility, because it is dangerous to poor befuddled humans.

8
0

Adobe blames 'maintenance failure' for 27-hour outage

Rob Carriere

...wake up with a gigantic omelette on its corporate face.

So they have omelet for breakfast. No biggie to them.

The critical thing here is that they have a captive audience. People will write angry tweets, blogs and what have you and they will keep paying Adobe. Unless and until somebody writes a viable alternative to CS, they have no choice but to keep paying Adobe.

5
0

Europe's shock Google privacy ruling: The end of history? Don't be daft

Rob Carriere

Andrew, thank you

for being a sane voice in a howling storm.

6
4

Our Reg reader 'mutt's nuts' dictionary is le chien's biens

Rob Carriere

Dutch

In Dutch you'd get either 'de hond zijn ballen' or 'de hond zijn kloten', but that wouldn't normally be used as an expression of praise. Once upon a time, there were some people who were using 'de tieten van Jezus' (the tits of Jesus) in a similar way, but it's been decades since I last heard that one.

1
0
Rob Carriere

Re: This article does feature my favourite (and only) welsh word

Makes sense to me. The stuff inside goes 'popty' and then the microwave says 'ping'.

4
0

Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...

Rob Carriere

I think we're partly talking past each other. I completely agree that most of the time, search is inconvenient for file access and the few times it is convenient, it's either because I or a a colleague messed up and something wasn't filed where it belonged or because I'm trying to make sense of a project I'm not familiar with. (And then I'm usually using find and/or grep, not the Unity file search.)

Where I find search to be superior to menus is in program startup and occasionally as a replacement for deep menu navigation. This is a very fast way to get to programs I don't use frequently enough to pin. So, windows key;c;a;enter and Calibre starts up. Windows key;g;enter and gjiten is there and so on.

Things that I do use frequently enough to pin are even faster. WIndows key + 7 and emacs is up. Still other stuff I fire up from a shell; xdg-open foo.pdf and so on. The whole system works well enough I don't need much pinned. (nautilus, firefox, write, calc, settings, shell, emacs, xpad -- and the write should actually be removed, I hardly ever fire that up from the bar.)

I agree that discoverability isn't as good as a classical menu system. I don't care, that's startup costs. I use computers intensively and startup costs are negligible compared to the total, so the relevant criterion to me is the speed I can eventually reach. And between fast application access and not having to drag windows around, I think Unity saves me an hour every week.

That's not for everybody of course. Somebody who spends their time in Gimp is going to be using the mouse far more often than I do. Even office software has many features that are easier with the mouse than the keyboard. So, no I'm not claiming this is a universal solution; I'm certainly not saying that everybody should switch. I am saying that it works for me and that works amazingly well for me.

3
1
Rob Carriere

Re: The fixation with 'serarch' for everything

Why search for everything? Because it fits well with a keyboard-centric way of working. Unity is pretty meh unless you're a keyboard freak, then it effortlessly outstrips everything else out there.

The funny bit about Unity is that it will work reasonably well for a beginner (no clutter to get lost in) and it shines for the experienced keyboarder. The ground between beginner and expert and the ground for mouse-based experts is left, well, not bare, but certainly not covered by anything very inspiring either.

5
5

Commonwealth Bank in comedy Heartbleed blog FAIL

Rob Carriere

Re: Foot, meet bullet

All it says is that any coffee they happen to serve will not contain rat-droppings...

6
0

It's 2014 and you can pwn a PC by opening a .RTF in Word, Outlook

Rob Carriere

Oh, I agree. Some days you're a little slow, you say. Well, some days, I pun poorly. So there. 'Tis the nature of me, especially before the coffee...

0
0
Rob Carriere

I love LaTeX and use it a lot, but...

TeX is a programming language. .tex files, including LaTeX ones, are executable content. If you blindly process a .tex I send you, I can read from and write to everywhere in the file system you have access.

7
0
Rob Carriere
Happy

I'm aware of the history of at least two file formats called RTF, both going back several decades. In this case, I was doing simple acronym punnery.

3
1
Rob Carriere
Coat

I've always thought Rich Text Format was misnamed.

It should have been Windows Text Format.

14
3

iPhone 6 FEELS your heat, wetness... and it'll TELL Apple – report

Rob Carriere

Re: Tinfoil hat

But at least it is a stylish cop, right?

3
0

Distro diaspora: Four flavours of Ubuntu unpacked

Rob Carriere

Re: I don't get it

I'd agree with you, except I ran KDE and Gnome 2 in parallel that way for a year or two and every last single update caused trouble that required console-jockeying to resolve -- making this Not Recommended for anybody who isn't a console jockey. I swear they forbid their QA to test setups like that.

1
0

Prez Obama cyber-guru: Think your data is safe in an EU cloud? The NSA will raid your servers

Rob Carriere

"The United States government has to get out of the business – if it were ever in the business – has to get out of the business of fucking with encryption standards," Clarke said.

No, Mr. Clarke. The United States government would have to be seen and believed to have gotten out of that business. Regardless of your political stance on the whole matter, that is going to be a Herculean task in the current environment.

5
0

JavaScript is everywhere. So are we all OK with that?

Rob Carriere

Re: "too expressive in some ways, with features like closures..."

Yes, but it takes a programmer to understand that and the speaker being quoted was an analyst.

10
0

Chrome lets websites secretly record you?! Google says no, but...

Rob Carriere

Re: An OS function?

True. OTOH, I usually expect/want exactly zero of these sites to use the mic or cam. Clicking OK for the one or two exceptions per year I can handle.

5
0

UNSTOPPABLE data GROWTH in storage has ... er, stopped

Rob Carriere

Re: ..market share... graph is strange

Also, what is reported is market share, not actual units. In a market that is changing overall size, that's likely misleading.

All in all, quite the Soviet style statistics.

0
0

Los Angeles' weather is just like MORDOR, says Brit climate prof

Rob Carriere

Re: WTF

Maybe, but checking that your model does not go bonkers when the land masses are redistributed seems like a good idea. He could have just drawn a random map, or used xkcd's idea of the Earth on its side, but he picked Tolkien instead. Works for me.

13
0

Our MOM's LATEST EGGS: 'Looking GOOD', chuckle Indian space boffins

Rob Carriere

Re: Well done India

As you wish. I still respect those who can build stuff well beyond those who sit on wads of largely inherited cash.

7
0

Obama to Merkel: No Americans are listening to you on this call

Rob Carriere

I'm sure that goes on already. The sheer fact that other countries do not (yet) have their Edward Snowdens doesn't mean there isn't anything to report.

6
0

ICANN approves Arabic, Russian and Chinese global domain spaces

Rob Carriere

Re: Not really

Actually, there's several methods for handling that out there already. Punycode has been mentioned in the comments here, there's idnccd and some more. Alternatively, a browser could have a configuration where it changes the background color behind non-ASCII characters to some configurable color. If you're worried about such attacks, you set that color to bright red or something loud like that and your HSBC will stand out like a sore thumb.

You could make that fully general by allowing assignment of colors to arbitrary Unicode ranges.

0
0

The legacy IE survivor's guide: Firefox, Chrome... more IE?

Rob Carriere

Re: Creepy

It's not actually a 100%. If the attack depends on things that changed since XP, it won't work on XP and you can breathe a sigh of relief. If the attack uses features and code common between XP and the later Windows, it will work on XP and the bad guys score.

1
0

Space boffins boycott Kepler 'scope talks after US bans Chinese guests

Rob Carriere

Yes, that is really freedom. You might want to look up the word in a dictionary.

I'm not suggesting you should become a Marxist --I have no need for Marxists-- but freedom means that others have to the right to disagree or to read the stuff so as to form a reasoned opinion or even to read it because it makes them laugh. Their right, their choice, their time. None of your business.

And, once we're done frothing at the mouth, just how likely do you think it is that papers about astronomical pictures will be 'Marxist screed' anyway?

7
0

WIN a RockBLOCK Iridium satellite comms module

Rob Carriere

DISASTER

Device to

Insure

Safe

And

Sound

Termination of

Effort at

Rocketry

0
0
Rob Carriere

DEATH

Device to

Eradicate

All

Threats to

Humans

0
0

Curiosity looks up, spies Martian double-mooning

Rob Carriere

There have been tides for all those years, just not the liquid water ones that you're thinking of. The Earth's Moon actually stretches the solid Earth, the oceans and the atmosphere. The rock tides are so small you can't see them without instruments, the air tides are also are invisible to the unaided human observer, so we tend to focus on the water tides as 'the tides'. But the other ones are still there.

Similarly for Phobos and Mars. There is no liquid water to make water tides, but there are both rock tides and air tides. And as already shown above, they're actually comparable in size to the ones we have here.

Or in other words, the forces are there and they will do things; the mere absence of liquid water won't make them go away.

5
1

UK investigators finger emergency beacon for 787 Heathrow fire

Rob Carriere

Re: Wait

Certainly, but they might not have a non-flamey version lying on the shelf. Different device, likely different shape and so on. So that's the solution you want to work towards, but not an immediate one.

Until then the question becomes, which is the greater risk: the aircraft crashing and rescue being hindered by absence of an ELT, or the aircraft catching fire by the presence of one. Note that on-board fire-fighting kit proved insufficient to the task -- you really don't want this happening in flight. Give the rarity of crashes, reducing the risk of fire is almost certainly the smarter choice.

11
0

Ubuntu 13.10 to ship with Mir instead of X

Rob Carriere

Re: BULL!

Actually, I have an early '90s book on X11 programming upstairs somewhere and it starts with the expectation of the original X11 team that in two to three years understanding would have advanced to the point where X11 would be outdated. That doesn't sound like they wanted their work to be enshrined as some never-to-be-touched-again ideal. If anything, they're probably disappointed it took so long.

Now maybe Wayland is the better successor, maybe Mir is. I have not studied either in depth, so no opinion. I do find it hard to imagine that the existence of two alternatives can be a bad thing at this point, though.

0
0

Hubble spies unlikely planet being born in hostile neighborhood

Rob Carriere

Re: Who said it was natural?

And they'd be aiming for something, say, the size of a small moon?

6
0

We want to put a KILL SWITCH into your PHONE, say Feds

Rob Carriere

Re: Bad idea

"The more they overthink the plumbing, the easier it is to stop up the drain."

-- Scotty

9
0

What do you mean WHY is Sony PS4 so pricey in Oz?

Rob Carriere

Re: just 'cause

Read silent_count's message again: He never said he was talking about a profit tax. Import duties, for example, would fit his bill.

Now, if you want to argue this runs afoul of all sorts of trade agreements, then you might have a point.

1
0

Signatures no good at protecting databases, says Juniper

Rob Carriere

Re: Another technique

The tricky bit is avoiding false positives -- read: pissed-off customers.

2
0

Graphene QUILT: A good trampoline for elephants in stiletto heels

Rob Carriere

Re: Cutting it?

You did bring your lightsaber, right?

5
0

Sun lets loose with THREE record eruptions in 24 hours

Rob Carriere

Re: But hang on

11 year cycle. Distance between min and max is a half-cycle.

11/2 = 5.5.

2013 ish + 5.5 = 2018 ish

3
0
Rob Carriere

Re: Bleeding obvious

I wants me some of that ceramic! I think you've just invented Puppeteer Hull Metal.

7
0
Rob Carriere

Re: Minimum?

Different time scales of minimum and maximum.

NASA is talking about the maximum of the current 11-year cycle. The people who argue we're moving into a protracted minimum mean that the current and several following 11-year cycles would be much weaker than usual, some perhaps to the point of being undetectable.

In other words, NASA is saying "This is maximum of the decade", the minimists are saying "These maxima will be the smallest maxima of the millennium". These two statements do not contradict each other.

Now whether the minimists are correct and whether such a minimum would have effects on the climate, is a matter of some controversy.

11
1

Apple asked me for my BANK statements, says outraged reader

Rob Carriere
Thumb Down

Re: "she emailed over copies of them... and then immediately began panicking"

"Thus I could be 100% certain that at the very least - the email was going to *someone* at Apple."

Yes, because no one has ever managed to hack DNS.

1
0

Adobe kills Creative Suite – all future features online only

Rob Carriere

Re: Somebody PLEASE!!!!

For a Photoshop-only situation, that may work. Although, as close as I can figure it out, Gimp is still missing some features that my graphics friends consider indispensable, such as a seamless PDF process.

And Gimp is comparatively mature. Any studio is also going to want Illustrator & InDesign & friends. Good luck finding adequate competition there.

Somebody like me on the other hand, who just needs to occasionally slap a bitmap into submission, I've switched to Gimp years ago and never looked back. So this is going to be a serious case of YMMV, but I suspect the majority of the professional CS users will be stuck like a yacht in the middle of the Sahara.

17
0

Black-eyed Pies reel from BeagleBoard's $45 Linux micro blow

Rob Carriere

Re: There is more to Linux than Ubuntu

@Steve Davies 3: So it is, and yes, you caught me skipping subheadings. The flimsy excuse is that my RSS reader seems to encourage that, but it's a flimsy excuse.

I'm still confused as to the relevance of the particular objections given to the article at hand, though.

1
0
Rob Carriere

Re: There is more to Linux than Ubuntu

I'm sorry to hear life's so frustrating to you, but would you mind explaining what relevance your opinion of Ubuntu has to the article?

20
5

Ofcom to UK: Really - you're using the same password for everything?

Rob Carriere

Re: Email account password probably "very important"

In the sense you mean you always only have a single password. Even if your partner had eidetic memory, that wouldn't stop a crook from using the password reset feature.

3
0

Page: