573 posts • joined 31 May 2011
Pros and Cons
Designed to function as a virtual appliance, the tool is able to manage basic security protections such as antimalware and firewall policies... the appliance eliminates the need for a traditional client package to run on each VM.
This looks like a mixed bag. While it conserves resources and simplifies management, it presents a single point of failure. A basic tactic to be taken with AV products is to run different products on different machines (i.e. Symantec on workstations and McAfee on servers). Too, I wonder how well this product will play with other security apps. Unfortunately, I doubt I will get to play with this any time soon... it does look interesting.
Re: What should be interesting
I agree, though these companies are hardly unique in failing to ensure the security of their resources. There are plenty of examples of this to be had with a quick read through the history books... or the financial section of any major newspaper.
On the other hand, I think that Oracle is taking the correct approach in dealing with the immediate issue. They give a list of their products' status, including that some are in process. I dislike Oracle in general, but they seem to be doing things correctly in this instance.
Re: Build schools not temples!
...but are just as likely to be strongly devoted to a particular risotto recipe, which they believe to be true and faithful.
There is only One True Risotto!
Re: A Red. Dwarf?
It's officially called 2012 VP113, which the discovering team shortened to VP, and then eventually Biden...
More likely, it is a dwarf planet, it should be named similarly to other dwarf planets. The best known of these is Pluto. They submitted the name "Goofy," which eventually led them to call it Biden.
Sorry. It's Friday.
Re: @Dr. Mouse
...I would like to know how much is actually attributable to legal services...
Exactly! This is a classic instance of correlation being equated with causality. I would also like to see piracy stats from a third party rather than from a group that has a vested interest in inflating reports of abuse.
Re: No information transfer faster than speed of light
I can guess the answer to this, but this subject is simultaneously fascinating and way outside my area of expertise. Is it possible to know from one of a set of entangled objects if entanglement has been broken at the other end at the time it occurs? Is there a method for doing this other than comparing their respective states? If so, wouldn't the fact that entanglement had been broken constitute information being transferred?
It's too early
The Department of Health and Microsoft...
I need more caffeine! My first thought when I read that was, "Why would both of those fall under the same department?"
This week's episode of Almost Human (Disrupt) was about a home automation and security system that got hacked in order to kill several people. The manufacturers of the kit protested that they used the same safeguards as the Pentagon. Sounds about right. Growing pains are to be expected with any new technology. Too, there will be unintended consequences and abuses of the same. The problem that I have with it all is that it is predictable enough that a bunch of TV writers, a group that routinely gets tech issues dead wrong, can figure it out and it is still going to happen.
Re: Assume all 3rd party WiFi tapped
Whether or not those reassurances settle those who believe their privacy has been invaded is another thing.
I was out in a public place using a resource that is free for everyone to use and am now outraged that my privacy has been invaded right there, out in pub... oh... wait...
Goodnight, Earth. Goodnight, humans.
Goodnight, rabbit hopping on the moon.
(with apologies to Margaret Wise Brown)
Look! It's an Obvious Distraction!
Snowden's thinking is that he did not set out to “bring down the NSA” but that his theft of and distribution of documents will help to refocus the agency on its true purpose. He therefore told the Post that the NSA “are the only ones who don’t realize” he's still working for the agency.
Seems a bit late to work on his insanity defense, but whatever gets the job done, I suppose.
What an Unfortunate Analogy
The team likened it to the pheromone and urine marking systems many animals species use to communicate over long distances.
Illustrating why it is called "getting pissed." I wonder if getting anyone trying to intercept the message drunk should be looked at as a security measure...
Re: Good material in here for a behavioral study
Go a step further: create a plug-in that checks for the presence of scripts on a site through a third party which verifies that they do what the site owner claims they are there for. If something unexpected shows up, you get a strongly worded warning in much the same way as an invalid certificate might generate. Of course, these are attacked on a regular basis and many site owners can't be bothered to keep theirs up-to-date, but these sites should probably be avoided anyway... There's probably money to be made in third party script validation, so there is some incentive for someone to implement something like this.
The lander will send back humanity's first photos of a comet on its surface, and will then drill into the surface to take samples... and then explode in a thermonuclear beacon of truth and justice.
There, fixed that for you
Trust but Verify
...man-in-the-middle SSL interception, a heavily frowned on practice that violates the trust model of internet security.
You just can't trust anyone these days.
Re: This is not "post scarcity"
Why is it cheaper to buy a supermarket cake than to bake your own from scratch? ...have enormous ovens that can bake 1000 cakes at a time...
I get the economies of scale argument, but my experience is that this sort of thing is about convenience to the consumer, not about driving down the price of the product. In other words, large scale production is all about increasing profit margins which does not necessarily lower product pricing.
To use your example, supermarkets in my area charge more for a cake than it would take me to produce one myself. While they can do some things better than I might or that I cannot, I am not only paying for materials and energy, but for labor and store profit as well. Also, the scale is not what you make it out to be as there is not enough demand for these grocery stores to produce 1K cakes on a regular basis; they are produced in the store, not in some central location.
This printer is a hobbyist's toy at this point. It has potential. Mapping out when it is useful for projects and when it would be better to buy off the shelf is going to take time to work out, but it offers an alternative to what was available before which I believe to be a good thing.
Re: ..."a whopping 80 per cent of crashes ... involved male drivers"
...expressing it as a percentage per million miles driven or ...
... a percentage of the total drivers on the road? Split out between the gender of passengers as well? The article previously noted that when together with members of the opposite sex men tend to drive much more often than they ride. It would be interesting to find out what the break-out on contributing factors and causes are. How many men would blame their female passengers for their wrecks?
Re: How long will it last?
Agreed they are a nightmare to collect, but that only matters for a small firm....I don't see how it is much of a burden on Amazon.
Yes and no. I feel, and it would seem that the court agrees, that there is a matter of fairness in that if you sell something in a given jurisdiction you should have to pay taxes on it. However, the fact that Amazon (and other large retailers) is so widespread is a burden (undue or otherwise). Having to keep track of all of these different tax laws and changes to them takes people, which in turn eat into the overhead. It also increases the liability the company faces as there are moving parts and thus more opportunities to make mistakes.
Simplifying the tax code for online and catalog sales make a lot more sense as online sales have been a big economic generator recently. Catalog sales laws dating back to the 1800s do not seem to work well in today's world.
In Space, No-one Can Hear You Explode
Sound travels at different rates through different media. The article says "300 times the speed of sound" and "hurtling inwards at no less than Mach 1,000." So my questions are what is the speed of sound in this environment and is there enough gas to allow sound to propagate? I would assume that the numbers given are in comparison to the typical speed of sound in Earth's atmosphere, although I would posit that they should be put into proper Register units of measure.
Re: Serious question
And why is the answer always ... "pay us more money"?
How very Zen! The answer is found within the question.
I would very much appreciate a study that compares the amount of methane emitted by all of the animals that have been hunted to extinction or had their numbers drastically reduced (e.g. bison, whales) with those that have increased in population due to human activity (to include indirect effect such as whitetail deer increases due to predator elimination).
There is always more to the issue than a single, simple study will be able to take into account (I am being generous here) and there will always be ways to twist the message based on any new data to back up a given political agenda.
It is clear that humans are capable of changing climate for entire regions and, indeed, the world. History provides us with plenty of examples of this. People in my country who would quibble with this statement are invited to do a little research on the dust bowl. More challenging than altering the world is getting us to agree on which direction we should take it when we do. Perhaps a better question than, "Are we causing things to change?" would be, "How do we want things to end up?"
Re: Reminds me of this somehow;
Infinite nr. of monkeys ...I wonder why Christians aren't up on arms...
Monkeys hit too close to home.
Mine's the one with Clarence Darrow on the label.
Just not a hero of Native Americans.
Memory and Money
I recall Susan commenting in the first episode that she was confused over the British monetary system and whether it had been switched to the now-current decimal system. I am an American, so I had to look it up, but the episode predates the change. Was this something that had been discussed publically or was it a well-placed prediction on the part of the writers?
Ahh... I Get It *
In what's known as 'back action', the act of measurement changes the system you've just measured.”
This the new RPN.
* No, not really.
Why Go Live?
It should have been obvious from the beginning that the site was not going to be up and working correctly on time. It is beyond me why anyone would want the half-baked mess that this has turned out to be in the public eye. It would have been far less damaging to be forced to say that it is running a bit (or even quite a bit) behind schedule than to serve up this dog's breakfast.
Of course the site is going to be hacked. I would expect those doing the crime to be hunted down and prosecuted in the harshest of manners as this law has been a political hot button from the beginning.
Re: creating your own jewellry line of custom 3D-printed earrings.
Brightly coloured plastic jewellery, a perfect complement to the not-metro interface on your phone, tablet, and PC.
I am going to gloss over the sarcasm in this (though I completely agree with the sentiment) and point out that using printed plastic parts for use in casting pieces in metal. I doubt this is what the marketing droid had in mind, but it is being done.
My take on 3D printing is that it will work similarly to the advent of photography, displacing a very expensive process previously only available to those with plenty of disposable cash. Where before only the wealthy could afford to have their portrait painted, many more people can now afford to sit for a photographer. I believe 3D printing will do much the same thing for sculpture.
Re: The F in FB Stands for "Fail"
That won't catch password reuse.
Well, yes this is true, but for those that it does not catch, it is likely to be irrelevant. From the description given of the original hack, adding passwords to a rainbow table is likely to be profitable only up to a point. Those people with the most commonly used passwords are both most likely to re-use their passwords and to use very weak passwords. As I mentioned above, adding a simple set of rules (to include occasionaly mandatory resets) will eliminate the vast majority of these without having to go through the process described as needed to avoid duplicates. It will also raise awareness of the issue and increase the overall security of all FB accounts. Simply matching a single user's passwords across accounts will not prevent that user from switching between equally weak but unique passwords.
Yes, password re-use can be a problem, but it is not the problem. It might sound as though it is, and it is a contributing factor in this case, but the underlying issues are lack of education and motivation at the user level and the treatment of security as an afterthought at the admin level.
The F in FB Stands for "Fail"
We used the plaintext passwords that had already been worked out by researchers. We took those recovered plaintext passwords and ran them through the same code that we use to check your password at login time.
Why go through all that effort? Why not implement a simple filter to enforce some minimum strength requirements and force a password reset? It's a bit of a hassle for their
product account holders, but it will let them all know they are all being protected while being a lot easier to implement and understand than their current plan. Better yet, develop a secure password-free system. Facebookers would really appreciate it and it could be resold externally.
Re: Beep beep
I suspect examples extend back 100s of years, but I know you can see the effects as early as 1929...
Right the first time. One of the big political issues that drove the then-colonies into revolt were the monopolies imposed on them that were disadvantageous to the locals (see also "taxation without representation"). The methods did not change under the newly created government, only those who benefitted from them (see also "Andrew Jackson" and "spoils system").
Looking through the bullet points, I don't
see a lot of any good. Copyright as it was originally designed included a balance between protecting the rights of the creator and the public good. There is not even a pretense of balance in the parts that are being presented in the article.
Re: Back in the nineties ...
The boffins also think that retuning the system to work with light waves, rendering the object truly invisible, should work on the same principles.
Downward pointing aircraft radars were set to highlight missing pieces of ground. Tanks using this kit would really draw attention to themselves.
Quite right. If I understand correctly, the device essentially turns the object black, not invisibile, as it prevents a given frequency from being reflected back. Nowhere in the article does it even imply that light from the oposite side is shuttled through. For a tank, I would think the bulk of a metamaterial-based shield would not be much of a problem. Taken together, though, radar-defeating and human-eye-invisible tanks (or war ships) would be a bit more scary, especially if they could decloak at will for intimidation purposes.
Unless you are a Walmart type business model or a university and so the vast majority of your people can happily live with 3 functions provided via a cheap as chips terminal device.
There are always tiers of users within organizations, with differeing requirements. Where VDI breaks down is with mobile computing. For large businesses, it tends to be more senior execs and their staffs who make use of these toys. The rest of the users tend to have no say in what they use and will thus end up with the cheapest kit around. Thus: tablets and laptops for execs and VDI for the masses. I predict this will hold especially true for government agencies.
Licensing schemes will change to fit the VDI model, or the people selling the licensed products will lose business. This article is about where things are headed bases on the present as a starting point, not that we are there now. For large corporations, costs of management will be brought down significantly as there will be much less need for touch labor. Of course, VDI implementations will reveal new problems and reinvent old (i.e. poorly managed permission sets), but that does not mean it is unlikely to catch on. It already is (and I am having to deal with it).
Re: Legal Changes?
I have no doubt that somewhere there is the ability to create clips of people doing stuff they never did that are indistinguishable from the real thing. If there isn't it is not very far away.
It used to be, "Pictures or it didn't happen." Soon even that won't be enough.
Re: Running scared Y2K
That's why it was a non-event, millions of people worked hard to make sure it was a non-event...
I worked for a bank at that time and had the joy of watching the fireworks from the top of one of our buildings because our shareholders wanted reassuring. Of course, the CEO was busy enjoying the festivities elsewhere... Anyway, banks are extremely risk averse when it comes to changing technology. Changing the OS their business uses to make profits requires more than its support being withdrawn. The only things I can think of that will reliably cause a bank to make a change of that scope are a loss of profits deriving from the OS, and a merger. Come to think of it, I know of some banks that fought changing their OS as part of a merger.
I wonder, especially in the wake of the latest leaker/whistleblower incidents, if the US gov will try to restrict sale of this service to foreign governments based on this definition of Amazon's cloud services as a supercomputer... or if they already have. My guess is that they would rather allow access and monitor.
What Did You Call Me?
@jlb, I do not know how long you have read El Reg, but I can see that you have been very consistent in voicing your discontent with the term boffin and its use here. Rather than take the cheap shot I could given that you describe yourself as a scientist and immediately follow up by citing Wikipedia, I would like to gently steer you to this article posted way back in 2010. Please pay special attention to the bootnote.
All better now?
Re: "You WILL use CHROME!!"
Don't be ridiculous. It doesn't force people to use Chrome.
A quick search (using Google, natch) for "gmail supported browsers" gives a page listing what is required to use Gmail (Google Chrome, Firefox, Internet Explorer, Safari) along with download links. There are too many configurations to test all of them so it makes sense to only test only those most likely to be used. It also makes sense to encourage people to follow good practice in keeping their apps up-to-date.
From the article: Google had refused say what its plans were for IE9 support, telling The Reg days before the release of IE11: “Google does not pre-announce these things, but we inform users of changes in good time”.
They already made this statement, as quoted in the referenced earlier El Reg article:
As we announced last year, we support the latest version of Google Chrome (which automatically updates whenever it detects that a new version of the browser is available) as well as the current and prior major release of Firefox, Internet Explorer and Safari on a rolling basis. Each time a new version of one of these browsers is released, we begin supporting the update and stop supporting the third-oldest version.
Emphasis added - it seems pretty clear what their plans are. Here's the link for those who don't want to work at finding this stuff on a Friday.
Re: Civilian? So what !
It's not that US CyberComm is made up of just military. It is more typical to have an agency of this nature staffed by contractors than for it to be made of only military personnel. I would not claim that they are any less capable, and I certainly am not making any calls on morality, but military personnel tend to make the decisions more than implement them.
Like Skynet, Just on the Ground
Traditional databases with their support for transactions, concurrency control, and recovery protocols are an overkill for such data
I would think that given that increasing the number of devices pointing to the file system also increases the number of points of failure, a transactional approach would be the way to go. Eh... shows what I know. I am admittedly behind the curve on this as I am only starting to automate my home. I do not anticipate tying my stuff in with every other home's, though. It might be an advantage for some folks, but I do not think it would be a net gain to incorporate my personal network into a neighborhood surveillance system.
Re: As an intellectual and technological excercise...
The counterfactual is: if the money had been left in the economy, what would people have come up with, quite probably more efficiently?
@ Lapun Mankimasta, I suspect said governments will be making every effort to extend their reach as far as they can. Unfortunately, it is in their nature. I got stuck on the phrase ...not to mention mining them for the raw materials our own planet is running out of. Where do we find coal, oil, and similar in an asteroid. As far as I know, there are not too many things in space that we are running out of here. It will all come down to economics - whether it costs more to mine and refine the various bits on the ground or in space. Even the tailings will be valuable in space if for no other purpose than the mass it will provide.
Re: "You can't have your privacy violated if you don’t know your privacy is violated, right?"
...if I steal something from you and you don't notice...
The analogy I thought of involved roofies and date rape, but yours works, too.
Is Jobs Still Dead?
No. Because people keep digging him up.
He has gone from head of Apple, to fictionalized character, and is heading toward mascothood.
Re: SIlly idea
Not sure if it's already suggested, but that "send corrections" link at the bottom of the article might be better off pointing at a page where you can send corrections... can I really be bothered firing up an email client just to tell someone they spelled "plant matter" as "plant madder?"
The original post was about a year ago, so there have been a few changes. The corrections link is currently at the top of the comments page and is a mailto link. I suggest two changes. First, use a web form rather than a mailto link so that sending corrections works in much the same fashion as posting to the forum. Second, post this link on both the discussion page for the article as well as on the page for the article itself.
Re: "They used a spiral pattern to confuse the bees and trick them into crash landing."
It made me wonder what would happen if someone projected a moving image onto the landing pad of an UAV. Perhaps the best defense against the drones of the future will be a disco ball.
Re: 100 million years ago! @Don
But El Reg Standard Units are mandatory for the Church of El Reg.
I could not find one for time anywhere on the site. I humbly submit the birdage for large units of time, being equivalent to the measure from the Early Cretaceous until now. For example, "The universe is roughly 138 birdages old."
Googled Googling Google
The top response Google returns for "search engine list" is http://www.thesearchenginelist.com/ - a list made up almost entirely of sites I had never heard of before now.
I tried to use a few other search engines as an experiment at one point. It really sucked! I am aware that Google is biased toward their profits, but they are still much better than the competition.
Since the group of people who would be into this are, in my view, narcissistic twits, should we expect the cameras to point at the wearers of this newer version of Glass?
- Opportunity selfie: Martian winds have given the spunky ol' rover a spring cleaning
- Spanish village called 'Kill the Jews' mulls rebranding exercise
- NASA finds first Earth-sized planet in a habitable zone around star
- New Facebook phone app allows you to stalk your mates
- Battle of the Linux clouds! Linode DOUBLES RAM to take on Digital Ocean