566 posts • joined 31 May 2011
This week's episode of Almost Human (Disrupt) was about a home automation and security system that got hacked in order to kill several people. The manufacturers of the kit protested that they used the same safeguards as the Pentagon. Sounds about right. Growing pains are to be expected with any new technology. Too, there will be unintended consequences and abuses of the same. The problem that I have with it all is that it is predictable enough that a bunch of TV writers, a group that routinely gets tech issues dead wrong, can figure it out and it is still going to happen.
Re: Assume all 3rd party WiFi tapped
Whether or not those reassurances settle those who believe their privacy has been invaded is another thing.
I was out in a public place using a resource that is free for everyone to use and am now outraged that my privacy has been invaded right there, out in pub... oh... wait...
Goodnight, Earth. Goodnight, humans.
Goodnight, rabbit hopping on the moon.
(with apologies to Margaret Wise Brown)
Look! It's an Obvious Distraction!
Snowden's thinking is that he did not set out to “bring down the NSA” but that his theft of and distribution of documents will help to refocus the agency on its true purpose. He therefore told the Post that the NSA “are the only ones who don’t realize” he's still working for the agency.
Seems a bit late to work on his insanity defense, but whatever gets the job done, I suppose.
What an Unfortunate Analogy
The team likened it to the pheromone and urine marking systems many animals species use to communicate over long distances.
Illustrating why it is called "getting pissed." I wonder if getting anyone trying to intercept the message drunk should be looked at as a security measure...
Re: Good material in here for a behavioral study
Go a step further: create a plug-in that checks for the presence of scripts on a site through a third party which verifies that they do what the site owner claims they are there for. If something unexpected shows up, you get a strongly worded warning in much the same way as an invalid certificate might generate. Of course, these are attacked on a regular basis and many site owners can't be bothered to keep theirs up-to-date, but these sites should probably be avoided anyway... There's probably money to be made in third party script validation, so there is some incentive for someone to implement something like this.
The lander will send back humanity's first photos of a comet on its surface, and will then drill into the surface to take samples... and then explode in a thermonuclear beacon of truth and justice.
There, fixed that for you
Trust but Verify
...man-in-the-middle SSL interception, a heavily frowned on practice that violates the trust model of internet security.
You just can't trust anyone these days.
Re: This is not "post scarcity"
Why is it cheaper to buy a supermarket cake than to bake your own from scratch? ...have enormous ovens that can bake 1000 cakes at a time...
I get the economies of scale argument, but my experience is that this sort of thing is about convenience to the consumer, not about driving down the price of the product. In other words, large scale production is all about increasing profit margins which does not necessarily lower product pricing.
To use your example, supermarkets in my area charge more for a cake than it would take me to produce one myself. While they can do some things better than I might or that I cannot, I am not only paying for materials and energy, but for labor and store profit as well. Also, the scale is not what you make it out to be as there is not enough demand for these grocery stores to produce 1K cakes on a regular basis; they are produced in the store, not in some central location.
This printer is a hobbyist's toy at this point. It has potential. Mapping out when it is useful for projects and when it would be better to buy off the shelf is going to take time to work out, but it offers an alternative to what was available before which I believe to be a good thing.
Re: ..."a whopping 80 per cent of crashes ... involved male drivers"
...expressing it as a percentage per million miles driven or ...
... a percentage of the total drivers on the road? Split out between the gender of passengers as well? The article previously noted that when together with members of the opposite sex men tend to drive much more often than they ride. It would be interesting to find out what the break-out on contributing factors and causes are. How many men would blame their female passengers for their wrecks?
Re: How long will it last?
Agreed they are a nightmare to collect, but that only matters for a small firm....I don't see how it is much of a burden on Amazon.
Yes and no. I feel, and it would seem that the court agrees, that there is a matter of fairness in that if you sell something in a given jurisdiction you should have to pay taxes on it. However, the fact that Amazon (and other large retailers) is so widespread is a burden (undue or otherwise). Having to keep track of all of these different tax laws and changes to them takes people, which in turn eat into the overhead. It also increases the liability the company faces as there are moving parts and thus more opportunities to make mistakes.
Simplifying the tax code for online and catalog sales make a lot more sense as online sales have been a big economic generator recently. Catalog sales laws dating back to the 1800s do not seem to work well in today's world.
In Space, No-one Can Hear You Explode
Sound travels at different rates through different media. The article says "300 times the speed of sound" and "hurtling inwards at no less than Mach 1,000." So my questions are what is the speed of sound in this environment and is there enough gas to allow sound to propagate? I would assume that the numbers given are in comparison to the typical speed of sound in Earth's atmosphere, although I would posit that they should be put into proper Register units of measure.
Re: Serious question
And why is the answer always ... "pay us more money"?
How very Zen! The answer is found within the question.
I would very much appreciate a study that compares the amount of methane emitted by all of the animals that have been hunted to extinction or had their numbers drastically reduced (e.g. bison, whales) with those that have increased in population due to human activity (to include indirect effect such as whitetail deer increases due to predator elimination).
There is always more to the issue than a single, simple study will be able to take into account (I am being generous here) and there will always be ways to twist the message based on any new data to back up a given political agenda.
It is clear that humans are capable of changing climate for entire regions and, indeed, the world. History provides us with plenty of examples of this. People in my country who would quibble with this statement are invited to do a little research on the dust bowl. More challenging than altering the world is getting us to agree on which direction we should take it when we do. Perhaps a better question than, "Are we causing things to change?" would be, "How do we want things to end up?"
Re: Reminds me of this somehow;
Infinite nr. of monkeys ...I wonder why Christians aren't up on arms...
Monkeys hit too close to home.
Mine's the one with Clarence Darrow on the label.
Just not a hero of Native Americans.
Memory and Money
I recall Susan commenting in the first episode that she was confused over the British monetary system and whether it had been switched to the now-current decimal system. I am an American, so I had to look it up, but the episode predates the change. Was this something that had been discussed publically or was it a well-placed prediction on the part of the writers?
Ahh... I Get It *
In what's known as 'back action', the act of measurement changes the system you've just measured.”
This the new RPN.
* No, not really.
Why Go Live?
It should have been obvious from the beginning that the site was not going to be up and working correctly on time. It is beyond me why anyone would want the half-baked mess that this has turned out to be in the public eye. It would have been far less damaging to be forced to say that it is running a bit (or even quite a bit) behind schedule than to serve up this dog's breakfast.
Of course the site is going to be hacked. I would expect those doing the crime to be hunted down and prosecuted in the harshest of manners as this law has been a political hot button from the beginning.
Re: creating your own jewellry line of custom 3D-printed earrings.
Brightly coloured plastic jewellery, a perfect complement to the not-metro interface on your phone, tablet, and PC.
I am going to gloss over the sarcasm in this (though I completely agree with the sentiment) and point out that using printed plastic parts for use in casting pieces in metal. I doubt this is what the marketing droid had in mind, but it is being done.
My take on 3D printing is that it will work similarly to the advent of photography, displacing a very expensive process previously only available to those with plenty of disposable cash. Where before only the wealthy could afford to have their portrait painted, many more people can now afford to sit for a photographer. I believe 3D printing will do much the same thing for sculpture.
Re: The F in FB Stands for "Fail"
That won't catch password reuse.
Well, yes this is true, but for those that it does not catch, it is likely to be irrelevant. From the description given of the original hack, adding passwords to a rainbow table is likely to be profitable only up to a point. Those people with the most commonly used passwords are both most likely to re-use their passwords and to use very weak passwords. As I mentioned above, adding a simple set of rules (to include occasionaly mandatory resets) will eliminate the vast majority of these without having to go through the process described as needed to avoid duplicates. It will also raise awareness of the issue and increase the overall security of all FB accounts. Simply matching a single user's passwords across accounts will not prevent that user from switching between equally weak but unique passwords.
Yes, password re-use can be a problem, but it is not the problem. It might sound as though it is, and it is a contributing factor in this case, but the underlying issues are lack of education and motivation at the user level and the treatment of security as an afterthought at the admin level.
The F in FB Stands for "Fail"
We used the plaintext passwords that had already been worked out by researchers. We took those recovered plaintext passwords and ran them through the same code that we use to check your password at login time.
Why go through all that effort? Why not implement a simple filter to enforce some minimum strength requirements and force a password reset? It's a bit of a hassle for their
product account holders, but it will let them all know they are all being protected while being a lot easier to implement and understand than their current plan. Better yet, develop a secure password-free system. Facebookers would really appreciate it and it could be resold externally.
Re: Beep beep
I suspect examples extend back 100s of years, but I know you can see the effects as early as 1929...
Right the first time. One of the big political issues that drove the then-colonies into revolt were the monopolies imposed on them that were disadvantageous to the locals (see also "taxation without representation"). The methods did not change under the newly created government, only those who benefitted from them (see also "Andrew Jackson" and "spoils system").
Looking through the bullet points, I don't
see a lot of any good. Copyright as it was originally designed included a balance between protecting the rights of the creator and the public good. There is not even a pretense of balance in the parts that are being presented in the article.
Re: Back in the nineties ...
The boffins also think that retuning the system to work with light waves, rendering the object truly invisible, should work on the same principles.
Downward pointing aircraft radars were set to highlight missing pieces of ground. Tanks using this kit would really draw attention to themselves.
Quite right. If I understand correctly, the device essentially turns the object black, not invisibile, as it prevents a given frequency from being reflected back. Nowhere in the article does it even imply that light from the oposite side is shuttled through. For a tank, I would think the bulk of a metamaterial-based shield would not be much of a problem. Taken together, though, radar-defeating and human-eye-invisible tanks (or war ships) would be a bit more scary, especially if they could decloak at will for intimidation purposes.
Unless you are a Walmart type business model or a university and so the vast majority of your people can happily live with 3 functions provided via a cheap as chips terminal device.
There are always tiers of users within organizations, with differeing requirements. Where VDI breaks down is with mobile computing. For large businesses, it tends to be more senior execs and their staffs who make use of these toys. The rest of the users tend to have no say in what they use and will thus end up with the cheapest kit around. Thus: tablets and laptops for execs and VDI for the masses. I predict this will hold especially true for government agencies.
Licensing schemes will change to fit the VDI model, or the people selling the licensed products will lose business. This article is about where things are headed bases on the present as a starting point, not that we are there now. For large corporations, costs of management will be brought down significantly as there will be much less need for touch labor. Of course, VDI implementations will reveal new problems and reinvent old (i.e. poorly managed permission sets), but that does not mean it is unlikely to catch on. It already is (and I am having to deal with it).
Re: Legal Changes?
I have no doubt that somewhere there is the ability to create clips of people doing stuff they never did that are indistinguishable from the real thing. If there isn't it is not very far away.
It used to be, "Pictures or it didn't happen." Soon even that won't be enough.
Re: Running scared Y2K
That's why it was a non-event, millions of people worked hard to make sure it was a non-event...
I worked for a bank at that time and had the joy of watching the fireworks from the top of one of our buildings because our shareholders wanted reassuring. Of course, the CEO was busy enjoying the festivities elsewhere... Anyway, banks are extremely risk averse when it comes to changing technology. Changing the OS their business uses to make profits requires more than its support being withdrawn. The only things I can think of that will reliably cause a bank to make a change of that scope are a loss of profits deriving from the OS, and a merger. Come to think of it, I know of some banks that fought changing their OS as part of a merger.
I wonder, especially in the wake of the latest leaker/whistleblower incidents, if the US gov will try to restrict sale of this service to foreign governments based on this definition of Amazon's cloud services as a supercomputer... or if they already have. My guess is that they would rather allow access and monitor.
What Did You Call Me?
@jlb, I do not know how long you have read El Reg, but I can see that you have been very consistent in voicing your discontent with the term boffin and its use here. Rather than take the cheap shot I could given that you describe yourself as a scientist and immediately follow up by citing Wikipedia, I would like to gently steer you to this article posted way back in 2010. Please pay special attention to the bootnote.
All better now?
Re: "You WILL use CHROME!!"
Don't be ridiculous. It doesn't force people to use Chrome.
A quick search (using Google, natch) for "gmail supported browsers" gives a page listing what is required to use Gmail (Google Chrome, Firefox, Internet Explorer, Safari) along with download links. There are too many configurations to test all of them so it makes sense to only test only those most likely to be used. It also makes sense to encourage people to follow good practice in keeping their apps up-to-date.
From the article: Google had refused say what its plans were for IE9 support, telling The Reg days before the release of IE11: “Google does not pre-announce these things, but we inform users of changes in good time”.
They already made this statement, as quoted in the referenced earlier El Reg article:
As we announced last year, we support the latest version of Google Chrome (which automatically updates whenever it detects that a new version of the browser is available) as well as the current and prior major release of Firefox, Internet Explorer and Safari on a rolling basis. Each time a new version of one of these browsers is released, we begin supporting the update and stop supporting the third-oldest version.
Emphasis added - it seems pretty clear what their plans are. Here's the link for those who don't want to work at finding this stuff on a Friday.
Re: Civilian? So what !
It's not that US CyberComm is made up of just military. It is more typical to have an agency of this nature staffed by contractors than for it to be made of only military personnel. I would not claim that they are any less capable, and I certainly am not making any calls on morality, but military personnel tend to make the decisions more than implement them.
Like Skynet, Just on the Ground
Traditional databases with their support for transactions, concurrency control, and recovery protocols are an overkill for such data
I would think that given that increasing the number of devices pointing to the file system also increases the number of points of failure, a transactional approach would be the way to go. Eh... shows what I know. I am admittedly behind the curve on this as I am only starting to automate my home. I do not anticipate tying my stuff in with every other home's, though. It might be an advantage for some folks, but I do not think it would be a net gain to incorporate my personal network into a neighborhood surveillance system.
Re: As an intellectual and technological excercise...
The counterfactual is: if the money had been left in the economy, what would people have come up with, quite probably more efficiently?
@ Lapun Mankimasta, I suspect said governments will be making every effort to extend their reach as far as they can. Unfortunately, it is in their nature. I got stuck on the phrase ...not to mention mining them for the raw materials our own planet is running out of. Where do we find coal, oil, and similar in an asteroid. As far as I know, there are not too many things in space that we are running out of here. It will all come down to economics - whether it costs more to mine and refine the various bits on the ground or in space. Even the tailings will be valuable in space if for no other purpose than the mass it will provide.
Re: "You can't have your privacy violated if you don’t know your privacy is violated, right?"
...if I steal something from you and you don't notice...
The analogy I thought of involved roofies and date rape, but yours works, too.
Is Jobs Still Dead?
No. Because people keep digging him up.
He has gone from head of Apple, to fictionalized character, and is heading toward mascothood.
Re: SIlly idea
Not sure if it's already suggested, but that "send corrections" link at the bottom of the article might be better off pointing at a page where you can send corrections... can I really be bothered firing up an email client just to tell someone they spelled "plant matter" as "plant madder?"
The original post was about a year ago, so there have been a few changes. The corrections link is currently at the top of the comments page and is a mailto link. I suggest two changes. First, use a web form rather than a mailto link so that sending corrections works in much the same fashion as posting to the forum. Second, post this link on both the discussion page for the article as well as on the page for the article itself.
Re: "They used a spiral pattern to confuse the bees and trick them into crash landing."
It made me wonder what would happen if someone projected a moving image onto the landing pad of an UAV. Perhaps the best defense against the drones of the future will be a disco ball.
Re: 100 million years ago! @Don
But El Reg Standard Units are mandatory for the Church of El Reg.
I could not find one for time anywhere on the site. I humbly submit the birdage for large units of time, being equivalent to the measure from the Early Cretaceous until now. For example, "The universe is roughly 138 birdages old."
Googled Googling Google
The top response Google returns for "search engine list" is http://www.thesearchenginelist.com/ - a list made up almost entirely of sites I had never heard of before now.
I tried to use a few other search engines as an experiment at one point. It really sucked! I am aware that Google is biased toward their profits, but they are still much better than the competition.
Since the group of people who would be into this are, in my view, narcissistic twits, should we expect the cameras to point at the wearers of this newer version of Glass?
Sign Me Up!
Leaving aside for a moment why anyone would want a third party to go through their e-mail, personal or otherwise, this still introduces an certain (and I would argue unacceptable) amount of risk to any communication sent through this
service process. Simply put, it adds one more possible point of failure. It would seem difficult to assess the risk involved with this as, even if their independent review signed off on it, it is so much easier to attack than to defend against an attack. Also, people who use this might be considered high value targets. They are a self-selecting group that is open to spam, not to technically adept, make good money, and will provide the contact details of many just like themselves.
As far as the security of the process, I would expect at least copycat apps to imitating the genuine LinkedIn experience, with (slightly) less friendly results.
This is a v.1 service that is asking users to trust with all of their correspondence from which they get little, if any, benefit. What's not to like?
Re: Compressing the Helium
Well, they have a fully stocked bar. How long until one of the passengers decides that it would be a good idea to fetch a bit of the floaty gas to do just this?
Re: Jeez it must suck to be a sysadmin at the NSA these days...
First, they are working towards eliminating most of the sysadmins, which is why Snowden and others were hired on a contract
They were hired on a contract basis for the same reason that other government agencies do: it supposedly saves money while making the government more flexible.
Second, post-Snowden pretty much every sysadmin at the NSA probably have to undergo a daily colonoscopy of their work.
I got nothing.
Third, something goes wrong with the website and immediately the sysadmins are thrown under the bus....
And how is this different than anywhere else?
Re: Strange Logic
There are times where hunting can be justified but this is not one of them.
When would those be? I would hope the game wardens at the park know their jobs well enough to have made an informed decision on this (assuming some bureaucrat did not push this for purely political reasons), so I would not presume to second guess them on this. There is nothing to indicate in this article that capturing this animal and moving it to greener pastures would have a better outcome unless one argues that there is no case in which it should be killed.
In general, I do not support trophy hunting as I feel that every bit of an animal that is killed should be used. However there are times when a herd should be culled. Perhaps the person spending the money is doing so "for all the wrong reasons." So what? That person will end up supporting the conservation effort as a whole and is not in a position to decide anything more than to pay the money.
It seems counterintuitive that managed hunting leads to better outcomes for the hunted species, but it is a model that has been shown to work. For one good example, check out Ducks Unlimited.
"This is not about Chrome (the browser). This is about the controlled environment provided by Chromebooks."
Google has unveiled "supervised users" for Chrome on Windows, OS X, Linux, and Chrome OS.
Not so much.
While I tend to prattle on about layered security being the way to go, this seems to be Google taking the approach of throwing something out and see if it sticks. This idea would be better implemented as a real firewall, not some cheap knock-off.
What's Good for the Goose...
So they'll be out scanning any OS they can find and pass on the information of weaknesses found to the NSA who can exploit all those machines not patched!
Actually, this is exactly the sort of thing that the NSA does not want out in the public eye. If this can be made to work, it will make it to market, which in turn will make the NSA's (and similar groups around the world) job that much more difficult. If this was something the NSA was going to back, you would not be reading about short of a Snowden clone releasing the news into the wild.
So will HP introduce jams to 3D printers?
Mmm... I would like to be able to print a nice marmalade. If HP really wants to leapfrog their competition, they should put some effort into food replication.
- Vid Hubble 'scope snaps 200,000-ton chunky crumble conundrum
- Bugger the jetpack, where's my 21st-century Psion?
- Google offers up its own Googlers in cloud channel chumship trawl
- Interview Global Warming IS REAL, argues sceptic mathematician - it just isn't THERMAGEDDON
- Windows 8.1 Update 1 spewed online a MONTH early – by Microsoft