* Posts by Steve Knox

1592 posts • joined 16 Jul 2011

Google tells iOS 9 app devs: Switch off HTTPS if you want that sweet sweet ad money from us

Steve Knox
Silver badge
Mushroom

You keep on using that word...

"While Google remains committed to industry-wide adoption of HTTPS, there isn’t always full compliance on third party ad networks and custom creative code served via our systems," blogged Googler Tristan Emrich.

Sorry, Tristan, but you clearly don't know what "committed" means.

Here's a hint: it doesn't mean you'll do it only if it doesn't cost you money. It doesn't mean you'll take the easy way out. It doesn't mean you'll recommend that people compromise security so you can continue to make money.

3
0

The good burghers of Palo Alto are entirely insane

Steve Knox
Silver badge

Re: Ownership and liability

Two Points:

1. Now as someone in the fortunate position of having the deeds to my house, I thought I owned it. Yes and no. You own the land, but your ownership rights derive from and are controlled by the state. See https://en.wikipedia.org/wiki/Eminent_domain (aka compulsory purchase in the UK.)

2. To whom do you think possibly-IDS was referring when he said "our housing stock"? Since the question was on the UK national debt, the logical answer would be the nation of the UK, of which you are either a member or under the jurisdiction of vis-a-vis your property deeds.

In both cases, reference to "your" property as part of "our" housing stock makes sense.

5
0

Boffins nail 2FA with 'ambient sound' login for the lazy

Steve Knox
Silver badge

Re: what people say and what people do

"The boffins also asked 32 folks, none security experts, how they feel about this form of 2FA: most said they would prefer it over no 2FA being used"

Let me guess, the question was expressed similar to:

"Hey average user! We've invented this awesome new technology which makes your online adventures more secure with absolutely no effort on your part!!!!! Wouldn't you like to be safer online!? Or would you prefer to have your identity stolen, your pets microwaved, and your car smashed into a tree?"

0
0
Steve Knox
Silver badge
Facepalm

This from a security team!!?

The "Sound-Proof" verification process, which occurs without user interaction, can determine that a user and their two factor device are in the same room.

Meaning you have to install their app on your phone and give it access to record audio at any time.

Nah, no way that could be abused.

14
1

IRS: Tax-record snaffle scam actually 200% worse than first feared

Steve Knox
Silver badge

There's actually surprisingly little...

personal information in the average US tax return. Most of it is what was required by Get Transcript to begin with, and is as readily available (or more so) from other sources.

What is available is employment information, previous years' AGI, et al -- things which are most beneficial in (as the article said) attempting to file a fraudulent return next year.

This is still a big deal, and I'll be anxiously checking my mail for the next few months, but I'm more worried about the next inevitable major credit card breach by another retailer whose entire idea of computer security is to padlock the machines to the desk so they can't be physically removed.

1
0

China shutters 50 websites for spreading explosion 'rumours'

Steve Knox
Silver badge

Re: Woah. Thank $DEITY for $REDACTED Freedom of the Press

And very unlike the western democracies, where the various press organizations are owned by honest businesspeople and not at all biased towards particular ideologies.

38
6

Wanna harvest a stranger's Facebook data? Get a mobile number and off you go

Steve Knox
Silver badge

Heads Will ROLL!

This is a very serious security issue, and I'm sure someone at FaceBook will be fired for this.

Seriously, FB does not look happily on people being able to exploit their users' data without paying Facebook for the privilege.

4
0

Perhaps middle-aged blokes SHOULDN'T try 34-hour-long road trips

Steve Knox
Silver badge

Taxes

Given that the UK is a net payer into EU funds, as are many Northern EU countries, it's therefore a tad galling to both have paid for the road through taxation and also then get charged to use it.

Ah, the whole "paid for it twice" bit. Except that you didn't. Your taxes paid to build the road; the tolls pay to maintain it. (Of course, that's not an exact split and doesn't include the skimming which invariably occurs, but you get the general idea.)

Until we come up with perma-roads, there will need to be some form of ongoing funding for maintenance. For non-toll roads in the US, much of that comes from federal and state taxes on gasoline. This is leading already to some headaches as alternative fuels dodge many of the taxes, but don't decrease the wear on the roads.

2
1

Android faces SECOND patching crisis, on the same scale as Stagefright

Steve Knox
Silver badge

Re: Apparently OEM only

Yeah, after a page of very vague hyperbolic language we get:

"... an attacker can use the vulnerable plug-in ..."

ironically right after " 'Very easily exploited', hard to fix"

Shurely if it's a plug-in that's vulnerable, the fix is to remove/disable the plug-in?

2
1

Copyright troll wants to ban 'copyright troll' from its copyright troll lawsuit

Steve Knox
Silver badge

Re: Well they're at it

Nope. By Malibu Media's logic, "unauthorized copying" would be prejudicial. If they refer to the defendant by any term other than "defendant" they have voluntarily surrendered their own argument.

8
0

Hacking Trump: Can we not label web vandalism as 'terrorism', please?

Steve Knox
Silver badge

Re: So what is the penalty for spray can graffiti?

Did they do it in French too? It's breaking an extra Canadian law if you only deface in English?

Obligatory:

https://www.youtube.com/watch?v=dDGkQiwh_qg

2
0

Websites that ID you by how you type: Great when someone's swiped your password, but...

Steve Knox
Silver badge

Re: Surely the main issue is informed consent

Biometrics are not passwords. Passwords change, biometrics don't.

Be honest: when was the last time you changed your password for El Reg?

PasswordsMAY OR MAY NOT CHANGE. Should they? Probably, in most cases. But that doesn't make it a defining feature.

1
1

Google to French data cops: Dot-com RTBF? Baiser ma DERRIERE

Steve Knox
Silver badge
Holmes

Re: "[..] it is not the law globally"

So basically Google now thinks that it can do whatever it wants anywhere as long as it is not against "global law".

Someone forgot to read the part where Google has complied with RTBF for the local domains...

Try pulling that off in Beijing and you can say goodbye to your Chinese customers for a good, long while.

Beijing isn't asinine enough to require Google to censor their .com domain, though. Don't believe me? Do an image search for "Tiananmen square" on google.com...

1
1

Edge out rivals? No! Firefox boss BLASTS Microsoft's Windows 10 browser brouhaha

Steve Knox
Silver badge

Sounds like a medieval open sourcers curse

Mozilla's Beard!

10
0

Bloke cuffed for blowing low-flying camera drone to bits with shotgun

Steve Knox
Silver badge
Headmaster

Re: Yeah...

Ariel photography has been popular for a long time, its not illegal

Potentially true, but you might get a visit from Disney's copyright lawyers, or get sent to the doghouse by the spouse, depending on which Ariel you're talking about photographing...

4
0

Just ONE THOUSAND times BETTER than FLASH! Intel, Micron's amazing claim

Steve Knox
Silver badge

Re: @Lamb0

Why would this be embedded in phones? Phones aren't limited by flash's speed or lifetime, so there is no reason to add something more expensive to get better performance on either metric.

I think you're facing the wrong direction. If I were building phones, I'd be considering this as a potential replacement for mobile DRAM:

Lower per GB cost

Nonvolatile could* mean less power usage

Lower speed should be ok given phone processors compared to server/PC processors.

*unless, of course, the power needed to change a value is significantly higher than mobile DRAM. That's one of the pieces suspiciously missing from the article.

11
0

Google: Hey startups, want in on our patent gang? First hit's free

Steve Knox
Silver badge
Thumb Down

Re: Keep it up

No, this is more like "we won't sue you as long as you pay us money to be in our club."

Kind of the software patent version of "Nice shop here. Be a shame if something were to happen to it."

8
2

Microsoft attaches Xbox stream bait to Windows 10 hook

Steve Knox
Silver badge
Paris Hilton

Why?

Why not just import the XBox One libraries into Windows 10 so you can run the games natively on you PC rather than having to shell out for an extra machi--

OHHhhh. Never mind.

5
0

Ideal solar system for SECOND EARTH found – and it's just 186 light-years away

Steve Knox
Silver badge

Re: Current theories...

A theory is not a conclusion.

Nobody has stated that there are rocky planets, only that by our current theories they are likely.

3
2

New Horizons: We've got a pretty pic of Pluto. Now let's get our SCIENCE on

Steve Knox
Silver badge

Re: It's exciting,

On the contrary, there's lots for those who look:

http://xkcd.com/1551/

10
0

On yer bike: Hammerhead satnav for cyclists – just don't look down

Steve Knox
Silver badge
Meh

Re: Rules are for you too.

Because no motorist has ever jumped a red light or pedestrian crossing. No pededtrian has ever stepped into the street without looking.

Don't know how it goes in your neck of the woods, but the percentage of motorists jumping red lights round here is in the single digits.

The percentage of cyclists doing the same is in the high nineties.

As for pedestrians, well, they just do as they like.

19
18

From doodles to designs – sketch it out with a stylish stylus

Steve Knox
Silver badge

Precision Stylus for Android

I believe Samsung short-circuited this market with their Note line. If you want a high-end Android tablet, Samsung's already at or near the top of your list, so if you want a precision stylus, you get a Note.

10
1

We tried using Windows 10 for real work and ... oh, the horror

Steve Knox
Silver badge

Selective data

Why does everyone show a different list of Windows versions when making that tired old quote about every other version being good (or bad)?

Perhaps because if you use the actual list, it's not so clear cut.

First off, there are the major DOS-based versions:

1, 2, 3, 95, 98, ME

But that's not quite right, because there are minor versions with significant updates, and splits within. So you've really got:

1, 2, 2.1(/286), 2.1(/386 -- first release with protected mode), 3, 3.1, 3.11, 3.2 (Chinese), 3.1x/3.2 with Win32 (32-bit extensions), 95, 95 SP1, 95 OSR1 (first release with IE bundled), 95 OSR2, 95 OSR2 USB Supplement, 95 OSR2.1, 95 OSR2.5, 98, 98SE, ME.

Then in (pseudo-)parallel development, you have the NT versions:

3*, 4, 2000, XP, Vista, 7, 8, 10

But then there are the minor versions of those:

3.1*, 3.5, 3.51, 4.0, 2000, 2000 SP1-4, XP, XP SP1-SP3, Vista, Vista SP1-SP2, 7, 7SP1, 8, 8.1, 10

* The first version of NT was 3.1, to keep the numbers parallel with the DOS-based version of Windows the GUI was from.

Finally, interleaving those based on release date, you have (NT in bold)

1

2

2.1(/286)

2.1(/386 -- first release with protected mode)

3

3.1

Windows for Workgroups 3.1,3.11

NT 3.1*

3.2 (Chinese)

3.1x/3.2 with Win32s (32-bit extensions halfway compatible with NT)

NT 3.5

NT 3.51

95

95 SP1

95 OSR1 (first release with IE bundled)

95 OSR2

95 OSR2 USB Supplement

95 OSR2.1

95 OSR2.5

NT 4.0

98

98SE

2000

ME

2000 SP1-4

XP

XP SP1-SP3

Vista

Vista SP1-SP2

7

7SP1

8

8.1

10

Now, I've taken some liberties with this list, not including most x.0x releases because they generally did not include much new functionality, but NT 3.51 and all of the 95 OSRs did include some major functionality changes. Although the later NT version Service Packs often did include significant functionality changes (most notably XP SP3 which made XP somewhat secure, and Vista SP1, which made Vista actually work) but since at that point there weren't parallel versions, I combined the SPs into a single entry because that makes them a single cumulative set of functionality updates.

So even this list is debatable, but it's a damned sight closer than any other I've seen. Still, it shows how absurd the alternating quality hypothesis is -- not because you can't come up with a list in which the odd versions are good, but because there are so many ways to crop and shuffle this list that you can just as easily come up with an equally definitive list which proves that the even versions are the good ones, or the prime-indexed ones, or whichever particular pattern you'd prefer.

25
2

Assange™'s emotional plea for asylum in France rejected

Steve Knox
Silver badge
Headmaster

Re: France...

Spelling or missing I?

...rape was committed, from an ethical standpoint, if not legal on a bass of Swedish law.

raises, among so many others, the question of how exactly did a fish get accepted to the bar in Sweden?

2
0

Boffin: Will I soon be able to CLONE a WOOLLY MAMMOTH? YES. Should I? Hell NO

Steve Knox
Silver badge

Poll Misspelling

YES, I for one welcome our huge, woolly, tusky chums

You misspelled overlords.

4
0

Sprint: Forget all we said about strangling your web video streams

Steve Knox
Silver badge
Holmes

Or did they actually expand the reach of their throttling with this change?

“During certain times, like other wireless carriers, we might have to manage the network in order to reduce congestion and provide a better customer experience for the majority of our customers.”

Now, it'll just be pure coincidence that your connection randomly gets selected for such when you happen to be viewing a video stream. Or anything else that they want to throttle.

0
2

Surging US dollar curbs global IT budgets

Steve Knox
Silver badge

“SaaS is about market share not profitability”, Gartner says.

"But you're losing money on every customer! How do you stay in business!?"

"Volume!"

4
0

Hey, Sand Hill Exchange. Shouting 'blockchain!' won't stop the Feds

Steve Knox
Silver badge

Yes, but...

can you short cat pictures?

7
0

Amazon enrages authors as it switches to 'pay-per-page' model

Steve Knox
Silver badge
Trollface

Use Large Fonts.

Problem Solved.

13
1

Buy with your head, drive with your heart: Alfa Romeo 4C Coupe

Steve Knox
Silver badge

Could El Reg get a Vulture fetchingly dressed in blaçk leather to show us a few options?

A cry for the return of the Moderatrix?

2
0

Chrome, Debian Linux, and the secret binary blob download riddle

Steve Knox
Silver badge

"Other people" != "other people"

Unless you're reading every line of code how is this any safer than downloading binaries from repositories? Your security is dependent on other people in both cases.

In the closed case, your security is dependent on a small* group of people with a vested interest in not disclosing any security issues (deliberate or not) in the code.

In the open case, there is (at least the potential for) a larger* group of people with a greater motivation for disclosing and/or fixing security issues.

*Not small vs large in terms of physical size or even necessarily quantity, but in diversity of goals and drivers.

20
2

Why is that idiot Osbo continuing with austerity when we know it doesn't work?

Steve Knox
Silver badge

Re: "Stimulus" Does Not Work

If one didn't need value from one's CPU cycles then the greatest program in the world is "10 goto 10". This is what "stimulus" does.

You just proved that you don't understand either programming or stimulus. "10 GOTO 10" would in fact use very few CPU cycles in a modern system, and for this to be a valid analogy, stimulus would have to be limited to taking money from one account and immediately putting it back into the same account.

The underlying problem with your argument is that you presume value to be something objective, or more to the point, you presume that value to those people who earned the money equates to value to society as a whole. (There is also the deeper unspoken assumption that those who earned that money owe nothing back to the society that created the infrastructure that enabled those earnings, but that's a much more complicated issue.)

Finally, "pork" is simply a useless term when attempting to discuss government spending in a districted political system. The only consistent definition of the term is "government spending that happens outside of my district." which is neither objective nor valuable in reconciling subjective differences.

3
4

MIT bods' digital economy babblings are tosh. C'mon guys, Economics 101

Steve Knox
Silver badge

Re: @Dawson

Employers are going to avoid using cheaper and more efficient robots that don't require wages or benefits because they are thinking of the macroeconomic consequences? I don't think so.

Neither did Dawson, apparently, because he said nothing of the sort. He said that robots and AI are nowhere near as advanced as you seem to think they are.

Driving is just dead. It's too easy to automate driving compared to even putting a burger together by robohand. 

A perfect case in point. If you'd ever seen a self-driving car trying to operate anywhere outside of a very controlled environment, or some of the many vending machines that can make anything from pizza to mashed potatoes, you wouldn't have made such an absurd claim. The rest of your examples are similar hogwash that "futurists" have been banging on about since before I was born. But hey, keep banging that drum. One of these centuries, you're bound to be right.

2
0

Gonna RUB MYSELF against the WALL: Microsoft's Surface Hub 84" monster-slab

Steve Knox
Silver badge
Trollface

Re: reasonable

Actually the hardware is only 7,000. The rest is licensing for Windows wall edition.

10
1

Bill Nye's bonkers LightSail spaceship unfurls solar sails at last

Steve Knox
Silver badge
Boffin

Talk to The Apples In Stereo

Momentum (p) = mv (i.e, mass times velocity)

Mass (m) = e/c2 (i.e, energy divided by the square of the speed of light)

So p = ev/c2

Hence momentum is a derivative of energy. (The velocity component of momentum can similarly be derived from e; that exercise is left to the reader.)

To collect momentum, one must collect energy. Your phrasing may be more precise, but it doesn't make the other incorrect.

2
0

A pause in global warming? Pah, FOOLS. There was NO PAUSE

Steve Knox
Silver badge
Facepalm

Re: Exactly!

But what does it say about the 'scientists' that won't show their actual data ...

It says that you don't know how to do research.

Here is their paper: http://www.sciencemag.org/content/early/2015/06/05/science.aaa5632.full

And here is the link (from their paper) to their materials and methods: http://www.sciencemag.org/content/early/2015/06/03/science.aaa5632/suppl/DC1

In short, those 'scientists' that won't show their actual data... showed their actual data (and how [and perhaps most importantly why] they changed it.)

18
3

New US bill aims to zap patent trolls with transparency demands

Steve Knox
Silver badge

Re: Big step in the right direction

There's only one key thing I'd add to it, which is forbidding suing end-users EVER unless they continued using the technology AFTER the suit had been adjudicated in the plaintiff's favor and end users given notice.

If the case has been adjudicated in the plaintiff's favor, then the primary infringer is on the hook for paying the plaintiff for their loss. So the end-users should not owe anything, and since the infringing technology is now payed up, they should be able to continue using it.

The only situation in which it should be acceptable to sue an end-user for patent infringement is in that rare case where the end user is aware of the infringement as it happens and specifically chooses to start using the infringing technology.

3
0

Quiet, please – HP waves baton for 'composable' IT

Steve Knox
Silver badge

Odd

I'm more used to HP being involved in compostable IT...

1
0

US Senate passes USA Freedom Act – a long lip service to NSA reforms

Steve Knox
Silver badge
Childcatcher

Re: "Freedom" Act

It's worse than you fear.

The actual title of the act is:

"Uniting and Strengthening America by Fulfilling Rights and Ensuring Effective Discipline Over Monitoring Act of 2015"

I believe we can conclude from this that two centuries of competitive campaigning selects for inane acronym affinity (acronymiphilia?).

11
0

American Idle: Seacrest keyboard startup Typo goes nowhere after BlackBerry bust-up

Steve Knox
Silver badge

Re: Seriously?

The fact that BlackBerry seem to have scored a decisive victory suggests that the courts themselves consider the patent to be valid.

The fact that this victory happened in settlement talks before the cases went to trial suggests that the courts' opinions had little to do with it.

7
0

Silk Road boss Ross Ulbricht to spend LIFE in PRISON without parole

Steve Knox
Silver badge
Holmes

Re: Paul 87

From the article

"In a letter submitted to the court earlier this week, Ulbricht said he realized he had "ruined my life and destroyed my future" ... "Even now I understand what a terrible mistake I made," Ulbricht wrote in his letter."

Do we have a different definition of remorse and responsibility?

Never heard of deathbed confessions?

2
0

Unmasking hidden Tor service users is too easy, say infosec bods

Steve Knox
Silver badge

"legitimate sites like Facebook."

HA!

10
0

.sucks-gate: How about listening to us the first two times, exasperated FTC tells ICANN

Steve Knox
Silver badge

.sucks sucks, but not for those reasons.

The real problem with .sucks is that it allows trademark holders to register {trademark}.sucks at all.

10
0

'iPhone 6S' to push fanbois around with 'Force Touch display'

Steve Knox
Silver badge

Re: The Holy Grail...

That said, sometimes the best solution takes work on the part of the user - a MicroWriter-style chorded keyboard is a more natural fit for a phone-sized device than a QWERTY, yet it is not commercially available.

Not the same shape, but...

http://gkos.com/gkos/index-gkos-com.html

0
0

Windows and OS X are malware, claims Richard Stallman

Steve Knox
Silver badge

Re: Shut it you tedious old windbag

Trouble is that he [Stallman] just couldn't help adding bells 'n whistles whenever anyone did something legitimately with GPL software that got his knickers in a knot,...

True

... so the GPL these days looks as restrictive as yer average commercial EULA....

Also true but incomplete. Although the degree of restriction is similar, the nature of the restriction is not.

Commercial EULAs almost exclusively restrict end users, whereas the GPL primarily restricts developers. That's a very important difference.

24
2

If IT isn’t careful, marketing will soon be telling us what to do

Steve Knox
Silver badge

Re: IT could use marketing...

...in the form of a representative of IT, to interact with the rest of the business, someone who speaks the speak, wears a snappy outfit and uses appropriate amounts of hair product, who can sell what the company needs to the people who don't want to understand or spend.

Congratulations! You've just invented the CIO!

1
0

Imation CEO voted off board in proxy war bombshell

Steve Knox
Silver badge
Coat

??

...restructured into a Legacy Business segment and a Disk Storage segment...

What with all this flash and cloud brouhaha, I though Disk Storage was a Legacy Business...

1
0

Amazon cloud to BEND TIME, exist in own time zone for 24 hours

Steve Knox
Silver badge
Headmaster

Yes.

So News only encompasses entirely novel things?

What do you think the "new" in "news" means?

Origin of news

1425-75; late Middle English newis, plural of newe new thing, novelty (see new ); on the model of Middle French noveles (plural of novele), or Medieval Latin nova (plural of novum); see novel2

(http://dictionary.reference.com/browse/news?s=t)

0
0

You can't put a price on LOVE, says Apple after court's Samsung payout slash

Steve Knox
Silver badge
Boffin

Re: Bull

"It's about innovation and the hard work that goes into inventing products that people love, which is hard to put a price on."

Since Apple regularly and with little effort puts prices on its products, it follows logically from this statement that (a) they are not innovative, (b) they did not invent their products, and/or (c) people do not love their products.

So you go ahead and disbelieve Apple's spokesemailer; I'll treat them as the honest, non-innovative, idea-stealing creators of hated products that they're so eager to admit to being.

11
0

Feds: Bloke 'HACKED PLANE controls' – from his PASSENGER seat

Steve Knox
Silver badge
Facepalm

Oversimplification

Someone checks to see if they can access cockpit control without permission through the airplanes (secure?) network while the plane is in flight with passengers onboard, they can, they tell you about it and you arrest them?

That's what the question actually is. And the answer to that question is "yes".

Testing the systems in a controlled environment, with permission from the system owners? Fine.

Testing the systems in a controlled environment without permission? Questionable at best.

Testing the systems in an uncontrolled environment without permission? Not acceptable.

Telling the FBI that you're even hypothetically capable of performing an act which can be interpreted as a crime, the breaking of which could make some agent's career? Absolutely Fucking Stupid.

Why is this so hard to understand?

14
7

Forums