Resistance is futile
Resistance is futile, you are not the customer, you are the goods and you shall be monetized.
2085 posts • joined 18 Aug 2011
Resistance is futile, you are not the customer, you are the goods and you shall be monetized.
Moron. He could have gone on an excursion to Ukraine instead. You can buy anything around those parts, up to a howitzer if you pay cash.
Very good point. The only thing our "Candidate Bond Adversary" lacks is nukes. Let's give 'em to him.
You do not use the plastic key - it is a master to do the metal one using normal key replication tools and a blank at the locksmith.
Side channel attack - pen in the zip, pry the zip open, do whatever you like, move the zipper back and fourth and it looks same as it used to.
Any suitcase with a plastic zip is as good as wide opened. Metal zips are also susceptible to this attack (albeit a bit more difficult).
Compared to UK, Germany anti-racial hatred and anti-racism laws have a bite. A vicious one too. This is a result of dealing (quite successfully) with the WW2 heritage and the heritage of the racial hatred and division after the unification.
To put it this way - I would not want to be a "Web 2.0" internet business on the receiving end of a spat with a German public prosecutor.
Like it or not it, these are the statements of the fact:
1. Germany is the least racist and xenophobic country in Europe. I would not wish any other country to get to be as tolerant as them as it is a result of what they went through in 20th century. It did not come easy, but it is a fact. It is significantly less xenophobic than the UK, it is by orders of magnitude less xenophobic than France and way less racist than Eastern Europe.
2. Germany is picking up the slack for all of us including the 3 countries which sponsored initially, actively participated in the development and continue to inflame the whole North Africa and MIddle East mess (USA, UK & France). Frankly we need a new Geneva convention - one which says that you are responsible for 50 years for any refugees from a country whose "societal order" you have decided to "correct".
They may do - Eu fine regiment is vicious. Very few companies will find 10% of global turnover over the period of the violation to be something "painless".
The guy demonstrated that:
1. The lidar is susceptible to a trivial replay attack
2. The lidar does not deploy any encoding to protect against interference.
3. He did a POC on both
The only possible reason for the clap being slow is that the lidar security was utter crap to start with.
Malicious attacks aside, I do not see how the hell can this wonderful gizmo operate if every car will have one. The interference from other car units should kill it outright.
Oh, come on, I would call dwarf No 7 anything but retarded
Beware of the member of the Campaign for Equal Heights wielding an axe.
Quoting another version of Snow White as we used to tell it in high school:
The first one said, "Who has been sitting in my chair?"
The second one, "Who has been eating from my plate?"
The third one, "Who has been eating my bread?"
The fourth one, "Who has been eating my vegetables?"
The fifth one, "Who has been eating with my fork?"
The sixth one, "Who has been drinking from my cup?"
The seventh one, "Who is ... Oh never mind, turn off the lights brothers, let's go to bed"
There are various other requirements for them to qualify, such as wearing a uniform
That requirement is not in the conventions anywhere. It was invented by Muller (Gestapo boss) on personal Hitler orders in the directive which he issued as a justification for shooting SAS infiltrators in France on the spot in WW2.
having a proper chain of command which has been announced publicly I do not recall that one in any of the conventions either.
Moreover, nothing in the Conventions prohibits killing the enemy - it just means they have to be treated properly if and when they surrender or are otherwise rendered unable to fight.
My exact point.
1. Blanket torture via waterboarding does not fit that.
2. We presently subject any of the captives to a trial for killing or trying to kill one or more of "our guys". If we are at war, them doing so is a case of "A la guerre comme a la guerre". They are entitled to do it same as we are. If we are in a police action we should stop calling it a war and get the relevant justification for spot-on executions in a police action.
Killing someone in war is not execution. It does not require a trial.
It requires a declaration of war and authorization of use of military power by the parliament.
We have not acknowledged formally the existence of ISIS to declare a war against it. We have not had the parliament declare war and authorize use of military power against any of the factions participating in the Syrian civil war. In fact, it voted explicitly against that.
To make things even more interesting, war means complying to Geneva conventions on prisoners of war. It means that enemy combatants which just fight your military targets without engaging in violations of the relevant conventions like attacking civilians, hospitals, etc should be treated appropriately and not subjected to a trial for murder and sentenced because they are attacking you. If we are in a state of war, then we are violating the relevant conventions across the board on that one.
While the grand posturing regarding "War on Terror" is all great for PR, it has absolutely zero value in terms of international law and domestic law for that matter. We either have to make it so, or we have to find an alternative justification for lethal police action. IMHO, the latter is a better idea as it will not give ISIS and Co the legitimacy they are getting from us declaring war on them.
During WW2 the more prominent collaborators were tried in abstentia for grand treason. The less prominent also had that offense quite clearly tagged onto them and it carried an automatic death sentence.
Today we neither have grand treason as an offense, nor the death penalty so drawing parallels with WW2 is a bit disingenuous until we have reinstated both. Frankly, the case deserves it too.
It is worrying however. We just reinstated the death penalty and we executed two men without trial.
If we are going to do stuff like that we might as well do it properly - reinstate the death penalty for grand treason and try the "victims" (quotes intended) in abstentia in open court. If convicted, execute by whatever means necessary.
Spammers in general have been weeding out "tough targets" from their mailing lists for the last 2 years.
If you operate a greylist and use a couple of DNS blacklists they leave you alone - you are not likely to take the bait and getting past your defenses is a waste of "paid" resources (botnets are bought and sold like AWS nowdays).
At the same time "legitimate" scumbags have been growing. They are not blacklisted by DNS blacklists because they use lawyers (quite successfully) and demonstrate working unsubscribe. The fact that "unsubscribe" it subscribes you to 10 _OTHER_ "unrelated" junk mail lists is another story - the important part is that it passes "legit" reqs. They are now used by large companies too: Bricolage, Aldi, Billa, iRobot, so it is not just the perennial "speak with confidence", "pullman/rally experience" and "solar panels" scams any more.
Answer: anyone who uses static DHCP leases on their network. I have a perfect audit trail of all MAC addresses of my devices going back 15 years.
In any case, if memory serves me right iThings will use a randomized MAC when scanning, but not when connecting to a known network.
As far as the idea goes, I used to run a similar MAC trap and Bluetooth (in the 2000-es Nokia used to ship with Bluetooth visibility enabled) for years. Initially (~2008) it worked quite well (especially the Bluetooth portion). I turned it off last year - it stopped logging anything meaningful. Randomized MACs and Bluetooth being invisible and/or inactive by default in Android/iOS did with that idea.
I had similar issues too when I tried it for the first time on a Mini Pro. It was refusing to power down when connected to a charger, the charger was doing weird things too. I think that is sorted in newer builds (and for newer phones).
My biggest gripe with Cyanogen is Bluetooth, followed by GPS. Bluetooth was just not usable neither on my Arc, nor on my Nexus 7. Dropping connections, interrupted audio, etc.
GPS was working. Sometimes. Other times it was showing a systemic error of 200m west from where it should have been which could be resolved by one or more soft restarts - not something you want to do while driving and getting directions.
I still run the Arc with Cyanogen as it is the only way of keeping it up to date (it will run out of app space with its factory build + updates), but I had to give up on it as a primary phone as you could not use it for navigation.
So, may I suggest an addition to El Reg battery of tests (especially for Cyanogen): GPS (multiple application starts), Bluetooth (including battery life with bluetooth on).
Perfect customer services rep then.
You should see some of the characters attending its junkets. Then, and only then, you will understand why it keeps coming up with such ingenious ideas.
Yes, in barrels made of solid wood, not wood shavings.
That is real. If you want it fake you add wood shavings activated by either flash-microwaving them for 30seconds or running a gas lamp over them and leave the maturing "cask" at ~ 30+C for two months.
The technology differs depending on the volume - up to 3l vessels need nothing more but to be forgotten for 2 months on a Southern European latitude balcony in mid-summer. More than 3l requires active steering of the wood shavings in the spirit. This is the same technology as used by some distilleries to produce a rather authentic looking whiskey, brandy, slivovica, etc at low cost. Just they use actively mixed autoclaves at 60C+ for up to 3-6 months instead.
The end result if done right is achieving the taste equivalent of 3-7 years of maturation in 2-3 months. I have done that plenty of times with home made brandy in the days when I used to "advise" my dad on how to do it.
However, as a professional chemist by trade (which has long surrendered to the dark side of IT), I can tell you that the experiment was pointless outright. YOU CANNOT MATURE A SPIRIT IN ZERO G. It is the same problem as using larger than 3l vessels in fake maturation. You need convection for the activated wood to pick up the "crap" out of the spirit and for the spirit to pick up the flavour and colour out of the wood. No convection will result in a fraction of the process happening in the boundary layer. Everything beyond that will remain unmatured crap.
Algal blooms like this killed the high speed sea transportation in the Black Sea in the late 1980-es.
Prior to that, the Comet was the way to travel. Up to 3 times faster than car or bus from any point on the coast to any point on the coast. All countries had a service (albeit under different names).
Well, its engines were outboard water cooled (as on most high speed hidrofoils). Works fine in clean water. 30 minutes of traveling across an algal bloom like this and the heat ex-changer is completely clogged up with gunk. That is where your journey ends.
Dealing with all the bureaucracy and surviving with your sanity intact.
What is more important is "what is its kitchen resistance".
This has "kitchen TV + recipe book" written all over it. If it has sufficient protection to withstand the rather nasty environment above a kitchen worktop I am buying one without a second thought.
It will be interesting to see how this fares when every car has got one.
Ra(and respectively Li)dar works quite nicely when you have one or two working in the same area. Make that a few 100 as in your average 4 lanes traffic jam and watch the show.
Try loading 60 year old film into that. It will disintegrate.
Old film readers are rather special beasts because they also have to take care of the mechanical fragility of the film after decades of storage. They cost a fortune too. The joke about "military spec" and 7 times higher cost was far off. You are looking at hundreds times more expensive than your average 35mm film reader.
No, at this point in the (legal) timeline. If you do it in the land of the free the "hackfest product" cannot be exported to Europe, Japan, Korea or elsewhere without a license. So you are stuffed in a very similar manner.
The only way to do it is to host it in neutral waters on a ship registered to a country which does not participate in Wassenaar and could not give a damn about software "weapon" exports. In fact any cruise ship registered in the Bahamas, LatAm, Africa, etc is a fair game. If it is outside the main tourist season it will also end up cheaper than doing it in let's say Japan.
Sad but true - we have reached a point where we cannot have an international security hackfest or conference in any Western European country, USA, Korea, Japan, Australia or New Zealand.
Because most people have never heard of UPnP, let alone turned it off.
Exactly. Most of the fecking cameras will kick off a UPnP request to have some ports forwarded and will set themselves open to the Internet do you like it or not. The actual "portal" which you "access" to see you sprog from the Internet (and which you consider "secure") is just a redirect to your (already on the Internet) camera.
NFS is not just NFS :)
NFS as understood by most vendors is NFSv3 which sucks bricks sidewise through a thin straw. It is a 20 years old protocol from the days before every second process had an embedded database and was flock()ing it several times a second. When you read the benchmarks small print nearly all of them are v3 and some arrays do not support v4 at all or do not support key features. They are all also highly synthetic because the key performance hurdle in v3 is not locking and that frankly has nothing to do with the array - it is more of a network issue.
NFSv4 is an entirely different ball game. The locking and auth are completely different and array comes to play big time, there are differences in how it is cached, etc. Considering that NFSv4 benchmarks (if available) are usually not published by vendors it will be quite interesting to see some testing done by a professional. If the array supports v4 in the first place.
Well, there is the classic one of I think the Norfolk? city council not receiving the planning complaint from a pensioner about the neighbor having an unsightly erection in her backyard.
You gotta love websense mail filtering sometimes. It is just... precious...
In that case boobies and shag should be allowed too.
Go use some other software.
I used to. I do remember the days when entering f*ck you on the command line of SPSS-X gave you the answer "your place or mine"
The Touchsmart series are actually top notch (once you upgrade them) and very reasonably priced. They can be serviced in the middle of Dumbf***stan on a 1 star hotel table too - the lid is like phone - screwless on clips and the disk is attached using standard Philips screws. The godawful 30+ hex star screws of yesteryear are gone for good. There are no 3/5 fold star stupidities or glue like Apple either.
Mine are all in this category, just AMD.
They can take 8G+ RAM (regardless of what the spec sheet says) and they fly once you stick a SSD or a hybrid drive.
I would never take a cheap Intel as it will be hobbled on multiple fronts - RAM (it is limited by what the spec says, if it says 4G it stays 4G) and GPU.
I have a single ARM Chromebook with real Debian (not Chrouton). It is actually a fairly decent machine. 5h battery life when working, all day conference use. _NO_ compatibility issues either. You apt-get what you need and use it :)
So if the router was electrically unsafe it would have been removed from sale.
Being "digitally" unsafe however provides Belkin with extra margin by cheapskating on software.
Frankly, a CVE should be an automatic "remove from sale" until it is fixed and if it is not fixed in a timely manner a "recall at the cost of the manufacturer". It is funny how a lot of the "cheap" crap sold by the like of Belkin will suddenly stop being cheaper than proper kit at that point.
You've to be a little careful about battery life with Ubuntu installed on a laptop
Err... It is the same in all OSes - it all depends on the amount of candy. The default candy in Unity is quite a lot for a laptop which has no proper GPU. So if you have an Intel IGP you are likely to see reduced run times.
If you have an AMD, even with Unity the run-times are on par or even in Linux favor. Switching to XFCE4 easily gets you into a position where Windows has lower battery runtime for doing the same stuff (f.e. surfing, editing, etc).
The HP looks tempting (if the stock Win8/10 can be removed). Neither of my offspring uses Windows so the usual "does it run Linux" question is not moot.
The rest are definitely not setting the world on fire.
1. The thunderbolt attack as as old as firewire. Literally. You could swipe all of the memory on older Macs via a Firewire attack and analyze at leasure. It is however a _DIFFERENT_ threat and attack.
2. Putting malware components into video ram is as old as SVGA. It was done multiple times going as far back as 1990-es. The moment you could map video memory properly (starting with VESA cards) was the moment that became possible and it was used from time to time.
The biggest problem with malware is to be undetected on disk and at load, not at runtime. Going into GPU memory does not help you with the first two - it helps only with runtime evasion. If you are going to go through the effort of non-x86 coding you might as well code some malware for mmu-less ARM Linux and load yourself into the hard drive firmware. No detection on disk, no detection on load, no removal. Check, Check, Mate.
Putin and China couldn't have designed it better for us.
They have. Su-34/35 with all upgrades (and their respective Chinese copies) will give it a good run for the money at a fraction of its cost.
PAK-FA is likely to hand back its arse on a plate. Sukhoi decision to limit stealth to predominantly the frontal hemisphere compared to F22/35 gives it significantly better maneuverability and agility in the air - its control surfaces and thrust vectoring do not need to be crippled. So if they meet "close and personal" the F35 is as good as dead.
After that they'll stop calling the F35's and just call in choppers
The closest equivalent to A10 which is still being produced is this.
Similar desigh - a 30mm cannon with a set of propellers (instead of wings). Slightly lower survivability, but still stupidly high compared to most other choppers and most fighter aircraft. It is manufactured by the "enemy" though
Not likely, I suspect that the whole virtualization play works only with the binary driver.
Ever tried walking into a bank and withdrawing £20,000 in cash?
Sure, I used to do it regularly 20 years ago in Eastern Europe before the electronic transfer system was opened to mere mortals. In fact, I have done it for much bigger sums too. The amount for which the bank used to ask for prior notice in those days was the equivalent of 50k.
However, checks never worked there - they went from cash straight to electronic payments. As a result they till this day use cash more than us and cash machines tend to be loaded with more dough too.
He is onto a winner.
That is a lovely business model - in all other areas of life this would have amounted as fraud. A dating site with worse than 1:1000 target:interest active user ratio? You are more likely to get more lucky in an orthodox convent somewhere in the middle of Eastern Siberia.
However _NONE_ of the users would ever sue for fraud or file the relevant paperwork with consumer protection watchdogs because of the stigma that their name will be attached to an "affair site".
So do not worry about him, he will re-emerge again. People like that do not sink easily.
I have found sustained write in Crucial drives to be very far off.
Example: two machines, roughly same spec (AMD quad core A4), one with Cruicial drive and one with Kingston, upgrade from Debian Weezy to Jessie. The test writes a couple gigs of data (first downloading packages, then unpacking) in a mixed pattern (random write + a lot of sequential large volume writes).
The Crucial - upgrade took > 2 hours. The Kingston one - under 15 minutes.
If you benchmark them, they show up fine. If you start using them for real - not so much, there is a write performance "drop off a cliff" under load. I am definitely not bying them ever again.
SSDP is supposed to be used only over multicast.
Listening on a unicast address and replying to a unicast datagram for it is a BUG. Similarly, you should never listen to SSDP from outside your local network as it is a massive security risk - this is effectively opening your UPnP to the world.
The idiot vendors who do (and ship such buggy implementations) should be named, shamed and removed from sale (that is the only way to deal with it - we should start removing CE and FCC kitemarks from SOHO crapware running non-standards compliant software). After all, if something does not comply to f.e. wireless standards it can be removed from sale. I do not see why this should not apply to network standards as well. In fact, it can be removed under a whole raft of consumer legilslation (the stuff usually enforced by trading standards) too. All of that if anyone was _REALLY_ bothered by this. As long as it is not being removed, I find it difficult to believe that this is the case.
Extremely sick of robodialers
Your solution is half-correct. Killing the land line is the right step. Not having a number at all is an overkill. The biggest seller of data to marketing scum is BT and the like. I ended up turning off that line same as you.
At the same time, I have never had a marketing call on my Sipgate and Teleappliant VOIP numbers. They just work and I never get any tele-scammers calling them.
I can bask in the sunlight and slowly get a tan, or sit under a dedicated UV lamp and get burnt to a crisp.
Actually, that is an interesting example as light hypersensitivity is a well known condition which in the worst cases can make your life so miserable that you would rather commit suicide than continue:
As there is also a _REAL_ condition too. Long term exposure to high frequency high power electromagnetic field can have some very nasty effects.
For example, old time (pre-health and safety era) radar operators (both military and civilian) have way above average rate of heart and arthritic conditions. That, however, is a completely different ball game - we are talking exposure to fields which are orders of magnitude more than Joe Average user would encounter in his average ordinary life.
I think only vents at the back of the card
Nope. Look at "how it is constructed" diagram.
It is a bog standard intake from "face" fan pushing onto a bog standard radiator matrix. Airflow will be coming out half from the PCI bracket (so far so good), but other half from the from the other side into the case. There will be minor overspill from the top side too.
So you are looking at 50% of 175W recycled back into a book size (mini-ITX) case. Even the best ones (f.e. by Silverstone) have trouble dissipating > 80W. Pushing 90W into it from the card alone is a fried system outright.
Overall - pretty bad design. They could have done the cooling differently by moving the fan pushing everything out of the PCI bracket exhaust. It is non-trivial as the airflow reqs are quite high so it is difficult to have something that does not sound like a hovercraft.