MIcorosft contributing security fixes to Samba
World has truly gone mad.
1324 posts • joined 18 Aug 2011
World has truly gone mad.
Yes and no.
All Nvidia from 6xxx onwards have a temperature sensor onboard. Some more than one. So yes they do have thermal monitoring.
However, they do not have hardware thermal throttle - all temperature control and frequency control is by the driver only. It is one of the first things I do with nvidia on a linux platform - install the proprietary driver and cut-n-paste 4 lines of magic incantations into xorg.conf to enable dynamic frequencies and more sane thermal mode.
So coming back to the thermal monitoring - you can (and will) successfully fry an nvidia by overclocking it and increaing the critical temperature (both available as parameters).
It is called PEBKAC
Seconded - you do not compile a kernel nowdays unless you are a developer. I developed and maintained some patches versus one of the architectures for 3 years and even if you are doing it day to day trying to keep up versus head and have a stable shipping version at the same time is utter nightmare.
As you - I would love to see the old even/odd system from days past back if not for any other reason, because you could submit fixes and improvements versus the stable and the maintainers considered it normal to port them themselves to the "odd" one. That is gone - you submit versus latest and greatest and anyone with ideas about seeing a backport versus one of the long term stables (3.2, 3.4, etc) can leave all hope entering here.
This has nothing to do with closed source.
The system in place was designed to subvert regardless of closeness or openness. You can configure the proxy in firefox and it will work with firefox same as it does with IE, Chrome, etc. The approach is not new, there are appliances like this for corporate use.
This is just a lame, badly done single user implementation of the same appliance. While it can do what it says on the tin (content inspection, parental control or as in this case ad injection) it is inherently bad idea because it puts the crypto out of the hands of the user. While this may be acceptable in some corporate environments, for end user use it definitely is not.
While at it, there is an important caveat here. NONE of the SSL/TLS would have been broken if there were user certificates in use as well as server certificates. I love listening to people who have no effing clue how TLS works complaining that it is inherently broken. Well, if it is done properly (both sides authenticating each other as they should) it is not. Neither in general, nor in this case because the handshake would have failed with the server not recognizing the user certificate or mismatching certificate to user/pass or whatever other credentials are in use.
It was a standard practice on the continent up to the 90-es to have _NO_ _EARTH_ in apartment blocks. If you dig an old socket from 80-es or earlier with the original packaging you can see that indicates that you are _SUPPOSED_ to cross connect earth and neutral. This is also the standard of wiring in old apartment blocks which have only 2 core cable. This funnily enough works - if everything is wired this way. The problem starts when someone upgrades the system and leaves the ground disconnected so it can float and end up being offset from neutral.
It is enough to have one of those on a coax network for the life of the admin to become a bundle of fun as it leaks onto the coax. I nearly killed myself a couple of times during the couple of years when I had to maintain a coax based LAN in an educational institution in the mid-90-es.
The problem was not so much in the electrocution (as one would expect). The network repeaters were located in old no longer used "cubby" offices along the central core of the building - one on each floor, on a shelf near the risers. So far so good, right? Not if there is a window right behind your back. The kick which 90-200V leaking onto the ground of the coax gives you is just the right size to try to do a sommersault back through the window behind you. After a near miss and a couple of days of swearing and trying to find the culprit I just grounded the coax ground across a 10kOhm resistor on each strand and that was the end of it.
That is light years ahead of our best beloved humanity graduates.
It means he _KNOWS_ when to ask his minions. This is a considerable achievement compared to knowing what the Daily Mail thinks on the issue and forming an opinion based on that.
Ask US geological survey.
If it did not have some suspicions that the big slide model of Cumbre Viejo has merit, it would not have spent several fairly fat wads of taxpayers greenbacks to establish and run a set of early warning ground stations on La Palma. In addition to local earthquake data, they supply back to USA data on any ground moves (detected by constantly monitoring GPS coordinates of the station).
WD drives firmware was hacked recently without source access.
Decompiling mmu-less arm linux (most common CPU on newer drives) is not that hard.
As someone who has had to use an Eppendorf pipette for real prior to giving in to the dark side of IT, WTF does an Eppendorf pippette system (as used in the as where the pic was lifted from) have to do with dating? Besides some thinly veiled innuendo on the subject of ultra precise liquid delivery and dating... Though once again, that would have made sense if it was related to a classic Eppendorf and not an automated mass delivery system (as in the ad where this picture has been lifted from). As far as innuendo goes that context is frankly somewhere between gross and extremely gross.
By the way, as far as boffinry goes it is a phenomenal piece of engineering and R&D, but I fail to see the relation between that and _ONLINE_ dating. Offline, that's more like it - most of the Eastern European molecular biology graduates which you can see yielding one in a real lab are towards the "extremely cute" end of the scale vs the boffin overall average :)
If memory serves me right, the road to hell is paved by what...
A more interesting question is does a spacecraft (including a suborbital one) qualify as drone.
Mass will be less in either case - cooling is trivial. You have a whole ocean at sub-liquid-nitrogen temperature around you and the possibility to conventional cool it.
IMHO the bigger design problem is keeping the amount of whatever isotope they load on the ship from overheating in-transit while it still does not have the cooling it will get at destination.
As far as Stirling, moving and fail, there are plenty of striling engines which are past their 100 year anniversary and still run with minimal maintenance. Stirling may be big, it may be slow, it may have atrocious mass to power ratio, but in general it does not fail for many years. Frankly, the isotope will run out of energy first.
When you compare that to the abuse El Reg has subjected the so called tough phones:
And the traditional Xperia dunking: http://www.theregister.co.uk/2013/05/13/sony_outs_xperia_zr_waterproof_phone/
Kraken... sentient... Hmm... Opens "Nova Wars" on the kindle... I do not think I like that idea...
I have heard that there can be serious complications, but I have NEVER heard of anyone who has actually experienced this.
This is because most of them are delayed. Nervous damage complication from measles is offset by up to a decade, heart by up to couple of decades, even eye squint and overall eye damage are offset by a year or two. Overall rate is significant > 1:10000.
So by the time the person has developed it your "lfe paths" would have parted so you would never know.
Also Measles (real one) != German Measles which was significantly more prevalent in the developed world.
Where I grew up, measles (real one) meant immediate quarantine, school closures, signs on doors in houses, etc. That was followed extremely strictly and for a reason - it has a significant (even in the developed world) mortality rate. Compared to that german measles was indeed all over the place and nearly everyone had it sooner rather than later.
I was in a school of around 700. measles went round in the days before vaccination. No-one was left with long term effects.
Depends on age. If those 700 got it when mostly pre-teen the likelihood of complications would have been under 1%. Out of these 1% the most common long term damage from measles is to the heart muscle and nervous system including fatal ones.A lot of those you will not see while still in school. You will see them later - up to a decade or more after that for the nervous system and decades (plural) for the heart.
So the fact that you did not see them in school does not mean that one of these 700 kids did not kick the bucket in college or as an adult due to something that could be prevented in the first place. For example the delayed fatality rate due to nervous system damage from measles is 1:25000. While fairly low it is still significant. Heart ones are in the 1:10000 range or therabouts. Most common is eye and eye nerve damage - again often delayed by a few years too.
Put things into perspective - you are suing the wrong people. The whole anti-vaccine thing was a fringe fad up to a few years ago. It stopped being a fringe fad _AFTER_ the invention of the vaccine against Human Pappilomavirus.
At that point, various right wing basketcases equated vaccines with promiscuity and started piling millions of funding into the anti-vaccine movement. That was also the turning point which marked the necessity for every politician from the right side to doubt vaccines to be elected. All of that because some cretin saw the vaccination of 13 year old females (which the right age for it for a long list of reasons), with a vaccine which prevents 60% of cervical, 40% of V, A, P, etc cancers as a religious issue.
It is quite funny how we get outraged about muslim clerics in Pakistan, Afganistan and Subsaharan Africas sabotaging the campaign against polio when our own religious nutjobs are doing the same at home.
FFS - that virus _IS_ in the f*** general population (yes f*** intended as it is descriptive). Will the person get it at 16, 18 or on the first night following whatever religious marriage ceremony is mandated by her/his upbringing is irrelevant. He/She will get it. The HPV vaccine is not a promiscuity aid and there is no reason to fund nutheads and mandate politicos to express nuthead views on all vaccines because of that. MMR vaccine included.
So if you have any objection on the subject you should look around and start suiing every single religious and right wing nutjob organization inclusive of the infamous K brothers. I suspect you do not have the budget for that. Nobody does - this is why this madness keeps on going.
All the "autism" advocates keep forgetting what is prevented by the vaccines:
1. Measles has a mortality rate and long term disability rate. Non zero one.
2. Diphteria has a mortality rate and a fairly substantial one to boot. One of my childhood memories which I would never forget is one of the kids in the same apartment block contracting it and the ambulance breaking down on the way. By the time the replacement ambulance arrived the kid would have been dead if our retired pediatrician neighbour did not tracheotomize her with a kitchen knife and a drinking straw.
3. Tetanus has an undisputable mortality rate
4. Pertusis has a mortality rate.
5. Varicella in individuals with eczema or asthma has a significant mortality rate.
These, taken together yield a childhood mortality rate of > 1% which was the norm 100 years ago and is still seen in the 3rd world. One of the reason why we do not see them even in non-vaccinated individuals is because of 99% of the general population is vaccinated. So the few individuals that do not for "ideological" reasons are in fact parasitising on the rest. If, however the vaccination prevalence drops under a threshold (for each of 1,2,4,5 this is is ~ 90-92%) the disease will have a sufficient susceptible population to spread. So they can _AND_ will watch their kids die. In the name of something that even if proven is still significantly lower (by many orders of magnitude) risk than the risk of childhood death from a preventable disease.
AOSP remains wholly dependent on Google for the higher level parts of Android (the low levels, kernel, firmware are often contributed by phone vendors - example Sony Ericsson and now Sony). So if Google decides to delay the source release for an arbitrary period (as they did with Android 3.0) there is bugger all anyone working off AOSP can do.
You missed the best one: "What are the civilian applications" :)
Though the most appropriate is "Sacrificial Victim"
Without the supporting infrastructure this is a gimmick. I do not see anythiing anywhere to force railtrack (or whatever it is called today) to provide backhaul along the rail-line and base-stations with predicted handover. A train is the easiest moving object to deliver high bandwidth to via wireless as it is moving with a known speed in a known direction so you can handover based on a predefined sequence instead of handover based on radio conditions. If you want to give a train several 100s of MBit you can do it with ease _IF_ you serve it using specialized backhaul and wireless.
So the train companies will all stick a single 3G/4G mifi per carriage (if not one per whole train) which will get saturated by 3 commuters and will not do anything about the abject absense of coverage along main UK rail routes. It will also have to compete vs all the mobiles in the same carriage so if it gets 16KBits you can sing halleluia and jump with joy.
Try using mobile on London to MK or London to Cambridge. And wheep - there are up to 15 minutes gaps where there is no coverage whatsoever (or a single channel of edge).
Dude, you are clueless.
There are two sides to this coin. One is (you are correct here) - management. This is the LESS valuable one.
The other one is teaching the young un's how to "hold that rifle and where to stick the pointy thing attached to it". Same as in the army - an experienced non-comm is more valuable to the survival of its squad than a whole office of freshly minted West Point (or Sandhurst) graduates. This is because he can teach the others practically how to survive in the day to day job, be it killing the enemy, be it writing software.
First of all - the only way of doing that is by being in the trenches yourself. You HAVE to have some experienced employees around all the time to ensure that stupidities are squashed early in the bud and not propagated for several years before they implode taking the down project (and sometimes the company with it)
Second, forcing everyone who attains some level of experience to become management or leave is utterly stupid. The result is McDonalds and McDonalds quality software. Going back to the army analogy - most grey beard non-comms would not make a good commissioned officer. It is pointless to send them to West Point or Sandhurst - they are valuable where they are and doing what they do best - being in the trenches with the troops.
It is probably me being thick today, but this diagram does not make a lot of sense :)
Come on. Diamonds are forever you know.
Indeed. IMHO this is giving the right answer to the question: "Why do we need voice recognition on the server side". At least I do not have any questions any more
Samsung intrusiveness is pushing you towards..... Sony?
Funnily enough this is not as paradoxical as it seems. They got burned early and badly so on the overall they have been pretty well behaved on both the home entertainment and mobile front as of late.
Not a lot, at least for now - the prices on Misco do not show a massive discount. They are pretty rock bottom as it is though.
Bitrotten - not so sure. TVs now use generic OS-es. My Tosh TV gets an update every 1-2 month. So does the new Sony BR (I suspect both run some form of Android). VR will only continue to be embedded deeper and deeper into the OS as this is where Google likes to take it so not like it will bit rot any time soon.
It is not "next generation". It is today's generation of embedded device developers tackling a new niche.
99% of the embeded development - cars, security systems, cctv, smart energy, etc has never heard of Postel's principle, has no clue of even the most basic Internet application security practices and will write insecure code by default. It comes with the territory.
This is exactly why I roll my own. I used to use Via mITX systems. I nowdays use Rapberry Pi.
Properly secured, communication with mothership only over VPN. All data movement, etc written by me in my spare time so I know exactly what and how moves around. Anything that touches my locks, central heating, has sensors and cameras in my house is going in only if I can see all the source or even better - if it comes as hardware and I can write the software myself. Off-the-shell cheap Chinese internet camera as a security device (or Nest for that matter) - no thanks, do not smoke that.
I was not that paranoid until I had to work with Smart Metering and review SCADA security as part of the process ~ 4-5 yeas ago. After seeing how they write those supposedly "critical" systems...
That mat was deadly - they fitted it also on the last real (2004) Daihatsu 4x4 Sirions before they completely crippled Daihatsu in 2005. I got one of these and it got caught on the clutch several times (no clutch on USA cars so break or accelerator will be the victim). To add insult to injury the f***ers did not include it in the recall list so no free mats from Toyota for us cheapskates.
I have tried anything and everything to deal with this and finally found something last year - the same OEM part as used on Isuzu trucks:
http://www.amazon.co.uk/gp/product/B00NC0ICWS (no association with the links). Two of these dealt with the problem once and for all.
So no hackers involved I am afraid. Just terminally (literally by all means) bad design (resulting from terminally bad management).
Hand out the data to the authorized dealership which in turn transmits it back to the corporate servers.
There is a "Sony Pictures" waiting to happen somewhere in here. The question is not if it will happen, it is a question of when it will happen.
Twitter can be "in charge" and is "in charge" as it has chosen (quite deliberately) to have minimal (if any) busyness entities outside the USA. So most governments and jurisdictions can hit it only with a polite request backed up by a threat of applying The Great Firewall of [Turkey, France, Britain, Russia, etc ]
This will not last - they will have to go outside the USA and start establishing presense in other countries in order to monetize sooner or later. Once this happens they will start getting proper legal requests as well as the compliance and audit trail to go with it.
This is one phone I would have loved to have. Unfortunately, when I looked to update the "fleet" a month ago frm the post-X-mas fire sales it was not available neither on Amazon, nor elsewhere.
Pity - I like the concept.
Better this than arming some psychopath or giving a tosser a truckload of arms so that a psychopath can pick it up at a later date.
Also, make it Tössers, so it has a proper IKEA style sound.
Actually, Amazon is obsoleting them all. It will obsolete Conrad and Maplin too.
It now has listings for nearly any electronic component under the sun for ~10% of the prices which Shack and Maplin used to charge so why bother going to a specialized store.
This is not stupid.
A fool and his money will soon be parted. The one who is providing for the needs of unhealthy paranoia and complexes in people is usually not stupid. Immoral - yes. Stupid - no.
Stupid is the one who is _BUYING IT_
This is why I have a DIY wiring management using slotted trunking on the back of all desks and on the back of the media unit. It takes ~ 20 mins to put a length (or couple) of slotted trunk iin place and screw it in as the glue tends to be insufficient to hold it in place. You can pull a cable out anywhere and similarly "reel it in" anywhere as a result. Nice, tidy, does not collect dust and allows your robot servant to do its job.
It used to be that the floor under each desk looked like octupuses in a feeding frenzy. The Roomba taught me to keep it a bit more tidy. Win-Win.
Judging by the design of the brushes on the picture this looks like the Samsung clone by the way.
You will damage the lacquer on the rest of the board. There are better options nowdays (water based acrylics).
First, ask a nearby female which one does she "prefer". I suggest doing it in a rather tame country. If you do it around the Mediterranean (Spain, France, Italy, Croatia, Serbia, Bulgaria) or in Northern Europe (Sweden) you will need the panic button on YOUR phone - to call the ambulance to be taken to A&E to remove a shoe heel from your tenders. In a more tame country you are likely to get the explanation that as far as a woman is concerned there is bugger all difference and you will get the heel _AFTER_ that. But you will still get it. And you should.
Second, originally, taxi licensing in most countries was introduced for exactly this reason - criminal record checks and overall customer safety. Now the fact that some municipal authorities have converted it into a cash cow (Bonjour Ms Idalgo) is a different matter. This was later.
Actually - for PGP compatible key formats and PGP compatible options there is not. The old PGP 2.x series which is available as software is obsolete by all standards. As far as using it all - ALL Linux distros and nearly all other free software uses distribution mechanisms based on PGP formats for signing implemented via GPG.
While it is theoretically possible to move them to x509, doing so will require a considerable amount of effort. Additionally, x509 is centralized trust anchor, while PGP is a trust mesh. So you completely change the trust model. IMHO the mesh is more appropriate for free software development as there is no center and even Ubuntu or RHAT do not have the means to maintain a CA with all the associated security and trust procedures.
Actually all contracts now include 4G except the lowest 250MB one. The change not mentioned in the press release is that they have started removing 3rd party wifi hostpot like BTWiFi, etc from the contracts in parallel with adding 4G.
There has already been at least one successful cat-assisted war-driving experiment.
Some of the smaller android phones (which also happen to have cyanogen loads and root access) can be attached without a lot of trouble to a cat collar. Load a WiFi attack suite, let the moggie do a tour of the neighbour's gardens and voila - here is your new and shiny botnet (nicely localized to a location too).
The fence they are using will exclude everything, not just the toad. Hint - toads are not frogs, they really suck at jumping. So a 10-15 cm reverse inclination (outward facing) fence should suffice. There is no need to build a 2 foot high monstrousity.
Also, if done right, it can serve as a one-way trap. A toad can climb from inside out, but never come back.
It will at the same time allow most indignieous species to get to the water and offset the balance in their favour. On the negative side this means that you need to level the ground in front of the fence to ensure it is effective so a smaller fence is likely to be more effective.
Yeah I can imagine doing it in Cambridge and taking the press down to the Robin Hood (when it still existed - it got vandalized into an Eatin' Inn lately). Or maybe not.
Woa... This comment thread beats the all time insults per post average on el reg and you sir gave it a nice start.
In any case - it goes to show that there is little or no need in a revenge porn law. The law book on extortion, libel and hate speech is so thick that you get the equivalent of a murder sentence if a qualified lawyer hits you with it.
In fact - if he was tried under revenge porn laws he would have gotten away with less
This is not exactly blackmail. It is standard BUG for BOUNTY negotiation as far as todays security landscape is concerned. If you do not show that you have really broken it, you are not getting any bounty (usually).