50 posts • joined 14 Sep 2011
SSL Man in middle attack
In the same BBC click, there was a demonstration of an SSL man in the middle attack towards Amazon (but stating they can impersonate any/other sites)
Except for unpatched iOS device not checking that the certificate actually match the URL (but it was demonstrated on Android), how would that attack works without pre-installing a new trusted root cert on the device?
Also the comment at the end, from TrendMicro representative (i believe) that hotel type Wi-Fi requesting a one-off password are far more secure is absolutely BS, nothing prevent to do a fake login page accepting any "password", can't actually believe they diffused that comment!
The device is yours, but your account and all its content are the property of Apple for 25 generation. Don't you remember signing a pact with the devil with your own blood when you opened that bloody iTunes account?
All your privacy and data are belongs to us.
Re: Implementation of IPv6 is a farce..
Time to switch ISP. People like A&A have been providing IPv6 on both leased lines and personal ADSL for as long as I can remember (probably 10 years!)
Re: IP address say whotttt?
Except there is a major feature missing in Chrome SSL implementation, there is no way to import certificate, which is useful if you have man-in-the-middle protection on corporate firewall/proxy.
You should be able to either import new root certs or trust root pushed by Apple config/MDM solutions.
1) To benefit from the high resolution, you will need a proper screen. Just a "basic" painted screen surface won't be flat enough to reflect the light in an even manner.
You can easily see a huge difference of quality between "on screen" and "on wall" projection at any resolution, but this would be like putting a very good old pure malt wisky in a diet coke....
2) Sony already has "normal" throw 4K projectors (the VPL-VW600, VW1000 and VW1100ES) but crucially lack of support and interest from Sony in Europe.
While the US benefits from a cheap and impressive upgrade path from the VPL-VW1000ES to VPL-VW1100ES: Mainboard upgrade, new bulb, 4K media player, Vaio tablet for $2500, Sony Europe offer the mainboard upgrade only for more than £3000.... and more importantly still has absolutely no plan for any 4K content in Europe (Video Unlimited 4K is available in the US since last summer).
As for the recently announced Playstation Now, also an US exclusive, it seems that Sony is undecided to do any investment in the European market.
Such a shame to see a good brand loosing so much over here by lack of management, vision and/or investment.
Re: Technical/Numerical question
You don't really need "unique" MAC addresses, they need to be unique in your subnet (at least for NIC using IP, for other usage you might use the MAC as unique identifier but might not be a good idea - like inventory).
Under IP, you only use the MAC if the destination IP is the current subnet (ARP). Anything else will be forwarded according to the route table.
With 16 millions address per range the risk of conflicting IP while not null is virtually absent.
Not all feminist
It's only a small part of feminists that want to block porn, the same feminists that believe that *all* prostitutes are trafficked and abused, while students working at McDonald's have done a career choice, clothing industry and house staffing exploitation of migrants doesn't exist/not worth fighting for.
Those people use feminism as an excuse to push their narrow minded view of society, along the average Daily Mail reader/voter.
If you look around the web there are plenty of feminists with a different point of view, I'm thinking about people like Brooke Magnanti (Belle de Jour), Zoe Margolis (Girl with one track mind) and plenty of others.
The government already clearly stated that the next step will be mandatory filtering of "extremist" without any opt-out (and would you really want to be listed on that opt-out list)?
So the current "porn" / think of the children approach serves to
1) Have the infrastructure in place, paid by the ISP/user (not the government - which is great at least those of us on a proper ISP won't pay for nanny state filter - for the moment)
2) Get the mass used to see "Blocked site" web page, and not question it
The next step with the mandatory "extremist" filter will be blocking anything as extremist as people leafleting Mc Donald's (infiltrated by the Met extremist squad) and obviously send a report with your IP address (and probably subscriber details) to the relevant authorities to kick your door at 6am next day....
The most dangerous man, to any government, is the man who is able to think things out for himself...
H. L. Mencken, The Smart Set, December 1919
DNS only / No just porn!
If it's only using DNS, on the base that BT doesn't also block traffic to any non-BT DNS, just point your PC (or whatever device) DNS client to 220.127.116.11 (Google) or 18.104.22.168 (OpenDNS).
I expect the BT filter to be a bit more efficient than that and filter the IP traffic to address hosting a banned site.
I just had a look at the BT filter, it comes with 3 level. Light, med, strict. (http://www.ispreview.co.uk/wp-content/gallery/2013-article-illustrations/bt_filter_table.jpg)
Even the lightest option filter not only porn but also: Obscene and tasteless (that's great as tasteless is such an easy thing to decide.... The government insisting that the NHS and we are better of now, insisting that inequalities have been reduced since they arrived in power is obscene and tasteless to me), Hate and self-harm, Drugs (I suspect that include drug information/education/charities sites not just Silk Road), Dating.
You can add Nudity, Weapons and violence (which obviously is far less harmful/questionable than sex...), Gambling (which should be illegal to <18yo anyway....), Social Networking with the "Moderate" settings.
The strict top up the list with Fashion and beauty, File Sharing, Games and Media streaming.... (WTF?)
Sex education and Search engines blocking are optionals.....
So even the lowest setting is far more restrictive than porn.
On the other hand, a (free) AWS instance, a VPN to it; or just a Usenet client will give you access to all the porn you want.
So glad I'm an AA ISP customer....
It's only the beginning, the government also wants to block "extreme views", which is extremely worrying when you know the Met infiltrated dangerous extremist groups such as those leafleting McDonald's, UK Uncut and other tax protesters, etc...
First they blocked the porn and I did not speak out because I was not a perv.
Then they came for the Communists and I did not speak out because I was not a Communist.
Then they came for the trade unionists and I did not speak out because I was not a trade unionist.
Then they came for me and there was no one left to speak out for me.
AFAIK the filter is at least "opt-in" and not "opt-out" as originally requested by the government, so at least you don't have to fill up the "perv" form :-) Only the "I can't educate / trust / take care of my children and want the state to do it for me and block all sexual education they might want, to align it with the bad one they are offered at school"
But this is the first step, extremist block will be mandatory I'm sure.....
So next step is to block any groups attempting to reduce freedom of thinking and expression, have anti-democratic views, have totalitarian tendencies and are terrorist (as in "using terrorism as political system - governing by fear").... oops getting a 403 from some filtering device when trying to access www.conservatives.com
Waoouw, I'm impressed by Microsoft.
It's the first time I hear advance replacement on mass distribution consumer product, usually this is reserved to premium contract support on enterprise equipment (usually 4hrs or next day but an XBox is hardly business critical). And a free downloadable game to keep you busy in the mean time....
Compare that to Sony (US) sending an empty box, sending a replacement after reception of the damaged unit... turn around nearly 2 weeks. Hope I won't have to test Sony service on Friday but I don't expect it to match MS one.
Move in with the chicken shaggers...
Plenty of cheap and beautiful office space (think refurbished barns and farms) for probably 1/10th of Hoxton price (or less)
I'm on a £69/month 1Gbps symmetrical link (I suspect your 4Mbps ADSL upload at around 256Kbps). Ok it's a personal connection, but even the business prices are well below the cost of a leased line (250Mbps symmetrical for less than £150/month and £200 installation).
Plenty of lovely pubs, just avoid mentioning the Daily Mail thing, it won't make you popular (and honestly I know you'll have to pay for your leased line but have a minimum of self respect....)
With major terrorists not trusting their phone or internet, I suspect diamonds (or drug) will stay their currency of choice.
Diamonds are really useful if you want to transport a very large amount of money, in your pocket and passing airport security undetected....
Back to history
That really makes me sound old (and unfortunately I'm getting to that stage)...
When I was a kid, computers were too expensive so you could rent "computer/processing" time out of data center, so the only thing that really evolve is that you don't ship performed cards any more but hard disks (if you got massive data amount, too much to upload)...
Why do you want to limit yourself to IPv6?
Except if this is tailored to a specific target using IPv6, 99.9% of (UK/Non Asian) ISPs and businesses are not using IP6, so it will be trivial to detect and block (especially on non Windows boxes, without tunnelling enabled by default). Any enterprise firewall has IPv6 disabled by default.
Most corporate desktops won't have mic installed.
BIOS compatibility (and the capacity to block overwrite on BIOS flasher) seems once again to point to a particular target
All that contradict the any OS any system claims.
So doable for highly targeted system, not much so on generic. Probably Sci-Fi to me.
Can't wait for Sunday / Monday.. BST->GMT predict the effect contest!
Kiss goodbye to Summer time (or Daylight saving) on Sunday, so the bets are open how iOS 7 / 7.03 will react.
Since iOS 4, not a single major release has been able to cope with the change, usually affecting alarms that are either duplicate, skipped, delayed by 1 or 12 hrs, .... So what do you think will happen this time :-)
QA testing at Apple seems to go down (or marketing/finance pushing harder to release an unpolished product), we are at third minor revision, and we can start to see regression bugs appearing (like the font size control not working in some applications incl. Apple's own "Music" (stuck with giant font size)
Revolution in the industry???
I overcharge you $2000 for $1000 value of hardware and bundle it with lifetime (ie 2 to 3 hardware generations) of free software upgrade for another $1000... Now please high-5 / kiss my arse as I just revolutionised the industry.
Basically: We are an hardware vendor, giving "free" software that only run on our hardware allow us to point fingers to the competition who is either a software company that obviously has no other economical choice than selling software and software upgrades to generate revenue (and Microsoft is nowhere near able to generate income on hardware) or a ad selling business who has already been giving away software for years (isn't Goggle docs free since it's launch?).
If Apple was able to prevent any Google Ad to be displayed on its devices, Google will probably "revolutionise" the market by giving away hardware at cost or below just to get access to a bit of what brain you have left....
The real comparison should be the TCO over the life of a device and I don't believe that Mac and free Maverick iWork would look favourably against generic PC with Windows and Office... But TCO is probably of no interest to average fanboy.
Golden iPhone with "free" software target demographics (what we call Chavs this side of the Atlantic) are probably more familiar with GTi than TCO.
Apparently one of the main reason phages therapy has not been developed that much in the West is under current IP law you can't patent phages.
So who care if it can treat 90% of super-bug and solve the long term antibiotics resistance problem, if pharma company can't patent it, they won't develop it.
Remember their main (and only) objective is profit for their shareholders. Most of them being pension funds, there might even be a slight conflict of interests... are they really that interested in seeing you living long after retirement age?
Plastic ipad.... that's so exciting :-)
Seriously, when was the last time an Apple event had any element of surprise, any big announcement, or anything remotely interesting (I'm not talking worth even 1/10th of the excitement)? Probably the iPad launch (and even that was more than leaked...)
A non event that should attract no coverage... I don't see any car vendor getting 2 minutes in TV news because this year blue is a bit lighter or darker than last year blue model...
PR cost £5m
So basically Starbucks did some market research to see at which point they will see less public support for the campaign against them and picked up the most profitable amount?
"We listened to our customers in December and so decided to forgo certain deductions", really sounds to me, we decide how much we are ready to pay, it's nothing about stopping using tax optimisation tactics but balancing it with PR.
Amazing how large corporation just decide how much they are going to pay.. ummm I'll give your £10m this year if you promise to shut up and stop moaning.
Still well below what tax should be on their pseudo-non existent profit is (ie: Total of sales - Cost (minimum wages, rent, cost of coffee)), not license (etc...) fees from Irish/Virgin Island/Cayman Island subsidiaries.
EU alternative to gmail?
Anybody knows a good EU based alternative to gmail? I don't really believe in the "if you have nothing to hide you don't have to worry"... and more in
First they came for the communists, and I didn't speak out because I wasn't a communist.
Then they came for the socialists, and I didn't speak out because I wasn't a socialist.
Then they came for the trade unionists, and I didn't speak out because I wasn't a trade unionist.
Then they came for me, and there was no one left to speak for me.
Or the only safe solution is to have my own mail server hosted somewhere?
I have invented THE solution to the world energy problem.
1) Patent my solution, being sure that I will sell it to world+dog and probably climb in the top 100 richest man on earth very quickly and probably grab a Nobel price in the process
2) Declare it a "trade secret", hide it in a box and let no one get close
Really difficult choice... let me tease everyone, choose the second option and see if I look very serious.
WTF? just because... WTF!
Re: A tenth of that?
Not really as this would be 114 batteries, so 114 x the MTBF.
If you car is build to last 5 years, it shouldn't explode after 1 minute on the base that there are 5 millions cars on the road.
The fact that 2 or 3 batteries failed after each others just makes it less of a statistical incident (or a one off).
Exactly my opinion, when can I play? at work, I shouldn't, at home, have no time/better things to do.
That leaves me with trains/planes (no internet connectivity) and hotel rooms (with patchy connections - how many time an hour do you usually loose AP connection/need to re-authenticate? Probably far too if you loose your town at any small glitch).
Selling a game / Capacity planning
Isn't not having a working product and not anywhere close to the capacity required (which can have been anticipated) malicious?
I'm sorry but isn't capacity planning relatively easy? You know you are going to have a urge surge of demand in the first 30 days that will go down without time (depending on how quickly the game is boring - which without save and reload, sandbox feature is probably going to be pretty quick).
In the (good) old time you would have to factor the investment cost to cope at the peak (but could recycle it for next game launch) vs the alienation of the user base but now with IaaS (Infrastructure as a service) like AWS, Azure and other clouds the investment is virtually null, you just pay for the capacity you are using. So invest (buy) server farm to cope for use at D+30 and rent capacity for the rest. Build software able to scale up and launch new instances quickly. Not rocket science.
Ordered the game on DVD, been dispatched but will return it as soon as it gets thru the door. Send a clear signal to EA: Yes I was interested and happy to get a newer SimCity but not in those conditions.
Re: Also, maybe my maths is a bit rusty,
No brute force in next to no time if you get an account (permanently) locked after 3 attempts (like any debit/credit card) or temporary locked out like AD authentication.
The idea is good, better protection than 4 digit, not as good as 2 factors but as mentioned with 3 try, thieves will try first line, first row and top left to bottom right diag and will probably get throu half of the time.
If you enforce no-easy guess option, idiots will block their card 3 times a week...
The only way around it is to improve/upgrade the user :-(
Not sure if it's an isolated incident or not, upgraded iPhone 4 from 6.1 to 6.1.2 and now looping in recovery mode (bricked).
Sounds like a trip to Apple Store soon to get it replaced :-(
Probably the only way Cameron could keep his promise for UK to have one of the best broadband infrastructure in Europe.
If you can't deliver any more than >24Mbits/s to 90% of the population and 2M-to-24Mbits/s for the unlucky 10% of us, instead of pushing BT (or others if they were allowed to bid...) to provide FTTH, what do you do? Kill the budget so no one can invest in better broadband.
Sounds like a very good long term strategy. Well done!
Re: this is not by choice
iOS upgrades are not free they are a marketing tool to promote/force you to upgrade to newer device.
You remember when Siri rolled out it was only supported by iPhone 4S and iPad3, the older platform allegedly not being powerful enough. In reality they were as the iPad mini is an iPad 2 in a smaller form factor and yet suddenly powerful enough to run Siri (which is mainly datacenter based anyway).
Try A&A (Andrews and Arnold), they offer ipv6 and ipv4 blocks on FTTC.
Not with BT anyway....
No need to go to every ISP.... just shutdown a few main pairing nodes (Telehouse should be enough, Telecity too if needed), and the net will crumble.
Finally made it...
I made it, I moved from the 99% to the 1.1% :-)
Glad I'm not using iCloud email and it's just a side effect of my iTunes account... down since at least yesterday 1pm (was the first time I wanted to use it in months).
TiVo / Sky Pause?
So if the company got a Skybox or a TiVo and pause the signal for 5 seconds, it's technically not live any more and then completely legal?
Such a shame I can't just fast forward a few weeks, get over it and back to normal life without Boris scenic road buses, G4S "management" fees, brand police and just have to pay for it for the next 20 years.....
So in Virgin head:
87Gb shaped = unlimited
77Gb unshapped= outrageous restriction and customer rip-off
twisted copper = outrageous rip-off
coax copper = unlimited
Wish I could get Virgin and them drag them to court as they sold me "unlimited" internet and I don't get infinite bandwidth? Downloading anything but the whole internet in less than 1 sec is a very serious limitation for me!
Shouldn't (marketing) people have a look at their ridiculous claim before turning into El Reg laughing stock...
So just to clarify G4S charge £57m for project management. Isn't project management (especially when it doesn't involve technology) a glorified name for people scheduling/resource allocation?
So those £57m are in fact the fee to use their fantastic software that doesn't disturb director's holiday when they encounter a serious "Out of resource error" (Allocate(10000): Error out of resource, available resource < 5500).
At least this is probably a temporary end to the privatisation of police to G4S :-)
So is Salesforce hosted by LCHost ? (see Level3 outage in other news....)
Too far from the capital?
Isn't the point of trains to move you between towns? So 3G works fine as long as you stay in London (probably standing at the station)?
And from experience on First-Great Western, the limit of the capital, at least on Vodafone and 3 is Hayes (at best) after that it's very patchy/inconsistent except highly built area (Slough and Reading station basically!).
And, of course First Great Western being at the top end of the innovation curve (probably equivalent to what an amoeba is to human development), no Wifi in their carriage. They are just rolling out Pay-extortionate-price-as-you-don't-watch outdated Simpson episodes seat blurry LCD screen....
So now when we will still be on 4Mb ADSL in the countryside in 2015 the tories will have the perfect excuse:
"It's not us, we wanted to deliver, like we always do... if you want broadband we will have to leave the EU and the Human Right Act", let's blame the Human Right Act!
How long before Apple buys TomTom?
1) TomTom shares have go down a lot in the last few year.
2) Apple is very likely to become the biggest income share of TomTom
3) Providing turn-by-turn and traffic update on iPhone will hit TomTom own products and kill TomTom ios apps.
4) Down the line, Apple could either but TomTom or threatened them to move away and pick up the infrastructure at a a fraction of the price after TomTom collapse...
As the article says it would make sense to Apple to bring the whole service in house.
Multi monitor, multi windows
Any OS that doesn't allow me to have multiple windows across my multiple monitors won't get anywhere close my PC (OK, in a VM so I can "ahh, ahh" finger pointing at it before freeing some disk space).
If Microsoft consider Vista a failure wait until they release that retarded UI...
If I want to poke/play with large cube around I'll get some Duplo (Lego for babies).
£590/Gb what a good deal
That put the Gb of data at £590... looks like the operators will still be able to make some money out of punters unable to find (free) Wi-Fi....
Apple get the distribution exclusivity of the resulting file. So no you can't sell the resulting iBook via other distribution methods but the content itself is still yours, so you can sell it via other channels in any other formats (PDF, Kindle, etc....) but as Apple push for more polished content with background, graphics, interactivity etc the efforts required to transpose to several platforms increase.
So Apple strategy is to offer a tool that make creation easy and hope you'll give up 30% of sales in return to fast, effective production and distribution.
All your books are belong to us....
No alternative bookshelf library for iBook titles then...
For people saying "You can only use it on iPad so it's not a big deal": It actually is. It prevents Amazon, for example, to start selling books in both Kindle and iBook format (if generated by Apple tool but as the format is closed, Apple is probably the only tool to generate attractive iBooks).
The only source of (non-free) iBook being Apple is the equivalent of them saying: Your only source of music is iTunes.
Not an Apple cult member but it has been a while (I don't think it ever happened under Balder) that Microsoft reported an Y/Y increase of 50%....
Penalising a company/share because it only gives "stellar" results and not the "over impossible" results you were expecting is ridiculous...
No business can hope for trillion of $$$ to be handled over without reason, work or product... Doh sorry we are talking bankers here, of course they live in a world where you put your hand out and $$$ are pouring like rain
They are a very small bunch of bigoted idiots but they are VERY good at PR.
How can a (large) family manage to get weekly press coverage ???
Just ignore them and they'll disappear.
I make watches, so I own the time?? Anybody using 12.00am-11.59pm own me money.
It's time someone gain some XP points slashing (patents) trolls.
Rip-Off Britain (big time)
Just checked Amazon UK and US website....
So the new "basic" Wifi only Kindle (so no it's 3G data plan argument) is listed at $79 or £89...
So a 50% "UK Ripoff" surcharge taking $79=£50 at current rate + 20% VAT that's £60...
Sounds like I'll have to review my Amazon buying policy!
I'm usually the last one to sympathise with Facebook, but if you login in a Personal Account from Vancouver, Singapore and Kenya all in a few hours I would be more than happy for this to be flagged as suspicious and the account locked!
Hope the same would happen to my credit card :-)
- Does Apple's iOS 7 make you physically SICK? Try swallowing version 7.1
- Fee fie Firefox: Mozilla's lawyers probe Dell over browser install charge
- Pics Indestructible Death Stars blow up planets with glowing KILL RAY
- Video Snowden: You can't trust SPOOKS with your DATA
- Hands on Satisfy my scroll: El Reg gets claws on Windows 8.1 spring update