157 posts • joined 16 Sep 2011
Re: OpenSSL is open source, most financial institutions don't use open source encryption.
If you think those bugs are on a par with heartbleed, you don't understand its seriousness.
It might mean revoking your SSL certificates and getting new ones. Pricey if you have a lot, and time consuming.
Why heartbleed is the most dangerous security threat on the web (curiously it doesn't list any of those ones that you thought was as serious)
Re: OpenSSL is open source, most financial institutions don't use open source encryption.
IIS is immune to this attack, as its not using Open SSL. Its often criticized, but I don't remember any of our IIS servers ever having any vulnerability on this scale. I know I'm going to get downvoted for saying that by the fanatics, but its true.
Now I just have to worry about all the services I'm using that do use OpenSSL - my bank, my ISP, etc.
From another angle
I really can't understand what kind of person spends 1000 bucks of their own money trying to implement a law to stop others doing something they themselves can do. If two people want to get married to each other what the hell do I care? It's none of my business. I think you've got to be a bit creepy to want to spend 1000 bucks of your own money on that... Surely there are more pressing causes?
In the end he has every right to do that of course, and those he sought to legislate against have every right to hound him out of his job. So neither side has committed a crime.
Won't believe him
Until he explains what Angela Merkel and the Brazilian state oil company have to do with terrorism, drug smuggling and child abuse, and why Clapper lied in public to congress then I imagine most people aren't going to swallow his bullshit, and will view Snowden as a (rather brave) whistleblower.
As well as having a salt value for each record they should be aware that these will be stolen in any db compromise. They should in addition have a long random salt that is appended to every password that is within the code and so not viewable via a db attack. eg if they appended
To each password plus record salt before hashing, it would make a brute force attack much harder assuming this string wasn't known by the attacker as it wasn't in the db.
Also a 6 byte salt per record seems a bit short.
Re: 'criminals don't trust Bitcoin'
Lost track of the number of times I've read bitcoin's obituary from a poster on here. But it keeps bouncing back.
How will this work in practice? The world is a big place - so I assume you don't have to zoom in from a world map. I recall frightening statistics about how many Americans can't find the USA on a world map, and I would imagine things aren't that different for some Brits. If they can't find their own country how might they find another one, or find their town, let alone "special place" on a world map.
So perhaps instead I first have to enter "wall street new york" and then click/circle a particular area of that location - probably a little better, but ultimately you're still defining a single bit of data that can be used to login if an attacker gets it.
2 factor authentication must be the way to go - where a memorized password is combined with some kind of physical token.
If you read the article you'd see they needed cash for the electricity bill.
Re: Proving His Enemies Right
Well you have "loon" in your posting name?
Having read some of your previous posts I see you are one of those American folks who has permanent skid marks in your y-fronts from worrying about Muslim terrorists (while no doubt ignoring the staggering number of Americans shot each year by other Americans exercising their right to bear arms). Hardly surprising then that you soak up whatever Uncle Sam tells you without questioning what involvement Angela merkel or the Brazilian state oil company (or Cletus in the trailer next to you) might have in plotting Jihad.
Re: Proving His Enemies Right
The NSA and US govt lost the "right to privacy" when the decided to start spying on allied leaders, foreign businesses, charities, not to mention ordinary people.
To believe they are motivated by some urge to keep us or Taiwan or anywhere else safe is naive at best.
Mozilla CTO Eich: If your browser isn't open source (ahem, ahem, IE, Chrome, Safari), DON'T TRUST IT
Not just back doors
The risk with open source projects isn't so much back doors as insertion of deliberate bugs. Many modern vulnerabilities are buffer over runs and the like... Easily inserted, hard to find, and when found look like an accident rather than deliberate back door.
Open source is certainly better than closed source, but with the NSA with their tentacles everywhere, I imagine open source projects are probably riddled with their handiwork.
It's okay for the USA to sell fighter planes to the nut job dictator who runs Saudi, a regime linked to numerous Al Qaeda plots
The NSA are in the great tradition of the imbeciles who kept us safe by training Bin laden and his buddies in Afghanistan. But they all get to live in nice houses paid for by our taxes, for "keeping us safe"
Re: Rockstar claims to be independent from Apple and Microsoft
Google would never base it's business model on ripping off other peoples intellectual property ;)
I love the Nokia maps software on wp8 and the ability to store maps offline, but there is one annoying thing... I set up saved locations, ie friends houses etc. It stores these but as addresses rather than XY coords... So next time I select that location for the sat nav it wants to got to the web to look up the XY... Not good if I'm travelling and don't have roaming on. Why can't it save the XY coords when I save a location?
I also use google maps and apple maps on IPad but neither compares to Nokia
"The interesting thing about bitcoin is that a bunch of people have decided that because some computers have spent a lot of time searching for chains of hashes with special attributes, that some bitstreams derived from those hashes have value"
Look through the history of currencies and you will find that this is the very essence of many of them. If something has inherent value, ie is useful for something else it doesn't make a very good currency... It would be bad for the economy to tie up useful things or commodities rather than use them.
Since bitcoin can be used right now today to transfer money, buy things online (including things, often illegal, that can't be readily bought in other ways) and since it's quantity is limited, then it has real value. I'd certainly trust it more than the pound or dollar, as our governments seem to be converts to Mubabeconomics.
Re: Hmm ...
This is where Nokia could have been if they'd stuck with it
Re: So, Why did he go to an arts quango to fund his pre-iPhone multitouch?
I guess if its called the National Endowment for SCIENCE, TECHNOLOGY and the Arts, he might well have believed that it wasn't just an arts quango.
So much of what he says hits the nail right on the head.
The reason Britain is in such a sorry mess is because people like this are designing touch screens while the country is run by PPE graduates (with whatever coloured rosette on) who've never had a proper job.
Re: banking regulator: Don't come crying to us when someone steals it
The great thing about real banks is you can put your real money in them and be guaranteed to have lost money thanks to inflation. If you're lucky the bank will even charge you for the pleasure of losing money, or spending it.
Re: Mining Costs and Speed
I looked at buying a mining rig too... I don't think the numbers add up... As you mentioned the difficulty of mining coins will rise quickly so your yield will fall rapidly. You said:
"A large hike in the future value of a Bitcoin is required and expected as the alternative is my dangly bits cut off !"
Better to have spent your 160 quid (plus cost of electricity) on bitcoins, and rely on them going up in value, because I doubt you'll ever mine the number of bitcoins you could have bought for 160 quid at time of purchase of your rig.
I first got into bitcoins about 2 years ago. Since then I've lost count of the number of times people have written it off, for the price (and adoption) to continue growing. We have the same old comments here I read 2 years back, but just a bit more bitter that they didn't buy a few hundred back then rather than writing it off.
Back in 1996 when I was working for one of the UKs first internet companies I lost count of the number of times people told me the internet/www was "just another CB radio-type fad".
Just like the internet Bitcoins offer something new... An ability to do things that weren't possible before. Much of the world has no access to banking for example. As bitcoins become more widely accepted I could make payment to someone in Africa direct to his mobile phone, even if he has no credit card, no bank account, no paypal. Virtually zero fees, no currency conversion required.Numerous other opportunities spring to mind.
Some people will alway write off innovations just as they did with the internet.
Re: Title is too long
"Yes, because if I was planning to stop someone aquiring nuclear weapons the first thing I'd do is warn them I was coming and how I was planning to stop them."
You're right! If I was going to implement an Orwellian spying operation on everyone including my own population's electronic communications I'd never tell them about it. So Snowden must be a hallucination/imposter. Because security services never leak.
Re: To be fair cable cutters are cheap.
"Is it THAT hard to cut the internet from their facility's " critical " machinery ?"
Wasn't the innovative aspect of Stuxnet that it didn't hack centrifuges directly via the net, but was designed to make its way there via USB, boot sectors and other methods, since the centrifuges and the systems that controlled them weren't connected to the net? So there is no internet cable to cut.
Re: Oompa Loompa Dollars!
They aren't totally worthless if I can buy things with them. And I can.
I suspect the current price is a bubble - bitcoin price has been a series of bubbles.
But the system has real merit
- easy to send around the world without relying on third parties (like Paypal who won't deal with some users due to US sanctions, or just decide to put holds on accounts for arbitrary reasons)
- low transaction costs (free in many cases)
- finite - no mass printing by government inflating away your savings
I suspect therefore that over time (perhaps a few years) the price will stabilize somewhat and bitcoins will be ever more widely accepted
Re: Yes, HSBC Bank.................
"Gold is freely tradeable and has, besides jewellery and some industrial niche use, no inherent value."
Worth noting that the US made it illegal for private citizens to hold gold (since repealed)
They can try and take my Bitcoins from my cold dead hands.
Re: Regolism too far
I prefer "to ejaculate"
Probably why I get so little work done.
Re: And now the world waits...
I'm hearing lots of Mac fans in here today. Aren't they supposed to be in a queue somewhere?
Why the obsession with thin?
I don't get why these new products go to so much length to knock a millimetre off the thickness of the device. I'd rather pay less, or have more battery. A slightly thinner iPad in my bag isn't going to be noticed (I have mine in a sleeve anyway).
Its the same with laptops and phones. I have a nice Asus ultrabook... its pretty thin - I have no interest in having a thinner one. Then I have a Lumia 920, I love the wireless charging, but on the 925 they removed that to save a bit of weight and thickness. I don't see the point - I've never once thought "this phone is too heavy".
We seem to be getting to an age where innovation is largely about making something that is already amazingly thin even thinner, yet phones seem to be growing in other dimensions in any case for a larger screen, so whats the point of selling it to me on the basis of how thin it is?
These guys need to take a chill pill
If they can find somewhere new to buy them.
Re: @Destroy All Monsters
You said something against Israel, a state that is based on the racial supremacy of a particular race.
That means you're an anti Semite, a Nazi and probably a paedophile too.
Re: Just when you thought it couldn't get any worse..
"Ballmer is heavily invested in Metro/Win8, and he's such a major stockholder in Microsoft that he effectively is impossible to dethrone. "
Great day to make that post!
I wonder if their cable can help them read this story, because on the Daily Mail site its dead.
Fortunately its still in the wayback machine
Re: He was lucky :-(
Fortunately we have the Queen and her quite marvellous son, they are very concerned about the rights of us common folk, and would shoot down any draconian laws like this. Thank god for democracy eh?
WP8 already supports some of this.
Text or IM use the same sound, but you can separately specify sound for voicemail alert, and new email.
Nokia Lumia 920
I love my Lumia, but MS really needs to be rolling out updates more frequently. Some things are desperately needed
- VPN support (an absolute must for corporate use)
- notification centre
- ability to set speaker volume separate from ringer volume (why on earth wasn't that there out of the box)
On a relatively immature platform where you're playing catchup you've got to be rolling out feature updates as and when they are ready. I'd have expected a new OS release at least every 6 months, and minor releases every 2-3 months.
Re: Good looking on Radio
You missed out Alan Partridge! Once voted the second sexiest radio presenter in the whole of Norwich.
What was Eadon's blog running when it got hacked?
Surely not windows?
Re: Not really fixing any of the problems
"Linux solved that problem ages ago. When you log in you select the UI you prefer from a list of those installed on your system. If your UI of preference isn't on the list and you have admin access to your machine, you download and install the one you want. "
In fairness that is the case with windows 8... I didnt like Metro... One classic start menu download later and a little tinkering and I had a fully working desktop with a start menu.
My mum and dad both have Doro phones, which they like.
Unfortunately I still can't get ever get through to them because they always have their phones turned off... Only turning them on when they want to make a call. They just cant grasp that you can leave the phone on for hours or indeed days in case someone wants to ring you. So they need to have no Off button on this phone.
Wasnt Al Capone eventually jailed for tax evasion?
Isn't it conceivable that like Al Capone this guy has indulged in much criminality but this defacement is the only one at present where they have enough evidence for a conviction? Other charges may or may not follow as evidence is developed.
Re: And how many people will use that?
You're forgetting the millions of those on the Klingon home world who have it as their first language.
Re: Not what I was waiting for
The 920 doesn't have xenon flash... I think that was only on the new 928.
Personally I've got quite into the wireless charging of the 920... Seems a backwards step to remove that.
Does look beautiful though!
Saudi is a pretty brutal dictatorship, as is the UAE.
But you won't find obama or Cameron talking about that, because they are OUR brutal dictators.
Cameron and Obama are currently helping the Saudis impose their particular brand of "freedom" on Syria... One has to feel sorry for the Syrians... It's out of the frying pan and into the fire, and they won't have us to condemn on their behalf when it's the Saudis bugging the communications and beating the living daylights out of them.
Does Amazon get to listen to all my calls?
They'll have to fight it out with Rupert Murdoch's boys.
The problem is that the US can only regulate transactions that happen in the US.
And with bitcoin, the whole point is that the transactions are virtual, and anonymous. If users choose to make it this way, its not possible to know who is exchanging currency and where they are located.
So the Feds can legislate all they like, its not going to have much effect.
Bitcoin is being driven by the failure of state currencies - the issuers of fiat paper can never resist the temptation to finance their overspending by printing ever more currency, until its worthless. They are the biggest factor driving bitcoin.
"I'd say that open source is better for non-geeks. If you let non-geeks loose on the internet with an Windows box, then they will get hosed within 20 minutes. Linux systems do not have that problem"
Oh but they do.
Linux is complicated, especially for the not so tech savvy.
For example I've seen Linux boxes get compromised because someone was having permissions issues with a website so did CHMOD 777 and opened it all up.
Is Linux inherently less secure? No, certainly not. The problem is users. On the desktop Linux is much less likely to get compromised because
1) most users are tech savvy
2) there are many fewer users, less fruitful to write malware to attack them.
But on servers its a different story, Linux ones are more likely to get hacked. Again its not because Linux isn't secure - its the old story of
1) clueless user actions
2) old software that hasn't been updated.
Use this in the pub and it can be only a matter of time until we see the first "google glassing".
"When I was a kid my dad owned a chip shop, until he lost his business to a combination of recession and a bypass killing half his trade"
That sounds like it must have been the most dangerous stretch of road in the world.
Why the greengrocers' apostrophe?
EPIC EADON PUNCTUATION FAIL
- Analysis Oh no, Joe: WinPhone users already griping over 8.1 mega-update
- Opportunity selfie: Martian winds have given the spunky ol' rover a spring cleaning
- OK, we get the message, Microsoft: Windows Defender splats 1000s of WinXP, Server 2k3 PCs
- Spanish village called 'Kill the Jews' mulls rebranding exercise
- NASA finds first Earth-sized planet in a habitable zone around star