285 posts • joined 20 Sep 2011
she didn't claim to be protecting children!??!!?
which always struck me as interesting - in the Amazon tablet advert, the punter calls up amazon support to ask how to play his movie on the big tv as he has some friends over. Was amazon just encouraging people to violate the public performance clause? seems to be a grey area to me.
Re: Good. Now it's time to end retransmission fees.
I can't confirm if this is still the case, but cable companies in the USA used to have to carry the free-to-air broadcasts in the clear on the cable plant. No encryption, no compression, so that unmodified TVs without set top boxes could pick them up. You still needed to pay the cableco for the connection to their plant, but IN THEORY you didn't need extra kit to get those channels that you could have got with an aerial in the roof.
Of course the cableco's loved to hide this fact and push set top boxes and other stuff to you to bump up their MRC and make some money. And with channel bundles they probably made it so that you had to buy other stuff anyway. I'm honestly not sure what revenue the local free-OTA broadcasters saw from cable companies. I would tend to suspect that the cableco's pushed them to let them get the content for free and in return the broadcasters got more eyeballs for their ads and made their money that way, especially today with the mega-cablecos and their muscle.
With the push to digital broadcasting and HD content, the above may no longer be true as you can't stuff a HD channel in a 6MHz cable frequency band without compression.
That depends on the problem you are trying to solve
STARTTLS for MX records may not deliver perfect secrecy (or security), but it does provide a layer of protection. e.g. it stops someone from using Carnivore (or whatever it is called this week) to get the sender and recipient information, since the session is encrypted. PGP or S/MIME (the encryption option, not the signature option) cannot mask the envelope and headers, they have to be plain text, hence channel encryption becomes interesting.
Also, if you are doing Authenticated SMTP, STARTTLS should be required, not optional.
Without a valid certificate you're not proving that you are delivering to the right server, all you are doing is stopping people from being able to decode the content just by sniffing the packets.
Encryption without authentication doesn't protect your content.
Re: Perversely, I thought metering was sane.
Netflix *is* paying for bandwidth. They pay their upstream to carry the data to an IXP, where it is handed off, most likely to the subscribers ISP.
The subscriber then pays the ISP to carry it to their location.
I fail to see where the problem is. Despite their claims to the contrary, the ISPs *are* being paid for carrying the traffic. I, as the consumer, pay my ISP to deliver the content I request. It is up to the ISP to charge enough to recover costs and to maintain/upgrade the network.
What is happening here is anti-competitive behaviour, pure and simple. The big carriers (Comcast, Cox, BT, whomever) figure they can get paid at both ends of the deal - by the content generators and the content consumers. Then they can simply squeeze everyone else out of the market because they don't have the clout to negotiate those deals, so the cost to the consumer will be higher. Most consumers only look at their MRC, so they'll move to the ISPs that are having their cake and eating it too.
Cable has problems because the incumbents in the USA built their cable plants to broadcast TV, with high numbers of subscribers per node. As Internet (and other services such as Video On Demand, Set Top Boxes that do more than just decode encrypted broadcast signals, telephones, etc) became more popular this showed a problem - you can go from DOCSIS 1 to DOCSIS 2 to whatever the latest is and push more bits per MHz, but unless you go from 500 subscribers per node to 100 subscribers per node (or less), you're going to run out of bandwidth. Increasing the number of nodes is difficult because you have to run a ton of new fibre, and then rebalance the plant (which is easier said than done - HFC networks are twitchy)
It's easier to blame Netflix than it is to fix the problem.
The number of subscribers per node (and therefore are sharing the same spectrum allocation for their upstream and downstream) is always the weak point for cable. You can throw all the bandwidth into the head end or hub site you like, but it won't help. DSL is has an easier time of it because you can more easily increase the backhaul.
Until this latest update, you could swipe over promoted tweets and get rid of them. That feature has mysteriously vanished in the new version.
Customers win from a race-to-the-bottom in the short term, but long term? I'm not so sure. To many other industries have suffered from consolidation and significant supplier failure rates in the race to the bottom, leading (in the end) to only a few big suppliers and less competition.
The entire motive behind this isn't innovation, it's a push to race to the bottom on *perceived* costs to the end user, by moving the costs elsewhere and hiding them (by making other companies pay). I fail to see how creating an unequal market place fosters innovation. If Youtube or Flickr had to pay for access to ISP subscribers from day one they never would have got off the ground.
The US telco market used to have something called reciprocal compensation. It was brought in after the Ma Bell breakup because the telco terminating an inter-LATA call received no compensation from the billing agency (the long distance carrier) for using their network. The originating carrier was compensated by the user in the form of their subscription. (why the terminating carrier didn't count the revenue from their subscriber I have no idea. Clearly the money they were charging for their line rental was too low. It's the same B.S. the ISPs are pulling now).
This lasted until the CLECs came along and figured out they could put dial up modem pools behind their switches and suddenly they were receiving millions of dollars a year from the ILEC for terminating dial-up calls to ISPs. Some CLECs initially built their business model on receiving those revenues.
The minute the tide turned against them the ILECs started screaming that it was unfair.
Of course it was - they rule they fought for was suddenly being used against them. To be honest, it probably was unfair. However the ILECs built themselves a nice little empire with access to millions of subscribers that they thought they controlled and that they could milk for all they were worth, including basically demanding other carriers pay them to make calls to their subscribers.
I'm waiting for someone to do the same to these greedy ISPs (most of whom are legacy telco's - go figure) who demanding money for access to their customers.
I thought one of the points of Java was that such string overflows shouldn't be possible?
Re: Australia anyone?
I think SATCOM ACARS was disabled, but the transceiver assembly remained powered. As best I understand it, Inmarsat sends the ping request and the assembly on the aircraft, independent of any other systems, answers. Unless they thought to pull the breaker for that subsystem it would always answer. It was probably not well known by anyone outside of Inmarsat before this incident.
Re: How do Autopilot systems work?
There was an European flight (Helios Airways Flight 522) where the maintenance people on the ground left the pressurisation system on manual, and the co-pilot didn't notice during pre-flight checks so everyone on board asphyxiated.
The autopilot continued to climb until it reached the pre-programmed altitude, and then continued until it reached the destination beacon and circled waiting for new instructions
That was a Boeing 737. It's possible the 777 autopilot behaves differently, however I would suspect not
The way the autopilot works, in general, is that it only stops controlling the aircraft:
- if manually disconnected / turned off
- if it detects flight envelope information it considers unreliable and therefore it is unable to continue. In that case it tends to trip the master caution alarm so that people know what's happened, and that is a fairly major alarm. In the AF447 case, it couldn't reconcile the flight speed/altitude information from the sensors so it turned itself off.
Any other behaviour would lead to the possibility of the plane entering uncontrolled flight (where no-one is positively controlling the aircraft), which is to be avoided.
Channel 5 report
Anyone else watch the Channel 5 program on MH370?
I found it rather lacking in credibility for two points
- The plane in the AF447 crash was a "Boeing Airbus"?
- apparently you can take control of a plane by plugging into the USB port on the IFE. Which is impossible as there is an air gap between the IFE and the cockpit systems. Boeing tried to share a transmitter between the IFE and the cockpit systems on the 787 and got thoroughly spanked by the regulators and they had to separate the systems.
Re: Australia anyone?
There are too many things against the emergency and pilots lost consciousness theory. The fact that the emergency happened between the handoff between Malaysian and Vietnamese ATC could be co-incidence. The plane then allegedly flew just under 30,000 feet along the northern border of Malaysia, which puts it in another zone which straddles ATC control zones - above 30k feet the rules are different (to pack more planes into the corridors), and by flying the border whomever was in control made sure that which ever controller saw the blip, they would likely assume the other side was handling it.
If the data above are proven true, then the emergency theory doesn't hold up - it looks way too much like whomever was in control didn't want to be found
Also, you missed one point - if there *was* a decompression event, the crew immediately get down to 10k feet or lower so they (and everyone else) can breathe. That didn't happen. If they couldn't descend, then they also couldn't reprogram the autopilot to take them back. An event that knocks out ACARS, the transponder, the voice radio, *and* all flight controls is unheard of and extremely unlikely. Even if the radios aren't redundant (which they are to a degree - there are at least two voice radio systems on a modern jet), the flight control systems *are* redundant
IMHO, the hijack theory is the one that makes sense given the currently available data. The questions that remain:
- who hijacked the plane - the flight crew or someone else?
- their motives
- why apparently leave a RADAR track going north from the Malacca Straits, and then apparently turn south towards Australia?
Re: Looking for what isn't there?
Uninterruptable telemetry is nearly impossible for a reason not mentioned so far - the system needs power. All the power drawn for the planes systems comes through the main power buses, and unless you do something insane (like hard wiring it into the planes power buses with no breakers), then there will be a way of stopping the transmission as all they need to do is pull the breaker.
Even if there is a small battery in the device to provide some power after power loss, e.g. both engines flaming out so the main buses go dead, this plane flew for *hours* afterwards, so the last "burst" saying "HELP! I'm over here!" would be thousands of miles out.
Re: It's Secure*
Sorry, poor phrasing
The servers pointed to by their MX record offer STARTTLS
Re: It's Secure*
Also, if people send you an e-mail from non-gmail servers the MX record offers STARTTLS, and the certificate appears to be genuine, however:
- I suspect most mail servers don't try STARTTLS when delivering mail (at least in my experience)
- even those that do STARTTLS, most of those won't validate the certificate so MITM attacks are still very real
Also, unless you use PGP or S/MIME to encrypt the contents of the e-mail, it's still stored in plain text, so any intermediate SMTP operator can read your e-mail or it can be intercepted.
So being able to browse your mail over SSL is all well and good, but it's still not secure.
You're right, sorry, there are computer assists on the 777, but from memory there is a big button on the control column that overrides those computers. The Boeing mentality is that "computers can be mistaken, people should always be able to override them". So unless the hackers rewrote the proprietary control systems to disable that feature, there is no way to control the plane from the ground like that.
I don't buy the fire theory either. If the autopilot was reprogrammed to go back to the beacon of an airport, it would have just kept circling over the beacon waiting for more instructions, not head off on some random course.
Also, if there *was* a or some other event that caused the pilots to don their oxygen masks the first thing you do is descend rapidly to a point where you can breathe unassisted because the pilots know those masks don't last long and hypoxia will guarantee the death of everyone on board.
ACARS, the transponder and voice radio are all different systems. I find it difficult to explain why they were all knocked out
I also laugh at the front page of a British bird cage lining manufacturer which stated that the planes systems were hacked remotely. Uh. Sorry, but a 777s flight controls are not computer assisted (unlike Airbus) which means that explanation is about as likely as truth from a politician.
Re: what happens
Probably depends on what mode the autopilot was in. There are multiple modes, and altitude hold may not have been engaged.
Various newspapers have been given full copies of his archives already. Which is why the British Government went to The Guardian and oversaw destruction of one or more hard drives that allegedly contained a copy of the documents.
Quad core may not be 4xthe same core
The assumption a lot of commentators appear to be making is that the quad-core CPU has all the cores of the same type and capabilities. Some recent ARM technology is to bundle a simpler, lower-power core which is used for basic tasks when the bigger cores aren't needed for heavy number crunching. Not sure it would make sense to have two lower-power cores.
I'm sure that putting a nice notice on peoples accounts reminding them to obey local/state/federal laws will make EVERYONE stop doing anything illegal and fall right in line (!)
This isn't a freedom of speech issue, although I'm sure the NRA would make it one.
Flip side is if BT can recoup more of their costs then high speed broadband can be rolled out to more places. If OFCOM is setting the price for LLU too low then BT have no incentive to invest as the competition will come in and not pay enough to justify the FTTC or FTTP investment.
No, I'm not saying BT should be able to charge whatever they want. However, there is a case to be made that if the prices paid to BT are too low then they have no reason to make the investment in the first place.
My exchange is FTTC enabled but my cabinet doesn't have the connection density to justify the upgrade, so I'm stuck. Something has to change, and that could include the ROI that BT get on the investment.
Of course, the fact they deployed a new cabinet as copper in the first place is just dumb
Re: The wonders of tenders
Actually, I don't understand the "20 suppliers" part. They want to split the mail service up over 20 different providers? With different mail systems? Calendar interoperability and directory services would become a nightmare. Or are they splitting the platform into different bits? Mail, directory, etc, going to different vendors? If so, who gets to host it all?
Re: I may sound stupid but..
some companies buy others just for the userbase. in this case I think they want to drive more users to the facebook messaging service so they can gather more data on their users to sell to advertisers.
I don't believe the "WhatsApp will remain autonomous and operate independently," bit at all. It will be integrated into the main Facebook platform. Operating independently doesn't make any sense. The only way Facebook can justify the cost is by merging the platforms.
Since Apple has software they sell on both the Mac app store and the iOS app store, are those revenues reported twice in that graph, once in the app store an once in the appropriate category?
Re: The annoying thing is...
I've always wondered...
I, as a non-US entity, can buy shares in Apple
Could Apple use their non-American cash piles to buy their own NASDAQ traded shares from their non-USA operating entities and then cancel them that way, or do they have to be bought in the USA?
Re: Peak apple?
@ Simon Buttress
They're being hammered because of several things:
- the analysts expected better results than what was reported. this probably says more about the value of analysts than anything else. there are plenty of El Reg articles commenting on the fact that analysts are largely useless as they try to take rumours and then earn a living from telling you what to expect. honestly, if analysts knew what they were doing they'd earn a much better living off their own investment portfolio than they do as analysts.
- the future guidance was low. remember that you're commenting on what has happened. that is largely irrelevant. investors own stock because of what the future holds - in other words, they expect the stock to increase in value and that dividends, etc, keep their wallets fat. if they think that a company won't be able to deliver on growth they find acceptable they'll dump it like a hot potato. the fact that they continue to expect record growth each Q when the smartphone market is obviously approaching saturation or is already saturated is clearly unrealistic, but that doesn't stop them from punishing companies who fail to live up to the analysts expectations.
Re: Oh the irony
The difference is that under the GPL, they can do that to RedHat because the code is open source. Just like CentOS can ship RHEL without any fees whatsoever - they just can't call it RHEL.
Solaris isn't permissively licensed and therefore the situations are not as similar as your comment suggests.
Re: So they are charging a fortune...
There may be work behind it, and there may be justifiable ongoing running costs. However, in situations like this the product manager typically goes "what will this be worth to the end customer" and bases the price on that. Hence the spin in the e-mail about protecting your brands reputation - or in other words, is your brands reputation worth $1,350.00 a year?
I would tend to suspect that the price given to end customers "to recapture the costs of maintaining this extra level of security" are significantly higher than the actual cost of delivering the service.
First openntpproject URL is wrong
There used to be an article feedback link, but I can't find it anymore, so posting here
The first link is wrong
The HTML source shows:
Re: Argument seems illogical
MAE-West (remember that?) suffered a massive outage in the 90s from a power outage where they got the generator running but it didn't provide aircon and it fried most of the equipment in the room from the heat. Rebuilding the equipment in the facility drained most big router vendors spare parts stores for all of the USA.
(the story I heard was there was a gas leak so the fire dept. killed the power to the street, MAE-West ops people dragged the genset outside the exclusion zone, fired it up, got the NAP running again, but in the summer heat in San Jose, CA, the temps in the room quickly exceeded the operational specs for the routers and switches)
You also never EVER want your aircon on UPS, even if you could size the UPS that big. The motor load from the aircon does nasty things to the inverters in the UPS. You need the UPS sized to carry the compute load for the genset spin up time plus the clean shutdown time of the compute load if the genset fails to fire up. The 1.6 megawatt genset at my last job could spin up from complete stop to carrying load in under 5 seconds from the time it was signalled to start (or so the suppliers claimed - I don't think we set the transfer switch that aggressively)
Re: I married an eye surgeon
One of the risks that is definitely NOT advertised by LASER eye surgery places is that if you later develop cataracts then the treatments are more difficult or not possible due to the LASER eye surgery. My dad was told this when he went in for cataract surgery a few years ago.
Stick with glasses or contact lenses.
Re: Yahoo layout boohoo
surely Thunderbird is only your friend if you pay Y! more to get POP or IMAP access? As far as I was aware those protocols weren't available by default and needed a yearly subscription.
Geo-ip won't help much
According to http://bgp.he.net/AS51040#_peers the IP range is hosted on it's own BGP ASN (AS51040) which is multi-homed to 3 different providers. Their IRR record seems to indicate that they could announce their prefixes to as many as 6 upstreams.
That makes it easy to move between providers as they come under pressure to cease the connection or face the Wrath of Khan, I mean, The Music and Film Industry.
I'm somewhat amused by the IRR record that states it is for "Piratpartiet North Korea"
The fall-back system to flight strips (the "cards") will probably also fall back to manually looking up and dialling the controller you have to hand the flight over to when it runs off the end of your RADAR screen. i.e. instead of a 20% reduction in capacity it's probably closer to 50% because of the added workload.
The manual dial system is what worked for decades before all these fancy computers came in and cocked everything up.
People who don't take basic security steps, like anti-malware and anti-virus, also trend to choose dumb passwords!
Providers need to put basic checks into their systems to prevent such passwords in the first place. Just because 12345 is the combination for your luggage doesn't mean you should use it for your bank accounts!
Has the ASA ever made an enforcement ruling while an ad was still in widespread use? If not, it's entirely a waste of space, especially if it cannot force repeat offenders (such as ISPs) to stop being naughty.
You forgot one thing...
all good things must come to an end
You forgot to justify XP as a "good thing". Familiar, yes. I'm not sure it is "good" any more.
Since it's EOL was announced support for new hardware isn't guaranteed (and I suspect a lot of new wifi dongles/cards don't support XP very well, if at all), and the less said about it's IPv6 support the better.
Re: It does make you wonder what sort of hardware our banking network is running on.
I've not seen any indication of hardware failure in these incidents. It's all process or software related.
When I opened a bank account with RBS in my local branch in 2003 I found their office computers were running OS/2 (the banking app that the guy was using to open the account crashed and I saw the desktop). I suspect that's because the backend was an IBM mainframe and they were using one of the proprietary IBM communication protocols. The desktops (and ATMs, which also ran OS/2 for the same reason) have all been upgraded. You can see the result of the ATM upgrades on flickr and other photo sharing sites - Windows error boxes all over the place.
The backends? To be honest I'd probably trust a 20+ year old IBM mainframe that's under a proper support contract than I would a lot of the newer gear and newer OSs.
Re: about time FCC got off the dime
even better, I know of places that keep the ESS systems in place so they can say there is no room in the CO and that they can't allow other carriers to locate equipment there for unbundling services.
There's also a story I heard about a non-RBOC carrier who had a switch delivered many years ago (>10), but since the order was placed they'd started moving to a packet switched architecture and wanted to cancel the order. The manufacturer refused until the carrier said they'd take it out into the middle of a field and blow it up as a statement that circuit switched telephony was dead. The manufacturer suddenly changed their minds and took the switch back. Not entirely sure I believe that story myself, but I've heard it several times.
Cisco lost the plot long ago
From various people who work inside large enterprises, Cisco appears to have lost the plot quite a while ago. From personal experience, the 65xx chassis was massively underprovisioned in terms of backplane speed for the port density it provided (and this was back in 2002 when I worked at a large ISP. They haven't revised the backplane since AFAIK).
Cisco's answer? Push behaviour modules. Want your firewall in a blade? How about your IDS and IPS? Oh, and your e-mail hygiene product too!
They tried to cover up the lack of backplane bandwidth by pushing stuff that really should not be in a chassis slot in the first place. With the benefit for Cisco that they get to sell more switch chassis also!
The "cloud" companies moved off Cisco a while back, especially Google. If you take a minute to think about the way Google FS works, you'd realise why.
Re: Archaic architecture
That only applies at small scale
There is no PC on the market today that can cope with a real workload, e.g. 3xOC192 and multiple 10GBE links. The PCI Express slots just aren't designed for that.
Do you trust the SSL cert? The NSA, GCHQ, etc may be able to get a signing cert from somewhere and issue their own "fake" SSL certs on any box they like and have them accepted by the browsers as valid
Encryption without authentication is pointless
Encrypting the traffic by default is pointless unless you can authenticate that the system you think you are talking to is actually the system you want to talk to and not some intermediate spook system.
Mandatory encryption would therefore fail to solve the NSA "problem" because of the lack of trust in the authentication systems, i.e. the certificate authorities. They've been proven to be the weak points in the system before. And if people *don't* use authenticated certificates, then the mandatory encryption is pointless.
"I suggest you try SSL between client and server, with TLS between servers."
While that IN THEORY prevents snooping the message as it is transiting between servers:
- most MTA's do not enforce certificate chain validation of the certificate provided by the remote MTA, so spoofed, unsigned SSL certificates will generally be accepted
- that doesn't address the e-mail being stored outside your network border, which will invariably be in clear text (very few servers encrypt on disk, Lotus Notes being the only one I can think of and even then it's not on by default)
Clearly Tom Bakers time on screen was due to his equally long scarf.
Why on earth do they need the full content of the e-mail to pull down someones Linkedin profile? Surely all they need is the header From line, and maybe the To and CC lines if they're pulling down the profile for everyone on the e-mail?
If the complete e-mails pass through the Linkedin servers, then to me, the entire system is designed backwards. The client should pull down the mail to the phone and then make a request to Linkedin to see if any of the header From/To/CC addresses are recognised. End of story.
- Updated HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
- Apple orders huge MOUNTAIN of 80 MILLION 'Air' iPhone 6s
- PROOF the Apple iPhone 6 rumor mill hype-gasm has reached its logical conclusion
- US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
- Black Hat anti-Tor talk smashed by lawyers' wrecking ball