294 posts • joined 20 Sep 2011
The Americans will simply say "your airlines will share their PNR data or they won't be allowed over our airspace" and the EU will fall over itself to comply (again). I strongly suspect if you buy a ticket from a US airline (or on a US airline via a code share with an EU airline) your PNR data is already shared and there probably isn't much the EU can do there since you're dealing with a US entity, so it creates a situation where the US wins anyway - either the EU airlines share their PNR data, or they stop EU airlines flying to the USA and force people to buy tickets with airlines that DO comply.
I seem to remember the EU negotiated (allegedly) tougher set of restrictions on PNR sharing, and the US thanked the EU and then pointed out that nothing changed because of some get-out-clause, and in fact the "tougher" restrictions may have ended up being less restrictive as a result.
Example of how well the laws work
Some of the late 80's/early 90's legislation opened the doors to having more than one provider in an area, e.g. if Comcast was the incumbent cable company then someone else could come along and build out a cable network and compete with Comcast (or VZ, or Cox, or AT&T, or SBC, etc).
This, in theory, was a great idea
In practice it had major issues because while the FCC let it happen at a national level, it could fail at a local level (but not always)
A company I know of tried to get permission to build out a competing network in Baltimore, MD. Despite multiple submissions to the city leaders, the decision got repeatedly delayed. And delayed. And delayed more. They were never explicitly told "no" from what I understand, but they were never told "yes" either. Why? The Comcast head office at the time was literally *across the street* from the city offices.
End result? Baltimore never got competing services.
There are other stories I've heard too about local interference for petty political reasons, ultimately to the detriment of consumers. Such as the incumbent cableco in another area didn't have an obligation to provide service to the entire county, but when a competing provider applied to build out service they were told they had to run cable to every property in the county. Fair? Don't think so.
Light regulation only works when everyone plays nicely together and has equally big bank accounts. When one provider is significantly bigger than another, regulation is needed to stop the big guy squishing the little guy like a bug on a window of a high speed train.
The last mile providers think they own the eyeballs and that since there tends to be no effective local competition they can do what they like to protect the revenue/profit stream they've set up. They need to be shown the error of their ways.
Re: fucking fucking retards
it will make a difference to consumption when the govt (or energy company or national grid) decide you're using too much electricity at a peak demand time and turn your supply off the "manage grid load", of course since this is done in the National Interest(TM) you have no choice but to accept it and no recourse for compensation, etc.
It's the only way that this can play out which will make any significant difference to energy usage.
Re: The actual government PDF makes for depressing reading
"Demand-side response involves electricity users shifting (or reducing) demand usually prompted by price"
the worrying thing is what the "unusual" methods are. I suspect "load shedding", in other words rolling blackouts to reduce grid load, probably using the smart meters to turn off your supply. possibly based on which tariff you are on (more expensive tariff = less likely to be turned off or something)
I'm sure the government will tout this as being green, but all that will happen is it will drive the sale of inefficient petrol, diesel or natural gas based generators to homes/business keep the lights on.
"Licence conditions allow suppliers to access monthly (or ‘less granular’ i.e. less frequent) consumption data for billing and other regulatory purposes without needing consent. There will be a clear opt-out for daily collection of data, and an opt-in will be required for use of the most detailed half-hourly consumption data"
How can a consumer prove one way or the other? if the meter reports hourly data no matter what, the provider can use that data and mask it behind something else.
Quote: "There is an ongoing battle between those who desire to capture information and those who desire to communicate without surveillance."
That's not limited to just China
Re: not convinced
I honestly can't remember what the original BSD distributions from UCB CSRG used, but the F/OSS BSDs have traditionally used gcc.
If Stallman didn't write GCC, the probability is someone else would have written another open source compiler instead. I suspect an argument could be made that it would have been better done another way - for the last 20 years or so I've frequently run into bugs that turned out to be gcc bugs, not bugs in the code compiled by gcc. A compiler developed by someone else may have been able to do a better job if not shackled to someone going around with a hard disk platter on his head.
Right now there is still some public resentment about the NSA stories coming out post-Snowden. Wait a few months or maybe 1-2 years and then the Feds will be able to sneak anti-crypto legislation in without hitting the headlines.
The reason I say that is that it will give them enough time to invent some cases that prove that crypto that the Feds can't crack through a subpoena are causing people to be killed by kidnappers or causing children to be sold into prostitution (or whatever). The fact is right now the Feds cannot point out a SINGLE case where crypto prevented them from solving it, and the 3 cases Mr Comey (FBI Director) highlighted in a recent speech had nothing to do with crypto AT ALL ( see https://www.schneier.com/blog/archives/2014/10/more_crypto_war.html )
assumption - better network = less commuting
unfortunately, a large percentage of businesses still think that unless you park your bum on your seat in an office with all your co-workers then you're not working. I suspect the opposite is quite often true - you get more work done at home as co-workers aren't popping over to you to talk about yesterdays football/rugby/cricket/whatever.
I'm still in awe of Google, perhaps the biggest purveyor of cloudy infrastructure, insisting on staff being in an office (which is the primary reason I'll never work at Google or Facebook or a host of other companies - I refuse to move to a big metro area like London and sit in traffic for hours a day). If there was one company that should be promoting telecommuting it should be Google. (yes, I am aware of the "unplanned collaboration" idea). The fact that companies like Google are encouraging people to move to London, which is already creaking under the strain of the existing population, is just plain daft and they should be shot (or at least heavily fined) for encouraging that. Probably a new tax should be levied for each person a company encourages to move to London to pay for the infrastructure needed for that person (power, water, public transport, etc)
The reality is that better networking at home probably means Netflix/Amazon/Sky sell more PPV movies.
she didn't claim to be protecting children!??!!?
which always struck me as interesting - in the Amazon tablet advert, the punter calls up amazon support to ask how to play his movie on the big tv as he has some friends over. Was amazon just encouraging people to violate the public performance clause? seems to be a grey area to me.
Re: Good. Now it's time to end retransmission fees.
I can't confirm if this is still the case, but cable companies in the USA used to have to carry the free-to-air broadcasts in the clear on the cable plant. No encryption, no compression, so that unmodified TVs without set top boxes could pick them up. You still needed to pay the cableco for the connection to their plant, but IN THEORY you didn't need extra kit to get those channels that you could have got with an aerial in the roof.
Of course the cableco's loved to hide this fact and push set top boxes and other stuff to you to bump up their MRC and make some money. And with channel bundles they probably made it so that you had to buy other stuff anyway. I'm honestly not sure what revenue the local free-OTA broadcasters saw from cable companies. I would tend to suspect that the cableco's pushed them to let them get the content for free and in return the broadcasters got more eyeballs for their ads and made their money that way, especially today with the mega-cablecos and their muscle.
With the push to digital broadcasting and HD content, the above may no longer be true as you can't stuff a HD channel in a 6MHz cable frequency band without compression.
That depends on the problem you are trying to solve
STARTTLS for MX records may not deliver perfect secrecy (or security), but it does provide a layer of protection. e.g. it stops someone from using Carnivore (or whatever it is called this week) to get the sender and recipient information, since the session is encrypted. PGP or S/MIME (the encryption option, not the signature option) cannot mask the envelope and headers, they have to be plain text, hence channel encryption becomes interesting.
Also, if you are doing Authenticated SMTP, STARTTLS should be required, not optional.
Without a valid certificate you're not proving that you are delivering to the right server, all you are doing is stopping people from being able to decode the content just by sniffing the packets.
Encryption without authentication doesn't protect your content.
Re: Perversely, I thought metering was sane.
Netflix *is* paying for bandwidth. They pay their upstream to carry the data to an IXP, where it is handed off, most likely to the subscribers ISP.
The subscriber then pays the ISP to carry it to their location.
I fail to see where the problem is. Despite their claims to the contrary, the ISPs *are* being paid for carrying the traffic. I, as the consumer, pay my ISP to deliver the content I request. It is up to the ISP to charge enough to recover costs and to maintain/upgrade the network.
What is happening here is anti-competitive behaviour, pure and simple. The big carriers (Comcast, Cox, BT, whomever) figure they can get paid at both ends of the deal - by the content generators and the content consumers. Then they can simply squeeze everyone else out of the market because they don't have the clout to negotiate those deals, so the cost to the consumer will be higher. Most consumers only look at their MRC, so they'll move to the ISPs that are having their cake and eating it too.
Cable has problems because the incumbents in the USA built their cable plants to broadcast TV, with high numbers of subscribers per node. As Internet (and other services such as Video On Demand, Set Top Boxes that do more than just decode encrypted broadcast signals, telephones, etc) became more popular this showed a problem - you can go from DOCSIS 1 to DOCSIS 2 to whatever the latest is and push more bits per MHz, but unless you go from 500 subscribers per node to 100 subscribers per node (or less), you're going to run out of bandwidth. Increasing the number of nodes is difficult because you have to run a ton of new fibre, and then rebalance the plant (which is easier said than done - HFC networks are twitchy)
It's easier to blame Netflix than it is to fix the problem.
The number of subscribers per node (and therefore are sharing the same spectrum allocation for their upstream and downstream) is always the weak point for cable. You can throw all the bandwidth into the head end or hub site you like, but it won't help. DSL is has an easier time of it because you can more easily increase the backhaul.
Until this latest update, you could swipe over promoted tweets and get rid of them. That feature has mysteriously vanished in the new version.
Customers win from a race-to-the-bottom in the short term, but long term? I'm not so sure. To many other industries have suffered from consolidation and significant supplier failure rates in the race to the bottom, leading (in the end) to only a few big suppliers and less competition.
The entire motive behind this isn't innovation, it's a push to race to the bottom on *perceived* costs to the end user, by moving the costs elsewhere and hiding them (by making other companies pay). I fail to see how creating an unequal market place fosters innovation. If Youtube or Flickr had to pay for access to ISP subscribers from day one they never would have got off the ground.
The US telco market used to have something called reciprocal compensation. It was brought in after the Ma Bell breakup because the telco terminating an inter-LATA call received no compensation from the billing agency (the long distance carrier) for using their network. The originating carrier was compensated by the user in the form of their subscription. (why the terminating carrier didn't count the revenue from their subscriber I have no idea. Clearly the money they were charging for their line rental was too low. It's the same B.S. the ISPs are pulling now).
This lasted until the CLECs came along and figured out they could put dial up modem pools behind their switches and suddenly they were receiving millions of dollars a year from the ILEC for terminating dial-up calls to ISPs. Some CLECs initially built their business model on receiving those revenues.
The minute the tide turned against them the ILECs started screaming that it was unfair.
Of course it was - they rule they fought for was suddenly being used against them. To be honest, it probably was unfair. However the ILECs built themselves a nice little empire with access to millions of subscribers that they thought they controlled and that they could milk for all they were worth, including basically demanding other carriers pay them to make calls to their subscribers.
I'm waiting for someone to do the same to these greedy ISPs (most of whom are legacy telco's - go figure) who demanding money for access to their customers.
I thought one of the points of Java was that such string overflows shouldn't be possible?
Re: Australia anyone?
I think SATCOM ACARS was disabled, but the transceiver assembly remained powered. As best I understand it, Inmarsat sends the ping request and the assembly on the aircraft, independent of any other systems, answers. Unless they thought to pull the breaker for that subsystem it would always answer. It was probably not well known by anyone outside of Inmarsat before this incident.
Re: How do Autopilot systems work?
There was an European flight (Helios Airways Flight 522) where the maintenance people on the ground left the pressurisation system on manual, and the co-pilot didn't notice during pre-flight checks so everyone on board asphyxiated.
The autopilot continued to climb until it reached the pre-programmed altitude, and then continued until it reached the destination beacon and circled waiting for new instructions
That was a Boeing 737. It's possible the 777 autopilot behaves differently, however I would suspect not
The way the autopilot works, in general, is that it only stops controlling the aircraft:
- if manually disconnected / turned off
- if it detects flight envelope information it considers unreliable and therefore it is unable to continue. In that case it tends to trip the master caution alarm so that people know what's happened, and that is a fairly major alarm. In the AF447 case, it couldn't reconcile the flight speed/altitude information from the sensors so it turned itself off.
Any other behaviour would lead to the possibility of the plane entering uncontrolled flight (where no-one is positively controlling the aircraft), which is to be avoided.
Channel 5 report
Anyone else watch the Channel 5 program on MH370?
I found it rather lacking in credibility for two points
- The plane in the AF447 crash was a "Boeing Airbus"?
- apparently you can take control of a plane by plugging into the USB port on the IFE. Which is impossible as there is an air gap between the IFE and the cockpit systems. Boeing tried to share a transmitter between the IFE and the cockpit systems on the 787 and got thoroughly spanked by the regulators and they had to separate the systems.
Re: Australia anyone?
There are too many things against the emergency and pilots lost consciousness theory. The fact that the emergency happened between the handoff between Malaysian and Vietnamese ATC could be co-incidence. The plane then allegedly flew just under 30,000 feet along the northern border of Malaysia, which puts it in another zone which straddles ATC control zones - above 30k feet the rules are different (to pack more planes into the corridors), and by flying the border whomever was in control made sure that which ever controller saw the blip, they would likely assume the other side was handling it.
If the data above are proven true, then the emergency theory doesn't hold up - it looks way too much like whomever was in control didn't want to be found
Also, you missed one point - if there *was* a decompression event, the crew immediately get down to 10k feet or lower so they (and everyone else) can breathe. That didn't happen. If they couldn't descend, then they also couldn't reprogram the autopilot to take them back. An event that knocks out ACARS, the transponder, the voice radio, *and* all flight controls is unheard of and extremely unlikely. Even if the radios aren't redundant (which they are to a degree - there are at least two voice radio systems on a modern jet), the flight control systems *are* redundant
IMHO, the hijack theory is the one that makes sense given the currently available data. The questions that remain:
- who hijacked the plane - the flight crew or someone else?
- their motives
- why apparently leave a RADAR track going north from the Malacca Straits, and then apparently turn south towards Australia?
Re: Looking for what isn't there?
Uninterruptable telemetry is nearly impossible for a reason not mentioned so far - the system needs power. All the power drawn for the planes systems comes through the main power buses, and unless you do something insane (like hard wiring it into the planes power buses with no breakers), then there will be a way of stopping the transmission as all they need to do is pull the breaker.
Even if there is a small battery in the device to provide some power after power loss, e.g. both engines flaming out so the main buses go dead, this plane flew for *hours* afterwards, so the last "burst" saying "HELP! I'm over here!" would be thousands of miles out.
Re: It's Secure*
Sorry, poor phrasing
The servers pointed to by their MX record offer STARTTLS
Re: It's Secure*
Also, if people send you an e-mail from non-gmail servers the MX record offers STARTTLS, and the certificate appears to be genuine, however:
- I suspect most mail servers don't try STARTTLS when delivering mail (at least in my experience)
- even those that do STARTTLS, most of those won't validate the certificate so MITM attacks are still very real
Also, unless you use PGP or S/MIME to encrypt the contents of the e-mail, it's still stored in plain text, so any intermediate SMTP operator can read your e-mail or it can be intercepted.
So being able to browse your mail over SSL is all well and good, but it's still not secure.
You're right, sorry, there are computer assists on the 777, but from memory there is a big button on the control column that overrides those computers. The Boeing mentality is that "computers can be mistaken, people should always be able to override them". So unless the hackers rewrote the proprietary control systems to disable that feature, there is no way to control the plane from the ground like that.
I don't buy the fire theory either. If the autopilot was reprogrammed to go back to the beacon of an airport, it would have just kept circling over the beacon waiting for more instructions, not head off on some random course.
Also, if there *was* a or some other event that caused the pilots to don their oxygen masks the first thing you do is descend rapidly to a point where you can breathe unassisted because the pilots know those masks don't last long and hypoxia will guarantee the death of everyone on board.
ACARS, the transponder and voice radio are all different systems. I find it difficult to explain why they were all knocked out
I also laugh at the front page of a British bird cage lining manufacturer which stated that the planes systems were hacked remotely. Uh. Sorry, but a 777s flight controls are not computer assisted (unlike Airbus) which means that explanation is about as likely as truth from a politician.
Re: what happens
Probably depends on what mode the autopilot was in. There are multiple modes, and altitude hold may not have been engaged.
Various newspapers have been given full copies of his archives already. Which is why the British Government went to The Guardian and oversaw destruction of one or more hard drives that allegedly contained a copy of the documents.
Quad core may not be 4xthe same core
The assumption a lot of commentators appear to be making is that the quad-core CPU has all the cores of the same type and capabilities. Some recent ARM technology is to bundle a simpler, lower-power core which is used for basic tasks when the bigger cores aren't needed for heavy number crunching. Not sure it would make sense to have two lower-power cores.
I'm sure that putting a nice notice on peoples accounts reminding them to obey local/state/federal laws will make EVERYONE stop doing anything illegal and fall right in line (!)
This isn't a freedom of speech issue, although I'm sure the NRA would make it one.
Flip side is if BT can recoup more of their costs then high speed broadband can be rolled out to more places. If OFCOM is setting the price for LLU too low then BT have no incentive to invest as the competition will come in and not pay enough to justify the FTTC or FTTP investment.
No, I'm not saying BT should be able to charge whatever they want. However, there is a case to be made that if the prices paid to BT are too low then they have no reason to make the investment in the first place.
My exchange is FTTC enabled but my cabinet doesn't have the connection density to justify the upgrade, so I'm stuck. Something has to change, and that could include the ROI that BT get on the investment.
Of course, the fact they deployed a new cabinet as copper in the first place is just dumb
Re: The wonders of tenders
Actually, I don't understand the "20 suppliers" part. They want to split the mail service up over 20 different providers? With different mail systems? Calendar interoperability and directory services would become a nightmare. Or are they splitting the platform into different bits? Mail, directory, etc, going to different vendors? If so, who gets to host it all?
Re: I may sound stupid but..
some companies buy others just for the userbase. in this case I think they want to drive more users to the facebook messaging service so they can gather more data on their users to sell to advertisers.
I don't believe the "WhatsApp will remain autonomous and operate independently," bit at all. It will be integrated into the main Facebook platform. Operating independently doesn't make any sense. The only way Facebook can justify the cost is by merging the platforms.
Since Apple has software they sell on both the Mac app store and the iOS app store, are those revenues reported twice in that graph, once in the app store an once in the appropriate category?
Re: The annoying thing is...
I've always wondered...
I, as a non-US entity, can buy shares in Apple
Could Apple use their non-American cash piles to buy their own NASDAQ traded shares from their non-USA operating entities and then cancel them that way, or do they have to be bought in the USA?
Re: Peak apple?
@ Simon Buttress
They're being hammered because of several things:
- the analysts expected better results than what was reported. this probably says more about the value of analysts than anything else. there are plenty of El Reg articles commenting on the fact that analysts are largely useless as they try to take rumours and then earn a living from telling you what to expect. honestly, if analysts knew what they were doing they'd earn a much better living off their own investment portfolio than they do as analysts.
- the future guidance was low. remember that you're commenting on what has happened. that is largely irrelevant. investors own stock because of what the future holds - in other words, they expect the stock to increase in value and that dividends, etc, keep their wallets fat. if they think that a company won't be able to deliver on growth they find acceptable they'll dump it like a hot potato. the fact that they continue to expect record growth each Q when the smartphone market is obviously approaching saturation or is already saturated is clearly unrealistic, but that doesn't stop them from punishing companies who fail to live up to the analysts expectations.
Re: Oh the irony
The difference is that under the GPL, they can do that to RedHat because the code is open source. Just like CentOS can ship RHEL without any fees whatsoever - they just can't call it RHEL.
Solaris isn't permissively licensed and therefore the situations are not as similar as your comment suggests.
Re: So they are charging a fortune...
There may be work behind it, and there may be justifiable ongoing running costs. However, in situations like this the product manager typically goes "what will this be worth to the end customer" and bases the price on that. Hence the spin in the e-mail about protecting your brands reputation - or in other words, is your brands reputation worth $1,350.00 a year?
I would tend to suspect that the price given to end customers "to recapture the costs of maintaining this extra level of security" are significantly higher than the actual cost of delivering the service.
First openntpproject URL is wrong
There used to be an article feedback link, but I can't find it anymore, so posting here
The first link is wrong
The HTML source shows:
Re: Argument seems illogical
MAE-West (remember that?) suffered a massive outage in the 90s from a power outage where they got the generator running but it didn't provide aircon and it fried most of the equipment in the room from the heat. Rebuilding the equipment in the facility drained most big router vendors spare parts stores for all of the USA.
(the story I heard was there was a gas leak so the fire dept. killed the power to the street, MAE-West ops people dragged the genset outside the exclusion zone, fired it up, got the NAP running again, but in the summer heat in San Jose, CA, the temps in the room quickly exceeded the operational specs for the routers and switches)
You also never EVER want your aircon on UPS, even if you could size the UPS that big. The motor load from the aircon does nasty things to the inverters in the UPS. You need the UPS sized to carry the compute load for the genset spin up time plus the clean shutdown time of the compute load if the genset fails to fire up. The 1.6 megawatt genset at my last job could spin up from complete stop to carrying load in under 5 seconds from the time it was signalled to start (or so the suppliers claimed - I don't think we set the transfer switch that aggressively)
Re: I married an eye surgeon
One of the risks that is definitely NOT advertised by LASER eye surgery places is that if you later develop cataracts then the treatments are more difficult or not possible due to the LASER eye surgery. My dad was told this when he went in for cataract surgery a few years ago.
Stick with glasses or contact lenses.
Re: Yahoo layout boohoo
surely Thunderbird is only your friend if you pay Y! more to get POP or IMAP access? As far as I was aware those protocols weren't available by default and needed a yearly subscription.
Geo-ip won't help much
According to http://bgp.he.net/AS51040#_peers the IP range is hosted on it's own BGP ASN (AS51040) which is multi-homed to 3 different providers. Their IRR record seems to indicate that they could announce their prefixes to as many as 6 upstreams.
That makes it easy to move between providers as they come under pressure to cease the connection or face the Wrath of Khan, I mean, The Music and Film Industry.
I'm somewhat amused by the IRR record that states it is for "Piratpartiet North Korea"
The fall-back system to flight strips (the "cards") will probably also fall back to manually looking up and dialling the controller you have to hand the flight over to when it runs off the end of your RADAR screen. i.e. instead of a 20% reduction in capacity it's probably closer to 50% because of the added workload.
The manual dial system is what worked for decades before all these fancy computers came in and cocked everything up.
People who don't take basic security steps, like anti-malware and anti-virus, also trend to choose dumb passwords!
Providers need to put basic checks into their systems to prevent such passwords in the first place. Just because 12345 is the combination for your luggage doesn't mean you should use it for your bank accounts!
Has the ASA ever made an enforcement ruling while an ad was still in widespread use? If not, it's entirely a waste of space, especially if it cannot force repeat offenders (such as ISPs) to stop being naughty.
You forgot one thing...
all good things must come to an end
You forgot to justify XP as a "good thing". Familiar, yes. I'm not sure it is "good" any more.
Since it's EOL was announced support for new hardware isn't guaranteed (and I suspect a lot of new wifi dongles/cards don't support XP very well, if at all), and the less said about it's IPv6 support the better.
- Vid Antarctic ice THICKER than first feared – penguin-bot boffins
- Hi-torque tank engines: EXTREME car hacking with The Register
- Review What's MISSING on Amazon Fire Phone... and why it WON'T set the world alight
- Product round-up Trousers down for six of the best affordable Androids
- Antique Code Show World of Warcraft then and now: From Orcs and Humans to Warlords of Draenor