1450 posts • joined 14 Jun 2007
Use after free?
Really? In 2014?
What happened to NULLing pointers after freeing? A trivial modification.
Re: Aren't we jumping to conclusions a bit too quickly?
" This is an Internet Forum - it's what we do."
Just add the crappy car analogy, a few digs at MS, and sprinkle with ad hominem attacks, and we have a full house!
Re: John Q. needs to realize that...
" TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS, TERRORISTS"
Am I the only one who, on reading the above, visualised Steve Balmer bouncing around a stage chanting in a frenzied way?
I'm not saying this is the same as having the functionality natively, but for a techie, you can use 'xposed' without cyranogen etc. to remove privileges, and other apps to remove events.
("Android Tuner" combines these in a nice logical permissions gui)
I mainly use it for event disabling. The number of apps that request to be started up just because I plug in the charger caused the tablet to crawl.
Unlike permissions, you can generally kill all events without buggering up the app.
I use 'maps' and G+ once in a blue moon, so why do they attempt to startup on bootup, and everytime you fart, or look at the tablet in a funny way...
Re: I'd rather have user-defined system-wide granular app permissions
One of the first things I did was 're-unixfy' my tablet.
I have a full command set, users (/etc/group; /etc/passwd etc) home directories, ssh daemon, cron, boot.d/rc.d nfs mounts for media, native ipv6 ( com.google.process.gapps always connects via ip6 to 2a00:1450:400c:c0a::bc:5228), iptables (athough to be fair my tablet came with a nfs/ipv6/ipfilter enabled kernel ..), unix based 'su' (based on unix passwds not some gui allow screen (although to fix the 2 apps I use that require root I fudged by manually altering the 'su' code to let them su with no tty prompt.)
I don't trust it enough to assume it's unrootable - alot of the android subsystem runs with root privs, and it plays fast and lose with some file protections (though I try to proactively monitor/fix them), but it's basically a working unix subsystem - you can do wonders with a little knowledge, busybox, mksh, dropbear, and a suitable cross-compiler and then native gcc!)
Naaaah, some of the infrastructure was put in place in lCS (and could be s to a fashion by someone with technical knowledge) - however, the full user account system was definitely before kitkat... 4l. or maybe 4.1
Re: Example of a Breach
" BBC streams recent episodes, but only to folks who live in the UK.
If you could find a proxy, you could watch that Dr. Who episode on the BBC web site via the proxy, against the rules."
Actually, (although I haven't checked this for a year or so), the CDNs that BBC Iplayer use to deliver programmes are *not* restricted geographically. In fact, you can even get a 'restricted' program in the US straight from a US based CDN!
All the restriction etc. are done on the website side. Once you gave a valid rtmp/rtmpe URL it will work from anywhere.
You can easily test this out - download get_iplayer - configure it to use a UK proxy. then monitor your network.
You'll see the actual video file comes direct via your nearest CDN.
Facebook do similar with photos and videos - it doesn't matter what restrictions you put on your photos/videos, the URL of the actual media file is unrestricted.
Re: What law has been broken.
" Robots.txt and a suitable deny list for the ones who ignore it - works wonders."
But he wanted to be indexed, otherwise his experiment wouldn't work!
And as for the dodgy ones, well, as you say, they'd ignore it anyway!
Re: Short term memory loss
" ATI Radeon video cards + the ocl-hashcat program = bye bye wireless passwords."
You're not talking about brute forcing the password for a given hash you know, you would have to try and authenticate with every guess!
" between my uk.ac.stir.cs account an a uk.co account (yes, those were the days of backwards domains)"
No! Those were the days things were the correct way around. It's *now* everything is backwards!
" But we're almost certain that our commentards can think of something to top Monye's suggestions.."
How about for every video, forced to watch 'Neighbours' for a week, and for every audio track, made to listen to A Bieber album.
P.S. I you are prepared to lose some pinkies, you can hear her here : www.youtube.com/watch?v=lLdC_ONUObk
Re: Doom for US tech companies
" Good luck with all your endeavors in the future."
I want your babies!!!!!!! <3
" Mobile network operators currently pay an annual combined total of £24.8m per year for 900 MHz spectrum and £39.7m for 1800 MHz spectrum. Unlike the 3G and 4G spectrum, they didn't pay for the 900MHz and 1800MHz bands,"
I remember a few years ago, some big belt tightenings were done at El Reg.
Nice to see it is now again a success story in this cut-throat niche market.
I'm sure it will be an interesting job - but it's not for me - I couldn't write my way out of a paper bag...
More anti-US bashing
A while back, I defended criticisms of American policies in response to a post by 'asdf', by noting that criticisms were more apparent because of the Snowdon leaks, and we Brits would welcome justifiable criticism from our American pals regarding GCHQ, the government, the weather etc.
I've always felt there's a tendency for Americans to get too defensive over criticism, maybe due to their huge patriotism.
Whilst I still hold that general view, I have since realised I was wrong about this site.
Since then I have noticed that any trivial excuse is used to trot out the same tired old anti-US jibes.
By my non-scientific evidence, Americans are the second highest readership of the Reg, by count (second only to the UK) - I'm beginning to wonder why they bother.
" As cops escorted her from the aircraft,..."
"As cops escorted her from the aircraft, other passengers bade her farewell with a rendition of The Hokey Cokey, STV reports."
Haha, best reaction ever! (Awaits downvotes from the PC)
Even so, the Dons point is that they could have constrained her without much issue.
Obviously, I wasn't there etc. but it does sometimes feel such diversions are done to make a point, in the hope it will deter others in future (which isn't actually a bad idea, but it's still theatre)
" I hope that they all got fined for misuse of emergency services."
I always thought they were, in the UK, but seeing those numerous examples in the press, and on YouTube etc. it doesn't seem that they are.
Remember some of the UK cases (I''m sure you can find them by Googling) :
- Woman complains someone has stolen her snowman.
- Woman complains she's run out of fags
- Man reports strange object in the sky - turns out it was the moon...
- Woman complains that her husband is hogging the TV remote ...
"I'd be tempted to say (though without being able to cite experimental data) that the majority of people driving think exceeding the speed limit (_especially_ on the 'fast lane' of motorways) is perfectly acceptable and something they do already. So by the argument you appear (to my Idiot wit) to offer, democracy should rule and there should be no police action on speeding."
Errrrrr, that's the idea behind democracy - the government is there to SERVE the people, not rule them. Laws are designed to enforce consensus opinion.
If thr *majority* of people support a speed limit on motorways of over 70mph, then that should be enacted. If the current government won't, then elect one that will....
However, that's the problem - it's often hard to find a party that will out such changes without messing up somethin else, which is why a referendum is a good idea as long as the population is correctly informed (yes, I know... big caveat there too)
So yes, there are practical problems, but you seem to be of the view 'majority conscensus doesn't matter. We must blindly do what the gpvernment says " - I know of many dictators that woul welcome you as a subject.
Nice to see you, Bill.
I thought you'd left the Register?
"Combine that with other wonderful plans such as a pinning your national economic future to a currency union with the rest of the UK, which the UK government has already said they won't agree to"
It shows that I'm not an economist, but that has always confused me.
What's stopping an imdependent Scotland (or any other country) deciding to mirror the value of the UK pound? The only restriction I can see is potentially international copyright laws, but why then couldn't they keep parity but call it (say) the 'ellbie' or something.
I realise I'm being stupid here, so please reply with constructive answers not flames :-)
"Now that's what I call Firefox 31"
Re: Nearly had me agreeing
"Imagine Netflix content is delivered by the lorryload to your home from a Netflix factory on the other side of the country.
You pay your local council to maintain streets and local roads that connect your home to the motorway network."
Your analogy is flawed, because whilst you mention roads, you don't talk specifically about cars!
All geek analogies should be based on cars! It's the law!
Re: very appealing for a small ISP.
"Might not be appealing, but does it provide the service you promised to your customer? I'm paying my ISP for the connectivity, not Netflix.
If the ISP wants to modify our contract to include a Netflix peering surcharge, because the cost of that connection is disproportionate to the rest of the service (use whatever method of determining typical non-Netflix user you want) that's fine and I'll evaluate the value of that new contract."
Exactly! I have sympathy for the ISPs, but the way the model is structured, it isn't Netflix pushing lots of data into ISPs, it's the ISP customers requesting/pulling/downloading the data as allowed under the terms of their contract.
If an ISP no longer finds the 'all you can eat' (but hopefully not many of you will) model sustainable, then they need to reevaluate that model. Whether it's to place restrictions, up the prices generally, or charge more for higher usage (and it should be based on the data amount, not who's supplying it) then so be it.
As it is, they are charging customers for the right to download that data, and then when they do, they want to charge the provider of that data too.
Yeah, I can see how as Netflix gets popular it seriously impacts on your business model, but that's not Netflixs fault for supplying data your users have paid to be able to receive. The flaw is your underselling, and it's only your problem.
You'd have the same problem if all your users simply downloaded the same amount of data from loads of other random sites.. You going to try and charge every site for the data your users download from it?
P.S. I'm referring to the basic bandwidth issue - the CDN/cache/local server/hosting aspect is another big can of worms
"according to wikipedia (I know), UK metered supplies covered 33 of households and leads to a 5-15% reduction in usage."
Fair enough, though I've never known anyone to leave taps on for the hell of it.
Though I do know some people with meters don't flush the toilet...
" I know I am much more aware of water use on a metered supply than I was ona flat rate supply"
Aware, maybe, but I'm curious to how you use less. (or rather, what you used before than you don't now).
Not being a git, I'm genuinely clueless - other that watering the garden, maybe washing the car less, but as for the indoor use...?
"forcet? Don't you mean 'faucet'?"
Errrrrr, more than likely! *cough*
Thanks, AC! You get around a lot!
PS. Three downvotes for getting a spelling wrong - either that or some people resent me not wasting data.. The rest was simply factual. How can you downvote that?
Re: The Rest of the Story
"Basically every non-mega-internet-corp in the world has a blend that includes Level3 or Cogent in their mix and you know it"
That would be the stereotypical view that America == World? :-)
I know level3, HE, and others have global links, but you'll find in the UK at least they are at public peering points, and sometimes with the big ISPs but definitely NOT the small to medium ones!
" Can you image the waste if people paid a fixed charge for water, electricity & gas regardless of consumption?"
Um...You said 'tap' instead of 'forcet' which implies you are in the UK - yet you still don't know that the majority of properties here have unmetered water supplies?
In my 40+ years, every property I have lived at in the UK has had a fixed water charge, and funnily enough I've never left taps on for no good reason!
Similarly, I won't leave live video streaming running on my unmetered internet connection if I'm not using it.
If you think about it, I'm sure you'll find many things you don't waste even when cost isn't a factor.
Patient: "Doctor Doctor, wherever I go, I keep thinking I hear people talking about the Ukranian crisis "
Doctor: "Oh boo hoo. Crimea river"
" wrwyuustqut (which I believe is Welsh for haha)"
More or less! :-)
Re: Power Supplies
Can I be your friend?
Re: Maths failure?
I am indeed!
Re: I did not know there *were* that many cloud providers. Or are they
I wondered that too.
From the article (which refers to them as 'hackers' *sigh*):
Companies like Google, Heroku, Cloud Foundry, CloudBees, and many more offer developers the ability to host their applications on servers in faraway data centers, often reselling computing resources owned by companies like Amazon and Rackspace. Ragan and Salazar tested the account creation process for more than 150 of those services. Only a third of them required any credentials beyond an email address—additional information like a credit card, phone number, or filling out a captcha. Choosing among the easy two-thirds, they targeted about 15 services that let them sign up for a free account or a free trial. The researchers won’t name those vulnerable services, to avoid helping malicious hackers follow in their footsteps.
"Researchers Rob Ragan and Oscar Salazar have build a free LiteCoin-mining botnet that generates $US1750 a week /using free cloud signup promotions.
The pair will outline the exploit at Black Hat next month, but have blabbed to Wired about how they used automatic tools and processes to spread a currency-mining botnet across some 150 popular free services that each generated about 25 cents a day -- all on the providers' electricity bill."
Um... 150 * 0.25 * 7 != 1750
I didn't downvote you, but I don't agree.
Granted they may have broken contracts, but can't see anything illegal here.
They want to receive samples of urine?
Surely that's taking the piss!
Re: Probably, but not necessarily ...
"You're down in the weeds on this. Come up to a higher level."Really?
"Verzion has the pipes to send the data to their customers."I agree.
"They aren't doing it."I agree.
"Therefore it is Verizon's issue, not Netflix."I agree.
"I know what I pay Verizon a month, and I know what I pay Netflix a month."I agree.
"I know what Verizon promised me, I know what Netflix promised me."I agree.
"Verizon is the one who isn't delivering and I'm paying them better than 5 times as much money."I agree.
Now, how does this contradict the *only* point I've made (many times) in response to this article, which is that nothing in the original blog post proves specific netflix throttling?
Is there some comprehension issue here?
Throttling doesn't mean "We know there are problems with the Netflix connection, but are denying it and doing bugger-all about it"
It means: "Oh look, that packet is from netflix. Let's intentionally artificially slow down it's delivery."
Re: Um, so how does that work then?
Can you read?
1) I never said there wasn't congestion.
2) I never blamed anyone else for the problem.
3) Nothing to do with routing. Unfortunately, capitalism get's in the way of your blinkered utopian view on how the internet works. You can't blindly reroute via every available route - some links are contracted for specific routes only.
An actual real-case example.
I used to work for a large International tech company. We had fast internet connectivity, although it was often unreliable.
At one stage we bought out another company, and as their network already used an IP address range that didn't clash with ours, their network was soon fully absorbed and routable to/from ours.
For the time being at least, they continued to run as a separate company with their own budget and management structure and accounts.
They also had their own internet link, which although wasn't as beefy as ours, was far more reliable.
Technically , our network could be configured to route to the internet via their link (the non-private addresses that didn't need NAT, at least)
Indeed, if our link was down, some of us would bounce our SSH connections through them, but there would have been hell to play if the main connections automatically routed to the internet this way.
As I (and others) have continually repeated in this thread, the issue was that from the evidence given, YOU CAN NOT DEDUCE THAT VERIZON ARE SPECIFICALLY THROTTLING PACKETS FROM NETFLIX.
That is the ONLY thing we've said on the matter, and can''t be said any clearer.
You are therefore either trolling, or incredibly stupid - stupid of the worst kind - the kind who blindly believes they understand something which is actually totally beyond them; the type of person who ends up making monumental cockups because 'they know best'.
Not understanding something is fine - we can't all be experts in every field. What defines the stupid like you is you don't have a clue, but think you do. You then proceed to embarrass yourself with stupid postings - at least, you would be embarrassed if you weren't living in your stupid fantasy ego created world in which there is any merit in your anal dribblings.
Or maybe you *are* beginning to realise, which is why you're posting anonymously. If that is the case, then congratulations! Baby steps etc.
If not, don't worry there kiddo, you'll be perfect for management.
" PLUS: You'll never guess the nations where broadband's IN REVERSE!"
I want to start a campaign calling to ignore any articles which contain a buzz-feed style headline (or by-line)
Whilst I'm moaning, fix the bloody posting times on forum posts!
Re: Polar Bear
" I think we need to get some elephants out on the ice in a seal sniffing competition with a couple of Polar Bears."
Polar bears? Not to be sniffed at!
Re: Browser Wars
You may be joking, but 'w3m' works great for 'El Reg' - especially for long comments as you can use 'vi' or any other editor of choice.
If anyone knows a way to spawn vi under android browsers (I have a terminal emulator, I have 'vi') let me know and you can have my babies!
" Hence, I'm going LINUX... already started migrating. PS4 will be my gaming system and Linux to do desktop work."
If you're going Linux, you'll have to change your gaming system to SteamOS, as PS4 is FreeBSD based.
(Icon is closest we have to the FreeBSD icon... I think I'll start a repurposing campaign!)
People just don't have the sort of important stuff on their phones that they might on their PC (at least, not without backups)
Even some of the most careless users will tend to have uploaded their photos to their PC's for viewing on a larger screen, or have auto backups via Google etc.
Generally people assume their phone is a lot less safe than their computer (theft, loss, damage etc.)
I'm not saying that there aren't many out there that are vulnerable, but compared to PC users, it will be considerably less, and who'd pay $300 for a few photos taken over the last few months?
Indeed, the short replacement cycle for phones adds to this - people won't have important archives on their phones that go back years...
- 'Windows 9' LEAK: Microsoft's playing catchup with Linux
- Review A SCORCHIO fatboy SSD: Samsung SSD850 PRO 3D V-NAND
- Was Earth once covered in HELLFIRE? No – more like a wet Sunday night in Iceland
- Breaking Fad 4K-ing excellent TV is on its way ... in its own sweet time, natch
- Every billionaire needs a PANZER TANK, right? STOP THERE, Paul Allen