1066 posts • joined 14 Jun 2007
Shouldn't they be suing the NSA and GCHQ?
Re: An unsolvable decision problem
"As was the case of Sokal's hoax about postmodernist thinking, it is à priori undecidable whether anything coming from that corner is serious or not."
Yep. It's a sad indictment on the situation (and I'm talking generally - I haven't viewed the link) where the 'loony feminists' can't be told apart from spoofs - The 'Poe law' of feminism. The sincere loony fringe only succeed in hampering the legitimate cause.
"And as wireless charging boffins have found, any new design will have to compete against USB, which is becoming a global connection standard for juicing batteries in portable kit."
I didn't think USB had enough power to charge laptops...
Re: Techie question.... @Jamie
Yep. That makes sense.
However, if my client has been compromised, it's 'game over' already. After all, self-signed certificate or not, they have me pwned.
I'd never use a public terminal, for instance, to access anything even requiring a password (https or no https). Heck, I won't even use anyone elses systems for private/financial stuff.
I was just curious if a self-signed certificate would stop the https being hacked by stopping people abusing 'technically legitimate' access to any CA certificate in the otherwise chain - or if there was some other subtle issue this option would throw up that I hadn't thought about.
As an aside, if someone was intercepting my CA-signed connection via a CA certificate intercept, am I right in assuming that the attacker wouldn't be able to stop me being provided with a different certificate and signature - it's just the fact that the browser would normally accept it silently?
As for my own systems, I know they are secure because I was visiting some dodgy site, and this flashing red banner told me I had lots of viruses, and it is now keeping me safe due to this .exe file I downloaded and ran... That and all those browser bars promising me extra security and loads of free smileys means that I'm really safe! :-)
Re: Techie question.... @Jamie
Ahhh. I get what you're saying now, and I agree.
However, when I said 'my own personal stuff' I didn't mean my webserver for public consumption, I meant my *own* use for accessing my email etc. over https.. Not that I have anything to hide - in fact, my mail is so full of crap, I'd be doing a disservice making it public!
Re: Techie question....
Hmmm. Thanks for the reply. I was wondering if there was some subtlety I hadn't thought of...
However, I don't think this right. After all, even the 'chain of trust' has to stop somewhere, and so what would be stopping evil hacker NSA bloke from pulling the technique you describe at that root?
I thought the private key (held presumably secure on the server) would thwart the type of attack you mention
For my own personal https stuff, I'm thinking that it would be safer to go back to self-signed certificates on my server...
Despite the initial browser warning that it's an untrusted source, the certificate chain can not be spoofed, because there is no-one else in the chain of trust to spoof it.
Is this correct?
Re: This might be a stupid comment, but...
Naaaaah! I know you were being rhetorical, but I'll answer anyway :-)
I do personally use a registered domain for my internal stuff, but it's not necessary.
One of the reasons is so that I can keep the internal / external DNS configs on one machine. However, the domain is slaved to internal nameservers, and all internal machines use internal nameservers so that the internet is not a dependency.
In fact, whilst I agree about the domain mess, anyone who's internal systems could break due to this (or to the other often mentioned thing about some ISP's returning a default IP instead of NXDOMAIN on unknown addresses) really needs to fix their setup anyway..... If your internal printer fails because network solutions (or whoever) put a * wildcard under .com, then you have other potential security and reliability issues to fix!
As for the tongue-in-cheek comment about having internal mailservers listen on all domains, I don't see how that is relevent to the situation you are commenting on... Surely, more of a hypothetical question is should your external mailserver accept stuff routed to names assigned to registered internal hosts? !!
Re: This might be a stupid comment, but...
" Why would you move your stuff to a new FQDN,assuming you already have a perfectly good existing one for your company?
It's not a stupid comment.
Short answer - you wouldn't!
It's just a way for Icann and some domain speculators to make some money. Also, some idiot marketing folk (who haven't thought through the problems it will cause them, even leaving aside the technical issues)
Isn't anyone going to stop this fiasco? All it needs is a few of the major ISPs to agree to not honour these new crappy non-domained-domains, and hopefully they will go the way of the .biz / .museum etc.
It's in their interests to stop this, as it will produce administration and support heacaches.
It's in the interests of businesses wanting to avoid another needless landgrab.
It's in the interests of marketing departments and consumers (You can simply write myste.com on the bottom of your adsm and everyone knows what it means)
Of course, now that nominet is planning the same thing, I've all but given up hope.... I'm beginning to hope that its implementation is a massive screwup that has to be abandoned, taking Icann with it
Re: About that Star Trek stuff...
star trek style replicaters indeed!
I'm still waiting for my bloody hoverboard.
Re: You can keep your 4G....
Errrm yeah. I dunno if Prof Falken made a typo there, but I've often done 2.5GB a day over three mobile broadband...
Re: What's to stop a US native using this?
You'd still not be fulfilling the "UK resident" role, and if you were a pretty prolific offender, it would be easy enough for them to prove this.
Alice corp. will lose...
They aren't an American company!
They're just biding their time...
They are sneaky buggers, those Martians ....
Back in the days of public payphones...
... did institutions ever apply a block on inappropriate phone numbers?
I expect not... But of course, all forms of smut didn't exist until the internet invented it.
Ahhh, with the mention of kids for extra brownie points, I think the reporter is angling for a job with the daily mail.
Re: I'm always surprised at the naivity of people
We are well past the days when computers were just used by geeks....
That's OK then (!)
Re: Why is it...?
I'm a long time unix hacker, and hate Windows as much as the next guy, but are you really complaining about pro-MS bias here at the Reg? !!
Besides, in all fairness, if this was an article about a toolbar program on Linux, and someone blamed the OS, I'm sure you'd soon call foul
I wouldn't normally make a post like this, but:
"HAHA! Best thread ever!"
Re: Meh… EULAs
People seem to think that if something is in the EULA, it must be binding. - If you agreed in an EULA to kill your first-born, guess which response would be legal?
Re: If you want to clean up YouTube...
I'm not supporting the new system, but the old one was pretty cruddy - you couldn't even link to other youtube videos!
" What sort of person gets scandalised by ASCII art? :-/"
The problem is the loud minority who object that *others* will object to something.
The PC brigade are on a mission to save us from ths supposed horrors that would supposedly upset/corrupt us, even when they actually wouldn't.
Well, if it wasn't blockable under porn/smut, maybe it can be blocked as extremist?
Re: DVLA Site seems fine to me.
" Right, smart-arse, now try changing the address on your driving license."
Been there, done that. Just 3 weeks ago in fact.
Afrer filling it all in they said they'd send me a form to sign and I'd to include a photo, because I'm an old fart from before photo-id's had been invented.
Payment was taken online (I lost my old license years ago ), I received the form and only had to sign and date it (as did the poor sod who had to vouch for my photo), and post it back in the supplied freepost envelope.
I was a bit peed off that I couldn't complete it online, but that was because I somewhat optimistically thought I could get away with not requiring a bloody driving ID card.
OY! ARE YOU CALLING ME A "R277 BTX"???!
Re: UK "Vanity" Plates
Vince, thanks for the reply.
I'm sure that as a kid, we had a car that seemed newer than it was because it was imported second-hand from Ireland by the previous owner, and then registered over here with new plates. I guess that would fit in with your importing loophole.
It's always something I never really thought was strange - having grown up with it. It wasn't until a few years ago when a friend visiting from abroard questioned it that I started to wonder. After all, accurate age info. Is readily available when needed these days!
Re: UK "Vanity" Plates
The current year-in-numberplate system will last us until 2049, though.
Whilst on the subject, what was the original purpose of the year in the reg? And what is its current purpose, other than letting someone (potentially) know whether a vehicle is old or not
They should use a system that is more vanity-plate friendly???
NOOOOOO!! Isn't this country dumbed down enough already?
What a load of sh11 tee
Talk about tenuous, and prudish.
By this criteria, I'm sure there are many older plates already out there that would fit the criteria.
Vanity plates are so sad anyway. Besides, why would I want a plate that was easier to remember? Harder to get away with fleeing an accident that way :-)
Re: Crappy Job but its still a job
... but you try and tell the kids today that, and they never believe you!
Re: Reality check needed
" I'm sure there are far more arduous, disgusting and lower paid jobs elsewhere in the world."
Indeed, and even in this country too.
Re: RE: I'd like the Government to make it illegal to strip the metadata from uploaded material.
.... and cars can be locked - it doesn't mean someone has permission to take your car if it isn't.
Re: I think the Photographer should Appeal
PeteA, iironically, it's you who needs the comprehension lessons.
No-one said or implied what you are saying they did!
Re: Helping with the non-threaded reply setup...
Without any replacement mechanism, replies do sometimss get easier to track if someone changes the reply title, and then someone replies to that reply without also changing it, but yeah, I like your replacement suggestion.
But yes, a properly threaded system would be better - I think the closest analogy would be like a traditional forum setup, but where every article creates its own sub-forum (rather than a new post in an already existing forum)
As for my current use of the system, I'd like to keep track of new posts in a forum I mark appropriately. I'd especially like to be alerted of replies to any thread I'm involved in.
At the moment, it's either a case of posting early (and missing other posts) or getting in late and missing the party.
I very rarely visit a forum twice. I have tried doing it whilst switching to 'latest posts first', but found that too confusing when tracking replies.
Helping with the non-threaded reply setup...
A much simpler suggestion this time:
When someone hits 'reply', how about pre-loading the textarea with something like:
"In reply to Fred Bloggs post at 12:45pm:"
Re: Beware of these so-called "Expert Witnesses"
" Uh, you do know this is a UK site, and we're talking about UK courts and UK expert witnesses here, right?"
So? Are you saying that Anericans aren't allowed to post here?
His comment was on topic, as the article is about expert witnesses, not something that only occurs in the UK (even then, his opinion would still be valid)
" Ulbricht is not a criminal but a decent man who lives by principles of "honesty, personal responsibility, and the importance of friends and family.""
Ahhhh, yes. All honest people I know have at least 9 fake driving licences
And how the hell does 'the importance of friends and family' matter? - it doesn't make you any less a criminal. Indeed, Mafia members are renowned for putting a great 'importance on friends and family"
".... headquartered in Paris, France, has surrendered....."
I see what you did there!
Re: If it's transmitted, it's collected
Well, they could be logged, but at default, the majority of web servers don't log the content of POST requests, just any parameters passed in a GET uri.
They are only 'fixing it' because they've been found out.
"....Native Americans were in part merely an earlier wave of European colonisation,"
" So it appears that the Native Americans were in part merely an earlier wave of European colonisation,"
If human life started in Africa, aren't we *all* simply the product of African colonisation?
Re: For shame
"It probably wouldnt have to remove it from sale to be honest, it could just stop their servers listening for the data"
You'd trust that?
Re: For shame
.... and the number of apps that startup on boot, even though there is clearly no need....
Re: For shame
What about 'theft of broadband data allowance' or 'unauthorised access to internet connection' etc.?
You've got to be kidding....
With the current Icaan 'top level domain' fiasco, I'd thought of nominet as the sane and stable member of the family
How wrong I was.....
Also.... buttons disapearing if they don't apply (back/forward etc) - arrrrgh - I hate that - it means the buttons you would want to use move about - that's terrible UI design in my opinion.
Re: I disagree...
" Granted, it may be the first photo taken of themselves online"
Really? In 2002? You must be very young to say that!
I posted my first "selfie" online in 1990, and I was late to the party! Or doesn't it count because I wasn't making a "duck-face"?
- Vid Hubble 'scope snaps 200,000-ton chunky crumble conundrum
- Bugger the jetpack, where's my 21st-century Psion?
- Windows 8.1 Update 1 spewed online a MONTH early – by Microsoft
- Something for the Weekend, Sir? Why can’t I walk past Maplin without buying stuff I don’t need?
- Review 'Mommy got me an UltraVibe Pleasure 2000 for Xmas!' South Park: Stick of Truth