Feeds

* Posts by Phil O'Sophical

1577 posts • joined 28 Oct 2011

Brother, can you spare a DIME for holy grail of secure webmail?

Phil O'Sophical
Silver badge

Re: What about for business?

You'd need to get Alice to place her secure key in escrow somewhere, where it could be released by some agreed-on procedure. That can be done electronically.

It's just a modern version of the problem with a locked desk. You lock your desk when you go on vacation, and leave a key in a sealed envelope with someone you can trust. If you don't return, your boss can rip open the envelope and get at your papers. If you do return, if the envelope is still sealed you're OK, if it's not still sealed you raise hell.

1
0
Phil O'Sophical
Silver badge

Re: Key management

Isn't that just the old secure RPC AUTH_DES/AUTH_DH model?

It works well, but your approach still presumes you can trust Alice's server not to send Bob *it's* key (claiming it's from Alice) whereupon it can then decrypt Bob's mail, stuff a copy out the GCHQ pipe, re-encrypt it using Alice's real public key, and pass it to Alice. Unless Bob knows for certain the the public key he has is really from Alice, it can't be trusted.

1
0
Phil O'Sophical
Silver badge
Black Helicopters

Dark?

Since the press are now happily associating "dark internet" with "pædophiles and perverts" it seems just a little foolish to call this the "Dark Internet Mail Environment", no?

And will the truly paranoid ever believe that any service which depends on systems you don't own is secure? Secure webmail is an oxymoron, the points made in the article are valid. If you're relying on an app downloaded on the fly from a server to handle your security, you may well have no security.

3
2

'Leccy racer whacks petrols in Oz race

Phil O'Sophical
Silver badge

Come back

when a leccycar wins the Le Mans 24hours

0
1

Cryptolocker flogged on YouTube

Phil O'Sophical
Silver badge
Coat

Disappointed

When I saw the headlines I thought we'd be treated to video of a virus-writing script kiddie being introduced to a cat-o'-nine-tails.

0
0

Cops baffled by riddle of CHICKEN who crossed ROAD

Phil O'Sophical
Silver badge

Re: 20 foot high tower of feathers

Years ago on holiday, on a remote country road, my Dad's car hit a chicken just as we passed a small cottage. Feathers everywhere, indeed, and an irate old country woman ranting "You've kilt ma chicken". It took a fresh £5 note (it was a while ago) to pacify her, but for ages afterward my Dad was convinced that she spent her days sitting behind the hedge with a bag of dead chickens, thowing them out in front of passing tourists...

8
0

Microsoft: Azure isn't ready for biz-critical apps … yet

Phil O'Sophical
Silver badge

Re: Eh?

Yes, but they'll be somebody else's servers. Servers as a Service. It's recursive, or incestuous, or something.

0
0

Steve Jobs had BETTER BALLS than Atari, says Apple mouse designer

Phil O'Sophical
Silver badge

Re: Patent ?

SRI had a mouse patent but it expired before mice really became usable.

1
0

Germany 'accidentally' snooped on John Kerry and Hillary Clinton

Phil O'Sophical
Silver badge

All part of the great game

Spying on foreign leaders is, of course, a core part of the job of signals intelligence agencies worldwide.

And "accidentally" using an open line is a core part of political disinformation worldwide...

3
0

Assange™: Hey world, I'M STILL HERE, ignore that Snowden guy

Phil O'Sophical
Silver badge

Re: Does the court case matter?

A competent and uncorrupt court can only come to its decision based on the evidence presented.

Indeed so, and that decision could well be "this evidence isn't convincing".

Well crafted fake evidence looks just like the real thing.

Evidence doesn't come in neat boxes. It consists of objects, timelines, witness testimony, and much more. In Assange's case the primary evidence is the testimony of the two girls that he continued to have sex without a condom when they had refused consent for that. Are you suggesting that the girls will be paid or threatened to lie sufficiently well that they'll convince a judge, without being uncovered by a competent defence team?

We can assume (oops I know that is dangerous) there is enough evidence (real or fake) at face value to convict Assange.

So you're prejudging the court? I would make no such assumption.

You assume that all fake evidence will be rooted out Rumpole like. When it is done by professionals that is an unsafe assumption.

And you assume that it can be crafted in such a way that it cannot be rooted out. That, I suggest, is an even more unsafe assumption. You appear to be assuming that Assange must prove himself innocent, which isn't the case. It's also why courts rely on the principle of "beyond reasonable doubt" to prove guilt.

Assange may be a narcissitic, self-aggrandizing asshole, but I've seen nothing to suggest that he won't get a fair trial in Sweden, nor any good reason that the Swedes wouldn't want him to have one.

10
0
Phil O'Sophical
Silver badge

Re: Please

I have no opinion on this person as regards his character, motives, or his legal position

Why not?

He's wanted on charges of sexual assault, which he denies but refuses to stand trial. When released on bail his first action was to jump bail, thus sticking his erstwhile friends with the bail costs. He has since spent two years hiding out in a foreign embassy with which he has no connection, at their expense, simply to avoid the risk of extradition. Every so often he pops up to make sure that people don't completely forget about him.

I'd say that gives a pretty clear view of his character, motives, and legal position. None of which looks very pleasant.

20
3
Phil O'Sophical
Silver badge
Thumb Down

Re: Does the court case matter?

How are we - or any court or judge - be able to tell the difference between a well crafted set up and a genuine case of rape?

That's why we have courts and legal systems in the first place. If you're assuming that they are all incompetent or corrupt (which is a considerable insult to the millions of people who work in them) then perhaps you should just get a bigger tinfoil hat and go back to hiding under the bed?

14
3
Phil O'Sophical
Silver badge

After two years of Ecuadoran porn, who knows...

2
1

Twitter displays our 'Favorites'. That is, like, PRIVATE, huff naive users

Phil O'Sophical
Silver badge
Facepalm

"what you favorite"

Can twitter users get any more dumb? Favorite is a noun, the verb is favo(u)r. Things that you favo(u)r are your favo(u)rites.

I suppose we should be grateful that they don't "favoritize" stuff :( What next, friendifying pepple on farcebook?

7
5

Detroit losing MILLIONS because it buys CHEAP BATTERIES – report

Phil O'Sophical
Silver badge

Re: They may indeed have used alkalines

German supermarket batteries are your friends

You need also to consider load. My experience is that for toys and other high-drain devices non-branded cells last less time, but are sufficiently cheaper to be worth it. For long-life devices like remote controls the branded cells usually last so much longer that they're worth it.

0
0

Dodgy payday loan ads make up 83% of cases probed by UK's FCA

Phil O'Sophical
Silver badge

Usury

Aren't there still laws against usury? It's hard to see 2000% upward APR rates as anything else. Rather than ban the firms like Wonga, just put a reasonable legal limit, maybe 100%, on the annual interest rate that any lender can charge, and maybe ban their TV advertsing (like they ban gambling ads). That will force the firms to police their own business.

2
1
Phil O'Sophical
Silver badge

Re: A tax on the terminally stupid

They should be left to face the consequences of their own stupid actions.

But that's not what happens. The rest of us have to pick up the bill, we get stuck with higher insurance and welfare contributions to cover the costs of helping the people stupid enough to borrow at 5000%. And if they weren't helped? They'll end up on the street stealing or begging from us, we still pay. Better to stop their stupidity (or more accurately, their ignorance) getting them into trouble in the first place.

9
2

Brit infosec firm lets hackers think they've stolen something

Phil O'Sophical
Silver badge

"contains nothing of use."

Sounds like a missed opportunity. Why not use steganography methods to put a unique watermark or other identifier into the data at the same time as the useful stuff is being taken out. Then when it appears on someone's website or social media page somewhere they can trace back to the culprit?

0
0

The internet just BROKE under its own weight – we explain how

Phil O'Sophical
Silver badge

Re: dumb question

Why can't you have an ipv6 router internet facing with an ipv4 back end?

Many reasons, not least that the IPv4 systems connected to the back end have no way to put the IPv6 address of the external system they want to talk to into the address field of the packets. Something would need to maintain a translation table.

Think of trying to address a letter to someone in China if you can only write English characters and the Chinese post office can only process addresses written in Chinese.

4
0
Phil O'Sophical
Silver badge
FAIL

Y2K

My recollection is that in fact there were no real issues, or almost none.

Which is entirely due to the considerable effort put in by my colleagues and I, and other engineers in other companies, to find and fix problems well before 1/1/2000.

Of course, we could have just waited to see what went wrong and fixed it then. Based on the bugs that we did fix I can assure you that it wouldn't have been a non-event then, believe me. Perhaps you'd have preferred that?

5
0
Phil O'Sophical
Silver badge
Coat

Re: IPv6 like OSI is far more complex than necessary

How exactly does one ride a gravy train, without drowning in brown liquid?

In a gravy boat, I suppose...

23
0

Password manager LastPass goes titsup: Users LOCKED OUT

Phil O'Sophical
Silver badge

Re: Lastpass

why is it still so crap?

Like every outsourced service, there's a reason why it's cheaper than doing it yourself: because it doesn't get done very well when you do it on the cheap. Beancounters never learn.

16
1

LOHAN acquires aircraft arboreal avoidance algorithm acronyms

Phil O'Sophical
Silver badge

or...

In the spirit of the plucky Playmonaut's thought processes in those last few metres:

¡Automated Yet Comprehensive Arboreal Recognition And Magnetic Branch Avoidance!

¡Ay Caramba!

1
0
Phil O'Sophical
Silver badge

I wouldn't have hoped that any modern flying vehicle would be equipped with a

Reinforced Arboreal Detection And Repulsion system.

Sorry, I know it's polite, but I'm in work...

2
0

US 911 service needs emergency upgrade and some basic security against scumbags

Phil O'Sophical
Silver badge

Re: Think of the children ...

I assume that given his age no action was taken against him?

Which is the ain problem, of course. To deter people from making hoax, or even plain stupid ("Facebook is down") emergency calls, the only solution is to slap them with an appropriate punishment that will act as a deterrent.

We had a few bomb scares when I was at school, and the resutant evacuation into the street, watching the fire engines arrive, etc. was all good fun (for 13-year-olds). The inevitable result was that some pupils started calling in hoaxes. For an adult the consequences would have been a jail term, but that's inappropriate for thoughtless kids just being stupid. The headmaster simply announced that every hour lost in hoaxes would be made up on Friday afternoon/evening for the entire school. They stopped.

11
0

World's only flyable WWII Lancaster bombers meet in Lincs

Phil O'Sophical
Silver badge
Thumb Up

Re: Love that noise

Many years ago I was driving round the Heathrow perimeter road, to return a hire car. I was just passing the end of the runway when the whole world started to shake. I looked up though the sunroof to see what the hell was making that noise, and found myself looking straight into 4 purple afterburner cones of a Concorde climbing away. Beautiful, visually and audibly, and stunning in more ways than one!

8
0

Nuts to your poncey hipster coffees, I want a TESLA ELECTRO-CAFE

Phil O'Sophical
Silver badge

Re: Decent morning beverage?

In my experience Costa also does a better and more consistent double espresso (a proper morning beverage) than any of the indies who think that an espresso just means a small cup of weak coffee. Nero comes a distant second.

4
0
Phil O'Sophical
Silver badge

Re: Move to the US

Free refills? So that when you finally get the coffee/sugar/milk ratio right, and are halfway through your drink, some arsehole zooms past and brims it with coffee again?

4
1

Twitter can trigger psychosis in users

Phil O'Sophical
Silver badge
FAIL

Re: @Dan 55 (was:To say nothing of the addiction factor ...)

She's not my niece, she's my Wife's brother's child.

So she's your brother-in-law's daughter, which makes her your niece. From the OED (and all other dictionaries I checked):

niece, noun:

A daughter of one’s brother or sister, or of one’s brother-in-law or sister-in-law.

Adoption makes no difference, and I doubt she'd thank her Uncle Jake for considering that her adoption made her somehow less of a family member.

18
3

Digital dongle transforms European XBOXen into tellies

Phil O'Sophical
Silver badge
Coat

Siri, Who's on first base?

- what’s on BBC One?

- I'm sorry, Watson is on BBC Two

- No, WHAT IS on BBC One?

- "What" is an ITV show, shall I select ITV?

5
1

Brit kids match 45-year-old fogies' tech skill level by the age of 6

Phil O'Sophical
Silver badge
Coat

Re: DON'T PANIC

telling little Johnny that he's useless because he can't compile a Linux kernel.

If he hasn't mastered a single syllable word like "Make" by the time he's 6, he is useless.

4
0

UK.gov eyes up virtual currencies, fingers red tape dispenser

Phil O'Sophical
Silver badge

Re: They can regulate it

That's not the job of politicians, it's why they have civil servants. The definition will be established by the men in grey suits in the Treasury who do know all about virtual currencies. The politicians' job is just to get the rules through Parliament and grandstand about them.

0
0

Gmail gains support for non-ASCII email addresses

Phil O'Sophical
Silver badge

Re: More work

brings us closer to using a single global language (and therefore understanding each other better) must be a good thing.

I disagree. A single language won't necessarily help either with better understanding, or bringing people together. Some languages are better than others at expressing certain concepts, which is why art and culture are so often tied to language.

To take a trivial example, when people use the term "free software" they always have to clarify whether that's free as in "free beer", or as in "unconstrained". That's a confusion which can't happen in French and other latin-based languages.

What brings people together is an interest in, and appreciation of, our differences. Homogenizing language, like homogenizing society, won't bring people together. If anything it drives them apart as people look for other ways to be different.

2
1
Phil O'Sophical
Silver badge
Thumb Down

Re: More work

some bugger will start using an "illegal" email address that is not illegal anymore and it will be rejected by my code

So stop making assumptions about what's "legal". Are you one of those website developers that rejects "+" signs in phone numbers, or insists that addresses must have a "State" value?

Remember the Postel doctrine as stated in RFC1122 ("Requirements for Internet Hosts -- Communication Layers"): Be liberal in what you accept, and conservative in what you send.

5
1

What's the point of the Internet of Things?

Phil O'Sophical
Silver badge

Re: No, Trevor...

ask a friend/neighbour/family member to pop round and replace the fuse for you.

And when it blows again straight away, then what? Leave the poor sod feeling obliged to cram all the stuff in his freezer to "save" it, or to call a repair tech and have to take a day off work so he can wait in?

Life's too short to expect other people to deal with my problems. The freezer's insured.

2
0
Phil O'Sophical
Silver badge

Re: Fishtanks are useless

What;s he going to do when he gets a message to say that a malfunction has boiled all his fish, spend the rest of his holiday crying into his beer? Rush home to look? Will his travel insurance pay for his changed flight when it turns out that it was a system glitch, or a hoax due to lousy fishtank control security? If he's that worried what does he go on holiday for, it certainly isn't to "get away from it all"?

Anyway, do him a favour and show him how to setup a webcam, then we can all watch his fish :)

2
3
Phil O'Sophical
Silver badge

Re: No, Trevor...

Technology can help, even with hard problems.

Indeed, but that doesn't require an IoT.

I have an alarm on my freezer that will tell me if it gets too warm, and a max.min thermometer on it that will even let me see if it got too warm (extended power outage?) while I was away. I can check that when I get home.

Would I want it to send me an SMS when I'm lying on a Caribbean beach, to tell me that my garage will be stinking of rotten meat when I get home because the freezer fuse blew? No way, why run my holiday for something I can't change?

So much of the suggestions for IoT seem to relate to "after the event" problems. Call me at the airport to say I left the gas on, email me at work to say that someone rang the doorbell when I was out, etc. Technology has its advantages, but I neither need nor want to be permanently connected to all aspects of my life at all times. I don't think I'm alone in that.

4
1
Phil O'Sophical
Silver badge

Look at it the other way

...knew what we had in the cupboards and could recommend healthy meals, including information on cooking timeframes, complexity, etc.

I think you're trying to fit a problem to a predefined solution. The fridge doesn't contain a selection of random items like a masterchef contest, it contains things that you bought. Rather than having some sort of AI analyze the contents and suggest meals, would it not be better to have some collection of favourite recipes in a database/filing cabinet/whatever, and then shop to match those?

Either way, you don't need stuff conencted to the internet for that.

0
1

Whoops, my cloud's just gone titsup. Now what?

Phil O'Sophical
Silver badge

four nines that allows for an outage of 5256 minutes

No, 53 minutes, it's 99.99%. 5-nines is generally taken as no more than 5 minutes downtime per year, or more realistically 1 hour per 10 years, since few people install services for only a year.

A bigger problem is that such a simple calculation only works for a total outage. What if your network is struggling due to, say, a DDoS on the cloud provider, but some traffic is getting through? Or some of your apps are running but some aren't? What number of nines does that give you, and how do you write an SLA for it?

5
1

Surprise! Government mega-infrastructure project cocked up

Phil O'Sophical
Silver badge

All depends on your audience

I can't help thinking that if this discussion were to be held on a transport enthusiasts website it would be full of people raving about the need for HS2, and dismissing FTTH as pointless.

2
0
Phil O'Sophical
Silver badge
Coat

Re: UK still leads the way in ripping off the taxpayer

cows rarely use their service.

EU rules on live animal transport won't let them, they're too crowded.

2
0

African samba queen: Don't cut off pirates' net connections – cut off their FINGERS

Phil O'Sophical
Silver badge

Re: Suffering

Co-op staff apparently have the same problem.

1
0

Verizon to FCC: What ya looking at? Everyone throttles internet traffic

Phil O'Sophical
Silver badge

The problem there is what happens if the Telco increases capacity as happened to me, some new

cable & upgraded modem firmware bumped my long line from 2Mbit/s to 3Mbit/s. Would I have been happy to have my bill increased by 50%? It goes both ways.

Asking Telcos to bill by use would be a big step backwards, it took a long time to get to flat rate pricing, and I'd rather have capped flat-rate than per MB/GB/etc.

Agreed, of course, that if they offer unlimited it should be unlimited, but the only way to stop that is for the FCC/Ofcom/etc. to really clamp down. No ISP is going to be the first to remove "unlimited" tariffs if their competitors still offer them, no matter how non-unlimited they may actually be.

1
1

BAD VIBES: High-speed video camera records your voice from trash

Phil O'Sophical
Silver badge
Headmaster

Mary had a little lamb?

Wasn't that Edison's test, not AG Bell's? Bell's famous line was "Come here Mr. Watson, I need you"

6
0

It's WAR: Internet of Stuff firms butt heads over talking-fridge tech standards

Phil O'Sophical
Silver badge

Re: Cor what a great idea.....

my fridge will be able to tell me I'm out of milk, but I just threw away the carton and noticed

And of course now when you're going on holiday and have deliberately run the milk down to zero you have to remember to tell the fridge as well, otherwise you'll get home to 10 litres of sour milk and a kilo of rancid butter on the doorstep because the fridge kept ordering more...

6
0

Ad biz now has one less excuse to sponsor freetards and filth

Phil O'Sophical
Silver badge

How will this play with browsers that are configured with adblockers? Will it let the advertisers see who is blocking their ads, and perhaps allow them to circumvent the block, or suppress the display of wanted informatiion unless the user accepts the ads? Or allow them to "punish" websites who have a high percentage of adblocker users?

8
0

Remember Palm's WebOS? LG does – check out its smart TVs

Phil O'Sophical
Silver badge

Re: Wrong priorities

have you considered getting a second hand AV amp

I have, a new one even, but I already have the TV hooked up to a good audio system with a Dolby surround decoder (I agree 100% with the comments on the quality of TV built-in speakers), and I don't really want to replace it just to add one with an HDMI switch. Not to mention all the additional back & forth cabling between the unit with the TV and set-top boxes and the alcove where the hifi stuff is.

A separate switch is the obvious and probably inevitable option, it's what I had to do when everything was SCART-based, but it's yet one more box and one more remote control that shouldn't be necessary. HDMI sockets aren't physically clumsy like SCART ones, adding a few more to a TV PCB wouldn't be that hard, or expensive.

0
0
Phil O'Sophical
Silver badge
WTF?

Wrong priorities

I can't say I care much about my TV being smart, I hardly ever use the "smart" stuff on my Sony, but only 3 HDMI ports, FFS?

I have a Sky satellite box, another satellite box for European TV and a NowTV box. I occasionally plug my camera in to see recently-taken photos. In the future I want to add Blu-Ray, and I can see other people adding games consoles or a connection to a PC or other media streamer. Even my 4-HDMI-port TV is already full.

Forget the SMART crap, just put 6 HDMI sockets as a minimum. Plus S-Video or YUV component and RGB for the legacy stuff (like my DVD recorder).

11
0

Call off the firing squad: HP grants stay of execution to OpenVMS

Phil O'Sophical
Silver badge

Re: The whole 9 yards

Anyone know what languages VMS was principally written in?

From what I remember of the microcode, the core parts were Bliss32 and Macro32 (essentially VAX structured assembers) with some leftover Macro16 PDP code still there. The utilities were in everything, I remember seeing Fortran and Pascal, even some ANSI Basic. Hopefully the Pascal at least has long gone.

All that would surely have changed for the Alpha ports, though? I never had a chance to play with it post-VAX.

0
0

Plug and PREY: Hackers reprogram USB drives to silently infect PCs

Phil O'Sophical
Silver badge

Re: Can you still buy memory cards/USB sticks on EBAY?

10 Years ago it was common for usb devices to include keyboard emulators to install software.

I've had freebies from trade shows which look like USB thumbdrives, but which just pretend to be a keyboard and open a browser pointed to the supplier's URL. This sounds like the same idea, and you don't even need to have the malware on the device, just on the website.

As always, the only safe solution is not to connect things to your computer if you don't trust them 100%. For freebie giveaway thumb drives I always put them on a Unix or Linux box & reformat them first, before they go anywhere near a Windows PC. I would guess that this sort of malware attack will produce errors if plugged into an OS it isn't expecting?

3
0