* Posts by Cuddles

143 posts • joined 3 Nov 2011

Page:

Don't look now: Fujitsu ships new mobe with EYEBALL-scanning security

Cuddles

Re: Standard biometric flaw

Does it matter? A swipe pattern or 4 digit PIN isn't secure either, and can often be figured out just by looking at the smear pattern on the screen. Many people still just use the "swipe left to unlock" thing, because all they want is something to stop them accidentally pressing things while their phone is in their pocket, not a security feature to prevent people with physical access to the hardware from being able to hack it. Sure, biometrics (at least as presented so far) are not good enough for real security, but they're still harder to fool than the most common measures currently in use. Getting a picture of someone's eyeball is more difficult than noticing the picnic table shaped smear in the middle of their screen.

Anyone who thinks biometrics like this will solve all our security problems is obviously wrong, But anyone who thinks that just because they won't solve all our problems they must be completely useless is just as wrong. Is it more secure and/or more convenient than other common measures? If so, it doesn't have to be perfect in order to be useful.

I find by far the biggest flaw is one that hardly seems to get a mention - I don't want to have my phone locked to my person. If I'm driving, for example, it's quite handy to get someone else to mess around with music, satnav, etc.. I don't care how secure biometrics might be if it means I can't let someone else use my phone. Hell, facial recognition and iris scanning mean even I can't use it if I'm in a situation where I can't stick the phone in my face for some reason (again, skipping music while driving is a common situation, or even just turning the screen off until I reach the part of the journey where I actually need directions).

3
0

Back to the Future: the internet of things as imagined in 1985

Cuddles

Re: Why the obsession....

Smartphones as remotes is actually one of the more sensible parts of the whole IoT thing. The alternative would be to have a different remote for every single device you want to control, which would quickly turn into an epic clusterfuck with piles of remotes everywhere and no idea which one you actually need in any given situation (inevitably it will be the one you can't find and/or the one with the dead battery). Of course there's the possibility of getting a significant proportion of manufacturers to agree to a standard and allow everything to be controlled from one remote. Which is exactly what phone already are.

Sure, phone batteries don't last forever. Neither do any other batteries. Since everyone interested in IoT stuff is guaranteed to have a phone, coming up with competing standards, extra remotes, and so on, just makes everything massively more inconvenient while not bringing any actual benefit.

The real problem you raise isn't with smartphones as remotes, it's with using remotes at all. If turning my lights on using a remote is no more convenient than doing it normally, then what is the point? Whether that remote happens to be a phone or not is irrelevant, it's the lack of benefit regardless of the specific device that is the issue. There's almost certainly a place for smart building management - lights that turn on and off automatically when you enter and leave a room certainly are more convenient than using a switch, for example, even if the benefit is somewhat minor - but faffing around with remotes and apps just doesn't make things any easier than a simple physical switch.

2
0

UK safety app keeping lorries on the right side of cyclists

Cuddles

Conflicting safety issues

This sounds like a great idea if you only take cyclist safety into account. However, it's very well established that right-hand turns are far more dangerous, as well as much slower, than left ones. This is why roundabouts are good, since they turn everything into a left turn, and is why navigation apps that avoid right turns even if it means a longer route with multiple left turns around a block have been shown to be very successful in trials.

Doing the exact opposite and forcing lorries to turn right more may help a few cyclists at some specific junctions, but it will be severely detrimental to overall road safety, including for those same cyclists.

8
0

Rip up your AMD obits: Gaming, VR, embedded chips to lift biz out of the red by 2016, allegedly

Cuddles

I like the first slide

Step 1: Make profit.

Step 2: Profit!

The little footnote noting that it won't actually be a profit if you count it properly is just the icing on the cake.

0
0

Ryanair stung after $5m Shanghai'd from online fuel account

Cuddles

Blocked?

"The transfer was subsequently blocked, but the funds... are yet to be recovered."

If the transfer was blocked, why would they need to recover anything?

0
0

App makers, you're STILL doing security wrong

Cuddles

Re: Security!=privacy

"People get understandably edgy when they realise information about their private network environment is surreptitiously siphoned off"

But not edgy enough to actually do anything about it. People are happy to whine when some sort of data slurping happens to make the popular media, but they still blindly agree to anything and everything an app wants when they install them. It's all very well to criticise app makers for bad practice, but there's simply no incentive for them to make an effort since they know virtually no-one actually cares.

0
0

When THINGS attack! Defending data centres from IoT device-krieg

Cuddles

Criminals aren't the problem

"The pay-off for hacking home devices is not obvious for cyber-criminals"

The thing is, there doesn't need to be any pay-off for criminals. Even if there is never any possible profit to be made from hacking your fridge, someone somewhere on the internet will find it hilarious to make it order you 100 pints of milk, or switch it off and make everything go mouldy. Even more so if there's a camera somewhere handy so the results can go on Youtube. I think a large part of the problem with IoT security (and lack of it) is that too many people think in terms of what criminals might get up to and reason that there's just no incentive for anyone to hack these things so why worry. What they don't take into account is that some people are just dicks.

8
0

Got a Samsung Galaxy S5? Crooks can steal your fingerprint – claim

Cuddles

It's not about security

I don't think I know a single person who actually makes an effort to keep their phone secure. The vast majority have a simple swipe to unlock; often a pattern but frequently just the basic "swipe left to unlock" thing. Even those that opt for something more secure rarely have anything more than a 4 digit PIN. And of course, any of these can be easily compromised in similar ways to fingerprint sensors, as well as much simpler ways such as looking at the pattern of grease marks on the screen. Most people aren't looking to lock down their phone from dedicated criminals with plenty of time on their hands, they're just trying to avoid accidentally calling anyone while it's in their pocket and stopping people posting random shit to Facebook when they leave their phone on the table.

Sure, fingerprint sensors are not perfectly secure, but at the very worst they're no less secure than any of the other methods the vast majority of people use to lock their phones. If you're looking to protect valuable company secrets then blindly assuming you're safe because of fingerprints would be a bad idea, but the constant cries that fingerprint sensors are a terrible idea and should all be binned just because they're not the perfect security solution are just silly. They're more than good enough for the use of the vast majority of users. In fact, the biggest problem is that they're actually too secure - if I'm driving and want someone else to mess with the satnav or music I can tell them what swipe pattern to use, but I can't give them my fingerprint.

0
0

Boffins laser print flexible transistors

Cuddles

Re: No mention of how fast these transistors are

From the article:

"They reckon performance is just fine as well: “thin-film transistors using the laser-printed layer exhibited mobilities as high as those of conventional poly-silicon conductors”, the release notes."

Sure, it doesn't give a solid number in Hz, but you can't really claim there's no mention of how fast they are when it clearly says their performance is just as good as regular transistors.

0
0

Australia mulls dumping the .com from .com.au – so you can bake URLs like chocolate.gate.au

Cuddles

Wait, the UK moved everything from .co.uk to just .uk? When did this happen, and why am I reading about it at theregister.co.uk?

0
0

Samsung's PCIe flash card: Slim, speedy, and just nibbling power

Cuddles

"Try reading the whole post that you are replying to"

Very good advice.

"1760 square millimetres. The spec allows up to 30x110 which is 3300 square millimetres, or 1.875 times the area"

Perhaps if you'd followed your own advice, you'd have noticed that volume is the relevant quantity, not area. You're comparing the area of something 4mm thick to something over 20mm thick. Perhaps instead of insulting others and pretending they haven't read something that they very obviously have (hint - try and figure out where the volume I quoted comes from), you should actually try not only reading what you're replying to, but at least pretending to have the slightest bit of common sense.

2
1
Cuddles

"Kingston 1TB hyperx usb flash drive - dimensions 72mm x 27mm x 21mm - uses NAND flash."

Try posting numbers instead of guesses indeed. Maximum thickness of M.2 is 4mm (1.5mm components on either side, on a 1mm board). That Kingston drive has almost 4 times the volume of the maximum allowed by the M.2 spec.

4
1

Google's new scribble-tab-ulous handwriting interface for Android

Cuddles

Re: Swype?

Swype is great on phones, but I don't find it any faster than normal typing on a tablet-sized touchscreen. If the recognition is accurate enough handwriting would certainly be faster, and if you're just taking notes for things to be written up properly later you don't need perfect accuracy anyway. The main problem I can see is that in order to use handwriting recognition you kind of need something to write with. Just using a finger isn't going to be anywhere near as fast or accurate as a stylus, and very few phones and tablets come with one these days.

1
1

Health apps and wearables make you nervous, not fit, say boffins

Cuddles

Re: The mind boggles.

"Humans have been living quite healthily for several hundred thousand years."

No they haven't. For the vast majority of that time, humans have been living extremely unhealthily, with high death rates mostly due to poor nutrition and easily preventable diseases. For all the fuss about obesity and so on, humanity is far healthier now than it has ever been at any time in its entire history. Wearable tat may not be the gateway to the next big improvement, but to dismiss modern innovation on the basis of a purely imaginary past is just stupid.

On a different note, I wonder how much of the appeal of all this wearable nonsense is a cultural thing. Americans make a big fuss about constantly monitoring everything they can, with multiple full-body health checkups every year and regularly seeing psychologists and other medical professionals despite not actually having any problems being considered not only normal, but actually necessary. Obviously this is in large part due to money - doctors make money from people coming to see them, so they tell people they need to come and see them as much as possible. In countries with national healthcare, however, the attitude is more "Stay the hell away from us unless there's actually something wrong with you". So I wouldn't be at all surprised if there's a big difference in enthusiasm between America (and presumably other countries with similarly privatised healthcare) where as much monitoring as possible is considered desirable, and other countries where we've generally just not bothered about it.

10
1

Google research bods hope to LICK BATTERY life limits – report

Cuddles

Re: Just 4 people working on this?

Indeed. People love to complain about there being too many stories about battery research that never amounts to anything, but what that actually means is that there are thousands, of people in numerous universities and businesses working on improving batter technology. Sure, most of the articles that hit the media are nonsense based on very preliminary research or untested new ideas, but it at least shows that there are lots of people working on lots of different approaches to things. Google having a couple of people also thinking about it in their spare time just isn't relevant at all. Before this article, we knew there were thousands of people working on batteries. Now we know there are thousands of people working on batteries, and a couple of them happen to be funded by Google. So fucking what.

0
1

+5 ROOTKIT OF VENGEANCE defeats forces of gaming good

Cuddles

Re: Streaming does have its advantages

"There's nothing more frustrating than to play a game and be constantly picked off by someone not because of skill on their part but simply because they've got better broadband"

...streaming. If people having better broadband is a problem now, a solution in which quality of broadband is the only relevant factor really isn't going to help. If your internet is so bad that it can't keep up with the small amount of data transferred by client-side games, how is it going to cope when the entire game needs to be streamed? Your solution means that instead of people with bad internet potentially having a sub-optimal experience in some games, they won't have any experience with any games at all.

"Latency is already a fact of life for multiplayer and that's why things can suck for someone caught on a bad connection or who didn't spend a fortune on a top end PC."

Nonsense. Connection latency is a problem in keeping clients and servers properly synchronised to each other so everyone sees the same things happening at the same time. The price of your PC is utterly irrelevant to that. It's a function of your internet connection, not your GPU. However, streaming games introduce an entirely new latency between the controller and the game, and that certainly is not a fact of life as things stand. Streaming doesn't fix the connection latency because there will still be just as much lag between an event occurring and your local client knowing about it (in fact more, since as noted above there needs to be more data transferred), but it adds additional latency in places that no current games have it. It's just a terrible idea from start to finish.

"A relatively thin client software could ensure that everyone in the game gets the same graphics, the same framerates"

Fuck everyone else in the game. If I can afford a better PC that can display better graphics and higher framerates, why should I be punished just because other people can't? Do you plan on taking away my house and car as well just because not everyone can afford their own? Forcing everyone to live in tower blocks and take the bus everywhere would ensure that everyone has the same quality of living, but no-one actually thinks that's a good idea - even communist dictators who claim to advocate such things make it clear that it's only a good idea for everyone else, not themselves. What is so special about computer games that mean we should all be dragged down to the level of the lowest common denominator? It would be great if we could all live in mansions with nice cars, fast computers and good internet, but in the absence of such a utopia, taking all the nice things away from people who have them in the name of equality is not the way to do things.

7
1

A MILLION Chrome users' data was sent to ONE dodgy IP address

Cuddles

Popular?

"The extension apparently allowed users to capture screenshots and save them for later editing"

Why would an extension that does nothing other than replicate the "print screen" key be popular? When it comes down to it, security is a numbers game. As mentioned by others above, unless you only use things you've written yourself, there's always some risk that you'll end up unknowingly running some malicious software. The more useless shit you install, the more likely that becomes. The moral of the story is not to read all the entirely accurate and well thought out user reviews before you install it, but simply not to install piles of functionless shit in the first place. This malware may have been removed now, but no doubt the people who used it still have browsers crammed full of toolbars and other crap and are no more secure than they were before.

3
4

EE springs Wi-Fi phone calls on not-spot sufferers, Tube riders

Cuddles

"Seamless?"

Is that seamless as in it will switch between cell towers and wi-fi mid call, or seamless as in you don't have to launch an app because they've already installed it for you on your EE branded phone? Because as far as I can tell it's actually the latter, and the only thing to distinguish it from 3's identical service is that EE will hide the app that does the work.

0
2

Halifax's '24/7' online banking service is down YET AGAIN

Cuddles

"advertised as being available 24/7, 365 days a year"

To be fair, it would be a pretty weird online system that wasn't advertised as that. The internet doesn't go home in the evening. "Available 24/7, 365 days a year, except when we cock up and break everything" might be more accurate, but that last part can generally be assumed no matter who you're dealing with so it shouldn't need to be advertised explicitly.

0
1

Project Spartan: We get our claws on Microsoft's browser for Windows 10

Cuddles

Annotation?

So I can draw on a page and then send it somewhere as a picture. How exactly is this different from just hitting print screen, pasting into Paint/Powerpoint/Whatever and doing exactly the same? Maybe MS should focus on actually making a browser, instead of wasting time on pointless gimmicks to replicate things we can already do.

1
2

700,000 beautiful women do the bidding of one Twitter-scamming man

Cuddles

Re: Effective?

The thing is, this is exactly the problem Twitter and the like have - they keep adhering to the 99 slaps principle, but it's not actually applicable to them. If you send out a bunch of spam and only get a couple of replies, that's a couple of replies you can make a profit off. If you send out a bunch of spam twats and get a couple of people to click "follow", you still haven't actually done anything useful - those people will forget they ever clicked that button within a couple of minutes, and any posts that happen to turn up in their feeds will be just one more tiny drop in the sea of spam they see every day. This is why Twitter has still never made a profit and why studies keep showing that merely getting "likes" and "follows" does not actually translate to improved sales.

The trouble is basically that success of marketing is generally judged by engagement with customers. Traditionally, that means customers actually visiting your store (or whatever), with a certain proportion of those going on to buy something. Hence pay-per-click advertising and the like. But once you add Twitter and Facebook into the mix, the only engagement measured is how many people click the "like" button. It's assumed that a certain proportion of those will then buy something in the same way as if they'd actually followed a link to a shop, but the problem is that there's no evidence that actually happens. People who visit a shop might wander around and buy something, but people who click "like" just forget about it two minutes later. People who visit a shop might click "like", but there's no evidence people who click "like" are any more likely to visit your shop than those who don't.

0
1
Cuddles

Effective?

"The tactic using obviously fake profiles with avatars of attractive women to score reciprocal follows is sadly "remarkably effective", Narang says."

Sure, it's effective at getting people to click the "follow" button, but is it actually effective at doing anything more than that? Studies have shown over and over again that getting followers on Twitter, likes on Facebook, and other similar crap, does not actually translate to getting customers, or even improving brand awareness. Clicking a "like" button costs people essentially nothing, so they're happy to do it even if they have no intention of ever doing more than that. Sure, this spammer managed to get people to follow pretend accounts with attractive pictures, but is there any evidence those followers actually signed up to anything and made him money?

1
2

Motorola Mobility loses another patent suit to über-troll Intellectual Ventures

Cuddles

Re: I blame the jury.

As I understand it (IANAL), juries are not allowed to do any research or use any of their own knowledge, they are only allowed to make decisions based on what they are shown in court. If the defence didn't present any prior art then it doesn't matter how much might exist, the jury can't say anything about it. The article suggests that the defence relied entirely on arguing that the patent was invalid because it was too obvious, and didn't mention prior art at all. If that's the case, the fault would appear to lie entirely with Motorola (and the trolls for bringing it to court in the first place of course) - there's nothing judges or juries can legally do if you don't give them the relevant information.

1
0

Ford: Our latest car gizmo will CHOKE OFF your FUEL if you're speeding

Cuddles

Re: Bad training

"The 10K hours rule is also a myth.."

I wouldn't call it a myth. Certainly the idea that you need exactly 10k hours, no more, no less, would be ridiculous, but as a nice round number representing the idea that you need to spend a lot of time doing something to become an expert, it's really not that bad. It's often brought up in relation to musical instruments, and that's not a bad analogy here. Not everyone needs to spend decades of their life dedicated to being one of the world's best, but the drivers we allow on our roads are the equivalent of an 11 year old strangling a cat with their violin. Or worse, someone who was once like that but is now in their 30s and hasn't touched a violin once in the intervening 20 years but is still treated as if they are a competent professional musician.

10k hours certainly shouldn't be taken as gospel, but it's a good illustration of the gap between the practice and experience required for competence/expertise, and what we actually require of people before letting them loose on the road.

I should also note that I'm well aware of the problems actually requiring a sensible amount of practice would cause - no-one would be able to drive before their 30s and most people would never be able to find the time and money to manage even that. The trouble is that as things stand, since finding a solution is tricky we, as a country, just throw up our hands and don't even bother looking for one. Instead of thinking about how to produce good drivers, we just make stupid laws punishing people for not having the competence we never required them to have in the first place.

0
0
Cuddles

Re: Bad training

I don't disagree, but I think the far bigger problem is the lack of meaningful testing at all and the lack of any requirement for actual experience. It's generally accepted that you need 10,000 hours or so of practice to master a skill. Yet you're given a full driving license with no further training or checks after just a few hours (I'm not sure exactly how much training I had, but it can't have been more than 20 or 30 hours at most). And if you then don't drive for the next decade, you're allowed to get straight back in a car with no concern for how much you might have forgotten. Or you can drive for the next 70 years with no concern for how your skills might have deteriorated over that time. Perhaps most ridiculous of all is that it's actually illegal to learn how to drive on motorways until it's legal for you to freely use them unsupervised.

There's a reason most jobs have regular appraisals, and things like first aid and coaching qualifications, even just for hobbies, require regular training and evidence that you're keeping your skills current. But for some reason with driving you get a single test once and you're good for the rest of your life. No amount of laws telling people what they should be doing or technology to try to force them to do it can compensate for not actually teaching them to do it properly in the first place and regularly checking that they're still competent.

5
1

Snowden dump details Canadian spies running false flag ops online

Cuddles

Title seems a bit off

"running false flag ops"

Compare and contrast with:

"claims it has the ability to run "false flag" operations"

Even the most nutty conspiracy theorists don't tend to accuse Canada of much, and given that the point of false flag operations is to create an excuse to attack or otherwise discredit an opponent there really doesn't seem to be much point in them doing so since, unless my awareness of global politics is rather off the mark, Canada isn't actually looking for any such excuse at the moment. I have little doubt that any spy agency would love to have the ability just in case in might come in handy, and would likely claim to have it just to make themselves look good even if they didn't, but that's very different from accusing them of actively engaging in such things as the article title does.

0
0

Ransomware holds schools hostage: 'Now give us Bitcoin worth $129k, er, $124k, wait ...'

Cuddles

1981?

I finished school in 2001 and we didn't have any meaningful computer use, and certainly no internet. You really don't need to go back to before I was born to find people using pen and paper.

0
0

BT Home Hub SIP backdoor blunder blamed for VoIP fraud

Cuddles

"it had a weaker password (though I wouldn’t have called it insecure by any means) and the attackers had managed to crack that."

I'd say the second part rather contradicts the first there. The definition of a secure password is essentially one that will take an infeasibly long time to crack by brute force (as well as not being easily guessed, etc.). Given that scamming phonecalls for a couple of grand is unlikely to be the work of major nation-states throwing supercomputers at the job, I think it's safe to say that said password was, in fact, entirely insecure.

1
0

Imagination touts cheap Firefox OS MIPS slab to Chinese kitmakers

Cuddles

Re: MeToo

"It's distinguished from ARM (and x86) by having an arguably cleaner 64bit instruction set, which it has had for a long time, way longer than its competitors."

That may be true, but processor in question here is 32 bit.

1
0

Pass the Lollipop: Google creepily warms to body contact with Android lock function

Cuddles

Re: What?

Most phones will lock when not used for a certain (customisable) length of time. The idea being that if you forget to lock it, get distracted, or whatever, it won't just sit there draining the battery and open for anyone to use. The problem then being that different activities generally want locking times of different lengths - if you're not doing something that involves constantly touching the screen it can get quite annoying having it repeatedly lock itself, but if you change or disable the locking then obviously it won't be doing what you want the rest of the time.

Various people are therefore coming up with different ideas for some sort of "smart" locking feature, which tries to somehow figure out if you actually want the phone locked or not at any given time. Samsung, for example, will track your eyes and only lock the screen if you're not looking at it. This appears to be a similar sort of idea where as long as you're holding the phone, and therefore presumably interested in doing something with it even if not currently actively doing so, it will avoid locking, but will then automatically lock when you put it down. The obvious problem being that while having it stay unlocked in your hand sounds nice, keeping it unlocked while in your pocket, a bag, or whatever, it utterly retarded. As Richard Cranium notes, phones accidentally doing things while in a pocket is one of the main reasons locking was invented in the first place.

2
0

No password or PIN, but I have a fake ID. Sure, take the domain

Cuddles

"it does show a fundamental weakness at the heart of the domain name system"

Unfortunately, that weakness is humans, and there's no way to fix it without getting rid of them entirely. Sure, GoDaddy should probably make a bit more of an effort not to suck quite so badly, but as long as there are people involved at any stage of the process attacks of this sort are always going to be possible. The most you can do is try to make it a bit more difficult.

0
0

Would YOU touch-type on this chunk-tastic keyboard?

Cuddles

" ideal for people conducting street surveys"

Potentially, but the main problem I can see is that it doesn't appear to be ideal for anything else. Touch-typing on a mobile might be nice, but if it requires something the size of a small laptop to manage it, you've rather lost the advantages of a mobile.

The whole "high friction pad with magnets" seems to asking for trouble as well. Sure, it's fine when you're holding it in front of you, but what if you want to rest your arms for a minute? If the phone falls off as soon as you drop it to your side, that's not going to be much use for anyone.

1
0

Quantum computers have failed. So now for the science

Cuddles

Re: is it just me?

"We're not passing ourselves off as a peer-reviewed scientific journal here."

Perhaps more telling, however, is that there does not appear to be any mention of a peer reviewed journal at any point. You can post pretty much anything you like on arXiv. When a person who has previously published research properly in journals starts posting things outside their field only on arXiv, it certainly raises an eyebrow or two. Also of note is that Robert Brady has a total of 4 articles listed on arXiv, all addressing this topic, all co-authored with only Ross Anderson, and none actually published in any journal.

As for the actual subject of the paper, I don't see any support for the claims made. It's essentially an argument by analogy - we can make equations that look similar to those governing quantum mechanics and observe some effects that look a bit similar to quantum mechanics, therefore it must be exactly the same as quantum mechanics. This would be like taking the equations governing relativity, rearranging them to have a similar form to those of Newtonian mechanics, and then saying that because they look similar relativity can actually be derived directly from Newtonian mechanics.

In fact, that sort of thing is behind a lot of confusion in laypeople about relativity. Concepts like relativistic mass are almost entirely useless in actual physics but they became popular because they made for a nice analogy with Newtonian mechanics, for example allowing you write p=mv in both. The problem being that because in relativity that m is a function of v, the equation actually ends up meaning something completely different and behaving in a different way. The analogy makes it look nice and familiar, but obscures efforts at actually understanding. As far as I can tell this is exactly what Anderson is doing here. He can make equations that look similar and have similar results in some conditions, but that does not actually mean they are actually the same as quantum mechanics.

1
1

Visa: One million bonks a month for Europeans from next year

Cuddles

"The biggest problem with NFC payments .... is trying to get a service to use it with a phone."

Indeed. My last two phones have had NFC going back around 4 years, but neither my bank or my mobile network will actually allow me a way to use it. Hell, I've had a contactless credit card for a similar length of time, and even my local Tesco won't let me use it. Of course NFC use is insignificant when every point in the chain of banks, networks and shops all refuse to let us actually use it.

3
0

And the buggiest OS provider award goes to ... APPLE?

Cuddles

Re: Android

I don't know that OEMs are necessarily the biggest problem. By far the biggest issue Android has is that idiots will happily install every piece of malware they can find as long as it pretends to be a free fart app. It doesn't matter how secure and up to date the OS might be if the user happily gives all the malware they can find full access to everything.

0
0

Denmark tops European tech table, two other Scandis right behind

Cuddles

Re: Scandis

The article didn't claim the Netherlands is Scandinavian. Read it again - Denmark tops table, TWO other Scandis right behind. Those two being Sweden and Finland, with the Netherlands being mentioned simply as falling between those two.

As for Finland, whether it counts as part of Scandinavia or not is not all clearly defined, since Scandinavia itself is a relatively recent term that has never actually applied to a clearly defined entity and varies a lot depending on whether it's defined by ethnic groups, language, culture, political boundaries and relations, simple geography, or other factors. Iceland and the Faroe Isles are also sometimes included as part of Scandinavia. Restricting it to just Sweden, Norway and Denmark is certainly the most common usage, but it can't be claimed to be strictly wrong to include others. In particular, note that Finland lies on the Scandinavian peninsular while Denmark does not, and that it was mostly part of Sweden or the Swedish empire for a large part of the last millennium.

4
3

Mégane Renaultsport 275 Trophy: Hands-on gizmo-packed motoring

Cuddles

"You’ll note that all the in-car pictures here are taken from the passenger seat"

Pretty sure I'll note that there isn't a single in-car picture taken from any seat.

2
0

Kyocera: Torque among yourselves on our unbreakable ruggedmobe

Cuddles

S5 Active

Is not in any way "rugged". Copying the Sony Xperias and earlier Motorola efforts by slapping a bit of waterproofing on is certainly handy for ordinary consumers, but it is not even vaguely in competition with a phone that can survive being repeatedly dropped on the floor in the middle of a construction site.

It's just a shame that adding that survivability to a phone adds so much to the price. £50 more than a Galaxy S5 for a two year old processor equivalent to the Galaxy S4 (Snapdragon 400 in the S4 (soem of them at least), the Cat S50 linked in the article and this Kyocera). Obviously that's worth it if you work in an environment that will destroy normal phones, but for an ordinary consumer that's quite a price to pay for a fairly dated bit of kit.

0
0

REVEALED: TEN MEEELLION pinched passwords and usernames

Cuddles

Re: Increase the noise ?

@Roland6 - I'm always surprised it never seems to show up in the lists of commonly used passwords. Obviously you'd have to be an idiot to actually use that specific phrase since it's so well known. It's rather sad how few people actually seem to understand what that xkcd actually explained though, and just shout "Words! Dictionary!" and think they've somehow made a valid counter-argument. If you use an unknown number of words of unknown length to form a password of unknown length, a dictionary attack is simply impossible; when you have to check all words from one character length upwards, you're just doing regular brute force guessing.

It's similar to the silliness of insisting on using upper case, numbers and punctuation. Sure, increasing the number of possible characters increases the number of possible permutations, but so does making your password a few characters longer. A password that forces you to use at least one capital letter and number but restricts you to a maximum of 8 characters, as many websites do, is far less strong than one made entirely of lower case letters that is allowed to be 20 or 30 characters long or more. Yet the latter will almost always be classed as weak by sites that claim to check the strength of a password when you're choosing it.

@Symon - yes, I didn't say not to use a password safe, I was simply criticising their repetition of the myth that random gibberish is the only good password. The problem of remembering large numbers of different passwords is a separate matter, and is always going to be a problem no matter how memorable each password might be individually. I may be able to remember the lyrics to at least 50 songs, but if I use an entire song as a password for 50 different sites there's no way I'd be able to remember which song goes with which site. Passwords safes are useful no matter how you generate your passwords.

2
0
Cuddles

Re: Increase the noise ?

Password safes certainly aren't a bad idea, but that article just reinforces the myth that a good password must be an un-rememberable string of gibberish. As xkcd explained, correct horse battery staple.

2
2

BBC bins pricey Windows Media, Audio Factory goes live

Cuddles

Standardised?

"Audio Factory, a streaming tool delivering audio in the AAC codec over http. Audio Factory aims to standardise Auntie's audio delivery practices and infrastructure."

"The broadcaster is also ceasing SHOUTcast streams that use the AAC codec, replacing them with an MP3 version of the services."

So on the one hand, it's moving everything to AAC format, but on the other hand it's moving things away from AAC and using mp3 instead. Apparently this is some definition of "standard" I wasn't previously aware of.

11
0

Swap your keyless key for keyless key-less key. You'll need: a Tesla S and Apple Watch

Cuddles

An experiment to control PR

So it's an app written for a watch that they didn't actually have or test it on, in order to carry out various functions on a car that they didn't have or test it on. And said watch would not actually have done anything other than connect to a phone even in the hypothetical situation where both the watch and car actually existed. I would call this the most pointless "experiment" ever devised, but it got their name in the news associated with two popular companies, so I guess it accomplished everything it was supposed to.

0
0

Sony Pictures claims 'Nork mega-hack attack' cost it just $15 million

Cuddles

Interesting admission

The Interview cost over $40 million to produce, and made under $7 million at the box office. An extra $15 million would still only have it making half its production cost, and most of that wouldn't even go to Sony. So, Sony have effectively admitted that The Interview was a shit film that was never going to come close to making any money.

0
0

Yahoo!'s Firefox search hook-up pays off as it nicks Google's US clicks

Cuddles

Is there any reason to care?

I use all three of those search engines at different times, and I honestly can't tell the difference between them. Their results are all just as good and just as fast as each other. Google was huge back when it started because all the other options sucked donkey balls, but the only reason they remain dominant now is people have got in the habit of using them. Same with browsers really; Firefox really shook things up by providing a real alternative to IE, but there's now no real difference between Firefox and Chrome, and as cool as it apparently is to hate IE there's really little to set it apart from the others any more. While the people who make browsers and searches love to shout about how much better their product is, the majority of consumers can just close their eyes and pick and random, and get exactly the same results regardless.

0
1

Bluetooth-enabled miracle washing orbs? Are you kidding?

Cuddles

Bluetooth?

So these balls will only tell you the status of your washing machine if you're standing within a couple of metres of it? How incredibly useful.

0
0

Living with a Renault Twizy: Pah! Bring out the HOVERCRAFT

Cuddles

Re: Good idea, wrong price

Indeed. For 1/4 the price you can get a decent second-hand 125cc bike, a reasonable set of leathers, and a full training course and license fees. That gets you 130mpg with a range in the hundreds of miles, top speed of 68mph, legal both for learners and on all roads up to and including motorways (although you're insane if you actually take it on one), and just as much room for passengers and probably actually more for luggage. Usually the downsides of a bike are safety and the weather, but it looks as though the Twizy is at least as bad for both so I really can't see any reason to prefer one over a much cheaper and more useful bike.

5
0

Powering the Internet of Stuff – by sucking electricity from TREES

Cuddles

Re: If only...

Candles work the same way as incandescent bulbs - they're just low temperature black-body radiators, with the vast majority of the energy being infra-red. Candles are quite a bit cooler than most bulb filaments, so they're even less efficient at producing visible light. With bulbs only around 2% efficient to start with, that leaves candles giving off something close to 99% of their energy as heat. You don't even need a very efficient waste heat gathering process for it to be far more useful than just using the raw candle for light.

0
0

Then there were 3: Another UK mobile network borged ...

Cuddles

Majority?

"you will see that all the O2-Three spectrum is at 2100MHz or below, with the vast majority below 1GHz."

Pretty sure I won't see that at all. The table shows O3 as having 65 below 1GHz and 92 above. Far from being the "vast majority" it's actually a minority.

0
0

Dark Fibre: Reg man plunges into London's sewers to see how pipe is laid

Cuddles

Security?

"this communications infrastructure is out of sight and out of range from the potential disruption of some utility service severing a vital communications link with some misdirected digging. Needless to say, Zayo plays on this as a boon to security."

Surely it's the exact opposite. Regular cables are highly secure because no-one can get at them without digging up the road in a fairly noticeable fashion. Putting them in a sewer means anyone can hop down the nearest drain and have their way with them without anyone ever knowing about it. You trade the convenience of avoiding accidental interruptions with a somewhat greater vulnerability to deliberate ones. Although given that attacks are far more likely to happen at exchanges, the whole security angle is fairly silly anyway; it doesn't matter where you put your cable, it's the ends that people are interested in and they're going to be in the same place.

14
1

Swots explain how to swat CPU SNITCHES

Cuddles

Re: In terms of doing anything useful

I think at the moment the goal is not so much to actually do anything useful, but rather to find out if it might be possible to do anything useful. And especially to simply bring the matter to the attention of those who might care - essentially telling security types that there is information being transmitted via a mechanism that is not taken into account by any hardware manufacturer or programmer, and maybe they should have a think about it just in case. Maybe it will turn out to be completely impractical to see anything meaningful, but there are pretty serious consequences if it can be made to work.

1
0

Page:

Forums