* Posts by WatAWorld

1058 posts • joined 24 Feb 2012

Juniper's VPN security hole is proof that govt backdoors are bonkers

WatAWorld
Silver badge

In other words maybe they obeyed the law and complied with National Security Letters for years, including the mandatory condition of never speaking about it, and now they may be feigning ignorance for marketing reasons. It is at least plausible.

In which case the fault is that of the people who authorized National Security letters allow such secrecy -- those US citizens with voting rights !

In a democracy it is ultimately those who can vote in elections who are responsible for what their government gets away with.

Or maybe Juniper was just slack in reviewing its code. It may be 5 decades before we know for sure, or maybe we never know.

2
0
WatAWorld
Silver badge

It is the bureaucrats who push for domestic spying. The politicians support those bureaucrats are those who are either stupid, or who have already been subverted, or are already a part of the spy agency brotherhood.

Why else would democratically elected politicians want peaceful political groups, including up-and-coming leaders and grassroots members of their own parties, spied upon by their own government?

4
0
WatAWorld
Silver badge

Playing the Xenophobia Card

Maybe a "foreign government"?

The generalization that "governments are foreign" is always true to most of the people on the planet.

The Chinese government if foreign to the minimum number of people of any government, but it is still foreign to 2/3 of us.

Let us face it, we say "foreign government" to scare people via natural xenophobia.

For most of us the government we should fear the most is out own, that our own government or our own security services will subvert our democracy and turn it into a Chekist regime.

Our countries are more likely to loose their democratic status not due to invasion but due to internal subversion by current and foreign government workers.

We'll become like the USSR, China, Nazi Germany, Fascist Spain, Russia, North Korea, where business and government are run by the same cabals of bureaucratic psychopaths who use privileged information gained by legal spying for professional advantage.

6
0

The Firewall Awakens: ICANN's exiting CEO takes internet governance to the dark side

WatAWorld
Silver badge

He's going for the "Sepp Blatter Award for 'Excellence' in NGO Governance"

It seems to me that Fadi Chehade is going for the "Sepp Blatter Award for 'Excellence' in NGO Governance".

8
0

Man faces 37 years for sarcastic post insulting royal dog

WatAWorld
Silver badge

If the photo is so offensive you can't show us then here it would fail obscenity laws

Why can't you show us the satirical photo?

If the re-touched really is so truly horrible it is not fit to publish even in the UK, USA and Australia then I think that is a relevant fact that should be in all articles on the story because then the story isn't about lèse–majesté laws but about common variety obscenity.

So which is it? A valid story about lèse–majesté laws, or a BS tale about lèse–majesté laws surrounding true obscenity?

Does the Register editorial team think the re-touched photo really is so terrible that it would offend the sensibility of UK, US and Australian readers?

I notice The Guardian wimped out too, and they also operate in those same 3 countries, each of which has strong freedom of speech laws. Those actions by 2 reputable papers lead me to think the photo really is obscene and would run afoul of our own laws.

(If you operated in Canada, I could understand it. A check in Wikipedia or a call to Canadian lawyers will reveal Canada has both extremely broad 'hate laws' and the broadest libel laws in the Commonwealth. That is why our press is so tame, boring and yellow.)

2
1
WatAWorld
Silver badge

Re: Only in Thailand

Making fun of the king one day, making fun of slave owners the next.

And the last thing they want in Thailand is people making fun of slave owners.

6
0
WatAWorld
Silver badge

lèse–majesté is a word in American English. It's listed in Merriam Webster.

If you want to look up what these laws are, in a law text book or wikipedia, you'll need to know the proper legal term to search on. That term is in fact "lèse-majesté".

5
2

Tablet computer zoom error saw plane fly 13 hours with 46cm hole

WatAWorld
Silver badge

Windows 10 users have been complaining about poor custom DPI setting support

Windows 10 users have been complaining about poor custom DPI setting support. I see dozens of complaints on the Windows 10 Feedback site, which makes it one of the most common complaints visible.

Doubtless the young people at MS decided this was a problem that only affected us old farts and gimps and made it low priority.

MS lawyers need to step up to the plate and rectify that before there is another crash.

0
3

Chinese cyber chief plays down censorship concerns

WatAWorld
Silver badge

Re: Why?

It is a choice, neoliberalist corporate sellout, Maoi'st military sellout, or Stalinist bureaucratic sellout.

The socialists think Mao and Stalin remove our freedoms in a morally superior manner to neoliberals.

Actually neoliberals are supposedly inspired by laissez faire liberals, which is a weak form of libertarianism and stands against censorship and surveillance.

I think what you don't like about the UK's neoliberals is the paternalistic socialist streak they haven't been able to discard, which justifies surveillance.

The censorship has been done by judges, not politicians, using things like 'super injunctions'. It is hard to blame politicians for what judges do when what they're doing is exceeding legislation.

0
3
WatAWorld
Silver badge

The Chinese government slanders the Chinese people by treating them like children

It is China's government that slanders China's people, not foreigners.

It is the Chinese government that insists Chinese people cannot handle freedom of speech.

Sadly our own governments here in the west are becoming more like China's and Russia's, the gradual move is back towards the Chekism of Mao and Stalin.

6
1

Telecoms provider Oricom working with NHS fraud officers in ongoing probe

WatAWorld
Silver badge

Does being "raided" have a different meaning over there?

Their offices were "raided".

On the western side of the Atlantic that almost always means either raided by the police, or raided by the IRS with the support of the police.

So how can this not be a police matter? Does being raided have some other meaning over there?

0
0

Pirate Bay domain suspended thanks to controversial verification system

WatAWorld
Silver badge

Re: If You've Done Nothing Wrong, You've Nothing to Hide

I expect your privacy service would meet the requirements.

The requirement is not that your contact info be available to the public, but that the registrar have access to your contact info. Many ISPs offer this as a free option. They can email you, that is the important thing.

3
0
WatAWorld
Silver badge

Either you like being hacked or you like that domain owners aren't totally anonymous

Either you like being hacked or you like that domain owners aren't totally anonymous from court orders.

0
2

Russian "Pawn Storm" expands, rains hell on NATO, air-gapped PCs

WatAWorld
Silver badge

Re: Well done NATO!

Linux has a history of having bugs resident for decades before someone stumbles upon them.

That shareware has many friendly qualified expert white-hat eyes exhaustively scanning it for bugs is a MYTH.

Shareware typically has barely enough minimally qualified experts to write the code -- ask Torvalds how lousy some of his authors are! Professionals don't work for free. And the bean counters who run companies say to freeload whenever you can.

The thing is there have been far more eyes looking for vulnerabilities in Windows than have been looking for vulnerabilities in Linux or OS X, hackers, banks, governments, militaries, spy agencies, other vendors, plus MS itself.

Windows has had its security far more professionally analyzed than any other operating system.

Sure there are more off-the-shelf exploits for going after Windows, but if you're a bank, government or military, it is newly invented custom-written exploits that are the big danger, and it is much easier for corporate spies and intelligence agencies to invent a new custom-written exploit for Linux and OS X than Windows.

6
8
WatAWorld
Silver badge

Re: How do you get the data out?

As well as sending data back out the way by USB stick or optical disk, you can take over an infected machine to have it emit strong electromagnetic pulses to a monitoring device. It could do this either directly or through a peripheral device. It is a slower means of transmission, but it works.

2
1
WatAWorld
Silver badge

Opposing militaries and governments are legitimate intelligence targets

Despite the ideas of some government leaders and militaries, exceptionalism, whether by the USA or USSR, er Putin's Russia, is simply hypocrisy by rogue states. The only exceptional thing about these countries are that they are more rogue than most.

Opposing militaries and governments are legitimate intelligence targets. Angela Merkel may think she is the only German citizen who deserves privacy, but I have no problem with opposing governments spying on our government or our government spying on opposing governments.

Spying on allied militaries and governments is debatable, but it ultimately depending on what is mutually agreed. If we can spy on them, then they can spy on us.

It is the definition of hypocrisy for us to complain about them doing to us what we do to them.

However, the peaceful civilian population of ones own country is NOT a legitimate intelligence target.

It is not legitimate for Russia to spy on peaceful Russians. Likewise it is not legitimate for our governments to spy on our peaceful citizens.

How are western countries to ever hope to maintain democracies once their intelligence 'services' have transformed them into Chekist states, states where the intelligence agencies can blackmail, er uh, 'successfully intimidate' every prospective politician.

4
1

New edition of Windows 10 turns security nightmares into reality

WatAWorld
Silver badge

They're damned if they do and damned if they don't

People (journalists, reporters, hobbyists and a few IT pros) have been complaining for months that they can't turn off updates for the consumer PC version of Windows 10.

So MS gives that option to Windows 10 for the internet of things.

Now people (journalists, reporters and hobbyists) are complaining that the updates can be turned off.

MS should have modified its original plan, compulsory updates, but allowed the selection of one to fifteen days delay in downloading and applying the updates.

If Windows 10 for IofT updates can be turned off, then lazy vendors will turn them off. We've already seen this with Android, so there is no doubt this will happen. (Once they've sold the product and have their money, the best thing that can happen to that product is for it to become obsolete.)

And doubtless people (journalists, reporters and hobbyists) will blame MS for the OEMs choosing to do this, despite OEMs being independent companies making their own decisions.

And no doubt people (journalists, reporters, and hobbyists) will smear the problems of Windows 10 for IofT to all of Windows 10.

MS should reconsider its position.

1. Security updates for Windows IofT should be mandatory after a short delay.

2. Since Apple's model of cost savings by compulsory integrating security and functional updates has been widely accepted in the marketplace, updates for PCs and phones should integrated.

3. Since Windows for PCs is so much more widely used and thus is a much bigger target for hackers, those updates for PCs should become mandatory after 1 to 15 days.

17
8

Free HTTPS certs for all – Let's Encrypt opens doors to world+dog

WatAWorld
Silver badge

What can go wrong?

Am I correct that this means handing out HTTPS certificates without verifying true identity, and without identifying ownership of the domain?

Customers use HTTPS not just for encryption but to identify that they are on an organization's legitimate website (bank, government, etc.), and not some imposter website.

If I'm correct in understanding that these certificates are being handed out without identity verification then public trust of HTTPS will soon be in jeopardy.

8
14

'Hypocritical' Europe is just as bad as the USA for data protection

WatAWorld
Silver badge

Typical lawyer, stating the issue is something other than what it really is

The issue with the EU revoking the Safe Harbour agreement is NOT which of the USA or EU treats its own people better.

The issue is whether the EU meets the safe harbour agreement in regards to foreigners, specifically EU citizens.

That is the only issue.

Yes the USA grants human rights to its own citizens and residents of its own country, but NO they do not grant human rights to foreigners living in other countries. Hence the safe harbour agreement has been abrogated by the USA.

1
1

Amazon's chomping at the Brits: UK to get AWS data center region

WatAWorld
Silver badge

This wikipedia article has a table of electricity costs by country

If energy prices were the only important factor data centers would locate in countries with cheap renewable hydro electric power, like most parts of southern Canada (although Canada is also a Five Eyes country).

I'm thinking they also want to minimize communications distances to the main parties they communicate with, and simply GCHQ is a bigger user than CSEC, to say nothing of the locations of their paying customers.

This wikipedia article has a table of electricity costs by country:

https://en.wikipedia.org/wiki/Electricity_pricing#Price_comparison

There is also the tables here:

http://www.statista.com/statistics/263492/electricity-prices-in-selected-countries/

http://www.theenergycollective.com/lindsay-wilson/279126/average-electricity-prices-around-world-kwh

There is also this table of industrial (wholesale) energy prices:

http://www.isi.fraunhofer.de/isi-wAssets/docs/x/de/projekte/Comparison_industrial_electricity_prices_final.pdf

As you can see, Amazon could reduce its electricity costs by over 60% by locating outside the UK.

0
0
WatAWorld
Silver badge

Re: Really handy

I think it is perfectly charming that some people actually believe the published manuals and other sales material describing how their data is protected from spy agencies by fool-proof impregnable unbreakable measures.

Regular Reg readers should all be aware by not that there is no such thing as an implementable encryption method that cannot be broken by state-funded spy agencies.

1
2
WatAWorld
Silver badge

Re: "huge profit for Amazon.co.CaymanIslands"

Companies paying Irish taxes while extensively using services funded by taxpayers in responsible countries.

Pay taxes in Ireland and depend on US and UK communications, transportation, health, educational, diplomatic and military services to enable their commerce.

1
0
WatAWorld
Silver badge

Amazon should take shareholder value seriously and remove data centers from 5 Eyes countries

If Amazon were motivated by shareholder interests Amazon would take customer concerns seriously remove data centers from Five Eyes countries. Amazon would only be building data centers in countries outside the Five Eyes, because data centers outside of the Five Eyes countries (and outside of Russia and China) are worth more to customers than data centers inside Five Eyes countries (and Russian and China).

So what is motivating Amazon?

Why doesn't Amazon.com care about shareholder value?

Why doesn't Amazon.com care about protecting customers from state sponsored corporate espionage?

1
3

ProtonMail still under attack by DDoS bombardment

WatAWorld
Silver badge

Re: Quacking like GCHQ

"May stated, "“There should be no area of cyberspace which is a haven for those who seek to harm us to plot, poison minds and peddle hatred under the radar.”"

Sadly seeking to harm us can mean voting for another peaceful political party or campaigning for budget cuts to the internal spy agencies that work each day to subvert our democracies.

3
0
WatAWorld
Silver badge

Re: Who?

A state might use blackmail of staff, but not every intelligence agency has the field agents necessary to do this. For example, the NSA and GCHQ could not do this on their own, they'd need the CIA, MI5 or MI6.

Probably a lot of the vulnerabilities in the internet have been left there to facilitate state actors spying on the public -- what other reason could there be for sticking us with a communications system that is so inherently vulnerable?

1
0

GCHQ's CESG team's crypto proposal isn't dumb, it's malicious... and I didn't notice

WatAWorld
Silver badge

Treason against the UK and its citizens

The UK should pass laws against treason and impose them on GCHQ.

You don't need al Qada or IS when you've got GCHQ taking away your freedom and destroying your democracy.

4
0

Condi Rice, ICANN, and millions paid to lobby the US govt for total internet control

WatAWorld
Silver badge

Both the corporate world and IT professional organizations need to mobilize fast.

Both the corporate world and IT professional organizations need to mobilize fast.

ICANN is as big a threat to the internet as the NSA, and an even bigger threat than the most virulent black-hat hackers.

Fail to act now and we'll be powerlessly wringing our hands for centuries the way football clubs and F1 racing teams do, unable to do more than moan helplessly and pathetically.

6
1
WatAWorld
Silver badge

The only clock is the phony clock ICANN's sales people have told us exists.

Inventing a phony deadline is an old sales tactic and an old negotiation tactic -- there is a deadline so go along with what I've proposed (since there isn't time for you to propose an alternative).

19
0
WatAWorld
Silver badge

ICANN is using internet community money to lobby against the internet community !

ICANN is not just doing its lobbying secretly in the shadows, it is paying for its lobbying using the money of the people it is lobbying against.

ICANN is using internet community money to lobby against the internet community !

Do we need any more proof that the current imperial bureaucrats running ICANN are unfit to govern us?

9
0

Linus Torvalds fires off angry 'compiler-masturbation' rant

WatAWorld
Silver badge

Much better !!!

I have to give credit where credit is due.

Linus Torvalds is focusing on the issue, not the individual. He is not embarrassing people publicly or in front of their peers. Linus is doing his criticism the right way now.

Hopefully this will lead to more companies being willing to have their employees work on and with Linux.

2
0

E-mail crypto is as usable as it ever was, say boffins

WatAWorld
Silver badge

Re: 'Easy' ways to get and validate keys

"You can get keys with the magic command 'gpg --keyserver wwwkeys.uk.pgp.net --recv-keys KEY_ID'. Unfortunately, to work this out for yourself, you have to read the manual. You can get mutt to retrieve the correct key for a particular encrypted email by adding the following to '~/.muttrc':"

But sadly the key will be absolutely useless for general security because:

1. It does not validate who you actually are.

2. There is no way of remote acquaintances you want to communicate with or who want to communicate to obtain a key they can be assured actually belongs you.

3. Plus all the stuff about general internet insecurity (DNS hijacking, man-in-the-middle, etc.).

4. Plus the fact that as far as governments go, all encryption is breakable encryption.

5. The people who think they know so much about encryption know so little about communications they don't realize that 100% knowing who you are communicating with is the person you think they are (not necessarily their legal name, but the correct person) is absolutely vital.

6
1
WatAWorld
Silver badge

The 'Powers That Be' like crypto being unusable by laypeople

The 'Powers That Be' like crypto being unusable by laypeople.

The unfortunate thing is that no person, no corporation and no organization from the regular world (non-government) has had the required combination of courage, brains, financial independence, and a 'blackmail proof personal life' to be able to alter the situation.

3
0

Seagate’s suffering from mighty profit droop syndrome

WatAWorld
Silver badge

If Seagates drives didn't fail so frequently they might have been able to hang on

If Seagates drives didn't fail so frequently they might have been able to hang on.

1
1

Microsoft's top lawyer: I have a cunning plan ... to rescue sunk safe harbor agreement

WatAWorld
Silver badge

Re: LOCK AND LOAD!

This is Microsoft not Apple. It was Apple that tried to pull that stunt patenting Xerox's windows and icons concept.

10
4
WatAWorld
Silver badge

Is this Microsoft person totally ignorant of US law and US politics?

Is this Microsoft person totally ignorant of US law and US politics?

Under US law foreigners living abroad are not entitled to human rights. And US politics goes even further than that.

"Microsoft's plan is ridiculously straight forward: a new legal framework for handling data, where blocs on both sides of the Atlantic agree to play by each other's rules. American firms with European customers would handle their data in compliance with EU rules and vice versa."

Once the data is in the USA, as it enters the USA (and probably as it passes through the UK), the data will cease to be secure, the data will be spied upon and potentially copies made, retained and circulated, by US (and probably UK) government workers.

And once it is in the USA, no surveillance court judge is going to refuse to rubber stamp a warrant to seize the data just because the data is on some foreigner.

19
1
WatAWorld
Silver badge

Really? Putting servers in Europe would bring about The Dark Ages ?

The simple solution is to put the servers in Europe and under European law.

That will make the Europeans happy.

Just so long as Americans are not totaly addicted to having all their data shared with government workers, Americans will be happy too.

8
1

Samsung told to build bots who work for less than Foxconn staffers

WatAWorld
Silver badge

I suppose you could rail against companies putting entire computers on one chip

Nothing new about this, automation has been going on for a long time.

Locations with cheaper labour, manufacturing methods that require fewer hands, more automation, cheaper automation.

It is what we do and what they do. I've spent my career automating business processes and so have most Reg readers. We can't complain when others do the same.

0
0

Euro privacy warriors: You've got until January to fix safe harbor mess – or we unleash hell

WatAWorld
Silver badge

Re: FTFY

Yes, the EC has to make the submissive canine gesture of rolling over, raising its legs, twisting its head to expose its jugular, and peeing itself.

The only alternative, unthinkable that it is, would for the US government, US agencies, and US bureaucrats to obey the US Constitution and The Bill of Rights -- and at this point it is too late for that.

6
0
WatAWorld
Silver badge

Re: small business

Hopefully a small European company is unlikely to locate its servers in the USA.

If the USA is a cheaper place to buy web services, then maybe we need to look at whether or not the cost of providing the service is being subsidized by the NSA in order to facilitate spying.

0
0
WatAWorld
Silver badge

Re: It's all arse about tit

"There are three main reasons for people wanting to know about me: Sales, theft and security."

For people you are correct. For governments you are missing the main point.

Control.

Controlling you is the most important reason for government agencies to want to know your personal data.

Why do you think congress can no longer reign in the NSA? How do you explain someone like Diane Finestein (D Calif)? Why do you think MPs are powerless over the GCHQ? My *guess* is because we're that far down the path of spying and loosing our democratic freedom.

Some Americans like to say, "Give me liberty of give me death." But now they know they don't have freedom they wimp out on their promise.

3
0
WatAWorld
Silver badge

You've missed most of the news.

It is not that the NSA might spy on us. That the NSA might spy on us is what we thought in the pre-Snowdon days.

The NSA apparently analyses all digital data that makes it past national boarders, that goes between major US corporate locations, and stores copies of data that is unusually encrypted (email) or that has certain keywords.

3
0
WatAWorld
Silver badge

Re: Reality

"And the US authorities will simply demand the data anyway and offer the US parent CEO a choice:"

That won't work.

Consider the current situation where the USA prohibits companies doing business in the USA from trading with Cuba.

This was a big issue here in Canada just after that law was passed.

That law was negated in most countries by national laws requiring companies based there from obeying foreign laws prohibiting them trading in other countries. That is how Canadian companies have managed to continue doing business with Cuba all these decades.

Likewise many Muslim-majority countries have laws prohibiting companies doing business on their territory from trading with Israel.

This is negated by the USA having national laws requiring companies based in the USA from obeying foreign laws prohibiting them trading in other countries.

3
0
WatAWorld
Silver badge

Re: Sue 'em all, god will recognise his own

"You'll be senting DPA complaints to every website that you visit."

Contrary to American belief, there are some businesses totally located in Europe, and additional businesses whose corporate databases are totally located in Europe.

But yes, he'll be sending a lot of DPA complaints once January rolls around.

2
0
WatAWorld
Silver badge

Re: EU data protection authorities are committed to take all necessary and appropriate actions

"no different from the FAA forcing all US airlines to only use US built planes and engines "for security reasons""

No, rather it would be no different than the FAA forcing all US airlines to use only planes and engines that work for their intended purpose as defined by the consumers (airlines).

That is the thing: With the NSA apparently slurping nearly 100% our digital data the communications services are not performing their intended service as defined by the consumers (people transmitting data and their intended recipients).

3
0
WatAWorld
Silver badge

Re: EU data protection authorities are committed to take all necessary and appropriate actions

But is the slurping targeted and universal, as it is in the USA, or is it limited to communications to and from specific targets?

That is the distinction we hope there is between the NSA, FSB (and perhaps GCHQ) and the rest of the world's intelligence agencies.

3
0
WatAWorld
Silver badge

Re: One small problem with all this....

If the legislation or practices of GCHQ are as pernicious and ravenous as the NSA's are.

2
0
WatAWorld
Silver badge

Simply move or consolidate the servers to Europe

The Americans don't seem worried about privacy, so rather than shelling out tens of millions of dollars in lawyers fees (and settlements that end up 50% lawyers fees), why not simply consolidate the servers onto European soil?

Or store European accounts on European located servers, although might not be sufficient for something like Facebook where account info is shared between users on different continents.

So simply move the servers to Europe. Keep the developers and sales people where they are, and shift the servers to Europe.

0
0

Internet Architecture Board defends users' rights to mod Wi-Fi kit

WatAWorld
Silver badge

The Internet Architecture Board (IAB) should focus on its own job:

The Internet Architecture Board (IAB) should focus on its own job: Making the architecture of the internet into something that could perhaps one day be somewhat secure.

So far they're an abysmal failure.

0
1

ICANN: Just give us the keys to the internet – or the web will disintegrate

WatAWorld
Silver badge

ICANN should stop wasting time and do what the community it supposedly represents wants

ICANN should stop wasting time and do what the community it supposedly represents wants.

If the current ICANN board won't do that, replace it.

I want the Americans to release their reigns on power, but I don't want the internet run as another FIFA or IOC or UN agency.

So the Americans should hang on to control.

2
0

If you wanted Windows 10, it looks like you've already installed it

WatAWorld
Silver badge

Why didn't the article have the joke icon?

Windows 10 has only been in general release for 2 months.

Why would my failure to install something in 2 months indicate I don't ever want it?

Businesses generally don't install things they want for a year or two after it is released.

I'm planning to install Windows 10 on my test machine either end of October or end of November.

The 7% who've installed Windows 10 now -- they are crazy or are early bird testers. Sensible people will wait a few months at least.

1
0

Forums