135 posts • joined 6 Apr 2012
"FINALLY!" <-Snarled 5 Year Old. Some more objective information:
Setting aside the childish headline...
There are currently 6 known and listed Bash CVEs. That number will probably increase tomorrow. (CVE stands for Common Vulnerabilities and Exposures. Each CVE describes a specific security flaw found in public software). The APPLE-SA-2014-09-29-1 OS X bash Update 1.0 patched TWO of those six. Three further CVEs have been provided with descriptions at NIST (the USA National Institute of Standards and Technology), indicating that patches have been coded and are forthcoming. One CVE remains undescribed and unlisted at NIST, indicating that no patch has as yet been coded.
I'll be keeping track of the Bash CVEs and Apple's patchfest at my Mac-Security blog. I promise not to be TOO childish. (o_O)
Go on, fandroids, you're allowed to cry
Here, have a hanky. (;_;)
The Horror Of Marketing-As-Management
A free clue: FIRE the marketing guy CEO ruining your company ASAP. Never, ever put a marketing executive in charge of your company again.
Dear Rest Of The World,
Watch what's happening to Sony right now. This proves once again that growing, thriving organizations require entrepreneurial leaders. If you want to kill your organization, by all means put a marketing executive in charge.
My credentials? I worked at Eastman Kodak while Marketing-As-Management destroyed the company. This problem has been proven to be universal in business throughout history. Here's the lesson. Learn.
In the USA, quote the Fourth Amendment then DEMAND a warrant first
He also sprinkled his blog post with a heavy-on-the-salt bit of lobbying by calling on Congress to update the Electronic Communications Privacy Act to clarify that search warrants must be obtained before a service provider's user data is sifted through by spooks.
If requested user data is relevant to US citizens within the USA, then the Fourth Amendment to the US Constitution holds. It REQUIRES a search warrant. No exceptions. Even the 'it's only metadata' rubbish is no excuse for no warrant. Take the issue to court, if the spooks insist upon traitorous behavior!
The only way US citizens on US soil can have their data slurped would be if data is legally collected from someone outside the USA with whom they've communicated. In that case, the spooks would NOT be asking for data from the US citizen, only gathering data relevant to the person outside the USA.
I'm sick of We The People in the USA being treated as idiots regarding our own Constitution by treasonous US spooks and their overlords.
Would Huawei exist without being propped up by the Chinese government?
Doubt it. That's not capitalism. So stop pretending you're 'competing' Huawei.
Pay iOS Devices Don't 'Bonk'
Unlike the dopey first generation RFC cards, there's no 'bonking' with Pay iOS Devices. You put the device in proximity to the RF field and push a button on the device. All done. On the iPhone you push the fingerprint sensor. On the Watch, if you've entered your PIN, you press on the watch face.
It will be a happy day when the cruddy, insecure first generation of RFC chips is dead and gone.
This article was published because WHY?
Moving along to something worth reading...
Does this mean Chromebooks can run Android malware as well?
What OS is currently the biggest malware magnet available for computing devices?
Well done Google. :-P
The Good Stuff Is Encrypted, So Bite Me Surveillance State
I hope the NSA has a nice snooze over the boring research and documentation stuff I store at sycophantic DropBox. The good stuff is encrypted with only my memory knowing the key. Fork over a REAL warrant, then I'll let you take a look. Until then, it's Fourth Amendment time, NSA and Surveillance State pals!
Oh and bring along some coffee for reading through my encrypted stuff as well. Totally dull and innocuous, reading and analytical processing time that's a total waste of tax payer's money, like most of the crud you traitors unconstitutionally rip from We The People.
#MyStupidGovernment in self-destruct mode. (o_O)
Good For Adobe Pushing Back The Update. Bad for Adobe, Microsoft...
The only sane, responsible and professional method of updating insecure software is ASAP UPDATING. That's what I call it. This concept of 'Second Tuesday' updating, or any set schedule of updating is 100% ridiculous and indefensible. I've heard outrageous defense of scheduled updating from outrageous people. They're consistently faulty in their bent out of shape assertions.
That Adobe delayed the Acrobat & Reader updates is excellent. Release them when they're ready. But also keep in mind that holding back security updates is plain old insane.
Please chatter away attempting to defend the sacred Tuesdays, but I'll just be laughing in response.
Re: Hey, Kevin McNamee, you claim:
"Network based anti-virus embedded on an operator’s network cannot be disabled by cybercriminals, is always on and up to date.”
The most famous case of this being totally wrong is that Target POS malware catastrophe of December 2013. The network anti-malware [the correct term, not 'anti-virus'] was in place, working, and found the infecting malware on two occasions. But human behavior within the corporation dictated doing nothing about it. Thus were 110 million customer accounts stolen. Big deal if you have the anti-malware installed and up-to-date. You have to RESPOND.
Verizon is making damned sure everyone knows they hate their customers
A few recent Verizon headlines:
"How Verizon lets its copper network decay to force phone customers onto fiber"
"Verizon caught throttling Netflix traffic even after its pays for more bandwidth"
"Verizon led massive astroturf campaign to end NJ broadband obligation"
"Verizon will miss deadline to wire all of New York City with FiOS"
"Verizon: We throttle unlimited data to provide an “incentive to limit usage""
Why are you in business Verizon? If you hate your customers so much, sell yourself off to smaller, hungrier companies who are EAGER to treat their customers with the RESPECT they deserve.
Seeing as Android is a (1) malware magnet (2) blatant iOS ripoff (3) fragmented mess…
I feel only pity for those who go the route of Android. We each are given choice as our great gift in life. If we squander our choices, we have only ourselves to blame.
This is one bad choice that anyone can change.
Thank you Kaspersky for withdrawing STUNNING stupidity.
'Done nothing wrong, nothing to fear' is classic disrespect for human rights, found in every totalitarian and repressive regime. I've had to post this quote quite a lot over the last few years, including pre-Snowden:
"They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety." - Benjamin Franklin, Historical Review of Pennsylvania, 1759.
Prizes From Heaven!
What weapon will YOU use to shoot down a drone and win a prize?
And of course: To hell with the ocean environment
This is just more irresponsible clown science that takes NO responsibility for its consequences. We're going to hear a lot about bozo science in the coming years. This example of Short Term Thinking, Long Term Disaster has to be an historical marker for a clear beginning of The Era Of Bad Science, what I also call The Age Of Trivia.
Or to put it another way: We have issues of human and planetary survival at hand. So let's ruin the oceans some more, yahoo. Gawd, we can be stupid, we self-named Homo sapiens sapiens.
So where's REAL 4G already? Nowhere.
Thanks to Marketing-Speak, high end 3G (LTE) is called '4G' to the public's face. Meanwhile, referring to the REAL 4G standard, I'm unaware of anywhere in the WORLD offering actual 4G. Once we have what's formally called LTE Advanced, we'll have real 4G.
Meanwhile, I've been seeing ridiculous references to '4.5G', which of course also doesn't exist IRL. And now we have a proposed 5G standard. Excellent! But first we have to get the Cheap, Lazy, Stupid mobile phone service providers to upgrade to REAL 4G. So what's the hold up?!
Who Innovates In The Cell Phone Business?
Just Apple. Others follow, with cheap knockoffs.
And thank you Apple for keeping UP the garden wall. I want no part of the rat's nest that is Android security OR the swamp that is fragmandroid. It's great to NOT have to go there.
Meanwhile, arm chair analcysts persist in their inner world echo chambers that amount to sleep inducing brown noise.
"So Don't Do That Again!"
Clearly, the point of this propaganda barrage against Snowden and other leakers is:
1) Just another diversionary tactic to avoid the fact that the NSA ad nauseam committed crimes against the US Constitution and We The People.
2) To instill FUD against future whistleblowing, inferring that ripping the masks off government crimes might lead to successful Muslim extremist crimes against We The People.
The NSA is now a criminal organization bent on deceiving We The People who allow them to exist. They are themselves acting as TERRORISTS, using terror to push their criminal ends onto we the good people of the USA and the rest of the world. It's time to BREAK UP THE NSA and start again!
We must REFUSE to allow the USA to become even more deeply a CRIMINAL NATION. These crimes, in and of themselves, are the greatest threat to the USA. They are internal. They are our killing disease. Who needs external terrorists when we are our own?
About Bloody Time You MS Dummies!
"Microsoft has quietly joined an industry party building 3D interactive graphics boosted by graphics chips, after 14 years spent in opposition."
It's a joy to know Microsoft's efforts to kill OpenGL have been a complete failure. Recantation!
Until There is A Verified Security Standard For TIOT…
… Lock down your networkable gadget and keep it OFF the Internet. Thousands of TIOT gadgets have already been botted and implicated in DDOS bot attacks, spam spewing, etc.
IOW: Do Not Expect TIOT devices to have viable security at this time. Instead, expect them to be hacked, bottted, zombied, surveilled and generally unsafe if networked.
Seeing As Microsoft Started Hating Java After Sun Legally Flushed J++ in 2001…
… I'm extremely surprised Microsoft didn't take a dump on Java in IE years ago!
For newbies, some background: See the section 'Sun's litigation against Microsoft" in the following article:
BTW: Some surprising Java news this week: Oracle has now begun babysitting Java on the Internet by deactivating it's JRE at the time of any new security update, or after a pre-configured time period. Profoundly embarrassing to stupid Oracle, but a necessary step seeing as Oracle destroyed Java sandboxing, the fools.
Courtesy Please Wikipedia
I give money to Wikipedia. I contribute and edit at Wikipedia. Wikipedia is BRILLIANT!
But courtesy must rule, dear beloved Wikipedia. So cut the crap and kill the monkey's selfie already. There is no point in pulling punches over the 'copyright' of third-species created content. Stop acting like a silly monkey please and just do the courteous thing. There's already tsunami waves of human on human abuse dumping on all of us every single day of our lives amidst our 'civilization'. Just be the seriously superior humane being and be kind to others when appropriate and beneficial to others.
Mmm, you're such a good friend. I know you can do it.
Perfect Google Evil:
"Here’s how Google’s director of content partnerships Tom Turvey justified the scanning: “If a work is truly orphaned, by definition it has no copyright owner to ‘opt out’ of the database.”"
The corporation as OVERLORD. Frack that Google.
Add a Clown Nose…
… and the mod will be complete.
Die NFC! Die!
"Other payment platforms – such as mobile payments rival Google Wallet – use NFC."
NFC / RFID is crap technology that should never have been perpetrated in the first place. The faster it's dead the better. Here in the USA, we still have drooling lunatics who think there's anything good about NFC.
"Gee Whiz! My credit card now has an NFC chip!"
Yeah, and the lousy thing is more than happy to dump its data when 'bonked' by any little old lady or child with an amplified card reader. The encryption/password barrier can typically be hacked by a teenager. Yeah, I want one of those things. (o_O)
Sadly, the magnetic stripe credit card is still SAFER, well as long as it's not read into a Windows XP Embedded POS card reader. These POS POS devices, please note, are equally as dangerous when reading RFC cards, despite diversionary lies to the contrary. Retail remains stuck in the 20th century.
Parents: Do Your Job Please!
Obviously, we live in an era when quite a lot of parents outright refuse to be parents and instead expect the world at large to do a lot of their job for them. Clearly, this applies to kids buying stuff online. Apple has been providing tools for years to stop kids from buying anything they like online, including through the iTunes Store. If parents don't bother to use them, that's the parent's fault, not Apple's. And yet, such lazy, irresponsible, asinine parents complain anyway, ironically emulating little children.
This is total rubbish:
"But Apple has sat on its hands and decided not to act at all, the EC claimed:
"Although, regrettably, no concrete and immediate solutions have been made by Apple to date to address the concerns, in particular payment authorisation.
"No firm commitments and no timings have been provided for the implementation of possible future changes," the EC declared."
LIARS is what I believe the EC to be, either that or profoundly and willfully ignorant. Here's a far more informative article about what Apple has ACTUALLY been doing for years, as well as what they are planning to do in iOS 8 this fall:
Would that ANY other company was as conscientious as Apple. For down arrow dingers, I dare you to name one. If you do, I'll be applauding them.
The Bracelet Of Misery :-(
Gadgets like this show just how desperate some people are to suffer. Other than that, what's it for? Making people into robots? The corporates will love that. Then they'll start stamping numbers on the robot's heads. '666, we want you as the new CEO of Dehumanization, Inc.'
Idiotic Bias Showing Much?
"Might it actually be about to make customers happy for once..." (O_o)
…And Those Who Pull His Strings…
Mr. Thomas Wheeler and those who pull his strings Don't give a damn what the MASSES of US citizens have to say about their ruination of actual/factual Net Neutrality. We The People be damned. That's what we're going to see this September.
And the rest of the world will shout for revolution once the resulting catastrophic mess becomes public and clear to all.
So long joyful Internet. The Corporate Oligarchy is taking over this place! Hand over the extortion fees and play nice or we're gonna make you hurt even worse. Sick stuff, already in action. Isn't it, Verizon?
DARPA: The Better To Murder You With, My Dear
I consider DARPA to be an abomination of humanity. How dare we? This is the exact opposite of human survival. You'd think we'd have figured that out by now. But no. Psychopathic thinking wins again.
An Insightful Person Once Told Me...
... that a sign of a collapsing civilization is its mass cultural emulation of the lower class. I've also seen this concept expressed as 'Worship of the Noble Savage'.
Etching 'Noble Savage' poetry onto the back of your iOS device certainly qualifies. (O_o) Equal opportunity obscenity makes me laugh at the people who insist upon it. If Apple chooses not to participate, that's fine with me.
As a US citizen I have to ask:
WTF does #MyStupidGovernment think it's doing? Is the point of these international crimes to destroy its foreign diplomacy? That's certainly the effect.
Is this all due to the INDUCED paranoia created by the #MyStupidGovernment enabled 9/11 incidents? Is all of #MyStupidGovernment still ignoring what REALLY happened that day? Or is this all simply more charade playing for the benefit of we simpleton US peasants who haven't read the actual/factual 9/11 data yet? Stupider things have happened.
Cut it out please, #MyStupidGovernment!
…on and on…
(And no, it's not the time or place to play ignorant 'conspiracy theory' games. I won't reply to same or snide/ignorant related comments. Go convince the mirror).
Wondering Where The Methane Comes From?!
1) Above Ground Liquid Methane Lakes.
2) Underground Liquid Methane Lakes.
3) Liquid Methane Soaked Soil.
4) Liquid Methane Tides Due To Saturn's Massive Gravity.
Where does the methane in the air come from? Is that a typo?
Mind Parasites vs Interactive Art
This opens up creative avenues for those willing to take the time to make a media work into something interactive with the audience. That's a great thing, at least from my POV. It is a high form of art that allows the audience itself to improvise as part of the experience, making the media all the more unique to each viewer/participant.
But then there is the parasitic marketing moron abuse of 'customers', aka victims. Turn what should be an art experience into just another demolition of the value of being alive by treating the audience as objects from which one extracts money. This entire approach to life is detrimental and cheapening in the extreme. I personally would never participate. Start shoving 'product' at me and I'll simply *gag* and turn it OFF.
Spend Microsoft! spend Spend SPEND!
The more the faster the sooner the better! Then maybe we can end The Stone Age of Computing and move forward into a post-Microsoft Age of Superior Technology. I can hardly wait. (^_^)
China: Enough said.
Seriously! We're not already used to China having no respect for facts or human rights? Why not?
Re: China: Figures
Massive thumbs down. I've seen that before, when I helped unmask the activities of The Red Hacker Alliance in 2007. And yet I was right. And I am right now as well. Slapping up the truth doesn't change a thing except the perceptions of ignorant people. Enjoy your ignorance. It's a very common problem around here. :-D
Wouldn't it be wonderful if China actually created, invented, innovated something useful and important to provide and sell to the world? Instead, we get this criminal craptatiousness. Thank communism and its consequences.
Judging an Experiment as a Commercial Product is Rarely Helpful.
The overwhelming sense I have, reading about this situation, is that quantum computing is still in an infantile stage. But here we have it being judged in public as if it's a viable product ready for public consumption, when it obviously is not. The enormous Clunk Factor going on at D-Wave is inevitable at this point. To have them shoved into defensive mode over an obviously Not Ready For Prime Time machine is ridiculous. I hope this wrong attitude toward the technology doesn't kill the baby before it has a chance to grow up.
And then there's the possibility that D-Wave really does have a dog that won't hunt. But this clearly is not the time for that judgement.
Re: Collaboration between Quantum Computer Services and Apple
"Wasn't aware of the collaboration, according to Wikipedia…"
And yet I provided a link to a more detailed history and you didn't bother to read it.
Wilfull ignorance folks. You will it, like magic you remain ignorant. This is a disease you can cure.
Re: Hmm wasn't graphics heavy by any chance was it?
No. There were no graphics loading problems ever. Most of them were already installed on your Mac. If anything, we wished there were more graphics, especially animated graphics. It was as stark and minimalist an interface as you'd expect in the age of 33k and 56k modems, despite the various lovely designs for the arrival page. The biggest files were audio. We enjoyed scrambling to be sure we had the latest sets downloaded and installed. They were triggered via commands typed into eWorld, the same as was done at AOL.
Rhetoric vs Reality
"…endearing itself with a handful of loyal users". <--A slight underestimation. There were mobs of us, and it was a lot more fun and organized than AOL. I still have all the software, bonus kits and freebie sounds. We had a rollicking time there.
Then Netscape came out, we were free of awful Mozaic, so who needed dial-in online services? Old world was eWorld.
As for the ignorant comment about the aftermath of 1996 being "a transitional period at Apple that would nearly result in the demise of the company". You wish! Journalists had Apple bankrupt, in the grave with dirt tossed on its coffin. And yet, that never happened. There is actual history to read, as opposed to the misery mongerer's 'own version of history', distortions, gossip and ignorant hearsay. I find Apple-History.com to be a useful source of information. The directly applicable history of Apple's decline starts here:
Left out of the article, not a big deal, is the collaboration between Quantum Computer Services and Apple that resulted in the lineage of AppleLink to AOL to eWorld. Wikipedia has some useful history here:
"The US House of Representatives has passed a measure aimed at limiting the NSA's ability to access personal data and conduct surveillance."
We already have the Fourth Amendment to the US Constitution. Support it. Enforce it. Arrest/impeach those who don't protect and defend that law.
There is no 'wiggle room'. Metadata is private information. Everything you create with software and hardware is private. The Fourth Amendment does not require interpretation or explanation.
Apparently, simple and sane isn't good enough for #MyStupidGovernment. Have your fun with strangling money. It's better than just sitting around hiding your heads up your…
Liquid Methane More Likely
Based on what I've been studying about Titan, it's more likely that Charon has had liquid methane tides, similar to those evident on Titan but more internally due to the colder surface. All of us have a lot to learn about cold moons and planets.
As for the possibility of life on or in such cold heavenly bodies, it's fun to speculate but highly unlikely. Cold is cold is cold is death, at least for carbon life forms. Life feeds off some sort of energy source. What would that be out in frigid space, over the course of billions of years, far from a star? Would tidal friction really be adequate?
"Apple products are secure and never get viruses and malware."
NO. As a Mac security expert I have to point out that Macs have had over 100 malware since the birth of OS X. Technically, none of them have been actual viruses. But 'virus' has been wrongly shoved into the vernacular to mean all malware. Actual Mac malware has mostly been Trojan horses with a few drive-by infections thanks to stupid Oracle Java and stupid Adobe Flash, AIR, Shockwave and Reader. I personally suggest not installing Java or Adobe freeware unless forced to. Apple has been reasonably on top of security flaws in its own software, the worst of which has been QuickTime. Apple uses their XProtect and Gateway technologies to help keep their users free of malware. But don't count on Apple being perfect, just the best.
As for iOS, there have been a couple bone fide malware that made their way onto the Apple iTunes App Store, both yanked by Apple and unavailable. There have been a couple proof-of-concept malware as well, also pulled by Apple. All remaining malware for iOS is specific to jailbroken devices, in which case you're on your own anyway, no sympathy.
Re: AV for Mac
"Anyone recommend a no fuss AV?"
Actually answering the question, here are my recommendations:
1) ClamXav is the most complete AV of the free options. The only drawback has been the annoying trend of the ClamAV project to shove detection of Mac malware behind detection of Windows malware.
2) Sophos Anti-Virus is fine. They're a good company, contributing a lot to the Mac community.
1) Intego: VirusBarrier is the best. This is the one I consistently find to be on top of all Mac malware. Their software is great. Their updates are frequent. The cost is worth it if you have a person who can't help but pick up malware. Set it up to run in the background 24/7. It doesn't eat much CPU time after the initial scan. Intego is also a terrific contributor to the Mac AV community.
- Symantec anything. Norton has frequently been terrible on Mac. Symantec has consistently resented the Mac and Mac users.
- MacKeeper: Total garbage from a garbage company, IMHO of course.
- iAnti-Virus: It's been neglected to the point of being dangerous.
- F-Secure. Plenty of friends like their AV. F-Secure, like Sophos and Intego, contribute a lot of work to the Mac AV community.
NOTE: The most basic and critical method for dealing with malware is to have backups of the machine, one local and one off-site (such as in the 'cloud'). Recall that the #1 Rule of Computing is: Make A Backup. If you don't, you get what you deserve. Not kidding. It's that critical.
Re: iBeacon <--Just Turn It OFF
As I pointed out in another reply: Just turn iBeacon off. Apple let you do that.
- SMASH the Bash bug! Apple and Red Hat scramble for patch batches
- BENDY iPhone 6, you say? Pah, warp claims are bent out of shape: Consumer Reports
- NASA rover Curiosity drills HOLE in MARS 'GOLF COURSE'
- WHY did Sunday Mirror stoop to slurping selfies for smut sting?
- Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9