80 posts • joined 22 Jun 2007
The pressure will also be on a lot of place names around the world. For starters, I'm looking at you, Kilkenny.
This is extremely good news for anyone who used Truecrypt to protect assets.
The problems found are comparatively minor, easily fixable, and indicative of competent people writing code just outside of their core competencies. That last issue happens on any project anywhere.
Phase 2 will look at the actual encryption code. Unless that is found to be seriously flawed, the insights found from the review will ensure that Truecrypt 8.0 is rock solid and approved by experts.
COBOL gave the world precise tools for describing data accurately. These tools live in many languages. That is perhaps the strongest part of COBOL's intellectual legacy.
There's the PIC clause. You need a data object that is a currency field that can hold any value from -999999.99999 to +999999.99999 (i.e. exactly five decimal places)? Just write the PIC clause.
And there's the STRUCT -- oops, sorry, the 01 LEVEL. You can precisely map variable data structures (within some limitations) in a way that they can be properly serialised (written to external storage and reread back into memory).
It can be forgiven some misfires: PERFORM....THRU and ALTER...GO TO. Standards can take care of those.
So, farewell XP.
You had a long and productive life, but today your life support systems are switched off, and you will soon succumb to opportunistic viral infections.
You are gone, but I can still gaze on your face in half the offices I frequent, and even my partner's ancient laptop because they just won't heed the warnings; and they have been scared off by the stupid clown/teletubbie appearance of Win 8.
It is like the quiet before a zombie apocalypse out there in PC land.
Half truths because much of what Mr Snowden has released is up to five years out-of-date.
The other half - what has happened since 2008 - may be even more disturbing.
I am not okay about running any unsigned, badly tested, insecure code in my browser or any place on my computing devices.
These days, I can't always avoid it. But my default is noscript, flashblock etc. If a site needs to use my cpu cycles to display its adverts, I need a very convincing case to allow it,
My preference would be for signed code running in secure and auditable sandboxes.
It is crazy that so many people give JS a free pass to execute on their machines, Until it is proven safe, it remains a risk.
I was born with many scripts written in the Whitespace language already on my skin.
It has taken me years of study to reverse engineer some of them.
How did they get there? Good question, probably some emotionally insecure god trying to prove himself again.
Some of us have extensive hands-on experience of the actual problems in prisons.
And we have watched for years as the government ignores the obvious, and ignores the expert testimony in order to pay for another study that will be ignored.
Cheers for sticking up with the man, but it's not much help long term.
We already know there are two main uses...
1. Staying in touch with families. It is cheaper in prison to hire an illegal phone than use the usuriously charged payphones on the wing landings. And more private too. A better phone deal with BT would cut this usage at a stroke.
2. Sending money out for illegal deals (such as drug purchases). In a prison, most drugs come in via the uniformed staff, but the money transfers have to happen via a different method. In the old days, you'd get friends or family on the out to give money to people in pubs for you. Today, it is much more online. Reduce the drugs going in, and you reduce the need for cross-wall cash flow.
"I believe at the time we thought we had done enough"
As the ancient IT maxim says: you don't get what you expect; you get what you inspect.
Their shoulder-shrugging approach to being caught out in a major security flaw is not a good pointer for the future.
A legally-enforced standard for power adapters in 2017 puts the EU where China was in 2006.
It's a sign of the changing times.
Privacy's a bitch, eh?
Successfully knocking out Cryptolocker will stop new infections.
But does it leave a way for the infected to (should they choose to do so) to pay the ransom? If not, the end result will be much worse for the unbackedup.
A controlled shutdown would be kinder to the victims.
The crazies, who will sit in their garden all day cursing the government that granted Amazon the freedom of the skies, still have options if they want to contest the airspace above their sovereign back yards.
Electronic countermeasures to mislead the drone. The drone might land in their garden or fly off in an wrong direction. The ECM could be mounted on permanently-aloft balloons.
Suicide drone conducting a kamikaze attack.
Re: Selfie, Girl Crush, Twerk
That's 11 in binary?
Re: New Security Application
It is, though, fairly easy to establish that a hidden TC file exists. They can then pester you for the passwords.
Better methods of hiding TC files are needed......Perhaps broken up and steganograpied across a whole photo album.
The War on Partners
So partners are now legitimate targets?
Let us hope that ceases to be the case very quickly before terrorists learn that lesson.
Bugs, features and no-nos
Odd. He had been specifically advised by facebook that the behaviour was not a bug.
So he used the behaviour exactly as facebook knew it could be used.
They then went all TOSsy with his ass, told him that Terms of Service trumps Security Team.
Tells us all we really need to know about facebook's technical priorities.
Re: the Doctor can take on any form imaginable...
Yes, they've cast their Baker's dozenth plus 1 or 2 (depending on who you count) white man to the part.
But there is hope yet. We have not seen his costume or make up. He may play the Doctor dressed as a Masai warrior with a ginger wig and in tasteful blackface.
That may not please the feminists I know, but it'd be a nod toward multi- culturalism. They have, after all, previously cast a Scot playing the part with a Lundunish accent.
You say "TOMATO".
West Midands police say "SOLICITING".
That's quite a drift in accent.
As any IT relationship manager knows, never try to search Google with Google. It could break the Internet.
Hmm, the "enormous value" for culture trumps the rights of the individual?
Thought I'd never live to hear that as a mainstream American view.
Though, replace "culture" with "corporations" and I'd be less surprised.
Plus ca change
This is reminiscent of the court orders of half a century ago on airline availability search systems,
Those early, specialised, search engines had a start-up habit of favouring flights operated by the AVS engine's operator. Legal rulings forced them to be "objective" - to the benefit of all:
Passengers (via their travel agents who ran most of the searches) need only search one system to find all flights, rather than multiple ones.
The better AVS systems could outcompete those from smaller operators, and eventually consilidate a grip on the market; today, there are only a couple that matter.
Fairness of display as a route towards further monopoly? It worked for the airline search engines; looks like Google is learning a valuable historical lesson.
That the Reddit hive mind has not learned any lessons.
During the next great witch hunt, they'll be claiming it's different this time because they are using iCrowd technology (or some such heat of the moment techno drivel) to confirm their biases.
Confusing the wisdom of crowds with the madness of mobs is a common online mistake.
Thunderbird suddenly would not talk to gmail, claiming my memorized password was bad; re-entering the pw made no difference. However, the web browser interface logged straight in no worries.
Guess I get what I pay for with Google apps.
Pioneers go bust
The people who built the canals went bust. The people who built the railways went bust. The first wave of dotcom'ers went bust.
Pioneers die so the rest of us can learn how to live in the new world safely.
Why should the internet infrastructure be any different?
Breaking the sound barrier
It'd help too if the front of the goal was a thin sheet of some sort of plywood. A goal would be scored by the ball hitting and/or breaking the plywood.
Computer acoustic analysis from an array of microphones and vibration detectors would distinguish the characteristic sound signature of a ball thwacking into the plywood from other sounds such as a player head diving into it or giving it the elbow.
This may slow down a high-scoring game if damaged sheets have to be replaced several times. But, like the nuke-from-orbit tactic proposed in Aliens, it is the only way to be sure.
Soon, every goal will count, everytime.
Google's sudden cancellation of services is the big question mark hanging over them for corporate adoption.
How can I be sure that a particular service or API will not be dropped at a quarter's notice?
Few other corporations induce such opening questions.
Re: Onroad parking would be better
If people can avoid driving into parked cars (as they do most of the time), I think we can trust them enough to experiment with them not driving into kerbed cable cabinets.
Onroad parking would be better
Putting them on the already overcrowded pavement is a mistake.
Instead, why not treat them as if they were a permanently parked motorcycle? Put them just roadside of the kerb and paint a yellow line around them.
Far less obstructive than a single parked car or a gentrificator's skip.
Re: Fine, but......
No one knows where the EU moeny goes. The EU accounts have only been given a clean bill of health by the EU's auditors once in the last 15 years.
If the EU was a business, it would be struck off.
Re: Has anyone considered what it *really* takes to go completely malware free?
Having done all that, of course, I'd run my target OS inside a VM which itself is inside a VM which itself etc to maybe a depth of 12.
Each VM (different implementations of course) is running separate virus detection / fire walls / etc, so only incoming data that passes all of one VM's sniff tests makes it to the next level.
For an infecting virus that is trying to reach my app in the target OS, the effect would be like running the gauntlet in a very-hard-to-win first-person shooter with no ability to save at crucial points.
With a 12-core processor, my nicely snuggled app would not even notice the latency in handling incoming data.
iJa board anyone?
Maybe Steve is communing still with his Board on Earth.
Connection costs are a fixed overhead?
So I purchase my own device, and my management pony up £61pcm for the network connection.
One desk over (back in the day when we had desks) my colleague has a company-sourced device, and our management pony up £61pcm for the network connection.
If there is a news story here it is that employee connectivity costs £61pcm for the network connection, not including the costs of the end-user device.
Re: Why are we paying for this research?
Understanding the behaviour of prime numbers is absolutely crucial to the current, safe, implementation of any securely networked IT system - including ecommerce and military communications.
Why would a prudent society not be spending in every way on prime number research?
Pace Mary Shelley
Burn it with fire or nuke it from orbit -- both excellent options.
But fear the day it is struck by lightning.
Re: Transmission data rate
Somewhere between slow and not very fast
It is possible that the assailants were hobbits. During a street brawl that sort of misidentification is easy to make.
Back in the day ....
..... Steve Jobs would have turned this into a marketing triumph.
After trumpeting this must-have feature across all known media, he'd've sat back and watched lesser companies announce unconvincing plans to make it easier for passwords to be retrieved by non-specialists.
The fan bois would rejoice at the removal of yet another barrier to internet participation by the common hipster.
And, soon, private passwords would be a thing of the past. The new iPassword would potentially allow us all to financially benefit by selling our iPasses on iTunes and sharing in the profits made from our identify theft by the purchasers.
Other companies would learn from Apple's strategy and fire their IT QA departments and hire marketeers instead. All bugs would now be declared as unmissable features, and the more gullible of us would pay more for the bonus ones.
trust no one
Dropbox is convenient and easy to use. Much more so that
n services like Wuala and Spideroak that offer similar services.
But the fly in Dropbox's achilles heel ointment is the lack of encryption on the servers operated by Dropbox.
I would need to trust a lot of foggy processes (fog is all you can see when you are in a cloud) before I could entrust data to all those third parties.
The risk is not just that something I want kept private might be disclosed. I do not want to risk lower-level security stuff being subverted or corrupted.
Merely a smoke screen
This jokesuit is merely a toe in the water by Apple whose real atomic patent is the one that controls the use of the letter i ("whether lowercase, capitalized, iconificated, or otherwise embellished" to quote the patent) to start the name of a product or company or "other assemblage of humans".
Intel, ICI; Ice cream, Instant whip; Ireland, Iran: just a few of the well-known brands at risk from this patent.
Worse, it makes a general claim to the whole art of beginning a word with a letter at all. Some say this will drive all latinate alphabet users to adopt Chinese, at least in commercial writing and advertising.
Short messages only
This may work for short, provided both the sender and recipient have secretly agreed the code.
We might agree that any text message that begins with a vowel contains secret text. The NSA can analyse the preceding 100 messages and decide there is nothing hidden (or have erroneously uncovered a decoy steganographic scheme).
Then I send:
Are you well? Hope the cold is better. Cheers!
And BOOM -- the terrorist attack is GO.
Murder is a big assumption
It could have been a legal duel, or a wartime summary execution, a suicide pact with an as yet undiscovered chum, or merciful euthanasia.
Make the fines change the behaviour
As we all know, fines for government bodies simply get paid by the taxpayer / council tax payer.
We'd have a more accountable system if a proportion of the fine was a surcharge taken from councillor's attendance fees.
Rules of engagement
The rules of the game are that IF the defendant introduces evidence/testimonials of their good character, THEN the prosecution can counter with tales of past legal run-ins.
Otherwise the trial proceeds solely with evidence of guilt/innocence of the charges before the court.
It is not for jurors or the press or anyone else to introduce other evidence into the discourse.
Money go round
If facts are as presented, NHS will charge back the contractor. The contractor will claim on their insurance.
At each step, lawyers will lap up fees.
Insurer will put up fees to NHS contractors.
Contractors will pass increased costs to NHS clients.
And, just, perhaps some NHS execs miss out on gongs in the honours list,
Noscript is your friend
Simple workaround with many spin off benefits: treat your computer as a production machine,