* Posts by Adam 1

1133 posts • joined 7 May 2012

Is ATM security threatened by Windows XP support cutoff? Well, yes, but …

Adam 1
Silver badge

Re: Why is this a problem?

> the program loader should be modified so that only digitally signed executables (including DLLs) can be loaded - this would reduce the possibility of malware execution.

Correct. No, wait hang on. We're not talking about Dell or Lenovo are we?

0
0

James Clapper has found another reason why he lied about NSA spying

Adam 1
Silver badge

If a program can be so insignificant to effective intelligence gathering that the relevant director can totally forget its existence even after being forewarned of the question and yet is so offensively invasive to innocent people, it does beg the question about why it isn't shut down.

Surely those funds could be used for other worthwhile causes?

10
0

Obama calls out encryption in terror strategy speech

Adam 1
Silver badge

Re: re. San Bernadino killings

We live in a world where sadly some feel the correct response to horrors coordinated by text message is to block TOR. You just can't argue with that kind of special. Not with anything resembling logic anyhow.

9
0

Microsoft encrypts explanation of borked Windows 10 encryption

Adam 1
Silver badge

Impact is a good word. It gets me out of figuring out whether I am trying to write affect or effect.

2
0

Big names settle out of court with CryptoPeak in HTTPS patent spat

Adam 1
Silver badge

You can bet the out of court settlement would have been for peanuts. It's more important for them to imply that some companies acknowledged the validity of the claim.

12
0

Free HTTPS certs for all – Let's Encrypt opens doors to world+dog

Adam 1
Silver badge

Re: @LDS

> I can get a certificate for theregisster.co.uk from every single one of the major CAs if I possess that domain.

Except the existence of a padlock icon would be a dead giveaway....

11
0

Music publisher BMG vs US cable giant Cox: Here's why it matters

Adam 1
Silver badge

Re: Spoilation

The allegation of 54,489 in 60 days equates to close to 1 violation per minute if you assume that person had to sleep during that 2 months.

A reasonable person might consider such a large number of warnings as indicative that there was some sort of bug in either the collection, analysis or notification processes. Inability to produce the code used for that denies the accused the right to challenge the evidence used against them. The idea of secret evidence should be an anathema to anyone interested in freedom and the rule of law.

7
0

WDC's shingle-free stocking filler: A 10TB helium disk drive

Adam 1
Silver badge

Hydrogen drives have an amazing immediate secure erase function too.

5
1

If a picture tells a 1000 words about latency, Google won't load it

Adam 1
Silver badge

So what Google is arguing is that some traffic is more important than other traffic...

/grabs popcorn

1
0
Adam 1
Silver badge

Re: The sites i visit...i NEED to see the pictures

Going by his handle, surely it would be tea.

1
0
Adam 1
Silver badge

Re: Sits back with popcorn.

It will force them to use text based ads more frequently. What a most unfortunate side effect that we most definitely did not foresee, Governor.

0
0
Adam 1
Silver badge

Even more savings to be had by blocking AdSense and Google analytics. Reckon that will make it in anytime soon?

0
0

RSI Videofied is a 101 in how to build IP CCTV and alarms with zero security, zero encryption

Adam 1
Silver badge

Re: I don't know about you . . .

https://xkcd.com/221/

0
0
Adam 1
Silver badge

Re: can't resist

> send passwords (keys) unencrypted over the internet?

In defence of such "bird brained" security, one could make the argument that they do not ever send passwords unencrypted*

*as opposed to receiving unencrypted passwords.

0
0

Report: VW execs 'knew' about fuel economy issues last year

Adam 1
Silver badge

Re: Thank You, Captain Obvious.

> Why are we talking about fuel economy now?

NOx emissions reduction requires higher fuel consumption (to a point) if you want to maintain power. If they achieve amazing fuel economy results and have been caught in other instances disabling emission controls, one is entitled to ask the obvious question.

1
1

Estonian vendor sparks Li-Fi hypegasm with gigabit demo

Adam 1
Silver badge

Re: Must include strong encryption

Wouldn't this be just L1 OSI? Encryption is right up at L6

4
1

Millions of families hit in toymaker VTech hack – including 200,000+ kids

Adam 1
Silver badge

Yep. If you follow Troy's blog, he just Googled the hash string. Can't do that with salted hashes.

2
0
Adam 1
Silver badge

Re: Easily fixed

Interestingly, alarm bells should have gone off when Mrs Tables had so much trouble registering her son's device.

https://xkcd.com/327/

4
0

VW's Audi suspends two engineers in air pollution cheatware probe

Adam 1
Silver badge

Re: Interesting justification.

> Also, the standards that "aren't being met" are close to impossible to meet

If true by some law of physics then all manufacturers will be equally affected. When the sorts of vehicles demanded by the population become unavailable, the standards would be relaxed.

I don't know enough about the engineering to comment on whether it is or isn't possible to hit the targets, but here is what I do know.

1. Cars are heavily judged by consumers on high power and low fuel consumption.

2. The combination of fuel, air and temperature that maximise the power and minimise fuel consumption are not so great when it comes to NOx.

Left to market forces alone, NOx reduction will be sacrificed to give better numbers that people actually care about. The problem of NOx is externalised. That is where regulation is required.

5
0

Superfish 2.0: Dell ships laptops, PCs with huge internet security hole

Adam 1
Silver badge

Re: Continuing saga of Microsoft software collapse

I wouldn't be holding up android. Too many OEMs "customise" the experience and then have no way to patch for things like stagefright. There are literally phones sitting on store shelves that will never see a stagefright fix.

Microsoft have plenty to criticise. Too many windows updates address being pwned by fonts for goodness sake and half of those patches end up breaking outlook. The blame here sits squarely on dell. They are appropriately being shamed.

0
0

Google takedown requests mushroom as copyright holders play whack-a-mole

Adam 1
Silver badge

Re: Time for a Capcha

Time for an upfront fee that gets refunded if the link is found legitimate.

9
2
Adam 1
Silver badge

Re: requests mushroom

I guess the copyright holders must know something about living in the dark.

4
1

How NSA continued to spy on American citizens' email traffic – from overseas

Adam 1
Silver badge

Re: Haven't a clue

> If the amount of money wasted on anti-terrorist surveilance was used on bounties instead, there would have been a grand total of zero surviving ISIS, Taleban and Al Qaeda "key personnel".

Probably not many taxi drivers either. (Search for Dilawar)

As soon as you start with bounties, [bad guy warlord supporter] will hand over [insert rival warlord], get some hard currency to carry on their work while you do their dirty work.

/the justifiability of mass surveillance can not be established by whether or not it is effective in identifying targets. That is merely an "ends justifies the means" rationale

1
0
Adam 1
Silver badge

Re: All the more .....

> The snoops can snoop all they want but unless they're ready to leash a few hundred GPUs on my measly packets...

Obligatory

1
0

Yahoo! Mail! is! still! a! thing!, tries! blocking! Adblock! users!

Adam 1
Silver badge

Re: It's not about spam, it's about /security/

I don't think you are fantasising.

1
0

How TV ads silently ping commands to phones: Sneaky SilverPush code reverse-engineered

Adam 1
Silver badge

Re: Cricket Anyone

> I think it's probably only the branding that got shipped overseas.

If that's the case, you dodged a bullet.

1
0
Adam 1
Silver badge

Re: Surreptitious DMTF?

You need to half the sample rate to get the maximum frequency if my memory of Nyquist's theorem is worth the grey matter holding it.

So a 32KHz sampling rate would correspond to a 16KHz maximum frequency.

1
1
Adam 1
Silver badge

Re: Next up:

Media centre + comskip

1
0
Adam 1
Silver badge

Re: "require Microphone permission"

In android 6, you just go settings / apps / [choose app] / permissions and switch off microphone.

You can turn off all the other bits of everything too. From experience, very few apps have any problem. The worst thing so far is one app thought its licence was invalid until I enabled the particular permission again.

2
1

Tech firms fight anti-encryption demands after Paris murders

Adam 1
Silver badge

Perhaps they could lead by example? I'm sure Microsoft, Apple and Google between them can make sure that strong encryption isn't permitted to .gov sites from the browsers they make.

1
0
Adam 1
Silver badge

Ban no encryption now!

1
0

Lawyers use anti-piracy law to get website blocked over corporate ID brouhaha

Adam 1
Silver badge

8.8.8.8 /cough

1
0

Behold, the fantasy of infinite cloud compute elasticity

Adam 1
Silver badge

Re: I think the author missed something

They are not magic but it is a bit naive to think they have to just drop to idle. There are classes of problems which can start and stop at a moments notice which require high CPU but are not necessarily time critical. This idle vm time can be sold by the second at a discounted rate on the understanding that your vm will start and stop as per the requirements of the cloud provider at that time, not yours.

1
0

Child abuse image hash list shared with major web firms

Adam 1
Silver badge

Re: Hmm

> remember what fantastic success we have had with the anti-terror laws

In other news, the latest leak from Snowden's trove was found to match one of the md5s....

/where's that tin foil?

0
0

Symantec's salvation plan is more and better integration. No, really

Adam 1
Silver badge

> Symantec is built on a lot of acquisitions, and we didn't have a history of making sure the products worked better than they did on their own

Nailed it. When they purchased that uninstaller business they forgot to check it worked properly with NAV.

1
0

Commentard achieves bronze badge, goes directly to jail

Adam 1
Silver badge

Re: Geesh

> Or maybe just one with escape sequences in it?

Maybe we could all just pick up the \t ?

1
0
Adam 1
Silver badge

Re: I've been around here for ages

> A subject I am knowledgeable upon

Obligatory

https://xkcd.com/386/

0
0

Microsoft quietly slips out patched patch for Outlook – in camouflage

Adam 1
Silver badge

Re: Why after all these years....

> Try to build a testing system that can handle all the variations in base hardware, devices, software add-ons

We are talking about windows 7 + outlook 2010 or outlook 2013. Seriously, that has got to be well over 25% of business Windows machines.

3
0

California cops pull over Google car for driving too SLOWLY

Adam 1
Silver badge

> We want them to feel friendly and approachable

25 mph is not "approachable". If you do approach something at that speed, you will end up with a several month hospital stay (if you're lucky). There may be important technical reasons to limit the speed but if that is the case, keep them off high speed roads until they are ready.

8
2
Adam 1
Silver badge

Re: No big deal

> noticed traffic backing up behind a slow moving car traveling in the eastbound #3 lane

If cars were backing up then that mustn't have been possible (eg. Other lanes having high volume of much faster moving traffic.)

9
1

Sound waves could power the future's magnetic HDDs

Adam 1
Silver badge

> 2.7 zettabytes (2.7^21)

Shouldn't that be 2.7 * 10^21?

5
0

Apple's OS X App Store downloads knackered by expired security cert

Adam 1
Silver badge

Re: This is why the....

If you want to be technical, if you pay for something, you licence the right to use it, but your suggestion is one of those medicine is worse than the disease things.

Breaking a sha1 cert costs about 75K in today's money. In 5 years or so, it will drop to about 5K (assuming no new weakness is found in the meantime that makes it even cheaper; a brave assumption). I find it a good thing that the certificates my bank was using 10 years ago will be rejected.

Also, why are you using the vendors' certificates if you own both client and server parts of the software? Just buy your own and then you can carry on renewing your software certificates long after whatever vendor joins the long list of "remember thems". (Setting aside the wisdom of using software that can never be patched)

4
0

Mozilla releases iOS app version of Firefox browser for world+dog

Adam 1
Silver badge

Yawn

WebKit != Gecko (even if you add an orange and blue icon).

4
1

Old tech, new battles: Inside F-Secure’s formidable Faraday cage

Adam 1
Silver badge

Re: Malware won't run in VMs?

It's not that it can't run. It's rather malware authors make a design choice to exclude some potential targets for the reward of making analysis of their behaviour harder. Those clever enough to setup a vm are also far less likely to leave their systems unpatched or to just allow anything through the firewall.

0
0

TalkTalk offers customer £30.20 'final settlement' after crims nick £3,500

Adam 1
Silver badge

Re: Tokenised?

> If the TalkTalk process "is a standard higher than encryption", what type of encryption is it better than?

Most other companies only apply ROT13 once.

2
0

The spy in your pocket: Researchers name data-slurping mobe apps

Adam 1
Silver badge

It's a bit limited to consider what addresses the phone shares information with because it doesn't (and can't) consider anything shared through backend communications. It would be trivial to create an app that sent all information to the primary domain and then distributed it from there. That app would look good on this sort of survey.

5
0

I've lost the remote! Fury as Samsung yoinks TV control from its iOS app

Adam 1
Silver badge

Robin should consider what consumer protection laws exist in their country/state. That sort of thing could be considered a major fault and could trigger refund or replacement clauses if they can't or won't fix it (even if out of warranty)

5
0

Sennheiser announces €50,000 headphones (we checked, no typos)

Adam 1
Silver badge

Wouldn't this fall under technology exchange rates? Pretty sure that US$155,165 will translate to £155,165.

6
0

Hi, um, hello, US tech giants. Mind, um, mind adding backdoors to that crypto? – UK govt

Adam 1
Silver badge

That's the password on my luggage.

2
0

At Microsoft 'unlimited cloud storage' really means one terabyte

Adam 1
Silver badge

Re: Bait and switch

Companies need to understand that unlimited has a definition. It means without limit which in turn implies that one cannot abuse it. If they don't want people to consume more than X GB then call it a limit of X, or shape inbound traffic in such a way that you are happy with storage growth.

I am sick of mobile providers, ISPs, service providers, car warranties or whatever stipulating unlimited and then getting surprised when someone takes them up on it.

37
0

Forums