428 posts • joined 7 May 2012
Sorry Mr Cook, this is not necessary. If their current or future phones infringe your patents, you can get the court to hear it at that time. This is a waste of time because even if you are right, there would be noimpact.
Re: The real reason
It's been a while since I looked into it, but it used to be the casethat the embeded ios browser couldn't asynchronously render the page. This meant that the same page delivered via safari was much much faster than the samepage embedded inside an app.
Re: Hmm. Setting up a set of dummy data sources to feed to the app?
We could even use Dual_EC_DRBG to generate the longitude/ latitude for fake GPS :)
Re: Can't say no..
In principle you are right, but it is not possible for developers. The security model requires all permissions to be identified in the manifest "upfront". There is no way for a developer to indicate whether a permission is mandatory or optional. There should be but there is not.
For example, Bittorrent Sync requires has some pretty obvious permission request which the app would be useless without (full network access / USB storage). But it also allows you to generate a QR code to setup a sync folder. This means it has to request access to the camera. This means they either have to request that token, not offer the feature, or offer umpteen versions of the app with various combinations of permission requests.
Please provide a way of:
1. Allowing developers to explain next to each token the reason they need it. Some apps do this in the description or FAQ, but on the popup with a big red "We're not telling" by default will encourage some disclosure.
2. Allow selective denial of permissions.
@AC, it all stems back to who you think their customer is.
I remember the Trustwave CA signing the root certificate for surveillance controversy from a few years back. The only use of a CA is to tell you whether the server you are talking to matches who they claim to be. If that is not what they are doing, then they are failing their job to prevent man in the middle attack.
The difference here is obvious but the reasoning for the outrage is the same. For what purpose does RSA exist if not to provide secure communication between devices? If it knowingly allows this to be compromised, then it is of no value to me.
I have no problem with it offering Dual EC DRBG as an option, but it should have been actively advising against using this since 2007 when the backdoor was found.
Re: Just a moment on camera battery advice
One other thing I didn't want to get in to, or we'd have spent the whole article talking about batteries, is of course that some makers have firmwares that reject third party batteries, so you need to check that first
, if you're going to buy extras so you don't waste money buying such a device.
Re: Panic Attack.
Er, that should have been elliptic, as in Dual Elliptic Curve Deterministic Random Bit Generator.
Stupid autocomplete or well played Mr NSA.
Re: Honey Trap?
I think theoatmeal needs to do a chart on when to use an. :)
Re: Panic Attack.
There is nothing wrong with RSA. Ecliptic curve pseudo random number generators are another matter entirely.
But can it run Crysis?
Re: But will it help you decrypt Sky Digital
Yes. All you would need is a microphone next to the set top box and a webcam feed from your local sewage works for an hour or so.
Re: Digital Rights Management
Plus well if your goal is to get access to the unencrypted sound wave for a song and all you have is a microphone and a computer *playing the song* there are probably easier ways to get it.
Re: Very Nice Mozilla @Adam1
Some functions of Firefox require more than 64KB of addressable memory which rules out a 16 bit address space, but why not try to answer the question?
64 bit processes can do some ops faster like floating point manipulations but it makes other things slower like copying pointers. The main advantage from a browser's point of view is the ability to make use of 2GB RAM which makes a lot of sense when your 25 open tabs are combined in one address space with the 8 plugins also loaded, but if you have already separated it into a process per tab model then you are probably a long way south of 2GB.
Or have I just been trolled by an rf -rm handle not noticing the advocation of threading and missing the irony. If so, well played sir.
Re: Very Nice Mozilla
If you think it should be multiprocess, why do you also think it should be 64 bit?
I doubt that bargain bin phones are really the issue these days. By the time your IMEA is blocked you have a toy that can't connect to the mobile network . Given the specs of landfill android and winphone that market will only shrink.
A more likely scenario is that your phone is still stolen, pulled apart and then sold as a refurbished battery, screen and ųSD card.
> erect a web page explaining its policies
Although the link will probably be put below the fold using fancy CSS trickery.
Re: The title of the article should be...
Nah it's legit.
If it WAS Siri, it would Shirley have pointed out some nearby coffee house.
You're closing it wrong.
> and it is felt the lack of such an ability helped the 9/11 plotters to evade detection
So is this some new form of Godwin's Law I am not yet familiar with?
No need to give it away. Just reinstate the start MENU from Windows 7 and provide the option to stop showing TIFKAM for the vast majority of PCs without touch.
Now if only there was some other giant stash of nukes they could start dismantling ...
At least you guys get a science minister
Our current government has decided that we don't need one. They have also decided that AGW and Y2K are both scams, so I suppose that is no surprise.
UI Design Principle Fail
There needs to be a great big "Don't Allow" button on that popup (selected as default).
Re: What's an object?
> I measure storage in bytes, or maybe floppy discs
1 object = 1.44 Blue Whales or 17 London buses
I bet various 3 and 4 letter organisations would agree this is the way to go.
Your point would be much stronger if there was a way to even do a factory reset style downgrade.
During the betas it was possible but someone stopped signing those executables so now it won't install. That feels to me more like a policy decision than a technical feasibility problem.
This is why we should stick with safe and clean electric cars. These newfangled liquid hydrocarbon contraptions are just fireballs waiting to be lit.
That actually sounds like it has the potential to be a good movie! It would need a name suitable for a Hollywood thriller though. Something like "Cobalt 60 in a car" or "Gone in Co60 seconds"
They're doing it wrong
The trick is to get close enough to the pellets to obtain superpowers but not so close as to die of radiation poisoning!
Re: Glad they are getting shut down
Full network you kinda understand if it is ad supported, but location is pushing a bit far.
Re: Red lorry Yellow Lorry
Re: Crack this...
Now imagine some future exploit el reg falls for means your password hash is discovered. You had better hope they are using some appropriate salt in their password hash. If not your password will be identified in seconds. The same credentials can thenbe checked for the email, ebay, amazon, etc. If they can access your email they will get all sorts of passwords reset.
Re: All I can say is this...
I thought you may have been posting this one for a tick
"Anyone who thinks you can focus on two tasks hasn't understood the word focus."
- Wish I could remember who said that
Re: ..."a whopping 80 per cent of crashes ... involved male drivers"
There are other factors to consider too. For example, expressing it as a percentage per million miles driven or somehow factoring in the risk factors where pedestrian accidents tend to occur ( CBD, near schools, near gatherings of inebriated people, after sporting events or near shops) and what the relative gender balance is in such situations.
Re: This proves
Why are you posting as AC??
I don't understand why they couldn't allow HTC to continue selling these phones pending the outcome of the appeal as long as the appropriate amount needed for damages to Nokia is held in trust for if the appeal is unsuccessful.
All these posts miss the point. I mean imagine the benefits. I mean you get nearly 29 days of uninterrupted access most months.
They may complain once they realise their 6 hour battery is flat in under 2 and it is hot enough to fry an egg.
Re: Bittorrent Sync
+1 for bt sync
As an added bonus, your clients could generate the secret and tell you rather than have to manage protection of the secret yourself. Also has 24 hour share options and no third party holding the data.
Re: while we're on fake...
Or if you are running windows, at least some parts of MS have a sense of humour about it
Re: One question.
Both of them in fact!
Re: So make it in a plain box
They're not legal either.
Re: Most folk are not El Reg readers
> anyone who allows that probably shouldn't be allowed to configure a web server.
Not to discount your correct statement, but we are talking about embedded devices here and manufacturers at the moment seem more interested in recording what channel our TV is playing to " improve our experience" than good security practices.
When was the last time you upgraded your router's firmware? Yeah it didnt work for mine either. Just saying.
Re: Assumptions all rounf
Or a keylogger installed on his PC while he was out.
Well I hold the patent for all that ... on a mobile device.
> Does this result make Dropbox a viable NAS substitute .....
Don't you mean NSA substitute?
Re: has anyone seen...
> Has anyone seen Studbucket33 and Steve Ballmer in the same room together?
No, but I suspect he is actually Eadon.
- Review Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
- Vid CEO Tim Cook sweeps Apple's inconvenient truths under a solar panel
- Antique Code Show WTF happened to Pac-Man?
- HTC mulls swoop for Nokia's MASSIVE Chennai plant
- Study shows dangerous asteroid impacts hit Earth every six months