587 posts • joined 3 Jul 2007
Oh, why Steam?
Playing games bought on Steam has not made me happy. When I want to play a game, I want to play it when I sit down, not when Steam decides that it has server capacity to see if I may play it. I'd rather pay a premium for the game to not play it on Steam, and wait for it to be delivered to me.
Something about garden gnomes, ???, profit
Ballmer went on an acquisition spree, since Microsoft can't innovate. Microsoft bought Nokia, allegedly for its cell phone expertise. Now they lay off practically the entirety of Nokia, plus good chunks of their own US operations. Huawei dumped Microsoft phones due to poor sales.
Spend lots of money buying stuff, lay off lots of people, ???, profit.
Well, the profit is, of course, from Windows OS, Office, cell phone patents, and never from cell phones themselves.
Why bother with "Fantasy Supercomputer League" anymore
Once upon a time I'd look at the list and think to myself, "Gee, how much would it take for me to get my bedroom on the list?" Now, with the smallest configuration using over 2,700 cores, there's no longer any way this could happen. Any configuration worthy of #500 on the list these days would take more power than the whole house's mains circuit. Back in 2005 a system with 50 cores could score well. Not anymore! I'd need about 100 NVIDIA K-40 cards to get to #500.
M-Disk: 42,000 pictures of cats
From their own website: 21 hours of non-HD video, 120 minutes of HD video, or 42K pictures of your cats.
So in 1,000 years, the archivists will pop one of these into a drive, and see pictures of cats. And they will wonder what the hell is wrong with us!
2FA, passwords, fingerprints
I've had fingerprint readers on my past three notebooks. And I've used 2FA with a key fob device, for access to a corporate network.
The first real level of security is, "don't put that there," and, "don't let it do that." Don't put embarrassing photos of yourself on the Internet, and don't let your bank transfer funds like that.
The fingerprint idea is OK until you get an owie on your finger, and you need a Band-Aid. Even when it works right, it can take a few swipes before it recognizes your finger. The key fob is OK until it gets out of sync with the service, and then a re-sync needs to happen. The smart card and the key fob can also suffer from insufficient randomness or whatever other problem can crop up.
It's really hard to protect people from themselves. My apartment manager's password is two very simple words, followed by repeating numbers, and he has problems remembering that, so no way is he going to remember v<#?rSK51_Rc,pt, which can still be broken by a rainbow table. Yes, he has called me up on occasion to find out what his password is.
Sending a text message containing a second password to the phone is a good idea, though. Then the second password could be something random, like, "battery horse staple." Of course, for a MITM attack, that would restrict the attack to the current session. But depending on the data that the attackers want to access, that may be enough.
Re: Can't wait to see COBOL syntax highlighting in KDE's Kate text editor
"... but I can see some potential in marrying the mainframe terminal emulator with Linux..."
You do realize that there are already open source TN3270 and TN5250 emulators? There have been professional products for at least 20 years for IBM terminal emulation on Unix, Windows, and even MS-DOS and OS/2. I used to work at Attachmate long ago. ("Where's the IrmaLAN team?" "He's right over there! Splinter!" [This actually confused an HR rep who didn't understand the Monty Python reference. Really, I wonder how much of real life those people experience. Maybe we need to study them with tracking collars and electric shocks...])
Yes, I remember when they were an independent company. Anyways, emulation on Linux not only includes terminal emulators, but also the Hercules project, which can emulate the mainframe itself.
When 60 Minutes ran a piece on the CIA, they received a rebuttal from the CIA before the news segment had been broadcast. The CIA had been monitoring the satellite feeds used for editing the shows...
Security by brick!
Never mind security by obscurity, you need security by brick! If it has all the connectivity and Internet functionality of said brick, it's definitely secure for ten years!
Seriously, a lot of the security problems simply stem from really bad practices that should get someone fired in the first place before they create a pile of crap. If you want to manage a fridge, all it needs is SNMP, and nothing else. Same for basically every other appliance. SNMP v1 is more than enough to monitor everything, because you just need to get an appliance's state, not turn it on or off. Honestly, an IOT blender is pointless to turn on and off over the net. Really, is your robot capable of washing and slicing and dicing the veggies, but it can't turn on a switch?
Wonder where they get their data
"Predating Stonehenge, the building is thought to have been a house of the dead where bizarre burial rituals were played out. "The rituals included exposure of the dead bodies, and defleshing on a large forecourt,""
Where do they get that data? And about a wooden building that's older than Stonehenge?? The builders and others who played around with the stones weren't big on writing anything down, so I wonder how the archeologists came up with the specifics of the rituals.
Watch idea is valid, still bad implementation
I wear a wristwatch, and I keep the mobile phone stowed away. Honestly, I think that the watch is still a great idea, but they keep implementing it wrong.
A watch isn't supposed to be its own input device, it's supposed to be an output device, and it's supposed to be convenient. For a while, Epson produced a watch with pager functionality. Instead of a bulky pager, you had the convenience on your wrist. These new "smart" watches are trying to do too much, and thus essentially fail at everything.
Really, what do you want on your wrist? #1, the time. #2, who's calling you. #3, a small notification that maybe you'd like to look at your phone. That's it, and little more than that. Small, thin, light, and keeps running for a very long time.
Does the watch need to transmit data back to the phone? No. Does the watch need an amazing color display? No. Does the watch need to keep running? Yes, preferably at least a year between battery changes.
Let the smartphones be the little computers they are, and leave the watch with simple functionality.
Passwords? We don't need no steenkin passwords!
Anybody remember about the researcher who created a botnet to map out the Internet? 420,000 nodes, just on cameras alone.
It doesn't matter how many times this happens, the hardware manufacturers need to start requiring passwords on their devices, and ones that are "strong." My Cisco ISA550 requires a password that is stronger than logging into their website! And yes, it has to be changed on the first login. And why do they keep opening up ports by default? "This router keeps you safe!" Really? Really?? It doesn't keep you safe, and it doesn't keep anyone else safe, either!
Maybe the manufacturers could be fined under the truth in advertising laws. These are insecurity routers!
But it's my neighbors what's done it!
Once upon a time, a while back, I set up a honeypot on my connection to see what bots were rapping and tapping at my virtual door. It wasn't a raven, but a crowd of my neighbors! The vast majority of bot net zombies were, in fact, in my IP neighborhood.
So who is the military going to nuke when a DDOS happens?
I just can't help but imagine that some 12yo is going to start WWIII for shits and giggles.
Re: Absence of evidence = evidence of deletion?
The article on Wired says that the investigators put malware on the site, which was "placed" on the visitor's machines. The machine's address, MAC address, various other identifiers, and Tor browsing history were gathered.
Plus when the agents executed their search warrant, DeFoggi was in the process of downloading a porn video, and the agents had to physically wrest the notebook computer from him.
So, yeah, they caught him in the act, and they had plenty of evidence.
Why binary compatibility?
"The chief problem for ARM is existing Intel apps won’t run on the chipset."
Once upon a time, not that long ago, this would never have been an issue. Really, the data center environment was heterogeneous, and many architectures were found. It was quite typical for a vendor to distribute many versions of the product. Yes, I personally did that, and the product was compiled for over 20 flavors.
Now we supposedly have Linux all over the place, but it's not really about Linux, is it? It's about Windows. If it were Linux, then it would be nothing to do but type "make" and then get on with it. But all of this actually has to do with Windows, and of course there's no end to that rat hole.
What's the point?
Everybody knows the Aussie agency is in a shed in the garden in the first place, and everybody knows everybody else as 'Bruce,' what's the point of all the security fallderal?
"Hello, who are you?"
"Oh, I'm Bruce!"
"Right, grab a beer from the fridge and let's chat."
"Hello, who are you?"
"Oh, I'm Ivan."
Re: Plans for dragon attack
Really, it's quite simple: arm the citizenry. You never hear of dragon attacks in the USA because citizens may legally own .50-cal hunting rifles. Really, do you think that these things are for deer?? No, the rifles are for dragons and whales. (No, we don't use them on the Ogre battle tank. We trap those when they're in season.)
Bad article, miserable rant, no information
"I cannot see how an OS could handle multiple processes without having a kernel mode. It follows that there must be at least some hardware support for security measures outlined above. Perhaps it’s all there?"
Mr. Watkinson, your display of ignorance, on The Register, no less, is utterly shameful. Multiple processes can be run without a kernel mode, and it has been done quite often. As for "Perhaps it's all there," yes, it is all there!!!
The Intel 80386 was released with four independent levels of protection, building on the features in the Intel 80286. The failure of a software vendor to implement those features in an operating system is not the failure of the hardware manufacturer.
The reason that Windows is targeted for malware is due to its popularity. Really, with a minimum 80% market share, who wouldn't target Windows? As for Window's lack of security, well, it was never conceived as a secure system, so what can be expected? One of the "features" of Windows is to start a thread on another process that isn't yours! All of the backwards compatibility of Windows means that there is a lot of significant baggage that must be brought forward, release after release.
You want software to be made secure? It's very simple. Software vendors must be penalized for bad code. If there is a fast and immediate monetary penalty applied, then effort will be made to write good code. It really is just that simple.
Really, good techniques have been known for decades. There is nothing new, there is just very little willpower to carry out the task.
He's right! PGP sucks to use!
Yeah, the prof is right, but it shouldn't take a PHD to get people to listen. It's actually been way past time for an update to the general implementation.
One of the reasons all of this really stinks is because SMTP was never designed with rigorous security in mind. It's really past time to move to a better mail protocol.
Security has poor memory...
What, they don't remember the grenade-up-your-ass ploy? "Please moon us for your safety."
Or how about the movie "Black Sunday" (1977) where a blimp is used to haul in the weapon of mass murder?
So all the fans are queued outside of the stadium, filing through the checkpoints, right where the terrorists will have such easy pickings.
I'm so glad that terrorists are so freaking stupid. Otherwise we'd be in so much hurt.
"it appears to have a shutter of some sort."
Actually, there's a bit of a trick to high speed shutters: they don't open and close! No, it's rotary. The Fastax high speed rotating-prism went to 10,000 framers per second, and the Rapatronic camera with its polarizing filters allows speeds down to 10 nanoseconds. But of course, that's back in the 1940's.
That said, it's actually using a laser to strobe the subject: "An ultrashort laser pulse is split by the temporal mapping device (TMD) into a series of discrete daughter pulses in different spectral bands, which are incident on the target as successive ‘flashes’ for stroboscopic image acquisition."
There you go, no shutter, just a laser to strobe the target.
Smart and Gets Things Done
Anybody remember that little book by Joel Spolsky? Gee, what is someone supposed to do? Hire slowly and fire quickly?
Of course this is about discrimination, it's about discriminating against those who can't get the job done. A business is a business, not a social program. The reason that males are so dominant in the tech sector is for one reason: the male brain is hardwired for solving problems. That's just the way things are.
When a company forgets that it's a business and becomes a social program, then it goes down the tubes. Even Microsoft realizes this, and at some point it will get someone smart in charge, or it will be dead. When a company is small, it is really evident who does work and who doesn't. Some people won't work in small companies precisely because of this. Me, I prefer small companies precisely because of this.
There are also sectors where males aren't dominant, but nobody ever mentions that. It's always shame on the people who get the work done, dump on the worker. I welcome the robotic overlords. At least there's a hope with them that they'll run things with logic.
Profit wouldn't slip if they wrote better games
How many times has Halo been warmed over? Valve gave up on Half-Life. Fallout drags on and on. But how much have these really evolved from release to release? Not much. Basically the same game play, with different graphics and weapons. Whoopee.
Do we see artificial intelligence? No. Not even on the level of Eliza. It's pathetic, really. Why bother mashing the keys all over again when the game is just the same? I'd love to see something that was sketched out with the "Nonplayer" comic. But all we get is a slight variation on the same theme. Ooh, different clothes and weapons! Might as well be Sailor Moon wiping the floor with Barney the Dinosaur.
Everything has flaws
Everything has flaws, especially code that's just hacked together. The question is, how bad are these flaws? Is the flaw something that we can expect to be exploited by a script kiddie, or is it something that leaks data that requires mathematical analysis for it to be informative?
If the Tails distro has bugs in it like fleas on a junkyard dog, I want to know! Not only do public alerts tell us what's going on, but it gives those of us who code a chance to fix problems.
Boots on Mars and break a leg
Not only do we need a big rocket, we need some sort of artificial gravity on the way over! By the time the astronauts arrive, they'll have lost enough bone density to break their bones in the reduced Martian gravity.
Better to just send a pair of boots and a Playmonaut to Mars, and then call it a day.
Story behind Seattle layoffs
OK, the story behind the Seattle layoffs is that Microsoft is ditching its testers. This sounds like a joke, but it isn't. They figured that since 30% of the bugs are found by developers, 30% by testers, and 30% by customers, they'd just ditch the majority of the testers and have the developers do more testing.
Unfortunately, this means that the customers will now be finding 60% of the bugs.
The testers who do remain will be "focused" on testing "scenarios" of customer usage. Unfortunately, the management has no clue what these scenarios might be. A couple of years ago I was in a team that decided to go with "scenarios," and we were given no information about how a customer might use the product. I honestly regard scenario testing as entirely futile.
Microsoft just might as well go with the full cost-cutting finale of, "fire the smartest people because the cost too much."
Watch out for sneaky Argentinians...
And now Argentina makes a sneaky move for the rock in response to the Falklands...
As for RRS James Clark Ross, why shouldn't they be in the neighborhood? The antarctic is cold! Actually, I'm surprised they aren't in Tahiti or some such.
How the other (less than one-) half lives...
My, there's £19,999 I'll never spend! Nice that when you're viewing people (werewolves?) with yellow eyes you'll have great color. Maybe as you barricade the door and arm yourself with your custom hunting shotgun, you'll be able to take them on the rise after they smash down your door and leap for your throat...
Or maybe you'll have a better target for your Nerf Gatling gun.
According to other boffins, won't work
I saw the response to this from other scientists who actually study meteorology and climate. For some reason, the low mountains in the exact area these walls are proposed aren't doing anything to even slow down the formation of tornadoes.
However, if it were proposed to build a sculpture the same size, I bet it could get funding.
Oh, like the average muddlehead has a choice!
"Repelling cybercrime is not the responsibility of individuals." -- Amichai Shulman
Oh, really? Which part of, "DON'T CLICK ON THAT!" is somebody NOT supposed to miss?
A neighbor of mine, back in the late 1990s, bought himself a computer, and I helped him get set up with the Internet connection and all that. So he's browsing around the web, and there's a banner ad claiming that he has mail. So he clicks on that and lo and behold, the browser jumps to a site that he didn't actually want to visit. Well, duh!
I set my landlord's new notebook computer up for him. He calls me up, says he can't get to the Internet. I come over and take a look, and it's fine. Turns out that he thinks the Internet is Yahoo!, and if that isn't the start page, then there's no Internet.
We have crap OSes, browsers, etc., and nobody has a choice but use the things. The average person out there really does need to learn to lock the door and bar the windows, because that's what the environment is! The police are only part of the answer, but there's precious few among them who have the skills to do a serious net dive and parse apart a botnet or other network.
If it's the job of the police to secure the net, then it's the responsibility of Microsoft, et alia, to write good and secure software. And Microsoft and the rest should be fined, and hard, for not doing it! Using best practices means actually using best practices! Not publishing a book about it, and then writing the biggest bunch of crap code I've seen.
But the muddlehead is going to keep clicking on crap, because they are muddleheads, and all they've got to use is a crappy OS.
Intel catches up with 2006
DRC Computer Corp. and XtremeData Inc. were doing this back in 2006 with the Opteron. Not on the chip, of course, but as a coprocessor in another Opteron socket. It's pretty easy to find this with a web search.
Big = evil?
Although Google's informal motto is, "Don't be evil," it seems that as companies grow large, they grow corrupt. The latest has been Amazon's attempt to squash publishing houses, and Google is squashing independent music labels.
What this really means is that publishers need to ditch Amazon, and all artists need to ditch YouTube. When whatever alternates they land on get too big and become evil, then those get ditched and the artists move someplace else.
She reads El Reg!
Come on now, folks, she reads The Register! Now, isn't that just significant? In just a little bit she'll be able to correct her website by reading all of these erudite articles and comments.
So let's see the business plan here: collect gnomes, ... something else ..., and no profit at all.
OK, so I guess the whole idea needs work yet. Don't worry, the comments section is on the job! Don't worry, Lily, we'll definitely tell you how to do it right!
Just wait until next year!
Since there's nothing that anybody can actually do about the weather, just wait until next year to see who's right. None of the nations will stop their CO2 emissions until there's nothing to fuel the factories and power plants. After that, the lights will go out, and it'll be the dark ages (literally!) for all of us.
Doesn't the NSA have something?
With all of the data hoarding the NSA has been doing, don't they have something they can let the Secret Service use? "Look, we've got some great regular expressions posted on the wall here." "Does that work in Internut Exploder 8?"
Maybe the Secret Service should just outsource the problem to Amazon's Mechanical Turk. Oh, but you'd need people who speak English and can recognize sarcasm...
Bruce Schneier *doesn't* reveal what he'll use
An article from years back, Bruce Schneier says what he'll use. But as for what he's using now, he doesn't say. In fact, he writes in his blog, "I have no idea what's going on with TrueCrypt. ... I suppose we'll have to wait and see what develops." No word about his current disk encryption, if any.
Recently he posted that he bought a new notebook, bought with cash from a local store. I suppose if he's using Windows 8 Pro, then he could be using BitLocker. I do know from his blog that he doesn't use Linux, primarily because he's never bothered to learn it.
Certainly, everything is open for speculation. Ending a project for a "dead" OS is a decent reason as any, I suppose. I jumped from Win XP to Linux on my old notebooks, and I suddenly I got full performance again.
Re: Tape is dead!!!
Is it OK if the tape takes the tube instead?
Beware hokey religions and ancient mantras
“Why do you say we should not innovate?”
You'll never win when you try to challenge someone's hokey religion and their mantra of "innovate." They aren't solving problems, and they know it. They know that they are trying to suck down government money. They are going to give their stupid presentations until they run out of cash, and then find something else to wave around as their new banner.
Celebratory ice cream?
Will Ben & Jerry's be releasing Gravity Wavy? Or Big Bang Butterscotch?
Might as well file, the computers are in the closet!
I still have a couple of the systems gathering dust in the closet. So why not file? I can actually show the memory. They don't ask for any proof, though, like sales receipts. If I were them, I'd be asking for some proof of purchase. That would cut the claims down!
No real banks are messing with BitCoins
Anybody notice that no real banks are messing with BitCoins? And all of the sites that are screwing around with them can't write basic financial transaction software?
Protocol review? Hello?
How many times will it be before these "banks" review their transaction protocols? And how long before BitCoin users will read the terms of service, and not use a "bank" that declares they aren't responsible for what you store with them?
Rootkit playing tunes?
This sounds really bizarre. Why would a piece of malware literally toot its own horn? The whole purpose of a rootkit is to hide and be stealthy.
The second question is, what was it doing? The thing is, remote administration is not the way to go here. Admittedly, I'm one of those fellows who does know how to use a kernel debugger and a network sniffer, and I have a 16 port managed switch just for what's at my desk.
The first thing I would have done is, as Nigel 11 noted, run from a live CD and scan the drive. When a rootkit gets into the system, it then normally removes itself from the various process lists, or renames itself to something innocuous. The next thing I would have done is to look at the network traffic, using a different machine. OK, so I'm using switches that allow port mirroring, or else you'd have to keep a real hub handy. So I'd look at the network traffic. Today's malware usually wants to communicate on the network. So what's the traffic look like? Sending spam? Scanning? DDOS?
Something is fishy about just playing random tunes.
Re: Dedicated mining ASIC chips etc won't crack passwords without modification
To actually turn an ASIC chip in to something to brute force a password would require changing the ASIC chips in a big way, I'd guess. Not to say someone (read: NSA) wouldn't do that.
An ASIC can be altered by the person implementing it. There are many different types of ASICs, from ones that must be fabbed, to ones that must be programmed by a device programmer, to ones that can have their logic changed in the field. When the Opteron first came out, there was a compatible FPGA chip that could be dropped into a second socket, and could be reprogrammed for specialized tasks rather quickly.
As for breaking passwords, there was an article a while back on Ars Technica about using video cards for that task. So between rainbow tables, known passwords, dictionaries, and brute force, it's a bad time for conventional passwords. Especially 123456!
All your passwords are belong to us!
The guys who will really go for the used video cards are the ones who can profit the most from them. Got a database full of "encrypted" passwords? Not for long! Then they will be plain text passwords.
Of course, all of these video cards could be scarfed up by science! Yes, you have a research budget, but no supercomputer. What to do? Lay your hands on that cheap post-coin goodness!
Also, the user needs to click yes on the notice, "Do you trust this computer?" Most will probably say yes, but as mentioned, debugging needs to be turned on, and that is now "hidden."
Re: Haven't you seen Fringe ?
If the USB spy cam was like this one, then there really isn't a lot of volume there.
I'm not an explosives expert, but I think that C4 requires a detonator stick of some sort, i.e., a blasting cap to set it off properly. Doesn't it just burn otherwise?
So you'd have to have a tiny blasting cap, that might actually not do the job, and some HE, all in a very tiny space. Now, just taping it to the wall in the loo would only make it a noisy firecracker. Sure, it would cause the plane to land, but I doubt it would cause any injury. Perhaps it would cure constipation, though.
More training needed?
What's nuts for this is that people think that something very, very small can blow up an airliner. Anybody remember the anthrax mailings? People were freaking out about dust on the shelves.
Sense of adventure, sense of reality
"Men wanted for hazardous journey. Small wages. Bitter cold. Long months of complete darkness. Constant danger. Safe return doubtful. Honour and recognition in case of success. —Ernest Shackleton."
Shackleton was honest and had a sense of reality. For this program, neither the organizers nor the hopeful participants have any sense of reality.
"People wanted for fatal journey. No wages. Bitter cold. Long months of complete boredom. Constant danger. No safe return. Honour and recognition as a footnote in television history in case of non-fatal landing."
I'm guessing that we should wait to launch humans to Mars after we've built a decent space elevator.
Re: The law is not the answer
"The same way the law favours you when the Daily Mail steals your photo."
You mean like the fellow who finally won out against the Daily Mail, but it took years? (There's too many search hits for the Daily Mail stealing photos.) Sure, the law favors your, but it will take a lot of effort, and it definitely isn't as easy as clicking through a few forms and getting a payout.
- Review Apple iPhone 6: Looking good, slim. How about... oh, your battery died
- 'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
- +Comment EMC, HP blockbuster 'merger' shocker comes a cropper
- Moon landing was real and WE CAN PROVE IT, says Nvidia
- Apple's iPhone 6 first-day sales are MEANINGLESS, mutters analyst