144 posts • joined Wednesday 8th August 2007 14:38 GMT
Re: And still no client-side encryption?
Ask yourself why they designed the system this way, when others did not. An example is Wuala whose servers are in Switzerland (very strong privacy laws) and other privacy-conscious countries in Europe, notably not the UK.
Don't complain about Dropbox. Just avoid them and tell other people to avoid them unless they're likely to forget their password and need a cloud storage provider who can recover or reset it. No business should ever find itself in this position, so should never use a service like Dropbox that offers this and which is therefore completely compromised by its design.
“Will you walk into my parlour?” said the Spider to the Fly.
Re: "You can't have your privacy violated if you don’t know your privacy is violated, right?"
Oh, what a tangled web we weave
When first we practise to deceive!
Give the guy a break, he's not used to committing perjury.
Still throttling by up to 65%
So the download throttling has been limited to 16% to make it "reasonable."
Meanwhile the upload throttling can be as much as 65%, down from 75% when I last checked.
If 16% is reasonable, by agreement, then 65% is still taking the piss on an "unlimited" service. They wouldn't keep doing this if they were honourable and took the ASA seriously.
[Edit] It seems that existing customers on 20Mb/s and slower are still subject to 75% throttling in both directions.
Has anyone yet claimed that the people who published this are aiding terrorism for revealing t̶h̶e̶i̶r this back door?
Re: A split personality release
"Putting parallax effects on something people use while walking is really not a good idea."
Neither is not looking where you're going. That's probably a bigger threat to your health.
My guess is that that marketing people can start regarding other people as prey, and act accordingly. I wouldn't be surprised if some nerd in the office spoke up when told to implement this idea, and was advised to just do as he was told.
This abuse is not as bad as what Cisco Linksys did a couple of year ago, when they took customers' home routers hostage by abusing an auto-update facility, and then demanded network monitoring rights in exchange for returning some indirect control of the customer's property. That scandal will take some beating.
What they didn't say
Apple said that the fingerprint data is never stored on Apple servers. We've learned to treat all such statements as half truths. What is significant is that they did not say that the data never leaves the phone.
I'm actually in favour of everyone's fingerprints being available to the police to catch criminals to make everyone safer. What I'm not in favour of is this data being available only to spooks serving the most power-seeking people, making everyone less safe.
Why compress helium...
when you can take in and compress air instead? Much more weight for a given pressure. If you add carbon dioxide from the exhaust, that would improve things further. So trap, compress, and chill exhaust gases.
Since the public became aware of the weakness in WPA, I've suspected that it was deliberate. From now on, every time I hear about a new weakness in a security system, I'll wonder if someone's arm was being twisted with a legal document from the NSA, and perhaps a bribe to sweeten things. I know of one instance where an trustworthy expert who was designing security software in the US had to give up because it was too dangerous.
How many of the monthly security patches that Microsoft issues are backdoors that have been discovered? More than ever we need Open Source software and hardware that's been scrutinised by experts in multiple countries. And then we must hope that the good guys find the backdoors before the bad guys do. In many cases, the reverse will happen. This is bad guys of one kind helping bad guys of another kind.
Best to wait. Let's see the games, let's see a detailed spec, let's not hear a lot of fan noise, let's hear the opinions of customers.
Just following orders
I wonder if those GCHQ "security experts" were just ex-soldiers who were hired by GCHQ solely because they could be trusted to obey orders and keep their mouths shut. No understanding required.
"Legally and procedurally sound"
Then it seems that we need to change the laws and procedures. I guess that's where our MPs come in.
If the Americans had a heads up, then surely the Home Secretary did too. So the buck stops with him on this. The security services can only be as good or as bad as the politicians driving them.
A step backwards in value
I bought a ZTE Blade 3 as my first smartphone from Virgin for £80 including £10 credit. It's locked to Virgin, of course, but the phone's specs are much better than the Open, with a 4" 800x480 screen and it runs Android 4.0.
I don't see how the Open can reasonably compete with ZTE's current products in the UK without a price reduction.
Mankind has been domesticating and evolving plants and animals for a lot longer than that. That's why there can be 7 billion of us.
For example, you can read how we've genetically modified wheat over the millennia. Then laugh the next time you hear someone saying how they like to eat farmers' pure, natural wheat and how terrible GM wheat is.
What's wrong with using the back of the phone?
The back of a phone is often unused space, so why not put a reader there? Trying to combine a screen and fingerprint reader seems like an expensive way to compromise the quality of both.
The more iPhones get stolen, the more replacements are bought. We know that there's been considerable resistance to making smartphones less attractive to thieves. Perhaps Apple are planning for regulation in this area or are increasingly worried that more people will think that the best defence against a big financial loss is to buy an Android smartphone that doesn't cost an arm and a leg to replace.
Re: It is too easy to pick on benchmarks.
Saying "it's too easy to pick on benchmarks" implicitly acknowledges the weakness of what they did. They might as well have said "You didn't really trust what we said, did you?"
What a mess.
I run XP on a VM running on Slow Leopard (10.6). The Mac's drives are accessed by XP using network shares. All worked fine until I upgraded to Lion on the first day it was available. Then I had nothing but trouble, with intermittent access and long delays. I found out that I was testing Apple's new networking code, and paying the price of being a beta tester. After struggling to improve matters for days, I rolled back to Snow Leopard and cursed Apple. I've avoided upgrading the OS ever since.
Maybe Apple simply gave up trying to fix their own code. Not all in-house projects work out well. Just ask the maps team.
Now, I think XP doesn't work with SMB2, so support for SMB1 is still needed. How will Mavericks handle that? Will that use Apple's own code, as with Lion? Since I use two screens, the better handling of those in Mavericks is attractive, but I do need some assurance that SMB1 will work as well as it does on Snow Leopard.
I'm not a biologist, and I haven't yet read much reporting of the judgement, but I'm concerned that the following analogies may be appropriate.
Let's say I invent a machine that can read a very old novel aloud, such that it sounds like a human speaking. Can I now prevent anyone reading the novel aloud because the novel doesn't naturally exist in voice form?
If I now invent a machine that can take my speech version of the novel and produce written text of one chapter, can I now prevent anyone using the written chapter when it's isolated from the original novel?
How long until the Xbox One.1 is announced?
The biggest virtue of cloud storage like Wuala is that all data is encrypted automatically before it's uploaded and the service provider doesn't have the key. In this situation, it doesn't matter where the server is located, as long as the key generation system (which is client-side and subject to scrutiny) is OK.
Whenever considering using a cloud storage, ask yourself, do they offer a data/key recovery option? If they do, that's a dead giveaway. For this reason, I have always recommended avoiding Dropbox, and using an alternative like Wuala, even before knowledge of PRISM. The only cost is that you must not forget your own password. If you must use Dropbox for some strange reason, then you need to manually encrypt the data before giving it to Dropbox and the US government for their automated commercial and political scanning. Far better to simply use a system that's designed to be secure.
One thing that jumps out at me from the pictures is the off-centre touchpad. I've learned the hard way with my current laptop to avoid that in the future. I'm often getting a right click when I want a left click, a problem made worse because it's hard to tell with touch when you're on the right side of the touchpad or the left.
Why has no-one considered splitting the number pad off from the main keyboard, putting it to the right of a central touchpad where there's plenty of room (or even omitting it), then widening the main part of the keyboard to full width? I'm also fed up with UK keyboards coming with tiny left shift keys and/or tiny return keys.
The neglect of ergonomics is one reason why laptops are suffering in competition with tablets.
The story teases us about the amount that the lawyers are getting, but doesn't say how much. Why acknowledge the importance of a number that you then fail to mention?
End customers should know all that they're getting. Having hidden features that some third party can secretly exploit is a security threat to both the customer and to the manufacturer.
If there were a zero-day exploit that made use of such a feature, the results could be devastating for both customers and Intel. People still remember the damage done by the floating point bug. They'd never forget a security vulnerability that was secretly hidden in a processor.
New principle in video?
I don't think there's a new principal at work in the video. I'm not a physicist, but what I think is happening is...
At relatively large distances, the relative strengths of the magnets dominate the resulting net force. However, when you get very close, the relative distances dominate because the force depends on the square of the distance. The gaps between the small magnets allows a closer approach to the central magnet between the small magnets, which is why all the magnets rotate together, as if the outer magnet were enmeshed in a gear wheel. If the small magnets were replaced by a continuous ring, the locking effect would be lost, I think.
A nice demo, but not a patch on a demo of the effects of superconductivity.
Re: Got it.
"Also, why do none of your tablet accessory reviews include the most useful accessory to me, the watertight food bag from Asda?"
You, sir, are the true genius we're looking for. Forget all this maths stuff for recovering data. That's only of trivial importance compared to to the fact that you've just solved the most pressing problem known to bathkind.
Yours truly, from the B Ark.
The NRA will love this
I imagine that the NRA's commercial sponsors will be very happy to promote this as a threat. Nothing sells guns (laws permitting) like fear and guns create a lot of fear, especially with a little professional help.
If it's possible...
... to make working, albeit low quality, guns from plastic, why don't we see these being made in the third world using standard techniques at very low prices?
Is it that anyone sufficiently well organised to make and sell them is subject to political pressure, or is it that more effective second-hand guns made of metal are also very cheap to buy?
What will they do with the overseas assets?
If those overseas assets are never to be imported into the U.S., it would seem that Apple will have to export its expenses to make use of them. How?
Might it make good business sense to abandon the plans to build such a large and expensive "spaceship" in Cupertino and instead move people and R&D overseas?
Of course, might it make much better sense for the U.S. taxpayer for the tax laws to be changed to stop such a large loss of taxes from the big companies? As business becomes more and more global, the world is becoming more and more of a tax haven.
Looks like Viacom's lawyers hit the jackpot with this case.
This suggest that it might make business sense for lawyers to plan to lose, if they know the person paying their bills has enough political capital invested to appeal.
AFAIK, in the UK, unlike the US, plaintiffs are generally liable for both sides' costs incurred after any sufficient offer has been made by the respondent, even if the plaintiffs win. This makes for less legal harassment, which this is starting to resemble.
I bet those lights at the top generate a serious amount of drag at very high speed. It would be unfortunate if they parted company from the car taking part of the roof with them....
Let's think about this...
First, we need some numbers. All numbers in approximate kJ per mole.
Source https://en.wikipedia.org/wiki/Standard_enthalpy_of_formation .
The enthalpy of formation of methane (CH4) is -75. Negative means energy released.
The enthalpy of formation of water (H2O) is -286.
The enthalpy of formation of carbon dioxide (CO2) is -394.
Thus completely burning methane yields 891.
By forgoing the combustion of the carbon, we instead get 497.
This makes the energy from natural gas cost 891/497=1.8 times as much.
That assumes zero processing costs and zero handling costs for the mountains of carbon produced.
The latter would be a HUGE fire risk, so would have to be buried deep underground well away from the air, lest an uncontrollable fire break out, as sometimes happens with natural buried deposits of carbon.
Speaking of buried carbon, would it make sense to spend a lot of money burying carbon at the same time as we're spending lots of money mining carbon, in the form of coal, to fuel power stations? Germany does quite a lot of that. Far better, in every way, to replace coal burning with gas burning.
So while this technology undoubtedly has uses, it's neither a green nor an economic proposition for mainstream energy production. But it's great for PR.
Pining for the fjords
Will Manager, perhaps?
No way to stop NK being a serious threat.
NK may not have a missile that can carry an atom bomb, but they could take the bomb by ship to an isolated part of the coast, put it in a hired lorry and drive to the capital. You might have radiation detectors around the capital that would give the government time to take shelter, but it'd probably be too late for the population.
Alternatively, they could raise an awful lot of hard currency by selling a bomb to someone wealthy in the middle east. Those bombs really need to be tracked constantly. This really is the stuff of nightmares.
I bet there's an awful lot going on behind the scenes, including offensive actions by the US and allies. All we can tell is that NK are mad as hell for a reason or just mad. Either way, don't underestimate the damage that they can do.
As for the GPS, thinking aloud, you can't suddenly replace all the commercial receivers on vehicles in service, and I guess any active jamming cancellation for their benefit would require the jamming signal to be predictable in nature and make things worse non-locally.
Re: We need a relay
That's been thought of, of course. They'd have to be big to pick up the very weak signals and they would cost a lot of money to build and to regularly replace. I don't think that will be afforded until there are humans on Mars.
There have been tests of delay-tolerant networking protocols on the ISS. Further info at
Re: The mystery of the mysterious operatives
The don't seem to have the facial hair of religious zealots. A simple explanation is that they're would-be metal thieves who assumed the cables were made of copper. Thieves tend not to be very bright. At this stage, there's no need for conspiracy theories.
I'm not a physicist, but these anomalies intrigue me.
Does this mean that the universe as a whole has an absolute reference frame for motion? Are we seeing special relativity breaking down or are we perhaps seeing an unexpected interaction of the microwaves with space in our part of the universe? Could the acceleration due to dark energy be non-uniform?
Evidently the crime still pays
These announcements and fines probably have more to do with self-justifying PR than actual deterrence.
Changes in technology make these nuisance calls easier and cheaper to make; it should also be easier and cheaper for the victims to register a complaint and help themselves
For example, you should be able to press a couple of buttons on your phone to signal to the telephone system that the current call is a nuisance, and have the rest happen automatically.
The regulators should stop telecoms companies charging extra for transmitting Caller ID to a customer. The companies are professionally being part of the problem instead of part of the solution. With automatic caller ID and the suppression of anonymous calls, we can install equipment that can download and upload lists of problem numbers.
The regulators should try to manage themselves out of a job as much as possible by enabling the victims to better defend themselves. Is that too much to hope for?
Ask a silly question..
If you ask if water is wet, less than 100% would agree, simply because if you ask a sill question, you sometimes deserve a silly answer. So, if you ask if comedy makes you happy, treat the answers with caution.
Also, in any survey, you might also take into account that a lot of people are quite amazingly stupid.
Re: Not the usual suspects!
Being noteworthy is the whole point for many participants. It's PR.
Plus, I imagine, if you're a large and wealthy family, you might be on the lookout for interesting projects for the younger members to get involved in.
Care is needed when judging sea level relative to land that's changing in elevation from time to time in response to earthquakes.
Alexandria has a history of such changes. I think much of the harbour was lost in AD 365 due to a reduction in elevation.
Presumably, these new spacecraft would have to use ion drives for propulsion. When that technology becomes sufficiently reliable, it'll be used by satellites. That will increase their effective lifetime, so they're unlikely to need to be topped up with propellant such as xenon. Plus, there's not a lot of xenon in space that you can mine.
In any gold rush, it's usually those who sell the supplies who make the money. I think this is all about shouting "Gold!" and seeing who's got more money than sense.
I don't think there will be sensible commercialisation of deep space until we have abundant energy from nuclear fusion.
Deduplicating encrypted data is possible
"A little sense here please. How are mega.co.nz going to de-duplicate encrypted content?"
With a little ingenuity. One way is to encrypt each block of data in the file with its own hash. Then you send the hash of the result to the site to see if the site already has it. Since everyone is encrypting the same way, this works. You then end up with a list of hashes/decryption keys, one for each block of plain text. If the list isn't large, you encrypt that list with your private key and upload that to accompany the encrypted data. If the list is large, you break it up into blocks and perform the same process on that file, and so on.
Do you also think that Chinese TVs are also used to monitor what the viewers are doing in their living rooms?
Do you wear a foil hat to stop "them" reading your mind?
"How do we know Convergence (or a party in between) isn't just telling the browser what it wants to hear?"
Because the man-in-the-middle would have to get into the middle of multiple independent lines of secure communication with different security keys. You can choose how many, according to need, and spread them around the world.
People independent of the inventor of the system are contributing to the system, so you don't have to trust the inventor of Convergence blindly, and shouldn't.
This is the sort of "trust no one" system that existing certificate authorities and governments will fight against, for obvious reasons.
Trust needs to be decentralised. SSL authorities must be assumed, like all commercial enterprises, to be willing to sell their grandmothers if the price is right, or their arms are twisted enough.
Firefox users should consider installing a decentralised certificate vetting system called Convergence. See the site at http://convergence.io . It checks that a certificate is the same certificate that other users are seeing.
Does The Register offer bounties for rumours?
After the summer scandal, a lot of people would hesitate (at the very least) to buy or recommend a domestic Linksys/Cisco router. Both brands were damaged.
If you search Google with "linksys scandal" or "cisco scandal", you get references to this event. The internet and customers have long memories that can destroy a brand.
Privacy in the cloud
Don't neglect your privacy when using cloud storage.
Some cloud service providers such as Google and Dropbox hold the keys to your data. That's great if you forget your password and can convince them who you are. However, the cost is that their systems get to rummage through your data for commercial gain.
There are alternative cloud providers such as Wuala that don't hold your keys. Everything gets encrypted automatically before it's sent to the cloud. It works just the same, but it's private.
if you don't look after your privacy, you're part of the problem.
- On the matter of shooting down Amazon delivery drones with shotguns
- Review Bring Your Own Disks: The Synology DS214 network storage box
- OHM MY GOD! Move over graphene, here comes '100% PERFECT' stanene
- IT MELTDOWN ruins Cyber Monday for RBS, Natwest customers
- Google's new cloud CRUSHES Amazon in RAM battle