Posts by Scott Wheeler 113 publicly visible posts • joined 13 Sep 2007
I work for a large international mobile phone company. I think this would probably work well for us: we can do cheap roaming on our own footprint anyway (and have some pretty good deals to encourage it). However it looks to me as though this will kill smaller companies: they will have to pay a roaming partner (perhaps at a reduced rate) while not being able to recover the costs. This is particularly true of MVNOs (mobile virtual network operators) who use the infrastructure of MNOs (the big companies). Some of them are tiny - a few thousand users. Basically this looks good for the big incumbents, bad for others.
It turns out that running network protocols over USB is already used. Many 3G USB "modems" are actually routers, and also run a small web server on the device to control the router functionality. However I agree with the general point that replacing physical Ethernet cables with USB is not obviously a good idea.
Does anyone know whether it will support SCTP (http://en.wikipedia.org/wiki/SCTP) transport in addition to TCP? SCTP is a protocol at the level of TCP or UDP which is intended for just this sort of message stream. It's extensively used in the telecoms world for signalling, but is not supported on Windows without a 3rd party driver.
> MS really need to sort out the backup problems with Outlook for Mac (effectively, you can't) , although we know they won't, don't we!
MS need to sort out Outlook backup, full stop. At some stage long ago, someone had the bright idea that everything should be in a database on Windows. Admittedly, that was the orthodoxy of computer science at the time, and Windows was supposed to be changing to a database file system (WinFS). That left us with gigabyte .PST and .OST files rather than small files that could be individually backed up: a problem for both MacOS and Windows.
> And OneNote is ably replicated in the Word for Mac Notebook view.
Oh, rubbish. I use both. Notebook view is better than nothing, but it's missing about 95% of the functionality of OneNote. It's basically good for banging out indented pure text notes in linear sequence, with perhaps ten pages in a "notebook". Push it beyond that and it's very poor even for the features it is supposed to implement. It also has problems with its rendering, so that you can find that a chunk of text simply doesn't display: this is absolutely fundamental functionality which does not work reliably. A couple of weeks ago I even managed to corrupt a document by moving a notepad tab (i.e. a section), so that if I tried to display that section, Word would lock up. The only reason I use it is because the small number of things that it does do happen to correspond to one job I do on a Mac every 2-3 weeks, and I want to use Word to be able to read the documents a few years on. I'm not a great fan of Evernote compared to OneNote, but for most purposes it is a country mile better than notebook view.
> Under UK law you are allowed to go by a pseudonym, as long as you maintain documentation of your real name.
As I understand it, legally it is (or was) the other way around. The name that you are known by is your "real" name. Changing your name by deed poll is a recognition that you are already known by that name, and allows you to update your official documentation.
A way to get the effect of long dwell time over China is by using a Molniya orbit (http://en.wikipedia.org/wiki/Molniya_orbit). That's a highly elliptical, highly inclined orbit with the apogee (furthest away from Earth, and hence slowest moving) in the northern hemisphere. Although the orbits the Russians use for their Molniya satellites have a six hour period, you could use a one day orbit to put the satellite consistently within sight of China for most of its orbital period.
I use both Evernote and OneNote, and I develop enterprise products. I'd say that OneNote is much more enterprise friendly in that it is trivial to host shared notebooks on companies' existing MS infrastructure - no need to use a cloud-based solution, which is often a blocker.
Having said that, I've yet to meet someone who uses shared notebooks. Are they a solution in search of a problem?
> A variable constant? That's revolutionary maths right there!!
No, it's cromulent.
The cosmological constant arises as a "constant of integration", i.e. there's an equation, and Einstein integrated both sides of it by some variable (sorry, I don't remember which off hand). When you do this, you get a new equation where you introduce a "constant". This means it's a value which doesn't depend on the variable you are integrating by. It may well depend on some other variable, or it could be a fixed number, but in this context you call it a constant of integration. The interesting point is that the process gives you no information at all about the value of that constant.
> I'm surprised no one as yet has tried introducing code via an infected smart card
Although smartcards do have something analogous to files and directories, PC/SC smartcard drivers won't allow you to mount the file systems on a PC. More importantly, there is an ornate privilege mechanism which would usually stop you creating or writing to files without provisioning keys specific to that particular smartcard. Also smartcards generally have only a tiny amount of unused storage, of the order of 2-4kB.
SI is great if you have to do any conversions between units as you do in engineering, but in daily life we don't do that. I don't need to know the mass of five pints of beer in pounds, or to determine how much its temperature will rise in Fahrenheit if I apply 5BTU of heat. It's a pint: all I need to know is how much it costs.
Successive HTML versions are almost entirely supersets of the earlier versions, and if you are writing a simple page, you may have no reason to use the more advanced facilities of the later versions. So are the server test pages I put up last week obsolete HTML 2.0 because I use nothing more advanced than posting to a CGI script? Surely not: this has nothing to tell us about information loss and is unrelated to any discussion of old word processor file formats.
The idea is not bad, but there's no way I'd give my credit card number to Google. I'm not worried about false charges (well actually I would be worried, given their lack of customer care services, and that you'd probably have to give then "continuous payment authority" which is a devil to cancel). No, the problem is that they will immediately do the same thing as in the web space: use that number to track a unique and identified purchaser and build a profile. They would probably offer some service analagous to Google Analytics as well whereby third parties would send information about credit card transactions to them for analysis. No thanks, I have no wish to live in a goldfish bowl.
Perhaps I'm missing something, but I couldn't find a way to add a generic IMAP account into the TIFKAM email app which came with WinRT on the Samsung device I've being looking at. I don't have it with me at the moment, but from memory I thought you could only add in accounts from one or two providers like Google.
I don't allow my personal information on to cloud services, with the exception of Kindle reading position sync. I don't sync photos, I don't use Siri, I don't use cloud document storage. Facebook is the last company I want anything to do with. I'm quite concerned that the "off switches" for some of these activites will disappear.
SMS is a reasonably secure transport, but it relies on the handset being trustworthy. In the past two important phones (Nokia 6210i and Ericsson T610, I think) had Bluetooth bugs such that it was possible to pair with them without authentication, then read and delete an SMS without the user's knowledge. These days there may be other vulnerabilities introduced by Smartphones with malware installed, which could allow receiving and manipulating SMS from a distance.
I don't want to give the impression that SMS authentication is a bad method: it isn't, particularly if it is part of two-factor authentication. However as with most methods, it cannot be seen as a silver bullet.
Theoretically, block-level dedupe could be useful for individual users for backing up things like Outlook PST files - large files for which small areas change, perhaps on a daily basis. And before anyone jumps down my throat with "PST files are eeevil! Do the backups on the server!", I'm not necessarily talking about an enterprise environment.
Thinking as a user rather than an IT manager: how far would you trust it? Often the reason that users keep their own copy of documents is because they don't trust that central copies will remain present and unchanged. I suspect that this technology has the unintended side effect of users moving stuff into local storage. I've seen this happen with centralised automatic email archiving.
So, may we assume that he is also in favour of abolishing those outmoded and confusing measures, the minute, hour, day and week? As for the month - may Delors forbid - it isn't even of a consistent size!
So, let us change to the orderly, rationale and above all, easily understood metric system: the kilosecond, megasecond and gigasecond. Any right-thinking person will agree that this makes sense!
'b' is a simplified version of 'a' without the orthogonal frequency division multiplexing (and at a different wavelength). 'b' didn't need as much processor power, hence it was more popular in the early days, but 'a' has good support on Macs and enterprisey PCs. It's useful in offices because the greater number of channels and shorter range means you can cram access points closer together and support more simultaneous users. I used it at home for several years: all of my kit supported it, other than an iPhone, so compatibility really isn't that big an issue.
'g' was an update of 'b' with OFDM: an improvement, but still not as fast as 'a' and you still had to work with one of three congested channels. So prior to 'n' being widely available, 'a' could be a pretty sensible choice.
As someone has noted, the amount of traffic snorted would be inadequate to break WEP or WPA passwords, and it would be unwise of Google to acquire or use that information. However it would be enough to gather the MAC addresses of any devices using the WiFi networks, as opposed to just identifying the WiFi access point by SSID or MAC address.
This makes much more sense: having identified a laptop or handheld's MAC address in one site, Google can then recognise it if it crops up elsewhere. This will be particularly valuable in the IPv6 world, as in one mode of deployment, the IPv6 address of a device is directly related to its MAC address. It can also be useful in some other circumstances, e.g. when using a public WiFi hotspot if Google has made arrangements with the network owner to acquire this information (or is the owner of the network).
In other words, I think that Google is laying the ground work to use MAC address as a supercookie, associated with your home address, whether or not you are registered with Google as a user.
> What about the 1st amendment?
Remember that: a) current US courts hold that while the protections of the US constitution do not apply to non-citizens, or outside its borders, their laws do apply outside the borders (e.g. a ban on on-line gambling for US citizens resulted in people running such operations external to the borders being prosecuted); b) the US has shown itself willing to use the current assymmetric extradition treaties to haul people within its borders for prosecution.
> how does the style compare?
"Screwtape Letters" is aimed at fairly practical advice for a Christian. The trilogy is more speculative. The premise is that Mars and the Moon are older cultures than Earth, and Venus is a new creation. The Moon became entirely corrupted and dehumanised. If I remember correctly there had been war in which Mars was badly damaged. The lunar culture is bent on corrupting Earth (a major theme in That Hideous Strength, the third book). In the second, the protagonist is taken to Venus, which is at the stage of the garden of Eden, where the equivalents of Adam and Eve are confronting temptation - the question he is addressing is whether the fall of man was inevitable.
Anyone expecting hard sci-fi will be disappointed - that's not the point of the books, any more than it is of something like "The Dispossessed". Rather he is using a larger stage to examine some questions which can't be addressed purely on Earth. I liked the books a lot, but they assume the Christian religious view in the same way as other books assume advanced technology. I'm not sure how much a non-Christian would get out of them, but as I say, I liked them.
As Daf L says, they could have accomplished this for their own users by putting their own root cert on their user's machines. This suggests that they wanted to intercept something other than their employees' communication. Suppose a visitor from a customer or supplier is on site, and is invited to use their WiFi hotspot: very common these days. They would be in a good position to intercept email.
Can anyone who is familiar with the standard comment on how DNSSEC will interact with using alternative DNS providers and non-US-based registries? It would seem to me that the registries are a soft target if they sign DNS records for black-listed domains or customers, since their own certificates can be repudiated.
So - the test is to correctly diagnose 30 diseases from 15 feet? No problem. Just fire hypodermic dart containing the appropriate micro-organisms at the test subject, then light up the "he's got it" light.
For an extra million I'll throw in the "He's dead, Jim" facility, for which users will require a firearms licence.
> If the default admin password hasn't been changed on the Router (common on most) then the attacker will next change the DNS server your router uses. Then all your computers are vulnerable to Man-in-the-middle attacks even on HTTPS
No. HTTPS will then give a browser error message because either the signature on the MITM site certificate will have the wrong CN, or the signing chain will be wrong. SSL was designed with the assumption that DNS spoofing would be used as an attack.
Of course the users might ignore the error message, or the certification authority might have been hacked (see Reg passim), but that's not what you are talking about.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
