* Posts by Remy Redert

473 posts • joined 2 Mar 2007

Page:

Secret mic in Nest gear wasn't supposed to be a secret, says Google, we just forgot to tell anyone

Remy Redert

Re: Don't be........

I recall a 2010 article detailing that slurping WIFI data was EXACTLY what Google did. They did not try to decrypt or crack the encryption on anything, but they did store anything that came over the air unencrypted while their cars drove by.

https://www.theregister.co.uk/2010/05/14/google_street_view_cars_were_collecting_payload_data_from_wifi_networks/

Techie in need of a doorstop picks up 'chunk of metal' – only to find out it's rather pricey

Remy Redert

Probably didn't bother checking it because it was a matchbox? Too small to stuff anything dangerous or particularly illegal in.

Remy Redert

Re: I cant imagine a sphere would make a good door stop full stop.

It's gold. If you need it to be a doorstop, it's easy enough to deform a hollow sphere of gold to the point where it won't roll.

Mind you, it would in this case as already noted probably be 2 hemi-spheres, either of which would make a fine doorstop.

German competition watchdog tells Facebook to stop combining user data without consent

Remy Redert

Re: Non facebook users

They have some valid uses for keeping hold of IP addresses, at least for a while, in terms of abuse prevention. But using them for marketing purposes would require explicit informed consent, lack of which should not prevent people from using the website.

As for the Cookie directive, they must inform you that they are using cookies. Consent is only required for cookies that are not required for basic functionality. So a cookie to track your activity in order to keep you logged in or in order to keep a shopping basket or some preferences does not require consent. A cookie to track you for marketing purposes does.

GDPR is the answer to your final paragraph. It works on the basis of very broadly specified private information and doesn't care how that information is collected, only if it is and under what legal basis.

London's Met police confess: We made just one successful collar in latest facial recog trial

Remy Redert

Re: *just* one successful arrest?

The real question is how many people did the system flag as being wanted when they weren't? If the false positive rate is very low, then a high false negative rate can be forgiven in a system like this. If the false positive rate is high, it's worse than worthless.

Sysadmin's three-line 'annoyance-buster' busts painstakingly crafted, crucial policy

Remy Redert

Re: Great system...

Depends on how prone to configuration errors you want to be. The error-free way is to load the default first always, then check for a system specific configuration and load that over the top, then check for a user specific configuration and load that.

That way, anything that wasn't specifically modified by the system or user configurations will use the default and the user only has to configure those things he cares about.

Alternatively, you load the user configuration if it exists, the system configuration is the user configuration doesn't exist and a system one does and the default only if neither of the previous exists.

Ad-tech industry: GDPR complaint is like holding road builders to account for traffic violations

Remy Redert

Re: A pox on all advertisers.

The law says you can't have that information, so any information you already have is now illegal.

Remy Redert

Re: Collective Authority

It's individual competitions. Lose any of them and pay through the nose for it.

Florida man's deadliest catch forces police to evacuate Taco Bell

Remy Redert

Re: Idiot

If it had just pulled the pin, the grenade would have detonated underwater and he wouldn't have been bothered at all.

The real risk there is having the pin trapped and pulling up just the grenade, because then you risk the thing going off before you drop it back into the water.

Remy Redert

Re: Candidate failed

Incorrect. Survivors are only eligible for an honourable mention or at-risk survivor if they failed to remove themselves from the gene pool. The living Darwin Award is for those who eliminate themselves from the gene pool and survive to tell the tale.

Core blimey... When is an AMD CPU core not a CPU core? It's now up to a jury of 12 to decide

Remy Redert

Re: /proc/cpuinfo Never Lies (or does it?)

No, we changed the definition after we moved from 66mhz 486 to the early Pentium and equivalent AMD designs that no longer offered an FPU or not choice because they simply always had an FPU.

Remy Redert

Re: I was under the impression...

Shared L2 cache? Sure. Not L1 cache and certainly not the FPU. Both are vital to performance. 16kb of dedicated L1 cache per core is stupidly small.

Memory controllers vary a little more, but can generally be shared across multiple cores without much of a performance hit. More importantly, they have been shared since the dawn of the multi-core CPU era.

This lawsuit, if it goes to jury trial, is going to have to establish the basic per-core features that need to be present on a CPU and in doing so, will probably look at competing CPU designs of that time to decide that.

Remy Redert

Definitions change over time. For the past 2 decades it's been a given that a CPU includes an FPU because other than the issue with Bulldozer, all of them did.

Wow, fancy that. Web ad giant Google to block ad-blockers in Chrome. For safety, apparently

Remy Redert

Re: Go for it, Google!

Opera is Chromium. If this change gets pushed, they're dead in the water too. Firefox and Safari should still work though.

French data watchdog dishes out largest GDPR fine yet: Google ordered to hand over €50m

Remy Redert

If the cookies are required for website functionality rather than tracking, they're still required by the Cookie law to notify you about them but they're not required by GDPR to give you any choice in the matter. It is entirely possible that they're still doing bad things but it's not necessarily so.

Remy Redert

Re: ...fast forward 5 years of legal back-and-forth appeals....

It does not because this particular complaint didn't complain about that part. AFAIK other complaints over that are already working their respective ways through the legal systems.

Holy crappuccino. There's a latte trouble brewing... Bio-boffins reckon 60%+ of coffee species may be doomed

Remy Redert

Re: Umm... nope.

The problem is that is not just getting 1 or 2 degrees warmer, is getting 5 to 10 degrees warmer and 3 to 7 degrees colder. The maximum, minimum and the variance there in is changing far more than the average increase suggests.

And it's that variability that is liable to kill a lot of got climate species.

FCC's answer to scandal of AT&T, Sprint, T-Mobile US selling people's location data: Burying its head in the ground

Remy Redert

Re: You don't understand how it works

Both. They had considerably more assets than normal people tend to ever have, however they were also up to their ears in debt, as most of those assets couldn't be easily converted to useable money and they were spending more money than they had coming in.

Come mobile users, gather round and learn how to add up

Remy Redert

Re: Itchy Chin

It says the text in the banner was 2+2= and the script was used to calculate the answer. It doesn't tell us anything about how the script did this

Dozens of .gov HTTPS certs expire, webpages offline, FBI on ice, IT security slows... Yup, it's day 20 of Trump's govt shutdown

Remy Redert

Like the masses of TSA employees that called in sick or quit because they can't afford to not get paid for even 1 month?

Senator Wyden goes ballistic after US telcos caught selling people's location data yet again

Remy Redert

Re: FCC and FTC are totally unreliable to regulate industry

Major Euro ISPs absolutely are doing basic monitoring of their e-mail services to protect against them being used for spam. Major Euro ISPs are not doing monitoring of port 25 in general because it's not required. If a specific customer of an ISP is spamming Comcast, Comcast should block that IP and contact the ISP's abuse department.

Jeep hacking lawsuit shifts into gear for trial after US Supremes refuse to hit the brakes

Remy Redert

Re: So...

I don't know about this particular case, but in other cases it's been the DAB+ radio (max range for a hack of a few dozen km, provided a legal transmitter power is used) that was responsible for the initial hole.

How about manufacturers simply go about not putting important vehicle functions like engine, brake and lock controls on the same physical network as things that have no business interacting with those controls, like radios, heaters, Bluetooth handsfree phone systems, etc.

Excuse me, sir. You can't store your things there. Those 7 gigabytes are reserved for Windows 10

Remy Redert

It's unreasonable for a vendor software update that you can't avoid to break anything.

Remy Redert

You can no longer set your user storage folders to any other drive. Microsoft decided it was a bad idea to let users do that after one of their patches broke any machines with the user storage folder on a different partition.

You can change where programs install, but you can't change the default /program file/ directory (any more). AFAIK you can still move the paging and hibernation files. For now.

And of course, all of these were 'advanced user options' rather than 'shit we should check for by default'.

Microsoft's 2018, part 2: Azure data centres heat up and Windows 10? It burns! It burns!

Remy Redert

Re: ... and people ask me why I use Linux exclusively

Taken as a whole they might not seem like a big deal, but if you're the guy who relies on his computer for his livelyhood and Microsoft decides you should take the day (or several days) off by releasing a broken update and making it impossible for you to do any work, the costs can run into the thousands quite easily. And of course Microsoft's not taking responsibility for those costs.

I block all adverts because advertisers and websites don't take responsibility for the crud they send out. I block Windows updates because Microsoft doesn't take responsibility for the crud they send out. In the days before Win10, that simply meant turning off auto-update and waiting a few days after a patch Tuesday to see if there were any cries of broken shit and to check if any those cries might affect me before running the update. In the Win10 days, that means blocking all Microsoft domains at the router/firewall.

American bloke hauls US govt into court after border cops 'cuffed him, demanded he unlock his phone at airport'

Remy Redert

Re: Factory Reset Your Phone

You are not legally obligated to give the US border guard any of that information. If you are not a US citizen, they are not obligated to let you into the US if you don't.

Also, our consumer authority investigated second hand smart phones 2 years back and found that most phone's factory reset doesn't clean up the data properly and the vast majority of it can be retrieved with simple tools. Only if the phone's drive is encrypted beforehand does a factory reset reliably make the data unreadable.

Windows 10 can carry on slurping even when you're sure you yelled STOP!

Remy Redert

Re: In what is likely to be more cock-up than conspiracy,

Mostly because recent events have shown that if Microsoft wanted to do this on purpose they'd probably cock it up and turn off telemetry entirely.

Awkward... Revealed Facebook emails show plans for data slurping, selling access to addicts' info, crafty PR spinning

Remy Redert

If he could access the data in any reasonable manner (ie, encrypted on his laptop, accessed through secure storage, etc.), parliament could require him to give it up. So the only way they wouldn't have been able to get him to give it up is if he didn't have access to the files at all.

He could claim only hard copies exist and he's not carrying any, but then parliament could simply detain him until such time as he produces copies for them, through his lawyer or what not. And of course, he doesn't exactly have any reason to resist an order like this.

Windows 10 or Cisco Advanced Malware Protection: Pick one

Remy Redert

Quite, but how does that translate into being unable to save Office files, the bug caused by this system?

Seems like Microsoft might be hooking their fingers into some undocumented system calls themselves and getting thwarted by a malware protection scheme that's determined said 'features' are exploits waiting to happen so proactively stop anything using them.

STIBP, collaborate and listen: Linus floats Linux kernel that 'fixes' Intel CPUs' Spectre slowdown

Remy Redert

Re: OK Assumption bussting time

Don't forget that a big part of the slowdown with the patch is down to hyperthreading being a terrible idea in general. Disable hyperthreading (which doesn't help much performance much if any for most workloads) and lose most of the performance hit associated with the mitigation patch.

US told to quit sharing data with human rights-violating surveillance regime. Which one, you ask? That'd be the UK

Remy Redert

Re: I am confused

Sure you are. Your government recognizes the ICC and should it come to pass that the ICC finds that crimes were committed, will most likely cooperate in ensuring that at least those directly responsible are punished.

Meanwhile the US has threatened to ex-filtrate by force any US troops charged and arrested for war crimes by the ICC.

Boeing 737 pilots battled confused safety system that plunged aircraft to their deaths – black box

Remy Redert

Re: Hey software, get the fuck out of the way!

That was an Airbus and the software reacted correctly. It decided that the airspeed information it was getting from the various sensors was conflicting, so it switched from normal law (where it controls the airplane and the pilots are allowed to tell it where to go) to alternate law 2 (aka "I don't know any more, you're up pilots").

The pilots then proceeded to over-correct for a slight roll caused by the autopilot switching off, pulled the nose up, got a brief stall warning when the angle of attack sensors indicated something was up and then proceeded to put the plane into a stall so deep the computer considered the measurements of the alpha sensors to be impossible, so it did nothing and assumed the pilots were doing the right thing.

The software (and software designers) in this case did everything right and the pilots proceeded to crash the plane. Had the system switched back to normal law when the airspeed readings came back (about a minute after the failure, but before the stall), the airplane would never have stalled. But because of safety reasons, the pilots would have had to switch the plane back into normal mode themselves once they verified the problem that triggered the switch had been resolved.

Remy Redert

Re: Question

Probably didn't realize it was the problem or didn't know how to disable it. This situation escalated rapidly and never should have happened. Proper design dictates multiple sensors, multiple systems and if they disagree, hand off to the pilot and let them know their safety system isn't working any more.

Remy Redert

Re: Hey software, get the fuck out of the way!

But this wasn't the software's fault. It never is. It was the designer who allowed a single faulty sensor to put the software into a dangerous state. This is an aircraft control system and it should have existed at least in duplicate, with multiple separate sensor inputs to insure that the system is always right and that if a situation ever comes to pass where it cannot be certain it is right, then it will cede control completely to the pilots

In news that will shock absolutely no one, America's cellphone networks throttle vids, strangle rival Skype

Remy Redert

Re: If only

The solution to peer to peer NAT and firewall traversal others use is to connect both sides to a mediation server so that they can more or less simultaneously open connections to each other. While this isn't 100% reliable, it works most of the time and for the few times it still doesn't work, you already have a mediation server to act as a go between.

Sure, Europe. Here's our Android suite without Search, Chrome apps. Now pay the Google tax

Remy Redert

Re: Or the fourth option...

You mean the Google apps, which is what they license. Android itself is a combination of a patched Linux kernel and a bunch of stuff attached to that. Google does not own the license for most of that and playing games by restricting those licenses by location might result in things like contributors pulling their code on short notice and leaving core Android dead in the water.

So regardless of what Googles decides, Android phones wouldn't be going away, they'd just stop being Googly all of a sudden.

Microsoft has signed up to the Open Invention Network. We repeat. Microsoft has signed up to the OIN

Remy Redert

Re: Android?

There are no valid software patents, so yeah, extortion.

Microsoft's Jet crash: Zero-day flaw drops after deadline passes

Remy Redert

Because that local file can be downloaded and opened by executing javascript. In fact, that seems to be the preferred method, since the target Jet needs to be 32-bit and a lot of people are still using 32-bit browsers, which will call the 32-bit Jet to handle a Jet file it's been tricked into executing.

The mitigation is to run only 64-bit applications and to not execute Javascript from untrusted sources.

Remy Redert

No database engine exploits on databases that are installed with the OS and can't be removed, no.

Flying to Mars will be so rad, dude: Year-long trip may dump 60% lifetime dose of radiation on you

Remy Redert

Re: Six months?????

If only there was a way to use that reaction mass an order of magnitude more efficiently, for example by using a nuclear thermal rocket or an electric plasma drive using a nuclear reactor for power.

You would still want a pretty big ship to make it fast and to carry a lot of provisions, but you'd have a lot less reaction mass to haul around.

Chap asks Facebook for data on his web activity, Facebook says no, now watchdog's on the case

Remy Redert

It does matter if they can't prove informed consent was present when they gathered this data. Of course that's separate to his request for all the data they have on him.

Get all the information they have, then sure then for the data they have because you never have consent.

Just how rigged is America's broadband world? A deep dive into one US city reveals all

Remy Redert

Re: Finally!

You don't even need to go that far. Make it a federal crime to file false reports on this (Oh wait, it probably already is) and then go around doing spot checks all over the country to enforce it. Go to one of those nice ISP websites and check if broadband from them is available at 'your' address by filling in random addresses in the regions those ISPs claim they are available.

Then go around some of those places, knock on doors or make appointments to come by and test their actual connection speed.

After a few billion dollar fines and some execs jailed for this bullshit, the situation will rectify itself. Good luck getting the government to go that far though.

Use Debian? Want Intel's latest CPU patch? Small print sparks big problem

Remy Redert

EULAs in general are unenforceable in the Netherlands, since our courts decided that they don't meet the requirements for a contract.

That is to say, pretty much all EULAs are not shown prior to purchase and they are never negotiated or biased in favour of the customer.

Bitcoin backer sues AT&T for $240m over stolen cryptocurrency

Remy Redert

Pretty much this. If I want a new SIM, I have to go the provider's store, show my ID and then they will send me a text message with a code. If I have a working phone with that number I can obviously enter the code immediately in the store to unlock the SIM to be programmed to my number and can then immediately activate and use that SIM.

If I do not have a working phone with that number, the text is still sent and I have to wait 24 hours before corporate will make the SIM and send it to my registered home address. Of course if someone else tries to get a SIM for my number, they'll need an ID that matches mine for the computer to accept it and they'll need that text or a way to intercept or redirect my mail.

That's a lot of work for something that I'm liable to notice and put an end to as soon as you try to use it.

Dropbox plans to drop encrypted Linux filesystems in November

Remy Redert

Re: Er wait...

Pretty much this. I mostly use Dropbox to keep a replica of my various character sheets and game notes. Because I've learned that lesson the hard way. Pretty much everything else is either easily replaceable (all the software, PDFs, etc.) or sensitive and so only backed up locally. And for this purpose, Dropbox is great since it means I can go up to any PC anywhere and be ready to play or run an RPG within 30 minutes, with all of my character sheets, notes, etc. intact.

Top Euro court: No, you can't steal images from other websites (too bad a school had to be sued to confirm this little fact)

Remy Redert

If you can't find the copyright holder, you can't get permission. I agree that there should be some central copyright database to help people find copyright holders for content they found elsewhere and want to use, but the copyright conventions prohibit such a thing from being mandatory since Copyright is automatic, no registration is required for your work to be protected.

Remy Redert

Re: New internet standard...

DRM has been tried in the past. It never works. If I can display the picture on my screen, I can copy it. If I can play your song over my speakers, I can copy it. If I can play your video on my screen, I can copy it.

What can be done and should be made illegal to remove, is placing that information into the EXIF as is already done by many photographers. Unfortunately a lot of websites routinely strip that information and for average joe, that information is usually not readily available.

Remy Redert

Re: Prepare for...

But the kid's project was fine. That IS covered by educational uses. The problem was the school then posting the project on their website and thus reproducing the image for uses that were not strictly for education.

Grad sends warning to manager: Be nice to our kit and it'll be nice to you

Remy Redert

Re: I dunno...

My parents are inevitably having issues with the printer. I never have issues with the printer and if I walk downstairs to check on their issues, problems disappear into the aether.

Doctor, doctor, I feel like my IoT-enabled vacuum cleaner is spying on me

Remy Redert

Re: IoT foolishness

How else will it download updates over the air to protect it from hackers?

Page:

Biting the hand that feeds IT © 1998–2019