Posts by Temmokan

Looks like "Week without disaster is a week spent in vain" is a motto of those supporting/developing Windows 10.

Oh, those kinds are very funny.

They/he/she/it/whatever are blackmailing my technical email forwarder with similar crap for at least 4 weeks.

First, they found a stale leaked password database and stated they have "password for me account" (go on, hackers, try logging in under email forwarder address). Then they stated they "hacked that account half a year ago" and infected "my device" with super malware, re-sending its owner all the new passwords I try to use. Woe unto me, I'm pwned...

With every message the "hacker" gets so increasingly ridiculous, I am just tempted to send them 0.01$ worth of bitcoin with comment "you can do better".

But no, I won't. I am just too lazy to waste both time and money...

Oh yes, usual universal answer, "nobody uses that, so why we care".

The actual reason was already mentioned - RSS/Atom/other syndications would allow getting data without actually visiting tracking/ads-stuffed sites. So why those Googles-Schmoogles let that exist?

Xattrs and the rest

It wasn't told (some of commenter in that thread) that the reason for excluding other filesystem was the lack of extended attributes (but most of FS in use do support Xattr). So the reasoning behind the announced change is lame.

Also, on Linux systems, the client auto-upgrading feature requires that /tmp be miunted without "noexec". Otherwise it begins to repeat downloading new version again and again, failing at execution step. It took several weeks of exchanging messages with Dropbox support, before I found the problem myself (and no solution, save disabling "noexec").

Personally, I encrypt whatever is stored on Dropbox, so even if they leak those files of mine, it's not that dramatic. But I assume many a people don't bother with that.

The spy that is detected is a dead spy.

Either Microsoft is spreading, so to day, incorrect information, or they are just trying to impress everyone with their security efficiency.

I don't buy it. Especially if GRU could indeed be involved (there are no fools in such agencies).

One more to bite the dust...

It's hard to believe the Microsoft won't pollute and befoul GitHub as well, but let's see.

So we remove the lamps...

...and then we will try to guess why it's pitch black now.

I wonder, why the legal dept.'s staff at twitter didn't think all that about *before* actually initiating the transition? If those Twitter lawyers figured everything out *after* the Smyte has been assimilated, the best those lawyers can do is to retire (but not before they pay to Smyte users for the damage inflicted).

So once again there was no scrupulous studying the mentioned encryption/protection before pushing it into production...

Oh yes, evidence

If the "evidence" of Russian "cyber-warfare" is of the same type as "evidence" of Russia involvement into Skripal poisoning, then that evidence is as valuable as cheapest toilet paper. And worth the same manner of usage, too. The above comments from the person who really knows organic chemistry are a good illustration.

One more thing is obvious - too few people regard the mass media even with little skepticism...

The statements are somewhat imprecise.

The 'local data storage policy' most probably refers to Federal Law 152 ("On personal data"), which requires any entity processing personal data of Russian citizens to keep the primary DB containing those data on Russian territory.

The above requirement is absurd from viewpoint of any right-minded IT specialist; if the law is enforced, the absolute majority of Internet services will face a choice of either keeping Russian citizens data in Russia, or simply stopping servicing Russian citizens. The latter is most probable, since the actual goal of that requirement is allowing government services simpler access to anyone's personal data.

It should also be noted that the above restrictive and isolationist laws have been written by people having no real understanding how Internet and networking in general work; hence such laws that will not benefit anyone but those lawmakers and those lobbying such laws. So the above "Internet muscles play" doesn't reflect the opinions and/or needs of actual IT experts from Russia and majority of Internet users.

Looks like the only minor obstacle is creating a warp drive/whatever else with FTL capability and actually start studying those remote worlds.

So we saw a simple scheme to disrupt multiple npm applications in a wink of an eye - copy widely used package's README, post dubious-looking package and voila, all the javascripters are pulling hairs out of their rear ends.

I wonder, do people managing npm ever tested such a scenario before (a rhetoric question)?

Looks like they would never do, until another incident strikes.

Of course they will deny

Regardless of findings are, Intel will deny the above as fundamental design flaws. I doubt Intel will be punished with more than formal spanking, but even admitting the design had flaws means Intel's chips designers either completely ignored possible security considerations, or did not bother to look for possible security implications at all. If the same designers will fix the vulnerabilities, as Intel promises, guess what will can happen.

Congratulations, Intel. Since the notorious FDIV bug this "spectral speculative meltdown" is much more impressive example of epic fail.

I suppose no one from IT experts now has an illusion that Intel cares a bit about security.

Tried that on a "sandbox" computer. Funny, but first notice I saw when FF 57 started for the first time, was its turtle warning: "Mozilla Firefox seems slow... to... start".

So much for super-duperfast Quantum. And I only had DuckDuckGo add-on enabled.

Not impressed, really. I get tired of endless UI changes, and that mad race (who will post more major updates - Google Chrom or Mozilla) is really dull. I remember the time when major version change in Firefox was a really major change.

Now every major version upgrade can be described as "we fixed a lot of bugs - most of which we introduced ourselves recently - and yes, we add new bells and whistles to replace old ones - aren't we great?"

And yes, not all the add-ons I expected to see have released at least Beta version of their Web Extension incarnation. And some are totally screwed while doing so (e.g., Xmarks).

Something tells me I get FF 57 on sandbox computers for some time, until I make sure it is good to use.

I also will use a separate Mozilla ID to set up sync - for those computers where I risked running FF 57.

In short: yet another "major release", again with fife and drums, but with greater disasters involved.

As for "never"... Samsung did absolutely nothing when BlueBorne was revealed... and I am sure they will ignore KRACK, too.

A truly Zen approach, methinks. or perhaps, Samsung simply thinks that all unhappy owners of affected devices will just buy new ones. That simple.

Wikipedia isn't actually blocked

Wikipedia isn't actually blocked from Russian networks. Perhaps only certain pages are, the majority of Wikipedia sites are available without any restrictions.

However, a number of sites, such as LinkedIn, are blocked due to many reasons, most of which are very moot.

RBN isn't the Russia

RBN isn't the Russia and crime has no nationality. I would suggest addressing this given 'gray' ISP, RBN, without using it as a synonym for Russia.