* Posts by Paul Crawford

3857 posts • joined 15 Mar 2007

Hot on heels of 2.0, Vivaldi 2.2 adds tab session management among other goodies

Paul Crawford Silver badge

Another quick question

Can you properly stop auto-play videos from EVER starting with out an explicit user action?

You know the shitty sort of thing now embedded in HTML5 pages to push adverts or just pointless additions to news pages (which is annoying waste of bandwidth if you don't have sound on the machine or are not in a position to use it).

That would make it superior to Firefox that seems to be doing its best to piss of users by breaking useful add-ons, and dumbing things down to look like chrome.

Super Micro says audit found no trace of Chinese spy chips on its boards

Paul Crawford Silver badge

@Jeffrey Nonken

He is not, because I am...

Paul Crawford Silver badge

Re: Again, why bother

Yes, and bugger-all security or patching for most ILOM systems...

Paul Crawford Silver badge
Gimp

Re: a "special" hole in your pants

I pay extra for those!

Supernovae may explain mass extinctions of marine animals 2.6 million years ago

Paul Crawford Silver badge

Re: Who told them?

They did not have Dark Star to clean things up.

Britain approved £2.5m of snooping kit exports to thoroughly snuggly regime in Saudi Arabia

Paul Crawford Silver badge

Almost. Saudi Arabia is ruled by the (extended) royal family but mostly they assume power by virtue of religion, given they have Mecca and so much that is valued by Muslims. Not that it means much in terms of protection of historical value:

https://en.wikipedia.org/wiki/Destruction_of_early_Islamic_heritage_sites_in_Saudi_Arabia

(Just to add that I have little religious interest, but see the destruction or re-writing of history as an unforgivable crime against our descendants)

Bulk surveillance is always bad, say human rights orgs appealing against top Euro court

Paul Crawford Silver badge

Re: there is an absolute right to privacy, which there isn't

First, let's include commercial spying, aka data harvesting, in the mix. What "right to privacy" applies to NSA and GCHQ that does not apply to Facebook and Google?

It should apply to both, but equally FB/Google don't have the powers to alter your life like gov agencies do.

Next there is the POPD - Plain Old Physical Domain. What "right to privacy" does online trawling breach, that a telescope on a pier above a crowded beach does not?

That is pretty much targeted - one beach, and a given time-window when you might expect something is going to happen. The police, etc, have been doing that sort of thing for decades and most folk see it as a perfectly reasonable balance between privacy and crime prevention.

Bulk surveillance is recording every beach, all the time, and then being able to do a search at some point for where you have been. See the difference?

Thanks to UK peers, coming to a laptop near you in 2019: Age checks for online smut

Paul Crawford Silver badge

Re: There appears to be an assumption

I really doubt it. If you look at the stats for under-age pregnancy in the UK, which one might think would be correlated to badly planned sexual behaviour, it has dropped slightly in the last 20 years while the availability of pr0n (and associated moral hand-wringing) has rocketed.

So bugger-all in the way of evidence-based policies here.

Qualcomm axes staff, winds down data center processor efforts ... while China takes the blueprints and runs

Paul Crawford Silver badge

Re: CPU Back Doors For National Snooping...

Would you trust the Intel random number generation instruction?

Would you trust there are not already undocumented op-codes, even hidden in plain sight such as said random value, that recover part or all of previously used AES instruction's keys in some obfuscated form?

Peak tech! Bacon vending machine signals apex of human invention

Paul Crawford Silver badge

Re: The best bacon

I agree almost 100% - but would go with smoked every time.

And the next 7nm laptop processor will be designed by In, er, AM, um, Qualcomm: The 64-bit Arm Snapdragon 8CX

Paul Crawford Silver badge
Gimp

CX

Or the iconic Citroen of the mid 1970s?

I prefer the Citroen SM myself =>

It's nearly 2019, and your network can get pwned through an oscilloscope

Paul Crawford Silver badge

Re: FFS

Really, if you have someone on the inside of your network then messing with a scope is not going to be the most productive way of causing chaos, not by a long chalk.

Paul Crawford Silver badge

Re: Bigger problems here?

Lets face it, your development lab should be pretty much fire-walled off (or even air-gapped) from the rest of the world anyway as you have no idea what will be on it. Not necessarily malicious, but while developing products and messing about there is a very high chance of dumb shit happening and you don't want that leaking (or even as simple as IP address conflicts).

Sorry, we haven't ACLU what happened in sealed 'Facebook decryption' case, but let's find out

Paul Crawford Silver badge

Re: @tfb Gendered Connectors

Earth pins (in the socket) are just weird--anyone care to hypothesise (or explain) why they were invented?

No idea, but two thoughts are:

1) It was an after-thought added to an existing design when folk realised how much safer earthed systems are.

2) It prevented the mating of a non-earthed plug to force upgrading to match the infrastructure (where as a 3rd hole would not).

Paul Crawford Silver badge

Re: gender benders

Can't just swap pins for holes without changing the wiring

You can on a coaxial connector.

Forget DeepFakes. This robo-Rembrandt with AI for brains is not bad at knocking off paintings

Paul Crawford Silver badge

Re: robo-Rembrant [sic]

And you would not believe what Hieronymus Bosch will do to your ass. Getting medieval is only the start...

Tape vendors feel the cold, clammy hand of AWS on their shoulders. Behind them grins the Glacier Deep Archive

Paul Crawford Silver badge

Re: Retrieval time

And said time also depends on your bandwidth and the volume of data to be restored. Unless you are just re-populating an AWS instance, of course.

Sacked NCC Group grad trainee emailed 300 coworkers about Kali Linux VM 'playing up'

Paul Crawford Silver badge
Gimp

Re: Probably sits at home...

Mind probes? That is not the sort of probing I suffer from at home =>

Boeing 737 pilots battled confused safety system that plunged aircraft to their deaths – black box

Paul Crawford Silver badge

I think it was the opposite - the pilots *assumed* the plane anti-stall would stop it stalling, but below a certain hight it disengages as it *assumed* they would only fly that low in an attempt to land.

Blighty: We spent £1bn on Galileo and all we got was this lousy T-shirt

Paul Crawford Silver badge
Facepalm

"Brit taxpayers had shovelled £1bn into the programme from which they would now be locked out due to rules we insisted on and which we then decided to become non-compliant with"

Fixed his statement for him...

It is sad and stupid, and the loss of privileged access to Galileo is also sad and stupid but entirely predictable.

Bordeaux-no! Wine guzzling at UK.gov events rises 20%

Paul Crawford Silver badge

Re: Chef!

Some of the English fizz is actually very good, and at a recent blind-compare Champaign versus sparkling wine tasting I was at they were pretty much on a par according to most of those present. As always, chose a wine based on two simple test results:

1) You like the taste.

2) You are prepared to pay the corresponding price.

Simplez!

Paul Crawford Silver badge
Pint

Valpolicella Allegrini

The Valpolicella Allegrini is actually a pretty decent wine, and they do a couple of others of note (I was at a tasting once where one of the Allegrini wine maker was present to show off her wines).

Feeling like I need this sized glass of wine today =>

Germany pushes router security rules, OpenWRT and CCC push back

Paul Crawford Silver badge

Re: "Support for open firmware is, arguably, a niche consideration at the moment"

Maybe if the gov mandated at least 5 years of security fixes after end-of-sale they might change their tunes on supported open software. Oh, and big GDPR-like fines if they don’t deliver just to encourage a bit of proper compliance.

Using a free VPN? Why not skip the middleman and just send your data to President Xi?

Paul Crawford Silver badge

Own VPN?

Setting up your own VPN might look like a great solution but it is not as clear cut. For a start you probably end up renting a "machine" somewhere for always-on connectivity and a fixed IP address which will cost more and/or also have the question of who has physical access to it.

Then you have the privacy issue that if its your own machine you have no plausible deniablity, whereas a shared VPN provider has many customers with the same apparent IP address. Finally you have the other reason that many folk use a VPN - to avoid geoblocking etc, and if you want the same you might need to set up hosted machines in a few countries at some cost and, again, the issue of trust in those.

So while you are putting a lot of trust in your VPN supplier you might still be better with a third party providing you take a bit of effort to select one that suits your use-case and are willing to pay for it as somehow every service has to be paid for...in money or in privacy.

Holy moley! The amp, kelvin and kilogram will never be the same again

Paul Crawford Silver badge

Re: yard/mile on our roads for some strange reason

Because of the extraordinary cost of changing all signs and then having to deal with most cars in the UK having mph as the only (or dominant) scale for a decade or two afterwards.

Facebook's CEO on his latest almighty Zuck-up: OK, we did try to smear critics, but I was too out-of-the-loop to know

Paul Crawford Silver badge

You are far too kind!

5.. 4.. 3.. 2.. 1... Runty-birds are go: 12,000+ internet-beaming mini-satellites OK'd by USA

Paul Crawford Silver badge

Re: mesh together

And hopefully in a low enough orbit that they burn up in ~5 years no matter what.

12k at launch, probably 2k unresponsive after 1-2 years and no active option to track them or to manoeuvre them..

Can your rival fix it as fast? turns out to be ten-million-dollar question for plucky support guy

Paul Crawford Silver badge

And free() doesn't

Unless you were Nelson Mandela

This just in: What? No, I can't believe it. The 2018 MacBook Air still a huge pain to have repaired

Paul Crawford Silver badge

Never seen on for real but you could give it a try - no worse a gamble the most. Also you can put your own distro on it as it uses relatively 'open' hardware so practically every Linux will have working drivers for all parts.

UK rail lines blocked by unexpected Windows dialog box

Paul Crawford Silver badge

Re: Um

Yes, like your data...

International politicos line up to get shot down by Facebook

Paul Crawford Silver badge

I would happily spend the next couple of years on a "MP answer tour" in exchange for a billion or so dollars...

Dell upping its margins again: Precision 5530 laptop will sting you for $13m. Yep, six zeroes

Paul Crawford Silver badge

Re: And that's ...

Got any pies to go with it?

Macs to Linux fans: Stop right there, Penguinista scum, that's not macOS. Go on, git outta here

Paul Crawford Silver badge

Re: However, we can report that Ubuntu runs an absolute treat on a Dell XPS.

In the USA Dell sell the "XPS Developer Edition" that comes with Ubuntu installed and a previous commentard said Linus uses one, so I guess they do check their chips & drivers all play nicely. In the UK they don't sell this specific version.

However Dell UK do offer various models with Ubuntu pre-installed from a cheap Inspiron to the XPS range.

Paul Crawford Silver badge

HP 2xx is the entry level stuff with very plastic-y feel

Is very true, but then I was looking for an almost disposable laptop for friends who kept trashing their own both logically (viruses, etc) and physically ("Oh, the screen is broken after I stood on it. Last two times I stood on it the screen was OK"). So a low cost model and Linux was one route. The other being a Chromebook but then you are ALWAYS slurped by Google.

Paul Crawford Silver badge

Indeed, either look for something liker one of the Linux friendly lot like Entroware, System76, Purism, etc, or others like Dell that dabble a bit. Or even a cheap HP and wipe the supplied OS.

Edited to add - search for "HP 255 G6 Laptop 3KX70ES" comes with FreeDOS and can be had for £210 (not very fancy hardware spec through).

Paul Crawford Silver badge

Re: SecureBoot Bites Again

it seems that Apple is first there

Not quite. Microsoft' ill-fated Windows RT tablets did not allow other OS to be booted, the requirement mentioned is only for x86-based machines.

Solid state of fear: Euro boffins bust open SSD, Bitlocker encryption (it's really, really dumb)

Paul Crawford Silver badge

Re: The issue is changing the password...

This is all about convincing the firmware in the disk itself that you are an authorized user to see the decrypted content of the data on the drive.

Basically this. In fact it is another example of a system storing the "password" in plain text. Really the SSD sector encryption key should never be stored in non-volatile memory, hence it should not be possible to simply bypass it by a firmware change. It should be generated on demand from the stored part and the user-supplied pass phrase.

If you need to change your pass-phrase then you decrypt using the old one, check its OK (e.g. CRC as part of the stored 'key') and then re-encrypt using the new pass phrase.

Paul Crawford Silver badge

Re: The issue is changing the password...

That is the usual argument for most data-at-rest encryption where you have a fixed random encryption value and your password simply protects that so a change of key is simple and fast as you don't have to decrypt and re-encrypt all of the data using the past and new keys.

But who would have assumed the same of a disk? I always assumed that your PC (e.g. BitLocker mentioned) would present some high entropy key to the disk and if you changed password that key would be unchanged, as would a software implementation of disk encryption. After all you don't really expect to have the SATA bus, etc, snooped upon during operations. If you do its kind of game over anyway...

Russia inches closer to launching a crew again while NASA waits for a delivery from Germany

Paul Crawford Silver badge

Re: send the Orion-ESM combo beyond the Moon to check it out

Its a real-world (or real-space) test doing what it is supposed to do, in the sort of sequence it is supposed to follow.

You would not drive a new design of car around the bock a couple of and then declare it fit to compete in a rally, would you?

Android fans get fat November security patch bundle – if the networks or mobe makers are kind enough to let 'em have it

Paul Crawford Silver badge
Gimp

Re: Yep my android updates last night

My phone saw one OS update after 6 months and none for years since. Yes, it gets play-store patches, but bugger-all from the manufacturer.

Bit of a Google fanboi? =>

Cyber-crooks think small biz is easy prey. Here's a simple checklist to avoid becoming an easy victim

Paul Crawford Silver badge

Re: Size matters

To some degree the main difference is a "larger" organisation will typically have some or all IT support in-house and as a result typically will have policies for networking, patching, backups, etc, that are planned around good practice.

I say "typically" as we regularly see the big boys being shafted and often due to lax practices...

But the SME lot usually have no real IT support internally, maybe some bod whose job it is to arrange support/purchase, etc. And as already pointed out, you get many differing categories of user and business with the vast majority being based around folk with no real computing expertise. And no, being able to use an excel macro is not computer expertise! Hence solutions of using differing software, OS, network segmentation, etc, that would be argued about by the legions of commentards means absolutely nothing to them.

Most of what is needed to get SME in to a safer area therefore requires such expertise and that means paying folk to help set up stuff, train staff, deal with incidents, etc. Sadly that is seen as a pointless expense by many until they get shafted.

UK and EU crawling towards post-Brexit data exchange deal – reports

Paul Crawford Silver badge

Re: I'm confused

What am I missing?

That post-Brexit we will be in a different legal position. Not just the loss of the "national security" get-out on slurping, but also that we might change our laws or interpretations as part of the Henry VIII bill being pushed through, and that we[*] have already stated we won't be bound by the European Court of Justice decisions.

So those on the other side will need to assess what we are actually doing when the laws have settled.

You did not think that simple logic and common sense would prevail? It hasn’t so far...

* = The government. Not necessary an indication of the people's views

'He must be stopped': Missouri candidate's children tell voters he's basically an asshat

Paul Crawford Silver badge

Re: You can't save all of 'em ...

Indeed, good to see his children have seen through his shit and are brave enough to say so in public.

Paul Crawford Silver badge

Re: Hmm

The media

US Republicans bash UK for tech tax plan

Paul Crawford Silver badge

Re: Friends

Americans do.

America, maybe not.

Boffins have fabricated microscopic sci-fi tractor beams for real

Paul Crawford Silver badge

Re: Photons are massless, but they have momentum

The thing about the em-drive is that the photons/EM waves are internal, so if (and its a big 'if') it works then it is defying the normal requirement for momentum transfer outside of the spacecraft, etc.

But you can use a light/heat source or radio to act as a (very weak) drive since the emission of radiation has a momentum transfer effect as it propagates away.

Edited to add: Seems the commentards further down the page have already answered as such!

Apple's launch confirms one thing: It's determined to kill off the laptop for iPads

Paul Crawford Silver badge

Many moons ago I was in a Stormfront store in the UK looking at the Apple macbook pro and I almost bought one, But shortly after they had a new model and it lacked the things I needed: RJ45 networking, USB-2 peripherals, built-in DVD drive, etc.

So I decided to buy a mid range Linux laptop From Entroware instead. Yes, it lacks some key features I might like, but it is mine. it does what I tell it to. And it cost a lot less, the remaining money which I spent on loose meals and nice women.

EU Android latest: Critics diss Google's money-spinning 'cure'

Paul Crawford Silver badge

Odd, I would have thought the commentards here would like to see Google having to offer a "price" for their data.

Woman who hooked up with over 15 spectres has found her forever phantom after whirlwind romance and plane sex

Paul Crawford Silver badge

Re: Dear God,

I have an ex from Belgium, so I think I know where you are coming from...

Biting the hand that feeds IT © 1998–2018