Re: Really a GIT
Where was the GIT repository, as surely you did not have just one copy?
And the machine's backups?
3271 posts • joined 15 Mar 2007
Where was the GIT repository, as surely you did not have just one copy?
And the machine's backups?
The Circus of Horrors is a good show - can highly recommend it. Not just for the dwarf & Henry, but all do a good and amusing job of entertaining!
Did he use a King Dick spanner, that is the question we all want to know:
That, sir, is most definitely NSFW!
Pro tip - set your browser to always open a single tab on your safe home page. Today I had an accidental viewing of your link on opening Firefox, they must think I am a part-time gimp now...
Big kudos for having detected gravity waves - that is awesome science.
But...no one has yet established they travel at the speed of light. Establishing THAT would be pretty conclusive proof of the theory. Any other speed opens a new can of space-time worms...
Translation - they discovered on-line pr0n
Have an up-vote sir!
Firefox need to be *different* from Chrome and better in a way that users appreciate, things like:
1) Not sucking. Seriously, try to keep memory use, etc, under control.
2) Value privacy. This might mean returning 'anonymous' browser info so everyone's installation looks largely the same (maybe just info that might be needed by the web site or useful for stats, such as major browser and OS versions, something like ~3 bits entropy)
3) Value privacy. For the hard of thinking, again, think! Do stuff like small dither to drawing so browser fingerprinting (like canvas draw / hash) is different *every* time they test on the same machine.
4) Respect the user's wishes. So offer the ability for all audio/video and animated images to be "click to play". I do not want web sites to start stuff in adverts, etc, and waste my bandwidth an patience. If its worth it, *I* will chose to play it.
5) Allow legacy plug-ins on demand. Sure they are not secure but there is a shed load of stuff out there that might be wanted. Make it default-off, of course, but still give me the *choice*.
6) Don't dick around with the GUI for no bloody good reason.
Its what you feed software people when they have to work late to fix something, along with some coffee.
Where as the rest of the time they just eat pizza.
Probably more secure as well...
So you have the key stored somewhere in the program's memory to run the operations on the encrypted data, instead of both the key and some plaintext in memory?
I guess its a bit less likely to get slurped, but if the machine is compromised enough to allow reading arbitrary blocks of memory, isn’t the key also vulnerable to this? In the conventional system I guess you could zero the memory after using it so the plaintext was short lived (if that really is the nature of the risk it is mitigating) and be a damn sight faster.
Once upgraded a video card in my work Linux machine and it would randomly crash. Spent hours and hours of frustrating time with video drivers of various release versions and even a new kernel. Went back to old card and setting and STILL crashed!
Turned out the PSU was on its way out and the power cycling was the last straw. Changed that and all was fine, except for two days of my life wasted :(
Yes, it pisses down on you from time to time.
Maybe the USAF should have a "happy hour" once a week then the turn civilian GPS off just for shits & giggles. Certainly would focus people's minds on any dependency on an assumed-benevolent foreign power :)
Funny that: Digital radio, that can't report the new year's bells on-time due to the various processing delays, falls over when there is a timing glitch of tiny proportions, while analogue FM just keeps working as they never assumed precise synchronisation of transmitters in the first place.
I find Google docs great for collaboration, but ultimately I don't trust any of them.
They (MS & Google, etc) can and do change products and T&C without giving a toss about the products, sorry, customers and I don't fancy my data being under USA jurisdiction no matter how much they protest about caring. Before Snowden revealed PRISM they were quite happy to cooperate with the US Gov secret requests and accept payment for them. Remember that...
Really? Just tried composing using Gmail (Chromium browser on Linux) and no, it won't accept wugahumphtuma or color instead of colour. But maybe that is just my sane installation doing the spell-checking locally?
However, Google docs is accepting US spellings as well as UK spelling. Having said that, just how many installations of Word, etc, do you see with US spelling enabled?
Or use one of the "rescue CD" images from Bitdefender or Kaspersky to boot the troubled machine and check for the biggest problems first.
Two reasons I can think of:
1) The design is such a clusterfsck that there is no sane way to fix it short of a major re-write.
2) They won't (or can't) allocate sufficient competent programmer time to fix it.
In either case it is software I don't want to have dealings with.
That example was (presumably) an easy one, no change to tested variable/condition.
What does catch folk out is when "SUCCESS" is supposed to be changed in some asynchronously called function (interrupt, or signal), maybe in another file, in which case the bug is usually not declaring it as 'volatile' and the compiler optimises the test to an endless loop, instead of checking the memory location "just in case"
So has the US dropped the secret court orders and the demands that companies comply and do not reveal that data was requested?
Not in this case. More generally there is an issue for rockets not wanting to reach too high a speed low down in thick lower atmosphere due to drag (and possible heating) but they ain't getting high enough for that!
There is "safe-rm" that has a blacklist of "dumb to try deleting" checks on what you ask for, and I think most modern versions of rm need '--no-preserve-root' if you give them '/' as the argument before destroying your OS (to catch mistakes like "rm -rf / tmp/*" where you mistyped, adding space in /tmp/*).
It is other safety and practical issues related to the stupid muppets in marketing, etc, deciding that everything must be push-button and app-controllable along with a move away from simple low-risk control approaches. We have in no particular order:
Toyota ECU design faults causing runaway and crashes
Ford recall as "off" button not stopping the engine (WTF was wrong with a switch in the MCU power line? Same question to you Toyota?)
Jaguar door unlocking silly buggers
And on, and on, ...
It could be rising relative to the pJ/bit for processing even if dropping compared to previous interconnect technologies.
I trust myself - mostly - and not a corporation based in another jurisdiction.
But it is less of a concern that malware could create its own protected world, so long as I can create my own protected worlds against malware without
NSA Intel having the key to it, forcing an external network connection to establish it, or ultimately holding my business to ransom by virtue of this key holding.
Is this happening to the Linux drivers (if any) and if so is the code change visible? Makes me glad not to depend upon closed source drivers for most things [*]
However they may feel about rip-off chips, the act of potentially damaging equipment by deliberate actions is one they should be spanked by the courts for. The only honest option, if they must do anything, is simply to put up a warning that the device is counterfeit and to stop using it without fake data and without difficult-to-reverse actions on the hardware.
[*] except video, where crappy driver issues are the norm on both Windows and Linux :(
It should be possible to make an analogue random source using the internal noise of a PN junction and turn that it to a bit stream for the job.
But this should be a separate small chip where the design is fully published and anyone with a tin foil hat and scanning electron microscope (what, you did not get one free with the hat?) can grind off the package top and see the chip below matches the published and validated design exactly.
Only by that route can the suspicion of, for example, Intel's random number instruction be avoided (and the somewhat ignorant discussion about its use with other sources, see http://www.theregister.co.uk/2013/09/10/torvalds_on_rrrand_nsa_gchq/ for more).
The difference here is ISPs would not have to support it, not collect sensitive data (to be spilled like TalkTalk, etc) and not have to increase our bills to provide the gov with data that probably has bugger-all value.
If GCHQ have a limited budget and only cable taps then they have to prioritise what they do, and that probably means setting filters on the real-time taps, etc, to manage data volumes. Also it means the every petty bureaucrat cant go an a fishing expedition against you without going via GCHQ and that kind of raises the bar as I'm sure they have better things to do that field questions about the sort of petty things that most people get in to disputes over.
That is the point, yes we need spy agencies but we also need rules for what they are allowed to do (and that in my view allows for interfering with computers, as that is by nature a targeted activity), and who they are answerable to. What is being proposed is a mass data and power grab by the gov without any meaningful justification.
Probably because it was cheap and proven technology at the time the decision was taken to develop the drone. I.e. probably 10 years ago...
Also in most cases the data is not *that* secret as they are looking at "the enemy", and not at their own top secret bases, so probably it was deemed sufficient for that sort of job. After all, they (NSA/GCHQ/etc) can probably track the location of the drone no matter what encryption it uses, so they can guess at what they are looking at and send their own spy drone/satellite to look.
Now that is a film I would pay money to see. Even just to brag about the title!
Could this be Paris' first zombie flick?
Just as long as he has not taken any mint sauce flavoured lube...
What is that software? Is it really so special there is no on-site alternative?
Well he doesn’t want the other wolves to eat them!
"...the use of Word documents with macros becoming more popular in APT attacks"
Why don't they enable the apparmour profile for Word, etc?
Actually I go the opposite way - I don't think there should be any media coverage of a pending court case until its over.
Look how Christopher Jefferies was treated in the media over the mere possibility he murdered Joanna Yeates in 2010. After that media frenzy, had he gone to trial instead of Vincent Tabak, just how would you find a jury not prejudiced against him?
That is the point against Hunt. Not the post-trial analysis or recriminations, but the ability to have a jury that may have access to media and ensure they are not biased by tabloid scaremongering?
Modern compilers (at least gcc with -Wall flag) will spot that, and even I think the DOS-era MS C-compiler will complain at highest warning level.
Sadly a lot of C code horrors are covered by compiler warnings or static analysis tools, but are ignored all the same.
I one did that deliberately on a machine I was going to wipe/reinstall anyway just to see how far it would go. Eventually the characters on the desktop went away and the machine halted. Reboot with live CD and nothing - just two in-use directories left. rm had even rm'd itself :)
However, on a more serious "look out" experience I once wanted to change permissions on my own in the hidden .thunderbird and so on directories. So I did this:
chmod -R <settings> .*
Do you see my mistake? Yes, '..' is a match for '.*' so it recursed up a level and then down all other user home directors! Thankfully I was not doing that as root...
"we should put them to work on solving social ills not playing games"
Given that our social ills are mostly due to deep flaws in human nature, amplified by human interaction, I fear the answer might be Terminator's job...
He has been
poking telling porkies again...
Google docs - easy collaboration and multiple editors of the same doc/spreadsheet/etc.
OK you have to add in Google to that list, but if its not terribly secret it works really well. And on any OS with a decent web browser, which is more than some offerings that favour their own...
I think this used to be a National Semiconductors plant until ~2011 when TI bought them out. Shame to see it go, as not a whole lot else in Greenock to move to :(
Nothing either to do with the shitty Flash-based admin and needs a version a fractional point beyond the last one Adobe supply for Linux, perhaps?
Or the changing command line tools so you go up a version and past stuff won't work as no muppet thought of good backwards comparability?
Or the just-revealed decision to sack the original virtulisation developers and find cheaper alternatives (if at all)?
In reality the risk from the radiation is small, but people are paranoid about it now compared to, say, the very real risks of death or injury from car use, etc.
For comparison, think of how long it has taken for the forests to grow back after we raided them for fuel and building materials. Oh wait, they haven’t...
Or how long the impact of CO2 from coal, oil and gas will impact on the world?
It may not be linearly correlated, but the driving limit is the concentration in your blood, so it ought to related to (at least) your water content or so.
Sadly politicians lying about facts & figures (or being "economical with the truth" as they say in parliament) has become so common that people will simply ignore the guidelines. Pushing harder on binge drinking might have made sense (less A&E trouble, etc) but they probably blew that.
No, managing an app store cheaply is hard.
Having a competent person install, test and review apps for key-word appropriateness is only going to cost a modest amount per app and ought to be covered by the (20% I guess?) overheads MS charge to sell via the store (and from all other Windows-related profits).
Or is "profits at all costs" the motto here?
66.6 the percentage of the Beast
Lollipop was was spawned to be released
opening an unexpected 3rd party XLS file connecting computers for web/email use to critical systems is getting dragged out and shot, yes?
And having key systems on networks without a firewall IP address white-list to reduce the scope for malicious C&C servers?
Surely you mean the planet Porno?
And stop calling my Shirley!
(Or planet X, or maybe planet XXX)
Biting the hand that feeds IT © 1998–2017