* Posts by Michael Wojcik

5878 posts • joined 21 Dec 2007

Core blimey... When is an AMD CPU core not a CPU core? It's now up to a jury of 12 to decide

Michael Wojcik Silver badge

Re: The proof

Has it really been 8 years, or just 4 years that sometimes seemed like 8?

The most annoying British export since Piers Morgan: 'Drones' halt US airport flights

Michael Wojcik Silver badge

Re: 500g Drone vs 100 ton airliner

your implied assertion that a crash is inevitable

If you think DougS implied that a crash would be "inevitable" in that case, your reading skills need a serious upgrade.

Apple hardware priced so high that no one wants to buy it? It's 1983 all over again

Michael Wojcik Silver badge

Re: PUB Underflated Inflation ALERT

Yes, I'd be interested to know what now costs 13x what it cost in 1983.

Let's see... a Honda Civic cost $6900 in 1983; today one goes for $21500, or a bit more than 3x. And fond though I am of the third-gen Civic, today's car is much safer and more capable.

US median housing prices peaked (before the crash) at around 4x their 1983 value, according to Shiller's data. And today's houses are, on average, significantly larger than they were in 1983.

Michael Wojcik Silver badge

Re: No, you don't wish you'd have bought it.

Ah, the tech treasures rotting away in our attics and basements...

A few months ago I hauled some electronics off to a recycler. They included the case, including power supply and backplane, for a 1988 IBM AS/400 Model B; and a dual-Pentium box from around 1996. I'd kept them because they seemed like they could make for some fun projects. (I particularly relished the idea of putting multiple modern motherboards and drives in the AS/400 case - the size of a half-height filing cabinet - and figuring out uses for its front-panel switches and LED display. "Oh, you don't have one of those?" I'd reply when anyone asked about it. Which no one ever would, of course, but it sounded good in my head.)

For quite a few years I had a nifty thing I'd fished out of the trash when I worked at IBM. It was a pair of AT-bus cards cabled together, one with a NatSemi 160321 CPU, a couple EPROMs, and assorted logic,2 and the other with a bunch of RAM. It had a SRITech logo, and serial number 31 was hand-written on it. I talked to a few people at SRITech and no one could find any record of it; their guess (which matched mine) was that it was a 16032-based machine which acted as a bus master in the AT and took over processing, using the 80286 to drive peripherals, and very likely running some sort of UNIX. IBM used the same approach in the Outrigger, their never-released RC-PC-on-a-card for the PS/2.

But I either threw away or misplaced the SRITech unit, and without the appropriate software I probably never would have been able to make it do anything anyway.

1Or possibly a 32016. Same chip; National Semiconductor just renamed it at some point to make it sound better. In any case, at the time it was a pretty cool CPU - 32-bit addressing, CISC instructions to make hand-rolling assembly easier, etc. More VAX-like than anything else.

2I think it may have had the corresponding NS MMU as well, which would mean it supported true paging rather than simple segmentation.

Michael Wojcik Silver badge

Re: As a dev system?

I know, replying to my own post ... but, dang, that old Byte is making me nostalgic. (I think I have some old issues lying around here, among my DDJs and the like; I should dig them out.) There's an ad for "Winchester subsystems". The CompuPro System 816/C. An S-100 memory expansion kit. Discount retailers like Ironsides. The IBM Instruments Computer with its softkeys and built-in printer! (Man, I always wanted one of those to play with.)

Joel Swank's article on adding a reset switch to the VIC-20. A friend and I used that article to add that switch to his VIC.

Look at the add for the QDP-300 on page 221. That is just an amazing piece of design. Light-up power switch! Runs MP/M! Serviced by GE!

Computers today are so boring. "Oh, look how thin the bezel is on our phone!" Shove it, designers.

Michael Wojcik Silver badge

Re: As a dev system?

From that Byte review: "Computers are worthless if nobody uses them, and the Lisa has made great strides toward eliminating that possibility." True, if you chose the correct antecedent.

This issue (as the cover proudly proclaims) featured reviews of both the Lisa and the Apple IIe. The latter would have been a better use for your money. And a complete IIe system, except for the printer, could be had for about $8K less than the Lisa.

We all love bonking to pay, but if you bonk with a Windows Phone then Microsoft has bad news

Michael Wojcik Silver badge

NFC? No fucking chance.

We all love bonking to pay

I don't. Increased attack surface in order to save a few minutes over the course of my lifetime? I'm lazy, but I'm not that lazy.

DNAaaahahaha: Twins' 23andMe, Ancestry, etc genetic tests vary wildly, surprising no one

Michael Wojcik Silver badge

Re: Furthermore...

siblings should [receive] the same answer if it were possible to do what the product says it does

Particularly given the vague ("European ancestry") and imprecise ("13%") nature of the results, the tests would only be useful if they represented a fairly strong signal. (That is, the vagueness implies that test is neither accurate nor precise; thus no result should be reported unless the test finds it with strong statistical confidence.)

That means a reputable organization would only report ancestry components supported by a relatively large number of markers.

Given a large number of markers, it becomes extremely improbable that they wouldn't return to the mean; and so very improbable that full siblings wouldn't receive fairly similar results.

Consider: Assume the presence of some gene M contributes to a finding of ancestry X. Sibling A is found to possess M. Does sibling B possess it?

- At least one parent has at least one copy of M. There's a chance that parent has two copies, and (barring mutation) all sibling children will have it; call that p1. Otherwise, a given sibling has 0.5 chance of getting M from this parent.

- There's some probability that the other parent has at least one copy of M. Call this p2. If p2 is true, there's a p1 chance1 that parent has two copies of p, in which case all sibs have it. Otherwise, there's a 0.5 chance that a given sibling will have received M from this parent.

So what's the chance of B possessing at least one copy of M? Let p3 = 0.5 + 0.5p1, the probability of getting it from the parent known to possess at least one copy. Then B's chance of getting at least one copy of M is p3 + (1 - p3)(p2)(p3), or p3(1 + 1 - p3) or p3(2 - p3). Note p3 is almost certainly > 0.5. So B's chances should be better than 0.75.

Unless I've messed something up in my calculations, which is entirely possible.

We assume p is fairly common among people with significant X ancestry - that's part of what makes it a good marker for ancestry. (We also assume it's significantly less common for people without X ancestry.) So if A and B's parents share significant ancestry - which is more common than not - then sibling ancestry results should converge even more strongly.

1p1 as well here because we take p1 to be the probability across the population of all people who have at least one copy of M that they have two copies of M. Obviously within that population it's likely there will be subgroups who have greater or lesser probability of having two copies, but we don't have any information to partition at that level.

Michael Wojcik Silver badge

Re: Or maybe...

It's quite common for epigenetic changes and differences in health, diet, and environment to cause them to not be actually physically identical.

Indeed, it would be astounding if it were otherwise. Apparently a couple Reg readers 1) haven't gotten the news that genotype does not solely control phenotype (far from it); and 2) think they can determine whether two people "look identical" from a single photograph.

I don't know which is the more depressing observation.

Michael Wojcik Silver badge

It's perfectly reasonable to claim their first-generation (genetic) descendants can be expected have at least 25% of the mother's ancestry in each category.

"25%" because some of the supposed ancestry-marking genes that these snake-oil vendors are identifying might appear only on one chromosome of a given pair, and consequently have only a 0.5 probability to be passed on to a given offspring. We can assume that a reputable ancestry-determining organization1 would want a sufficiently large number of markers for any given ancestry characterization that we can expect a return to the average. In practice it should be closer to 50%; 25% is a worst case.

"At least" because the other parent might, of course, have a greater share of ancestry in a given category, boosting the child's.

Now, that might seem like a fairly weak claim; but it is a claim that such a service could report to a subject, about the subject's potential descendants.

1Which these are not. But that's why I wrote "can be expected": if that expectation is violated, it's just more evidence that these five firms are peddling rubbish.

The Iceman cometh, his smartwatch told the cops: Hitman jailed after gizmo links him to Brit gangland slayings

Michael Wojcik Silver badge

Re: A lesson

Oliver would never kill someone with a "fusillade of bullets". He's a knife man.

Michael Wojcik Silver badge

Re: Proof once again

Everyone actually has something to hide.

Some people simply don't know it. Yet.

Having AI assistants ruling our future lives? That's so sad. Alexa play Despacito

Michael Wojcik Silver badge

Re: Nah.

Voice-control systems are easy to build using off-the-shelf components. A few electronic pieces, CMU Sphinx, TensorFlow - you could have a pure-local voice-controlled "AI assistant" up and running in a couple of days, or maybe a week if you're technical but new to the domain.

Personally, I don't see the appeal. I find voice-controlled devices immediately and deeply obnoxious.

Michael Wojcik Silver badge

Re: OTT

I would really struggle to use it to measure 500ml of helium

Yes, but it's worth the effort. You'll find it an uplifting experience.

$24m in fun bux stolen from crypto-mogul. Now he fires off huge fraud charge. Like, RICO, say?

Michael Wojcik Silver badge

Re: It's not RICO

Oooh. Charles Stross takes one on the chin in that one.

Well, he's not a lawyer either, and he does write a good novel. (Plus, if memory serves, back in the day he was entertainingly grumpy on rec.arts.books.sf.)

I am also not in any way a lawyer, but a quick check of 18 USC 1962 leaves me wondering which RICO provision of unlawful conduct Turpin's lawyers think Truglia et alia engaged in. Maybe they can call the SIM fraud a case of interstate commerce (I have no idea what case law might say about that), and maybe SIM fraud could be construed as "racketeering activity" under 18 USC 1028 (relating to "identification documents") or 1029 ("access devices"), or one of the zillion other sections that can be used to claim racketeering.

But AIUI, that's just the start of what a plaintiff has to demonstrate to get a judge to even let a RICO civil case proceed.

Michael Wojcik Silver badge

Re: All the King's horses ...

I think so. I believe Krebs's latest piece on this case (linked above) mentions that an AT&T employee was complicit, not just duped, in the Turpin case. Presumably that involved ignoring the restrictions Turpin had placed on his account.

Michael Wojcik Silver badge

Re: All the King's horses ...

The Krebs piece is also worth reading for its portrait of another of these psychologically-abnormal IT criminals. Truglia clearly had poor social and life skills, and limited ability to empathize. He treated life like an RPG-style video game: gathering coins, buying buffs, and grinding.

HSBC suggests it might have found a... use for blockchain?

Michael Wojcik Silver badge

Re: Truth

I think you'll find that any distributed ledger would be vulnerable to attack in such a circumstance.

This is precisely the problem, and why BGP attacks attempting to partition the Bitcoin mining network happen around a hundred times a month.

"Such a circumstance" turns out to be quite common.

FCC's answer to scandal of AT&T, Sprint, T-Mobile US selling people's location data: Burying its head in the ground

Michael Wojcik Silver badge

Re: You don't understand how it works

Instead, after they leave they get big money as "consultants" that don't actually do anything, or for serving on boards that hardly ever meet.

Indeed. Pai was a Verizon employee before he was in the FCC. He's still a Verizon employee; it's just his compensation is deferred until he leaves the FCC.

'It's like they took a rug and covered it up': Flight booking web app used by scores of airlines still vuln to attack – claim

Michael Wojcik Silver badge

Re: "Yet again you've let them get away with an anodyne statement"

They need to get taken to task.

I have to side with Chris and the Reg on this. They were pretty clearly taken to task in the article, and explicitly mocking the Amadeus response is unnecessary. Anyone capable of critical thought will see through it; anyone not capable won't profit from being told directly.

Oh, SSH, IT please see this: Malicious servers can fsck with your PC's files during scp slurps

Michael Wojcik Silver badge

Secure Copy Protocol?

Surely "Secure Copy Protocol" is a bacronym. "scp" is just "secure cp", by analogy with "rcp" ("remote cp"), which in turn was named for UNIX "cp". And "cp" is just an abbreviation of "copy", not an acronym.1

I see Wikipedia uses the "Secure Copy Protocol" phrase in the relevant article, but the contributors hedge their bets by also using "secure copy", and they don't seem to cite any source for "Secure Copy Protocol". Some of their sources in fact use "scp protocol", which to my thinking has better etymological justification.

(Sure, there's a security issue here, but it's not nearly as important as arguing over terminology.)

1Or for pedants who adhere to the ill-founded "pronounced as a word" restriction for acronym, an "initialism".

What a cheep shot: Bird sorry after legal eagles fire DMCA takedown at scooter unlock blog

Michael Wojcik Silver badge

Eh, I can see how this happens. Someone higher up in management who doesn't have a clue is aimlessly searching for mentions of the company online. They run across the Boing Boing post and fire an email at Legal. Legal looks at it, rolls their eyes, tells a paralegal to send a DMCA takedown notice without even checking who wrote the post.

Since DMCA notices are effectively free to the issuer, plenty of firms send them out on the flimsiest of pretexts (often the entire process is automated) as an initial salvo.

It'd be interesting to change the economics - say, to amend the DMCA so that each takedown notice must be filed with the Library of Congress at a fee that starts at $10 and is adjusted annually for inflation. Oh, the howls from Hollywood! It'll never happen, of course. (And I admit it has an unfair asymmetry anyway, because it's generally much cheaper for attackers to copy protected content to many sites.)

Michael Wojcik Silver badge

Re: I doubt they'll be that cheap

$150 for a second-hand scooter that cost around $30 new, sold by J Random Ebayer? Sounds like an excellent deal! For the seller, I mean.

Seriously, if you want these at anything like a reasonable price, go to a municipal auction. Bring cash, and decide ahead of time how much you're willing to pay. Be willing to walk away if the units are in poor shape.

Michael Wojcik Silver badge

Re: Who remembers the cue cat?

They could possibly mitigate against this attack by pouring epoxy into the case that houses the board and using non standard screws. At least that way anyone expecting a cheap scooter has a lot more work on their hands to make it work.

I don't think this is cost-effective. What Hackaday reader doesn't have a set of security-screw bits? Anything more exotic would be prohibitively expensive for Bird. And if the case is filled with resin, just chuck the case with the board and fit a new case.

Seems to me the asymmetry here still favors the attackers (people who want to repurpose a Bird unit).

There was a recent call on Hackaday for a powerwall built from Bird scooter batteries...

Michael Wojcik Silver badge

Re: they soon found out when Doctorow reached out to colleagues at the EFF

And in the US, if all you need is a stern letter bearing a lawyer's letterhead, this can be done cheaply enough that pretty much anyone can afford it. If there's a legal assistance service in your area, this might even be as cheap as free.

Yep. My neighbor is a lawyer (among other pursuits) and she once wrote a stern letter of that sort for me, for a $1 retainer.

That's how these things often go. There's a quick round of bidding to see if one party will just fold immediately. Then if everyone stays in, things might start getting expensive.

Michael Wojcik Silver badge

Re: Even if you couldn't replace the board

Edison would have loved that.

If I could turn back time, I'd tell you to keep that old Radarange at home

Michael Wojcik Silver badge

precursor?

Amana (Raytheon) Radarange oven, circa sometime after 1967 – the precursor to the microwave oven

The Radarange line was a line of microwave ovens. They were not "precursors". They used microwave-generating magnetrons, just like other microwave ovens.

And by 1967, the Radarage line had been in production (by Raytheon) for about 20 years, so this wasn't even an early model - though 1967 was when Amana started selling consumer (as opposed to commercial) units.

CES flicks the off switch on massager award… and causes a buzz

Michael Wojcik Silver badge

Redundancy, in case one packet gets dropped.

Facebooker swatted, Kaspersky snares an NSA thief, NASA server exposed, and more

Michael Wojcik Silver badge

harmless fun

anyone who still thinks swatting people is harmless fun

I don't believe I've ever read an account of a swatting case where the swatter plausibly claimed he (I don't know of any female swatters) thought it was "harmless fun". Swatters are nasty, violent, and probably manifesting some form of antisocial personality disorder. They're perfectly aware that swatting is a form of violence. Was anyone surprised when swatter Mir Islam was arrested for helping to dispose of a murdered woman's body? I wasn't.

Michael Wojcik Silver badge

Re: Swatting

In the Finch case, Barriss (the swatter) didn't call 911. He spoofed a local number and called a non-emergency Wichita City Hall number, and someone there transferred him to the emergency services desk. Then Wichita PD took everything Barriss told them at face value, stationed themselves around Finch's house with weapons ready, and one officer fired seconds after Finch opened the door.

The department didn't do any critical thinking and an adrenaline-drunk trigger-happy asshole failed to control himself. And no, I'm not buying any "first responders have to make split-second decisions" bullshit - this is a direct consequence of police militarization, lousy training and procedures, poor screening, and a lack of consequences. You can't fix that by tweaking procedures at the 911 call center (and I don't think yours is workable anyway, to be honest).

This case has been discussed extensively by security experts and others. The Wikipedia article is decent.

Michael Wojcik Silver badge

Re: Why loathed care to elaborate?

Wouldn't it be great if there were some global repository of information you could query for general questions like this?

http://lmgtfy.com/?q=why+loathe+jira

It WASN'T the update, says Microsoft: Windows 7 suffers identity crisis as users hit by activation errors

Michael Wojcik Silver badge

Re: VA and TX in the US

Citation? I can't find any references to any such laws.

What's the fate of our Solar System? Boffins peer into giant crystal ball – ah, no, wait, that's our Sun in 10bn years

Michael Wojcik Silver badge

Re: Boom!

A diamond as big as the Marsport Hilton?

(Goddamnit, I just dragged that idiot Hilton back into the discussion, didn't I?)

Peak Apple: This time it's SERIOUS, Tim

Michael Wojcik Silver badge

Re: Too late - What happens on your iPhone stays on your iPhone.

Apple sell appliances. That has always been the strategy.

I don't think that's fair. The Apple //e wasn't an "appliance". It's only their post-1983 products that are aimed at people who just want a magic box of "stuff happens".

Kids these days.

Cyber-insurance shock: Zurich refuses to foot NotPetya ransomware clean-up bill – and claims it's 'an act of war'

Michael Wojcik Silver badge

Re: Eh, it’s Mondelez.

Shrug. I like cheap milk chocolate (though I avoid Nestle, as they are Satan's own foodmonger), and I don't really care whether anyone else knows, or does. I don't care if someone else eats Wonder Bread; why should they care what sort of chocolate I eat?

Michael Wojcik Silver badge

Re: An opposing point of view

I would have thought that contributory negligence - failure to patch - would have been the tack used by the insurance companies.

That would set a precedent with a strong chilling effect on the market.

When you insure for fire damage (in a stable, industrialized country), there are well-documented protocols to follow for the insured: building codes, fire codes, inspections, etc. It's pretty easy for the insured to be in compliance and demonstrate that.

With IT-security insurance, there are few or no regulations, depending on the business. There are no standard independent inspections, and no agreement on what you'd inspect for. Potential insurance customers know they'd have a hard time showing they weren't negligent. So if insurers look like they're going to weasel out of paying claims, the market will discount the value of IT-security insurance to the point where it's no longer a viable product.

The IT-insurance market is enough of a mess already. Policies are ill-defined, claims may be hard to prove (fires leave a lot of evidence; rootkits not so much), data for actuarial analysis is thin, the market is immature (so risk pools are small and reinsurance harder to come by), and it's largely untested in court. Apparently Zurich America have decided to risk the last, but as others have noted, there's an excellent chance this will settle out of court.

Before dipping a toe in the new ThinkPad high-end, make sure your desk is compatible

Michael Wojcik Silver badge

Re: Just

The whole reason I use laptops is because I'm often not at my desk. It would be tricky to use this arrangement when I'm 1300 miles away from my desk at my other house, for example.

Michael Wojcik Silver badge

I know many people like multiple monitors, but personally I just find it irritating. I used a multi-headed UNIX workstation1 for several years earlier in my career, and found it ... fine, I suppose; but for the last quarter-century or so I just haven't felt the urge. There's always sufficient screen real estate for whatever I'm working on at the moment. I haven't even used virtual desktops in years, I think, not counting VMs.

Eh, tastes differ.

1IBM RT PC running AOS 4.3, which was IBM's rebranding of BSD. X11 driving the monitors, though some of them I generally just left in character mode.

Great, you've moved your website or app to HTTPS. How do you test it? Here's a tool to make local TLS certs painless

Michael Wojcik Silver badge

Re: But why is it so complicated?

But this should be simple, and not require arcane knowledge, surely?

No. It is not, and does.

And that's just one collection of problems with the X.509 PKIX. There are others, and since that one was written, we've introduced a whole bunch of additional things to worry about, like algorithm deprecation, OCSP Stapling, and Certificate Transparency.

Michael Wojcik Silver badge

There are already plenty of toolkits and tutorials for creating test CAs and issuing certificates. That hasn't measurably changed the number of people with some understanding of the ghastly, shambling horror that is the X.509v3 PKIX (i.e., few); or the number of people who understand it well (a handful).

Valsorda is a good researcher, but frankly I don't think there's much to get excited about here. Anyone who's likely to use mkcert could probably have gotten by just fine with one of the hundreds of online tutorials using "openssl ca". True masochists could fire up Windows Server Cryptography Services instead.

People who don't test their TLS apps with certificate chains skip it because of the cognitive load, not because there aren't relatively easy tools. (Yeah, openssl ca isn't user-friendly, but it's a walk in the park compared to actually understanding the X.509 PKIX in any depth. Look at the problems caused by OpenSSL's enforcement of RFC 5280 timestamp rules - those were due to other TLS implementations generating non-conforming certificates.)

Just updated Windows 7? Can't access network shares? It isn't just you

Michael Wojcik Silver badge

Some people routinely have to do things with administrator permission. One of the products I work on, for example, must load a number of its assemblies from the Global Assembly Cache. Updating the GAC requires elevated privilege (thank goodness); so whenever I build that product, I have to do so as an admin.

Using domain admin for local development tasks would be idiotic, thus it's a local-admin account.

Windows is still (!) terrible at switching accounts1 for command-line and GUI applications. So-called "Fast User Switching" is not nearly fast enough and far too cumbersome to be useful in this context. The closest thing Windows provides to hybrid limited-privilege and elevated-privilege operation within a session is strong UAC (i.e. require explicit elevation with credential prompt on the secure desktop). UAC isn't a security boundary but with the strong SecPol setting the split token does close most of the straightforward vulnerabilities.

I haven't checked whether LocalAccountTokenFilterPolicy applies to UAC-downgraded tokens as well. It'll be interesting to find out. The point, though, is that Windows continues to encourage abuse of the Local Administrators group, not so much because of failings in the base OS, but because Microsoft refuses to try to get the user interaction model and user experience correct for people who actually need routine privilege elevation. Hell, Richie did a better job in this area just by inventing setuid and su, and that was in, what, 1971?

1Thread security tokens, to be more precise.

I'm just not sure the computer works here – the energy is all wrong

Michael Wojcik Silver badge

Re: No interference?

It started as a joke, but became lore when many people didn't get that it was a joke. Hackaday recently did a piece on various symbols and marks that appear on electronics, and there was some discussion (in the comments, if memory serves) of "China Export".

Michael Wojcik Silver badge

Re: No interference?

Cheap LED lights are likely to be false economy anyway - while the LEDs themselves might last for a decade, the electronics are often dead in a year. There are a number of stories on sites like Hackaday from people who take apart dead LED lights and repair the electronics.

Until now, if Canadian Uber drivers wanted to battle the tech giant, they had to do it in the Netherlands – for real

Michael Wojcik Silver badge

Re: Why Uber?

Uber drivers are still licensed [taxi] drivers. They still have to pass the same tests.

Not in the US, they're not. While there are no Federal requirements for taxi drivers in the US, many local jurisdictions require they have commercial license, and many use a medallion or similar licensing system as well.

Taxi owners usually carry, and in some jurisdictions may be required to carry, taxi insurance. Uber provides supplemental insurance to their (non-commercial) gig drivers, but I haven't seen any reliable claims that it's equivalent to taxi insurance. In any case, the two situations aren't identical.

You don't say what jurisdiction you're in, or provide any other support for your claim, so my guess is you're full of shit.

Michael Wojcik Silver badge

Re: Uber is a ponzi scheme

He doesn't. For precisely the reason cited.

Nor do I.

My employer has recently announced that they're "partnering with Uber" for business ground transportation, and asked us to register with the company. Nope. I'll pay for my own ground transport. It's a small concession to maintain my ethics.

Jeep hacking lawsuit shifts into gear for trial after US Supremes refuse to hit the brakes

Michael Wojcik Silver badge

extraordinary recall?

an extraordinary 4.8 million vehicles

I suppose that's literally true, in the sense that it's out of the ordinary, but it pales in comparison to Ford's 1980 recall of 21M vehicles. Or their 1996 14M-vehicle recall. Not picking on Ford here - they just have three of the top five. And, of course, the size of a recall will be affected by how popular the brand is, and how much the manufacturer is able to achieve efficient reuse of components and designs across the product line.

Sure, Jeeps and other FC products generally suck, to a first approximation. I don't think they're extraordinarily sucky, though. Just ordinarily.

(Also, to be fair, cars these days are much better in pretty much every way than they were in the 1970s, with a few exceptions for value or aesthetics; much better in most ways than they were in the 1980s; and significantly better than they were in the 1990s. I'm not a fan of today's huge, overpowered vehicles, but they are far more reliable than the ones I drove when I were a lad.)

Michael Wojcik Silver badge

Re: So...

The "phone app" shipped for your vehicle is actually a proxy and most manufacturers tell you very little about what it does.

Indeed. I declined to install the Volvo app when my wife bought her XC60 last year, and I suspect I'll never buy another new Volvo - or any other make of car. My 2015 Volvo XC70, with its blissful lack of "connectivity", might be the last new car I ever have. I know too much to trust any of the manufacturers.

Michael Wojcik Silver badge

Re: So...

A lot of audio systems have the option to increase the volume as the vehicle speed increases. But this can be fixed by making the communications one-way.

For many years we did not have this feature, and many of us survived.

Senator Wyden goes ballistic after US telcos caught selling people's location data yet again

Michael Wojcik Silver badge

Re: Just

"Things were bad previously, so they can't possibly be worse now."

Michael Wojcik Silver badge

Re: Re-seller

An MVNO uses a regular carrier. I would not be too sure that the carrier is not able to get to your whereabouts.

That's not in dispute. The question is whether MVNOs can also get your location data (via their agreement with the carrier) and thus also sell it. I'm not sure that's any worse (the carriers are happy to sell it to all comers, so it's not like the MVNOs would be increasing the supply), but it's conceivable that an MVNO might be able to undercut the carrier's price, or might be more likely to lose the data in a breach.

Personally, I suspect the MVNOs don't have access to the data, unless they buy it at the going rate from the carrier, so there's no additional exposure. But that's just a guess.

Biting the hand that feeds IT © 1998–2019