Posts by Graham Cobb 1464 publicly visible posts • joined 13 May 2009
Yep.
That model works (or worked) for Reddit. Let people subscribe to topics they are interested in.
And if they enable tracking, use that information as well to give them a better experience. If you do it well enough maybe some of us would agree to let you track. And others won't because it is a price they are unwilling to pay.
Happy for them to offer a choice of paying for no-ads or being sent ads for a free service. But it must be completely separate from the choice about tracking.
Some people may prefer to allow tracking with their ads, because they will be more useful/interesting ads for them Others may prefer no tracking even though it means the ads are always useless to them. That would is the genuine choice for people.
I've never worked in retail but isn't that the easy part? Sure the transactions are different - and there are lots of unique "service"-type transactions, which would have to be Java apps running in the till (walking the user through checking an International Driving Permit application, for example).
But the hard part, the part which needs to be secure, robust, reliable, unable to lose, corrupt or duplicate a transaction, never able to modify a transaction under any circumstances, etc. is presumably the same as other retail businesses. And so are tools like daily till reconciliations, stockcheck reconciliations, recording and tracking "shrinkage", generating operational and management reports, auditing, detecting fraud, etc.
The git repo has more files in it because the source archives just contain the code and build scripts, not irrelevant things like the .gitignore file.
Which, unfortunately, means the consumer of the code can't automatically check the tarball really does match the repository in all respects. But the alternative - require all packages to be built from their git respository - means there will be a lot more complexity in build scripts so it may still be possible to hide hacks using the same tricks used in this case (extremely opaque m4 macros which react to changing a few bytes in an obscure binary "test file").
In addition to carefully considering whether to use a dependency or re-implement yourself (which has to be done on a case-by-case basis as a self-implementation could be even more buggy), it would be useful if we had a wider choice of dependency interfaces and sandboxes to choose. Security-critical apps like ssh, which can compromise a whole enterprise, should be able to tradeoff performance against safety with selection of a library interface which offers more protection even though it is very slow.
Thanks for the pointer. I had a bit of fun playing with it. Although I was a bit confused when I asked it "What is the first line of Hamlet in morse code", as you do, and it replied indicating that it didn't have access to books in morse code. Asking it to "Translate the first line of Hamlet to morse code" was successful, however. And when I then repeated the first request it apologised for it's earlier confusion and gave me the right answer.
We caught this one in time and negated years of work of the adversary.
Yeeessss... sort of...
We appear to have negated years of work on one particular infection vector. Given that this was years of work, it is extremely unlikely it was a single person, and it is unlikely this was their only bet. Someone was paying their salary and possibly paying a whole team. The person (or the agency they work for) is unlikely to have made their bet just on one approach, which could have been noticed at any time over the last couple of years.
Who is doing reviews of all the other projects which have had complex, obscure changes which look nothing to do with security but no one really quite understands? I mean XZ for goodness sake??? Who would ever have imagined that could cause every up-to-date Debian Testing system on the internet to be open for root logins for a while? How many more compromises are there out there? We have always assumed the US, Russia and the Chinese each have a horde of vulnerabilities which they can use (and then burn) in case of major war. Was this one of those? Or was it the Norks or Israel or the Iranians wanting their own?
Who is checking all the obscure libraries used in kernels or security-critical processes by the proprietary vendors (Microsoft, Google, etc)?
All of this would not have happened if it systemd had not been involved.
I think you meant to say "All of this would have happened differently if systemd had not been involved". The perps created an extremely complex and sophisticated attack based on mispurposing the library loading mechanism to cause an apparently innocuous but actually malicious library to take control of a security-critical component. Given the complexity of what they achieved, I am sure that if they were unable to use libsystemd they would have just found another library as a vector for their malware.
What we need to do is to (i) fix the development process where important software is reliant on under-resourced developers, (ii) harden the operating system to better protect security-critical components from poisoned components such as libraries.
the fact is that this vulnerability was introduced by the long arm of systemd reaching into sshd's internals, where it had absolutely no place being
Exactly. And that was the fault of no-one except the Debian sshd maintainers! They didn't need to do it. Nothing in systemd forced them to do it. Many other systemd-using distributions don't change sshd to use the library. It is obvious now, with hindsight, that it was a terrible decision to weaken sshd by linking with unnecessary libraries without a careful review of the risk/reward tradeoff.
Systemd has many problems. I don't like it. But it is not to blame for this. And repeatedly saying so just delays fixing the real problems which are:
1) Helping maintainers of widely used packages keep them safe.
2) Reducing the risk surface of linking external libraries into security-critical components.
...attack that was only possible because of systemd
I am no fan of systemd, but you are mistaken. Systemd was not, in this case, the problem. No more than the compiler, linker, library loader or anything else. If they couldn't use libsystemd as the vector they could have used a similar approach on one of the other dependencies. Maybe it would have taken more effort, maybe less. ldd tells me that sshd is linked to 28 libraries on my system.
The attack was only possible because of the lack of tight review of all the dependencies of security-critical software, combined with a prioritisation of performance over security in library loading even for the most critical security components.
This is a timely wake-up call and needs some careful thought and discussion about the lessons to be learnt for software development.
Of course one major thing, and not new, is that too many widely used projects are understaffed. Maintainers are overworked, can't necessarily review contributions as well as they would like, fall behind on testing and project management as well as actual code development.
But there are also some important operating system architecture lessons to be learnt. We need to find a way to reduce the attack surface of software, particularly security critical software. Software like SSH needs a simple way to trade performance for safety. In this case we can all see, with 20-20 hindsight, that there is no way a utility package like xz should have been able to affect the operation of a critical tool like SSH.
We need some of the best OS architects to work on that issue. For example, maybe security-critical software could trade performance for security - maybe something like using RPC and co-processes for external library calls instead of loading libraries into its own memory space. I am sure todays OS architects can come up with better ideas. than this one but it is a task that Linux process loader and kernel teams should be working urgently on.
ssh doesn't have to use it. As other posts also mention, there is no requirement to use it - it seemed like a useful and neat feature to send the "yes I've started" notification and it seemed like the easiest (and probably most robust) option to use the Systemd library to do it. With hindsight, I am sure one or both of those decisions will be reversed. But that won't require changing the status or policies around Systemd.
There are many design decisions of Systemd that I don't like. But there really isn't any point blaming it for this.
Systemd has a feature which some developers find useful: an app being started can notify Systemd that it has now successfully started up instead of Systemd just starting it and hoping for the best. Pretty obviously that could be a useful feature for some. Debian decided to use that feature, although I think that decision is now likely to get changed to revert to the "fire and forget" behaviour that other init systems do (and is the default with Systemd also).
There are two ways to send the notification: it is a simple one-line write of text to a socket and is easy to hand code. Or you can call a function in the Systemd library which does the write for you. The mistake, in this case, was to use the library: that brought in loads of other dependencies (like liblzma and xz) that are used by other parts of the library. With hindsight, a security-critical app like ssh should have avoided loading a very highly featured, general purpose library like Systemd when it really didn't need it.
Blame xz's developers. Blame Debian for adding unnecessary features to one of the single most security-critical apps on the system, or using the easy option of linking in a massive library where a single write would do.
You can blame Systemd for a lot of crap but I don't think it is at fault here.
What I wonder is whether the problem would have been avoided if ssh had statically linked the library? It is probably time that all security-critical apps were audited for whether they bring in unnecessary code. Of course the tradeoff is that they wouldn't get the benefit of bug fixes in the routines they statically linked. Swings and roundabouts.
Maybe you might try designing your code first, then entering it.
Nah. Why would I want to do that? <grin> I did that when I was being paid to code! And I used BLISS, which was a truly great language which I used for many years (I still have to be careful sometimes not to put dots in front of variable names!).
Now, for preference, I use C for compiled code, Bash for scripting and Perl for combinations of the two.
Seriously, my real beef with Python is that it is horrible for modifying existing code - that is where the whitespace problems occur, in my experience. It is fine if you have the luxury of being able to design something first. In fact, if I do need to use Python for something I have been known to develop it in Perl first and when it is working use that as a design to reimplement it in Python.
Obviously it works for many people. But not for me. I can't get with the whitespace being important. Not at all. I just don't seem to be able to see it, and my editor doesn't help me like it does with braces (or BEGIN/END or whatever).
And making changes is just really, really hard - I can't enter the logic I want as a stream of consciousness and then tell the editor to indent it for me as a check. With spaces there is no way to separately verify if I have made a mistake in the structure.
When trying to use Python I feel I am back in the early 1970's using Fortran and having to make sure I didn't accidentally use one too few spaces so the first character of my intended line got eaten as a continuation marker! I suppose I am at least grateful I'm not having to use a hand card punch...
It may become an issue in court.
Yep. We have seen over the last couple of months how the Post Office have tried to redirect the blame away from their own lies and malicious prosecutions towards blaming the foreign, Japanese Fujitsu!
Just imagine how the next similar scandal will involve "it isn't our fault at all that all these lives were lost/destroyed - it was AI wot did it by lying to us! How could we have possibly known we should have tested it?"
Me too. My normal browsing is using Firefox (on Linux) through a proxy (which changes address often) with every tab in a brand new disposable container except for a very few trusted sites (including El Reg). Several adblockers, privacy tools and anti-fingerprinters (combined with manual tools if I want to nuke parts of the page or javascript) allow me to read reasonably safely.
If that setup is too restrictive for some particular task (normally because I don't trust the site enough to allow it to run any javascript in that environment) I use a disposable sandbox running Brave, also quite locked down but a little less extreme, to access just that site for that task (no other pages open). If that doesn't work, I don't use the site at all.
And what will save us is this...
...at the expense of publishers, advertisers and consumers
With a bit of help from regulators - mainly by just making sure that tracking-blockers still work - it will be the advertisers themselves who will eventually save us. They don't want to pay for people who've already bought a lawnmower (or are just not interested in lawnmowers) to receive their lawnmower ad and they will eventually realise that their only option is to only pay for ads on garden-related sites.
Sure, Google can stick around sending irrelevant ads to people without ad-blockers and get paid almost nothing for them, but the advertisers will only spend significant money with relevant sites, or adjacent to search responses for relevant searches.
I'm no expert on AI - and I look forward to being educated. But, to me, it appears that today's AI tools (particularly LLMs) are very much geared to searching data, and looking for statistical correlations. As far as I can see, they do not claim to do any reasoning.
To take a simple example, simple reasoning such as "if I reduce the price of my goods, demand will increase" is not within their scope. They are, of course, able to use lots of data to see that cases where the price of goods have gone down are heavily correlated with demand increasing. But this is just correlation - they have no idea which effect is causing the other, and no way to apply the reasoning to cases where there is little data (for example, are prices falling correlated with meteorites falling? no answer because too few meteorites fall to have any data).
So, it would seem to me that monetary policy, which is a complex area involving a lot of understanding of the behaviour of markets and people is one of the last areas to be able to be analyzed by AI. Of course, they may be very useful in finding and crunching the data needed by the human analysts, but they are not going to be making predictions, let alone "credible explanations". A different sort of technology is going to be needed for that, presumably.
The ICO appears to be deliberately confusing advertising and tracking.
There really need to be three choices, not two: 1) Do not allow tracking and provide the service without ads; 2) Allow the service to track personal information and display personalised ads; 3) Do not allow tracking and display unpersonalised ads.
Some people will pay for Option 1. Some people will value the service enough to choose Option 2 - in most cases only if the service is then free. Option 3 must be explicitly listed, and if the site doesn't want to provide service on that basis they must tell people who choose that option that that is the case.
I strongly suspect that if that happened, many people would walk away from the service. If I am wrong then FB etc can be happy. But the ICO must insist that user's need to be reminded that Option 3 exists, even if it leads to denial of service. In practice, I think that sites would choose to offer some level of service even with Option 3 (for example, receive messages only, or follow no more than 3 people or something).
Doesn't work (the 1-star rating of the answer is probably a clue to that). However, feel free to post a URL here which, if I click it, will display my MAC address. I will let you know if it works. I'll even allow Javascript to run.
Fingerprinting is, indeed, a problem but I use several Firefox plug-ins to defend against that.
I can't comment on phones - I don't do any significant web access from them.
I use the Firefox feature which allows me to open all websites (except a few I set up as exceptions) in a new, unique, empty container. So any cookies a site set just get discarded.
That doesn't stop them tracking me by IP address, but I take other precautions against that (by changing the IP address of my browsing proxy at least every day).
What forms of tracking have I still missed?
Having a good supply of apps available is one of the necessary features for selling a phone. Providing an App Store is just as much part of the phone as providing a backlight for the screen is.
Why on earth should anyone (user or app developer) pay Apple for using their App Store? Do Apple expect developers to pay them when you turn the backlight on?
In fact, Apple need to have the mindset that they need to pay developers to be present in their App Store if they want people to buy their phones. I am guessing this particular spat may be the one which helps Apple learn that.
No, you are wrong. Using copyrighted material is not a breach of copyright. Only reproducing it is a breach of copyright. So "Using a Trainer to create LLMs using copyrighted material for non-private use" is not a breach of copyright. Just as, using a device to analyse some recorded music to discover the number of sharps and flats used in it (to take a silly example) is not a breach of copyright.
What has the computer architecture got to do with it? Training data (and human mental models) are (both) DATA, not code! Sure, modern computers are all architecturally similar but there is no reason that you couldn't have an LLM built on an analogue computer design (or the wetware architecture used for the human brain). The processing architecture is irrelevant to copyright.
I disagree that there is any analogy. Training data doesn't seem to have resemblance to source code. It is very similar to human learning.
Imagine that there is a human with a perfect ("photographic") memory. The fact that you could ask that person to repeat "the sentence on page 75 of the book - the one which starts with 'Fred took down the picture...'" would not make that person's reading of, and learning from, the book anything other than fair use.
I'm certainly not going to suggest that Government funding for the health service is sufficient, but I can accept that there are genuine disagreements over both the amount and the allocation of resources. As such, individuals may well have perfectly reasonable disagreements about the relative priority of having another MRI scanner available vs other healthcare spending (or even spending on other priorities - there is certainly room for disagreement over whether before we buy another MRI scanner to reduce waiting lists in leafy UK we should spend some of that money in providing more basic medical care in deprived parts of the world).
So, leaving us some disposable income to choose to allocate to charities or other things as we personally wish seems fairly reasonable.
While not a realistic option for the masses... I do recommend anyone here to consider running OpenWrt. I have used it for about 20 years on many different devices and I find it works well. It is, of course, open source if you feel like getting involved.
I just checked the site and many Ubiquiti devices seem to be supported.
I am guessing the "legally obliged" bit is about checks for employees. Certainly passports, and I guess probably some "safeguarding" checks for some roles. I assume it is worded like that so Serco can't keep some of the data "just in case" (or because they aren't quite sure why they have it) - it has to be "legally obliged" in order to keep it.
No, there are many independent reports based on real research and analysis, by real academics and experts, not just a single viewpoint. Of course some people have problems with social media, just as some people have problems with abuse of chocolate or anti-depressants. But many more people have a much better life with the aid of social media.
Personally I have no interest in social media (except El Reg, of course), but I know many people, some of them kids, who's life is much improved by it. The next generation of kids would be extremely damaged by the sorts of restrictions being proposed by these self-serving politicians.
the modern Internet is dangerous to kids
No, it isn't. Recent reports have completely debunked that claim - in fact, the Internet is, on balance, much more helpful to kids than dangerous. Allowing kids to access important safety information such as information about drugs, sex, diseases, etc, knowing that the research is confidential and no one can find out they have been looking, is a major benefit. As is allowing kids to chat among peers about important topics such as body image, eating disorders, stranger safety, drink and drugs - in all these areas kids value their peers views more than adults.
Banning anonymity and end-to-end encryption is a major attack on kids and on adults.
It is very clear that this (and other similar attacks) are nothing to do with kids safety but are aiming to abuse kids to achieve several things:
1) Banning anonymous speech and debate by requiring everyone to prove they aren't kids.
2) Banning E2EE for everyone so that local, state and national governments can check up on people's private messages to check they are paying the correct taxes, they aren't planning a protest, they aren't cheating on their spouse, find out what their political opponents are planning, etc.
3) Infantising kids to create a generation who know their place and won't cause trouble.
I am confused. What good is a "warning"? Surely by the time solar scientists have observed the flare (let alone communicated to anyone about it) its effects have reached us?
Does it have significant duration? Does its strength increase (in which case, how do they know how strong it will be)? Is the warning about matter ejected at the same time but travelling a lot lower than the speed of light?
I remember government paying £800~1000 pday for the senior/principle grades of technical consultants pre 2010, which equates to circa £1500 today.
Ah! That explains it!!
The customer thought they were paying for principled consultants but the supplier actually supplied principal consultants instead. So no wonder the council was screwed. All that is left for the inquiry team to determine now is whos who's whose what person's fault it was.
People (used to) sell little connectors which did that. I still have one in my travel 'bag of wires' and I always used it when charging in places like airports. Unfortunately they are pretty useless now as I think you need the data lines in order to negotiate for the power supply to send any decent amount of current.
Although, now, you can get power bricks which can be charged offline and then be unplugged and charge the device at a fairly high current. Bigger and more weight than the old connectors (and still potentially compromisable as the power brick has processors itself - although I have never heard of that happening).
I think you are confused. My understanding is that this project makes no claims about life - even amino acids.
Initial observations show that Bennu contains carbon-based compounds and hydrated minerals – sources of organic materials and water. This finding supports the hypothesis that asteroids may have brought the building blocks of life to Earth
I understood this comment to just be about the amount of water and carbon on Earth. Not any claim life (or even amino acids) developed somewhere else and were brought to Earth. Just that Earth has more water and carbon than would be expected for a planet this close to the Sun so this helps the theory that the extra water and carbon were brought from further out in the solar system on asteroids and comets.
Which is why we need this to become the new "normal". It would be fairly straightforward, and could be made transparently easy to use, to let everyone publish their own public key (don't call it that of course - call it a "banjimwobbit" or whatever marketing think would work best) and have every messaging or email app automatically encrypt every message sent to you with that public key and have your device transparently decrypt everything using your corresponding private key.
It would be no more complicated than sending and receiving email or a WhatsApp message is today.
The EncrChat thing showed how lawful (or unlawful) interception allowed a lot of serious & organised criminals to be taken off the streets.
EncroChat shows how it is still possible to take criminals off the streets without backdooring everyone's right to private communication, hidden from government.
It is hard, expensive, and limited - which is exactly what the 99.999% of people who are perfectly innocent demand, and expect.
I find myself resorting to bootable recovery tools more nowadays. Mainly because my "root disks" are now almost exclusively NVME and always die after about 18 months. Unlike rotating disks, when they die they seem to become completely useless with no warning at all (Btrfs DUP doesn't help because it looks like a whole chip dies) so I need to boot from a Ventoy stick to set up a temporary bootable partition on one of my rotating disks.
Which reminds me, will this new DSL boot from Ventoy? And is it usable as a live CD?
The issue here is to educate people and stop people pushing financial scams (just like we stop people pushing drugs).
Cryptocurrency is a toy. A game. It is clear to most of us who post here that, like share trading, you should never invest money you can't afford to lose and that you should transfer any gains out into a safe form.
If you can afford to lose 90,000 then there is no need for speed bumps, brakes, etc. If you can't afford to lose it then don't play with it.
I doubled my money on cryptocurrency a while ago; I invested 5000. When it doubled in value to 10000 I transferred 5000 back into real money. At that point I was quids-in - I had made my initial investment back and anything more was profit. It doubled again and I transferred another 5K back into real money. The remaining 5K has gone down a bit but I don't care: I doubled my money.
Oh, and by the way, I paid tax on it.
Neither funny nor coincidence. The Israeli government makes no secret about encouraging and using spyware. Right or wrong, they see it as critical to the continued existence of their country and the safety of their citizens.
There are many things about the Israeli government, and the IDF, I don't like. But at least they are not hypocritical about their use of spyware.
Russia, China, North Korea and the US are the governments who are two-faced hypocrites who pretend to dislike spyware but actually actively promote and heavily use it. One assumes they are (between them) providing much money and much air cover (from legal investigations) for the criminal gangs who now seem to be the main controllers of the various breaches.
The big problem isn't that your pic appears in the data. It is that the pic of someone who is not you but looks a bit like you is in the data.
In that case, however innocent (or rich) you are you will be stopped at every street corner. Forever.
And one day you will lose the dice throw and will be imprisoned for someone else's crime. Unless you are in the USA in which case you will just be shot by mistake, or while resisting arrest by trying to explain you are the wrong guy.
Unlikely, I think (hope!). The resolver libraries have no idea what the scope of ".INTERNAL" is supposed to be in any particular organisation. One org might give it site-wide meaning, another might give it company-wide meaning.
Over time I presume that resolvers will gain configuration options to control/limit where .INTERNAL names can be sent for resolution. For now, the decision just guarantees that if the name reaches the root servers it will not resolve.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
