Re: Is it just me
Yes, it'll give an error on a protected asf or wmv file.
9744 posts • joined 10 Jun 2009
Yes, it'll give an error on a protected asf or wmv file.
Is there any trend then for people being likely or unlikely to control bias? Or is it simply inherent to the human condition?
Problem is, that runs the risk of YOU not being among the ones still standing, so you're instinctively going to fight it.
It's simply that a lot of enterprise stuff won't run without Flash and can't be replaced.
"One problem with this model is that, as businesses will do whatever makes the most profit, they have no incentive to benefit society as a whole and any benefit that does arrive is really a side-effect. Another problem is that a truly free market - where the government does not interfere at all - can end up destroying one of the foundational assumptions of capitalism: competition. With no restriction or regulations or interference, monopolies can and will arise, reducing competition and thus crippling one of the main reasons capitalism works in the first place."
As far as the monopoly is concerned, though, it's working just fine. In fact, one of the goals of these monopolies is to transcend government and become sovereign unto themselves (think William Gibson's Sprawl) since the best way to beat regulation is to rise above the ability to be regulated. Thus transnational companies that can play sovereign states against each other (why ships don't flag in a first-world nation and why small countries like Ireland seem to get a lot of transnational business because their operating costs--and thus taxes--are low enough to undercut). Even the "nuclear option", denying them business in a country, can be met with a, "Your funeral."
Governments likely control or pwn most of the END nodes, meaning they can probably track you anyway. Remember, they took down Silk Road, an Onion site, so it shows what they can do when they REALLY hate you.
"alternatives DO exist. 'duck duck go'"
Duck Duck Go can't produce an alternative manufacturer's website out of thin air. ANY unofficial site WILL be laced with Bad Stuff.
Then all 12 starve because the scenario is that each needs one WHOLE coconut to last long enough for a ship to come, and they're SO starved that they need to eat NOW to survive that long.
It's basically a variant on the Cold Equations situation. Either some perishes or ALL perish, with no third option available.
But what happens when you have to communicate OUTSIDE your domain? Then all bets are off regardless of the method.
As I understand it, the Constitution is still just a document: Ink on a page, literally. Someone with enough cojones and enough backing could just push that document aside and rule autocratically. That's what a lot of coups are about.
"Store your data on kit which is under your control."
Unless you build your own kit from scratch including the chips, there's now way to ensure your data is really under your control. Just ONE is enough to break everything wider than open.
Now who own their own personal chip foundry, eh?
Has anyone tried a system where you pretend to be a robot with an old 80's voice?
"Robot caller detected. Robot responder online and operational."
In America we tend to get cold calls by robot. Since they'll persist in spite of anything you do, all you can do is hang up and see if you can block the number in future (at least I haven't yet been cold called from a hidden number, probably because those that do tend to end up being police traced).
Wouldn't that also play into malware's hands since they could get the jump on a realtor and post bogus-signed drivers, giving them kernel-level pwnage with a strong look of authenticity?
And sometimes the process gets too irksome. If you have to reach for and unlock three different doors just to get in and out of a place you frequently come and go every day, you'd start to consider that excessive, wouldn't you? Especially when you frequently do so with your hands full (where in the job description did it require such people to be jugglers). Security may be a process, but it has to compete with ease of use. Make things too difficult and people are going to go, "Screw this! My livelihood ain't worth this much hoop-jumping!"
One nasty one was signed with Realtek's driver key. Guess what else uses that key? The bulk of computer sound drivers today. Revoke that key and users suddenly lose their sound. That's probably why it was used: too much collateral damage to revoke.
Now imagine if a total own age malware was signed with the same key used to sign the Windows kernel...
The problem is identity theft can use the "low-risk" sites to glean enough information to use social engineering to get access to the higher-risk sites. Even if you use fake information, unavoidable traces like your IP address can be sufficient.
They can pwn your smartphone. Plus what if you don't have one?
And they're also easier for mules and machines to interpret, so you're making things simpler for the crackers; they just have to pretend they're blind.
"More attention could be paid to the efforts of expanding the password system to include images, particularly KNOWN images, as well as conventional texts."
Except the BLIND can't use images, and the law requires sites accommodate the blind and other disabled.
They can still trace you by your IP, then trace you from that to your ISP. And there's no guarantee LEOs don't have ways to track you through relay chains. Remember that the Feds found a way to take down the owner of Silk Road, a TOR Onion site, so we know it's possible.
But if you CAN'T use a password manager, say because you don't own the computers you use everyday?
Plus what if the miscreant decides to sully your image? They could post controversial materials, or worse, NSFW or even illegal stuff. Images are difficult to keep clean and very easy to tarnish.
BLIND people CAN'T. That's why image-based CAPTCHAs get sites in trouble. The best systems kind of require full sensual acuity to work, but of course not all of us have that, so the law requires fallback methods...which miscreants can exploit by simply claiming to be blind and so on to get simpler puzzles.
"If someone cracks my El Reg password, about all they can do is make some silly and/or offensive comments in my username. I make those myself already, so I'm willing to accept that risk."
Or they could use it to post politically incorrect stuff and stain your reputation. Or worse, post CP links and get the attention of the law on you.
NO. It has to operate on untrusted airwaves and is MUCH easier to nick or hack.
The best code is no code...ONLY if you want to do NOTHING.
If nothing is not an option, then to turn a phrase, you better start coding.
"Write you own if you have time, money, and the skills."
But that's the problem I'm describing. When it comes to cryptography, few people really DO have the skills. Problem is, those that DO could really be double agents. So you're caught between Scylla and Charybdis.
But like I said, that's not an option anymore. Now it's ALL or NOTHING.
And the GDPR now requires you do it RIGHT. So now you're assailed from ALL THREE corners. Investors want it cheap for RoI, competition forces you to do it fast to avoid being beat, and now the law forces you to do it right or get swamped by legal consequences.
IOW, "Pick any TWO" is not an option anymore. Now it's All or Nothing.
But sometimes, you're not even allowed the ounce. What then?
That's if you can afford an instance or some other fallover. Many CAN'T. Yes, it's stupid, but if you're stuck in the middle of the ocean with nothing but a piece of flotsam, what options do you have besides exhausting yourself treading water?
As said, breaking even is priority one because you're obligated to your investors first. If they don't agree with you about long-term investments, than again you're stuck because they can pull out, killing you BEFORE the disaster hits.
"A big part of job interviewing from the view of the interviewee is figuring out if the company is one of those companies. If you do take the job then it probably means you need to do a better job researching companies or you need to increase your skills and experience so you don't have to work for those type of companies for long if at all."
Or it simply means you're out of options. If they're the ONLY opening, then as they say, "Any port in a storm."
Right, but what if that's your ONLY unit?
"People don't appreciate that failures are a wonderful learning experience."
Because for many people's personal experiences, people who fail (at all) don't survive for very long.
"Sounds to me like the failure is in the business model of the company. Those generally are the type of companies that are one recession or self created disaster away from administration."
That's why it's called living on the razor's edge. Where margins are close to zero all the time. You'd be surprised how many firms HAVE to live like this because they flip between profit and loss every month. You're floating in the ocean and you barely have the stamina to tread water. Sometimes, that's all you're dealt. All you can do is hope for shore or some flotsam.
But I think several of the divergent twins were female.
Trouble is, support is incomplete. Can't use it for my R7000, for example, because it OpenWRT can't drive the wireless chips. It's an issue common with FOSS because wireless chips are fiercely guarded trade secrets owing to wireless patents and competition (Linux has similar WiFi issues).
"Well whoopty-doo, cry me a river - no fucking thing in real life is ever guaranteed!"
But that's what the customers WANT, like it or not. So if you cry a river, they'll be happy to send you down it. Which would you rather have? Hundreds of false positives...or one false negative?
"Second, there is zero point in nagging me about things I cannot do a single damned thing about. If a website's certificate expires, can I fix it? NO!"
But it WOULD be prudent to, you know, NOT GO THERE.
"so John Smith won't care about hosting a botnet as it will not impact him at all"
Not impact him at all? What about steal his information and use his identity to commit illegal activities putting the law on them?
"there's only one thing I can do about that when it happens: cancel the dialog and continue about my business."
Oh? What about "Perhaps what you are about to do is stupid. DON'T DO IT!" Like I said, I'll take hundreds of false positives over one false negative because they only have to get through ONCE to make it Game Over.
No, the advertisers. If the clients aren't getting results, they can pressure the ad people and get their fees cut, since the clients tend to be bigger than the ad people and therefore will have access to better lawyers.
"99 times out of 100 being overlooked is exactly how advertising should be. If one view in ten thousand results in a sale then the ad is doing extremely well."
Nope, I hear it's LOSING them money, so they NEED a higher hit rate. Otherwise, their rates get forced down and they'll eventually end up in the red.
"If you get a warning about Windows malware and you're running Linux you do tend to dismiss it with contempt."
Until they start making multiplatform malware, meaning that Windows warning can have implications for Linux users, too.
"In other words, the world is full of people who are just not sysadmins. So why on Earth would anyone put the responsibility of computer security squarely in their hands? Recipe for failure much?"
Because with something as "personal" as a computer, you can't trust someone else to do it, either. That trust WILL (not MAY) be betrayed, so it becomes like the front door. You need to keep intruders out (and there are more of them due to the cyberspace angle), so people have to learn to do some hoop jumping if they want to keep their computer safe. It's unavoidable, much like house burglary.
"Each window has an unforgeable coloured titlebar so you can see what level of security it is operating at. The colours can be customized but only from the hypervisor --- nothing in the VM can alter the colour of that titlebar."
You bet your life? It's pretty certain someone will develop a VM escape (a red pill) at some point in the near future. After all, they developed sandbox escapes quickly enough.
"Of course AT&T and Verizon aren't exactly loved, but I think Comcast and TWC are hated even more than cellular carriers."
Really? You should hear some of the gripes about service plans, transfer rates, and costs. Plus wireless has a sheer physical limit meaning they'll never be able to really compete with terrestrial services.
Where it should belong is in the hands of people who at least KNOW what's going on. Being a bureau specifically dedicated to communications (the first C), I would think people in the FCC would be more aware of the nuances of today's communications infrastructure than a Congressperson.
They make it economically impractical to just get one from them. Bundling is about the only way to save money on them, forcing you into the closest thing to a Hobson's Choice they can. And satellite's now a duopoly of DirectTV (now owned by AT&T, vertical integration's already starting) and Dish. You don't want to know their rates, plus using satellite for Internet's considered a last resort because of speed of light issues.
What about points of entry? Each country only has a few, don't they?
"A true, laissez faire, 'everyone go out and make as much money as you can without restriction' is a good economic plan in the same way that 'everyone going out and driving as fast as they can without restriction' is a good traffic plan."
Well, for Darwinists, the idea is that the ones who survive the carnage learn the skills needed to barrel down twisted roads at 100mph without losing control and pass the techniques on to their kids and so on.
IOW, these are the kinds of people who would support culls.
Wasn't that precisely what the RSA attack was all about? And that was just an attack that got DETECTED.
"So the question is, when China decided to offload US Treasuries & UK Gilts, how long with these currencies exist until hyper inflation like we saw during the Weimer Republic or will the UK see a repeat of 1976 with the Sterling Crisis and IMF loan."
It won't do much and China knows it, since most sovereign debt (at least in the US) is Internal (the biggest debt holder is the Treasury, at least double what China holds which isn't even 10%).
Biting the hand that feeds IT © 1998–2017