* Posts by Charles 9

10436 posts • joined 10 Jun 2009

Put down your coffee and admire the sheer amount of data Windows 10 Creators Update will slurp from your PC

Charles 9
Silver badge

Re: So, what can an individual do about it?

So you're saying security updates are useless, seeing as they're supposed to keep you from getting pwned?

1
0
Charles 9
Silver badge

Re: serious question

It's practically impossible to prevent a piece of software in a VM from finding out it IS in a VM. A timing attack is all it really takes, and there are ways to prevent the host from realizing you're performing one (either internal by instruction timings or externally by polling a timebase).

0
1
Charles 9
Silver badge

Re: Now THERE'S ya problem...

"The engineers should get up from their desks, walk out the front door, turn and look up at the company sign on the building.... (see title)"

But then they remember the logo that appears on their paychecks...AND the long lines at the unemployment office...AND the lack of good alternative jobs anywhere nearby.

Sometimes, weathering the storm is better than trying to run from it.

0
2
Charles 9
Silver badge

Re: Soft target?

"I'd rather hold off on my browsing or computing until I get home than to try to make it work on that tiny touch-screen with my big fat fingers."

Even if it meant missing out on a deal you need to research on the spot to find out if it's legit or not? There ARE times when you just can't wait (you snooze, you lose).

2
9
Charles 9
Silver badge

Re: Fighting back?

Except that since Microsoft owns certificates, they can transmit the stuff over authenticated connections, meaning they can tell the real stuff from the junk, allowing them to easily filter.

1
3
Charles 9
Silver badge

Re: 'Smart TVs: Can't you just not give them net access and use them as a regular TV'

Plus consider Whispernets...

2
0
Charles 9
Silver badge

Re: I thought

"When did playing some childish game become a reason for making a committal decision that could destroy your privacy and eventually cost you a lot of money?"

Some people play games for a living. Think professional gaming clans. If they need to earn their daily bread by competing in Overwatch, guess what that means for their rigs?

5
8
Charles 9
Silver badge

Re: So, what can an individual do about it?

The problem is that Microsoft knows all the tricks.

- DNS blackholing won't help you because the most important ones are hardcoded into Microsoft's DNS API DLL, and the DLL for it is signed so it can't be replaced with a neutered version.

- As for blacklisting IPs, I heard they use the same IP and ports for the telemetry as they use for Windows Update, meaning if you block the telemetry, you ALSO block the security updates, leaving you a nasty choice: get tagged or get pwned?

1
2
Charles 9
Silver badge

Re: serious question

Next thing you know, W10 becomes able to detect it's in a VM and act funny because of it.

2
0
Charles 9
Silver badge

Re: serious question

Could start an Activation countdown. Don't connect in 30 days and the install locks until it can.

1
1
Charles 9
Silver badge

XP was declared completely EOL some time back, meaning users can be owned at any time. Using XP now would be considered a failure of due diligence without extenuating circumstances.

1
10
Charles 9
Silver badge

Re: How bad is the chinese verison

They've BEEN voting with their wallets...AGAINST you. You can't fix Stupid, so another plan is called for.

0
1
Charles 9
Silver badge

And if software critical to their position can ONLY run on raw Windows, raising a Scylla-and-Charybdis situation?

0
3
Charles 9
Silver badge

Re: Yes, well, Linux distros --

"One fine commentard (Charles 9, I think) opined that the only way to ensure privacy is to become a Luddite. Well, only if you want absolute privacy, I think. This guy managed to maintain excellent privacy for 27 years, but they caught him at last. Isn't everything shades of gray and a matter of degrees? You can get "pretty good" privacy if you eschew a few things. And if you manage your usage, and don't need full-on shields-up privacy all the time."

Which actually shows privacy can't be shades of gray. It's black and white: all or nothing. Just one slip is all it takes to let the plods in and start unraveling everything.

Which means for many of us it's already too late. They're just holding the bombshells in reserve.

0
3
Charles 9
Silver badge

Re: Solution

If you can tell a professional gaming clan how to play Overwatch on their PCs without using Windows, I'll be impressed. And no, consoles are not an option since Blizzard separates gamers by platform and all the hardcore professionals use PCs.

2
4
Charles 9
Silver badge

I think Microsoft uses authenticated connections, meaning they'd be able to tell the difference.

0
1
Charles 9
Silver badge

Re: registry just a thought.

Bet you they're not. That's why Enterprise has a subscription attached.

0
0
Charles 9
Silver badge

Re: The only way to really do that is to go full Luddite

"Will we ever be completely safe? Of course no - but if we let rights fly out of the Windows <G>, it will become much harder to bring them back..."

That's what I'm saying. Those lights left long ago.

1
1
Charles 9
Silver badge

Re: I thought

It is if you're running a gaming center. Not that common in the weat, but check out the far east.

2
2
Charles 9
Silver badge

Re: Solution

No machine juicy enough if your primary activity is 3D in nature since 3D virtualization is still pretty damn slow. Also there's a problem if your primary Windows activity is necessarily memory-intensive since the VM and host OS add overhead that can take you over the top.

4
4
Charles 9
Silver badge

Re: Fighting back?

That still doesn't stop the telemetry that's built into the OS and cannot be turned off (not even at the DNS level because the DNS client hardcodes a number of domains). You really need an external safeguard to block that telemetry, and that's not assuming Microsoft potholes the telemetry into the same IP as Windows Update, meaning blocking the telemetry also blocks the security updates, leaving you in a dilemma: get tagged or get pwned?

2
0
Charles 9
Silver badge

Re: Fine fine fine

Microsoft then blackmails the EU or contributes to its dissolution. What now?

0
5
Charles 9
Silver badge

"Interestingly you can get lists for firewalls specifically to block the domains used by Microsoft's data slurping - but not Google... double-standards on the part of the tech community or what?"

No, probably Google's using SNI and other tricks to pothole too many of their services onto the same IP address, meaning too much risk of collateral damage, which you already noted.

5
2
Charles 9
Silver badge

Re: I thought

"The biggest problem is availability of software."

That's where Microsoft gets you. They've dominated the OS atmosphere for so long that most software has no viable substitutes outside Windows. Combine this with hardware ONLY supported in Windows and you've got the recipe for a captive market. Now they're trying to pull everyone into the repeat business of a subscription model, using all the Windows lockdown as hostages.

7
8
Charles 9
Silver badge

Re: Is Windows 10 Faking Disk Corruption Notifications to force a scan/upload of user files?

The "Scanning for Errors" notification has been there since XP. It indicates the drive wasn't cleanly unmounted the last time it was used, and that could've come from whatever last used it, some of which lack the facility to to properly unmount the drive. Windows installs can be instructed to treat highly-portable USB drives differently so you don't have this problem, at the cost of performance since it means Windows can't use advanced drive management on them.

0
5
Charles 9
Silver badge

Re: Soft target?

"While I really don't care about who slurps my data - I don't want *anyone* of them doing it."

The only way to really do that is to go full Luddite and stop using computers. Otherwise, you can't trust what your software or hardware are doing behind your back, laws be damned.

2
7
Charles 9
Silver badge

Re: Why can they not grasp

Simple. They FULLY grasp the concept of a CAPTIVE MARKET, as most people are held hostage by their applications which have no acceptable substitutes. Especially people like enterprises with custom jobs (meaning jumping risks them going under in the attempt) or gamers (just compare the compatibility lists, especially for newer games; they simply DO NOT compare).

8
2
Charles 9
Silver badge

Re: Fine fine fine

How will they be able to force the issue if Microsoft simply decides to remove themselves from Europe, hiding themselves behind US sovereign immunity? Plus Microsoft may be helping to undermine the EU itself, removing its sovereign authority.

0
8
Charles 9
Silver badge

Re: It's trust or rust

"Even one of the inveterate gamers I know is talking about installing Linux and is researching just what Windows games can be got to run on Linux via Steam/Wine/PlayOnLinux etc. as well as going dual-boot until they wean themselves off the games that just cant be got to work on Linux."

And he'll soon find out most of the games DON'T work well on Linux. Trust me, I looked. Especially the newer games like Fallout 4 and Overwatch. Bethesda swore off Linux, and all reports concerning Overwatch are listed as Garbage. And they are not alone. Otherwise, I'd have already jumped.

4
8
Charles 9
Silver badge

Re: Fighting back?

Oh, what about via external devices? Why can't you block Microsoft telemetry say at the router?

2
1

Governments could introduce 'made by humans' tags - legal report

Charles 9
Silver badge

Re: A Lesson from History

That goes to what I was saying. MODERN expensive goods are 90% bling (IOW inflated). Think iPhones versus good "imitations" from no-name companies. Apart from the name, what else are you getting spec-wise for all that markup?

0
0
Charles 9
Silver badge

Re: High value targets

The way I see it, there are two obstacles to machines taking over every job at this time: dexterity and Uncanny Valley.

Some jobs require not just fine motor control but also simultaneous adaptability (such as a position where no two jobs are the same). The first problem is being worked on steadily with more articulate mechanics, but the second one goes to machine learning and will be more difficult to apply in a generic form.

And then there's the natural human instinctual desire to see a friendly face (we have pretty strong evidence this is instinct since the behavior is shown even in newborns). If a job requires (or even just highly recommends) a face-to-face interaction, then it'll naturally prefer a human in it to provide that face.

0
0
Charles 9
Silver badge

Yup. Worse comes to worse, they can just close the walled garden and hash it out amongst themselves. As long as there's at least "two to tango", mutual commerce can still take place.

0
0
Charles 9
Silver badge

Re: Land Value Tax

Land value due to usefulness can still fluctuate. Sometimes suddenly if discoveries are made. For example, what's to stop some barren tract of land from hiding a gold vein, a Kimberlite pipe, or a shallow source of petroleum?

0
0
Charles 9
Silver badge

Re: April 1st lasts a long time ...

Thing was, the 20th Century still had room to grow (the population was a fraction of today and lots of resources were still being discovered), plus a couple major wars and a pandemic thinned the population and provided more space. Now, the circumstances are different. The post-war baby boom is coming home to roost, resources are trickier to get, and we haven't had an inequality of wealth of this scale since before the Black Death.

2
0
Charles 9
Silver badge

Re: ASDA

If it was 1983, probably the latter, as voice synth tech was still pretty new (think the early talking videogames like Berzerk and the Votrax SC-01). Even today, using recorded voices and concatenation, the results still come out a touch weird sometimes.

0
0
Charles 9
Silver badge

Re: Illogical conclusion @Charles 9

And can YOU tell that to Congress who insists on only taxing assets as they're sold, not as they're held, discouraging hoarding?

1
1
Charles 9
Silver badge

Re: A Lesson from History

I think that needs to be qualified, though. OLD expensive stuff, yes, because they were usually hand made custom jobs, sometimes with threats attached. Expensive stuff TODAY? I wouldn't be surprised if a lot of that "expensive" was really just bling.

3
0
Charles 9
Silver badge

"If everyone can make what they want or need, then we are on the path to universal wealth."

That's assuming everyone CAN make what they want or need. Trouble is, in the future, many will lack the skills, the rest will lack the resources. Making things requires BOTH, and NEITHER are guaranteed, and there's no way the haves will EVER let the governments take their wealth away. They can either move or usurp the government, and if the proles rise up, call out the killer drones; if that doesn't work, nukes.

3
0
Charles 9
Silver badge

Re: What to do with the unemployed?

""They" will have to do nothing. It's up to the 7,000,000,000 individuals involved to make their own choices about what they feel like doing."

Oh? What about when it comes time to find a way to earn their daily bread and nothing's available? Kinda harsh to be telling 7 billion people, "You lose. Game Over. Better luck next life."

4
0
Charles 9
Silver badge

Re: ASDA

Plus, most people using the self check-out would probably qualify for the Express lane (if it was open and not running to the back). They scan a few things, pack up and go. A minute of effort to beat a wait of several minutes at the checkout is a win for them. And before you say hire more cashiers, that would raise the labor costs which would in turn be passed to the customer: another trade-off.

0
0

Bloke cuffed after 'You deserve a seizure' GIF tweet gave epileptic a fit

Charles 9
Silver badge

Re: I have had the strobe spam,ads and popups many times

The difference being that at least women tend to know when their period is coming and can schedule things around it if necessary. Epilepsy is a little more random than that.

0
0

WWW daddy Sir Tim Berners-Lee stands up for end-to-end crypto

Charles 9
Silver badge

Re: More security means no security - no problem

"If the government demands back doors and those back doors are breached by criminals then the government must pay those hacked the costs incurred because of the hacking."

Guess you never heard of Sovereign Immunity before.

0
0
Charles 9
Silver badge

Re: I'll just leave this here,

Now can you use it in a non-obvious, stego-hardened way to get your message across in a paranoid world where the mere use of obvious encryption makes you a target?

0
0
Charles 9
Silver badge

Re: Populist government comments...

Wouldn't work in a world where using ANY obvious encryption (and public-key encryption, due to its mathematical nature, can't be made non-obvious) would make you a target.

0
1
Charles 9
Silver badge

Re: Now I get it!

But monopoly interests have the money. Plus some of them (like Facebook) ARE multinational in nature.

0
0
Charles 9
Silver badge

Re: Populist government comments...

Besides, you have to establish that code to use it unless you the Navajo code talker trick. That puts you into the First Contact problem.

2
0
Charles 9
Silver badge

Re: Fixed It .....

"It was not broken, and if I remember correct it is still pretty secure."

Not really, as more people know Navajo and are aware of the technique. It was just away to use native tongue to get around the First Contact problem.

As for the rest, that was mostly down to luck.

2
0
Charles 9
Silver badge

Re: No, it's not settled

OR it could be the crook wanted detective work so they'd pick up the false leads and get thrown off the trail...

0
0

Microsoft's in-store Android looks desperate but can Google stop it?

Charles 9
Silver badge

So you just switch from having Google as Big Brother to having Microsoft as Big Brother?

0
0

Forums

Biting the hand that feeds IT © 1998–2017