Re: Will politicians learn from it?
Wasn't that precisely what the RSA attack was all about? And that was just an attack that got DETECTED.
10015 posts • joined 10 Jun 2009
Wasn't that precisely what the RSA attack was all about? And that was just an attack that got DETECTED.
"So the question is, when China decided to offload US Treasuries & UK Gilts, how long with these currencies exist until hyper inflation like we saw during the Weimer Republic or will the UK see a repeat of 1976 with the Sterling Crisis and IMF loan."
It won't do much and China knows it, since most sovereign debt (at least in the US) is Internal (the biggest debt holder is the Treasury, at least double what China holds which isn't even 10%).
"99 times out of 100 being overlooked is exactly how advertising should be. If one view in ten thousand results in a sale then the ad is doing extremely well."
Nope, I hear it's LOSING them money, so they NEED a higher hit rate. Otherwise, their rates get forced down and they'll eventually end up in the red.
"If you get a warning about Windows malware and you're running Linux you do tend to dismiss it with contempt."
Until they start making multiplatform malware, meaning that Windows warning can have implications for Linux users, too.
"In other words, the world is full of people who are just not sysadmins. So why on Earth would anyone put the responsibility of computer security squarely in their hands? Recipe for failure much?"
Because with something as "personal" as a computer, you can't trust someone else to do it, either. That trust WILL (not MAY) be betrayed, so it becomes like the front door. You need to keep intruders out (and there are more of them due to the cyberspace angle), so people have to learn to do some hoop jumping if they want to keep their computer safe. It's unavoidable, much like house burglary.
"Each window has an unforgeable coloured titlebar so you can see what level of security it is operating at. The colours can be customized but only from the hypervisor --- nothing in the VM can alter the colour of that titlebar."
You bet your life? It's pretty certain someone will develop a VM escape (a red pill) at some point in the near future. After all, they developed sandbox escapes quickly enough.
"What we really need to address is that users should never see security warnings, because they should be being protected by their operating environment from things going wrong in the first place."
EXCEPT that while you can TRY to make things FOOLproof (and likely fail, according to Douglas Adams), you simply CANNOT make something IDIOTproof. The difference being that fools will go off the beaten path on a whim while idiots will see the "Do Not Enter" sign and think, "Ooh, something COOL!" Basically, you just can't save some people from themselves; worse, these people tend to take others with them.
Where it should belong is in the hands of people who at least KNOW what's going on. Being a bureau specifically dedicated to communications (the first C), I would think people in the FCC would be more aware of the nuances of today's communications infrastructure than a Congressperson.
They make it economically impractical to just get one from them. Bundling is about the only way to save money on them, forcing you into the closest thing to a Hobson's Choice they can. And satellite's now a duopoly of DirectTV (now owned by AT&T, vertical integration's already starting) and Dish. You don't want to know their rates, plus using satellite for Internet's considered a last resort because of speed of light issues.
What about points of entry? Each country only has a few, don't they?
"A true, laissez faire, 'everyone go out and make as much money as you can without restriction' is a good economic plan in the same way that 'everyone going out and driving as fast as they can without restriction' is a good traffic plan."
Well, for Darwinists, the idea is that the ones who survive the carnage learn the skills needed to barrel down twisted roads at 100mph without losing control and pass the techniques on to their kids and so on.
IOW, these are the kinds of people who would support culls.
Most markets only have three, maybe four or five local channels to choose from. IF their antenna is good enough on a sunny day and they can aim it in the right direction and so on. Remember that the US is A LOT larger than the UK.
As for using Netflix or so on, that's a Catch-22. Most ISPs are ALSO TV providers and are either exclusive or have just one competitor who has an identical offer, so they get you either way. Take me. I basically have three choices: Cox, Verizon, and Charter. All three are total providers (TV, phone, and Internet) so are well aware of their clout.
The way I see it, the media company realize they've got two years to wrest as much control from the government that they can so that there's no leverage for it to be taken back later on. Any bets on most the spectrum in the US being permanently sold off?
Actually, there are ways to deal with rattlers. Main thing is you just gotta keep away from the sharp end. A little harder to wrestle a 10-foot American Alligator.
How do you shape encrypted traffic? Say going through an SSH tunnel or VPN?
Per minute? Try per kilobyte, rounded up to the nearest kB pef connection.
But I'd MUCH prefer iguanas to alligators.
"More attention could be paid to the efforts of expanding the password system to include images, particularly KNOWN images, as well as conventional texts."
Except the BLIND can't use images, and the law requires sites accommodate the blind and other disabled.
They can still trace you by your IP, then trace you from that to your ISP. And there's no guarantee LEOs don't have ways to track you through relay chains. Remember that the Feds found a way to take down the owner of Silk Road, a TOR Onion site, so we know it's possible.
But if you CAN'T use a password manager, say because you don't own the computers you use everyday?
Plus what if the miscreant decides to sully your image? They could post controversial materials, or worse, NSFW or even illegal stuff. Images are difficult to keep clean and very easy to tarnish.
BLIND people CAN'T. That's why image-based CAPTCHAs get sites in trouble. The best systems kind of require full sensual acuity to work, but of course not all of us have that, so the law requires fallback methods...which miscreants can exploit by simply claiming to be blind and so on to get simpler puzzles.
"If someone cracks my El Reg password, about all they can do is make some silly and/or offensive comments in my username. I make those myself already, so I'm willing to accept that risk."
Or they could use it to post politically incorrect stuff and stain your reputation. Or worse, post CP links and get the attention of the law on you.
NO. It has to operate on untrusted airwaves and is MUCH easier to nick or hack.
What about DISABLED people, though? Visual puzzled are lost on the blind, audio puzzles lost on the deaf, yet sites are legally obligated to accommodate them.
But what happens when your memory is SO bad that your recall instead produces "donkeyenginepaperclipwrong"?
Maybe it's better to learn whether or not the problem at hand is even tractable.
Consider the First Contact problem. How can Alice and Bob prove their identities to each other if they've never net before? This is essentially the problem we face every time we register to a new site. We don't really know who runs the site, and the site doesn't know a thing about us.
The thing is, the First Contact problem is logically intractable. With no common point of reference, there's no way for Alice to prove she is Alice and not someone else posing as Alice. Not even Trent can help since Trent can be a double agent and has to be vetted himself, creating a Turtles All The Way Down conundrum. It's a Catch-22. You need common ground to create trust, but you need trust to create common ground.
That's why we can't seem to find a simple solution: because there's no solution full stop. We're just trying to make impersonation as hard as possible, but unfortunately we're stuck for the ride. Making things harder for the imposter makes things harder for US, and there's no way to unlink the two since the imposter's job is to BE us, essentially: right down to the DNA if they gotta. And inversely, easier for us is easier for the imposter. Worst yet, it seems the medium is UNhappy: not easy enough for us but not hard enough to thwart the imposter. So, basically, what now, especially when the public demands unicorn solutions?
Using a password manager requires a trusted computer. What if the only available computer is communal or the person travels a lot without benefit of a laptop?
"A big part of job interviewing from the view of the interviewee is figuring out if the company is one of those companies. If you do take the job then it probably means you need to do a better job researching companies or you need to increase your skills and experience so you don't have to work for those type of companies for long if at all."
Or it simply means you're out of options. If they're the ONLY opening, then as they say, "Any port in a storm."
Right, but what if that's your ONLY unit?
"People don't appreciate that failures are a wonderful learning experience."
Because for many people's personal experiences, people who fail (at all) don't survive for very long.
"Sounds to me like the failure is in the business model of the company. Those generally are the type of companies that are one recession or self created disaster away from administration."
That's why it's called living on the razor's edge. Where margins are close to zero all the time. You'd be surprised how many firms HAVE to live like this because they flip between profit and loss every month. You're floating in the ocean and you barely have the stamina to tread water. Sometimes, that's all you're dealt. All you can do is hope for shore or some flotsam.
You're lucky to have the budget to do it. Many times, people only have ONE live system (all they can afford) which MUST remain up 24/7, so no way to do a test. No test system to try the restore on (and besides, it's different from the live system, so things can still mess up in actual settings), and no way to really test for emergencies because they depend on things that ONLY occur in real emergencies, such as power to not just the floor but the whole building going out (and perhaps next door as well, just to be sure something wasn't plugged in a jury-rig).
Hasn't it been said you can't really practice for an emergency without an emergency, in which case Murphy will get you either way?
Not even that guarantees things. Some identical twins, living together in the same house and so on, diverged on sexual orientation. This raises plenty of questions on the whole "nature vs. nurture" debate since it suggests neither are key factors and suggests a possible "wild card" factor that can't easily be isolated.
PS. As for the one not having a 'stache, one of them probably shaves.
Well, bone and muscle loss are likely due to atrophy-like effect. Human bodies were built to be under constant stress of gravity. Take that away, and stuff like that can naturally follow.
What's needed now is some kind of artificial gravity effect like an O'Neil Cylinder to see if something like that can minimize the atrophy.
"If a website won't let me view its content and demands I turn off my adblocker, then I go elsewhere.
Why would I turn the adblocker off and allow unwanted adverts and malware through? Advert punters sometimes don't think like us normal folks..."
Because it's say a manufacturer's website and thus the ONLY official source for drivers for the hardware you've already plunked down for and can't recoup so it's bend-over time because you can't afford to replace it.
They can do it ALREADY. Think ad WALLS. They won't let you through until you see the ad. Pretty soon this'll be the norm on the Internet. Then what's you do?
Thus "as they CAN." If they CAN'T, we'll as they say in America, "Them's the breaks." There are 12 stranded starving islanders but only 6 coconuts. Someone's gotta go.
That wouldn't be EMP that killed your router but a power surge. Lightning, even just in close proximity, can fry a lot of electronics, even WITH protection.
Same here for my R7000.
Watched The Fifth Element in the past?
I think below 12kHz people disregard it as background and sleep through it. If a jarring sound doesn't work for you, then a sound-based alarm probably won't work for you anymore.
I don't think the glue's been made that can thwart a determined hacker.
Thing is, the seller (developer) should never be compelled to sell. If they want to make it a Hobson's Choice, that's the discretion of the seller. Don't like it? Just don't use it.
Except they'll probably just whip up ways to tell the fake data from the real stuff and go, "Naughty naughty, no lying to me!"
IPtables requires root, and since root can break apps, that's not an option for some of us. In which case the VPN route is the only one available.
$60/yr is the rate for my VPN plan. I like it because it's a fixed IP, allows port forwarding, and they even throw in SOCKS5 and other proxies gratis.
"For Android there are dozens of alternate app stores that compete with Google's Play Store, and you can find them by Googling, or even Binging if you prefer."
The trouble being only Google's App Store is trusted by default on Android, meaning the only way to accept installs from the likes of F-Droid is to either root your phone (which can break things) or allow untrusted sources. If Android REALLY were open, we'd have the option of ADDING store certificates so that other app stores can be accepted as trusted. But that isn't even an option: not even under an expert setting.
The thing about being thick is that you don't KNOW you're thick. That's why you're thick in the first place: nothing gets through to you, not even the idea that you're thick.
It's like with stupid: a self-reinforcing loop that's extremely difficult to get through. It usually takes a crisis to do it, and if even that doesn't work, odds are they won't be alive to realize it.
" If my nana's PC in Iowa suddenly starts making TCP connections to a server in a faroff country, wouldn't that strike you as a little odd?"
Given how interconnected the Web can be, not necessarily.
Biting the hand that feeds IT © 1998–2017