* Posts by Charles 9

9714 posts • joined 10 Jun 2009

The UK's Investigatory Powers Act allows the State to tell lies in court

Charles 9
Silver badge

Re: No safe laws?

What makes you think the parties are really in opposition instead of just playing mind games with the hoi polloi?

1
0
Charles 9
Silver badge

Re: "There is no crueler tyranny...

"Having a Constitution and an organism to check if laws follow the Constitution is handy is such situation... In most democratic countries such a law would be deemed unconstitutional because of its violation of basic human rights."

Ink on a page. A document is only as good as the force behind it willing to defend it.

0
0
Charles 9
Silver badge

Re: it's probably just me . . . it usually is.

"Just one wee problem . . . the real murderer is still out there!"

Not a problem for them at the moment. Maybe he'll pull a Jack the Ripper and just vanish or go elsewhere. Somebody Else's Problem now.

1
0
Charles 9
Silver badge

Re: I don't get it

Do the British courts have the concept of "contempt of court"? If so, there's your answer.

0
1
Charles 9
Silver badge

Re: Sounds like a perfect 'out' for Jury service

Wouldn't they just respond with a contempt ruling or the like? As I recall, jury duty can only be legally avoided under specific listed conditions (ill health, deployed military, in school, linchpin situation, etc.)

0
0
Charles 9
Silver badge

Re: Disgusting..

Being compelled to lie in my case would be the result of a court order: the trial onus has already passed. This Act seems to make sure warrant canaries can't be used effectively.

0
0
Charles 9
Silver badge

Re: US jails

"It was presented in a 'here is some humour with your facts' kind of way, but was very disturbing. Included such nuggets as the jails being run by private corporations, who in some cases (states?) have imposed minimum occupancy limits, and if those 'targets' (say, 97% full) are not met, then the municipality which 'runs' the jail is fined....."

Actually, those jails are being taken back by the states. They're not saving them money which was the main reason for them being privately run in the first place. Seems private enterprise has trouble like everyone else with an enterprise (like a prison) which is inherently a money sink. The benefits of jails are not monetary in nature, which is why it's normally the State that runs them.

1
0
Charles 9
Silver badge

"If you do defend yourself in court by revealing what the Act says about hacking etc - how are you punished? Another trial without a jury? An automatic conviction without a trial?"

Do the English courts have anything like contempt rulings which require no jury? If so, there's your answer.

0
0

Fancy that! Google was keen on 'draining the swamp' in 2013

Charles 9
Silver badge

Re: Err...

Ever heard the phrase "Half the truth, twice the lie?"

0
0

Top tech company's IP was looted by China, so it plans to hack back

Charles 9
Silver badge

Re: RAND

Could it be western mentality preventing people from Pressing The Button? What if it was an Eastern person where MAD would be preferable to surrender?

As for the winter scenario you describe, what if more people were encouraged to keep their own supplies, including power, in case of a disaster?

0
0
Charles 9
Silver badge

Re: It's got nothing to do with money

It WILL involve spending something: usually money (translated from time and/or resources). It's always been that way, even down to physical defenses in the past. Separating resources will cost you time because it's harder to reach, especially if you face the dilemma of information that's both vitally secret to your business but needed all the time, like a "Top Secret" door that nonetheness has to be opened several hundred times a day, any one of which can cause the corporate jewels to be stolen. Furthermore, no security in the world can do much against a skilled insider.

0
0

Basic income after automation? That’s not how capitalism works

Charles 9
Silver badge

Re: Someone's probably said it but...

So like I said, wealth has gravity. Those that have a lot of it tend to naturally accrue more as people still demand their daily bread and you demand their wealth in exchange. It's like a big poker tournament: eventually people will drop out as they run out of wealth and eventually the ones left with all the wealth will close off their walled garden and start hashing it out amongst themselves. It's happened before, and this time they likely have the resources to actually keep the unwashed masses at bay.

0
0

Remember that amazing video of the whale leaping out the gym floor and splashing down? Yeah, it was BS

Charles 9
Silver badge

Re: Well you need to do plausibility checks

Or better, coming up with a true three-dimensional light field in open space.

0
0
Charles 9
Silver badge

Re: Not quite

But truly good things need no marketing. They sell on their reputations alone.

1
0

US think-tank wants IoT device design regulated, because security

Charles 9
Silver badge

Re: Accredited Standards Body

Or they can go back to the old days before the Internet and establish their own endpoints if needed. Facebook certainly seems aware of the idea, given their third-world ambitions where Internet presence is at its weakest.

1
0
Charles 9
Silver badge

Re: essentially regulate almost all computers

Basically, the Stateful Internet, aka Big Brother. It's either that or a descent into Internet Anarchy.

0
0
Charles 9
Silver badge

Re: Wishful thinking

Probably too expensive. Unless you can make it cost-competitive (like in at most a penny or two more than existing stock, which is unlikely given the glut of pre-secure stuff), anyone who tries will get undercut. Remember, the average person doesn't care. All you're hearing are squeaky wheels.

0
0

Can ISPs step up and solve the DDoS problem?

Charles 9
Silver badge

Re: Start at the source.

OR it's just pretty damn popular and something hot just came down the pipe. Would look a lot like the same thing. Potential false positive there.

0
0
Charles 9
Silver badge

Re: No. Not regulation.

"If government regulation is the answer, then you're asking the wrong question."

Well then, who else can run the jails? Certain necessities of civilization are, in a monetary sense, sinks. Meaning there's no incentive for private enterprise to do it. Yet something needs to be done to control the genuine criminal element out to pilfer from the common man. If the status quo is unacceptable, and there's no money angle for the private sector, guess who's left?

So basically, if you don't like government regulation, what happens when it's the ONLY option left? If you can't trust the government at this point, you can't trust anyone, and that means anarchy.

1
0

Real deal: Hackers steal steelmaker trade secrets

Charles 9
Silver badge

Re: Trade Secret Wars

The Japanese never lost the knowledge. They just had to teach new people; nothing fancy. And it helps to have to start from scratch. No aging infrastructure to deal with. The same thing happened in much of Europe after the war: a lot of opportunities to start fresh meant it was easier to modernize.

As for why their katanas have such praise, they've been carefully analyzed. A combination of factors help it. One is the taper on the edge which is wider than is the norm in the west. Since katanas are primarily meant for swinging, this helps spread the material as you cut, while a curved blade allows you to better pull it as you swing, creating a sawing action. Both make it easier to cut through. The forging techniques used also carefully balance the use of flexible and inflexible metals, optimizing both aspects.

0
0
Charles 9
Silver badge

Re: Mismatch

"Yes, I know total security is impossible, but a big wealthy company should already be following best practices including basics such as monitoring for suspect activity."

But as you shut doors, edge cases stop being edge cases. And one of the biggest problems is also probably the toughest to stop: moles.

0
0
Charles 9
Silver badge

Re: ThyssenKrupp said the attack was not attributable to security failings

But some security failings can never be effectively policed, like moles. Is it really a security failing if it's one beyond anyone's ability to secure? Just like is it really anyone's fault if someone gets killed by a bolt out of the blue?

0
0

Solar-powered LoRa IoT node: Nice idea but it won't replace batteries

Charles 9
Silver badge

Re: I say BS on no batteries

Depends on the lighting. Incandescent and perhaps LED lighting, OK, but I've had a flaky history of using them under fluorescent lighting. Might have to do with discrete wavelengths or polarization.

As for using these in conjunction with rechargeable stuff, it's probably going to depend a lot on the usage case. Mind you, solar collectors are not new tech, so it's mostly a matter of how much power you need and if you have space or location constraints (as in you can't really use them in a constrained or indoor location).

0
0

90 per cent of the UK's NHS is STILL relying on Windows XP

Charles 9
Silver badge

Re: Win XP still has its uses

And is there any reason it MUST be a genuine, physical legacy serial port and not a USB-based device?

0
0
Charles 9
Silver badge

If it were only that, you could stuff an XP/IE instance in a VM and call it a day. No, more often than not hardware is the real problem. It's also one of the few things you can't virtualize, especially where custom hardware is involved.

0
0
Charles 9
Silver badge

Re: "Sainsburys supermarkets still have XP in their stores as well"

INCLUDING the back end machines which definitely AREN'T POS units?

0
0
Charles 9
Silver badge

Re: The fault is the operating system

Um...given patient confidentiality mandates, how do you do SaaS without breaking those mandates?

0
0
Charles 9
Silver badge

Malware can come in through other means (even the keyboard), plus your network could get accidentally (or maliciously) bridged.

0
0
Charles 9
Silver badge

Re: The fault is the operating system

So how do you handle long-term business needs in a world full of short-sighted, penny-pinching investors and executives?

0
0
Charles 9
Silver badge

"The solution is to promote people on merit, ie. actually delivering completed and usable projects rather than for brownnosing skills. We might then see a reduction in multi billion pound projects failing."

You forget. People LIE. And people BELIEVE lies. Given that, people CHEAT. And it's part of the human condition. You can't FORCE people to promote on merit, not even with the law. Disagreeable laws are just ignored as ink on a page. Look at Prohibition.

As long as people respond instinctively to the "What's in it for me" angle, you can't have the utopia.

0
0
Charles 9
Silver badge

Re: Security concerns?

"Sorry, that is simply not true. I work on PACS systems with studies that are normally GB's and sometimes TB's in size. These are routinely transferred across hospital LANs and are also transferred across N3 with no problem. A GB study can be retrieved from a remote datacentre and the first images displayed in <2 seconds (SLA) with the remainder of the images viewable within 20 seconds."

Assuming a top-of-the-line network. Bet you that's not the case in general.

"Copying patient information onto non-encrypted USB drives is banned across the NHS and is seriously slower than LAN/WAN transfer."

What about encrypted drives, then? Plus how do you enforce such a thing when time is precious?

0
0
Charles 9
Silver badge

I've spotted a few other places that still use XP-based machines, mainly due to sunk costs and recent cycle changes that missed the boat. They won't be moving for a while yet, if at all.

0
0
Charles 9
Silver badge

Re: The fault is the operating system

Clarification: It's main job is to allow the user to run applications. If one only needed to run applications without user intervention, then you can get away with something simpler like a scheduler. Only thing is, users have a wide range of aptitudes. Many need help (the ones who wouldn't know a network fob from a thumb drive), and you have to cater for them. And their #1 priority, the #1 priority of ANY job, is to COMPLETE the job. All else comes secondary. And no, you can't always train them, and if you raise your standards too high, you run the risk of no takers. And remember, medicine and computers aren't necessarily highly overlapping fields of expertise.

0
0
Charles 9
Silver badge

Custom hardware simply cannot be virtualized since their very function is considered a trade secret; you can't virtualize what you don't know. Thus we have the story of that computerized lathe that runs on XP because Vista and up doesn't support the ISA bus anymore and the lathe is controlled by a proprietary controller (trade secret, remember?) fitted to an ISA slot on the computer. Can't be upgraded due to that ISA card, and the lathe is still pretty young (meant to last decades and is still being amortized, so you can only cross your fingers.

And depending on the direction hardware takes in future, this may become more common rather than less, given that most ARM SoCs are built with fixed hardware in mind and therefore are more likely to use hard-and-fast memory maps rather than any kind of enumerating bus (USB being the possible exception).

1
0
Charles 9
Silver badge

Except you never know when someone makes an effort to BRIDGE the devices, perhaps by a MAC-spoofed mole. Remember, not even Sneakernets and airgaps are immune.

0
2
Charles 9
Silver badge

Re: So what?

Plus you can never completely isolate a system. After all, there MUST be a way to transfer information in or out or it's useless as a device. As long as method exists, a method can exist to infect it. Not even Sneakernets are immune.

1
0
Charles 9
Silver badge

That's always been the one failing of a government by any kind of popular agreement or consensus. Some of the humdrum necessities of civilization also happen to be very irksome: like taxes. Not to mention subject to considerable squabbling. It's only something existential in nature like a crisis that puts people together. End the crisis, and it's back to the squabbling. Humans appear to be more a tribal kind of animal under normal circumstances. Bigger than that, and we start seeing competition.

An autocrat would have the capability to, as they say, cut the crap, but of course that has the risk of being subject to that person's whims. It's really a difficult thing to work out either way.

3
0
Charles 9
Silver badge

Re: 'up'grading is overrated

"Getting rid of legacy IT can be difficult if some essential software or hardware is not ported to a newer platform; we do still have some productive SGI workstations at my work...."

And that's the point I was making. There are any number of devices that use XP or lower that either (a) cannot be upgraded at all, probably because the manufacturer went out of business taking their trade secrets to the grave, or (b) are such that the only way to fix the software issue is to replace the VERY expensive hardware. If upgrading is either impossible or too expensive, you end up with what I called a "stuck" machine. Think of it like someone holding an underwater mortgage (they owe more to the bank than their home is actually worth, so selling the home to close the mortgage is not an option).

3
0
Charles 9
Silver badge

"Moving to Vista wouldn't help (that also goes end-of-life in April) unless drivers/apps work in later versions of Windows."

I said Vista because that was the epoch point for Windows newer driver and program models. IOW, if a program or driver can work on Vista, odds are pretty good it'll work on 7, which IS still supported, and passing fair it can work on 8 and up because beyond Vista they didn't monkey too much with basic hardware driver models, and 8.1 and 10 reinforced desktop program support.

2
0

Hackers actively stealing Wi-Fi keys from vulnerable routers

Charles 9
Silver badge

Re: FlashRouters

Now you lose bandwidth to overhead, and many people have tight data allowances. Cost can be too great.

0
0
Charles 9
Silver badge

Re: Physical proximity not needed

"Imagine a row of houses with compromised WiFi keys where one of them contains a device that is part of a botnet."

ONLY if the device itself has WiFi capabilities. If they're on a landline, they wouldn't have the capability to see the other networks. That reduces the potential victims and makes a remote exploit difficult since you'd have to query any given bot to see if it has WiFi capabilities AND is near a vulnerable spot. Not to mention since most WiFi-capable devices can only latch onto ONE network at a time, you run the risk of cutting the bot off the net because at best it'll get a new IP and you'll have to reconnect and at worst it fails and gets cut off completely.

0
0
Charles 9
Silver badge

Re: @ Captain Badmouth

Then use the Joke Alert next time, not the Geek. Anyway, it was a very terrible joke at that, worse than a Fozzie Bear joke.

0
3
Charles 9
Silver badge

Re: Simples, buy your own better router and secure it properly.

Point is, a directional antenna can be very sensitive, and a window is normally radio-transmissive, so you're prone to leakage. IOW, it may not be as tough a time as you think.

0
0
Charles 9
Silver badge

Re: Talk Talk Spokesperson

Then the lawyer calls back and demands someone up top before a lawsuit lands on the legal team's desk?

0
0

Emulating x86: Microsoft builds granny flat into Windows 10

Charles 9
Silver badge

Re: Bad solution

No source.

No company.

No MONEY.

Now what?

0
0

Software can be more secure, says NIST, and we think we know how

Charles 9
Silver badge

Re: Maybe Hire Professional Software Engineers

"How about starting by hiring actual professional software engineers, who have been formally trained in a university environment?"

You got the money? Because the PHB's can't be convinced even by the legal department.

0
0
Charles 9
Silver badge

It IS impractical because of scope. Formal proofs tend to require specific conditions to work (like the lack of direct-access code in seL4, meaning it chugs). Plus no matter how you slice it, a module only has a limited base of knowledge: what goes into it and what it does with it (Chinese Room Problem). Thus why ROP and other exploits simply exploit the standard behavior of these modules to create mischief: a gestalt exploit, I call it (worse than the sum of its parts).

0
0

systemd free Linux distro Devuan releases second beta

Charles 9
Silver badge

Re: level playing fields suck

But what about all the other mainline distros? Are you saying ALL of them are acting in a cartel?

0
0

If your smart home gear hasn't updated recently, throw it in the trash

Charles 9
Silver badge

Re: Logical conclusion if devices are unpatchable and blocked/remotely killswitched

Can't proxy a secure connection. You don't know the key.

0
0

Clients say they'll take their money and run if service hacked – poll

Charles 9
Silver badge

Re: No they won't

Also, if it's going to be a transportable domain (meaning you control the section just before the .com or whatever), those aren't cheap and will be recurring costs, which many people would find too much for what it's worth to them.

0
0

Forums

Biting the hand that feeds IT © 1998–2017