* Posts by Charles 9

9955 posts • joined 10 Jun 2009

systemd-free Devuan Linux hits version 1.0.0

Charles 9
Silver badge

Re: Cat among the pigions but...

Not really. A desktop has to work with much more varied hardware configurations including consumer-designed graphics cards with GPUs and 3D demands as well as things like hot-plugging USB hardware of all shapes and sizes from media devices to display adapters (and a good chunk of which are black-boxed, too), in mobile settings where people may be switching from access point to access point, maybe even using LTE modems and so on.

As they say, the devil is in the details. There's a world of difference between making a fixed-hardware interface-light server work and making a desktop that could have any number of things attached to it work.

1
5
Charles 9
Silver badge

The problem comes when you don't have access to journalctl. Say you're booting from an external device because the original drive no longer boots (or worse, you transplanted the drive to another system). Odds are, the journal's mangled and the recovery system you're using doesn't grok the binary log. It's somewhat easier to make at least some sense of a mangled ASCII file; it's one time where INefficiency is a boon (more room for error). As for filtering, as long as the log's well-formatted, you can simply run an ASCII log through the usual trove of text-selector utilities like grep to winnow things down. You'll have to demonstrate (very useful) things that simply cannot be done any way OTHER than a binary log.

14
2
Charles 9
Silver badge

Re: More honest questions

Probably because it wasn't intended to be an actual fork but rather a demonstration on just how tightly integrated the systemd components are. Sort of a, "Oh, you say it's so simple?" response to claims that you can separate the components.

As I've mentioned, the desire to have this kind of integration appears to come from up top, meaning any attempt to divorce the init part of systemd from the rest is unlikely and it would make more sense to start from scratch. Trouble is, something as serious as an init replacement, especially for modern environments, will likely need some backing, and most commercial interests that back Linux projects are backing systemd.

3
0
Charles 9
Silver badge

Re: More honest questions

"Second, and please don't blow my head off, it's just an idea, is it practicable to fork SystemD and castrate its excesses to create a genuinely clean init subsystem?"

I think for many your last suggestion is the nail in systemd's coffin. The group centered around the development of systemd appears insular and opinionated. If it weren't for the "my way or the highway" attitude existing there (and since it's coming mostly from up top, there's no real way to control it), we might see support for paring things down.

Because there ARE things that could use addressing, like better support for dynamic hardware configurations and especially hot-plugging (not prevalent in servers, yes, but essential for end-user stuff).

There's also debate about the very core of the UNIX philosophy because "doing one thing" doesn't guarantee they'll do it RIGHT or CONSISTENTLY, and you need both in order to ensure the stable interrelationship that is essential to make a process chain work. Interdependency chains create "weak link" problems that aren't always obvious. Nothing fouls up a maintainers day like one of those "one things" going WRONG, messing up the process chain, and then mangling the logs and backtraces to make backtracking difficult. It doesn't help that there's no real manual of style for scripting or configuration files, so each one does things differently leading to more inconsistency. From my perspective, the whole problem is something that's neither here or there: in other words, it's complicated, and there's no real ability to debate over the best way to approach this due to the spate of extremists in the discussion (see the systemd problem above).

4
2

Script kiddies pwn 1000s of Windows boxes using leaked NSA hack tools

Charles 9
Silver badge

Nope, you forget scenario three. Mine's the large AND well-worn toolbox, because my dad found himself having to fix A LOT of different things of varying shapes and sizes. Anything from a 6mm socket using a 1/4" ratchet to the four-inch pipe wrench. In another box he held a soldering iron and assorted accoutrements. Two multimeters, multiple saws, and a vice. And ALL of them have been used, multiple times. I've been forced to do the same thing. It's called versatility. Sometimes, you DO need the jack of all trades because although he may not be a master of any one, he can still be good enough to be preferable to the alternatives.

"You have to bribe the manufacturers to do so - and for them it's a matter of once it's known they let the NSA or whoever doctor their stuff that's it, game over."

Or blackmail. It's not above the Chinese, isn't it? As for "game over," that depends on whether or not an alternative is available. If they're a monopoly (say because they hold an essential patent), then they've basically got you up Crap Creek because there's no alternative other than to go without (which depending on the case is not an option for staying in operation).

And there's always going AROUND the manufacturers and replacing chips or other things en route, or simply finding ways to tamper with firmware and do it in irreversible ways (like the MacOS exploit that then replaced the encryption keys to prevent a reversal).

2
0
Charles 9
Silver badge

Easy enough. Encrypted packets bound for a white listed address or mixed into an existing encrypted session. The plods intercept the data upstream. Plus they really could be pwning the network chips. What then? You can't roll your own because of hardware patents.

0
3
Charles 9
Silver badge

Re: Move Windows XP to VM

You can't VM custom hardware because it won't know how to virtualize it, like that custom ISA lathe controller card (can't be used after XP because Vista dropped the ISA bus).

7
1
Charles 9
Silver badge

"The thing is, you want tools that work "everywhere", not every target runs the same hw, most, if not all, have slurp boxen, though."

No, you want the most effective tools, and you keep as many tools as you need to be as effective as you can in as many things as you can. That's why a good garage keeps a lot of tools. That's why State-level malware writer ALSO write Linux and MacOS malware.

6
1
Charles 9
Silver badge

Are we SURE this is State-level stuff? If I were running a State-level outfit, I'd accept nothing less than nuke-proof malware that can pwn machines at the HARDWARE level, beyond any hope of recovery. And we KNOW that's possible due to such things already being seen in the wild.

0
11

Doctor Who-inspired proxy transmogrifies politically sensitive web to avoid gov censorship

Charles 9
Silver badge

How would this work if, for example, the ONLY TLS credentials permitted on a subject's computer belong to the state, and that ALL traffic, encrypted or not, runs through state proxies and routers as a general rule (think corporate proxies, only larger)?

2
0

Mastercard launches card that replaces PIN with fingerprint sensor

Charles 9
Silver badge

But it's A LOT easier to just look at a finger than it is to compare signatures. Plus most people don't sign consistently anyway. I know my scrawl varies between iterations. How are you going to conceal a fake fingerprint in plain sight without some kind of tell?

0
0
Charles 9
Silver badge

Re: Targetting the wrong method?

The untrusted medium basically means there's no real way to deal with CNP fraud before the fact, as most thieves simply get enough information to properly impersonate the original holder. There's no real way to stop a Perfect Impostor at that point.

0
0
Charles 9
Silver badge

Re: Won't matter because it seems the Americans don't use C&P now

"But the real issue is US merchants who can't, or won't use C&P and only accept on 30YO mag strip technology."

Because they don't care. Most of the time, they don't foot the bill, and the little that does stick they eat to keep customers from defecting. Customers don't care as they just wanna get out the door (one of the most embarrassing things you can see is a customer swiping and leaving only for the clerk to call back, "But your card was declined!"). And as noted earlier, VISA don't want to lose customers so they tend to resolve fraud issues quickly in their favor. In such an environment, why shoulder additional PITAs when they don't have to?

0
0
Charles 9
Silver badge

Re: Maybe I'm not as smart as these card tech guys...

"Well typically it's not a hash, because that won't allow fuzzy matching that takes into account small changes between different presentations of the same finger. MasterCard say that they convert the fingerprint to a template and store it in an encrypted form on the card. Of course the encryption key needs to be stored on the card too, but hopefully it is not easy to extract both it and the encrypted template."

In such a situation the crypto module is black-boxed, unique to the card, and highly tamper-resistant with suicide circuits and so on (IOW, try to mess with it and it wipes).

0
0
Charles 9
Silver badge

Re: Useless

"It's not that easy. The card number will identify it as being fingerprint-enabled. That means that when MC's server receives the payment authorization request, if it does not include a fingerprint, its fraud suspicion score will be raised."

Not if the card's simply kept to CNP transactions where the fingerprint reader (and PINs, for that matter) aren't useful.

0
0
Charles 9
Silver badge

And if it becomes SOP for the clerk to ask to SEE the finger in question before you press it?

0
0
Charles 9
Silver badge

Re: Useless

"So how do you get a fingerprint scan if you insert the card into a cash machine, petrol station, or vending machine slot?"

You DON'T. As the article notes, it's not meant for those kinds of transactions, which is why the sensor is located in an area normally covered by those kinds of readers. They're meant for PIN Pad terminals at sales counters where there are people present to watch you. Dead fingerprints would be obvious and even gummy prints would be risky.

2
0

Web celeb product whores told to put on the red light – or else

Charles 9
Silver badge

Re: What they meant to say was

More like a Matrix if you ask me. The Wild West exists outside, with junk calls, junk mail, billboards, ad flyers, and all that business in reality.

1
0
Charles 9
Silver badge

"Red-Tag Items 50% Off Next Friday" seems pretty cut-and-dry to me. "Now $1.19" as well.

If those are a lie, then cake is a lie, too. And if that's a lie, EVERYTHING is a lie and we're back to square one.

How else can you get the word out that you exist, especially if you're new to the scene and no one knows about you yet? Chicken-and-egg problem otherwise.

Look, advertise on your merits, but be ready to back them up. If your product is so good, then it should be good in the general case, not just the atypical case. If you don't have enough difference to make your ad worthwhile, GOOD!

The way I see, I consider ads a testimony before the public. Subject them to the same requirements as a court witness: the truth, the WHOLE truth, and NOTHING BUT the truth, so help you $DEITY.

3
0
Charles 9
Silver badge

No, that doesn't always work because young people can be both impressionable and rebellious. They'll follow their idol and hide that from their overbearing parents.

Given that, the only solution is a law demanding absolute truth in advertising with all claims made in the conservative. If a celebrity endorses it, they must ACTIALLY USE it and describe it's actual effects truthfully.

4
0

Nuh-uh, Google, you WILL hand over emails stored on foreign servers, says US judge

Charles 9
Silver badge

Re: Terms of service

"These days the Swiss banks will often refuse to open accounts for Americans or even shut accounts down because of this."

And if the person happens to be a Swiss/American dual citizen by birth?

0
1
Charles 9
Silver badge

Re: Terms of service

"To comply with local laws the Swiss subsidiaries pulled access from their parent firm (not to do so would land them in jail) however the US courts still found the US parent firm to be guilty of contempt of court for not providing the the information and fined them daily."

So what happens when a multinational company (local to MORE THAN ONE country) gets caught between conflicting sovereign laws such that, no matter what, the company WILL be in violation of AT LEAST ONE, with severe consequences either way?

2
1

(You can't) buy one now! The flying car makes its perennial return

Charles 9
Silver badge

Re: I do wish he'd leave my knob alone

The door doesn't have a knob, either!

0
0

FYI – There's a legal storm brewing in Cali that threatens to destroy online free speech

Charles 9
Silver badge

Re: Thanks California...

"...except that even back in the days of Ronald Reagan republican California there were still legally-retarded laws being passed."

Two words: California Emissions.

3
0

Zuckerberg's absolutely mental: Brain sensors that read YOUR MIND at 100 words a minute

Charles 9
Silver badge

Re: Impedance missmatch.

Shakespeare also probably didn't have to face a deadline.

You can do things right, or you can do things fast.

The world today wants things done rightfast.

2
0
Charles 9
Silver badge

Re: Bunch of mealy mouthed morons

So in other words, Dennō Coil.

1
0
Charles 9
Silver badge
FAIL

Re: Re Charles 9: No escape

And many of THEM are accepting online orders IN ADVANCE. That way the cooks are kept busy and the customers don't have to wait at table. More turnover = more profits = you get to kill the competition.

Anyone that voluntarily refused to use the Internet would have to pray for a Luddite clientele: a dying breed.

Try again.

0
0
Charles 9
Silver badge

Re: No escape

But wait until Facebook becomes a basic prerequisite to even APPLYING for a job (ANY job), just as the Internet is becoming a basic requirement in many places. What happens when it becomes a matter of "submit to Big Brother or STARVE"?

2
0

Machine vs. machine battle has begun to de-fraud the internet of lies

Charles 9
Silver badge

Re: More cat belling....

That makes you part of the problem, then. Ten stupid votes versus one smart vote. Guess who wins.

0
1
Charles 9
Silver badge

Re: The Greatest Fraud of All

"Shannon clearly denoted equivocation as the basis for security, but this is ignored by mathematical cryptographers. Shannon defined security as the state when AFTER a brute-force attack, there are two or more viable messages."

Did Shannon ALSO consider the kind of "brute force" that involves a wrench?

0
1

Alert: Using a web ad blocker may identify you – to advertisers

Charles 9
Silver badge

Re: Test

I've never been able to use Forbes because of an ad-blocker-blocker. And they're becoming distressingly more common.

0
0
Charles 9
Silver badge

Re: Blow 'em a Raspberry!

"I've found it the most effective way of blocking all ads - and if any ad does show up it will be the most obvious product/service to avoid purely on being so subversive."

Even if it's the ONLY source of something? And yes, there ARE sole sources on the Internet?

0
0
Charles 9
Silver badge

Re: Meh

They tried many years ago. Remember banner ads? They got ignored.

0
0

'Nobody's got to use the internet,' argues idiot congressman in row over ISP privacy rules

Charles 9
Silver badge

Re: Benefit of the doubt? "Notas Badoff" might not be American?

"I am happy to supply links to references. I can actually do this, as opposed to you, AC."

Then why haven't they already been provided? And how will those decisions stack up against the new conservative Supreme Court which can easily UNstrike them AND make them the ultimate law barring an Amendment (and hell will freeze before that happens).

0
0
Charles 9
Silver badge

Re: "Well, if regulation is so good, explain the TSA."

Most would say the TSA are being regulated to be jerks.

The biggest fear is that the medium is UNhappy: stifled simultaneously by the government on one side and by greedy private enterprises on the other, with no hope for escape.

0
0
Charles 9
Silver badge

Re: Editor strikes

The reason Hobson made his offer like that was that his clients tended to have favorites, and he wanted to keep rotating his horses to keep the condition of his horses balanced.

0
0
Charles 9
Silver badge

Re: "Nobody's got to use the internet."

"Offers you can't refuse" tend to have more force and therefore are much more serious. Think "The Godfather" kinds of offers. In this case, most politicians toe the line because the political machine can easily be turned against them if they so much as peep the idea of compromise (which in today's circles is a filthier word than the F-word). Next thing they know, they won't even survive the next primary.

0
0
Charles 9
Silver badge

Re: Privacy in wire communications??

But then the ad people will know you're cutting them out of the loop. Next thing you know you end up with ad gates.

The problem with chaff plugins is that not everyone has the bandwidth to product sufficient chaff to cover their tracks, plus the servers can probably run machine learning to winnow out the chaff, be it computer- or human-generated.

0
0

Bloke whose drone was blasted out of sky by angry dad loses another court battle for compo

Charles 9
Silver badge

Re: On bats and other such implements...

Doesn't work that way. "Deadly weapon" can be qualified by context. For example, if you're trained in martial arts, your own body can be considered a deadly weapon. A two-pound rock can be considered a deadly weapon when you throw it. An axe handle can be considered a bludgeon; and bludgeons CAN be classed as deadly weapons.

0
1

Will the MOAB (Mother Of all AdBlockers) finally kill advertising?

Charles 9
Silver badge

Re: I havent got the bandwidth yet

Then where are the high-performance graphics drivers in the kernel? The Winmodem drivers? Broadcom and Atheros WiFi chipset drivers? If you're going to say supports everything, prove it!

4
1
Charles 9
Silver badge

Re: "People don't hate adverts, just awful adverts"

"Had the advertisement industry kept to low-bandwidth and discrete side bars that did not distract the user, act as a malware vector or soak up all usable bandwidth/CPU/screen area most users would not bother with ad blockers. But they didn't, and now here we are in a world where many web sites are pretty intolerable without an ad blocker."

The problem with the old days of banner ads was that it stopped working. People got used to them and started ignoring them. And ignored ads get reduced rates, and so on.

0
5
Charles 9
Silver badge

Re: People DO hate adverts

"This is good, but for extra bonus fun. Add a sprinkling of glitter inside the envelope."

And if they just stamp "RETURN TO SENDER" on it and throw it back in the mailbox?

0
5
Charles 9
Silver badge

Re: A stupid question

But that also costs precious bandwidth. So you still lost out if you have a tight cap.

0
0
Charles 9
Silver badge

Re: I havent got the bandwidth yet

"Until I get the bandwidth I shall just block that shit and go elsewhere if necessary."

And if it's something like a manufacturer's driver website where no alternative is possible and replacing the hardware is going to be expensive?

0
11
Charles 9
Silver badge

Re: TV Ads

Under the decibel scale (which is logarithmic), for the volume to double, it would need to be 10 dB higher, not 3, because the decibel scale is designed under that very definition (+10dB = *2 sound intensity).

2
13
Charles 9
Silver badge

Re: Some people do hate all adverts, they're messing with our heads

So you're saying you'd sooner abandon the Internet and go back to the Sears catalog (for however much longer THAT lasts)?

0
8

Regulate This! Time to subject algorithms to our laws

Charles 9
Silver badge

Re: Sounds like the makings of a witch hunt to me.

But as a comedian once said, "You can't fix Stupid."

0
0

Profit with just one infection! Crook sells ransomware for $175

Charles 9
Silver badge

But many of us can't run Windows in a VM because we run apps with high RAM demands (leaving little for the host) or heavy 3D work which doesn't virtualize well.

1
0
Charles 9
Silver badge

They're talking physical honeypots: bait computers set up to catch malware in order to analyze it. Karmen's obviously designed to be honeypot-resistant, probably by performing something a honeypot MUST catch or there's a risk of the honeypot itself being subverted. If it's trapped, the malware knows there's a honeypot. VMs are another way to do honeypots which is why VM detectors are now standard fare (and unfortunately, extremely difficult to fool thanks to physical limitations that can be detected by things like external timing attacks).

0
0
Charles 9
Silver badge

But many types can't keep archives that long and eventually have to cycle. That's when it gets you.

0
1

Forums

Biting the hand that feeds IT © 1998–2017