* Posts by Charles 9

11817 posts • joined 10 Jun 2009

Windows 10 Hello face recognition can be fooled with photos

Charles 9
Silver badge

So if they have a poor head for passwords, all you can tell them is, "You're simply screwed. Just give up and bend over."?

1
2
Charles 9
Silver badge

"(we're quite good at keeping physical objects, like phones, keys and cash secure)"

ORLY? I've lost count of the number of times I've heard of lost keys and wallets or found the same lying around in the middle of nowhere.

1
2
Charles 9
Silver badge

Re: About face

Or could it be they just have a VERY poor memory for passwords, such that even "correcthorsebatterystaple" easily becomes "donkeyenginepaperclipwrong" or the like?

0
2

5 reasons why America's Ctrl-Z on net neutrality rules is a GOOD thing

Charles 9
Silver badge

Re: Replying this far down...

Except President Trump will likely veto any such move and there's no way for the Democrats to override the veto (they can at most gain eight seats in the Senate in the 2018 elections--they need closer to 20; fact is, it's the Republicans who hold an actual chance to gain an overriding majority). It'll take until at least 2020 to hope for anything serious, and they'll need good performances in BOTH elections to do so. If not, they won't be able to influence the 2021 redistricting process (since 2020 is the next Census).

Perhaps some campaign for an Amendment for the People would help to provide such a long-term push.

0
2
Charles 9
Silver badge

Re: Transparency?

Including access to encrypted connections, meaning no more getting around geo-blocking until you pay more than it would take to get the stuff the "legal" way.

0
2
Charles 9
Silver badge

Re: The elephant in the room…

How do these "incumbents" get around anti-trust stuff like the Sherman Act?

0
1
Charles 9
Silver badge

Re: Net Neutrality isn't needed

Most of the legal monopolies actually are a result of NATURAL monpolies, due to extreme infrastructure costs on account of geography. In many cases, it's a monopoly or nothing at all.

1
1
Charles 9
Silver badge

Check the ethnic distributions and median incomes of the worst of the lot. Two of the driving forces behind high crime are culture clashes and poverty-fed desperation.

0
1
Charles 9
Silver badge

"My bike doesn't have any seat belts either. They're not needed if you use your brains when you're driving."

Not even when (not if) you get blindsided by a reckless, speeding drunk driver?

You have to consider that safety features not only protect you from yourself but also from Stupid, who has a tendency to kill others in his/her wake.

6
1
Charles 9
Silver badge

"I'm personally a big fan of a Capitalist society with much less Federal regulation. I'll vote with my wallet thank you. With several ISPs to choose from, the one that provides the content I desire at the speeds I desire gets my $$s, and I don't give a flying fickle finger if they have a prettier blinken boxen than the other ISP."

And for those communities (and there are A LOT) where there's only ONE provider, meaning the ONLY alternative is to go without (and there's usually a good reason there's only one provider: namely, they got a sweetheart deal that was the ONLY way to get them to wire up the place at all)?

8
1
Charles 9
Silver badge

Re: Replying this far down...

"¹½ I remain extremely disappointed that nobody has called out <CTRL><Z> as being the background current process key-press rather than the Windozified "undo" with which everyone now associates it."

Don't blame Microsoft for that one. Command-Z on the Mac predated Windows.

4
1
Charles 9
Silver badge

Re: @dan1980

"The point is that, like telephone services and train services before them, the Internet infrastructure is an essential utility upon which a great deal of trade is predicated upon and without which the economy would suffer greatly."

Some would argue that the Internet isn't THAT essential yet. Essential means lack of service means you run a serious risk of DYING as a result. And for the telephone, that came when police and fire services were hooked to them, meaning you can call them in emergencies. Roads are essential because that's what the emergency services use to get to you. The Interstate Highway System was originally created to facilitate military transport during the Cold War. AFAIK, no Internet service operates in true life-or-death emergency capacity yet.

0
8
Charles 9
Silver badge

Re: Bring back charging per byte

You forget. People WILL pay for porn.

0
2
Charles 9
Silver badge

"If you don't like the service from your ISP get a different one, and if there isn't a different one you already had a potential abuse of monopoly issue which net neutrality legislation didn't much fix anyway."

Problem is, it tends to be hard to police monopolies when they're natural, and ISPs are utilities: an industry notorious for natural monopolies.

5
1
Charles 9
Silver badge

Re: list yer porn

Just ask for a Victoria's Secret or Fredrick's catalog.

"A free home-delivered catalog of women in their underwear. God Bless America!" - Jeff Foxworthy

5
1
Charles 9
Silver badge

"They invoiced their family afterwards."

Did they eat the cost if the condemned had no more family or if the rest of the family was on the block. too?

0
2
Charles 9
Silver badge

Re: The elephant in the room…

The problem behind the problem is geography. The US is very large with large areas of sparse population. They're considered money sinks, which means you either get ONE provider tempted by a sweetheart deal or NO provider because no one will otherwise touch that kind of setup.

0
3
Charles 9
Silver badge

Re: @dan1980

It's rather that Ford built the tollway and will let Ford vehicles through free whole charging exorbitant fees for any other make.

Think that's far fetched? Remember the Gilded Age when railroads owned mines and timber plots. Recall that Comcast owns NBC and Universal, that Sony owns Columbia and Tri-Star, that Disney is about to buy Fox.

10
1
Charles 9
Silver badge

Because some kids CAN'T learn, yet the parents (their only child and they can't try again) sue.

8
4
Charles 9
Silver badge

"They are way ahead of you on that front. In some totalitarian regimes they apparently made people pay for their own execution bullet."

And if the condemned was penniless...AND a handful to boot so they can't wait?

0
2
Charles 9
Silver badge

"By all means then, uninstall your seat belt, air bags, roll cage, etc. and get back to us."

And while you're at it, take out your horn and install a sharp spike in its place and let Date in sort 'em out. And if you happen to get rammer head on by a drunk ghost driver, we'll them's the breaks.

8
8
Charles 9
Silver badge

Re: The plan worked...

Aren't you forgetting the next step will be for ISPs to throttle all encrypted connections, regardless of the source (so no loopholes) unless you pay bookoo bucks?

14
2

We need to talk about mathematical backdoors in encryption algorithms

Charles 9
Silver badge

Re: A Matter Of Perspective

"My 2 cents: work on the basis that everything you exchange cryptographically can be read with relative ease and you won't be too far wrong."

But that's essentially DTA Mode, which means you can't get anything done. So like I said, you eventually have to place your trust in something just to get through the day.

0
0
Charles 9
Silver badge

Re: What is wrong with Enigma on Steriods?

No it doesn't. Checking for reuse of a one-time pad is extremely trivial (you can simply XOR two ciphertexts against each other IIRC), meaning it's possible to check for offsets and steps pretty quickly, too. That's why I mentioned bitmap analysis, which makes it easy to visually spot these flaws. Otherwise, re-usable pads would've already been endorsed.

1
0
Charles 9
Silver badge

Re: What is wrong with Enigma on Steriods?

That's why a One-Time Pad MUST be one time only. Reuse of ANY part allows for an analysis of the ciphertext to locate common mode features which will stand out if you say plot it as a bit mapped picture.

0
0
Charles 9
Silver badge

Re: Backdoors

It determines the sensitivity of the intel which leaks (and by extension how paranoid they are about it). The difference between interfering with routine operations and possibly triggering World War III.

1
0
Charles 9
Silver badge

Re: Backdoors

But not necessarily at the top levels, unless you can prove otherwise.

2
2
Charles 9
Silver badge

Re: Layered encryption

Except the second 3DES step was a DEcryption precisely BECAUSE just encrypting three times introduced common-mode failures. And the reason for using 3DES was that technology of the time (90's) had DES built in but was not strong enough to do any better, so this was a stopgap that didn't require new hardware.

1
1
Charles 9
Silver badge

Re: turning it up to 11

Difficult to say, but based on what we know of chaining hashing algorithms, you may end up with a counterintuitive result of making it easier to crack your ciphertext rather than harder since most encryption works on similar fundamental principles that can result in common modes of exploitation. Even the one-time pad has its weaknesses. They could intercept your pad or determine where the ciphertext is being transmitted and mess with it to de-synchronize you.

14
2

European court: Let's not kid ourselves, Uber. You're a transport firm, not a 'digital service'

Charles 9
Silver badge

Re: Barcelona, Spain

"To start off with, the referendum that was won by 90%+ was boycotted by 'remainers' and polls suggest the real leave vs remain numbers are very close."

By boycotting, they conceded their votes and therefore cannot protest the consequences. The only way to properly protest a vote is to vote as much as you can in spite of the circumstances.

2
1
Charles 9
Silver badge

Re: Barcelona, Spain

"How do they smell?"

Terrible, of course.

4
0
Charles 9
Silver badge

Re: Taxi firms

"So why don't normal Taxi firms have to pay minimum wage etc as per the Uber ruling?"

Where does it say they don't?

8
0
Charles 9
Silver badge

Re: Barcelona, Spain

"But fortunately, by the miracle of modern medical science, even this can be mostly cured with sympathy, drugs and therapy..."

Unfortunately, native state of mind is one of those you pretty much can't treat. It's pretty much a "Once an X, always an X" thing, much like stupidity.

4
0

Danger! High voltage: Kraut customs bods burn half-tonne of weed in power station

Charles 9
Silver badge

Re: "Cannot be traced back to the source"

Which means it's NOT cool. Which means it's either COLD (as in ice-cold) or HOT (as applies here).

1
0

Revealed: How Libratus bot felted poker pros – and now it has cyber-security in its sights

Charles 9
Silver badge

Re: Bad beats (cracked aces) / Bluffing etc

I think it would just play along since it's hard to bluff consistently and come out ahead. Reason being there's a risk your bluff backfires because you're up against someone with a genuinely good hand (ex. trying to bluff with a 7-2 off-suit when the opponent holds an actual pocket pair or at least something competitive like a suited connector). The last thing a bluffer wants is to get called, which is why bluffing is more of an art. Plus, in an online setting, there's no source of facial tells to get a read on what players are hiding.

0
0
Charles 9
Silver badge

Re: What would be the result

"If two identical strategies came up against each other then it would be the luck of the draw, but you'd still see very few showdowns."

Unless FORCED, like in a head-to-head situation. This also minimizes the advantage of the Button since it alternates between hands.

0
0
Charles 9
Silver badge

Re: quadrillion floating-point math calculations per second.

That only gives you a rough estimate, even. And yes, the kinds of game's provide scenarios that easily run away from you. Remember, chess and go have similar issues.

3
0

Windows Store nixed Google Chrome 'app' hours after it went live

Charles 9
Silver badge

Here's a hint: Windows 10 S (which BTW is built into a number of devices and can't be removed). The Store is the ONLY source for apps on S.

6
1
Charles 9
Silver badge

Plus you have to understand that Stupid Users WAY outnumber smart users and THEIR dollars are what tell Microsoft's board what to do given Stupid Users also outSPEND smart users by their sheer numbers. This means Microsoft has to cater to Stupid Users who wouldn't know an worm from a clickbait AND can take other people with them when things go wrong. And us Smart Users have to realize we live in a world surrounded by Stupid (and not just Stupid, Cockbill Street Stupid who refuse who acknowledge their own stupidity).

And for those who say Linux is all sunshine, remind them of Slapper.

7
3

How Google's black box Knowledge Graph can kill you

Charles 9
Silver badge

Re: People unfortunately aren't diligent fact checkers

"The problem is always 'People unfortunately (insert failing)' and so long as this is the case we can only hope to educate these People both not to trust, and not to upload crap."

But as a comedian once said, "You can't fix Stupid." Worse, stupid can take everyone else with them. Unless you want to get ugly, there's no real solution to the problem.

0
0

Archive of 1.4 billion credentials in clear text found in dark web archive

Charles 9
Silver badge

Re: Has an analysis of the types of accounts been done?

"For home use, you should have a notebook, pen and a safe. All your passwords should be written on paper. This way, they can only be stolen by someone breaking into your house and stealing your safe."

Or your spouse who ALSO knows the combination...or a close associate of yours who cleans enough to figure it out and knows what's at stake.

"Software is not secure. Wise up. Don't become a statistic."

Neither's the safe if you have family or a significant other. Put it this way. If someone REALLY wants to to get you and you have a bad memory, you're basically screwed because your adversary can out-memorize you.

If software's not secure, why does the government (including the security sectors) use it? Put it this way, if someone can break KeePass, they'd find bigger fish cracking government communiques that use the same algorithms.

0
1

No hack needed: Anonymisation beaten with a dash of SQL

Charles 9
Silver badge

Re: How about the use of Cascading Temporal Surrogate Keys?

If you can read it, you can copy it, by wetware ot the analog hole of necessary.

No, it seems the only practical solution is to not have the records at all, since they're basically proving something distinct enough to be individual can ALWAYS (part and parcel) be identified.

9
0

Russia could chop vital undersea web cables, warns Brit military chief

Charles 9
Silver badge

Re: Our leaders are morons.

But no one can route around a complete break. Just as water can't flow around a crevasse.

1
0
Charles 9
Silver badge

Lube tends to be oily, and oil tends to be flammable.

0
0
Charles 9
Silver badge

Re: Cut off the UK?!?!

The point, though, is that if you're at THAT point, you can pretty much assume WW3 is imminent (and likely the end of the world as we know it, as WW3 implies MAD). In which case, you'll have other concerns.

2
0

IETF protects privacy and helps net neutrality with DNS over HTTPS

Charles 9
Silver badge

Re: Now this would be a great idea...

"Considering that in most countries where ISPs block DNSSEC or external DNS queries, they also likely break HTTPS, I don't think it's much of an advantage."

More and more sites are going HTTPS-ONLY, meaning you'd be shutting your people out of popular services like Facebook. Like I said, that's going to start raising complaints.

0
0
Charles 9
Silver badge

Re: Unwarranted optimism

But those DOH servers can ALSO be legitimate (not to mention POPULAR) web destinations such as Google and Facebook. Any ISP that tries to block Google and Facebook are likely to start getting complaints.

1
0
Charles 9
Silver badge

Re: This proves it...

"But in this case encryption of HTTP is now so prevalent that an ISP who tried blocking that would be out of business PDQ."

Not necessarily, if they're (a) working under a government mandate, meaning they're dead if they DON'T do it, or (b) ALL the ISPs are working in a cartel to ensure data harvesting.

1
0
Charles 9
Silver badge

Re: the devil is in the implementation

Except with an implementation like this, router makers can take control back from the ISPs by using the implementation and instead defaulting to the likes of OpenDNS confident the ISP can't hijack it back. That kind of approach would even protect the Stupid User.

9
1
Charles 9
Silver badge

Re: Now this would be a great idea...

"That's why the mantra is: Don't ever try and invent or write your own implementation as you're almost guaranteed to get it wrong."

But hasn't another mantra emerged, too? "Don't rely on other people's work because you can't be sure they got it right (or worse, were subverted without your knowledge)."

So basically, if you want something done right, you MUST do it yourself, only you practically CAN'T do it yourself because Encryption is HARD and most people can't handle it right. Does that mean we're basically screwed either way?

10
3

Forums

Biting the hand that feeds IT © 1998–2018