Posts by mark l 2

"Could governments force Apple to add non-CSAM images to the hash list?" the company asked in its interview of itself, and then responded, "No. Apple would refuse such demands and our system has been designed to prevent that from happening."

But Apple aren't creating these hash lists, its done by a third party and will be constantly updates when new images are identified by law enforcement. So it would be trivial for government agencies to create a new hash, claim its of some abuse image and get it added to the list Apple uses.

These Japanese researchers would be better off trying to develop a longer lasting battery than making it slightly more convenient to charge electronic devices. With fast charging phones getting more popular it takes less than an 20 mins to get back to around 80% charge using a cable. So charging is hardly a major time consumer.

I don't just see WD doing this sort of thing, its been going on in the tech industry for years, change the specs after the products sold a bucket load and just quietly update the spec info without changing the model number. That way you can ride hide on tech reviews for the early units using higher quality components, as how many reviews are done of a product 6 months after its been on the market?

I remember Kingston did this with one of their network cards back in the early 2000s, we bought a load of Ethernet adapter which came with one chipset, and then after a few months they switched to ones with another chipset without updating the model number and when bought 100s more to find they were incompatible with the desktop image we had created with the first cards drivers.

Apple still haven't given any good reason why this scanning need to be done on the device and not on Apples own servers, if it is only concerned with images uploaded to the iCloud and not about looking for stuff on the device itself, why not just scan the photos that are uploaded to icloud when they hit the icloud server?

No matter how Apple try and spin this as being able to protect children while also protecting privacy of the iPhone users, they have effectively just backdoored the iPhone for the 5eyes. And no doubt once Apple goes down that route the pressure will be on other phone manufacturers to follow.

Maybe its time to invest in a Pinephone or similar open source phone now before you can't avoid the 5eyes viewing everything you do 'for the sake of the children' on any mainstream manufacture.

It was unfortunate that one one foresaw that MS realising IE for free back in the 90s would lead to the situation we are in now, where a company is unable to develop a new browser and charge end users even a modest amount for it. And so we have a situation where browsers are given away for free but you are now the product and the big corps hoover up all their users data.

Since this CSAM only applies (at current) to the US, what happens if someone buys a Iphone from the UK/EU and then uses it in the US? Will the scanning not take place or as soon as you connect any Iphone to a US network will it download the updated version of the photos app?

The article says the data was collected via a browser extension, so therefore it doesn't appear that AlgorithmWatch was using any APIs either documented or otherwise to capture the data just whatever is sent to the browser? So how can Suckerberg claim this is breach of privacy?

Of course its probably some line buried away in the 100s of pages of EOL along with the rights to your first born child.

Genius, i'm off to work now to squirting.bareback.camgirl.penis (actually this is my ex employer LOL)

Im still amazed that GIFs are still a thing in 2021, back in the early days of the internet they were used as a fudge to get raster animations onto the web when no other option was available. But they are limited to 256 colours and are not optimised for file sizes.

We have had other more suitable animated graphic formats for years such as MNG and APNG as well as WebP, I wonder why none of these have gained traction despite being technically better?

Huawei 5G kit, routers etc the US could put forward a reasonable case for banning those on security grounds, but Honor only make consumer grade phones and I fail to see how they are a security concern. Sure ban there use by government depts if the device security is a worry, but stopping job public picking up a new Honor phone on the ground of 'national security' is just laughable.

I'm not sure how these companies get away with packaging their product to look like one made by another manufacturer in the first place. I'm sure if Nestle had got wind of it, it might have resulted in a sueball coming their way, so perhaps this was a better result for the brewery in the long run.

The story doesn't even say the child actually open the can or drank any of it. It just says: "a complaint from a concerned parent after their child thought the can of Choc Milk Stout in the fridge was a can of Nestle's chocolate milk product, Milo".

So me thinks this 'concerned parent' got $$ in their eyes thinking they could get a big payout if it went to court. As if it was in their fridge at home then they obviously didn't see the packaging was an issue when they bought it.

While facial recognition might be OK for unlocking your phone or computer if the most you have to worry about are a few embarrassing photos and your internet histroy on the device. I wouldn't trust it to protect something like my bank accounts unless it was part of a 2FA along with something like a password.

And certainly if there are people who work in the high levels of government or other highly sensitive organisations that are relying on it as the only authentication method, its asking for trouble.

Apples PR seem to contradict themselves, They claim its matching hashes yet can detect when the image has been edited or changed, and these two things are not compatible. As if just a few bytes of an image is changed it will have a completely different hash, and unless Apple have each image in the databases ran through even possible pixel changed, image resized etc and a new hash created to match each edit that will never work on matching hashes.

So it must be some sort of AI image recognition technique they are using which I then dismiss their claims that its a 1 in a trillion chance of false matches. I wonder how long will it be before someone whose over 18 gets their nude images falsely flagged up as illegal and passed over to the FBI? Even if on examination the police see its a false match, it still means some officer is going to be viewing someones private photos without their consent to verify them.

"the machines reflect Russia's desire to be less dependent on technology sourced from its antagonists in the West."

It make sense for a government to roll their own SOC especially for its own internal use due to the security concerns of buying off the shelf kit made by another country, especially if the country you are buying from has been outed for spying on its allies never mind less friendly nations.

After all even the US gov orders their Intel kit with the management engine disabled so they obviously worry it could be a security concern.

Typical 'won't someone think of the children' response to give yourself permission to search through 10s of millions of innocent users photos to find a handful of law breaking people. Of course if you object to it you are siding with the pedos. Yet no doubt those who did use their Iphone to store illegal image will now stop using an Iphone and switch to Android since they know the scanning is occurring now.

It reminds me of back in the pre digital camera days where people would get the plod knocking on their door after the photo processing company reported the photos of their kids naked in the bath to the police as kiddypron.

This is just another way of showing that despite you spending a grand on your new iPhone its NOT your phone it belongs to Apple and they can decide what you they do with it.

Its not like the storage space that Chia coin is using is even being used for storing anything useful. It it were some massive cloud storage network that could be used for archiving data then i could see the point in it. But just using storage space for the sake of storing something as a 'proof of work' is pointless.

Its the same with the other crypto coins that use CPU/GPUs, why not put all those CPU cycles to something useful such like in the way SETI does? I am sure that with a huge network of spare CPU cycles available, there would be some businesses willing to pay to use them for crunching data if such a network existed.

If you want a virtual Linux PC in the cloud, just install your distro of choice and install some remote desktop software such as X2go.

It works over SSH so there are no extra ports needing to be opened on the remote Linux machine firewall. Although you need to install client software on your PC to access the remote session. I believe you can also set it up to work with within a browser but I never got around to testing that when I tried it on a cheap VPS a few years ago.

While Android in my opinion is the least restrictive ecosystem when it come to installing apps from outside of Google Play, it will only take a win against Google for other such legal action to come after Apple, Microsoft, Sony and any one else who runs an app store. So that would probably get them all do something about their restrictive policies before they do get sued. So I hope they do win this case, although I doubt any Android users will ever see a penny of any damages awarded.

Are we supposed to believe that the 5 eyes agencies wouldn't have used these same exploits to spy on hostile nations if they could?

Once China have gone fully IPv6 only I suspect everyone will essentially get a static IP address which will stay with their device forever, making it easier for the Chinese authorities to monitor their citizens only activity.

Iframes were a good idea back when sites were just static content, but now they are just another way for malware and viruses to get loaded up onto legitimate sites, and to track end users.

Its for this sort of reason I won't embed iframes onto any of the sites I run. I think its time they were replaced by something more secure.

I wonder if the stats that men fall for the scams more than women, is down to it being more males who view 'adult content' online and this could cause them to worry they could have picked up a virus from some dodgy pron site?

This factor might make them think its less embarrassing to get someone resolve it remotely rather than having to take it to a local computer repair shop and deal with someone face to face. Or their partner find out about their surfing habits.

Maybe it time for an international law to say if you discover a software vulnerability you a legally obliged to report it to the software developers, and this includes those discovered by government agencies such as NSA, GCHQ who are just as guilty as NSO of using them for their own devices and not reporting them.

I thought Ubuntu was now unsupported unless you pay Canonical for extended support, Does this mean the UBports team are providing their own security patches for UBports 18 or are you risking running an unpatched version until they get one based on Ubuntu 20?

"PDF Is not a format suited to share in different formats and diverse devices," he told The Register. "It's a format created for printing. So it's like using a boat to drive across a street."

PDF's used to be a format for printing, but those Fscktards at Adobe had to try and cram in a load of other functionality which wasn't needed and made the bloated insecure mess that is Acrobat reader and ruined it for everyone.

Sure Lab 6 are publishing them as PDF/A without the ability to run JS but how do you know it a PDF/A and not a different version which does allow JS without opening it first?

I personally use the built in Linux Mint PDF reader Xreader which after trying a couple of PDF which contain javascript appears not to support JS so at least that should make it a bit safer to open PDF files from unknown sources.

It does seem like its not be thought through about the consequences of lifting all the legal restrictions when there are 50K new COVID cases a day. As those numbers mean its a greater chance that even if you are vaccinated you could come in close contact with someone who tests positive and the app tells you to isolate. And they aren't proposing that rule is changed until the sometime in August.

Plus there is the risk that the greater number of infected people moving around more freely with no social distancing requirement could mean we end up with yet another mutation and the vaccines might be ineffective against a new strain putting us back into a lockdown.

Good to see that Internet Explorer is still causing exploits years after it was superseded. And although MS have said they will remove it from Windows in 2022 that is only the ability to run the program directly. The IE engine will still be used for Edge IE mode and MS Office help files even in Windows 11 so there are still the risk that it can be getting exploited by malware. I predict it will be decades away before we see a Windows version that doesn't come with some form of IE on it.

So now Clippy is to return as an emoji, what it is supposed to represent? A person who annoying tries to give advise when none was needed or requested?