* Posts by ElReg!comments!Pierre

2442 posts • joined 22 Jun 2009

Oz government wants its own definition of what 'backdoor' means

ElReg!comments!Pierre
Silver badge

Re: Politicians don't understand what they're dealing with...

"while the real criminality online is probably going on very well hidden and away from mainstream services."

The trick is, they don't even need to. Law enforcement is notoriously bad at discriminating between a clear-text harmless joke and a clear-text terrorist plan (often chasing the former instead of the latter; see the Robin Hood case, or the wild-goose chase after the Paris shooting that saw law enforcement going all-out for several days after a couple of innocent tourists who were in the tube at the time, with their cellphones reporting to cell towers approximately following the events ; or that time when an innocent passenger was arrested and kept in custody for 48 hrs because a mate sent him a riddle mentioning the word "bomb" while he was at a train station. Plenty of examples really.).

This blanket surveillance puts us all at serious risk, while letting the crims do their dirty business largely in the open.

0
0
ElReg!comments!Pierre
Silver badge

Re: Quote: "...because encryption is such a complex thing to explain"

It *could* totally be an encrypted message. For all you know it could consist in a single symbol for example, which Alice and AC agreed would mean "meet me behind Carol's for some dogging, but don't let Dan or Eve know because they have bad breath". Or "don't forget to buy bread on your way back home", for that matter.

In fact, Alice and AC could have decided that it would mean the first "dogging" thing the first time it is used, then the "bread" thing any subsequent time.

0
0

AI vans are real – but they'll make us suck at driving, warn boffins

ElReg!comments!Pierre
Silver badge

That's only too true

Just put a random driver used to automatic in a stick car, and watch the horror unfurl. And that's only a rather minor difference...

18
0

Apple building data centre in China to comply with tough cybersecurity laws

ElReg!comments!Pierre
Silver badge

They don't have to be run by Chinese companies (Apple didn't relocate its headquarters), personal or sensitive data just has to be stored within the country.

"we in the west" is a very diverse crowd, but the answer is "mostly yes, and more and more so". Especially after the US made very clear that anything stored in the US has to follow US laws and US laws only, which is understandable but also understandably worrying for foreigners.

2
0

Judge used personal email to send out details of sensitive case

ElReg!comments!Pierre
Silver badge

Re: "judgement is a matter of public record"

"It used to be before all the secret courts were introduced here in the UK and the guilty but "under age" murderers, rapists, serial offenders, etc... were given anonymity by law"

What actually happened is pretty much the exact opposite.

2
0
ElReg!comments!Pierre
Silver badge

Re: "Internet e-mail is not a secure medium..."

I think it's both a mixup and a shortcut.

- free webmail services are inherently insecure

- pretty much anyone with a reasonably big pipe and minimal tech gorm can harvest email content and / or draw a "connection map" (which is where the intel value lies).

But email content can be almost unbreakably secure (GPG / PGP for example). That's one of my pet peeves: "serious" institution adding disclaimers to every outgoing mail stating that there is no way to guarantee email integrity, so they won't take any responsibility if they send you misleading info -or even malware- by email. Yes, there are ways, you lying bastards, you're just too cheap to implement them (or worst, that's a preemptive get-out clause if they do send you nasties).

As for network masquerading, well, I won't rant on that again, but if you're serious about it there are easy and readily-available solutions. Which doesn't matter much: history proves that unencrypted channels are good enough for terrorists because the limiting factor here is not technological: the plods are so busy trawling the humongous databases for evidence that their girlfriend is cheating on them that they wont notice a terr'ist if he sticks a fist-sized piece of C4 in their ass. Blanket surveillance, as everything else, follows the rule: "too much data is worst than no data". TB/s is NOT a substitute for proper intel.

6
0
ElReg!comments!Pierre
Silver badge
Trollface

Re: At least it seems it's an exception

"target market i.e. 18-24 year old males living in this area with these interests"

I think you'll find that advertisers have that one figured out already...

0
0

Former GCHQ boss backs end-to-end encryption

ElReg!comments!Pierre
Silver badge

Re: Don't suggest that!

' "The challenge for governments is how do you stop the abuse of that encryption by the tiny amount of people who want to do bad things, like terrorists and criminals," Hannigan said.'

Stongly-worded EULA?

14
0

Semiconductor-laced bunny eyedrops appear to nuke infections

ElReg!comments!Pierre
Silver badge

Re: Double-edged sword?

"It is good that the researchers noted that, but I think we should be more worried about what happens to the nanoparticles that get out into the environment. At least they'd be in such small quantities it would be impossible for them to have any large scale effect, but still something we should look at.

Is there anything like them in nature?"

Yes, in fact I am very much involved in that kind of research. Nanoparticles are found in many everyday products (from gaz additives to enhance combustion in engines, to beauty products), and their beneficial/nocive properties depend on their composition and on their size. It's still an open field, but we're working on it. Right now I work on two "opposite" projects, one aimed at curing genetic diseases with nanoparticle-mediated gene delivery, the other aimed at deciphering the pathogenicity of metal or carbon nanoparticles (such as those found in cigarette smoke or exhaust fumes) in lung pathologies, including the risk of mother exposure for the fetus. We're working on it!

11
0
ElReg!comments!Pierre
Silver badge

Double-edged sword?

Nanoparticles do have a slew of adverse effects, including severe inflammation and carcinogenesis. The "non-toxic" part of the claim needs to be examined carefuly in long-term experiments. Curing the bacterial infection is good except if the rabbits turned blind as a consequence!

8
1

BOFH: That's right. Turn it off. Turn it on

ElReg!comments!Pierre
Silver badge
Pirate

Re: "it doesn't work"

"I have some kind of messed up drivers on my laptop from an upgrade from Win8.1 to Win10, rather than a clean install. So when my laptop is plugged in to my monitor (or some tvs/projectors) it will fail to play any video file in any application. Otherwise, when unplugged, it runs just fine.

So I couldn't play videos, but if I took it to IT, it would work just fine, I'd look dumb, and go back to my desk. Rinse, repeat. I never noticed the monitor variable for a month or so, just thinking it was "randomly" broken."

Not even close. First, users don't send their failing kit to me, I go to their machines, no peripheral glitch can be implicated. Then, coding is not my primary role, so I find myself in a very comfy situation where I'm not under too much pressure to release code, so when I do release a tool, it's properly tested, comes with extensive documentation, and is reasonnably bug-free (yes, I know I'm lucky, don't be too jealous). Plus, I generally get to demonstrate (and sometimes install it myself). In fact, I've NEVER seen my code fail on ANY kind of setup to date (when used according to the bundled instructions). Which means that my tools generally perform as expected, except right before banking holidays for some reason. Right now is a bad period for me, for example. You could blame high temperatures for random glitches, but it also happens mid-December and to a lesser extent right before any kind of holiday.

4
0
ElReg!comments!Pierre
Silver badge

Re: "it doesn't work"

"Well - to be fair Windows is about as far as you can get from a deterministic system so it might be true..."

It's my code, it's simple, elegant and it comes with its own map and compass specifically featuring the users' ass and elbow just to be sure. It works. OK, it only happens with my Java code, perhaps if I complained less about Java being an unclean language the users might not assume that it must be broken somehow, but heh.

2
0
ElReg!comments!Pierre
Silver badge

"it doesn't work"

Some pieces of my code appently stops working from time to time, but strangely enough, only when I'm not around. When I come around to check, everything is fine. but of course " Well it's working now, but I did the same a minute ago, and it wasn't working". Yeah sure, that's likely. PEBCAK, much?

18
0

Dead serious: How to haunt people after you've gone... using your smartphone

ElReg!comments!Pierre
Silver badge

Re: You surely must have forgotten

The wonks who call you to sell you a better tech solution than you already have, but don't know either what you have or what they are selling.

18
0

Make sure your Skype is up to date because FYI there's a nasty hole in it

ElReg!comments!Pierre
Silver badge

No notice for the Linux versions

I (almost) can't gather why...

Nadela did "open up" Microsoft to some extent, but he kinda veered it towards an Oracle-like mentality, it would seem. Gates must be spinning in his... bed. Yes, bed. Bed is what I meant. Yes.

9
0

Microsoft: We'll beef up security in Windows 10 Creators Edition Fall Update

ElReg!comments!Pierre
Silver badge

This might be the year MS became relevant

This comment's title may be far-streched, especially after reading the comments above, but these tools (which in some incarnation have been available in most of the more serious OSes for decades) are really going to be useful for those of us unfortunate enough to have to manage a large number of MS-locked boxen. A welcome addition. If it works.

0
8

Wanna write a Cloudflare app? No? Would $100m change your mind?

ElReg!comments!Pierre
Silver badge
IT Angle

I'm sure CloudFlare serves a purpose. Somehow.

I mean, I do know that El Reg is a CloudFlare (CF) client for example. I know that because I've been prevented from accessing my beloved Reg writers' ramblings more than a couple of times, with little more than a so-called "ray-ID" to sooth my pains. I'm pretty new at this IT thing (not), but I can't help wondering whether that cloud-based approach to "protection" really is worth it. I mean, do you guys really save that much money by using CF over in-house IT? Genuine question.

0
0

European Commission chucks cash at UR – the universal language of mind your own biz

ElReg!comments!Pierre
Silver badge

Re: VPN

The "perfect VPN" connundrum is almost impossible to tackle in my opinion (and not just for your project). It's good that you did not set up your own, as it removes the "single point of pressure" that could undermine the whole thing, unless you can have access to enough funds to set up and operate proxies in several countries operating under separate laws, operated by proxy companies set up under these same laws, and that's going to cost dearly. Using distributed Tor-like models would severely impair the performances (and let's be honest, that maket is already crowded). Using third-party VPN services will let you open to criticisms (and / or unpredictable costs, possibly) but is certainly the safest route for now, as long as you keep monitoring said VPN services for possible changes in, erm, "allegiance", which in itself has a cost.

In any case, that's a step in the right direction, keep it up!

2
0
ElReg!comments!Pierre
Silver badge
Pint

Sh*t, the error has been corrected

I was going to congratulate the author for the most creative use of the word "adobe" I had ever seen, but the sentence has been corrected to "he argued place it *above* the competition". Well, better luck next time!

1
0
ElReg!comments!Pierre
Silver badge

Re: He's missing the point.

"The alternative suggested here requires you to go off, research and then install the appropriate browser. How exactly is that any better?"

Better than researching individual plugins and their settings, as well as making sure thare they are not Trojan horses by themselves? I'd say much, MUCH better for Joe User. I'll indulge in a (necessarily flawed) analogy: sure you can go buy a shelf at Ikea, but how is it better than go buy a few raw planks, cut them to size, buy a set of proper tools, decide on the design, implement it then paint the thing?

The difference is: unfortunately, no matter how hard you try to educate users, the effort is just too hard for most. See for example El Reg's reporting on a fine piece of research on the matter:

https://www.theregister.co.uk/2017/06/13/privacy_betrayed_for_a_pizza/

In IT sec a one-stop shop is a GOOD thing, provided of course that it can be trusted. The guy from that company seemed straightforward enough about the strengths and possible shortcomings of his product, I'd tend to trust him more than the usual snake oil sellers that pollute the "ITsec for consumers" scene. Of course it *could* be an elaborate scheme, but that's going to be easy to verify. In one step.

4
1

What? What? Which? Former broadband minister Ed Vaizey dismisses report

ElReg!comments!Pierre
Silver badge
Meh

I don't live in the UK or Spain

I can remember when it was hard to get cable or fibre to the premise here. It was quite a long time ago, by government tunover rate (10 years perhaps?). But we we never had a ministry of broadband doing "a brilliant job" over here, which may be part of the explanation.

(OK, I'm not so young as not to remember the times when it was hard to get a dialup connection to a private home, but that's beside the "brilliant job" point).

Take-home message: when you really, REALLY don't want to do something but want to appear to be doing it nonetheless, create a Ministry and declare it to be your "number one priority". Protip: you may declare any number of "number one priorities" at any one time, the proles won't notice before you're out of office because of a sex or money laundering scandal anyway.

9
0

Games rights-holders tell ZX Spectrum reboot firm: Pay or we pull titles

ElReg!comments!Pierre
Silver badge
Pint

Damn!

I logged in only to post that maybe RCL wants to be the new Apple, but there you were with your comment. Damn you, alien overlord, damn you to hell!

0
0

Software dev bombshell: Programmers who use spaces earn MORE than those who use tabs

ElReg!comments!Pierre
Silver badge

Re: A question

All my vims are set to replace tabs with 4 spaces, but I almost always tap the spaces by hand anyway; never assume, all that.

3
8

Telegram chat app founder claims Feds offered backdoor bribe

ElReg!comments!Pierre
Silver badge

Re: Secure Chats

You guys are so obvious. The trick is to give away an easily disproved offence in order to hide more serious intentions, because having nothing to hide is obviously a deception.

my spanish nephew loves the golden rain

2
0
ElReg!comments!Pierre
Silver badge

Re: Secure Chats

>What you can't hide - and what spooky agencies should be using - is the metadata. What account you spoke to. When. For how long. How large a message. Who else did that speak to? Can you tie that to another person?

Oh, they're using that, a lot, but you definitely can hide it, by broadcasting largely enough that almost anyone could have read it. Radio broadcast, classified in a widely-distributed newspaper (or on Craigslist), Usenet, etc. You could even setup a Yahoo! mail account, that's true plausible deniability ;-)

3
0

Trump nominates a pro-net-neutrality advocate as FCC commish

ElReg!comments!Pierre
Silver badge

Re: Man bites dog

From what I gather, a tepid defender of net neut was nominated to take the place of a more radical one. A remaining seat is still to be attributed; this will be done shortly, and it will probably go to a rabid anti-net-neut advocate, thus considerably shifting the balance towards anti-net-neuts, while giving a superficial impression of non-partisanship. The delay between nominations is designed to prevent direct comparisons. Classic political manoeuvre.

15
0

Uncle Sam █████████ cloud so much, AWS █████████ it another kinda-secret data center

ElReg!comments!Pierre
Silver badge

Lame redaction

I mean, just copy-pasting reveals the text, how lamer can you possibly get*?

More seriously, it does raise concerns. The AWS space will probably only be used only for the most mundane content, or for deliberate misinformation, and Amazon is probably only advertising this after a comprehensive review with US.gov. Governments around the globe are notoriously shy about using third-party IT solutions, especially when it comes to data. And rightly so. So this is either an attempt to lure foreign govs into giving away their sensitive data to the US (because what more proof could you possibly need that Amazon is cuddly with US.gov?), or a lure for particularly stupid "nation-state" hackers (either as a way to spread misinformation, or as a way to identify wannabe spooks at little risk).

Or all of the above, of course.

*besides trying that based on a random comment, that is

0
8

French firm notches up 50km unmanned drone inspection flight

ElReg!comments!Pierre
Silver badge

Re: BVLOS?

Well, the expression "line of sight" is also commonly (mis)used for any number of wireless comms, unredundanting* the "visual".

The French authority involved, on the other hand, is DGAC, not DGCA

*my entry for the Ugliest Neologism contest

4
0

Ex-Waymo engineer pleads the 5th in ongoing Uber law fight

ElReg!comments!Pierre
Silver badge

"With both Uber and Google out to get him"

You got that part wrong. Google is out to get Uber, and Uber threw Levandowski at them to try and distract them. The guy may have to face the music at some point, but the present case is how Uber had him steal documents from Waymo, set up a proxy company for him (Otto) and bought it when they thought noone was looking. Levandowski is not even a codefendant in this case, contrarily to what Uber wants the world to believe.

0
0
ElReg!comments!Pierre
Silver badge

Re: Let me see.

Well, as I see it the judge ordered Uber (not the ingeneer) to give a detailed account of its interaction with Levandowski. Uber immediately shifted all the pressure to Levandowski by ordering him, among other things, to waive his constitutional protection of face the axe. So he got fired, and now seeks to not serve as Uber's scapegoat, which I can understand (I mean, he may or may not be a weasel of little morals, but ultimately the criminal blame for IP theft should lay on Uber. The case that Waymo may have against Levandowski would certainly be a civil matter.)

5
0

'My PC needs to lose weight' says user with FAT filesystem

ElReg!comments!Pierre
Silver badge

Re: Scuzzy.

Seems I missed a minute word in your post then. Scusi.

12
0
ElReg!comments!Pierre
Silver badge

"I used to send back laptops back from repair *lighter* than they came in.

You're Simon and I claim my 5 quids.

6
0
ElReg!comments!Pierre
Silver badge

FAT is still used widely

Only not very often for main storage (except for that one secretary who insist on using her 32 Gb USB key as her main storage. She'll realize the errors of her ways when it fails, of course, but it will be too late...)

7
0
ElReg!comments!Pierre
Silver badge

Scuh-zee IS the official pronunciation in some circles

at least westside of the Pond, where they like to vocalize acronyms. Pet peeve of mine is MQAE pronounced "mek".

4
0

At the feet of the Great Monad, or, How the functional programming craze plays out

ElReg!comments!Pierre
Silver badge

As a scientist, I only program functions...

... then I only call them using OO syntax. That'll teach them.

3
0

Uber fires robo car exec for insubordination

ElReg!comments!Pierre
Silver badge

Re: Dropped

Merriam-Webster also think this is correct, so American English is covered too I would think.

Either that, or the author really meant "dropped the ox", which would be blunter but not significantly less painful, one would suppose.

3
0

Boffins spot 'faceless fish' in strange alien environment

ElReg!comments!Pierre
Silver badge

Certainly looks like something that...

... filtered down from stars before the dawn of man, sank beneath the waves, and will rise again when the stars are right

9
0

Life is... pushing all the right buttons on the wrong remote control

ElReg!comments!Pierre
Silver badge
Trollface

Just the one remote, and a keyboard

I am well past caring about remotes. I am past caring about TV too, for that matter. I just have the one damn rubber-nubby thing that controls the "box" for when I (or most likely, the SO) want to watch TV, everything else I control from the keyboard. Truth be told, I don't own a "smart" TV. I don't own a "TV" actually. I do own a 300-quids 3-D-compatible projector mounted on a 7-quids contruction-floodfill tripod, connected to a 50-quids 5.1 soundystem, a blank wall and a RasPy with an external DVD player and a keyboard. TV, internet content and DVD play equally well on my 2x3 m screen...

Home-made home cinema: 400 quids. Screening "Tideland" in total immersion for your old mother: priceless.

I can't fathom what is the rage with overexpensive "TV sets" (unless you do love juggling remotes, squinting at tiny 80 inches displays, and tinny sound)

0
0

Pirates hack was a hoax, says Disney boss

ElReg!comments!Pierre
Silver badge
Coat

THEY! GOT! JAVIER! BARDEM!

Let's hope he won't follow suit to formerly great actors, such as Johnny Depp or (even more sadly) Heath Ledger. Wait, did I get "hack" wrong?

0
0

Init freedom declared as systemd-free Devuan hits stable 1.0.0 status

ElReg!comments!Pierre
Silver badge

Re: Hell yeah!

I've been running Devuan (on all my personnal and some work machines) for quite a while now, and I couldn't agree more. Debian without systemd works, too (with popularity-contest installed of course), but it often causes trouble in upgrades, while the Devuan project nicely filters sneaky systemd-as-a-dependancy problems.

1
0

Venezuela increases internet censorship and surveillance in crisis

ElReg!comments!Pierre
Silver badge

Re: gallow's humor but

> Capitalism, the thing that made us all much richer while making a few very rich indeed, the swine.

I think you'll find that reality is a bit more subtle than that, unless you waive the 43.1 million people in the US who live under the poverty threshold (that's 1 in 8 households, according to the Census bureau, and the figure is likely much higher due to under-the-radar illegal residents). It's 10 million more than the entire population of Venezuela.

I'm sure you'll have noticed how the pro- and anti- Maduro demonstrations don't gather the same socio-economical categories. And how Us media coverage on Brazil and Venezuela increased dramatically after these countries decided to regain control of their oil reserves...

0
1

Sysadmin finds insecure printer, remotely prints 'Fix Me!' notice

ElReg!comments!Pierre
Silver badge
Devil

Noice, mate

A few years ago went on a mostly unplanned roadtrip in an asian country which shall remain unnamed, although it IS very elongated and does sport some recent fortification line across the middle. Although technically on holidays I was keeping in touch with salary central every day, and I also used the web to book (and pay for) accomodation for the next night, meaning "sensitive" network communications pretty much every evening. One evening, I noticed that the wireless network for the boutique hotel I was staying in was open to the world, with the access points' admin credentials factory-set, and a wee bit of poking revealed that they were doing all the admin from a laptop connected to the same WiFi. I raised the concern with the staff who told me "no problem, very secure". Later that evening, while the handbrake was under the shower, I logged into all of the APs I could get from the room and set their WiFi passwords to "CHANGE_ADMIN_PASS". Half an hour later I heard some noise along the staircase. The next morning, I noticed that the admin credentials on the APs were no longer the factory-set ones. I got a few dark looks; I did leave a substantial tip, because I felt like a jackass, but their network is a bit more secure now. Not sure if angel or demon.

3
1

8 out of 10 cats fear statistics – AI doesn't have this problem

ElReg!comments!Pierre
Silver badge

Statistics rulez

Let's not forget that Nethack is almost entirely statistics, wrapped in a thin layer of "UI"...

(well, technically the code is probabilities, but the observed effects are stats)

1
0

Project Gollum: Because NHS Caring means NHS Sharing

ElReg!comments!Pierre
Silver badge

Serif font? UX nightmare?

The UI is sans serif, and the text is in serif, as it bloody well should. Bong is slipping!

4
0

Quick, better lock down that CISO role. Salaries have apparently hit €1m

ElReg!comments!Pierre
Silver badge

Meaningless if...

... the punters are hired to add some security as an afterthought on intrinsically insecure procedures. ITSec is not a million-dollar CISO, it's a corporate culture.

6
0

No laptop ban on Euro flights to US... yet

ElReg!comments!Pierre
Silver badge

Re: I keep thinking

Well, no-flight policies ARE designed by ejits. The 100 mL rule stems from some murkin ejit failing to understand basic physics, and it's still in place after all that time. But that wasn't my point: evidently the airhead-in-chief didn't come up with this rule (pro'lly too busy grabbing small felines); he did, however, publish the 2-part tweet mentionned in the article. If there's anything more pityful than policy-by-tweet, it's policy-by-multipart-tweet.

17
3
ElReg!comments!Pierre
Silver badge

Absolute right

Of course the Russians have the absolute right to ignore a bumbling ejit, too. Or perhaps they forgot to follow him on twitter?

13
5

Bloke charged under UK terror law for refusing to cough up passwords

ElReg!comments!Pierre
Silver badge

Re: "used only in extreme terrorism cases"

> CAGE has plenty of form as apologists for active extremists.

It doesn't matter. This law is overreaching, and we can hope that cases such as this one may put it to test so that we ordinary citizens can know what we risk if we fail to provide the plods with a working password (whatever the reason may be, including genuinely having forgotten it).

66
4
ElReg!comments!Pierre
Silver badge

Re: Device with multiple partitions

Of course you can. Some people do. If memory serves TrueCrypt had a handy option just for that, I don't know if bitlocker does, but you could equally well set it up yourself.

4
0

NASA nixes Trump's moonshot plan

ElReg!comments!Pierre
Silver badge

Re: "the rocket that takes the United States to Mars"

The GREATEST.

(note: also embark a load of broads for grabbing purposes, as the journey may be very long.)

0
0

Forums

Biting the hand that feeds IT © 1998–2017