Well, at least it’s not useless garbage like the “I’m a teapot” HTTP status code 418.
323 posts • joined 16 May 2007
Re: There's no incentive for IPv6 in the west
Not so. Large service providers have to get IPv4 addresses on the black market nowadays, at around $10/IP. Microsoft bought Nortel's /8 at its bankruptcy auction, and Amazon bought big chunks of MIT's /8 for AWS.
Tolkien admitted as much:
No reviewer (that I have seen), although all have carefully used the correct dwarfs themselves, has commented on the fact (which I only became conscious of through reviews) that I use throughout the 'incorrect' plural dwarves. I am afraid it is just a piece of private bad grammar, rather shocking in a philologist; but I shall have to go on with it. Perhaps my dwarf – since he and the Gnome are only translations into approximate equivalents of creatures with different names and rather different functions in their own world – may be allowed a peculiar plural. The real 'historical' plural of dwarf (like teeth of tooth) is dwarrows, anyway: rather a nice word, but a bit too archaic. Still I rather wish I had used the word dwarrow.
The Letters of J.R.R. Tolkien 17: To Stanley Unwin, Chairman of Allen & Unwin. October 1937
Re: The whole thing's stupid
Yep, just a greedy land-grab by registrars looking to shake down multinationals and trademark owners for more registration fees under the new gTLDs.
Usability is to blame
AWS and S3's permissions system has got to be some of the most baroque, over-engineered and complicated permissions format ever devised. It's not surprising so many fail to get it right.
The iPhone X is $1149, not $999
It doesn't make any sense to get one with a measly 64GB of flash.
Re: Not the repo you're looking for
Unfortunately OmniTI disengaged itself from OmniOS. Whether the project is sustainable as a community project is anyone's guess:
PII covers more than you think
IP addresses and device IDs like the Apple Identifier for Advertising or Google Android Advertising ID are considered PII, and thus GDPR encompasses more than many companies think.
The fact Target is headquartered in Minnesota must be fortuitous.
We'll see if the Ayo fork gets any traction. The previous one Io.js was motivated by complaints that the main Node.js project then run by Joyent was too slow at incorporating technical feedback and contributions from outside the company, i.e. the technology was not progressing as quickly as it should.
This fork is driven purely by process and personality conflicts, and is thus much less likely to provide benefits (new features or bug fixes) to the average Node.js developer. The fact it was launched before the Node.js board had the opportunity to respond to the complaints also looks like a fit of pique. After all, policy concerns around inclusiveness are not technical, and thus belong to the board, not to a technical steering committee.
They were unusable to begin with
What with Samsung SmartTVs' horrendous UI. Bricking the device is more like a mercy killing, really.
Re: No public code review --> security by obscurity.
The Secure Enclave runs a variant of the L4 microkernel, one version of which (seL4) was proven secure using formal methods. No one knows if Apple performed the same kind of analysis on SEPOS. but they have clearly given serious thought to their design.
Apple may have a branded DuckDuckGo in the works
Over the last 2 years or so I've seen online surveys that suggest Apple is working with DuckDuckGo on a co-branded search service. I doubt Apple would voluntarily forgo Google's billions for default placement, but it would be a credible threat if Google is foolhardy enough to believe its brand trumps the power of defaults.
You can usually renew domains for ten years
Of course the flip side is that by the time the renewal notice comes in, whoever did it the last time likely has left the company...
That's why NIST deprecated SMS authentication
in the draft SP 800-63-3 guidelines, which also discourages other security theater like forced password rotations and crackpot password composition rules:
Re: Lost ?
Every git checkout is a full backup of the code repository, including his colleagues/employees, so in the worst case they'd lose a few days' work that hadn't been pushed to the Git server and pulled by the other devs.
The perils of outsourcing
Sounds like their email marketing provider was compromised. No doubt marketing selected the said provider based on the color scheme of their website with no input from IT or security audit.
Sure, there is an argument to be made for disk replacing tape as the backup and archiving medium of choice, but that is not a path to riches, as can be seen by comparing the market cap of Seagate or WDC and Quantum.
A simple fix
Would be to block IDN on the .com zone, where the vast majority of attempted impersonation would likely occur.
I am a BMW driver, and given the horrendous nature of their in-car electronics and software, I have severe doubts about their software chops. They are resisting Apple CarPlay and Android Auto despite clear customer demand for in-car software that doesn't suck, and think they can play the same customer-hostile games with autonomy.
In any case, it's not relevant. Tesla outsells BMW, Audi and Mercedes 2-to-1 in the $50K+ segment, and is now coming to eat their lunch in their bread-and-butter entry-level luxury (3 Series / A4 / C Class) segment with the model 3. Despite having nearly 10 years warning, the luxury brands don't have an even remotely compelling all-electric offer for sale today, just vaporware. They are going to be too busy scrambling to survive to be fighting on the autonomous driving front, where Google et al have hired up all the machine learning PhDs needed to make the required breakthroughs.
Apple's refusal to cooperate can't have been a critical factor—they could only stall, but not block it if they did not prevail in the appeals process, and regulators have limited tolerance for scofflaws.
The deciding factor is clearly that the regulators see mobile wallets as competition for the entrenched banks, and allowing them to coopt the former would reduce competition, quite rightly in my view. The situation might be different if others asked for this, e.g. telcos.
Toyota and DJI drones certainly enjoy their custom.
DDRDrive introduced a similar product years ago. It held 4GB of DRAM backed by GB of SLC NAND and a supercapacitor, for $2000 list. If the card detects power loss, the supercap has enough juice to write the RAM contents to the flash. It was primarily marketed to ZFS users to accelerate the ZFS intent log (write cache), as DRAM does not suffer from the performance cliff of most SSDs.
Verizon, not Verizon Wireless
I don't know of any wireless service that hands out static IPs, there is not much call for them unless you are running servers.
The end credits to X-Men Apocalypse had a message "This movie created 15,000 jobs", presumably to make people feel bad about pirating. I'm not sure how much of an impact this would have in a society rife with narcissism and self-rationalized bad behavior, the example being set from the above.
Re: Goolge can't even get their subsidiary use their own 2FA tools
Yes, SMS based 2FA is deprecated by the current drafts of the NIST SP 800-63-3 authentication standard, and due to be banned altogether in the next. SMS relies on the abysmal security of GSM standards and can be spoofed by a DIY Stingray involving about $2000's worth of hardware and GNU Radio.
This is security theater at best.
"went against the underwritten rules of Wall Street"
I think you meant "went against the unwritten rules of Wall Street".
AMD Naples workstations
What I am looking most forward to is AMD's 32-core/64-thread Naples server CPU, for use in my development workstation. I can exploit the cores doing parallel builds, but Intel's extortionate Xeon pricing means I am currently limited to 4 measly E3-1670v3 cores.
US-East is popular
Because half the US population lives in the Eastern Time Zone.
Amazon only recently (4 months ago) opened its US-East-2 region. Many people haven't heard about it yet (I hadn't until just now) and in any case it is based in Ohio, which is nowhere near as big a connectivity hub as Virginia.
SF only pays lip service to homelessness
Sure the tech boom has put a lot of strain on an under-supplied housing market (thanks in no small part to NIMBYs stifling any high-density residential construction), but it's also brought in an extra $4+B in tax revenues per year, a truly staggering amount. That windfall would allow the city to purchase housing for every single homeless person in a single year.
SF sees fit to fritter it away instead on things like $500+M for bike lanes over the next 10 years (total cyclist population: 14,000). Of course, homelessness is a complex social problem with mental health and substance abuse implications, but the simple truth is for all it's liberal self-image, San Francisco would rather wring its hand about homelessness than actually put its money where its mouth is.
Re: The curse of "Blue" security
Blue is the corporate color par excellence. It symbolizes trust, loyalty, authority,
conservatism, business in Western cultures:
The headline is wrong, this is clearly Bluecoat's fault for misimplementing TLS 1.3, and not testing it against the browser with 50% market share. If they had not implemented TLS 1.3 at all, the browsers would have fallen back to TLS 1.2.
Would that be the same Eric Holder who managed not to find anyone guilty of fraud in the 2008 depression, other than Madoff (who was unwise enough to steal from the rich)? Sure, he was shielding the banksters at his boss' behest, but that shows just how independent he is not, nor will be in this sham whitewash of an "investigation".
Re: Re:Why? and then we ask ourselves why women in are few and far between
The fair number should be the same as enrollment in university CS courses. Unfortunately that number has actually been declining:
She really should sue
Unfortunately the Ellen Pao fiasco probably has created a chilling effect on sexual harassment cases, but given she seems to have a well-documented evidence trail (as befits a SRE), it would seem like a slam-dunk. Just because a company is well-known to be toxic with a huge sense of impunity doesn't mean they are actually above the law.
Re: Careful there...
How is Uber a monopoly? Every single ride-"sharing" driver I have ever seen is also on Lyft. There are no barriers to entry whatsoever, and as #DeleteUber shows, their user base is much less sticky than they believe.
Firefox OS is not the problem
What do you expect in an organization where people with technical chops like Brendan Eich are forced out by touchy-feely non-technical mouth-breathers? Vivaldi is clearly the way to go.
Re: Macs don't get viruses
I asked a colleague whose SO works at Apple what AV they use, the answer was "none".
Quite frankly, AV software is written with terrible coding practices that dramatically increase your attack surface and can be counter-productive. One major product had buffer overflows in its scanner that meant you could be infected simply by receiving an email. At least without AV, you would actually have to double-click the attachment to be infected:
When you delete data in a SQLite database, as in most databases the data is not actually erased, just marked as logically deleted and available for reuse. It's not actually physically removed until the VACUUM command is called.
Re: The author is wrong - the CEO doesn't decide security
You are probably right. When combined with the said threat assessment team's natural tendency to exaggerate the threat (so as to pad its own budget) and a new parent's hormone-driven paranoia about his child, that could easily explain the difference.
It's the headphone jack, stupid
We're well past the point of diminishing returns on smartphones, where they are good enough and combined with the end of carrier subsidies, we are in a replacement market where people will just keep their phone until it breaks, just as they do with PCs or tablets.
Apple was spectacularly clueless to give its customers, most of which are still in a every-other-year replacement schedule, a reason not to upgrade by abandoning the headphone jack.
Google "Maher Arar" for an example of the horrifying potential of social-network analysis run amok.
Dr. North provides something sorely lacking, a pragmatic and detailed roadmap of how Brexit could be made to work. His proposals are flawed, however, because like all British governments since the 70s, and probably much of the British establishment, he keeps on seeing the EU as a mere trade agreement that has grown too big for its britches.
Pro tip: there is reason why it was renamed from European Economic Community to European Union. Continental Europeans see it as a political project, originally to make internecine wars like WWI and WWII inconceivable, but now mainly to unify Europe under a loose federal banner to keep it relevant on the world stage. They do not share Dr. North's curious infatuation with UNECE (inventors of EDIFACT, surely one of the most baroque set of data formats ever).
Dr. North's vision of European countries rebelling against an overbearing EU to switch instead to a panglossian utopia of frictionless free trade brokered by benevolent (and competent!) UN committees is simply risible. The EU is what it is because that's how most of its member countries want it, yes, even Greece. His vision is certainly possible, unlike most Brexiter predictions, just like it is possible that Bill Gates will wake up tomorrow with a burning desire to give me a billion dollars, but it is just as unprobable.
Re: 20 years?
Yes, RADIUS was more of a Livingston, then Ascend thing.
RADIUS lives on, most enterprises' WiFi and authenticated Ethernet rely on it, but it's successor DIAMETER (get it?) is the protocol that is replacing SS7 for telephony in the post-circuit era.
California law makes illegal Kelo-style land grabs under eminent domain for the benefit of a private party.
Net Neutrality is actually the weaker option
The article makes Net Neutrality sound like an extremist position. It is actually a milquetoast compromise. The real uncompromising position, that I fully endorse, is structural separation, i.e. that network providers are banned from participating in adjacent markets like apps, video services and the like. Network Neutrality violations are hard to prove and police, whereas removing the incentive for them to occur in the first place would be a far more effective.
The biggest invention in telecom, automatic switching, was a consequence of Net Neutrality violations. Almon Brown Strowger was an undertaker, and his local telephone switchboard operator was the wife of his competitor, who would underhandedly direct his calls to her husband instead. Strowger retailiated by inventing the rotary automatic telephone switch, which would put her out of a job and make the network tamper-free (at least until software-based digital switches replaced electromechanical switches like Strowger's).
Re: U.S. has used Harriers...
I think he is referring to the fact the US Marines couldn't believe their luck and purchased all the British Harriers they could get their hands on when the UK MoD unwisely decided to scrap them even though there is still no operational replacement.
In the bad old days of System 7 Mac viruses were rife, specially the resource fork ilk. It's moving to the UNIX foundation of OS X that made a big difference, not any difference in demographics.
It's the certificate authorities issuing the certificates, e.g. RapidSSL, who have to do the work, not the webmasters.
Mistake #1 - using BIND
Re: On Loitering Aircraft.
"Isn't the Apache a better loiterer"
Helicopters are notoriously vulnerable, even to small-arms fire. The A-10 on the other hand can still fly even when huge chunks of the superstructure have been blown away by cannon fire.