* Posts by DryBones

481 posts • joined 7 Feb 2010


It's 2019, and a PNG file can pwn your Android smartphone or tablet: Patch me if you can


Re: Great

Nice word dump. Hope you feel better now, I always do after a sit down.

People keep buying Samsung et al, companies with a horrible record of prompt updates, because ooh shiny shiny. It is a computer, they need to put patching higher on their list of priorities. OnePlus, Nokia, refurbed Google devices, all are both affordable and frequently updated.

Companies shift their resources, if longevity is important you must actually make it a priority in your buying decision and keep in mind nothing lasts forever.

Furious Apple revokes Facebook's enty app cert after Zuck's crew abused it to slurp private data


Re: They literally have a scandal every week

It's been a safe bet so far.

Nobody's lost money overestimating the stupidity of the common man.

50% of people are below average intelligence.

Money talks, BS walks.

Detailed: How Russian government's Fancy Bear UEFI rootkit sneaks onto Windows PCs


Re: Russian government's rootkit?

You think it's hard to change timestamps? That's funny!

Poor people should get slower internet speeds, American ISPs tell FCC


Re: LEO Latency

Agree. You did 350,000 km instead of 350 km.

Google CEO tells US Congress Chocolate Factory will unleash Dragonfly in China


I am immensely amused that Republicans have not put this one together, or just cannot bring themselves to admit it. Pictures of Trump are associated with 'the word idiot' because a lot of people think Trump is an idiot.

Let's see here... "I'm not saying you're racist. I'm saying racists think you're a racist." Fiddle it around some...

"I'm not saying you're an idiot. I'm saying a lot of idiots think you're one of them."

Yes, no?

Forget ripping off brains for AI. Butterflies and worms could lead us to self-repairing intelligent robots, says prof


This is what I've said plenty of times, actually. I think there was a paper, but it basically described how a series of relatively simple learned behaviors could be put together to execute complex tasks.

Possibly outing myself if someone recalls it, but I employed the same principle when coding a maze-runner in College Robotics. Move forward, watch for openings. Measure the distance of any detected opening to determine if it is likely a valid turn. If a valid turn is detected, make it by slowing the inside wheel in order to minimize speed loss. And of course, a straightening routine consisting of a jag away and then slightly less back the other way if a wall is bumped. That's all it took to execute a maze run smooth and fast enough to post a time that feels like it may still be the fastest after... well, more than a decade.

This just in: What? No, I can't believe it. The 2018 MacBook Air still a huge pain to have repaired


That's a pretty amazing collection of downvotes. How many will it take before someone learns this is The Register and not AppleInsider? Testing is still under way...

If the weight of a laptop is an issue for you... exercise more.

Solid state of fear: Euro boffins bust open SSD, Bitlocker encryption (it's really, really dumb)


Re: Fed up with these nonstop security issues

What, you mean blocking Javascript might actually do things besides reveal just how many sites don't have control over their own layouts?

Memo to Microsoft: Windows 10 is broken, and the fixes can't wait


Re: Software Testers

Wrote a diatribe, WiFi bounce lost it, rage. Short version then.

MS managed to do worse than just spinning up their own JIRA instance and packaging a browser session to it as a UWP. They deserve all the scorn they get and most of what they don't.

If Insiders are so valued, where are the severity, frequency, criticality, and impact selectors? They set themselves up for failure.

Yale Weds: Just some system maintenance, nothing to worry about. Yale Thurs: Nobody's smart alarm app works


Re: Just use an old debit/credit card.

Or... get a Kwikset instead?

Mozilla grants distrusted Symantec certs a stay of execution, claims many sites yet to make switch


Re: Fart in a colander

Doesn't mean it's not a good idea. Replacing their ads with others is a short walk from China "replacing ads with malware", etc, etc. A good move done out of self-interest is still a good move.

All these sites have to do is replace their SSL cert. If they can't manage that after more than a year, they don't deserve any traffic.

Hey you know what the smart-home world really needs right now? Yup, Google screaming in


Re: Aren't these things just tablets?

Yep. 7" tablet with a built in stand. Does it immediately die if unplugged? If so the profit margin is even greater as they didn't include the battery pack.

Microsoft deletes deleterious file deletion bug from Windows 10 October 2018 Update


Re: No mystery

There was no "severity" selection in the feedback form. Eventually MS still have their testers a bug reporting form that's almost as good as JIRA was 5 years ago. And games from 15 years ago.

If they want to use users as testers they need to provide Insiders with a bloody proper Bug Report form with this kind of thing. Totally MS's fault for not providing any levers to facilitate triage of issues.

US State Department confirms: Unclassified staff email boxes hacked


Re: Hillary's server *wasn't* hacked

Or... Or, the State Department's IT was as rubbish as this article makes it out to be, and having the private server was the only way to get any fardling thing DONE. Think of all the ways that IT can misconfigure or otherwise screw things up related to needing to access one's email all over the globe. Leave DC, oops no email. Etc, etc. Multiple people did this sort of thing, maybe it's because the red tape was as bad as you expect it to be, PHB^2.

It's hilarious irony that it appears to have been more secure against attack than the State Department's servers. What can you do? Snigger and carry on.

Microsoft: You don't want to use Edge? Are you sure? Really sure?


Re: An ode:

Well it's not really a beer then, is it? That's flavored water.

We're all sick of Fortnite, but the flaw found in its downloader is the latest way to attack Android


Re: 'Bypass the Play Store and this is what can happen'

I see remarkable parallels here between using standard and tested crypto libraries versus people rolling their own proprietary ones. The latter inevitably have gaping issues. Also the issue with people not implementing the standard and tested crypto libraries properly. This is why there is example code that for those should be followed assiduously.

Epic rolled their own, and it bit them. Are we going to start defending those that roll their own crypto as "stickin it to The Man", or pointing out they're DIYing what they really should have a professional do?

Defense Distributed starts selling gun CAD files amid court drama


Just this. Anybody that seems to think this is anything new has never heard of zip guns, which have been about for yonks.


If that happened, he should have bought a lotto ticket.


Shove off, nobody actually up to no good is going to do this. It's a hobbyist/maker thing.

Voting machine maker claims vote machine hack-fests a 'green light' for foreign hackers



Perhaps they should try being less rubbish instead. Did they ever think of that? Thought not.

UK chip and PIN readers fall ill: Don't switch off that terminal!


Re: Cash on the barrel head

Sounds like a mutually beneficial situation to me.

Hello darkness my old friend, what happened last week in Redmond?


Yeah, it's kinda silly. The rating is essentially reviews. So if they only had one user that had given it a 5, welp.

So pretty much a fart in a hurricane.

US voting systems: Full of holes, loaded with pop music, and 'hacked' by an 11-year-old


Yep. Buying typewriters isn't such a dumb idea for certain things.

Android ain't done until Samsung won't run? 9.0 Pie borks Gear watch app



"Meanwhile, Google has introduced a "convenience" feature that will alarm the security-conscious: connecting the user to a "trusted" Wi-Fi network without the user's knowledge."

This is what the Google WiFi Assistant has always done, it was in Android 8, I forget if it was in 7. The difference here is that Google added the ability to automatically kick WiFi back on when where it should be able to connect to an open network, whereupon it kicks on and should establish a VPN link. It'd kind of a data saver / convenience feature.

Early experiment in mass email ends with mad dash across office to unplug mail gateway


Cue hitting send, being all "oh crap", navigating to the outbox, and watching it all launch itself because it' sends every 10m, not 10m after you hit send for that one mail.


Re: Firetruck?

So the dialog said to sod off?

Sysadmin trained his offshore replacements, sat back, watched ex-employer's world burn


Re: Management Fail

The cake is a pie (at least if it's pineapple upside down...).

Shock Land Rover Discovery: Sellers could meddle with connected cars if not unbound


Re: Don't care who the maker is...

So, a Miata then?

As Corning unveils its latest Gorilla Glass, we ask: What happened to sapphire mobe screens?


Re: Seems obvious ...

"Cases have downsides that not everyone is willing to put up with."

Clear TPU Case. Search it. Use it. Love it.

Tech team trapped in data centre as hypoxic gas flooded in. Again


Re: UPS <- a root cause

Same. Quit buying no-name UPSes from Alibaba.

It walks, it talks, it falls over a bit. Windows 10 is three years old


Re: Not since 1998...

I know you like it and it amuses you, but this Win-10-nic thing is really beyond old and maybe you should find a new joke.

FCC caught red-handed – again – over its $225 complaint billing plan


Re: screw-ups and incompetence

Make sure they're Fruit of the Loom.

Indictment bombshell: 'Kremlin intel agents' hacked, leaked Hillary's emails same day Trump asked Russia for help


Re: What difference did Russia allegedly make?

Oh, there's likely a lot of reasons Hillary lost. Russian interference. Faux News, AM radio... The things you read and hear. I have heard some of them in person, and most all of their sources are Hannity, Facebook, and far right "news" sites that would make The Onion sit back and go "dayum".

Trump, vision? He was a huckster running a con, throwing out lie after exaggeration after untruth. There were plenty of previews and warnings about him being a boor, about narcissism, about being of poor moral character and untrustworthy in business (ask his contractors). Nope, he's our guy! Better than Hillary!

After all of the norms and manners and established processes that have been tried and ironed out have been broken and thrown out... All the things that have made me hope parents shield their children from knowing Trump exists (because how are they going to teach their children to be decent human beings if they see this person behaving with such rudeness and immaturity that holds our highest office?)... All of the Republicans in Congress that seem so desperate to paint a handful of text messages as more important than mountains of evidence that Russia has had its fingers on the scales of our elections... You'd think they're afraid it's going to be proved that Trump IS illegitimate.

... But Hillary...! Sorry, Republicans need to sit down and shut the f up. We humored them for Benghazi for longer and they found nothing. Muller is finding lots of things, so they need to let him work instead of acting like a conspiracy to obstruct justice.

Dear Samsung mobe owners: It may leak your private pics to randoms


Re: finally a sound legal defence...

I think I'd almost go out of my way to fill my phone with dick pics.

Dick Cheney.

Dick Van Dyke.

Dick Tracy.

Dick Clark.

Richard Feynman.

Richard Nixon.

'Plane Hacker' Roberts: I put a network sniffer on my truck to see what it was sharing. Holy crap!


This is the correct way to do this. Which brand was it?

Qualcomm still serious about Windows 10 on Arm: Engineers work on '12W' Snapdragon 1000


Re: If ARM is so good

They don't tell you that sort of thing, and if either of those results happen from using the battery as allowed then it's not fit for purpose. End of.

Former FBI boss Comey used private email for official business – DoJ


Classification should never be used to hide things that are embarrassing and reflect negatively on the government. It's been seen before, and ridiculed before when found.

Oddly enough, when a Tesla accelerates at a barrier, someone dies: Autopilot report lands


Re: Non tesla driver here

Rubbish. Think about how you stay on the road sometime. If all those things fail YOU are going off as well. What if you suddenly go blind or have a stroke. Hey, same result.

The processes I listed were my understanding of how I stay on the road through less than ideal conditions. There are likely more, but they build What a hierarchical process that gives different weights to different types of data and rejects or adjusts if there are contradictions.

My point was that the behavior I see reported from self driving vehicles seems like it relies most on things like lane markers that go totally awry when the highway department gets involved, so the way the vehicle determines position and navigation may need a rethink.


Re: Non tesla driver here

It seems to me that the machine vision is being done wrong, and completely backward, and needs to go back to first principles.

How do I stay on the road?

- First, find the edges of it. Edge detection is key.

- Lanes have a mostly standardized width, so it is pretty easy to figure out how many there should be. If the number is sufficiently fractional a lane is probably merging.

- Next, look at the motions of other cars, they are likely to give a good indication of pathing.

- Last AND least, look at lane markings, because 101 has too many bloody places where they didn't paint over the old markings so they cross over each other and run straight into barricades.

How do I navigate unexpected obstacles?

- My vehicle can be described as a rectangular prism of "Will bend and break if intersected".

- Around it there is another slightly larger area of "Keep Out Zone" that I want to try to protect.

- I should choose a path that will allow me to pass without allowing any intersections of my "Keep out zone" with the current and projected paths of objects. It does not matter if it is a ball, a child, bicycle, or car, it is not desirable to hit it.

- It is easier to identify things like wind-blown paper, bags, etc which are not a problem than the myriad things which are, so train for the smaller set and treat the rest kinematically.

Co-op says IT upgrade project going swell since axing IBM


Re: Not so co-operative bank

Whereas the average bank is owned by lizardfolks. Yep.

Symantec ends cheap Norton offer to NRA members


You failed to be be sufficiently exacting, and fell into the similarity trap.

An assault rifle is selective fire. An assault weapon is a term constructed to ride the coat tails of it, for good and ill.

See https://en.m.wikipedia.org/wiki/Assault_weapon

"Sugarmann had written:

Assault weapons—just like armor-piercing bullets, machine guns, and plastic firearms—are a new topic. The weapons' menacing looks, coupled with the public's confusion over fully automatic machine guns versus semi-automatic assault weapons—anything that looks like a machine gun is assumed to be a machine gun—can only increase the chance of public support for restrictions on these weapons. In addition, few people can envision a practical use for these weapons.[22]"


It is a sad and slightly disconcerting thing to hear Marco Rubio making more sense about this topic than anyone else.

* No, you do not get to outlaw firearms in common use. This has been litigated on before.

* How are bump stocks not already illegal? If it's illegal to modify an AR-15 for full semi auto fire by modifying or replacing a part of the action, why not part of the frame? They really should have realized some ingenuity might occur and specified a maximum possible cyclic rate or something.

* The AR-15 is a semi-automatic rifle. Calling it an "assault weapon" is both an emotional dog whistle and causes one to lose sight of the bigger picture. It functions the same as a bunch of other rifles that are not being targeted (and people are not freaking out about), uses a bullet which is used in a variety of other models of rifle, semi-auto and not. If all the AR-15s disappeared, there would be another that would be used instead, and another, and another. Sausage-slicing is a well recognized tactic, and why actual rifle owners give so little ground about it.

* Raising the legal limit to buy all firearms to 21 doesn't eliminate the ability of a father to go shooting with their son and teach them good firearm safety skills. If we're going to say mental health is a problem, we need to take into account the average amount of time required to achieve mental and emotional stability.

* The system that was supposed to keep people safe broke at just about every stage. Blaming the rifle is remarkably myopic, as if there were not a panoply of ways to cause injury and/or death if one has a mind to and is left unchecked to carry such intention out.

Cisco NFV controller is a bit too elastic: It has an empty password bug


It amazes me in this day and age that "Can you access the admin account with a blank password?" isn't the first thing on the automated test of every single log-into-able thing out there.

I mean, I know it's Cisco, but still.

Bruce Perens wants to anti-SLAPP Grsecurity's Brad Spengler with $670,000 in legal bills



Need popcorn icon...

Unlucky 13 collared by cops hunting cyber-crew who stole up to $2.2bn


Somebody probably screwed up and sent a membership invite to the cops.

Nunes FBI memo: Yep, it's every bit as terrible as you imagined


Re: Watergate Redux?

1: Steele wasn't told whom was financing it, and the dossier was started by Washington Free Beacon (Bacon?) or something like that. So the Republicans started it, and the Democrats were curious and helped him have the funding to finish it, both via Fusion GPS. So any notions that it was from the beginning a hit piece from the Democrats need to be thrown away. As time goes on, it's interesting how different bits and pieces are showing as interestingly similar to what's found.

2: Does what your significant other does at work cause conflicts of interest for you? This is a stretch, to be honest. Work is work, home is home. Also, considering the Trump administration is pretty much the textbook example of "conflict of interest" (oilman running the EPA, anyone? Private school advocate running the Department of Education?), this is beyond pot calling kettle black and over into pot covering plates in grease and trying to accuse them of having always been dirty.

3: Leaks to the media have been relatively few. That is called discipline, not "they haven't found anything". Also, multiple indictments have been unsealed, multiple search warrants, etc have been obtained.

4: The same people say the FBI and FISA are good/bad depending on if it's them or the Democrats that are being investigated. They are talking out both sides of their mouth and both ends of their digestive system. If there is abuse then yes it needs to be investigated, but right now there are very few Republicans that seem to be producing anything but gallons of FUD. They have a consistency problem and a negative balance on credibility, especially after this latest bit of political theatre.

Intel alerted computer makers to chip flaws on Nov 29 – new claim


Ye forgot the joke alert icon, I think? It's just about mandatory, since some of these folks seem to be serious about such.

In Soviet California, pedestrian hits you! Bloke throws himself in front of self-driving car


Re: Its America

So, which country are you in, then? Some of us would like to return the myopic and rude generalizations.

America restarts dodgy spying program – just as classified surveillance abuse memo emerges



Unsure if satire or not.

Really, that's the big problem with all this, is that you hear and read some people that say this sort of thing like they'd be waving a bible if they'd remembered to bring one with them.

As Google clamps down, 'Droid developer warns 'breaking day' is coming


Re: Too late...

It seems to suck the user's wallet pretty well...

Amadeus booking software outages smack airports across world


Rock Me, Amadeus.



Biting the hand that feeds IT © 1998–2019