* Posts by 142

256 posts • joined 26 Oct 2010


Google's stunning plan to avoid apps slurping Gmail inboxes: Charge devs for security audits


Re: When will using GMail (or any Google Service...)...

There are plenty of alternatives, but it's clunky to use the multiple alternative services together, in the way you need to do to replicate what you get with Google's integrated services. And you also have to find the good alternatives, because half of them are like moving to Gimp from Photoshop. Google's consumer facing services (if you ignore their Docs stuff, perhaps), "just work".

Now, I'm not saying we shouldn't ditch Google entirely - I'm in the process myself - but it's annoying to do so once you've got used to them. And people don't generally voluntarily do things that annoy them.


Re: So paying for a sticker takes the curse off ?

Devs aren't expected to pay Google in this model - they pay the auditors.

The fee listed in the article is simply a de facto price for getting approved, because there are only a couple of auditors approved.

So Google can certainly decide to fuck over either the customer or the developer at their complete discretion, without worrying about audit-related refunds or income streams.

Things that make you go .hm... Has a piece of the internet just sunk into the ocean? It appears so


Re: .UK or .GB??

Oh, they complained alright, but couldn't propose a solution.

Given the unusual collection of territories competing in the team, there's no accurate name for the organisation without it being about 40 characters long...

Furious Apple revokes Facebook's enty app cert after Zuck's crew abused it to slurp private data


Re: other developers pulling this stunt would have had their App Store apps banned too.

I suspect they thought of it.

I wonder will we get to the point that Apple kick FB to touch once and for all.

It would be very Apple to kill a feature their users view as sacrosanct, and yet somehow increase sales.

Mark Zuckerberg did everything in his power to avoid Facebook becoming the next MySpace – but forgot one crucial detail…


Re: Is this libel?

No. Facebook have given away any chance of that by going back on their previous categorical statements, meaning they either lied before, or they're lying now.

UK.gov is not being advised by Google. Repeat. It is not being advised by Google


A lot of probably justified cynicism here.

But I think it's possibly slightly misdirected.

Hassabis has never appeared like a Google drone. He's kept DeepMind as something of a rogue entity within Alphabet, and he's refused to take on other roles in Google.

He's taken this role as an honour (the guy's "for king and country" in a 1930s sense) and for DeepMind. I very much doubt he's pushing Google messaging in these meetings as such.

Whether this is better or worse, I'm not sure. DeepMind's is a hell of a lot more unnerving in the long term than mainstream Google.

Facebook suspends, investigates CubeYou, another data-harvester


Re: It's as if...

> If that is all they got, someone in their propaganda operations should be sacked. I would have expected them to have ~ 95%+ of profiles in line with what Zuk has confessed to as "accessed by one or more bots".

That's somewhat apples and oranges:

The stuff that CA got is from people who were tricked into giving them permission, via the "personality testing app" stuff, so they got huge amounts of detailed info on those 80 million people.

The bots FB describe for the 95% figure were different: There were just auto searching based off phone numbers and email addresses, and so were essentially just scraping info the user had already chosen to make public.

I suspect FB put out the "95% of public info was accessed by bots" thing to cloud the issue, and take people's focus off the more serious fuckery.

FYI: There's now an AI app that generates convincing fake smut vids using celebs' faces


Re: It's one way to get it watched

Actually, a great use case here is to make homemade porn with your partner, and use this to faceswap your faces out with someone else's, rather than, say wearing masks or whatnot.

Netflix US Twitter account hacked


Re: "Not enabled 2FA" ???? FFS ?

SMS-based 2FA relies on the user's messages being secure. This isn't always the case. Some phone networks allow you to send and receive SMSs through their website, for example. So if the hackers get on there first, 2FA no longer matters.

Drops the mic... Hang on, hackers could be listening through my headphones?


Re: "take advantage of the physical properties of the connected equipment"

I'll agree there's little risk to the public from untargeted malware and scams.

But for more targeted attacks, especially corporate focused ones, it would be very useful.

Missile tech helps boffins land drone on car moving at 50 km/h


You can get exemptions, though they require masses of proof and paperwork.

Trumped? Nope. Ireland to retain corporate tax advantage over the US


Re: From across the pond

Edit: Sorry Brandon, I missed your mention of "moving to Ireland". The following instead refers to setting up in Ireland for tax, but still working from the US, but I'll leave the comment up. Guus has answered your question accurately.


Corporation tax *RATE* isn't necessarily the main draw for companies to solely use Ireland for tax purposes. It's a draw for companies to use Ireland as a genuine base, but those doing it exclusively for tax are using it for a different reason than the rate.

Rather, it's traditionally been due to weird incompatibility between Us and Irish/EU tax and IP licensing laws. In particular, different views on who should be taxed for income generated in different jurisdictions, which can be played off each other to say neither the US nor Ireland have any reason to deserve the tax.

These loopholes are slowly getting closed, so you may have missed the boat, but it would have been potentially a viable tactic for you, depending on the nature of your contracting work, had you considered this a few years ago. You'd want to have had substantial income though to cover the costs of the tax lawyers to set it up, as you'll need a couple of Irish companies.

As mentioned, you'll get hit for US tax when it gets repatriated, but if you only take a small fraction of your income back to the US to live off, and use the rest to buy tropical islands, then you're probably ok. Apple has billions upon billions in Ireland or Irish linked companies that it can't repatriate to its shareholders, due to the tax bill it will get. You would be in a similar boat.

‘Alan Turing law’ to give posthumous pardons to 59,000 men for 'gross indecency'


Re: Gong

Yes. He was given an OBE by King George in 1945 for "Secret Wartime Service in the Foreign Office".

The details of why he got it were, of course, not made public.

An interesting anecdotes here, in relation to how he handled the title: http://www.bbc.co.uk/news/technology-18541715

Spinal Tap’s bass player sues former French sewer


Re: I wish I...

But you will do if you licence your work rather than working for hire.

LG’s V20 may be the phone of the year. So why the fsck can’t you buy it?


Re: "a 32-bit DAC, part of a burgeoning partnership with Bang & Olufsen"

> useless, in double-blind A/B comparisons (that was for 24-bit versus 16-bit).

Not really in this context.

Whilst this is absolutely true in controlled circumstances, with calibrated sound levels, you need 24 bit converters for these sort of applications (or at least 20bit).

At 16 bits on a consumer output like this, with different headphone iimpedances and different use cases and gain structures, it's very easy to encounter a situation where you'll clearly hear the dither/quantisation noise. You quickly end up in a situation where you're only using 13 bits, rather than the full sixteen available.

That out of the way... As for 32bit. That's insanity, if it's PCM. I had thought it was physically impossible to produce measurable results from a 32bit DAC at these sort of voltages.

Boy, 12, gets €100k bill from Google after confusing Adwords with Adsense


Re: it seems pretty easy to get all of these things mixed up

Yeah. It's an absolute pain. I'm sure for people who are using Google's ad backend regularly, it's becomes clear, but for someone who just has a couple of monetised vids, and places an ad or two it's an absolute mess. And I'm used to dealing with complex systems.

It's like they've made no effort to distinguish sections relating to ads you host and ads you're paying for. *Never the twain should meet!*

Matt LeBlanc handed £1.5m to front next two series of Top Gear


Re: EJ

EJ definitely does like *racing*, whatever about liking cars as such. He was a former F3 and F2 driver, and (according to wiki) a McLaren tester, before being a team boss.

I wonder if they're using him the right way? I didn't watch much of him on the new Top Gear, but there should be plenty of scope for hilarious stories based on the old pro running rings around the new guys, especially if they got their hands on some old F3 cars from the 70s.


Re: If it sells he'll be worth the money

Evans was sabotaged, by himself bottling it, the previous team refusing to adapt, or BBC management being idiots. Someone refused to change up the show, and I can't figure out which.

It was blindingly obvious that he was never going to work in a slow paced, wink-and-nod, show like Jeremy and co's Top Gear. He's just not that kind of presenter. He's the king of facepaced, chaotic shows.

Why he didn't transform it to his strengths, I'll never know. It would have been great, and it would have alienated plenty of people I'm sure, too! But at least it wouldn't have been that trainwreck!

Swedish appeals court upholds arrest warrant for Julian Assange


Re: Ah, yes, the famous "afraid of the US" bogeyman.

Though, if we're talking about *extrajudicially* spiriting him away in the middle of the night, surely that's just as likely from UK or Equador, as Sweden.

League of lawsuits: Game developer sues cheat-toting website


For games, knowing how to make cheats and find exploits isn't the same as being able to stop them. The issue is server performance. You simply can't do all the checks required, and still have a responsive, playable game.

Audiophile torrent site What.CD fully pwnable thanks to wrecked RNG


Yes. But the focus of the site is on versions that are not publicly available for purchase. They are not just Cd rips - often pre-mastering versions, etc.

If the record company has no intention of selling these versions, and then surely they're fair game.

And I say this as a generally anti-piracy recording engineer.

Bill Gates can’t give it away... Still crazy rich after all these years


Re: @Nigel


That's 4 BILLION spent in 2014.

Sensitive Virgin Media web pages still stuck on weak crypto software


Re: I cannot believe

It is outstanding. Especially given that El Reg frequently boast about the fact they're consistently profitable. They absolutely have the money to do it.

I think they're the only site I use that doesn't have any attempt at security.

And I could maybe understand if this was all legacy architecture stuff...

But they redeveloped the entire user/comment/forum section just a couple of years back!

ICANN chair plays chicken with internet control-halt-shift


Re: Another option?

I really don't understand why the US is so eager to ditch control of ICANN.

I mean I can understand why *the rest of the world* don't like them having control, but it seems like a very strategically strong role to hold - why give it up?

Google robo-car in rear-end smash – but cack-handed human blamed


17mph unbraked, into the rear, is pretty significant. Most rear end collisions are much slower than that. (even if the car was initially going faster, it will have braked below that).

17mph is like getting tackled from behind unexpectedly by a rugby player.

It's gonna give whiplash, unless you were pre-braced, with your neck against the headrest.

KERR-PAO! Reddit interim CEO Ellen quits amid Redditor revolt


Re: w t f

She was appointed on the recommendation of the outgoing CEO.

Silly Google's Photos app labelled black people as gorillas


Re: Question?

And indeed, it's not even half baked!

By all accounts, the ratio of correct categorisation to mistakes is extremely good for an image detection system of this sort.

Hi-res audio folk to introduce new rules and weed out impure noises


Re: "a brave person who said that HRA has no audible benefits"

What the? NO!

That is absolutely incorrect.

You can *and should* use a properly designed digital system all the way up to just under 0dBFS. (allowing for intersample peaks of about 1dB or so).

There is no sonic advantage to having peaks 18dB below that. None. At all. Just huge disadvantages.

Unless you've got the most appallingly designed analogue components in your system/converters.


Re: Dan Lavry

There are a million reasons for 96/24 DACs. Improved sound quality when used as a final consumer playback standard just isn't one of them.


Re: Not that subtle

For final playback purposes, Dan Lavry (who makes arguably the best converters going) argues that for a person with a normal ear (ignoring people who can hear 24khz sine waves) any audible improvement at higher sample rates is the DAC's manufacturer being unscrupulous and hyping above 10kHz or so, in order to make people feel they're getting extra detail. You can get the same sonic improvement at a lower sampling frequency by just applying a subtle EQ boost.

And you're not going to hear the bit depth difference (on playback) unless someone's been careless with the headroom, left out the dithering, or applied a bunch more digital processing to a 16bit source before playback, or it's being played loud enough to cause instant hearing damage. Granted it's not that unlikely that one of those scenarios is in play, but you did say "properly configured".

----This all assumes they're the same master source at different sr/bd. If they're different sources, then of course all bets are off.


Re: ASA - clearly muppets

> bears no resemblance to original vocals or instruments

So!? Artistically, **we don't want them to**. Otherwise, we'd just stick a single binaural mic in the rehearsal room and release that, and save everyone a fuck load of 120 hour work weeks. There is detail there. An awful lot. In automated delays, very subtle instument stacks and incidental layers, very, very nice artificial reverbs (much nicer than real rooms), very very crude reverbs, distortions, and tons of other artistic sonic choices - there's some gorgeous imaging techniques in play these days too.

Much of which gets lost at 128kbps MP3.


> Your speakers can't output these high frequencies either (and not your headphones either)

Not all the way up to 192k's nyquist of 96k, of course, but almost every tweeter and audio cable will give response way over 20kHz, though the linearity suffers.

That we can't hear those frequecies is a different point, obviously.


Re: "a brave person who said that HRA has no audible benefits"

12 dB for headroom!? Why?

FBI to 'aggressively' probe St Louis Cardinals in baseball 'hack' storm


Re: Really?


The FBI have a pretty good track record of getting involved in hacking/computer crime cases, if reported the right way. Even low level ones like personal impersonation/harassment/fraud.

Voyager 2 'stopped' last week, and not just for maintenance


> What are the chances of anyone ever finding the discs, let alone understanding the instructions to reproduce them?

Pretty damn small. In 40000 years, it will come within 1.5 LY of another star. And then continue through interstellar space.

Though not strictly applicable to Voyager, for general context, you might find this analysis of the odds of coming close to a planet or star interesting: https://www.reddit.com/r/askscience/comments/2pe4oj/say_you_had_the_ability_to_fly_a_spacecraft_from_one_side_of_the_galaxy_to_the_other_in_a_straight_line_what_are_the_chances_that_you_run_into_something/cmvvytl

Everything Apple touted at WWDC – step inside our no-hype-zone™


From the developer release notes:

"App Transport Security

App Transport Security (ATS) lets an app add a declaration to its Info.plist file that specifies the domains with which it needs secure communication. ATS prevents accidental disclosure, provides secure default behavior, and is easy to adopt. You should adopt ATS as soon as possible, regardless of whether you’re creating a new app or updating an existing one.

If you’re developing a new app, you should use HTTPS exclusively. If you have an existing app, you should use HTTPS as much as you can right now, and create a plan for migrating the rest of your app as soon as possible."

Though not related, there's some more VPN / Proxy functions you might be interested in too... https://developer.apple.com/library/prerelease/ios/releasenotes/General/WhatsNewIniOS/Articles/iOS9.html

BBC, Facebook steer users to vuln-afflicted Unity Web Player plugin


The Unity plugin installer is clean as downloaded from Unity's site. Perfectly clean. No ads. No toolbars. No nothing.

If any adware is installed, it's through wrapped installers from other sites, like download.com, etc. in the same way they do with every installer.


Eh? It's a plugin. No more. No less.

Unity aren't responsible for what other stuff people put on their machines.

Windows 10 upgrade ADWARE forces its way on to Windows 7 and 8.1


Re: You Know Windows 10 Is Going To Be Good...

> Microsoft used windows update to install an advertising spam application on users machines without asking.

Apple told me about Yosemite in a similar manner on Mavericks...

It's FREE WINDOWS 10 time: 29 July is D-Day, yells Microsoft


Re: Windows 10?

> Pre SP1, XP was anything but good. I'd say fuckawful, actually

But after the car crash that was Windows Me, it was a Da Vinci masterpiece..

Your new car will dob you in to the cops if you crash, decrees EU


Re: Gah!

@ Wilco

I'm replying late here, but yes, good catch.

The figures I had seen had "13 million", but they incorrectly stated it as a *monthly* figure, which is what I extrapolated from, hence the order of magnitude difference.


Re: Gah!

The greens probably have a point.

100 per new car is a phenomenal amount of money. Well over 10,000,000,000. Annually.

It would lead to one hell of a road safety campaign, and given the cut in death toll many of these have caused in the past, it's not hard to think it may well exceed the impact these devices will have.

Zuck'ed up: Facebook opens up free internet in India – but bans HTTPS


Re: Data gathering and ad insertion

Nah, I doubt that's the case.

What's being described is similar to the system we used have with the OperaMini browser on 2G before 3G and smartphones took off, where everything was stripped and condensed on Opera's proxy servers before reaching your phone.

We had the same issue: No SSL, no video, extremely recompressed images, no fonts, limited formatting, no iframes, javascript.

You *could* choose to continue and access an SSL site, but you were then trusting Opera with your communications, and to their credit, they advised very strongly against proceeding.

What Facebook are doing here is pushing that optimisation onto the web developer side, rather than doing it on the fly on their proxy. Net result is the same.

Google's chief finance officer quits to go backpacking


Re: Reminds me of the old joke....

These silicon valley retirees often end up using their skills to mentor startups and support open-source projects part time.

Worst … commute … EVER – Surrey to Sydney


He's got children, so I guess it's understandable.

China and Russia start again with this UN internet takeover bull****

Thumb Up

Re: Why?

Aha. Interesting perspective.



Why is the US trying to offload its control over the Internet? I've never understood this. Surely it's a huge strategic advantage.

Professor's BEAGLE lost for 10 years FOUND ON MARS


Re: Watching from afar

A live mars cam would be really cool. Probably not too far off, either. But for the record, the satellite photography NASA supplied for some regions of Google Mars is higher resolution than the aerial photography on most cities in Google Earth! Check it out, around Olympus Mons.

Tor de farce: NSA fails to decrypt anonymised network


Re: Secure?

There's a time limit for edits, 10 minutes I believe. Perhaps you exceeded it?


Biting the hand that feeds IT © 1998–2019