love perl || die;
live perl unless dumb;
190 posts • joined 11 Feb 2011
love perl || die;
live perl unless dumb;
If someone knows your session key, they can with some cheap software defined radio gear start attacking the ancient, completely insecure protocols that precede TLS connections and VPNs, DHCP and DNS.
You can't really trust TLS if you're not really sure if the hostname resolved to the right address. Doubly so if the security is totally non-interactive and it's vulnerable to the DNS returning PTR records.
That's not how it works.
ISPs provide v6 and v4 in parallel allocating both a v4 address, for which the customer is generally obliged to supply NAT for themselves, as well as an IPv6 prefix so that the customer's computers can configure themselves with SLAAC if they haven't explicitly set up DHCPv6.
All consumer operating systems are smart enough to send both AAAA and A requests when they do DNS lookups, so when I talk to google on my laptop here I get their v6 addresses, but when I talk the register (who still have no v6 configured, SHAME) I get the v4. v6 traffic goes out over the ADSL in v6 records, v4 goes out in v4 records and never the twain shall meet. The ISP provides no 6to4 gateway, and I'm pretty sure if I tried to ping IPv4 address in the IPv6, my ISP would just drop the packets.
My (united) kingdom for a politician with the balls to stand up and say that brexit would be a disaster and isn't happening. Even the die hard euroskeptic Tories must realise what's going to happen by this point. Why must we continue to drift towards the abyss just because a bunch of little-Englanders decided they hate Polish people?
Memset too hard for me. Me need library to do dis.
It's the internet, dude. They should thank their lucky stars they don't have to name their boat RRS Hitler Did Nothing Wrong.
I don't blame you. Windows update has gone full malware at this point.
It's basically impossible to uninstall compattelrunner and its ilk and keep them uninstalled, Windows update won't take "no" for an answer. I hope it's possible to take them to court for this behaviour, surely installing things on your computer requires some kind of consent?
Microsoft seem to have completely given up on the idea that they can produce an operating system that people will pay for, even out of inertia. Now we suffer from this ever evolving MS nagware, but I can only assume the next step is outright malware that drive-by installs Windows on any machine visiting an infected website. I can't wait for MS to develop software to reflash the bios on vulnerable macs rendering them incapable of booting OS X.
Or just add an X-Haiku header to every HTTP request with a random haiku in it.
Infrastructure is built at tax payer expense, and run profitably for a few years. Then a class of politicians will come along who have been bought by the right companies who'll decide that somehow providing much needed services to the citizenry is not a business the government should be in. Then the infrastructure will be sold off to private interests for a fraction of its worth, the prices will be jacked up unreasonably and the new operators will be seen whining to Whitehall every year about how beleaguered and in need of subsidies they are.
But if you let its radar lock on to flying objects the size of drones, it'd be raining pigeon corpses in the yard 24/7.
You discovered our evil scheme. All the while we worked on the Symbian installer, we were laughing to ourselves about how our misandrist file extension was destroying the world of men.
Fortunately for our dastardly plot, the patriarchy forced men to pretend to be strong and not injured by this outrage.
Not so much the canals of Mars as the rivulets of Mars.
Probably because the world and their dog would complain that everything is broken if they had to view the world through a 6to4 translator shared in common with few thousand other people.
It's all well and good having an IPv6 address, but until all the world's services are IPv6, it's going to break things if your house doesn't have at least one IPv4 address to itself.
Shame on El Reg for not doing their part:
> Pinging www.theregister.co.uk [22.214.171.124] with 32 bytes of data:
> ..................................SHAME!.<^^^^^^^^^^^^> SHAME!
As of a few months ago, that's no longer true.
Now any clients that want to be compatible have to leach off the Browser version's data, probably breaking the terms of service and getting broken at the whim of facebook. Joy.
Or perhaps there just isn't anyone in the entire world tedious enough to tweet about how they bought quinoa at Nando's with their iPhone.
Nope, "founder" is exactly the word they were going for. It's a nautical joke, innit.
I think the StackOverflow bias is mainly towards languages that clueless newbies think they should know.
I've long since given up with either asking or answering questions there. For most queries you'll find there, the proper answer is "when is your homework due?" and if you ever have a question of your own that's hard enough to give you more than an hour's pause, then you'll never find anyone knowledgeable enough to answer your questions in return.
they didn't leave the little head on. I don't like to empathise with my dinner, thanks.
Our washing machine bleeps ceaselessly once the cycle is finished until you open the door. Believe me when I say awe is not the feeling this feature inspires.
Does this actually work for any reasonable definition of "work"? It would seem like this would be a derivative of youtube's automatic subtitling, which is legendarily awful. Except with the constraint of having to be real time, so it's limited in just how many audio frames it can look ahead to get grammar hints (though it can go back and revise if it has a better idea later, I suppose.)
If it's anything like what I've already seen, I think a lot of tourists are going to be very confused.
"It carefully targets sites whose sole purpose is to make money off the back of other people's content while paying nothing back into the legitimate economy."
Wait, isn't that Google's business plan?
Mobile operators desperately need the Picard speech at this point. "I will not sacrifice our SIM cards. We've made too many compromises already, too many retreats. They took our app revenue, and we fall back. They cannibalise entire network services and we fall back. The line must be drawn here. THIS FAR, NO FURTHER."
Noted opinion haver has opinions. Film at 11.
Maintaining public rights of way is one of the liabilities you accept when you buy a property. If he's pissed about it, well tough. Caveat emptor.
I did enjoy the idea that it was the members of the public who are greedy, not the billionaire who wanted a private beach though. Keep it up, you'll master satire yet.
"Yer mum, mate."
I really hope they haven't convinced the major card issuers to back their proprietary proximity payment system. The last thing we need is that sort of fragmentation.
The right answer is to tell them to get with the program and implement the open standard everyone else uses.
I mean, barclays hand out time-based password machines to all their customers. Why not just ask telephone banking customers for that, rather than buying an expensive new system that'll probably be about as secure as a glass bank vault.
Sigh. As if 100% sandboxed or a complete free for all are the only two states of being possible.
You only have to look back as far as Symbian to see how to do it properly. Private data was private to the app, public data was public, and there was even an intermediate state where data could be shared between particular applications but not with the world at large.
Call it what it is: laziness. They can't be bothered with proper security, so they have this half-arsed system that inconveniences everyone.
"I think your bang on there, some stupid mugs are going to be left holding worthless bits of paper in 12 months."
Probably the same mugs who are already holding a bunch of worthless Zynga stock. Some people will never learn.
Having had a smash hit in the volatile mobile games market does not qualify you as a sound investment. Past experience indicates success isn't repeatable. Even if King somehow have found the magic formula to creating a stable business out of mobile games, wouldn't you want to see them demonstrate that before the IPO?
GIF is a lossless standard like PNG. There's no wiggle room for better compression without discarding data or changing the format, a GIF is a GIF. At this point, it's pretty unlikely that a new animated image format will catch on. Anything you can't do with a GIF, people are probably going to do with a canvas.
People are already doing clever stuff with compressing the motion bit of animated gifs by defining the smallest part of the image that needs to be updated with each frame. Most video clip to GIF software does this.
Come now. Even at the height of the cold war, when we were quite prepared to obliterate Beijing with atomic fire, we wouldn't stoop so low as to inflict Chairman Thatcher on the poor bastards. I'm pretty sure that's considered a crime against humanity.
The suckers who invested in a loss-making company at IPO?
You've got to strongly suspect every single tor node is compromised. It doesn't seem like the cops have very much trouble busting all these black marketeers.
Marvin the Martian, surely.
Its one weakness: Poor reception on radio 4 long wave.
"venture-backed opportunity." Jesus wept.
What ever happened to making something people want and charging money for it?
In other news, managers still stupid enough to believe what they lose in productivity they can make up for in volume.
Geeksphone can't even ship their own damn phones. My guess is this'll launch some time around the 20th of never.
I'm sure the killer application for DIY 3D printing is minature wargames piracy.
If there aren't laser scans of Games Workshop minatures on the pirate bay at this very moment, there really ought to be.
@A.O No, but unless you seriously want a court case to turn on whether a jury of Americans thinks a joke is funny, I'd stop asking awkward questions.
Since almost all parody produced today is ultimately for commercial gain that seems like a pretty silly argument. I never heard anyone complaining when Spitting Image were producing their parody albums doing exactly what the Beastie Boys are complaining about here.
In fact, I think this is far more defensible than actually selling the song itself. It's unarguably transformative, has absolutely zero impact on the commercial value of the original, uses only a small subset of the original work, and considering the opposite intent of the new lyrics it probably qualifies as parody (in this case of the song, rather than the artist.)
After all, what would he have done if the thief decided to send a letter to the police with the man's address and information about "what business he is in"?
Not really the same thing.
In the UK, it's all about conning people in to sending texts to premium numbers. Same with those silent calls to try to con you in to dialling the premium rate number in the caller ID.
In the US they have this really bizarre practice of charging you for text messages you actually receive. The user doesn't have to do anything other than fail to text STOP back.
TLS implemented well is more than enough to keep even professional criminals from eavesdropping on your traffic. I'd far sooner trust Twitter to use OpenSSL or GnuTLS according to the instructions than I would them implementing their own cryptosystem. Frankly, they're almost bound to have got it wrong somewhere.
It does nothing to keep the real problem at bay, that being government agents bearing rubber-stampted court orders, and adds a real element of risk that they've fucked it up and made themselves vulnerable to actual, feasible attacks rather than the largely theoretical bullshit attacks against TLS 1.1.
Why not just deploy TLS 1.2 everywhere and wait for browsers to catch up in support?
I'm sure they can solve other crimes by handing the criminals wads of money too. Think of the reduction in burglary if they just paid everyone thinking of doing a B&E job.
If the Apple Smartwatch was a cunning ploy to waste all their competitors time. It'd be genius. Put about a rumour that you're about to release a revolutionary new piece of consumer electronic tat that'll open up a whole new market sector, then point and laugh as all your rivals put out their own competitor to your phantom product that predictably flops on the market.
OK, not very likely, but it makes a hell of a lot more sense than actually developing a watch.
Considering it's a dead tree publication, I can only assume that'll be 50% of nothing.
Having seen what's been happening with other niche publications like New Scientist, I think their days are numbered even before launch.
Biting the hand that feeds IT © 1998–2017