* Posts by DougS

9698 posts • joined 12 Feb 2011

Erase 2017 from your brain. Face ID never happened. The Notch is an illusion

DougS
Silver badge

Re: What's so bad about bezels?

Physical buttons are not worth the huge amount of wasted space that could be used by a screen. The whole reason for going touchscreen was to eliminate the need for physical buttons.

0
0
DougS
Silver badge

Re: What's so bad about bezels?

That's a good reason to not have the screen go out the very edge on the sides, but is that really a reason to have a big 1/2" bezel on top and bottom? Dunno about you, but I never held my phone by the top or the bottom.

0
0
DougS
Silver badge

You've got nine other fingers if one is "compromised"...

1
0
DougS
Silver badge

Cheating on your wife

If your wife has your PIN/password she can use that to unlock a phone locked with biometrics, too. No difference over a non-biometric phone for cheaters.

Apple solved the "police can force a biometric unlock" problem with a simple method to instantly disable biometric unlock on your phone, making it so your password is required. The problem is, in the UK among other countries the police can force you to give up your password and jail you if you don't. So whatever you're protecting on there better have worse consequences than the jail time you'll do for refusing to provide the password, or you better REALLY feel strongly about standing on principle.

0
0
DougS
Silver badge

Re: Why the sudden bezelphobia?

Its simple, because you want the biggest screen you can have without making the phone of an unwieldy size. Only two ways to do that, have less wasted space so the phone is all screen, or have a phone that folds.

There have been rumors about Samsung and Apple working on folding phones, but I'm really unsure how that's going to work. Presumably you'd want to end up with something in the neighborhood of 16:9 for the unfolded phone. So is it a really long 16:4.5 or a squarish 8:9 in your pocket? Neither one really appeals to me. Maybe its a trifold, so you can start 5.3:9 and it'll be almost tablet size unfolded, but I have to imagine that would be pretty damn thick when folded! It will be interesting to see what they come up with, and whether people will really accept it or it'll be a passing fad like 3D TV.

0
0
DougS
Silver badge

Re: FaceID is better than Touch ID, in most cases

Its a mixed bag for me. I find it unlocks as quickly and naturally as Touch ID unlocked my 6s plus, but the requirement to look at it sometimes trips me up - i.e. if I'm watching TV and reach for my phone laying to the side if I don't slide my gaze over to it for a moment it'll fail to unlock and I have to relock/unlock it (anyone know if there's another way of telling Face ID "try again" other than hitting the sleep wake button once to sleep it and then again to reawaken it?)

When I'm riding my bike and I have my phone in a little mount on the handlebars I can't seem to get it to unlock while I'm riding. The combination of wearing helmet/sunglasses and movement/bouncing around a bit seems to be enough to put it off. Maybe if I trained it by entering the password after those failures...though typing in a password while riding would be even harder! I didn't really get an opportunity as I only had two rides in early November before fall really took over and the bike was put away.

With the phone lying flat I don't have any problems, I just have to lean forward a bit as I tap on the screen. You don't need to be fully above it, about a 45* angle seems to be sufficient.

0
0
DougS
Silver badge

The notch fades after a few days

When I bought my X I wasn't certain I was going to keep it - not only because I was unsure about the notch, I also was unsure about giving up some screen width from my 6s plus and whether I'd feel Face ID was as simple as Touch ID.

After a few days I stopped noticing the notch entirely, it doesn't bother me at all. I think I can see why Apple decided to do that - they want to remain visually distinct from other phones. The iPhone always has been, since no one else aped the big round home button - though it did end up costing them in an inability to reduce bezel size when other phones did in the last few years. They could have simply let the area around the 'notch' be bezel so no notch was required, but I think Ive chose the notch because the combination of that and rounding the screen could probably be successfully defended in court as trade dress.

The fact Apple haters hate the notch is only a bonus as far as Apple is concerned - no one is going to try to copy it when Android buyers hate it so much, so the iPhone's look will remain unique. Putting form over functionality to some extent has a long history - the shape of the Coke bottle being a prime example. You didn't have to see the label printed on it, if you saw the silhouette of the bottle you knew it was Coca Cola.

2
8

We need to talk about mathematical backdoors in encryption algorithms

DougS
Silver badge

Re: Layered encryption

DES was "terminally compromised" by an attack that reduced the effective key length of 56 bit DES to 40 bits which was crackable even in the late 90s. 3DES would have gone from an effective key length of 168 bits to 120 bits, which is still secure (note that these key lengths can't be compared to the key lengths of other schemes like AES where 120 bits would be useless)

If there was a mathematical backdoor in DES, then triple DES wouldn't do much good. But if you encrypted with say 3DES, then AES, and finally Twofish, for example, then even if there were mathematical attacks against two of them, you'd be saved by the third.

1
0
DougS
Silver badge

Layered encryption

If you used multiple algorithms wrapping each other it would be less efficient, but even if one had a backdoor you'd need a backdoor to all of them to get at the juicy plaintext.

I've read claims that encrypting already encrypted content is somehow less secure than a single layer of encryption, but I've never seen anything to back up that claim. I suspect it is an "old wives tale" of cryptography, but if anyone can point to evidence it really is the case, please do so. Obviously if there's some "known plaintext" like in a header or something you'd remove that or obfuscate it in some way to prevent it being levered as a way of breaking its outer layer (t.b.h. the same potential known header issue exists with compressed files and tar files, but no one suggests an encrypted bzip2 or tar file is less secure...)

0
1

Pest control: Eggheads work to help RoboBees dodge that fly-swatter

DougS
Silver badge

Re: Wot about the mice ?

A lot of places sell copper mesh for dealing with mice because it is uncomfortable for them to chew through. They can do it, but are supposedly less likely to do so than through other metals.

1
0
DougS
Silver badge

Re: Wot about the mice ?

Wrap it in a couple layers of copper mesh, perhaps?

0
0

Russia could chop vital undersea web cables, warns Brit military chief

DougS
Silver badge

Nuclear depth charge?

If you want to collapse the chunnel, wouldn't it be easier to smuggle an "ordinary" suitcase nuke onto one of the trains and blow it up from the inside?

I don't know how carefully cargo trains crossing are checked, but conventional explosives could probably do the job if you could bring a few hundred pounds of Semtex in some cargo... This would have the bonus of offering the possibility of making it look like terrorists, or Iran or North Korea, so the real perpetrator could plead innocence.

2
1

Ex-Microsoft intern claimed one of her fellow temps raped her. Her bosses hired him

DougS
Silver badge

Re: "seriously sexually assaulted"

Well obviously there are degrees. Forcible rape is much more serious than a quick grab of the ass.

24
4

IETF protects privacy and helps net neutrality with DNS over HTTPS

DougS
Silver badge

Re: This proves it...

If by "routing around it" they meant "turn everything into HTTP/HTTPS because that's all you can count on firewalls letting through" then I guess they were right.

4
0

FREE zero-day for every reader: AT&T's DirecTV kit has a root hole – and no one wants to patch it

DougS
Silver badge

On the twelfth day of Christmas a hacker gave to me, 12 DNS hijacks, 11 MITM Piping, 10 IoTs a leaking, 9 ladies dildos spying, 8 trojans a milking, 7 bitcoin ransoms, 6 lords a pissing (over privacy), 5 Android cracks, 4 jailbreaks, 3 spam bots, an update through flash and IE and a raid by the cops for child pornography.

5
0
DougS
Silver badge

On the seventh day of Christmas a hacker gave to me, 7 bitcoin ransoms, 6 lords a pissing all over privacy, 5 Android cracks, 4 jailbreaks, 3 spam bots, an update through flash and IE and a raid by the cops for child pornography.

9
0
DougS
Silver badge

On the fifth day of Christmas my hacker gave to me, 5 Android cracks, 4 jailbreaks, 3 spam bots, an update through flash and IE and a raid by the cops for child pornography.

12
0
DougS
Silver badge

Likely the tip of the iceberg

Cable/satellite companies just care about adding features for their customer's convenience, like wireless, streaming content off their DVR while away from home, and so forth. No doubt most are riddled with holes like this example, because they slap together open source tools without paying any attention to security.

16
0

Critical US mass spying program scrutiny lost amid partisan nonsense

DougS
Silver badge

Re: The deadline was extended until April

You have a lot more faith in the courts to restrict creative interpretations of the law by the executive branch than I do, I guess.

4
0
DougS
Silver badge

The deadline was extended until April

So they don't need to act on it in the next couple weeks.

0
5

Australian central bank says 'speculative mania' and crime fuel Bitcoin

DougS
Silver badge

It is only useful for crime or large transactions now

With the transaction fee now at $20 and still climbing, you aren't going to buy a cup of coffee or a wireless router with bitcoin.

6
0

Auto auto fleets to dodge British potholes in future

DougS
Silver badge

We're less likely to see major potholes with autonomous cars

What makes a small pothole big is people driving over it constantly. Where I live potholes are common, and even in the summer when freeze/thaw cycles are not an issue you see potholes growing when people keep driving over them and chipping away a bit more and increasing its size.

Autonomous cars will steer around them, alert the road crews, and the road crews will say "eh, as long as there's room to swerve around it why bother fixing it". And they might be right, why should they be fixed if they can simply be avoided? That would be the meatbag option as well if we were always looking closely at the road ahead, but usually I rely on memory - I have hit a jarring pothole in a certain location a few times so I remember it for the future and pay attention to avoid it when I return.

2
0

No one saw it coming: Rubin's Essential phone considered anything but

DougS
Silver badge

I think the author meant to say only 0.085% of Android owners unlock the bootloader. Sure, let's say Essential owners have a 50% rate of unlocking the bootloader. That means they have sold 10K instead of 5K. Still a major fail considering how much hype there was for it pre-launch.

3
0

One per cent of all websites probably p0wned each year, say boffins

DougS
Silver badge

What I don't understand

Why would someone who gets the passwords test them out by logging in with them? If the Reg was hacked, why would the hackers login with all of our accounts to test them? If you test a few you know they work, and testing them all would probably set off alarms with some. Plus it isn't like having control of a lot of accounts at a place like this is of any use to anyone.

Now if it was a bank or something, sure, then it would be something they'd test because they'd want to use them.

If they're really seeing 1% of their accounts get logged in to, the real percentage of compromised sites may be much higher!

As for the "well known American startup", that sure sounds a lot like Uber. Another "feather" in their cap...

1
0
DougS
Silver badge

I don't suppose the AC has any stats to back that up? Of course not, he gets his 'facts' from the same place as Breitbart, no doubt!

0
0

NASA says New Horizons' next stop might have a moon

DougS
Silver badge

Re: Not again...

what do you call it when a moon has a moon?

Inception.

Its turtles all the way down!

6
0

Lights, camera, 802.11ax-ion!

DougS
Silver badge

Re: Chicken, Egg

Eh, I'm skeptical there is any need for gigabit speeds to a single client, let alone multi-gigabit speeds. What's the use case? Faster downloads of the latest iOS update? If you are working with huge video or CAD files and have a very fast fileserver, sure, but that's a corner case and one that's usually handled by using a wire.

We've reached the limit of sensory input to humans, even streaming 4K Blu Ray quality video is only 100 Mbps or so. Anyone who thinks we're going to keep going to 8K, 16K and beyond just because it will become possible needs to read up on diminishing returns, and understand why consumers didn't care about better-than-CD quality audio formats and instead were perfectly happy with less quality in the form of MP3 and AAC.

Not saying we'll never need gigabit speeds to a single client, just that there isn't anything that needs a gigabit today or on the horizon, aside from a few niche cases that don't justify the development cost. Luckily 802.11ax is about using spectrum more efficiently to allow more clients to transmit simultaneously, rather than being about letting one client use more of it at once like previous standards.

0
2
DougS
Silver badge

Re: 10 Gig?

There's almost no purpose to higher speeds for a single client, I agree, but the headline feature is better sharing of resources since a single client isn't hogging a whole 20 MHz wide channel for itself when it isn't using close to the whole capacity. Instead a couple dozen streaming clients could share that 20 MHz channel instead of having to switch back and forth and waste resources when one is getting data at 20 Mbps over a channel capable of many times more than that.

It also uses the 20 MHz wide channel more efficiently (higher order modulation, assuming sufficient SNR) so it squeezes more bits out of that before it subdivides it amongst a bunch of clients that have ordinary 1-100 Mbps type needs instead of ridiculous demands for a gigabit.

But yes, you'll need a faster than one gigabit connection if you will actually have enough clients connected at once doing enough stuff that the gigabit will be a bottleneck. NBase-T lets you go up to 5Gbps over the same wiring you used for gigabit (cat5e or better) which maybe isn't able to squeeze every last drop out of 802.11ax, but how many people will have enough wireless clients going over one AP that regularly exceeding 5Gbps is going to be an issue for them? If so, maybe you need to think about adding another AP...

1
0
DougS
Silver badge

@Alan Brown

Unlike 2.4/5GHz 802.1ax runs at 60GHz or higher

Where do you get this idea? It runs in existing 2.4 GHz and 5 GHz bands. You're thinking of 802.11ad.

1
0

Facebook announces ad revenue reroute: When Irish eyes are crying

DougS
Silver badge

"Aggressive tax avoidance"?

Laws like that are terrible, because what is "aggressive" is subjective. Two people/companies could be using the same method and one found guilty and the other not based on who happens to review their taxes, or if they had a fight with the wife that morning.

1
1
DougS
Silver badge

Re: It's over guys.

Eventually Myspace was doomed because of problems with spam, but they were WAY worse than Facebook. Also there was an alternative for Myspace users to migrate to - Facebook.

Where is the alternative for Facebook users to migrate to? Without that, it is going to take a lot worse before they leave. They might start using it less but they aren't likely to leave.

2
0
DougS
Silver badge

How will they allocate the cost?

In a given country they make X in ad revenue, and have Y in expenses for local sales people and support staff. So their gross margin is X-Y. How will they account for the servers, people to run them, network costs, and so forth? That's where it gets tricky, and a lot of room is left to make that profit shrink to almost nothing.

It is a lot more transparent for companies that sell products, especially if they don't sell directly but only through third parties. Then it is wholesale price X * units N - local support staff cost - allocated share of corporate overhead = profit. It is easy to allocate your overhead based on the revenue in that country versus your worldwide revenue.

3
0

US authorities issue strongly worded warnings about crypto-investments

DougS
Silver badge

I thought George Soros was supposed to be one of the puppet masters? If a billionaire has puppet masters, where are these trillionaire puppet masters?

3
0
DougS
Silver badge

Has anyone seen reports of REAL bitcoin millionaires?

As in, they actually cashed out ahead over a million dollars? I'm sure there are a few, but someone who bought a few hundred bitcoins a couple years ago for $5000 and who now have holdings worth $2.5 million or whatever aren't millionaires because the price of bitcoin could drop back down to where it started the year by Dec. 31.

Having a million dollars worth of bitcoin is one thing, but given how illiquid the exchanges are, someone who tried to sell a few thousand of them at once would probably cut the price in half.

4
0

Google's Project Zero reveals Apple jailbreak exploit

DougS
Silver badge

Re: The question now is...

Why would they need to retaliate? He told Apple about the bug, Apple released an iOS update that fixed it, a week later he made the info public. If he was making the exploits public without telling Apple about it I could see where they'd be pissed, but he's helping them out here.

Besides, if you read the sequence of steps here this is a REALLY esoteric and out there bug. He didn't just find a corner case, he had to build the corner first. If this is an example of the amount of work it takes to find a new jailbreak level attack, Apple is closing in on shutting down jailbreaks entirely.

0
0

Trump to NASA: Fly me (or some other guys) to the Moon

DougS
Silver badge

Presidential directives to the go to the Moon have been meaningless since 1969

Previous presidents have talked about going to the Moon or Mars, but when NASA asks for real money to start trying to make it happen that's always one of the first things cut by congress.

The republican congress will not support Trump in this, there will be no money in the budget (assuming there is a budget instead of more continuing resolutions) for NASA to get us back to the Moon. They've consistently been against giving NASA sufficient funding for manned missions. Many don't even like the idea of spending money on unmanned missions to Mars, even though they're about two orders of magnitude cheaper.

Even if congress did approve the funding, they need to keep approving it for a decade before we'd be ready to go. Next economic downturn that causes our deficit to really balloon the idea of spending tens of billions to go where we've already been is out the window. That's a lot more politically palatable cut than where the real money is (defense and entitlements)

3
0

Shazam! Apple chucks £300m at Brit what's-that-song app – report

DougS
Silver badge

Probably only in the US. I mostly skip through the ads, but occasionally I'll see the Shazam logo and they'll invite you to Shazam the ad for some sort of deal or promotion. I never have tried it so I don't know how it works.

0
0
DougS
Silver badge

Re: Bringing a bit of the 2010s to the 1990s

They already do work together, so that's not the reason why they bought it.

2
1
DougS
Silver badge

Re: Optional?

It defaults to that? So if you are in a bar, every 3-4 minutes you get a new notification about what song is now playing? That seems really annoying.

While the idea of always-on listening is not a bad one - i.e. if you heard just the tail end of a song but by the time you wondered what it was and tried to Shazam it it was over you could look up what it was - having it continually displaying it is stupid.

1
1
DougS
Silver badge

Location data

One of the cool things with Shazam is looking at the map and seeing what music is being shazamed where. Want to know what's hot in Ibiza, you can look it up.

This is something that's valuable to the record companies, but as Apple is a pretty big "record company" in its own right this is probably valuable to them as well. If someone is wanting recommendations in iTunes or Apple Music, Apple knowing what's trending in lookups where they are located can only help make those recommendations better.

0
1

Archive of 1.4 BEEELLION credentials in clear text found in dark web archive

DougS
Silver badge

I have two accounts on there

Both of them have a similar password, which is what I use for throwaways - one for places I never need to look at the email (goes to a hotmail account I never login to) and the other for places I may need to look at the email (mostly used for online shopping at places that don't save your CC info or web forums)

They've had the same password for 15+ years so it is not surprising they were on the list. What I was surprised about is that my non-hotmail email address was not listed with a SINGLE other password, indicating nothing I consider more important and gets a better password was compromised. Out of a list of 1.4 billion I was kind of expecting I might need to go do some password changes on sites like amazon, ebay, facebook and so forth but I guess that can wait.

2
0

Forget Bruce Willis, Earth's atmosphere is our best defense against meteorites

DougS
Silver badge

Re: So what happened to the 12,000 ton Chelyabinsk meteorite?

If it is 20% air, it was probably formed as gravity from a few good size chunks (the 5 tons they found) attracted some gravel/sand size pieces and many tons of dust. The dust would just disperse in the atmosphere and probably ended up all over the planet - and some of may still be aloft.

9
0

Kentucky lawmaker pushes smut filter law (update: maybe not)

DougS
Silver badge

Maybe he'll use that as an excuse

"Smut on the internet made me do it!"

11
0

Elon Musk finally admits Tesla is building its own custom AI chips

DougS
Silver badge

Re: Musk is crazy

I'm sure he knows some AI luminaries who claim AGI is just around the corner, but they've been saying that since almost back when we started getting promised we'd have fusion in 30 years.

1
0

FCC backtracks on helping with neutrality fraud investigation

DougS
Silver badge

Pai was a republican member of the commission before Trump elevated him, if a real republican had won the presidency instead it is likely we would still have Pai as commissioner, and he'd still be pushing full speed ahead to do away with this regulation.

There are plenty of things you can blame on Trump and his special brand of swamp creatures he placed into positions of power, but this isn't one of them.

17
0

YouTuber cements head inside microwave oven

DougS
Silver badge

They should send him the bill

When the victim is 100% to blame for his own need for help, he should pay for their services - plus a surcharge to help defray the cost of providing services to those who need them through no fault of their own.

Then maybe people would think twice about doing such things. Or maybe they'd think twice about calling for help, but if he'd died at least we wouldn't have to worry about him doing something equally stupid next month once he cashes in from all the views his video generates (I specifically didn't watch because I don't want to pay an idiot for being an idiot - the exception would be if he had a video where he castrated himself so he wouldn't impose his obviously inferior genes on the human gene pool)

7
0

Los Angeles police tell drivers not to trust navigation apps as wildfires engulf area

DougS
Silver badge

Re: Techdrone

I don't think bob was promoting that Jerry Brown conspiracy theory because he believed it, just as an example of the crazy shit people will come up with. And unfortunately conspiracy theories that are based in politics, nationalism or religion (these days they are all one in the same) will automatically win some adherents because it fits in with their biases and preconceived ideas. The left pushes their own conspiracy theory blaming global warming for the wildfires, which fits in with their "religion" equally well as "big government democrat made all the lawns brown and burnable".

The real blame goes to California's policy of fighting every fire, even in conditions where they can be easily controlled or areas where they will do no damage to lives or property. Prior that policy, there were lots of small fires that meant the amount of fuel available for future fires was less and areas that had not burned in decades were small and surrounded by areas that had burned more recently.

Instead the amount of fuel increases every year. If they had recently had small fires that burned here and there those areas of natural firebreaks with less fuel would make it much harder that a big fire could cross them and grow to the immense sizes we're seeing now.

1
0
DougS
Silver badge
Paris Hilton

This is where I'd hit the 'LOL' icon if this was on Facebook, though perhaps I should hit the crying face icon instead so Paris.

0
0

Security industry needs to be less trusting to get more secure

DougS
Silver badge

Re: Where has she been living?

Assigning all processes owned by a given user to the same trust domain versus not is basically an extension of concepts like sandboxing Java code. I am running a browser and an email client at the same time, but I don't want the browser to be able to access the email because someone could write some rogue Javascript that exploits a bug (breaks out of the sandbox) and sends copies of my email to persons unknown. Likewise, I don't want a carefully crafted email that exploits a bug in my client to snag my browser history.

I don't want either to have full access to my home directory, but only to specific areas, unless I designate special one-time access (for e.g. attaching something to an email or uploading something to a web site)

There isn't an OS that has such fine grained protection - iOS is perhaps closest of mainstream OSes but that security comes at a price of reduced flexibility. Bringing that extra layer of security to those who chafe under the constraints of iOS is the nut no one has cracked.

To really do the job right and improve on what iOS does while still maintaining full flexibility you'd have to expand the concept of Unix's uid to have a uid primary and any number of secondaries. Each process (or perhaps each thread) would have its own secondary uid and only be able to attain the access rights of the primary uid under specific circumstances. That would allow effectively protecting everything from everything else, of course the devil is in the details over how those "specific circumstances" are implemented.

0
0

Walk with me... through a billion files. Slow down – admire the subset

DougS
Silver badge

Re: reads will be to stuff already cached in memory

The problem is with a billion files at 256 bytes per inode, even ignoring directories, that's 256GB of inode data. That's a lot of RAM to dedicate to caching inodes, and then you have to cache the directories as well, so you're probably up to 300GB.

Sure, you can get servers with enough RAM that that's feasible to do, but even if you can configure the OS to cache that much the OS itself may become a limiting factor. It might not search a cache that large very well, as it will have been designed/tested to deal with inode caches orders of magnitude smaller.

Not excusing the advertisement article, it is acting as if a b-tree based filesystem is some sort of new innovation. Personally if I needed to know how long it had been since a given file was accessed I'd have a background process walking the directory tree and looking for changes and building a database. Using the last access inode entry you can tell which subtrees you don't need to bother walking and updating, making the process far more efficient than what is described in the advertisement article.

1
0

Forums

Biting the hand that feeds IT © 1998–2017