* Posts by DougS

12862 posts • joined 12 Feb 2011

As of today, iThings are even harder for police to probe

DougS Silver badge

Full disk encryption

The flash in iOS devices already had full disk encryption. The reason you're able to erase your iPhone so quickly is because it doesn't erase anything except the encryption key it randomly chose for the filesystem, choosing a new one and marking all blocks as being available for reuse. If it actually erased all the blocks it would take more time and a 256GB phone would probably get a bit warm in your hand with all that flash block erase activity (that's the most power intensive thing NAND flash does, by far) If you've ever done a secure erase on your SSD you'll know it is something that takes at least a minute, maybe longer on a large one.

So I'm not sure what APFS is adding to iOS in terms of security. The big changes might be more for macOS.

How Ford has slammed the door on Silicon Valley's autonomous vehicles drive

DougS Silver badge

Re: No CAN BUS, but you could link them with ODB-II

Suppose I should have looked to see if they were already existing. So much for filing a patent and getting rich off my idea I guess!

DougS Silver badge

No CAN BUS, but you could link them with ODB-II

ODB-II supports a lot more than reading/resetting diag codes, which is all that most people use it for. You can get info on fuel remaining and tons of other stuff. If you wanted to support that on your phone without your car maker cooperating, someone could develop an ODB II connector with bluetooth that your phone could pair with.

Just leave it plugged in all the time, put a little memory in it so it can record data when your phone isn't present, and you could have access to all your car's data every moment it drives from your phone. And this is something you could do even on a 10 year old car...

iPhone-havers think they're safe. But they're not

DougS Silver badge

The real #fakenews is from idiots who think CVE counts matter

Apple files a CVE for every security bug they fix, even ones they discover internally. Compare with Android updates which show security bug fixes that don't all have an assigned CVE. That alone makes such comparisons useless, but it is far from the only problem with thinking CVE counts are a way of comparing the relative security of two platforms. There's relative impact, whether you assign one or many for a particular module that has multiple issues, how hard people are looking for flaws (if a platform is insecure and there are already good unfixed exploits available to you, there is less incentive to look for more) and so forth.

Why is it always anonymous cowards who post the crap about CVE counts, and always using them to make specious claims that this alone proves Windows and Android are more secure than Linux and iOS.

DougS Silver badge

Re: Any indication

In order to use location services in iOS, an app has to be given that permission by the user. If you refuse that when it asks for it then it can't access it. Or if approve it you can later change your mind by going into settings and disabling it for that app.

Calling something that is allowed by the iOS API and with permissions that are controlled by the end user "malware" is simply a way to inflate the stats for mobile malware on iOS to hype up the threat. It is almost as though the companies mentioned in the article, Nokia and Skycure, are selling products to defend against malware. Oh wait, they are!

I don't give apps like Facebook or Google Search access to my location, but I did give access to an app I use to track my bike rides. Because that's pretty much required if it is going to be able to do what it is designed to do. Yet that would be considered malware by these knobs, because it is tracking my location? Location tracking is only malware if the app is able to do so 1) without user permission and/or 2) without any way for the user to disable it.

Happy Motherboards day: Here's some (Optane) memory

DougS Silver badge

Re: Server use

Can't find it at the moment, but I saw some specs for Optane yesterday that listed the max power draw at 18 watts. Unless there was a decimal accidentally left out of that, I think it may be subject to thermal throttling under heavy use as well.

DougS Silver badge

Not only that, they based their speed comparison between a PC with a high end Z270 motherboard and top range i7 CPU with a 1 TB hard drive and the same with the Optane m.2 card. Who is going to buy such a high end PC without an SSD? No one, that's who! I guess it doesn't show any useful speed up when measured against a PC configured in a sane manner.

Apple squashes cert-handling bug affecting macOS and iOS

DougS Silver badge


I'd argue that's the most important part of this update, because it is converting the filesystem from HFS+ to APFS in place. That's Apple's future filesystem, that future features and security improvements will depend upon.

In the process of upgrading right now - but I made sure to do a quick sync beforehand, because as an long time IT pro, the idea of an in-place filesystem upgrade makes me nervous even though I'm sure they tested the crap out of it :)

Astroboffins clock thriving stellar nursery nestled in violent supermassive black hole

DougS Silver badge

Re: Star cannon

And a magnet only, what, a few hundred light years long?

Ex-military and security firms oppose Home Sec in WhatsApp crypto row

DougS Silver badge

@AC - signing keys are VERY different from encryption keys

Consider how often Apple has to access their signing keys. They release about 8 iOS updates a year, which means it can be kept in a safe in a secure room and only removed to sign a new release which can be done on a non-networked computer in said secure room. Pretty hard for it to escape. Even the key used to sign betas is used maybe 50 times a year, so it might not be treated quite so carefully, but still very likely lives in a safe and never touches a machine that ever has or will touch a network.

It is easy to keep a signing key secure under such circumstances. An encryption key cannot be used or maintained in anything remotely like those circumstances, meaning it is far more likely to be compromised. The CIA and other intelligence agencies would probably not have much trouble getting a mole planted within Apple to steal an encryption key. It would be easy to do that at about any company, the only exception being ones that have few employees and pretty much only hire people they know. By comparison it is VERY unlikely they could get a mole into a position where he could get hold of Apple's signing key. Probably only a handful of employees even have access to it, and they may require two people in the room at once to prevent the possibility of it being stolen.

UK Home Sec: Give us a snoop-around for WhatApp encryption. Don't worry, we won't go into the cloud

DougS Silver badge

Re: In a crisis, politicians have to be seen to "do something"

If the government was going to require key escrow, iMessage et al to centrally manage keys so they could give half to the government or whatever braindead scheme politicians might concoct.

The argument "but we don't control the keys so we can't give them to you" would be met with "then your product is not approved for sale or use in our country", if a government was inclined to crack down on encryption it couldn't control.

People would be forced to use open source products, or let the government access their encrypted data.

DougS Silver badge

In a crisis, politicians have to be seen to "do something"

This is "something". It doesn't matter if it is practical or even possible. They can talk about it, wait for the heat to die down, and if asked about it six months from now say "we are studying the issue".

Even if the ones in charge are not technically competent enough to understand why encryption where the government controls the keys is impractical (especially in a place like the UK where none of the companies making the phones or the software are resident) the wonks working for them do. There will never be a serious effort to revive the Clipper chip - that ship sailed once public key encryption went open source and patent free.

Converged systems market is so hot it just went backwards

DougS Silver badge

Re: Err...

Enterprise disk arrays didn't have anywhere near the controller horsepower required to perform dedupe and compression across all LUNs on a busy array. That didn't happen until all flash arrays made their appearance. It was out of necessity - flash cost so much at first they needed to reduce the amount required to an absolute minimum.

Or maybe you can point me to an enterprise disk array introduced more than five years ago that offered dedupe & compression for all LUNs, since you think we've had it "for ever".

DougS Silver badge


The whole point of converged systems is to more efficiently utilize your resources. So it makes sense that as they mature and improve the revenue should drop. i.e. if you are better able to use deduplication and compression in your storage you buy less (not to mention how quickly the price of flash is falling)

If it wasn't for greater efficiencies no doubt the storage growth would have been a lot higher than 4%, because we seem to keep finding ways to generate more data. We just don't have to keep 10 copies of it anymore.

Robo-Uber T-boned, rolls onto side, self-driving rides halted

DougS Silver badge

Re: Bizarre response

Probably the deal they made with the state to allow the cars on the road at all required taking them down in the event of any accident until a full investigation is complete. That's entirely reasonable at this early stage.

Even if they didn't have to, given all the negative press they've had in the past couple months, they would probably prefer to show they are willing to err on the side of caution.

Toshiba's nuclear power plant business runs out of steam

DougS Silver badge

Re: Hmmm

He's got a bunch of oil men in his administration, and has promised to bring back coal jobs in some of the states that helped elect him (quite how he will do that when unsubsidized wind energy is cheaper than coal in the US now, and solar is not far behind is a mystery unless he gives huge tax breaks to coal)

So I don't think there's any room for nuclear in his world view, except in the form of bombs.

Dishwasher has directory traversal bug

DougS Silver badge

Re: It's crazy, but it's very Miele

Having appliances that can call for service is a totally acceptable use of "IoT". That does not require an internal web server though, only the ability to send an email. If you want an internal web server for information or diagnostics, require a magic key sequence on the front panel to enable it and automatically disable it after one hour. That way only someone with physical access can turn it on, because they are the only ones who should ever need to access it (on a tiny LCD front panel, not a web server) It has an option for a modem that will call for service, but it isn't installed.

You can document the key sequence in the owner's manual if there's stuff in there the owner might want to see. The geeks among us might enable it every month or two to see what information it collects (amount of washes, amount of water used, amount of electricity used, date of last service, etc.) The water softener at my business collects info on the amount of water used and can report instantaneous flow rate, which I found useful a few times.

The flaw is thinking that a device needs to be connected and available full time. I realize this is a commercial model intended for laboratory sanitization, but it is still hard to see why you'd need to have a full time web server. Though hopefully at least an institution that buys something like this (I assume it is easily into 5 digits) has a firewall and a full time IT organization.

Amazing new WikiLeaks CIA bombshell: Agents can install software on Apple Macs, iPhones right in front of them

DougS Silver badge

Re: You don't bug the phone in the factory

I'm not sure how apps are detecting whether a phone is jailbroken, so I'm not sure how easy it would be to create a jailbreak that evades such detection. If anyone could find a way around that, it would be state funded actors with essentially unlimited budgets.

How common are apps that detect it? I've never jailbroken my iPhones, so I have no idea how prevalent this is.

DougS Silver badge

You don't bug the phone in the factory

You intercept it during shipping. The only reason you'd need a mole in the factory is to get you some phones before they start shipping, so you can get a head start and figuring out how to bug it. Then you simply swap the bugged phone for the original in some airport cargo warehouse.

Since new phones aren't locked, you don't need to worry about a user's encryption keys and so forth. You just need a way to jailbreak it, and then you can hack it up to your heart's content. Then make it appear to run through the same "unboxing" sequence as a new one, and the victim is none the wiser unless he tries to jailbreak it and found that's already happened. Not sure how they keep their hacks intact after an OS update, but since minor updates only replace some files I'm sure they've got that figured out.

DougS Silver badge

Re: Secure by design...

While I agree, and I think perfect security is a goal, not a state possible to reach for such a complex product as a smartphone, I think Apple is on the right path with the way they have multiple layers of file/device encryption (google the iOS Security Guide to read the nitty gritty details)

The big hole as I see it for when your phone is in a 'locked' state is that keeps some of the encryption keychain handy because it has to be able to do stuff like receiving text messages that need to be written to the database or whatever where they are kept. If they used sort of an intent log to track stuff that happens while the phone is locked, and loaded code for functionality that is necessary while locked into RAM (i.e. ability to make emergency calls or whatever) then they could drop the entire encryption keychain while locked.

Now obviously if you have a fingerprint unlock that's trivial to defeat, but if you chose a nice long password instead your adversary would have to come up with an exploit for the secure enclave if you want to break into the phone without taking it apart. That's probably not possible given that it runs the formally verified L4 microkernel.

At that point you'd need to attack the secure enclave physically, by disassembling the phone. It really only needs to be "secure enough" that it isn't possible to stage an on-site black bag operation over a short term - like say they break in while you're in the shower. Obviously if they can take it to a secret lab that operates on an unlimited black budget there isn't much you can do - and if they're going that far they can simply rendition you and use the $5 hammer on your kneecaps to make you tell them what they want to know...

I wouldn't be surprised if after the brief battle with the FBI, Apple has put a lot of thought into how they can tighten things up by insuring that the entire keychain is dropped for a locked device, and tightening up the hole the FBI wanted to use - i.e. the ability to install firmware in DFU mode which Apple deliberately put in place to allow recovery from a bad flash. Considering that iOS 10 development would have been pretty far along when that happened, you wouldn't see any of the fruits of that yet, but there's a pretty good chance we might see something of that effort in iOS 11.

DougS Silver badge

Re: Secure by design...

These hacks all use physical access. Please tell me which OS you use that's secure against physical attack?

As for 'secure by obscure', Apple has sold over a billion iOS devices as of last year, so one could hardly claim it is obscure.

Bloke whose drone was blasted out of sky by angry dad loses another court battle for compo

DougS Silver badge

Re: Guns...

A shotgun loaded with birdshot isn't lethal to anyone if it is aimed up in the sky at a drone. If you're going to go around shooting guns up in the sky like cowboys and terrorists love to do, that's the safest option by far. No damage to people or property, and so long as you are using non-toxic shot (i.e. not lead) then it won't kill birds that accidentally eat it, or harm pets who eat those birds.

I suppose you could use a load of rock salt too, but then the drone would have to be really close.

Astroboffins stunned by biggest brown dwarf ever seen – just a hop and a skip away (750 ly)

DougS Silver badge

Or you're incredibly patient.

Google pulls Hezbollah YouTube channel after we told them about the drone ads

DougS Silver badge

A drone ad on a terrorist channel makes perfect sense

Perfect sense to Google's algorithms, that is. The words "terrorist" and "drone" are often found in the same web sites / articles (i.e. with titles like "drone strike kills four militants" or "experts concerned that terrorists will attack airports with drones") so the algorithm will think that as the two often go together drones would be a good targeted ad!

Squirrel sinks teeth into SAN cabling, drives Netadmin nuts

DougS Silver badge

Re: SAN?

Not only is a proper network, but you can run a SAN over ethernet (FCoE) or IP (FCIP) and even do it the other way around and run ethernet or IP over fiber channel, though the latter did not see much use.

Boffins reveal how to pour a perfect glass of wine with no drips. First step, take a diamond...

DougS Silver badge

But how could they patent it if they don't have a good invention story? Oh yeah, I forget like all the "X, but on the internet" and "X, but on cell phones" this is "X, but on wine bottles" where X = groove like on window sills.

Disney plotting 15 more years of Star Wars

DougS Silver badge

Looking forward to Episode XVIII

Star Wars XVIII: The Batt.... Just hand over your money, you know you're going to

Amazon dodges $1.5bn US tax bill: It's OK to run sales through Europe out of IRS reach – court

DougS Silver badge

Why they should pay US tax on that

The US taxes its citizens on worldwide income. If I go to India and work there, I still must file a tax return and pay taxes in the US. Any taxes I paid in India are a credit against my US taxes, but if taxes in India were 20% and my US taxes were 30%, I'd pay 20% of my income to India and 10% of it to the US.

This is why you see US companies like Apple keeping massive piles of cash they earned overseas in accounts overseas. US companies operate under slightly different rules. They owe US taxes on worldwide income, and get credits for foreign taxes paid, just like individuals. However, the money isn't counted as income until it is brought into the US. So long as they leave it overseas, it isn't taxed by the US.

In this case the IRS is saying Amazon is padding their US expenses by having the US company sell services/IP to a non-US subsidiary, to allow them to effectively move profit from the US (where it would be taxed immediately) to outside the US (where it won't be taxed in the US) They can leave it overseas like many US multinationals do, until their corporate lobbyists have successfully bribed Congress to lower the corporate tax rate.

As for you having to sign those forms, sorry about that. We'll tell your government stuff like that is to help prevent terrorism to get them to go along with it, but it is really just because we're bullies and we can't help ourselves.

eBay dumps users into insecure authentication mechanism

DougS Silver badge

Wish there was a way to use a standard 2FA app

You install your 2FA app, and if you want to 2FA with a new service they give you something you can install into it to provide the 'seed' then when you want to login to e.g. eBay you pull up the 2FA app, click on the icon for eBay, and it spits out the code for you to input on the web site. If you are logging in to eBay on your phone it could put the code in your clipboard automatically so you can simply paste it in.

The company I'm consulting for now has several possible methods to access their VPN. One, using a smart card built into your laptop or USB attached where the card is your username and your PIN is your password. Two, using a smart card on an external PIN based reader you have to carry with you with the same PIN is your password and you enter your login, and they recently added number three, texting you a SMS code and entering that along with your login and password.

Guess they didn't listen to NIST, and because it is more convenient than pulling out the external PIN based reader they gave me, I'm using the SMS option myself. If they had an app I could use that, but if it is their own app I probably can't install it on my iPhone without making it part of their MDM which I would not want and they probably wouldn't do. If there was a standard app they could provide a little blob to me to install in it, that would be the preferred option.

Good news, everyone! Two pints a day keep heart problems at bay

DougS Silver badge

Apparently quitting drinking is the worst thing you can do

Taking all those results together, the "former drinker" has the highest risk of all - even higher than heavy drinker!

So apparently the lesson is:

1) if you don't drink, you should start drinking

2) if you already drink, keep drinking

3) if you quit drinking, start drinking again

Error prone, insecure, inevitable: Say hello to today's facial recog tech

DougS Silver badge

Re: What?

So the past 50 years of making the DMV the most miserable place on Earth was a deliberate strategy, to prepare for the coming of putting DL photos in a facial recognition database? I guess I need to rethink my opinion of the intelligence of DMV employees, they were obviously way ahead of the rest of us!

DougS Silver badge

Re: What?

If your state tells you you can't smile for your driver's license photo, that's because it is going in a facial recognition database.

NASA to fire 1Gbps laser 'Wi-Fi' ... into spaaaaace

DougS Silver badge

Re: To Netflix...

Or google something you heard? Or facebook someone to setup a dinner date? Or text someone?

DougS Silver badge

They'll only need two

If they have two of these satellites on opposite sides of the globe one will always be within reach of ISS. That probably makes more sense than having ISS go directly to Earth through the atmosphere.

And even with one, good bandwidth 50% of the time is still an improvement.

As ad boycott picks up pace, Google knows it doesn't have to worry

DougS Silver badge

They've taken the 'no' out of 'do no evil'

The terrorist funding laws beg to differ. If there was a case to be made, Google would be the ones getting prosecuted, not their advertising clients. It is the difference between trying to prosecute me sending $100 to a "Feed the starving orphans of Syria" charity has money ending up with ISIS without my knowledge, and trying to prosecute the charity when they have already been told some of their money sent to X ends up with ISIS and continuing to send money to X.

The most damning evidence against them is the fact that when they stopped UK brands from advertising on known terrorist content they left the US brand ads in place! That shows exactly what their feelings are in the matter: we don't care about terrorists putting content on our site if we can make money from it, and we won't take your ads off such content unless forced to.

Google has gone full circle from "do no evil" to sort of in between to actively and knowingly providing substantial financial support for evil so long as it lines their own greedy pockets!

'Clearance sale' shows Apple's iPad is over. It's done

DougS Silver badge

They are changing their idea of what a tablet is

The iPad Pro is their target demo now. The trend for larger phones has greatly reduced the potential market for tablets, but they need to keep a cheaper option around for the education market. They can use last year's SoC and limit other premium features to the Pro line, and the non-Pro line becomes the entry level (the equivalent of the iPhone SE for tablets) to capture more "price conscious" (in quotes because Android tablets are still far cheaper) Apple customers like education and those from less affluent countries.

It's happening! It's happening! W3C erects DRM as web standard

DougS Silver badge

Re: chris121254 - "improve online privacy"

Where is this huge pushback against DRM? Certainly not from the general public, who doesn't even know where they have DRM embedded in every TV sold for the past 15 years. Some might be vaguely conscious of the DRM in their DVDs.

If you want to fight against DRM, why don't you start by refusing to buy or own any TVs, since every TV sold with an HDMI port (other than maybe the first few years) supports DRM in the form of HDCP. And in the US at least, almost all cable/satellite operators enforce it on at least some channels, and many enforce it on all HD channels. And the world still turns.

DougS Silver badge

Re: @DougS - Inclusion in free software

Never know it? I guess you must be imagining some sort of binary that goes around reading all your files and sending them off over the network. Gee, how could I possibly detect something like that happening on an open source operating system? Pull the other one.

You won't have to remove it, you'll have to take some sort of positive action to install it, just like Linux never shipped with Flash pre-installed, you'll have to install this yourself manually. Don't want, don't install it.

DougS Silver badge

Inclusion in free software

So it means you'll have a binary blob you'll have to separately install to enable EME on Linux, right? That's not RMS free, but it is free enough for most.

Gift cards or the iPhone gets it: Hackers threaten Apple with millions of remote wipes

DougS Silver badge

Re: The Dr. Evil picture is appropriate

It sounds like they are threatening a remote wipe, where you can remotely wipe your phone (i.e. if it is stolen) if you had previously set up "Find my iPhone" on your phone. Or someone else could, if they have your Apple ID / password.

You could of course resync from iCloud or from an iTunes backup, but that would still be pretty inconvenient!

Remote wipe is probably something it would be good to use two factor authentication with, but since for most people the second factor will be their phone...

DougS Silver badge

The Dr. Evil picture is appropriate

$100,000 is ridiculously cheap if they actually had a half billion accounts they could wipe! If they really had that many, asking for a mere penny each would net $5 million! Of course even if they had that many they could never hope to trigger a remote wipe on more than a tiny fraction before Apple noticed and shut it down!

In fact, if Apple has been smart, they already have something automated that notices a jump in the number of remote wipes being triggered and calls a halt to any more happening until it can be investigated.

Microsoft delivers secure China-only cut of Windows 10

DougS Silver badge

Re: Perhaps...

My preference is to be spied upon by neither. Am I allowed to have that preference, or must I pick one? If I had to pick between being spied upon by Google/Facebook/Microsoft, or NSA/FBI/CIA/GCHQ/MI6 or China, I'd pick the latter.

China doesn't have any reason to care about what I do, so they'd file it away in a dark hole and ignore it. Google, Facebook and other companies that make all their money from collecting personal data to sell me to advertisers have the biggest and most annoying impact on my daily life.

While my government or its best buddy (well the UK was our best buddy until Trump decided it should be Russia instead) collecting data on me is and should be innocuous, it has by far the most severe potential impact on me as they control my freedom. Just because they can't take it away for "thought crimes" in today's US doesn't mean it can't happen in my lifetime. The fires of nationalism Trump is stoking have historically never been good for the freedom of a country's citizens.

King Battistelli's swish penthouse office the Euro Patent Office doesn't want you to see

DougS Silver badge

I'm starting to understand the Brexit vote

If EU governance is so dysfunctional they can't get rid of a guy like this after all this time, I wouldn't want to have anything to do with it either. At least us yanks voted for our "king", and we'll probably be rid of him before this fool is gone.

Google's stock rating downgraded as YouTube ad boycott contagion goes global

DougS Silver badge

"Possibly valid religious criticism"

I haven't seen the videos in question, but whatever. Maybe it is a video talking about the difficulties the Catholic church have had with kiddie fiddling priests, or something else that will cause really hard feelings in some segment of the population one way or the other. Not just depending on the subject itself, but the slant of the video. Why shouldn't a paying advertising customer be able to simply say "I don't want to be associated with anything remotely controversial".

If you want to pay to advertise your business on YouTube, you probably don't want to do it on a "Trump should be impeached" or "lock her up" political video, either. You don't want your brand associated with things that upset people. You want your ad on cat videos, or little kids doing funny little kid stuff, or TED talks, or ... you know, all the stuff YouTube used to be about before it went all commercial.

Now maybe if you are advertising "TrumpSingles" you would want to put it on a video about Trump, but unless their algorithm for determining the content of the video is flawless (it won't be) you would rather not take the chance that your business is advertised on a "Trump should be impeached" video as it 1) won't reach the intended target audience based on who is likely to watch that video and 2) if your intended target audience watches the video, they'll think you support that video's message and boycott your business. So either your advertising money is completely wasted, or is actually hurting your business. As Trump would say "bad (or sad)!"

FYI anyone who codes outside work: GitHub has a contract to stop bosses snatching it all

DougS Silver badge

What stops you from signing another contract first?

Let's say you are applying for a job at some company that you know will make you sign away everything you think of in your spare time to them. What if you had already signed a contract committing ownership of your IP to a third party (like say the Linux Foundation, if you wanted to work on Linux in your spare time)

That evil company contract can't override a existing contract you've already signed. Maybe they require that you attest that you don't have any such contracts, but if they sued you for misrepresentation they still couldn't get their hands on that juicy IP. So it seems unlikely they'd bother suing you unless they wanted to make an example out of you, and would have a hard time claiming much in the way of damages if they did. They'd just fire you - but your contributions to Linux (or whatever) would be safe.

Obviously this would be rather shady if you were taking a job as a Solaris kernel developer, but if you were working in a totally unrelated field, like say helping Pfizer develop cancer drugs, they could hardly claim you were costing the company deserved revenue by writing a new Linux filesystem in your spare time.

If companies try to make people sign unconscionable contracts, they should fight back by taking away the ability of the companies to enforce the unconscionable terms!

Fix crap Internet of Things security, booms Internet daddy Cerf

DougS Silver badge

Being "anti-gummint" is not the solution

Just like too many liberals think the solution to any problem is more regulation, too many conservatives think the solution to any problem is less regulation. Both sides have forgot the point of regulation - or more likely have no idea there is one. Regulation is required to correct market failures. Not to enforce ethics, or help people be "better" (like stupid bans on selling large sodas) The classic example is pollution - if a company makes products that have toxic waste as a byproduct, and they can just dump it into the river or let it escape their smoke stack for free, they impose a cost on society that they don't bear. That's where regulation is needed.

If companies are selling IoT devices that get hacked and they're used to attack internet commerce and cost the economy billions of dollars, the companies selling those insecure IoT devices are imposing a cost on society that they don't bear. I'm not sure exactly what sort of regulation could properly fix that, but if they don't clean it up themselves eventually government will be forced into action. Often they don't do all that well in hitting the right target with their action, so companies would be advised to address the issue before we reach that point!

Airplane bomb fears spark America's laptop, tablet carry-on ban

DougS Silver badge

No US airlines have direct flights to the US from those countries

That's why it was only foreign airlines that were targeted. It is about the airports more than the airlines. The UK apparently banned flights from some of the same airlines, including on BA.

This AI stuff is all talk! Bots invent their own language to natter away behind humans' backs

DougS Silver badge

Today's "AI" is brute force stupidity

A true AI wouldn't have a motivation, unless "being programmed to learn" counts as a motivation. A computer programmed to play Go or chess doesn't "devise its own strategies". It is programmed for a specific solution space where a potential solution can be measured against other potential solutions and scored according to an algorithm created by humans. It didn't learn what the rules and strategies of chess or Go were, it was programmed with them - "born with them" if you will. It was programmed with the ability to search massive solution spaces a billion times greater than a human could in a lifetime.

It plays like a human who just learned the rules would play, slowly examining possible moves one by one (if that dumb human had an expert player to whisper in his ear with each move he considered with a rating from 1-100 so he could decide to take the highest scoring move) Yes, it can "prune" unproductive paths, but knowing what paths to prune is programmed into it. A Go or chess playing computer isn't the least bit intelligent, it is simply dumb so much faster than we can be that if it has enough cycles its brute force stupidity can beat a human. Even an expert human who wouldn't have to search the entire solution space six moves deep to see a way to force checkmate in six moves, but might only consider 5-10 moves before seeing it.

DougS Silver badge

If getting to artificial sentience was equated to traveling from Piccadilly Circus to the Eiffel Tower, we haven't even crossed the Thames yet.

If artificial intelligence is defined only as solving problems, the ABC-1 computer of 1939 or even the first abacus could be seen as "artificial intelligence". I prefer a definition that requires ability to learn about new fields and solve completely different types of problems that they haven't been programmed for. Solving problems is far too weak of a definition. Is a washing machine artificially intelligent? It does solve the problem that I don't want to scrub my clothes against rocks by a stream for half a day each week...

In my mind, a computer that plays chess or Go is not AI, even if it can beat the best humans. If you could take a computer programmed to play Go and it could learn to play heads up no limit poker simply by watching others play it and asking questions that would be AI - wouldn't have to be the best in the world, but it should figure out for itself the concept of seeing what cards are on the table, what cards it holds, and what the odds are of bettering its hand versus the bet require to stay in. Bonus points if it can learn to bluff on its own, by seeing others do it or better yet figure out for itself that would be a way to win more often.

Samsung's Bixby totally isn't a Siri ripoff because look – it'll go in phones, TVs, fridges, air con...

DougS Silver badge

Apple accounts for almost all of the remainder. You think Windows Phone and Blackberry are anything more than a rounding error at this point?

Those Android stats are worldwide, in wealthier countries Apple has a much higher share - nearly half in the US, for instance. They also get features on every phone they sell, whereas Google won't get their assistant on the large majority of the Chinese models, that have googley bits stripped out. If Google's assistant ships on the S8 I'm sure Samsung will do their best to hide it and give Bixby top billing, which would further hurt its share. Android may have 80%+ of share of the market, but Google's assistant will never sniff anywhere close to 50%.

Biting the hand that feeds IT © 1998–2019