* Posts by DougS

12863 posts • joined 12 Feb 2011

New prison law will let UK mobile networks deploy IMSI catchers

DougS Silver badge

Re: how about..

Putting a fine mesh around the cells is all well and good, but what about when the cell door is open? Unless they keep it shut all the time the prisoner is inside, the signal will have a way out. They also might be able to get creative in finding a way to get a signal out, by snaking an antenna down the toilet into the plumbing vent. Or cutting a small hole in the wall through the mesh and covering it with a picture of Rita Hayworth.

Plus what about prisoners using phones in the laundry, shower, exercise yard, etc.? Are you going to put a fine mesh screen over those areas, including the yard? I guess that would stop the problem of tossing drugs over the wall or dropping them in via drone...

Git fscked by SHA-1 collision? Not so fast, says Linus Torvalds

DougS Silver badge

Re: Am I missing something here?

Actually less than a 50% chance, since parity only successfully detects an odd number of bit errors, and gives false negatives for 2, 4, 6 or 8 bit errors.

DougS Silver badge

Re: Am I missing something here?

Yes, that's exactly what he's saying. Git is using SHA1 signatures the same way RS232 used parity, to detect corruption. SHA1 is just far far better at doing that than parity. The fact that it is possible to deliberately engineer a SHA1 hash collision is irrelevant to its ability to be used to detect unintentional file corruption.

If git was trying to use cryptographic techniques to prove a file is authored by Linus versus me, it wouldn't help it was hashed with SHA256 instead of SHA1. It would have to be signed by Linus' private key, and your copy of git would have to have securely received Linus' public key to verify that the repository you downloaded was signed by him, and not by signed by me trying to give you Linux code with a backdoor built in.

Since the hash is generated on the machine of the person running git, if it was changed to use SHA256, you still couldn't tell the difference between a repository created by Linus and one created by me. Both our copies of git would create correct SHA256 hashes, and your copy of git would validate them both.

Alcatel wants to be Android, but different – and another crack at the Windows market

DougS Silver badge

Re: "... Android vendors struggling to differentiate their brands..."

If they don't differentiate then they have to compete solely on price, and there's no profit to be made then. Of course, aside from Samsung none of them are making any profit now, but they keep hoping if they can hit the right goofy feature like modularity or LED lights on the back that they'll be the next Samsung. The problem is that Samsung got there by outspending everyone else (including Apple) by billions of dollars per year in advertising. Companies like HTC and Alcatel can't afford that sort of investment, so they are hoping to create "organic" buzz / word of mouth, I guess.

DougS Silver badge

You guys are not listing what average people want

The typical phone buyer could care less about getting the latest version of Android (they don't even know what that would be) nor do they care about updates. Maybe they will when we eventually see a major malware problem that gets into the public consciousness the way Windows malware like I.Love.You and Code Red did, but that hasn't happened yet.

They generally don't care about a removable battery either. Probably waterproof is the only thing I saw listed that the majority of people care about, i.e. those who have killed a previous phone with water.

It is hilarious to read all the people on tech sites complaining about wanting vanilla Android, latest version, quick updates and so on, or ruling out a phone because it is on last year's leading edge SoC instead of this year's. Do you guys not realize that techies are a niche market? OEMs want to make a phone that will appeal to the broad base, not a niche. If they threw in every feature some niche contingent wants, then it'll cost a lot to make and you'll say "but but but...the one plus has almost the same feature set for half the price".

LG, Huawei unwrap 'Samsung Galaxy-killers'

DougS Silver badge

Re: "Wonder why nobody's tried it before"

Simultaneous chess.

The killer app for the G6? That might be the only thing that excites potential buyers less than the "friends" modular concept they tried with the G5!

DougS Silver badge

Re: "Wonder why nobody's tried it before"

Probably to preserve the same width, since removing the bezel frees more space on the top and the bottom than on the sides, you keep the same form factor going to 18:9 versus going wider or shorter to stay 16:9.

I actually don't think its a terrible idea, but I think you'd want to use that extra space better. If they had really put the screen all the way to the top edge, they could have moved that front camera to the other side of the speaker and put screen all around it. Use it for an always visible (except when held in landscape) status area, like that iPhone 8 concept photo that recently circulated. You don't need the whole top row from end to end for status, just 1/3 on the right and 1/3 on the left, with the 1/3 in the middle taken up by hardware. I thought that was a pretty cool way to do edge to edge while nodding to the necessity of having bits on the top of the phone.

On the bottom, since it is Android, they could have had always visible (again, unless you are in landscape mode) navigation buttons, except they could be programmable so you could add additional functions like one that snaps a picture instantly regardless of whatever you are doing at the time. That would be more of a unique feature to build buzz than saying "two completely square screens side to side in landscape mode". I've yet to ever hear of ANYONE who wants that, or bemoans the fact that splitting a 16:9 screen leaves rectangles instead of squares! How dumb!!

Google trumpets cloudy Skylake silicon nobody else is running

DougS Silver badge

"Silicon exclusivity"

More like the fact that Xeons undergo far more stringent testing that desktop/mobile CPUs, and Google probably said "hey, we have a lot of redundancy and error detection we do so we're willing to take the risk with CPUs that aren't fully validated in order to get a bit more oomph" and Intel thought that would be fine, since they'd rather get someone to PAY them to do testing that they would otherwise have to budget power/space/cooling for themselves.

Win/win for both, and not something that enterprise customers should have a problem with, because they wouldn't want early access to a not-fully-tested Xeon.

BlackBerry's comeback: El Reg gets its claws on the QWERTY KEYone

DougS Silver badge

Re: Photo's seem at odds with the observations

Not just you, I thought the same thing. Either the lighting was terrible or it looks like something that should be in the $100 bargain bin.

Pai, Pai, Mr American spy: FCC supremo rips up privacy protections for broadband punters

DougS Silver badge

Re: https

Thanks for the correction on HTTPS, I didn't realize the SSL setup came before the GET.

Not sure if DNSSEC will help, because the ISP will be providing most people's DNS service. Hopefully DNSSEC doesn't make caching go away...

DougS Silver badge

Re: https

No they see the actual HTTPS connection to the server, not just the DNS lookup, and usually they see the actual page.

Just look in your address bar when you are visiting a site with HTTPS. Sometimes you see a garbled URL, but for instance at El Reg you are browsing HTTPS but the URL of the articles you are reading is clearly visible, so they can learn something about you based on which articles you've chosen to click on, and which you haven't.

They won't see the actual page content, but if the pages are titled like Reg articles everything you need to know about the subject of the article is included. They won't see what I'm posting, but whether I post with my real name or a fake one they could connect the times I posted (because my HTTPS 'POST' has "post" and "reply" in the URL!) to when comments by 'DougS' or 'amanfrommars1' appear in comment sections, which a crawler could then read. I don't think they actually have the ability to do all that yet, but the possibility certainly exists.

Now multiply that by the millions of forums people post to, talking politics, asking questions about sensitive medical or financial issues, and you can see how much data the ISP could potentially get, if they had smart enough software.

DougS Silver badge

He's right in one respect

There does need to be a "comprehensive and uniform framework to protect Americans' online privacy", and congress should pass it. But good luck getting a pro-business republican congress to pass consumer friendly legislation. Even the democrats didn't do much on that when they were in power, since they are just as sold out to corporate lobbyists even though they give lip service to protecting consumers from big business.

Wheeler was right that ISPs are in a unique position since they see ALL your traffic, i.e. what sites you visit, what products you look up on Amazon, and so forth, but Google sees even more since they not only see most people's online traffic thanks to Chrome, they also get access to many people's email, phones, and real-time location information.

Europe is decades ahead of the US in consumer protection, and I don't see that changing unless the democratic party has a "tea party" like revolution to change the soul of the party like the republicans are undergoing. There are signs of that from the anti-Trump movement, just like the Tea Party was born from an anti-Obama / Obamacare movement. We'll have to wait and see if that translates into more Russ Feingold type legislators and fewer Nancy Pelosi types.

Tosh doubles 64-layer 3D flash chip capacity with a bit of TLC

DougS Silver badge

Re: SSD benefits

I think we already passed the point where SSDs make more sense than hard drives in laptops about five years ago, personally.

The question wasn't whether replacing the single hard drive in a PC or laptop makes sense, but whether ALL hard drives would go away just because of the speed advantage. All those hard drives at Facebook, Amazon and Apple storing cold data won't be replaced by SSDs until they are cheaper per bit, because no one cares if it takes a few seconds spinup delay to open that photo from 2007 that no one has looked at in eight years.

DougS Silver badge

SSD benefits

Sure, they are faster (especially for random access) but that only matters where performance is a criteria. If it is storing less used data, or for backups, you generally don't care much about performance and thus won't pay to increase it. There is a ton of storage sold for these purposes, increasing every year.

Power consumption matters, but the few watts required to keep rust spinning doesn't pay for much (about $20 total over a five year lifetime at 10 cents / kwh) and if you can let them spin down even that advantage is lost.

Reliability is a wash, both typically die due to controller failure which is equally likely between the two.

So no, hard drives won't die until SSDs can match them on price per bit, period.

NSA snoops told: Get your checkbooks and pens ready for a cyber-weapon shopping spree

DougS Silver badge

$1.5 million for remote iOS exploit

I remember when news of that came out I posted here, wondering who is actually going to pay that much since you'd have to be able to make a lot of money off it and news of any successful monetization of exploits on Android, let alone iOS, has been non-existent. The exploits we've seen so far - mostly in China - do stupid stuff like sending premium rate texts or downloading apps, hardly a route to a quick repayment of $1.5 million plus profit.

If the US government is a customer, however, that explains it. Unlimited budget means they can price it arbitrarily high. The more secure Apple makes iOS, the more difficult such exploits will be to find, the higher bounty Zerodium would be willing to pay - knowing the US government would fork over because they gotta have something to spy on foreign leaders phones and elements the administration deems subversive, like NYT journalists.

Finally proof that Apple copies Samsung: iPhone 7 Plus halts, catches fire like a Galaxy Note 7

DougS Silver badge

Re: Apple Parts, Samsung Parts...

Obviously it isn't the same, because if iPhone 7s were catching fire at the same rate as Note 7s, there would be thousands of incidents now and Apple would have been forced to do a full recall for the same reason Samsung did.

There will always be a small percentage of devices using lithium batteries that go up, whether they are phones, laptops or whatever. iPhones have always caught fire in small numbers, just as previous model Notes and Galaxys did. The GS8 will undoubtedly have a few catching fire no matter how carefully Samsung checks (and they will be plastered all over the press because of the Note 7 attention, unfortunately for Samsung)

What happened with the Note 7 was different than those, because of the vastly higher rate of problems it had.

DougS Silver badge

Re: Statistically speaking

The Note 7 quickly reached triple digit number of burning phones within weeks of release, when only a couple million had shipped. Apple sold 78 million iPhones in Q4, and are probably over 100 million now, at least half of which will be 7s.

Not sure where you get the idea "all the evidence" is that the iPhone 7 is randomly blowing up without any prompting. It isn't as if there are even a double digit number of cases, and you don't know what people might have done to their phone that could have caused problems. Devices with lithium batteries have always randomly blown up in small numbers, whether they are in phones, laptops, or other devices. If Boeing has had battery packs that caught fire when they can easily afford to pay far more for better QC it is obviously something we just have to live with until those new lithium battery formulations make it out of research and to the market.

Also, your diagnosis of the Note 7's problem disagrees with Samsung's conclusion. I think I'll believe them rather than a random AC. Pretty sure if they could solve the problem by sending people a couple free chargers and telling them to only use official Samsung chargers they would have done that instead of two full recalls!

DougS Silver badge

Mechanical damage

I would think it would more likely have this due to mechanical stress from being sat on or dropped than simply water. Mechanical stress is the reason why hoverboards caught fire in such numbers - you're standing on it on after all! If we all stood on our phones for 10 minutes a day, they'd burn up way more often than they do... Exposure to water happens all the time with phones, I find it hard to believe that could cause it to burn up, unless there was already some sort of mechanical damage or manufacturing defect first.

Amazon goes to court to stop US murder cops turning Echoes into Big Brother house spies

DougS Silver badge

This makes no sense

The only reason I can think of for Amazon to refuse this is if they actually record AND STORE everything it hears 24x7, and save it indefinitely. If they're really doing that, I can see why they wouldn't make to make that known by producing this evidence.

If they are doing what you would think is reasonable, and tossing anything it hears that isn't intended for it, then Amazon could say "sorry coppers, we aren't selling an always-on spy device so we don't have the data you're requesting!"

It is one thing to SUSPECT that companies like Amazon and Google are saving everything a device like this hears forever, quite another to have it essentially CONFIRMED! Hopefully this case will get lawmakers in a tizzy on both sides - the ones who want unlimited police powers will want laws that force Amazon to comply, those who don't will try to instead fix the problem by requiring companies that make devices that act as a 24x7 bug note it prominently on the packaging!

Maybe this would be a place for cooperation - make a law that says if you sell an always-on recording device that you must give up the data if presented with a legal search warrant, AND you must prominently label the device with a notice that it saves everything it hears. Let's see how the Amazon/Google business model for these assistants holds up with that labeling forced on them!

KCL external review blames whole IT team for mega-outage, leaves managers unshamed

DougS Silver badge

Re: Erm, no...

Which private companies publically name responsible people for screwups in a press release? Even when I've seen people fired for big screwups, it isn't acknowledged internally that was the reason - even when everyone knows it was. Even if they didn't have to worry about getting sued (which we all know is the reason they tend to be tight lipped about the reasons for firing people) they wouldn't be putting out a press release about it.

So why should "public sector" employers be named publicly? Whether they are fired, demoted or given a raise as a result of their screwup certainly doesn't need to be made public.

Linux kernel gets patch for 11-year-old local-root-hole security bug

DougS Silver badge

Does this require IPv6?

That would reduce the vulnerable population quite significantly, since most machines don't have IPv6 routed to them even if it is left enabled.

LTE-U R gd 2 go: FCC gives unlicensed spectrum its coat, pushes it out the door

DougS Silver badge

Can any phones even use this?

Sure, they have 5.8 GHz antennas for wifi, but are they able to use that to connect to a cellular network via LTE? I don't understand why US Cellular is in such a rush? Maybe they plan to use it for hotspots only?

US judge halts mass fingerprint harvesting by cops to unlock iPhones

DougS Silver badge

Re: Available now: Fake-i-Finger [C]

So is Samsung giving the sFinger to people who pay the same price for a Note?

DougS Silver badge

Re: Give them the middle finger

This would be a good reason to use some odd finger, like your left ring finger, to unlock your phone. They might want you to present your thumbs and index fingers, but it would be unlikely they'd make everyone try all ten fingers.

Though if you are thinking about it down to this level it would seem to be much easier to just use a password. The problem is that unless you want to type in your password every time you pick up your phone (i.e. no grace period if you just put it down 30 seconds ago) you're going to be typing it all the damn time.

I keep saying Apple should provide something that works like the old unlock did - have a user settable timeout after which a password is required. But instead of leaving it unlocked if it has been locked for less than the timeout, simply require Touch ID due to the timeout. That timeout currently defaults to 48 hours, with no way to change it.

IMHO if you are a criminal and the police are about to arrest you, hold down the home and sleep/wake button simultaneously for a few seconds and it'll force reset the phone. When it comes back up it will require a passcode. The trick will be not having the cops think you are going for a gun and shooting you, of course...

Get this: Tech industry thinks journos are too mean. TOO MEAN?!

DougS Silver badge

Guess they have something in common with Trump after all

Neither of them understand an adversarial press is a necessary part of a free society. If a tech company wants exclusively good things said about them, well that's what advertising is for!

I guess they wish the press was there to provide free advertising so they wouldn't have to spend money on it.

Pack your bags! NASA spots SEVEN nearby Earth-sized alien worlds

DougS Silver badge

44 million years for a jet to get there

If a US airline was operating that flight they'd still only serve a snack.

UPS & drones: Delivery company launches UAV from truck

DougS Silver badge

Stealing the drone?

What stops them is that the drone "phones home" as it goes about its business, and probably has some sort of camera for liability reasons, so it'll be easy to prove you stole it. One capable of lifting 10 lbs and flying 30 minutes costs well over $1000, so stealing it would be a felony.

To answer your question in another way: the same thing that stops you from stealing the UPS van left running with the keys in it while the driver is at someone's door.

DougS Silver badge

Re: Coming to a neighbourhood near you soon...

They'd have to have some sort of radar or night vision, because in parts of the northern US it gets dark by 5pm, and UPS delivers well past that time during the holidays.

DougS Silver badge

They don't need to wait for someone to answer the door

They will use this for packages that don't require a signature. The drivers will typically put down the package, knock / ring the bell, and leave without waiting for anyone to answer. It is just a "courtesy knock" in case you are home so the package doesn't sit out there. The drone can quickly land, release the bottom of the cage, and fly off leaving the package behind, it won't need help. It won't knock, but they aren't exactly quiet so I think you'd hear it if you are home, and if not I suppose it could text you.

With the drone you'd have some potential options to reduce the chances of a stolen package, i.e. just like you can specify preferred delivery locations now (i.e. side door) you could specify having it leave the package on your deck in back where thieves driving around looking for packages to steal won't see them (unless they see the drone leave it there, but still would be more likely to steal an easier target)

The other objections to drone deliveries still apply, but needing someone to be home isn't one of those.

Booming Android ad revenue shows it’s no longer the poor cousin

DougS Silver badge

This seems to be including mobile web ad revenue

All those comparisons that showed iOS ahead of Android were comparing only app related revenue - i.e. what you pay the app store / play store for apps, plus the ad revenue coming directly from those apps. That's what influences developers, they could care less which platform is more lucrative for ads coming over the web.

It is hardly surprising that Android results in more web ad revenue than iOS, since there are five or six Android phones sold for each iPhone, so there's a lot more browsing coming from Android. Mobile web has been getting a larger and larger share of the overall online advertising budget, since people are less likely to use ad blockers on mobile and they are less effective. I guess that money is now enough to cancel out iOS' advantage in app revenue.

Apple to Europe: It's our job to design Ireland's tax system, not yours

DougS Silver badge

Why Apple doesn't really care that much

Let's illustrate the point with some made up numbers. Let's say Apple does business in three countries, the US, Ireland and country X. They make $3000 in the US, $2000 in (or funneled through) Ireland and $1000 in country X. They pay 40% in the US, 1% in Ireland and 20% in country X.

Their tax bill for last year would then be $3000 * 40% + $2000 * 1% + $1000 * 20% = $1420. They'd carry a future tax liability of $2000 * (40% - 1%) + $1000 * (40% - 20%) = $980 on their books for when they bring that income from Ireland and country X back into the US.

If the EU made Apple pay 10% instead of 1% to Ireland, they would pay an extra $180, for a total of $1600. However, their future tax liability would DROP by that exact same $180! In the long run their tax liability would be the same.

There's one catch - they could be collecting interest on that $180 while it sits overseas. In fact they do, they invest those huge overseas cash holdings. They're in super conservative investments though, and Apple earns an average of about 1% on that cash. Which in this example would be $1.80/yr.

Of course, the EU isn't trying to make Apple pay an extra $180, but an extra $13 billion, upon which they currently earn around $130 million a year. Most of us would go to court to hold onto $130 million per year in income, even Bill Gates. If they lose, they're only out the cost of their lawyers, and they probably have most of those guys sitting around or on retainer anyway. Wouldn't you rather have them fighting the EU than sue Samsung again? Especially if you voted for Brexit, and hate the EU anyway :)

DougS Silver badge


Sounds like you want the EU to change their laws, which make it easy for companies to move profits from high tax to low tax EU countries. Apple is far from alone in doing this, even companies based in the EU do it.

BS Detection 101 becomes actual University subject

DougS Silver badge


I wonder if it will still be possible to bullshit your way through the essay questions on the final, or if you will have to actually provide good answers? Would be a tough course if the latter!

The stunted physical SAN market – Dell man gives Wikibon forecasts his blessing

DougS Silver badge

A hyperconverged box still has a SAN

Just because it is contained within a rack or row instead of having tentacles across the whole data center doesn't mean it isn't a SAN. It is more a matter for storage admins as demand for them dims, but arrays, SAN switches and HBAs will still be in demand because those are still used in this Brave New World.

Ditching your call centre for an app? Be careful not to get SAP-slapped

DougS Silver badge

The open source model doesn't work for stuff like this

The audience for software that does what SAP does is too small, and the scope of what it does too large for it to be a viable open source project.

Who is going to invest the hundreds of millions it would require to get to the point where you can sign up your first customers, just so you can undercut SAP's pricing and hope they don't figure out a way to respond with some targeted discounts that kill your chances of stealing their customers?

Beeps, roots and leaves: Car-controlling Android apps create theft risk

DougS Silver badge

Insecurity squared!

On the one hand, you have Android, which is a security hole masquerading as an operating system for the 90% or so of Android users who see one or two (if that) updates and then get abandoned by the OEM. On the other hand you have automakers, who know as much about writing secure software as they do about 17th century Russian history. Combine the two and they might as well just add a "hack me now" button that posts all the relevant info about your car to the dark web to save hackers five minutes.

In colossal shock, Uber alleged to be wretched hive of sexism, craven managerial ass-covering

DougS Silver badge

Rank and yank

Well, 5% of any company's employees are in that company's bottom 5%...

The problem is in assuming they are equally distributed amongst managers, and that the company's worst employees not contributing anything useful. The former is obviously false, the latter is 100% true based on my having consulted with/for HP on several occasions and finding a lot of deadwood they could easily be rid of. Unfortunately when you do cost-cutting layoffs you typically lose more of the good employees who can easily find another job, so the more of those untargeted layoffs you do the greater the percentage of deadwood. That was easy to see in HP from 1999 to 2012 (when I last worked with them)

I always said based on my experience you don't have an 80/20 rule in IT. You have more of a 10/80/10 rule. 10% of the employees do 80% of the work, 80% of the employees do 40% of the work, and 10% of the employees do -20% of the work. It is the ones who make more work for others you want to be rid of. Whether rank and yank is the best way, I don't know, but I do believe that you must have some method for getting rid of those people.

The trick is identifying them - as an outsider, I could do it, but as an insider it would be a lot harder due to friendships protecting the worthless, and bad managers trying to take advantage of that system to get rid of good performers who they dislike, are threatened by, or because they have to get rid of someone and don't want to get rid of their fishing buddy who constantly breaks stuff.

DougS Silver badge

Just look at Uber's CEO

With "leadership" like that, of course it will be totally dysfunctional.

SpaceX blasts back into the rocket trucking business

DougS Silver badge

Re: Launches already are routine and garner no mention in the press

No one goes running outside to see an airplane, but they still show up at airshows to see rare planes or stunts. People will still show up to watch rocket launches in person, but they won't be news.

DougS Silver badge

Launches already are routine and garner no mention in the press

There are rockets launching every month from Kourou, wherever the Russian launches go from and other places. They never get press unless they blow up, and sometimes not even then. The only reason Musk is is because they're landing the rockets, which is new for now.

Once they have the bugs worked out of the software, landing the rockets is a solved problem and landing the rockets won't garner a mention on the news any longer as they'll be just like any other launch as far as the public is concerned.

Google bellows bug news after Microsoft sails past fix deadline

DougS Silver badge

With a monthly patch cycle

It was reported on Nov. 16, after November's patch Tuesday. I don't know what their internal testing cycles look like, but assuming they have an internal patch Tuesday "dogfood" cycle a month ahead of public release, it would have to be found/fixed VERY quickly to make the patch set being tested in December and released in January. If there's any complexity at all, it falls to testing in January and release in February. If testing uncovers problems, then it slips beyond the 90 day window.

Not that I like to defend Microsoft, but I think 90 days is pretty short for making a bug public. Of course Google doesn't care, Android's patching system is so broken it doesn't make any difference if someone finding an Android bug released details the same day or waited a year, most of their userbase won't ever see a patch, and even among those who do a minority actually apply them.

FAKE BREWS: America rocked by 'craft beer' scandal allegations

DougS Silver badge

There's no grounds to sue

There is no legal standard of what constitutes "craft beer" in the US. Anheuser Busch could call Bud Light a craft beer, and nothing would stop them (except the laughter)

Apple nabs smartphone top spot from Samsung, but for how long?

DougS Silver badge

Re: Profits beat market share

Sorry, but you're 100% wrong. Apple publishes the figures with their quarterly report every three months, so if you bothered to look it up and see how much more they make selling phones than they do from selling services you wouldn't look foolish. In fact they make more PROFIT from selling phones than they make REVENUE from services!

Apple's services revenue is growing, but it won't ever grow enough to outpace their profits from selling phones, unless their phones sales take a massive dive.

DougS Silver badge

Re: Profits beat market share

Depends on where you make your money. Obviously Apple wants to be in the position they are, and Google wants Android to be in the position it is. All the Android OEMs are the ones who are caught in the middle, competing with each other to the point they all lose money except Samsung, but not getting any of the after sales revenue that Google does.

DougS Silver badge

Not true. Most of the Android phones sold in China don't have any of the Googly bits, just the open source stuff. If you are worried that the open source parts of Android are US, then maybe we should all be worried that Finland is taking over the software world thanks to Linus Torvalds :)

DougS Silver badge

Re: Never is a long time

Apple outsold Samsung two years ago, with the iPhone 6 launch. Possibly they might be able to do it again this fall with the iPhone 8, but there are a lot of variables (will they be production limited, will Samsung continue to lose low end share in China & India) In the end beating Samsung by a bit for just one quarter makes nice headlines, but it is meaningless. Samsung easily outsells Apple for the full year.

As for the idea that a more expensive iPhone won't sell, don't be ridiculous. First of all, if there's a new "Pro" grade above Plus, it will be $100 more if Apple follows their typical pattern. Add $200 for the top end storage and it'll be over $1000, but only $100 more than a high end Plus. Apple sold millions of 6, 6s and 7 Pluses at the top memory config for $949, so I doubt an extra $100 will put people off (unless you believe the $1000 barrier is psychologically important) assuming the Pro is enough of a step up.

DougS Silver badge

That's been obvious for a few years now. Microsoft did a 'start over' in mobile that orphaned old devices one too many times, plus pissed off their partners by buying Nokia and making their own devices (sort of like Google is doing with Pixel, but it is easier to get away with once you already have 80% of the market instead of only 2%)

Inside Confide, the chat app 'secretly used by Trump aides': OpenPGP, OpenSSL, and more

DougS Silver badge

Re: Some flaws for sure

Most modern filesystems on flash use TRIM, which erases the blocks as they're deleted, instead of allowing the FTL to manage it and erase them on an as needed basis.

DougS Silver badge

Re: Some flaws for sure

Why do you think that if the messages hit flash they can be read? When you erase flash the contents are gone, you can't recover it.

I think the possibility of exploits against Confide's servers is a much bigger problem. Maybe Russia doesn't need to bother since they already own Trump, but China would want to read it and they have access all kinds of 0-day exploits and ability to take advantage of weaknesses in how encryption is programmed, plus more than enough money to buy off a critical employee or two if they are somehow secure enough that they need the help.

Google claims ‘massive’ Stagefright Android bug had 'sod all effect'

DougS Silver badge

Depends on your motivation

Exploiting a random Android user is pretty pointless. What's the gain that you can't get other methods?

Exploiting a particular Android phone, like say an orange president who insists on using his personal phone for tweets and carries it with him everywhere, is a different story entirely. That's easily worth the investment to use one of these bugs to develop a silent exploit that lets you e.g. activate the microphone so you can listen in to conversations taking place near it.

Biting the hand that feeds IT © 1998–2019