* Posts by DougS

12863 posts • joined 12 Feb 2011

Adi Shamir visa snub: US govt slammed after the S in RSA blocked from his own RSA conf

DougS Silver badge

Re: Correction to popular myth about RSA

It is quite possible, indeed likely, that the NSA had independently invented it already and just hadn't told anyone.

Remember the example of the NSA suggesting fixes to IBM to strengthen DES back in the 70s, against attacks that weren't publicly discovered until the 90s. Back then at least, they were decades ahead of the public state of the art.

DougS Silver badge

Tangentially related - the delay in processing in this case is almost certainly the result of the government shutdown which was 100% Trump's fault. He even said so.

DougS Silver badge

So where would they move it to?

Surely not Australia, which would probably arrest the whole lot for insisting on math over laws. Not the UK, with all the Brexit uncertainty they have their own problems. Not Israel, the whole Middle East is out as too unstable. Not China or Russia, for obvious reasons. Maybe Germany or Japan?

How to make people sit up and use 2-factor auth: Show 'em a vid reusing a toothbrush to scrub a toilet – then compare it to password reuse

DougS Silver badge

Re: "Since your phone ALREADY has a way of identifying yourself built in"

Who says that using your phone has to be the ONLY alternative? It is a simple "something you have" that also offers an extra level of authentication which cannot be bypassed remotely, which makes it pretty damn secure. Dunno about Android, but biometric authentication on an iPhone is VERY secure, Apple has never had an exploit against the secure enclave.

That it is possible to fool Touch ID or Face ID is irrelevant - someone needs physical possession of my phone for that, and take the time/trouble to set things up to fool it, and that only gets the one of the two factors. They'd also need my login/password to my bank account, and hope they can use it before I can revoke that phone as a 2FA method. If they get all that I guess I deserve to have my money stolen.

I'd feel totally comfortable using my phone as the 2FA for my bank or brokerage account. Obviously you'd need some sort of backup 2FA method since phones can break or be lost/stolen, but that's the case with every physical 2FA.

DougS Silver badge

The real question

Is why would anyone consider Facebook something they need to protect via 2FA? Maybe if you are a celebrity or big business that has a page followed by many people where a compromise could damage your reputation, but an individual has no reason to care.

DougS Silver badge

Re: Wanting to use 2FA is one thing...

Furthermore, the phone is something you carry with you already. I have never been interested in 2FA that uses a special device because I don't want to have one more thing to carry around and potentially lose. If it is needed to login to something for work that's fine, because I have a bag for my laptop I can put it in and won't have the laptop without the bag.

And does anyone really expect to plug a USB device into their phone, when you take your phone with you everywhere? What are you going to do, carry it on a keychain, so you have a bunch of keys hanging out the bottom of your phone? Yeah right. That's the problem with a special device right there - it can't be universal for your computer(s) and phone/tablet.

Since your phone ALREADY has a way of identifying yourself built in, just use that. Fooling a fingerprint reader or face scanner requires physical presence, you can't unlock the secret remotely (at least not with an iPhone, or presumably any modern Android that has an equivalent of the secure enclave) and if someone can get physical possession of my phone they can get physical possession of my USB dongle...

You'll never guess who's giving Google a right shoeing lately. Talking about barring Chrome, Search as defaults... any other nations watching?

DougS Silver badge

Re: The best description of Googles Android yet:

All you have to do is look at where they make their money. Apple makes almost nothing from advertising, while Google makes almost all their money from advertising. Even if Apple wanted to collect bucketfuls of your personal information, they don't have any way to monetize it. So why bother, and risk compromise to their efforts to be seen as the more privacy focused alternative?

DougS Silver badge

Nope

A generic install of Windows will have Bing as the default in the stock Microsoft IE/Edge browser.

When you buy a PC from Dell or whoever, that default is changed if someone pays for it, and it is obvious who is going to be willing to pay for that.

Even if you get a PC that left the default alone, often the install of unrelated software like AV will alter your search defaults, add a "google search bar" or even install Chrome itself and "helpfully" change your default browser.

So sorry, no, for most people it isn't a conscious choice.

DougS Silver badge

Competition in search?

Yeah right, only a few of us technies use DDG, the majority use Google for everything and don't realize how much data they steal or that alternatives even exist. They have "competition" in search the same way Microsoft had "competition" in PC operating systems when they were fighting the FTC in the late 90s...

Hipster whines at tech mag for using his pic to imply hipsters look the same, discovers pic was of an entirely different hipster

DougS Silver badge

Why would anyone care whether others have beards?

I don't, never have and probably never will. But I don't give a damn whether other people have them or not, or what sort of shoes they wear, whether they have tattoos or not etc. I don't understand why anyone would care about the appearance of others.

We sent a Reg vulture to RSA to learn about the future of AI and security. And it's no use. It's bots all the way down

DougS Silver badge

The idea they'll assist police sounds pretty dystopian to me

Drones everywhere, so police can cite you for even minor crimes like jaywalking across a quiet residential street. And no doubt the "gun recognition" ability will tilted in favor of never having a false negative - which implies a lot of false positives and cops absolved from shooting innocent people because "the drone told me he had a gun!"

NSA may kill off mass phone spying program Snowden exposed, says Congressional staffer

DougS Silver badge

Just like the last program was closed down, because it had been replaced

They're now on Invasive Spying Program BT[*] 3.0

[*] Because Terrorists

FBI boss: Never mind Russia and social media, China ransacks US biz for blueprints, secrets at 'surprisingly' huge scale

DougS Silver badge

Re: Funny that..

You can't go by the source IP to determine where the threat actually originates, especially for state sponsored attacks.

DougS Silver badge

He may not think that end state is "sustainable"

But he has no choice. Even if the US passed draconian laws requiring key escrow, nothing stops terrorists from using software designed in other countries that aren't subject to those laws. If they made Google & Apple ban those apps, terrorists would sideload/jailbreak, or run Google free versions of Android that Google can't handicap.

The FBI is going to have to learn to deal with terrorists having unbreakable encryption, that's the reality and nothing is going to change it.

Smart home owner? Don't make your crib easy pickings for the smart home pwner

DougS Silver badge

Re: I'm safe

Can you explain your reasoning for those who aren't familiar with Rogers? Is there some reason why your wifi is completely unhackable when everyone else's is vulnerable to known exploits that aren't addressed until WPA3 is out, for instance?

Once they're inside your network, if you have a smart lock with a known exploit they can open it. Though some smart locks have had exploits that don't even require network access...

Official science: Massive asteroids are so difficult to destroy, Bruce Willis wouldn't stand a chance

DougS Silver badge

Re: I didn't think anyone serious still believed "blowing it up" was a viable plan

"Small" is relative. You aren't going to blow up a mile wide asteroid into chunks small enough to burn up in the atmosphere. Rather than one spot that is completely destroyed for 50 miles in all directions (or whatever) you'd have thousands of spots that are completely destroyed for a mile in all directions. Plenty of them would probably be of the right size/shape to explode in the air like that one in Russia, only much larger and more comparable to Tunguska than Chelyabinsk in result.

It isn't as though there is any method by which we can blow up a thousand ton boulder into gravel size chunks. You'd get dozens of multi ton boulders, and countless various smaller rocks. If you went nuts on the explosive force you might keep everything under a ton but you still won't get gravel. If we can't do it in the small scale, we sure as heck can't expect to do it in a larger scale. In space.

DougS Silver badge

I didn't think anyone serious still believed "blowing it up" was a viable plan

Even if you could blow it into a million pieces, you'd have a million meteorites striking the Earth and likely doing a lot more damage.

The only hope is to move it out of the way, via one of the various suggestions on how to accomplish that. Which means we need to find out about a "doomsday asteroid" years in advance, to give us time to send several simultaneous missions[*] to it.

[*] I'd feel more comfortable if we tried multiple plans such "paint one side of it", turn it into a rocket", "gravity assist" etc. all at once, though they'd obviously need to be carefully coordinated so they aren't working against each other.

Cheap as chips: There's no such thing as a free lunch any Moore

DougS Silver badge

Re: "If only it ran macOS!"

The rumors of an ARM based Mac are showing real evidence of being more than just rumors, so you may have to eat those words soon.

iOS and macOS have the same kernel, and a phone certainly does have devices connected to it via bluetooth (or Lightning) and the internal bus connects microphones, multiple cameras, speakers, a display, storage, two networks etc. That's more than most laptops these days... If you've ever seen a 'ps' on an iPhone, you'll know it has just as many processes running as a Mac.

That's a nice ski speaker you've got there. Shame if it got pwned

DougS Silver badge

Well cars won't hit you on the slopes, but ignoring the problem of getting hit by a car or fellow cyclist/skier/boarder I feel I'm much safer on a bike than I am on skis or a board. I'm sure if I had even 1/50th the hours on snow that I do on the road I'd be more competent, but given that a bike has a steering wheel and brakes, and you can only approximate such control on snow it seems ridiculous that anyone would feel less safe on a bike.

DougS Silver badge

I'm a very occasional skiier / boarder

And when I first learned no one was wearing helmets. I took a nasty fall when I lost control on some ice and hit a soft pocket of snow in a depression on that icy slope that halted my out of control momentum all too quickly and face planted on the ice. Got a nice concussion for my trouble - when my girlfriend caught up a minute later she asked me what day it was and I thought it was sometime in November...it was March! :)

When I learned to board about 10 years ago I wore a helmet, and when I've skiied since I wear one. You need the warmth anyway, and I know I'm nowhere near good enough (or ski / board under near enough control) that I should risk going without a helmet. Especially since that's not the only concussion I've had in my past, and given the news about CTE I don't want to push my luck...

Oh no Xi didn't?! China's hackers nick naval tech blueprints, diddle with foreign elections to boost trade – new claim

DougS Silver badge

Re: APT40?

They are numbered in order of discovery, this was the 40th advanced persistent threat documented.

Good news: Congress has solutions to end net neutrality brouhaha. Bad news: Two competing sets of solutions...

DougS Silver badge

If republicans were introducing three separate bills

There was already no chance.

Heard about an interesting net neutrality violation recently. Optimum cable is inserting ads in plain HTTP streams that traverse its network. Doesn't matter what nameserver you use, they are changing the HTTP itself! The ISPs may shoot themselves in the foot with some pretty egregious stuff and force all sides to realize that self-regulation isn't going to work.

USB4: Based on Thunderbolt 3. Two times the data rate, at 40Gbps. One fewer space. Zero confusing versions

DougS Silver badge

Re: What about power delivery?

They need to only support USB-C with USB4, make the alternate modes mandatory, and only two power modes, low (regular old USB) and max (the full 100 watts) so there are only two types of ports and two types of cables.

They won't, of course, they will make it an even more confusing mess than USB3(.x) because they hate us.

Correction: Last month, we called Zuckerberg a moron. We apologize. In fact, he and Facebook are a fscking disgrace

DougS Silver badge

Re: Wow

Sure, but this isn't limited to social media. Google has their hooks in the most popular browser, which is far worse than having their hooks in the most popular social media platform.

DougS Silver badge

Re: Wow

Where Facebook or Google are concerned, its ALWAYS worse than you thought.

It's not your imagination: Ticket scalper bots are flooding the internet according this 'ere study

DougS Silver badge

CAPTCHA is pointless

The scalpers can easily afford to hire people in a third world country to solve them for the script.

When the bits hit the FAN: US military accused of knackering Russian trolls, news org's IT gear amid midterm elections

DougS Silver badge

Ban connecting iPhones to their PCs?

As if there's no way they couldn't carry out exactly the same attack with Android. Or with a hardware hacked USB key they could secretly swap one of the employees when he's traveling? Or one of a dozen different methods.

YouTube's pedo problem is so bad, it just switched off comments on millions of vids of small kids to stem the tide of vileness

DougS Silver badge
WTF?

Re: Disabling comments, not ads

Is this the amanfromMars1 AI 2.0, grammar edition?

DougS Silver badge

Disabling comments, not ads

Shows what Google cares about here. They still want to monetize these videos, and pedos will still trade information on them - they'll just do it elsewhere, where Google can claim "out of sight, out of mind".

Customer: We fancy changing a 25-year-old installation. C'mon, it's just one extra valve... Only wafer thin...

DougS Silver badge

I hope they charged $1000/hr per person

For taking on this task, and on Christmas Eve no less.

Foldables herald the beginning of the end of the smartphone fetish

DougS Silver badge

Re: No, not really

They were the ones that made that the form factor everyone else followed though. If they hadn't done that, the LG Prada would have just been another of the hundred or so variations on form factors we saw, including weird stuff like ovals and triangles. I'm sure we would have got there eventually, but it would have taken a few more years given that the then-in-development Android was aping Blackberry until they saw the iPhone and realized that's what they needed to ape.

DougS Silver badge

I don't think anyone ever doubted there was a big market for folding phones

The first truly successful (selling over 10 million, let's say) one won't look anything like these. It won't unfold into a square screen, that's for sure! Some sort of trifold or fanfold so you get a proper aspect ratio for playing videos (which is the #1 usage for tablets) is required, and we'll need better batteries so it can be as light as current models. Still a few years to go, but in the meantime we are going to see a lot of weird experimentation - sort of all the experiments with weird form factors in the pre-iPhone era until we settled on the modern 'rectangular slab of glass'.

DougS Silver badge

Re: Can we please

I don't know about the FM radio, but you want a thick phone, here's a thick phone with an 18000 mah battery:

https://www.engadget.com/2019/02/26/energizer-p18k-pop-big-battery-hands-on-thick-phone/

Anytime someone whines about "why is everyone trying to make phones thinner and thinner, I want a thicker phone with a long lasting battery" I'm posting this link.

Don't mean to alarm you, but Boeing has built an unmanned fighter jet called 'Loyal Wingman'

DougS Silver badge

Re: They are on their way to where I predicted nearly a decade ago

No it will cost far less because it won't need all the redundant life critical systems. For a kinetic kill drone with no stealth, a simple subsonic jet engine and one shot solid rocket booster up its ass, there are a lot of companies that can make them, not just the traditional defense contractors, so if Boeing tries to charge $10 million a copy they'll be undercut by someone else selling them for under half a million a pop.

Who cares if in a swarm of 1000 a couple dozen suffer some sort of failure in their budget jet engine and release their parachute (or self destruct, depending on whether they are behind enemy territory or not) and who cares if it takes 10 attempts to ram a manned fighter costing a couple hundred million before you score a hit. The manned fighters would be overwhelmed and forced to flee, the story would be even worse for manned bombers and helicopters. They could probably even take out cruise missiles, by simply getting in their way.

DougS Silver badge

Re: They are on their way to where I predicted nearly a decade ago

I didn't say the US would be first to do it. I think it will be China, and after they kick the ass of some F35s in combat in some proxy war fought between countries supplied by the US and supplied by China the generals who resist taking human pilots out of seats will be forced to face reality.

DougS Silver badge

They are on their way to where I predicted nearly a decade ago

Pretty soon these things won't need the human pilot as their "wingman", they will go in alone and easily win a dogfight against human piloted fighters via sheer numbers. They can carry a few cheap missiles but they'd probably rely on kinetic kills for their greatest lethality. Since you could probably build a few hundred of them for the price of one F22 / F35, this would be some very asymmetric warfare.

In hilariously petulant move, Apple shuts Texas stores and reopens them few miles down the road – for patent reasons

DougS Silver badge

Re: Perhaps an empty gesture

No, otherwise Amazon would have had to be collecting state taxes from day one, instead of avoiding it by locating their warehouses/datacenters in as few states as possible.

Presence in this case means they have to be conducting business in the district. When they sell an iPhone on their web site, the transaction doesn't take place in the buyer's home. The one with the presence that extends to every address in the US is the company delivering those iPhones, FedEx. If Apple did like Amazon is rumored to do eventually and do their own deliveries, then they'd face this issue.

DougS Silver badge

Re: re: worst parasites

Companies like Apple will move out, but the trolls like VirnetX will relocate their HQ from Nevada to east Texas so they can continue suing there. Maybe someone should build an office building in east Texas that caters to patent trolls, down the street from the federal courthouse. It would consist of closet size offices that give them "presence" in the district, and a reception desk in the front manned by someone who is "technically" a part time employee of all the troll tenants, empowered to sign for any countersuits that are delivered to their address.

DougS Silver badge

Re: Perhaps an empty gesture

The plaintiffs would have to have a reason to file in east Texas. In the case of VirNetX, they are based in Nevada and would have a difficult time justifying to a court why the case should be heard in east Texas when neither company has a presence there.

But I guess nothing stops trolls from relocating their HQ in east Texas, or renting a mailbox there or something.

So. To the question we really wanted answering: How real is 5G?

DougS Silver badge

Looks like we are entering the next stage of the Gartner hype cycle

We're moving on from the "peak of inflated expectations" into the "trough of disillusionment". In a couple years we might be ready to hit the "slope of enlightenment".

Thunder, thunder, thunder... Thunderclap: Feel the magic, hear the roar, macOS, Windows pwnage tools are loose

DougS Silver badge

Is this really an x86 or maybe Intel flaw?

Judging by the list of affected operating systems, it would seem so.

Musk is in contempt of court, screams SEC after Tesla boss brags about car production rates

DougS Silver badge

Re: Vetting process

Every time he tweets about China trade the market takes a huge move. If he let someone know an hour in advance the content of the tweets he was going to send, they could make millions.

Of course t would assume he himself knew an hour in advance what he was going to say, which for someone as impulsive as he is seems quite unlikely.

The case of the missing 300 Swiss francs: WIPO fires CIO following probe into allegations of fraud

DougS Silver badge

Re: Are all these international patent organizations corrupt??

Because it is impossible to find someone who looks enough like someone to be indistinguishable on a CCTV camera....

Who needs malware? IBM says most hackers just PowerShell through boxes now, leaving little in the way of footprints

DougS Silver badge

Isn't there any logging in Windows?

Forgive me, I'm barely a Windows user, let alone a Windows guru.

But surely there is a way to enable logging of commands executed in Powershell? And surely a way to make that logging remote to a hardened host/appliance?

IBM so very, very sorry after jobs page casually asks hopefuls: Are you white, black... or yellow?

DougS Silver badge

Probably a third party contractor was responsible for operating this

A large company's HR organization knows it isn't legal to even ASK what race someone is during the application process, and such a selection wouldn't pass muster regardless of what nomenclature was used.

Or if that page was run by IBM, maybe they have a discontented employee who altered the page as a last act after he got his layoff notice?

I mean, I'm all for calling out companies that do stupid shit, but this is way too stupid to even be believable. "Yellow", c'mon now!

Tech industry titans suddenly love internet privacy rules. Wanna know why? We'll tell you

DougS Silver badge

Amazing how quickly conservatives will sell out

Their beliefs on "states rights" which they hold dear in most cases, when they see liberal states doing something that will hurt big business such as protecting the environment or protecting privacy.

Same story in my state, when some cities and counties raised the minimum wage they passed a law invalidating those laws!

Bun fight breaks out after devs, techie jump ship: Bakery biz Panera sues its former IT crowd

DougS Silver badge

Yes, basically that they wanted to compete with companies like Aloha and Micros selling POS systems.

DougS Silver badge

Re: What trade "secrets"?

But employees there have to actually USE these systems, so they know what capabilities they have. Those 20 college students could get jobs at Panera, and if you have a few in the front of house, a few in the back of house, and a few as manager they'll find out what the system does.

Because determining HOW to implement something is the easy part. The hard part is determining WHAT to implement.

Azure Kinect: All-seeing 3D camera shenanigans for everyone ... except consumers

DougS Silver badge

It already did

Apple bought the company that developed the Kinect technology, PrimeSense, back in 2013, and it forms the basis of Apple's Face ID implementation.

The same technology - same sensor even - could be extended to handle gestures that don't need to physically touch the display. There have been rumors about something like that for years, but who knows if they are working on trying to find the ideal implementation or experimented with it and decided it wasn't a good fit (i.e. what would it do to power usage to have the dot projector on all the time the screen is, instead of only when you authenticate to Face ID)

It all hinges on this: Huawei goes after Samsung with its own foldable hybrid Mate X

DougS Silver badge

Re: Seriously

Too bad all the content is 16:9 and these screens are basically square...

Biting the hand that feeds IT © 1998–2019