* Posts by DeKrow

99 posts • joined 3 Aug 2011

Page:

Why does that website take forever to load? Clues: Three syllables, starts with a J, rhymes with crock of sh...

DeKrow

I was going to post the same thing.

"Sites need revenue, and the threat of ad-blockers in some cases actually makes the situation worse for the rest of users by triggering convoluted workaround logic and complex disguising of ads that increase script execution time."

Hulce has his argument all arse about face in many ways. Assuming a site needs revenue, assuming that ads are a decent source of revenue, assuming javascript is necessary for ads, ignoring the issue of tracking and user-privacy and the well-documented issue of ads having been used as malware vectors (even outside of the tracking and privacy invasion issue).

Maybe, even as an ex-Google employee, those assumptions just come naturally.

Not blocking ads on the Internet is like unsafe sex in the 80's.

Amazon triples profit to $11.2bn, pays ZERO DOLLARS in corp tax – instead we pay it $129m

DeKrow
Mushroom

The example being set...

With more and more of these large companies and high level politicians being exposed (Panama, Paradise Papers) as using as many techniques as possible to avoid paying appropriate taxes and shifting money through various offshore tax havens, there are two things that bother me:

1. These are people and companies held up to be respected and act as examples to the general populace as to how to behave. Unlike economics, this WILL have an actual trickle down effect.

2. This leads towards an "if you can, then do" attitude, no matter the legality or morality. It basically justifies outright thievery. You failed to secure it, so you lose ownership of it.

Failure to bring world leadership to heel is encouragement to the rest of the populace to seek their own methods of advantage.

Tech sector unites in attempt to avoid Oz's anti-crypto push, again

DeKrow

No global precedent, except maybe in China

For me, the thing that's most obviously concerning about "their" rush to get this thing through, is that it's unprecedented.

Australia, that doesn't want to lead the world by implementing a country-wide fiber to the home network infrastructure.

Australia, that doesn't want to lead the world in renewable energy despite it's abundance of wide-open spaces and sunshine.

Australia, that hasn't had terror attacks anywhere near the scale of those in the US, UK, or Europe, wants to implement unprecedented legislation "in a hurry".

Something's fishy. Be it copyright, or setting precedent in lil' ol' Australia so that other western countries can follow the lead, or creating Australia as the funnel through which the rest of the 5-eyes can siphon their requests, or as some WW3 anti-China / Russia preparation, I don't know. But it ain't the safety of Australia's citizens that's the concern of this Government.

OpenStack 2018: Mark Shuttleworth chats to The Reg about 10-year support plans, Linus Torvalds and Russian rockets

DeKrow

Re: "the guy ... who engineered machines to beat Gary Kasparov"

Are your passwords similarly formatted to your usernames?

Russia: We did not hack the US Democrats. But if we did, we're immune from prosecution... lmao

DeKrow

Always blaming everyone else

Given the corruption inherent in US politics, it's almost comical that they're trying to blame Russia for influence. So much more anti-social influence comes from the biggest, most successful, economy-supporting companies within the country itself because there are no rules to make campaign donations and lobbying more transparent. Unfortunately, this is unlikely to change because it's the people who would be able to make these rules that are benefitting from their absence.

On my to-watch list:

https://en.wikipedia.org/wiki/Dark_Money_(film)

Oz telcos' club asks: Why the hell do Australia Post, rando councils, or Taxi Services Commission want comms metadata?

DeKrow

Re: Some did

And the anti-encryption proposal is currently following precisely the same path.

Short time for public comment, plenty of expert commentary arguing against it, zero acknowledgement of said expert commentary. The next and last stage is for it to be passed.

The Green's will object, but Labor, oh-so-disappointingly and confusingly, will not. Although it's not confusing because Labor are just another "big political party" full of power-hungry control-freaks that WANT this, as per the current government.

DeKrow

Re: if they got your communications, they don't need you

What's this "too much" you speak of?

Zim Zam Zim! (not 70's, but, well, you'll get the idea if you get the idea...)

Macs to Linux fans: Stop right there, Penguinista scum, that's not macOS. Go on, git outta here

DeKrow

Why Linux on Apple Hardware?

What reasons do people have for purchasing expensive Apple hardware to then go and install Linux on it?

One of the reasons I've heard for the justification of the inflated Apple pricing is that it buys you into the convenient, interoperable Apple ecosystem.

Surely, if you want to run Linux, and have a budget that stretches to an Apple laptop, it would also cover a range of both more powerful and at least nearly-as-stylish non-Apple laptops.

Dual-booting is the only option that makes sense to me. Needing the Apple ecosystem on one hand, but also the flexibility of Linux on the other.

Ad blocking. All fun and games – until it gets political: Union websites banned by uBlock Origin

DeKrow

Allow versus Deny

So, how far away from the tipping point where 'allow' lists will overtake 'deny' lists in their maintainability?

For my individual purposes an 'allow' list would be perfect and contain very few domains. I think the 'state of decay' of the Internet means it's time to impose this upon the rest of the household. One member, however, will NOT give up their Facebook. Already, there are two very difficult conversations in the pipeline.

Oz to turn pirates into vampires: You won't see their images in mirrors

DeKrow

Upvote because Frank Zappa was right, and things haven't changed.

The song "Trouble Every Day" was released in 1966 and its lyrics are still pertinent 50 years (50 YEARS!!!) later.

DeKrow

Re: whack a mole time again

@Secta_Protecta

Dr. Kerryn Phelps

DeKrow

Re: "official release stuff 6-8 months behind everyone else"

I get your point, which is the real "big picture".

However, in the "small picture" in which most proles live, there's no reason, in a world of digital streaming and bandwidth enough to for smooth 1080p video, that digital entertainment be delayed into any market other than profit maximisation strategies due to artificial scarcity - or just the complete lack of consideration for a market so small as Australia.

Both of the above options invite copyright infringement in a connected world where even a few days' delay means you're late to a global conversation.

To reiterate, however, the big picture view is: who gives a fuck? Do something more worthwhile than watching the latest episode of <won't learn anything new about life, but will pass the otherwise excruciating time in which I'd be wondering what to do with myself>.

Eat my shorts, watchdog tells every city mayor in the US – FCC approves $2bn 5G telco windfall

DeKrow
Mushroom

Quoting Zappa!?

It's almost worse that he's quoting Zappa in such a context. Zappa was fiercely anti-corporate-bullshit (Joe's Garage). Pai has crossed two lines at once. He's zombie-walked into historic reputational suicide.

MI5: Gosh, awkward. We looked down the sofa and, yeah, we *do* have intel on privacy bods

DeKrow

It's not terrorism if win.

It's not terrorism if you're in power.

US cities react in fury to FCC's $2bn break for 5G telcos: We'll be picking up the tab, say officials

DeKrow

Re: Money, Money, Money

In Australia, media barons fight over who should be Prime Minister, and Rupert Murdoch wins:

http://www.abc.net.au/news/2018-09-18/liberal-leadership-spill-rupert-murdoch-kerry-stokes-influence/10262552

Renegade 3D-printing gunsmith Cody Wilson on the run in Taipei from child sex allegations

DeKrow

Re: I'm of two minds about this

> I don't think the US REALLY cares about 3D printing of guns though

Think about it as precedent. The ultra-powerful NRA manages to maintain the status quo even against mass shootings in schools. The NRA maintains it's power due to LOTS AND LOTS of guns being sold in the US. Once 3D printing matures a bit, and more reliable, bigger, more powerful handguns and rifles can be 3D-printed, then LOTS AND LOTS of guns will be getting 3D-printed rather than sold. A gun itself can't be downloaded from the internet, but blueprints can, and blueprints can be copyright-infringed.

This will eat at the heart of the happy marriage of capitalism and gun ownership that forms a part of US culture.

I think the US cares about the 3D printing of guns more than it may seem. They'll try to contain it as long as they can, but restricting the 3D printing of guns at the same time as not changing any other gun laws is hypocrisy that won't stand up to the Constitution (rightly or wrongly).

Oz government rushes its anti-crypto legislation into parliament

DeKrow

Re: cryption? Nah, mate, don't need it... I've got a Donk!

The fact that Australia was chosen as the the first country of the 5-eyes to try and implement this, means that Australia is already pwned.

DeKrow
Coat

21st Century Australian Democracy

Is summed up best in this article and all that it reveals:

http://www.abc.net.au/news/2018-09-18/liberal-leadership-spill-rupert-murdoch-kerry-stokes-influence/10262552

Mine's the one with the interplanetary passport.

Microsoft: You don't want to use Edge? Are you sure? Really sure?

DeKrow
Holmes

Stealthily

"adverts continuing to stealthily make their way into the operating system"

Stealthily like a fart in an elevator populated by two people.

So, I'm running Windows 10 unlicensed. I wasn't sure if the "stealthy" advertising was their way of monetising an unlicensed installation. Seems not. Makes me glad I haven't paid for the privilege of receiving unsolicited advertising at least.

I see Desktop Linux has moved closer than the horizon it occupied for a couple of decades.

We're all sick of Fortnite, but the flaw found in its downloader is the latest way to attack Android

DeKrow

Same thing can, and does, happen with apps downloaded from the store, including apps authored by Google itself. Which was one of the points of this whole article.

Epic's avoidance of the app store is not the issue here except for the argument, counter to yours, that being on the app store implies security.

Ah, um, let's see. Yup... Fortnite CEO is still mad at Google for revealing security hole early

DeKrow

When elephants fight, it is the grass that suffers

Disclosing the details of the vulnerability seems inconsistent with their statement:

“User security is our top priority..."

With the popularity of the game it would be more "user security" orientated to state that there WAS an issue that's now fixed, but save the technical details, that allow exploits to be developed by bad actors, for a good while longer than a 7-day grace period.

"The security of users that perform at least weekly updates of all their software are our top priority"

Kinda niche compared to their actual statement.

Pentagon 'do not buy' list says нет to Russia, 不要 to Chinese code

DeKrow

Re: Security *And* Protectionism

When considering A) and B) always be aware of NSA's proven activities.

Excluding the good ol' US of A from your list of 'criminal nations' is blatantly choosing sides. They're all at it, and it's been done in analogue meatspace for a lot longer than it's been going on over the internet.

What's happening now is that their activities are butting up against the complex web of nation inter-dependence that globalisation and manufacturing outsourcing has caused, and the fact that the Internet is a globally shared infrastructure between the largest most powerful nations, militaries and companies as well as great-grandma Elizabeth. Which means it has millions of weak links that can be exploited. Billions once the (id)IoT uptake reaches critical mass.

Too tempting for any government that thinks its spooks are above the law (hint: that's all of them).

UK spies broke law for 15 years, but what can you do? shrugs judge

DeKrow
Pirate

The example that the Government sets...

Is the standard to which the people should aspire.

How many ways to get what you want

I use the best

I use the rest.

I use the enemy

I use anarchy.

'Cause I wanna be Anarchy.

Is this the M.P.L.A. or

Is this the U.D.A. or

Is this the I.R.A.?

I thought it was the U.K.

Sir, you've been using Kaspersky Lab antivirus. Please come with us, sir

DeKrow

Re: Я невиновен, товарищ!

"Until then, I'll take NSA's word for it."

Why not take no-one's word for it? They've all got axes to grind one way or another. Assume the NSA / US Government are making some kind of play, but also that Kaspersky aren't as white as the driven snow. Taking the NSA's word for it will drive you towards other AV vendors, which may be more malleable towards the desires of said NSA.

However, if you're a dyed-in-the-wool, blind-and-deaf-to-criticism US patriot, then continue on your merry way.

Also, someone mentioned in the comments to a previous article that Kaspersky had offered their code for confirmation to the appropriate folks.

Citation needed: Europe claims Kaspersky wares 'confirmed as malicious'

DeKrow
Black Helicopters

Kaspersky off the leash

This is the problem:

"Kaspersky Lab has only ever tried to rid the world of cybercrime. We have showed time and again that we disclose cyber threats regardless of origin and author, even to our own detriment."

Kaspersky weren't controllable by US interests, so the US started banning them and cranking the rumour mill into action. The UK, Australia, and now the EU singing from the same hymn sheet.

I think it was initially started when Kaspersky detected a piece of US-authored malware as a result of someone taking their work home, and their home computer sent the sample file to Kaspersky's servers for deeper scanning of a new potential threat (which, I believe, is standard practice for most modern anti-virus software).

Refer:

https://www.theregister.co.uk/2015/03/12/nsas_on_drugs_infosec_bods_unveil_space_grade_malware/

https://www.theregister.co.uk/2017/11/16/kaspersky_nsa_staffers_pc_was_riddled_with_malware_from_pirated_code/

FBI's flawed phone tally blamed on programming error. 7,800 unbreakable mobes? Er, um...

DeKrow
Holmes

Things that don't suprise me

1. Political pronouncements based on FUD not fact

2. A Government entity is requesting something mathematically impossible (see #1)

3. A Government entity that's requesting something mathematically impossible would stoop to lying (see #1)

4. A Government entity can't count

5. A Government entity doesn't have a system good enough to be able to find the number of encrypted devices involved in their open cases.

Maybe, before asking for impossible things, they should have systems that provide accurate info. But then, maybe, that's also an impossible thing.

Academics: Shutting down Facebook API damages research, oversight, competition

DeKrow
Megaphone

Burnt down, fell over, then sank into the swamp

If their research depends so heavily upon Facebook, then already their research will be skewed / flawed / biased due to the self-selection (voluntary or otherwise) of the "Facebook population". This is in addition to the ickiness of associating oneself so closely to Facebook that, even after ALL THIS, they're effectively defending the practices.

Systemic Privacy Violations > Facebook > Research (or maybe, more correctly "Research")

Additionally, putting Research as their first reason means the other reasons they don't really care about. Maybe they were, ironically, doing research into privacy violations. If that's the case, they should be happy that Facebook's raison d'etre has been brought to light.

University research and university researchers should be better than this.

Just noticed this too: "30 internet academics". Hahaha, Internet "academics". Fuck 'em.

ZTE now stands for 'zero tech exports' – US govt slaps 7-year ban on biz

DeKrow

Re: "...ZTE...cut off....from American manufacturers."

I was thinking along the same lines, what's stopping them from setting up a separate company to purchase the goods from the US, and then on-sell them to ZTE.

Isn't that what a US company would do? (in order to keep being able to sell arms to Iran and North Korea)

Capitalism, HO!

UK spy agency warns Brit telcos to flee from ZTE gear

DeKrow
Trollface

Re: Irony Abounds

You're absolutely correct.

The Australian Signals Directorate (ASD) mission statement is:

"Reveal their secrets, protect our own"

I like how they put the aggressive part first as if that's their priority. I don't know how "common citizens" are supposed to be expected to follow the rule of law when their own governmental agencies have mission statements such as this. I wanna be arseholes like those guys!

Australian Feds cuff woman who used BTC to buy drugs on dark web

DeKrow
Facepalm

Where digital and meatspace intersect

This is a fine example of why all the crypto backdooring talk is redundant (not to mention stupid, but that's a separate argument).

The big old major crimes cannot be committed purely in the digital realm. Drug deals involve something in physical existence (assuming Snow Crash doesn't exist yet), as do the various elements of terrorism (lone crazy or organised group), child abuse, murder, rape.

Meatspace is where the insecurities lie, and this is where law enforcement should put its focus, which is likely what happened in this case. Darkweb this, bitcoin that. Pfft.

The only crimes that are purely digital are the Gen Z's such as corporate data theft (old crime but dressed up modern), identity theft, carding, etc. Strangely, these aren't the ones being mentioned when discussing encryption backdoors or "going dark", and the whole lack of regulation, and seeming desire to regulate, on IoT will only make these kinds of attacks more frequent and have greater impact.

They're not just putting the cart before the horse, they're putting the horse in the cart, then pushing the cart themselves.

Exposed: Lazy Android mobe makers couldn't care less about security

DeKrow

I'm hoping to take delivery of an Android One device some time this week. I'll get back to you in a couple of years as to its on-going support.

Rudd-y hell, dark web! Amber alert! UK Home Sec is on the war path for stealthy cyber-crims

DeKrow

Re: Kingpin or strike.

Treating the symptoms rather than the cause.

I see this everywhere. You can measure the symptoms, so they're relatively easy to "treat" and show that they're being treated by using statistics. Causes require real work to both determine and remedy, and are often cultural and therefore too long-term or too difficult to tackle.

Treating symptoms is a politicians bread and butter because you can treat symptoms forever and thus suckle at its teat long-term. Treating causes tends to be unpopular because the 'common folk' may not be able to understand the frequently complex relationship between cause and symptom, so it ain't a vote-winning / promotional exercise.

Replace "politician" with "manager" and the above remains true.

They're back! 'Feds only' encryption backdoors prepped in US by Dems

DeKrow
Holmes

Re: There is no God given right to digital security

That's like saying that there's no God given right to life either because every single human can be murdered and some have been. There are laws against it, as are there laws against hacking.

Really, there are no God given rights at all. For various reasons...

"Anyone who believes that encryption will protect them from being prosecuted for their crimes is in for a reality check."

But this is what "they" are proclaiming: encryption is protecting criminals from prosecution.

Which side are you (dis)agreeing with?

DeKrow
Mushroom

Political mindset extrapolation

What I find the most scary about this on-on-on-going debate, is that politicians (on both sides of the fence, I'm not partisan in this) are continuing to try and find ways to defeat maths; where maths is the immovable object, and has been described as such by all the experts (in both mathematics and IT security).

The fact that politicians (around the world) cannot let go of a blindingly obvious exercise in futility gives me nightmares about how they treat other, more malleable, things that may get in the way of their 'seizure of power'. If the immovable object mathematics doesn't stop them, then mere human-constructed laws would be treated as potholes to be ridden roughshod over whilst keeping their eyes on the prize.

We've bred this species of arrogant, 'we can do anything' politicians because the punishment for corrupt, or not-in-the-best-interests-of-the-people, behaviour is dictated by the very people that have the capacity to be the wrong-doers. Far from being punished for working for personal rather than societal goals, they're making bank from it. This situation has continued long enough such that it has attracted the exact kinds of people that work towards self-aggrandisement, as opposed to 'nation leading', to political careers, thus magnifying the problem.

In Australia's system, at least, it's led to in-fighting that's resulted in four changes of Prime Minister outside of the election cycle in the last decade.

If you do something wrong, and don't get punished for it, how do you know it's wrong?

That long-awaited Mark Zuckerberg response: Everything's fine! Mostly fixed! Facebook's great! All good in the hoodie!

DeKrow
Holmes

Nothing to see here folks, sorry that the curtain got lifted a little, we're weighing it down a bit heavier now. We don't want third parties using the kind of power that we've been working for years towards leveraging.

There's more to blockchain than dodgy cryptocurrencies

DeKrow

Middle-aged man rocking up to the skatepark, saying:

"Right now, it's this Cambrian explosion kind of moment where it's worth mapping the landscape rather than being Teutonic about it."

There's your catch phrase folks.

OK, deep breath, relax... Let's have a sober look at these 'ere annoying AMD chip security flaws

DeKrow

Timeline

- Intel's MELTDOWN and SPECTRE issues were disclosed in late January 2018.

- amdflaws.com registered 22nd of Feb 2018

- AMD informed of the issues 12th of March 2018

- actual disclosure / news release 13th of March 2018

Three things:

This looks like an Intel-sponsored hit on AMD to 'level the playing field'

The web domain was registered well in advance of any warning being given to AMD - because we're a security company, so fuck security we've got marketing to do: flashy website and high-production-value YouTube videos here we come!

Just like hacking evolved from a hobby into serious criminal enterprise, security disclosure has turned from noble and responsible act (with some self-advertising for employment purposes) to blatant stock market manipulation.

Other things:

- The amdflaws.com domain was registered with a 2-year expiry (22/02/2018 - 22/02/2020)

- The cts-labs.com domain was registered with a 1-year expiry (25/06/2017 - 25/06/2018)

- Both were registered with GodAddy

- Linus Torvalds gets more respectable the more outbursts I read about

DeKrow

Re: Closed black box firmware

No, AMD doesn't look as bad as Intel, unless you're taken in by all the sparkles and glitter in the news release.

And since when is Intel cheaper? Not in my living memory has Intel been the cheaper option.

Gits club GitHub code tub with record-breaking 1.35Tbps DDoS drub

DeKrow
Pirate

Grey hat response...

Would an appropriate response to those who take too long* to secure their systems be to cross-fire DDoS's between the various insecure systems until they magically become either secure, offline, or blocked by upstream network providers?

*tolerance dependent upon seriousness of potential in combination with inaction after notification.

Australia joins the 'decrypt it or we'll legislate' club

DeKrow

Only the ones running the country...

Hua-no-wei! NSA, FBI, CIA bosses put Chinese mobe makers on blast

DeKrow

Re: China trash.

Feeding the troll here, but Cisco gear was proven to have been modified by the NSA prior to shipping to non-US countries. So, yeah, buy Cisco and be owned, LOSERS.

I think the position of the US is "We're doing all these things, so we expect them to be doing it as well. But not on our front lawn!"

It's understandable, but unfortunate, and there's no 'good guy'. What's surprising is that it's taken so long to reach this point.

I'll torpedo Tor weirdos, US AG storms: Feds have 'already infiltrated' darknet drug souks

DeKrow

The Middle Men are the Problem!

We'll go after the middle men!

They're making profits that we can't tax, therefore they're a disposable resource for the scoring of political favour. We can't go after upper management because they're essentially our bosses and are thought leaders in the structure of our way of life.

America restarts dodgy spying program – just as classified surveillance abuse memo emerges

DeKrow

Re: Fundamental Situational Correction ... Lunatics in Charge of the Asylum vs AI Bombes in Nations

Yes, you're right, I didn't see it initially, I was one layer too low.

It's the ultra-minority influencing the voting majority such that the informed minority are left without a voice. To quote Jeffrey Lebowski "my thinking about this case had become very uptight"

Thanks for loosening the hinges on the doors of perception.

DeKrow

Re: Good news for Yandex and AliBaba

I was informed it was a buck o five.

DeKrow

Re: Good news for Yandex and AliBaba

China is the asymptote to the US' trajectory

DeKrow

Re: Help is Available for Any Such Condition/All Such Situations. *

So you're saying they've brought it upon themselves?

If so, I agree, but I lament for the minority that are being swept along by the rest.

DeKrow

No longer recognise the US

This is one of those logical fallacies, and I know it, but I still want to fall into it's trap:

How can anyone take other US laws seriously, which deal with far more trivial matters such as copyright infringement, when the screw things up so terribadly on the important stuff?

The US, in it's march towards fascism, may well find itself tripping and falling into anarchy.

Linux's Grsecurity dev team takes blog 'libel' fight to higher court

DeKrow

Re: Way to damage your own credibility

Freedom of speech except if you're actually an expert on said topic?

That sounds a lot like what the US would be aiming at.

Intellectual Property Office drops, er, patently cool cartoon to teach kids about trademarks

DeKrow
Black Helicopters

Key Life Skills

A basic understanding of IP and a respect for others' IP rights is therefore a key life skill.

Is "Protecting your online privacy from advertisers and governments as well as predators and groomers" a course given to all primary school students as well? I'd rate that a fair higher priority - as in, IP rights are barely visible from this height.

Obvious government priorities are obvious.

Uncle Sam's treatment of Huawei is world-class hypocrisy – consumers will pay the price

DeKrow

Remember how the US Government (via the NSA) was accessing Google's servers via an exploit?

Blame is on all sides; the finger pointing can legitimately go in all directions. The point of this article is to make clear the hypocrisy of the finger pointing and deal-breaking.

Page:

Biting the hand that feeds IT © 1998–2019