* Posts by tekHedd

293 posts • joined 9 Aug 2011

Page:

If you're worried that quantum computers will crack your crypto, don't be – at least, not for a decade or so. Here's why

tekHedd

Forget that, what about time travel?

Conspiracy theories aside, a good rule of thumb is that if you hear the military is "considering research into something", they've long since completed the research, and either have the results ready to go or have decided it's not worth the trouble. Translating "physics experiments" into useful technology can be pretty difficult, but if there is any way at all to break public key encryption with current technology, brute force or otherwise, it has already been done and is in use. If you ran a major government, what would /you/ do? So, you should probably start with the assumption that asymmetric encryption is at least somewhat transparent to certain agencies, if you are important enough to warrant the expense, regardless of the published state of quantum computing or any other research.

And don't forget about time travel. We're all traveling forward in time at the speed of /normal time/. So, with the magic of archiving, your internet traffic can *travel through time to the future* and be decrypted using what, by then, will be cheap technology. The only thing protecting you is that archiving it is a pain, and it's really not worth the trouble. And of course you're not doing anything important enough to attract attention, right?

Latest Fast Ring build grazes big red button, unintentionally ejects some Windows Insiders

tekHedd

Notepad++

I just came in here to upvote the first person who mentioned Notepad++, but I noticed nobody has, yet. Not sure exactly why anyone would still use built-in Notepad unless the world was ending or, well, actually I'm not sure why it would matter then either.

Biker sues Google Fiber: I broke my leg, borked my ankle in trench dug to lay ad giant's pipe

tekHedd

"conflict of interest"

Quite possibly he rides a Harley.

SPOILER alert, literally: Intel CPUs afflicted with simple data-spewing spec-exec vulnerability

tekHedd

Re: Well I never ...

homeopathic water cooling: it works but you have to use very small amounts of very hot water, which causes the cpu to cool down. Somehow.

Another way to look at Amazon's counterfeit-busting Project Zero: Making merchants cough up protection money

tekHedd

Re: Disruptive...

And never mind that "Fulfilled by Amazon", assuming you're not on Prime, generally takes 1-3 days longer to arrive than third party sellers, and you can't rate the seller, because obviously Amazon doesn't need to be rated, because they're perfect. All their profit margin apparently comes from including half the amount of air-bags required to adequately cushion the product.

Really, they used to be pretty good, and we mocked them for excessive packaging, but now it's gone the other way, and not in a good way.

tekHedd

Re: Buyer Beware

That's how Amazon deals with problems like this and fake reviews: they bury their head in the sand by deleting anything that messes with their denial (your reviews, the downvote button), and try to find a way to charge you for it.

Customer: We fancy changing a 25-year-old installation. C'mon, it's just one extra valve... Only wafer thin...

tekHedd

Re: The dirtiest four-letter word...

"Oh, it's Windows. I haven't touched one of those for years, sorry,"

This also works for the most painful Linux problems, especially when they're driver or audio related. "Oh, that's probably pulseaudio...is this the new Ubuntu UI? Sorry, I use ALSA and Jack on Devuan, have you tried searching Google?"

Ready for another fright? Spectre flaws in today's computer chips can be exploited to hide, run stealthy malware

tekHedd

I believe the complete recipe is

A secure PC is both unpowered and in a locked closet.

Latest 4G, 5G phone-location slurp attack is a doozy, but won't Torpedo Average Joe or Jane

tekHedd

Re: Not to worry only the State is likely to use this

No really, I don't see what you're getting so worked up about. The only groups that can get all the information to use this attack are big players like the state and organized crime, and of course Google. So we are completely safe, because history shows that the state and organized crime have never abused their power. As for Google et al, well, come on, I trust them utterly, don't you?

'Occult' text from Buffy The Vampire Slayer ep actually just story about new bus lane in Dublin

tekHedd

Can't even decide if I'm a fan

I'd vehemently defend the series...if I had stopped watching after season 4. It's the Robert Jordan effect, where you keep reading the next ep expecting it to get better even though it's quite obviously hopeless.

Crash, bang, wallop: What a power-down. But what hit the kill switch?

tekHedd

"an alum in good standing"

How do you lose your standing as an alumnus? I'm trying to imagine a scenario, humorous or otherwise, that would result in this, and does not involve war crimes...

tekHedd

power button next to eject

Hah, my current desktop system (Thermaltake case), the power button is next to and shaped exactly like a USB port. I've stopped using the front panel USB ports.

See also: laptops with a headphone jack directly next to the USB port, where if you're fumbling around the side and insert your headphone plug into the UB and short out the 5V supply, it kills the power supply and hard resets the system.

Oh Snapd! Gimme-root-now security bug lets miscreants sock it to your Ubuntu boxes

tekHedd

The Snap Idea

"The *idea* is a reasonable one - for an OS that uses system libraries that are not compatible with some application, make it possible for the application developer to publish, at will, a blob that contains all the required dependencies, and isolate it from the host OS to limit opportunities for compromise."

Too bad we don't have any other technology like that. *cough*AppImage*cough*

tekHedd

Re: This talk, on youtube, is worth a watch.

Seen it. SystemD propaganda with the same old message: you don't like it because it's new.

We need a lot of the things SystemD provides. We don't need them executed poorly.

Techie finds himself telling caller there is no safe depth of water for operating computers

tekHedd

"...it's a ticking time bomb"

Nah, that's only true for salt water. As long as all the water dried out it should be OK.

Before no-rinse became a thing, a lot of electronics manufacturing processes used a water-rinse process.

I helped catch Silk Road boss Ross Ulbricht: Undercover agent tells all

tekHedd

The golden rule of crime

"Quit while you're ahead." He had HOW MUCH bitcoin? Sheesh. Time to go legit, bro.

Man drives 6,000 miles to prove Uncle Sam's cellphone coverage maps are wrong – and, boy, did he manage it

tekHedd

ArcGIS?

They used ArcGIS as the main mapping tool? My sympathies. I took it for a test drive and was supremely frustrated and disappointed, but they still send me huge full color magazines every couple of weeks. Goodness knows how much of our government's money they... well I rant but anyway, my sympathies.

Happy Thursday! 770 MEEELLLION email addresses and passwords found in yuge data breach

tekHedd

Same here except...

I'm getting those same emails, except it's always an email I've never used anywhere. This makes me question the usefulness of some of the breach data.

Detailed: How Russian government's Fancy Bear UEFI rootkit sneaks onto Windows PCs

tekHedd

Enable SecureBoot? You mean that thing I have to disable to get Linux to install?

Great, so what I'm hearing is that I should also be disabling UEFI? Even though it really can provide some useful support features, ie for suspend/resume support etc? Great.

As usual, anyone outside the 80% is shafted. (On the bright side, 99% of the exploits expect a windows OS, so there's that.)

Millennials 'horrify' their neighbours with knob-shaped lights display

tekHedd

"When you walk home you just don't expect to come face to face with an enormous penis on a wall."

At least, not until you arrive home and go inside...

That amazing Microsoft software quality, part 97: Windows Phone update kills Outlook, Calendar

tekHedd

Re: The lead-in picture is wrong ...

... and you're not going to be doing much self-foot-shooting with an uncocked gun, for that matter.

Google vows to take claims of sexual assault, harassment seriously, just like privacy

tekHedd

We're Looking At It(TM)

So...it's a toss up between "we're looking at it" and "we're listening", the standard "expression of concern" brought out by companies whenever someone examines their dark side too closely.

It's been a week since engineers approved a new DNS encryption standard and everyone is still yelling

tekHedd

Re: Tough

"Nobody is forcing you to use the municipal water supply, this is not the only source of water. You are incorrectly conflating piped water with the entire food supply ecosystem. I can drink whatever liquid from whatever vendor I choose, so long as it is purchased legally."

Yeah, but when I need to boil some eggs, I go to the sink and turn on the tap.

Pirate radio = drug dealing and municipal broadband is anti-competitive censorship

tekHedd

It's always about control

They always mask it as arguments about copyrighted content or hate speech, but it's always and only about maintaining control of the media, mainly for profit but also and increasingly for nefarious reasons.

FYI: Drone maker DJI's 'Get it on Google Play' website button definitely does not get the app from Google Play...

tekHedd

So let's emphasize the lying part next time, perhaps?

As a user of a phone without any google apps whatsoever, I always appreciate when a company makes the APK directly available. (When it's a company I trust, anyway.) If Google Play is the only way to get an app, I have to violate Google's terms of service to get it. And yes I know there are handy tools that offer an easy, convenient way to violate the ToS and get the apps. :/

Offering an APK download from a "Google Play" button, yeah, that's shady. Offering an APK download, that's just how I like it.

Your RSS is grass: Mozilla euthanizes feed reader, Atom code in Firefox browser, claims it's old and unloved

tekHedd

Well, that's a shame, but...

I've always used standalone readers; I don't even know what the built-in reader looks like in FF. RSS is the awesome (or Atom, sure, I don't care, it's a protocol.)

At this point, RSS is the only way I can really handle El Reg, as it's just too much effort to scan through the news now that it is algorithmically sorted in order of... I honestly have no idea how the editors decide what I will be interested in but it's hit-and-miss and I now really can't be bothered to read past the top headlines on the official web site.

That 'Surface will die in 2019' prediction is still a goer, says soothsayer

tekHedd

So the logic is

... Surface isn't making ALL THE MONEY so you should just cut it. Never mind the halo effect, any future possibilities as Microsoft refines their hardware production savvy. Forget the high end--rich people don't have money, and their opinion of your company doesn't matter. What matters is that this other division has a bigger upside this quarter and we want to see your FPE increase for the next 2 quarters.

I keep meeting people who absolutely love their Windows Phones and protect them like human babies, terrified because there are no replacements.

It must be good business to establish a brand, acquire and develop hardware/software expertise to support it, restructure your bread-and-butter OS to include this product as part of your core strategy, spend millions on marketing, establish a loyal core fan base, and then kill the product. Microsoft does it over and over, and look how successful they are.

Shortages, price rises, recession: Tech industry preps for hard Brexit

tekHedd

Oh no, it's 1999!

Brexit is the new y2k bug.

Redis does a Python, crushes 'offensive' master, slave code terms

tekHedd

No masters!

Even if they rename it, the architecture itself is offensive. I will be boycotting the product until all offensive dominance roles have been removed therefrom.

tekHedd

Re: They should ask Torvalds to rename git.

You "ask", we "demand." This is why you fail.

Python joins movement to dump 'offensive' master, slave terms

tekHedd

The terminology is not the problem.

Removing the words master/slave does nothing to correct the underlying power imbalance between the controlling and controlled 'wares. We MUST boycott offensive hardware/software until all such relationships are corrected to be consensual.

Microsoft tells volume customers they can stay on Windows 7... for a bit longer... for a fee

tekHedd

"enterprise and education customers"

I don't run windows a lot, maybe every week or three, and it seems like every time I launch Windows 10 the user interface has changed completely.

I guess it's a moot point now. I wiped my last Win10 box in favor of Mint last week. :P

C'mon, if you say your device is 'unhackable', you're just asking for it: Bitfi retracts edgy claim

tekHedd

You know they're serious about security *now* though...

because "Security Manager" is capitalized.

Salesforce boss Marc Benioff objects to US immigration policy so much, he makes millions from, er, US immigration

tekHedd

Qualified workers

These companies REALLY hate native qualified workers, don't they?

Android data slurping measured and monitored

tekHedd

Fake DOB?

I used to put in bogus DOB etc...and then I lost access to an old email account, which then meant I couldn't recover my ebay password, which means I lost 5 years of eBay seller history... etc etc.

You can't put in fake information that later might be used for account recovery unless you are planning to then write that all down somewhere. At some point you'd have to memorize an entire fake identity or two or three... sure some people do this but come one who has time?

Australia's Snooper's Charter: Experts react, and it ain't pretty

tekHedd

"puritans on both sides"

Or, in the words of someone who my mother says is a "great man and a genius", there are "Very Fine people on both sides" of the argument. :P

Clap, damn you, clap! Samsung's Bixby 2.0 AI reveal is met with apathy

tekHedd

OpenCamera

OpenCamera pretty much rocks. You still lose advanced features if you have a really fancy phone though. What's a "stylus support?" ;)

--running Lineage + MicroG for several months now.

Summary in a nutshell: Here Wego > Google Maps, but I miss my cloud storage for saves in AlphaBear.

tekHedd

Where's MY AI?

We talk a lot about "creepy and invasive", but the only thing that's really wrong with Google's AI is that it's not *my* AI. When I think back to AI assistants in the various Sci Fi books I've read, AI agents never seemed creepy because in books the agent is 100% owned by and working for the protagonist. It's the difference between "I am here to support you in any way you want and only those ways", and "I'm not going to hurt you, no really I promise, but not in a binding way and also sign this agreement indemnifying me before you let me help..."

There's a world of difference between "don't be evil" and "be good".

Top tip? Sprinkle bugs into your code to throw off robo-vuln scanners

tekHedd

Re: If you can generate your 'chaff' bugs algorithmically...

See also: every obfuscation tool. You can strip out all of the useful data, but you can't strip out the executable program and still have useful software.

Now if this were carried to the level of a complete custom "fake buggy compiler" you might have something, but then that sounds an awful lot like making a hardened compiler that automatically protects you from the kind of bugs you're simulating in the first place, with similar overhead, that puts me right back in the camp of "why are we doing this again?"

Dear alt-right morons and other miscreants: Disrupt DEF CON, and the goons will 'ave you

tekHedd

Alt-left

"Is there such a thing as the alt-left?"

True Believer Progressives are not an exact opposite of the alt-right. While the right might for example propose dismantling the EPA and using violence to suppress opposing viewpoints, the left might propose heavy censorship of "inappropriate speech" on social media and passing laws to let the government to use violence to suppress opposing viewpoints. More and more it looks like the authoritarian vs the anti-authoritarian version of the same thing. And in the end we'll probably end up with the worst of both sides as our next round of new laws. :/

Early experiment in mass email ends with mad dash across office to unplug mail gateway

tekHedd

Re: Firetruck?

"proceed" to travel, to go "off" somewhere

"firetruck" no additional expln. needed

Ya gotta use the noggin DN! :)

You can take off the shades, squinting Outlook.com users. It has gone dark. Very dark

tekHedd

All the hate for dark

I like dark interfaces. The glaring white becomes exhausting after 10-12 hours.

I'm frankly surprised. It's only taken them, well, literally from the launch of the service until now to come up with a dark skin, one of the easiest things to do with modern CSS-based interfaces, and people are still complaining about the "waste of resources." This is why we can't have nice things.

Google Chrome: HTTPS or bust. Insecure HTTP D-Day is tomorrow, folks

tekHedd

Not about encryption

The dangers of unencrypted transmissions? Sure it's real, but no, that's not a problem that is solved by this move. The real end result of this move is the death of self-signed certs.

Why does Google hate self-signed certs?

Indictment bombshell: 'Kremlin intel agents' hacked, leaked Hillary's emails same day Trump asked Russia for help

tekHedd

Scary trump pic, or is it?

The truly scary thing about this article is that the attached stock photo is actually a fairly flattering picture of Trump, relatively speaking.

Google Cloud CEO admits: Yeah, we wanted GitHub too. Whatevs

tekHedd

Exactly. Microsoft buying an OSS repository is questionable because of their open hostility to openness. Google buying an OSS repository is questionable because their track record suggest they'll forget they own it and shut it down completely.

But at least Google is not yet openly and actively hostile to all open source projects, and does not have a track record of infiltrating standards bodies and sabotaging standards. Not yet, anyway.

RoboCop-ter: Boffins build drone to pinpoint brutal thugs in crowds

tekHedd

And.. JUST violent actions, right?

So... how much work would it be to train it to recognize other suspicious actions, people trying to evade detection, people walking guiltily, "loitering with intent", protesters, people working their way purposefully through a crowd instead of gawping? I'm sure you can come up with more. It's fun!

HPE: Hell yeah, those job cuts worked out great… for our investors

tekHedd

for a short while

"It's funny how falling feels like flying, for a little while"

https://www.youtube.com/watch?v=LTYyS8bxV78

US Congress mulls expanding copyright yet again – to 144 years

tekHedd
Facepalm

Seriously!

I can't see how Congress keeps getting duped into supporting Mickey Mouse legislation like... oh...

Bowel down: Laxative brownies brought to colleague's leaving bash

tekHedd

A tip-off...

This is why revolutions fail.

Pointless US Congress net neutrality vote will take place tomorrow!

tekHedd

Let's keep talking about it anyway...

Now is a good time to ask: what legislation is Congress quietly and bipartisan-ly passing while all this noise is going on? If Trump tweets something outrageous on top of all this, watch out.

Page:

Biting the hand that feeds IT © 1998–2019