* Posts by WatAWorld

1313 posts • joined 24 Feb 2012

Page:

It's time for TLS 1.0 and 1.1 to die (die, die)

WatAWorld

Requiring old stuff to meet KEY new requirements is routine in the physical world

Passenger aircraft. Railway tanker cars. Trucks. Cars.

Procor is junking tens of thousands DOT-111 tanker rail cars when the new tanker car standard comes into force in Canada and the USA. These think aren't cheap.

Old buildings must meet current fire codes. And old buildings that are extensively renovated must meet current building codes (building codes being more complete than fire codes).

0
0
WatAWorld

Re: Microsoft

The dates:

https://en.wikipedia.org/wiki/.NET_Framework_version_history

Things that were adequate in 2010 are out-of-date and inadequate now.

Is it really that surprising given the rate that hackers and academics find obscure bugs.

If we had to had to wait for ordinary profit-oriented criminal programmers to find the bugs, the products just might perhaps still be secure, against criminals for another year or two. But that would require living in an alternate reality.

(Of course nothing is secure against major state signals intelligence agencies. They can always find ways in. Even TLS 1.4 connections won't be secure, because if outfits like the NSA can't find ways through it, they have many ways around it.)

1
0
WatAWorld

Hum, doesn't this accurately describe how emissions tests place new standards on old cars in the UK?

https://www.classiccarsforsale.co.uk/blog/market-trends/historic-cars-win-exemption-in-ultra-low-emission-zone

Yeah, classic cars get an exemption. But classic cars aren't used for everyday driving. They're used sparingly by collectors and museums.

2
0
WatAWorld

"This is a bit like saying ALL cars must pass current standards and so most over a few years old are then automatically off to the scrappers."

Exactly, which is what we should be copying.

This is the case in Canada too. And California. And probably the rest of the USA.

Classic cars get an exemption -- but then classic cars are driven sparingly by their owners, and not driven commercially.

In the UK a car has to be pre-1980 to get the exemption. In Canada before 1988.

2
2

IBM to GTS: We want you to 'rotate' clients every two years

WatAWorld

Re: Looks like bad management

Ginny isn't going to fire herself for just cause.

2
0
WatAWorld

Re: IBM about 25 years behind Cannot Stand Continuity

@MAH, in Canada IBM charges 3 to 5 times what it pays people. And it charges for every hour worked. And it adjusts those rates for inflation, and if the client has a good year.

I don't think giving a headcount a 5% pay hike would make the account unprofitable.

That said, yeah I agree, if he's content in his/her current job, if they're already fully qualified at it, then he or she should content with only getting inflation increases.

0
0
WatAWorld

Re: @AC

In Canada the traditional solution to this is to assign the headcount to a job they're incapable of doing. Either a job above their skill level, or a job where the required quotas are unachievable.

You reassign the headcount, and then when they fail, you fire them for just cause.

One has to be careful though, because if the re-assignment is too different from the old job the headcount can claim "constructive dismissal". So you can't do this by assigning a "coder" to sales, or a salesperson to accounting. You'd assign a coder to a different type of coding. That way the headcount doesn't have a case.

It is ruthless.

They need to address the issue that older employees who are targets of the RIF can claim discrimination when they can show that there is still demand for their skills.

4
1
WatAWorld

Re: Interesting... color me skeptical.

You're right to be skeptical. This was not announced as a training opportunity for headcounts. And it won't be.

I imagine they'll take your Oracle DBA who has 15 years of RDBMS skills and send him to another Oracle DBA account.

That saves training costs. Saves the new to reduce billing rate. And still achieves the purpose of preventing the client becoming attached to the headcount/resource/person actually providing their service.

And when there are no more Oracle DBA jobs, you sack the headcount and hire a new grad who knows Banana NDBMS.

IBM is a sales and marketing company. Effectively its only real employees are in sales and marketing. They're the wizards that can sell ice to eskimos at $500k a tonne.

The people actually doing work for clients are effectively external contract headcount. You don't want your client becoming attached to external contract headcount.

7
0
WatAWorld

Re: Could be good for the techies

It would be good for the techkies that are not laid off due to not having a client to stick up for them during layoffs. They'd avoid stagnation and keep their skills current -- assuming IBM doesn't just lay them off.

And it would be good for IBM too. Staff more current. Staff better trained. If they were to actually train current staff on new technology.

BUT IBM gave up keeping tech staff up to date 2 decades ago.

Now they layoff the old and hire the new.

So I'll stick with my initial feeling that this is to make layoffs easier for IBM to make.

6
0
WatAWorld

IBM brass got fed up with clients complaining about key people being laid-off

If the client doesn't have a relationship with you, then the client won't interfere next month when we frivilously lay you off.

Exclusive IBM will ask Global Technology Services engineers to "rotate" from "existing assignments" every two years in a working model overhaul that some staff warned could weaken client relations.

2
0

You know that silly fear about Alexa recording everything and leaking it online? It just happened

WatAWorld

Re: 'This was an extremely rare occurrence.' In other words it was not unique.

"Extremely rare" In other words it was not unique.

13
0
WatAWorld

Do you hear Yanny, Laura or Alexa?

Do you hear Yanny, Laura or Alexa?

6
0

LLVM contributor hits breakpoint, quits citing inclusivity intolerance

WatAWorld

Women only make up 2 out of 3 university students in the USA, better fix that now.

It is 2018, not 1960. The people in the USA who are young women entering university and the workforce today have benefited from affirmative action and female centric learning techniques all their lives.

And that shows up in the statistics that show them as being 2 out of every 3 university students (65%).

Geeze, better start an affirmative action program, they're only up to 2/3.

So let's use systemic discrimination to push that 1/3 men out of the only fields they're still comfortable studying. (Systemic discrimination is what we call inadvertent discrimination that results from actions taken for some other purpose. For example, putting your job ads in an ethnic newspaper makes it seem like you're only interested in people from that ethnic group and deters other people applying.)

STEM is only male majority because young women (wisely) do not see it as a good choice.

The study of STEM fields is largely depersonalizing (how often does integral calculus or number theory come up in conversation). And it is hugely thankless.

I'm getting older now. I'm in hospital a lot.

And I'll tell you this: the sort of people who go into engineering, smart and practically minded, if they're women they go into nursing or medicine.

And they love their work more than any engineer or IT person I encountered in my entire career. They get more sincere heartfelt thank-yous in an hour than you'll get in your life.

Plus:

1. Nobody is going to ship their jobs off to the third world.

2. They're employers will pay to train them to keep them up-to-date with technology changes.

3. They're helping real people, rather than helping the rich get richer.

4
0
WatAWorld

Re: Suggestion: Read the messages on the LLVM mailing list

I thought the code of conduct was actually pretty good -- and it would be if it were interpreted literally.

But if adjudicators are going to assume one sex or gender (they're different things) are always telling the truth, if they're going to get fussy about words and language, then no.

But otherwise the actual Code of Conduct reads like something I'd sign on to.

But being affiliated with a group that seeks to advantage a group that already makes up 2 out of 3 university students in the USA -- that makes no sense.

2
0
WatAWorld

Re: White Hysteria?

1) The point of diversity initiatives is not to "punish you for the sins of your ancestors" as one commentard below has said. It really is an attempt to level the playing field, a playing field that white heterosexual men (like me!) barely ever recognise as actually being tilted.

...

2) ...Somebody below complained that they literally "could not be heard" because they were white and middle aged. Well, that doesn't seem very fair, but welcome to the world as perceived by most women, which is even worse if you are any colour of woman other than white.

3) The term Social Justice Warrior really irritates me. It seems some of the people chucking it around really are "snowflakes" to pick up another pejorative term which started out with the alt-right.

Gee, sounds like something straight out of a Goebbels speech about how oppress and ignored Germans were after WWI.

How is discriminating on the basis of skin color going to fix a playing field that was unlevel due to class and social connections?

Women not being heard, but read any newspaper today or listen to any TV station. What is the majority? It is women.

Going back decades, men never talked about being men. Since the end of WWI when regular men got the vote (which was the same year women got the vote in the UK), what men voiced was for the good of their industry or their country, not their sex.

SJWs and you don't like the term. But you sure like terms like alt-right.

I forgive you because you're obviously too young or read too few newspapers:

SJW is the label THEY GAVE THEMSELVES. We capitalized the term because they don't fight for social justice, they fight for identity politics and discrimination.

2
5
WatAWorld

Re: Proposal for Reg Comments

Whites are about 85% plus of the said regions population..

..and queer / other folk are less than 2% of the population. < 1% female. < 2% males. "

...

Last statement made based on a very very large sample encountered while living in San Francisco over the last 30 plus years.

The problem is so many of us are so ethnocentric. What we see is how it is.

But that isn't reality.

Your own all powerful privileged "racial" group only rules 4 out of 27 countries in the Americas.

Reality is that by US dictionary definitions only half of caucasians are white. Their white excludes Asian Indians, North Africans, West Asians, Hispanics, and anyone else who isn't pale pink in winter.

The world is 35% Chinese Asian. 25% Other Asian. 19% white. 19% black.

To us the world is North American and Europe. But Europe is the second smallest continent next to Australia.

Africa is larger than the USA, China, and Europe combined.

Regarding the prominence of non-cis males. For centuries until maybe 1850, the vast majority of male leading members of the European Royal families engaged in gay and straight sex.

It would be truer to say that cis males only began to run things after the industrial revolution. But even that isn't true. It is the children of the wealthy who run things. In limited parts of the world the children of the wealthy just happened to be male, and people assumed they were cis male.

Hence: Cis male comments should be limited to 19% of the column inches. This can be accomplished by using a dynamic font size, ranging from 0.5 pt to 3 pt.

1
1
WatAWorld

There are weeks where I don't come on The Reg because they've published SJW propaganda about others. But their reporting on this story is not biased enough that I'd call it propaganda.

It is good to read that at least one person in our industry is taking on social norms and the establishment to dispute what is today's "scientifically based acceptable form of" racism and sexism.

1
1
WatAWorld

Re: Most discriminated against

In the USA and Canada "unmarried males" have both the lowest average income and lowest average wealth of any of the 4 marital status/sex combinations.

1. Married males

2. Unmarried females

3. Married females

4. Unmarried males

That is grouping together all ages, all educations, all occupations.

If you want to know who is the most discriminated against, I think you'd have to look outside of natural protected groupings.

Back in the 1960s it might have been women who could type. If you were a woman and couldn't type, you'd be hired as a clerk and might learn the business. If you could type you'd be a typist until that occupation became obsolete.

Today it might be the very ugly and those with particular sorts of mental illnesses that prevent them seeking assistance from others.

1
0
WatAWorld

Re: The only valid form of positive discrimination

- Should we discriminate in favour of Kim Jong-un's daughter just because she is female.

- Should we discriminate in favour of a given slave owner's son just because he is black?

- Should we assume that the children of Africa's dictators are all disadvantaged and deserving of privileges to compensate them for the "undeniable advantages' white privilege has given the sons of Virginia's coal miners?

Positive discrimination is only valid when based on individual circumstances, not simply skin color, sex, or gender.

If it were in my power I'd definitely slightly discount the grades of students that had elite schooling, excessive private tutors, and so on.

And I'd definitely give a slight boost to orphans, people suffering chronic disease in childhood, or who'd grown up in war-torn countries.

And not just for schooling, but also for jobs, up to say age 29 -- a slight boost to those individuals who'd been disadvantaged by their parents lack of wealth, and a slight discount to those who'd been excessively advantaged by their parents wealth.

Positive discrimination based on individual circumstances is valid.

Positive discrimination based on skin color or sex is no better than the positive discrimination done in Germany during the 1920s and 30s. "Oh but we have statistics to prove our case." So did they. And their press supported it too.

1
0

This post has been deleted by a moderator

WatAWorld

It would be nice to see some people in the journalism industry stand up for the truth too.

A community that discriminates is not an inclusive community.

Only small-minded ethnocentric people think that all white Americans males were:

1. had one or more parents

2. did not grow up in war torn countries

3. did not suffer from chronic disease

4. did not get physically bullied at school for years

5. never suffered sex abuse from their parents, schools, or priests

Only small-minded ethnocentric people think that all non-white and female people had to endure such hardship.

It is good to see that some people in other industries are standing up for the truth.

It would be nice to see some people in the journalism industry stand up for the truth too.

The UK is not the USA, but look at the list of the UK's richest 10 people. Only 7 of the 10 fall into what is being assumed today by The Establishment (including journalists at recognized publications and modern "human rights advocates") as universally disadvantaged groups.

1
0

IBM turnover shrinks $28bn in 6 years but execs laugh all the way to the bank

WatAWorld

Re: You get the behaviour you reward

Far be it from any Wall Street analyst to advocate for over all lower salaries amongst corporate executives, since their salaries and Wall Street analyst salaries are mis-incentivised to similar levels.

Look at problems the FTC has found with IPOs, bubbles, and misleading company and government audit statements and bond ratings over the years.

[i]No, the quote is from a Wall Street analyst, and they are taking a tilt not at how much directors and officers were paid, but what they were paid for. IBM has become Indian Business Machinations precisely because the incentives have encouraged that, but did nothing to encourage growth.[/i]

2
0
WatAWorld

Re: there really is a crisis in capitalism

I was thinking about that when I read about the TBS scandal/crisis.

The CEO is taking personal charge. The company is totally at risk and the CEO is useless to prevent it or fix it. The company's survival totally relies on people making 5 and 6 figure incomes giving the right advise up the ladder, and doing a good job going down the ladder.

The top of the ladder is no more useful than a flagpole.

Mega overpaid CEOs are more a liability, due to how they misguide the company to maximize their own profits.

5
0
WatAWorld

Re: This makes happy reading - enjoy

LOL

https://www.reuters.com/finance/stocks/insider-trading/IBM?symbol=&name=&pn=3&sortDir=&sortBy=

A quick glance shows their executives have accurately measured IBM's value -- they only buy at a price of $0.00.

(Of course those are stock options. But that is the only time they buy.)

1
0
WatAWorld

Re: Mixed Bag from Customer Perspective

IBM has always had the best sales people. And more and more over the past 2 decades that is what has kept them afloat.

With products and services like theirs, they totally rely on having the best sales people in the industry to persuade customers to go with them as a supplier or a prime contractor.

1
0
WatAWorld

Re: Myopic?

Government of Canada is going through that with its Phoenix Payroll system.

Strange thing is that IBM's sales people are so good that they've persuaded Canadian civil servants that the changing specifications due to inadequate analysis are the government's fault.

It is so cliche, the civil servants apologizing for the mess they got IBM into.

4
0
WatAWorld

Imagine if grunts acted against the interests of the company unless specially incentivesed

Imagine if grunts acted that way, needing special incentives to take action for the good of the company.

A knowledge company is only as valuable as the knowledge and work-ethic of its employees.

Shareholders temporarily own the company (because they can freely buy and sell shares), but in a knowledge company it is employees who are the company.

3
0
WatAWorld

And yet when TBS has problems it calls in IBM

Had IBM previously done any work at TBS?

1
0

Anon biz bloke wins milestone Google Right To Be Forgotten lawsuit

WatAWorld

What is damming to a person's reputation is not that Google says something, but that Google has a link to a respected national newspaper saying something.

Google echos everything on the web, including pub-talk, junk in tabloids, comments, speculation, and blogs. No sensible person makes decisions based on Google's preview of an article, instead they click through to read the source of the news article and judge based on the reliability of that source.

Google is/has been an authoritative search engine -- it has never an authoritative source of facts.

2
1
WatAWorld

The correct ruling, in the sense of natural justice and rehabilitation, would have been for the judge to direct the plaintiffs to go after the newspaper with the incorrect/outdated information.

Google was just an easy target. These guys got a judge to go along with them and given them relief from Google's search results.

Do this a few thousand times and Google will go the way of Hotbot, Alta Vista, Yahoo, and all the other formerly essential seemingly preeminent now obsolete search providers.

Do this enough and we'll be looking up potential business partners and suppliers using other search engines, since Google will no longer be reliable.

If the newspaper article on the web was reporting inaccurate libel, then the newspaper article should be corrected.

3
3
WatAWorld

Re: The Government has Decided what is Relevant to You

Why? It happens every day. Everywhere. Everyone and their dog has embraced the

You say that about the government deciding what the truth is, but that assertion is only partly correct.

Historically the population was less, people seldom every traveled more than walking distance or riding distance from home, and we did business within a circle of a few hundred people.

The government did not have anything to do with it.

Further, we should not close the door on the world improving.

"Slavery. It happens every day. Everywhere. Everyone and their dog has embraced the idea".

Slavery is as bad an idea as letting judges or government bureaucrats tell us what relevant truths are. After all, it was judges and governments that once defined it as legal.

Trusting government to decide if slavery should be legal was a mistake the general population eventually overruled.

Judges and government bureaucrats decisions tend to be based on social class, occupation, gender, and sex.

2
7

Apple iOS 11.3 adds health records for battery, people too

WatAWorld

Re: Jobs....

BS because:

1. Users of all the other rechargeable battery devices do not have the problem you're saying Apple eliminated any more than people who use old iPhones do.

2. In fact friends claim old iPhones have shorter battery life than most competitors. (I'm in Canada, reception tends to be poor here, which means the phones up the power of their transmitters more often. Conditions may well be different where you are.)

3. Many users could circumvent the reduced battery capacity by re-charging more frequently, but Apple chose not to offer them this obvious option, the option every other manufacture implicitly presents its users, and which people accept without complaint.

4. Apple made its money selling new models to fanbois using slightly older models -- not people switching to Apple from other brands.

This is a civil matter and proof beyond reasonable doubt (the level for criminal matters) is not needed. Apple's business plan, profits, and executive stock options depended on its phones making customers dissatisfied after a period of only a year or so's use. I argue that not just the balance of probabilities but also the preponderance of evidence is that Apple's business model is why Apple intentionally slowed down older phones without informing users that they had a choice to replace their batteries.

And now that the cat is out of the bag as far as the slowing down the processor when new models come out trick, they're having difficulty moving iPhone X.

"Apple throttled the processor performance to match what the battery could provide, which in principle is fine. What they forgot to do, is tell users they were doing it. And then when the 'slow' iPhone was brought into an Apple store, they 'forgot' to mention that a new battery would solve the speed problem; and presumably tried to sell the punters a new iPhone instead."

5
8
WatAWorld

Apple secretly slowed its processors in older model iPhones to boost sales of new phones

BS.

"A mismatch in power demand and supply can prompt an iPhone to shut down, so to guard against that, Apple secretly slowed its processors in older model iPhones to accommodate enfeebled batteries."

That they did this secretly without informing the user is all the proof I need to say that that Apple slowed down old phones to increase the sale of new phones.

If Apple had been worried about the batteries being weak, they'd have simply informed the user that the batteries were weak and that they had the option to replace them, or to slow down the processor, or to carry on as before but with more frequent re-charging.

13
3

Politicos whining about folks' data rights ought to start closer to home

WatAWorld

Few of us have as much to lose via privacy violations as do politicians.

Politicians would do well to remember that where data protection and privacy breaches are concerned, they live in glass houses.

Few of us have as much to lose via privacy violations as do politicians.

Politicians, political pundits, news readers, other public figures -- as the history of the past 10 years has shown, they've all got much more to lose from the publication of their communications than regular citizens.

And even when the communications of regular citizens are violated, the injury that occurs tends to affect the public figures we support more than ourselves. Think Hillary Clinton, think Donald Trump.

15
1

FYI: There's a cop tool called GrayKey that force unlocks iPhones. Let's hope it doesn't fall into the wrong hands!

WatAWorld

If you want to persuade the powers that be and the general public that this is dangerous

If you want to persuade the general public that this is dangerous don't do it using some complex argument about the police being a danger to public safety. Most people don't realize that. And most elected officials think they control the police.

To persuade the powers that be that allowing companies and government agencies to keep vulnerabilities secret is worse for them than the alternative.

Our insecurity is their insecurity.

- That our phones and computers can be cracked, Diane Feinstein's phones and computers can be cracked.

- If our phones and computers can be cracked, then the phones and computers of Republican and Democratic re-election campaign teams can be cracked.

- If means that the phones and computers of Goldman Sachs, the Koch brothers and George Soros employees can be cracked.

That our secret police can crack means their secret police can crack.

Our intelligence agencies can crack means their foreign intelligence agencies can crack.

Yeah, in Soviet Russia, in China, in the USA, even in Canada the police can kill you on video and generally get away with it. But that doesn't worry those in power since they think they control the police. Those in power would be/should be more worried that allowing these sorts of vulnerabilities to exist personally hurts them, their power and their wealth.

What GreyKey and Cellebrite are selling is the means for China to steal US trade secrets -- that is what our powers that be will care about.

4
0
WatAWorld

Re: "The problem is that the police has access to it."

"Currently, there are only two kinds of cops - bad cops and those who cover for bad cops."

Criminals, accomplices, and accessories after the fact?

3
0
WatAWorld

Re: "The problem is that the police has access to it."

"Would you like a world without law enforcement? Where only the powerful ones can enforce their own rules? And do you believe they will respect your rights to privacy, property, and life?"

Professional policing was invented by Sir Robert Peel in the 1820s. Civilization existed before then. Police forces are an optional extra, not something essential for the existence of civilization.

https://www.thebalance.com/the-history-of-modern-policing-974587

6
0
WatAWorld

This is more of a boon to America's enemies than to US police forces.

As Dale Carnegie says, "If you want to persuade someone, speak to them in terms of their own interests."

What US officials should be most concerned with is that the device and its techniques are easily available to foreign intelligence agencies for the purposes of spying on and interfering with US corporations, civilians, and political campaigns.

This is more of a boon to America's enemies than to US police forces.

5
0

Woe Canada: Rather than rise from the ashes, IBM-built C$1bn Phoenix payroll system is going down in flames

WatAWorld

What do you think the sales commission on that is?

"CAN$460m has been spent on support and fixes."

0
0

IBM declares it's the 'backbone of the world's economy'

WatAWorld

Re: The hubris - it burns...

IBM are a world leader in one area: mainframes.

IBM leads in mainframe hardware and mainframe operating systems.

Getting IBM to write the applications to run on your mainframe is something only fools and ex-IBMers do. Fortunately governments and major corporations employee a lot of fools and ex-IBMers.

6
0
WatAWorld

Re: Where will it end?

You also have the fact that with any of the major big outsourcing companies (not just offshoring companies), their company goal is to maximize their profits -- not yours.

- Driving other external competitors out internal of a client is a key goal.

- Driving internal expertise out of a client is a key goal. (Such a simple goal to achieve too: simply offer to hire the clients staff away from them).

- Internalizing documentation is a key goal.

- Ensuring a strong need for ongoing maintenance is a key goal.

- Building code that you can re-use on similar future projects with other clients is a key goal.

To an major outsourcing company, it is all about maintaining sales commissions by keeping the money train rolling.

The key skill isn't the ability to deliver easily maintainable systems with low error rates. The key skill is getting selling the client on accepting delays, escalating costs, and high maintenance costs.

9
0
WatAWorld

Re: A fine plan

What matters to IBM's executives and sales people is not the long term good of the company, but the bonuses and stock options they can get for cutting costs over the next 1 to 3 years.

The long-term 10-20 year picture is simply not their problem.

Western nations have been outsourcing large quantities of IT jobs to India for over two decades. So claims I'm reading here that outsourcing raises salaries in a country so rapidly that it is only feasible to outsourcers must change countries every 5 years are clearly false. Thirty years is more accurate.

So what was a great place to offshore (ie a great place to exploit low standards of living) starts to see rapidly rising wages and rising staff turnover. Wage inflation in Mumbai, for example, is projected to be 10% this year, against local CPI inflation around 3.5%.

Also, remember: IBM's core business is sales. The senior sales people and their executives are considered individual valuable assets, not commodities. IBM counts on its ability to sell services based on it reputation for quality and cost effectiveness in tech services back in the second and third quarters of the 20th century.

They feel they sales depends on the sales skills of their sales team, and that an adequate sales team can use smoke and mirrors to continue selling any kind of rudimentary commodity technical skills to government and corporate customers based on what a great company they were from 1950 to 1997.

8
1
WatAWorld

even nVidia is bigger now

Yesterday I was reading that even video chip maker nVidia has greater market value than IBM.

IBM is a has been.

The days of working at IBM in order to share the glory and reputation are long over (at least on the software side).

What I learned working there is that IBM is a sales company, and that technical commodities (such as technical employees) are mere overhead.

14
0

You can't ignore Spectre. Look, it's pressing its nose against your screen

WatAWorld

Re: State actors = malware developers

They have widely used tools, tools they know will be discovered by the other side because they're used so much and so many people internally have access to them.

And they have tools kept in reserve and only used sparingly.

Given that each of our intelligence agencies has many times more people dedicated to finding such vulnerabilities and exploiting them than Google does, and that they've all been at this game far longer, I fully suspect that Spectre and Meltdown were discovered and have been used by some of those tools that have been kept in reserve.

3
0
WatAWorld

Re: State-sponsored actors

Amazing how of us overlook the fact of their own governments are doing stuff like this to their allies, even their own citizens.

Yes, the NSA, GCHQ, Mossad, more than any other intelligence agencies they're likely to have known about this for years, decades, or maybe even before the hardware first shipped.

That they're on our side doesn't mean we should leave them off the list.

5
0
WatAWorld

Re: Arm A53

"Raspberry Pis and mid-range Androids aren't affected by Spectre."

You aren't implying they're a secure solution are you?

Yeah single threaded non-speculative processors aren't susceptible to Spectre, but they're susceptible to many many other publicly known and still classified vulnerabilities.

0
4
WatAWorld

I wonder how many years intelligence agencies have been using spectre?

Something to think about.

I wonder how many years our and their intelligence agencies have been using spectre?

Is it just years? Is it decades?

Did they know even before day one of device production?

And if not for "White Hat Hackers", I wonder how many more years would have gone by where only intelligence agencies (and maybe a few chip maker employees) knew about Spectre?

The bug was there for over a decade and no free-enterprise criminal figured it out.

There is a near endless supply of *obscure* bugs and *obscure* vulnerabilities that have been out there for years and decades that no free-enterprise criminal has figured out yet.

And none of them will be an issue until some PhD candidate or Google employee does a paper revealing them.

Security by obscurity: It isn't only Apple customers who rely on that. We ALL do -- even the NSA, GCHQ, Mossad, 3PLA, and FSB.

(The word "obscure" as used in "obscure bugs and obscure vulnerabilities" is important to my meaning. Of course vulnerabilities a criminal could realistically discover and utilize should be revealed. Vulnerabilities that have existed for decades undiscovered -- how likely is it that with so many other easier vulnerabilities to find and use they'd have invested the time and effort into this?)

I'm not sure the answer. Where do we draw the line at "realistically discover"?

And what new vulnerabilities are introduced by hasty fixes? (And in this case "hasty fixes" being fixed down with less than 2 years lead time.)

And even fully considered and tested fixes, the added complexity they'll create, will those introduce new vulnerabilities?

I don't know what to think, other than that there is no way to have complete security on a connected computer.

4
0
WatAWorld

For 5 decades we've known no connected computer is truly secure

Intelligence agencies spy on intelligence agencies, so clearly it doesn't matter how hard anyone tries, there will always be vulnerabilities in systems connected to anything.

You want real security: Lock your computer is a bank-quality safe in a faraday cage room. Never remove it from that room. Never connect it. Don't transfer data by any means other than retyping.

We've known this for 5 decades. And still there are people out there who think "one more patch and it will be secure". No it will not.

There will always be some link in the chain of any useful system via which information can leak out.

Please stop implying otherwise.

3
2

Memo man Damore is back – with lawyers: Now Google sued for 'punishing' white men

WatAWorld

Why am I instead reading strawman arguments in The Register instead of fact-based articles?

http://thefederalist.com/2018/01/10/19-insane-tidbits-james-damores-lawsuit-googles-office-environment/

Why does The Register carry so many strawman arguments on this issue? Why does it ignore people's own statements and evidence is going on?

What is wrong with The Register's editorial staff and what happened to journalistic integrity?

3
0

1 in 5 STEM bros whinge they can't catch a break in tech world they run

WatAWorld

Why am I not reading about this story in The Register?

http://thefederalist.com/2018/01/10/19-insane-tidbits-james-damores-lawsuit-googles-office-environment/

Why does The Register carry so many strawman arguments on this issue? Why does it ignore people's own statements and evidence is going on?

What is wrong with The Register's editorial staff and what happened to journalistic integrity?

12
1

Page:

Forums

Biting the hand that feeds IT © 1998–2018