* Posts by SolidSquid

676 posts • joined 13 May 2013


US DoJ files motion to compel Apple to obey FBI iPhone crack order


Re: Nope...

> Nope. Ubuntu is just as subject to US law as any other software. It doesn't have some magic exclusion.

Nope, Canonical is UK based, not US, so isn't bound by US law. Technically they could probably be compelled by the UK courts, but given the UK HQ is largely a technicality there's nothing to stop them just moving to a new location to avoid it

All-American Apple challenges US gov call for iOS 'backdoor'


Even putting aside the (very important) issue of encryption and the bypassing of it, this does raise the question of how much a court can compel someone to do. Can the court require a company to develop new software without any compensation for it? If so what other companies could be compelled to work for free under this precedent?

New Monopoly version features an Automatic Teller Machine


Re: Does it include ATM downtime?

"Your debit card was eaten. Lose the ability to swipe your card for 3 turns"

Brit spies can legally hack PCs and phones, say Brit spies' overseers


Didn't the NSA run into similar issues after Snowden's files were released? I seem to remember there being talk of them being banned from attending DefCon at one point (yes, I know they couldn't enforce it, but it would be legally annoying and was probably intended as a token gesture)

I wonder if this is going to be what causes them to implode, not some big scandal but just a brain drain as more and more of the people they would like to hire turn away in disgust, leaving them with a smaller pool to hire from and probably a less qualified one

IT's Holy Grail, but is DevOps a Poisoned Chalice for sysadmins?


Re: Bring on the Future

I've been messing about with Ansible and it's been pretty nice so far, although largely I've been using it to build a local development environment. Documentation seems pretty good now too, which I understand was an issue it had previously

This is why copy'n'paste should be banned from developers' IDEs


man true: returns true

Don't Fedex your tapes, people! We're so fast it's SANdulous – WANrockIT


Quick check of Amazon, a WD Red 6TB weighs 753g, so estimate for weight isn't far off but you can up the number of exabytes per plane to 6, making it 150TB/s

Alibaba security fail: Brute-force bonanza yields 21m logins


Re: 2 factor?

It's a way of offsetting liability. If the company recommends 2FA and you don't use it, well they of course can't be held liable for any breaches if you haven't done as they recommended

Remember Netbooks? Windows 10 makes them good again!


"Remember Netbooks? Windows 10 makes them good again!"

"The overall experience is not so pleasant that I'd use the machine for everyday tasks or foist it on the kids"

Surely these two statements are contradicting each other? If Windows 10 "makes them good again", surely that would mean they're usable on an every day basis and would make an ideal machine to pass on to your kids to use, as they would have been when they first came out

I realise there's a lot of people throwing about "just install linux" (and people annoyed at it), but in this case it does make sense. I've got an old Acer Aspire One which is running Linux and is a perfectly serviceable machine still for browsing, youtube and word processing. It's never going to run an IDE, but even when it came out that was a restriction on it because of the limited RAM expandability, but it definitely runs better with Linux and can do a lot more than you describe your machine in the article being able to use now you installed Windows 10

Official UN panel findings on embassy-squatter released. Assange: I'm 'vindicated'


"As the UK is not a party to the Caracas Convention, we do not recognise ‘diplomatic asylum’."

This might be the key point raised by the UK. It sounds like (and I'll admit, I haven't read the full judgement) the UN court's opinion is based on the idea that "diplomatic asylum" (which is seems is largely intended for extracting diplomats from war zones) should be recognised by all parties under this convention, but the UK not being a signatory is not bound by it and so does not have to recognise Assange's "asylum" claims

edit: Also from a quick look for the convention, it seems it largely deals with things like ships, which are able to transport a person back to the country they were granted asylum to, rather than an embassy. If Ecuador were to put him in a diplomatic vehicle he may well have been able to leave safely under this convention (if the UK was a signatory), but they haven't done anything to try and extract him either


We have nothing other than Assange's assertions about the possibility of rendition though. Plus Sweden has refused to extradite people to the US previously, and under EU law would need to do so in this case unless the UK was willing to sign off on it as well (one of the conditions for the EU arrest warrants). Frankly, he had a higher chance of being extradited by us to the US than by the Swedes prior to the high court case where the European arrest warrant was ruled to be valid


It's worth pointing out that the UN decision is not a "judgement", but rather an opinion, and doesn't have any legal standing (whether it might lend moral weight is more of a grey area). It's also not a unanimous decision, the representative of Ukraine wrote his dissenting opinion and pointed out it was pretty ludicrous to categorise jumping bail and evading arrest as "arbitrary detainment"

IoT lacking that je ne sais quoi? Try the IoTSP


"Internet of Things, Services and People"

So... the internet then?

UK taxpayers should foot £2bn or more to adopt Snoopers' Charter, says Inquiry


Re: if they collect every ICR ...

Classic counter intelligence work though, pretty much what we did to prevent the Nazis properly countering the Normandy landings


Re: if they collect every ICR ...

1) Plant virus on machine

2) Have machine generate ICRs which are known to get red flagged

3) Virus self deletes

4) Target is investigated for working with terrorists etc, with plausable enough evidence they did it that their public persona is tarnished indefinitely


"We need our security services to be able to do their job and prevent terrorism, but as legislators we need to be careful not to inadvertently disadvantage the UK’s rapidly growing Tech sector.”

Or, y'know, infringe on the rights of the general public. I realise making money is important, but it's not the *only* consideration with regards to whether this is a good idea or not

Leak – UN says Assange detention 'unlawful'


I'm curious what the details are on this if it's true. Seeing this is a ruling which should be based on international law, it should detail what aspects of his staying in the embassy are a violation, and also likely depends heavily on how the question to them was framed

Assange will 'accept arrest' on Friday if found guilty


Re: Its not "rape" as almost every other nation understands

From what I recall the reason it was considered rape (or a variant of it) was that she had given consent on the condition that he wear a condom. If he continued despite knowing the condom had been removed or removed it himself without her agreeing (which was what I'd originally heard) that would mean that condition had been broken and it would no longer be considered consensual, even if she hadn't been aware until the end, and would be considered a crime in the UK as well.

I'm sure there was also an accusation that he had sex with her again after she was asleep, when she would be unable to give consent and so would be considered rape pretty much anywhere


Re: Don't like his chances

"It would be hard even for them to show that an offence in US jurisdiction had been committed."

Iirc the closest they've come to a valid complaint is that he (apparently) assisted in the removal of the classified data by advising Manning on ways to remove it without being detected. It's still pretty flimsy, and depends on him being able to be charged for conspiracy to commit a crime while not within US jurisdiction, but it is a potential criminal charge


Re: Maybe not Friday.

The problem Sweden have is that their legal process requires someone to be arrested and in custody before they can bring charges, they're not able to bring charges or hold trials in abstentia. They also agreed to a remote interview recently, but Ecuador insisted that they be provided the questions and do the questioning on Sweden's behalf rather than Swedish prosecutors being able to question him directly, which Sweden refused

US government's $6bn super firewall doesn't even monitor web traffic


Re: "... six per cent coverage ... for $6bn"

Don't be silly, government IT spending is done on an *exponential* curve, not linear. They need $6 trillion to hit 60% coverage


Re: Off-the-sehlf system

Considering the budget for this would allow you to buy over 8 million of those, I'd say scale isn't likely to be a problem with the off-the-shelf approach

For sale: One 236-bed nuclear bunker


Of course there's still the big question. Can you get cable or are you stuck with phone lines for the internet connection?

Windows 10 will now automatically download and install on PCs


Re: Sigh - Not again

Having had to do some setup work on my boss's laptop after he installed Windows 7, it really isn't the same UI and some stuff doesn't seem to work properly (in this case networked printer detection)

Chip company FTDI accused of bricking counterfeits again


Re: Misleading title

From what I understand, the check this is using to tell fake from real is an implementation difference between FTDI and other chips which are based on the same standard, and because of that it's unlikely it will trigger false positives as the FTDI chips are explicitly designed in a way this wouldn't work on them


Re: Not counterfeit

"They have FTDI's trademarked logo on them"

From what I remember of the last time this was going on, a lot of them actually didn't claim to be FTDI chips. They claimed to be generic chips which did a similar job, but were piggy backing off of the drivers for FTDI chips to make it easier to link up with Windows.

Also, in the case of those which *are* counterfeit, this isn't actually doing anything to harm the counterfeiters, just the end users who bought what they thought was a legitimate product. All it really does is tarnish FTDI's name and cause the customers to look elsewhere

State Department finds 22 classified emails in Hillary’s server, denies wrongdoing


Re: Translation lost across the pond

"The only reason she is not in jail is because she is a Clinton"

Or they don't have sufficient evidence to bring charges yet, or they want to avoid bringing multiple cases and instead want to have a single case with all the charges they can bring (more chance of one sticking), or just possibly she hasn't actually committed a crime (doesn't mean it wasn't a colossal screw up, but not necessarily criminal)

Former tech PR Jeremy Hunt MP ordered by judge to delete tweet


Re: The judge should apologize

As BurnT pointed out, it's only during the trial that there's any restrictions on discussing it, and it's intended to reduce the chances of biasing the case. Eg, if there's active discussion on it by people in the court then there's a better chance of the jury seeing it, or if they have to replace a jury member it becomes much harder to find someone who hasn't been biased by hearing an account from inside the court. Once the case is over though you can give whatever your opinions you like, including that the judge was wrong.

Also, while technically a judge might not enforce it against one side if he's biased, by definition this is supposed to apply to *any* discussion from inside the court, regardless of which side. Unless a judge has explicitly allowed it you aren't supposed to publish any of the court proceedings from within

edit: It also doesn't apply to people outside of court. Afaik people are free to give their opinions of what's going on in the trial, it's only when it's someone who's actually attended the trial that they run into issues with this

Continuous Lifecycle: Bursting with DevOps and CD goodness


Re: So that explains...

As far as I understand it it's meant to encompass any tools and methods for using automation to make code management, testing and release easier for developers, as well as using them to standardise environments, reducing the chances of bugs cropping up as a result of, say, a different version of Apache on development machines and production

With web applications you might have it so, when code is merged into a testing branch it spins up a test environment using the same software versions etc as live, runs through any unit and functionality testing, then either forwards it on to QA for testing or back to development. Then once QA has tested it they can either reject the merge and send it back to the developer or queue it for release without needing to talk to someone who does release management. Desktop software would be similar, but would also do test builds and wouldn't release to production for initial release, then would be used for managing and releasing patches

Of course it does rely on it being properly implemented, as a bad implementation would probably result in more work/problems than doing without, and it also needs to be adapted to whatever your working at. It's nothing new really, just a shiny new badge which makes it a bit easier to sell management on letting you dedicate some time to something which should really be getting done anyway

Trump's new thought bubble: Make Apple manufacture in the USA


Will Trump also be moving the manufacture of his ties and other clothing lines to the US? There's a few interviews now, starting with one with Letterman, where it's been pointed out he's manufacturing a lot of his products in China and Mexico

Adblock Plus blocked from attending ad industry talkfest


Re: No browsing on phone...

Pretty much in the same situation, although I do have a few sites I white list. There's also the security issues which come with allowing ads, a friend of mine decided to do the whole "pay google for no ads" thing for a couple weeks and ended up with their first virus in years (a trojan caught by anti-virus fortunately). There's far too little work that goes into checking that ads are sanitized if they're going to have dynamic content

GCHQ summer schools to pay teenage hackers £250 a week


"We encourage them not to mention it on CVs they upload to the internet"

It'll be good experience and look great on your CV! Just don't add it to a CV any technical companies are likely to see

French say 'Non, merci' to encryption backdoors


"I'm not a mathematician or IT security professional, as you know. And once the facts had been made sufficiently clear to me I changed my mindrealised that, given the facts which have been uncovered since the events in Paris, and having had time to reflect on the current state of our security services and advice given by those who are industry experts, it would be worth considering alternative paths as well as those previously put forward so that we might find the best possible approach to improving our ability to discover and intercept attempts at terrorist attacks"

Followed by never mentioning it again. Except maybe putting together a committee to discuss the matter which never reports any findings publicly. No politician would actually admit to changing their mind after all, it would suggest they might have been wrong before rather than "over zealous with regards to a quick resolution of the matter"

El Reg mulls entering Robot Wars arena


I understand the Mythbusters crew were asked to leave the American tournaments twice because their spinning wok with blades welded on threw so much shrapnel around, seems that would be a good starting point?

Fortinet tries to explain weird SSH 'backdoor' discovered in firewalls


Not sure why backdoor and "management authentication issue" are necessarily mutually exclusive, it seems that the issue in question is them installing a backdoor into the firewalls

Reverser laments crypto game protection, says wares dead after 2018


Re: Just works

"I have solved the DRM problem by simply not buying any game which has any DRM. So I have the witcher 3, and Kerbal space program, but not much else"

Take a look at GOG.com, you can get a lot more than just those two and none of their games use DRM afaik. Even the installers can be just downloaded and stored locally if you like


Re: How long had you played it for?

Really wish I'd thought of this when I picked up a copy of GTA 5 and still hadn't finished downloading it when the sales came and the price dropped by 40%


Re: Good

"Then is the time to break the DRM. Yes, DRM is stupid. But enabling "piracy" while the system is active is childish."

If you're working with an authentication server then, chances are, once the authentication server goes dead there's no way for you to work out what it was sending back. Listening in on the traffic between the game and the authentication server is a large part of bypassing it, so it really does need to be done while the system is still active. Also, as with the new Simcity game, there are a lot of single player games which use an authentication server and don't need to, and turning off the authentication is a way to play it if you don't have reliable/working internet all the time (someone who plays games on their laptop while travelling for example)

None of this justifies copyright infringement, but I can't really fault her with bypassing something which only hurts people who buy the game legitimately and risks the game going dark completely at some undefined point in the future

If you want a USB thumb drive wiped, try asking an arts student for help


Re: Encrypted by default

Sorry, I'll need your public key to tell you what I was saying

Longing to bin Photoshop? Rock-solid GIMP a major leap forward


Re: RAW?

Have a look at Darktable, it's got support for RAW formats and a decent amount of image processing. You might have to export to a non-RAW format to do some of the more advanced stuff in GIMP, but it should do a decent amount of the basics


Re: Does it still hate the user?

Don't know about Gimp, it's always had a degree of "we're not photoshop, so we'll do it our way" attitude to user feedback, but Blender's made some big updates over the last few years as a result of the feedback from the Blender Foundation animation projects (which are largely funded to provide real world feedback on the software). I still wouldn't call it "easy to use" since most 3D modelling and animation tools tend to be a bit on the technical side, but it's at least on par with things like Maya for usability and the workflow works well once you get into it

ISPs: UK.gov should pay full costs of Snooper's Charter hardware


Re: "UK.gov should pay"

Even raising taxes aside, announcing what's essentially a government IT project which is anticipated to have a £2 billion price tag from the beginning is going to cause a significant amount of noise in the media, especially with how badly past ones have gone and how bad the overspend tends to be (what's the chances this ends up closer to £20 billion?)

Security bod watches heart data flow from her pacemaker to doctor via ... er, SMS? 3G? Email?


Re: Can also be used for good

And if you get bored you can play some Doom on your pancreas

GCHQ mass spying will 'cost lives in Britain,' warns ex-NSA tech chief


Re: The man is absolutely right!

Better data parsing to make extracting the important information easier basically. Which is something they still haven't managed to with the *existing* data loads, so I don't know how they expect to manage it with larger ones


Re: So that's what it takes to get a senior ex spook to tell the truth.

It's not an ethics violation if you repeat lies someone told to you, only if you lie yourself. Carefully crafted ignorance can be a very valuable asset for a lawyer in the right fields

Brit cuffed for Kyrgyz 'horse penis' sausage quip


Hey, only the very best sheep lungs go into our haggis!

Software bug sets free thousands of US prisoners too early


Re: Well, so much for reform

I was wondering the same here. If there's been releases within maybe a month then sure, I could see those people being brought back, but given they screwed up bad enough that it's been 3 *years* since the issue was found and it's not been fixed it seems like that should fall on them to just accept it. If it hadn't been so long ago then parole might have been a more reasonable response (basically converting the remaining time to parole time), but after 3 years I doubt even the parole time would still be running, especially if the median early release is a month and a half

No £160m for you: BT to receive termination notice from Cornwall before Christmas


Re: "BT Cornwall will continue to provide high quality services"

They still do boast about that though, don't they? I just always took that to be in the same vein as BTs statement about delivering high quality services

City of London cops in Christmas karaoke crackdown shocker


Re: Costing money? How?

They might argue that people having access at home would be less likely to go to karaoke bars/nights with legitimate licences, meaning the business case for hosting them is weaker and therefore they sell less licences. Also they might argue that, by the fact that the tracks are available free, there will be less of an incentive for people to buy legitimate licences. Will be a pain in the ass for them to get actual monetary numbers on that though


Re: Why?

If it's able to be classed as commercial activity then it goes from plain old copyright infringement, where they'll actually have to prove how much was lost by the licencing companies (which will be difficult if the article is accurate and these weren't sold to the public) to commercial copyright infringement which has set penalties and was intended to be used against people selling bootleg CDs and such, plus I believe (although I could be wrong) that it has to be commercial copyright infringement to be classed as a criminal act, and if they can't prove that then the onus is on the licence owners to bring a civil case

Basically the police are certain the law has been broken, it's just a matter of whether it's civil or criminal, what needs to be proved and what form the fines/charges would take


Biting the hand that feeds IT © 1998–2019