* Posts by Jack of Shadows

2379 posts • joined 11 Jul 2014

Don’t fear the software shopkeeper: T&Cs banning bad reviews aren’t legal in America

Jack of Shadows
Silver badge
Meh

Re: Now for the fun part: what happens if someone DOES include those terms?

Someone also worked out that if we actually read all the T&Cs forced upon us over a lifetime it would take ~10 years to read all of them.

Not so much. After a few dozen you get the flow in these things. After a while it's more like running a checklist, just as is the case with most boilerplate contracts. Then you notice what they don't cover.

1
0

Sigfox doesn't do IP and is therefore secure, says UK IoT network operator

Jack of Shadows
Silver badge

I went and looked at the frequencies used and they are very accessible using something like the mini LimeSDR which isn't at all expensive. I can just picture hacker's response to this PR: "Hold my beer."

9
0

Chatbots: A load of hype or fancy lifehack for the lazy IT person?

Jack of Shadows
Silver badge

Re: Oh God no...

Yep. Take-downs are meant for this. More worryingly in my section of the universe, doing any sort of security research on them will net you the CFAA in violation of the DMCA if past practices continue. I understand there's a similar gaping trap over in the UK for same.

1
0

Slain: Unions' US OPM mega-hack lawsuit against Uncle Sam

Jack of Shadows
Silver badge

I'm one of the people caught up in this due to my security clearance. I don't see the Chinese, if they really are the actors involved, using this for financial gain. Crossing fingers. Just being able to identify individuals who may be agents of the US is probably enough gain. Now if a "spy" gets killed or suddenly we wake up to fraud against our accounts, then you can say harm has occurred.

It might be nice to be able to file a claim against the US government. Hell, given that the VA did the same with my records, I'd have two claims, even ignoring other incidents (and that my identity has already been stolen at least once). However, no matter what the outcome, I can't see the US government being able to sufficiently tighten safeguards as to make a difference. Fines against government agencies do not result in altered behavior. To them, it isn't real money.

12
0

Researchers claim ISPs are 'complicit' in latest FinSpy snooping rounds

Jack of Shadows
Silver badge

Re: VLC + WinRar

They don't have to sneak it into a repository or app store. The trap the download request and substitute their trojanized version mid-flight. I'm getting the sense that immediately checking the hash after a download but before an install is the only way around this but (1) people have not a clue on what to do let alone how to do that; (2) while extremely difficult for an individual, hash collisions can be engineered. Not at all easy, but guess what? Far easier for a nation-state than for most corporates, even an enterprise.

Given MITM attacks nation-states are also known for using, this is an utter mess. Normally, I'd say the regular people don't need to worry about this since how many nation-states target individuals. However, this is the exact situation where being a member of the media, involvement in what are usually considered innocuous civil rights groups, or being related to or friends with either sorts, get you targeted for arrest, prison sentences, and/or death. I've been following civil rights news for decades now and that all happens on a depressingly regular basis.

The one difference between the great powers and smaller nation-states is that the "little guys" keep it personal. Usually. Piss off my government, it's death from above and who the fuck cares who you are with. The "right" IMEI number is good enough for that.

Pardon me while I go throw up.

3
1

UK Prime Minister calls on internet big beasts to 'auto-takedown' terror pages within 2 HOURS

Jack of Shadows
Silver badge

Re: May and a Flea

I would not the least bit surprised if we had to resort to imaginary numbers on the result of her IQ test. Basically we need to resort to polar coordinates, specifically angle, to explain any subjects divergence from reality. As an example, Donald Trump is actually fairly bright (two standard deviations from the mean) but his divergence from reality places him somewhere between, say, 160 or 175 degrees out. That's still a bit of a guesstimate. I'd have to suffer through more of his media events and tweets to make a final determination.

Some time ago, I was in love with a young lady, definitely for marriage, that was extremely bright. That's a requirement for my future sanity. However, her connection to reality was very tenuous, at best. *I* could follow her departures into fantasy disconnected from the universe. Sadly, she married another gent who was committed to an asylum two weeks after the weeding.

All of that is just to say, things aren't so simple as a simple number (magnitude) can describe. Oh, and from personal experience, I've had more than a few breaks from reality here, so I understand it a bit more than some.

9
0

AI slurps, learns millions of passwords to work out which ones you may use next

Jack of Shadows
Silver badge

Re: Feed this

Long ago I set my personal policy of turning away completely whenever someone is logging into whatever was required. Similarly, I'd tell people to turn away while I am doing the same, especially when using system administrator and domain-level credentials. I don't want to know what your login looks like. Hell given my druthers, I don't want to even know how long a string it is. What you don't know, access-wise, as a matter of policy generally won't come back and bite you in the ass.

4
0

New HMRC IT boss to 'recuse' herself over Microsoft decisions

Jack of Shadows
Silver badge

Re: National security

Although I have to wonder if reports on the applications your firm is using might be turned to Microsoft's advantage one way or another. Any insight is useful when the salesman comes to call.

4
0

Grab your popcorn: The first annual Privacy Shield review is go

Jack of Shadows
Silver badge
Facepalm

The timing is interesting over here on our side. After Canadians and British citizens were caught up in the Equifax dump, the FTC has said that it is opening an investigation. Any other time and nothing is heard from the FTC until an investigation is nearly, or actually, complete. Of course, Equifax has already said that was down to a misconfiguration error. That's for your officials, as well as the FTC, to sort out the justice there.

Still, I have trouble seeing the tremendous number of bureaucrats calling one another about the imminent review and Privacy Shield review.

0
0

Google sued by Gab over Play Store booting

Jack of Shadows
Silver badge

We've already had this debate...

... several times since the '80's. I've seen this come and go over the last three decades and in every case, i.e. court case, it's been determined that the right of free speech does not apply in a corporate provided service. You comply with their terms and conditions (EULA, whatevah you want to call them) or you don't get to play there. Yet another case isn't going to result in a different result, even if you can tag that corporation as a monopoly, which it isn't in this case as there are other providers of applications and other platforms.

Good luck to Marc on this one. He's good, damned good, on this topic but I see no traction here.

7
0

Windows 10 Creators Update will add app-level privacy controls

Jack of Shadows
Silver badge

Re: Sorry Microsoft

I use a VPN and, since I spend most of my time on UK/EU sites, the exit point is in Europe. Damn few sites get it right even when I do give permission. So joining in the laughter.

0
0

Pennsylvania cops deploy electronics sniffer dog to catch child abusers

Jack of Shadows
Silver badge

Sticks? Try uSDXC. Much smaller, if more expensive.

0
0

UK Data Protection Bill lands: Oh dear, security researchers – where's your exemption?

Jack of Shadows
Silver badge

Re: But if you think that's bad, consider it from the other EU members perspecitve.

The problem with "Don't deal with the UK" is that it may break some of their (EU company/division/governmental body) processes. That's also the problem with the USA being sometimes inside a boundary, sometimes out, depending on the current legality or not depending on the phase of the Moon in the EU (ECJ). Increasingly anything transnational is a nightmare and only seems set to get worse.

Anarchy is sounding better and better.

1
0

Kaspersky shrugs off government sales ban proposal

Jack of Shadows
Silver badge
Devil

Strangely, it's not the governments of Russia or the PRC that are on my threat list. I wonder why that might be?

18
1

Government lab that gives a crap pushes open source

Jack of Shadows
Silver badge

If you are "into" simulations, modeling, and certain types of engineering, it's well worth checking into there. Far more than the article lists.

1
0

Boffins' satcomms rig uses earthly LEDs to talk to orbiting PV panels

Jack of Shadows
Silver badge
Pint

Very nice! I've taken to paying attention to various NASA channels. It's surprising that many of the various projects live right now don't use all that much bandwidth. True, if you want all the data immediately you need a stupendous link. Most things don't though. Anyway, worth a pint or three.

8
0

North Korea attacks Bitcoin bods to swell its war chest says FireEye

Jack of Shadows
Silver badge

One of two ways. Use crypto-currencies directly to purchase what they need in various black markets or they convert to fiat currencies and use them around the world. Despite all efforts to the contrary, goods still arrive in North Korea over the various smuggling channels that long been in place along the borders with the PRC and with Russia. Short of an absolute blockade with thousands of troops, you aren't going to shut those down. This is all an old game for DPRK predating US and ROK interests in keeping them isolated as a result of their nuclear program.

9
0

Monkey selfie case settles for a quarter of future royalties

Jack of Shadows
Silver badge

Re: Interesting principles behind this

Tool use and the making of tools is not limited to primates. There's ravens and cockatoos that'd trash that separation.

2
0

44m UK consumers on Equifax's books. How many pwned? Blighty eagerly awaits spex on the breach

Jack of Shadows
Silver badge

Similarly it 'Jean-Michel Jarre'. A favored composer here and there's damned few living ones I can say that about.

0
0

Boffins fear we might be running out of ideas

Jack of Shadows
Silver badge

The most interesting advances, and along the lines you are suggesting, seems to be in materials science. Graphene is only one (trite) example of a discovery with broad reach across engineering domains. The problem there seems to be sharing discoveries in new materials and discovering which team is research what materials. I've come across duplications in that research which results in multiple teams discovering the same material applications. Perhaps opening up the information channels might further improve efficiencies.

Just my $.02.

23
0

Hi Amazon, Google, Apple we might tax you on revenue rather than profit – love, Europe

Jack of Shadows
Silver badge

That's what I'm waiting to see. Our elites here in the US seem to be pushing that ball ever so slowly towards that end goal while keeping it imperceptible to most. [How to boil a frog.] After all, they have free speech. What other rights can they accrue?

4
0
Jack of Shadows
Silver badge
Alert

Precisely the points I came here to make. This is online to become a Alternative Minimum Withholding Tax for firms domiciled outside the EU. Or will it also effect EU firms operating outside their home country? Probably not.

It really will get interesting if BREXIT unfolds the way as currently mooted. Dear City of London....

Icon for that last bit.

1
3

FireEye pulls Equifax boasts as it tries to handle hack fallout

Jack of Shadows
Silver badge
FAIL

Yep. Going after me is a waste of time. The interval of my having money and not having any more is measured in hours, just paying the bills. Likelihood of obtaining a credit card or line of credit using my personal information? Zero. That's what a 78 gets you. (I know that's supposedly an impossible number but it yet remains 78.)

0
0

Google to kill its Drive file locker in two confusing ways

Jack of Shadows
Silver badge

Re: More shitware

I'm pretty sure that each of these whatevers are all side projects that you work on your own research time. Chat is, truly, a common aspiration so no surprise that there are at least 5 people, or teams, working on that alone.

0
0

FBI probing Uber over use of 'Hell' spyware to track rival biz Lyft

Jack of Shadows
Silver badge

Re: Uber - All of your evil are belong to us

Down vote as the only result of previous legislation, investigation and punishment is that every other corporation besides the ones that had bought the right politicians and regulators were put out of business. That's what will happen here. Crony Capitalism is very, very old. Older than capitalism and that's a neat trick indeed.

1
0

Secure microkernel in a KVM switch offers spy-grade app virtualization

Jack of Shadows
Silver badge
Devil

Re: Proof of correctness proves what, exactly?

Not entirely quiet on the AMT vulnerability. Just a few days ago a hidden register was discovered that allows you to block AMT entirely, put in as a requirement by some agency or agencies apparently. No statement on who required it or why it was intentionally concealed that this "feature" could be turned off.

2
1

Facebook promised to open up its log storage system

Jack of Shadows
Silver badge

It's “designed to keep the number of disk seeks small and controlled, and the write and read IO patterns on the storage device mostly sequential”, the post says.

That has immediate value here and not just for log data (real concern here) but in other database applications that share this characteristic pattern.

0
0

Yahoo! must! face! the! music! over! data! breaches! judge! rules!

Jack of Shadows
Silver badge

They cant prove it but you Yahoo can't disprove it either. Unless there is a card only used in one place but seriously how many people do that.

At least one here. I have a card that is only used for my storage bill. Two reasons: it's the one bill that goes through no matter what until I'm dead; should it leak somehow, I know whose gonads to crush.

1
0
Jack of Shadows
Silver badge
WTF?

Re: Now for the Vultures

If there's a high yield account out there, I want to know so I can possibly get in on the action myself. Not likely to be let in though. Not enough millions lying around.

0
0

Linus Torvalds passed a kidney stone and then squeezed out Linux 4.13

Jack of Shadows
Silver badge

Well aside from link not found error, as I've admitted on many an occasion, I am demonstrably not sane.

3
0

Oracle staff report big layoffs across Solaris, SPARC teams

Jack of Shadows
Silver badge

Dammit Larry, you had one mission...

...continuing to create new ways to lock in your customers. By owning the hardware, OS, applications, and signing up any and sundry to Cloud to boot. Looks like you took a shotgun to that idea. Synergy can be a thang if you do it right.

13
0

We experienced Windows Mixed Reality. Results: Well, mixed

Jack of Shadows
Silver badge

Re: Doomed to fail (again)

That's my list of improvements right there aside from something more glove-like for the hand's position reporting to the application(s). My use here for it is AR and VR for various types engineering and what they are labeling Big Data and AI. Lastly, it would be sweet if multiple applications can share the environment. Perhaps with voice to switch between controls. Eventually, I'm going to want gaze tracking and voice command only as I lose the rest of my body. That would be a wonderful combination for a whole lot of people with certain disabilities.

Looking at the stacks of parts around me at the moment, hardware isn't the problem. Getting the UI is. But, we already knew that. I fully expect one more generation of this from Microsoft to see if they can manage to get it right. We've had two and it takes Microsoft, on average, three to get something vaguely useful. Or not at all.

0
0

'Independent' gov law reviewer wants users preemptively identified before they're 'allowed' to use encryption

Jack of Shadows
Silver badge

Re: Lack of encryption jeopardizes politicians more than most of us: look at Clinton

Our security services will control everything, especially politicians.

The don't already? Pretty much, They do. Looking at what's happening in American society, I see repeated examples of the "Establishment" trying to contain and force Donald Trump back on to the reservation, limited to communicating in "Establishment" ways via "Establishment" media corporations, on "Establishment" topics, and so forth. Absolutely loathe this toad, he's antithetical to everything I've discovered by a lifetime of observing this society. Textbook example of "A Bull in a China Shop." I just wonder how much will be broken by the time this is all over, perhaps literally.

4
0
Jack of Shadows
Silver badge

Re: For Journeys Never Before Realised as Being Easily Possible and IntelAIgently Designed Probable

What we have with our elites, Politically Inept and Corrupt, is a failure of vision. So damned depressing.

4
0
Jack of Shadows
Silver badge

Re: Looking through the wrong end of the telescope

Governments would be better served by partnering with industry to help develop, distribute, and provide funds for deployment of detection and reporting mechanisms and grants for development of new technologies.

The sad and sorry truth is that those supposedly In Charge, be it political, economic or institutional can't get it through the blinding prejudices and beliefs that here is something that can be milked for generations and the cow will likely enjoy it. IF DONE RIGHT. There are generations of advances in adding increasingly more compute nodes, more network nodes, and totally insane amounts of storage to which you will attach the first two locally to the storage. Secure methods are needed everywhere to prevent the "bad people" from misusing them to damage systems, even to kill. Treating it like, e.g. the Space Program, with grants, contracts, and other government issued plums is like a Christmas that never ends.

And they are too crazy to see what is sitting right in front of them.

4
0
Jack of Shadows
Silver badge

Re: Folly of the Yes Men....

I fully expect somewhere in the list of responses will be the requirement for licensing for people working in information security, thus extending government control of its practitioners. Any activity without a license will be subject to penalties the same as with supporting terrorism. One need only see what the US is doing to people selling BitCoin without a license to see this extension of licensing requirements happening. China is well in advance as well.

Forcing practitioners to be licensed or forced underground would be just the idiotic idea I see taking place in government circles. You really, really don't want to alienate this crowd, but alienate them it will.

Seems I'm in radical, frothing at the mouth, anarchist/power-conflict-libertarian mode today. My apologies.

8
0

China's cybersecurity law grants government 'unprecedented' control over foreign tech

Jack of Shadows
Silver badge

Re: Or to put it another way...

As had been the case with the "wily Japanese." These playbooks are neither new, nor original.

0
0
Jack of Shadows
Silver badge

Re: Just stop buying Chinese made kit...

That bit of history, ignoring copyrights and patents registered in other countries, isn't taught in any history course in primary or secondary courses. It took a course at the university in the history of American Economics (love the inherent conceit about which America) to come across it. Similarly, it took one on Labor Economics to get the back story (conditions) that lead to the labor related actions of the 1700's, 1800's, even 1900's. We, as a nation and various peoples are depressingly ignorant.

9
0

Bitcoin Foundation wants US Department of Justice investigated

Jack of Shadows
Silver badge

Re: Bad lawmakers make bad laws

Because she belongs, body and soul, to the intelligence community. She happens to be one of my senators and has been like that most of her tenure. There's reasons behind that but best not discussed in open forums.

7
0

Deputy AG Rosenstein calls for law to require encryption backdoors

Jack of Shadows
Silver badge

What happens when...

... Russia, China, and the other 260, or so, law enforcement require access for their criminal investigations? And that investigation involves agencies or persons working for the government? In a classified matter? Need I go on? Beware what you ask for.

6
0
Jack of Shadows
Silver badge

Re: An unbreakable backdoor would be nice

Getting shot by shit your own side sold to the (later) enemy is a fine American tradition. At least you know the characteristics of the weaponry and their quirks. Might help somehow.

I believe we got this tradition from the British.

11
0
Jack of Shadows
Silver badge

On the bright side today, the California Supreme Court shut down retention of automatic license plate recording data. Have to wait for the full judgement to see how effective it will be against private firms, not just law enforcement. The LAPD ain't happy. Good.

12
0
Jack of Shadows
Silver badge
Holmes

Re: Impossible

That level of pain is normal here, and yes I'm serious. I've been tasered and that didn't work out so well for the cops. Hardest part was pulling out the hooks. The shock did nothing. They decided that talking me out of one of my rambles was better idea.

The real problem for law enforcement is that it's only companies that they have a real bit of leverage on. I'm now a private citizen and unless they figure out some way of banning encryption entirely, there are probably close to a myriad of ways we citizens can short-circuit their monitoring. Save for the point to point metadata, and some of that can be scrambled too, the content is a mystery.

They've been told and told that only by leveraging the end-point (hacking the devices on each end) will they be able to gain access to the content. And that's dead on*. Anything else is a pipe dream and as I recall, AG Sessions has a thing about people that smoke drugs.

* - In the military I worked professionally in a dozen fields of engineering, half that in analysis (including intelligence), had a nuclear security clearance, and used to fix NSA gear when it broke and the cryppies couldn't fix it. [Real easy to troubleshoot if you know what should be looking for in-circuit.] Also a computer scientist, statistician, econometrician and a bunch of other applied math stuff. The point of this footnote is that there isn't a damn thing in the world preventing me from literally encrypting the world+dog, should I choose to do so. The hardest part is killing side-channel attacks. And then, share the results. Short of locking me up forever which will have to be solitary since there's stuff they don't want me to talk about. Ever. And I'm far from the only one with these distinct libertarian/anti-authoritarian impulses.

16
2

Living in space basically shoves a warp drive into your blood stream

Jack of Shadows
Silver badge
Headmaster

Re: Prevention is better than cure.

Any ground-pounder with any chance of battlefield survival knows about up and down, in addition to check-six. Any naval officer better have that imprinted on the inside of your eyelids. It has been my displeasure to learn both as I have this funny sense of self-preservation.

Which is why I didn't buy that sequence in ST:Wrath of Khan.

8
2

Intel ME controller chip has secret kill switch

Jack of Shadows
Silver badge
Black Helicopters

Re: Let's reimplement

Aside from any efforts in that direction, I'm also looking at the various other retro-computers out there, e.g. Spectrum Next, for offline encryption/decryption to be connected to my inner network by a data-diode. There's a bunch of us tucked here and there looking at the problem.

In any case, bringing back mi Amiga would be justification enough ;-).

1
0
Jack of Shadows
Silver badge

Re: The mind absolutely boggles.

And if you look at the contents of ark.intel.com, Intel are masters at either product differentiation or obfuscation depending on your point of view.

1
0

Dell's flagship XPS13 – a 2-in-1 that may fatally frustrate your fingers

Jack of Shadows
Silver badge

Re: Power on LEDs

Asus S202E, LED's are on the forward left visible from above or front. And the brightness is perfect here. I really, really love this laptop which powers its way through all the loads I overload it with.

0
0

VMware-on-AWS is live, and Virtzilla is now a proper SaaS player

Jack of Shadows
Silver badge

Re: Hyperconverged isn't for everyone

What I've settled on is pair of Xeons, max memory, some flash (NVMe, SSD, stick even) to get things rolling, with logging, and as you've said a filer. I've settled on BSD (for ZFS) for the latter. The only fly in the ointment is network which is only 1Gbps, something I'll be correcting here in the near future. Then things will be a bit more nimble.

Given that the flash is swappable, the hypervisor can be swapped as well. Hyper-V, VMware, bhyve, so far. All that memory is really handy for in-memory database work or plenty of VM's, or both. Analytics is a thang for me, as is machine learning/big data/predictive analytics/whatevah. Something I've been doing since '75. In this context, I'm still trying to figure out what HCI buys me. I've no problems seeing what VMware has on offer here. Completely out of my budget, still a really good place to be if I did have it.

I'll be waiting with bated breath to hear Trevor and the rest of the field people have to say.

0
0

James Webb Telescope will be infatuated with Europa and Enceladus

Jack of Shadows
Silver badge

Re: Active for five to ten years

There probably more than a few that would be figuring out how to pay NASA so they could make the trip. I'd go.

1
0

Forums

Biting the hand that feeds IT © 1998–2017