Posts by Ross

Size?

I can understand that ppl would be upset by a lack of information sharing, but it smacks of face saving really.

Ok, they might not know that the object is man made and intended to come by that close, but surely they can tell how big it is?! I'm guessing it ain't the size of Indo China and so we can all breathe easy. In fact if it were to smack right into us I reckon the headlines would be more along the lines of "ESA blows up *another* satellite" rather than "OMG we're all gonna dieeeeeeeeeee!".

Surely the real story here is that some boffins can shoot a satellite a few million (?) miles out and miss the planet by less than half its width! I'd love to know the (Paris Hilton) angle on that one.

A paltry 450MW?

450MW is less than the output of one coal fired generator (i.e. < 1/4 of one power station). I totally agree that we need to move to clean and renewable forms of energy, but wind hasn't really been harnessed very well yet.

It takes up huge amounts of space and doesn't make that much electricity. It's also expensive.

The thing to remember is you will always get a lot less energy out of a generator than you put in. Coal runs around 30% efficient if you are *very* lucky, gas is a bit better. Unless you can find an energy source that has a least 3 times the energy in it that we can extract in some form than we need, then we're going to have a problem.

Cutting energy usage will probably have to be the priority for now until we get hydrogen based technologies working.

Prevention of Terrorism Act

The laws on armour in Parliament and killing Scotsmen in York both make sense in their historical context. At one point the border with Scotland was effectively at York. Any armed Scotsman inside the walls of York would have been an enemy combatant and fair game. If the law still exists I wonder if that means York is still legally at war with Scotland.

And why no mention of the Prevention of Terrorism Act 2005? It's got to rank up there somewhere?....

Practical?

I presume they'll squash a BSD kernel into a ROM chip with a cpl of tools (I don't see them rushing to use GPL'd code) The problem is unless you're running a builtin network card (wired or wireless) isn't it unlikely that you'll have the drivers available to be able to connect to the internet to read your mail? I have a USB WiFi dongle 'cause I don't think WiFi (or colour TV) had been invented when I got my box for example.

It's a nice idea - want to check your mail but you have to leave the house in 5 mins tops so you can't wait for Vista to boot etc. I'm just not convinced it'll be practical for everyone at the moment.

Not an Apple prob

Ofc OS X has security holes. The fact they haven't been discovered or publicly released doesn't mean they don't exist. Take format string vulnerabilities for example - it turned out that Sendmail had been vulnerable to them for 10 years by the time they were actively published. It may have been exploited using them during that time, it may not, but it was vulneralble to them all the same.

This particular issue seems to be a case of working as intended. If Apple leave the firewall as it is and force developers to patch their software it'll set a good precedant and in the future any developer that doesn't want problems will follow the specs.

If they change how the firewall works to help non-conforming apps out then we'll end up with a massive mess of hacks and kludges with myriad unforseen side effects etc and possible security holes.

I don't have a Mac, don't want one either, but I'd side with Jobs and Co on this one.

Half right too

[...the same as if they'd left their car keys hanging out of the door of the vehicle: Stupid, and the insurance company won't cover it.]

True, but it's *still* theft to take the vehicle (or what's inside it) and you'll still get nicked.

Heroes

Don't think I'd notice the difference regards endless reruns to be honest, but mess with Heroes?! Can someone meet me at LAX with a gun please? I need to "talk" to some ppl....

PPPP

Close, but that little effort was as about as explosive as an average party balloon.

You are right tho' in so far as you don't need to go through security to be able to attack a plane on/near the runway. The PIRA had a couple of goes at airports with mortars, although they weren't actually trying to kill swathes of ppl. They just wanted to put big holes in the runway to cause everyone a lot of hassle.

Ah well, all this "anti-terror" malarky keeps ppl in work I guess.

Uh-oh, Goose is down!

Awww, in an ironic twist it appears al-jinan.org is down :o( I guess the thousands of would be cyber Jihadis saturated its pipes trying to get a hold of the software.

(Actually it's failting to resolve but that's not as funny)

Damn

I thought it said "Mark Taylor, president of Linux lobby the Open Source Consortium (OSC), scoured porn", but then I realised my error (and stopped reading)

New power source

Now if only they could make a generator that ran by burning Windows install CDs the Nigerians could have a decent open source OS for their lappies *and* the juice to run them!

I despair at the economic state of Africa I really do. I just wanna go over there and tell them to stop paying their stupid debt back, and implement massive import tariffs for non-African made goods. It's how America did it. Of course the USA (and possibly the EU but maybe not) will bitch and whine about free trade, but then the Africans can point and laugh and actually get somewhere. Ah well.

If only ECOWAS et al had balls....

Identity

The day Mr de Menezes died was in fact the day the terrorists won. Terrorism is about creating divides in society - this sad incident just evidenced the fact that the Met see a clear divide between "us" (white boys) and "them" (every bugger else).

No point blaming "the Police" as has happened here, as it just means a few quid gets shifted around and everything continues as before. This was a total cock up and there was clear fault by individuals.

I want to see how certain they were that they had ID'd the right person, and what they did to clarify any doubt before ordering his death. I await the outcome of the public inquiry. I shall also throw away my Piz Buin - can't be too careful...

USA State Law

I don't understand the whole state courts thing - would I be correct in assuming that if the decision is made in Texas then it only applies in Texas, so every company that is erroneously sued there can just shut up shop in that state and refuse to ship goods there?

Because that would be rather amusing - watch as Texas rapidly devolves 50 years in technology. See if the courts start to look at things differently then :o)

I know that if someone tried to sue me in Texas I would just point and laugh - I'm in the UK. Just not sure if that's the case if you are in another state.

Pah!

Seriously - does any coder really eat pizza whilst on the job? I tried it once - you forget how greasy it is and I hate greasy keys.

Biscuits. That;s where it's at. Pizza is stuffed with fats that aren't going to give you that energy you need for hours. 3 packets of hobnobs will get your brain (and pancreas) fizzing along nicely, without any of that nasty grease.

Implausible?

They could only use this against ppl they are already spending LOTS of money monitoring.

How do you get the trojan on the relevant box? House breaking is the only guaranteed way. How do they get the info out of the trojan? Many ppl have a router+firewall sitting between the computer and the network.

The people you need to be worried about won't be visiting www.jihad101.com (apologies if that actually exists!) They'll be very well trained already thank you very much thanks to the CIA.

Open Source freaks

[ simply make a point of not using software unless the Source Code is made available for inspection]

I would *love* to know which graphics card you use and which drivers you have installed :o)

Oh, and where I might find the source code...

Wall hax?

I feel sorry for our infantry boys. I'm no military expert, but surely the main point of tanks at the moment isn't blowing things up but providing cover for infantry in urban settings?

Can you imagine trying to hide behind an invisible tank? Tenner says some poor bugger walks in front of it by accident. *squelch* And even if you could take cover behind it the enemy could still see you and what you were doing. Seems silly to me... Cool, but silly.

Gotta love the HoL

Gotta love the HoL. I know they look down on us as mere cattle, but damn they can be funny sometimes.

I think Lord Eltons question was a tad harsh tho'. I mean what can you do with 15kg's of U-235 that you can't do with 14.5kgs of it? Ummmm turn Coventry to glass. Pretty glowy glass, but glass all the same.

I despair at the silly ban on liquids because of the laughable plot that triggered its inception, not because of the possibly arbitrary volume of liquid that was chosen as a maximum.

It also overlooks the fact that Sheikh n'Vac can take 100ml of binary nerve toxin/explosive/death juice on board and his ten mates can do the same and....ummm...well not a lot really unless they're on a long and *really* steady flight, with a labs worth of gear to hand.

Privacy

There are generally two types of domain owners :

1) Companies/organisations

2) Individuals

The problem for individuals is that their home address and phone number are freely distributed. If their server is hacked and spewing spam they aren't going to have admin rights to be able to do anything about it - they're users on hosts that serve hundreds of domains.

The registrant details should be hidden, the administrative contact details should not. That means if I register a domain and stick a blog on it about how much I hate X, you can't find my home address and come and beat me up because you love X (or are in fact X). However if you need to contact someone about the domain you can contact my hosting provider who is the administrative contact and has the ability to do something. Capisce?

Lo tech

Clever scam (i.e they thought something up reasonably new), but why even bother faking a bill?

The guy is on holiday, you presumably know where he lives, so break into his pad, take some bills, get the bank to replace the debit card and send a new PIN, then go get them and spend his dosh.

As a consumer it's pretty much impossible to stop that type of attack short of getting a house sitter in. Which means the banks need to get their houses in order - mine asks for characters X and Y from my secret pass phrase (so even the operator only sees those 2 chars) The numbers X and Y seem to be random so you'd need to know the full phrase (or most of it) to be able to talk about the account.

If they managed to trick his pass phrase out of him then you can't blame the bank, but if the bank just let a random guy report the card lost and allowed it to be picked up from a PO then we have a serious weakness.

Poor bloke - at least they paid up.

@Eric Olson

[You just completely proved my previous point...]

And you missed mine - my complaint is that the media overplay their remit to entertain us and overlook their education remit.

As I said, there are thousands of murders in the USA each and every year that gather not even a footnote in a paper, never mind front page news. The only difference between those and this type of tragedy is that this one has the power to "entertain" us.

I don't mean that in a sick way (maybe I do, I dunno) - I mean that when we pay to be entertained by a film, a book, a newspaper we pay to *feel* something. Funny, angry, happy, sad, shocke etc. You get it. This type of story tends to make us feel angry but serves little to no use educating us (telling us something we didn't already know - i.e. pychos lure ppl to their deaths every now and again)

I don't mean to play down this womans tragic demise, but I don't hear you playing up the other 12,000 murders and asking "why don't we hear about them too?" If you just want to be titillated by some poor womans death then fair enough. If you want a media that actually does it's full job then surely you want them to report the full facts of the world we live in, not just the "cool" bits they hear about?

No?

There was no reason to report this particular murder over any other than the fact she used an internet classified rather than a "normal" one.

@Danny Traynor (Re: Read...)

<quote>

it is NOT illegal to mod your console. It is illegal to make money by selling modchips and modding consoles for a profit.

</quote>

It's the same style of law they use to "illegalise" prostitution here in the UK. It's not actually illegal to have sex for money. It is however illegal to publicly offer the service or to try to procure it. The industry is therefore kinda screwed (if you'll pardon the expression)

Yes you can legally mod your console, but without some pretty serious gear you'll struggle to do it DIY style - you need to *buy* a chip which of course involves breaking the law.

Modding is thus de facto illegal in the UK like prostitution.

If you want to buy a mod chip then order one from Italy for example. If you want to sell them then move to a country that allows it - you can still sell them to the UK, just not from it.

Fairly straightforward

Fairly straightforward this one. If you allow a national business to do something you are required by law to allow other EU companies to do the same. You can only apply the moral standards defence if *everyone* is banned from doing something in your country.

So, for example it is legal to bet on horses in the UK but not to advertise it on the tele, so any EU based company that has the licenses can operate a horse betting shop in the UK, but not advertise on the tele.

Conversely it is legal to sell hard core porn in the Netherlands, but you still can't sell it here in Blighty 'cause *nobody* is allowed to, so we can operate the moral defence.

Basically any form of protectionism is illegal. You either let everyone do something or nobody. The French in this instance do not appear to be obeying the rules. That could actually get rather expensive for them as you can apply for compensation, and if you are slow changing your laws after you have been told to they tend to get annoyed and award lots of it.

It's not limited to the French - the Germans have been done for trying to make it illegal to sell non-German beer in Germany, the Irish got done for trying to stop people selling cheap imported tourist tat, and the UK got done a few times. We won the pork pie argument tho :)

Brazilian Dollars

<quote>

The President has just asked Congress to authorize another $120 brazilian dollars to contain the civil war in Iraq

</quote>

Given the inflation issues in South America at the mo wouldn't that make that the cost of half a loaf of bread? As they said in Spitting Image, cheap at half the price.

amanfromMars vs AC - round 2 *ding ding*

Hehe. That made my afternoon did that :o)

To misquote a famous saying :

You fell victim to one of the classic blunders! The most famous is never get involved in a land war in Asia, but only slightly less well-known is this: never go in against a bot when self respect is on the line!

He is getting better mind - Learn Not To Caps Every Darn Word Though 'K? I mean how hard is it to run lcase on a bleeding sentence? At this rate I reckon amanfromMars will be making more sense than the rest of us by Easter...

Pun intended?

"Any developer worth his salt wouldn't make such a hash of this"

Pun(s) intended?

Non volatile

Non-volatile just means it doesn't "forget" when you turn the power off. You can still change its contents.

Polar bears

Of course polar bears can't drown!! They're undead which explains why they are:

1) so pale; and

2) so mean!

As they are undead they don't breathe, and so can't drown. Call your self scientists?....

Anyway, as for man made contributions to global warming - CO2 is one of the greenhouse gasses. If we didn't live here lots and lots of carbon would be locked up in the billions of trees we've cut down and burnt to make room for MacD's cows (which excrete larges amounts of methane which is even more potent a greenhouse gas than CO2). It would also be locked up deep underground all squashed up as coal, and oil etc. Trouble us we dug it up and burnt it, so that lots of that carbon now floats around as CO2, and there are fewer trees to suck it up and use it to make energy.

How anyone can state humans have no impact on global warming is beyond me.

Insular Yanks

@David Warren

Ever considered that Yanks only go to half a dozen websites? Outside of Fox News, YouTube and MySpace there's not a great deal more they need. They don't realise you can get news from the rest of the world. Hell they don't even realise there is a rest of the world. Most of them believe Al Jazeera is a terrorist propaganda network.

Pft!

I can agree with "slayed" and "wedded" as you hear those use now. However "slit" and "stung" will probably remain the same, and "bade" will probably end up changing to another irregular form "bid".

I mean come on - "he slitted his wrists" is just ridiculous.

And surely the verb to be *can't* be regularised can it? Does anyone know of a language where it is?

Still, it's nice to see how our language changes.

Full circle

Wow, looks like we've gone full circle.

I remember my anti-virus software on my Win 3.1/DOS box detecting viruses with both signatures and heuristics. It was fairly decent at it too. Of course back then anti virus was actually a technical challenge what with viruses deploying stealth techniques like polymorphism, IAT hooking etc rather than an exercise in generating hashes of files.

BT response and other stories

That BT response is shocking. They've clearly just looked through their list of automated responses and picked one without bothering to check what the issue really is.

@Kenny Millar

Ummm you do realise that almost *any* site can be compromised and made to feed exploits, whether directly or via their ad service? You don't need to visit www.gethaxxed.com.

And yes, the argument that Sky printing the WPA info on the router itself is insecure overlooks the fact that if a ne'er do well is in my house looking at my router the least of my concerns is how secure my wireless connection is!

What's the story?

So is the story that someone can translate a few odd words into another language automatically (s/// being so advanced and all) or that this guy lost his details to scammers twice in a year?

I mean come on, once *maybe*, but surely after realising what a pain it is he'd have kept his eyes open for such scams. Or was he buying penis pills on the internet and that's how they got his details? Anyone wanting to take bets?... :o)

No obligation to report the breach?!

"With top level encryption making it virtually impossible to access the data held on the stolen laptop, HMRC had no real obligation or reason to report the breach.."

What?! That's like Securicor losing a cash box stuffed with a few thousand saying "oh well, it's virtually impossible to access the cash in the stolen box so we won't bother telling anyone".

It was probably just a crime of opportunity and the thief will have no idea there is valuable information on the laptop, but would you want to chance that information making it into the hands of more ne'er do wells?

I can imagine it now - "yeah, yeah, we knew it got nicked but it was encrypted so we didn't bother doing anything about it."

It's high time people took information security seriously - cash, cheques and cards can all be revoked. It's a bit more of a pain to change your name, address and date of birth.

Boring but...

If this were a Hollywood blockbuster they'd have laser beams that magically hack into the radar stations, or they would be doing sideband analysis of the outbound radar pulses, or buffer overflows using specially crafted echo signatures etc.

However this is the boring real world, and given the information we have we can say :

1) They can "see" what the enemy can see because they have up to date sat and aerial photography of the enemy radar installations so they know where they are and possibly where they point.

All you need to do is model the characteristics of the radar in its given location taking into account hills, trees etc and you can see what it sees (or at least know what it can theoretically see.

There is no need to have network access.

2) Radars point at things a bit like the Eye of Sauron - they don't have a permanent 360 degree view. You can therefore point them where you want by making the radar operator think "omg there are 200 planes inbound over there" when in fact there are 12 coming from the newly created blind spot. We know if they fell for the ruse because of point 1 above.

How do you make him think there are 200 planes over there? Well you can do it the old fashioned way and actually put 200 planes up in the sky, or send radar echoes that match certain battlefield objects (in this instance 200 planes)

How do you do that? I'd guess either F-15s fitted with this Suter thingy, or satellites.

It's all about modelling when it comes down to it - landscape, enemy radar tech and echo signatures. There is no uber mind control haxxing going on.

@heystoopid

The debate on whether incarceration helps or hinders the rehabilitation of offenders is an old (and rather complex) one. I for one think if he is guilty then yes he needs to be punished with time inside, but he should then be obliged to undergo a scheme designed to rehabilitate him more fully - working with bullies or their victims for example (without pay of course)

Blaming the masses for being infected with bots in the first place is a tad harsh though. My default Windows install is full of holes (my record so far is <1min from connecting to the internet to download SP4 and the latest Zone Alarm to seeing LSASS throw a fault), my wireless router freely let packets in and out when I first plugged it in, people get given IE which is so deeply woven into the inner workings of Windows and full of holes, etc.

All of those are a minor annoyance for me to fix, but 99% of people wouldn't even know they needed fixing, never mind how to go about doing it. We are the lucky ones (as the song says), but not everyone has the time or energy to learn such stuff - they just want it to work out of the box, in much the same way I know bugger all about cars. I just want it to work. I don't want to find out I need to mod the thing before I can drive it without crashing or finding it's been nicked!

People are given crap software in a badly configured state and then they suffer for it. Don't blame the purchaser, blame the poor workmanship that made it, and the people willing to sell it.

PS Are the icons there to help amanfrommars gauge irony and sarcasm more easily?

Better than PIN but...

Ummm, surely their maths are out? If they have a 5x5 grid but only populate it with 10 digits (0-9) then there must be duplication digits, meaning that you could make a mistake in guessing the pattern and still get the right password. That reduces the strength of the protection.

To avoid collisions you'd need to work in base 25. Certainly possible, but you'd need a lot more keys on your keypad.

I like the idea but it'll not replace chip+PIN for one reason. Cost. Chip+PIN has already reduced card issuers losses where it has been deployed (at great cost) so why would they bother spending even more money when they can just say "sorry, you were lazy about securing your PIN, so the fraud was your fault - no refund" ?

Memory page privileges

Yup, all the program is doing is testing for execution privileges in memory pages containing data. It doesn't mean that your security software is vulnerable to buffer overlows, just that *if* it were to be vulnerable the code would execute instead of page faulting.

It's something that should be dealt with by the OS.