* Posts by Martijn Otto

480 posts • joined 20 Oct 2007


In trying times like these, it's reassuring to know you can still get pwned five different ways by Adobe Illustrator files

Martijn Otto

The only thing Adobe Illustrator illustrates well

is how not to write software.

'Literally a paperweight': Bose users fume at firmware update that 'doesn't fix issues'

Martijn Otto

Re: Not impressed with Bose

I had their noise-cancelling headphones once. QuietComfort 35 I believe. When I bought them I was quite impressed by the noise-cancelling ability, the sound was OK, but not great - especially given the price.

One issue I had was that when I had my table fan on it would sometimes lead to crackle if noise-cancellation was on. Luckily they had a firmware update to fix it, by giving you control of the noise-cancelling level. Installed the update and noise cancelling more-or-less stopped working. It still did something, but not anywhere near its original level.

I, of course, downgraded the firmware, which did not solve the issue. When I looked online, it was an issue which had apparently persisted for months already. Returned the headset and bought a sennheiser instead. Noise-cancellation is not as great as the bose originally were (but better than after firmware upgrade) and they have much better sound too.

Phone home: Indie Chromium browser Vivaldi goes mobile

Martijn Otto

I'm sure it's a nice browser

But I just do not understand why you would install a closed-source browser on your system when there are perfectly fine alternatives. Is it the rendering engine? Why not just use Chromium? Or use Firefox.

Googlers hate it! This one weird trick lets websites dodge Chrome 76's defenses, detect you're in Incognito mode

Martijn Otto

Why not just open the file for writing and immediately delete it - while open - so that the open file handle is the only reference. The kernel will then automatically clean it up when the handle is closed. Shouldn't leave any traces I think.

Backdoors won't weaken your encryption, wails FBI boss. And he's right. They won't – they'll fscking torpedo it

Martijn Otto

It's double rot13 for me

I recently switched all my encryption to double rot13. It's very fast and it has the built-in feature that the government can lawfully intercept the communications. I can recommend this to everyone.

If at first you don't succeed, Fold? Nope. Samsung redesigns bendy screen for fresh launch in September

Martijn Otto

Re: 'crying out for innovative ways to inject some life back into a stagnating global market'

Oh but they're useful indeed. Take the facebook app, for example. It's a very useful way to have the little bit of privacy not yet eroded by the government spying on you go up in flames and turned into money for Zuckerbeast.

I mean, who doesn't want that? Come on guys!

Airbus A350 software bug forces airlines to turn planes off and on every 149 hours

Martijn Otto

Ah the joys of agile development

I see it's now taking a hold in the aviation industry as well.

Oz watchdog claims Samsung's leak-proof phones ad campaign doesn't hold water

Martijn Otto

I have a great idea!

Why not make the Galaxy Note 7 water proof. This way, it can be used in water, where a burning phone is likely to do less damage. Also, this could be used as free pool heating. It's a win-win situation!

White House mulls just banning strong end-to-end crypto. Plus: More bad stuff in infosec land

Martijn Otto

The question is how to enforce it, of course

Sure, most people will stick with Facebooks WhatsApp. But we should assume that those aren't the people the government is interested in.

The ones who really want to hide something can just download an app developed in a country that doesn't impose blanket surveillance. Sure, using an app like that can be made illegal, but note that these are people that likely don't care much about this.

In the end, the only one being spied on are the law-abiding citizens. One wonders if that was the plan all along.

2001: Linux is cancer, says Microsoft. 2019: Hey friends, ah, can we join the official linux-distros mailing list, plz?

Martijn Otto

I think you're missing the joke icon there, buddy!

When customers see red, sometimes the obvious solution will only fan the flames

Martijn Otto

Re: Dolt

Queue incoming Microsoft Word document with an embedded jpeg.

Microsoft throws lifeline to .NET orphans in the brave new Core world

Martijn Otto

Re: As long as I can *PREVENT* linkage to ".NOT" (or whatever they call it)

Nowadays it's probably easier to just develop a linux application and let windows users run it through wsl. This way you can develop and test on a sane platform and save yourself a lot of hair pulling.

Activist shareholders to target Zuck with giant angry emoji inflatable at Facebook AGM

Martijn Otto

Missed opportunity

It'd be much, much better if the balloon was basically a giant dislike button.

Thank you, your DNA data will help secure your… oh dear, we've lost that too

Martijn Otto

Making friends in the hallway

That's ridiculous! Are you telling me you don't take a quick peek around your room door to check whether the hallway is empty before actually leaving the room?

ood new, fanbys. Apple spds up n-str McBook latop kyboad rpairs, ccrding t hs leakd mmo

Martijn Otto

Re: Stopgap at best

You're very right. This is why apple is now introducing the new Macbook Wheel"

The peelable, foldable phone has become the great white whale of tech

Martijn Otto

Re: aiming to solve a problem that doesn't exist.

You should buy an HP phone then. They really have "all the G's".

Martijn Otto

Re: Next!

And - in some circumstances - pholdable.

It might not unfold after this, though. Just like the phones the article is about.

All's fair in love and war when tech treats you like an infant

Martijn Otto

Why has it been made so difficult?

If I compare it to the self-scan options available to me in the Netherlands it seems it has been made incredibly inconvenient.

The way it works here is that you can take a hand-scanner where you scan each product as you place it inside your bag. At the end you go to a machine with your hand-scanner where you only have to pay (all products were already scanned). If you have sold your soul to Google, or given in to Apples overpriced stuff you can also install an app and do the scanning from there. If you choose the last option you can also pay directly from your cellphone.

Only thing is that our system doesn't accept cash (you'll need to go to a cashier for that).

Hams try to re-carve the amateur radio spectrum in fight over open or encoded transmissions

Martijn Otto

Can we please stop

with this ridiculous "national security" bullshit? The main threat to our national security are the so-called "security agencies". If you mandate backdoors in software the real terrorists will simply use software developed in a country without such laws, so the only communications that are actually intercepted are those of the law-abiding citizens.

We gain nothing but lose privacy.

Ex-Mozilla CTO: US border cops demanded I unlock my phone, laptop at SF airport – and I'm an American citizen

Martijn Otto

It doesn't have to be slower. Just let an employee travel with the encrypted data, but make sure the employee doesn't have the key for decryption.

Google plonks right-wing think tanker and defence drone mogul on AI ethics advisory board

Martijn Otto

cats standing up

Link please?

Ethiopian Airlines boss confirms suspect flight software was in use as Boeing 737 Max crashed

Martijn Otto

Re: $80,000?

Ah, so basically an $80,000 fee for the "please don't kill me" option.

Altered carbon: Boffins automate DNA storage with decent density – but lousy latency

Martijn Otto

Now that Microsoft can add code to your DNA

They're adding a whole new dimension to the term "Blue Screen Of Death".

Public disgrace: 82% of EU govt websites stalked by Google adtech cookies – report

Martijn Otto

Re: "there were 112 companies slurping up information"

Really? I thought that'd be 01189998819991197141 actually.

Martijn Otto

"there were 112 companies slurping up information"

This sounds like an emergency!

NASA admin: What if we switched one delayed SLS for two commercial launchers?

Martijn Otto

Re: Just stop

Well, it's not called the "Senator Launch System" for nothing, you know!

It's just a job-machine used by senators to gather votes.

What today links Gmail, Google Drive, YouTube, Facebook, Instagram – apart from being run by monopolistic personal data harvesters?

Martijn Otto

"Meanwhile, Facebook and its services are still down, hours later, for some unlucky netizens."

I think there's been a mistake here. It should be "lucky netizens".

We can do this the easy way or the Huawei, US tells Germany with threat to snip intel over 5G fears

Martijn Otto

You have the freedom

The freedom to comply, that is.

Microsoft flings the Windows Calculator source at GitHub

Martijn Otto

I'm just waiting for the PR

renaming calculator to CalcyMcCalcFace.

We're not throttling you, says Vodafone, claiming slow vid streaming is down to the 'cards'

Martijn Otto

Single thread download

I assume they mean connection?

Intel: Let's talk about SGX, baby. Let's talk about 2U and me. Let's talk about all the good things, and the bad...

Martijn Otto


Now my malware can run a lot faster!

Musk is in contempt of court, screams SEC after Tesla boss brags about car production rates

Martijn Otto

Vetting process

Could we also require a similar vetting process for Donald Drumpf? His tweets seem to be even more filled with false and misleading information

Check yo self before you HyperWreck yo self: Cisco fixes gimme-root holes in HyperFlex, plus more security bugs

Martijn Otto


That you need a support contract with them in order to install security fixes. I can sort of understand that you want to charge users if they want to install updates providing new features. But to let customers be unprotected after purchasing your tech is simply unethical.

Not that I'm surprised, of course.

Bored bloke takes control of British Army 'psyops' unit's Twitter

Martijn Otto

"We have always been at war with Eastasia"

The wayback machine is lying. The army has no twitter account and has never had a twitter account.

Secret mic in Nest gear wasn't supposed to be a secret, says Google, we just forgot to tell anyone

Martijn Otto

Re: Oh, crap they caught us again!

It's getting a tad obvious indeed, perhaps they should use the BOFHs excuse calendar instead?

Password managers may leave your online crown jewels 'exposed in RAM' to malware – but hey, they're still better than the alternative

Martijn Otto

Re: This is why you need a dedicated hardware-token for things like this.

Fair enough - the entry you unlock will be available somewhere in memory. Either on the console, or in your copy-paste buffer. That's obvious because you need some way to get it into whatever form you're pasting in.

Even if your manager is completely safe, you're still pasting it into your webbrowser, which will keep it somewhere in memory until its posted.

I don't get what exactly is "extreme" or "theoretical" about a key unlocking a specific entry. This is exactly what pass does. Each password is individually encrypted and also decrypted on demand (with the use of the token).

Martijn Otto

This is why you need a dedicated hardware-token for things like this.

There are basically two ways to do this. You can either get a U2F token. This is pretty easy, but the website needs to specifically support it. Many don't.

The other way is to use a password manager which integrates with a token. Personally, I like pass, which uses GPG for encrypting all the passwords. If you then store your keys on the token you can only get at your passwords by having the token and entering the pincode for it. The password database is synced with git (each new or edited password automatically becomes a commit) and pushed to a repository. It also supports submodules and multi-key setup so you can have a shared submodule with passwords you need shared (e.g. with colleagues or a spouse).

Leaky child-tracking smartwatch maker hits back at bad PR

Martijn Otto

Watching your kid is good

Having the whole world watch your kid is even better. More eyes, more safety.

I therefore applaud Enox for doing their part to make children safer.

Google: All your leaked passwords are belong to us – here's a Chrome extension to find them

Martijn Otto

Re: Which password manager to plump for?

I can recommend pass. Open-source (it's just a bash-script), usually available in the repositories (so easy to install), works with GPG (so you can use it with a hardware-token) and integrates nicely with git (for syncing the database over multiple machines).


Forget snowmageddon, it's dropageddon in Azure SQL world: Microsoft accidentally deletes customer DBs

Martijn Otto

Must be a misunderstanding

Instead of the more common Ctrl-Alt-Delete to restart a server with a BSOD, somebody accidentally hit only the Delete key, resulting in customer data deletion.

Newsflash: Twitter still toxic place for women, particular those of color, Amnesty study finds

Martijn Otto

"said Dorsey, pining that tweet to the top of his timeline"

Is this a very subtle reference to Monty Python here?

tweeting => birds => parrot => dead parrot pining for the fjords

Microsoft: Come and play in our Windows SandBox

Martijn Otto

Windows ensures your privacy

I have heard a rumor that upcoming builds will re-enable the "remove user files" option, thereby ensuring no private data can leak by preemptively deleting it.

This feature was present shortly in a previous build, but it didn't work consistent enough yet and was therefore removed. Don't worry, though, Redmond is on the job!

The Palm Palm: The Derringer of smartphones

Martijn Otto

Re: Very, very nice

My current phone is a Sailfish. My next phone - which I ordered on ebay and should arrive shortly - is also going to be a Sailfish. Why?

- privacy by design

- apps in store are all open source

- very fast

- easy on the battery

- gestures work extremely well

- full Linux system

For the apps where you cannot find a native counterpart, you have the option of running Android apps.

NHS supplier that holds 40 million UK patient records: AWS is our new cloud-based platform

Martijn Otto

Cloud of Confusion

I've always wondered whether people who consider this kind of cruft to be a good idea have cloud formations inside their own head where the gray matter should be.

Russian rocket goes BOOM again – this time with a crew on it

Martijn Otto

Re: "viable and tested emergency system"

Oh the moon landings are definitely real. On the video you can clearly see the curvature of the moon. Were it filmed on earth you wouldn't have seen it as the earth is flat.

Don't believe this round-earth nonsense people!

Python joins movement to dump 'offensive' master, slave terms

Martijn Otto

Re: I could not agree more

Perhaps we can make this list by hashing al the ungood words and then having the runtime hash all the variable and function names and comparing them against this list.

Spies still super upset they can't get at your encrypted comms data

Martijn Otto

Spooks caught with hand in cookie jar. Cookie jars are now locked by owners. Spooks upset they can no longer steal cookies.

Oh boohoo, they have proven time and time again that they are unreliable little data-junkies with little to no regard for the privacy of ordinary citizens. Why don't they start by showing us that they know how to behave before continuing their demand for access to anything, anywhere.

Politicians fume after Amazon's face-recog AI fingers dozens of them as suspected crooks

Martijn Otto

They've done it!

The first true A.I.! The system is apparantly smart enough to recognize that there's no such thing as an innocent member of congress.

Don't panic about domain fronting, an SNI fix is getting hacked out

Martijn Otto

Re: Or we finally switch to IPv6

I don't see that as an ugly hack at all. The whole concept of running multiple websites on a single IP address itself is ugly. If I remember correctly that only came about when shared hosting became a thing.

Martijn Otto

Or we finally switch to IPv6

where we don't need ugly hacks like SNI.



Biting the hand that feeds IT © 1998–2020